Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issueimportant

Red Hat Enterprise Linux 8.4 RHSA-2022-0546-01 Important: Ruby 2.5 DoS

An update for the ruby:2.5 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: ruby:2.5 security update Advisory ID: RHSA-2022:0546-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0546 Issue date: 2022-02-16 CVE Names: CVE-2020-36327 ==================================================================== 1. Summary: An update for the ruby:2.5 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix(es): * rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source (CVE-2020-36327) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1958999 - CVE-2020-36327 rubygem-bundler: Dependencies ofgems with explicit source may be installed from a different source 6. Package List: Red Hat Enterprise Linux AppStream EUS(v.8.4): Source: ruby-2.5.9-107.module+el8.4.0+10822+fe4fffb1.src.rpm rubygem-abrt-0.3.0-4.module+el8.1.0+3656+f80bfa1d.src.rpm rubygem-bson-4.3.0-2.module+el8.1.0+3656+f80bfa1d.src.rpm rubygem-bundler-1.16.1-4.module+el8.4.0+14083+f9ece6dd.src.rpm rubygem-mongo-2.5.1-2.module+el8.1.0+3656+f80bfa1d.src.rpm rubygem-mysql2-0.4.10-4.module+el8.1.0+3656+f80bfa1d.src.rpm rubygem-pg-1.0.0-2.module+el8.1.0+3656+f80bfa1d.src.rpm aarch64: ruby-2.5.9-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm ruby-debuginfo-2.5.9-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm ruby-debugsource-2.5.9-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm ruby-devel-2.5.9-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm ruby-libs-2.5.9-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm ruby-libs-debuginfo-2.5.9-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm rubygem-bigdecimal-1.3.4-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm rubygem-bigdecimal-debuginfo-1.3.4-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm rubygem-bson-4.3.0-2.module+el8.1.0+3656+f80bfa1d.aarch64.rpm rubygem-bson-debuginfo-4.3.0-2.module+el8.1.0+3656+f80bfa1d.aarch64.rpm rubygem-bson-debugsource-4.3.0-2.module+el8.1.0+3656+f80bfa1d.aarch64.rpm rubygem-io-console-0.4.6-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm rubygem-io-console-debuginfo-0.4.6-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm rubygem-json-2.1.0-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm rubygem-json-debuginfo-2.1.0-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm rubygem-mysql2-0.4.10-4.module+el8.1.0+3656+f80bfa1d.aarch64.rpm rubygem-mysql2-debuginfo-0.4.10-4.module+el8.1.0+3656+f80bfa1d.aarch64.rpm rubygem-mysql2-debugsource-0.4.10-4.module+el8.1.0+3656+f80bfa1d.aarch64.rpm rubygem-openssl-2.1.2-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm rubygem-openssl-debuginfo-2.1.2-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm rubygem-pg-1.0.0-2.module+el8.1.0+3656+f80bfa1d.aarch64.rpm rubygem-pg-debuginfo-1.0.0-2.module+el8.1.0+3656+f80bfa1d.aarch64.rpm rubygem-pg-debugsource-1.0.0-2.module+el8.1.0+3656+f80bfa1d.aarch64.rpm rubygem-psych-3.0.2-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm rubygem-psych-debuginfo-3.0.2-107.module+el8.4.0+10822+fe4fffb1.aarch64.rpm noarch: ruby-doc-2.5.9-107.module+el8.4.0+10822+fe4fffb1.noarch.rpm ruby-irb-2.5.9-107.module+el8.4.0+10822+fe4fffb1.noarch.rpm rubygem-abrt-0.3.0-4.module+el8.1.0+3656+f80bfa1d.noarch.rpm rubygem-abrt-doc-0.3.0-4.module+el8.1.0+3656+f80bfa1d.noarch.rpm rubygem-bson-doc-4.3.0-2.module+el8.1.0+3656+f80bfa1d.noarch.rpm rubygem-bundler-1.16.1-4.module+el8.4.0+14083+f9ece6dd.noarch.rpm rubygem-bundler-doc-1.16.1-4.module+el8.4.0+14083+f9ece6dd.noarch.rpm rubygem-did_you_mean-1.2.0-107.module+el8.4.0+10822+fe4fffb1.noarch.rpm rubygem-minitest-5.10.3-107.module+el8.4.0+10822+fe4fffb1.noarch.rpm rubygem-mongo-2.5.1-2.module+el8.1.0+3656+f80bfa1d.noarch.rpm rubygem-mongo-doc-2.5.1-2.module+el8.1.0+3656+f80bfa1d.noarch.rpm rubygem-mysql2-doc-0.4.10-4.module+el8.1.0+3656+f80bfa1d.noarch.rpm rubygem-net-telnet-0.1.1-107.module+el8.4.0+10822+fe4fffb1.noarch.rpm rubygem-pg-doc-1.0.0-2.module+el8.1.0+3656+f80bfa1d.noarch.rpm rubygem-power_assert-1.1.1-107.module+el8.4.0+10822+fe4fffb1.noarch.rpm rubygem-rake-12.3.3-107.module+el8.4.0+10822+fe4fffb1.noarch.rpm rubygem-rdoc-6.0.1.1-107.module+el8.4.0+10822+fe4fffb1.noarch.rpm rubygem-test-unit-3.2.7-107.module+el8.4.0+10822+fe4fffb1.noarch.rpm rubygem-xmlrpc-0.3.0-107.module+el8.4.0+10822+fe4fffb1.noarch.rpm rubygems-2.7.6.3-107.module+el8.4.0+10822+fe4fffb1.noarch.rpm rubygems-devel-2.7.6.3-107.module+el8.4.0+10822+fe4fffb1.noarch.rpm ppc64le: ruby-2.5.9-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm ruby-debuginfo-2.5.9-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm ruby-debugsource-2.5.9-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm ruby-devel-2.5.9-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm ruby-libs-2.5.9-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm ruby-libs-debuginfo-2.5.9-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm rubygem-bigdecimal-1.3.4-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm rubygem-bigdecimal-debuginfo-1.3.4-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm rubygem-bson-4.3.0-2.module+el8.1.0+3656+f80bfa1d.ppc64le.rpm rubygem-bson-debuginfo-4.3.0-2.module+el8.1.0+3656+f80bfa1d.ppc64le.rpm rubygem-bson-debugsource-4.3.0-2.module+el8.1.0+3656+f80bfa1d.ppc64le.rpm rubygem-io-console-0.4.6-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm rubygem-io-console-debuginfo-0.4.6-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm rubygem-json-2.1.0-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm rubygem-json-debuginfo-2.1.0-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm rubygem-mysql2-0.4.10-4.module+el8.1.0+3656+f80bfa1d.ppc64le.rpm rubygem-mysql2-debuginfo-0.4.10-4.module+el8.1.0+3656+f80bfa1d.ppc64le.rpm rubygem-mysql2-debugsource-0.4.10-4.module+el8.1.0+3656+f80bfa1d.ppc64le.rpm rubygem-openssl-2.1.2-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm rubygem-openssl-debuginfo-2.1.2-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm rubygem-pg-1.0.0-2.module+el8.1.0+3656+f80bfa1d.ppc64le.rpm rubygem-pg-debuginfo-1.0.0-2.module+el8.1.0+3656+f80bfa1d.ppc64le.rpm rubygem-pg-debugsource-1.0.0-2.module+el8.1.0+3656+f80bfa1d.ppc64le.rpm rubygem-psych-3.0.2-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm rubygem-psych-debuginfo-3.0.2-107.module+el8.4.0+10822+fe4fffb1.ppc64le.rpm s390x: ruby-2.5.9-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm ruby-debuginfo-2.5.9-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm ruby-debugsource-2.5.9-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm ruby-devel-2.5.9-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm ruby-libs-2.5.9-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm ruby-libs-debuginfo-2.5.9-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm rubygem-bigdecimal-1.3.4-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm rubygem-bigdecimal-debuginfo-1.3.4-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm rubygem-bson-4.3.0-2.module+el8.1.0+3656+f80bfa1d.s390x.rpm rubygem-bson-debuginfo-4.3.0-2.module+el8.1.0+3656+f80bfa1d.s390x.rpm rubygem-bson-debugsource-4.3.0-2.module+el8.1.0+3656+f80bfa1d.s390x.rpm rubygem-io-console-0.4.6-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm rubygem-io-console-debuginfo-0.4.6-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm rubygem-json-2.1.0-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm rubygem-json-debuginfo-2.1.0-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm rubygem-mysql2-0.4.10-4.module+el8.1.0+3656+f80bfa1d.s390x.rpm rubygem-mysql2-debuginfo-0.4.10-4.module+el8.1.0+3656+f80bfa1d.s390x.rpm rubygem-mysql2-debugsource-0.4.10-4.module+el8.1.0+3656+f80bfa1d.s390x.rpm rubygem-openssl-2.1.2-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm rubygem-openssl-debuginfo-2.1.2-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm rubygem-pg-1.0.0-2.module+el8.1.0+3656+f80bfa1d.s390x.rpm rubygem-pg-debuginfo-1.0.0-2.module+el8.1.0+3656+f80bfa1d.s390x.rpm rubygem-pg-debugsource-1.0.0-2.module+el8.1.0+3656+f80bfa1d.s390x.rpm rubygem-psych-3.0.2-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm rubygem-psych-debuginfo-3.0.2-107.module+el8.4.0+10822+fe4fffb1.s390x.rpm x86_64: ruby-2.5.9-107.module+el8.4.0+10822+fe4fffb1.i686.rpm ruby-2.5.9-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm ruby-debuginfo-2.5.9-107.module+el8.4.0+10822+fe4fffb1.i686.rpm ruby-debuginfo-2.5.9-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm ruby-debugsource-2.5.9-107.module+el8.4.0+10822+fe4fffb1.i686.rpm ruby-debugsource-2.5.9-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm ruby-devel-2.5.9-107.module+el8.4.0+10822+fe4fffb1.i686.rpm ruby-devel-2.5.9-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm ruby-libs-2.5.9-107.module+el8.4.0+10822+fe4fffb1.i686.rpm ruby-libs-2.5.9-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm ruby-libs-debuginfo-2.5.9-107.module+el8.4.0+10822+fe4fffb1.i686.rpm ruby-libs-debuginfo-2.5.9-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm rubygem-bigdecimal-1.3.4-107.module+el8.4.0+10822+fe4fffb1.i686.rpm rubygem-bigdecimal-1.3.4-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm rubygem-bigdecimal-debuginfo-1.3.4-107.module+el8.4.0+10822+fe4fffb1.i686.rpm rubygem-bigdecimal-debuginfo-1.3.4-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm rubygem-bson-4.3.0-2.module+el8.1.0+3656+f80bfa1d.x86_64.rpm rubygem-bson-debuginfo-4.3.0-2.module+el8.1.0+3656+f80bfa1d.x86_64.rpm rubygem-bson-debugsource-4.3.0-2.module+el8.1.0+3656+f80bfa1d.x86_64.rpm rubygem-io-console-0.4.6-107.module+el8.4.0+10822+fe4fffb1.i686.rpm rubygem-io-console-0.4.6-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm rubygem-io-console-debuginfo-0.4.6-107.module+el8.4.0+10822+fe4fffb1.i686.rpm rubygem-io-console-debuginfo-0.4.6-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm rubygem-json-2.1.0-107.module+el8.4.0+10822+fe4fffb1.i686.rpm rubygem-json-2.1.0-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm rubygem-json-debuginfo-2.1.0-107.module+el8.4.0+10822+fe4fffb1.i686.rpm rubygem-json-debuginfo-2.1.0-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm rubygem-mysql2-0.4.10-4.module+el8.1.0+3656+f80bfa1d.x86_64.rpm rubygem-mysql2-debuginfo-0.4.10-4.module+el8.1.0+3656+f80bfa1d.x86_64.rpm rubygem-mysql2-debugsource-0.4.10-4.module+el8.1.0+3656+f80bfa1d.x86_64.rpm rubygem-openssl-2.1.2-107.module+el8.4.0+10822+fe4fffb1.i686.rpm rubygem-openssl-2.1.2-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm rubygem-openssl-debuginfo-2.1.2-107.module+el8.4.0+10822+fe4fffb1.i686.rpm rubygem-openssl-debuginfo-2.1.2-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm rubygem-pg-1.0.0-2.module+el8.1.0+3656+f80bfa1d.x86_64.rpm rubygem-pg-debuginfo-1.0.0-2.module+el8.1.0+3656+f80bfa1d.x86_64.rpm rubygem-pg-debugsource-1.0.0-2.module+el8.1.0+3656+f80bfa1d.x86_64.rpm rubygem-psych-3.0.2-107.module+el8.4.0+10822+fe4fffb1.i686.rpm rubygem-psych-3.0.2-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm rubygem-psych-debuginfo-3.0.2-107.module+el8.4.0+10822+fe4fffb1.i686.rpm rubygem-psych-debuginfo-3.0.2-107.module+el8.4.0+10822+fe4fffb1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-36327 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/6206172 8. Contact: The Red Hatsecurity contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYg0w49zjgjWX9erEAQgBnxAAj8pazBEuoKYFD7a7TkqTXx7T3DsXJdIe lKmGpkkOq/gmY/htJjggH1uvCgPPBS42fjib8x8TZFtErCnxudNdRechCq5f6m7Q WZBnLtRScR0Hmg79I6Ik8mTY+3P2qV8M2QVn1jVQNRljubenBhXFvIgN5ezwWQOG WCSAgHoUKAY+ShOl2PlgbkepMmC3PFNFLXq/S8bJ9vGYvZiTNMaGVlA8UfvkNd+1 XvISeLFlruBJkAaG6Cgn+yB0G6Yy3hCn9LmQs7VPCi2l5gri2mcl3IEi5W9UrKNZ MPFCpWbS0IDtpJNZ+HNidrfG2QgaOHpoiJaZlzYfajLZE/JgI8Staih6nit9m2OG hXOVuzkm45keoCO7NnU7mPYfjzHe/hy3a0r/t3PddFR7bokWhEMKgRReq1ODP6JE ezveq3wCOua+qiGmeMcAxzI/bYDe561XwJMdE5ZVgMkRotzBXOHL0N7mIBcP34sZ ID0YyL2kRQUAt3w77eXvJIWIrmR3cutfedyTsziuYWzQuKCo7vO6ugo1310qG018 Dcgxg8/adULcoG6KOeWTKgQB9DK+T9N82vz4IrIF7mwJ6F+iNZ0OSLyC848QLgNU OL1HNZHGSBmeoD8MXpyQLzZSjO3jE1IwsueGAPbypPuY9d4ikVOiVDiRiSyuG8fS 3r8V41n78W0=Atq5 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Ruby 2.6 security patch for CentOS. Urgent notice regarding possible vulnerabilities and solutions accessible at this time.. Red Hat, Ruby Update, Security Impact, Software Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 16, 2022 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderateRed Hat

Red Hat Enterprise Linux 8 RHSA-2021-2588 Moderate: Ruby Fix

An update for the ruby:2.6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: ruby:2.6 security, bug fix, and enhancement update Advisory ID: RHSA-2021:2588-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2588 Issue date: 2021-06-29 CVE Names: CVE-2019-3881 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2020-10663 CVE-2020-10933 CVE-2020-25613 CVE-2021-28965 ==================================================================== 1. Summary: An update for the ruby:2.6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby (2.6.7). (BZ#1952627) Security Fix(es): * rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code (CVE-2019-3881) * ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? (CVE-2019-15845) * ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication (CVE-2019-16201) * ruby: Code injection viacommand argument of Shell#test / Shell#[] (CVE-2019-16255) * rubygem-json: Unsafe object creation vulnerability in JSON (CVE-2020-10663) * ruby: BasicSocket#read_nonblock method leads to information disclosure (CVE-2020-10933) * ruby: Potential HTTP request smuggling in WEBrick (CVE-2020-25613) * ruby: XML round-trip vulnerability in REXML (CVE-2021-28965) * ruby: HTTP response splitting in WEBrick (CVE-2019-16254) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Resolv::DNS: ruby:2.6/ruby: timeouts if multiple IPv6 name servers are given and address contains leading zero [rhel-8] (BZ#1954968) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1651826 - CVE-2019-3881 rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code 1773728 - CVE-2019-16201 ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication 1789407 - CVE-2019-15845 ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? 1789556 - CVE-2019-16254 ruby: HTTP response splitting in WEBrick 1793683 - CVE-2019-16255 ruby: Code injection via command argument of Shell#test / Shell#[] 1827500 - CVE-2020-10663 rubygem-json: Unsafe object creation vulnerability in JSON 1833291 - CVE-2020-10933 ruby: BasicSocket#read_nonblock method leads to information disclosure 1883623 - CVE-2020-25613 ruby: Potential HTTP request smuggling in WEBrick 1947526 - CVE-2021-28965 ruby: XML round-trip vulnerability in REXML 1952627 - Rebase to the latest Ruby 2.6 point release [rhel-8] [rhel-8.4.0.z] 1954968 - Resolv::DNS: ruby:2.6/ruby: timeouts if multiple IPv6 name servers are given and address contains leading zero [rhel-8] [rhel-8.4.0.z] 6. Package List: Red HatEnterprise Linux AppStream (v.8): Source: ruby-2.6.7-107.module+el8.4.0+10830+bbd85cce.src.rpm rubygem-abrt-0.3.0-4.module+el8.1.0+3653+beb38eb0.src.rpm rubygem-bson-4.5.0-1.module+el8.1.0+3653+beb38eb0.src.rpm rubygem-mongo-2.8.0-1.module+el8.1.0+3653+beb38eb0.src.rpm rubygem-mysql2-0.5.2-1.module+el8.1.0+3653+beb38eb0.src.rpm rubygem-pg-1.1.4-1.module+el8.1.0+3653+beb38eb0.src.rpm aarch64: ruby-2.6.7-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm ruby-debuginfo-2.6.7-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm ruby-debugsource-2.6.7-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm ruby-devel-2.6.7-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm ruby-libs-2.6.7-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm ruby-libs-debuginfo-2.6.7-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm rubygem-bigdecimal-1.4.1-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm rubygem-bigdecimal-debuginfo-1.4.1-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm rubygem-bson-4.5.0-1.module+el8.1.0+3653+beb38eb0.aarch64.rpm rubygem-bson-debuginfo-4.5.0-1.module+el8.1.0+3653+beb38eb0.aarch64.rpm rubygem-bson-debugsource-4.5.0-1.module+el8.1.0+3653+beb38eb0.aarch64.rpm rubygem-io-console-0.4.7-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm rubygem-io-console-debuginfo-0.4.7-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm rubygem-json-2.1.0-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm rubygem-json-debuginfo-2.1.0-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm rubygem-mysql2-0.5.2-1.module+el8.1.0+3653+beb38eb0.aarch64.rpm rubygem-mysql2-debuginfo-0.5.2-1.module+el8.1.0+3653+beb38eb0.aarch64.rpm rubygem-mysql2-debugsource-0.5.2-1.module+el8.1.0+3653+beb38eb0.aarch64.rpm rubygem-openssl-2.1.2-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm rubygem-openssl-debuginfo-2.1.2-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm rubygem-pg-1.1.4-1.module+el8.1.0+3653+beb38eb0.aarch64.rpm rubygem-pg-debuginfo-1.1.4-1.module+el8.1.0+3653+beb38eb0.aarch64.rpm rubygem-pg-debugsource-1.1.4-1.module+el8.1.0+3653+beb38eb0.aarch64.rpm rubygem-psych-3.1.0-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm rubygem-psych-debuginfo-3.1.0-107.module+el8.4.0+10830+bbd85cce.aarch64.rpm noarch: ruby-doc-2.6.7-107.module+el8.4.0+10830+bbd85cce.noarch.rpm rubygem-abrt-0.3.0-4.module+el8.1.0+3653+beb38eb0.noarch.rpm rubygem-abrt-doc-0.3.0-4.module+el8.1.0+3653+beb38eb0.noarch.rpm rubygem-bson-doc-4.5.0-1.module+el8.1.0+3653+beb38eb0.noarch.rpm rubygem-bundler-1.17.2-107.module+el8.4.0+10830+bbd85cce.noarch.rpm rubygem-did_you_mean-1.3.0-107.module+el8.4.0+10830+bbd85cce.noarch.rpm rubygem-irb-1.0.0-107.module+el8.4.0+10830+bbd85cce.noarch.rpm rubygem-minitest-5.11.3-107.module+el8.4.0+10830+bbd85cce.noarch.rpm rubygem-mongo-2.8.0-1.module+el8.1.0+3653+beb38eb0.noarch.rpm rubygem-mongo-doc-2.8.0-1.module+el8.1.0+3653+beb38eb0.noarch.rpm rubygem-mysql2-doc-0.5.2-1.module+el8.1.0+3653+beb38eb0.noarch.rpm rubygem-net-telnet-0.2.0-107.module+el8.4.0+10830+bbd85cce.noarch.rpm rubygem-pg-doc-1.1.4-1.module+el8.1.0+3653+beb38eb0.noarch.rpm rubygem-power_assert-1.1.3-107.module+el8.4.0+10830+bbd85cce.noarch.rpm rubygem-rake-12.3.3-107.module+el8.4.0+10830+bbd85cce.noarch.rpm rubygem-rdoc-6.1.2-107.module+el8.4.0+10830+bbd85cce.noarch.rpm rubygem-test-unit-3.2.9-107.module+el8.4.0+10830+bbd85cce.noarch.rpm rubygem-xmlrpc-0.3.0-107.module+el8.4.0+10830+bbd85cce.noarch.rpm rubygems-3.0.3.1-107.module+el8.4.0+10830+bbd85cce.noarch.rpm rubygems-devel-3.0.3.1-107.module+el8.4.0+10830+bbd85cce.noarch.rpm ppc64le: ruby-2.6.7-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm ruby-debuginfo-2.6.7-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm ruby-debugsource-2.6.7-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm ruby-devel-2.6.7-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm ruby-libs-2.6.7-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm ruby-libs-debuginfo-2.6.7-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm rubygem-bigdecimal-1.4.1-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm rubygem-bigdecimal-debuginfo-1.4.1-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm rubygem-bson-4.5.0-1.module+el8.1.0+3653+beb38eb0.ppc64le.rpm rubygem-bson-debuginfo-4.5.0-1.module+el8.1.0+3653+beb38eb0.ppc64le.rpm rubygem-bson-debugsource-4.5.0-1.module+el8.1.0+3653+beb38eb0.ppc64le.rpm rubygem-io-console-0.4.7-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm rubygem-io-console-debuginfo-0.4.7-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm rubygem-json-2.1.0-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm rubygem-json-debuginfo-2.1.0-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm rubygem-mysql2-0.5.2-1.module+el8.1.0+3653+beb38eb0.ppc64le.rpm rubygem-mysql2-debuginfo-0.5.2-1.module+el8.1.0+3653+beb38eb0.ppc64le.rpm rubygem-mysql2-debugsource-0.5.2-1.module+el8.1.0+3653+beb38eb0.ppc64le.rpm rubygem-openssl-2.1.2-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm rubygem-openssl-debuginfo-2.1.2-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm rubygem-pg-1.1.4-1.module+el8.1.0+3653+beb38eb0.ppc64le.rpm rubygem-pg-debuginfo-1.1.4-1.module+el8.1.0+3653+beb38eb0.ppc64le.rpm rubygem-pg-debugsource-1.1.4-1.module+el8.1.0+3653+beb38eb0.ppc64le.rpm rubygem-psych-3.1.0-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm rubygem-psych-debuginfo-3.1.0-107.module+el8.4.0+10830+bbd85cce.ppc64le.rpm s390x: ruby-2.6.7-107.module+el8.4.0+10830+bbd85cce.s390x.rpm ruby-debuginfo-2.6.7-107.module+el8.4.0+10830+bbd85cce.s390x.rpm ruby-debugsource-2.6.7-107.module+el8.4.0+10830+bbd85cce.s390x.rpm ruby-devel-2.6.7-107.module+el8.4.0+10830+bbd85cce.s390x.rpm ruby-libs-2.6.7-107.module+el8.4.0+10830+bbd85cce.s390x.rpm ruby-libs-debuginfo-2.6.7-107.module+el8.4.0+10830+bbd85cce.s390x.rpm rubygem-bigdecimal-1.4.1-107.module+el8.4.0+10830+bbd85cce.s390x.rpm rubygem-bigdecimal-debuginfo-1.4.1-107.module+el8.4.0+10830+bbd85cce.s390x.rpm rubygem-bson-4.5.0-1.module+el8.1.0+3653+beb38eb0.s390x.rpm rubygem-bson-debuginfo-4.5.0-1.module+el8.1.0+3653+beb38eb0.s390x.rpm rubygem-bson-debugsource-4.5.0-1.module+el8.1.0+3653+beb38eb0.s390x.rpm rubygem-io-console-0.4.7-107.module+el8.4.0+10830+bbd85cce.s390x.rpm rubygem-io-console-debuginfo-0.4.7-107.module+el8.4.0+10830+bbd85cce.s390x.rpm rubygem-json-2.1.0-107.module+el8.4.0+10830+bbd85cce.s390x.rpm rubygem-json-debuginfo-2.1.0-107.module+el8.4.0+10830+bbd85cce.s390x.rpm rubygem-mysql2-0.5.2-1.module+el8.1.0+3653+beb38eb0.s390x.rpm rubygem-mysql2-debuginfo-0.5.2-1.module+el8.1.0+3653+beb38eb0.s390x.rpm rubygem-mysql2-debugsource-0.5.2-1.module+el8.1.0+3653+beb38eb0.s390x.rpm rubygem-openssl-2.1.2-107.module+el8.4.0+10830+bbd85cce.s390x.rpm rubygem-openssl-debuginfo-2.1.2-107.module+el8.4.0+10830+bbd85cce.s390x.rpm rubygem-pg-1.1.4-1.module+el8.1.0+3653+beb38eb0.s390x.rpm rubygem-pg-debuginfo-1.1.4-1.module+el8.1.0+3653+beb38eb0.s390x.rpm rubygem-pg-debugsource-1.1.4-1.module+el8.1.0+3653+beb38eb0.s390x.rpm rubygem-psych-3.1.0-107.module+el8.4.0+10830+bbd85cce.s390x.rpm rubygem-psych-debuginfo-3.1.0-107.module+el8.4.0+10830+bbd85cce.s390x.rpm x86_64: ruby-2.6.7-107.module+el8.4.0+10830+bbd85cce.i686.rpm ruby-2.6.7-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm ruby-debuginfo-2.6.7-107.module+el8.4.0+10830+bbd85cce.i686.rpm ruby-debuginfo-2.6.7-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm ruby-debugsource-2.6.7-107.module+el8.4.0+10830+bbd85cce.i686.rpm ruby-debugsource-2.6.7-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm ruby-devel-2.6.7-107.module+el8.4.0+10830+bbd85cce.i686.rpm ruby-devel-2.6.7-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm ruby-libs-2.6.7-107.module+el8.4.0+10830+bbd85cce.i686.rpm ruby-libs-2.6.7-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm ruby-libs-debuginfo-2.6.7-107.module+el8.4.0+10830+bbd85cce.i686.rpm ruby-libs-debuginfo-2.6.7-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm rubygem-bigdecimal-1.4.1-107.module+el8.4.0+10830+bbd85cce.i686.rpm rubygem-bigdecimal-1.4.1-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm rubygem-bigdecimal-debuginfo-1.4.1-107.module+el8.4.0+10830+bbd85cce.i686.rpm rubygem-bigdecimal-debuginfo-1.4.1-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm rubygem-bson-4.5.0-1.module+el8.1.0+3653+beb38eb0.x86_64.rpm rubygem-bson-debuginfo-4.5.0-1.module+el8.1.0+3653+beb38eb0.x86_64.rpm rubygem-bson-debugsource-4.5.0-1.module+el8.1.0+3653+beb38eb0.x86_64.rpm rubygem-io-console-0.4.7-107.module+el8.4.0+10830+bbd85cce.i686.rpm rubygem-io-console-0.4.7-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm rubygem-io-console-debuginfo-0.4.7-107.module+el8.4.0+10830+bbd85cce.i686.rpm rubygem-io-console-debuginfo-0.4.7-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm rubygem-json-2.1.0-107.module+el8.4.0+10830+bbd85cce.i686.rpm rubygem-json-2.1.0-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm rubygem-json-debuginfo-2.1.0-107.module+el8.4.0+10830+bbd85cce.i686.rpm rubygem-json-debuginfo-2.1.0-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm rubygem-mysql2-0.5.2-1.module+el8.1.0+3653+beb38eb0.x86_64.rpm rubygem-mysql2-debuginfo-0.5.2-1.module+el8.1.0+3653+beb38eb0.x86_64.rpm rubygem-mysql2-debugsource-0.5.2-1.module+el8.1.0+3653+beb38eb0.x86_64.rpm rubygem-openssl-2.1.2-107.module+el8.4.0+10830+bbd85cce.i686.rpm rubygem-openssl-2.1.2-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm rubygem-openssl-debuginfo-2.1.2-107.module+el8.4.0+10830+bbd85cce.i686.rpm rubygem-openssl-debuginfo-2.1.2-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm rubygem-pg-1.1.4-1.module+el8.1.0+3653+beb38eb0.x86_64.rpm rubygem-pg-debuginfo-1.1.4-1.module+el8.1.0+3653+beb38eb0.x86_64.rpm rubygem-pg-debugsource-1.1.4-1.module+el8.1.0+3653+beb38eb0.x86_64.rpm rubygem-psych-3.1.0-107.module+el8.4.0+10830+bbd85cce.i686.rpm rubygem-psych-3.1.0-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm rubygem-psych-debuginfo-3.1.0-107.module+el8.4.0+10830+bbd85cce.i686.rpm rubygem-psych-debuginfo-3.1.0-107.module+el8.4.0+10830+bbd85cce.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2019-3881 https://access.redhat.com/security/cve/CVE-2019-15845 https://access.redhat.com/security/cve/CVE-2019-16201 https://access.redhat.com/security/cve/CVE-2019-16254 https://access.redhat.com/security/cve/CVE-2019-16255 https://access.redhat.com/security/cve/CVE-2020-10663 https://access.redhat.com/security/cve/CVE-2020-10933 https://access.redhat.com/security/cve/CVE-2020-25613 https://access.redhat.com/security/cve/CVE-2021-28965 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYNtGW9zjgjWX9erEAQgY1xAAnNSdLir4/UVBqLk9Mri+S4ijLJT8t4rD slt91thxUEsu9Pbo7aJkckpE3cZ5K1ZpkwVPp/gU9ef9v8QTtntt0vL6ZU7LtshC 7rOp8/fACQ2XimNu6rEwO6k8sYQ3/kuOv8+yZsWqQ4TBfbRKir2dhyMuXl6U5sU5 +J8E6mdBQOn478E3thENpX7CLRoLjuuAn033M2mQP3BQdZQqobNHzpUktltYobgS Lb2WH1JS0NIQ6jib7sPwW3TMn6Zin1JQBWyNI5wpEPyaotMr6AnYFG7JND0CrYQs kY86qvuiEiqO7niB82pFCuADLZPBdegyHMnyjSR64yR/dF04bd/Dquqa6vvcYHn9 /Yn3MuKsARW1Vuyf2Km+rVSzqJnMqBL+nIybDagGlyEs2e0VQrnj2W6/utQ8U18o ib78tvt6tgsR9MmufZvpGYCC6+UT0VmsFOC3LSSZV79GSghiEhM4Qr/4aZu1EmZU CNq4kCZFiUVhXDAe4VjyzXahfJDqZPtY/oKFbEeKkspv4QYoAXfarlDTIwgmryPB jS6+B52nQ0YZ5ODtYq0GSpHgIIOltzvBySn8BbkFyr8X10ZArewOOP4RvvaiwJ7D m5l7t2dGUjfwCxw51KMurPUH+41bK9bFOFw9jEReUeJFZt+GVCxYwGFq9yYdQOby tLMGj2+kQ3M=hOdF -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Keep informed about Red Hat's newest guidance on security and bug fixes for ruby:2.6 categorized as moderate.. Ruby Module Update, Security Impact, Red Hat Advisory. . LinuxSecurity.com Team

