[ol9_appstream] rubygems-3.2.33-165.el9_5.noarch

RubyGems is the Ruby standard for publishing and managing third party
libraries.

Changelog (Show File list) (Show related packages)

• Fri Apr 11 2025 Jarek Prokop <jprokop@redhat.com> - 3.0.7-165

  - Fix Denial of Service in CGI::Cookie.parse. (CVE-2025-27219)
    Resolves: RHEL-86104
  - Fix ReDoS in CGI::Util#escapeElement. (CVE-2025-27220)
    Resolves: RHEL-86130

• Thu Mar 06 2025 Jarek Prokop <jprokop@redhat.com> - 3.0.7-164

  - Undefine GC compaction methods on ppc64le.
    Resolves: RHEL-83136
  - Fix printing warnings when using IRB from a script.
    Resolves: RHEL-83044

• Tue Nov 26 2024 Jarek Prokop <jprokop@redhat.com> - 3.0.7-163

  - Fix REXML ReDoS vulnerability. (CVE-2024-49761)
    Resolves: RHEL-68525

• Tue Apr 30 2024 Jun Aruga <jaruga@redhat.com> - 3.0.7-162

  - Upgrade to Ruby 3.0.7.
    Resolves: RHEL-35740
  - Fix HTTP response splitting in CGI.
    Resolves: RHEL-35741
  - Fix ReDoS vulnerability in URI.
    Resolves: RHEL-35742
  - Fix ReDoS vulnerability in Time.
    Resolves: RHEL-35743
  - Fix buffer overread vulnerability in StringIO.
    Resolves: RHEL-35744
  - Fix RCE vulnerability with .rdoc_options in RDoc.
    Resolves: RHEL-35746
  - Fix arbitrary memory address read vulnerability with Regex search.
    Resolves: RHEL-35747

• Mon Oct 09 2023 Jun Aruga <jaruga@redhat.com> - 3.0.4-161

  - Fix OpenSSL.fips_mode and OpenSSL::PKey.read in OpenSSL 3 FIPS.
    Resolves: RHEL-12724
  - ssl: use ffdhe2048 from RFC 7919 as the default DH group parameters
    Related: RHEL-12724

• Wed Jun 28 2023 Jun Aruga <jaruga@redhat.com> - 3.0.4-160

  - Bypass git submodule test failure on Git >= 2.38.1.
  - Fix tests with Europe/Amsterdam pre-1970 time on tzdata version 2022b.
  - Fix for tzdata-2022g.
  - Fix File.utime test.