[ol8_appstream] ruby-3.3.8-4.module+el8.10.0+90625+b4030d02.x86_64

Name:	ruby
Version:	3.3.8
Release:	4.module+el8.10.0+90625+b4030d02
Architecture:	x86_64
Module:	ruby:3.3:8100020250414172630:489197e6
Group:	Unspecified
Size:	87918
License:	(Ruby OR BSD-2-Clause) AND (Ruby OR BSD-2-Clause OR GPL-1.0-or-later) AND BSD-3-Clause AND (GPL-3.0-or-later WITH Bison-exception-2.2) AND ISC AND LicenseRef-Fedora-Public-Domain AND MIT AND CC0 AND zlib AND Unicode-DFS-2015 AND HPND-Markus-Kuhn AND Ruby-pty
RPM:	ruby-3.3.8-4.module+el8.10.0+90625+b4030d02.x86_64.rpm
Source RPM:	ruby-3.3.8-4.module+el8.10.0+90625+b4030d02.src.rpm
Build Date:	Thu Jul 03 2025
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://www.ruby-lang.org/
Summary:	An interpreter of object-oriented scripting language
Description:	Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible.

Changelog (Show File list) (Show related packages)

Fri Apr 11 2025 Jarek Prokop <jprokop@redhat.com> - 3.3.8-4

- Upgrade to Ruby 3.3.8.
  Resolves: RHEL-68632
- Fix Net::IMAP vulnerable to possible DoS by memory exhaustion. (CVE-2025-25186)
- Fix Denial of Service in CGI::Cookie.parse. (CVE-2025-27219)
- Fix userinfo leakage in URI#join, URI#merge and URI#+. (CVE-2025-27221)

Wed Sep 04 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.5-3

- Upgrade to Ruby 3.3.5
  Resolves: RHEL-55409
- Fix DoS vulnerability in rexml.
  (CVE-2024-39908)
  (CVE-2024-41946)
  (CVE-2024-43398)
  Resolves: RHEL-57049
  Resolves: RHEL-57054
  Resolves: RHEL-57069
- Fix REXML DoS when parsing an XML having many specific characters such as
  whitespace character, >] and ]>.
  (CVE-2024-41123)
  Resolves: RHEL-52783

Mon May 20 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.1-2

- Upgrade to Ruby 3.3.1.
  Resolves: RHEL-37446
- Fix buffer overread vulnerability in StringIO.
  (CVE-2024-27280)
  Resolves: RHEL-37448
- Fix RCE vulnerability with .rdoc_options in RDoc.
  (CVE-2024-27281)
  Resolves: RHEL-37449
- Fix Arbitrary memory address read vulnerability with Regex search.
  (CVE-2024-27282)
  Resolves: RHEL-37447

Thu Jan 18 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.0-1
```
- Upgrade to Ruby 3.3.0.
  Resolves: RHEL-17090
```
Thu Apr 21 2022 Jarek Prokop <jprokop@redhat.com> - 3.1.2-141
```
- Upgrade to Ruby 3.1.2.
  Resolves: rhbz#2063772
```

Tue Oct 05 2021 Jarek Prokop <jprokop@redhat.com> - 3.0.2-140

- Fix rubygem-irb upgrade not working due to directory -> symlink conversion.
  Resolves: rhbz#2010949

Tue Jul 13 2021 Jarek Prokop <jprokop@redhat.com> - 3.0.2-139

- Upgrade to Ruby 3.0.2.
  Related: rhbz#1938942
- Fix command injection vulnerability in RDoc. (CVE-2021-31799)
- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
  (CVE-2021-31810)
- Fix StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066)
- Fix dependencies of gems with explicit source installed from a
  different source. (CVE-2020-36327)
- Pass ldflags to gem install via CONFIGURE_ARGS.
  The same comment on the changelog 3.0.1-138 was wrong.

Mon Jun 07 2021 Jarek Prokop <jprokop@redhat.com> - 3.0.1-138

- Upgrade to Ruby 3.0.1 by merging Fedora rawhide branch (commit: 6b2ff68).
  * Add missing `rubygem-` prefix for bundled provide of 'connection_pool'.
  * Pass ldflags to gem install via CONFIGURE_ARGS
  * Remove IRB dependency from rubygem-rdoc.
  * Fix flaky excon test suite.
  * Properly support DWARF5 debug information.
      Related: rhbz#1920533
  * Bundle OpenSSL into StdLib.
  * Fix SEGFAULT in rubygem-shoulda-matchers test suite.
  * Provide `gem.build_complete` file for binary gems.
  * Re-enable test suite.
  * ruby-default-gems have to depend on rubygem(io-console) due to reline.
  * Fix SEGFAULT preventing rubygem-unicode to build on armv7hl.
  * Add support for reworked RubyGems plugins.
  * Use proper path for plugin wrappers.
  * Extract RSS and REXML into separate subpackages, because they were moved from
     default gems to bundled gems.
  * Drop Net::Telnet and XMLRPC packages, because they were dropped from Ruby.
  Resolves: rhbz#1938942
- Fix FTBFS due to an incompatible load directive.

Wed Apr 07 2021 Pavel Valena <pvalena@redhat.com> - 2.7.3-136

- Upgrade to Ruby 2.7.3.
  Resolves: rhbz#1947938
- Resolv::DNS: timeouts if multiple IPv6 name servers are given and address
  contains leading zero
  Resolves: rhbz#1944227

Tue Oct 13 2020 Vít Ondruch <vondruch@redhat.com> - 2.7.2-135

- Upgrade to Ruby 2.7.2.
- Avoid possible timeout errors in TestBugReporter#test_bug_reporter_add.