Directory traversal vulnerability in WEBrick in Ruby 1.9.0 and earlier, when
using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI
files via a trailing (1) + (plus), (2) %2b (encoded plus), (3) . (dot), (4)
%2e (encoded dot), or (5) %20 (encoded space) character in the URI, possibly
related to the WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new
functionality and the :DocumentRoot option.
serving files off of fat32 is just bad, but I believe we should handle this as a low priority issue.
This issue has been fixed a long time ago and probably should have been included in GLSA 200812-17.
However, taking rbu's statement into consideration, I certainly think this is not worth an extra GLSA, too, so closing as noglsa.