Oracle Linux 8 ELSA-2024-3670 Moderate: Ruby Security Issues Fixed

oracle

June 11, 2024

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

ruby [3.3.1-2] - Upgrade to Ruby 3.3.1. Resolves: RHEL-37446 - Fix buffer overread vulnerability in StringIO. (CVE-2024-27280) Resolves: RHEL-37448 - Fix RCE vulnerability with .rdoc_options in RDoc. (CVE-2024-27281) Resolves: RHEL-37449 - Fix Arbitrary memory address read vulnerability with Regex search. (CVE-2024-27282) Resolves: RHEL-37447 rubygem-abrt rubygem-mysql2 [0.5.5-1] - Upgrade to mysql2 0.5.5. Related: RHEL-17090 rubygem-pg [1.5.4-1] - Upgrade to pg 1.5.4. Related: RHEL-17090 [1.3.2-1] - Update to pg 1.3.2 by merging Fedora rawhide branch (commit: 39bbd1b) Resolves: rhbz#2063772

Topics Covered

security advisory moderate ruby Oracle Linux RCE buffer overread arbitrary read

SRPMs

Warning: Undefined array key "references" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3200287_8ef039c68d1d756f705e7dee9ba3d15b on line 11

http://oss.oracle.com/ol8/SRPMS-updates//ruby-3.3.1-2.module+el8.10.0+90349+dd8a48dc.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.src.rpm

x86_64

ruby-3.3.1-2.module+el8.10.0+90349+dd8a48dc.i686.rpm ruby-3.3.1-2.module+el8.10.0+90349+dd8a48dc.x86_64.rpm ruby-bundled-gems-3.3.1-2.module+el8.10.0+90349+dd8a48dc.i686.rpm ruby-bundled-gems-3.3.1-2.module+el8.10.0+90349+dd8a48dc.x86_64.rpm ruby-default-gems-3.3.1-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm ruby-devel-3.3.1-2.module+el8.10.0+90349+dd8a48dc.i686.rpm ruby-devel-3.3.1-2.module+el8.10.0+90349+dd8a48dc.x86_64.rpm ruby-doc-3.3.1-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-bigdecimal-3.1.5-2.module+el8.10.0+90349+dd8a48dc.i686.rpm rubygem-bigdecimal-3.1.5-2.module+el8.10.0+90349+dd8a48dc.x86_64.rpm rubygem-bundler-2.5.9-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygem-io-console-0.7.1-2.module+el8.10.0+90349+dd8a48dc.i686.rpm rubygem-io-console-0.7.1-2.module+el8.10.0+90349+dd8a48dc.x86_64.rpm rubygem-irb-1.11.0-2.module+el8.10.0+903...

Read the Full Advisory

aarch64

ruby-3.3.1-2.module+el8.10.0+90349+dd8a48dc.aarch64.rpm ruby-bundled-gems-3.3.1-2.module+el8.10.0+90349+dd8a48dc.aarch64.rpm ruby-default-gems-3.3.1-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm ruby-devel-3.3.1-2.module+el8.10.0+90349+dd8a48dc.aarch64.rpm ruby-doc-3.3.1-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-bigdecimal-3.1.5-2.module+el8.10.0+90349+dd8a48dc.aarch64.rpm rubygem-bundler-2.5.9-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygem-io-console-0.7.1-2.module+el8.10.0+90349+dd8a48dc.aarch64.rpm rubygem-irb-1.11.0-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygem-json-2.7.1-2.module+el8.10.0+90349+dd8a48dc.aarch64.rpm rubygem-minitest-5.20.0-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.aarch64.rpm rubygem-mysql2-doc-0.5.5-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.aarch64.rpm rubygem-pg-doc-1.5.4-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-power_assert-2.0.3-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygem-psych-5.1.2-2.module+el8.10.0+90349+dd8a48dc.aarch64.rpm rubygem-racc-1.7.3-2.module+el8.10.0+90349+dd8a48dc.aarch64.rpm rubygem-rake-13.1.0-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygem-rbs-3.4.0-2.module+el8.10.0+90349+dd8a48dc.aarch64.rpm rubygem-rdoc-6.6.3.1-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygem-rexml-3.2.6-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygem-rss-0.3.0-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygems-3.5.9-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygems-devel-3.5.9-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygem-test-unit-3.6.1-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm rubygem-typeprof-0.21.9-2.module+el8.10.0+90349+dd8a48dc.noarch.rpm ruby-libs-3.3.1-2.module+el8.10.0+90349+dd8a48dc.aarch64.rpm

Related CVEs: CVE-2024-27280 CVE-2024-27281 CVE-2024-27282

Topics Covered

security advisory moderate ruby Oracle Linux RCE buffer overread arbitrary read

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Oracle Linux 8 ELSA-2024-3670 Moderate: Ruby Security Issues Fixed

Summary

Topics Covered

SRPMs

x86_64

aarch64

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Oracle Linux 8 ELSA-2024-3670 Moderate: Ruby Security Issues Fixed

Summary

Topics Covered

SRPMs

x86_64

aarch64

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!