ELSA-2024-6785

ULN >
Oracle Linux Errata repository >
ELSA-2024-6785

ELSA-2024-6785 - ruby:3.3 security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-09-19

Description

ruby
[3.3.5-3]
- Upgrade to Ruby 3.3.5
Resolves: RHEL-57576
- Fix DoS vulnerability in rexml.
(CVE-2024-39908)
(CVE-2024-41946)
(CVE-2024-43398)
Resolves: RHEL-57573
Resolves: RHEL-57570
Resolves: RHEL-57578
- Fix REXML DoS when parsing an XML having many specific characters such as
whitespace character, >] and ]>.
(CVE-2024-41123)
Resolves: RHEL-57567
- Fix incorrect symlink for rubygem-irb's library.
Resolves: RHEL-57597

[3.3.1-2]
- Upgrade to Ruby 3.3.1.
Resolves: RHEL-37697
- Fix buffer overread vulnerability in StringIO.
(CVE-2024-27280)
Resolves: RHEL-37699
- Fix RCE vulnerability with .rdoc_options in RDoc.
(CVE-2024-27281)
Resolves: RHEL-37696
- Fix Arbitrary memory address read vulnerability with Regex search.
(CVE-2024-27282)
Resolves: RHEL-37698

[3.3.0-1]
- Upgrade to Ruby 3.3.0.
Resolves: RHEL-17089

[3.1.2-142]
- Bypass git submodule test failure on Git >= 2.38.1.
- Fix tests with Europe/Amsterdam pre-1970 time on tzdata version 2022b.
- Fix for tzdata-2022g.
- Fix OpenSSL.fips_mode and OpenSSL::PKey.read in OpenSSL 3 FIPS.
Resolves: RHEL-5590
- ssl: use ffdhe2048 from RFC 7919 as the default DH group parameters
Related: RHEL-5590
- Disable fiddle tests that use FFI closures.
Related: RHEL-5590

rubygem-mysql2
[0.5.5-1]
- Upgrade to mysql2 0.5.5.
Related: RHEL-17089

rubygem-pg
[1.5.4-1]
- Upgrade to pg 1.5.4.
Related: RHEL-17089

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	ruby-3.3.5-3.module+el9.4.0+90406+79f381be.src.rpm	480bdeb8254cfcbdd2b65a1033b415ec	-	ol9_aarch64_appstream
	rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.src.rpm	cd0ba42409e50e33a185626d95c74093	-	ol9_aarch64_appstream
	rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.src.rpm	ca602ccd27ad3041345f465847fffcca	-	ol9_aarch64_appstream
	ruby-3.3.5-3.module+el9.4.0+90406+79f381be.aarch64.rpm	104fee7e3e41d123ef0bdb8bb0aa5004	-	ol9_aarch64_appstream
	ruby-bundled-gems-3.3.5-3.module+el9.4.0+90406+79f381be.aarch64.rpm	b59be2b1d2835baa5341afd6476256a5	-	ol9_aarch64_appstream
	ruby-default-gems-3.3.5-3.module+el9.4.0+90406+79f381be.noarch.rpm	5ca2d6d57cf9e9d60df55f838794442e	-	ol9_aarch64_appstream
	ruby-devel-3.3.5-3.module+el9.4.0+90406+79f381be.aarch64.rpm	6926b4ce7763604c3833fbca88d38b86	-	ol9_aarch64_appstream
	ruby-doc-3.3.5-3.module+el9.4.0+90406+79f381be.noarch.rpm	332c83ff18978abc756f999f18e8461d	-	ol9_aarch64_appstream
	ruby-libs-3.3.5-3.module+el9.4.0+90406+79f381be.aarch64.rpm	6ab01b39e71caaf61624075d6e5337d3	-	ol9_aarch64_appstream
	rubygem-bigdecimal-3.1.5-3.module+el9.4.0+90406+79f381be.aarch64.rpm	6839c1936f434493842d905ede08315b	-	ol9_aarch64_appstream
	rubygem-bundler-2.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm	b7a6a2b2b62b62115e708d6297baef7f	-	ol9_aarch64_appstream
	rubygem-io-console-0.7.1-3.module+el9.4.0+90406+79f381be.aarch64.rpm	c39d9a05dbda6048da35de261aa7ac55	-	ol9_aarch64_appstream
	rubygem-irb-1.13.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	515cb320d73ffccdebde261df11609fe	-	ol9_aarch64_appstream
	rubygem-json-2.7.1-3.module+el9.4.0+90406+79f381be.aarch64.rpm	2f5fcde111338bb6f4022f3c8108367e	-	ol9_aarch64_appstream
	rubygem-minitest-5.20.0-3.module+el9.4.0+90406+79f381be.noarch.rpm	f4df9b7a77ca0cc5efb28c952c7d33e9	-	ol9_aarch64_appstream
	rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.aarch64.rpm	ca880ffc7b6cef16c195de57daa39154	-	ol9_aarch64_appstream
	rubygem-mysql2-doc-0.5.5-1.module+el9.4.0+90257+8524dee7.noarch.rpm	4d140f6bae65714703c49e0e6eb2cd65	-	ol9_aarch64_appstream
	rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.aarch64.rpm	464c4371422a11190619899b6585be02	-	ol9_aarch64_appstream
	rubygem-pg-doc-1.5.4-1.module+el9.4.0+90257+8524dee7.noarch.rpm	aa9de61c434850214c8c62df599da5d9	-	ol9_aarch64_appstream
	rubygem-power_assert-2.0.3-3.module+el9.4.0+90406+79f381be.noarch.rpm	bc8a47b0f4901aa359f115947ee3e42a	-	ol9_aarch64_appstream
	rubygem-psych-5.1.2-3.module+el9.4.0+90406+79f381be.aarch64.rpm	ecd816f027d45466c4097c7ad3cb0946	-	ol9_aarch64_appstream
	rubygem-racc-1.7.3-3.module+el9.4.0+90406+79f381be.aarch64.rpm	8dc87c23b89fcfb0dbab5227495ab725	-	ol9_aarch64_appstream
	rubygem-rake-13.1.0-3.module+el9.4.0+90406+79f381be.noarch.rpm	f19e316866f2b35da7a9d3248617daef	-	ol9_aarch64_appstream
	rubygem-rbs-3.4.0-3.module+el9.4.0+90406+79f381be.aarch64.rpm	937c58c2fb14b7c4472b517520f0c546	-	ol9_aarch64_appstream
	rubygem-rdoc-6.6.3.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	271da018c7712b498566202a63a0283d	-	ol9_aarch64_appstream
	rubygem-rexml-3.3.6-3.module+el9.4.0+90406+79f381be.noarch.rpm	35a7b7f317a417b2ac8624fa50e2c24a	-	ol9_aarch64_appstream
	rubygem-rss-0.3.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	509731f5718e3479a4d962a15f7ba3aa	-	ol9_aarch64_appstream
	rubygem-test-unit-3.6.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	f9c246481acc44e0a0dbf5123999eb00	-	ol9_aarch64_appstream
	rubygem-typeprof-0.21.9-3.module+el9.4.0+90406+79f381be.noarch.rpm	cafc9f3d818432b7faebb9c2df9eeeb7	-	ol9_aarch64_appstream
	rubygems-3.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm	4fb2452aa89cf11e9faec6bd0f8e34a6	-	ol9_aarch64_appstream
	rubygems-devel-3.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm	ae686c07c5a976d838ee9f226cad1fb9	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	ruby-3.3.5-3.module+el9.4.0+90406+79f381be.src.rpm	480bdeb8254cfcbdd2b65a1033b415ec	-	ol9_x86_64_appstream
	rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.src.rpm	cd0ba42409e50e33a185626d95c74093	-	ol9_x86_64_appstream
	rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.src.rpm	ca602ccd27ad3041345f465847fffcca	-	ol9_x86_64_appstream
	ruby-3.3.5-3.module+el9.4.0+90406+79f381be.i686.rpm	6873a7bede92ac6350ccd546783e6974	-	ol9_x86_64_appstream
	ruby-3.3.5-3.module+el9.4.0+90406+79f381be.x86_64.rpm	6a73b362b3eaa1b6bca6cbf5200129b5	-	ol9_x86_64_appstream
