Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

Oracle Linux 8: ELSA-2024-3546 Moderate: Ruby Fixes For Multiple Threats

oracle
Calendar Grey June 4, 2024
Oracle Linux Logo Esm H88
Oracle Linux has released updates for Ruby 3.1 that rectify significant vulnerabilities and enhance security functionalities with notable severity.
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

ruby [3.1.5-143] - Upgrade to Ruby 3.1.5. Resolves: RHEL-35748 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35749 - Fix RCE vulnerability with .rdoc_options in RDoc. Resolves: RHEL-35750 - Fix arbitrary memory address read vulnerability with Regex search. Resolves: RHEL-35751 rubygem-abrt rubygem-mysql2 rubygem-pg

Topics%20covered

Topics Covered

security advisory moderate software update remote code execution ruby Oracle buffer overread

SRPMs

http://oss.oracle.com/ol8/SRPMS-updates//ruby-3.1.5-143.module+el8.10.0+90344+fc5884b3.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-abrt-0.4.0-1.module+el8.9.0+90182+7bdfc9e5.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-mysql2-0.5.3-3.module+el8.9.0+90182+7bdfc9e5.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-pg-1.3.2-1.module+el8.9.0+90182+7bdfc9e5.src.rpm

x86_64

ruby-3.1.5-143.module+el8.10.0+90344+fc5884b3.i686.rpm ruby-3.1.5-143.module+el8.10.0+90344+fc5884b3.x86_64.rpm ruby-bundled-gems-3.1.5-143.module+el8.10.0+90344+fc5884b3.i686.rpm ruby-bundled-gems-3.1.5-143.module+el8.10.0+90344+fc5884b3.x86_64.rpm ruby-default-gems-3.1.5-143.module+el8.10.0+90344+fc5884b3.noarch.rpm ruby-devel-3.1.5-143.module+el8.10.0+90344+fc5884b3.i686.rpm ruby-devel-3.1.5-143.module+el8.10.0+90344+fc5884b3.x86_64.rpm ruby-doc-3.1.5-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.9.0+90182+7bdfc9e5.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.9.0+90182+7bdfc9e5.noarch.rpm rubygem-bigdecimal-3.1.1-143.module+el8.10.0+90344+fc5884b3.i686.rpm rubygem-bigdecimal-3.1.1-143.module+el8.10.0+90344+fc5884b3.x86_64.rpm rubygem-bundler-2.3.27-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygem-io-console-0.5.11-143.module+el8.10.0+90344+fc5884b3.i686.rpm rubygem-io-console-0.5.11-143.module+el8.10.0+90344+fc5884b3.x86_64.rpm rubygem-irb-1...

Read the Full Advisory

aarch64

ruby-3.1.5-143.module+el8.10.0+90344+fc5884b3.aarch64.rpm ruby-bundled-gems-3.1.5-143.module+el8.10.0+90344+fc5884b3.aarch64.rpm ruby-default-gems-3.1.5-143.module+el8.10.0+90344+fc5884b3.noarch.rpm ruby-devel-3.1.5-143.module+el8.10.0+90344+fc5884b3.aarch64.rpm ruby-doc-3.1.5-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.9.0+90182+7bdfc9e5.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.9.0+90182+7bdfc9e5.noarch.rpm rubygem-bigdecimal-3.1.1-143.module+el8.10.0+90344+fc5884b3.aarch64.rpm rubygem-bundler-2.3.27-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygem-io-console-0.5.11-143.module+el8.10.0+90344+fc5884b3.aarch64.rpm rubygem-irb-1.4.1-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygem-json-2.6.1-143.module+el8.10.0+90344+fc5884b3.aarch64.rpm rubygem-minitest-5.15.0-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygem-mysql2-0.5.3-3.module+el8.9.0+90182+7bdfc9e5.aarch64.rpm rubygem-mysql2-doc-0.5.3-3.module+el8.9.0+90182+7bdfc9e5.noarch.rpm rubygem-pg-1.3.2-1.module+el8.9.0+90182+7bdfc9e5.aarch64.rpm rubygem-pg-doc-1.3.2-1.module+el8.9.0+90182+7bdfc9e5.noarch.rpm rubygem-power_assert-2.0.1-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygem-psych-4.0.4-143.module+el8.10.0+90344+fc5884b3.aarch64.rpm rubygem-rake-13.0.6-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygem-rbs-2.7.0-143.module+el8.10.0+90344+fc5884b3.aarch64.rpm rubygem-rdoc-6.4.1.1-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygem-rexml-3.2.5-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygem-rss-0.2.9-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygems-3.3.27-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygems-devel-3.3.27-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygem-test-unit-3.5.3-143.module+el8.10.0+90344+fc5884b3.noarch.rpm rubygem-typeprof-0.21.3-143.module+el8.10.0+90344+fc5884b3.noarch.rpm ruby-libs-3.1.5-143.module+el8.10.0+90344+fc5884b3.aarch64.rpm

Related CVEs: CVE-2024-27280 CVE-2024-27281 CVE-2024-27282

Topics%20covered

Topics Covered

security advisory moderate software update remote code execution ruby Oracle buffer overread

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here