[RLSA-2022:6585] ruby security, bug fix, and enhancement update
Severity
Moderate
Affected Packages
28
CVEs
2
An update is available for ruby. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
The following packages have been upgraded to a later upstream version: ruby (3.0.4). (BZ#2109428)
Security Fix(es):
Ruby: Double free in Regexp compilation (CVE-2022-28738)
Ruby: Buffer overrun in String-to-Float conversion (CVE-2022-28739)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- ID
- RLSA-2022:6585
- Severity
- moderate
- URL
- https://errata.rockylinux.org/RLSA-2022:6585
- Published
-
2022-09-20T11:36:12
(2 years ago) - Modified
-
2023-02-02T14:07:09
(19 months ago) - Rights
- Copyright 2023 Rocky Enterprise Software Foundation
- Other Advisories
-
-
ALAS-2022-1638
-
ALAS2-2022-1853
-
ALPINE:CVE-2022-28738
-
ALPINE:CVE-2022-28739
-
ALSA-2022:6447
-
ALSA-2022:6450
-
ALSA-2022:6585
-
ALSA-2023:7025
-
ELSA-2022-5338
-
ELSA-2022-6447
-
ELSA-2022-6450
-
ELSA-2022-6585
-
ELSA-2023-12064
-
ELSA-2023-7025
-
FEDORA-2022-82a9edac27
-
FEDORA-2022-8cf0124add
-
FEDORA-2022-a7ca6ee0cf
-
FREEBSD:06ED6A49-BAD4-11EC-9CFE-0800270512F4
-
FREEBSD:F22144D7-BAD1-11EC-9CFE-0800270512F4
-
GLSA-202401-27
-
MS:CVE-2022-28739
-
RHSA-2022:5338
-
RHSA-2022:6447
-
RHSA-2022:6450
-
RHSA-2022:6585
-
RHSA-2023:7025
-
RLSA-2022:5338
-
RLSA-2022:6447
-
RLSA-2022:6450
-
SSA:2022-103-01
-
SUSE-SU-2022:1512-1
-
USN-5462-1
-
USN-5462-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| CVE | CVE-2022-28738 |
|
|
| CVE | CVE-2022-28739 |
|
|
| Bugzilla | 2075685 |
|
|
| Bugzilla | 2075687 |
|
|
| Bugzilla | 2109428 |
|
|
| Self | RLSA-2022:6585 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/rockylinux/rubygems?arch=noarch&distro=rockylinux-9.0 | rockylinux |
 rubygems
|
< 3.2.33-160.el9_0 | rockylinux-9.0 | noarch | |
| Affected | pkg:rpm/rockylinux/rubygems-devel?arch=noarch&distro=rockylinux-9.0 | rockylinux |
rubygems-devel
|
< 3.2.33-160.el9_0 | rockylinux-9.0 | noarch | |
| Affected | pkg:rpm/rockylinux/rubygem-typeprof?arch=noarch&distro=rockylinux-9.0 | rockylinux |
rubygem-typeprof
|
< 0.15.2-160.el9_0 | rockylinux-9.0 | noarch | |
| Affected | pkg:rpm/rockylinux/rubygem-test-unit?arch=noarch&distro=rockylinux-9.0 | rockylinux |
rubygem-test-unit
|
< 3.3.7-160.el9_0 | rockylinux-9.0 | noarch | |
| Affected | pkg:rpm/rockylinux/rubygem-rss?arch=noarch&distro=rockylinux-9.0 | rockylinux |
rubygem-rss
|
< 0.2.9-160.el9_0 | rockylinux-9.0 | noarch | |
| Affected | pkg:rpm/rockylinux/rubygem-rexml?arch=noarch&distro=rockylinux-9.0 | rockylinux |
rubygem-rexml
|
< 3.2.5-160.el9_0 | rockylinux-9.0 | noarch | |
| Affected | pkg:rpm/rockylinux/rubygem-rdoc?arch=noarch&distro=rockylinux-9.0 | rockylinux |
rubygem-rdoc
|
< 6.3.3-160.el9_0 | rockylinux-9.0 | noarch | |
| Affected | pkg:rpm/rockylinux/rubygem-rbs?arch=noarch&distro=rockylinux-9.0 | rockylinux |
rubygem-rbs
|
< 1.4.0-160.el9_0 | rockylinux-9.0 | noarch | |
| Affected | pkg:rpm/rockylinux/rubygem-rake?arch=noarch&distro=rockylinux-9.0 | rockylinux |
rubygem-rake
|
< 13.0.3-160.el9_0 | rockylinux-9.0 | noarch | |
