ALSA-2023:3821

[ALSA-2023:3821] Moderate: ruby:2.7 security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2023-06-30

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: ruby (2.7). (BZ#2189465)

Security Fix(es):

* ruby/cgi-gem: HTTP response splitting in CGI (CVE-2021-33621)
* ruby: ReDoS vulnerability in URI (CVE-2023-28755)
* ruby: ReDoS vulnerability in Time (CVE-2023-28756)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	rubygem-openssl-2.1.4-139.module_el8.8.0+3578+2b4b06da.aarch64.rpm	2a1bfdd2e14ecec25484ade6c223842121c4fa56419592fb3a15cc7d2d4e8807
aarch64	rubygem-mysql2-0.5.3-1.module_el8.4.0+2399+4e3a532a.aarch64.rpm	2edcadf2289b75b12f926d575c8adefa9857e504c0a0991301c69f2908a4b09b
aarch64	rubygem-bson-4.8.1-1.module_el8.4.0+2399+4e3a532a.aarch64.rpm	333758e298841ffdb198bafeb3bfa18257da69fd1c32bab982cbcac2b767cf48
aarch64	ruby-2.7.8-139.module_el8.8.0+3578+2b4b06da.aarch64.rpm	369ad1c03415b4ab242ec827dd3e511f11ecdec97c35a8d8bc2ba96fcbe936c0
aarch64	rubygem-json-2.3.0-139.module_el8.8.0+3578+2b4b06da.aarch64.rpm	5e9e427f10a77a52e7920d32dc87143caae8f5ddca43b6f772c0ba5a70cd271f
aarch64	rubygem-io-console-0.5.6-139.module_el8.8.0+3578+2b4b06da.aarch64.rpm	7075d77c5ce1e94475921e3cf110e146aeaeb71572ee813a27ad813f6c5a2e29
aarch64	ruby-devel-2.7.8-139.module_el8.8.0+3578+2b4b06da.aarch64.rpm	8326e55f966b5f72274385d737ec8bc651f2dc5b52c8931e505e0917c7b5dbb7
aarch64	rubygem-pg-1.2.3-1.module_el8.4.0+2399+4e3a532a.aarch64.rpm	bd0918ea2953f6fbf020676c9e59c1afba82f3c63618b48df2461e82ace1600c
aarch64	rubygem-psych-3.1.0-139.module_el8.8.0+3578+2b4b06da.aarch64.rpm	bfed9d0ad44cdf606c9495e02c4bec7f459ebc62038d31a590f31961858f36cc
aarch64	ruby-libs-2.7.8-139.module_el8.8.0+3578+2b4b06da.aarch64.rpm	e0b664fd816a25092faa0815850252287810c3cf983bd306bc95269b6e478df9
aarch64	rubygem-bigdecimal-2.0.0-139.module_el8.8.0+3578+2b4b06da.aarch64.rpm	f2e04b53cf72b61adcd4d72df898fda6521685c47304c8b55a9a6edc89135fcc
i686	ruby-devel-2.7.8-139.module_el8.8.0+3578+2b4b06da.i686.rpm	08a289a059b485ccbdb58006f606a131823e54085cf00f52849a43563eef7788
i686	ruby-2.7.8-139.module_el8.8.0+3578+2b4b06da.i686.rpm	2935308c116b64d6f03061c123a7916d03e314fa2b5444476290bccc087bb588
i686	rubygem-json-2.3.0-139.module_el8.8.0+3578+2b4b06da.i686.rpm	640eeb7929e1a8d68bd0f3997eebde4d996e3ee3db63e48267a4fc0c128ca51e
i686	rubygem-bigdecimal-2.0.0-139.module_el8.8.0+3578+2b4b06da.i686.rpm	86eb0ee5e4fa319276b21e043dc3e312ea4b6624be4041aa8a39521ec5da4362
i686	rubygem-openssl-2.1.4-139.module_el8.8.0+3578+2b4b06da.i686.rpm	b41ab1ce3b9d1ef870272995ea423a2102ab5bc1f8a53b42c94f81a2029b07b3
