Apple has just rolled out the latest iteration to iOS 7, iOS 7.0.6 for compatible iPhone, iPad and iPod touch models. Besides, iOS 6.1.6 software update has been released for iPhone 3GS and iPod touch 4G.
According to the software update release note, the iOS 7.0.6 and iOS 6.1.6 bring fix for SSL connection verification. The major SSL bug has been found in one of Apple's SSL/TLS libraries that could enable hackers intercept as well as modify user's data on source HTTPS sessions.
The SSL bug is said to be due to an error where the portion of the code that verified authenticity of the server was never been reached.
Users are advised to upgrade their iOS devices to iOS 7.0.6 to fix the SSL bug issue.
Those who have jailbroken their devices, installing the new iOS 7.0.6 update would mean losing the jailbreak and then re-jailbreak and re-install the tweaks again, which is a pretty painful task.
There is good news for the jailbreak community. linusyang, a cydia developer has released a jailbreak tweak fixing the SSL security bug in iOS 7.0.5 or, lower. This means that those who wish not to upgrade their devices to iOS 7.0.6, can fix the bug without upgrading their devices to iOS 7.0.6. A number of users in Reddit have confirmed the patch works fine. But note that it supports iOS 6.x, iOS 7.x and devices with 64-bit processor.
Meanwhile, renowned Cydia developer, Ryan Petrich has also shared a tweak to fix the SSL bug.
Those who wish to fix the SSL bug with updating the device to iOS 7.0.6 or iOS 6.1.6, may follow our step-by-step guide.
Guide to fix SSL Bug without upgrading to iOS 7.0.6/6.1.6
Step-1: Launch Cydia
Step-2: Tap on the manage button, then tap on Edit in the top right corner
Step-3: Tap on Add to add the repo, which includes the patch
Step-4: Here enter the following http://rpetri.ch/repo URL and click on Add Source button
Step-5: Once the source has been successfully added, click on the Return to Cydia button
Step-6: You should see now the Ryan's repo in the list of sources
Step-7: Tap on it, scroll down and tap on SSLPatch
Step-8: Tap on Install, then tap on Confirm to install the patch
Step-9: Tap on Restart SpringBoard button when prompted
The SSL bug should now be fixed on your device running iOS 7.0.5 or, lower. To verify whether the patch has fixed the SSL bug, point the browser to gotofail.com. The website will inform if the browser is still vulnerable or safe. When you get a 'Safe' message, it means the bug has been patched successfully.
[Source: iPhone Hacks]