ELSA-2024-10860

ULN >
Oracle Linux Errata repository >
ELSA-2024-10860

ELSA-2024-10860 - ruby:3.1 security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2024-12-06

Description

ruby
[3.1.5-145]
- Fix REXML ReDoS vulnerability. (CVE-2024-49761)
Resolves: RHEL-68530

[3.1.5-144]
- Upgrade to Ruby 3.1.5.
Resolves: RHEL-33978
- Fix buffer overread vulnerability in StringIO.
Resolves: RHEL-34129
- Fix RCE vulnerability with .rdoc_options in RDoc.
Resolves: RHEL-34121
- Fix arbitrary memory address read vulnerability with Regex search.
Resolves: RHEL-33871

[3.1.4-143]
- Upgrade to Ruby 3.1.4.
Resolves: RHEL-5586
- Fix HTTP response splitting in CGI.
Resolves: RHEL-5591
- Fix ReDos vulnerability in URI.
Resolves: RHEL-28919
Resolves: RHEL-5612
- Fix ReDos vulnerability in Time.
Resolves: RHEL-28920
- Make RDoc soft dependency in IRB.
Resolves: RHEL-5613

[3.1.2-142]
- Bypass git submodule test failure on Git >= 2.38.1.
- Fix tests with Europe/Amsterdam pre-1970 time on tzdata version 2022b.
- Fix for tzdata-2022g.
- Fix OpenSSL.fips_mode and OpenSSL::PKey.read in OpenSSL 3 FIPS.
Resolves: RHEL-5590
- ssl: use ffdhe2048 from RFC 7919 as the default DH group parameters
Related: RHEL-5590
- Disable fiddle tests that use FFI closures.
Related: RHEL-5590

rubygem-mysql2
[0.5.4-1]
- New upstream release 0.5.4 by merging Fedora rawhide branch (commit: e21b5b9)
Resolves: rhbz#2063773

[0.5.3-1]
- New upstream release 0.5.3 by merging Fedora master branch (commit: 674d475)
Resolves: rhbz#1817135

rubygem-pg
* Thu May 26 2022 Jarek Prokop - 1.3.5-1
- Update to pg 1.3.5
Related: rhbz#2063773

[1.2.3-1]
- Update to pg 1.2.3 by merging Fedora master branch (commit: 5db4d26)
Resolves: rhbz#1817135

