Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Oracle Linux 8 ELSA-2022-6450 Ruby Moderate Buffer Overrun

oracle
Calendar Grey September 15, 2022
Oracle Linux Logo Esm H88
Recent update for Ruby in Oracle Linux 8 tackles significant vulnerabilities, such as heap overflow and memory corruption problems.
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

ruby [3.0.4-141] - Upgrade to Ruby 3.0.4. Resolves: rhbz#2109431 Resolves: rhbz#2110981 - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739

Topics%20covered

Topics Covered

security advisory moderate update buffer overrun double free Ruby Oracle Linux

SRPMs

https://oss.oracle.com:443/ol8/SRPMS-updates/ruby-3.0.4-141.module+el8.6.0+20741+4fdba061.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-abrt-0.4.0-1.module+el8.5.0+20321+0ba6c954.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-mysql2-0.5.3-1.module+el8.5.0+20321+0ba6c954.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/rubygem-pg-1.2.3-1.module+el8.5.0+20321+0ba6c954.src.rpm

x86_64

ruby-3.0.4-141.module+el8.6.0+20741+4fdba061.i686.rpm ruby-3.0.4-141.module+el8.6.0+20741+4fdba061.x86_64.rpm ruby-default-gems-3.0.4-141.module+el8.6.0+20741+4fdba061.noarch.rpm ruby-devel-3.0.4-141.module+el8.6.0+20741+4fdba061.i686.rpm ruby-devel-3.0.4-141.module+el8.6.0+20741+4fdba061.x86_64.rpm ruby-doc-3.0.4-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.5.0+20321+0ba6c954.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.5.0+20321+0ba6c954.noarch.rpm rubygem-bigdecimal-3.0.0-141.module+el8.6.0+20741+4fdba061.i686.rpm rubygem-bigdecimal-3.0.0-141.module+el8.6.0+20741+4fdba061.x86_64.rpm rubygem-bundler-2.2.33-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-io-console-0.5.7-141.module+el8.6.0+20741+4fdba061.i686.rpm rubygem-io-console-0.5.7-141.module+el8.6.0+20741+4fdba061.x86_64.rpm rubygem-irb-1.3.5-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-json-2.5.1-141.module+el8.6.0+20741+4fdba061.i686.rpm rubygem-json-2.5.1-141.module+el8.6.0+2...

Read the Full Advisory

aarch64

ruby-3.0.4-141.module+el8.6.0+20741+4fdba061.aarch64.rpm ruby-default-gems-3.0.4-141.module+el8.6.0+20741+4fdba061.noarch.rpm ruby-devel-3.0.4-141.module+el8.6.0+20741+4fdba061.aarch64.rpm ruby-doc-3.0.4-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.5.0+20321+0ba6c954.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.5.0+20321+0ba6c954.noarch.rpm rubygem-bigdecimal-3.0.0-141.module+el8.6.0+20741+4fdba061.aarch64.rpm rubygem-bundler-2.2.33-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-io-console-0.5.7-141.module+el8.6.0+20741+4fdba061.aarch64.rpm rubygem-irb-1.3.5-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-json-2.5.1-141.module+el8.6.0+20741+4fdba061.aarch64.rpm rubygem-minitest-5.14.2-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-mysql2-0.5.3-1.module+el8.5.0+20321+0ba6c954.aarch64.rpm rubygem-mysql2-doc-0.5.3-1.module+el8.5.0+20321+0ba6c954.noarch.rpm rubygem-pg-1.2.3-1.module+el8.5.0+20321+0ba6c954.aarch64.rpm rubygem-pg-doc-1.2.3-1.module+el8.5.0+20321+0ba6c954.noarch.rpm rubygem-power_assert-1.2.0-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-psych-3.3.2-141.module+el8.6.0+20741+4fdba061.aarch64.rpm rubygem-rake-13.0.3-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-rbs-1.4.0-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-rdoc-6.3.3-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-rexml-3.2.5-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-rss-0.2.9-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygems-3.2.33-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygems-devel-3.2.33-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-test-unit-3.3.7-141.module+el8.6.0+20741+4fdba061.noarch.rpm rubygem-typeprof-0.15.2-141.module+el8.6.0+20741+4fdba061.noarch.rpm ruby-libs-3.0.4-141.module+el8.6.0+20741+4fdba061.aarch64.rpm

Related CVEs: CVE-2021-41817 CVE-2021-41819 CVE-2022-28738 CVE-2022-28739

Topics%20covered

Topics Covered

security advisory moderate update buffer overrun double free Ruby Oracle Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here