ALSA-2025:4063

[ALSA-2025:4063] Moderate: ruby:3.1 security update

Type:

security

Severity:

moderate

Release date:

2026-04-09

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.  

Security Fix(es):  

  * rexml: DoS vulnerability in REXML (CVE-2024-39908)
  * rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]> (CVE-2024-41123)
  * rexml: DoS vulnerability in REXML (CVE-2024-41946)
  * rexml: DoS vulnerability in REXML (CVE-2024-43398)
  * CGI: ReDoS in CGI::Util#escapeElement (CVE-2025-27220)
  * CGI: Denial of Service in CGI::Cookie.parse (CVE-2025-27219)
  * uri: userinfo leakage in URI#join, URI#merge and URI#+ (CVE-2025-27221)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	rubygem-rbs-2.7.0-145.module_el8.10.0+3984+cf55e3df.aarch64.rpm	058d08ec52500b937be8bba32c6b20fcbf2d29d14ad3f15aaaa7eef4341b9a06
aarch64	rubygem-bigdecimal-3.1.1-145.module_el8.10.0+3984+cf55e3df.aarch64.rpm	1a12281f3d70a6a4dd4932631ce042ae53f40e2e33f1430c9ffb2493ce6759b1
aarch64	rubygem-pg-1.3.2-1.module_el8.10.0+3854+02eaa59a.aarch64.rpm	2593721dea8458a1111622c79dc41ef5f676f1846a4133a2bebbf740725dd02c
aarch64	ruby-3.1.7-145.module_el8.10.0+3984+cf55e3df.aarch64.rpm	5f393c280158dd0aeff26534fa56ff9c8f5e12be999fc71377a25dd9c5376826
aarch64	rubygem-psych-4.0.4-145.module_el8.10.0+3984+cf55e3df.aarch64.rpm	6b47dc995be9e251bddd07ca9d9b2213eb07a61ccd26f5b3d19d5a8e5d2468d0
aarch64	ruby-devel-3.1.7-145.module_el8.10.0+3984+cf55e3df.aarch64.rpm	8167105f5878065edf64efa153dc765cf7bff206dfbace3932547ce583340380
aarch64	ruby-libs-3.1.7-145.module_el8.10.0+3984+cf55e3df.aarch64.rpm	86755aa0216a908bd5c655c5e3e85175ed4d07fe48a7aca664ee58e20eb6bc0b
aarch64	rubygem-io-console-0.5.11-145.module_el8.10.0+3984+cf55e3df.aarch64.rpm	98f9885c6c06eff0ceb25d5951864808e12a7b63273bca220c777801e38c48fe
aarch64	ruby-bundled-gems-3.1.7-145.module_el8.10.0+3984+cf55e3df.aarch64.rpm	9e84a3c02dd9bd54dd9402627badef6e71e858dad0d6a6769c4a381589ac5537
aarch64	rubygem-json-2.6.1-145.module_el8.10.0+3984+cf55e3df.aarch64.rpm	9ef4c2102e16482a46222efc659f6135db7cc23ade8ba4f02b481f51e8e4181d
aarch64	rubygem-mysql2-0.5.3-3.module_el8.9.0+3746+91b8233a.aarch64.rpm	dbfe520cef4d3f4713a6f0ab2270b312765511985de21a1588bed57703484068
i686	ruby-bundled-gems-3.1.7-145.module_el8.10.0+3984+cf55e3df.i686.rpm	12988e747f5bf0fdfa474e87178c1b600c9bc406d67535c99e089b258081632d
i686	rubygem-psych-4.0.4-145.module_el8.10.0+3984+cf55e3df.i686.rpm	22e24f7f9202540112914791acf4a9846c793000e1af4e4f02cb949ed2470b77
i686	ruby-3.1.7-145.module_el8.10.0+3984+cf55e3df.i686.rpm	3d12f272b3bfe9f7da9c4e1f0d081503e8c6240d05db5f07fd5776746540c4bb
