Em 05-02-2013 23:57, Aaron Patterson escreveu: >> I really don't see this as a problem. >> >> What I see as a problem is having sites compromised. > Who would argue with this? The security patches release do not allow > YAML to process user input. This is not true. Ruby hasn't been fixed (or I didn't see any security patches to Ruby at least). I guess you're talking about the Rails security patches. But this doesn't affect only Rails. It affected RubyGems.org for instance.