A denial of service condition was found in Ruby"s regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite loop and crash . A number of flaws were found in Ruby that could allow an attacker to create a carefully crafted script that could allow for the bypass of certain safe-level restrictions . A denial of service vulnerability was found in Ruby"s HTTP server toolkit, WEBrick. A remote attacker could send a specially-crafted HTTP request to a WEBrick server that would cause it to use an excessive amount of CPU time . An insufficient taintness check issue was found in Ruby"s DL module, a module that provides direct access to the C language functions. This flaw could be used by an attacker to bypass intended safe-level restrictions by calling external C functions with the arguments from an untrusted tainted input . A denial of service condition in Ruby"s XML document parsing module could cause a Ruby application using the REXML module to use an excessive amount of CPU and memory via XML documents with large XML entitity definitions recursion . The Ruby DNS resolver library used predictable transaction IDs and a fixed source port when sending DNS requests. This could be used by a remote attacker to spoof a malicious reply to a DNS query . The updated packages have been patched to correct these issues.