i686	ruby-devel-3.1.7-145.module_el8.10.0+3984+cf55e3df.i686.rpm	5c780e8d342c7ff98ab72b45c6512fad38d7895070b070c90ec58074edf40c64
i686	rubygem-io-console-0.5.11-145.module_el8.10.0+3984+cf55e3df.i686.rpm	5fac3650909e3b0f27b5daf1e57567f62ab3f1989a330398a18764b788bc0fd9
i686	rubygem-bigdecimal-3.1.1-145.module_el8.10.0+3984+cf55e3df.i686.rpm	a689a5f8ebe76b08d490647a5d33d0f70b4829dfb0ab7b5c94096e580aeec947
i686	rubygem-rbs-2.7.0-145.module_el8.10.0+3984+cf55e3df.i686.rpm	f1b2d89dc5a552b8e24532ba31ef2b8347cb6f9673a49579f1e4c68f27a4eb46
i686	rubygem-json-2.6.1-145.module_el8.10.0+3984+cf55e3df.i686.rpm	f2f40e85bf942c11aae1cc499f8a8a0c5895252bd2f5a7575f3643b577d72f91
i686	ruby-libs-3.1.7-145.module_el8.10.0+3984+cf55e3df.i686.rpm	ff87d9522462f3add4b3bfe500ecfe6325bdd52564d70dc9581a247b5711c52c
noarch	rubygem-irb-1.4.1-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	03f28a1c3d18aceee3254b119361a962ef17db433a205e906a8bacd8b37099e2
noarch	rubygem-rake-13.0.6-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	20c7a06ee9ff4a7be3d43f1266aae539e0b8b7dea5a4c93d813ad1ab0847b6ac
noarch	rubygem-typeprof-0.21.3-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	2b18e3716f88d332aaf5a3aa06710a1449b91d29c96f30e8a8fd62c1b3d0abe2
noarch	ruby-doc-3.1.7-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	4841c0ade983124f2e673e794a4e288e81003cd1fc3fef2f97e090a445d9a5b1
noarch	ruby-default-gems-3.1.7-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	4abf0f577b835534e760685b68272ac968365d0e615b51370573849d85e1254a
noarch	rubygem-abrt-doc-0.4.0-1.module_el8.10.0+3854+02eaa59a.noarch.rpm	51fb9e1db49f53a9a9507993d89a3924fadb61f32ff3fb4d3765a4093eea2435
noarch	rubygem-rss-0.3.1-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	530cd5c49cb543f3dbcd11a00f21b69a3e1b26a42060653f6af300816b3421c5
noarch	rubygem-power_assert-2.0.1-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	804b2e5350c6bc38f8b2f73ee50415f51f9bbd35f927c0e6ae1d2030844db75a
noarch	rubygem-rdoc-6.4.1.1-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	9a33da8915705e1a2c64ac06052ff5c595b900c1af3c23534944f7c15cbbab25
noarch	rubygem-mysql2-doc-0.5.3-3.module_el8.10.0+3854+02eaa59a.noarch.rpm	9a559958e8544dd441357fa02b6cdcd78d7e7a0f3ca974ec06e48fee212ea6fe
noarch	rubygem-bundler-2.3.27-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	9f8814a6071868d91ec424f115ef3526977423430dbfa8d6646dc0aaf10985fe
noarch	rubygem-abrt-0.4.0-1.module_el8.9.0+3746+91b8233a.noarch.rpm	a4de616c47a50c4a54611ff12499a00e395fcdf6e3c2ce813e27b0f581ed2c12
noarch	rubygems-devel-3.3.27-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	b18535d8859309971dfbc7d953d1f3bb56e0ef07757cf8dfe86a120d846f22d3
noarch	rubygem-rexml-3.3.9-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	bf44968a05b4577a6f3e33e0f567c8aec802eb5a7da692b7504ca00b7ed34b6d
noarch	rubygems-3.3.27-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	c4bd3ec293d4d7603f89db48d313dd1b76d40d050bd52bc8fd0805090c50728d
noarch	rubygem-pg-doc-1.3.2-1.module_el8.10.0+3854+02eaa59a.noarch.rpm	d13a747c9bad6a38fe3eff562dd991a0e0eda5c5de73c4e97cbea7b986dedf0f
noarch	rubygem-test-unit-3.5.3-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	f1a6a955b4eebcde50066b0d659fe83eb92138c9e94b72e832ee89c4986dfa56
noarch	rubygem-minitest-5.15.0-145.module_el8.10.0+3984+cf55e3df.noarch.rpm	fc2ccd60e25edaae847027dd6fdaab30ecec761b40fa4ebbb862d2470e4f94e0
ppc64le	ruby-bundled-gems-3.1.7-145.module_el8.10.0+3984+cf55e3df.ppc64le.rpm	0dccbb2763547488cf95e6f30115d37193a5c1031c3b96b42e2c85cd7185d51c
ppc64le	rubygem-mysql2-0.5.3-3.module_el8.10.0+3854+02eaa59a.ppc64le.rpm	654d18593290cbbff47aaa6788a207030f106cae361b96c720b7a2a21d68cef2
ppc64le	rubygem-rbs-2.7.0-145.module_el8.10.0+3984+cf55e3df.ppc64le.rpm	724bb1197fcab4d4954921fc902dd413860398d3bde8bfc7fe6e227504ad3994
ppc64le	ruby-devel-3.1.7-145.module_el8.10.0+3984+cf55e3df.ppc64le.rpm	8bd012bed908b3aba9eb26b7c6273459604e9ce670780cd6eac5adc2806c14d7
ppc64le	ruby-3.1.7-145.module_el8.10.0+3984+cf55e3df.ppc64le.rpm	8fa040a9d6bef1e7a948b93fe7cd215cb09531c4fef4087c68fe19a633798289
ppc64le	ruby-libs-3.1.7-145.module_el8.10.0+3984+cf55e3df.ppc64le.rpm	a4bb074c6e4569280e410d4b43ad65398181dfdb15b2b6e41e507e60cefb4a11
ppc64le	rubygem-json-2.6.1-145.module_el8.10.0+3984+cf55e3df.ppc64le.rpm	b10842c8b2c97fb0ee9e6fe87b9a0c5a26e8e4c7ca39272fe0d4105449678dc3
ppc64le	rubygem-io-console-0.5.11-145.module_el8.10.0+3984+cf55e3df.ppc64le.rpm	d70e2cbcd3ac261fa45d2f25352b9a0b82573fcaeb3937d9ec304c0db8cbb078
ppc64le	rubygem-pg-1.3.2-1.module_el8.9.0+3746+91b8233a.ppc64le.rpm	dcc23bde6716f522172fee879a8e9e6fec13d37db6ee3856c03c8224d1cfbc45
ppc64le	rubygem-psych-4.0.4-145.module_el8.10.0+3984+cf55e3df.ppc64le.rpm	e01b5b16a21809a52fc24aa89dbdfa052af4ddce83c5eeed9fbd920a260e2b45
ppc64le	rubygem-bigdecimal-3.1.1-145.module_el8.10.0+3984+cf55e3df.ppc64le.rpm	f2144803979672cfbefb05e4186ecfa7c02741de344056f89202f74bbaa0d855
s390x	ruby-libs-3.1.7-145.module_el8.10.0+3984+cf55e3df.s390x.rpm	1734f19116a55b79fcdbcff7a613275c3dff057f54798a9272cbc9edaae8fad8
s390x	ruby-3.1.7-145.module_el8.10.0+3984+cf55e3df.s390x.rpm	27b56ae179f0cdfc028b5f26ebaa3a744231a1a95ab6c91990e95aa689f17318
s390x	rubygem-psych-4.0.4-145.module_el8.10.0+3984+cf55e3df.s390x.rpm	2b138136a9837d759d80434cc7fff9d154711cf7944bf3453616d1c2eaeb991a
