ALSA-2023:7025

[ALSA-2023:7025] Moderate: ruby:2.5 security update

Type:

security

Severity:

moderate

Release date:

2023-11-23

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

Security Fix(es):

* ruby/cgi-gem: HTTP response splitting in CGI (CVE-2021-33621)
* ruby: Buffer overrun in String-to-Float conversion (CVE-2022-28739)
* ruby: ReDoS vulnerability in URI (CVE-2023-28755)
* ruby: ReDoS vulnerability in Time (CVE-2023-28756)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	rubygem-json-2.1.0-111.module_el8.9.0+3635+c6f99506.aarch64.rpm	16d63af0d4a1782271ed896e682ff9063f2c714eea0c9c753e9015f92f52b886
aarch64	rubygem-bson-4.3.0-2.module_el8.5.0+2625+ec418553.aarch64.rpm	5974fa8497b83d1a4df2acf3d75301aa07fad828a823aec6a400436f617dc58f
aarch64	rubygem-openssl-2.1.2-111.module_el8.9.0+3635+c6f99506.aarch64.rpm	67d19d5bec3516eab3fb64a59ecf7a55bf70d23b31bcc54bd4e8a0c45cfd2bd0
aarch64	rubygem-io-console-0.4.6-111.module_el8.9.0+3635+c6f99506.aarch64.rpm	68e633f4faf00de5b10dc1aee2fd01918958955631cffb6ff5029a892ffe1379
aarch64	ruby-devel-2.5.9-111.module_el8.9.0+3635+c6f99506.aarch64.rpm	73f90f46d2ba3c89bd6efc3483d59f1065f48eb84f18773db972f53e0df2db0e
aarch64	ruby-libs-2.5.9-111.module_el8.9.0+3635+c6f99506.aarch64.rpm	7639d470e1fc35b91ad059f972d91e329d1dbde32094d7343104521c15351d01
aarch64	rubygem-psych-3.0.2-111.module_el8.9.0+3635+c6f99506.aarch64.rpm	7a7d7cce0527fe2dc92a53da32a1458ce842eaf775e8428810f90e323b1543f9
aarch64	ruby-2.5.9-111.module_el8.9.0+3635+c6f99506.aarch64.rpm	91f70644424ea0b5ad1a009391e300751b6844949d9d08289786a368fd07dc03
aarch64	rubygem-pg-1.0.0-3.module_el8.9.0+3635+c6f99506.aarch64.rpm	b444bcde35de2998bb5f8c4db140a04c11f16f94d2252d37869a1f093dc5dd57
aarch64	rubygem-bigdecimal-1.3.4-111.module_el8.9.0+3635+c6f99506.aarch64.rpm	bd32b223ca2fbd750c1eba1f38d4f33adf3d1478e6e123b90f5995c21d327578
aarch64	rubygem-mysql2-0.4.10-4.module_el8.5.0+2625+ec418553.aarch64.rpm	df9c22479a5fbb8f2897203f63a3e4427a4fe59460d7e9ed5fe686519e1e51c8
i686	rubygem-openssl-2.1.2-111.module_el8.9.0+3635+c6f99506.i686.rpm	079dbbb5ae63091566272dc93740fdd5554f21838b2efbdec58b47729bd2b392
i686	rubygem-io-console-0.4.6-111.module_el8.9.0+3635+c6f99506.i686.rpm	22e71b598776032c35e3b417e958a42d48cb9efff6af9a83a4faacbdd767c3b1
i686	ruby-devel-2.5.9-111.module_el8.9.0+3635+c6f99506.i686.rpm	2b77c0dc88dcf45e5b991a86d530ac78838060dd6c66cf5d1b7fbf032628f37a
i686	rubygem-json-2.1.0-111.module_el8.9.0+3635+c6f99506.i686.rpm	3092c2e028289a43f2888ce8e6de171a57d3ed421d028e77565b4dc3c475b03e
i686	ruby-2.5.9-111.module_el8.9.0+3635+c6f99506.i686.rpm	31c02d700a25bc366a330e60fc5370794d846d83cb2a169f45dc77f1917696e6