Related CVEs

CVE-2024-49761

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	ruby-3.1.5-145.module+el9.5.0+90461+45a3a727.src.rpm	91b7df0c66b76826e9511c9fe12c98a4	-	ol9_aarch64_appstream
	rubygem-mysql2-0.5.4-1.module+el9.1.0+20815+286161bd.src.rpm	4778ee1b37c40c7fdf13d232d664d9b3	-	ol9_aarch64_appstream
	rubygem-mysql2-0.5.4-1.module+el9.1.0+20815+286161bd.src.rpm	4778ee1b37c40c7fdf13d232d664d9b3	-	ol9_aarch64_appstream_developer
	rubygem-pg-1.3.5-1.module+el9.1.0+20815+286161bd.src.rpm	853e25036fbda5620eff76523dae5e3d	-	ol9_aarch64_appstream
	rubygem-pg-1.3.5-1.module+el9.1.0+20815+286161bd.src.rpm	853e25036fbda5620eff76523dae5e3d	-	ol9_aarch64_appstream_developer
	ruby-3.1.5-145.module+el9.5.0+90461+45a3a727.aarch64.rpm	d5b9b4d6c330b2aac7640b5e8d8a24af	-	ol9_aarch64_appstream
	ruby-bundled-gems-3.1.5-145.module+el9.5.0+90461+45a3a727.aarch64.rpm	fc2e95770888aed05018c497a31f3c1b	-	ol9_aarch64_appstream
	ruby-default-gems-3.1.5-145.module+el9.5.0+90461+45a3a727.noarch.rpm	45245741219bc108e485033b26de6f63	-	ol9_aarch64_appstream
	ruby-devel-3.1.5-145.module+el9.5.0+90461+45a3a727.aarch64.rpm	e38df5052e6b004acee7a9f65432dcdf	-	ol9_aarch64_appstream
	ruby-doc-3.1.5-145.module+el9.5.0+90461+45a3a727.noarch.rpm	2866853aa5045259fe6f52d80d124d23	-	ol9_aarch64_appstream
	ruby-libs-3.1.5-145.module+el9.5.0+90461+45a3a727.aarch64.rpm	6cf778dbe6ae0d47a063cdfab2ec574f	-	ol9_aarch64_appstream
	rubygem-bigdecimal-3.1.1-145.module+el9.5.0+90461+45a3a727.aarch64.rpm	7a29e2cccfb5dfd73c409a739e75e499	-	ol9_aarch64_appstream
	rubygem-bundler-2.3.27-145.module+el9.5.0+90461+45a3a727.noarch.rpm	627700ab74537db1665be93f7cf7af70	-	ol9_aarch64_appstream
	rubygem-io-console-0.5.11-145.module+el9.5.0+90461+45a3a727.aarch64.rpm	ceb862d0d339d9be61ed640a5db3acfa	-	ol9_aarch64_appstream
	rubygem-irb-1.4.1-145.module+el9.5.0+90461+45a3a727.noarch.rpm	ed0826ddc037bb25d342f6772e4aeb9c	-	ol9_aarch64_appstream
	rubygem-json-2.6.1-145.module+el9.5.0+90461+45a3a727.aarch64.rpm	026cb7da273bdb0cb0d52287f0679a6c	-	ol9_aarch64_appstream
	rubygem-minitest-5.15.0-145.module+el9.5.0+90461+45a3a727.noarch.rpm	999bfcd92bcd08ea77165337d7a5856a	-	ol9_aarch64_appstream
	rubygem-mysql2-0.5.4-1.module+el9.1.0+20815+286161bd.aarch64.rpm	17794e261781fb20da02cf4a2de4009b	-	ol9_aarch64_appstream
	rubygem-mysql2-0.5.4-1.module+el9.1.0+20815+286161bd.aarch64.rpm	17794e261781fb20da02cf4a2de4009b	-	ol9_aarch64_appstream_developer
	rubygem-mysql2-doc-0.5.4-1.module+el9.1.0+20815+286161bd.noarch.rpm	3db795ed004c63b0e7445a6d59018b34	-	ol9_aarch64_appstream
	rubygem-mysql2-doc-0.5.4-1.module+el9.1.0+20815+286161bd.noarch.rpm	3db795ed004c63b0e7445a6d59018b34	-	ol9_aarch64_appstream_developer
	rubygem-pg-1.3.5-1.module+el9.1.0+20815+286161bd.aarch64.rpm	09a77c176cf1e99c0211dc1467c73099	-	ol9_aarch64_appstream
	rubygem-pg-1.3.5-1.module+el9.1.0+20815+286161bd.aarch64.rpm	09a77c176cf1e99c0211dc1467c73099	-	ol9_aarch64_appstream_developer
	rubygem-pg-doc-1.3.5-1.module+el9.1.0+20815+286161bd.noarch.rpm	301b7817613334df8f887f176c67ae2a	-	ol9_aarch64_appstream
	rubygem-pg-doc-1.3.5-1.module+el9.1.0+20815+286161bd.noarch.rpm	301b7817613334df8f887f176c67ae2a	-	ol9_aarch64_appstream_developer
	rubygem-power_assert-2.0.1-145.module+el9.5.0+90461+45a3a727.noarch.rpm	0502a20fd0878d7670af5304cd4363fa	-	ol9_aarch64_appstream
	rubygem-psych-4.0.4-145.module+el9.5.0+90461+45a3a727.aarch64.rpm	0463a79dc3d25271be2906fca891cfad	-	ol9_aarch64_appstream
