Stay Vigilant with Timely Linux Security Advisories

Loading...

security advisorymoderatesecurity update

Red Hat 7 RHSA-2020:5275 Moderate: rh-php73-php Security Update

An update for rh-php73-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: rh-php73-php security, bug fix, and enhancement update Advisory ID: RHSA-2020:5275-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2020:5275 Issue date: 2020-12-01 CVE Names: CVE-2019-11045 CVE-2019-11047 CVE-2019-11048 CVE-2019-11050 CVE-2019-19203 CVE-2019-19204 CVE-2019-19246 CVE-2020-7059 CVE-2020-7060 CVE-2020-7062 CVE-2020-7063 CVE-2020-7064 CVE-2020-7065 CVE-2020-7066 ==================================================================== 1. Summary: An update for rh-php73-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php73-php (7.3.20).(BZ#1853211) Security Fix(es): * php: DirectoryIterator class accepts filenames with embedded byte and treats them as terminating at that byte (CVE-2019-11045) * php: Information disclosure in exif_read_data() (CVE-2019-11047) * php: Integer wraparounds when receiving multipart forms (CVE-2019-11048) * oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c (CVE-2019-19203) * oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c (CVE-2019-19204) * php: Out of bounds read in php_strip_tags_ex (CVE-2020-7059) * php: Global buffer-overflow in mbfl_filt_conv_big5_wchar function (CVE-2020-7060) * php: NULL pointer dereference in PHP session upload progress (CVE-2020-7062) * php: Files added to tar with Phar::buildFromIterator have all-access permissions (CVE-2020-7063) * php: Information disclosure in exif_read_data() function (CVE-2020-7064) * php: Using mb_strtolower() function with UTF-32LE encoding leads to potential code execution (CVE-2020-7065) * php: Out of bounds read when parsing EXIF information (CVE-2019-11050) * oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c (CVE-2019-19246) * php: Information disclosure in function get_headers (CVE-2020-7066) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Software Collections 3.6 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1777537 - CVE-2019-19246 oniguruma: Heap-based buffer overflow in str_lower_case_match inregexec.c 1786570 - CVE-2019-11047 php: Information disclosure in exif_read_data() 1786572 - CVE-2019-11045 php: DirectoryIterator class accepts filenames with embedded byte and treats them as terminating at that byte 1788258 - CVE-2019-11050 php: Out of bounds read when parsing EXIF information 1797776 - CVE-2020-7059 php: Out of bounds read in php_strip_tags_ex 1797779 - CVE-2020-7060 php: Global buffer-overflow in mbfl_filt_conv_big5_wchar function 1802061 - CVE-2019-19203 oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c 1802068 - CVE-2019-19204 oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c 1808532 - CVE-2020-7062 php: NULL pointer dereference in PHP session upload progress 1808536 - CVE-2020-7063 php: Files added to tar with Phar::buildFromIterator have all-access permissions 1820601 - CVE-2020-7064 php: Information disclosure in exif_read_data() function 1820604 - CVE-2020-7066 php: Information disclosure in function get_headers1820627 - CVE-2020-7065 php: Using mb_strtolower() function with UTF-32LE encoding leads to potential code execution 1837842 - CVE-2019-11048 php: Integer wraparounds when receiving multipart forms 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-php73-php-7.3.20-1.el7.src.rpm aarch64: rh-php73-php-7.3.20-1.el7.aarch64.rpm rh-php73-php-bcmath-7.3.20-1.el7.aarch64.rpm