Several vulnerabilities have been identified and subsequently patched in the newest version of Ruby. If you are a Ruby developer, make sure you download this as it contains an important update. A fix for the DNS logic within the resolv.rb script. The update implements randomized source ports, in order to help protect from spoofing attacks. Upgrade to 1.8.6-p286, or 1.8.7-p71, to mitigate this and other issues identified.
Ruby 1.8.6 (Webrick Httpd 1.3.1) is vulnerable to a directory traversal flaw. The Ruby on Rails web server, Webrick Httpd 1.3.1, is vulnerable to directory traversal on systems that accept the backslash as a path separator and on case insensitive systems. Patches for the 1.8 and 1.9 code branches are available.