ALSA-2025:8131

[ALSA-2025:8131] Moderate: ruby security update

Type:

security

Severity:

moderate

Release date:

2025-05-29

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.  

Security Fix(es):  

  * net-imap: Net::IMAP vulnerable to possible DoS by memory exhaustion (CVE-2025-25186)
  * CGI: Denial of Service in CGI::Cookie.parse (CVE-2025-27219)
  * uri: userinfo leakage in URI#join, URI#merge and URI#+ (CVE-2025-27221)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
noarch	rubygem-rdoc-6.6.3.1-10.el10_0.noarch.rpm	000f7ae4b812c2f8b76657ab8a2eb89bac65625b9c16fdabbb066367199be08b
noarch	rubygems-devel-3.5.22-10.el10_0.noarch.rpm	155cbfad75054d591f4af2bc0623816222795d49f8a9aa13185bae6f5724f4d5
noarch	ruby-doc-3.3.8-10.el10_0.noarch.rpm	1d51af9d9ce63f6f9ce5c086008e0ee96160064dff2ea7fde6da5774cdd48731
noarch	rubygems-3.5.22-10.el10_0.noarch.rpm	2535aadd931d6ffe6a62fa72fa20e0f7298f36a9d95f3572576eb3d4cb1b0744
noarch	rubygem-rss-0.3.1-10.el10_0.noarch.rpm	2848b4be77f58301df888353630f1a3c9682a34832454e39630adf91d1aea9dc
noarch	rubygem-test-unit-3.6.1-10.el10_0.noarch.rpm	5302e1d16ea44cbb171ea758e9b5e6ae802e7a8ee31d0d7684e4685e49aefa0f
noarch	rubygem-rake-13.1.0-10.el10_0.noarch.rpm	5bc6f0eab10cc1e6d7dcf548db89906057d6bea53ea80c50c457d9b88d17e534
noarch	rubygem-typeprof-0.21.9-10.el10_0.noarch.rpm	7731d655f4f2577401b92eb83b124cd72087c6b54e9d856ff37081d2181fa4a5
noarch	rubygem-irb-1.13.1-10.el10_0.noarch.rpm	78fa8c4a557c809664e24ae265f5e4547745fada84375364357bf58a98608604
noarch	rubygem-bundler-2.5.22-10.el10_0.noarch.rpm	7dd21d0b71684b061c77df1b5ae31220cc8ba1a7cf822b733ecaf0ef368cccd4
noarch	rubygem-power_assert-2.0.3-10.el10_0.noarch.rpm	967f3ceb1f03f961ce913304ea4bc74f83a0a5e118bef43b6250d175031c063e
noarch	rubygem-minitest-5.20.0-10.el10_0.noarch.rpm	9d4c545129d46b0e36a7024b0d1ea8071a20bc002b39e2438550ebe2ad5feeb2
noarch	rubygem-rexml-3.3.9-10.el10_0.noarch.rpm	dada2b54032dd2b68b46e91ca4406c099a2870f48660965b5abee5dccf3a6e81
noarch	ruby-default-gems-3.3.8-10.el10_0.noarch.rpm	ff56292a0f5dc09dc988fbc7e487c33e1b304f3ddc47b5787a4ef845c45abfd6

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.