rh-php73-php-cli-7.3.20-1.el7.aarch64.rpm rh-php73-php-common-7.3.20-1.el7.aarch64.rpm rh-php73-php-dba-7.3.20-1.el7.aarch64.rpm rh-php73-php-dbg-7.3.20-1.el7.aarch64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.aarch64.rpm rh-php73-php-devel-7.3.20-1.el7.aarch64.rpm rh-php73-php-embedded-7.3.20-1.el7.aarch64.rpm rh-php73-php-enchant-7.3.20-1.el7.aarch64.rpm rh-php73-php-fpm-7.3.20-1.el7.aarch64.rpm rh-php73-php-gd-7.3.20-1.el7.aarch64.rpm rh-php73-php-gmp-7.3.20-1.el7.aarch64.rpm rh-php73-php-intl-7.3.20-1.el7.aarch64.rpm rh-php73-php-json-7.3.20-1.el7.aarch64.rpm rh-php73-php-ldap-7.3.20-1.el7.aarch64.rpm rh-php73-php-mbstring-7.3.20-1.el7.aarch64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.aarch64.rpm rh-php73-php-odbc-7.3.20-1.el7.aarch64.rpm rh-php73-php-opcache-7.3.20-1.el7.aarch64.rpm rh-php73-php-pdo-7.3.20-1.el7.aarch64.rpm rh-php73-php-pgsql-7.3.20-1.el7.aarch64.rpm rh-php73-php-process-7.3.20-1.el7.aarch64.rpm rh-php73-php-pspell-7.3.20-1.el7.aarch64.rpm rh-php73-php-recode-7.3.20-1.el7.aarch64.rpm rh-php73-php-snmp-7.3.20-1.el7.aarch64.rpm rh-php73-php-soap-7.3.20-1.el7.aarch64.rpm rh-php73-php-xml-7.3.20-1.el7.aarch64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.aarch64.rpm rh-php73-php-zip-7.3.20-1.el7.aarch64.rpm ppc64le: rh-php73-php-7.3.20-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm rh-php73-php-common-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm rh-php73-php-json-7.3.20-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm rh-php73-php-process-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm s390x: rh-php73-php-7.3.20-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm rh-php73-php-cli-7.3.20-1.el7.s390x.rpm rh-php73-php-common-7.3.20-1.el7.s390x.rpm rh-php73-php-dba-7.3.20-1.el7.s390x.rpm rh-php73-php-dbg-7.3.20-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm rh-php73-php-devel-7.3.20-1.el7.s390x.rpm rh-php73-php-embedded-7.3.20-1.el7.s390x.rpm rh-php73-php-enchant-7.3.20-1.el7.s390x.rpm rh-php73-php-fpm-7.3.20-1.el7.s390x.rpm rh-php73-php-gd-7.3.20-1.el7.s390x.rpm rh-php73-php-gmp-7.3.20-1.el7.s390x.rpm rh-php73-php-intl-7.3.20-1.el7.s390x.rpm rh-php73-php-json-7.3.20-1.el7.s390x.rpm rh-php73-php-ldap-7.3.20-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm rh-php73-php-odbc-7.3.20-1.el7.s390x.rpm rh-php73-php-opcache-7.3.20-1.el7.s390x.rpm rh-php73-php-pdo-7.3.20-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm rh-php73-php-process-7.3.20-1.el7.s390x.rpm rh-php73-php-pspell-7.3.20-1.el7.s390x.rpm rh-php73-php-recode-7.3.20-1.el7.s390x.rpm rh-php73-php-snmp-7.3.20-1.el7.s390x.rpm rh-php73-php-soap-7.3.20-1.el7.s390x.rpm rh-php73-php-xml-7.3.20-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm rh-php73-php-zip-7.3.20-1.el7.s390x.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-php73-php-7.3.20-1.el7.src.rpm aarch64: rh-php73-php-7.3.20-1.el7.aarch64.rpm rh-php73-php-bcmath-7.3.20-1.el7.aarch64.rpm rh-php73-php-cli-7.3.20-1.el7.aarch64.rpm rh-php73-php-common-7.3.20-1.el7.aarch64.rpm rh-php73-php-dba-7.3.20-1.el7.aarch64.rpm rh-php73-php-dbg-7.3.20-1.el7.aarch64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.aarch64.rpm rh-php73-php-devel-7.3.20-1.el7.aarch64.rpm rh-php73-php-embedded-7.3.20-1.el7.aarch64.rpm rh-php73-php-enchant-7.3.20-1.el7.aarch64.rpm rh-php73-php-fpm-7.3.20-1.el7.aarch64.rpm rh-php73-php-gd-7.3.20-1.el7.aarch64.rpm rh-php73-php-gmp-7.3.20-1.el7.aarch64.rpm rh-php73-php-intl-7.3.20-1.el7.aarch64.rpm rh-php73-php-json-7.3.20-1.el7.aarch64.rpm rh-php73-php-ldap-7.3.20-1.el7.aarch64.rpm