ELSA-2024-6785

ULN >
Oracle Linux Errata repository >
ELSA-2024-6785

ELSA-2024-6785 - ruby:3.3 security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-09-19

Description

ruby
[3.3.5-3]
- Upgrade to Ruby 3.3.5
Resolves: RHEL-57576
- Fix DoS vulnerability in rexml.
(CVE-2024-39908)
(CVE-2024-41946)
(CVE-2024-43398)
Resolves: RHEL-57573
Resolves: RHEL-57570
Resolves: RHEL-57578
- Fix REXML DoS when parsing an XML having many specific characters such as
whitespace character, >] and ]>.
(CVE-2024-41123)
Resolves: RHEL-57567
- Fix incorrect symlink for rubygem-irb's library.
Resolves: RHEL-57597

[3.3.1-2]
- Upgrade to Ruby 3.3.1.
Resolves: RHEL-37697
- Fix buffer overread vulnerability in StringIO.
(CVE-2024-27280)
Resolves: RHEL-37699
- Fix RCE vulnerability with .rdoc_options in RDoc.
(CVE-2024-27281)
Resolves: RHEL-37696
- Fix Arbitrary memory address read vulnerability with Regex search.
(CVE-2024-27282)
Resolves: RHEL-37698

[3.3.0-1]
- Upgrade to Ruby 3.3.0.
Resolves: RHEL-17089

[3.1.2-142]
- Bypass git submodule test failure on Git >= 2.38.1.
- Fix tests with Europe/Amsterdam pre-1970 time on tzdata version 2022b.
- Fix for tzdata-2022g.
- Fix OpenSSL.fips_mode and OpenSSL::PKey.read in OpenSSL 3 FIPS.
Resolves: RHEL-5590
- ssl: use ffdhe2048 from RFC 7919 as the default DH group parameters
Related: RHEL-5590
- Disable fiddle tests that use FFI closures.
Related: RHEL-5590

