[RLSA-2019:1972] ruby:2.5 security update
Severity
Important
Affected Packages
13
CVEs
1
An update is available for rubygem-bson, rubygem-mysql2, rubygem-bundler, rubygem-mongo, rubygem-pg, rubygem-abrt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
Security Fix(es):
- rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- ID
- RLSA-2019:1972
- Severity
- important
- URL
- https://errata.rockylinux.org/RLSA-2019:1972
- Published
-
2019-07-30T11:16:25
(5 years ago) - Modified
-
2023-02-02T12:55:31
(19 months ago) - Rights
- Copyright 2024 Rocky Enterprise Software Foundation
- Other Advisories
-
- ALAS-2019-1255
- ALAS2-2019-1249
- ALPINE:CVE-2019-8324
- ALSA-2019:1972
- DSA-4433-1
- ELSA-2019-1235
- ELSA-2019-1972
- FEDORA-2019-a155364f3c
- FEDORA-2019-feac6674b7
- FREEBSD:27B12D04-4722-11E9-8B7C-B5E01141761F
- openSUSE-SU-2019:1771-1
- RHSA-2019:1235
- RHSA-2019:1972
- RUBYSEC:RUBYGEMS-UPDATE-2019-8324
- SUSE-SU-2019:1804-1
- SUSE-SU-2020:1570-1
- USN-3945-1
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2019-8324 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8324 | |
Bugzilla | 1692520 | https://bugzilla.redhat.com/show_bug.cgi?id=1692520 | |
Self | RLSA-2019:1972 | https://errata.rockylinux.org/RLSA-2019:1972 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/rockylinux/rubygem-pg?arch=x86_64&distro=rockylinux-8.4 | rockylinux | rubygem-pg | < 1.0.0-2.module+el8.4.0+592+03ff458a | rockylinux-8.4 | x86_64 | |
Affected | pkg:rpm/rockylinux/rubygem-pg?arch=aarch64&distro=rockylinux-8.4 | rockylinux | rubygem-pg | < 1.0.0-2.module+el8.4.0+592+03ff458a | rockylinux-8.4 | aarch64 | |
Affected | pkg:rpm/rockylinux/rubygem-pg-doc?arch=noarch&distro=rockylinux-8.4 | rockylinux | rubygem-pg-doc | < 1.0.0-2.module+el8.4.0+592+03ff458a | rockylinux-8.4 | noarch | |
Affected | pkg:rpm/rockylinux/rubygem-mysql2?arch=x86_64&distro=rockylinux-8.5 | rockylinux | rubygem-mysql2 | < 0.4.10-4.module+el8.5.0+739+43897a5e | rockylinux-8.5 | x86_64 | |
Affected | pkg:rpm/rockylinux/rubygem-mysql2?arch=aarch64&distro=rockylinux-8.5 | rockylinux | rubygem-mysql2 | < 0.4.10-4.module+el8.5.0+739+43897a5e | rockylinux-8.5 | aarch64 | |
Affected | pkg:rpm/rockylinux/rubygem-mysql2-doc?arch=noarch&distro=rockylinux-8.5 | rockylinux | rubygem-mysql2-doc | < 0.4.10-4.module+el8.5.0+739+43897a5e | rockylinux-8.5 | noarch | |
Affected | pkg:rpm/rockylinux/rubygem-mongo?arch=noarch&distro=rockylinux-8.4 | rockylinux | rubygem-mongo | < 2.5.1-2.module+el8.4.0+592+03ff458a | rockylinux-8.4 | noarch | |
Affected | pkg:rpm/rockylinux/rubygem-mongo-doc?arch=noarch&distro=rockylinux-8.4 | rockylinux | rubygem-mongo-doc | < 2.5.1-2.module+el8.4.0+592+03ff458a | rockylinux-8.4 | noarch | |
Affected | pkg:rpm/rockylinux/rubygem-bson?arch=x86_64&distro=rockylinux-8.4 | rockylinux | rubygem-bson | < 4.3.0-2.module+el8.4.0+592+03ff458a | rockylinux-8.4 | x86_64 | |
Affected | pkg:rpm/rockylinux/rubygem-bson?arch=aarch64&distro=rockylinux-8.4 | rockylinux | rubygem-bson | < 4.3.0-2.module+el8.4.0+592+03ff458a | rockylinux-8.4 | aarch64 | |
Affected | pkg:rpm/rockylinux/rubygem-bson-doc?arch=noarch&distro=rockylinux-8.4 | rockylinux | rubygem-bson-doc | < 4.3.0-2.module+el8.4.0+592+03ff458a | rockylinux-8.4 | noarch | |
Affected | pkg:rpm/rockylinux/rubygem-abrt?arch=noarch&distro=rockylinux-8.5 | rockylinux | rubygem-abrt | < 0.3.0-4.module+el8.5.0+738+032c9c02 | rockylinux-8.5 | noarch | |
Affected | pkg:rpm/rockylinux/rubygem-abrt-doc?arch=noarch&distro=rockylinux-8.5 | rockylinux | rubygem-abrt-doc | < 0.3.0-4.module+el8.5.0+738+032c9c02 | rockylinux-8.5 | noarch |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |