Download
| Alert*
|
oval:org.secpod.oval:def:4501061
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby . Security Fix: * ruby: Regular expression denial of service vulnerabili ... oval:org.secpod.oval:def:707137 ruby3.0: Interpreter of object-oriented scripting language Ruby - ruby2.7: Object-oriented scripting language - ruby2.5: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:508191 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: ruby/cgi-gem: HTTP response splitting in CGI ruby: Buffer overrun in String-to-Float conversion ruby: ReDoS vulnerability in URI rub ... oval:org.secpod.oval:def:507144 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby . Security Fix: * ruby: Regular expression denial of service vulnerabili ... oval:org.secpod.oval:def:4501026 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby . Security Fix: * ruby: Regular expression denial of service vulnerabili ... oval:org.secpod.oval:def:507165 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby . Security Fix: * Ruby: Double free in Regexp compilation * Ruby: Buffe ... oval:org.secpod.oval:def:5800083 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby . Security Fix: * Ruby: Double free in Regexp compilation * Ruby: Buffe ... oval:org.secpod.oval:def:1506020 [3.0.4-160] - Upgrade to Ruby 3.0.4. Resolves: rhbz#2109428 - OpenSSL test suite fixes due to disabled SHA1. Related: rbhz#2109428 - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739 oval:org.secpod.oval:def:4501087 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby . Security Fix: * Ruby: Buffer overrun in String-to-Float conversion Fo ... oval:org.secpod.oval:def:2107698 Oracle Solaris 11 - ( CVE-2022-28739 ) oval:org.secpod.oval:def:2501265 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. oval:org.secpod.oval:def:1506003 ruby [3.0.4-141] - Upgrade to Ruby 3.0.4. Resolves: rhbz#2109431 Resolves: rhbz#2110981 - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739 oval:org.secpod.oval:def:1506005 ruby [2.7.6-138] - Upgrade to Ruby 2.7.6. Resolves: rhbz#2109424 - Fix FTBFS due to an incompatible load directive. Related: rhbz#2109424 - Fix a fiddle import test on an optimized glibc on Power 9. Related: rhbz#2109424 - Fix regular Expression Denial of Service Vulnerability of Date Parsing Method ... oval:org.secpod.oval:def:84999 The host is missing a security update according to Apple advisory and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. On successful exploitation, an application may be able to execute arbitrary code with kernel privi ... oval:org.secpod.oval:def:85969 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service or di ... oval:org.secpod.oval:def:85007 The host is installed with Apple Mac OS 11 before 11.7.1 or Apple Mac OS 12 before 12.6.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle issues in unspecified impact. On successful exploitation, a remote user may be able to cau ... oval:org.secpod.oval:def:81384 ruby3.0: Interpreter of object-oriented scripting language Ruby - ruby2.7: Object-oriented scripting language - ruby2.5: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:2500797 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. oval:org.secpod.oval:def:1701784 A buffer overrun vulnerability was found in Ruby. The issue occurs in a conversion algorithm from a String to a Float that causes process termination due to a segmentation fault, but under limited circumstances. This flaw may cause an illegal memory read oval:org.secpod.oval:def:3301307 SUSE Security Update: Security update for ruby2.5 oval:org.secpod.oval:def:507071 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby . Security Fix: * Ruby: Buffer overrun in String-to-Float conversion Fo ... oval:org.secpod.oval:def:1601582 A buffer overrun vulnerability was found in Ruby. The issue occurs in a conversion algorithm from a String to a Float that causes process termination due to a segmentation fault, but under limited circumstances. This flaw may cause an illegal memory read oval:org.secpod.oval:def:2600106 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. oval:org.secpod.oval:def:85000 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service or di ... oval:org.secpod.oval:def:86095 ruby3.0: Interpreter of object-oriented scripting language Ruby - ruby2.7: Object-oriented scripting language - ruby2.5: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:507195 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby27-ruby . Security Fix: * ruby: buffer overflow in CGI.escape_html * ... oval:org.secpod.oval:def:507194 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby30-ruby . Security Fix: * ruby: buffer overflow in CGI.escape_html * ... oval:org.secpod.oval:def:507150 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby . Security Fix: * ruby: Regular expression denial of service vulnerabili ... oval:org.secpod.oval:def:1506371 ruby [2.5.9-110.0.1] - Fix for CVE-2022-28739 [Orabug: 34824177] oval:org.secpod.oval:def:122125 Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks . It is simple, straight-forward, and extensible. oval:org.secpod.oval:def:1701736 A double-free vulnerability was found in Ruby. The issue occurs during Regexp compilation. This flaw allows an attacker to create a Regexp object with a crafted source string that could cause the same memory to be freed twice. A buffer overrun vulnerability was found in Ruby. The issue occurs in a c ... oval:org.secpod.oval:def:122129 Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks . It is simple, straight-forward, and extensible. oval:org.secpod.oval:def:2501018 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. oval:org.secpod.oval:def:1701019 A buffer overrun vulnerability was found in Ruby. The issue occurs in a conversion algorithm from a String to a Float that causes process termination due to a segmentation fault, but under limited circumstances. This flaw may cause an illegal memory read oval:org.secpod.oval:def:1505802 ruby [2.6.10-109] - Upgrade to Ruby 2.6.10. Resolves: rhbz#2088415 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739 - Fix FTBFS due to an incompatible load directive. - Fix a fiddle import test on an optimized glibc on Power 9. oval:org.secpod.oval:def:89047475 This update for ruby2.5 fixes the following issues: - CVE-2022-28739: Fixed a buffer overrun in String-to-Float conversion . - CVE-2021-41817: Fixed a regular expression denial of service in Date Parsing Methods . - CVE-2021-32066: Fixed a StartTLS stripping vulnerability in Net:IMAP . - CVE-2021-31 ... oval:org.secpod.oval:def:89046285 This update for ruby2.5 fixes the following issues: - CVE-2022-28739: Fixed a buffer overrun in String-to-Float conversion . - CVE-2021-41817: Fixed a regular expression denial of service in Date Parsing Methods . - CVE-2021-32066: Fixed a StartTLS stripping vulnerability in Net:IMAP . - CVE-2021-31 ... |
