ELSA-2024-6785

ELSA-2024-6785 - ruby:3.3 security update

Type:SECURITY
Impact:MODERATE
Release Date:2024-09-19

Description


ruby
[3.3.5-3]
- Upgrade to Ruby 3.3.5
Resolves: RHEL-57576
- Fix DoS vulnerability in rexml.
(CVE-2024-39908)
(CVE-2024-41946)
(CVE-2024-43398)
Resolves: RHEL-57573
Resolves: RHEL-57570
Resolves: RHEL-57578
- Fix REXML DoS when parsing an XML having many specific characters such as
whitespace character, >] and ]>.
(CVE-2024-41123)
Resolves: RHEL-57567
- Fix incorrect symlink for rubygem-irb's library.
Resolves: RHEL-57597

[3.3.1-2]
- Upgrade to Ruby 3.3.1.
Resolves: RHEL-37697
- Fix buffer overread vulnerability in StringIO.
(CVE-2024-27280)
Resolves: RHEL-37699
- Fix RCE vulnerability with .rdoc_options in RDoc.
(CVE-2024-27281)
Resolves: RHEL-37696
- Fix Arbitrary memory address read vulnerability with Regex search.
(CVE-2024-27282)
Resolves: RHEL-37698

[3.3.0-1]
- Upgrade to Ruby 3.3.0.
Resolves: RHEL-17089

[3.1.2-142]
- Bypass git submodule test failure on Git >= 2.38.1.
- Fix tests with Europe/Amsterdam pre-1970 time on tzdata version 2022b.
- Fix for tzdata-2022g.
- Fix OpenSSL.fips_mode and OpenSSL::PKey.read in OpenSSL 3 FIPS.
Resolves: RHEL-5590
- ssl: use ffdhe2048 from RFC 7919 as the default DH group parameters
Related: RHEL-5590
- Disable fiddle tests that use FFI closures.
Related: RHEL-5590