rh-php73-php-mbstring-7.3.20-1.el7.aarch64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.aarch64.rpm rh-php73-php-odbc-7.3.20-1.el7.aarch64.rpm rh-php73-php-opcache-7.3.20-1.el7.aarch64.rpm rh-php73-php-pdo-7.3.20-1.el7.aarch64.rpm rh-php73-php-pgsql-7.3.20-1.el7.aarch64.rpm rh-php73-php-process-7.3.20-1.el7.aarch64.rpm rh-php73-php-pspell-7.3.20-1.el7.aarch64.rpm rh-php73-php-recode-7.3.20-1.el7.aarch64.rpm rh-php73-php-snmp-7.3.20-1.el7.aarch64.rpm rh-php73-php-soap-7.3.20-1.el7.aarch64.rpm rh-php73-php-xml-7.3.20-1.el7.aarch64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.aarch64.rpm rh-php73-php-zip-7.3.20-1.el7.aarch64.rpm ppc64le: rh-php73-php-7.3.20-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm rh-php73-php-common-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm rh-php73-php-json-7.3.20-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm rh-php73-php-process-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm s390x: rh-php73-php-7.3.20-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm rh-php73-php-cli-7.3.20-1.el7.s390x.rpm rh-php73-php-common-7.3.20-1.el7.s390x.rpm rh-php73-php-dba-7.3.20-1.el7.s390x.rpm rh-php73-php-dbg-7.3.20-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm rh-php73-php-devel-7.3.20-1.el7.s390x.rpm rh-php73-php-embedded-7.3.20-1.el7.s390x.rpm rh-php73-php-enchant-7.3.20-1.el7.s390x.rpm rh-php73-php-fpm-7.3.20-1.el7.s390x.rpm rh-php73-php-gd-7.3.20-1.el7.s390x.rpm rh-php73-php-gmp-7.3.20-1.el7.s390x.rpm rh-php73-php-intl-7.3.20-1.el7.s390x.rpm rh-php73-php-json-7.3.20-1.el7.s390x.rpm rh-php73-php-ldap-7.3.20-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm rh-php73-php-odbc-7.3.20-1.el7.s390x.rpm rh-php73-php-opcache-7.3.20-1.el7.s390x.rpm rh-php73-php-pdo-7.3.20-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm rh-php73-php-process-7.3.20-1.el7.s390x.rpm rh-php73-php-pspell-7.3.20-1.el7.s390x.rpm rh-php73-php-recode-7.3.20-1.el7.s390x.rpm rh-php73-php-snmp-7.3.20-1.el7.s390x.rpm rh-php73-php-soap-7.3.20-1.el7.s390x.rpm rh-php73-php-xml-7.3.20-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm rh-php73-php-zip-7.3.20-1.el7.s390x.rpm x86_64: rh-php73-php-7.3.20-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm rh-php73-php-cli-7.3.20-1.el7.x86_64.rpm rh-php73-php-common-7.3.20-1.el7.x86_64.rpm rh-php73-php-dba-7.3.20-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm rh-php73-php-devel-7.3.20-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm rh-php73-php-gd-7.3.20-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-intl-7.3.20-1.el7.x86_64.rpm rh-php73-php-json-7.3.20-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm rh-php73-php-process-7.3.20-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm rh-php73-php-recode-7.3.20-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-soap-7.3.20-1.el7.x86_64.rpm rh-php73-php-xml-7.3.20-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm rh-php73-php-zip-7.3.20-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.6): Source: rh-php73-php-7.3.20-1.el7.src.rpm ppc64le: rh-php73-php-7.3.20-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm rh-php73-php-common-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm rh-php73-php-json-7.3.20-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm rh-php73-php-process-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm s390x: rh-php73-php-7.3.20-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm rh-php73-php-cli-7.3.20-1.el7.s390x.rpm rh-php73-php-common-7.3.20-1.el7.s390x.rpm