i686	rubygem-psych-3.0.2-111.module_el8.9.0+3635+c6f99506.i686.rpm	3e8ed66baf8e1ad3d9391a524075fad22fe335d55c3f60346c7b396b1da3b28b
i686	rubygem-bigdecimal-1.3.4-111.module_el8.9.0+3635+c6f99506.i686.rpm	5e6a1998c283691daafa87e372e376347b3ada65f6c6b82b718daf36e60cc2ce
i686	ruby-libs-2.5.9-111.module_el8.9.0+3635+c6f99506.i686.rpm	cb40efecb73e52cd2e058b13ceb72e1422126c5ef1ea4bb2a6cbbaec2488484f
noarch	rubygem-abrt-0.3.0-4.module_el8.5.0+2625+ec418553.noarch.rpm	251a37b9981b1ac6685904e0475b4cd0ae97be504b69cbc002896057cff48bbe
noarch	rubygem-test-unit-3.2.7-111.module_el8.9.0+3635+c6f99506.noarch.rpm	29d27ceb382459a52843f69c30a8b3d2cb12afce413095b77381d574ccb44c39
noarch	rubygem-xmlrpc-0.3.0-111.module_el8.9.0+3635+c6f99506.noarch.rpm	40f6257757a0f7e1cc6161624bea2bc16540be4a176fad6253cc4ff5124ead0e
noarch	rubygem-rdoc-6.0.1.1-111.module_el8.9.0+3635+c6f99506.noarch.rpm	543cbbe26bf7eced873650721b8fc29f04e3072ccabe7340ecde7d0889381e59
noarch	rubygems-2.7.6.3-111.module_el8.9.0+3635+c6f99506.noarch.rpm	5b130fa4e47acad303fa0c35cb4b7e588faf59cf048b2b0a699c45cb695b6fd3
noarch	rubygem-rake-12.3.3-111.module_el8.9.0+3635+c6f99506.noarch.rpm	5cdedd315412204a8f8fef3fc202bf63cf7f135e2725e413a0462c8b84904b60
noarch	ruby-irb-2.5.9-111.module_el8.9.0+3635+c6f99506.noarch.rpm	6b215da44ed238db71e3f3a5a002d3976a51d8d08d3c0d02d63c4c0ab1061709
noarch	rubygem-minitest-5.10.3-111.module_el8.9.0+3635+c6f99506.noarch.rpm	6e15886869caa6be1eaa50c569112019fd6a37018efa1e096987693183581db5
noarch	ruby-doc-2.5.9-111.module_el8.9.0+3635+c6f99506.noarch.rpm	80511445bd11081b3d16a7b7a2640ef22b830bf6f71ee39c29c7fe636a04259e
noarch	rubygem-bson-doc-4.3.0-2.module_el8.5.0+2625+ec418553.noarch.rpm	820dee686065f0a35fb15e687d8595cfc665da43dc8ca2196c9e11fd568f8fb6
noarch	rubygem-abrt-doc-0.3.0-4.module_el8.5.0+2625+ec418553.noarch.rpm	8604fec34b7f851c63344f64e4510c4923f56bf9d3cdf0aba2aae1608f26c804
noarch	rubygem-pg-doc-1.0.0-3.module_el8.9.0+3635+c6f99506.noarch.rpm	8d04b2fdb59f2b51995d4fc57a412831e5d4d1c9d80fea1bcd0a7f5beaa55ab7
noarch	rubygem-mysql2-doc-0.4.10-4.module_el8.5.0+2625+ec418553.noarch.rpm	a5c437b38dfc84a5e1abd920fbb284c8c83eee2636c46db7be65dabe7580a319
noarch	rubygem-did_you_mean-1.2.0-111.module_el8.9.0+3635+c6f99506.noarch.rpm	c2f6ff61e39e1be0072a57506cd3b8e94c3f5f16f6f0156d248cce0f92b5b383
noarch	rubygem-mongo-doc-2.5.1-2.module_el8.5.0+2625+ec418553.noarch.rpm	c506b397bd566dcb4d539202156f734660a33a62d3a515a6a1cd6b116e8f1608
noarch	rubygems-devel-2.7.6.3-111.module_el8.9.0+3635+c6f99506.noarch.rpm	d54f7d85eb7330f0f3cd63928df9dc850c07aa129a84091f75ca277c1f052ac7
