Lucene search
OracleLinuxELSA-2019-1235HistoryMay 16, 2019 - 12:00 a.m.
ruby security update
2019-05-1600:00:00
linux.oracle.com
124
0.003 Low
EPSS
Percentile
69.6%
[2.0.0.648-35]
- Introduce method as precondition to fix
CVE-2019-8321.- rubygems-2.3.0-refactor-checking-really_verbose.patch
- Fix escape sequence injection vulnerability in verbose.
- Fix escape sequence injection vulnerability in gem owner.
- Fix escape sequence injection vulnerability in API response handling.
- Prohibit arbitrary code execution when installing a malicious gem.
- Fix escape sequence injection vulnerability in errors.
- ruby-2.4.6-Applied-security-patches-for-RubyGems.patch
Resolves: rhbz#1699283
[2.0.0.648-35]
- ruby-2.4.6-Applied-security-patches-for-RubyGems.patch
- Refresh expired certificates.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | ruby | < 2.0.0.648-35.el7_6 | ruby-2.0.0.648-35.el7_6.src.rpm |
| oracle linux | 7 | aarch64 | ruby | < 2.0.0.648-35.el7_6 | ruby-2.0.0.648-35.el7_6.aarch64.rpm |
| oracle linux | 7 | aarch64 | ruby-devel | < 2.0.0.648-35.el7_6 | ruby-devel-2.0.0.648-35.el7_6.aarch64.rpm |
| oracle linux | 7 | noarch | ruby-doc | < 2.0.0.648-35.el7_6 | ruby-doc-2.0.0.648-35.el7_6.noarch.rpm |
| oracle linux | 7 | noarch | ruby-irb | < 2.0.0.648-35.el7_6 | ruby-irb-2.0.0.648-35.el7_6.noarch.rpm |
| oracle linux | 7 | aarch64 | ruby-libs | < 2.0.0.648-35.el7_6 | ruby-libs-2.0.0.648-35.el7_6.aarch64.rpm |
| oracle linux | 7 | aarch64 | ruby-tcltk | < 2.0.0.648-35.el7_6 | ruby-tcltk-2.0.0.648-35.el7_6.aarch64.rpm |
| oracle linux | 7 | aarch64 | rubygem-bigdecimal | < 1.2.0-35.el7_6 | rubygem-bigdecimal-1.2.0-35.el7_6.aarch64.rpm |
| oracle linux | 7 | aarch64 | rubygem-io-console | < 0.4.2-35.el7_6 | rubygem-io-console-0.4.2-35.el7_6.aarch64.rpm |
| oracle linux | 7 | aarch64 | rubygem-json | < 1.7.7-35.el7_6 | rubygem-json-1.7.7-35.el7_6.aarch64.rpm |
Related
centos
centos
ruby, rubygem, rubygems security update
2019-05-21 21:25:00
redhat
redhat
(RHSA-2019:1235) Important: ruby security update
2019-05-15 17:11:12
openvas
openvas
CentOS Update for ruby CESA-2019:1235 centos7
2019-05-22 00:00:00
Fedora Update for ruby FEDORA-2019-a155364f3c
2019-05-07 00:00:00
Fedora Update for ruby FEDORA-2019-feac6674b7
2019-05-10 00:00:00
amazon
amazon
Important: ruby
2019-07-18 18:14:00
Important: ruby20, ruby21, ruby24
2019-08-07 22:58:00
nessus
nessus
Amazon Linux 2 : ruby (ALAS-2019-1249)
2019-07-24 00:00:00
Oracle Linux 7 : ruby (ELSA-2019-1235)
2019-05-16 00:00:00
osv
osv
ruby2.3 - security update
2019-04-16 00:00:00
ruby:2.5 bug fix and enhancement update
2019-11-05 17:38:32
ruby2.1 - security update
2019-03-29 00:00:00
freebsd
freebsd
RubyGems -- multiple vulnerabilities
2019-03-05 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: ruby-2.5.5-101.fc29
2019-05-03 03:43:05
[SECURITY] Fedora 28 Update: ruby-2.5.5-108.fc28
2019-05-10 01:35:27
cloudfoundry
cloudfoundry
USN-3945-1: Ruby vulnerabilities | Cloud Foundry
2019-04-12 00:00:00
f5
f5
ubuntu
ubuntu
Ruby vulnerabilities
2019-04-11 00:00:00
debian
debian
[SECURITY] [DSA 4433-1] ruby2.3 security update
2019-04-16 20:57:32
[SECURITY] [DLA 1735-1] ruby2.1 security update
2019-03-29 08:53:04
[SECURITY] [DLA 1796-1] jruby security update
2019-05-20 11:06:55
rocky
rocky
2.5 bug fix and enhancement update
2019-11-05 17:38:32
ruby:2.5 security update
2019-07-30 11:16:25
mageia
mageia
Updated jruby packages fix security vulnerabilities
2020-11-27 23:14:57
Updated ruby-RubyGems packages fix security vulnerability
2020-06-11 00:39:20
alpinelinux
alpinelinux
nvd
nvd
cve
cve
github
github
RubyGems Escape sequence injection vulnerability in api response handling
2019-06-20 16:05:57
RubyGems Escape sequence injection vulnerability in verbose
2019-06-20 16:06:04
RubyGems Escape sequence injection vulnerability in gem owner
2019-06-20 16:06:00
prion
prion
Design/Logic Flaw
2019-06-17 20:15:00
Design/Logic Flaw
2019-06-17 20:15:00
Code injection
2019-06-17 19:15:00
veracode
veracode
Escape Sequence Injection
2019-05-16 04:01:21
Escape Sequence Injection
2019-05-16 03:48:47
Escape Sequence Injection
2019-05-16 03:48:47
debiancve
debiancve
redhatcve
redhatcve
ubuntucve
ubuntucve
attackerkb
attackerkb
Installing a malicious gem may lead to arbitrary code execution
2020-03-17 00:00:00
almalinux
almalinux
Important: ruby:2.5 security update
2019-07-30 11:16:25
ibm
ibm
Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-z
2019-07-15 22:35:01
oraclelinux
oraclelinux
ruby security update
2019-08-13 00:00:00
ruby:2.5 security update
2019-08-05 00:00:00
cvelist
cvelist
suse
suse
Security update for ruby-bundled-gems-rpmhelper, ruby2.5 (important)
2019-07-21 00:00:00