Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:3670

Опубликовано: 14 июн. 2024
Источник: rocky
Оценка: Moderate

Описание

Moderate: ruby:3.3 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: ruby (3.3). (Rocky Linux-37446)

Security Fix(es):

  • ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280)

  • ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281)

  • ruby: Arbitrary memory address read vulnerability with Regex search (CVE-2024-27282)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
rubyi6862.module+el8.10.0+1827+16ecb9d2ruby-3.3.1-2.module+el8.10.0+1827+16ecb9d2.i686.rpm
rubyx86_642.module+el8.10.0+1827+16ecb9d2ruby-3.3.1-2.module+el8.10.0+1827+16ecb9d2.x86_64.rpm
ruby-bundled-gemsi6862.module+el8.10.0+1827+16ecb9d2ruby-bundled-gems-3.3.1-2.module+el8.10.0+1827+16ecb9d2.i686.rpm
ruby-bundled-gemsx86_642.module+el8.10.0+1827+16ecb9d2ruby-bundled-gems-3.3.1-2.module+el8.10.0+1827+16ecb9d2.x86_64.rpm
ruby-default-gemsnoarch2.module+el8.10.0+1827+16ecb9d2ruby-default-gems-3.3.1-2.module+el8.10.0+1827+16ecb9d2.noarch.rpm
ruby-default-gemsnoarch2.module+el8.10.0+1827+16ecb9d2ruby-default-gems-3.3.1-2.module+el8.10.0+1827+16ecb9d2.noarch.rpm
ruby-develi6862.module+el8.10.0+1827+16ecb9d2ruby-devel-3.3.1-2.module+el8.10.0+1827+16ecb9d2.i686.rpm
ruby-develx86_642.module+el8.10.0+1827+16ecb9d2ruby-devel-3.3.1-2.module+el8.10.0+1827+16ecb9d2.x86_64.rpm
ruby-docnoarch2.module+el8.10.0+1827+16ecb9d2ruby-doc-3.3.1-2.module+el8.10.0+1827+16ecb9d2.noarch.rpm
ruby-docnoarch2.module+el8.10.0+1827+16ecb9d2ruby-doc-3.3.1-2.module+el8.10.0+1827+16ecb9d2.noarch.rpm

Показывать по

Связанные CVE

CVE-2024-27280
CVE-2024-27281
CVE-2024-27282

Ссылки на источники

Исправления

Связанные уязвимости

rocky логотип

RLSA-2024:3671

rocky
больше 1 года назад

Moderate: ruby:3.3 security, bug fix, and enhancement update

rocky логотип

RLSA-2024:3668

rocky
больше 1 года назад

Moderate: ruby:3.1 security, bug fix, and enhancement update

rocky логотип

RLSA-2024:3546

rocky
больше 1 года назад

Moderate: ruby:3.1 security, bug fix, and enhancement update

oracle-oval логотип

ELSA-2024-3671

oracle-oval
больше 1 года назад

ELSA-2024-3671: ruby:3.3 security, bug fix, and enhancement update (MODERATE)

oracle-oval логотип

ELSA-2024-3670

oracle-oval
больше 1 года назад

ELSA-2024-3670: ruby:3.3 security, bug fix, and enhancement update (MODERATE)