- Fix REXML billion laughs attack via parameter entity expansion
  (CVE-2014-8080).
  Resolves: rhbz#1163993
- REXML incomplete fix for CVE-2014-8080 (CVE-2014-8090).
  Resolves: rhbz#1163993

- Workaround build issues against OpenSSL with enabled ECC curves.
- Make DRb compatible with OpenSSL 1.0.1.
  * ruby-1.9.3-p222-generate-1024-bits-RSA-key-instead-of-512-bits.patch
- Fix CVE-2013-4164 Heap Overflow in Floating Point Parsing
  * ruby-1.9.3-p484-CVE-2013-4164-ignore-too-long-fraction-part-which-does-not-affect-the-result.patch
  - Resolves: rhbz#1033500

- Fix regression introduced by CVE-2013-4073
  https://bugs.ruby-lang.org/issues/8575
  * ruby-2.0.0-p255-Fix-SSL-client-connection-crash-for-SAN-marked-critical.patch
  - Related: rhbz#979300

- $SAFE escaping vulnerability about Exception#to_s / NameError#to_s
  * ruby-1.8.7-p371-CVE-2012-4481.patch
  - Related: rhbz#915379

- Address CVE-2011-4815 "DoS (excessive CPU use) via hash meet-in-the-middle
  attacks (oCERT-2011-003)"
  * ruby-1.8.7-p352-CVE-2011-4815.patch
- Resolves: rhbz#768831

- Address CVE-2011-1004 "Symlink race condition by removing directory trees in
  fileutils module"
  * ruby-1.8.7-CVE-2011-1004.patch
- Address CVE-2011-1005 "Untrusted codes able to modify arbitrary strings"
  * ruby-1.8.7-CVE-2011-1005.patch
- Address CVE-2011-0188 "memory corruption in BigDecimal on 64bit platforms"
  * ruby-1.8.7-CVE-2011-0188.patch
- Resolves: rhbz#709963