I only have access to the Java blog system, but this message is sufficiently critical to bear mentioning on this channel. So, pardon the off topic post fellow Java programmers (but I know many of you dabble in Rails).
If you have a Rails application in the wild. You need to run gem update rails as soon as reasonably possible, and get yourself to 1.1.6, there is a security flaw that hasn’t been made public yet.
See this CNet article for more details.