Package rubygem-rexml-3.3.9-4.module+el8.10.0+700+1f2b8b98.noarch
| Name | rubygem-rexml |
|---|---|
| Epoch | 0 |
| Version | 3.3.9 |
| Release | 4.module+el8.10.0+700+1f2b8b98 |
| Architecture | noarch |
| Website/URL | https://github.com/ruby/rexml |
| License | BSD-2-Clause |
| Build Time | 2025-07-04 08:44:04 |
| Build Host | builder-x86-04.inferitos.ru |
| Summary | An XML toolkit for Ruby |
| Repositories | AppStream |
| Description | REXML was inspired by the Electric XML library for Java, which features an easy-to-use API, small size, and speed. Hopefully, REXML, designed with the same philosophy, has these same features. I've tried to keep the API as intuitive as possible, and have followed the Ruby methodology for method naming and code flow, rather than mirroring the Java API. REXML supports both tree and stream document parsing. Stream parsing is faster (about 1.5 times as fast). However, with stream parsing, you don't get access to features such as XPath. |
| Errata | INFSA-2025:10217 |
| Size | 160 KiB |
| Source Project | ruby-3.3.8-4.module+el8.10.0+700+1f2b8b98 |
| SHA-256 checksum | cc24d95c37d6e3c0afe05f499b391ac8db7a6600986f3a14badd8cb7aaa3fb3c |
×
![Full screenshot]()
* Fri Apr 11 2025 Jarek Prokop <jprokop@redhat.com> - 3.3.8-4
- Upgrade to Ruby 3.3.8.
Resolves: RHEL-68632
- Fix Net::IMAP vulnerable to possible DoS by memory exhaustion. (CVE-2025-25186)
- Fix Denial of Service in CGI::Cookie.parse. (CVE-2025-27219)
- Fix userinfo leakage in URI#join, URI#merge and URI#+. (CVE-2025-27221)
* Wed Sep 04 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.5-3
- Upgrade to Ruby 3.3.5
Resolves: RHEL-55409
- Fix DoS vulnerability in rexml.
(CVE-2024-39908)
(CVE-2024-41946)
(CVE-2024-43398)
Resolves: RHEL-57049
Resolves: RHEL-57054
Resolves: RHEL-57069
- Fix REXML DoS when parsing an XML having many specific characters such as
whitespace character, >] and ]>.
(CVE-2024-41123)
Resolves: RHEL-52783
* Fri Jun 07 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 3.3.1-2
- Rebuilt for MSVSphere 8.10
* Mon May 20 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.1-2
- Upgrade to Ruby 3.3.1.
Resolves: RHEL-37446
- Fix buffer overread vulnerability in StringIO.
(CVE-2024-27280)
Resolves: RHEL-37448
- Fix RCE vulnerability with .rdoc_options in RDoc.
(CVE-2024-27281)
Resolves: RHEL-37449
- Fix Arbitrary memory address read vulnerability with Regex search.
(CVE-2024-27282)
Resolves: RHEL-37447
* Thu Jan 18 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.0-1
- Upgrade to Ruby 3.3.0.
Resolves: RHEL-17090
* Thu Apr 21 2022 Jarek Prokop <jprokop@redhat.com> - 3.1.2-141
- Upgrade to Ruby 3.1.2.
Resolves: rhbz#2063772
* Tue Oct 05 2021 Jarek Prokop <jprokop@redhat.com> - 3.0.2-140
- Fix rubygem-irb upgrade not working due to directory -> symlink conversion.
Resolves: rhbz#2010949
* Tue Jul 13 2021 Jarek Prokop <jprokop@redhat.com> - 3.0.2-139
- Upgrade to Ruby 3.0.2.
Related: rhbz#1938942
- Fix command injection vulnerability in RDoc. (CVE-2021-31799)
- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
(CVE-2021-31810)
- Fix StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066)
- Fix dependencies of gems with explicit source installed from a
different source. (CVE-2020-36327)
- Pass ldflags to gem install via CONFIGURE_ARGS.
The same comment on the changelog 3.0.1-138 was wrong.
* Mon Jun 07 2021 Jarek Prokop <jprokop@redhat.com> - 3.0.1-138
- Upgrade to Ruby 3.0.1 by merging Fedora rawhide branch (commit: 6b2ff68).
* Add missing `rubygem-` prefix for bundled provide of 'connection_pool'.
* Pass ldflags to gem install via CONFIGURE_ARGS
* Remove IRB dependency from rubygem-rdoc.
* Fix flaky excon test suite.
* Properly support DWARF5 debug information.
Related: rhbz#1920533
* Bundle OpenSSL into StdLib.
* Fix SEGFAULT in rubygem-shoulda-matchers test suite.
* Provide `gem.build_complete` file for binary gems.
* Re-enable test suite.
* ruby-default-gems have to depend on rubygem(io-console) due to reline.
* Fix SEGFAULT preventing rubygem-unicode to build on armv7hl.
* Add support for reworked RubyGems plugins.
* Use proper path for plugin wrappers.
* Extract RSS and REXML into separate subpackages, because they were moved from
default gems to bundled gems.
* Drop Net::Telnet and XMLRPC packages, because they were dropped from Ruby.
Resolves: rhbz#1938942
- Fix FTBFS due to an incompatible load directive.
* Wed Apr 07 2021 Pavel Valena <pvalena@redhat.com> - 2.7.3-136
- Upgrade to Ruby 2.7.3.
Resolves: rhbz#1947938
- Resolv::DNS: timeouts if multiple IPv6 name servers are given and address
contains leading zero
Resolves: rhbz#1944227