RHSA-2022:6450-01 -- Redhat rubyID: oval:org.secpod.oval:def:507144 | Date: (C)2022-10-04 (M)2024-04-17 |
Class: PATCH | Family: unix |
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby . Security Fix: * ruby: Regular expression denial of service vulnerability of Date parsing methods * ruby: Cookie prefix spoofing in CGI::Cookie.parse * Ruby: Double free in Regexp compilation * Ruby: Buffer overrun in String-to-Float conversion For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * ruby 3.0: User-installed rubygems plugins are not being loaded [RHEL8]
Platform: |
Red Hat Enterprise Linux 8 |