[ELSA-2024-3500] ruby:3.0 security update
Severity
Moderate
Affected Packages
28
CVEs
6
ruby
[3.0.7-143]
- Fix Zlib test failures on s390x due to HW acceleration
Related: RHEL-36189
[3.0.7-142]
- Upgrade to Ruby 3.0.7.
Resolves: RHEL-36189
- Fix HTTP response splitting in CGI.
Resolves: RHEL-36193
- Fix ReDoS vulnerability in URI.
Resolves: RHEL-36196
- Fix ReDoS vulnerability in Time.
Resolves: RHEL-36205
- Fix buffer overread vulnerability in StringIO.
Resolves: RHEL-36198
- Fix RCE vulnerability with .rdoc_options in RDoc.
Resolves: RHEL-36200
- Fix arbitrary memory address read vulnerability with Regex search.
Resolves: RHEL-36203
rubygem-abrt
rubygem-mysql2
rubygem-pg
- ID
- ELSA-2024-3500
- Severity
- moderate
- URL
- https://linux.oracle.com/errata/ELSA-2024-3500.html
- Published
-
2024-05-31T00:00:00
(3 months ago) - Modified
-
2024-05-31T00:00:00
(3 months ago) - Rights
- Copyright 2024 Oracle, Inc.
- Other Advisories
-
-
ALAS2-2023-2084
-
ALAS2-2024-2503
-
ALPINE:CVE-2021-33621
-
ALPINE:CVE-2023-28755
-
ALPINE:CVE-2023-28756
-
ALPINE:CVE-2024-27280
-
ALPINE:CVE-2024-27281
-
ALPINE:CVE-2024-27282
-
ALSA-2023:3821
-
ALSA-2023:7025
-
ALSA-2024:1431
-
ALSA-2024:1576
-
ALSA-2024:3500
-
ALSA-2024:3546
-
ALSA-2024:3668
-
ALSA-2024:3670
-
ALSA-2024:3671
-
ALSA-2024:3838
-
ALSA-2024:4499
-
DSA-5677-1
-
ELSA-2023-3821
-
ELSA-2023-7025
-
ELSA-2024-1431
-
ELSA-2024-1576
-
ELSA-2024-3546
-
ELSA-2024-3668
-
ELSA-2024-3670
-
ELSA-2024-3671
-
ELSA-2024-3838
-
ELSA-2024-4499
-
FEDORA-2022-b9b710f199
-
FEDORA-2022-ef96a58bbe
-
FEDORA-2022-f0f6c6bec2
-
FEDORA-2023-6b924d3b75
-
FEDORA-2023-a7be7ea1aa
-
FEDORA-2023-f58d72c700
-
FEDORA-2024-14db7b21a2
-
FEDORA-2024-31cac8b8ec
-
FEDORA-2024-48bdd3abbf
-
FREEBSD:2CE1A2F1-0177-11EF-A45E-08002784C58D
-
FREEBSD:6BD2773C-CF1A-11ED-BD44-080027F5FEC9
-
FREEBSD:84AB03B6-6C20-11ED-B519-080027F5FEC9
-
FREEBSD:9B60BBA1-CF18-11ED-BD44-080027F5FEC9
-
GLSA-202401-27
-
GLSA-202406-03
-
RHSA-2023:3821
-
RHSA-2023:7025
-
RHSA-2024:1431
-
RHSA-2024:1576
-
RHSA-2024:3500
-
RHSA-2024:3546
-
RHSA-2024:3668
-
RHSA-2024:3670
-
RHSA-2024:3671
-
RHSA-2024:3838
-
RHSA-2024:4499
-
RUBYSEC:CGI-2021-33621
-
RUBYSEC:RDOC-2024-27281
-
RUBYSEC:STRINGIO-2024-27280
-
RUBYSEC:TIME-2023-28756
-
RUBYSEC:URI-2023-28755
-
RUBYSEC:URI-2023-36617
-
SSA:2022-328-01
-
SSA:2023-090-01
-
SSA:2024-114-01
-
SUSE-SU-2023:4176-1
-
USN-5806-1
-
USN-5806-2
-
USN-5806-3
-
USN-6055-1
-
USN-6055-2
-
USN-6087-1
-
USN-6181-1
-
USN-6219-1
-
USN-6838-1
-
USN-6853-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2024-3500 |
|
|
| CVE | CVE-2021-33621 |
|
|
| CVE | CVE-2024-27281 |
|
|
| CVE | CVE-2024-27280 |
|
|
| CVE | CVE-2024-27282 |
|
|
| CVE | CVE-2023-28755 |
|
|
| CVE | CVE-2023-28756 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/rubygems?distro=oraclelinux-8.1 | oraclelinux |
 rubygems
|
< 3.2.33-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygems-devel?distro=oraclelinux-8.1 | oraclelinux |
rubygems-devel
|
< 3.2.33-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-typeprof?distro=oraclelinux-8.1 | oraclelinux |
rubygem-typeprof
|
< 0.15.2-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-test-unit?distro=oraclelinux-8.1 | oraclelinux |
rubygem-test-unit
|
< 3.3.7-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-rss?distro=oraclelinux-8.1 | oraclelinux |
rubygem-rss
|
< 0.2.9-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-rexml?distro=oraclelinux-8.1 | oraclelinux |
rubygem-rexml
|
< 3.2.5-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-rdoc?distro=oraclelinux-8.1 | oraclelinux |
rubygem-rdoc
|
< 6.3.4.1-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-rbs?distro=oraclelinux-8.1 | oraclelinux |
rubygem-rbs
|
< 1.4.0-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-rake?distro=oraclelinux-8.1 | oraclelinux |
rubygem-rake
|
< 13.0.3-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-psych?distro=oraclelinux-8.1 | oraclelinux |
rubygem-psych
|
< 3.3.2-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-power_assert?distro=oraclelinux-8.1 | oraclelinux |
rubygem-power_assert
|
< 1.2.1-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-pg?distro=oraclelinux-8.1 | oraclelinux |
rubygem-pg
|
< 1.2.3-1.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-pg-doc?distro=oraclelinux-8.1 | oraclelinux |
rubygem-pg-doc
|
< 1.2.3-1.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-mysql2?distro=oraclelinux-8.1 | oraclelinux |
rubygem-mysql2
|
< 0.5.3-2.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-mysql2-doc?distro=oraclelinux-8.1 | oraclelinux |
rubygem-mysql2-doc
|
< 0.5.3-2.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-minitest?distro=oraclelinux-8.1 | oraclelinux |
rubygem-minitest
|
< 5.14.2-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-json?distro=oraclelinux-8.1 | oraclelinux |
rubygem-json
|
< 2.5.1-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-irb?distro=oraclelinux-8.1 | oraclelinux |
rubygem-irb
|
< 1.3.5-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-io-console?distro=oraclelinux-8.1 | oraclelinux |
rubygem-io-console
|
< 0.5.7-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-bundler?distro=oraclelinux-8.1 | oraclelinux |
rubygem-bundler
|
< 2.2.33-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-bigdecimal?distro=oraclelinux-8.1 | oraclelinux |
rubygem-bigdecimal
|
< 3.0.0-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-abrt?distro=oraclelinux-8.1 | oraclelinux |
rubygem-abrt
|
< 0.4.0-1.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/rubygem-abrt-doc?distro=oraclelinux-8.1 | oraclelinux |
rubygem-abrt-doc
|
< 0.4.0-1.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/ruby?distro=oraclelinux-8.1 | oraclelinux |
ruby
|
< 3.0.7-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/ruby-libs?distro=oraclelinux-8.1 | oraclelinux |
ruby-libs
|
< 3.0.7-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/ruby-doc?distro=oraclelinux-8.1 | oraclelinux |
ruby-doc
|
< 3.0.7-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/ruby-devel?distro=oraclelinux-8.1 | oraclelinux |
ruby-devel
|
< 3.0.7-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 | ||
| Affected | pkg:rpm/oraclelinux/ruby-default-gems?distro=oraclelinux-8.1 | oraclelinux |
ruby-default-gems
|
< 3.0.7-143.module+el8.10.0+90343+d5e92a1d | oraclelinux-8.1 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |