RLSA-2025:23063

Details

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

Security Fix(es):

resolv: Denial of Service in resolv gem (CVE-2025-24294)
rexml: REXML denial of service (CVE-2025-58767)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Packages

Rocky Linux:9ruby

Fixed in:

0:3.3.10-5.module+el9.7.0+40039+300ba1ed

Rocky Linux:9rubygem-mysql2

Fixed in:

0:0.5.5-3.module+el9.7.0+40032+36e56d0d

Rocky Linux:9rubygem-pg

Fixed in:

0:1.5.4-1.module+el9.7.0+40032+36e56d0d.0.1

References

REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2379684 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2396186 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2426336 ADVISORYhttps://errata.rockylinux.org/RLSA-2025:23063

RLSA-2025:23063

Details

Affected Packages

References

CVSS Analysis

Upstream

Ecosystems

Credits

Timeline