Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 333 articles for you...
89

Fedora 44 Ruby 4.0.6 Important Denial Of Service Fixes 2026-32d5a3d450

Ruby 4.0.6 is released. This new ruby contains several security fixes in net- snmp.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-32d5a3d450 2026-07-18 00:26:14.273071+00:00 -------------------------------------------------------------------------------- Name : ruby Product : Fedora 44 Version : 4.0.6 Release : 36.fc44 URL : https://www.ruby-lang.org/ Summary : An interpreter of object-oriented scripting language Description : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. -------------------------------------------------------------------------------- Update Information: Ruby 4.0.6 is released. This new ruby contains several security fixes in net- snmp. -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 14 2026 Mamoru TASAKA - 4.0.6-36 - Update to Ruby 4.0.6 Resolves: rhbz#2499884 - Resolves: CVE-2026-42245 (rhbz#2484324) - Resolves: CVE-2026-42246 (rhbz#2492090) - Resolves: CVE-2026-42256 - Resolves: CVE-2026-42257 - Resolves: CVE-2026-42258 (rhbz#2487319) - Resolves: CVE-2026-47240 (rhbz#2498917) - Resolves: CVE-2026-47241 - Resolves: CVE-2026-47242 * Sun Jun 14 2026 Mamoru TASAKA - 4.0.5-35 - Backport ruby/openssl 4.0.2 from ruby 4.0 branch to support openssl 4.0 * Fri Jun 12 2026 Yaakov Selkowitz - Rebuilt for openssl 4.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2463216 - CVE-2026-41316 ruby: ERB: Arbitrary code execution via deserialization bypass [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2463216 [ 2 ] Bug #2484324 - CVE-2026-42245 ruby: Net::IMAP: Denial of Service via crafted IMAP responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2484324 [ 3 ] Bug #2487319 - CVE-2026-42258 ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2487319 [ 4 ] Bug #2492090 - CVE-2026-42246 ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2492090 [ 5 ] Bug #2498917 - CVE-2026-47240 ruby: Net::IMAP: Command injection via non-synchronizing literals [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2498917 [ 6 ] Bug #2499884 - ruby-4.0.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2499884 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-32d5a3d450' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Ruby 4.0.6 released with crucial net-snmp security fixes addressing denial of service and code execution risks.. Ruby version update, Ruby security patches,Fedora release notes. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 Critical Fedora
217

Oracle Linux 8 Ruby Important DoS Fixes Advisory ELSA-2026-33515

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-33515 http://linux.oracle.com/errata/ELSA-2026-33515.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm ruby-default-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm ruby-doc-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-bundler-2.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-irb-1.13.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-minitest-5.20.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.x86_64.rpm rubygem-mysql2-doc-0.5.5-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.x86_64.rpm rubygem-pg-doc-1.5.4-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-power_assert-2.0.3-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-rake-13.1.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-rdoc-6.6.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rexml-3.4.4-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rss-0.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygems-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygems-devel-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-test-unit-3.6.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-typeprof-0.21.9-7.module+el8.10.0+90936+88c9ba90.noarch.rpm ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm aarch64: ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm ruby-default-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm ruby-doc-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-bundler-2.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-irb-1.13.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-minitest-5.20.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.aarch64.rpm rubygem-mysql2-doc-0.5.5-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.aarch64.rpm rubygem-pg-doc-1.5.4-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-power_assert-2.0.3-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-rake-13.1.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-rdoc-6.6.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rexml-3.4.4-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rss-0.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygems-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygems-devel-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-test-unit-3.6.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-typeprof-0.21.9-7.module+el8.10.0+90936+88c9ba90.noarch.rpm ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.src.rpm Related CVEs: CVE-2026-42245 CVE-2026-42246 CVE-2026-42258 Description of changes: ruby [3.3.10-7] - Fix DoS via crafted IMAP responses in net-imap. (CVE-2026-42245) Resolves: RHEL-181682 - Fix information disclosure via MITM attack bypassing TLS in net-imap. (CVE-2026-42246) Resolves: RHEL-181759 - Fix command injection via Symbol arguments in net-imap. (CVE-2026-42258) Resolves: RHEL-181791 rubygem-abrt [0.4.0-1] - Update to abrt 0.4.0. Resolves: rhbz#1842476 rubygem-mysql2 [0.5.5-1] - Upgrade to mysql2 0.5.5. Related: RHEL-17090 rubygem-pg [1.5.4-1] - Upgrade to pg 1.5.4. Related: RHEL-17090 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Stay updated on Oracle Linux Security Advisory ELSA-2026-33515 for Ruby 3.3 critical fixes and upgrades.. Oracle Linux Ruby Security Update DoS Threat. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 07, 2026 Important Oracle
217

