Debian Linux Security Advisory 2830-1 - Peter McLarnan discovered that the internationalization component of Ruby on Rails does not properly encode parameters in generated HTML code, resulting in a cross-site scripting vulnerability. This update corrects the underlying vulnerability in the i18n gem, as provided by the ruby-i18n package.
a6747869dc9268239f3564cf20ff354298c368b9de8167fa4c2a6aa329202c06