[ELSA-2022-6585] ruby security, bug fix, and enhancement update
Severity
Moderate
Affected Packages
22
CVEs
2
[3.0.4-160]
- Upgrade to Ruby 3.0.4.
Resolves: rhbz#2109428
- OpenSSL test suite fixes due to disabled SHA1.
Related: rbhz#2109428
- Fix double free in Regexp compilation.
Resolves: CVE-2022-28738
- Fix buffer overrun in String-to-Float conversion.
Resolves: CVE-2022-28739
- ID
- ELSA-2022-6585
- Severity
- moderate
- URL
- https://linux.oracle.com/errata/ELSA-2022-6585.html
- Published
-
2022-09-21T00:00:00
(2 years ago) - Modified
-
2022-09-21T00:00:00
(2 years ago) - Rights
- Copyright 2022 Oracle, Inc.
- Other Advisories
-
- ALAS-2022-1638
- ALAS2-2022-1853
- ALPINE:CVE-2022-28738
- ALPINE:CVE-2022-28739
- ALSA-2022:6447
- ALSA-2022:6450
- ALSA-2022:6585
- ALSA-2023:7025
- ELSA-2022-5338
- ELSA-2022-6447
- ELSA-2022-6450
- ELSA-2023-12064
- ELSA-2023-7025
- FEDORA-2022-82a9edac27
- FEDORA-2022-8cf0124add
- FEDORA-2022-a7ca6ee0cf
- FREEBSD:06ED6A49-BAD4-11EC-9CFE-0800270512F4
- FREEBSD:F22144D7-BAD1-11EC-9CFE-0800270512F4
- GLSA-202401-27
- MS:CVE-2022-28739
- RHSA-2022:5338
- RHSA-2022:6447
- RHSA-2022:6450
- RHSA-2022:6585
- RHSA-2023:7025
- RLSA-2022:5338
- RLSA-2022:6447
- RLSA-2022:6450
- RLSA-2022:6585
- SSA:2022-103-01
- SUSE-SU-2022:1512-1
- USN-5462-1
- USN-5462-2
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2022-6585 | https://linux.oracle.com/errata/ELSA-2022-6585.html | |
CVE | CVE-2022-28738 | https://linux.oracle.com/cve/CVE-2022-28738.html | |
CVE | CVE-2022-28739 | https://linux.oracle.com/cve/CVE-2022-28739.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/rubygems?distro=oraclelinux-9.0 | oraclelinux | rubygems | < 3.2.33-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygems-devel?distro=oraclelinux-9.0 | oraclelinux | rubygems-devel | < 3.2.33-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-typeprof?distro=oraclelinux-9.0 | oraclelinux | rubygem-typeprof | < 0.15.2-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-test-unit?distro=oraclelinux-9.0 | oraclelinux | rubygem-test-unit | < 3.3.7-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-rss?distro=oraclelinux-9.0 | oraclelinux | rubygem-rss | < 0.2.9-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-rexml?distro=oraclelinux-9.0 | oraclelinux | rubygem-rexml | < 3.2.5-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-rdoc?distro=oraclelinux-9.0 | oraclelinux | rubygem-rdoc | < 6.3.3-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-rbs?distro=oraclelinux-9.0 | oraclelinux | rubygem-rbs | < 1.4.0-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-rake?distro=oraclelinux-9.0 | oraclelinux | rubygem-rake | < 13.0.3-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-psych?distro=oraclelinux-9.0 | oraclelinux | rubygem-psych | < 3.3.2-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-power_assert?distro=oraclelinux-9.0 | oraclelinux | rubygem-power_assert | < 1.2.0-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-minitest?distro=oraclelinux-9.0 | oraclelinux | rubygem-minitest | < 5.14.2-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-json?distro=oraclelinux-9.0 | oraclelinux | rubygem-json | < 2.5.1-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-irb?distro=oraclelinux-9.0 | oraclelinux | rubygem-irb | < 1.3.5-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-io-console?distro=oraclelinux-9.0 | oraclelinux | rubygem-io-console | < 0.5.7-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-bundler?distro=oraclelinux-9.0 | oraclelinux | rubygem-bundler | < 2.2.33-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/rubygem-bigdecimal?distro=oraclelinux-9.0 | oraclelinux | rubygem-bigdecimal | < 3.0.0-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/ruby?distro=oraclelinux-9.0 | oraclelinux | ruby | < 3.0.4-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/ruby-libs?distro=oraclelinux-9.0 | oraclelinux | ruby-libs | < 3.0.4-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/ruby-doc?distro=oraclelinux-9.0 | oraclelinux | ruby-doc | < 3.0.4-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/ruby-devel?distro=oraclelinux-9.0 | oraclelinux | ruby-devel | < 3.0.4-160.el9_0 | oraclelinux-9.0 | ||
Affected | pkg:rpm/oraclelinux/ruby-default-gems?distro=oraclelinux-9.0 | oraclelinux | ruby-default-gems | < 3.0.4-160.el9_0 | oraclelinux-9.0 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |