ELSA-2022-0672-1

Опубликовано: 08 мар. 2022

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2022-0672-1: ruby:2.5 security update (MODERATE)

ruby [2.5.9-109.0.1]

Rebuild with a dependency containing fix for Orabug: 33921593

[2.5.9-109]

Properly fix command injection vulnerability in Rdoc. Related: CVE-2021-31799

[2.5.9-108]

Fix command injection vulnerability in RDoc. Resolves: CVE-2021-31799
Fix StartTLS stripping vulnerability in Net::IMAP Resolves: CVE-2021-32066
Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host. Resolves: CVE-2021-31810

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module ruby:2.5 is enabled

ruby

2.5.9-109.0.1.module+el8.5.0+20513+af7be134

ruby-devel

2.5.9-109.0.1.module+el8.5.0+20513+af7be134

ruby-doc

2.5.9-109.0.1.module+el8.5.0+20513+af7be134

ruby-irb

2.5.9-109.0.1.module+el8.5.0+20513+af7be134

ruby-libs

2.5.9-109.0.1.module+el8.5.0+20513+af7be134

rubygem-abrt

0.3.0-4.module+el8.3.0+7756+e45777e9

rubygem-abrt-doc

0.3.0-4.module+el8.3.0+7756+e45777e9

rubygem-bigdecimal

1.3.4-109.0.1.module+el8.5.0+20513+af7be134

rubygem-bson

4.3.0-2.module+el8.3.0+7756+e45777e9

rubygem-bson-doc

4.3.0-2.module+el8.3.0+7756+e45777e9

rubygem-bundler

1.16.1-4.module+el8.5.0+20497+d0a7b862

rubygem-bundler-doc

1.16.1-4.module+el8.5.0+20497+d0a7b862

rubygem-did_you_mean

1.2.0-109.0.1.module+el8.5.0+20513+af7be134

rubygem-io-console

0.4.6-109.0.1.module+el8.5.0+20513+af7be134

rubygem-json

2.1.0-109.0.1.module+el8.5.0+20513+af7be134

rubygem-minitest

5.10.3-109.0.1.module+el8.5.0+20513+af7be134

rubygem-mongo

2.5.1-2.module+el8.3.0+7756+e45777e9

rubygem-mongo-doc

2.5.1-2.module+el8.3.0+7756+e45777e9

rubygem-mysql2

0.4.10-4.module+el8.3.0+7756+e45777e9

rubygem-mysql2-doc

0.4.10-4.module+el8.3.0+7756+e45777e9

rubygem-net-telnet

0.1.1-109.0.1.module+el8.5.0+20513+af7be134

rubygem-openssl

2.1.2-109.0.1.module+el8.5.0+20513+af7be134

rubygem-pg

1.0.0-2.module+el8.3.0+7756+e45777e9

rubygem-pg-doc

1.0.0-2.module+el8.3.0+7756+e45777e9

rubygem-power_assert

1.1.1-109.0.1.module+el8.5.0+20513+af7be134

rubygem-psych

3.0.2-109.0.1.module+el8.5.0+20513+af7be134

rubygem-rake

12.3.3-109.0.1.module+el8.5.0+20513+af7be134

rubygem-rdoc

6.0.1.1-109.0.1.module+el8.5.0+20513+af7be134

rubygem-test-unit

3.2.7-109.0.1.module+el8.5.0+20513+af7be134

rubygem-xmlrpc

0.3.0-109.0.1.module+el8.5.0+20513+af7be134

rubygems

2.7.6.3-109.0.1.module+el8.5.0+20513+af7be134

rubygems-devel

2.7.6.3-109.0.1.module+el8.5.0+20513+af7be134

Oracle Linux x86_64

Module ruby:2.5 is enabled

ruby

2.5.9-109.0.1.module+el8.5.0+20513+af7be134

ruby-devel

2.5.9-109.0.1.module+el8.5.0+20513+af7be134

ruby-doc

2.5.9-109.0.1.module+el8.5.0+20513+af7be134

ruby-irb

2.5.9-109.0.1.module+el8.5.0+20513+af7be134

ruby-libs

2.5.9-109.0.1.module+el8.5.0+20513+af7be134

rubygem-abrt

0.3.0-4.module+el8.3.0+7756+e45777e9

rubygem-abrt-doc

0.3.0-4.module+el8.3.0+7756+e45777e9

rubygem-bigdecimal

1.3.4-109.0.1.module+el8.5.0+20513+af7be134

rubygem-bson

4.3.0-2.module+el8.3.0+7756+e45777e9

rubygem-bson-doc

4.3.0-2.module+el8.3.0+7756+e45777e9

rubygem-bundler

1.16.1-4.module+el8.5.0+20497+d0a7b862

rubygem-bundler-doc

1.16.1-4.module+el8.5.0+20497+d0a7b862

rubygem-did_you_mean

1.2.0-109.0.1.module+el8.5.0+20513+af7be134

rubygem-io-console

0.4.6-109.0.1.module+el8.5.0+20513+af7be134

rubygem-json

2.1.0-109.0.1.module+el8.5.0+20513+af7be134

rubygem-minitest

5.10.3-109.0.1.module+el8.5.0+20513+af7be134

rubygem-mongo

2.5.1-2.module+el8.3.0+7756+e45777e9

rubygem-mongo-doc

2.5.1-2.module+el8.3.0+7756+e45777e9

rubygem-mysql2

0.4.10-4.module+el8.3.0+7756+e45777e9

rubygem-mysql2-doc

0.4.10-4.module+el8.3.0+7756+e45777e9

rubygem-net-telnet

0.1.1-109.0.1.module+el8.5.0+20513+af7be134

rubygem-openssl

2.1.2-109.0.1.module+el8.5.0+20513+af7be134

rubygem-pg

1.0.0-2.module+el8.3.0+7756+e45777e9

rubygem-pg-doc

1.0.0-2.module+el8.3.0+7756+e45777e9

rubygem-power_assert

1.1.1-109.0.1.module+el8.5.0+20513+af7be134

rubygem-psych

3.0.2-109.0.1.module+el8.5.0+20513+af7be134

rubygem-rake

12.3.3-109.0.1.module+el8.5.0+20513+af7be134

rubygem-rdoc

6.0.1.1-109.0.1.module+el8.5.0+20513+af7be134

rubygem-test-unit

3.2.7-109.0.1.module+el8.5.0+20513+af7be134

rubygem-xmlrpc

0.3.0-109.0.1.module+el8.5.0+20513+af7be134

rubygems

2.7.6.3-109.0.1.module+el8.5.0+20513+af7be134

rubygems-devel

2.7.6.3-109.0.1.module+el8.5.0+20513+af7be134

Связанные CVE

CVE-2021-32066

CVE-2021-31799

CVE-2021-31810

Ссылки на источники

Связанные уязвимости

openSUSE-SU-2021:3838-1

suse-cvrf

больше 3 лет назад

Security update for ruby2.5

openSUSE-SU-2021:1535-1

suse-cvrf

больше 3 лет назад

Security update for ruby2.5

SUSE-SU-2021:3838-1

suse-cvrf

больше 3 лет назад

Security update for ruby2.5

RLSA-2022:0672

rocky

больше 3 лет назад

Moderate: ruby:2.5 security update

ELSA-2022-0672

oracle-oval

больше 3 лет назад

ELSA-2022-0672: ruby:2.5 security update (MODERATE)