CVE-2022-28739: Buffer overrun in String-to-Float conversion Posted by mame on 12 Apr 2022 A buffer-overrun vulnerability is discovered in a conversion algorithm from a String to a Float. This vulnerability has been assigned the CVE identifier CVE-2022-28739. We strongly recommend upgrading Ruby.
Created ruby tracking bugs for this issue: Affects: fedora-all [bug 2078346] Created ruby:2.5/ruby tracking bugs for this issue: Affects: fedora-all [bug 2078347] Created ruby:2.6/ruby tracking bugs for this issue: Affects: fedora-all [bug 2078348] Created ruby:2.7/ruby tracking bugs for this issue: Affects: fedora-all [bug 2078349] Created ruby:3.0/ruby tracking bugs for this issue: Affects: fedora-all [bug 2078350] Created ruby:master/ruby tracking bugs for this issue: Affects: fedora-all [bug 2078351]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:5338 https://access.redhat.com/errata/RHSA-2022:5338
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-28739
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:6447 https://access.redhat.com/errata/RHSA-2022:6447
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:6450 https://access.redhat.com/errata/RHSA-2022:6450
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:6585 https://access.redhat.com/errata/RHSA-2022:6585
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2022:6855 https://access.redhat.com/errata/RHSA-2022:6855
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2022:6856 https://access.redhat.com/errata/RHSA-2022:6856
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7025 https://access.redhat.com/errata/RHSA-2023:7025