rubygem-mysql2
[0.5.5-1]
- Upgrade to mysql2 0.5.5.
Related: RHEL-17089

rubygem-pg
[1.5.4-1]
- Upgrade to pg 1.5.4.
Related: RHEL-17089

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	ruby-3.3.5-3.module+el9.4.0+90406+79f381be.src.rpm	1a2c55e989e20abe78b8731c3157fc1cacac1783f6bceb99a21eb2b84004a513	-	ol9_aarch64_appstream
	rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.src.rpm	58b85a0b5a8f0d729a36c2344fb716df0b55c3c94ce5a488b1f499b22ec7b85a	-	ol9_aarch64_appstream
	rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.src.rpm	dcb8d5510a370818152409cb6e28a65cd8ef5524451e043eb0595bd3093c2766	-	ol9_aarch64_appstream
	ruby-3.3.5-3.module+el9.4.0+90406+79f381be.aarch64.rpm	b9cfc7138a7f37c811dd7fa4b12ae78ae0ff2b75b88f9fea18e236f6a579d9d1	-	ol9_aarch64_appstream
	ruby-bundled-gems-3.3.5-3.module+el9.4.0+90406+79f381be.aarch64.rpm	e6f724a71b2edee2b134ba7566d61fcbe928feaaa3852a38deae4c961c419c86	-	ol9_aarch64_appstream
	ruby-default-gems-3.3.5-3.module+el9.4.0+90406+79f381be.noarch.rpm	2ad44040979abde1164090d0b8096c3f1554986b0429e75e6e18007458b6cf61	-	ol9_aarch64_appstream
	ruby-devel-3.3.5-3.module+el9.4.0+90406+79f381be.aarch64.rpm	1bc85e46ceaa532060a970922637b4d3d490b4c2f9dbeddcc2cdc5ad59b8cec7	-	ol9_aarch64_appstream
	ruby-doc-3.3.5-3.module+el9.4.0+90406+79f381be.noarch.rpm	e760d51ffe806a78df093dd38e31c39db3d5f346ff3ed6ce2b553d313cdae6e1	-	ol9_aarch64_appstream
	ruby-libs-3.3.5-3.module+el9.4.0+90406+79f381be.aarch64.rpm	d6ac502855829cd209de821ff613e701cc591e4787eaaccaaef28faa61bfcf85	-	ol9_aarch64_appstream
	rubygem-bigdecimal-3.1.5-3.module+el9.4.0+90406+79f381be.aarch64.rpm	d7cf219a726d739c060c58282109ac1e59a651651140d6bf874eb5da7258cb8d	-	ol9_aarch64_appstream
	rubygem-bundler-2.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm	7f85b78f7f84bf1198224987ecbe91780962428ed0a492eda51e184950be0e47	-	ol9_aarch64_appstream
	rubygem-io-console-0.7.1-3.module+el9.4.0+90406+79f381be.aarch64.rpm	21c40b2b14f60204d6f9cabd399960dee95d88d36d366bacf226b96691f07734	-	ol9_aarch64_appstream
	rubygem-irb-1.13.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	f59a7d8e5a0ae88de25d561dd39a2b52c7a201ce82d8eaf20b507b20a02facda	-	ol9_aarch64_appstream
	rubygem-json-2.7.1-3.module+el9.4.0+90406+79f381be.aarch64.rpm	c2b57ab33fd93911abca999391ed467943c3ff1086bc3d4d104f397f585c661b	-	ol9_aarch64_appstream
	rubygem-minitest-5.20.0-3.module+el9.4.0+90406+79f381be.noarch.rpm	ea37744402e8430a7bd20ea27d2f254fcf73fc1e735cf92ab3231d4effee5031	-	ol9_aarch64_appstream
	rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.aarch64.rpm	9d3afd7c59cc374a713d1223d9391323f81079b8b53169975439c43f9abb5d63	-	ol9_aarch64_appstream
	rubygem-mysql2-doc-0.5.5-1.module+el9.4.0+90257+8524dee7.noarch.rpm	8bc90e3d04ab8c6ad14068be23b1e19bc89ba04ea547eac814fb42cfa5c1218a	-	ol9_aarch64_appstream
	rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.aarch64.rpm	af31e72ea3a61a0086971182de495058ac550858b79cfdcc4f2f62802eae2ca2	-	ol9_aarch64_appstream
	rubygem-pg-doc-1.5.4-1.module+el9.4.0+90257+8524dee7.noarch.rpm	b922999b94464f3f0b6875c97c951ffe507c1287f275a2950aceae5c1f9c41a5	-	ol9_aarch64_appstream
	rubygem-power_assert-2.0.3-3.module+el9.4.0+90406+79f381be.noarch.rpm	27700d5e3103ea3138c420ba965ba552a716c061bf7edb7c6bf117aa0a8e5512	-	ol9_aarch64_appstream
	rubygem-psych-5.1.2-3.module+el9.4.0+90406+79f381be.aarch64.rpm	2889db5f5832e959f9224661a711231fd8c7f1c543a1e46328cc396d0943b70e	-	ol9_aarch64_appstream
	rubygem-racc-1.7.3-3.module+el9.4.0+90406+79f381be.aarch64.rpm	cfa6b82b37fe03ad190175be753b94d667acccf7fa57650331a1a26fdc01420e	-	ol9_aarch64_appstream
	rubygem-rake-13.1.0-3.module+el9.4.0+90406+79f381be.noarch.rpm	883352c4104fefbe35813a9d9d2df42a6a969bf33e0bd36b5f859dcaa05eeb8c	-	ol9_aarch64_appstream