s390x	rubygem-io-console-0.5.11-145.module_el8.10.0+3984+cf55e3df.s390x.rpm	3b999dcceffc818279e005eb761cf461b3fa66b355decf5c587081468385078e
s390x	ruby-devel-3.1.7-145.module_el8.10.0+3984+cf55e3df.s390x.rpm	65259ccca31da695cdbe34c660922ca571e56c532d793e9948d34c23dac49d0a
s390x	ruby-bundled-gems-3.1.7-145.module_el8.10.0+3984+cf55e3df.s390x.rpm	7673861297994e04e9ac4b7127543048b02292dfed8b74526d490efddc07b187
s390x	rubygem-mysql2-0.5.3-3.module_el8.10.0+3854+02eaa59a.s390x.rpm	8b3ec08fb578c281d6c13715415ba10cabc35448b2683f96ac5c50844b709577
s390x	rubygem-json-2.6.1-145.module_el8.10.0+3984+cf55e3df.s390x.rpm	9d3e54512f35003d7ce5cf7033f93255d81b896d978937cdf572258f13ba3f05
s390x	rubygem-bigdecimal-3.1.1-145.module_el8.10.0+3984+cf55e3df.s390x.rpm	a3963a79eea56d72af586fc813d627aa9806a0a3dfcc93a21e39a9d8c912e007
s390x	rubygem-rbs-2.7.0-145.module_el8.10.0+3984+cf55e3df.s390x.rpm	aaeedc9a3394214f3cb337f693de85ffb4e42e5d9870bd0ec743ff0f6b9e0dd4
s390x	rubygem-pg-1.3.2-1.module_el8.10.0+3854+02eaa59a.s390x.rpm	d1bff2f887c9e5e758e2d68ed0441446f82fd0d73e43546fa2579d106c92acd6
x86_64	rubygem-rbs-2.7.0-145.module_el8.10.0+3984+cf55e3df.x86_64.rpm	15180080e8f3d1f32f242352661730ebfb7d745da95f4ee474e4243976bcc0b2
x86_64	ruby-libs-3.1.7-145.module_el8.10.0+3984+cf55e3df.x86_64.rpm	1c32d8cb7d9dc2b92460ce55473d175d585195f321879cb5b3be1f76ae265aa5
x86_64	rubygem-psych-4.0.4-145.module_el8.10.0+3984+cf55e3df.x86_64.rpm	1f6a0aa12a318450342d4727a58cf343cda3a89528d0607e1c5390d8a7f266b0
x86_64	ruby-3.1.7-145.module_el8.10.0+3984+cf55e3df.x86_64.rpm	294b86caf898bf82b1bbd536627d66e6215ff788d454a7da3809c0dc316f023e
x86_64	rubygem-bigdecimal-3.1.1-145.module_el8.10.0+3984+cf55e3df.x86_64.rpm	42fc1d342ec107b27c0e4b54bf7659e43dcba4ddf10c22bcdc60070024653c0f
x86_64	rubygem-json-2.6.1-145.module_el8.10.0+3984+cf55e3df.x86_64.rpm	641e630fdf18c88795ded1800e9a7e661503f622b1d2bd78be1488918d969e4e
x86_64	rubygem-io-console-0.5.11-145.module_el8.10.0+3984+cf55e3df.x86_64.rpm	70a0e16521b5a3f6353b3de08690d0a70aa0facf80682b604c28a78838e0d293
x86_64	rubygem-pg-1.3.2-1.module_el8.9.0+3746+91b8233a.x86_64.rpm	8a1549c324cd877489cfcc365ffb0c4fb94f7bd2e9f3057b68daa979604ffd9c
x86_64	ruby-devel-3.1.7-145.module_el8.10.0+3984+cf55e3df.x86_64.rpm	9213700471b0e443384dbbb60a46de2f7e72730e45d137e6594c761c6c6b5ddd
x86_64	ruby-bundled-gems-3.1.7-145.module_el8.10.0+3984+cf55e3df.x86_64.rpm	d1c4d97540555ab020bd59b03c75bca0432efdc67a69f055236de7b80e08a97b
x86_64	rubygem-mysql2-0.5.3-3.module_el8.9.0+3746+91b8233a.x86_64.rpm	fb225106392ed81612474aa8b87b065f733931e062efef5737a912fa9a953993

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.