Ruby 2.1.5 has been released.

This release includes a security fix for a DoS vulnerability of REXML.
It is similar to the
fixed vulnerability
in the previous release,
but new and different from it.

CVE-2014-8090: Another Denial of Service XML Expa…

Read more at the source