ELSA-2019-1235

ULN >
Oracle Linux Errata repository >
ELSA-2019-1235

ELSA-2019-1235 - ruby security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2019-05-16

Description

[2.0.0.648-35]
- Introduce method as precondition to fix
CVE-2019-8321.
* rubygems-2.3.0-refactor-checking-really_verbose.patch
- Fix escape sequence injection vulnerability in verbose.
- Fix escape sequence injection vulnerability in gem owner.
- Fix escape sequence injection vulnerability in API response handling.
- Prohibit arbitrary code execution when installing a malicious gem.
- Fix escape sequence injection vulnerability in errors.
* ruby-2.4.6-Applied-security-patches-for-RubyGems.patch
Resolves: rhbz#1699283

[2.0.0.648-35]
- Refresh expired certificates.

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (aarch64)	ruby-2.0.0.648-35.el7_6.src.rpm	f7843260eaae5e57327f3450c1ee4707	ELSA-2019-2028
	ruby-2.0.0.648-35.el7_6.aarch64.rpm	dca2818c452ef820482366f99de5b998	ELSA-2019-2028
	ruby-devel-2.0.0.648-35.el7_6.aarch64.rpm	6ec00be89e52c5a18cefa112adf0f761	ELSA-2019-2028
	ruby-doc-2.0.0.648-35.el7_6.noarch.rpm	54fe7b07baa17b270f8ec47964f91f67	ELSA-2019-2028
	ruby-irb-2.0.0.648-35.el7_6.noarch.rpm	04e71794fa5e41244883dcdb6b0a6546	ELSA-2019-2028
	ruby-libs-2.0.0.648-35.el7_6.aarch64.rpm	41704757fafdc85cd12fcd577d85b37d	ELSA-2019-2028
	ruby-tcltk-2.0.0.648-35.el7_6.aarch64.rpm	8ac215c7be14119e1f7b8592a050ce5b	ELSA-2019-2028
	rubygem-bigdecimal-1.2.0-35.el7_6.aarch64.rpm	c46b46ded9ec3a778aec30b6e7dd13c0	ELSA-2019-2028
	rubygem-io-console-0.4.2-35.el7_6.aarch64.rpm	c67b9d493909558a756642a7cf2e4122	ELSA-2019-2028
	rubygem-json-1.7.7-35.el7_6.aarch64.rpm	be850949413b52fb9e07c673c9f41359	ELSA-2019-2028
	rubygem-minitest-4.3.2-35.el7_6.noarch.rpm	037fefe75c42221176ef7c01ddaaaab2	ELSA-2019-2028
	rubygem-psych-2.0.0-35.el7_6.aarch64.rpm	a27536b5d7425938517d01c9a85c0c43	ELSA-2019-2028
	rubygem-rake-0.9.6-35.el7_6.noarch.rpm	c23f136974766334b8a56afb46098b9a	ELSA-2019-2028
	rubygem-rdoc-4.0.0-35.el7_6.noarch.rpm	8fe3307731cca7a1920cebfd6ae95cfc	ELSA-2019-2028
	rubygems-2.0.14.1-35.el7_6.noarch.rpm	fd31b38161779a734cced5a419dea111	ELSA-2019-2028
	rubygems-devel-2.0.14.1-35.el7_6.noarch.rpm	e5486df24fb5025e5fe2fc9c768e9562	ELSA-2019-2028

Oracle Linux 7 (x86_64)	ruby-2.0.0.648-35.el7_6.src.rpm	f7843260eaae5e57327f3450c1ee4707	ELSA-2019-2028
	ruby-2.0.0.648-35.el7_6.x86_64.rpm	1ae6cf43d5d5092ffbb7e45919aee4fd	ELSA-2019-2028
	ruby-devel-2.0.0.648-35.el7_6.x86_64.rpm	bac69a4d4b4b8da5eb7722837713e040	ELSA-2019-2028
	ruby-doc-2.0.0.648-35.el7_6.noarch.rpm	54fe7b07baa17b270f8ec47964f91f67	ELSA-2019-2028
	ruby-irb-2.0.0.648-35.el7_6.noarch.rpm	04e71794fa5e41244883dcdb6b0a6546	ELSA-2019-2028
	ruby-libs-2.0.0.648-35.el7_6.i686.rpm	da96cfe6eefa3fb17780dfbb41cd942e	ELSA-2019-2028
	ruby-libs-2.0.0.648-35.el7_6.x86_64.rpm	5f3a68ee1aa705ec01f8c1bc07909616	ELSA-2019-2028
	ruby-tcltk-2.0.0.648-35.el7_6.x86_64.rpm	e195429c7792658df3bf1dab9415f089	ELSA-2019-2028
	rubygem-bigdecimal-1.2.0-35.el7_6.x86_64.rpm	e583c6b7e4f24512f1c9a73515928aa4	ELSA-2019-2028
	rubygem-io-console-0.4.2-35.el7_6.x86_64.rpm	522757d013361acfa9c646e429426e78	ELSA-2019-2028
	rubygem-json-1.7.7-35.el7_6.x86_64.rpm	6a394d8ffb7906303cff26773e1b3627	ELSA-2019-2028
	rubygem-minitest-4.3.2-35.el7_6.noarch.rpm	037fefe75c42221176ef7c01ddaaaab2	ELSA-2019-2028
	rubygem-psych-2.0.0-35.el7_6.x86_64.rpm	a22981ecb646bae91501e915d8b2b799	ELSA-2019-2028
	rubygem-rake-0.9.6-35.el7_6.noarch.rpm	c23f136974766334b8a56afb46098b9a	ELSA-2019-2028
	rubygem-rdoc-4.0.0-35.el7_6.noarch.rpm	8fe3307731cca7a1920cebfd6ae95cfc	ELSA-2019-2028
	rubygems-2.0.14.1-35.el7_6.noarch.rpm	fd31b38161779a734cced5a419dea111	ELSA-2019-2028
	rubygems-devel-2.0.14.1-35.el7_6.noarch.rpm	e5486df24fb5025e5fe2fc9c768e9562	ELSA-2019-2028

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691