noarch	rubygem-bundler-1.16.1-4.module_el8.5.0+2625+ec418553.noarch.rpm	e44944b1ea8c43c0239db82171975f80f84d77c71974dbe81d1519d2ffcca2d9
noarch	rubygem-bundler-doc-1.16.1-4.module_el8.5.0+2625+ec418553.noarch.rpm	e7bc7a169d1ab8e47160679f08d7f5d8c38e09c4dec5ec1b347c98bd07901732
noarch	rubygem-net-telnet-0.1.1-111.module_el8.9.0+3635+c6f99506.noarch.rpm	f4f173f4c99646cc2367ac6de5d44a5c8376d7658d575fe69168a238d297d474
noarch	rubygem-power_assert-1.1.1-111.module_el8.9.0+3635+c6f99506.noarch.rpm	f8ef951e406acd947f6c9ab64754a289ea14a2685ead504ac9e12e861197212d
noarch	rubygem-mongo-2.5.1-2.module_el8.5.0+2625+ec418553.noarch.rpm	fd8a90dea5a7c07c95bf2e7ac7337dba4ebe6a1ce35899e2b8c46c6d51b0bbc3
ppc64le	rubygem-pg-1.0.0-3.module_el8.9.0+3635+c6f99506.ppc64le.rpm	06e82db6ec9a6ca9bca4ebf7a23a9c663e72ddf511353b31aa5cb72b797b9620
ppc64le	ruby-2.5.9-111.module_el8.9.0+3635+c6f99506.ppc64le.rpm	1f4111148da6bb780459fe67c161b1e783ae7c8d71f7690d326a15a80119137a
ppc64le	rubygem-psych-3.0.2-111.module_el8.9.0+3635+c6f99506.ppc64le.rpm	292ffaa14d29fbe0bd7737d239011c430dbe1242fa91fd17709e67899e8abae3
ppc64le	rubygem-io-console-0.4.6-111.module_el8.9.0+3635+c6f99506.ppc64le.rpm	67db7a6023a82c575c94009d038bac23212cf627bedbd447d7235df0e39582dc
ppc64le	ruby-devel-2.5.9-111.module_el8.9.0+3635+c6f99506.ppc64le.rpm	77704cf41b91e0f1339605c55dd9b56fe89e0b4d0e14961d18fa8a2d2ad441b1
ppc64le	rubygem-bson-4.3.0-2.module_el8.5.0+259+8cec6917.ppc64le.rpm	a5e4457e2736c2e55169c63d83c1c69429c57c426851036811976c1ccafb28af
ppc64le	rubygem-mysql2-0.4.10-4.module_el8.5.0+259+8cec6917.ppc64le.rpm	aa75a18f3d930eff9a18793d83ef37e5a4ee20d38020be57b8ce69c175f1eac8
ppc64le	rubygem-bigdecimal-1.3.4-111.module_el8.9.0+3635+c6f99506.ppc64le.rpm	b3632f02af7766f0be57abe6cd1fa7dabeb2603074b0094685131a8cdec5fe0f
ppc64le	rubygem-json-2.1.0-111.module_el8.9.0+3635+c6f99506.ppc64le.rpm	eebc0bc98c4b15a90dd0dc0b9897bd6ac89b96a824d4b40e6b05014594b86319
ppc64le	ruby-libs-2.5.9-111.module_el8.9.0+3635+c6f99506.ppc64le.rpm	f47e6976450b0fcd4dbf03b7bda699b7288bf992a254270661dcd3b3769fc8d9
ppc64le	rubygem-openssl-2.1.2-111.module_el8.9.0+3635+c6f99506.ppc64le.rpm	fa71ef6949e6950e5b3157a844b25925e9cfebb416459957c6d0dd251fd7641d
s390x	rubygem-openssl-2.1.2-111.module_el8.9.0+3635+c6f99506.s390x.rpm	01cbf00a287542be76b9cb364ed30554c687d441b273c962c0402037322fb12f
s390x	rubygem-json-2.1.0-111.module_el8.9.0+3635+c6f99506.s390x.rpm	07553bf94e4b5dbfbb936432dbd61e246685d49fe1216cde871a917c762e5d1a
s390x	ruby-2.5.9-111.module_el8.9.0+3635+c6f99506.s390x.rpm	0b103e569b06af3a9238601c445cdb402dc5fa7c680631dd8112773df5ab0e8f
