<snip>So the packages in question are: rubygem-actionmailer, rubygem-actionpack, rubygem-activerecord, rubygem-activeresource, rubygem-activesupport, rubygem-rails, rubygem-rack and rubygems. These are relevant bugzillas:
>
> Could you give me a list of packages with problems so I can do the second part?
https://bugzilla.redhat.com/show_bug.cgi?id=1115776
https://bugzilla.redhat.com/show_bug.cgi?id=1095129
https://bugzilla.redhat.com/show_bug.cgi?id=1095127
https://bugzilla.redhat.com/show_bug.cgi?id=1095125
https://bugzilla.redhat.com/show_bug.cgi?id=1095122
https://bugzilla.redhat.com/show_bug.cgi?id=1095120
https://bugzilla.redhat.com/show_bug.cgi?id=1095118
https://bugzilla.redhat.com/show_bug.cgi?id=961066
https://bugzilla.redhat.com/show_bug.cgi?id=948706
https://bugzilla.redhat.com/show_bug.cgi?id=924318
https://bugzilla.redhat.com/show_bug.cgi?id=924297
https://bugzilla.redhat.com/show_bug.cgi?id=905374
https://bugzilla.redhat.com/show_bug.cgi?id=905373
https://bugzilla.redhat.com/show_bug.cgi?id=891468
https://bugzilla.redhat.com/show_bug.cgi?id=847202
https://bugzilla.redhat.com/show_bug.cgi?id=843924
https://bugzilla.redhat.com/show_bug.cgi?id=831583
https://bugzilla.redhat.com/show_bug.cgi?id=731453
https://bugzilla.redhat.com/show_bug.cgi?id=731451
https://bugzilla.redhat.com/show_bug.cgi?id=731450
https://bugzilla.redhat.com/show_bug.cgi?id=677629
https://bugzilla.redhat.com/show_bug.cgi?id=1097205
https://bugzilla.redhat.com/show_bug.cgi?id=909088
https://bugzilla.redhat.com/show_bug.cgi?id=814725
https://bugzilla.redhat.com/show_bug.cgi?id=771152
https://bugzilla.redhat.com/show_bug.cgi?id=771151
Looks scary, but it the end it`s just rails, rubygems and rack. All of these are co-maintained with Michael Stahnke, which I have no luck contacting either. There are actually more unfixed vulnerabilities, but I am confident they can be fixed by more active maintainers.