ALSA-2021:3020

[ALSA-2021:3020] Important: ruby:2.7 security update

Type:

security

Severity:

important

Release date:

2021-08-05

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

Security Fix(es):

* rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source (CVE-2020-36327)

* rubygem-rdoc: Command injection vulnerability in RDoc (CVE-2021-31799)

* ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host (CVE-2021-31810)

* ruby: StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	rubygem-mysql2-0.5.3-1.module_el8.4.0+2399+4e3a532a.aarch64.rpm	2edcadf2289b75b12f926d575c8adefa9857e504c0a0991301c69f2908a4b09b
aarch64	rubygem-bson-4.8.1-1.module_el8.4.0+2399+4e3a532a.aarch64.rpm	333758e298841ffdb198bafeb3bfa18257da69fd1c32bab982cbcac2b767cf48
aarch64	rubygem-bigdecimal-2.0.0-137.module_el8.4.0+2515+f744ca41.aarch64.rpm	35bdca51a66a2a5ef16350aeb1312be8788ede2bc5df74c2b15b42a27bf5efb1
aarch64	ruby-libs-2.7.4-137.module_el8.4.0+2515+f744ca41.aarch64.rpm	6caa4cb9a640fd381cda868fa7cc888c4f039a6e298d7b125ab41d1128af32d4
aarch64	rubygem-openssl-2.1.2-137.module_el8.4.0+2515+f744ca41.aarch64.rpm	6cb7857f1bf95a3dc52e9cdb62349bb9c7693b12ad74b44229008a54f0b80816
aarch64	ruby-2.7.4-137.module_el8.4.0+2515+f744ca41.aarch64.rpm	774ad65e2d04bbf843775475d641e482814f3e549dbafe3411a5f5478be64502
aarch64	rubygem-json-2.3.0-137.module_el8.4.0+2515+f744ca41.aarch64.rpm	8363b6ad0474444eff5f40559980f7cffa4dfdb765cf83fd0360385457a8f630
aarch64	rubygem-io-console-0.5.6-137.module_el8.4.0+2515+f744ca41.aarch64.rpm	9070c3813218cf488e9d9e9889b935dc77376f8eb9233659a369ed5a19a1e8cd
aarch64	ruby-devel-2.7.4-137.module_el8.4.0+2515+f744ca41.aarch64.rpm	ac56a59c5d4aa7c346ca5e79fabaff3f7db6fe53fe1ad9fc2f6d2f5c550453cc
aarch64	rubygem-pg-1.2.3-1.module_el8.4.0+2399+4e3a532a.aarch64.rpm	bd0918ea2953f6fbf020676c9e59c1afba82f3c63618b48df2461e82ace1600c
aarch64	rubygem-psych-3.1.0-137.module_el8.4.0+2515+f744ca41.aarch64.rpm	e0180eba54eb7d2e0c3a7deba71920ac86ada84379911d23870fe6b83ba40ec4
noarch	rubygems-devel-3.1.6-137.module_el8.4.0+2515+f744ca41.noarch.rpm	07c75925df0f416471684914035c6f564f509f6c3228775a20f3c5a2cbc292f5
noarch	rubygem-xmlrpc-0.3.0-137.module_el8.4.0+2515+f744ca41.noarch.rpm	1f8c557ecfba0083e0ef41a7fe90aeb3aae46305eb82502bccf5574f56455766
noarch	rubygem-mongo-2.11.3-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	29a67cc70b1c85be991d0ce26ed5bb85e4b3fb0d76f68a7162b6cd8c010c8107
noarch	rubygem-mongo-doc-2.11.3-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	2d6e54bc38c5e81f043f94ce37b0731f4bf61adc0b556732c2a9ab80afb1a25a
noarch	rubygem-rdoc-6.2.1.1-137.module_el8.4.0+2515+f744ca41.noarch.rpm	34789484dc6e61025f03727a4757b92594cd73a813e68a612c59398fbe26d002
noarch	ruby-doc-2.7.4-137.module_el8.4.0+2515+f744ca41.noarch.rpm	369af446b4a5d3f795b34dde31350f8d79148aa35eba42040878c4b5b40a70e9
noarch	rubygem-mysql2-doc-0.5.3-1.module_el8.5.0+118+1ab773e1.noarch.rpm	419c4d3967fde63ef63c5957b866b78e23369020da164a8cfcfc4436f2500e0c
