[ol9_appstream] rubygem-bundler-2.5.22-4.module+el9.5.0+90562+4bc8f111.noarch

Name:	rubygem-bundler
Version:	2.5.22
Release:	4.module+el9.5.0+90562+4bc8f111
Architecture:	noarch
Module:	ruby:3.3:9050020250506040036:9
Group:	Unspecified
Size:	1500013
License:	MIT AND (Ruby OR BSD-2-Clause)
RPM:	rubygem-bundler-2.5.22-4.module+el9.5.0+90562+4bc8f111.noarch.rpm
Source RPM:	ruby-3.3.8-4.module+el9.5.0+90562+4bc8f111.src.rpm
Build Date:	Tue May 06 2025
Build Host:	build-ol9-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://www.ruby-lang.org/
Summary:	Library and utilities to manage a Ruby application's gem dependencies
Description:	Bundler manages an application's dependencies through its entire life, across many machines, systematically and repeatably.

Changelog (Show File list) (Show related packages)

Fri Apr 11 2025 Jarek Prokop <jprokop@redhat.com> - 3.3.8-4

- Upgrade to Ruby 3.3.8.
  Resolves: RHEL-86933
- Fix Net::IMAP vulnerable to possible DoS by memory exhaustion. (CVE-2025-25186)
- Fix Denial of Service in CGI::Cookie.parse. (CVE-2025-27219)
  Resolves: RHEL-87182
- Fix userinfo leakage in URI#join, URI#merge and URI#+. (CVE-2025-27221)

Wed Sep 04 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.5-3

- Upgrade to Ruby 3.3.5
  Resolves: RHEL-57577
- Fix DoS vulnerability in rexml.
  (CVE-2024-39908)
  (CVE-2024-41946)
  (CVE-2024-43398)
  Resolves: RHEL-57574
  Resolves: RHEL-57571
  Resolves: RHEL-57579
- Fix REXML DoS when parsing an XML having many specific characters such as
  whitespace character, >] and ]>.
  (CVE-2024-41123)
  Resolves: RHEL-57568
- Fix incorrect symlink for rubygem-irb's library.
  Resolves: RHEL-57598

Mon May 20 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.1-2

- Upgrade to Ruby 3.3.1.
  Resolves: RHEL-33976
- Fix buffer overread vulnerability in StringIO.
  (CVE-2024-27280)
  Resolves: RHEL-34130
- Fix RCE vulnerability with .rdoc_options in RDoc.
  (CVE-2024-27281)
  Resolves: RHEL-34122
- Fix Arbitrary memory address read vulnerability with Regex search.
  (CVE-2024-27282)
  Resolves: RHEL-33872

Wed Jan 17 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.0-1
```
- Upgrade to Ruby 3.3.0.
  Resolves: RHEL-17089
```

Sun Dec 03 2023 Jun Aruga <jaruga@redhat.com> - 3.1.2-142

- Bypass git submodule test failure on Git >= 2.38.1.
- Fix tests with Europe/Amsterdam pre-1970 time on tzdata version 2022b.
- Fix for tzdata-2022g.
- Fix OpenSSL.fips_mode and OpenSSL::PKey.read in OpenSSL 3 FIPS.
  Resolves: RHEL-5590
- ssl: use ffdhe2048 from RFC 7919 as the default DH group parameters
  Related: RHEL-5590
- Disable fiddle tests that use FFI closures.
  Related: RHEL-5590