> Versions 2.0.0 and later are not vulnerable.
Was about to panic there for a second.
EDIT: Oops, I think I read it wrong, it's tzinfo version >2.0.0 that is not vulnerable, not ruby. Time to panic