@NahamSec discovered a bug in the static file serving code within Ruby on Rails. This vulnerability could have been exploited to determine whether a file exists on the server. This bug was considered relatively low risk since it disclosed the existence of files and did not allow an attacker to access the contents of files. A related bug had previously been disclosed in CVE-2014-7818, but @NahamSec identified a bypass for the original fix. As a result, CVE-2014-7829 was announced. We addressed this issue by upgrading to a new release of Ruby on Rails.