[SECURITY] Fedora 38 Update: ruby-3.2.4-182.fc38

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-48bdd3abbf 2024-05-04 02:18:44.166365 -------------------------------------------------------------------------------- Name : ruby Product : Fedora 38 Version : 3.2.4 Release : 182.fc38 URL : https://www.ruby-lang.org/ Summary : An interpreter of object-oriented scripting language Description : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. -------------------------------------------------------------------------------- Update Information: Upgrade to Ruby 3.2.4. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 24 2024 V��t Ondruch <vondruch(a)redhat.com&gt; - 3.2.4-182 - Upgrade to Ruby 3.2.4. Resolves: rhbz#2270544 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2218614 - CVE-2023-36617 rubygem-uri: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755 https://bugzilla.redhat.com/show_bug.cgi?id=2218614 [ 2 ] Bug #2270749 - CVE-2024-27281 ruby: RCE vulnerability with .rdoc_options in RDoc https://bugzilla.redhat.com/show_bug.cgi?id=2270749 [ 3 ] Bug #2270750 - CVE-2024-27280 ruby: Buffer overread vulnerability in StringIO https://bugzilla.redhat.com/show_bug.cgi?id=2270750 [ 4 ] Bug #2276810 - CVE-2024-27282 ruby: Arbitrary memory address read vulnerability with Regex search https://bugzilla.redhat.com/show_bug.cgi?id=2276810 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-48bdd3abbf' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------