noarch	rubygem-abrt-0.4.0-1.module_el8.4.0+2399+4e3a532a.noarch.rpm	4fe4983dbfdd0b2c2cccb4efe6f4172dedc70b050851c9a66468f652dd176dd4
noarch	rubygem-rake-13.0.1-137.module_el8.4.0+2515+f744ca41.noarch.rpm	505da3285b989ac231d25824bc39075b431922ea08c97f1765308d3c70316d0f
noarch	ruby-default-gems-2.7.4-137.module_el8.4.0+2515+f744ca41.noarch.rpm	55c2ec57402472202f01076a2b7537a58fced39ec39bc1a731ead5a40432ec3c
noarch	rubygem-bundler-2.2.24-137.module_el8.4.0+2515+f744ca41.noarch.rpm	62adf90d471b29cb6510315cda6cd15701367dbcfb1daa0703f0b38b4bae3e34
noarch	rubygems-3.1.6-137.module_el8.4.0+2515+f744ca41.noarch.rpm	63a0ceaed6a20f005bf53d816c79cc24cc1c6f426af0b223cfc4491bfa776c23
noarch	rubygem-mysql2-doc-0.5.3-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	68262161a3dd55b3ca9751fd08163549912a65e4834fe4475b53a39eac3a4979
noarch	rubygem-minitest-5.13.0-137.module_el8.4.0+2515+f744ca41.noarch.rpm	7d96616d48a3dbdb6c13e2e0293004c0af37c84b1fd4859509124aa9a22233fb
noarch	rubygem-pg-doc-1.2.3-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	832d6a8b61314ab7cbf3cacb2315ee02c457becc03299dfe4a8a3ea22129a052
noarch	rubygem-abrt-0.4.0-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	8cf5044f5988e45619e64731f4b83f6be4f619e4d61b31e41f96015c90b9ca30
noarch	rubygem-test-unit-3.3.4-137.module_el8.4.0+2515+f744ca41.noarch.rpm	937f1a0f4d54d26a47af00e4c7fa906aae6cb8053ae9ba1ea09c2ba1c7a7b1a7
noarch	rubygem-net-telnet-0.2.0-137.module_el8.4.0+2515+f744ca41.noarch.rpm	9dc13f261fa61f45b6abbf84ee60f5f60d1ffee5d4abe894f6c908484a281291
noarch	rubygem-abrt-doc-0.4.0-1.module_el8.5.0+118+1ab773e1.noarch.rpm	a51b72daa89a6e972afab50bd546de36fa974ae959d433d5338edb626f8df5bb
noarch	rubygem-bson-doc-4.8.1-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	b18e8b222fd5eac7be3807f897bd0a4148b7f8fb6ddf2f4c242b51cd0b6f21f6
noarch	rubygem-mysql2-doc-0.5.3-1.module_el8.4.0+2399+4e3a532a.noarch.rpm	b4a26ede96ee4b42f2587b9a738b7f6eecc7c4aba9fbd79b25a0bb29a3a5f757
noarch	rubygem-pg-doc-1.2.3-1.module_el8.5.0+118+1ab773e1.noarch.rpm	bdc54fc3fb07189ec22c0629bb2d7b74688080e0299a6719587464b9bee59dea
noarch	rubygem-power_assert-1.1.7-137.module_el8.4.0+2515+f744ca41.noarch.rpm	be5794e29cebb71e88ed423cfc1a8e602f1c9b0bac5413011120fdcda056e2b1
noarch	rubygem-pg-doc-1.2.3-1.module_el8.4.0+2399+4e3a532a.noarch.rpm	bf5ab88cebb180fb5d27342c517ff62e48903aae8ee7086d68932b72fcd000d5
noarch	rubygem-abrt-doc-0.4.0-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	c1c9d43b37c897a6cc1ad5e1405639f1657720f8fa3ac2b0bd67878b9786576b
noarch	rubygem-abrt-doc-0.4.0-1.module_el8.4.0+2399+4e3a532a.noarch.rpm	db5cb353e318349759fce0c08ce56cb2de461f0c9c44ff9cc817be574e8ce799
noarch	rubygem-irb-1.2.6-137.module_el8.4.0+2515+f744ca41.noarch.rpm	e529a1bd6a7d904ab1ff33dca95d0b0891c024cfb3d02de264f1c57ba0a42658
noarch	rubygem-abrt-0.4.0-1.module_el8.5.0+118+1ab773e1.noarch.rpm	ebe9ed7ca8474190371cf80965544fc06defb3a77741b11c30c66eceb1cec390
