ELSA-2024-4499

ULN >
Oracle Linux Errata repository >
ELSA-2024-4499

ELSA-2024-4499 - ruby security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-07-15

Description

ruby
[2.5.9-112]
- Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755.
(CVE-2023-36617)
Resolves: RHEL-5614
- Fix Buffer overread vulnerability in StringIO.
(CVE-2024-27280)
Resolves: RHEL-34125
- Fix RCE vulnerability with .rdoc_options in RDoc.
(CVE-2024-27281)
Resolves: RHEL-34117
- Fix Arbitrary memory address read vulnerability with Regex search.
(CVE-2024-27282)
Resolves: RHEL-33867
- Fix REXML DoS parsing an XML with many <'s in an attribute value.
(CVE-2024-35176)
Resolves: RHEL-37877

rubygem-abrt
rubygem-bson
rubygem-bundler
rubygem-mongo
rubygem-mysql2
rubygem-pg

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	ruby-2.5.9-112.module+el8.10.0+90367+ae9e8511.src.rpm	7e7219024ad9d8e7bc0a9f66f6ccc66d2e8c0b62fbc4e9dc5abee9311600efac	-	ol8_aarch64_appstream
	rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.src.rpm	9c016f87120b2f1a6612b38e937661a9e7aab6f5ef01f45c9b5c886a4412e7a0	-	ol8_aarch64_appstream
	rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.src.rpm	e99e055a314382984cf66ccdfbf9c0aec763182c74dcd6e5a7ab6a65163d2feb	-	ol8_aarch64_appstream
	rubygem-bundler-1.16.1-4.module+el8.10.0+90367+ae9e8511.src.rpm	f3b688d934389c4f64a0e7d10027584a0afd61aebaf7016afc2a9d719c26b20a	-	ol8_aarch64_appstream
	rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.src.rpm	2453ab36a1d4bd8aa02141bff820a5db417f9c884d7882f97232f561e7690629	-	ol8_aarch64_appstream
	rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.src.rpm	c96fb2caf1c013b0a00e7a2d2d6274d83e60afb2fc3a3833fd85a1f0731a2757	-	ol8_aarch64_appstream
	rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.src.rpm	cdebb8910aacca1f38f11e4046f074ae2efc0ab2e3371d47c0029229c1e4bd2a	-	ol8_aarch64_appstream
	ruby-2.5.9-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	4f78b8328e8a2f99838a16907315ca38277d22c3ea607dbabdc47f2d52801630	-	ol8_aarch64_appstream
	ruby-devel-2.5.9-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	7d129f963ba71f3b8b405b884f21f891636ecc6793d16a3d7c2da621c6652845	-	ol8_aarch64_appstream
	ruby-doc-2.5.9-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	174c65e8d1635978836fbee8fe39295971e0f6562cddfb5e28e00a36698a3171	-	ol8_aarch64_appstream
	ruby-irb-2.5.9-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	8bc4e835fd9ccd697be0b4d7163657248c59e22cff8f1588fc0564d35093c312	-	ol8_aarch64_appstream
	ruby-libs-2.5.9-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	e9bf05e33db0180baa29ae96fcacaafc7267f9fe9914c42cc261fd497bd9f31a	-	ol8_aarch64_appstream
	rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	a0b7d4b74f8a213a4924a731d4cde641760aa8e844e6c05b7b8bc384ab3e44c6	-	ol8_aarch64_appstream
	rubygem-abrt-doc-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	efa96c8b904d238fe33faa8cf0cc3ad404886140d7f2469e254ec0e76601b167	-	ol8_aarch64_appstream
	rubygem-bigdecimal-1.3.4-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	07fbe5508b64d203116e5d23e9c65d34c193573fc69e6619885c2624910eefea	-	ol8_aarch64_appstream
	rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.aarch64.rpm	e82b09774e2095aeeb8ab9ef9a8d0870f7c4448008057de6575673266ce4e6f9	-	ol8_aarch64_appstream
	rubygem-bson-doc-4.3.0-2.module+el8.9.0+90042+a65659a6.noarch.rpm	78b82913c12114cbef7cfde4aad591e28f15e34940710df276e8bcc4bfaad5ad	-	ol8_aarch64_appstream
	rubygem-bundler-1.16.1-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	87349c5ea4663b483b04258898fb24a9dcbf8004ab3a55c04cf47174c025b8ed	-	ol8_aarch64_appstream
	rubygem-bundler-doc-1.16.1-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	9d9bc12846b35307ab7222618d8bf7e51404d57168275c7cef0c960a211f8f1f	-	ol8_aarch64_appstream
	rubygem-did_you_mean-1.2.0-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	ad0d83e8d6c3b6a6390782d87815430d81fb1b4ebbfdd4a0e20f9627ddd7b55b	-	ol8_aarch64_appstream
	rubygem-io-console-0.4.6-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	89107cf96845c8c0e89a89fbed823d21b07e8f5b87d085dcc3e4e624faa5dcb6	-	ol8_aarch64_appstream
	rubygem-json-2.1.0-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	a4938e19eddf5838761723b1b421e8d6b5386f6c15d19347a359e6bce418b92a	-	ol8_aarch64_appstream
	rubygem-minitest-5.10.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	99cf4e246bb5258d98024a4f3f5848ce6ad53f0c9f87d65557023506c3344bbf	-	ol8_aarch64_appstream
	rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm	9a7d7f5b1531636da1f6e1304507f73dac96ddb2215a675815e54c58a1802155	-	ol8_aarch64_appstream
	rubygem-mongo-doc-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm	3eb66581306d8879e3680eb4b1309988343f7239b1c3b4ee6273d9c25bd8edcc	-	ol8_aarch64_appstream
	rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.aarch64.rpm	7cd79575cabf999731a871a1b7236ad1f24bc2d187fc5721ad0e0f41afbfa1b9	-	ol8_aarch64_appstream
	rubygem-mysql2-doc-0.4.10-4.module+el8.9.0+90042+a65659a6.noarch.rpm	40f059b305b794362a1f276bc4d8282ab7e436ec61ef4c1ccb9a4285d95ac118	-	ol8_aarch64_appstream
	rubygem-net-telnet-0.1.1-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	dbf58c9d900e81d6010640eb64124983a7a679fb67ba4756b0fbcb7ec7605911	-	ol8_aarch64_appstream
	rubygem-openssl-2.1.2-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	690792a6016b344ebdc0b52b9d8d57ea37a1586bdf001a7779a46c0ea9e7efb8	-	ol8_aarch64_appstream
	rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.aarch64.rpm	d2e72eb606ccf787a0b2caeffcbc436588f398565c6542928b02360a482cbf9e	-	ol8_aarch64_appstream
	rubygem-pg-doc-1.0.0-3.module+el8.9.0+90042+a65659a6.noarch.rpm	5a7cfa594b075e97048822c246538fa93fe48fd2bd5510ba23dc8b9448ad96f7	-	ol8_aarch64_appstream
	rubygem-power_assert-1.1.1-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	2f57c4e38c60b5548928a780e20ec316230e8243ff480dbc731d282acc2e0dab	-	ol8_aarch64_appstream
	rubygem-psych-3.0.2-112.module+el8.10.0+90367+ae9e8511.aarch64.rpm	3d2ec4a24d51ba4925738c258b5738b3a1a17a94aef9bba42e0b623641136bf8	-	ol8_aarch64_appstream
	rubygem-rake-12.3.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	c621acf393964034edbe83da23f75561c9eca2d8a68fb9daa2c7e7800f9631f2	-	ol8_aarch64_appstream
	rubygem-rdoc-6.0.1.1-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	05b8a4553206fa3e7ed03d53e09f64e7e6cc631690c2a1f0def8be8f2417cb9d	-	ol8_aarch64_appstream
	rubygem-test-unit-3.2.7-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	d7163fa79f49bdc8947338dd7c3013eb37ac846c619e9f3adf1247f325e32507	-	ol8_aarch64_appstream
	rubygem-xmlrpc-0.3.0-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	bb1a45cf2246539987d3c506478e97c7131807850cf9167577cc3ac248ed9709	-	ol8_aarch64_appstream
	rubygems-2.7.6.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	b4a5953c3544912d7ac97b17e58521fd52d6193dbce4076705db0d8ed2d694c1	-	ol8_aarch64_appstream
	rubygems-devel-2.7.6.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	ab317d8315eb5e8915c8cb640d221714c693397746691db8434c255a72620b65	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	ruby-2.5.9-112.module+el8.10.0+90367+ae9e8511.src.rpm	7e7219024ad9d8e7bc0a9f66f6ccc66d2e8c0b62fbc4e9dc5abee9311600efac	-	ol8_x86_64_appstream
	rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.src.rpm	9c016f87120b2f1a6612b38e937661a9e7aab6f5ef01f45c9b5c886a4412e7a0	-	ol8_x86_64_appstream
	rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.src.rpm	e99e055a314382984cf66ccdfbf9c0aec763182c74dcd6e5a7ab6a65163d2feb	-	ol8_x86_64_appstream
	rubygem-bundler-1.16.1-4.module+el8.10.0+90367+ae9e8511.src.rpm	f3b688d934389c4f64a0e7d10027584a0afd61aebaf7016afc2a9d719c26b20a	-	ol8_x86_64_appstream
	rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.src.rpm	2453ab36a1d4bd8aa02141bff820a5db417f9c884d7882f97232f561e7690629	-	ol8_x86_64_appstream
	rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.src.rpm	c96fb2caf1c013b0a00e7a2d2d6274d83e60afb2fc3a3833fd85a1f0731a2757	-	ol8_x86_64_appstream
	rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.src.rpm	cdebb8910aacca1f38f11e4046f074ae2efc0ab2e3371d47c0029229c1e4bd2a	-	ol8_x86_64_appstream
	ruby-2.5.9-112.module+el8.10.0+90367+ae9e8511.i686.rpm	296176fc03f6df6c3cc52f913af275c951e2645300cfc1ac6b4168da3db5edd9	-	ol8_x86_64_appstream
	ruby-2.5.9-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	c8f82b800ecc9a7069547942adbdbe55d0082ba2a0d46456b26400316e9cd728	-	ol8_x86_64_appstream
	ruby-devel-2.5.9-112.module+el8.10.0+90367+ae9e8511.i686.rpm	2b1776a192f40672fa606e4e2b8047dde3b59f5f99445f5104f9bd77529ad8a9	-	ol8_x86_64_appstream
	ruby-devel-2.5.9-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	4bdfe85e6b92f2c04cdcea39a3c5e4004d8c5bb166a60a1e3166d25f2b3be03d	-	ol8_x86_64_appstream
	ruby-doc-2.5.9-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	174c65e8d1635978836fbee8fe39295971e0f6562cddfb5e28e00a36698a3171	-	ol8_x86_64_appstream
	ruby-irb-2.5.9-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	8bc4e835fd9ccd697be0b4d7163657248c59e22cff8f1588fc0564d35093c312	-	ol8_x86_64_appstream
	ruby-libs-2.5.9-112.module+el8.10.0+90367+ae9e8511.i686.rpm	7f84fefed99abc6003f51364d44682441438c73082a8e8eefa0aa628b8c3bf11	-	ol8_x86_64_appstream
	ruby-libs-2.5.9-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	424470766cea9fdcd1c2e925b975d740588ab41a1aa14ede67c73bc249a34551	-	ol8_x86_64_appstream
	rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	a0b7d4b74f8a213a4924a731d4cde641760aa8e844e6c05b7b8bc384ab3e44c6	-	ol8_x86_64_appstream
	rubygem-abrt-doc-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	efa96c8b904d238fe33faa8cf0cc3ad404886140d7f2469e254ec0e76601b167	-	ol8_x86_64_appstream
	rubygem-bigdecimal-1.3.4-112.module+el8.10.0+90367+ae9e8511.i686.rpm	d1a06381f9cd623ae57d716b82aa594b64d10d036f662c06fd20138bc4d6dd3d	-	ol8_x86_64_appstream
	rubygem-bigdecimal-1.3.4-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	f07059c1e7b6aadd8a8a1d2139fcec321a2e2474d553a84a09684f475ecd99c8	-	ol8_x86_64_appstream
	rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.x86_64.rpm	f890d5427a04564cb078d49af3e67f7eb35792e136d26f9918bc4a7c5ac24b49	-	ol8_x86_64_appstream
	rubygem-bson-doc-4.3.0-2.module+el8.9.0+90042+a65659a6.noarch.rpm	78b82913c12114cbef7cfde4aad591e28f15e34940710df276e8bcc4bfaad5ad	-	ol8_x86_64_appstream
	rubygem-bundler-1.16.1-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	87349c5ea4663b483b04258898fb24a9dcbf8004ab3a55c04cf47174c025b8ed	-	ol8_x86_64_appstream
	rubygem-bundler-doc-1.16.1-4.module+el8.10.0+90367+ae9e8511.noarch.rpm	9d9bc12846b35307ab7222618d8bf7e51404d57168275c7cef0c960a211f8f1f	-	ol8_x86_64_appstream
	rubygem-did_you_mean-1.2.0-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	ad0d83e8d6c3b6a6390782d87815430d81fb1b4ebbfdd4a0e20f9627ddd7b55b	-	ol8_x86_64_appstream
