Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Oracle Linux: ELSA-2022-6447 Moderate: Ruby Security Fixes

oracle
Calendar Grey September 15, 2022
Oracle Linux Logo Esm H88
Oracle Linux patches feature enhancements for Ruby, tackling various security vulnerabilities while boosting reliability and efficiency.
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

ruby [2.7.6-138] - Upgrade to Ruby 2.7.6. Resolves: rhbz#2109424 - Fix FTBFS due to an incompatible load directive. Related: rhbz#2109424 - Fix a fiddle import test on an optimized glibc on Power 9. Related: rhbz#2109424 - Fix regular Expression Denial of Service Vulnerability of Date Parsing Methods. Resolves: CVE-2021-41817 - Fix cookie prefix spoofing in CGI::Cookie.parse. Resolves: CVE-2021-41819 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739

Topics%20covered

Topics Covered

security advisory security issue update buffer overrun Denial of Service Oracle Linux Ruby fix

SRPMs

https://oss.oracle.com:443/ol8/SRPMS-updates/ruby-2.7.6-138.module+el8.6.0+20740+358d9979.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-abrt-0.4.0-1.module+el8.3.0+7760+537395ec.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-bson-4.8.1-1.module+el8.4.0+20239+cbf59dc8.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-mongo-2.11.3-1.module+el8.3.0+7760+537395ec.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-mysql2-0.5.3-1.module+el8.4.0+20239+cbf59dc8.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-pg-1.2.3-1.module+el8.4.0+20239+cbf59dc8.src.rpm

x86_64

ruby-2.7.6-138.module+el8.6.0+20740+358d9979.i686.rpm ruby-2.7.6-138.module+el8.6.0+20740+358d9979.x86_64.rpm ruby-default-gems-2.7.6-138.module+el8.6.0+20740+358d9979.noarch.rpm ruby-devel-2.7.6-138.module+el8.6.0+20740+358d9979.i686.rpm ruby-devel-2.7.6-138.module+el8.6.0+20740+358d9979.x86_64.rpm ruby-doc-2.7.6-138.module+el8.6.0+20740+358d9979.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.3.0+7760+537395ec.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.3.0+7760+537395ec.noarch.rpm rubygem-bigdecimal-2.0.0-138.module+el8.6.0+20740+358d9979.i686.rpm rubygem-bigdecimal-2.0.0-138.module+el8.6.0+20740+358d9979.x86_64.rpm rubygem-bson-4.8.1-1.module+el8.4.0+20239+cbf59dc8.x86_64.rpm rubygem-bson-doc-4.8.1-1.module+el8.4.0+20239+cbf59dc8.noarch.rpm rubygem-bundler-2.2.24-138.module+el8.6.0+20740+358d9979.noarch.rpm rubygem-io-console-0.5.6-138.module+el8.6.0+20740+358d9979.i686.rpm rubygem-io-console-0.5.6-138.module+el8.6.0+20740+358d9979.x86_64.rpm rubygem-irb-1.2.6-138.module+el8.6.0+2...

Read the Full Advisory

aarch64

ruby-2.7.6-138.module+el8.6.0+20740+358d9979.aarch64.rpm ruby-default-gems-2.7.6-138.module+el8.6.0+20740+358d9979.noarch.rpm ruby-devel-2.7.6-138.module+el8.6.0+20740+358d9979.aarch64.rpm ruby-doc-2.7.6-138.module+el8.6.0+20740+358d9979.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.3.0+7760+537395ec.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.3.0+7760+537395ec.noarch.rpm rubygem-bigdecimal-2.0.0-138.module+el8.6.0+20740+358d9979.aarch64.rpm rubygem-bson-4.8.1-1.module+el8.4.0+20239+cbf59dc8.aarch64.rpm rubygem-bson-doc-4.8.1-1.module+el8.4.0+20239+cbf59dc8.noarch.rpm rubygem-bundler-2.2.24-138.module+el8.6.0+20740+358d9979.noarch.rpm rubygem-io-console-0.5.6-138.module+el8.6.0+20740+358d9979.aarch64.rpm rubygem-irb-1.2.6-138.module+el8.6.0+20740+358d9979.noarch.rpm rubygem-json-2.3.0-138.module+el8.6.0+20740+358d9979.aarch64.rpm rubygem-minitest-5.13.0-138.module+el8.6.0+20740+358d9979.noarch.rpm rubygem-mongo-2.11.3-1.module+el8.3.0+7760+537395ec.noarch.rpm rubygem-mongo-doc-2.11.3-1.module+el8.3.0+7760+537395ec.noarch.rpm rubygem-mysql2-0.5.3-1.module+el8.4.0+20239+cbf59dc8.aarch64.rpm rubygem-mysql2-doc-0.5.3-1.module+el8.4.0+20239+cbf59dc8.noarch.rpm rubygem-net-telnet-0.2.0-138.module+el8.6.0+20740+358d9979.noarch.rpm rubygem-openssl-2.1.3-138.module+el8.6.0+20740+358d9979.aarch64.rpm rubygem-pg-1.2.3-1.module+el8.4.0+20239+cbf59dc8.aarch64.rpm rubygem-pg-doc-1.2.3-1.module+el8.4.0+20239+cbf59dc8.noarch.rpm rubygem-power_assert-1.1.7-138.module+el8.6.0+20740+358d9979.noarch.rpm rubygem-psych-3.1.0-138.module+el8.6.0+20740+358d9979.aarch64.rpm rubygem-rake-13.0.1-138.module+el8.6.0+20740+358d9979.noarch.rpm rubygem-rdoc-6.2.1.1-138.module+el8.6.0+20740+358d9979.noarch.rpm rubygems-3.1.6-138.module+el8.6.0+20740+358d9979.noarch.rpm rubygems-devel-3.1.6-138.module+el8.6.0+20740+358d9979.noarch.rpm rubygem-test-unit-3.3.4-138.module+el8.6.0+20740+358d9979.noarch.rpm rubygem-xmlrpc-0.3.0-138.module+el8.6.0+20740+358d9979.noarch.rpm ruby-libs-2.7.6-138.module+el8.6.0+20740+358d9979.aarch64.rpm

Related CVEs: CVE-2021-41817 CVE-2021-41819 CVE-2022-28739

Topics%20covered

Topics Covered

security advisory security issue update buffer overrun Denial of Service Oracle Linux Ruby fix

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here