Two vulnerabilities have been reported in Ruby, which can be exploited to bypass safe level protection and replace methods called in trusted level as well as close untainted directory streams.����©���Ѿ��������ں챦ʯ������Ա��������ƹ�ȫˮƽ����������ν��ȡ���������ε�ˮƽ���Լ�����untaintedĿ¼����

1. 1 �� An error in the handling of the "alias" functionality can be exploited to bypass the safe level protection and replace methods called in the trusted level.һ�������ڴ��?�����ܿ��Ա��������ƹ�ȫˮƽ����������ν��ȡ���������ε�ˮƽ��

2. 2 �� An error caused due to directory operations not being properly checked can be exploited to bypass the safe level protection and close untainted directory streams.һ��������ɵģ�����Ŀ¼���ж�δ�ܵõ��ʵ��ļ�飬���Ա��������ƹ�ȫˮƽ������������untaintedĿ¼����

The vulnerabilities have been reported in version 1.8.4 and earlier.��©���Ѿ��������ڰ汾1.8.4�͸��硣

Solution:���������
The vulnerabilities have been fixed in the current snapshot version and will also be fixed in the upcoming 1.8.5 version.��©���Ѿ��̶��ڵ�ǰ�Ŀ��հ汾����Ҳ���̶��ڼ���������1.8.5�汾�� viaͨ�� Secunia Secunia��˾