rh-php73-php-dba-7.3.20-1.el7.s390x.rpm rh-php73-php-dbg-7.3.20-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm rh-php73-php-devel-7.3.20-1.el7.s390x.rpm rh-php73-php-embedded-7.3.20-1.el7.s390x.rpm rh-php73-php-enchant-7.3.20-1.el7.s390x.rpm rh-php73-php-fpm-7.3.20-1.el7.s390x.rpm rh-php73-php-gd-7.3.20-1.el7.s390x.rpm rh-php73-php-gmp-7.3.20-1.el7.s390x.rpm rh-php73-php-intl-7.3.20-1.el7.s390x.rpm rh-php73-php-json-7.3.20-1.el7.s390x.rpm rh-php73-php-ldap-7.3.20-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm rh-php73-php-odbc-7.3.20-1.el7.s390x.rpm rh-php73-php-opcache-7.3.20-1.el7.s390x.rpm rh-php73-php-pdo-7.3.20-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm rh-php73-php-process-7.3.20-1.el7.s390x.rpm rh-php73-php-pspell-7.3.20-1.el7.s390x.rpm rh-php73-php-recode-7.3.20-1.el7.s390x.rpm rh-php73-php-snmp-7.3.20-1.el7.s390x.rpm rh-php73-php-soap-7.3.20-1.el7.s390x.rpm rh-php73-php-xml-7.3.20-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm rh-php73-php-zip-7.3.20-1.el7.s390x.rpm x86_64: rh-php73-php-7.3.20-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm rh-php73-php-cli-7.3.20-1.el7.x86_64.rpm rh-php73-php-common-7.3.20-1.el7.x86_64.rpm rh-php73-php-dba-7.3.20-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm rh-php73-php-devel-7.3.20-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm rh-php73-php-gd-7.3.20-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-intl-7.3.20-1.el7.x86_64.rpm rh-php73-php-json-7.3.20-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm rh-php73-php-process-7.3.20-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm rh-php73-php-recode-7.3.20-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-soap-7.3.20-1.el7.x86_64.rpm rh-php73-php-xml-7.3.20-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm rh-php73-php-zip-7.3.20-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.7): Source: rh-php73-php-7.3.20-1.el7.src.rpm ppc64le: rh-php73-php-7.3.20-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm rh-php73-php-common-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm rh-php73-php-json-7.3.20-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm rh-php73-php-process-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm s390x: rh-php73-php-7.3.20-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm rh-php73-php-cli-7.3.20-1.el7.s390x.rpm rh-php73-php-common-7.3.20-1.el7.s390x.rpm rh-php73-php-dba-7.3.20-1.el7.s390x.rpm rh-php73-php-dbg-7.3.20-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm rh-php73-php-devel-7.3.20-1.el7.s390x.rpm rh-php73-php-embedded-7.3.20-1.el7.s390x.rpm rh-php73-php-enchant-7.3.20-1.el7.s390x.rpm rh-php73-php-fpm-7.3.20-1.el7.s390x.rpm rh-php73-php-gd-7.3.20-1.el7.s390x.rpm rh-php73-php-gmp-7.3.20-1.el7.s390x.rpm rh-php73-php-intl-7.3.20-1.el7.s390x.rpm rh-php73-php-json-7.3.20-1.el7.s390x.rpm rh-php73-php-ldap-7.3.20-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm rh-php73-php-odbc-7.3.20-1.el7.s390x.rpm rh-php73-php-opcache-7.3.20-1.el7.s390x.rpm rh-php73-php-pdo-7.3.20-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm rh-php73-php-process-7.3.20-1.el7.s390x.rpm rh-php73-php-pspell-7.3.20-1.el7.s390x.rpm rh-php73-php-recode-7.3.20-1.el7.s390x.rpm rh-php73-php-snmp-7.3.20-1.el7.s390x.rpm rh-php73-php-soap-7.3.20-1.el7.s390x.rpm rh-php73-php-xml-7.3.20-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm rh-php73-php-zip-7.3.20-1.el7.s390x.rpm x86_64: rh-php73-php-7.3.20-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm rh-php73-php-cli-7.3.20-1.el7.x86_64.rpm