Two security fixes have been released for Ruby today. The first vulnerability affects the FileUtils.remove_entry_secure method which allowed local users to delete arbitrary files and directories. The second one affects the $SAFE level.
FileUtils.remove_entry_secure
This affects Ruby versions 1.8.6 (420), 1.8.7 (330), 1.9.1 (430), 1.9.2 (136) and the development versions. The problem has been fixed and is available for download.
$SAFE vulnerability
This affects only 1.8 Ruby versions. Exception#to_s method can be used to trick $SAFE check, which makes a untrusted codes to modify arbitrary strings. The variable $SAFE determines Ruby’s level of paranoia. This problem has also been fixed.