	rubygem-rbs-3.4.0-3.module+el9.4.0+90406+79f381be.aarch64.rpm	61597d7e517643ba769197a9f52b6929c20e89dd41718ff4733247dc1f6fffd9	-	ol9_aarch64_appstream
	rubygem-rdoc-6.6.3.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	c274b9d1585e6b183adbf752acf042fa0214979f7305b1e24f097bfd5f05972a	-	ol9_aarch64_appstream
	rubygem-rexml-3.3.6-3.module+el9.4.0+90406+79f381be.noarch.rpm	adf4216f5fe57621877611786645a63014097863451059066c2cf4b2dc0a85a2	-	ol9_aarch64_appstream
	rubygem-rss-0.3.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	70e6239b9830f694d64cedeb41033d22a4cc05ff3902e84f9627c64ce0d3ffe7	-	ol9_aarch64_appstream
	rubygem-test-unit-3.6.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	b8783264d343859d4e8d43584a82c45ae768401a23e3e521c73789342a8b53ee	-	ol9_aarch64_appstream
	rubygem-typeprof-0.21.9-3.module+el9.4.0+90406+79f381be.noarch.rpm	08968155e20c79920d14b1ffa7566f19617ca729c162a172d1657b33f7f2087d	-	ol9_aarch64_appstream
	rubygems-3.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm	a55711c0551197cea0347b20d8f458b0c6324877dd0f88754cd90650ddb4b956	-	ol9_aarch64_appstream
	rubygems-devel-3.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm	82bb8f157248e4c403b44cae116adefafc2b2e2001c4d84b6e6080050c721e6f	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	ruby-3.3.5-3.module+el9.4.0+90406+79f381be.src.rpm	1a2c55e989e20abe78b8731c3157fc1cacac1783f6bceb99a21eb2b84004a513	-	ol9_x86_64_appstream
	rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.src.rpm	58b85a0b5a8f0d729a36c2344fb716df0b55c3c94ce5a488b1f499b22ec7b85a	-	ol9_x86_64_appstream
	rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.src.rpm	dcb8d5510a370818152409cb6e28a65cd8ef5524451e043eb0595bd3093c2766	-	ol9_x86_64_appstream
	ruby-3.3.5-3.module+el9.4.0+90406+79f381be.i686.rpm	27e0f98064e3fb487279b36f77e362093c4a66562bf4c1831059e1f51352ebd2	-	ol9_x86_64_appstream
	ruby-3.3.5-3.module+el9.4.0+90406+79f381be.x86_64.rpm	1de2d30c165779953391cdd971b56ebab7da5c206e27842c987c5f9a547a4b65	-	ol9_x86_64_appstream
	ruby-bundled-gems-3.3.5-3.module+el9.4.0+90406+79f381be.i686.rpm	ca27836a46fab39bc507472332fa5d7afeb1523cc1a17a6d81f61a6cf2b3eade	-	ol9_x86_64_appstream
	ruby-bundled-gems-3.3.5-3.module+el9.4.0+90406+79f381be.x86_64.rpm	dcaa797a0541769851c2b02d41496093869a1128e52a333cca0171724601edf5	-	ol9_x86_64_appstream
	ruby-default-gems-3.3.5-3.module+el9.4.0+90406+79f381be.noarch.rpm	2ad44040979abde1164090d0b8096c3f1554986b0429e75e6e18007458b6cf61	-	ol9_x86_64_appstream
	ruby-devel-3.3.5-3.module+el9.4.0+90406+79f381be.i686.rpm	6b2f0bed90d2f065c727bf611d04c4fbff014c60783e1bed49db460940abca9b	-	ol9_x86_64_appstream
	ruby-devel-3.3.5-3.module+el9.4.0+90406+79f381be.x86_64.rpm	40ae7fd54b3f729a4a99a88e9f762d4f97d22266b4533fcdf68e591e5f46c76d	-	ol9_x86_64_appstream
	ruby-doc-3.3.5-3.module+el9.4.0+90406+79f381be.noarch.rpm	e760d51ffe806a78df093dd38e31c39db3d5f346ff3ed6ce2b553d313cdae6e1	-	ol9_x86_64_appstream
	ruby-libs-3.3.5-3.module+el9.4.0+90406+79f381be.i686.rpm	da393c77cacf41e652e1a9bbcd7f3c0befe1e31c10433a4919e0603fdb9292cf	-	ol9_x86_64_appstream
	ruby-libs-3.3.5-3.module+el9.4.0+90406+79f381be.x86_64.rpm	e3263f7e59c24bbc31a06a3e24276f0a18a183594cfe9e4d63e0eef0685f7022	-	ol9_x86_64_appstream
	rubygem-bigdecimal-3.1.5-3.module+el9.4.0+90406+79f381be.i686.rpm	dab8305f1a769f6b6420acaf25815d48fb13baba94effa638b0d50142fbe4ab7	-	ol9_x86_64_appstream
	rubygem-bigdecimal-3.1.5-3.module+el9.4.0+90406+79f381be.x86_64.rpm	88d91eb59a2b02e65235cb4ff2238b86f187bdd496d51c0354bdd80371c45e47	-	ol9_x86_64_appstream
	rubygem-bundler-2.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm	7f85b78f7f84bf1198224987ecbe91780962428ed0a492eda51e184950be0e47	-	ol9_x86_64_appstream
	rubygem-io-console-0.7.1-3.module+el9.4.0+90406+79f381be.i686.rpm	df288e1621f0ef6ddfde0271308834687e5201c7a55f169552e480c08a8115e3	-	ol9_x86_64_appstream
