I didn't touch my newsreader in a while and promptly I missed quite a bit of interesting things. Here are the most important:

Django

Large file uploads: Revision 7814 finally lands the patch from ticket 2070 and finally allows Django to handle arbitrarily-sized file-uploads.

Ruby's security vulnerabilities

Man, I'm late to that particular party, but some serious vulnerabilities have been found in the main Ruby interpreter. Unfortunately it seems that the official maintainers messed up as well and only 3^rd-party patches are available right now, because there's no known stable release code in the codebase that a quick patch release could be based off.

I think the most important lesson that can be learned from this, as Simon Willison points out, is that you need to keep release tags around in your SCM system, but also that you should never blindly trust any part of a system. At least it makes me wonder what surprises lurk in the Java VM or CPython.

Diablo III

Has been announced. Userfriendly pretty much hits the nail on the head.

Rails 1.1.6, backports, and full disclosure. Seems like they only cought one part of the problem in 1.1.5, so they updated again.

Some of the people leaving comments seem to be pissed off at the no-disclosure thing that the RoR core team did yesterday. Also, the update seems to break compatibility with “3^rd party engines” (unfortunately, I don’t know that means in Rails-speak), which reminds me of the memory-leak that the PHP developers had to fix with an incompatible change. I hope that this doesn’t have the same impact on Rails-developers as PHP 4.4 had on PHP-developers.

After the flaws in WLAN drivers were discovered that effectively make your PC an easy target, there's a new entry on Bruce Schneier's blog talking about the risks that printers pose to a network. What other parts of everyday infrastructure are a currently unmanaged risk?

But I have to say... I really like the "paper-clip idea".