{"id":"RHSA-2018:0583","summary":"Red Hat Security Advisory: rh-ruby22-ruby security, bug fix, and enhancement update","modified":"2026-03-11T07:13:31.548635Z","published":"2024-09-13T14:43:49Z","upstream":["CVE-2009-5147","CVE-2015-7551","CVE-2017-0898","CVE-2017-0899","CVE-2017-0900","CVE-2017-0901","CVE-2017-0902","CVE-2017-0903","CVE-2017-10784","CVE-2017-14033","CVE-2017-14064","CVE-2017-17405","CVE-2017-17790"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:0583"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1248935"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1487552"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1487587"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1487588"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1487589"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1487590"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1491866"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1492012"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1492015"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500488"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1526189"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1528218"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549646"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0583.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2009-5147"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2009-5147"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2009-5147"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-7551"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-7551"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7551"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-0898"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-0898"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-0898"},{"type":"ARTICLE","url":"https://www.ruby-lang.org/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-0899"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-0899"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-0899"},{"type":"ARTICLE","url":"http://blog.rubygems.org/2017/08/27/2.6.13-released.html"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-0900"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-0900"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-0900"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-0901"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-0901"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-0901"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-0902"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-0902"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-0902"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-0903"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-0903"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-0903"},{"type":"ARTICLE","url":"http://blog.rubygems.org/2017/10/09/2.6.14-released.html"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-10784"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-10784"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-10784"},{"type":"ARTICLE","url":"https://www.ruby-lang.org/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-14033"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-14033"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14033"},{"type":"ARTICLE","url":"https://www.ruby-lang.org/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-14064"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-14064"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14064"},{"type":"ARTICLE","url":"https://www.ruby-lang.org/en/news/2017/09/14/json-heap-exposure-cve-2017-14064/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-17405"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-17405"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17405"},{"type":"ARTICLE","url":"https://www.ruby-lang.org/en/news/2017/12/14/net-ftp-command-injection-cve-2017-17405/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-17790"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-17790"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17790"}],"affected":[{"package":{"name":"rh-ruby22-ruby","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-ruby"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-ruby-debuginfo","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-ruby-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-ruby-devel","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-ruby-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-ruby-doc","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-ruby-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-ruby-irb","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-ruby-irb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-ruby-libs","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-ruby-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-ruby-tcltk","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-ruby-tcltk"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-bigdecimal","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-bigdecimal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.6-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-io-console","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-io-console"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.4.3-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-json","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-json"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.8.1.1-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-minitest","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-minitest"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.4.3-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-power_assert","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-power_assert"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.2-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-psych","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-psych"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.0.8.1-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-rake","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-rake"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.4.2-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-rdoc","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-rdoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.2.0-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-test-unit","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-test-unit"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.8-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygems","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-rubygems"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.5.4-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygems-devel","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-ruby22-rubygems-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.5.4-19.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-ruby","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-ruby"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-ruby-debuginfo","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-ruby-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-ruby-devel","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-ruby-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-ruby-doc","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-ruby-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-ruby-irb","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-ruby-irb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-ruby-libs","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-ruby-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-ruby-tcltk","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-ruby-tcltk"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.9-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-bigdecimal","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-bigdecimal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.6-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-io-console","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-io-console"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.4.3-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-json","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-json"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.8.1.1-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-minitest","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-minitest"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.4.3-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-power_assert","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-power_assert"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.2-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-psych","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-psych"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.0.8.1-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-rake","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-rake"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.4.2-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-rdoc","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-rdoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.2.0-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygem-test-unit","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-rubygem-test-unit"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.8-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygems","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-rubygems"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.5.4-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}},{"package":{"name":"rh-ruby22-rubygems-devel","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-ruby22-rubygems-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.5.4-19.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:0583.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}