Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2022-5338

Опубликовано: 01 июл. 2022
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2022-5338: ruby:2.6 security, bug fix, and enhancement update (MODERATE)

ruby [2.6.10-109]

  • Upgrade to Ruby 2.6.10. Resolves: rhbz#2088415
  • Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739
  • Fix FTBFS due to an incompatible load directive.
  • Fix a fiddle import test on an optimized glibc on Power 9.

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module ruby:2.6 is enabled

ruby

2.6.10-109.module+el8.6.0+20693+52f02d9c

ruby-devel

2.6.10-109.module+el8.6.0+20693+52f02d9c

ruby-doc

2.6.10-109.module+el8.6.0+20693+52f02d9c

ruby-libs

2.6.10-109.module+el8.6.0+20693+52f02d9c

rubygem-abrt

0.3.0-4.module+el8.1.0+5406+ce01f9b9

rubygem-abrt-doc

0.3.0-4.module+el8.1.0+5406+ce01f9b9

rubygem-bigdecimal

1.4.1-109.module+el8.6.0+20693+52f02d9c

rubygem-bson

4.5.0-1.module+el8.4.0+20235+1e5b8be3

rubygem-bson-doc

4.5.0-1.module+el8.4.0+20235+1e5b8be3

rubygem-bundler

1.17.2-109.module+el8.6.0+20693+52f02d9c

rubygem-did_you_mean

1.3.0-109.module+el8.6.0+20693+52f02d9c

rubygem-io-console

0.4.7-109.module+el8.6.0+20693+52f02d9c

rubygem-irb

1.0.0-109.module+el8.6.0+20693+52f02d9c

rubygem-json

2.1.0-109.module+el8.6.0+20693+52f02d9c

rubygem-minitest

5.11.3-109.module+el8.6.0+20693+52f02d9c

rubygem-mongo

2.8.0-1.module+el8.1.0+5406+ce01f9b9

rubygem-mongo-doc

2.8.0-1.module+el8.1.0+5406+ce01f9b9

rubygem-mysql2

0.5.2-1.module+el8.4.0+20235+1e5b8be3

rubygem-mysql2-doc

0.5.2-1.module+el8.4.0+20235+1e5b8be3

rubygem-net-telnet

0.2.0-109.module+el8.6.0+20693+52f02d9c

rubygem-openssl

2.1.2-109.module+el8.6.0+20693+52f02d9c

rubygem-pg

1.1.4-1.module+el8.4.0+20235+1e5b8be3

rubygem-pg-doc

1.1.4-1.module+el8.4.0+20235+1e5b8be3

rubygem-power_assert

1.1.3-109.module+el8.6.0+20693+52f02d9c

rubygem-psych

3.1.0-109.module+el8.6.0+20693+52f02d9c

rubygem-rake

12.3.3-109.module+el8.6.0+20693+52f02d9c

rubygem-rdoc

6.1.2.1-109.module+el8.6.0+20693+52f02d9c

rubygem-test-unit

3.2.9-109.module+el8.6.0+20693+52f02d9c

rubygem-xmlrpc

0.3.0-109.module+el8.6.0+20693+52f02d9c

rubygems

3.0.3.1-109.module+el8.6.0+20693+52f02d9c

rubygems-devel

3.0.3.1-109.module+el8.6.0+20693+52f02d9c

Oracle Linux x86_64

Module ruby:2.6 is enabled

ruby

2.6.10-109.module+el8.6.0+20693+52f02d9c

ruby-devel

2.6.10-109.module+el8.6.0+20693+52f02d9c

ruby-doc

2.6.10-109.module+el8.6.0+20693+52f02d9c

ruby-libs

2.6.10-109.module+el8.6.0+20693+52f02d9c

rubygem-abrt

0.3.0-4.module+el8.1.0+5406+ce01f9b9

rubygem-abrt-doc

0.3.0-4.module+el8.1.0+5406+ce01f9b9

rubygem-bigdecimal

1.4.1-109.module+el8.6.0+20693+52f02d9c

rubygem-bson

4.5.0-1.module+el8.4.0+20235+1e5b8be3

rubygem-bson-doc

4.5.0-1.module+el8.4.0+20235+1e5b8be3

rubygem-bundler

1.17.2-109.module+el8.6.0+20693+52f02d9c

rubygem-did_you_mean

1.3.0-109.module+el8.6.0+20693+52f02d9c

rubygem-io-console

0.4.7-109.module+el8.6.0+20693+52f02d9c

rubygem-irb

1.0.0-109.module+el8.6.0+20693+52f02d9c

rubygem-json

2.1.0-109.module+el8.6.0+20693+52f02d9c

rubygem-minitest

5.11.3-109.module+el8.6.0+20693+52f02d9c

rubygem-mongo

2.8.0-1.module+el8.1.0+5406+ce01f9b9

rubygem-mongo-doc

2.8.0-1.module+el8.1.0+5406+ce01f9b9

rubygem-mysql2

0.5.2-1.module+el8.4.0+20235+1e5b8be3

rubygem-mysql2-doc

0.5.2-1.module+el8.4.0+20235+1e5b8be3

rubygem-net-telnet

0.2.0-109.module+el8.6.0+20693+52f02d9c

rubygem-openssl

2.1.2-109.module+el8.6.0+20693+52f02d9c

rubygem-pg

1.1.4-1.module+el8.4.0+20235+1e5b8be3

rubygem-pg-doc

1.1.4-1.module+el8.4.0+20235+1e5b8be3

rubygem-power_assert

1.1.3-109.module+el8.6.0+20693+52f02d9c

rubygem-psych

3.1.0-109.module+el8.6.0+20693+52f02d9c

rubygem-rake

12.3.3-109.module+el8.6.0+20693+52f02d9c

rubygem-rdoc

6.1.2.1-109.module+el8.6.0+20693+52f02d9c

rubygem-test-unit

3.2.9-109.module+el8.6.0+20693+52f02d9c

rubygem-xmlrpc

0.3.0-109.module+el8.6.0+20693+52f02d9c

rubygems

3.0.3.1-109.module+el8.6.0+20693+52f02d9c

rubygems-devel

3.0.3.1-109.module+el8.6.0+20693+52f02d9c

Связанные CVE

CVE-2022-28739

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2022-28739

CVSS3: 7.5
ubuntu
около 3 лет назад

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.

redhat логотип

CVE-2022-28739

CVSS3: 6.2
redhat
около 3 лет назад

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.

nvd логотип

CVE-2022-28739

CVSS3: 7.5
nvd
около 3 лет назад

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.

msrc логотип

CVE-2022-28739

CVSS3: 7.5
msrc
около 3 лет назад

Описание отсутствует

debian логотип

CVE-2022-28739

CVSS3: 7.5
debian
около 3 лет назад

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, ...