	rubygem-io-console-0.4.6-112.module+el8.10.0+90367+ae9e8511.i686.rpm	98e16262e1c67e49e93d7c74d497e874ed355ca97be15fbef6a446e33e877926	-	ol8_x86_64_appstream
	rubygem-io-console-0.4.6-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	c79f0ed020546c7b28a235519d728035fbfcf56933800caca220707b6dfc9da0	-	ol8_x86_64_appstream
	rubygem-json-2.1.0-112.module+el8.10.0+90367+ae9e8511.i686.rpm	82753e3df876d954cf1cbb6c295c5271a75d758d5dbe917a7e8892536cd91e42	-	ol8_x86_64_appstream
	rubygem-json-2.1.0-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	73afb43bd73a726a1f56276bb318dc72089d8a1c18752739023c9aefceb089c0	-	ol8_x86_64_appstream
	rubygem-minitest-5.10.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	99cf4e246bb5258d98024a4f3f5848ce6ad53f0c9f87d65557023506c3344bbf	-	ol8_x86_64_appstream
	rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm	9a7d7f5b1531636da1f6e1304507f73dac96ddb2215a675815e54c58a1802155	-	ol8_x86_64_appstream
	rubygem-mongo-doc-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm	3eb66581306d8879e3680eb4b1309988343f7239b1c3b4ee6273d9c25bd8edcc	-	ol8_x86_64_appstream
	rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.x86_64.rpm	820963d3475e22f04af996bd4f15ec6c261d7b1aa6c43dff40617e5440c04d64	-	ol8_x86_64_appstream
	rubygem-mysql2-doc-0.4.10-4.module+el8.9.0+90042+a65659a6.noarch.rpm	40f059b305b794362a1f276bc4d8282ab7e436ec61ef4c1ccb9a4285d95ac118	-	ol8_x86_64_appstream
	rubygem-net-telnet-0.1.1-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	dbf58c9d900e81d6010640eb64124983a7a679fb67ba4756b0fbcb7ec7605911	-	ol8_x86_64_appstream
	rubygem-openssl-2.1.2-112.module+el8.10.0+90367+ae9e8511.i686.rpm	8c90a31f6fbf64f46116fb68ce9906cbd942bfb0975f70f5a65d884050a4770e	-	ol8_x86_64_appstream
	rubygem-openssl-2.1.2-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	cb3440be5038dc2a1c82d2e1ced8ac86242f4d3677c9ecf4c8df09210c2ed3c5	-	ol8_x86_64_appstream
	rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.x86_64.rpm	c55ac1307d05bd7b46bb9504b80ed9c4cba1b4ca62cb96a8462eb309f43209bf	-	ol8_x86_64_appstream
	rubygem-pg-doc-1.0.0-3.module+el8.9.0+90042+a65659a6.noarch.rpm	5a7cfa594b075e97048822c246538fa93fe48fd2bd5510ba23dc8b9448ad96f7	-	ol8_x86_64_appstream
	rubygem-power_assert-1.1.1-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	2f57c4e38c60b5548928a780e20ec316230e8243ff480dbc731d282acc2e0dab	-	ol8_x86_64_appstream
	rubygem-psych-3.0.2-112.module+el8.10.0+90367+ae9e8511.i686.rpm	524850e2199ced392ddc892ebd9631a97e255ff04729c721d1e90e9f60e8a8ae	-	ol8_x86_64_appstream
	rubygem-psych-3.0.2-112.module+el8.10.0+90367+ae9e8511.x86_64.rpm	c1e087354b8707ccdf850b545289301f193a0906d9ce26905ce6634af51986f6	-	ol8_x86_64_appstream
	rubygem-rake-12.3.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	c621acf393964034edbe83da23f75561c9eca2d8a68fb9daa2c7e7800f9631f2	-	ol8_x86_64_appstream
	rubygem-rdoc-6.0.1.1-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	05b8a4553206fa3e7ed03d53e09f64e7e6cc631690c2a1f0def8be8f2417cb9d	-	ol8_x86_64_appstream
	rubygem-test-unit-3.2.7-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	d7163fa79f49bdc8947338dd7c3013eb37ac846c619e9f3adf1247f325e32507	-	ol8_x86_64_appstream
	rubygem-xmlrpc-0.3.0-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	bb1a45cf2246539987d3c506478e97c7131807850cf9167577cc3ac248ed9709	-	ol8_x86_64_appstream
	rubygems-2.7.6.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	b4a5953c3544912d7ac97b17e58521fd52d6193dbce4076705db0d8ed2d694c1	-	ol8_x86_64_appstream
	rubygems-devel-2.7.6.3-112.module+el8.10.0+90367+ae9e8511.noarch.rpm	ab317d8315eb5e8915c8cb640d221714c693397746691db8434c255a72620b65	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691