Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Oracle Linux 8: ELSA-2023-3821 Moderate: Ruby 2.7 HTTP Response Fix

oracle
Calendar Grey August 10, 2023
Oracle Linux Logo Esm H88
Oracle Linux Security Notice ELSA-2023-3821 enhances Ruby 2.7, addressing issues and significantly improving overall system security measures.
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

ruby [2.7.8-139] - Upgrade to Ruby 2.7.8. Resolves: rhbz#2149262 - Fix HTTP response splitting in CGI. Resolves: CVE-2021-33621 - Fix ReDoS vulnerability in URI. Resolves: CVE-2023-28755 - Fix ReDoS vulnerability in Time. Resolves: CVE-2023-28756 rubygem-abrt [0.4.0-1] - Update to abrt 0.4.0. Resolves: rhbz#1842476 rubygem-bson [4.8.1-1] - Update to bson 4.8.1 by merging Fedora master branch (commit: 0741dbc) Resolves: rhbz#1817135 rubygem-mongo [2.11.3-1] - Update to mongo 2.11.3 by merging Fedora master branch (commit: c3f83c2) Resolves: rhbz#1817135 rubygem-mysql2 [0.5.3-2] - Update by merging Fedora rawhide branch (commit: 81e2cc9) - Fix Mysql2::Result test for Ruby 3.1. - Remove gem_make.out and mkmf.log files from the binary RPM package. - Fix test assertion for mariadb-connector-c. Related: rhbz#2063772 [0.5.3-1] - New upstream release 0.5.3 by merging Fedora master branch (commit: 674d475) Resolves: rhbz#1817135 [0.5.2-1] - New upstream release 0.5.2...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate bug fix system enhancement ruby update Oracle Linux HTTP response issue

SRPMs

https://oss.oracle.com:443/ol8/SRPMS-updates//ruby-2.7.8-139.module+el8.8.0+21111+2e34bf27.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//rubygem-abrt-0.4.0-1.module+el8.3.0+7760+537395ec.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//rubygem-bson-4.8.1-1.module+el8.4.0+20239+cbf59dc8.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//rubygem-mongo-2.11.3-1.module+el8.3.0+7760+537395ec.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//rubygem-mysql2-0.5.3-1.module+el8.4.0+20239+cbf59dc8.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//rubygem-pg-1.2.3-1.module+el8.4.0+20239+cbf59dc8.src.rpm

x86_64

ruby-2.7.8-139.module+el8.8.0+21111+2e34bf27.i686.rpm ruby-2.7.8-139.module+el8.8.0+21111+2e34bf27.x86_64.rpm ruby-default-gems-2.7.8-139.module+el8.8.0+21111+2e34bf27.noarch.rpm ruby-devel-2.7.8-139.module+el8.8.0+21111+2e34bf27.i686.rpm ruby-devel-2.7.8-139.module+el8.8.0+21111+2e34bf27.x86_64.rpm ruby-doc-2.7.8-139.module+el8.8.0+21111+2e34bf27.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.3.0+7760+537395ec.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.3.0+7760+537395ec.noarch.rpm rubygem-bigdecimal-2.0.0-139.module+el8.8.0+21111+2e34bf27.i686.rpm rubygem-bigdecimal-2.0.0-139.module+el8.8.0+21111+2e34bf27.x86_64.rpm rubygem-bson-4.8.1-1.module+el8.4.0+20239+cbf59dc8.x86_64.rpm rubygem-bson-doc-4.8.1-1.module+el8.4.0+20239+cbf59dc8.noarch.rpm rubygem-bundler-2.2.24-139.module+el8.8.0+21111+2e34bf27.noarch.rpm rubygem-io-console-0.5.6-139.module+el8.8.0+21111+2e34bf27.i686.rpm rubygem-io-console-0.5.6-139.module+el8.8.0+21111+2e34bf27.x86_64.rpm rubygem-irb-1.2.6-139.module+el8.8.0+2...

Read the Full Advisory

aarch64

ruby-2.7.8-139.module+el8.8.0+21111+2e34bf27.aarch64.rpm ruby-default-gems-2.7.8-139.module+el8.8.0+21111+2e34bf27.noarch.rpm ruby-devel-2.7.8-139.module+el8.8.0+21111+2e34bf27.aarch64.rpm ruby-doc-2.7.8-139.module+el8.8.0+21111+2e34bf27.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.3.0+7760+537395ec.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.3.0+7760+537395ec.noarch.rpm rubygem-bigdecimal-2.0.0-139.module+el8.8.0+21111+2e34bf27.aarch64.rpm rubygem-bson-4.8.1-1.module+el8.4.0+20239+cbf59dc8.aarch64.rpm rubygem-bson-doc-4.8.1-1.module+el8.4.0+20239+cbf59dc8.noarch.rpm rubygem-bundler-2.2.24-139.module+el8.8.0+21111+2e34bf27.noarch.rpm rubygem-io-console-0.5.6-139.module+el8.8.0+21111+2e34bf27.aarch64.rpm rubygem-irb-1.2.6-139.module+el8.8.0+21111+2e34bf27.noarch.rpm rubygem-json-2.3.0-139.module+el8.8.0+21111+2e34bf27.aarch64.rpm rubygem-minitest-5.13.0-139.module+el8.8.0+21111+2e34bf27.noarch.rpm rubygem-mongo-2.11.3-1.module+el8.3.0+7760+537395ec.noarch.rpm rubygem-mongo-doc-2.11.3-1.module+el8.3.0+7760+537395ec.noarch.rpm rubygem-mysql2-0.5.3-1.module+el8.4.0+20239+cbf59dc8.aarch64.rpm rubygem-mysql2-doc-0.5.3-1.module+el8.4.0+20239+cbf59dc8.noarch.rpm rubygem-net-telnet-0.2.0-139.module+el8.8.0+21111+2e34bf27.noarch.rpm rubygem-openssl-2.1.4-139.module+el8.8.0+21111+2e34bf27.aarch64.rpm rubygem-pg-1.2.3-1.module+el8.4.0+20239+cbf59dc8.aarch64.rpm rubygem-pg-doc-1.2.3-1.module+el8.4.0+20239+cbf59dc8.noarch.rpm rubygem-power_assert-1.1.7-139.module+el8.8.0+21111+2e34bf27.noarch.rpm rubygem-psych-3.1.0-139.module+el8.8.0+21111+2e34bf27.aarch64.rpm rubygem-rake-13.0.1-139.module+el8.8.0+21111+2e34bf27.noarch.rpm rubygem-rdoc-6.2.1.1-139.module+el8.8.0+21111+2e34bf27.noarch.rpm rubygems-3.1.6-139.module+el8.8.0+21111+2e34bf27.noarch.rpm rubygems-devel-3.1.6-139.module+el8.8.0+21111+2e34bf27.noarch.rpm rubygem-test-unit-3.3.4-139.module+el8.8.0+21111+2e34bf27.noarch.rpm rubygem-xmlrpc-0.3.0-139.module+el8.8.0+21111+2e34bf27.noarch.rpm ruby-libs-2.7.8-139.module+el8.8.0+21111+2e34bf27.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2021-33621 CVE-2023-28755 CVE-2023-28756

Topics%20covered

Topics Covered

security advisory moderate bug fix system enhancement ruby update Oracle Linux HTTP response issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here