ruby-3.0.7-163.el9_5

エラータID: AXSA:2024-9441:04

リリース日: 
2024/12/20 Friday - 12:29
題名: 
ruby-3.0.7-163.el9_5
影響のあるチャネル: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]
- REXML には、リモートの攻撃者により、16 進数値の参照
文字である "&#" と "x...;" の間に多数の数字が含まれるよう
に細工された XML 形式のデータの解析を介して、正規表現
サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2024-49761)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2024-49761
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. ruby-3.0.7-163.el9_5.src.rpm
    MD5: abe625c71177a6b2565cfbe3e503f970
    SHA-256: 3cdb14f17ab75cc23c407d61b192d5ba9e666d7afa2ef394cb2e870d2ca2f793
    Size: 15.31 MB

Asianux Server 9 for x86_64
  1. ruby-3.0.7-163.el9_5.i686.rpm
    MD5: 13ae767b750f45306b0093ce5c2fd440
    SHA-256: 93fceab2fdf46e8e852c16dfbf4936f67cf03cdef0230fa1c9703ee79276202e
    Size: 37.97 kB
  2. ruby-3.0.7-163.el9_5.x86_64.rpm
    MD5: ee712de8802dff42ec837c5d3b3bc5b9
    SHA-256: b92c3d8d7e4d5b14029e4c59c55b103d1732a787e7a8a6bb93aaf97df46bd5d6
    Size: 37.84 kB
  3. ruby-default-gems-3.0.7-163.el9_5.noarch.rpm
    MD5: d6b7d86d29dbcf6d02eb829a048abd12
    SHA-256: c72efabb456d780049353c780d60ec59eb4f018fa63bc0255a51102d16589bcd
    Size: 46.05 kB
  4. ruby-devel-3.0.7-163.el9_5.i686.rpm
    MD5: bf6557463196db299759689852c2b62d
    SHA-256: 8998bbf86b0af7bef6c7545ba393c3c662c363668480c3708e7884018661ef99
    Size: 307.90 kB
  5. ruby-devel-3.0.7-163.el9_5.x86_64.rpm
    MD5: 33c4cde10878596cb9c27a2e99b6a47a
    SHA-256: 7317b0436003766894a1622d94f2eeaf54842b2b29ce3fb5ec739bb90bffde4a
    Size: 308.38 kB
  6. ruby-doc-3.0.7-163.el9_5.noarch.rpm
    MD5: 7b68a8e39215519940e108c3d85969e6
    SHA-256: 3355b7fa82fe0d560a0eb8bbf558c758f313af9895002d80c3e63f0cf727c536
    Size: 7.46 MB
  7. rubygem-bigdecimal-3.0.0-163.el9_5.x86_64.rpm
    MD5: f290074723d9e5fde9ba11acf8c9f91a
    SHA-256: c706a1a4225f1317b3de78c1580c97ab0783eb9985caca8df7c236485fe7a586
    Size: 51.10 kB
  8. rubygem-bundler-2.2.33-163.el9_5.noarch.rpm
    MD5: 3895c5b56b05eae01bd0b88ae174b0d0
    SHA-256: 0f9a04e1818bd8ee32fb2899529e388cc60b415c10c0bb3f35f786b430f96eb0
    Size: 441.88 kB
  9. rubygem-io-console-0.5.7-163.el9_5.x86_64.rpm
    MD5: 1e01e2fcd4af9d63023cdad7f31f9c68
    SHA-256: bdaafb1b1324a1d5adcae613a7c82829a4cca7cb1ec9b2ea84feb0057d436462
    Size: 21.99 kB
  10. rubygem-irb-1.3.5-163.el9_5.noarch.rpm
    MD5: 5c4ce26c57480f61a4791039247a9c46
    SHA-256: 8f74d594a225c85718f3f894fe32bc5254d16935eedb84602ee8da1639669516
    Size: 76.24 kB
  11. rubygem-json-2.5.1-163.el9_5.x86_64.rpm
    MD5: 9ed3503ac17b830ddbb0165e0d7390c8
    SHA-256: 9db41a9487abe38629eb251f9baadffcdfb72e7901c2ad160d537d10f96a8c8c
    Size: 57.14 kB
  12. rubygem-minitest-5.14.2-163.el9_5.noarch.rpm
    MD5: 5ce5012e21f872f523557a5aca71a88b
    SHA-256: 556178329b91794066bc344eb5db94350696e090f76ac42a4f6bbd8664ff95fc
    Size: 84.86 kB
  13. rubygem-power_assert-1.2.1-163.el9_5.noarch.rpm
    MD5: 117df275f0d15c5c40fa6b5a09ed1852
    SHA-256: 0df08977ea949d1bfaa3b4edc67524d1566fd88662e8b937cf34550ce6d157fd
    Size: 25.57 kB
  14. rubygem-psych-3.3.2-163.el9_5.x86_64.rpm
    MD5: d4eb321c57f4e97e3b73fed52faeaa6c
    SHA-256: 3401d28c346ec517d98fe7ccc1fc9aacd472eba5420bd60c46d2402bc3c86781
    Size: 57.72 kB
  15. rubygem-rake-13.0.3-163.el9_5.noarch.rpm
    MD5: bf320b9f099d5d532ebaa9bc48c769af
    SHA-256: 87f7d3f15f8a9a2659a76266bb6479e6629f3094fe48a792fdd6091a4e25603c
    Size: 104.84 kB
  16. rubygem-rbs-1.4.0-163.el9_5.noarch.rpm
    MD5: 83b4a0c9d81030b4e37a6ae32ed8482a
    SHA-256: c51c0bdf5211147c7b765a637f25daaada45dddf53313b23ca74d16742780874
    Size: 525.79 kB
  17. rubygem-rdoc-6.3.4.1-163.el9_5.noarch.rpm
    MD5: 69473d5ed5d679f667a56ed8ea34cf05
    SHA-256: 8ac082fa197ca57f4a810697112ba69cd77b4b991aee8e02675edf8cfe053367
    Size: 437.63 kB
  18. rubygem-rexml-3.2.5-163.el9_5.noarch.rpm
    MD5: 2feb7dca54a8c47969f07c3f0359f146
    SHA-256: 407721e945741182124b40a954239bf2c78819d60796fffe0b2b4416b987cc85
    Size: 107.46 kB
  19. rubygem-rss-0.2.9-163.el9_5.noarch.rpm
    MD5: 3d9d89a8de32907401b5f740d2dd4cb3
    SHA-256: 27d8ac6de064a1dad55b092eb629778d3dc0e1abca28fd6b120ad522caf31607
    Size: 121.55 kB
  20. rubygems-3.2.33-163.el9_5.noarch.rpm
    MD5: 2f830e9e7b9d4bc3a630e6a07e49ccc5
    SHA-256: 19743739e4797a41d2e4b7069e1aebca860e422b2509bbb8acb1f203aa0bfea1
    Size: 297.69 kB
  21. rubygems-devel-3.2.33-163.el9_5.noarch.rpm
    MD5: fc3271cc77984350c9286da2e1d75376
    SHA-256: c86ddb38f6cef59390a7aa4b6de3b8916a2344d7b2ee6e7ffee1d7e6258eae97
    Size: 11.48 kB
  22. rubygem-test-unit-3.3.7-163.el9_5.noarch.rpm
    MD5: fa9555a6ebf94035b010b6110f80ff99
    SHA-256: f94a2269c82a87805c5e721bddee71dcaa9d2ea55b565a0fed71ba2ebb7a6e7d
    Size: 144.19 kB
  23. rubygem-typeprof-0.15.2-163.el9_5.noarch.rpm
    MD5: 0632e7fd574d3e7ed4d1c13e0bd92212
    SHA-256: 5b8b97a46761df7e2c2a6b06bfc101dbc311808a0b75f4144b691cccd2fb24d5
    Size: 604.71 kB
  24. ruby-libs-3.0.7-163.el9_5.i686.rpm
    MD5: bb491a3c172c6576a5e558dc52333dbf
    SHA-256: e7a8c2762cf7c4e82c0473838bebdf121a73bc56c5485852196b187c86505c38
    Size: 3.35 MB
  25. ruby-libs-3.0.7-163.el9_5.x86_64.rpm
    MD5: 57e49af3229dffc8f0ffb86f9f033fdf
    SHA-256: 05014b8bf69b436720cbd04ab39071eb8eff79b69d915c624a40ff291325e6ff
    Size: 3.26 MB