Oracle Linux 9 Ruby Important Code Exec DoS Fix ELSA-2026-20596

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-20596 http://linux.oracle.com/errata/ELSA-2026-20596.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: ruby-4.0.3-32.module+el9.8.0+90929+122d8796.i686.rpm ruby-4.0.3-32.module+el9.8.0+90929+122d8796.x86_64.rpm ruby-bundled-gems-4.0.3-32.module+el9.8.0+90929+122d8796.i686.rpm ruby-bundled-gems-4.0.3-32.module+el9.8.0+90929+122d8796.x86_64.rpm ruby-default-gems-4.0.3-32.module+el9.8.0+90929+122d8796.noarch.rpm ruby-devel-4.0.3-32.module+el9.8.0+90929+122d8796.i686.rpm ruby-devel-4.0.3-32.module+el9.8.0+90929+122d8796.x86_64.rpm ruby-doc-4.0.3-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-bigdecimal-4.0.1-32.module+el9.8.0+90929+122d8796.i686.rpm rubygem-bigdecimal-4.0.1-32.module+el9.8.0+90929+122d8796.x86_64.rpm rubygem-bundler-4.0.6-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-io-console-0.8.2-32.module+el9.8.0+90929+122d8796.i686.rpm rubygem-io-console-0.8.2-32.module+el9.8.0+90929+122d8796.x86_64.rpm rubygem-irb-1.16.0-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-json-2.18.0-32.module+el9.8.0+90929+122d8796.i686.rpm rubygem-json-2.18.0-32.module+el9.8.0+90929+122d8796.x86_64.rpm rubygem-minitest-6.0.0-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-mysql2-0.5.7-1.module+el9.8.0+90929+122d8796.x86_64.rpm rubygem-mysql2-doc-0.5.7-1.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-pg-1.6.3-1.module+el9.8.0+90929+122d8796.x86_64.rpm rubygem-pg-doc-1.6.3-1.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-power_assert-3.0.1-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-psych-5.3.1-32.module+el9.8.0+90929+122d8796.i686.rpm rubygem-psych-5.3.1-32.module+el9.8.0+90929+122d8796.x86_64.rpm rubygem-racc-1.8.1-32.module+el9.8.0+90929+122d8796.i686.rpm rubygem-racc-1.8.1-32.module+el9.8.0+90929+122d8796.x86_64.rpm rubygem-rake-13.3.1-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-rbs-3.10.0-32.module+el9.8.0+90929+122d8796.i686.rpm rubygem-rbs-3.10.0-32.module+el9.8.0+90929+122d8796.x86_64.rpm rubygem-rdoc-7.0.3-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-rexml-3.4.4-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-rss-0.3.2-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygems-4.0.6-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygems-devel-4.0.6-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-test-unit-3.7.5-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-typeprof-0.31.1-32.module+el9.8.0+90929+122d8796.noarch.rpm ruby-libs-4.0.3-32.module+el9.8.0+90929+122d8796.i686.rpm ruby-libs-4.0.3-32.module+el9.8.0+90929+122d8796.x86_64.rpm aarch64: ruby-4.0.3-32.module+el9.8.0+90929+122d8796.aarch64.rpm ruby-bundled-gems-4.0.3-32.module+el9.8.0+90929+122d8796.aarch64.rpm ruby-default-gems-4.0.3-32.module+el9.8.0+90929+122d8796.noarch.rpm ruby-devel-4.0.3-32.module+el9.8.0+90929+122d8796.aarch64.rpm ruby-doc-4.0.3-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-bigdecimal-4.0.1-32.module+el9.8.0+90929+122d8796.aarch64.rpm rubygem-bundler-4.0.6-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-io-console-0.8.2-32.module+el9.8.0+90929+122d8796.aarch64.rpm rubygem-irb-1.16.0-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-json-2.18.0-32.module+el9.8.0+90929+122d8796.aarch64.rpm rubygem-minitest-6.0.0-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-mysql2-0.5.7-1.module+el9.8.0+90929+122d8796.aarch64.rpm rubygem-mysql2-doc-0.5.7-1.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-pg-1.6.3-1.module+el9.8.0+90929+122d8796.aarch64.rpm rubygem-pg-doc-1.6.3-1.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-power_assert-3.0.1-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-psych-5.3.1-32.module+el9.8.0+90929+122d8796.aarch64.rpm rubygem-racc-1.8.1-32.module+el9.8.0+90929+122d8796.aarch64.rpm rubygem-rake-13.3.1-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-rbs-3.10.0-32.module+el9.8.0+90929+122d8796.aarch64.rpm rubygem-rdoc-7.0.3-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-rexml-3.4.4-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-rss-0.3.2-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygems-4.0.6-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygems-devel-4.0.6-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-test-unit-3.7.5-32.module+el9.8.0+90929+122d8796.noarch.rpm rubygem-typeprof-0.31.1-32.module+el9.8.0+90929+122d8796.noarch.rpm ruby-libs-4.0.3-32.module+el9.8.0+90929+122d8796.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/ruby-4.0.3-32.module+el9.8.0+90929+122d8796.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/rubygem-mysql2-0.5.7-1.module+el9.8.0+90929+122d8796.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/rubygem-pg-1.6.3-1.module+el9.8.0+90929+122d8796.src.rpm Related CVEs: CVE-2026-33210 CVE-2026-41316 Description of changes: ruby [4.0.3-32] - Upgrade to Ruby 4.0.3. Resolves: RHEL-171933 - Fix ERB: Arbitrary code execution via deserialization bypass (CVE-2026-41316) Resolves: RHEL-171258 - Fix JSON: Denial of Service or Information Disclosure via format string injection (CVE-2026-33210) Resolves: RHEL-173458 rubygem-mysql2 [0.5.7-1] - Upgrade to mysql2 0.5.7. Related: RHEL-142278 rubygem-pg [1.6.3-1] - Upgrade to pg 1.6.3 Related: RHEL-142278 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 Ruby packages updated to fix important vulnerabilities, including arbitrary code execution and DoS.. Oracle Linux Ruby Security Update Important Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 Important Oracle
217