	ruby-bundled-gems-3.3.5-3.module+el9.4.0+90406+79f381be.i686.rpm	2814356014035897e8982e8fba878a15	-	ol9_x86_64_appstream
	ruby-bundled-gems-3.3.5-3.module+el9.4.0+90406+79f381be.x86_64.rpm	14ee63aaf8a49cf2fb665ce0b541303f	-	ol9_x86_64_appstream
	ruby-default-gems-3.3.5-3.module+el9.4.0+90406+79f381be.noarch.rpm	5ca2d6d57cf9e9d60df55f838794442e	-	ol9_x86_64_appstream
	ruby-devel-3.3.5-3.module+el9.4.0+90406+79f381be.i686.rpm	cdcea716007054d4ba09a34461509989	-	ol9_x86_64_appstream
	ruby-devel-3.3.5-3.module+el9.4.0+90406+79f381be.x86_64.rpm	f8bf9dcfc9e4a4ba18199d0b35b64f47	-	ol9_x86_64_appstream
	ruby-doc-3.3.5-3.module+el9.4.0+90406+79f381be.noarch.rpm	332c83ff18978abc756f999f18e8461d	-	ol9_x86_64_appstream
	ruby-libs-3.3.5-3.module+el9.4.0+90406+79f381be.i686.rpm	186aac36fabca313e94a7af1eafe212d	-	ol9_x86_64_appstream
	ruby-libs-3.3.5-3.module+el9.4.0+90406+79f381be.x86_64.rpm	003d0e6126dd62611478e7691c7405ce	-	ol9_x86_64_appstream
	rubygem-bigdecimal-3.1.5-3.module+el9.4.0+90406+79f381be.i686.rpm	b38ccbb6f2b990578080201944a9f30d	-	ol9_x86_64_appstream
	rubygem-bigdecimal-3.1.5-3.module+el9.4.0+90406+79f381be.x86_64.rpm	637077ad825e0dcb25c8f79b47876efa	-	ol9_x86_64_appstream
	rubygem-bundler-2.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm	b7a6a2b2b62b62115e708d6297baef7f	-	ol9_x86_64_appstream
	rubygem-io-console-0.7.1-3.module+el9.4.0+90406+79f381be.i686.rpm	de8066609caf9572c9758bab14652c9c	-	ol9_x86_64_appstream
	rubygem-io-console-0.7.1-3.module+el9.4.0+90406+79f381be.x86_64.rpm	7923e6c2c31488a85067fc1b696b20ee	-	ol9_x86_64_appstream
	rubygem-irb-1.13.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	515cb320d73ffccdebde261df11609fe	-	ol9_x86_64_appstream
	rubygem-json-2.7.1-3.module+el9.4.0+90406+79f381be.i686.rpm	6f9627994ecc7e6a27aa186592bc146d	-	ol9_x86_64_appstream
	rubygem-json-2.7.1-3.module+el9.4.0+90406+79f381be.x86_64.rpm	13505739ca4cb87231c14fd7d97efa5f	-	ol9_x86_64_appstream
	rubygem-minitest-5.20.0-3.module+el9.4.0+90406+79f381be.noarch.rpm	f4df9b7a77ca0cc5efb28c952c7d33e9	-	ol9_x86_64_appstream
	rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.x86_64.rpm	c8c9094d603093a81febce00039e9001	-	ol9_x86_64_appstream
	rubygem-mysql2-doc-0.5.5-1.module+el9.4.0+90257+8524dee7.noarch.rpm	4d140f6bae65714703c49e0e6eb2cd65	-	ol9_x86_64_appstream
	rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.x86_64.rpm	82e6ccf47fe1eeb449a4aa7170226fa0	-	ol9_x86_64_appstream
	rubygem-pg-doc-1.5.4-1.module+el9.4.0+90257+8524dee7.noarch.rpm	aa9de61c434850214c8c62df599da5d9	-	ol9_x86_64_appstream
	rubygem-power_assert-2.0.3-3.module+el9.4.0+90406+79f381be.noarch.rpm	bc8a47b0f4901aa359f115947ee3e42a	-	ol9_x86_64_appstream
	rubygem-psych-5.1.2-3.module+el9.4.0+90406+79f381be.i686.rpm	d863a6481e443b0062aa7cdce928827d	-	ol9_x86_64_appstream
	rubygem-psych-5.1.2-3.module+el9.4.0+90406+79f381be.x86_64.rpm	b992e339b8d41760aabfcfa1c5b512a8	-	ol9_x86_64_appstream
	rubygem-racc-1.7.3-3.module+el9.4.0+90406+79f381be.i686.rpm	395bf55676918c47353dd917711e3547	-	ol9_x86_64_appstream
	rubygem-racc-1.7.3-3.module+el9.4.0+90406+79f381be.x86_64.rpm	ff105f0c5f664cb73dc1e69b34d818c0	-	ol9_x86_64_appstream
	rubygem-rake-13.1.0-3.module+el9.4.0+90406+79f381be.noarch.rpm	f19e316866f2b35da7a9d3248617daef	-	ol9_x86_64_appstream
	rubygem-rbs-3.4.0-3.module+el9.4.0+90406+79f381be.i686.rpm	b5c6bfa975d6dba717ef9eb5b479ea0a	-	ol9_x86_64_appstream
	rubygem-rbs-3.4.0-3.module+el9.4.0+90406+79f381be.x86_64.rpm	e3068a8d9743194ccad381ff6edbd1a2	-	ol9_x86_64_appstream
	rubygem-rdoc-6.6.3.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	271da018c7712b498566202a63a0283d	-	ol9_x86_64_appstream
	rubygem-rexml-3.3.6-3.module+el9.4.0+90406+79f381be.noarch.rpm	35a7b7f317a417b2ac8624fa50e2c24a	-	ol9_x86_64_appstream
	rubygem-rss-0.3.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	509731f5718e3479a4d962a15f7ba3aa	-	ol9_x86_64_appstream
	rubygem-test-unit-3.6.1-3.module+el9.4.0+90406+79f381be.noarch.rpm	f9c246481acc44e0a0dbf5123999eb00	-	ol9_x86_64_appstream
	rubygem-typeprof-0.21.9-3.module+el9.4.0+90406+79f381be.noarch.rpm	cafc9f3d818432b7faebb9c2df9eeeb7	-	ol9_x86_64_appstream
	rubygems-3.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm	4fb2452aa89cf11e9faec6bd0f8e34a6	-	ol9_x86_64_appstream
	rubygems-devel-3.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm	ae686c07c5a976d838ee9f226cad1fb9	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

Oracle customers - enter a support request
Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691