Oracle Linux 8 ELSA-2022-0672-1 Moderate: Ruby Command Injection Issue

oracle

March 9, 2022

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

ruby [2.5.9-109.0.1] - Rebuild with a dependency containing fix for Orabug: 33921593 [2.5.9-109] - Properly fix command injection vulnerability in Rdoc. Related: CVE-2021-31799 [2.5.9-108] - Fix command injection vulnerability in RDoc. Resolves: CVE-2021-31799 - Fix StartTLS stripping vulnerability in Net::IMAP Resolves: CVE-2021-32066 - Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host. Resolves: CVE-2021-31810

Topics Covered

security advisory moderate update ruby command injection Oracle Linux ftp issue

SRPMs

https://oss.oracle.com:443/ol8/SRPMS-updates/ruby-2.5.9-109.0.1.module+el8.5.0+20513+af7be134.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-abrt-0.3.0-4.module+el8.3.0+7756+e45777e9.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-bson-4.3.0-2.module+el8.3.0+7756+e45777e9.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-bundler-1.16.1-4.module+el8.5.0+20497+d0a7b862.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-mongo-2.5.1-2.module+el8.3.0+7756+e45777e9.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-mysql2-0.4.10-4.module+el8.3.0+7756+e45777e9.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-pg-1.0.0-2.module+el8.3.0+7756+e45777e9.src.rpm

x86_64

ruby-2.5.9-109.0.1.module+el8.5.0+20513+af7be134.i686.rpm ruby-2.5.9-109.0.1.module+el8.5.0+20513+af7be134.x86_64.rpm ruby-devel-2.5.9-109.0.1.module+el8.5.0+20513+af7be134.i686.rpm ruby-devel-2.5.9-109.0.1.module+el8.5.0+20513+af7be134.x86_64.rpm ruby-doc-2.5.9-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm rubygem-abrt-0.3.0-4.module+el8.3.0+7756+e45777e9.noarch.rpm rubygem-abrt-doc-0.3.0-4.module+el8.3.0+7756+e45777e9.noarch.rpm rubygem-bigdecimal-1.3.4-109.0.1.module+el8.5.0+20513+af7be134.i686.rpm rubygem-bigdecimal-1.3.4-109.0.1.module+el8.5.0+20513+af7be134.x86_64.rpm rubygem-bson-4.3.0-2.module+el8.3.0+7756+e45777e9.x86_64.rpm rubygem-bson-doc-4.3.0-2.module+el8.3.0+7756+e45777e9.noarch.rpm rubygem-bundler-1.16.1-4.module+el8.5.0+20497+d0a7b862.noarch.rpm rubygem-bundler-doc-1.16.1-4.module+el8.5.0+20497+d0a7b862.noarch.rpm rubygem-did_you_mean-1.2.0-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm rubygem-io-console-0.4.6-109.0.1.module+el8.5.0+20513+af7be134.i686.rpm rub...

Read the Full Advisory

aarch64

ruby-2.5.9-109.0.1.module+el8.5.0+20513+af7be134.aarch64.rpm ruby-devel-2.5.9-109.0.1.module+el8.5.0+20513+af7be134.aarch64.rpm ruby-doc-2.5.9-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm rubygem-abrt-0.3.0-4.module+el8.3.0+7756+e45777e9.noarch.rpm rubygem-abrt-doc-0.3.0-4.module+el8.3.0+7756+e45777e9.noarch.rpm rubygem-bigdecimal-1.3.4-109.0.1.module+el8.5.0+20513+af7be134.aarch64.rpm rubygem-bson-4.3.0-2.module+el8.3.0+7756+e45777e9.aarch64.rpm rubygem-bson-doc-4.3.0-2.module+el8.3.0+7756+e45777e9.noarch.rpm rubygem-bundler-1.16.1-4.module+el8.5.0+20497+d0a7b862.noarch.rpm rubygem-bundler-doc-1.16.1-4.module+el8.5.0+20497+d0a7b862.noarch.rpm rubygem-did_you_mean-1.2.0-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm rubygem-io-console-0.4.6-109.0.1.module+el8.5.0+20513+af7be134.aarch64.rpm rubygem-json-2.1.0-109.0.1.module+el8.5.0+20513+af7be134.aarch64.rpm rubygem-minitest-5.10.3-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm rubygem-mongo-2.5.1-2.module+el8.3.0+7756+e45777e9.noarch.rpm rubygem-mongo-doc-2.5.1-2.module+el8.3.0+7756+e45777e9.noarch.rpm rubygem-mysql2-0.4.10-4.module+el8.3.0+7756+e45777e9.aarch64.rpm rubygem-mysql2-doc-0.4.10-4.module+el8.3.0+7756+e45777e9.noarch.rpm rubygem-net-telnet-0.1.1-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm rubygem-openssl-2.1.2-109.0.1.module+el8.5.0+20513+af7be134.aarch64.rpm rubygem-pg-1.0.0-2.module+el8.3.0+7756+e45777e9.aarch64.rpm rubygem-pg-doc-1.0.0-2.module+el8.3.0+7756+e45777e9.noarch.rpm rubygem-power_assert-1.1.1-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm rubygem-psych-3.0.2-109.0.1.module+el8.5.0+20513+af7be134.aarch64.rpm rubygem-rake-12.3.3-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm rubygem-rdoc-6.0.1.1-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm rubygems-2.7.6.3-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm rubygems-devel-2.7.6.3-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm rubygem-test-unit-3.2.7-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm rubygem-xmlrpc-0.3.0-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm ruby-irb-2.5.9-109.0.1.module+el8.5.0+20513+af7be134.noarch.rpm ruby-libs-2.5.9-109.0.1.module+el8.5.0+20513+af7be134.aarch64.rpm

Related CVEs: CVE-2021-31799 CVE-2021-31810 CVE-2021-32066

Topics Covered

security advisory moderate update ruby command injection Oracle Linux ftp issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Oracle Linux 8 ELSA-2022-0672-1 Moderate: Ruby Command Injection Issue

Summary

Topics Covered

SRPMs

x86_64

aarch64

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Oracle Linux 8 ELSA-2022-0672-1 Moderate: Ruby Command Injection Issue

Summary

Topics Covered

SRPMs

x86_64

aarch64

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!