Oracle Linux 8 Ruby Important Code Execution Fix ELSA-2026-33514

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-33514 http://linux.oracle.com/errata/ELSA-2026-33514.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: ruby-2.5.9-114.module+el8.10.0+90940+f98fa8f0.i686.rpm ruby-2.5.9-114.module+el8.10.0+90940+f98fa8f0.x86_64.rpm ruby-devel-2.5.9-114.module+el8.10.0+90940+f98fa8f0.i686.rpm ruby-devel-2.5.9-114.module+el8.10.0+90940+f98fa8f0.x86_64.rpm ruby-doc-2.5.9-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm rubygem-abrt-doc-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm rubygem-bigdecimal-1.3.4-114.module+el8.10.0+90940+f98fa8f0.i686.rpm rubygem-bigdecimal-1.3.4-114.module+el8.10.0+90940+f98fa8f0.x86_64.rpm rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.x86_64.rpm rubygem-bson-doc-4.3.0-2.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-bundler-1.16.1-5.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-bundler-doc-1.16.1-5.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-did_you_mean-1.2.0-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-io-console-0.4.6-114.module+el8.10.0+90940+f98fa8f0.i686.rpm rubygem-io-console-0.4.6-114.module+el8.10.0+90940+f98fa8f0.x86_64.rpm rubygem-json-2.1.0-114.module+el8.10.0+90940+f98fa8f0.i686.rpm rubygem-json-2.1.0-114.module+el8.10.0+90940+f98fa8f0.x86_64.rpm rubygem-minitest-5.10.3-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-mongo-doc-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.x86_64.rpm rubygem-mysql2-doc-0.4.10-4.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-net-telnet-0.1.1-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-openssl-2.1.2-114.module+el8.10.0+90940+f98fa8f0.i686.rpm rubygem-openssl-2.1.2-114.module+el8.10.0+90940+f98fa8f0.x86_64.rpm rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.x86_64.rpm rubygem-pg-doc-1.0.0-3.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-power_assert-1.1.1-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-psych-3.0.2-114.module+el8.10.0+90940+f98fa8f0.i686.rpm rubygem-psych-3.0.2-114.module+el8.10.0+90940+f98fa8f0.x86_64.rpm rubygem-rake-12.3.3-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-rdoc-6.0.1.1-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygems-2.7.6.3-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygems-devel-2.7.6.3-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-test-unit-3.2.7-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-xmlrpc-0.3.0-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm ruby-irb-2.5.9-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm ruby-libs-2.5.9-114.module+el8.10.0+90940+f98fa8f0.i686.rpm ruby-libs-2.5.9-114.module+el8.10.0+90940+f98fa8f0.x86_64.rpm aarch64: ruby-2.5.9-114.module+el8.10.0+90940+f98fa8f0.aarch64.rpm ruby-devel-2.5.9-114.module+el8.10.0+90940+f98fa8f0.aarch64.rpm ruby-doc-2.5.9-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm rubygem-abrt-doc-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm rubygem-bigdecimal-1.3.4-114.module+el8.10.0+90940+f98fa8f0.aarch64.rpm rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.aarch64.rpm rubygem-bson-doc-4.3.0-2.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-bundler-1.16.1-5.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-bundler-doc-1.16.1-5.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-did_you_mean-1.2.0-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-io-console-0.4.6-114.module+el8.10.0+90940+f98fa8f0.aarch64.rpm rubygem-json-2.1.0-114.module+el8.10.0+90940+f98fa8f0.aarch64.rpm rubygem-minitest-5.10.3-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-mongo-doc-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.aarch64.rpm rubygem-mysql2-doc-0.4.10-4.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-net-telnet-0.1.1-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-openssl-2.1.2-114.module+el8.10.0+90940+f98fa8f0.aarch64.rpm rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.aarch64.rpm rubygem-pg-doc-1.0.0-3.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-power_assert-1.1.1-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-psych-3.0.2-114.module+el8.10.0+90940+f98fa8f0.aarch64.rpm rubygem-rake-12.3.3-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-rdoc-6.0.1.1-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygems-2.7.6.3-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygems-devel-2.7.6.3-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-test-unit-3.2.7-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm rubygem-xmlrpc-0.3.0-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm ruby-irb-2.5.9-114.module+el8.10.0+90940+f98fa8f0.noarch.rpm ruby-libs-2.5.9-114.module+el8.10.0+90940+f98fa8f0.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/ruby-2.5.9-114.module+el8.10.0+90940+f98fa8f0.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-bundler-1.16.1-5.module+el8.10.0+90940+f98fa8f0.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.src.rpm Related CVEs: CVE-2026-42246 CVE-2026-42258 Description of changes: ruby [2.5.9-114] - Fix integer overflow in search_in_range function in regexec.c (CVE-2019-19012). Resolves: RHEL-87505 rubygem-abrt [0.3.0-4] - Execute test suite unconditionally. - Upload correct sources. rubygem-bson [4.3.0-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild rubygem-bundler [1.16.1-5] - Fix unexpected code execution in Gemfiles (CVE-2021-43809) Resolves: RHEL-87017 rubygem-mongo [2.5.1-2] - Disable tests to fix FTBFS by dropped MongoDB module. Resolves: rhbz#1710863 rubygem-mysql2 [0.4.10-4] - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild rubygem-pg [1.0.0-3] - Fix FTBFS with PostgreSQL 10.6 and above." -s " ruby:2.5 security update" _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Critical updates for Oracle Linux 8 addressing important issues in Ruby and related libraries. Ensure your systems are secure now.. Oracle Linux security,Ruby updates,ELSA advisory,coded execution fix,information leaks. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 Important Oracle
219

