ALSA-2022:6447

[ALSA-2022:6447] Moderate: ruby:2.7 security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2023-01-03

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: ruby (2.7.6). (BZ#2109424)

Security Fix(es):

* ruby: Regular expression denial of service vulnerability of Date parsing methods (CVE-2021-41817)
* ruby: Cookie prefix spoofing in CGI::Cookie.parse (CVE-2021-41819)
* Ruby: Buffer overrun in String-to-Float conversion (CVE-2022-28739)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	ruby-2.7.6-138.module_el8.6.0+3263+904da987.aarch64.rpm	1584a7ed768869cc3c3adbbb0b0b0c57b2c76d1df1a38832b7698949efc709a5
aarch64	rubygem-mysql2-0.5.3-1.module_el8.4.0+2399+4e3a532a.aarch64.rpm	2edcadf2289b75b12f926d575c8adefa9857e504c0a0991301c69f2908a4b09b
aarch64	rubygem-bson-4.8.1-1.module_el8.4.0+2399+4e3a532a.aarch64.rpm	333758e298841ffdb198bafeb3bfa18257da69fd1c32bab982cbcac2b767cf48
aarch64	rubygem-io-console-0.5.6-138.module_el8.6.0+3263+904da987.aarch64.rpm	5068e95306341107a9d87ed00ae632accd83dba55007c96a7c33c08984cef2f1
aarch64	rubygem-bigdecimal-2.0.0-138.module_el8.6.0+3263+904da987.aarch64.rpm	6b5278db4f3476fcdd323d8e21ad56926e3f8bad4f6e99c655431883ce23bbef
aarch64	rubygem-openssl-2.1.3-138.module_el8.6.0+3263+904da987.aarch64.rpm	85b677be4b800ea62652924cb972d7bd1e9eebed290e347c569639004986994f
aarch64	rubygem-json-2.3.0-138.module_el8.6.0+3263+904da987.aarch64.rpm	9245ad699d705c292bdf3432897c04c6c2be7a984cfaab33b3cf16a43c91bcc7
aarch64	rubygem-pg-1.2.3-1.module_el8.4.0+2399+4e3a532a.aarch64.rpm	bd0918ea2953f6fbf020676c9e59c1afba82f3c63618b48df2461e82ace1600c
aarch64	ruby-devel-2.7.6-138.module_el8.6.0+3263+904da987.aarch64.rpm	cf6d6036e4fcbeeec829c7e87361ed9eadf32c9b4ee9e4dc068cc15332f1907c
aarch64	rubygem-psych-3.1.0-138.module_el8.6.0+3263+904da987.aarch64.rpm	dfadc6c0fd6fe13388e28c3eb7d9a4f401c6d9a8730a62ba02ddc5546a2ce9c7
aarch64	ruby-libs-2.7.6-138.module_el8.6.0+3263+904da987.aarch64.rpm	e176b84a95d3be5a1b4f00332e1af85b9c4f909bf2ae7c274eaa56794c335d71
i686	rubygem-json-2.3.0-138.module_el8.6.0+3263+904da987.i686.rpm	09f7f9fa675e195c5aa6504eac457b0af353559a8a1ebe6b3471ef599f1b7f54
i686	rubygem-io-console-0.5.6-138.module_el8.6.0+3263+904da987.i686.rpm	22f13447aacd98ca2787b909a6eda0be8a14415a4ebcc6a26817672ce8dea0b8
i686	ruby-2.7.6-138.module_el8.6.0+3263+904da987.i686.rpm	551efd8aa5bd8d33a430de9044edde8d30260b767e731750c23c109b13f1064c
i686	rubygem-bigdecimal-2.0.0-138.module_el8.6.0+3263+904da987.i686.rpm	58cda091df1e4a02def82056e168aa48699ef30c74594c01027fc78215770650
i686	ruby-devel-2.7.6-138.module_el8.6.0+3263+904da987.i686.rpm	674054c8343f03b48d3f85211b6d5129aefecfd1141b3ec2116ca92e4aa915f0
i686	rubygem-psych-3.1.0-138.module_el8.6.0+3263+904da987.i686.rpm	a3ff4f4471448f1235cadc4734f36b9fc9749403e061f3dcfc613104f55f613f
i686	ruby-libs-2.7.6-138.module_el8.6.0+3263+904da987.i686.rpm	b60ac1bd7bcad104cbb8cf9da1ec08f2448368c25a914db0c0dc79edc1272385
i686	rubygem-openssl-2.1.3-138.module_el8.6.0+3263+904da987.i686.rpm	d1f2d945d2f6eb7cebcc1607d5e729024fcc9d2bbdfb270f8767f91e1a362fb9
noarch	rubygem-irb-1.2.6-138.module_el8.6.0+3263+904da987.noarch.rpm	0fa8ec5d6faebfb0a5b0d54e86aa10e6c072bb8eb96ee1a41926243a25f3bb66
noarch	rubygem-abrt-doc-0.4.0-1.module_el8.5.0+2595+0c654ebc.noarch.rpm	2528c02a9e047144b621bd3f6fad0d04bfe95f9da9edcfe25330f38bb7c32c00
noarch	rubygem-bundler-2.2.24-138.module_el8.6.0+3263+904da987.noarch.rpm	28d924a2176905f071ee04ccab9ce9fb312f1a2f3c64e26ee3ee25a4e19b0440
noarch	rubygem-mongo-2.11.3-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	29a67cc70b1c85be991d0ce26ed5bb85e4b3fb0d76f68a7162b6cd8c010c8107
noarch	rubygem-mongo-doc-2.11.3-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	2d6e54bc38c5e81f043f94ce37b0731f4bf61adc0b556732c2a9ab80afb1a25a
noarch	rubygem-mysql2-doc-0.5.3-1.module_el8.5.0+2595+0c654ebc.noarch.rpm	36ba3bb6850c1af831bb7dd342c66e613d69c2858ae5bfc5cc59ab9873606fb5
noarch	rubygem-rdoc-6.2.1.1-138.module_el8.6.0+3263+904da987.noarch.rpm	3b332a04b9063caab183b428cff969c95ff45b355cd75ef6b7253f37b886c991
noarch	rubygem-net-telnet-0.2.0-138.module_el8.6.0+3263+904da987.noarch.rpm	3e991294ffb09b1d0c9b63c6e9e3c667741ccb94db5b560126adaf53c071be30
noarch	rubygem-abrt-0.4.0-1.module_el8.5.0+2595+0c654ebc.noarch.rpm	46d0d9020bcb6a3e49e1069e34d4b498c7f76fda46925358c6ac833b5244d2da
noarch	rubygem-rake-13.0.1-138.module_el8.6.0+3263+904da987.noarch.rpm	4a9da2eee80d7fdbe4e66506ac6553b89705361eee0442e0f64a760d11db6539
noarch	rubygem-xmlrpc-0.3.0-138.module_el8.6.0+3263+904da987.noarch.rpm	58e81cb339a404ef78bb260d5462b2278deee0b016ec5f84e1c323499de7b35f
noarch	rubygems-3.1.6-138.module_el8.6.0+3263+904da987.noarch.rpm	7462d9ec967392c9bbea2a87eab3ed301b1b2c1a2a8d73c23cbd1e13f8deb903
noarch	rubygem-test-unit-3.3.4-138.module_el8.6.0+3263+904da987.noarch.rpm	7a79d0ec0ca81b2fce8c9ea0f3e064e48b9098c5244a47168fef18b7f22bcbf9
noarch	ruby-default-gems-2.7.6-138.module_el8.6.0+3263+904da987.noarch.rpm	8100b4c18d9d9aa8c104980679e7c620a7b827882f7ba64263bc9c0c4b27498c
noarch	ruby-doc-2.7.6-138.module_el8.6.0+3263+904da987.noarch.rpm	8c1db6c4468cefba79883a5ce6bb1e8c4c66ac57f2a1f38ff2f1640de3e9a2aa
