[$] A backdoor in a popular Ruby gem

Finding ways to put backdoors into various programming-language packagerepositories (e.g. npm, PyPI, and now RubyGems) seems like it is becoming a new Olympicsport or something. Every time you turn around, there is areport of a new backdoor. It is now apparently Ruby's turn, with anew report of aremote-execution backdoor being inserted, briefly, into a popular gem thatis installed by some sites using the Ruby onRails web-application framework.