Debian Security Advisory DSA 1139-1 (ruby1.6)

The remote host is missing an update to ruby1.6 announced via advisory DSA 1139-1. It was discovered that the interpreter for the Ruby language does not properly maintain safe levels for aliasing, directory accesses and regular expressions, which might lead to a bypass of security restrictions.
For the stable distribution (sarge) this problem has been fixed in version 1.6.8-12sarge2. The unstable distribution (sid) does no longer contain ruby1.6 packages. We recommend that you upgrade your Ruby packages.