ALSA-2022:6450

[ALSA-2022:6450] Moderate: ruby:3.0 security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2023-03-13

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: ruby (3.0.4). (BZ#2109431)

Security Fix(es):

* ruby: Regular expression denial of service vulnerability of Date parsing methods (CVE-2021-41817)
* ruby: Cookie prefix spoofing in CGI::Cookie.parse (CVE-2021-41819)
* Ruby: Double free in Regexp compilation (CVE-2022-28738)
* Ruby: Buffer overrun in String-to-Float conversion (CVE-2022-28739)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* ruby 3.0: User-installed rubygems plugins are not being loaded [AlmaLinux8] (BZ#2110981)

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	rubygem-mysql2-0.5.3-1.module_el8.5.0+2595+0c654ebc.aarch64.rpm	2a20b3759c8620b84203be1321d8fa665ac2ede7dbcd7269b82840a8f5fbafeb
aarch64	rubygem-json-2.5.1-141.module_el8.6.0+3263+41cde0c0.aarch64.rpm	3547eb6066e054747b6f31c30822950b961f9984759071155bf9f788f01fbc63
aarch64	ruby-libs-3.0.4-141.module_el8.6.0+3263+41cde0c0.aarch64.rpm	3698906924d9463155d0a47bb3fd631bb54375d54b5127e85fea48a09c63294d
aarch64	rubygem-io-console-0.5.7-141.module_el8.6.0+3263+41cde0c0.aarch64.rpm	413c727ddc5979e355c8fc4909b360da627b8c9976ffd10fa31a570ac5176797
aarch64	ruby-3.0.4-141.module_el8.6.0+3263+41cde0c0.aarch64.rpm	852d7eeb15d87a378648ff193a7087acda64f97bac4496794b615259e744abde
aarch64	ruby-devel-3.0.4-141.module_el8.6.0+3263+41cde0c0.aarch64.rpm	8d590e7c3296047e0156d07b41f959d2bfa6988e96fa48061d93e5e79492ba08
aarch64	rubygem-pg-1.2.3-1.module_el8.5.0+2595+0c654ebc.aarch64.rpm	9989f231455627f0afc1462d0e4a1a096db4e49bedeec62fe7884b6311aa0168
aarch64	rubygem-psych-3.3.2-141.module_el8.6.0+3263+41cde0c0.aarch64.rpm	a0907d6bc2761947514da2d6642517a2d6e08657ba04fc505bb58d2fa8754b3e
aarch64	rubygem-bigdecimal-3.0.0-141.module_el8.6.0+3263+41cde0c0.aarch64.rpm	fb28ed717fff5da3de8d42ae842a987ea990395a27b36d15e156be97134c0512
i686	rubygem-bigdecimal-3.0.0-141.module_el8.6.0+3263+41cde0c0.i686.rpm	1ea3dde9a38234e3da7daea95f94c70a98974f716f7c588acbdfd757b0e5ac60
i686	rubygem-json-2.5.1-141.module_el8.6.0+3263+41cde0c0.i686.rpm	25d80dc645b9aea43ac00d961ea435ae17138496218fb4274e3e5ea418eb5ff6
i686	rubygem-io-console-0.5.7-141.module_el8.6.0+3263+41cde0c0.i686.rpm	35e8eb2b7f086636cd0534ff49bddbcc8364d1e795de4cd221e34e1332199e5b
i686	ruby-devel-3.0.4-141.module_el8.6.0+3263+41cde0c0.i686.rpm	4ea162cf087d545aefab2fb471226dcb957712ce2bfac6f1f56252d89f14c0fb
i686	ruby-libs-3.0.4-141.module_el8.6.0+3263+41cde0c0.i686.rpm	6f2f0529bfb325855747be4d293ec9c844bdbc7fb94e116af8c4163bd0cc807b
i686	rubygem-psych-3.3.2-141.module_el8.6.0+3263+41cde0c0.i686.rpm	b6bd64d7a8caab998bfacc851a857bc8ba007ead3a33f99b73f2291c247736bd
i686	ruby-3.0.4-141.module_el8.6.0+3263+41cde0c0.i686.rpm	e39855b191e8e1057d3b969c803636e49e20e223412e1b9fab2e25fad1c59c56
noarch	rubygems-3.2.33-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	063d4b6c53b7c48ee451f40f2a9b4c0a9d3f85b748093681167fe2a9a25c7f24
noarch	rubygem-rexml-3.2.5-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	06ea780c7e71d2bb32df747d16b328d5541ac770133dbbfe9f3a1364f5f4cc7a
noarch	rubygems-devel-3.2.33-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	2524acea1c3152538c00c1f0c39334ac6c9b77eea65d2cfdca2e6415379c3e8e
noarch	rubygem-abrt-doc-0.4.0-1.module_el8.5.0+2595+0c654ebc.noarch.rpm	2528c02a9e047144b621bd3f6fad0d04bfe95f9da9edcfe25330f38bb7c32c00
noarch	rubygem-rss-0.2.9-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	2fd25d8ee6bbbc58d5d3dfa510294e95a35b2d7fe407856b9d22a09ac091a7bf
noarch	rubygem-mysql2-doc-0.5.3-1.module_el8.5.0+2595+0c654ebc.noarch.rpm	36ba3bb6850c1af831bb7dd342c66e613d69c2858ae5bfc5cc59ab9873606fb5
noarch	rubygem-rbs-1.4.0-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	4230d4b2b98c534253ed18440ea09a67e1a1888e2fb001f2652f4a874a2d9aa2
noarch	rubygem-abrt-0.4.0-1.module_el8.5.0+2595+0c654ebc.noarch.rpm	46d0d9020bcb6a3e49e1069e34d4b498c7f76fda46925358c6ac833b5244d2da
noarch	rubygem-bundler-2.2.33-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	49c0fa7810925c6363e812bcc43203c76f1050381cb88d12fd7de1f4afe20dd3
noarch	ruby-doc-3.0.4-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	5a761bc9301edce8bcb9e810cc8f2f091c91ec257444278e9915c9230b44ee9b
noarch	rubygem-rdoc-6.3.3-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	67f860a4b267716103a91e0f06c1951ac8fe0ce287111dbcf4cac4065c23e630
noarch	ruby-default-gems-3.0.4-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	7eae71965c3d2693240f3eb04e74ae02c3c4c955e8dd7d67f96b501326679748
noarch	rubygem-irb-1.3.5-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	9d8bc01ebd37cd498a5e1bd6e5556f768150d5c727435220e060a36f58f3e7a2
noarch	rubygem-pg-doc-1.2.3-1.module_el8.5.0+2595+0c654ebc.noarch.rpm	9f683aa78a9718ef875de877064f6d498f33290d0c1281bc42d13920969a4a2a
noarch	rubygem-typeprof-0.15.2-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	afee837ce4e7df8393c8c83dd6e3908501e9904d34a92b76f97c205d23ec3be0
noarch	rubygem-minitest-5.14.2-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	c1be903bb2c036137f108a61cce5f9404d063f9e3000c5d6677f3cb185a657f0
noarch	rubygem-test-unit-3.3.7-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	e0c729d5f2c30f426dff2b3184bf048fac7622184cf2d7ea4e8f878f4cfd86be
noarch	rubygem-rake-13.0.3-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	e1822d95b3cb3d9c316cecb547638c3850117dccac2df5ca82c5f683ae85cafa
noarch	rubygem-power_assert-1.2.0-141.module_el8.6.0+3263+41cde0c0.noarch.rpm	e1844e94f45601ee1b7f7633ed07ba2709e374cf3a327d4b9fe5af385e4365e0
ppc64le	ruby-3.0.4-141.module_el8.6.0+3263+41cde0c0.ppc64le.rpm	1701a01560a5fbd296a058c5b627eaf9ce0043a9383a4195cc3f7eb290bb7432
ppc64le	rubygem-json-2.5.1-141.module_el8.6.0+3263+41cde0c0.ppc64le.rpm	402ddbaed592a68c689c1d0a11884d84cc07d23c0a63ea62dd0b96a376871b00
ppc64le	rubygem-io-console-0.5.7-141.module_el8.6.0+3263+41cde0c0.ppc64le.rpm	4e5a5c63c93a8b7194815f70220467a5321080a229da10eb10bc5dcd7b6a9a24
ppc64le	rubygem-pg-1.2.3-1.module_el8.5.0+118+1ab773e1.ppc64le.rpm	7436def9a0e4ca3a4b62dbc38643713baa67e1648fc945b62834e679edfe207a
ppc64le	ruby-libs-3.0.4-141.module_el8.6.0+3263+41cde0c0.ppc64le.rpm	9a1b3849fb530aafbf9dfc1a3b7a0b511b6b37b236ceef081bacc1495d058433
ppc64le	rubygem-mysql2-0.5.3-1.module_el8.5.0+118+1ab773e1.ppc64le.rpm	af159fa28a5a0e664f252d88c5b7b50234c32672b2bae924c36579117a94f79f
ppc64le	rubygem-psych-3.3.2-141.module_el8.6.0+3263+41cde0c0.ppc64le.rpm	b7959d798c33714d850bd04581b16d2174ee71fa46e43b77ed4dae3357e546eb
ppc64le	rubygem-bigdecimal-3.0.0-141.module_el8.6.0+3263+41cde0c0.ppc64le.rpm	e09b29b990895dc97a0a20ed685f627ea9adb85992dddca54e8188ee9b20f7e6
ppc64le	ruby-devel-3.0.4-141.module_el8.6.0+3263+41cde0c0.ppc64le.rpm	e82f8d3c59473dfca9f88569630981a39c6ce57606c838b3289088e170bbf9a3
s390x	rubygem-io-console-0.5.7-141.module_el8.6.0+3263+41cde0c0.s390x.rpm	26faa57ca4bef1608fb81722dbb0c80bdc8c951f6d0151d40e546849eef65aa9
s390x	rubygem-json-2.5.1-141.module_el8.6.0+3263+41cde0c0.s390x.rpm	34af17155ca32368316f8830c7d7a072656b04411b6dbb33f903f4054bc09f46
s390x	rubygem-mysql2-0.5.3-1.module_el8.6.0+3144+d138acf1.s390x.rpm	59e9d62673de701106fd8f1405f4920b571b33a716b254625d8554a340823854
s390x	rubygem-psych-3.3.2-141.module_el8.6.0+3263+41cde0c0.s390x.rpm	6a43427c6ce3de051e4b06a50111bff840be70a4e5069bf06292120f9727fd27
s390x	rubygem-bigdecimal-3.0.0-141.module_el8.6.0+3263+41cde0c0.s390x.rpm	8111fdce24fb57ebdb7e489ba117fe5e772651889e1b76bc2f9c7fff9c33033c
s390x	ruby-3.0.4-141.module_el8.6.0+3263+41cde0c0.s390x.rpm	a2f1d6dd4f632b340a8d1108a2544292af9fd4ed70c5f5c8b3e5161001766957
s390x	rubygem-pg-1.2.3-1.module_el8.6.0+3144+d138acf1.s390x.rpm	e5e418e782fc2d4ec7746c1c503d1e951f6b0e366a1ff9e81c67d85da1ef9552
s390x	ruby-devel-3.0.4-141.module_el8.6.0+3263+41cde0c0.s390x.rpm	ee346b6efd337b40ae77721a8af94ba9a754ff01c523562086f0e189878f5765
s390x	ruby-libs-3.0.4-141.module_el8.6.0+3263+41cde0c0.s390x.rpm	ef8aebd3a877c6aaffde2522899e7c98e386c3bdeabe77884015867bbf6d36f7
x86_64	ruby-3.0.4-141.module_el8.6.0+3263+41cde0c0.x86_64.rpm	3d1ea53aa6741bb47c3bb2c0610bcd14be8fc3c71b871742231c0c0ef63f6515
x86_64	rubygem-pg-1.2.3-1.module_el8.5.0+2595+0c654ebc.x86_64.rpm	4fd81165e0f75c4128be74d16886b655162e91ef06cf9847ad7fffb405bbc1f1
x86_64	rubygem-bigdecimal-3.0.0-141.module_el8.6.0+3263+41cde0c0.x86_64.rpm	5af15f38c68f30b642308447f8f737b20dc3bf6a6668584896df48f2b251e7d6
x86_64	ruby-libs-3.0.4-141.module_el8.6.0+3263+41cde0c0.x86_64.rpm	816cbd22e224096be33f088aed10207dcc8747b2ab52a55e9956801c16eeb07b
x86_64	rubygem-json-2.5.1-141.module_el8.6.0+3263+41cde0c0.x86_64.rpm	b1882e0c612ae3fb6887a54a09cb89107e94bd11fac46e0d90ea863b188ab109
x86_64	rubygem-mysql2-0.5.3-1.module_el8.5.0+2595+0c654ebc.x86_64.rpm	b9c62d3d00d5b2db6f56607caafcae0b8ec64c5204f3c188b49286e84437ddb9
x86_64	rubygem-io-console-0.5.7-141.module_el8.6.0+3263+41cde0c0.x86_64.rpm	e454878c99914f578db04718c29b1aed86b7b1a110bb3f5388f3f306b0a4430d
x86_64	rubygem-psych-3.3.2-141.module_el8.6.0+3263+41cde0c0.x86_64.rpm	e571abde8e639124e58eed3a69c929a9c0463aff104ff5905fb67d869a40957a
x86_64	ruby-devel-3.0.4-141.module_el8.6.0+3263+41cde0c0.x86_64.rpm	f067a4bcbf7702221b01733c57288e45b9f9e50dd61a4a3b62f64df6bdc5b6a4

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.