rh-php73-php-common-7.3.20-1.el7.x86_64.rpm rh-php73-php-dba-7.3.20-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm rh-php73-php-devel-7.3.20-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm rh-php73-php-gd-7.3.20-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-intl-7.3.20-1.el7.x86_64.rpm rh-php73-php-json-7.3.20-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm rh-php73-php-process-7.3.20-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm rh-php73-php-recode-7.3.20-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-soap-7.3.20-1.el7.x86_64.rpm rh-php73-php-xml-7.3.20-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm rh-php73-php-zip-7.3.20-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v.7): Source: rh-php73-php-7.3.20-1.el7.src.rpm x86_64: rh-php73-php-7.3.20-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm rh-php73-php-cli-7.3.20-1.el7.x86_64.rpm rh-php73-php-common-7.3.20-1.el7.x86_64.rpm rh-php73-php-dba-7.3.20-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm rh-php73-php-devel-7.3.20-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm rh-php73-php-gd-7.3.20-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-intl-7.3.20-1.el7.x86_64.rpm rh-php73-php-json-7.3.20-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm rh-php73-php-process-7.3.20-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm rh-php73-php-recode-7.3.20-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-soap-7.3.20-1.el7.x86_64.rpm rh-php73-php-xml-7.3.20-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm rh-php73-php-zip-7.3.20-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2019-11045 https://access.redhat.com/security/cve/CVE-2019-11047 https://access.redhat.com/security/cve/CVE-2019-11048 https://access.redhat.com/security/cve/CVE-2019-11050 https://access.redhat.com/security/cve/CVE-2019-19203 https://access.redhat.com/security/cve/CVE-2019-19204 https://access.redhat.com/security/cve/CVE-2019-19246 https://access.redhat.com/security/cve/CVE-2020-7059 https://access.redhat.com/security/cve/CVE-2020-7060 https://access.redhat.com/security/cve/CVE-2020-7062 https://access.redhat.com/security/cve/CVE-2020-7063 https://access.redhat.com/security/cve/CVE-2020-7064 https://access.redhat.com/security/cve/CVE-2020-7065 https://access.redhat.com/security/cve/CVE-2020-7066 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_software_collections/3/html/3.6_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX8Y0i9zjgjWX9erEAQg0Fw/8DpkMHPAzp4Tb6ym275eMnlcICweGyFtw becOAQt6d3zo6+1fQ7TvsDhciqoSppofF1z4i1HKRZlvsrkzmPkzXfBh0Z1M99YQ KUsvTcbQ9fd5AzHzkVIQ1NL9Qvhl8We0DL/WEiz6ob3yczwgZAz7yVq+dl7IkfoI 6G/lbIT0g5C9OPpma+KPw2mB1fiaGnPp5+i3o1srMYOcqqd8oWDWOQZJVB1TlkEH rcPfqKdlrwIl2gu9LlGw8leNS0392lsd8UOaVt8rjsW5wdPAZno8rCFp+TMXymJ0 D1FlsrWwsc89QPgeJd13cc487nJnIos8bRxTDsJL/pQdyhIYNLGA7dA20YdMElDh viPblEXhfwRMHeSgTUUTU4dvNk6DiGQWigiNh2973EgYDTxA2AGvLo2ygfFXCVGi EWcECya+Cz+G0/IaJPE1ohnVqdfdrDVncOFNmfdQ6QvDZaoZyqi37UubtA+JB1qC 5f1j9vtfWTMRpkCqmF/94WQ81h2401lqHz6yWlbn2DOALN/R8Cso5mLwwd/9cWLo RwIpTvHOFY++tzoh8Mn9WDaMNkPkf39n30BDtKQA4XG53vo3/RZHmpkmwxy4UVgB gGP537Uy95zumCJMFRsKvkqTg62O6AEOneydtZT/yYGiF9uhHBboTorij+aD7LN4 0afoNZ3Sfdc=AaB8 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . The notification from Red Hat regarding rh-php73-php highlights an update of moderate severity,focusing on rectifying security vulnerabilities and correcting software bugs.. Red Hat Software Collections,rh-php73-php,security updates,medium severity,bug fixes. . LinuxSecurity.com Team