Calendar 2 Jun 29, 2021 Red Hat
Banner 2 1028x280 1708121730 1 1771599631
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatebug fix

Red Hat Enterprise 8 RHSA-2021-2584 Moderate: Ruby 2.7 Security Fixes

An update for the ruby:2.7 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: ruby:2.7 security, bug fix, and enhancement update Advisory ID: RHSA-2021:2584-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2584 Issue date: 2021-06-29 CVE Names: CVE-2020-25613 CVE-2021-28965 ==================================================================== 1. Summary: An update for the ruby:2.7 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby (2.7.3). (BZ#1951999) Security Fix(es): * ruby: Potential HTTP request smuggling in WEBrick (CVE-2020-25613) * ruby: XML round-trip vulnerability in REXML (CVE-2021-28965) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Resolv::DNS: ruby:2.7/ruby: timeouts if multiple IPv6 name servers are given and address contains leading zero [rhel-8] (BZ#1952000) 4. Solution: Fordetails on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1883623 - CVE-2020-25613 ruby: Potential HTTP request smuggling in WEBrick 1947526 - CVE-2021-28965 ruby: XML round-trip vulnerability in REXML 1951999 - Rebase to the latest Ruby 2.7 point release [rhel-8] [rhel-8.4.0.z] 1952000 - Resolv::DNS: ruby:2.7/ruby: timeouts if multiple IPv6 name servers are given and address contains leading zero [rhel-8] [rhel-8.4.0.z] 6. Package List: Red Hat Enterprise Linux AppStream (v.8): Source: ruby-2.7.3-136.module+el8.4.0+10728+4c884998.src.rpm rubygem-abrt-0.4.0-1.module+el8.3.0+7192+4e3a532a.src.rpm rubygem-bson-4.8.1-1.module+el8.3.0+7192+4e3a532a.src.rpm rubygem-mongo-2.11.3-1.module+el8.3.0+7192+4e3a532a.src.rpm rubygem-mysql2-0.5.3-1.module+el8.3.0+7192+4e3a532a.src.rpm rubygem-pg-1.2.3-1.module+el8.3.0+7192+4e3a532a.src.rpm aarch64: ruby-2.7.3-136.module+el8.4.0+10728+4c884998.aarch64.rpm ruby-debuginfo-2.7.3-136.module+el8.4.0+10728+4c884998.aarch64.rpm ruby-debugsource-2.7.3-136.module+el8.4.0+10728+4c884998.aarch64.rpm ruby-devel-2.7.3-136.module+el8.4.0+10728+4c884998.aarch64.rpm ruby-libs-2.7.3-136.module+el8.4.0+10728+4c884998.aarch64.rpm ruby-libs-debuginfo-2.7.3-136.module+el8.4.0+10728+4c884998.aarch64.rpm rubygem-bigdecimal-2.0.0-136.module+el8.4.0+10728+4c884998.aarch64.rpm rubygem-bigdecimal-debuginfo-2.0.0-136.module+el8.4.0+10728+4c884998.aarch64.rpm rubygem-bson-4.8.1-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm rubygem-bson-debuginfo-4.8.1-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm rubygem-bson-debugsource-4.8.1-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm rubygem-io-console-0.5.6-136.module+el8.4.0+10728+4c884998.aarch64.rpm rubygem-io-console-debuginfo-0.5.6-136.module+el8.4.0+10728+4c884998.aarch64.rpm rubygem-json-2.3.0-136.module+el8.4.0+10728+4c884998.aarch64.rpm rubygem-json-debuginfo-2.3.0-136.module+el8.4.0+10728+4c884998.aarch64.rpm rubygem-mysql2-0.5.3-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm rubygem-mysql2-debuginfo-0.5.3-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm rubygem-mysql2-debugsource-0.5.3-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm rubygem-openssl-2.1.2-136.module+el8.4.0+10728+4c884998.aarch64.rpm rubygem-openssl-debuginfo-2.1.2-136.module+el8.4.0+10728+4c884998.aarch64.rpm rubygem-pg-1.2.3-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm rubygem-pg-debuginfo-1.2.3-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm rubygem-pg-debugsource-1.2.3-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm rubygem-psych-3.1.0-136.module+el8.4.0+10728+4c884998.aarch64.rpm rubygem-psych-debuginfo-3.1.0-136.module+el8.4.0+10728+4c884998.aarch64.rpm noarch: ruby-default-gems-2.7.3-136.module+el8.4.0+10728+4c884998.noarch.rpm ruby-doc-2.7.3-136.module+el8.4.0+10728+4c884998.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.3.0+7192+4e3a532a.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.3.0+7192+4e3a532a.noarch.rpm rubygem-bson-doc-4.8.1-1.module+el8.3.0+7192+4e3a532a.noarch.rpm rubygem-bundler-2.1.4-136.module+el8.4.0+10728+4c884998.noarch.rpm rubygem-irb-1.2.6-136.module+el8.4.0+10728+4c884998.noarch.rpm rubygem-minitest-5.13.0-136.module+el8.4.0+10728+4c884998.noarch.rpm rubygem-mongo-2.11.3-1.module+el8.3.0+7192+4e3a532a.noarch.rpm rubygem-mongo-doc-2.11.3-1.module+el8.3.0+7192+4e3a532a.noarch.rpm rubygem-mysql2-doc-0.5.3-1.module+el8.3.0+7192+4e3a532a.noarch.rpm rubygem-net-telnet-0.2.0-136.module+el8.4.0+10728+4c884998.noarch.rpm rubygem-pg-doc-1.2.3-1.module+el8.3.0+7192+4e3a532a.noarch.rpm rubygem-power_assert-1.1.7-136.module+el8.4.0+10728+4c884998.noarch.rpm rubygem-rake-13.0.1-136.module+el8.4.0+10728+4c884998.noarch.rpm rubygem-rdoc-6.2.1-136.module+el8.4.0+10728+4c884998.noarch.rpm rubygem-test-unit-3.3.4-136.module+el8.4.0+10728+4c884998.noarch.rpm rubygem-xmlrpc-0.3.0-136.module+el8.4.0+10728+4c884998.noarch.rpm rubygems-3.1.6-136.module+el8.4.0+10728+4c884998.noarch.rpm rubygems-devel-3.1.6-136.module+el8.4.0+10728+4c884998.noarch.rpm ppc64le: ruby-2.7.3-136.module+el8.4.0+10728+4c884998.ppc64le.rpm ruby-debuginfo-2.7.3-136.module+el8.4.0+10728+4c884998.ppc64le.rpm ruby-debugsource-2.7.3-136.module+el8.4.0+10728+4c884998.ppc64le.rpm ruby-devel-2.7.3-136.module+el8.4.0+10728+4c884998.ppc64le.rpm ruby-libs-2.7.3-136.module+el8.4.0+10728+4c884998.ppc64le.rpm ruby-libs-debuginfo-2.7.3-136.module+el8.4.0+10728+4c884998.ppc64le.rpm rubygem-bigdecimal-2.0.0-136.module+el8.4.0+10728+4c884998.ppc64le.rpm rubygem-bigdecimal-debuginfo-2.0.0-136.module+el8.4.0+10728+4c884998.ppc64le.rpm rubygem-bson-4.8.1-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm rubygem-bson-debuginfo-4.8.1-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm rubygem-bson-debugsource-4.8.1-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm rubygem-io-console-0.5.6-136.module+el8.4.0+10728+4c884998.ppc64le.rpm rubygem-io-console-debuginfo-0.5.6-136.module+el8.4.0+10728+4c884998.ppc64le.rpm rubygem-json-2.3.0-136.module+el8.4.0+10728+4c884998.ppc64le.rpm rubygem-json-debuginfo-2.3.0-136.module+el8.4.0+10728+4c884998.ppc64le.rpm rubygem-mysql2-0.5.3-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm rubygem-mysql2-debuginfo-0.5.3-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm rubygem-mysql2-debugsource-0.5.3-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm rubygem-openssl-2.1.2-136.module+el8.4.0+10728+4c884998.ppc64le.rpm rubygem-openssl-debuginfo-2.1.2-136.module+el8.4.0+10728+4c884998.ppc64le.rpm rubygem-pg-1.2.3-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm rubygem-pg-debuginfo-1.2.3-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm rubygem-pg-debugsource-1.2.3-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm rubygem-psych-3.1.0-136.module+el8.4.0+10728+4c884998.ppc64le.rpm rubygem-psych-debuginfo-3.1.0-136.module+el8.4.0+10728+4c884998.ppc64le.rpm s390x: ruby-2.7.3-136.module+el8.4.0+10728+4c884998.s390x.rpm ruby-debuginfo-2.7.3-136.module+el8.4.0+10728+4c884998.s390x.rpm ruby-debugsource-2.7.3-136.module+el8.4.0+10728+4c884998.s390x.rpm ruby-devel-2.7.3-136.module+el8.4.0+10728+4c884998.s390x.rpm ruby-libs-2.7.3-136.module+el8.4.0+10728+4c884998.s390x.rpm ruby-libs-debuginfo-2.7.3-136.module+el8.4.0+10728+4c884998.s390x.rpm rubygem-bigdecimal-2.0.0-136.module+el8.4.0+10728+4c884998.s390x.rpm rubygem-bigdecimal-debuginfo-2.0.0-136.module+el8.4.0+10728+4c884998.s390x.rpm rubygem-bson-4.8.1-1.module+el8.3.0+7192+4e3a532a.s390x.rpm rubygem-bson-debuginfo-4.8.1-1.module+el8.3.0+7192+4e3a532a.s390x.rpm rubygem-bson-debugsource-4.8.1-1.module+el8.3.0+7192+4e3a532a.s390x.rpm rubygem-io-console-0.5.6-136.module+el8.4.0+10728+4c884998.s390x.rpm rubygem-io-console-debuginfo-0.5.6-136.module+el8.4.0+10728+4c884998.s390x.rpm rubygem-json-2.3.0-136.module+el8.4.0+10728+4c884998.s390x.rpm rubygem-json-debuginfo-2.3.0-136.module+el8.4.0+10728+4c884998.s390x.rpm rubygem-mysql2-0.5.3-1.module+el8.3.0+7192+4e3a532a.s390x.rpm rubygem-mysql2-debuginfo-0.5.3-1.module+el8.3.0+7192+4e3a532a.s390x.rpm rubygem-mysql2-debugsource-0.5.3-1.module+el8.3.0+7192+4e3a532a.s390x.rpm rubygem-openssl-2.1.2-136.module+el8.4.0+10728+4c884998.s390x.rpm rubygem-openssl-debuginfo-2.1.2-136.module+el8.4.0+10728+4c884998.s390x.rpm rubygem-pg-1.2.3-1.module+el8.3.0+7192+4e3a532a.s390x.rpm rubygem-pg-debuginfo-1.2.3-1.module+el8.3.0+7192+4e3a532a.s390x.rpm rubygem-pg-debugsource-1.2.3-1.module+el8.3.0+7192+4e3a532a.s390x.rpm rubygem-psych-3.1.0-136.module+el8.4.0+10728+4c884998.s390x.rpm rubygem-psych-debuginfo-3.1.0-136.module+el8.4.0+10728+4c884998.s390x.rpm x86_64: ruby-2.7.3-136.module+el8.4.0+10728+4c884998.i686.rpm ruby-2.7.3-136.module+el8.4.0+10728+4c884998.x86_64.rpm ruby-debuginfo-2.7.3-136.module+el8.4.0+10728+4c884998.i686.rpm ruby-debuginfo-2.7.3-136.module+el8.4.0+10728+4c884998.x86_64.rpm ruby-debugsource-2.7.3-136.module+el8.4.0+10728+4c884998.i686.rpm ruby-debugsource-2.7.3-136.module+el8.4.0+10728+4c884998.x86_64.rpm ruby-devel-2.7.3-136.module+el8.4.0+10728+4c884998.i686.rpm ruby-devel-2.7.3-136.module+el8.4.0+10728+4c884998.x86_64.rpm ruby-libs-2.7.3-136.module+el8.4.0+10728+4c884998.i686.rpm ruby-libs-2.7.3-136.module+el8.4.0+10728+4c884998.x86_64.rpm ruby-libs-debuginfo-2.7.3-136.module+el8.4.0+10728+4c884998.i686.rpm ruby-libs-debuginfo-2.7.3-136.module+el8.4.0+10728+4c884998.x86_64.rpm rubygem-bigdecimal-2.0.0-136.module+el8.4.0+10728+4c884998.i686.rpm rubygem-bigdecimal-2.0.0-136.module+el8.4.0+10728+4c884998.x86_64.rpm rubygem-bigdecimal-debuginfo-2.0.0-136.module+el8.4.0+10728+4c884998.i686.rpm rubygem-bigdecimal-debuginfo-2.0.0-136.module+el8.4.0+10728+4c884998.x86_64.rpm rubygem-bson-4.8.1-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm rubygem-bson-debuginfo-4.8.1-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm rubygem-bson-debugsource-4.8.1-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm rubygem-io-console-0.5.6-136.module+el8.4.0+10728+4c884998.i686.rpm rubygem-io-console-0.5.6-136.module+el8.4.0+10728+4c884998.x86_64.rpm rubygem-io-console-debuginfo-0.5.6-136.module+el8.4.0+10728+4c884998.i686.rpm rubygem-io-console-debuginfo-0.5.6-136.module+el8.4.0+10728+4c884998.x86_64.rpm rubygem-json-2.3.0-136.module+el8.4.0+10728+4c884998.i686.rpm rubygem-json-2.3.0-136.module+el8.4.0+10728+4c884998.x86_64.rpm rubygem-json-debuginfo-2.3.0-136.module+el8.4.0+10728+4c884998.i686.rpm rubygem-json-debuginfo-2.3.0-136.module+el8.4.0+10728+4c884998.x86_64.rpm rubygem-mysql2-0.5.3-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm rubygem-mysql2-debuginfo-0.5.3-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm rubygem-mysql2-debugsource-0.5.3-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm rubygem-openssl-2.1.2-136.module+el8.4.0+10728+4c884998.i686.rpm rubygem-openssl-2.1.2-136.module+el8.4.0+10728+4c884998.x86_64.rpm rubygem-openssl-debuginfo-2.1.2-136.module+el8.4.0+10728+4c884998.i686.rpm rubygem-openssl-debuginfo-2.1.2-136.module+el8.4.0+10728+4c884998.x86_64.rpm rubygem-pg-1.2.3-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm rubygem-pg-debuginfo-1.2.3-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm rubygem-pg-debugsource-1.2.3-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm rubygem-psych-3.1.0-136.module+el8.4.0+10728+4c884998.i686.rpm rubygem-psych-3.1.0-136.module+el8.4.0+10728+4c884998.x86_64.rpm rubygem-psych-debuginfo-3.1.0-136.module+el8.4.0+10728+4c884998.i686.rpm rubygem-psych-debuginfo-3.1.0-136.module+el8.4.0+10728+4c884998.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-25613 https://access.redhat.com/security/cve/CVE-2021-28965 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGPSIGNATURE----- Version: GnuPG v1 iQIVAwUBYNtF1tzjgjWX9erEAQiPOA/+NJflxZNWygxwsVT1tHgSDByKhvw1Tse7 CmITNGCybHhmdl4FiAj05ASP1AjBT0KBB1FqjY4y/Pk+7bZGolk2UFDn9l0wBOo1 tJ8eFy7XQLquSW0X3G0JvcDDUuMoqiwT14eJUc+A0YluYjIhfxXBhRe4mZuHaJkK PA+oO0RvMFSL1fpSlOS1/WbyJNguCOntxnDjt7tJaP+w6GzYsWNMBpNZa5xVoDDt ADffawk/yZ70IyvgJU9Y/G0Qop4YXw7Xv1IC0QdTR09d8Ub+mtOkKyUtbcS0xzet P3oUiRJ5gl2j6aLZy0CuF/aJVLi4uzJehX2G2C9JZq18Yzji3juuAfW6QXF2+ulq eCW5baP4sY/425XiItusum1zpXZuEsyE4otH4dK24PWxB34HuqJHgJpxo6NkHOlK WxiNYTP0nHThbWK6QNL4yjKZCUSwW+gnc55OIeQfuIdfWwRgkDg/h/wVLZMdThaU M+9XL9xSUlagUgtHEnfFZzh3MsJ9Xvom3qQmLWBlhvrc3NqMTgvF8P7jfD1NJB4o mc4RPRRNu/YZxyd74veS9C9hHzRZpNSb0PhS+M5je0mrbDaW/ARZUni4J3bN0ldd XmA0xPtHWd2GrqCYcKzrBPzC5J1DUyxnNuZPSAG/kqwBOGVZGj0WLxIF8lo4T2S+ 2Y9tsdGDJpo=91q1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . An update for Ruby 2.7 is now available on Red Hat Enterprise Linux, tackling some moderate security vulnerabilities and resolving several bugs.. Ruby Update, Red Hat Security, Security Enhancement, Linux Bug Fix. . LinuxSecurity.com Team

Calendar 2 Jun 29, 2021 Red Hat
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebiandirectory traversal

Debian Jessie DLA-1467-1: Ruby-Zip Directory Traversal Risk Repair

It was found that rubyzip, a Ruby module for reading and writing zip files, contained a Directory Traversal vulnerability that can be exploited to write arbitrary files to the filesystem. . Package : ruby-zip Version : 1.1.6-1+deb8u2 CVE ID : CVE-2018-1000544 Debian Bug : 902720 It was found that rubyzip, a Ruby module for reading and writing zip files, contained a Directory Traversal vulnerability that can be exploited to write arbitrary files to the filesystem. For Debian 8 "Jessie", this problem has been fixed in version 1.1.6-1+deb8u2. We recommend that you upgrade your ruby-zip packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Update ruby-zip to version 1.1.6-1+deb8u2 to address a Directory Traversal vulnerability that permits unauthorized file modifications.. ruby zip security, debian security update, directory traversal patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 15, 2018 Important Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebiancross-site scripting

Debian: DSA-3168-1 Moderate: ruby-redcloth Cross-Site Scripting Fix

Kousuke Ebihara discovered that redcloth, a Ruby module used to convert Textile markup to HTML, did not properly sanitize its input. This allowed a remote attacker to perform a cross-site scripting attack by injecting arbitrary JavaScript code into the . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3168-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Sebastien Delafond February 22, 2015 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ruby-redcloth CVE ID : CVE-2012-6684 Debian Bug : 774748 Kousuke Ebihara discovered that redcloth, a Ruby module used to convert Textile markup to HTML, did not properly sanitize its input. This allowed a remote attacker to perform a cross-site scripting attack by injecting arbitrary JavaScript code into the generated HTML. For the stable distribution (wheezy), this problem has been fixed in version 4.2.9-2+deb7u2. For the unstable distribution (sid), this problem has been fixed in version 4.2.9-4. We recommend that you upgrade your ruby-redcloth packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu Security Notice USN-1234-1 addresses a severe python-django vulnerability, preventing SQL injection exploits.. Ruby Redcloth Security, Debian Update, Cross Site Scripting, Ruby Module, Input Sanitization. . LinuxSecurity.com Team

Calendar 2 Feb 22, 2015 Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here