s390x	ruby-devel-2.5.9-111.module_el8.9.0+3635+c6f99506.s390x.rpm	5eab1ea01c812f2e942acb9f6c9e7904196dbb9a8e14f0f554b03e197b0503cb
s390x	ruby-libs-2.5.9-111.module_el8.9.0+3635+c6f99506.s390x.rpm	7bff68103de7dcb23e604bdb60744f9aa15c614203a01f9c19d793148415093a
s390x	rubygem-bson-4.3.0-2.module_el8.6.0+3170+4b08f9d4.s390x.rpm	871397eff83a497bf29db2e02e81837d1648c1813afa6030e2bab44d3f0db282
s390x	rubygem-io-console-0.4.6-111.module_el8.9.0+3635+c6f99506.s390x.rpm	8c2051e21efdde951fc63bad0118f5e9f880cf5b2756193ce4df8b0dc0583316
s390x	rubygem-pg-1.0.0-3.module_el8.9.0+3635+c6f99506.s390x.rpm	d52a51f8cfdbeb3099ce92946748481f426b77c9da23f77737fe3d4fcd1b245c
s390x	rubygem-bigdecimal-1.3.4-111.module_el8.9.0+3635+c6f99506.s390x.rpm	d6d02dddf68dbc43f3cb3d0922a90a1a3283bc07469d2e9f3bc7c08727bf3dec
s390x	rubygem-psych-3.0.2-111.module_el8.9.0+3635+c6f99506.s390x.rpm	dd26a982682685688a6bb3127eacd3ade79e21048c26c157f77bee0965d9f7ef
s390x	rubygem-mysql2-0.4.10-4.module_el8.6.0+3170+4b08f9d4.s390x.rpm	e8ee63b6046ba22292c8ac7eb85440ace9fe11b17fef5bf5f590b754f4c7aadb
x86_64	rubygem-bigdecimal-1.3.4-111.module_el8.9.0+3635+c6f99506.x86_64.rpm	27a725971fb7466147540f193149cabd653170ced4c5be88376866249556a977
x86_64	rubygem-psych-3.0.2-111.module_el8.9.0+3635+c6f99506.x86_64.rpm	35350f026465d7e31403c264d565fff1839b2bd7110fc1b47c071c0baaff022b
x86_64	rubygem-json-2.1.0-111.module_el8.9.0+3635+c6f99506.x86_64.rpm	5568abfbd5caa794393c27ae97415a183d20087a03c212fc0b98f0dc301ad73f
x86_64	ruby-devel-2.5.9-111.module_el8.9.0+3635+c6f99506.x86_64.rpm	5fb6ab463f9afd71c0389b4d52e4c2ab970b13a5276c189a3633f8ba16cdd59d
x86_64	rubygem-io-console-0.4.6-111.module_el8.9.0+3635+c6f99506.x86_64.rpm	5ff3bb60381e0863febc8e22c8f1e47a217f483f213491df331f394bae57a2ee
x86_64	rubygem-bson-4.3.0-2.module_el8.5.0+2625+ec418553.x86_64.rpm	701b12df65f3a6b04c5a716c2d13fa048539842fff558d5ca2a5517735c0ad17
x86_64	ruby-libs-2.5.9-111.module_el8.9.0+3635+c6f99506.x86_64.rpm	8258f290f9f3321083a1ce23bebab9335d65fee09c128edaf169d1ba4cc81a72
x86_64	rubygem-mysql2-0.4.10-4.module_el8.5.0+2625+ec418553.x86_64.rpm	b2ebe847eeadbc351ac9bd080addfc65a5c7d8181cd5b6178b37febc62237648
x86_64	rubygem-pg-1.0.0-3.module_el8.9.0+3635+c6f99506.x86_64.rpm	cffd2e1de04ca4f1dd8b5d1c891d63d2fbc06355bd26ad5daa9e9cc8dd33fdd2
x86_64	ruby-2.5.9-111.module_el8.9.0+3635+c6f99506.x86_64.rpm	d184516e16c223cbe764ad8cd73d76a0aa10a9f89d9a56d36e8841a566688d6f
x86_64	rubygem-openssl-2.1.2-111.module_el8.9.0+3635+c6f99506.x86_64.rpm	f0ecd15cf0e5eea18cc2b14a701eaaab3a4cb4aba08b744e80fd20823cec5553

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.