Dec 01, 2020 Red Hat

security advisorysecurity issueRed Hat

Red Hat: RHSA-2019-1151-01 Important: rh-ruby23-ruby Arbitrary Code Threat

An update for rh-ruby23-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-ruby23-ruby security update Advisory ID: RHSA-2019:1151-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2019:1151 Issue date: 2019-05-13 CVE Names: CVE-2019-8324 ==================================================================== 1. Summary: An update for rh-ruby23-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix(es): * rubygems: Installing a malicious gem may lead to arbitrary codeexecution (CVE-2019-8324) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1692520 - CVE-2019-8324 rubygems: Installing a malicious gem may lead to arbitrary code execution 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-ruby23-ruby-2.3.8-70.el6.src.rpm noarch: rh-ruby23-ruby-doc-2.3.8-70.el6.noarch.rpm rh-ruby23-ruby-irb-2.3.8-70.el6.noarch.rpm rh-ruby23-rubygem-minitest-5.8.5-70.el6.noarch.rpm rh-ruby23-rubygem-power_assert-0.2.6-70.el6.noarch.rpm rh-ruby23-rubygem-rake-10.4.2-70.el6.noarch.rpm rh-ruby23-rubygem-rdoc-4.2.1-70.el6.noarch.rpm rh-ruby23-rubygem-test-unit-3.1.5-70.el6.noarch.rpm rh-ruby23-rubygems-2.5.2.3-70.el6.noarch.rpm rh-ruby23-rubygems-devel-2.5.2.3-70.el6.noarch.rpm x86_64: rh-ruby23-ruby-2.3.8-70.el6.x86_64.rpm rh-ruby23-ruby-debuginfo-2.3.8-70.el6.x86_64.rpm rh-ruby23-ruby-devel-2.3.8-70.el6.x86_64.rpm rh-ruby23-ruby-libs-2.3.8-70.el6.x86_64.rpm rh-ruby23-ruby-tcltk-2.3.8-70.el6.x86_64.rpm rh-ruby23-rubygem-bigdecimal-1.2.8-70.el6.x86_64.rpm rh-ruby23-rubygem-did_you_mean-1.0.0-70.el6.x86_64.rpm rh-ruby23-rubygem-io-console-0.4.5-70.el6.x86_64.rpm rh-ruby23-rubygem-json-1.8.3.1-70.el6.x86_64.rpm rh-ruby23-rubygem-net-telnet-0.1.1-70.el6.x86_64.rpm rh-ruby23-rubygem-psych-2.1.0.1-70.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v.6): Source: rh-ruby23-ruby-2.3.8-70.el6.src.rpm noarch: rh-ruby23-ruby-doc-2.3.8-70.el6.noarch.rpm rh-ruby23-ruby-irb-2.3.8-70.el6.noarch.rpm rh-ruby23-rubygem-minitest-5.8.5-70.el6.noarch.rpm rh-ruby23-rubygem-power_assert-0.2.6-70.el6.noarch.rpm rh-ruby23-rubygem-rake-10.4.2-70.el6.noarch.rpm rh-ruby23-rubygem-rdoc-4.2.1-70.el6.noarch.rpm rh-ruby23-rubygem-test-unit-3.1.5-70.el6.noarch.rpm rh-ruby23-rubygems-2.5.2.3-70.el6.noarch.rpm rh-ruby23-rubygems-devel-2.5.2.3-70.el6.noarch.rpm x86_64: rh-ruby23-ruby-2.3.8-70.el6.x86_64.rpm rh-ruby23-ruby-debuginfo-2.3.8-70.el6.x86_64.rpm rh-ruby23-ruby-devel-2.3.8-70.el6.x86_64.rpm rh-ruby23-ruby-libs-2.3.8-70.el6.x86_64.rpm rh-ruby23-ruby-tcltk-2.3.8-70.el6.x86_64.rpm rh-ruby23-rubygem-bigdecimal-1.2.8-70.el6.x86_64.rpm rh-ruby23-rubygem-did_you_mean-1.0.0-70.el6.x86_64.rpm rh-ruby23-rubygem-io-console-0.4.5-70.el6.x86_64.rpm rh-ruby23-rubygem-json-1.8.3.1-70.el6.x86_64.rpm rh-ruby23-rubygem-net-telnet-0.1.1-70.el6.x86_64.rpm rh-ruby23-rubygem-psych-2.1.0.1-70.