Hi,
ruby-openid is affected by a XML denial of service (Entity Expansion Attack / out of memory) attack
as recently described.
https://github.com/openid/ruby-openid/commit/a3693cef06049563f5b4e4824f4d3211288508ed
https://github.com/openid/ruby-openid/pull/43
https://bugzilla.novell.com/show_bug.cgi?id=804717
Ciao, Marcus