Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: CVE-2025-46727: possible memory exhaustion due to unbounded parameter parsing in Rack::QueryParser bsc1242894. CVE-2025-32441: deleted sessions can be restored and occupied by unauthenticated users when the Rack::Session::Pool middleware is...

Astra Linux - уязвимость в yajl

yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. The reallocation logic at yajlbuf.cL64 may result in the need 32bit...

Ubuntu: Security Advisory (USN-7507-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : ruby:2.5 (ELSA-2025-7539)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7539 advisory. - Fix integer overflow in searchinrange function in regexec.c CVE-2019-19012. Resolves: RHEL-87505 rubygem-abrt rubygem-bson rubygem-bundler Tenable ha...

ruby3.4-rubygem-rails-7.0-7.0.8.6-1.3 on GA media (moderate)

ruby3.4-rubygem-rails-7.0-7.0.8.6-1.3 on GA media Announcement ID: openSUSE-SU-2025:15124-1 Rating: moderate Cross-References: CVE-2023-38037 CVE-2024-26143 CVE-2024-28103 CVE-2024-34341 CVE-2024-41128 CVE-2024-47887 CVE-2024-47888 CVE-2024-47889 CVSS scores: CVE-2024-26143 SUSE : 5.4...

ruby3.4-rubygem-websocket-extensions-0.1.5-1.22 on GA media (moderate)

ruby3.4-rubygem-websocket-extensions-0.1.5-1.22 on GA media Announcement ID: openSUSE-SU-2025:15130-1 Rating: moderate Cross-References: CVE-2020-7663 CVSS scores: CVE-2020-7663 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: openSUSE Tumbleweed An update that solves on...

ruby3.4-rubygem-loofah-2.23.1-1.3 on GA media (moderate)

ruby3.4-rubygem-loofah-2.23.1-1.3 on GA media Announcement ID: openSUSE-SU-2025:15120-1 Rating: moderate Cross-References: CVE-2018-16468 CVE-2018-8048 CVE-2019-15587 CVE-2022-23514 CVE-2022-23515 CVE-2022-23516 CVSS scores: CVE-2018-16468 SUSE : 6.4 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L...

ruby3.4-rubygem-puma-6.4.3-1.3 on GA media (moderate)

ruby3.4-rubygem-puma-6.4.3-1.3 on GA media Announcement ID: openSUSE-SU-2025:15123-1 Rating: moderate Cross-References: CVE-2019-16770 CVE-2020-11076 CVE-2022-23634 CVE-2024-45614 CVSS scores: CVE-2019-16770 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2020-11076 SUSE : 6.8...

ruby3.4-rubygem-jquery-rails-4.6.0-1.7 on GA media (moderate)

ruby3.4-rubygem-jquery-rails-4.6.0-1.7 on GA media Announcement ID: openSUSE-SU-2025:15117-1 Rating: moderate Cross-References: CVE-2015-1840 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in th...

ruby3.4-rubygem-multi_xml-0.6.0-1.29 on GA media (moderate)

ruby3.4-rubygem-multixml-0.6.0-1.29 on GA media Announcement ID: openSUSE-SU-2025:15122-1 Rating: moderate Cross-References: CVE-2013-0175 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

ruby3.4-rubygem-activestorage-7.0-7.0.8.6-1.3 on GA media (moderate)

ruby3.4-rubygem-activestorage-7.0-7.0.8.6-1.3 on GA media Announcement ID: openSUSE-SU-2025:15113-1 Rating: moderate Cross-References: CVE-2022-21831 CVSS scores: CVE-2022-21831 SUSE : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves on...

ruby3.4-rubygem-actionmailer-7.0-7.0.8.6-1.3 on GA media (moderate)

ruby3.4-rubygem-actionmailer-7.0-7.0.8.6-1.3 on GA media Announcement ID: openSUSE-SU-2025:15109-1 Rating: moderate Cross-References: CVE-2024-47889 CVSS scores: CVE-2024-47889 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one...

ruby3.4-rubygem-globalid-1.2.1-1.7 on GA media (moderate)

ruby3.4-rubygem-globalid-1.2.1-1.7 on GA media Announcement ID: openSUSE-SU-2025:15116-1 Rating: moderate Cross-References: CVE-2023-22799 CVSS scores: CVE-2023-22799 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one...

OPENSUSE-SU-2025:15124-1 ruby3.4-rubygem-rails-7.0-7.0.8.6-1.3 on GA media

These are all security issues fixed in the ruby3.4-rubygem-rails-7.0-7.0.8.6-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15128-1 ruby3.4-rubygem-sprockets-3.7-3.7.5-1.3 on GA media

These are all security issues fixed in the ruby3.4-rubygem-sprockets-3.7-3.7.5-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15115-1 ruby3.4-rubygem-fluentd-1.17.1-1.3 on GA media

These are all security issues fixed in the ruby3.4-rubygem-fluentd-1.17.1-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15130-1 ruby3.4-rubygem-websocket-extensions-0.1.5-1.22 on GA media

These are all security issues fixed in the ruby3.4-rubygem-websocket-extensions-0.1.5-1.22 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15114-1 ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3 on GA media

These are all security issues fixed in the ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15116-1 ruby3.4-rubygem-globalid-1.2.1-1.7 on GA media

These are all security issues fixed in the ruby3.4-rubygem-globalid-1.2.1-1.7 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15120-1 ruby3.4-rubygem-loofah-2.23.1-1.3 on GA media

These are all security issues fixed in the ruby3.4-rubygem-loofah-2.23.1-1.3 package on the GA media of openSUSE Tumbleweed...