rubygem-mysql2
[0.5.5-1]
- Upgrade to mysql2 0.5.5.
Related: RHEL-17089

rubygem-pg
[1.5.4-1]
- Upgrade to pg 1.5.4.
Related: RHEL-17089


Related CVEs


CVE-2024-41123
CVE-2024-41946
CVE-2024-43398
CVE-2024-39908

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) ruby-3.3.5-3.module+el9.4.0+90406+79f381be.src.rpm1a2c55e989e20abe78b8731c3157fc1cacac1783f6bceb99a21eb2b84004a513-ol9_aarch64_appstream
rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.src.rpm58b85a0b5a8f0d729a36c2344fb716df0b55c3c94ce5a488b1f499b22ec7b85a-ol9_aarch64_appstream
rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.src.rpmdcb8d5510a370818152409cb6e28a65cd8ef5524451e043eb0595bd3093c2766-ol9_aarch64_appstream
ruby-3.3.5-3.module+el9.4.0+90406+79f381be.aarch64.rpmb9cfc7138a7f37c811dd7fa4b12ae78ae0ff2b75b88f9fea18e236f6a579d9d1-ol9_aarch64_appstream
ruby-bundled-gems-3.3.5-3.module+el9.4.0+90406+79f381be.aarch64.rpme6f724a71b2edee2b134ba7566d61fcbe928feaaa3852a38deae4c961c419c86-ol9_aarch64_appstream
ruby-default-gems-3.3.5-3.module+el9.4.0+90406+79f381be.noarch.rpm2ad44040979abde1164090d0b8096c3f1554986b0429e75e6e18007458b6cf61-ol9_aarch64_appstream
ruby-devel-3.3.5-3.module+el9.4.0+90406+79f381be.aarch64.rpm1bc85e46ceaa532060a970922637b4d3d490b4c2f9dbeddcc2cdc5ad59b8cec7-ol9_aarch64_appstream
ruby-doc-3.3.5-3.module+el9.4.0+90406+79f381be.noarch.rpme760d51ffe806a78df093dd38e31c39db3d5f346ff3ed6ce2b553d313cdae6e1-ol9_aarch64_appstream
ruby-libs-3.3.5-3.module+el9.4.0+90406+79f381be.aarch64.rpmd6ac502855829cd209de821ff613e701cc591e4787eaaccaaef28faa61bfcf85-ol9_aarch64_appstream
rubygem-bigdecimal-3.1.5-3.module+el9.4.0+90406+79f381be.aarch64.rpmd7cf219a726d739c060c58282109ac1e59a651651140d6bf874eb5da7258cb8d-ol9_aarch64_appstream
rubygem-bundler-2.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm7f85b78f7f84bf1198224987ecbe91780962428ed0a492eda51e184950be0e47-ol9_aarch64_appstream
rubygem-io-console-0.7.1-3.module+el9.4.0+90406+79f381be.aarch64.rpm21c40b2b14f60204d6f9cabd399960dee95d88d36d366bacf226b96691f07734-ol9_aarch64_appstream
rubygem-irb-1.13.1-3.module+el9.4.0+90406+79f381be.noarch.rpmf59a7d8e5a0ae88de25d561dd39a2b52c7a201ce82d8eaf20b507b20a02facda-ol9_aarch64_appstream
rubygem-json-2.7.1-3.module+el9.4.0+90406+79f381be.aarch64.rpmc2b57ab33fd93911abca999391ed467943c3ff1086bc3d4d104f397f585c661b-ol9_aarch64_appstream
rubygem-minitest-5.20.0-3.module+el9.4.0+90406+79f381be.noarch.rpmea37744402e8430a7bd20ea27d2f254fcf73fc1e735cf92ab3231d4effee5031-ol9_aarch64_appstream
rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.aarch64.rpm9d3afd7c59cc374a713d1223d9391323f81079b8b53169975439c43f9abb5d63-ol9_aarch64_appstream
rubygem-mysql2-doc-0.5.5-1.module+el9.4.0+90257+8524dee7.noarch.rpm8bc90e3d04ab8c6ad14068be23b1e19bc89ba04ea547eac814fb42cfa5c1218a-ol9_aarch64_appstream
rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.aarch64.rpmaf31e72ea3a61a0086971182de495058ac550858b79cfdcc4f2f62802eae2ca2-ol9_aarch64_appstream
rubygem-pg-doc-1.5.4-1.module+el9.4.0+90257+8524dee7.noarch.rpmb922999b94464f3f0b6875c97c951ffe507c1287f275a2950aceae5c1f9c41a5-ol9_aarch64_appstream
rubygem-power_assert-2.0.3-3.module+el9.4.0+90406+79f381be.noarch.rpm27700d5e3103ea3138c420ba965ba552a716c061bf7edb7c6bf117aa0a8e5512-ol9_aarch64_appstream
rubygem-psych-5.1.2-3.module+el9.4.0+90406+79f381be.aarch64.rpm2889db5f5832e959f9224661a711231fd8c7f1c543a1e46328cc396d0943b70e-ol9_aarch64_appstream
rubygem-racc-1.7.3-3.module+el9.4.0+90406+79f381be.aarch64.rpmcfa6b82b37fe03ad190175be753b94d667acccf7fa57650331a1a26fdc01420e-ol9_aarch64_appstream
rubygem-rake-13.1.0-3.module+el9.4.0+90406+79f381be.noarch.rpm883352c4104fefbe35813a9d9d2df42a6a969bf33e0bd36b5f859dcaa05eeb8c-ol9_aarch64_appstream
rubygem-rbs-3.4.0-3.module+el9.4.0+90406+79f381be.aarch64.rpm61597d7e517643ba769197a9f52b6929c20e89dd41718ff4733247dc1f6fffd9-ol9_aarch64_appstream
rubygem-rdoc-6.6.3.1-3.module+el9.4.0+90406+79f381be.noarch.rpmc274b9d1585e6b183adbf752acf042fa0214979f7305b1e24f097bfd5f05972a-ol9_aarch64_appstream
rubygem-rexml-3.3.6-3.module+el9.4.0+90406+79f381be.noarch.rpmadf4216f5fe57621877611786645a63014097863451059066c2cf4b2dc0a85a2-ol9_aarch64_appstream
rubygem-rss-0.3.1-3.module+el9.4.0+90406+79f381be.noarch.rpm70e6239b9830f694d64cedeb41033d22a4cc05ff3902e84f9627c64ce0d3ffe7-ol9_aarch64_appstream
rubygem-test-unit-3.6.1-3.module+el9.4.0+90406+79f381be.noarch.rpmb8783264d343859d4e8d43584a82c45ae768401a23e3e521c73789342a8b53ee-ol9_aarch64_appstream
rubygem-typeprof-0.21.9-3.module+el9.4.0+90406+79f381be.noarch.rpm08968155e20c79920d14b1ffa7566f19617ca729c162a172d1657b33f7f2087d-ol9_aarch64_appstream
rubygems-3.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpma55711c0551197cea0347b20d8f458b0c6324877dd0f88754cd90650ddb4b956-ol9_aarch64_appstream
rubygems-devel-3.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm82bb8f157248e4c403b44cae116adefafc2b2e2001c4d84b6e6080050c721e6f-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) ruby-3.3.5-3.module+el9.4.0+90406+79f381be.src.rpm1a2c55e989e20abe78b8731c3157fc1cacac1783f6bceb99a21eb2b84004a513-ol9_x86_64_appstream
rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.src.rpm58b85a0b5a8f0d729a36c2344fb716df0b55c3c94ce5a488b1f499b22ec7b85a-ol9_x86_64_appstream
rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.src.rpmdcb8d5510a370818152409cb6e28a65cd8ef5524451e043eb0595bd3093c2766-ol9_x86_64_appstream
ruby-3.3.5-3.module+el9.4.0+90406+79f381be.i686.rpm27e0f98064e3fb487279b36f77e362093c4a66562bf4c1831059e1f51352ebd2-ol9_x86_64_appstream
ruby-3.3.5-3.module+el9.4.0+90406+79f381be.x86_64.rpm1de2d30c165779953391cdd971b56ebab7da5c206e27842c987c5f9a547a4b65-ol9_x86_64_appstream
ruby-bundled-gems-3.3.5-3.module+el9.4.0+90406+79f381be.i686.rpmca27836a46fab39bc507472332fa5d7afeb1523cc1a17a6d81f61a6cf2b3eade-ol9_x86_64_appstream
ruby-bundled-gems-3.3.5-3.module+el9.4.0+90406+79f381be.x86_64.rpmdcaa797a0541769851c2b02d41496093869a1128e52a333cca0171724601edf5-ol9_x86_64_appstream
ruby-default-gems-3.3.5-3.module+el9.4.0+90406+79f381be.noarch.rpm2ad44040979abde1164090d0b8096c3f1554986b0429e75e6e18007458b6cf61-ol9_x86_64_appstream
ruby-devel-3.3.5-3.module+el9.4.0+90406+79f381be.i686.rpm6b2f0bed90d2f065c727bf611d04c4fbff014c60783e1bed49db460940abca9b-ol9_x86_64_appstream
ruby-devel-3.3.5-3.module+el9.4.0+90406+79f381be.x86_64.rpm40ae7fd54b3f729a4a99a88e9f762d4f97d22266b4533fcdf68e591e5f46c76d-ol9_x86_64_appstream
ruby-doc-3.3.5-3.module+el9.4.0+90406+79f381be.noarch.rpme760d51ffe806a78df093dd38e31c39db3d5f346ff3ed6ce2b553d313cdae6e1-ol9_x86_64_appstream
ruby-libs-3.3.5-3.module+el9.4.0+90406+79f381be.i686.rpmda393c77cacf41e652e1a9bbcd7f3c0befe1e31c10433a4919e0603fdb9292cf-ol9_x86_64_appstream
ruby-libs-3.3.5-3.module+el9.4.0+90406+79f381be.x86_64.rpme3263f7e59c24bbc31a06a3e24276f0a18a183594cfe9e4d63e0eef0685f7022-ol9_x86_64_appstream
rubygem-bigdecimal-3.1.5-3.module+el9.4.0+90406+79f381be.i686.rpmdab8305f1a769f6b6420acaf25815d48fb13baba94effa638b0d50142fbe4ab7-ol9_x86_64_appstream
rubygem-bigdecimal-3.1.5-3.module+el9.4.0+90406+79f381be.x86_64.rpm88d91eb59a2b02e65235cb4ff2238b86f187bdd496d51c0354bdd80371c45e47-ol9_x86_64_appstream
rubygem-bundler-2.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm7f85b78f7f84bf1198224987ecbe91780962428ed0a492eda51e184950be0e47-ol9_x86_64_appstream
rubygem-io-console-0.7.1-3.module+el9.4.0+90406+79f381be.i686.rpmdf288e1621f0ef6ddfde0271308834687e5201c7a55f169552e480c08a8115e3-ol9_x86_64_appstream
rubygem-io-console-0.7.1-3.module+el9.4.0+90406+79f381be.x86_64.rpm18e73c948c936743cd2c9354023672dc0081f1ae60bfff0e84c59ea54795ae32-ol9_x86_64_appstream
rubygem-irb-1.13.1-3.module+el9.4.0+90406+79f381be.noarch.rpmf59a7d8e5a0ae88de25d561dd39a2b52c7a201ce82d8eaf20b507b20a02facda-ol9_x86_64_appstream
rubygem-json-2.7.1-3.module+el9.4.0+90406+79f381be.i686.rpm36c6a75e5f87ef60197e57bd3c68c3e371cec2fcd07ad4981ccaac0d0918f95f-ol9_x86_64_appstream
rubygem-json-2.7.1-3.module+el9.4.0+90406+79f381be.x86_64.rpm0c3d13132af95347dbea3bd1da8c71e62e3638f23b8affbc7b73249af4c5f44c-ol9_x86_64_appstream
rubygem-minitest-5.20.0-3.module+el9.4.0+90406+79f381be.noarch.rpmea37744402e8430a7bd20ea27d2f254fcf73fc1e735cf92ab3231d4effee5031-ol9_x86_64_appstream
rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.x86_64.rpm83b7b4c2fc3fe3922735193e3530af61a1c012440017b1942293fff3edd5312d-ol9_x86_64_appstream
rubygem-mysql2-doc-0.5.5-1.module+el9.4.0+90257+8524dee7.noarch.rpm8bc90e3d04ab8c6ad14068be23b1e19bc89ba04ea547eac814fb42cfa5c1218a-ol9_x86_64_appstream
rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.x86_64.rpm348fff3413e794419beaf06db232e0efc71bca806fc429310ad633bb5c38d282-ol9_x86_64_appstream
rubygem-pg-doc-1.5.4-1.module+el9.4.0+90257+8524dee7.noarch.rpmb922999b94464f3f0b6875c97c951ffe507c1287f275a2950aceae5c1f9c41a5-ol9_x86_64_appstream
rubygem-power_assert-2.0.3-3.module+el9.4.0+90406+79f381be.noarch.rpm27700d5e3103ea3138c420ba965ba552a716c061bf7edb7c6bf117aa0a8e5512-ol9_x86_64_appstream
rubygem-psych-5.1.2-3.module+el9.4.0+90406+79f381be.i686.rpmc071fae91a33a7d22de6976db8a19a775c345167eb48c0714272538602b6f43a-ol9_x86_64_appstream
rubygem-psych-5.1.2-3.module+el9.4.0+90406+79f381be.x86_64.rpm7787d045adb8c25351da13070be2a6bb9fd344d19378a01f50de8216358ac76c-ol9_x86_64_appstream
rubygem-racc-1.7.3-3.module+el9.4.0+90406+79f381be.i686.rpm3d4355732d8def56b633752d0ff871d18e37c347b0e04d4065f08f62e731d0e6-ol9_x86_64_appstream
rubygem-racc-1.7.3-3.module+el9.4.0+90406+79f381be.x86_64.rpma5bd16f6ee4dc54c407511758c0c08639ee74d5b5e5458e85c7cbf6f454574a6-ol9_x86_64_appstream
rubygem-rake-13.1.0-3.module+el9.4.0+90406+79f381be.noarch.rpm883352c4104fefbe35813a9d9d2df42a6a969bf33e0bd36b5f859dcaa05eeb8c-ol9_x86_64_appstream
rubygem-rbs-3.4.0-3.module+el9.4.0+90406+79f381be.i686.rpm13acabfd40853887e35026f2ff323602325d893356523a59192fd2782b32c492-ol9_x86_64_appstream
rubygem-rbs-3.4.0-3.module+el9.4.0+90406+79f381be.x86_64.rpme7ca11aa5ab7fb2611680fdbeaed8d771cc714fe029511dcdeef27ebc4b62b3a-ol9_x86_64_appstream
rubygem-rdoc-6.6.3.1-3.module+el9.4.0+90406+79f381be.noarch.rpmc274b9d1585e6b183adbf752acf042fa0214979f7305b1e24f097bfd5f05972a-ol9_x86_64_appstream
rubygem-rexml-3.3.6-3.module+el9.4.0+90406+79f381be.noarch.rpmadf4216f5fe57621877611786645a63014097863451059066c2cf4b2dc0a85a2-ol9_x86_64_appstream
rubygem-rss-0.3.1-3.module+el9.4.0+90406+79f381be.noarch.rpm70e6239b9830f694d64cedeb41033d22a4cc05ff3902e84f9627c64ce0d3ffe7-ol9_x86_64_appstream
rubygem-test-unit-3.6.1-3.module+el9.4.0+90406+79f381be.noarch.rpmb8783264d343859d4e8d43584a82c45ae768401a23e3e521c73789342a8b53ee-ol9_x86_64_appstream
rubygem-typeprof-0.21.9-3.module+el9.4.0+90406+79f381be.noarch.rpm08968155e20c79920d14b1ffa7566f19617ca729c162a172d1657b33f7f2087d-ol9_x86_64_appstream
rubygems-3.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpma55711c0551197cea0347b20d8f458b0c6324877dd0f88754cd90650ddb4b956-ol9_x86_64_appstream
rubygems-devel-3.5.16-3.module+el9.4.0+90406+79f381be.noarch.rpm82bb8f157248e4c403b44cae116adefafc2b2e2001c4d84b6e6080050c721e6f-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete