ALSA-2024:6784

[ALSA-2024:6784] Moderate: ruby:3.3 security update

Type:

security

Severity:

moderate

Release date:

2024-09-19

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

Security Fix(es):

* rexml: DoS vulnerability in REXML (CVE-2024-39908)
* rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]> (CVE-2024-41123)
* rexml: DoS vulnerability in REXML (CVE-2024-41946)
* rexml: DoS vulnerability in REXML (CVE-2024-43398)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	rubygem-racc-1.7.3-3.module_el8.10.0+3894+6d587c81.aarch64.rpm	1899b2e0754fcecfee43643ca21eace5d0796e8ed3109bd00f750e746f133bca
aarch64	ruby-bundled-gems-3.3.5-3.module_el8.10.0+3894+6d587c81.aarch64.rpm	27b0e8e68c2849d2d4d79e29cd2ab8047be56e2cf038ebb90df1557fd330769b
aarch64	rubygem-rbs-3.4.0-3.module_el8.10.0+3894+6d587c81.aarch64.rpm	295f502b99ec778c6b52435a191902e063c75b5f88a84b2be0f348c66b4e6efa
aarch64	rubygem-json-2.7.1-3.module_el8.10.0+3894+6d587c81.aarch64.rpm	4652a2ee96ec16fb3747c716f88ee9374eff4c74f608ef699d8421fd61025097
aarch64	rubygem-io-console-0.7.1-3.module_el8.10.0+3894+6d587c81.aarch64.rpm	70ee5011867c16e2f5e45e9e56f2cc6634aecc8eeb4920611d2213427c87cfb7
aarch64	ruby-devel-3.3.5-3.module_el8.10.0+3894+6d587c81.aarch64.rpm	a320d42d148904eb386a05f0afa21a165baf1b92c2599f00e079219a039f61fb
aarch64	ruby-3.3.5-3.module_el8.10.0+3894+6d587c81.aarch64.rpm	a424ae4eb82c4952aa93aa3c9e82bb9881b185c86dc750af9667e0ea402b0703
aarch64	rubygem-mysql2-0.5.5-1.module_el8.10.0+3799+191214cc.aarch64.rpm	c62a808b81b0d99fea18c0993682022ab9dbac232eab8f53a7b54c21988ab20a
aarch64	rubygem-psych-5.1.2-3.module_el8.10.0+3894+6d587c81.aarch64.rpm	c9fa865c876834d3d5f7d3f1820b1b7d511f6f544df659864af7a1395ec27820
aarch64	rubygem-pg-1.5.4-1.module_el8.10.0+3799+191214cc.aarch64.rpm	eb6c1e581602e2bf0c514423a76df8684840836b0b5b937870124eefda96a806
aarch64	rubygem-bigdecimal-3.1.5-3.module_el8.10.0+3894+6d587c81.aarch64.rpm	f4ee4f557673f51cea986f3de3d8d72bdbf112e077e3fdc021539de76807a30d
aarch64	ruby-libs-3.3.5-3.module_el8.10.0+3894+6d587c81.aarch64.rpm	fefeca6f286d69fc123fd761a16591529b5b085d798fef8512abfa6472fc75fa
i686	rubygem-psych-5.1.2-3.module_el8.10.0+3894+6d587c81.i686.rpm	0e833c75d599322f76aaf22b22709c47deb17c328a95c630d28c41ea50ef3dd9
i686	ruby-devel-3.3.5-3.module_el8.10.0+3894+6d587c81.i686.rpm	281eb1b8e5ac7a45955041b19c1bd1c34467237912706d1e2bac4d6cb65ee437
i686	rubygem-rbs-3.4.0-3.module_el8.10.0+3894+6d587c81.i686.rpm	4caacf7e9f3f66c15f9b232774bb43bd1685386234008c49ee55d4dd427a66a2
i686	rubygem-bigdecimal-3.1.5-3.module_el8.10.0+3894+6d587c81.i686.rpm	580fe137401e087c735c95ccf0d04ba1ba363205bf6b432ae4e4b1a4474b0ff5
i686	ruby-bundled-gems-3.3.5-3.module_el8.10.0+3894+6d587c81.i686.rpm	6e3ca0a169aa96dddfa222bcecdadeec89c137838e9b65db6a5a46cf6317ebcc
i686	rubygem-json-2.7.1-3.module_el8.10.0+3894+6d587c81.i686.rpm	a38ec9745dc5d9a32e945eb727e94f4eb3f5ab9db41731495bb7064619e0a91e
i686	rubygem-racc-1.7.3-3.module_el8.10.0+3894+6d587c81.i686.rpm	a4de3e2cde768f9833612317b1d4df7637fd0711872207fbc866b4cb99535450
i686	ruby-libs-3.3.5-3.module_el8.10.0+3894+6d587c81.i686.rpm	c7ec31969e6bed0e027b213bd6a537dbbace1b7dda62cbf7bc258944a6417387
i686	rubygem-io-console-0.7.1-3.module_el8.10.0+3894+6d587c81.i686.rpm	ca0c04a17a685fa62eb166bd6b57b5dfb3fc074893d5d0387d7d083f3b7cf643
i686	ruby-3.3.5-3.module_el8.10.0+3894+6d587c81.i686.rpm	d5f5ce3bc1fccd32dcc49722d3edae4b77263a328820b08ecf6c557a3bc97bbc
noarch	rubygem-irb-1.13.1-3.module_el8.10.0+3894+6d587c81.noarch.rpm	0737a3eae71272a73e55fb8fed0dce33776612a4ff917dc86bf2787ccdbe20e9
noarch	rubygems-3.5.16-3.module_el8.10.0+3894+6d587c81.noarch.rpm	2146a852600296fee41befd79ef991f5b859db046576460fc21d9ec425b9c2ff
noarch	rubygem-minitest-5.20.0-3.module_el8.10.0+3894+6d587c81.noarch.rpm	2aeb854c498cf5a6f27314d24c5fb3c76d045679b89ab2c66d7d0b54a542e908
noarch	rubygem-rexml-3.3.6-3.module_el8.10.0+3894+6d587c81.noarch.rpm	2f1d7dad62e42b45c240f7b1d67434190279ebb3a7d0d5d2a55cb8c5b76e3812
noarch	rubygem-rake-13.1.0-3.module_el8.10.0+3894+6d587c81.noarch.rpm	607e1eb15560d389f0c5e0794f56718d71daa31db1bd08f875e6ec630f8c1379
noarch	rubygems-devel-3.5.16-3.module_el8.10.0+3894+6d587c81.noarch.rpm	6ea5289f465595b80ca78c04e775cde5ce77a2f3777317bb39d9f630c972fe77
noarch	rubygem-rdoc-6.6.3.1-3.module_el8.10.0+3894+6d587c81.noarch.rpm	86a2ba2012ba9a437856c72d0e5c59eb9c4d03947d7aa009b291fc29c60a024c
noarch	rubygem-power_assert-2.0.3-3.module_el8.10.0+3894+6d587c81.noarch.rpm	892a198ef3cc695b52bc12b648a7db2c17538e26e1e5fad78a63e5db863db519
noarch	rubygem-mysql2-doc-0.5.5-1.module_el8.10.0+3799+191214cc.noarch.rpm	a1e84a63a7afd9043eb9ee27d2b4a2784de6e4790859efeb6e29353b8922b91f
noarch	rubygem-test-unit-3.6.1-3.module_el8.10.0+3894+6d587c81.noarch.rpm	ab4e0e99e106bd11293a2aeb1bc6bbb98ce5963316340479f588ff2e6662f992
noarch	rubygem-pg-doc-1.5.4-1.module_el8.10.0+3799+191214cc.noarch.rpm	b8da427ba088e5a263b5c71d592a6515861cf12932be7ac5577f51afc1c68900
noarch	rubygem-abrt-doc-0.4.0-1.module_el8.10.0+3799+191214cc.noarch.rpm	c7018cb7e3cfdd28f00117935672e78df8eddf81f308a36b9be1dd8a3fec2afe
noarch	ruby-doc-3.3.5-3.module_el8.10.0+3894+6d587c81.noarch.rpm	c7f03cf55fa8ffe4e1a67a211df11f79f62b5faa03a702a6bf2eee609e3a2c38
noarch	rubygem-rss-0.3.1-3.module_el8.10.0+3894+6d587c81.noarch.rpm	d78ddd2589b34029e2e361daa6a661f654501aa82edda771e748aa7ecd2763d2
noarch	rubygem-bundler-2.5.16-3.module_el8.10.0+3894+6d587c81.noarch.rpm	e01c11442ba6e8d6c496f696c679250382ce440c2515a56ea7a4ef5c159bda34
noarch	rubygem-abrt-0.4.0-1.module_el8.10.0+3799+191214cc.noarch.rpm	eb0f7cad4d0f103b5e53f11647208a780406db8c8cd8c9556e219bec8e1d9893
noarch	rubygem-typeprof-0.21.9-3.module_el8.10.0+3894+6d587c81.noarch.rpm	f30164b27c0c314691e9a8b54e480f4c1f0c99c91866c22e3d010c4b16617930
noarch	ruby-default-gems-3.3.5-3.module_el8.10.0+3894+6d587c81.noarch.rpm	fa21c193669f0dd41f084abd4ee76f23eccb89a3ca69724c1081b8f8a2006b13
ppc64le	ruby-libs-3.3.5-3.module_el8.10.0+3894+6d587c81.ppc64le.rpm	1669f5bba377c071c1d376602029580e3f3d00062928bd0e9109e63d0f4caab1
ppc64le	rubygem-json-2.7.1-3.module_el8.10.0+3894+6d587c81.ppc64le.rpm	21f81892b3931902762cc84ed7cd31ffb0e114e1e0fbc512ed276ecbe95a339d
ppc64le	rubygem-racc-1.7.3-3.module_el8.10.0+3894+6d587c81.ppc64le.rpm	3bc8b75d6bc52890b8d7af151ca410367112cb6a3f9fba4d4fffa8d88a5c8276
ppc64le	rubygem-psych-5.1.2-3.module_el8.10.0+3894+6d587c81.ppc64le.rpm	3e1a2d6c91fb6c2814e3552640411c1523a6ef92628e98df4922a7572405c3b0
ppc64le	rubygem-pg-1.5.4-1.module_el8.10.0+3799+191214cc.ppc64le.rpm	42d6c926024708a478291ff8ed6df0105234c6923b1d1510e10627bea6cc65a6
ppc64le	ruby-bundled-gems-3.3.5-3.module_el8.10.0+3894+6d587c81.ppc64le.rpm	55fc448449ab1d701d0586e7f23c19b50483f3965175534bfd39919ec8d2480f
ppc64le	rubygem-mysql2-0.5.5-1.module_el8.10.0+3799+191214cc.ppc64le.rpm	5a972434690d6ccc541727ace50749ee5c5005bae5faf4e2bff4c7acdf33d580
ppc64le	rubygem-io-console-0.7.1-3.module_el8.10.0+3894+6d587c81.ppc64le.rpm	b92a986ceb99b6a74bb66f4ff28cb39db29809131a21463ef26f8893e859d3be
ppc64le	ruby-devel-3.3.5-3.module_el8.10.0+3894+6d587c81.ppc64le.rpm	cd308d0db32cdd5c561f6793e6082e7d1f202c5f3719f666b30b60768fed7513
ppc64le	ruby-3.3.5-3.module_el8.10.0+3894+6d587c81.ppc64le.rpm	cf1424a57e20b3edadbbc294786e601716030726b9ba023ed1d3f60e0e0182e1
ppc64le	rubygem-bigdecimal-3.1.5-3.module_el8.10.0+3894+6d587c81.ppc64le.rpm	d0c8c29004e8107dacbe29b155e522df3a15d1ec1c49ef301975f7bb137d406f
ppc64le	rubygem-rbs-3.4.0-3.module_el8.10.0+3894+6d587c81.ppc64le.rpm	f93ea4fa99edc77be3dc4c3e86eccbb91ed0c3133897e672dffa5f54bc749b37
s390x	rubygem-mysql2-0.5.5-1.module_el8.10.0+3799+191214cc.s390x.rpm	0212e4bd0a248fdb4c10424d90e73d4c0400b209c24f90e3a5fac26348adcdc3
s390x	rubygem-racc-1.7.3-3.module_el8.10.0+3894+6d587c81.s390x.rpm	0f977cf5d7fb1759e7230e4f5cb8801f0d8c2b65008cc3fba7f3a3e8f21eb832
s390x	rubygem-psych-5.1.2-3.module_el8.10.0+3894+6d587c81.s390x.rpm	4526a24f5f0607f1602f2ab658386fcc6071bb746de6bec3fe6c055cda2dd657
s390x	ruby-3.3.5-3.module_el8.10.0+3894+6d587c81.s390x.rpm	5afac1c527269977f3b813e5eddd9b4c8df5ab61bc4852bf7df1ddf2d854c0b4
s390x	rubygem-json-2.7.1-3.module_el8.10.0+3894+6d587c81.s390x.rpm	5bce1a32933da04f2998d11324b26d4f6e0861edda71d531d47b2fae7dbf8585
s390x	rubygem-io-console-0.7.1-3.module_el8.10.0+3894+6d587c81.s390x.rpm	900b67557ec674ca006149ddc69cc91f006a3fbeeb25e288f042124833d9bfe6
s390x	ruby-libs-3.3.5-3.module_el8.10.0+3894+6d587c81.s390x.rpm	9d2b6859f837e20be15804d91a2e677e7d6b72ea84febac6d6e8f61f3b82dbc4
s390x	rubygem-rbs-3.4.0-3.module_el8.10.0+3894+6d587c81.s390x.rpm	a4f78d348ccc95dddc96495b9df9c7402998cf29a219eb0fb9bffda7c9f66687
s390x	rubygem-pg-1.5.4-1.module_el8.10.0+3799+191214cc.s390x.rpm	b17f6e9ce3697902b5d1a0a00f804510913440b751583002e5226f0f1bafcfad
s390x	ruby-bundled-gems-3.3.5-3.module_el8.10.0+3894+6d587c81.s390x.rpm	b7a6c55831a17f20bfd5d71e93032e77eb50ac13d40f4668510062e967cf6301
s390x	rubygem-bigdecimal-3.1.5-3.module_el8.10.0+3894+6d587c81.s390x.rpm	c33630da655270ea1978caa62b694d49131b8a623eb7acd7c5ca6a45dabe4bb6
s390x	ruby-devel-3.3.5-3.module_el8.10.0+3894+6d587c81.s390x.rpm	dda66e50402eabc0fe16a2f202e4c48f91e51d49b9ed71c8304dcaecd26cc202
x86_64	rubygem-bigdecimal-3.1.5-3.module_el8.10.0+3894+6d587c81.x86_64.rpm	08bad8cd8fe2aef51d8ce7585ddb62534c318945faaa0d48e8c13223c6a263f0
x86_64	ruby-devel-3.3.5-3.module_el8.10.0+3894+6d587c81.x86_64.rpm	122a333aaab2eb7f98c056ffa0b90927bc7218b96184f9003fa5e612e668d63b
x86_64	rubygem-io-console-0.7.1-3.module_el8.10.0+3894+6d587c81.x86_64.rpm	1d89068cad37bafd05cdbd10ceb8804416f38a041691f0f07dbfe7df6e20da87
x86_64	ruby-3.3.5-3.module_el8.10.0+3894+6d587c81.x86_64.rpm	1edb7da57f1fd8158b6f0fd4ffad1dc3ec619c4ceef84a644844ec460c894905
x86_64	rubygem-psych-5.1.2-3.module_el8.10.0+3894+6d587c81.x86_64.rpm	3c7d637167776bfe91d8128fe0dafd2490952174d8c16e31dab8e6a8b0fef9ed
x86_64	rubygem-pg-1.5.4-1.module_el8.10.0+3799+191214cc.x86_64.rpm	7ddeaee161c1a35868f10426b7a3549b322294671d17a3ec3157dc7da950a7eb
x86_64	rubygem-json-2.7.1-3.module_el8.10.0+3894+6d587c81.x86_64.rpm	8841625f6f216e3f78857dd78e7bf2e16fc4eeb989609ca9ce3dafa18445c46d
x86_64	rubygem-rbs-3.4.0-3.module_el8.10.0+3894+6d587c81.x86_64.rpm	8ab4c4050bdd0692d0ff79027ce69ea068002535d360e5bd7166cf673f7878c8
x86_64	ruby-bundled-gems-3.3.5-3.module_el8.10.0+3894+6d587c81.x86_64.rpm	c18454561b9387b4691762da2aef9841096548a803d0143a89730e60fb9ab729
x86_64	rubygem-racc-1.7.3-3.module_el8.10.0+3894+6d587c81.x86_64.rpm	dd9add00fd95f03229928c7dccaba37e7e91a6d98c48bb3a00f50a3629fdf6c3
x86_64	rubygem-mysql2-0.5.5-1.module_el8.10.0+3799+191214cc.x86_64.rpm	e70746488c18387708051b0110e5ffbf3579eecd588680bad936e954bfbd2400
x86_64	ruby-libs-3.3.5-3.module_el8.10.0+3894+6d587c81.x86_64.rpm	fdbc7811088176c4c6ab28e51f682cc361f057f62879c463f6da82ae5e4d5ca5

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.