ppc64le	rubygem-bson-4.8.1-1.module_el8.5.0+117+35d1289b.ppc64le.rpm	294bb17ebabaf3469af4a2ca5767d29cba572dcb4ba45f1edcd0dfb8552d8e88
ppc64le	ruby-2.7.4-137.module_el8.5.0+117+35d1289b.ppc64le.rpm	4b625948960f9b5d913842379707f2c3a690b7b47f193d4b12f3555bed387b6a
ppc64le	rubygem-json-2.3.0-137.module_el8.5.0+117+35d1289b.ppc64le.rpm	565a192fd9fa141b0d95977e4eeaac1333caa62f7b827ca6558426bade0a535b
ppc64le	ruby-devel-2.7.4-137.module_el8.5.0+117+35d1289b.ppc64le.rpm	66f9d284d58629bd2ee292974d13c9cd6a1ab0d73dbcc4acfbf927032c1ddef5
ppc64le	rubygem-pg-1.2.3-1.module_el8.5.0+118+1ab773e1.ppc64le.rpm	7436def9a0e4ca3a4b62dbc38643713baa67e1648fc945b62834e679edfe207a
ppc64le	rubygem-openssl-2.1.2-137.module_el8.5.0+117+35d1289b.ppc64le.rpm	7daf12d0d3a57fed65c43e47229db88ddf9f86237ab0df11639a408e809ca36d
ppc64le	rubygem-psych-3.1.0-137.module_el8.5.0+117+35d1289b.ppc64le.rpm	7f5ab14055938315404ddaac023b4ecc32a43de5efd068c016164694f8b25a2e
ppc64le	rubygem-mysql2-0.5.3-1.module_el8.5.0+118+1ab773e1.ppc64le.rpm	af159fa28a5a0e664f252d88c5b7b50234c32672b2bae924c36579117a94f79f
ppc64le	rubygem-bigdecimal-2.0.0-137.module_el8.5.0+117+35d1289b.ppc64le.rpm	bd533a29b7181b09606ff3154e75410a56981e3207d5b5de4cc808c6b958fbf8
ppc64le	rubygem-io-console-0.5.6-137.module_el8.5.0+117+35d1289b.ppc64le.rpm	f64b5080e16b19e7761d1efb4c826bf198ea0ec7f9d525760fc1c4247729f891
ppc64le	ruby-libs-2.7.4-137.module_el8.5.0+117+35d1289b.ppc64le.rpm	f9909c4d369240691a6d1b468d78b977e2fdc2d32ddb9f75a64cd4c6c405e0d9
x86_64	ruby-2.7.4-137.module_el8.4.0+2515+f744ca41.x86_64.rpm	04b2b761c0763bbdc25ccca1e806873bb8400db643fd01e176e965bd4e2eb8cd
x86_64	rubygem-io-console-0.5.6-137.module_el8.4.0+2515+f744ca41.x86_64.rpm	0bf94321ff83f1122d2e5dd1f7b8c0bff4e9a13fba4b20adf804cf9fcfe9fc59
x86_64	rubygem-pg-1.2.3-1.module_el8.3.0+6147+d0dfc1e4.x86_64.rpm	4623541f1928ac8ef87d69a61688487c69ad7b5bbbea63155b3926f598cf77c9
x86_64	rubygem-mysql2-0.5.3-1.module_el8.3.0+6147+d0dfc1e4.x86_64.rpm	506dba2f324f38bafd87da71f1369001b1d7eb9f879a6e03b956502e73762ad8
x86_64	rubygem-psych-3.1.0-137.module_el8.4.0+2515+f744ca41.x86_64.rpm	5e64681ce8d41a753c539320106f301c48bd8d5148af3256dac43117b8c92175
x86_64	ruby-devel-2.7.4-137.module_el8.4.0+2515+f744ca41.x86_64.rpm	7353ffe85d738a29e9d2d264eae946876974582a310ae7376e28027f3808a5d7
x86_64	rubygem-json-2.3.0-137.module_el8.4.0+2515+f744ca41.x86_64.rpm	a5f2a48b6b912e177a4061a4f8c84c541ec5ff7e1003705f13f799800fde115c
x86_64	rubygem-bigdecimal-2.0.0-137.module_el8.4.0+2515+f744ca41.x86_64.rpm	b02ccb8f6bbaaff92049a9d566a30cc61c738345ce314ce4ad71e11f2d36a2da
x86_64	ruby-libs-2.7.4-137.module_el8.4.0+2515+f744ca41.x86_64.rpm	d84dfb6809012891b353c21a2e81d3110586e64491097ce2076067a9c2c17f1c
x86_64	rubygem-openssl-2.1.2-137.module_el8.4.0+2515+f744ca41.x86_64.rpm	e0980f1c33004c35a85998dbe8451fb5b39bd0269417bbcf185aab38653ed474
x86_64	rubygem-bson-4.8.1-1.module_el8.3.0+6147+d0dfc1e4.x86_64.rpm	e7c4280b8add334a20c39b3330bfb1840e885c62a484873de56286be27a3d5da

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.