ALSA-2024:3670

[ALSA-2024:3670] Moderate: ruby:3.3 security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2024-06-10

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: ruby (3.3). (AlmaLinux-37446)

Security Fix(es):

* ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280)
* ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281)
* ruby: Arbitrary memory address read vulnerability with Regex search
(CVE-2024-27282)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	ruby-libs-3.3.1-2.module_el8.10.0+3855+767cb125.aarch64.rpm	1b474ba365e7db1eb8558656daa34cecceb8a442f1d33ef70119f576e0188e36
aarch64	ruby-bundled-gems-3.3.1-2.module_el8.10.0+3855+767cb125.aarch64.rpm	5a4d035fac9c9b9840a0173e7b395ec322d87110881735c1baba322095a5d7e0
aarch64	rubygem-json-2.7.1-2.module_el8.10.0+3855+767cb125.aarch64.rpm	5d79bcf5aad1aca62925556377e5c3cad3d53118a574f109cc3395d68b5d7b01
aarch64	rubygem-bigdecimal-3.1.5-2.module_el8.10.0+3855+767cb125.aarch64.rpm	77e254be3974cc7ede5e6ae6c6ca418f7faac87293162bea78483548c87a0178
aarch64	rubygem-io-console-0.7.1-2.module_el8.10.0+3855+767cb125.aarch64.rpm	8ae0baeb3d486ee02da28af86732d44e743a7c8d10bf6ef76fda505715d74b5c
aarch64	rubygem-mysql2-0.5.5-1.module_el8.10.0+3799+191214cc.aarch64.rpm	c62a808b81b0d99fea18c0993682022ab9dbac232eab8f53a7b54c21988ab20a
aarch64	rubygem-rbs-3.4.0-2.module_el8.10.0+3855+767cb125.aarch64.rpm	e61c75dc816d4263e6296e714206172b1dc98db968ac7368a726407fb5a47124
aarch64	rubygem-pg-1.5.4-1.module_el8.10.0+3799+191214cc.aarch64.rpm	eb6c1e581602e2bf0c514423a76df8684840836b0b5b937870124eefda96a806
aarch64	ruby-devel-3.3.1-2.module_el8.10.0+3855+767cb125.aarch64.rpm	f42c9e1a1e9226ff28f5f7e5604cd6d9da1ccb6490844614df65c4071ee55aa5
aarch64	rubygem-psych-5.1.2-2.module_el8.10.0+3855+767cb125.aarch64.rpm	fac8a7ee2c5d99e4cd015a2a833b652752a62f969d6c58ab2afca9c28fc99f6f
aarch64	rubygem-racc-1.7.3-2.module_el8.10.0+3855+767cb125.aarch64.rpm	fc5e57a0388b4e34373907faf25b222f07b1c6d7500eb15c16f15e3d7e2fe580
aarch64	ruby-3.3.1-2.module_el8.10.0+3855+767cb125.aarch64.rpm	fc76ad19c7de81bcf74f732f75f8a3965ae9eb7d7957bf6a529c76694eb82c55
i686	rubygem-bigdecimal-3.1.5-2.module_el8.10.0+3855+767cb125.i686.rpm	1015a884c628e6ae45df99b183ce7fa352f2adf3c729a0970e179efbaf5bad22
i686	rubygem-json-2.7.1-2.module_el8.10.0+3855+767cb125.i686.rpm	1878dd9d06b80c8615b6f9dad43b5293a90e2e606fc9abc1d474255589405ad2
i686	rubygem-rbs-3.4.0-2.module_el8.10.0+3855+767cb125.i686.rpm	1b39a3e9e8ccd7dafcbb3762fe148f590074e2a9b2464dc65858023069cec97c
i686	ruby-libs-3.3.1-2.module_el8.10.0+3855+767cb125.i686.rpm	21ed860dc7a7232ce26462743090dbfcee86eaf6ffbf81b62cddd3bae4c39298
i686	rubygem-psych-5.1.2-2.module_el8.10.0+3855+767cb125.i686.rpm	2479cdb4d25ea0d8df698baa24b1d6d71a29d1c221134bfd06f286e46d9005a5
i686	rubygem-racc-1.7.3-2.module_el8.10.0+3855+767cb125.i686.rpm	45ea969329daa3ec1ea693f39c36a8dfcdc21c07a21cc99398010b90cde56c15
i686	ruby-bundled-gems-3.3.1-2.module_el8.10.0+3855+767cb125.i686.rpm	66f4a149d69fc17a006d84085063a0324ebbe7601e82b58c8284037838ab577f
i686	rubygem-io-console-0.7.1-2.module_el8.10.0+3855+767cb125.i686.rpm	90889479fee4dce74069543cd471133419102e2801a673c53c5b920c31083163
i686	ruby-devel-3.3.1-2.module_el8.10.0+3855+767cb125.i686.rpm	bc5b4cd1ff38dcdaf701ad6c7e94267426289b93df483dad5b89fd88b92a981b
i686	ruby-3.3.1-2.module_el8.10.0+3855+767cb125.i686.rpm	caa53143f96a454724b13ea84193e0d2b2022c7333b5b60a69b7caab01c900b3
noarch	rubygem-rake-13.1.0-2.module_el8.10.0+3855+767cb125.noarch.rpm	29a0d577255f1dc0ead45c62b14b16391b7b1c0dd9b012f74f841310de7e6eca
noarch	rubygem-rss-0.3.0-2.module_el8.10.0+3855+767cb125.noarch.rpm	2f13b5a0d6538aefd6b63102b6edf6266dc41f7b411c7a07852a64cd308a39e3
noarch	rubygems-3.5.9-2.module_el8.10.0+3855+767cb125.noarch.rpm	33d74a8a9a425f6b49dc494bf3c5fe54a28a5d9bf2a760bd1c96eb032c203608
noarch	rubygem-test-unit-3.6.1-2.module_el8.10.0+3855+767cb125.noarch.rpm	4066859a0bfd7a366b7d3abd406d7cc538c72983f68c26093108f42a863c5c75
noarch	rubygem-irb-1.11.0-2.module_el8.10.0+3855+767cb125.noarch.rpm	4468c56b17722519fa88ecf4d57e771cf0e16017717b0da19dd6373e01ff8a18
noarch	rubygem-bundler-2.5.9-2.module_el8.10.0+3855+767cb125.noarch.rpm	47659a59398ff4e68a61352f39b7e9f7bb2905539be7c25fd4fa2a3fff7506d9
noarch	rubygem-rexml-3.2.6-2.module_el8.10.0+3855+767cb125.noarch.rpm	622b7bf2b9ebc27d575b4dd6b3bb0cef17c7d813c661f412610cea54b79ef462
noarch	rubygem-rdoc-6.6.3.1-2.module_el8.10.0+3855+767cb125.noarch.rpm	83c1237de90d2c5724cb4c0a5796a21baee61e18254271fedfc6a3b6ad72ff0f
noarch	rubygem-typeprof-0.21.9-2.module_el8.10.0+3855+767cb125.noarch.rpm	9837d4fe31ea7cf91718054aaad47117c1aeb49fac12f5fc57a6f8e7682588e0
noarch	rubygem-mysql2-doc-0.5.5-1.module_el8.10.0+3799+191214cc.noarch.rpm	a1e84a63a7afd9043eb9ee27d2b4a2784de6e4790859efeb6e29353b8922b91f
noarch	ruby-doc-3.3.1-2.module_el8.10.0+3855+767cb125.noarch.rpm	a96b95f0ba62fcb579f5c06f6836aa48af7ee0019291d224ddeeed3d8515a91c
noarch	rubygem-power_assert-2.0.3-2.module_el8.10.0+3855+767cb125.noarch.rpm	b20a878d3dea8a3bf7620d01c84d87506468252d1a7009a8d7383d358b03c565
noarch	rubygem-pg-doc-1.5.4-1.module_el8.10.0+3799+191214cc.noarch.rpm	b8da427ba088e5a263b5c71d592a6515861cf12932be7ac5577f51afc1c68900
noarch	rubygem-abrt-doc-0.4.0-1.module_el8.10.0+3799+191214cc.noarch.rpm	c7018cb7e3cfdd28f00117935672e78df8eddf81f308a36b9be1dd8a3fec2afe
noarch	ruby-default-gems-3.3.1-2.module_el8.10.0+3855+767cb125.noarch.rpm	c8b0e14d0239cbe888d1684a57bbcc086222a9267e6fc145a61c1022ee08f9d0
noarch	rubygems-devel-3.5.9-2.module_el8.10.0+3855+767cb125.noarch.rpm	cb21ac5386973ddd4fffabfa61691323b34c3d04f529631923f3a79de3333c0f
noarch	rubygem-minitest-5.20.0-2.module_el8.10.0+3855+767cb125.noarch.rpm	d2fb9911fdfacd518d63e86d236a6d199467ad01ec0dc06d17591c82a009853e
noarch	rubygem-abrt-0.4.0-1.module_el8.10.0+3799+191214cc.noarch.rpm	eb0f7cad4d0f103b5e53f11647208a780406db8c8cd8c9556e219bec8e1d9893
ppc64le	rubygem-rbs-3.4.0-2.module_el8.10.0+3855+767cb125.ppc64le.rpm	181772cea3b12b9e7b6b3aafb9c0ae0c6b08712f8cb52a39278bbe114ea2f2b6
ppc64le	rubygem-json-2.7.1-2.module_el8.10.0+3855+767cb125.ppc64le.rpm	3e148723bae783e28bee1a8b282708ff70cd95394b0f06447ab38d43e06ea95a
ppc64le	ruby-3.3.1-2.module_el8.10.0+3855+767cb125.ppc64le.rpm	42b9b72127657b35334476858f677c88b361669d8cff82af5b1750ae3ea9220f
ppc64le	rubygem-pg-1.5.4-1.module_el8.10.0+3799+191214cc.ppc64le.rpm	42d6c926024708a478291ff8ed6df0105234c6923b1d1510e10627bea6cc65a6
ppc64le	rubygem-mysql2-0.5.5-1.module_el8.10.0+3799+191214cc.ppc64le.rpm	5a972434690d6ccc541727ace50749ee5c5005bae5faf4e2bff4c7acdf33d580
ppc64le	rubygem-racc-1.7.3-2.module_el8.10.0+3855+767cb125.ppc64le.rpm	705143b107dc2980d4d725299bc26de105e49265d7235c0d2b18ca89ee496e6a
ppc64le	rubygem-io-console-0.7.1-2.module_el8.10.0+3855+767cb125.ppc64le.rpm	8e206b7e74fbc46369c0c954a3291e8d595b173a9db9ec5c210643e85583a6a9
ppc64le	ruby-devel-3.3.1-2.module_el8.10.0+3855+767cb125.ppc64le.rpm	9cd9a3e792c2f13f23fba102a1a08ffce14ad5f43af28718a73ec9e3f7fe35c5
ppc64le	rubygem-bigdecimal-3.1.5-2.module_el8.10.0+3855+767cb125.ppc64le.rpm	bbde1995fe60d15cc59b12d4e9ab394058303af5a328a3a8eb63a1c681828e6b
ppc64le	rubygem-psych-5.1.2-2.module_el8.10.0+3855+767cb125.ppc64le.rpm	d3636e3bb269891c37efe9d80220e41982c0cc907bbf858673d2805b595ab7ce
ppc64le	ruby-bundled-gems-3.3.1-2.module_el8.10.0+3855+767cb125.ppc64le.rpm	f9a44adb12757f60c4b8d49bd899ba4cef14f2667ed2c3e2c3586dab8648fbbe
ppc64le	ruby-libs-3.3.1-2.module_el8.10.0+3855+767cb125.ppc64le.rpm	fd210fac774a13c45c20053c186533df5c7520a1e355fe4018b128db3312f932
s390x	rubygem-mysql2-0.5.5-1.module_el8.10.0+3799+191214cc.s390x.rpm	0212e4bd0a248fdb4c10424d90e73d4c0400b209c24f90e3a5fac26348adcdc3
s390x	rubygem-io-console-0.7.1-2.module_el8.10.0+3855+767cb125.s390x.rpm	0ec6d5ab79d06322d266262462db7c71cd160ee1260b40568518fc38181952fa
s390x	rubygem-json-2.7.1-2.module_el8.10.0+3855+767cb125.s390x.rpm	2b595df5672c9965403a2f2f3777e36043e2fedc308526d5f434c5d275c5ccbc
s390x	rubygem-rbs-3.4.0-2.module_el8.10.0+3855+767cb125.s390x.rpm	369538120f605b2350672de5ae970143b066e4c71f117f529180b52363be6081
s390x	rubygem-psych-5.1.2-2.module_el8.10.0+3855+767cb125.s390x.rpm	4343da87e0eaaa8e9919a3223478a249c1ebe04542cb31c49600d6676e6f6e60
s390x	rubygem-racc-1.7.3-2.module_el8.10.0+3855+767cb125.s390x.rpm	4c0d177321393686a8f17b600c232e2257406f43a8b0a5b5f1d4be0078863bbe
s390x	rubygem-bigdecimal-3.1.5-2.module_el8.10.0+3855+767cb125.s390x.rpm	55c8d765331a951955c62701cc0234cc4df5c81223ad214beeebb47a94762e61
s390x	ruby-devel-3.3.1-2.module_el8.10.0+3855+767cb125.s390x.rpm	844b82261954d03bfffee731456b7d8d15b3877413dcdbabf11eb3f06aa162e1
s390x	ruby-bundled-gems-3.3.1-2.module_el8.10.0+3855+767cb125.s390x.rpm	9b875491830f61511bda75edebe3851eb4497ba43228c7ee6594d184f2e85ec0
s390x	rubygem-pg-1.5.4-1.module_el8.10.0+3799+191214cc.s390x.rpm	b17f6e9ce3697902b5d1a0a00f804510913440b751583002e5226f0f1bafcfad
s390x	ruby-libs-3.3.1-2.module_el8.10.0+3855+767cb125.s390x.rpm	b9d9ca3a9cf862eacc7e03191ad5101589edc6ab6337fb07ce6b62c18cbfb895
s390x	ruby-3.3.1-2.module_el8.10.0+3855+767cb125.s390x.rpm	f942eb4b448f6a0786ebfbae846905f6665716a642892aa4b99c7bcb1c53e870
x86_64	rubygem-psych-5.1.2-2.module_el8.10.0+3855+767cb125.x86_64.rpm	13cd9cdb38b7af6c100702b7dbdf38e8de13d628f8f23a1627c67aa26c667385
x86_64	rubygem-json-2.7.1-2.module_el8.10.0+3855+767cb125.x86_64.rpm	1efd828459bf305a77bfdf5298fb4b4f45b956041826ce9ceb46f34d07c55da8
x86_64	ruby-devel-3.3.1-2.module_el8.10.0+3855+767cb125.x86_64.rpm	3975b93254ee6d0a888503ea4de0262d2eabe8b19aa2b37b1162b97375dd56f3
x86_64	rubygem-pg-1.5.4-1.module_el8.10.0+3799+191214cc.x86_64.rpm	7ddeaee161c1a35868f10426b7a3549b322294671d17a3ec3157dc7da950a7eb
x86_64	ruby-libs-3.3.1-2.module_el8.10.0+3855+767cb125.x86_64.rpm	8a3455b9c21e3d3cf810ad5bd425d2bec9317b58869453416d078919a86504a4
x86_64	ruby-bundled-gems-3.3.1-2.module_el8.10.0+3855+767cb125.x86_64.rpm	8a5e3f9fccb092e06b7093ae048b197a5c5701159f9369f1aaddec4810592b90
x86_64	rubygem-bigdecimal-3.1.5-2.module_el8.10.0+3855+767cb125.x86_64.rpm	92b691ee64e741ee5948e703068de97ecf63df0989c215cca693809b84027ebe
x86_64	rubygem-rbs-3.4.0-2.module_el8.10.0+3855+767cb125.x86_64.rpm	cd48eacd314a14e81d18f76c9f4f157cf23c93990ae5ef057c4b45256ff655ef
x86_64	rubygem-racc-1.7.3-2.module_el8.10.0+3855+767cb125.x86_64.rpm	d21fe7b49977fdb5f20bef1e18146979100c399ab3c660b64172907abc702894
x86_64	rubygem-io-console-0.7.1-2.module_el8.10.0+3855+767cb125.x86_64.rpm	d89a2cfebf6def551e9915c0b539c298ad857306d78f498a4425638a57a61f1d
x86_64	ruby-3.3.1-2.module_el8.10.0+3855+767cb125.x86_64.rpm	e3e4b4f822f440866ffa95b0abadb33ada621c23d8e88edde6c48a09b6fac79e
x86_64	rubygem-mysql2-0.5.5-1.module_el8.10.0+3799+191214cc.x86_64.rpm	e70746488c18387708051b0110e5ffbf3579eecd588680bad936e954bfbd2400

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.