ALSA-2024:1431

[ALSA-2024:1431] Moderate: ruby:3.1 security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2024-03-21

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: ruby (3.1). (AlmaLinux-28565)

Security Fix(es):

* ruby/cgi-gem: HTTP response splitting in CGI (CVE-2021-33621)
* ruby: ReDoS vulnerability in URI (CVE-2023-28755)
* ruby: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755 (CVE-2023-36617)
* ruby: ReDoS vulnerability in Time (CVE-2023-28756)

Bug Fix(es):

* ruby/rubygem-irb: IRB has hard dependency on rubygem-rdoc (AlmaLinux-28569)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	rubygem-pg-1.3.2-1.module_el8.7.0+3304+9392e77f.aarch64.rpm	0c810876fa6f5b181b263dae7a8ad3f9a38c87fa8c1dfb9a85d5a2520cc5f959
aarch64	rubygem-psych-4.0.4-142.module_el8.9.0+3746+91b8233a.aarch64.rpm	2ba214d4e0dc9a5f0f4ffaec97d5970c88766de4c7c50a58ccd1e076c269d030
aarch64	ruby-libs-3.1.4-142.module_el8.9.0+3746+91b8233a.aarch64.rpm	2e5f4b6bd861b3ea6452d259bad282aad8a28e7ecbbd2577e2085ae211fa182f
aarch64	rubygem-json-2.6.1-142.module_el8.9.0+3746+91b8233a.aarch64.rpm	3c73281dafcac4ed3bacbb13d1d2fe5c8464ca0e347c6f309d459a034191bb4a
aarch64	rubygem-bigdecimal-3.1.1-142.module_el8.9.0+3746+91b8233a.aarch64.rpm	3c827f4d6ed7308e72be863e61f41a53db5e63f41e8e183f0c53420bf86675fd
aarch64	rubygem-rbs-2.7.0-142.module_el8.9.0+3746+91b8233a.aarch64.rpm	5cbacc8828e84f57b059ef6a36e473aadb3dfd5d05b1d0f2333fd5357753da3e
aarch64	ruby-bundled-gems-3.1.4-142.module_el8.9.0+3746+91b8233a.aarch64.rpm	5f290e83a568b87106aeae80f4fdb4792b4aa2e6361f30f640694c125a86ca8d
aarch64	ruby-3.1.4-142.module_el8.9.0+3746+91b8233a.aarch64.rpm	688a5645943effc7126a5bb4c96f4dce4fdaa390ed881ae2051d04fb2b920098
aarch64	ruby-devel-3.1.4-142.module_el8.9.0+3746+91b8233a.aarch64.rpm	ca81aa6cce5c12a98e4dadd0feb64d99a117910ac5da4c158f8f6cc3f33244f2
aarch64	rubygem-io-console-0.5.11-142.module_el8.9.0+3746+91b8233a.aarch64.rpm	d4109e648b86e22d6a127877b4c508a1bbd882e73e4018eec56e8f471828ba01
aarch64	rubygem-mysql2-0.5.3-3.module_el8.9.0+3746+91b8233a.aarch64.rpm	dbfe520cef4d3f4713a6f0ab2270b312765511985de21a1588bed57703484068
i686	rubygem-json-2.6.1-142.module_el8.9.0+3746+91b8233a.i686.rpm	1145ee0929904a056cb9a11d6badd36b75796229e273c324c4b2c57cbe0e7fed
i686	ruby-libs-3.1.4-142.module_el8.9.0+3746+91b8233a.i686.rpm	2b87f6fa82d3dc00afc9df387f72cdc1f8b143487bc37d1ad1cd86a0599e3125
i686	rubygem-io-console-0.5.11-142.module_el8.9.0+3746+91b8233a.i686.rpm	546132fcc6a89302387ef0dc94b67bbc56a48147a9b560d60793715906ab9ad4
