Debian Linux Security Advisory 2888-1 - Toby Hsieh, Peter McLarnan, Ankit Gupta, Sudhir Rao and Kevin Reintjes discovered multiple cross-site scripting and denial of service vulnerabilities in Ruby Actionpack.
423a0919621086aaccc30b1f280aaa8df27b793c92b30df5b3341a89bb7b74d0
Debian Linux Security Advisory 2887-1 - Aaron Neyer discovered that missing input sanitizing in the logging component of Ruby Actionmailer could result in denial of service through a malformed e-mail message.
a3b48a31da8b85333d9e14e6c946b5b226635072b357a1c97013b03a850b0350