[ALSA-2021:2587] Moderate: ruby:2.5 security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2022-02-17
Description:
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby (2.5.9). (BZ#1952626) Security Fix(es): * ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? (CVE-2019-15845) * ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication (CVE-2019-16201) * ruby: Code injection via command argument of Shell#test / Shell#[] (CVE-2019-16255) * rubygem-json: Unsafe object creation vulnerability in JSON (CVE-2020-10663) * ruby: BasicSocket#read_nonblock method leads to information disclosure (CVE-2020-10933) * ruby: Potential HTTP request smuggling in WEBrick (CVE-2020-25613) * ruby: XML round-trip vulnerability in REXML (CVE-2021-28965) * ruby: HTTP response splitting in WEBrick (CVE-2019-16254) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 rubygem-bson-4.3.0-2.module_el8.5.0+2625+ec418553.aarch64.rpm 5974fa8497b83d1a4df2acf3d75301aa07fad828a823aec6a400436f617dc58f
aarch64 rubygem-pg-1.0.0-2.module_el8.5.0+2625+ec418553.aarch64.rpm b76cc13be890a6906181ad9982fe8b11be4f53e55c642d0251eb2b8f4d838c3f
aarch64 rubygem-mysql2-0.4.10-4.module_el8.5.0+2625+ec418553.aarch64.rpm df9c22479a5fbb8f2897203f63a3e4427a4fe59460d7e9ed5fe686519e1e51c8
noarch rubygem-abrt-doc-0.3.0-4.module_el8.5.0+259+8cec6917.noarch.rpm 085e4c052f70e2dd1f91aa3776bdd0e33ded15a62b2a29308b537683a52e1d4e
noarch rubygem-abrt-doc-0.3.0-4.module_el8.5.0+2623+08a8ba32.noarch.rpm 170bbe9133041c6959d3996e7531a30d32100cb72360a22689121f13394eb5e3
noarch rubygem-abrt-0.3.0-4.module_el8.5.0+2625+ec418553.noarch.rpm 251a37b9981b1ac6685904e0475b4cd0ae97be504b69cbc002896057cff48bbe
noarch rubygem-pg-doc-1.0.0-2.module_el8.5.0+2625+ec418553.noarch.rpm 7684213ac8f6b30ffaa2808065dc188c4ebdca462b5156f43fd2df88076d4a94
noarch rubygem-bson-doc-4.3.0-2.module_el8.5.0+2625+ec418553.noarch.rpm 820dee686065f0a35fb15e687d8595cfc665da43dc8ca2196c9e11fd568f8fb6
noarch rubygem-abrt-doc-0.3.0-4.module_el8.5.0+2625+ec418553.noarch.rpm 8604fec34b7f851c63344f64e4510c4923f56bf9d3cdf0aba2aae1608f26c804
noarch rubygem-mongo-2.5.1-2.module_el8.5.0+259+8cec6917.noarch.rpm 91e9a2cedb30ee0e4f76e4325796e9f0f253f983467a910e71538f9e695edfc8
noarch rubygem-mysql2-doc-0.4.10-4.module_el8.5.0+2625+ec418553.noarch.rpm a5c437b38dfc84a5e1abd920fbb284c8c83eee2636c46db7be65dabe7580a319
noarch rubygem-abrt-0.3.0-4.module_el8.5.0+259+8cec6917.noarch.rpm a8892a14c019a57d227b1f8d1784c123a59c9cea936069869f1a9e714640a68d
noarch rubygem-mongo-doc-2.5.1-2.module_el8.5.0+2625+ec418553.noarch.rpm c506b397bd566dcb4d539202156f734660a33a62d3a515a6a1cd6b116e8f1608
noarch rubygem-mongo-doc-2.5.1-2.module_el8.5.0+259+8cec6917.noarch.rpm c5e7dfbf124bcbc3dc2c45accb46703ccedbd23df73d4dc0c61bac065d0b4092
noarch rubygem-pg-doc-1.0.0-2.module_el8.5.0+259+8cec6917.noarch.rpm d012f883606994267f5a4643984d6c9898842d62a320b521e81b13b061101317
noarch rubygem-abrt-0.3.0-4.module_el8.5.0+2623+08a8ba32.noarch.rpm e2f75dad83962fbcf5fed5d19cec8da6e0526039475f81f395e239aad0aea460
noarch rubygem-bson-doc-4.3.0-2.module_el8.5.0+259+8cec6917.noarch.rpm edd0c81ca037801eee79ebb60b5c22ada9757fcb8a5434c24fbcf79adbd1567d
noarch rubygem-mysql2-doc-0.4.10-4.module_el8.5.0+259+8cec6917.noarch.rpm f698d987853af092cc267add91763a779924d76d96029204c15f3052ef2a0ff3
noarch rubygem-mongo-2.5.1-2.module_el8.5.0+2625+ec418553.noarch.rpm fd8a90dea5a7c07c95bf2e7ac7337dba4ebe6a1ce35899e2b8c46c6d51b0bbc3
ppc64le rubygem-pg-1.0.0-2.module_el8.5.0+259+8cec6917.ppc64le.rpm 41472bd23112bee428fd9abc821f3ae7009c37984ee001e3c3307f97df2cc34e
ppc64le rubygem-bson-4.3.0-2.module_el8.5.0+259+8cec6917.ppc64le.rpm a5e4457e2736c2e55169c63d83c1c69429c57c426851036811976c1ccafb28af
ppc64le rubygem-mysql2-0.4.10-4.module_el8.5.0+259+8cec6917.ppc64le.rpm aa75a18f3d930eff9a18793d83ef37e5a4ee20d38020be57b8ce69c175f1eac8
x86_64 rubygem-pg-1.0.0-2.module_el8.5.0+2625+ec418553.x86_64.rpm 2476cd71faf291d949829de9fb61b9923886ba75aff75e3df9dd2e7117fe70c3
x86_64 rubygem-bson-4.3.0-2.module_el8.5.0+2625+ec418553.x86_64.rpm 701b12df65f3a6b04c5a716c2d13fa048539842fff558d5ca2a5517735c0ad17
x86_64 rubygem-mysql2-0.4.10-4.module_el8.5.0+2625+ec418553.x86_64.rpm b2ebe847eeadbc351ac9bd080addfc65a5c7d8181cd5b6178b37febc62237648
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.