Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket

There is a unintentional socket creation vulnerability in UNIXServer.open
method of socket library bundled with Ruby. And there is also a unintentional
socket access vulnerability in UNIXSocket.open method.

UNIXServer.open accepts the path of the socket to be created at the first
parameter. If the path contains NUL (\0) bytes, this method recognize that
the path is completed before the NUL bytes. So, if a script accepts an external
input as the argument of this method, the attacker can make the socket file in
the unintentional path. And, UNIXSocket.open also accepts the path of the
socket to be created at the first parameter without checking NUL bytes like
UNIXServer.open. So, if a script accepts an external input as the argument of
this method, the attacker can accepts the socket file in the unintentional
path.

All users running an affected release should upgrade immediately.