i686	rubygem-psych-3.1.0-139.module_el8.8.0+3578+2b4b06da.i686.rpm	cbc294683d9cf24bd22641180a7892566b3b80c631b8abdccbb6dc3144aa3dc1
i686	ruby-libs-2.7.8-139.module_el8.8.0+3578+2b4b06da.i686.rpm	d44110021db28e0f78c96154284e0ee07afa8de09aeedadf34b11efab8775dec
i686	rubygem-io-console-0.5.6-139.module_el8.8.0+3578+2b4b06da.i686.rpm	d8b67f452dffa52ee2912d054a514e9957b7491df4aa1837240bd2a525235167
noarch	rubygem-test-unit-3.3.4-139.module_el8.8.0+3578+2b4b06da.noarch.rpm	018f84be66108d724055eca50b0a495ed162a79f7b87225868bc3a6997f21ddf
noarch	rubygem-bundler-2.2.24-139.module_el8.8.0+3578+2b4b06da.noarch.rpm	0c647a2492d071ccafc2206ca6ee8ba55111338e2250104460c7a6af7fbd3a3b
noarch	rubygem-rdoc-6.2.1.1-139.module_el8.8.0+3578+2b4b06da.noarch.rpm	1904f6ec590286e618c40770a504dd405eae8c2f864edefa6f40e75143a4ea30
noarch	rubygem-power_assert-1.1.7-139.module_el8.8.0+3578+2b4b06da.noarch.rpm	20a9d5b9d4c357ec0c6b5c10f9621c361dbde319b2170d15fbf57dbe93e1d0a7
noarch	rubygem-mongo-2.11.3-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	29a67cc70b1c85be991d0ce26ed5bb85e4b3fb0d76f68a7162b6cd8c010c8107
noarch	rubygem-mongo-doc-2.11.3-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	2d6e54bc38c5e81f043f94ce37b0731f4bf61adc0b556732c2a9ab80afb1a25a
noarch	rubygem-net-telnet-0.2.0-139.module_el8.8.0+3578+2b4b06da.noarch.rpm	53febed1daa08caea9bbfda4139e8dde14f7ac4dfcdfe843f4b725fa9c87e8d7
noarch	rubygem-mysql2-doc-0.5.3-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	68262161a3dd55b3ca9751fd08163549912a65e4834fe4475b53a39eac3a4979
noarch	rubygem-xmlrpc-0.3.0-139.module_el8.8.0+3578+2b4b06da.noarch.rpm	6de3229ca65f02d750e98887ebb2f5d3bed6dd92d6bde453c9d85a7c2af94da0
noarch	ruby-default-gems-2.7.8-139.module_el8.8.0+3578+2b4b06da.noarch.rpm	791643d179b5d4434683b1fcfe9b0fa7cb69559776fa473cabb6fdb736621dbe
noarch	rubygem-pg-doc-1.2.3-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	832d6a8b61314ab7cbf3cacb2315ee02c457becc03299dfe4a8a3ea22129a052
noarch	rubygem-abrt-0.4.0-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	8cf5044f5988e45619e64731f4b83f6be4f619e4d61b31e41f96015c90b9ca30
noarch	rubygem-rake-13.0.1-139.module_el8.8.0+3578+2b4b06da.noarch.rpm	9a50732aa0ad86b34defa73ca13d8e49e1952f3931f7a49e628a52c4dd8ac890
noarch	rubygem-bson-doc-4.8.1-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	b18e8b222fd5eac7be3807f897bd0a4148b7f8fb6ddf2f4c242b51cd0b6f21f6
noarch	rubygem-abrt-doc-0.4.0-1.module_el8.3.0+6147+d0dfc1e4.noarch.rpm	c1c9d43b37c897a6cc1ad5e1405639f1657720f8fa3ac2b0bd67878b9786576b
