The RubyGems package repository has fixed a critical vulnerability that would allow anyone to unpublish (« yank ») certain Ruby packages from the repository and republish their tainted or malicious versions with the same file names and version numbers. […]