Rocky Linux 10 Ruby Key Denial of Service Command Injection RLSA-2026-33565

Important: ruby security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:33565", "synopsis": "Important: ruby security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for ruby.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es):\n\n* ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses (CVE-2026-42245)\n\n* ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments (CVE-2026-42258)\n\n* net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS (CVE-2026-42246)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2468495", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468495", "description": ""}, {"ticket": "2468499", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468499", "description": ""}, {"ticket": "2468498", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468498", "description": ""}], "cves": [{"name": "CVE-2026-42245", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42245", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "cvss3BaseScore": "6.5", "cwe": "CWE-606"}, {"name": "CVE-2026-42246", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42246", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "cvss3BaseScore":"7.4", "cwe": "CWE-325"}, {"name": "CVE-2026-42258", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42258", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N", "cvss3BaseScore": "7.1", "cwe": "CWE-93"}], "references": [], "publishedAt": "2026-07-05T12:05:09.130757Z", "rpms": {"Rocky Linux 10": {"nvras": ["rubygem-irb-0:1.13.1-13.el10_2.noarch.rpm", "ruby-devel-0:3.3.10-13.el10_2.ppc64le.rpm", "rubygem-psych-0:5.1.2-13.el10_2.ppc64le.rpm", "rubygem-io-console-debuginfo-0:0.7.1-13.el10_2.s390x.rpm", "rubygem-io-console-0:0.7.1-13.el10_2.aarch64.rpm", "rubygem-rake-0:13.1.0-13.el10_2.noarch.rpm", "ruby-0:3.3.10-13.el10_2.x86_64.rpm", "rubygem-io-console-0:0.7.1-13.el10_2.ppc64le.rpm", "rubygem-bigdecimal-debuginfo-0:3.1.5-13.el10_2.x86_64.rpm", "ruby-0:3.3.10-13.el10_2.ppc64le.rpm", "rubygem-rbs-0:3.4.0-13.el10_2.x86_64.rpm", "rubygems-devel-0:3.5.22-13.el10_2.noarch.rpm", "rubygem-json-debuginfo-0:2.7.2-13.el10_2.aarch64.rpm", "rubygem-json-0:2.7.2-13.el10_2.aarch64.rpm", "ruby-libs-0:3.3.10-13.el10_2.aarch64.rpm", "rubygem-rexml-0:3.4.4-13.el10_2.noarch.rpm", "ruby-bundled-gems-0:3.3.10-13.el10_2.ppc64le.rpm", "ruby-0:3.3.10-13.el10_2.src.rpm", "ruby-libs-debuginfo-0:3.3.10-13.el10_2.x86_64.rpm", "ruby-libs-debuginfo-0:3.3.10-13.el10_2.s390x.rpm", "rubygem-bigdecimal-0:3.1.5-13.el10_2.ppc64le.rpm", "rubygems-0:3.5.22-13.el10_2.noarch.rpm", "ruby-libs-debuginfo-0:3.3.10-13.el10_2.ppc64le.rpm", "rubygem-io-console-debuginfo-0:0.7.1-13.el10_2.x86_64.rpm", "rubygem-rbs-debuginfo-0:3.4.0-13.el10_2.ppc64le.rpm", "rubygem-io-console-debuginfo-0:0.7.1-13.el10_2.ppc64le.rpm", "rubygem-json-debuginfo-0:2.7.2-13.el10_2.ppc64le.rpm", "rubygem-rbs-0:3.4.0-13.el10_2.s390x.rpm", "ruby-debuginfo-0:3.3.10-13.el10_2.s390x.rpm", "rubygem-test-unit-0:3.6.1-13.el10_2.noarch.rpm", "rubygem-psych-debuginfo-0:5.1.2-13.el10_2.aarch64.rpm", "rubygem-psych-0:5.1.2-13.el10_2.s390x.rpm", "rubygem-rbs-0:3.4.0-13.el10_2.aarch64.rpm","rubygem-io-console-debuginfo-0:0.7.1-13.el10_2.aarch64.rpm", "rubygem-json-debuginfo-0:2.7.2-13.el10_2.x86_64.rpm", "ruby-doc-0:3.3.10-13.el10_2.noarch.rpm", "rubygem-io-console-0:0.7.1-13.el10_2.s390x.rpm", "ruby-debuginfo-0:3.3.10-13.el10_2.ppc64le.rpm", "ruby-bundled-gems-0:3.3.10-13.el10_2.s390x.rpm", "ruby-bundled-gems-0:3.3.10-13.el10_2.x86_64.rpm", "ruby-0:3.3.10-13.el10_2.s390x.rpm", "rubygem-typeprof-0:0.21.9-13.el10_2.noarch.rpm", "ruby-libs-debuginfo-0:3.3.10-13.el10_2.aarch64.rpm", "rubygem-json-0:2.7.2-13.el10_2.x86_64.rpm", "ruby-devel-0:3.3.10-13.el10_2.x86_64.rpm", "ruby-default-gems-0:3.3.10-13.el10_2.noarch.rpm", "rubygem-bigdecimal-debuginfo-0:3.1.5-13.el10_2.s390x.rpm", "ruby-devel-0:3.3.10-13.el10_2.aarch64.rpm", "rubygem-bigdecimal-0:3.1.5-13.el10_2.aarch64.rpm", "rubygem-bigdecimal-debuginfo-0:3.1.5-13.el10_2.aarch64.rpm", "rubygem-rbs-debuginfo-0:3.4.0-13.el10_2.aarch64.rpm", "rubygem-io-console-0:0.7.1-13.el10_2.x86_64.rpm", "rubygem-minitest-0:5.20.0-13.el10_2.noarch.rpm", "ruby-libs-0:3.3.10-13.el10_2.s390x.rpm", "ruby-bundled-gems-0:3.3.10-13.el10_2.aarch64.rpm", "rubygem-rdoc-0:6.6.3.1-13.el10_2.noarch.rpm", "rubygem-psych-debuginfo-0:5.1.2-13.el10_2.s390x.rpm", "ruby-bundled-gems-debuginfo-0:3.3.10-13.el10_2.ppc64le.rpm", "ruby-debugsource-0:3.3.10-13.el10_2.aarch64.rpm", "rubygem-bigdecimal-0:3.1.5-13.el10_2.s390x.rpm", "ruby-debugsource-0:3.3.10-13.el10_2.x86_64.rpm", "rubygem-power_assert-0:2.0.3-13.el10_2.noarch.rpm", "ruby-bundled-gems-debuginfo-0:3.3.10-13.el10_2.aarch64.rpm", "rubygem-rbs-0:3.4.0-13.el10_2.ppc64le.rpm", "ruby-debuginfo-0:3.3.10-13.el10_2.x86_64.rpm", "ruby-0:3.3.10-13.el10_2.aarch64.rpm", "rubygem-json-debuginfo-0:2.7.2-13.el10_2.s390x.rpm", "rubygem-rss-0:0.3.1-13.el10_2.noarch.rpm", "rubygem-psych-0:5.1.2-13.el10_2.aarch64.rpm", "rubygem-psych-0:5.1.2-13.el10_2.x86_64.rpm", "rubygem-json-0:2.7.2-13.el10_2.ppc64le.rpm", "ruby-bundled-gems-debuginfo-0:3.3.10-13.el10_2.x86_64.rpm", "rubygem-json-0:2.7.2-13.el10_2.s390x.rpm","rubygem-psych-debuginfo-0:5.1.2-13.el10_2.ppc64le.rpm", "ruby-libs-0:3.3.10-13.el10_2.x86_64.rpm", "rubygem-rbs-debuginfo-0:3.4.0-13.el10_2.x86_64.rpm", "rubygem-bigdecimal-debuginfo-0:3.1.5-13.el10_2.ppc64le.rpm", "ruby-debugsource-0:3.3.10-13.el10_2.ppc64le.rpm", "ruby-devel-0:3.3.10-13.el10_2.s390x.rpm", "rubygem-bigdecimal-0:3.1.5-13.el10_2.x86_64.rpm", "ruby-bundled-gems-debuginfo-0:3.3.10-13.el10_2.s390x.rpm", "ruby-libs-0:3.3.10-13.el10_2.ppc64le.rpm", "rubygem-rbs-debuginfo-0:3.4.0-13.el10_2.s390x.rpm", "rubygem-bundler-0:2.5.22-13.el10_2.noarch.rpm", "rubygem-psych-debuginfo-0:5.1.2-13.el10_2.x86_64.rpm", "ruby-debugsource-0:3.3.10-13.el10_2.s390x.rpm", "ruby-debuginfo-0:3.3.10-13.el10_2.aarch64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Ruby update address multiple security threats in Rocky Linux, highlighting denial of service and command injection risks. Stay secure!. Rocky Linux Ruby Security Update Denial of Service Command Injection. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 05, 2026 Important Rocky Linux
219

Rocky Linux 9 ruby Important IMAP Command Issues RLSA-2026-33577

Important: ruby:4.0 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:33577", "synopsis": "Important: ruby:4.0 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for module.rubygem-pg, module.rubygem-mysql2, rubygem-mysql2, rubygem-pg.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es):\n\n* ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses (CVE-2026-42245)\n\n* ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments (CVE-2026-42258)\n\n* net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS (CVE-2026-42246)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2468495", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468495", "description": ""}, {"ticket": "2468498", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468498", "description": ""}, {"ticket": "2468499", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2468499", "description": ""}], "cves": [{"name": "CVE-2026-42245", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42245", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "cvss3BaseScore": "6.5", "cwe": "CWE-606"}, {"name": "CVE-2026-42246", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42246","cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "cvss3BaseScore": "7.4", "cwe": "CWE-325"}, {"name": "CVE-2026-42258", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42258", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N", "cvss3BaseScore": "7.1", "cwe": "CWE-93"}], "references": [], "publishedAt": "2026-07-01T06:01:39.210690Z", "rpms": {"Rocky Linux 9": {"nvras": ["rubygem-mysql2-0:0.5.7-1.module+el9.8.0+40094+ce01217c.aarch64.rpm", "rubygem-mysql2-0:0.5.7-1.module+el9.8.0+40094+ce01217c.ppc64le.rpm", "rubygem-mysql2-0:0.5.7-1.module+el9.8.0+40094+ce01217c.s390x.rpm", "rubygem-mysql2-0:0.5.7-1.module+el9.8.0+40094+ce01217c.src.rpm", "rubygem-mysql2-0:0.5.7-1.module+el9.8.0+40094+ce01217c.x86_64.rpm", "rubygem-mysql2-debuginfo-0:0.5.7-1.module+el9.8.0+40094+ce01217c.aarch64.rpm", "rubygem-mysql2-debuginfo-0:0.5.7-1.module+el9.8.0+40094+ce01217c.ppc64le.rpm", "rubygem-mysql2-debuginfo-0:0.5.7-1.module+el9.8.0+40094+ce01217c.s390x.rpm", "rubygem-mysql2-debuginfo-0:0.5.7-1.module+el9.8.0+40094+ce01217c.x86_64.rpm", "rubygem-mysql2-debugsource-0:0.5.7-1.module+el9.8.0+40094+ce01217c.aarch64.rpm", "rubygem-mysql2-debugsource-0:0.5.7-1.module+el9.8.0+40094+ce01217c.ppc64le.rpm", "rubygem-mysql2-debugsource-0:0.5.7-1.module+el9.8.0+40094+ce01217c.s390x.rpm", "rubygem-mysql2-debugsource-0:0.5.7-1.module+el9.8.0+40094+ce01217c.x86_64.rpm", "rubygem-mysql2-doc-0:0.5.7-1.module+el9.8.0+40094+ce01217c.noarch.rpm", "rubygem-pg-0:1.6.3-1.module+el9.8.0+40094+ce01217c.aarch64.rpm", "rubygem-pg-0:1.6.3-1.module+el9.8.0+40094+ce01217c.ppc64le.rpm", "rubygem-pg-0:1.6.3-1.module+el9.8.0+40094+ce01217c.s390x.rpm", "rubygem-pg-0:1.6.3-1.module+el9.8.0+40094+ce01217c.src.rpm", "rubygem-pg-0:1.6.3-1.module+el9.8.0+40094+ce01217c.x86_64.rpm", "rubygem-pg-debuginfo-0:1.6.3-1.module+el9.8.0+40094+ce01217c.aarch64.rpm", "rubygem-pg-debuginfo-0:1.6.3-1.module+el9.8.0+40094+ce01217c.ppc64le.rpm","rubygem-pg-debuginfo-0:1.6.3-1.module+el9.8.0+40094+ce01217c.s390x.rpm", "rubygem-pg-debuginfo-0:1.6.3-1.module+el9.8.0+40094+ce01217c.x86_64.rpm", "rubygem-pg-debugsource-0:1.6.3-1.module+el9.8.0+40094+ce01217c.aarch64.rpm", "rubygem-pg-debugsource-0:1.6.3-1.module+el9.8.0+40094+ce01217c.ppc64le.rpm", "rubygem-pg-debugsource-0:1.6.3-1.module+el9.8.0+40094+ce01217c.s390x.rpm", "rubygem-pg-debugsource-0:1.6.3-1.module+el9.8.0+40094+ce01217c.x86_64.rpm", "rubygem-pg-doc-0:1.6.3-1.module+el9.8.0+40094+ce01217c.noarch.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Rocky Linux announces important ruby security updates to address several vulnerabilities impacting system integrity and security.. ruby security updates, Rocky Linux advisories, ruby vulnerabilities, IMAP security fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Important Rocky Linux
172

Ubuntu Ruby Critical Network Access Issues USN-8478-1 CVE-2026-42246

Ruby could allow unintended access to network services.. ========================================================================== Ubuntu Security Notice USN-8478-1 June 29, 2025 ruby2.7, ruby3.0, ruby3.2, ruby3.3 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Ruby could allow unintended access to network services. Software Description: - ruby3.3: Object-oriented scripting language - ruby3.2: Object-oriented scripting language - ruby3.0: Object-oriented scripting language - ruby2.7: Object-oriented scripting language Details: It was discovered that Ruby's Net::IMAP library did not properly verify that TLS encryption was started after issuing a STARTTLS command. A remote attacker could use this to perform a machine-in-the-middle attack and silently bypass TLS encryption. (CVE-2026-42246) It was discovered that Ruby's Net::IMAP library did not validate string arguments passed to certain commands. A remote attacker could use this to inject arbitrary IMAP commands. (CVE-2026-42257) It was discovered that Ruby's Net::IMAP library was vulnerable to a denial of service attack when authenticating with SCRAM-SHA1 or SCRAM-SHA256. A hostile server could send a very large iteration count value to cause excessive computation in the client. This issue only affected ruby3.3. (CVE-2026-42256) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libruby3.3 3.3.8-2ubuntu3.1 ruby3.3 3.3.8-2ubuntu3.1 Ubuntu 24.04 LTS libruby3.2 3.2.3-1ubuntu0.24.04.8 ruby3.2 3.2.3-1ubuntu0.24.04.8 Ubuntu 22.04 LTS libruby3.0 3.0.2-7ubuntu2.13 ruby3.0 3.0.2-7ubuntu2.13 Ubuntu 20.04 LTS libruby2.7 2.7.0-5ubuntu1.18+esm5 Available with Ubuntu Pro ruby2.7 2.7.0-5ubuntu1.18+esm5 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8478-1 CVE-2026-42246, CVE-2026-42256, CVE-2026-42257 Package Information: https://launchpad.net/ubuntu/+source/ruby3.3/3.3.8-2ubuntu3.1 https://launchpad.net/ubuntu/+source/ruby3.2/3.2.3-1ubuntu0.24.04.8 https://launchpad.net/ubuntu/+source/ruby3.0/3.0.2-7ubuntu2.13 . Update your Ubuntu systems to address critical Ruby security issues including unauthorized access and DoS risks.. Ruby security update Ubuntu network services DoS. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important Ubuntu
217

Oracle Linux 9 ELSA-2026-18039 Ruby Important Arbitrary Code Exec

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-18039 http://linux.oracle.com/errata/ELSA-2026-18039.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: ruby-3.0.7-166.el9_7.i686.rpm ruby-3.0.7-166.el9_7.x86_64.rpm ruby-default-gems-3.0.7-166.el9_7.noarch.rpm ruby-devel-3.0.7-166.el9_7.i686.rpm ruby-devel-3.0.7-166.el9_7.x86_64.rpm ruby-doc-3.0.7-166.el9_7.noarch.rpm ruby-libs-3.0.7-166.el9_7.i686.rpm ruby-libs-3.0.7-166.el9_7.x86_64.rpm rubygem-bigdecimal-3.0.0-166.el9_7.x86_64.rpm rubygem-bundler-2.2.33-166.el9_7.noarch.rpm rubygem-io-console-0.5.7-166.el9_7.x86_64.rpm rubygem-irb-1.3.5-166.el9_7.noarch.rpm rubygem-json-2.5.1-166.el9_7.x86_64.rpm rubygem-minitest-5.14.2-166.el9_7.noarch.rpm rubygem-power_assert-1.2.1-166.el9_7.noarch.rpm rubygem-psych-3.3.2-166.el9_7.x86_64.rpm rubygem-rake-13.0.3-166.el9_7.noarch.rpm rubygem-rbs-1.4.0-166.el9_7.noarch.rpm rubygem-rdoc-6.3.4.1-166.el9_7.noarch.rpm rubygem-rexml-3.2.5-166.el9_7.noarch.rpm rubygem-rss-0.2.9-166.el9_7.noarch.rpm rubygem-test-unit-3.3.7-166.el9_7.noarch.rpm rubygem-typeprof-0.15.2-166.el9_7.noarch.rpm rubygems-3.2.33-166.el9_7.noarch.rpm rubygems-devel-3.2.33-166.el9_7.noarch.rpm aarch64: ruby-3.0.7-166.el9_7.aarch64.rpm ruby-default-gems-3.0.7-166.el9_7.noarch.rpm ruby-devel-3.0.7-166.el9_7.aarch64.rpm ruby-doc-3.0.7-166.el9_7.noarch.rpm ruby-libs-3.0.7-166.el9_7.aarch64.rpm rubygem-bigdecimal-3.0.0-166.el9_7.aarch64.rpm rubygem-bundler-2.2.33-166.el9_7.noarch.rpm rubygem-io-console-0.5.7-166.el9_7.aarch64.rpm rubygem-irb-1.3.5-166.el9_7.noarch.rpm rubygem-json-2.5.1-166.el9_7.aarch64.rpm rubygem-minitest-5.14.2-166.el9_7.noarch.rpm rubygem-power_assert-1.2.1-166.el9_7.noarch.rpm rubygem-psych-3.3.2-166.el9_7.aarch64.rpm rubygem-rake-13.0.3-166.el9_7.noarch.rpm rubygem-rbs-1.4.0-166.el9_7.noarch.rpm rubygem-rdoc-6.3.4.1-166.el9_7.noarch.rpm rubygem-rexml-3.2.5-166.el9_7.noarch.rpm rubygem-rss-0.2.9-166.el9_7.noarch.rpm rubygem-test-unit-3.3.7-166.el9_7.noarch.rpm rubygem-typeprof-0.15.2-166.el9_7.noarch.rpm rubygems-3.2.33-166.el9_7.noarch.rpm rubygems-devel-3.2.33-166.el9_7.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/ruby-3.0.7-166.el9_7.src.rpm RelatedCVEs: CVE-2026-41316 Description of changes: [3.0.7-166] - Fix arbitrary code execution via deserialization bypass in ERB. (CVE-2026-41316) Resolves: RHEL-171254 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Learn about important updates for Oracle Linux 9 regarding critical Ruby security issues and fixes.. Oracle Linux Update, Ruby Security Fixes, Important Linux Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 20, 2026 Important Oracle
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200