[ol10_appstream] rubygem-rexml-3.3.9-10.el10_0.noarch

Name:	rubygem-rexml
Version:	3.3.9
Release:	10.el10_0
Architecture:	noarch
Group:	Unspecified
Size:	466996
License:	BSD-2-Clause
RPM:	rubygem-rexml-3.3.9-10.el10_0.noarch.rpm
Source RPM:	ruby-3.3.8-10.el10_0.src.rpm
Build Date:	Thu Jun 26 2025
Build Host:	build-ol10-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://github.com/ruby/rexml
Summary:	An XML toolkit for Ruby
Description:	REXML was inspired by the Electric XML library for Java, which features an easy-to-use API, small size, and speed. Hopefully, REXML, designed with the same philosophy, has these same features. I've tried to keep the API as intuitive as possible, and have followed the Ruby methodology for method naming and code flow, rather than mirroring the Java API. REXML supports both tree and stream document parsing. Stream parsing is faster (about 1.5 times as fast). However, with stream parsing, you don't get access to features such as XPath.

Changelog (Show File list) (Show related packages)

Mon Apr 14 2025 Jarek Prokop <jprokop@redhat.com> - 3.3.8-10

- Upgrade to Ruby 3.3.8.
  Resolves: RHEL-87342
- Fix Net::IMAP vulnerable to possible DoS by memory exhaustion. (CVE-2025-25186)
- Fix Denial of Service in CGI::Cookie.parse. (CVE-2025-27219)
  Resolves: RHEL-86116
- Fix userinfo leakage in URI#join, URI#merge and URI#+. (CVE-2025-27221)

Thu Jan 30 2025 Jun Aruga <jaruga@redhat.com> - 3.3.7-9

- Upgrade to Ruby 3.3.7
  Resolves: RHEL-77994
- Fix Ruby OpenSSL to respect crypto-policies TLS minimal version.
  Resolves: RHEL-21019

Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com>

- Bump release for October 2024 mass rebuild:
  Resolves: RHEL-64018

Wed Sep 04 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.5-7

- Upgrade to Ruby 3.3.5
  Resolves: RHEL-59035
- Fix DoS vulnerability in rexml.
  (CVE-2024-39908)
  (CVE-2024-41946)
  (CVE-2024-43398)
  Resolves: RHEL-57047
  Resolves: RHEL-57059
  Resolves: RHEL-57070
- Fix REXML DoS when parsing an XML having many specific characters such as
  whitespace character, >] and ]>.
  (CVE-2024-41123)
  Resolves: RHEL-52802

Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com>
```
- Bump release for June 2024 mass rebuild
```

Thu May 09 2024 Jun Aruga <jaruga@redhat.com> - 3.3.1-5

- Upgrade to Ruby 3.3.1.
  Resolves: RHEL-33975
- Fix buffer overread vulnerability in StringIO.
  Resolves: RHEL-34124
- Fix RCE vulnerability with .rdoc_options in RDoc.
  Resolves: RHEL-34116
- Fix arbitrary memory address read vulnerability with Regex search.
  Resolves: RHEL-33866

Fri Jan 26 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.0-4

- Do not set AI_ADDRCONFIG by default when calling getaddrinfo(3).

Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org>
```
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
```

Mon Jan 15 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.0-2

- Fix compiling coroutines with aarch64's branch protection.

Tue Jan 02 2024 Vít Ondruch <vondruch@redhat.com> - 3.3.0-1
```
- Upgrade to Ruby 3.3.0.
  Resolves: rhbz#2255918
```