[El-errata] ELSA-2026-20596 Important: Oracle Linux 9 ruby:4.0 security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Mon Jul 6 23:21:43 UTC 2026
Oracle Linux Security Advisory ELSA-2026-20596
http://linux.oracle.com/errata/ELSA-2026-20596.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
ruby-4.0.3-32.module+el9.8.0+90929+122d8796.i686.rpm
ruby-4.0.3-32.module+el9.8.0+90929+122d8796.x86_64.rpm
ruby-bundled-gems-4.0.3-32.module+el9.8.0+90929+122d8796.i686.rpm
ruby-bundled-gems-4.0.3-32.module+el9.8.0+90929+122d8796.x86_64.rpm
ruby-default-gems-4.0.3-32.module+el9.8.0+90929+122d8796.noarch.rpm
ruby-devel-4.0.3-32.module+el9.8.0+90929+122d8796.i686.rpm
ruby-devel-4.0.3-32.module+el9.8.0+90929+122d8796.x86_64.rpm
ruby-doc-4.0.3-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-bigdecimal-4.0.1-32.module+el9.8.0+90929+122d8796.i686.rpm
rubygem-bigdecimal-4.0.1-32.module+el9.8.0+90929+122d8796.x86_64.rpm
rubygem-bundler-4.0.6-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-io-console-0.8.2-32.module+el9.8.0+90929+122d8796.i686.rpm
rubygem-io-console-0.8.2-32.module+el9.8.0+90929+122d8796.x86_64.rpm
rubygem-irb-1.16.0-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-json-2.18.0-32.module+el9.8.0+90929+122d8796.i686.rpm
rubygem-json-2.18.0-32.module+el9.8.0+90929+122d8796.x86_64.rpm
rubygem-minitest-6.0.0-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-mysql2-0.5.7-1.module+el9.8.0+90929+122d8796.x86_64.rpm
rubygem-mysql2-doc-0.5.7-1.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-pg-1.6.3-1.module+el9.8.0+90929+122d8796.x86_64.rpm
rubygem-pg-doc-1.6.3-1.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-power_assert-3.0.1-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-psych-5.3.1-32.module+el9.8.0+90929+122d8796.i686.rpm
rubygem-psych-5.3.1-32.module+el9.8.0+90929+122d8796.x86_64.rpm
rubygem-racc-1.8.1-32.module+el9.8.0+90929+122d8796.i686.rpm
rubygem-racc-1.8.1-32.module+el9.8.0+90929+122d8796.x86_64.rpm
rubygem-rake-13.3.1-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-rbs-3.10.0-32.module+el9.8.0+90929+122d8796.i686.rpm
rubygem-rbs-3.10.0-32.module+el9.8.0+90929+122d8796.x86_64.rpm
rubygem-rdoc-7.0.3-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-rexml-3.4.4-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-rss-0.3.2-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygems-4.0.6-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygems-devel-4.0.6-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-test-unit-3.7.5-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-typeprof-0.31.1-32.module+el9.8.0+90929+122d8796.noarch.rpm
ruby-libs-4.0.3-32.module+el9.8.0+90929+122d8796.i686.rpm
ruby-libs-4.0.3-32.module+el9.8.0+90929+122d8796.x86_64.rpm
aarch64:
ruby-4.0.3-32.module+el9.8.0+90929+122d8796.aarch64.rpm
ruby-bundled-gems-4.0.3-32.module+el9.8.0+90929+122d8796.aarch64.rpm
ruby-default-gems-4.0.3-32.module+el9.8.0+90929+122d8796.noarch.rpm
ruby-devel-4.0.3-32.module+el9.8.0+90929+122d8796.aarch64.rpm
ruby-doc-4.0.3-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-bigdecimal-4.0.1-32.module+el9.8.0+90929+122d8796.aarch64.rpm
rubygem-bundler-4.0.6-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-io-console-0.8.2-32.module+el9.8.0+90929+122d8796.aarch64.rpm
rubygem-irb-1.16.0-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-json-2.18.0-32.module+el9.8.0+90929+122d8796.aarch64.rpm
rubygem-minitest-6.0.0-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-mysql2-0.5.7-1.module+el9.8.0+90929+122d8796.aarch64.rpm
rubygem-mysql2-doc-0.5.7-1.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-pg-1.6.3-1.module+el9.8.0+90929+122d8796.aarch64.rpm
rubygem-pg-doc-1.6.3-1.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-power_assert-3.0.1-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-psych-5.3.1-32.module+el9.8.0+90929+122d8796.aarch64.rpm
rubygem-racc-1.8.1-32.module+el9.8.0+90929+122d8796.aarch64.rpm
rubygem-rake-13.3.1-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-rbs-3.10.0-32.module+el9.8.0+90929+122d8796.aarch64.rpm
rubygem-rdoc-7.0.3-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-rexml-3.4.4-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-rss-0.3.2-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygems-4.0.6-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygems-devel-4.0.6-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-test-unit-3.7.5-32.module+el9.8.0+90929+122d8796.noarch.rpm
rubygem-typeprof-0.31.1-32.module+el9.8.0+90929+122d8796.noarch.rpm
ruby-libs-4.0.3-32.module+el9.8.0+90929+122d8796.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/ruby-4.0.3-32.module+el9.8.0+90929+122d8796.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/rubygem-mysql2-0.5.7-1.module+el9.8.0+90929+122d8796.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates/rubygem-pg-1.6.3-1.module+el9.8.0+90929+122d8796.src.rpm
Related CVEs:
CVE-2026-33210
CVE-2026-41316
Description of changes:
ruby
[4.0.3-32]
- Upgrade to Ruby 4.0.3.
Resolves: RHEL-171933
- Fix ERB: Arbitrary code execution via deserialization bypass
(CVE-2026-41316)
Resolves: RHEL-171258
- Fix JSON: Denial of Service or Information Disclosure via format string injection
(CVE-2026-33210)
Resolves: RHEL-173458
rubygem-mysql2
[0.5.7-1]
- Upgrade to mysql2 0.5.7.
Related: RHEL-142278
rubygem-pg
[1.6.3-1]
- Upgrade to pg 1.6.3
Related: RHEL-142278
More information about the El-errata
mailing list