Happy to see http://rubygems.org update https://blog.rubygems.org/2024/03/31/rubygems-and-xz.html that they have done an internal audit not just of the software used to run RubyGems.org itself, but also every gem that has ever been published.
RubyGems.org is not vulnerable to this issue and no gem currently published on RubyGems.org contains the vulnerable liblzma library.

#liblzma #security #vulnerability #ruby #XZLZMA #XZ