ELSA-2024-4499

Опубликовано: 15 июл. 2024

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2024-4499: ruby security update (MODERATE)

ruby [2.5.9-112]

Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755. (CVE-2023-36617) Resolves: RHEL-5614
Fix Buffer overread vulnerability in StringIO. (CVE-2024-27280) Resolves: RHEL-34125
Fix RCE vulnerability with .rdoc_options in RDoc. (CVE-2024-27281) Resolves: RHEL-34117
Fix Arbitrary memory address read vulnerability with Regex search. (CVE-2024-27282) Resolves: RHEL-33867
Fix REXML DoS parsing an XML with many <'s in an attribute value. (CVE-2024-35176) Resolves: RHEL-37877

rubygem-abrt rubygem-bson rubygem-bundler rubygem-mongo rubygem-mysql2 rubygem-pg

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module ruby:2.5 is enabled

ruby

2.5.9-112.module+el8.10.0+90367+ae9e8511

ruby-devel

2.5.9-112.module+el8.10.0+90367+ae9e8511

ruby-doc

2.5.9-112.module+el8.10.0+90367+ae9e8511

ruby-irb

2.5.9-112.module+el8.10.0+90367+ae9e8511

ruby-libs

2.5.9-112.module+el8.10.0+90367+ae9e8511

rubygem-abrt

0.3.0-4.module+el8.10.0+90367+ae9e8511

rubygem-abrt-doc

0.3.0-4.module+el8.10.0+90367+ae9e8511

rubygem-bigdecimal

1.3.4-112.module+el8.10.0+90367+ae9e8511

rubygem-bson

4.3.0-2.module+el8.9.0+90042+a65659a6

rubygem-bson-doc

4.3.0-2.module+el8.9.0+90042+a65659a6

rubygem-bundler

1.16.1-4.module+el8.10.0+90367+ae9e8511

rubygem-bundler-doc

1.16.1-4.module+el8.10.0+90367+ae9e8511

rubygem-did_you_mean

1.2.0-112.module+el8.10.0+90367+ae9e8511

rubygem-io-console

0.4.6-112.module+el8.10.0+90367+ae9e8511

rubygem-json

2.1.0-112.module+el8.10.0+90367+ae9e8511

rubygem-minitest

5.10.3-112.module+el8.10.0+90367+ae9e8511

rubygem-mongo

2.5.1-2.module+el8.9.0+90042+a65659a6

rubygem-mongo-doc

2.5.1-2.module+el8.9.0+90042+a65659a6

rubygem-mysql2

0.4.10-4.module+el8.9.0+90042+a65659a6

rubygem-mysql2-doc

0.4.10-4.module+el8.9.0+90042+a65659a6

rubygem-net-telnet

0.1.1-112.module+el8.10.0+90367+ae9e8511

rubygem-openssl

2.1.2-112.module+el8.10.0+90367+ae9e8511

rubygem-pg

1.0.0-3.module+el8.9.0+90042+a65659a6

rubygem-pg-doc

1.0.0-3.module+el8.9.0+90042+a65659a6

rubygem-power_assert

1.1.1-112.module+el8.10.0+90367+ae9e8511

rubygem-psych

3.0.2-112.module+el8.10.0+90367+ae9e8511

rubygem-rake

12.3.3-112.module+el8.10.0+90367+ae9e8511

rubygem-rdoc

6.0.1.1-112.module+el8.10.0+90367+ae9e8511

rubygem-test-unit

3.2.7-112.module+el8.10.0+90367+ae9e8511

rubygem-xmlrpc

0.3.0-112.module+el8.10.0+90367+ae9e8511

rubygems

2.7.6.3-112.module+el8.10.0+90367+ae9e8511

rubygems-devel

2.7.6.3-112.module+el8.10.0+90367+ae9e8511

Oracle Linux x86_64

Module ruby:2.5 is enabled

ruby

2.5.9-112.module+el8.10.0+90367+ae9e8511

ruby-devel

2.5.9-112.module+el8.10.0+90367+ae9e8511

ruby-doc

2.5.9-112.module+el8.10.0+90367+ae9e8511

ruby-irb

2.5.9-112.module+el8.10.0+90367+ae9e8511

ruby-libs

2.5.9-112.module+el8.10.0+90367+ae9e8511

rubygem-abrt

0.3.0-4.module+el8.10.0+90367+ae9e8511

rubygem-abrt-doc

0.3.0-4.module+el8.10.0+90367+ae9e8511

rubygem-bigdecimal

1.3.4-112.module+el8.10.0+90367+ae9e8511

rubygem-bson

4.3.0-2.module+el8.9.0+90042+a65659a6

rubygem-bson-doc

4.3.0-2.module+el8.9.0+90042+a65659a6

rubygem-bundler

1.16.1-4.module+el8.10.0+90367+ae9e8511

rubygem-bundler-doc

1.16.1-4.module+el8.10.0+90367+ae9e8511

rubygem-did_you_mean

1.2.0-112.module+el8.10.0+90367+ae9e8511

rubygem-io-console

0.4.6-112.module+el8.10.0+90367+ae9e8511

rubygem-json

2.1.0-112.module+el8.10.0+90367+ae9e8511

rubygem-minitest

5.10.3-112.module+el8.10.0+90367+ae9e8511

rubygem-mongo

2.5.1-2.module+el8.9.0+90042+a65659a6

rubygem-mongo-doc

2.5.1-2.module+el8.9.0+90042+a65659a6

rubygem-mysql2

0.4.10-4.module+el8.9.0+90042+a65659a6

rubygem-mysql2-doc

0.4.10-4.module+el8.9.0+90042+a65659a6

rubygem-net-telnet

0.1.1-112.module+el8.10.0+90367+ae9e8511

rubygem-openssl

2.1.2-112.module+el8.10.0+90367+ae9e8511

rubygem-pg

1.0.0-3.module+el8.9.0+90042+a65659a6

rubygem-pg-doc

1.0.0-3.module+el8.9.0+90042+a65659a6

rubygem-power_assert

1.1.1-112.module+el8.10.0+90367+ae9e8511

rubygem-psych

3.0.2-112.module+el8.10.0+90367+ae9e8511

rubygem-rake

12.3.3-112.module+el8.10.0+90367+ae9e8511

rubygem-rdoc

6.0.1.1-112.module+el8.10.0+90367+ae9e8511

rubygem-test-unit

3.2.7-112.module+el8.10.0+90367+ae9e8511

rubygem-xmlrpc

0.3.0-112.module+el8.10.0+90367+ae9e8511

rubygems

2.7.6.3-112.module+el8.10.0+90367+ae9e8511

rubygems-devel

2.7.6.3-112.module+el8.10.0+90367+ae9e8511

Связанные CVE

Ссылки на источники

Связанные уязвимости

RLSA-2024:4499

rocky

больше 1 года назад

Moderate: ruby security update

RLSA-2024:3671

rocky

больше 1 года назад

Moderate: ruby:3.3 security, bug fix, and enhancement update

RLSA-2024:3670

rocky

больше 1 года назад

Moderate: ruby:3.3 security, bug fix, and enhancement update

RLSA-2024:3668

rocky

больше 1 года назад

Moderate: ruby:3.1 security, bug fix, and enhancement update

RLSA-2024:3546

rocky

больше 1 года назад

Moderate: ruby:3.1 security, bug fix, and enhancement update