noarch	ruby-doc-2.7.8-139.module_el8.8.0+3578+2b4b06da.noarch.rpm	c1d13e614f27277eb7a61a5d839b2899911f6b8d6e432bc369b896f6775f3943
noarch	rubygems-devel-3.1.6-139.module_el8.8.0+3578+2b4b06da.noarch.rpm	c9d9d82ecff8b205ff27e77405bd950377827a0ad9f8e56d40afc2dcf8627149
noarch	rubygem-minitest-5.13.0-139.module_el8.8.0+3578+2b4b06da.noarch.rpm	cd8856660bfcecc83732a706aa76262d9b33bf4dfce71345e542fa43d3eb38f1
noarch	rubygems-3.1.6-139.module_el8.8.0+3578+2b4b06da.noarch.rpm	d10189bfba0ef2015446ea652eeb031fcc9f2a792e043a53dfb5352dff791a8a
noarch	rubygem-irb-1.2.6-139.module_el8.8.0+3578+2b4b06da.noarch.rpm	f4ded481cda4a33a2cc91b77bc3cf8943f326304310df0caa2cefe4d142e8237
ppc64le	rubygem-io-console-0.5.6-139.module_el8.8.0+3578+2b4b06da.ppc64le.rpm	1a866308f584e3a5f972ae4a38b90ae9a5d6c3cec423bd60bb0b9d514e08b6e7
ppc64le	rubygem-bson-4.8.1-1.module_el8.5.0+117+35d1289b.ppc64le.rpm	294bb17ebabaf3469af4a2ca5767d29cba572dcb4ba45f1edcd0dfb8552d8e88
ppc64le	rubygem-bigdecimal-2.0.0-139.module_el8.8.0+3578+2b4b06da.ppc64le.rpm	4326e45acb9f39f0d3034780df5af6eadfbecbe7ece25fc8e53a348e822f8f3c
ppc64le	ruby-2.7.8-139.module_el8.8.0+3578+2b4b06da.ppc64le.rpm	5f311d1d30dde6a9e9fd9cbb15753152904105f302cb6ff5fc9039de911ca394
ppc64le	rubygem-pg-1.2.3-1.module_el8.5.0+117+35d1289b.ppc64le.rpm	94046358ef60937f85e741b427130edfd39189e067a5d94ada10a1dc26238947
ppc64le	ruby-libs-2.7.8-139.module_el8.8.0+3578+2b4b06da.ppc64le.rpm	b4fbdad91456a390eab6bb5c8d8850870c63a95725bbfbf2fd5636519cc3d390
ppc64le	rubygem-openssl-2.1.4-139.module_el8.8.0+3578+2b4b06da.ppc64le.rpm	b526d821ae53be38ef85cb69b93c315358d8922c0e4cf5ced97912acca54dd52
ppc64le	ruby-devel-2.7.8-139.module_el8.8.0+3578+2b4b06da.ppc64le.rpm	be14bdbf86d49c519577e6d3f5a4263294495fb802559a4463ca3db321ceeeb9
ppc64le	rubygem-json-2.3.0-139.module_el8.8.0+3578+2b4b06da.ppc64le.rpm	e56ac94c223698a37e58befe81968ad7c3697c8ec83d97697933d000650cd552
ppc64le	rubygem-psych-3.1.0-139.module_el8.8.0+3578+2b4b06da.ppc64le.rpm	fed6bbac3562c62a2e4eecfda2cf3365fd99cc6c50c7dacf657a73c7773fe394
ppc64le	rubygem-mysql2-0.5.3-1.module_el8.5.0+117+35d1289b.ppc64le.rpm	fef6f1c4f288c2d1c64c4958d9a08a1c99aaa818a3de96bafd87d05fa682a613
s390x	rubygem-bigdecimal-2.0.0-139.module_el8.8.0+3578+2b4b06da.s390x.rpm	0ffdfed05d24d62a2f64b05eae6c484fb5fea99f739df65b2819e68501e0c53b
s390x	rubygem-bson-4.8.1-1.module_el8.6.0+3167+957ef55e.s390x.rpm	2a1c9bfebe53083619a613d8126b1bb5be2267cb45dbf45e35e4f3d470626d3c
s390x	rubygem-openssl-2.1.4-139.module_el8.8.0+3578+2b4b06da.s390x.rpm	3907395b2f355032c049391099fbbf93528948cd052536905c04bd41fb547097