	rubygem-io-console-0.7.1-3.module+el9.4.0+90406+79f381be.x86_64.rpm	18e73c948c936743cd2c9354023672dc0081f1ae60bfff0e84c59ea54795ae32	-	ol9_x86_64_appstream
	rubygem-irb-1.13.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	f59a7d8e5a0ae88de25d561dd39a2b52c7a201ce82d8eaf20b507b20a02facda	-	ol9_x86_64_appstream
	rubygem-json-2.7.1-3.module+el9.4.0+90406+79f381be.i686.rpm	36c6a75e5f87ef60197e57bd3c68c3e371cec2fcd07ad4981ccaac0d0918f95f	-	ol9_x86_64_appstream
	rubygem-json-2.7.1-3.module+el9.4.0+90406+79f381be.x86_64.rpm	0c3d13132af95347dbea3bd1da8c71e62e3638f23b8affbc7b73249af4c5f44c	-	ol9_x86_64_appstream
	rubygem-minitest-5.20.0-3.module+el9.4.0+90406+79f381be.noarch.rpm	ea37744402e8430a7bd20ea27d2f254fcf73fc1e735cf92ab3231d4effee5031	-	ol9_x86_64_appstream
	rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.x86_64.rpm	83b7b4c2fc3fe3922735193e3530af61a1c012440017b1942293fff3edd5312d	-	ol9_x86_64_appstream
	rubygem-mysql2-doc-0.5.5-1.module+el9.4.0+90257+8524dee7.noarch.rpm	8bc90e3d04ab8c6ad14068be23b1e19bc89ba04ea547eac814fb42cfa5c1218a	-	ol9_x86_64_appstream
	rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.x86_64.rpm	348fff3413e794419beaf06db232e0efc71bca806fc429310ad633bb5c38d282	-	ol9_x86_64_appstream
	rubygem-pg-doc-1.5.4-1.module+el9.4.0+90257+8524dee7.noarch.rpm	b922999b94464f3f0b6875c97c951ffe507c1287f275a2950aceae5c1f9c41a5	-	ol9_x86_64_appstream
	rubygem-power_assert-2.0.3-3.module+el9.4.0+90406+79f381be.noarch.rpm	27700d5e3103ea3138c420ba965ba552a716c061bf7edb7c6bf117aa0a8e5512	-	ol9_x86_64_appstream
	rubygem-psych-5.1.2-3.module+el9.4.0+90406+79f381be.i686.rpm	c071fae91a33a7d22de6976db8a19a775c345167eb48c0714272538602b6f43a	-	ol9_x86_64_appstream
	rubygem-psych-5.1.2-3.module+el9.4.0+90406+79f381be.x86_64.rpm	7787d045adb8c25351da13070be2a6bb9fd344d19378a01f50de8216358ac76c	-	ol9_x86_64_appstream
	rubygem-racc-1.7.3-3.module+el9.4.0+90406+79f381be.i686.rpm	3d4355732d8def56b633752d0ff871d18e37c347b0e04d4065f08f62e731d0e6	-	ol9_x86_64_appstream
	rubygem-racc-1.7.3-3.module+el9.4.0+90406+79f381be.x86_64.rpm	a5bd16f6ee4dc54c407511758c0c08639ee74d5b5e5458e85c7cbf6f454574a6	-	ol9_x86_64_appstream
	rubygem-rake-13.1.0-3.module+el9.4.0+90406+79f381be.noarch.rpm	883352c4104fefbe35813a9d9d2df42a6a969bf33e0bd36b5f859dcaa05eeb8c	-	ol9_x86_64_appstream
	rubygem-rbs-3.4.0-3.module+el9.4.0+90406+79f381be.i686.rpm	13acabfd40853887e35026f2ff323602325d893356523a59192fd2782b32c492	-	ol9_x86_64_appstream
	rubygem-rbs-3.4.0-3.module+el9.4.0+90406+79f381be.x86_64.rpm	e7ca11aa5ab7fb2611680fdbeaed8d771cc714fe029511dcdeef27ebc4b62b3a	-	ol9_x86_64_appstream
	rubygem-rdoc-6.6.3.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	c274b9d1585e6b183adbf752acf042fa0214979f7305b1e24f097bfd5f05972a	-	ol9_x86_64_appstream
	rubygem-rexml-3.3.6-3.module+el9.4.0+90406+79f381be.noarch.rpm	adf4216f5fe57621877611786645a63014097863451059066c2cf4b2dc0a85a2	-	ol9_x86_64_appstream
	rubygem-rss-0.3.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	70e6239b9830f694d64cedeb41033d22a4cc05ff3902e84f9627c64ce0d3ffe7	-	ol9_x86_64_appstream
	rubygem-test-unit-3.6.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	b8783264d343859d4e8d43584a82c45ae768401a23e3e521c73789342a8b53ee	-	ol9_x86_64_appstream
	rubygem-typeprof-0.21.9-3.module+el9.4.0+90406+79f381be.noarch.rpm	08968155e20c79920d14b1ffa7566f19617ca729c162a172d1657b33f7f2087d	-	ol9_x86_64_appstream
	rubygems-3.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm	a55711c0551197cea0347b20d8f458b0c6324877dd0f88754cd90650ddb4b956	-	ol9_x86_64_appstream
	rubygems-devel-3.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm	82bb8f157248e4c403b44cae116adefafc2b2e2001c4d84b6e6080050c721e6f	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691