I've just seen this (by RSS)

http://www.securityfocus.com/bid/14016

I've not explored the issue, but thought it should be mentioned
here.

The site seems rather quiet about what the problem is.
Taken from the discussion page:
<quote>
Yukihiro Matsumoto Ruby XMLRPC Server Unspecified Command Execution
Vulnerability

Ruby is affected by an unspecified command execution vulnerability.
Reportedly, this issue affects the XMLRPC server.

It may be possible for an attacker to gain unauthorized access to an
affected computer by exploiting this issue.

Ruby 1.8.2 is known to be vulnerable to this vulnerability, however,
other versions may be affected as well.
</quote>

Maybe someone will know what to do with this info.
         Hugh