[ruby-core:111191] [Ruby master Misc#19178] How does CRuby handle CVE issues in stdlib gems which get patched?