noarch	rubygems-devel-3.1.6-138.module_el8.6.0+3263+904da987.noarch.rpm	9e9e4b6120c3d10225e0d8015bde5f10489ab39033f8e55da13f482d40ccffda
noarch	rubygem-pg-doc-1.2.3-1.module_el8.5.0+2595+0c654ebc.noarch.rpm	9f683aa78a9718ef875de877064f6d498f33290d0c1281bc42d13920969a4a2a
noarch	rubygem-power_assert-1.1.7-138.module_el8.6.0+3263+904da987.noarch.rpm	a53be252924ed11f2f5fd4116d86fd7b6d391375295cbda44a4488cb83f0f242
noarch	rubygem-bson-doc-4.8.1-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	b18e8b222fd5eac7be3807f897bd0a4148b7f8fb6ddf2f4c242b51cd0b6f21f6
noarch	rubygem-minitest-5.13.0-138.module_el8.6.0+3263+904da987.noarch.rpm	eca759011c65255421756a391904c933d709ec5a6f7aaad0a2861293885e8ad7
ppc64le	rubygem-bson-4.8.1-1.module_el8.5.0+117+35d1289b.ppc64le.rpm	294bb17ebabaf3469af4a2ca5767d29cba572dcb4ba45f1edcd0dfb8552d8e88
ppc64le	ruby-devel-2.7.6-138.module_el8.6.0+3263+904da987.ppc64le.rpm	6f2a6cd2acfa272aff946d64ddda2a77a34a4ecd942b401ae8a0362235e93fcd
ppc64le	rubygem-bigdecimal-2.0.0-138.module_el8.6.0+3263+904da987.ppc64le.rpm	71f7ad8affe65b0b084a7f926adc3e9c6bdac0bcb77f2c25bd105a2f982c8dde
ppc64le	rubygem-psych-3.1.0-138.module_el8.6.0+3263+904da987.ppc64le.rpm	7a0cc5b9612c9eb5a74e8c4fb7408588a1b43c2e15f6e73aada10ca11916f204
ppc64le	rubygem-json-2.3.0-138.module_el8.6.0+3263+904da987.ppc64le.rpm	8b2debd0d9e0b589065d1a71d614d4ec9cdc8975fddc56d0c88de992742ea549
ppc64le	rubygem-pg-1.2.3-1.module_el8.5.0+117+35d1289b.ppc64le.rpm	94046358ef60937f85e741b427130edfd39189e067a5d94ada10a1dc26238947
ppc64le	ruby-libs-2.7.6-138.module_el8.6.0+3263+904da987.ppc64le.rpm	983256327382db81dd40b2f81a1b3063937e3693378c4b7252fb562113f24d28
ppc64le	rubygem-openssl-2.1.3-138.module_el8.6.0+3263+904da987.ppc64le.rpm	d0e259d2578161496e2992aef34e265a43060d83c87e8fe006f1ad1512d33d98
ppc64le	rubygem-io-console-0.5.6-138.module_el8.6.0+3263+904da987.ppc64le.rpm	f004d38cba6718733d90c27b5f3d281665008031282f25c0f23d40d8cb20107f
ppc64le	ruby-2.7.6-138.module_el8.6.0+3263+904da987.ppc64le.rpm	f56510cb6adf90ddd86ab2af81c29f6b95119208638abac941f1de57114874b2
ppc64le	rubygem-mysql2-0.5.3-1.module_el8.5.0+117+35d1289b.ppc64le.rpm	fef6f1c4f288c2d1c64c4958d9a08a1c99aaa818a3de96bafd87d05fa682a613
s390x	rubygem-io-console-0.5.6-138.module_el8.6.0+3263+904da987.s390x.rpm	002c293341d840d7cd3111b177976d1b87896788cc706f27a362ed07f36eb2d0
s390x	rubygem-bigdecimal-2.0.0-138.module_el8.6.0+3263+904da987.s390x.rpm	0d322554a9fee7c0f74e76660b6d608efedb3dbef7917ac9a945b6f9dfc8a101
s390x	rubygem-openssl-2.1.3-138.module_el8.6.0+3263+904da987.s390x.rpm	1790707e6120989269188f4ca765e33d6eb5788e908d71c1b75df9f4b6863db1