i686	rubygem-psych-4.0.4-142.module_el8.9.0+3746+91b8233a.i686.rpm	56aacbb99359c3ebd5efa36dc5ac3ce593f2a5067b032ce30efd280e2f7c9387
i686	rubygem-rbs-2.7.0-142.module_el8.9.0+3746+91b8233a.i686.rpm	5e91d579491fe793a685d9af25138fd90f743d5b6ce19a09afb6e58229e50271
i686	ruby-bundled-gems-3.1.4-142.module_el8.9.0+3746+91b8233a.i686.rpm	69021f979e83795b2f41a8d6067b3b62e7f8be98ebbeb3c2aa179b4bc6e241a8
i686	ruby-3.1.4-142.module_el8.9.0+3746+91b8233a.i686.rpm	882f34fabe04b6ebd66cdb467310f89c77c4b3d3916938298256742702a4784c
i686	rubygem-bigdecimal-3.1.1-142.module_el8.9.0+3746+91b8233a.i686.rpm	96aa178f4b328f900b6fc67652f888e95fbffd4cd1bf94dfefcdf91497d83516
i686	ruby-devel-3.1.4-142.module_el8.9.0+3746+91b8233a.i686.rpm	b5b36cdb5817a6f8641ad7f8a5226c05a05308dc94255045e8f809f7bba4e7b7
noarch	ruby-default-gems-3.1.4-142.module_el8.9.0+3746+91b8233a.noarch.rpm	192f5bd5dd02cd99a650451c708c422c9413e7fee2cb136da5fcafa26fcaaf33
noarch	rubygems-devel-3.3.26-142.module_el8.9.0+3746+91b8233a.noarch.rpm	210a558edc0139e22f0384b30e649b6893c6f7284a49a653acdc1e45a01afaf5
noarch	rubygem-minitest-5.15.0-142.module_el8.9.0+3746+91b8233a.noarch.rpm	2b0001e8f3c7d5bae5df20a98bf9fead8a89af201aa1f1ff1b0b9de2183f51e7
noarch	rubygem-typeprof-0.21.3-142.module_el8.9.0+3746+91b8233a.noarch.rpm	329b1ee1d7dff419463fa05f3e1d98317a197e86c5980f9db02822f8d93c9317
noarch	rubygem-rake-13.0.6-142.module_el8.9.0+3746+91b8233a.noarch.rpm	441952af74becb133825706b26c16c16689b297ddde4b9b0e719c5eb7046150e
noarch	rubygem-power_assert-2.0.1-142.module_el8.9.0+3746+91b8233a.noarch.rpm	4b9d0d0b9dbfbc9d2d9851abdecf1a944ac25ea53cec8a16f63a3e938fb88dec
noarch	rubygem-abrt-doc-0.4.0-1.module_el8.7.0+3304+9392e77f.noarch.rpm	7284beeddeaba713c34bd281bd7e5d501d457d0e37b903a071556fd1ac7a060f
noarch	rubygems-3.3.26-142.module_el8.9.0+3746+91b8233a.noarch.rpm	7e8d93cdd6a3ca704cb7b96db6c5e507e630a43c78de3cd0792587d4d7d66374
noarch	ruby-doc-3.1.4-142.module_el8.9.0+3746+91b8233a.noarch.rpm	81cda5999332a197ff35f8c64be1ea3d886ccce78b9b4b1228ed0d3bd9fd53fe
noarch	rubygem-rss-0.2.9-142.module_el8.9.0+3746+91b8233a.noarch.rpm	847ae5c73ee44b14ff9e5358e36cba8d29bc39769bacc37f44ae6dc9ab652c04
noarch	rubygem-pg-doc-1.3.2-1.module_el8.7.0+3304+9392e77f.noarch.rpm	a4a83fd3f4b27a2a7051057f8b565f6b0808f755deb1d8f592085c5313236d46
noarch	rubygem-rexml-3.2.5-142.module_el8.9.0+3746+91b8233a.noarch.rpm	aa6b1f6e62d0f7d8df63fb09afe0cc712ee45767e6d8f3ae768508fa2a4b566c
noarch	rubygem-irb-1.4.1-142.module_el8.9.0+3746+91b8233a.noarch.rpm	abe99e3c5e34472e68bf8105272138114535c13fc69495b9240ab51827beb034
noarch	rubygem-mysql2-doc-0.5.3-3.module_el8.9.0+3746+91b8233a.noarch.rpm	b041e7b43395ddba070a6629f247dce8d99b56956940ee94a67a0a2e0ee1fd0a
noarch	rubygem-abrt-0.4.0-1.module_el8.7.0+3304+9392e77f.noarch.rpm	d0c3a8805919b1a45e1a94ae66d42bd18521e5391d4637af60fe14f291c63a5d
noarch	rubygem-rdoc-6.4.0-142.module_el8.9.0+3746+91b8233a.noarch.rpm	d5e0640a46a0fbf7077f45eab94c3d058c4b73c7ae8d4d5ccaa70eaea16f9cc7
noarch	rubygem-bundler-2.3.26-142.module_el8.9.0+3746+91b8233a.noarch.rpm	eae2d27f73136478a142a0c73a9ae8009d93b972d7be6ece9e7b232693102c90
noarch	rubygem-test-unit-3.5.3-142.module_el8.9.0+3746+91b8233a.noarch.rpm	f91dbc228aa2dbd9650d6b73d33575c722762b6c7fe5bb641c1dae27a3aacb75
ppc64le	rubygem-psych-4.0.4-142.module_el8.9.0+3746+91b8233a.ppc64le.rpm	0712169978f08f4e67d4b40c27fc4f92b693d4bace6c23e1f570882f37f1aa15
ppc64le	rubygem-bigdecimal-3.1.1-142.module_el8.9.0+3746+91b8233a.ppc64le.rpm	4914191221d47e31e671d5e5508e3c5bf4fd7740d125d758f4c8cce0acded84d
ppc64le	rubygem-json-2.6.1-142.module_el8.9.0+3746+91b8233a.ppc64le.rpm	61218060c5689761783e169f618f5fae29afa46b5fc9089801b1cf8ae8a916c3
ppc64le	ruby-bundled-gems-3.1.4-142.module_el8.9.0+3746+91b8233a.ppc64le.rpm	6563fb4903847adc63f1f60ac8e2e7f0374dae8e9d6754b67b0473cda93e919b
ppc64le	rubygem-mysql2-0.5.3-3.module_el8.9.0+3746+91b8233a.ppc64le.rpm	6ac16dd0dd002092ac6d5960eb63a7bd1a0639509605bb6319b65cdbae1acba1
ppc64le	ruby-3.1.4-142.module_el8.9.0+3746+91b8233a.ppc64le.rpm	6bebf6d58ed0c3c57fd511a7725e1c52e2bf6cd05e0d98e6a4c600222ed64021
ppc64le	rubygem-rbs-2.7.0-142.module_el8.9.0+3746+91b8233a.ppc64le.rpm	9da145808a819bf06e2df079843dfed831d161879a8ebed634bfe86b20363949
ppc64le	rubygem-pg-1.3.2-1.module_el8.7.0+3304+9392e77f.ppc64le.rpm	9e416b8eed3ba7768f3e8b88b3dc3ada3a9c57b02218de90564d438a53331fbd
ppc64le	rubygem-io-console-0.5.11-142.module_el8.9.0+3746+91b8233a.ppc64le.rpm	cb109e2874ed677b256f4a7bf2532f72b996df219285848105bf816315f57931
ppc64le	ruby-devel-3.1.4-142.module_el8.9.0+3746+91b8233a.ppc64le.rpm	d08da3f4b0f9304abc0b0e5d7bca4ab60b2c181de05c21de9a5e5845728a70da
ppc64le	ruby-libs-3.1.4-142.module_el8.9.0+3746+91b8233a.ppc64le.rpm	f771ccd7208042de440255a5888e5e4527b2fcfbf128fdfb56386388bf26758d
s390x	ruby-libs-3.1.4-142.module_el8.9.0+3746+91b8233a.s390x.rpm	2c3ef86d2f8b7d1a0beaa1595dec2aca6049d12ed4324f5a41dd0132b2781422
s390x	rubygem-pg-1.3.2-1.module_el8.7.0+3304+9392e77f.s390x.rpm	454f1d2b472d38004c448eed271c173aa5be1fef8150cd3fa73c9b4b3bcfc2ba
s390x	ruby-bundled-gems-3.1.4-142.module_el8.9.0+3746+91b8233a.s390x.rpm	549de138befe91037b6e4b055f31ee2ef5040af91a94a1ae1d599ee6f30aed6a
