Two vulnerabilities have been reported in Ruby, which can be exploited to bypass safe level protection and replace methods called in trusted level as well as close untainted directory streams. ����� �� ������� �� ����� ����� �� ���� � ����� ���� ��������� ������ ����� ��� �������� ���� ��� ��������� �� ��� ���� �� ������� ����� ����� ��� ���� ���� �������.

1. An error in the handling of the "alias" functionality can be exploited to bypass the safe level protection and replace methods called in the trusted level. ��� �� ������� �� "����� ��������" ������ ���� ��������� �������� ��� ����� ��� �������� ���� ��� ��������� �� ��� �� ����� ����.

2. An error caused due to directory operations not being properly checked can be exploited to bypass the safe level protection and close untainted directory streams. ��� ���� ���� ����� �������� �� ���� ��� ���� ��������� �������� ��� ����� ��� ������ ����� �� ���� ������ ��� ����.

The vulnerabilities have been reported in version 1.8.4 and earlier. ����� ����� �� ���� �� ��� ���� �� ������� 1.8.4 �.

Solution: ���� :
The vulnerabilities have been fixed in the current snapshot version and will also be fixed in the upcoming 1.8.5 version. ����� ����� ��� ������� �� ������ ������� ���� ����� ���� ����� �� ������ ������� 1.8.5. via �� ���� Secunia