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-ruby23-ruby-2.3.8-70.el7.src.rpm noarch: rh-ruby23-ruby-doc-2.3.8-70.el7.noarch.rpm rh-ruby23-ruby-irb-2.3.8-70.el7.noarch.rpm rh-ruby23-rubygem-minitest-5.8.5-70.el7.noarch.rpm rh-ruby23-rubygem-power_assert-0.2.6-70.el7.noarch.rpm rh-ruby23-rubygem-rake-10.4.2-70.el7.noarch.rpm rh-ruby23-rubygem-rdoc-4.2.1-70.el7.noarch.rpm rh-ruby23-rubygem-test-unit-3.1.5-70.el7.noarch.rpm rh-ruby23-rubygems-2.5.2.3-70.el7.noarch.rpm rh-ruby23-rubygems-devel-2.5.2.3-70.el7.noarch.rpm x86_64: rh-ruby23-ruby-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-debuginfo-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-devel-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-libs-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-tcltk-2.3.8-70.el7.x86_64.rpm rh-ruby23-rubygem-bigdecimal-1.2.8-70.el7.x86_64.rpm rh-ruby23-rubygem-did_you_mean-1.0.0-70.el7.x86_64.rpm rh-ruby23-rubygem-io-console-0.4.5-70.el7.x86_64.rpm rh-ruby23-rubygem-json-1.8.3.1-70.el7.x86_64.rpm rh-ruby23-rubygem-net-telnet-0.1.1-70.el7.x86_64.rpm rh-ruby23-rubygem-psych-2.1.0.1-70.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.4): Source: rh-ruby23-ruby-2.3.8-70.el7.src.rpm noarch: rh-ruby23-ruby-doc-2.3.8-70.el7.noarch.rpm rh-ruby23-ruby-irb-2.3.8-70.el7.noarch.rpm rh-ruby23-rubygem-minitest-5.8.5-70.el7.noarch.rpm rh-ruby23-rubygem-power_assert-0.2.6-70.el7.noarch.rpm rh-ruby23-rubygem-rake-10.4.2-70.el7.noarch.rpm rh-ruby23-rubygem-rdoc-4.2.1-70.el7.noarch.rpm rh-ruby23-rubygem-test-unit-3.1.5-70.el7.noarch.rpm rh-ruby23-rubygems-2.5.2.3-70.el7.noarch.rpm rh-ruby23-rubygems-devel-2.5.2.3-70.el7.noarch.rpm x86_64: rh-ruby23-ruby-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-debuginfo-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-devel-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-libs-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-tcltk-2.3.8-70.el7.x86_64.rpm rh-ruby23-rubygem-bigdecimal-1.2.8-70.el7.x86_64.rpm rh-ruby23-rubygem-did_you_mean-1.0.0-70.el7.x86_64.rpm rh-ruby23-rubygem-io-console-0.4.5-70.el7.x86_64.rpm rh-ruby23-rubygem-json-1.8.3.1-70.el7.x86_64.rpm rh-ruby23-rubygem-net-telnet-0.1.1-70.el7.x86_64.rpm rh-ruby23-rubygem-psych-2.1.0.1-70.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.5): Source: rh-ruby23-ruby-2.3.8-70.el7.src.rpm noarch: rh-ruby23-ruby-doc-2.3.8-70.el7.noarch.rpm rh-ruby23-ruby-irb-2.3.8-70.el7.noarch.rpm rh-ruby23-rubygem-minitest-5.8.5-70.el7.noarch.rpm rh-ruby23-rubygem-power_assert-0.2.6-70.el7.noarch.rpm rh-ruby23-rubygem-rake-10.4.2-70.el7.noarch.rpm rh-ruby23-rubygem-rdoc-4.2.1-70.el7.noarch.rpm rh-ruby23-rubygem-test-unit-3.1.5-70.el7.noarch.rpm rh-ruby23-rubygems-2.5.2.3-70.el7.noarch.rpm rh-ruby23-rubygems-devel-2.5.2.3-70.el7.noarch.rpm x86_64: rh-ruby23-ruby-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-debuginfo-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-devel-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-libs-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-tcltk-2.3.8-70.el7.x86_64.rpm rh-ruby23-rubygem-bigdecimal-1.2.8-70.el7.x86_64.rpm rh-ruby23-rubygem-did_you_mean-1.0.0-70.el7.x86_64.rpm rh-ruby23-rubygem-io-console-0.4.5-70.el7.x86_64.rpm rh-ruby23-rubygem-json-1.8.3.1-70.el7.x86_64.rpm rh-ruby23-rubygem-net-telnet-0.1.1-70.el7.x86_64.rpm rh-ruby23-rubygem-psych-2.1.0.1-70.