Alerts This Week
Warning Icon 1 500
Alerts This Week
Warning Icon 1 500

Oracle Linux 8 ELSA-2025-4063 moderate: ruby DoS vulnerability

oracle
Calendar Grey April 25, 2025
Oracle Linux Logo Esm H88
Recent enhancements to Ruby packages for Oracle Linux 8 tackle moderate risk Denial of Service vulnerabilities. Safeguard your system through prompt updates.
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

ruby [3.1.7-145] - Upgrade to Ruby 3.1.7. Resolves: RHEL-55408 - Fix DoS vulnerability in REXML. (CVE-2024-39908) Resolves: RHEL-57051 - Fix DoS vulnerability in REXML. (CVE-2024-43398) Resolves: RHEL-56002 [3.1.5-144] - Fix REXML ReDoS vulnerability. (CVE-2024-49761) Resolves: RHEL-68520 [3.1.5-143] - Upgrade to Ruby 3.1.5. Resolves: RHEL-35748 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35749 - Fix RCE vulnerability with .rdoc_options in RDoc. Resolves: RHEL-35750 - Fix arbitrary memory address read vulnerability with Regex search. Resolves: RHEL-35751 [3.1.4-142] - Upgrade to Ruby 3.1.4. Resolves: RHEL-5584 - Fix HTTP response splitting in CGI. Resolves: CVE-2021-33621 - Fix ReDos vulnerability in URI. Resolves: CVE-2023-28755 Resolves: CVE-2023-36617 - Fix ReDos vulnerability in Time. Resolves: CVE-2023-28756 - Make RDoc soft dependency in IRB. Resolves: RHEL-5615 [3.1.2-141] - Upgrade to Ruby 3.1.2. Resolves: rhbz#2063772 ...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory DoS issue software update moderate severity ruby package Oracle Linux

SRPMs

http://oss.oracle.com/ol8/SRPMS-updates//ruby-3.1.7-145.module+el8.10.0+90550+7d8a4a30.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-abrt-0.4.0-1.module+el8.7.0+20780+b11ff321.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-mysql2-0.5.3-2.module+el8.7.0+20780+b11ff321.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-pg-1.3.2-1.module+el8.7.0+20780+b11ff321.src.rpm

x86_64

ruby-3.1.7-145.module+el8.10.0+90550+7d8a4a30.i686.rpm ruby-3.1.7-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm ruby-bundled-gems-3.1.7-145.module+el8.10.0+90550+7d8a4a30.i686.rpm ruby-bundled-gems-3.1.7-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm ruby-default-gems-3.1.7-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm ruby-devel-3.1.7-145.module+el8.10.0+90550+7d8a4a30.i686.rpm ruby-devel-3.1.7-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm ruby-doc-3.1.7-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.7.0+20780+b11ff321.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.7.0+20780+b11ff321.noarch.rpm rubygem-bigdecimal-3.1.1-145.module+el8.10.0+90550+7d8a4a30.i686.rpm rubygem-bigdecimal-3.1.1-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm rubygem-bundler-2.3.27-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygem-io-console-0.5.11-145.module+el8.10.0+90550+7d8a4a30.i686.rpm rubygem-io-console-0.5.11-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm rubygem-irb-1...

Read the Full Advisory

aarch64

ruby-3.1.7-145.module+el8.10.0+90550+7d8a4a30.aarch64.rpm ruby-bundled-gems-3.1.7-145.module+el8.10.0+90550+7d8a4a30.aarch64.rpm ruby-default-gems-3.1.7-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm ruby-devel-3.1.7-145.module+el8.10.0+90550+7d8a4a30.aarch64.rpm ruby-doc-3.1.7-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.7.0+20780+b11ff321.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.7.0+20780+b11ff321.noarch.rpm rubygem-bigdecimal-3.1.1-145.module+el8.10.0+90550+7d8a4a30.aarch64.rpm rubygem-bundler-2.3.27-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygem-io-console-0.5.11-145.module+el8.10.0+90550+7d8a4a30.aarch64.rpm rubygem-irb-1.4.1-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygem-json-2.6.1-145.module+el8.10.0+90550+7d8a4a30.aarch64.rpm rubygem-minitest-5.15.0-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygem-mysql2-0.5.3-2.module+el8.7.0+20780+b11ff321.aarch64.rpm rubygem-mysql2-doc-0.5.3-2.module+el8.7.0+20780+b11ff321.noarch.rpm rubygem-pg-1.3.2-1.module+el8.7.0+20780+b11ff321.aarch64.rpm rubygem-pg-doc-1.3.2-1.module+el8.7.0+20780+b11ff321.noarch.rpm rubygem-power_assert-2.0.1-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygem-psych-4.0.4-145.module+el8.10.0+90550+7d8a4a30.aarch64.rpm rubygem-rake-13.0.6-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygem-rbs-2.7.0-145.module+el8.10.0+90550+7d8a4a30.aarch64.rpm rubygem-rdoc-6.4.1.1-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygem-rexml-3.3.9-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygem-rss-0.3.1-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygems-3.3.27-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygems-devel-3.3.27-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygem-test-unit-3.5.3-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm rubygem-typeprof-0.21.3-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm ruby-libs-3.1.7-145.module+el8.10.0+90550+7d8a4a30.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2024-39908 CVE-2024-41123 CVE-2024-41946 CVE-2024-43398 CVE-2025-27219 CVE-2025-27220 CVE-2025-27221

Topics%20covered

Topics Covered

security advisory DoS issue software update moderate severity ruby package Oracle Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here