USN-4922-1: Ruby vulnerability

Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack.