ELSA-2024-4499

ULN >
Oracle Linux Errata repository >
ELSA-2024-4499

ELSA-2024-4499 - ruby security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-07-15

Description

ruby
[2.5.9-112]
- Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755.
(CVE-2023-36617)
Resolves: RHEL-5614
- Fix Buffer overread vulnerability in StringIO.
(CVE-2024-27280)
Resolves: RHEL-34125
- Fix RCE vulnerability with .rdoc_options in RDoc.
(CVE-2024-27281)
Resolves: RHEL-34117
- Fix Arbitrary memory address read vulnerability with Regex search.
(CVE-2024-27282)
Resolves: RHEL-33867
- Fix REXML DoS parsing an XML with many <'s in an attribute value.
(CVE-2024-35176)
Resolves: RHEL-37877

rubygem-abrt
rubygem-bson
rubygem-bundler
rubygem-mongo
rubygem-mysql2
rubygem-pg

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	ruby-2.5.9-112.module+el8.10.0+90367+ae9e8511.src.rpm	6d735bb98799482e2584abd69e789d21	-	ol8_aarch64_appstream
	rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.src.rpm	9a077a90a7836b85a97887ad297db991	-	ol8_aarch64_appstream
	rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.src.rpm	fe27fbb9cff8f06a88765c9df31ee9a0	-	ol8_aarch64_appstream
	rubygem-bundler-1.16.1-4.module+el8.10.0+90367+ae9e8511.src.rpm	120dbae6e8a612a898bc1c64f09ae1f4	-	ol8_aarch64_appstream
	rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.src.rpm	c0c9706e1ca386fe484279eda5a4381e	-	ol8_aarch64_appstream
	rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.src.rpm	868221c1afd32ad34e2b86f3c4efe007	-	ol8_aarch64_appstream
	rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.src.rpm	16450a64484e7b7aeb093ddcb6f0ed31	-	ol8_aarch64_appstream
	ruby-2.5.9-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	d95d164b85bae887fd5d0ccbeac0b337	-	ol8_aarch64_appstream
	ruby-devel-2.5.9-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	4ec668b042cccf9ce71465364689a33c	-	ol8_aarch64_appstream
	ruby-doc-2.5.9-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	9c1a3c906276a015d7131ac1f8d62d81	-	ol8_aarch64_appstream
	ruby-irb-2.5.9-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	fc18661b42c9cab6de79435681856b55	-	ol8_aarch64_appstream
	ruby-libs-2.5.9-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	4d402f6a9a7af1e4ada7aee838cf0432	-	ol8_aarch64_appstream
	rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	3b634252dda98d42f2f5b25b4972be46	-	ol8_aarch64_appstream
	rubygem-abrt-doc-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	c527a657fb0fa3e45393573ffee8a9cd	-	ol8_aarch64_appstream
	rubygem-bigdecimal-1.3.4-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	d62859ca3d0ecf28a40d65329dd30be4	-	ol8_aarch64_appstream
	rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.aarch64.rpm	4eae1a0d64ba5ab13017d6edbeeabadd	-	ol8_aarch64_appstream
	rubygem-bson-doc-4.3.0-2.module+el8.9.0+90042+a65659a6.noarch.rpm	bee90148052c1414bd4cc259743a9508	-	ol8_aarch64_appstream
	rubygem-bundler-1.16.1-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	9d514b9a6f50888648429fa37cbee3e9	-	ol8_aarch64_appstream
	rubygem-bundler-doc-1.16.1-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	855c617d19ed636d72e55f8b926872dd	-	ol8_aarch64_appstream
	rubygem-did_you_mean-1.2.0-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	c210b3346b9d26100463c170cd54175b	-	ol8_aarch64_appstream
	rubygem-io-console-0.4.6-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	7f27ca22620a3df822f2cd7b05b0bb5d	-	ol8_aarch64_appstream
	rubygem-json-2.1.0-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	3446d73fb455878e1d4fa0f55086ea51	-	ol8_aarch64_appstream
	rubygem-minitest-5.10.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	90db03240aa51277678030a1fb1eb0fd	-	ol8_aarch64_appstream
	rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm	257471dde03c8282cd9113a60c5e8074	-	ol8_aarch64_appstream
	rubygem-mongo-doc-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm	f83805901aa58be22e0f6b55fed10465	-	ol8_aarch64_appstream
	rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.aarch64.rpm	116c614c3e82b0a266a16abd54e0680e	-	ol8_aarch64_appstream
	rubygem-mysql2-doc-0.4.10-4.module+el8.9.0+90042+a65659a6.noarch.rpm	7d883ab517f91a9dfa881c90a743473a	-	ol8_aarch64_appstream
	rubygem-net-telnet-0.1.1-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	6dbd915b42c182cdac6307eee77b7d3e	-	ol8_aarch64_appstream
	rubygem-openssl-2.1.2-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	1b1c111b2042a3430001b0bb9116adc7	-	ol8_aarch64_appstream
	rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.aarch64.rpm	f0b72107235f8a0bca35d8fbe433e00f	-	ol8_aarch64_appstream
	rubygem-pg-doc-1.0.0-3.module+el8.9.0+90042+a65659a6.noarch.rpm	94650c1ba97a9c36be62d7afff956600	-	ol8_aarch64_appstream
	rubygem-power_assert-1.1.1-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	2ee835ab5cb6429c580af00f900e4a04	-	ol8_aarch64_appstream
	rubygem-psych-3.0.2-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	b1549a7a1e9856b24078128385876f04	-	ol8_aarch64_appstream
	rubygem-rake-12.3.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	dbf393fd056193a4225fda9a9fd33627	-	ol8_aarch64_appstream
	rubygem-rdoc-6.0.1.1-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	75f2cbe54c8b54eb010ddf8435d535d6	-	ol8_aarch64_appstream
	rubygem-test-unit-3.2.7-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	784bb1b176b14e0c559a49de45e5c128	-	ol8_aarch64_appstream
	rubygem-xmlrpc-0.3.0-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	a4db6a2a786bda0c44ce48edce322d0a	-	ol8_aarch64_appstream
	rubygems-2.7.6.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	358ea222afbf78179ea289f44b09f3d4	-	ol8_aarch64_appstream
	rubygems-devel-2.7.6.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	840d6ffd70fc8209720db9b8927a68a1	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	ruby-2.5.9-112.module+el8.10.0+90367+ae9e8511.src.rpm	6d735bb98799482e2584abd69e789d21	-	ol8_x86_64_appstream
	rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.src.rpm	9a077a90a7836b85a97887ad297db991	-	ol8_x86_64_appstream
	rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.src.rpm	fe27fbb9cff8f06a88765c9df31ee9a0	-	ol8_x86_64_appstream
	rubygem-bundler-1.16.1-4.module+el8.10.0+90367+ae9e8511.src.rpm	120dbae6e8a612a898bc1c64f09ae1f4	-	ol8_x86_64_appstream
	rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.src.rpm	c0c9706e1ca386fe484279eda5a4381e	-	ol8_x86_64_appstream
	rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.src.rpm	868221c1afd32ad34e2b86f3c4efe007	-	ol8_x86_64_appstream
	rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.src.rpm	16450a64484e7b7aeb093ddcb6f0ed31	-	ol8_x86_64_appstream
	ruby-2.5.9-112.module+el8.10.0+90367+ae9e8511.i686.rpm	1c4b78ffc09aea5c54842d5ad9aae657	-	ol8_x86_64_appstream
	ruby-2.5.9-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	d92ee3212ef33f949d679fe2300da923	-	ol8_x86_64_appstream
	ruby-devel-2.5.9-112.module+el8.10.0+90367+ae9e8511.i686.rpm	25e7de95a2920980560285070b8fc46f	-	ol8_x86_64_appstream
	ruby-devel-2.5.9-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	4abb8b33fe864537bdc078a96bfdaca8	-	ol8_x86_64_appstream
	ruby-doc-2.5.9-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	9c1a3c906276a015d7131ac1f8d62d81	-	ol8_x86_64_appstream
	ruby-irb-2.5.9-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	fc18661b42c9cab6de79435681856b55	-	ol8_x86_64_appstream
	ruby-libs-2.5.9-112.module+el8.10.0+90367+ae9e8511.i686.rpm	323a21ea91198be9df4290623dc56bbe	-	ol8_x86_64_appstream
	ruby-libs-2.5.9-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	ecff0467eaf8ba7c550bc644ab24b665	-	ol8_x86_64_appstream
	rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	3b634252dda98d42f2f5b25b4972be46	-	ol8_x86_64_appstream
	rubygem-abrt-doc-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	c527a657fb0fa3e45393573ffee8a9cd	-	ol8_x86_64_appstream
	rubygem-bigdecimal-1.3.4-112.module+el8.10.0+90367+ae9e8511.i686.rpm	40d296982fa14976e49a28dcccc53ec5	-	ol8_x86_64_appstream
	rubygem-bigdecimal-1.3.4-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	2a8cff621c8bccf4d42afbbb3733d5c6	-	ol8_x86_64_appstream
	rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.x86_64.rpm	5737a98b0db7c3fbb2c7043141b0a1b5	-	ol8_x86_64_appstream
	rubygem-bson-doc-4.3.0-2.module+el8.9.0+90042+a65659a6.noarch.rpm	bee90148052c1414bd4cc259743a9508	-	ol8_x86_64_appstream
	rubygem-bundler-1.16.1-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	9d514b9a6f50888648429fa37cbee3e9	-	ol8_x86_64_appstream
	rubygem-bundler-doc-1.16.1-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	855c617d19ed636d72e55f8b926872dd	-	ol8_x86_64_appstream
	rubygem-did_you_mean-1.2.0-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	c210b3346b9d26100463c170cd54175b	-	ol8_x86_64_appstream
	rubygem-io-console-0.4.6-112.module+el8.10.0+90367+ae9e8511.i686.rpm	5540a9bf2a703a60053f5b3104ff21b9	-	ol8_x86_64_appstream
	rubygem-io-console-0.4.6-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	50cb1a801602b33fc4917214e8071947	-	ol8_x86_64_appstream
	rubygem-json-2.1.0-112.module+el8.10.0+90367+ae9e8511.i686.rpm	6d373d088a6edc6b69002ff9eb7e07bf	-	ol8_x86_64_appstream
	rubygem-json-2.1.0-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	5c8da5c6372d8ab61ce8144f61ae394c	-	ol8_x86_64_appstream
	rubygem-minitest-5.10.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	90db03240aa51277678030a1fb1eb0fd	-	ol8_x86_64_appstream
	rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm	257471dde03c8282cd9113a60c5e8074	-	ol8_x86_64_appstream
	rubygem-mongo-doc-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm	f83805901aa58be22e0f6b55fed10465	-	ol8_x86_64_appstream
	rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.x86_64.rpm	c052caf544bcdd3e0692846d84520356	-	ol8_x86_64_appstream
	rubygem-mysql2-doc-0.4.10-4.module+el8.9.0+90042+a65659a6.noarch.rpm	7d883ab517f91a9dfa881c90a743473a	-	ol8_x86_64_appstream
	rubygem-net-telnet-0.1.1-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	6dbd915b42c182cdac6307eee77b7d3e	-	ol8_x86_64_appstream
	rubygem-openssl-2.1.2-112.module+el8.10.0+90367+ae9e8511.i686.rpm	a249debc3933a9f3c3de912f738d2a11	-	ol8_x86_64_appstream
	rubygem-openssl-2.1.2-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	9b786c9bd13bc42c6767d506426dac52	-	ol8_x86_64_appstream
	rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.x86_64.rpm	b8001f31aeeee3fdee296e7504664205	-	ol8_x86_64_appstream
	rubygem-pg-doc-1.0.0-3.module+el8.9.0+90042+a65659a6.noarch.rpm	94650c1ba97a9c36be62d7afff956600	-	ol8_x86_64_appstream
	rubygem-power_assert-1.1.1-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	2ee835ab5cb6429c580af00f900e4a04	-	ol8_x86_64_appstream
	rubygem-psych-3.0.2-112.module+el8.10.0+90367+ae9e8511.i686.rpm	fd6ae59782c5594fd6ce26f6116b1c9b	-	ol8_x86_64_appstream
	rubygem-psych-3.0.2-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	f1f45ca80b0cf35008392af1797b0573	-	ol8_x86_64_appstream
	rubygem-rake-12.3.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	dbf393fd056193a4225fda9a9fd33627	-	ol8_x86_64_appstream
	rubygem-rdoc-6.0.1.1-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	75f2cbe54c8b54eb010ddf8435d535d6	-	ol8_x86_64_appstream
	rubygem-test-unit-3.2.7-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	784bb1b176b14e0c559a49de45e5c128	-	ol8_x86_64_appstream
	rubygem-xmlrpc-0.3.0-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	a4db6a2a786bda0c44ce48edce322d0a	-	ol8_x86_64_appstream
	rubygems-2.7.6.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	358ea222afbf78179ea289f44b09f3d4	-	ol8_x86_64_appstream
	rubygems-devel-2.7.6.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	840d6ffd70fc8209720db9b8927a68a1	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

Oracle customers - enter a support request
Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691