| Name: | ruby-libs |
|---|---|
| Version: | 3.0.7 |
| Release: | 162.el9_4 |
| Architecture: | aarch64 |
| Group: | Unspecified |
| Size: | 16001804 |
| License: | Ruby or BSD |
| RPM: | ruby-libs-3.0.7-162.el9_4.aarch64.rpm |
| Source RPM: | ruby-3.0.7-162.el9_4.src.rpm |
| Build Date: | Thu Jun 13 2024 |
| Build Host: | build-ol9-aarch64.oracle.com |
| Vendor: | Oracle America |
| URL: | https://www.ruby-lang.org/ |
| Summary: | Libraries necessary to run Ruby |
| Description: | This package includes the libruby, necessary to run Ruby. |
- Upgrade to Ruby 3.0.7. Resolves: RHEL-35740 - Fix HTTP response splitting in CGI. Resolves: RHEL-35741 - Fix ReDoS vulnerability in URI. Resolves: RHEL-35742 - Fix ReDoS vulnerability in Time. Resolves: RHEL-35743 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35744 - Fix RCE vulnerability with .rdoc_options in RDoc. Resolves: RHEL-35746 - Fix arbitrary memory address read vulnerability with Regex search. Resolves: RHEL-35747
- Fix OpenSSL.fips_mode and OpenSSL::PKey.read in OpenSSL 3 FIPS. Resolves: RHEL-12724 - ssl: use ffdhe2048 from RFC 7919 as the default DH group parameters Related: RHEL-12724
- Bypass git submodule test failure on Git >= 2.38.1. - Fix tests with Europe/Amsterdam pre-1970 time on tzdata version 2022b. - Fix for tzdata-2022g. - Fix File.utime test.
- Upgrade to Ruby 3.0.4. Resolves: rhbz#2096347 - OpenSSL test suite fixes due to disabled SHA1. Resolves: rbhz#2107696 - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739