| Affected | pkg:rpm/rockylinux/rubygem-psych?arch=x86_64&distro=rockylinux-9.0 | rockylinux |
rubygem-psych
|
< 3.3.2-160.el9_0 | rockylinux-9.0 | x86_64 | |
| Affected | pkg:rpm/rockylinux/rubygem-psych?arch=aarch64&distro=rockylinux-9.0 | rockylinux |
rubygem-psych
|
< 3.3.2-160.el9_0 | rockylinux-9.0 | aarch64 | |
| Affected | pkg:rpm/rockylinux/rubygem-power_assert?arch=noarch&distro=rockylinux-9.0 | rockylinux |
rubygem-power_assert
|
< 1.2.0-160.el9_0 | rockylinux-9.0 | noarch | |
| Affected | pkg:rpm/rockylinux/rubygem-minitest?arch=noarch&distro=rockylinux-9.0 | rockylinux |
rubygem-minitest
|
< 5.14.2-160.el9_0 | rockylinux-9.0 | noarch | |
| Affected | pkg:rpm/rockylinux/rubygem-json?arch=x86_64&distro=rockylinux-9.0 | rockylinux |
rubygem-json
|
< 2.5.1-160.el9_0 | rockylinux-9.0 | x86_64 | |
| Affected | pkg:rpm/rockylinux/rubygem-json?arch=aarch64&distro=rockylinux-9.0 | rockylinux |
rubygem-json
|
< 2.5.1-160.el9_0 | rockylinux-9.0 | aarch64 | |
| Affected | pkg:rpm/rockylinux/rubygem-irb?arch=noarch&distro=rockylinux-9.0 | rockylinux |
rubygem-irb
|
< 1.3.5-160.el9_0 | rockylinux-9.0 | noarch | |
| Affected | pkg:rpm/rockylinux/rubygem-io-console?arch=x86_64&distro=rockylinux-9.0 | rockylinux |
rubygem-io-console
|
< 0.5.7-160.el9_0 | rockylinux-9.0 | x86_64 | |
| Affected | pkg:rpm/rockylinux/rubygem-io-console?arch=aarch64&distro=rockylinux-9.0 | rockylinux |
rubygem-io-console
|
< 0.5.7-160.el9_0 | rockylinux-9.0 | aarch64 | |
| Affected | pkg:rpm/rockylinux/rubygem-bundler?arch=noarch&distro=rockylinux-9.0 | rockylinux |
rubygem-bundler
|
< 2.2.33-160.el9_0 | rockylinux-9.0 | noarch | |
| Affected | pkg:rpm/rockylinux/rubygem-bigdecimal?arch=x86_64&distro=rockylinux-9.0 | rockylinux |
rubygem-bigdecimal
|
< 3.0.0-160.el9_0 | rockylinux-9.0 | x86_64 | |
| Affected | pkg:rpm/rockylinux/rubygem-bigdecimal?arch=aarch64&distro=rockylinux-9.0 | rockylinux |
rubygem-bigdecimal
|
< 3.0.0-160.el9_0 | rockylinux-9.0 | aarch64 | |
| Affected | pkg:rpm/rockylinux/ruby?arch=x86_64&distro=rockylinux-9.0 | rockylinux |
ruby
|
< 3.0.4-160.el9_0 | rockylinux-9.0 | x86_64 | |
| Affected | pkg:rpm/rockylinux/ruby?arch=aarch64&distro=rockylinux-9.0 | rockylinux |
ruby
|
< 3.0.4-160.el9_0 | rockylinux-9.0 | aarch64 | |
| Affected | pkg:rpm/rockylinux/ruby-libs?arch=x86_64&distro=rockylinux-9.0 | rockylinux |
ruby-libs
|
< 3.0.4-160.el9_0 | rockylinux-9.0 | x86_64 | |
| Affected | pkg:rpm/rockylinux/ruby-libs?arch=aarch64&distro=rockylinux-9.0 | rockylinux |
ruby-libs
|
< 3.0.4-160.el9_0 | rockylinux-9.0 | aarch64 | |
| Affected | pkg:rpm/rockylinux/ruby-devel?arch=x86_64&distro=rockylinux-9.0 | rockylinux |
ruby-devel
|
< 3.0.4-160.el9_0 | rockylinux-9.0 | x86_64 | |
| Affected | pkg:rpm/rockylinux/ruby-devel?arch=aarch64&distro=rockylinux-9.0 | rockylinux |
ruby-devel
|
< 3.0.4-160.el9_0 | rockylinux-9.0 | aarch64 | |
| Affected | pkg:rpm/rockylinux/ruby-default-gems?arch=noarch&distro=rockylinux-9.0 | rockylinux |
ruby-default-gems
|
< 3.0.4-160.el9_0 | rockylinux-9.0 | noarch |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |