ALSA-2024:3500

[ALSA-2024:3500] Moderate: ruby:3.0 security update

Type:

security

Severity:

moderate

Release date:

2024-05-31

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

Security Fix(es):

* ruby/cgi-gem: HTTP response splitting in CGI (CVE-2021-33621)
* ruby: ReDoS vulnerability in URI (CVE-2023-28755)
* ruby: ReDoS vulnerability in Time (CVE-2023-28756)
* ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281)
* ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280)
* ruby: Arbitrary memory address read vulnerability with Regex search (CVE-2024-27282)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	ruby-devel-3.0.7-143.module_el8.10.0+3852+ce828b19.aarch64.rpm	0e95edf52bd351b968a6632086ca2f9aa6df8511fe3cd01ee805bc26bfe931ff
aarch64	ruby-libs-3.0.7-143.module_el8.10.0+3852+ce828b19.aarch64.rpm	4aa092c77155e8c7b002eef71496bae604eab335eb89debfce7304bbf136f89e
aarch64	rubygem-json-2.5.1-143.module_el8.10.0+3852+ce828b19.aarch64.rpm	59a7dc3a59870eaee30a59b732518fc3711fb065883d2f1cc296a2f5b2d9b47e
aarch64	rubygem-psych-3.3.2-143.module_el8.10.0+3852+ce828b19.aarch64.rpm	6aef3e72ca74ed9297b7a49ad1363203eb3a29ceade8d8a7989d2efaa050e6aa
aarch64	rubygem-mysql2-0.5.3-2.module_el8.10.0+3852+ce828b19.aarch64.rpm	708a5999794ae6e03c64bb684edcaec46d9258a3ed711441f5623c77c7caf823
aarch64	rubygem-io-console-0.5.7-143.module_el8.10.0+3852+ce828b19.aarch64.rpm	7a7341fef56cc52e6e19e4aa5c6ba63d5e4336e74bd26a244e2b83edbebb949e
aarch64	Packages/rubygem-pg-1.2.3-1.module_el8.5.0+2595+0c654ebc.aarch64.rpm	9989f231455627f0afc1462d0e4a1a096db4e49bedeec62fe7884b6311aa0168
aarch64	ruby-3.0.7-143.module_el8.10.0+3852+ce828b19.aarch64.rpm	edab31df4f0a70e21370a38a9e75835e9c6bd1bcca8f9bd51d8f1f6ec34162d9
aarch64	rubygem-bigdecimal-3.0.0-143.module_el8.10.0+3852+ce828b19.aarch64.rpm	f5d3b268330e2f0eb9cec2b979835fafaaea979f5f2815bc12eb9a4cc37737e4
i686	ruby-3.0.7-143.module_el8.10.0+3852+ce828b19.i686.rpm	016c3d0c397523d3dbf4f70859a616c9d8ad57fc2680e37587b15d9f3c5111ac
i686	ruby-libs-3.0.7-143.module_el8.10.0+3852+ce828b19.i686.rpm	abcb0d632b910a2b5505964041041d6b10b4d055c7d1602d249bf3adfa4cdda5
i686	rubygem-psych-3.3.2-143.module_el8.10.0+3852+ce828b19.i686.rpm	bb3eea953f776e48f54c66289b544781a0d57cacffe05e5f311a5deda0f59df7
i686	rubygem-json-2.5.1-143.module_el8.10.0+3852+ce828b19.i686.rpm	e04cadf51e0498565db71655617fdcd7f721783ccc9d6a668b3e12fdc0d014cc
i686	rubygem-bigdecimal-3.0.0-143.module_el8.10.0+3852+ce828b19.i686.rpm	e81093e0825b5d83138a3c87b1e972d12d4f9dcca94adfa37f162400d9d2dfa7
i686	ruby-devel-3.0.7-143.module_el8.10.0+3852+ce828b19.i686.rpm	f3b2e10bd95f6378530a37b928244ca60cc609d6eb32d3218f78a4bf1d328af3
i686	rubygem-io-console-0.5.7-143.module_el8.10.0+3852+ce828b19.i686.rpm	fb12a2c53872a0d22502644ec0a43c8f451ea4d35261138540392cd46682e040
noarch	rubygem-minitest-5.14.2-143.module_el8.10.0+3852+ce828b19.noarch.rpm	03dc0459eeb71619e1c847cbf194517ad70c3aca98630e49514464ecf7420d88
noarch	rubygem-rss-0.2.9-143.module_el8.10.0+3852+ce828b19.noarch.rpm	0a09c2385c7efc5d22d9398c69675e9b5682364b4b3f2f3a8fda9bf77983dde9
noarch	rubygem-rbs-1.4.0-143.module_el8.10.0+3852+ce828b19.noarch.rpm	1d24c762b07c3e1ea6cc87e87b4c48ed65af88110864b857cf2dccd571927519
noarch	rubygems-devel-3.2.33-143.module_el8.10.0+3852+ce828b19.noarch.rpm	2ea7c55cc91d1bfcf5a33ab1e8f5e448b383da4643770e0ced12c113d259b141
noarch	rubygem-power_assert-1.2.1-143.module_el8.10.0+3852+ce828b19.noarch.rpm	3e14193dabf6fb73b63d8593c4db98ed0b0d3174a8b5faf170016416eee2b884
noarch	rubygem-typeprof-0.15.2-143.module_el8.10.0+3852+ce828b19.noarch.rpm	45ef7144edf81471a63e1369d39036cf1ee466692d684bc59443dec6ee46fa2f
noarch	rubygem-rake-13.0.3-143.module_el8.10.0+3852+ce828b19.noarch.rpm	513bb1d4685cb29a3c652aaabc8b8647df782e541480c28992663a6d0f9bec2a
noarch	rubygem-bundler-2.2.33-143.module_el8.10.0+3852+ce828b19.noarch.rpm	55a0eb7d4124518bd1115a7b3f286d33ab554120692566738c1fc7b00193bb16
noarch	rubygem-rdoc-6.3.4.1-143.module_el8.10.0+3852+ce828b19.noarch.rpm	743a6e5f262a5f739ed2811a81c898e00d1f51705cd00199641f4b169c4611ad
noarch	rubygem-pg-doc-1.2.3-1.module_el8.10.0+3852+ce828b19.noarch.rpm	7efc18ebb66457c2b224e9d68e60ab9480e19b14720c9584adde6139e7e9c288
noarch	rubygems-3.2.33-143.module_el8.10.0+3852+ce828b19.noarch.rpm	8469600aef77e953eff599a39b46f6f359be8eeec339e86c3eb8d03a3bf5e077
noarch	rubygem-abrt-0.4.0-1.module_el8.10.0+3852+ce828b19.noarch.rpm	84b70695336bc292fd58bfc44a9a143b0ec5be8ba8f156b6ddd073d152037a6c
noarch	Packages/rubygem-pg-doc-1.2.3-1.module_el8.5.0+2595+0c654ebc.noarch.rpm	9f683aa78a9718ef875de877064f6d498f33290d0c1281bc42d13920969a4a2a
noarch	rubygem-abrt-doc-0.4.0-1.module_el8.10.0+3852+ce828b19.noarch.rpm	a9168016abaca5b2f824863d77590941a090c45c163392e9947abfc0f03dcd48
noarch	rubygem-mysql2-doc-0.5.3-2.module_el8.10.0+3852+ce828b19.noarch.rpm	ae6e65f7e7ebc7407cc08fcda0e2ce43e3db486c38331fb74d89195305f8c660
noarch	rubygem-rexml-3.2.5-143.module_el8.10.0+3852+ce828b19.noarch.rpm	ea399230bd36dd16a3ebeead6e2f5d48000ffd0a4269294229a300ec9634211b
noarch	rubygem-test-unit-3.3.7-143.module_el8.10.0+3852+ce828b19.noarch.rpm	ed5976754fc7f01e1f42f37523fd9c0eed263ccce56bded957ea7e7b4d1137ea
noarch	ruby-default-gems-3.0.7-143.module_el8.10.0+3852+ce828b19.noarch.rpm	f6d3ada62e813d32f68d1912ab9b88cd8660f0e2a8b24456d4f689d1c2781abc
noarch	rubygem-irb-1.3.5-143.module_el8.10.0+3852+ce828b19.noarch.rpm	fb08cc356b46b37c9785209c1cd916cd36f7b06af35d7d8425021d513c16f82c
noarch	ruby-doc-3.0.7-143.module_el8.10.0+3852+ce828b19.noarch.rpm	fdb56e67fc61ea8c12ea22aa7fc13a6b7c193f959ac9cceaa90061d37b84bbf3
ppc64le	rubygem-bigdecimal-3.0.0-143.module_el8.10.0+3852+ce828b19.ppc64le.rpm	44ef04e1d33cb9c55ee91ccf978d2ce11850750413affc66b5940df2f4f54984
ppc64le	rubygem-psych-3.3.2-143.module_el8.10.0+3852+ce828b19.ppc64le.rpm	5155ca733bd213b77fc2b3a23835424ab5fbe82803c99630ad483a2ebf812884
ppc64le	Packages/rubygem-pg-1.2.3-1.module_el8.5.0+118+1ab773e1.ppc64le.rpm	7436def9a0e4ca3a4b62dbc38643713baa67e1648fc945b62834e679edfe207a
ppc64le	ruby-libs-3.0.7-143.module_el8.10.0+3852+ce828b19.ppc64le.rpm	813c7388419f614da47e6a085bb9460d03ce5ec7a4f621ef2fc122c6b9be07d3
ppc64le	rubygem-io-console-0.5.7-143.module_el8.10.0+3852+ce828b19.ppc64le.rpm	843a260a681678ca8495e6673f4e600a50f1f860a9c9cd6f03be930cf526af68
ppc64le	ruby-devel-3.0.7-143.module_el8.10.0+3852+ce828b19.ppc64le.rpm	8550e71ff2f225f964475469d438f082e53ec863722c6d094428814825976155
ppc64le	rubygem-mysql2-0.5.3-2.module_el8.10.0+3852+ce828b19.ppc64le.rpm	8be0a582058a2170fd9bee2e99acf0054ee56e5ca0e6eb5833754f13b825f1ba
ppc64le	ruby-3.0.7-143.module_el8.10.0+3852+ce828b19.ppc64le.rpm	ae0c772e4638bc5b5e17699a87cbd6598087c367f17fc0e1796b9f7abafd3b84
ppc64le	rubygem-json-2.5.1-143.module_el8.10.0+3852+ce828b19.ppc64le.rpm	c40acc476357624a543cfa485437f460ebef4201bb78dbe83e7d98266372ca3e
s390x	rubygem-io-console-0.5.7-143.module_el8.10.0+3852+ce828b19.s390x.rpm	2149ac0557efc1b87939f436b2f4cb35f83875ad1668516cdee2eb1958ca5089
s390x	ruby-3.0.7-143.module_el8.10.0+3852+ce828b19.s390x.rpm	360aaeab01f88d22f89dd6feeec1a1324c8ce44f06346d9fa83282a8280d1c69
s390x	rubygem-psych-3.3.2-143.module_el8.10.0+3852+ce828b19.s390x.rpm	67ce0c954f1cf5c9aedfc9e23f5e3fb3bc3b88d5bc5ca72df5c84e1df8954c18
s390x	rubygem-mysql2-0.5.3-2.module_el8.10.0+3852+ce828b19.s390x.rpm	8e030bb6dc303c305c821e3206669fcdaa1aa3d5d76a24c17b9ef74adc865d93
s390x	rubygem-json-2.5.1-143.module_el8.10.0+3852+ce828b19.s390x.rpm	92ce7b430cd7ad3538dc5711432a163fd2508cd4c38b01cfcc5388f36f34195f
s390x	ruby-libs-3.0.7-143.module_el8.10.0+3852+ce828b19.s390x.rpm	955ff57e16ac6ff4ed86c657834390c6ee985d058a32a6e420c5197b0b5a8b33
s390x	rubygem-bigdecimal-3.0.0-143.module_el8.10.0+3852+ce828b19.s390x.rpm	9f1d56abc7ea1377056f5549d56df66526f70d3291f05a524cbe8f90c6db2ed7
s390x	ruby-devel-3.0.7-143.module_el8.10.0+3852+ce828b19.s390x.rpm	be7ca7f82799d6a58ed151bfae50ce199bec3aadb1d121794e44e5a61b395d08
s390x	rubygem-pg-1.2.3-1.module_el8.6.0+3144+d138acf1.s390x.rpm	e5e418e782fc2d4ec7746c1c503d1e951f6b0e366a1ff9e81c67d85da1ef9552
x86_64	ruby-3.0.7-143.module_el8.10.0+3852+ce828b19.x86_64.rpm	0247073097a5f653b63ae7a38395d53620634151719d356f1fbd826763d2a483
x86_64	Packages/rubygem-pg-1.2.3-1.module_el8.5.0+2595+0c654ebc.x86_64.rpm	4fd81165e0f75c4128be74d16886b655162e91ef06cf9847ad7fffb405bbc1f1
x86_64	rubygem-mysql2-0.5.3-2.module_el8.10.0+3852+ce828b19.x86_64.rpm	54e1a3fd0f61d49897a2a7b7700475cb337ba7a3abd9b24277ed6943ae787fe0
x86_64	ruby-devel-3.0.7-143.module_el8.10.0+3852+ce828b19.x86_64.rpm	7e17ec06297369dc78bb6040e1ed7f1fdc9f79432a3be5976553e5c09de26a30
x86_64	ruby-libs-3.0.7-143.module_el8.10.0+3852+ce828b19.x86_64.rpm	b6959b919e40e5325e643c01307301100e552ad8fa8e5f4343130130ddcc0714
x86_64	rubygem-psych-3.3.2-143.module_el8.10.0+3852+ce828b19.x86_64.rpm	cfe1d30bd19044757b2b3f80aedd7a1312d0a8a4f88537b34c2413634a372ec5
x86_64	rubygem-bigdecimal-3.0.0-143.module_el8.10.0+3852+ce828b19.x86_64.rpm	ec5b2395b5cac7c0133e446e3614755d68a329a8a091a96d9696b402b18cbf49
x86_64	rubygem-io-console-0.5.7-143.module_el8.10.0+3852+ce828b19.x86_64.rpm	ef0b7ea01c089e34fb0f4e9ee4fffd6bff8291853b2fde9b78b26532c86cb2d7
x86_64	rubygem-json-2.5.1-143.module_el8.10.0+3852+ce828b19.x86_64.rpm	f41f724cd0231fea9b8f81e5177b9cba88a494c621b9f84dcc2ed0cbe547d910

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.