s390x	ruby-libs-2.7.8-139.module_el8.8.0+3578+2b4b06da.s390x.rpm	41dbaa772a32555d5ab2d3a9a0862a2363dd1a8c6236f2135561235cc9420f52
s390x	ruby-2.7.8-139.module_el8.8.0+3578+2b4b06da.s390x.rpm	78880c6657090894d15b1e98e4d883c0079f2c81895808506eb154247c809be4
s390x	rubygem-mysql2-0.5.3-1.module_el8.6.0+3167+957ef55e.s390x.rpm	79063b35e11fc313e8d4c71bd581d7eb8c2cbd54ac5e556b61b9812748965b4e
s390x	ruby-devel-2.7.8-139.module_el8.8.0+3578+2b4b06da.s390x.rpm	9885deb989a92db618364ad0c26b557cc5b3930f4f04eb381a8ac17692b51546
s390x	rubygem-io-console-0.5.6-139.module_el8.8.0+3578+2b4b06da.s390x.rpm	a5876ebfb294d926984e8dda0db7125b6c4380ffffeaa49136b422c8ef4e27eb
s390x	rubygem-json-2.3.0-139.module_el8.8.0+3578+2b4b06da.s390x.rpm	cc108332d4ef2be816a6d143c65ccaeaa2ad695208b6f75d117196de25a1e417
s390x	rubygem-psych-3.1.0-139.module_el8.8.0+3578+2b4b06da.s390x.rpm	cd080de7ec76de5acf39eceaef842095910865a6f6a596dd0e12dad0caa710e1
s390x	rubygem-pg-1.2.3-1.module_el8.6.0+3167+957ef55e.s390x.rpm	de09a395a3b29b1b0c373dff33b129853b989ad2726e1d89ac48a963bcdbaade
x86_64	rubygem-openssl-2.1.4-139.module_el8.8.0+3578+2b4b06da.x86_64.rpm	1851832dbdaf736855cf424d3c73f87b39609bc189456fdcd6ed7cf00fe54137
x86_64	ruby-libs-2.7.8-139.module_el8.8.0+3578+2b4b06da.x86_64.rpm	23c923adca27a11b1570b2204b59ab5adf7e8a43f84dbaa981e18575facbab21
x86_64	rubygem-pg-1.2.3-1.module_el8.3.0+6147+d0dfc1e4.x86_64.rpm	4623541f1928ac8ef87d69a61688487c69ad7b5bbbea63155b3926f598cf77c9
x86_64	rubygem-json-2.3.0-139.module_el8.8.0+3578+2b4b06da.x86_64.rpm	4ead78ea4ff0c5aef05aab62cb0c5a2c574eff4844a9cce29c9fc3a2dea5b8c0
x86_64	rubygem-mysql2-0.5.3-1.module_el8.3.0+6147+d0dfc1e4.x86_64.rpm	506dba2f324f38bafd87da71f1369001b1d7eb9f879a6e03b956502e73762ad8
x86_64	ruby-2.7.8-139.module_el8.8.0+3578+2b4b06da.x86_64.rpm	5374dfb8aeacd3ae84cf67912d6c78e9bd5e481546c4591660037cf8346cb6aa
x86_64	rubygem-bigdecimal-2.0.0-139.module_el8.8.0+3578+2b4b06da.x86_64.rpm	76ab5e153fe5504647af30ac11a0ca46772452502b0491cd10cb64a67c14fff8
x86_64	rubygem-io-console-0.5.6-139.module_el8.8.0+3578+2b4b06da.x86_64.rpm	89ecae2bf98a61c5d98d52b0a173efe5a00051166bbbf0011d56e78e246613f1
x86_64	rubygem-psych-3.1.0-139.module_el8.8.0+3578+2b4b06da.x86_64.rpm	ace80c1111a7eab50ede770e5ce571f8c6824d43aef33081d0b697c975202b34
x86_64	rubygem-bson-4.8.1-1.module_el8.3.0+6147+d0dfc1e4.x86_64.rpm	e7c4280b8add334a20c39b3330bfb1840e885c62a484873de56286be27a3d5da
x86_64	ruby-devel-2.7.8-139.module_el8.8.0+3578+2b4b06da.x86_64.rpm	fe162a2eb62bbfcc1e678d75738a2a10096ddd7a3f1a47f8dd449ee2aebc1802

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.