diff --git a/lib/jekyll.rb b/lib/jekyll.rb
index 2c1ab0e6..f58f3beb 100644
--- a/lib/jekyll.rb
+++ b/lib/jekyll.rb
@@ -48,6 +48,8 @@ require_all 'jekyll/converters'
 require_all 'jekyll/generators'
 require_all 'jekyll/tags'
 
+SafeYAML::OPTIONS[:suppress_warnings] = true
+
 module Jekyll
   VERSION = '0.12.0'
 
@@ -130,7 +132,7 @@ module Jekyll
     # Get configuration from <source>/_config.yml
     config_file = File.join(source, '_config.yml')
     begin
-      config = YAML.load_file(config_file)
+      config = YAML.safe_load_file(config_file)
       raise "Invalid configuration - #{config_file}" if !config.is_a?(Hash)
       $stdout.puts "Configuration from #{config_file}"
     rescue => err
diff --git a/lib/jekyll/convertible.rb b/lib/jekyll/convertible.rb
index e71fe1bf..952fd670 100644
--- a/lib/jekyll/convertible.rb
+++ b/lib/jekyll/convertible.rb
@@ -30,7 +30,7 @@ module Jekyll
 
         if self.content =~ /\A(---\s*\n.*?\n?)^(---\s*$\n?)/m
           self.content = $POSTMATCH
-          self.data = YAML.load($1)
+          self.data = YAML.safe_load($1)
         end
       rescue => e
         puts "Error reading file #{File.join(base, name)}: #{e.message}"