New binary release ruby-1.8.5-p2 is available. (You can get it from "Release".)
And new binary snapshot ruby-1.8.5-20061204 is available. (You can get it from "Stable versions snapshots".)
CGI library of ruby 1.8.5 (or earlier) allows remote attackers to cause a denial of service.
You should update your ruby by these release or snapshot.