	rubygem-rake-13.0.6-145.module+el9.5.0+90461+45a3a727.noarch.rpm	c7c4810234cb0cadfc19792820128415	-	ol9_aarch64_appstream
	rubygem-rbs-2.7.0-145.module+el9.5.0+90461+45a3a727.aarch64.rpm	b850c19085a553b38cda82ec08ffe23e	-	ol9_aarch64_appstream
	rubygem-rdoc-6.4.1.1-145.module+el9.5.0+90461+45a3a727.noarch.rpm	c1a7564828db08509b5e3c86b03a472d	-	ol9_aarch64_appstream
	rubygem-rexml-3.2.5-145.module+el9.5.0+90461+45a3a727.noarch.rpm	5ca1b4285f997557347216f93061dae5	-	ol9_aarch64_appstream
	rubygem-rss-0.2.9-145.module+el9.5.0+90461+45a3a727.noarch.rpm	70ee688bc731aee158fe3ba256936af4	-	ol9_aarch64_appstream
	rubygem-test-unit-3.5.3-145.module+el9.5.0+90461+45a3a727.noarch.rpm	754ae46d4c2f30f89c06e656ebbd742b	-	ol9_aarch64_appstream
	rubygem-typeprof-0.21.3-145.module+el9.5.0+90461+45a3a727.noarch.rpm	6d5c783206c54399aaefcd0872619cad	-	ol9_aarch64_appstream
	rubygems-3.3.27-145.module+el9.5.0+90461+45a3a727.noarch.rpm	3ed99b8a5959dba25c44153fe3aca5e6	-	ol9_aarch64_appstream
	rubygems-devel-3.3.27-145.module+el9.5.0+90461+45a3a727.noarch.rpm	5c9743026539963b12d8e12bdb10bd0e	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	ruby-3.1.5-145.module+el9.5.0+90461+45a3a727.src.rpm	91b7df0c66b76826e9511c9fe12c98a4	-	ol9_x86_64_appstream
	rubygem-mysql2-0.5.4-1.module+el9.1.0+20815+286161bd.src.rpm	4778ee1b37c40c7fdf13d232d664d9b3	-	ol9_x86_64_appstream
	rubygem-mysql2-0.5.4-1.module+el9.1.0+20815+286161bd.src.rpm	4778ee1b37c40c7fdf13d232d664d9b3	-	ol9_x86_64_appstream_developer
	rubygem-pg-1.3.5-1.module+el9.1.0+20815+286161bd.src.rpm	853e25036fbda5620eff76523dae5e3d	-	ol9_x86_64_appstream
	rubygem-pg-1.3.5-1.module+el9.1.0+20815+286161bd.src.rpm	853e25036fbda5620eff76523dae5e3d	-	ol9_x86_64_appstream_developer
	ruby-3.1.5-145.module+el9.5.0+90461+45a3a727.i686.rpm	202e1d0799095b700f0e93b6067afb72	-	ol9_x86_64_appstream
	ruby-3.1.5-145.module+el9.5.0+90461+45a3a727.x86_64.rpm	89c2397e0842ba2e83f41265f744e309	-	ol9_x86_64_appstream
	ruby-bundled-gems-3.1.5-145.module+el9.5.0+90461+45a3a727.i686.rpm	1d8320c939e0514e74291cded7c76c56	-	ol9_x86_64_appstream
	ruby-bundled-gems-3.1.5-145.module+el9.5.0+90461+45a3a727.x86_64.rpm	9e3b0348e30eac01bb31d75eca982d00	-	ol9_x86_64_appstream
	ruby-default-gems-3.1.5-145.module+el9.5.0+90461+45a3a727.noarch.rpm	45245741219bc108e485033b26de6f63	-	ol9_x86_64_appstream
	ruby-devel-3.1.5-145.module+el9.5.0+90461+45a3a727.i686.rpm	7e5e1865f13b6b695e8ab569c405020c	-	ol9_x86_64_appstream
	ruby-devel-3.1.5-145.module+el9.5.0+90461+45a3a727.x86_64.rpm	cf3dce42fa70450da082aa208b48c0f8	-	ol9_x86_64_appstream
	ruby-doc-3.1.5-145.module+el9.5.0+90461+45a3a727.noarch.rpm	2866853aa5045259fe6f52d80d124d23	-	ol9_x86_64_appstream
	ruby-libs-3.1.5-145.module+el9.5.0+90461+45a3a727.i686.rpm	2df4389baf64341df231c0aa5f010bf6	-	ol9_x86_64_appstream
	ruby-libs-3.1.5-145.module+el9.5.0+90461+45a3a727.x86_64.rpm	1fd97f0ea529ca30b6dd0b8bcfc3465c	-	ol9_x86_64_appstream
	rubygem-bigdecimal-3.1.1-145.module+el9.5.0+90461+45a3a727.i686.rpm	5c4594c10913778bbce75f11454ce415	-	ol9_x86_64_appstream
	rubygem-bigdecimal-3.1.1-145.module+el9.5.0+90461+45a3a727.x86_64.rpm	b0933187ce942423863f69f66f620d2c	-	ol9_x86_64_appstream
	rubygem-bundler-2.3.27-145.module+el9.5.0+90461+45a3a727.noarch.rpm	627700ab74537db1665be93f7cf7af70	-	ol9_x86_64_appstream
	rubygem-io-console-0.5.11-145.module+el9.5.0+90461+45a3a727.i686.rpm	aa8b2a2d7cbd2e86ff1e23c9dd5fc44f	-	ol9_x86_64_appstream
	rubygem-io-console-0.5.11-145.module+el9.5.0+90461+45a3a727.x86_64.rpm	b43b73db4754f9a46531f39a09bd2c34	-	ol9_x86_64_appstream
	rubygem-irb-1.4.1-145.module+el9.5.0+90461+45a3a727.noarch.rpm	ed0826ddc037bb25d342f6772e4aeb9c	-	ol9_x86_64_appstream
	rubygem-json-2.6.1-145.module+el9.5.0+90461+45a3a727.i686.rpm	186bf73dd6959338d26ceafba66ef94b	-	ol9_x86_64_appstream
	rubygem-json-2.6.1-145.module+el9.5.0+90461+45a3a727.x86_64.rpm	561c0d5d4fc855cb7dd31507cec6c67b	-	ol9_x86_64_appstream
	rubygem-minitest-5.15.0-145.module+el9.5.0+90461+45a3a727.noarch.rpm	999bfcd92bcd08ea77165337d7a5856a	-	ol9_x86_64_appstream
	rubygem-mysql2-0.5.4-1.module+el9.1.0+20815+286161bd.x86_64.rpm	beb8edaa59015cad824f392325734689	-	ol9_x86_64_appstream
	rubygem-mysql2-0.5.4-1.module+el9.1.0+20815+286161bd.x86_64.rpm	beb8edaa59015cad824f392325734689	-	ol9_x86_64_appstream_developer
	rubygem-mysql2-doc-0.5.4-1.module+el9.1.0+20815+286161bd.noarch.rpm	3db795ed004c63b0e7445a6d59018b34	-	ol9_x86_64_appstream
	rubygem-mysql2-doc-0.5.4-1.module+el9.1.0+20815+286161bd.noarch.rpm	3db795ed004c63b0e7445a6d59018b34	-	ol9_x86_64_appstream_developer
	rubygem-pg-1.3.5-1.module+el9.1.0+20815+286161bd.x86_64.rpm	66aed05c0f35af188a829ae9bdb6a800	-	ol9_x86_64_appstream
	rubygem-pg-1.3.5-1.module+el9.1.0+20815+286161bd.x86_64.rpm	66aed05c0f35af188a829ae9bdb6a800	-	ol9_x86_64_appstream_developer
	rubygem-pg-doc-1.3.5-1.module+el9.1.0+20815+286161bd.noarch.rpm	301b7817613334df8f887f176c67ae2a	-	ol9_x86_64_appstream
	rubygem-pg-doc-1.3.5-1.module+el9.1.0+20815+286161bd.noarch.rpm	301b7817613334df8f887f176c67ae2a	-	ol9_x86_64_appstream_developer
	rubygem-power_assert-2.0.1-145.module+el9.5.0+90461+45a3a727.noarch.rpm	0502a20fd0878d7670af5304cd4363fa	-	ol9_x86_64_appstream
	rubygem-psych-4.0.4-145.module+el9.5.0+90461+45a3a727.i686.rpm	d890e29ac6b02e14ee3de522f8aba023	-	ol9_x86_64_appstream
	rubygem-psych-4.0.4-145.module+el9.5.0+90461+45a3a727.x86_64.rpm	a551f939aab04ac2fae0ee9bf244a2e8	-	ol9_x86_64_appstream
	rubygem-rake-13.0.6-145.module+el9.5.0+90461+45a3a727.noarch.rpm	c7c4810234cb0cadfc19792820128415	-	ol9_x86_64_appstream
	rubygem-rbs-2.7.0-145.module+el9.5.0+90461+45a3a727.i686.rpm	dfa8af8a5d6c241aa1d69f8711391ee7	-	ol9_x86_64_appstream
	rubygem-rbs-2.7.0-145.module+el9.5.0+90461+45a3a727.x86_64.rpm	ea17f51dfb3197f180498b469fe3434f	-	ol9_x86_64_appstream
	rubygem-rdoc-6.4.1.1-145.module+el9.5.0+90461+45a3a727.noarch.rpm	c1a7564828db08509b5e3c86b03a472d	-	ol9_x86_64_appstream
	rubygem-rexml-3.2.5-145.module+el9.5.0+90461+45a3a727.noarch.rpm	5ca1b4285f997557347216f93061dae5	-	ol9_x86_64_appstream
	rubygem-rss-0.2.9-145.module+el9.5.0+90461+45a3a727.noarch.rpm	70ee688bc731aee158fe3ba256936af4	-	ol9_x86_64_appstream
	rubygem-test-unit-3.5.3-145.module+el9.5.0+90461+45a3a727.noarch.rpm	754ae46d4c2f30f89c06e656ebbd742b	-	ol9_x86_64_appstream
	rubygem-typeprof-0.21.3-145.module+el9.5.0+90461+45a3a727.noarch.rpm	6d5c783206c54399aaefcd0872619cad	-	ol9_x86_64_appstream
	rubygems-3.3.27-145.module+el9.5.0+90461+45a3a727.noarch.rpm	3ed99b8a5959dba25c44153fe3aca5e6	-	ol9_x86_64_appstream
	rubygems-devel-3.3.27-145.module+el9.5.0+90461+45a3a727.noarch.rpm	5c9743026539963b12d8e12bdb10bd0e	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

Oracle customers - enter a support request
Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691