OPENSUSE-SU-2025:0004-1 Security update for rubygem-json-jwt

This update for rubygem-json-jwt fixes the following issues: - New upstream release 1.16.6, see bundled CHANGELOG.md - Remove padding oracle by @btoews in https://github.com/nov/json-jwt/pull/109 - Fixes CVE-2023-51774 boo1220727 - updated to version 1.11.0 - no changelog found - Fixes...

Security update for rubygem-json-jwt (moderate)

openSUSE Security Update: Security update for rubygem-json-jwt Announcement ID: openSUSE-SU-2025:0004-1 Rating: moderate References: 1156649 1220727 Cross-References: CVE-2019-18848 CVE-2023-51774 Affected Products: openSUSE Backports SLE-15-SP5 An update that fixes two vulnerabilities is now...

Photon OS 5.0: Rubygem PHSA-2024-5.0-0432

An update of the rubygem package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0432. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Important Photon OS Security Update - PHSA-2024-5.0-0432

Updates of 'rubygem-nokogiri' packages of Photon OS have been released...

MAL-2024-11896 Malicious code in haefgerasgrae (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c51eb8de5b4c76701af20deeb703ba85374c2036c17fd5bcd09b7b0233c6ae34 The OpenSSF Package Analysis project identified 'haefgerasgrae' @ 0.1.0 rubygems as malicious. It is considered malicious because: - The package...

ruby:2.5 security update

ruby 2.5.9-113.0.1 - Fix REXML ReDoS vulnerability CVE-2024-49761. rubygem-abrt 0.3.0-4 - Execute test suite unconditionally. - Upload correct sources. rubygem-bson rubygem-bundler rubygem-mongo 2.5.1-2 - Disable tests to fix FTBFS by dropped MongoDB module. Resolves: rhbz1710863 rubygem-mysql2...

ruby:3.1 security update

ruby 3.1.5-145 - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: RHEL-68530 3.1.5-144 - Upgrade to Ruby 3.1.5. Resolves: RHEL-33978 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-34129 - Fix RCE vulnerability with .rdocoptions in RDoc. Resolves: RHEL-34121 - Fix arbitrary...

Photon OS 4.0: Rubygem PHSA-2024-4.0-0713

An update of the rubygem package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0713. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Rubygem PHSA-2024-5.0-0405

An update of the rubygem package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0405. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Moderate Photon OS Security Update - PHSA-2024-4.0-0713

Updates of 'rubygem-protocol-http1' packages of Photon OS have been released...

Moderate Photon OS Security Update - PHSA-2024-5.0-0405

Updates of 'rubygem-protocol-http1', 'linux-esx', 'linux' packages of Photon OS have been released...

Fedora 38 : rubygem-puma (2022-7bc0f14a13)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-7bc0f14a13 advisory. Automatic update for rubygem-puma-5.6.5-1.fc38. Changelog Thu Aug 25 2022 Vt Ondruch - 5.6.5-1 - Update to Puma 5.6.5. Resolves: rhbz2046576 Resolve...

Fedora 37 : rubygem-pdfkit (2022-c0d55cd527)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-c0d55cd527 advisory. New version 0.8.7.2 is released. ---- New version 0.8.7.1 is released. ---- Update to 0.8.7. This new release fixes CVE-2022-25765. Tenable has extracted the...

Fedora 37 : rubygem-nokogiri (2022-b5c325caad)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-b5c325caad advisory. A potential bug was found on nokogiri on or before 1.13.9 overlooked some return values from functions used internally. This can lead to raise some illegal...

Fedora 37 : rubygem-rails-html-sanitizer (2022-9cd3e3a570)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-9cd3e3a570 advisory. Automatic update for rubygem-rails-html-sanitizer-1.4.3-1.fc37. Changelog Fri Aug 5 2022 Vt Ondruch - 1.4.3-1 - Update to rails-html-sanitizer 1.4.3. Resolve...

OPENSUSE-SU-2024:14479-1 ruby3.3-rubygem-rails-7.0-7.0.8.6-1.1 on GA media

These are all security issues fixed in the ruby3.3-rubygem-rails-7.0-7.0.8.6-1.1 package on the GA media of openSUSE Tumbleweed...

ruby3.3-rubygem-actiontext-7.0-7.0.8.6-1.1 on GA media (moderate)

ruby3.3-rubygem-actiontext-7.0-7.0.8.6-1.1 on GA media Announcement ID: openSUSE-SU-2024:14473-1 Rating: moderate Cross-References: CVE-2024-47888 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed ...

OPENSUSE-SU-2024:14471-1 ruby3.3-rubygem-actionmailer-7.0-7.0.8.6-1.1 on GA media

These are all security issues fixed in the ruby3.3-rubygem-actionmailer-7.0-7.0.8.6-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:14474-1 ruby3.3-rubygem-puma-6.4.3-1.1 on GA media

These are all security issues fixed in the ruby3.3-rubygem-puma-6.4.3-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:14472-1 ruby3.3-rubygem-actionpack-7.0-7.0.8.6-1.1 on GA media

These are all security issues fixed in the ruby3.3-rubygem-actionpack-7.0-7.0.8.6-1.1 package on the GA media of openSUSE Tumbleweed...