s390x	ruby-devel-3.1.4-142.module_el8.9.0+3746+91b8233a.s390x.rpm	6ac7f3cfda31cdaf941d4077485aeff9db5f15695eae94637e6c915bd8783cbe
s390x	rubygem-mysql2-0.5.3-3.module_el8.9.0+3746+91b8233a.s390x.rpm	918f33bb63f2437177e2ccc66781a31b62f2b20d0a0b1449cef7c7359b24eb9d
s390x	rubygem-rbs-2.7.0-142.module_el8.9.0+3746+91b8233a.s390x.rpm	a3edd52f3d6b3541776e9c03ae18954f4f869f86535ae86f341d77da7b32d103
s390x	rubygem-bigdecimal-3.1.1-142.module_el8.9.0+3746+91b8233a.s390x.rpm	a6bfe2597c9577fb052bf5304da9d257c3d319f688e317d41a2d724f40970904
s390x	rubygem-io-console-0.5.11-142.module_el8.9.0+3746+91b8233a.s390x.rpm	b6b643b2d2739f48f90f1fdbb5e70ad69c91e92c97bbf535033ffca0c08b009a
s390x	ruby-3.1.4-142.module_el8.9.0+3746+91b8233a.s390x.rpm	bbb49181acca558548a2655c8211a8a6ab5241946ce75f3abfd5f642464d5f86
s390x	rubygem-json-2.6.1-142.module_el8.9.0+3746+91b8233a.s390x.rpm	bfdefc37caae2ec2a8ab5ae185637b3f5462e2729c471478685a7723468920f7
s390x	rubygem-psych-4.0.4-142.module_el8.9.0+3746+91b8233a.s390x.rpm	c4d8b05dae8a9a632a6f3db44f45e472b9603446696f4c6f3c7eefa27632f5e0
x86_64	ruby-devel-3.1.4-142.module_el8.9.0+3746+91b8233a.x86_64.rpm	0274ae40bda6d55fb5502ff4fdc18eef3626fa8469c0ef6e49b8a5a01785b340
x86_64	rubygem-bigdecimal-3.1.1-142.module_el8.9.0+3746+91b8233a.x86_64.rpm	106e43c693941052df59588b6be6f97eba6d27818e25965a78eba64ce0bed61b
x86_64	rubygem-psych-4.0.4-142.module_el8.9.0+3746+91b8233a.x86_64.rpm	3ace99a7ddb16a8a1a8bd34e141943e20499cdd66c2e4f5af46513509f1d2ba7
x86_64	ruby-libs-3.1.4-142.module_el8.9.0+3746+91b8233a.x86_64.rpm	3d40b474d3fa769888782a2ee9c77adab116d21c036c372e68b09466b8db36f0
x86_64	rubygem-json-2.6.1-142.module_el8.9.0+3746+91b8233a.x86_64.rpm	49db5557b5bfb01b6355384441e680b97254ebc2caba1e24195fedbb2ebe10b4
x86_64	rubygem-pg-1.3.2-1.module_el8.7.0+3304+9392e77f.x86_64.rpm	6b30eca652ebb50db8064f2374c0f5adb07d0289f94a00f6319bc1ddf532a551
x86_64	ruby-bundled-gems-3.1.4-142.module_el8.9.0+3746+91b8233a.x86_64.rpm	858b536c46aaee8c9e3d90f8714e344b4c7113897cc88486fb3a6026b2985a9c
x86_64	rubygem-io-console-0.5.11-142.module_el8.9.0+3746+91b8233a.x86_64.rpm	869eef96eecb265bb485f7cb6c30cc0fed2f6aed22a5830cfca7f156547e475a
x86_64	ruby-3.1.4-142.module_el8.9.0+3746+91b8233a.x86_64.rpm	b8b7321a7720de80c9bd42c1fd7405b2f0ac5d4dbecc72053617321d975a3757
x86_64	rubygem-rbs-2.7.0-142.module_el8.9.0+3746+91b8233a.x86_64.rpm	d123d8d0e6026380a2164d59b857797e857ed37ed441ff7d72f43f7ed6a16c05
x86_64	rubygem-mysql2-0.5.3-3.module_el8.9.0+3746+91b8233a.x86_64.rpm	fb225106392ed81612474aa8b87b065f733931e062efef5737a912fa9a953993

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.