Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 734
Alerts This Week
Warning Icon 1 734

Oracle Linux 9 Ruby Important Command Injection DoS Fix ELSA-2026-33577

oracle
Calendar Grey July 7, 2026
Oracle Linux Logo Esm H88
Updated Oracle Linux 9 Ruby packages resolve important security flaws, including command injection and denial of service.
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

ruby [4.0.3-33] - Fix Net::IMAP ResponseReader quadratic complexity vulnerability. (CVE-2026-42245) Resolves: RHEL-181690 - Fix Net::IMAP STARTTLS stripping vulnerability. (CVE-2026-42246) Resolves: RHEL-181771 - Fix Net::IMAP command injection vulnerability via unvalidated Symbol arguments. (CVE-2026-42258) Resolves: RHEL-181803 [4.0.3-32] - Upgrade to Ruby 4.0.3. Resolves: RHEL-171933 - Fix ERB: Arbitrary code execution via deserialization bypass (CVE-2026-41316) Resolves: RHEL-171258 - Fix JSON: Denial of Service or Information Disclosure via format string injection (CVE-2026-33210) Resolves: RHEL-173458 rubygem-mysql2 [0.5.7-1] - Upgrade to mysql2 0.5.7. Related: RHEL-142278 rubygem-pg [1.6.3-1] - Upgrade to pg 1.6.3 Related: RHEL-142278

SRPMs

http://oss.oracle.com/ol9/SRPMS-updates/ruby-4.0.3-33.module+el9.8.0+90938+383082f5.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/rubygem-mysql2-0.5.7-1.module+el9.8.0+90938+383082f5.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/rubygem-pg-1.6.3-1.module+el9.8.0+90938+383082f5.src.rpm

x86_64

ruby-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm ruby-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm ruby-bundled-gems-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm ruby-bundled-gems-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm ruby-default-gems-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm ruby-devel-4.0.3-33.module+el9.8.0+90938+383082f5.i686.rpm ruby-devel-4.0.3-33.module+el9.8.0+90938+383082f5.x86_64.rpm ruby-doc-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-bigdecimal-4.0.1-33.module+el9.8.0+90938+383082f5.i686.rpm rubygem-bigdecimal-4.0.1-33.module+el9.8.0+90938+383082f5.x86_64.rpm rubygem-bundler-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-io-console-0.8.2-33.module+el9.8.0+90938+383082f5.i686.rpm rubygem-io-console-0.8.2-33.module+el9.8.0+90938+383082f5.x86_64.rpm rubygem-irb-1.16.0-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-json-2.18.0-33.module+el9.8.0+90938+383082f5.i686.rpm rubygem-json-2.18.0-33.module+el9.8.0+90938+3...

Read the Full Advisory

aarch64

ruby-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm ruby-bundled-gems-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm ruby-default-gems-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm ruby-devel-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm ruby-doc-4.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-bigdecimal-4.0.1-33.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-bundler-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-io-console-0.8.2-33.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-irb-1.16.0-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-json-2.18.0-33.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-minitest-6.0.0-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-mysql2-0.5.7-1.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-mysql2-doc-0.5.7-1.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-pg-1.6.3-1.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-pg-doc-1.6.3-1.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-power_assert-3.0.1-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-psych-5.3.1-33.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-racc-1.8.1-33.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-rake-13.3.1-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-rbs-3.10.0-33.module+el9.8.0+90938+383082f5.aarch64.rpm rubygem-rdoc-7.0.3-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-rexml-3.4.4-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-rss-0.3.2-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygems-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygems-devel-4.0.6-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-test-unit-3.7.5-33.module+el9.8.0+90938+383082f5.noarch.rpm rubygem-typeprof-0.31.1-33.module+el9.8.0+90938+383082f5.noarch.rpm ruby-libs-4.0.3-33.module+el9.8.0+90938+383082f5.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2026-42245 CVE-2026-42246 CVE-2026-42258

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.