s390x	ruby-2.7.6-138.module_el8.6.0+3263+904da987.s390x.rpm	24287c421f2d83dc11bfaa83aa46cd3f41eef9300eb662702c71b54daa3ad026
s390x	ruby-libs-2.7.6-138.module_el8.6.0+3263+904da987.s390x.rpm	298a3f25ea54d19a09b73b520ea0c5527b9df8c280e7909b4c35e1eb034813ca
s390x	rubygem-bson-4.8.1-1.module_el8.6.0+3167+957ef55e.s390x.rpm	2a1c9bfebe53083619a613d8126b1bb5be2267cb45dbf45e35e4f3d470626d3c
s390x	ruby-devel-2.7.6-138.module_el8.6.0+3263+904da987.s390x.rpm	3fd8bc6490e8edcf0705fa2e84d2354cdb9885fc4aeece177a78673fcea14586
s390x	rubygem-mysql2-0.5.3-1.module_el8.6.0+3167+957ef55e.s390x.rpm	79063b35e11fc313e8d4c71bd581d7eb8c2cbd54ac5e556b61b9812748965b4e
s390x	rubygem-json-2.3.0-138.module_el8.6.0+3263+904da987.s390x.rpm	8ce624e4e622afdd7b678a55656b7b1142dd0077be12e4f68738e4f941d174d2
s390x	rubygem-pg-1.2.3-1.module_el8.6.0+3167+957ef55e.s390x.rpm	de09a395a3b29b1b0c373dff33b129853b989ad2726e1d89ac48a963bcdbaade
s390x	rubygem-psych-3.1.0-138.module_el8.6.0+3263+904da987.s390x.rpm	ed66793752b397c5f5b98c86b10ee01c34c9ff9a83704a15b6b0a8e0e2669b6a
x86_64	rubygem-openssl-2.1.3-138.module_el8.6.0+3263+904da987.x86_64.rpm	473007ca0be1dc5a7ec635bfecf48ee0505420b66518ab70bde6d49c8f36392b
x86_64	rubygem-pg-1.2.3-1.module_el8.5.0+2595+0c654ebc.x86_64.rpm	4fd81165e0f75c4128be74d16886b655162e91ef06cf9847ad7fffb405bbc1f1
x86_64	ruby-2.7.6-138.module_el8.6.0+3263+904da987.x86_64.rpm	6a4ce3fdf1b903e59e7d5955e3ed7b17f1ff9c943c4bdd94843f3334cb385baf
x86_64	rubygem-psych-3.1.0-138.module_el8.6.0+3263+904da987.x86_64.rpm	9cb6392d241567ae29bc6279bed858eabc5c6933979374d7d3a23b10032aaead
x86_64	ruby-devel-2.7.6-138.module_el8.6.0+3263+904da987.x86_64.rpm	ab822b98c196e236d947a26c10a993606a61e1cf2d7549cf7d9c4aed2c7eb892
x86_64	rubygem-mysql2-0.5.3-1.module_el8.5.0+2595+0c654ebc.x86_64.rpm	b9c62d3d00d5b2db6f56607caafcae0b8ec64c5204f3c188b49286e84437ddb9
x86_64	rubygem-json-2.3.0-138.module_el8.6.0+3263+904da987.x86_64.rpm	bf53542781d93d5695260d986509971479923c23512d1fa0518172ddb9ec8cef
x86_64	rubygem-io-console-0.5.6-138.module_el8.6.0+3263+904da987.x86_64.rpm	d50be7050a9a0db3628c1a3cf88bd289efb46b6bb3f86f1a8822844ea0c0f7eb
x86_64	rubygem-bigdecimal-2.0.0-138.module_el8.6.0+3263+904da987.x86_64.rpm	d602991a8110888509e49cd8618a24a3b8ba2bcb104bd46b8ac1247143129a92
x86_64	rubygem-bson-4.8.1-1.module_el8.3.0+6147+d0dfc1e4.x86_64.rpm	e7c4280b8add334a20c39b3330bfb1840e885c62a484873de56286be27a3d5da
x86_64	ruby-libs-2.7.6-138.module_el8.6.0+3263+904da987.x86_64.rpm	f81526c56c2eaf5db20440bb0260fddbb4e00b2b2744a4f52017e9038dc45bbe

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.