See https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933/ I see that Fedora 32 has 2.7.1, which has the fix. However, Fedora 30 and 31 both have 2.6.5, so they are both vulnerable.
I'm working on those rebases.
Let's close this in favor of the official security tracking bug. *** This bug has been marked as a duplicate of bug 1833293 ***