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.6): Source: rh-ruby23-ruby-2.3.8-70.el7.src.rpm noarch: rh-ruby23-ruby-doc-2.3.8-70.el7.noarch.rpm rh-ruby23-ruby-irb-2.3.8-70.el7.noarch.rpm rh-ruby23-rubygem-minitest-5.8.5-70.el7.noarch.rpm rh-ruby23-rubygem-power_assert-0.2.6-70.el7.noarch.rpm rh-ruby23-rubygem-rake-10.4.2-70.el7.noarch.rpm rh-ruby23-rubygem-rdoc-4.2.1-70.el7.noarch.rpm rh-ruby23-rubygem-test-unit-3.1.5-70.el7.noarch.rpm rh-ruby23-rubygems-2.5.2.3-70.el7.noarch.rpm rh-ruby23-rubygems-devel-2.5.2.3-70.el7.noarch.rpm x86_64: rh-ruby23-ruby-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-debuginfo-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-devel-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-libs-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-tcltk-2.3.8-70.el7.x86_64.rpm rh-ruby23-rubygem-bigdecimal-1.2.8-70.el7.x86_64.rpm rh-ruby23-rubygem-did_you_mean-1.0.0-70.el7.x86_64.rpm rh-ruby23-rubygem-io-console-0.4.5-70.el7.x86_64.rpm rh-ruby23-rubygem-json-1.8.3.1-70.el7.x86_64.rpm rh-ruby23-rubygem-net-telnet-0.1.1-70.el7.x86_64.rpm rh-ruby23-rubygem-psych-2.1.0.1-70.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v.7): Source: rh-ruby23-ruby-2.3.8-70.el7.src.rpm noarch: rh-ruby23-ruby-doc-2.3.8-70.el7.noarch.rpm rh-ruby23-ruby-irb-2.3.8-70.el7.noarch.rpm rh-ruby23-rubygem-minitest-5.8.5-70.el7.noarch.rpm rh-ruby23-rubygem-power_assert-0.2.6-70.el7.noarch.rpm rh-ruby23-rubygem-rake-10.4.2-70.el7.noarch.rpm rh-ruby23-rubygem-rdoc-4.2.1-70.el7.noarch.rpm rh-ruby23-rubygem-test-unit-3.1.5-70.el7.noarch.rpm rh-ruby23-rubygems-2.5.2.3-70.el7.noarch.rpm rh-ruby23-rubygems-devel-2.5.2.3-70.el7.noarch.rpm x86_64: rh-ruby23-ruby-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-debuginfo-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-devel-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-libs-2.3.8-70.el7.x86_64.rpm rh-ruby23-ruby-tcltk-2.3.8-70.el7.x86_64.rpm rh-ruby23-rubygem-bigdecimal-1.2.8-70.el7.x86_64.rpm rh-ruby23-rubygem-did_you_mean-1.0.0-70.el7.x86_64.rpm rh-ruby23-rubygem-io-console-0.4.5-70.el7.x86_64.rpm rh-ruby23-rubygem-json-1.8.3.1-70.el7.x86_64.rpm rh-ruby23-rubygem-net-telnet-0.1.1-70.el7.x86_64.rpm rh-ruby23-rubygem-psych-2.1.0.1-70.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2019-8324 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXNk3uNzjgjWX9erEAQjgOQ//VlbUEjZvvA34285+uiYA/nr/hwHy2DRI zoZ9rHLCEG8ir+fGChKRfQ5G368KGLanzJOCbOuUAlTETiYprMPytOmDpz9y0CvJ rbVJJmgieaYdaxocTrIi5TP2aBrDKa4lS66/u0s5TIMKWkyXzEBFfuX6BqPebnGO HM6Em/jhG86yDQD0VDpsI0RUBpmTO9fvBYA6DqPpJwA6U/ak739LdkwZvKQadscU bi5sIp7OofxSvw5sinJ/ZE8u7x/jACuNEyfm9rgqr71vuMLJlfoBxvDxwoKC0oXh WqwUP0DGhj8xcDGil6Bv2AIqX3/d4co+bQn7nNrkNwGx1HlAPckdooJL3cqJA2ST 0vCTERdfQPzhIY28c8EXLZc4Yt9hXE8zLUBift3MZux3JVXAH/IWuKiXOS1QSnYS 9jco8/uLFsWmQMa/Ppi8P2Y03AgjlTGTwlBYlhMD1/iw69tuY3ZKMFq3IwvPZ+6H v40xSbhEjZnA0m2Y7sPuXSATghlzju2sHqVjHZNw1z11KeyMaDpse3dN5Dwd4SH+ sE5w0QOZMSR1NlFhVaIzj1zCa4WckgFR3fe/TTwhyUjGt3oX0UWdyXSX6BzcR+Gb 73qkOEa0OEKpkg4mztq/IU9kR6UKXcrhTiPk+a0D16gFPXutc2qqwpux1M8kMKpI Qu1uqW4aSxI=jZ92 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Red Hat has announced a critical security patch for rh-ruby23-ruby targeting existing vulnerabilities and potential threats. Discover further details.. Red Hat, rh-ruby23-ruby, security update, arbitrary code execution, security advisory. . Severity: Important. LinuxSecurity.com Team

May 13, 2019 •Important Red Hat

Stay Secure with the Latest Linux Advisories

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Red Hat 7 RHSA-2020:5275 Moderate: rh-php73-php Security Update

Red Hat: RHSA-2019-1151-01 Important: rh-ruby23-ruby Arbitrary Code Threat

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Refine advisories

severity

Topics

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!