FEDORA-2024-31cac8b8ec — security update for ruby

stable

ruby-3.2.4-182.fc39

FEDORA-2024-31cac8b8ec created by vondruch a year ago for Fedora 39

Upgrade to Ruby 3.2.4.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2024-31cac8b8ec

This update has been submitted for testing by vondruch.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please log in to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

a year ago

in testing

a year ago

in stable

a year ago

approved

a year ago

Builds

ruby-3.2.4-182.fc39

BZ#2218614 CVE-2023-36617 rubygem-uri: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755

BZ#2221559 TRIAGE-CVE-2023-36617 ruby: rubygem-uri: ReDoS vulnerability - incomplete fix for CVE-2023-28755 [fedora-all]

BZ#2270544 Ruby 3.2.3 is available

BZ#2270749 CVE-2024-27281 ruby: RCE vulnerability with .rdoc_options in RDoc

BZ#2270750 CVE-2024-27280 ruby: Buffer overread vulnerability in StringIO

BZ#2276810 CVE-2024-27282 ruby: Arbitrary memory address read vulnerability with Regex search

BZ#2276813 CVE-2024-27282 ruby: Arbitrary memory address read vulnerability with Regex search [fedora-39]

BZ#2277051 CVE-2024-27281 ruby: RCE vulnerability with .rdoc_options in RDoc [fedora-39]

BZ#2277060 TRIAGE CVE-2024-27280 ruby: Buffer overread vulnerability in StringIO [fedora-39]

ruby-3.2.4-182.fc39

Automated Test Results

ignored