ALSA-2025:7539

[ALSA-2025:7539] Moderate: ruby:2.5 security update

Type:

security

Severity:

moderate

Release date:

2025-07-02

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.  

Security Fix(es):  

  * oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read (CVE-2019-19012)
  * rubygem-bundler: unexpected code execution in Gemfiles (CVE-2021-43809)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	rubygem-openssl-2.1.2-114.module_el8.10.0+3991+5e651d4e.aarch64.rpm	41da068b76f20e9110170763e9e36bc9441a796f96f45b910ec6c3579516ec8c
aarch64	ruby-2.5.9-114.module_el8.10.0+3991+5e651d4e.aarch64.rpm	4ddefbe16a81e232a49a8f7ed1d844771bf7229987fb2bfafde92c5edc05d419
aarch64	Packages/rubygem-bson-4.3.0-2.module_el8.5.0+2625+ec418553.aarch64.rpm	5974fa8497b83d1a4df2acf3d75301aa07fad828a823aec6a400436f617dc58f
aarch64	rubygem-bigdecimal-1.3.4-114.module_el8.10.0+3991+5e651d4e.aarch64.rpm	6901d43d164ac101ac07061e8473321f8c6b5e0198d6c3cd04e948a07a61e9a7
aarch64	ruby-libs-2.5.9-114.module_el8.10.0+3991+5e651d4e.aarch64.rpm	8f55aa3158e8484787a7b50a1fa748527940ff6b0792bab0b2bc66dee33f4b63
aarch64	ruby-devel-2.5.9-114.module_el8.10.0+3991+5e651d4e.aarch64.rpm	ab4174ff50c6fd0513ee282289cc8b872f39cf8d1888cc837ffbf4702976f576
aarch64	rubygem-pg-1.0.0-3.module_el8.9.0+3635+c6f99506.aarch64.rpm	b444bcde35de2998bb5f8c4db140a04c11f16f94d2252d37869a1f093dc5dd57
aarch64	rubygem-json-2.1.0-114.module_el8.10.0+3991+5e651d4e.aarch64.rpm	cec7d8ce12c2320e3273286444cbf66fd9a313a65cda3f884abd3fe9c6192e9b
aarch64	Packages/rubygem-mysql2-0.4.10-4.module_el8.5.0+2625+ec418553.aarch64.rpm	df9c22479a5fbb8f2897203f63a3e4427a4fe59460d7e9ed5fe686519e1e51c8
aarch64	rubygem-psych-3.0.2-114.module_el8.10.0+3991+5e651d4e.aarch64.rpm	e633e2fd762cf169eaf2c290912078be674e97d9c3a0ceda08afb804aa64b1d1
aarch64	rubygem-io-console-0.4.6-114.module_el8.10.0+3991+5e651d4e.aarch64.rpm	fcd228cd1b509285ef35eb0e70fc50dbb5cd9e5ac0f366e93b899d446be7bdc6
i686	ruby-2.5.9-114.module_el8.10.0+3991+5e651d4e.i686.rpm	3cce86958952c0745794d5b945d8e50d3d8f54b4f62b2e26575af292786a6fad
i686	rubygem-bigdecimal-1.3.4-114.module_el8.10.0+3991+5e651d4e.i686.rpm	4d86fb74db1ee86dd7baa594791d1c0b04591449f72bbb8c32d6f4b1a8442d42
i686	ruby-devel-2.5.9-114.module_el8.10.0+3991+5e651d4e.i686.rpm	8a470958261dd343b30e5acdca05c3f2efbd996def9c122d407d576c7e1a285e
i686	rubygem-json-2.1.0-114.module_el8.10.0+3991+5e651d4e.i686.rpm	b460981dce33a03e935fbb7ccadc0e41bff685256982d3049d9faffc8fc46b58
i686	rubygem-openssl-2.1.2-114.module_el8.10.0+3991+5e651d4e.i686.rpm	c40b765bb7e20a861b7b3bafa9fb20719aabb171957a566b212b2503e162a610
i686	ruby-libs-2.5.9-114.module_el8.10.0+3991+5e651d4e.i686.rpm	d6261ec2ce286690ad3bdcc93824b999b185699641977b312be70623c2e7bc12
i686	rubygem-psych-3.0.2-114.module_el8.10.0+3991+5e651d4e.i686.rpm	db88592ef73ecfcf8fa30d357917eed2a678192fdcfd6c570a4e541a1eb28a44
i686	rubygem-io-console-0.4.6-114.module_el8.10.0+3991+5e651d4e.i686.rpm	fac94b746d6c6d74efa085363b9c2e9cb9c96a3ba777e944f87b4a4ee36ae0e6
noarch	rubygems-2.7.6.3-114.module_el8.10.0+3991+5e651d4e.noarch.rpm	0471b8ec50fbda5fb067c8624ded4dd3b48c84f995193f9ea36d8ca727f1b201
noarch	rubygem-bundler-1.16.1-5.module_el8.10.0+3991+5e651d4e.noarch.rpm	20c5d77a7746caeb6cca2cb1e23267c50fd2cbc14d3869ca824e55b3a36aa3b7
noarch	rubygem-abrt-doc-0.3.0-4.module_el8.10.0+3871+342e2c2f.noarch.rpm	23f4e5352303fbe382eb4c6194887ff9e2dad8797516dd85ae0efd8eff375c61
noarch	Packages/rubygem-abrt-0.3.0-4.module_el8.5.0+2625+ec418553.noarch.rpm	251a37b9981b1ac6685904e0475b4cd0ae97be504b69cbc002896057cff48bbe
noarch	rubygem-rdoc-6.0.1.1-114.module_el8.10.0+3991+5e651d4e.noarch.rpm	316dd9f2ed4a859d410be364273c324d19ec565038e69f155dac281505e75fb8
noarch	rubygem-rake-12.3.3-114.module_el8.10.0+3991+5e651d4e.noarch.rpm	59e146e59913fdc22d1ad3c26eeb5944aec46619a042271b41303519809202e6
noarch	rubygem-did_you_mean-1.2.0-114.module_el8.10.0+3991+5e651d4e.noarch.rpm	708a70c739228903f9ac703b56670d10094d5acaab51cec661038e1ec0fc9d30
noarch	rubygem-minitest-5.10.3-114.module_el8.10.0+3991+5e651d4e.noarch.rpm	78002dd4d3e6658a9fb634a0b624bfd23187751cab80a13b66b5206f9555aade
noarch	Packages/rubygem-bson-doc-4.3.0-2.module_el8.5.0+2625+ec418553.noarch.rpm	820dee686065f0a35fb15e687d8595cfc665da43dc8ca2196c9e11fd568f8fb6
noarch	rubygem-pg-doc-1.0.0-3.module_el8.9.0+3635+c6f99506.noarch.rpm	8d04b2fdb59f2b51995d4fc57a412831e5d4d1c9d80fea1bcd0a7f5beaa55ab7
noarch	ruby-irb-2.5.9-114.module_el8.10.0+3991+5e651d4e.noarch.rpm	8e6406cc50a2384f4b3691dd3588e70f017871dcea27a77c8342ad5568821999
noarch	rubygem-test-unit-3.2.7-114.module_el8.10.0+3991+5e651d4e.noarch.rpm	9063cc6f2ce9494474d6ea7ab13d44a13fa1301227fdb2134c2833b380644eb9
noarch	Packages/rubygem-mysql2-doc-0.4.10-4.module_el8.5.0+2625+ec418553.noarch.rpm	a5c437b38dfc84a5e1abd920fbb284c8c83eee2636c46db7be65dabe7580a319
noarch	ruby-doc-2.5.9-114.module_el8.10.0+3991+5e651d4e.noarch.rpm	aee49b23377f4c95823bb1de8c89ea303e214ced27b20cf9c3f57d35ad2eaacc
noarch	rubygem-xmlrpc-0.3.0-114.module_el8.10.0+3991+5e651d4e.noarch.rpm	b11a846b3b9a01a962c9d38aea91247d7186fcb8926dbe476820d24c41048dc2
noarch	rubygem-power_assert-1.1.1-114.module_el8.10.0+3991+5e651d4e.noarch.rpm	c1d95ceeff7631602dd9b4760b2601d1b88e2d45caedcf08eb6b5b68c835e9f6
noarch	Packages/rubygem-mongo-doc-2.5.1-2.module_el8.5.0+2625+ec418553.noarch.rpm	c506b397bd566dcb4d539202156f734660a33a62d3a515a6a1cd6b116e8f1608
noarch	rubygems-devel-2.7.6.3-114.module_el8.10.0+3991+5e651d4e.noarch.rpm	c845e7a9fbc50fade1fa67ee7149c9df83ab51f7c95c48155315c27b860a6e64
noarch	rubygem-bundler-doc-1.16.1-5.module_el8.10.0+3991+5e651d4e.noarch.rpm	e0ac470177072cfa2230683fb44f531a60cabc9ecb486c5b00708f70a84ffc34
noarch	rubygem-net-telnet-0.1.1-114.module_el8.10.0+3991+5e651d4e.noarch.rpm	ebac3ac54d936a44ccd3a24c1c34bcd3f538c7651dd33d2ec4e88b243c127403
noarch	Packages/rubygem-mongo-2.5.1-2.module_el8.5.0+2625+ec418553.noarch.rpm	fd8a90dea5a7c07c95bf2e7ac7337dba4ebe6a1ce35899e2b8c46c6d51b0bbc3
ppc64le	rubygem-pg-1.0.0-3.module_el8.9.0+3635+c6f99506.ppc64le.rpm	06e82db6ec9a6ca9bca4ebf7a23a9c663e72ddf511353b31aa5cb72b797b9620
ppc64le	rubygem-io-console-0.4.6-114.module_el8.10.0+3991+5e651d4e.ppc64le.rpm	287cacf4d74f5028ef3bccff76042a7408736f0b2568b680219ecec11b4edb55
ppc64le	ruby-devel-2.5.9-114.module_el8.10.0+3991+5e651d4e.ppc64le.rpm	4515693a3f6f932fed21098977bbff3a780c9fbbed4840f32061e41e68f9d7f3
ppc64le	rubygem-json-2.1.0-114.module_el8.10.0+3991+5e651d4e.ppc64le.rpm	532504f8c32146f872a37aa0b908d6b56f2204c35b42712d5be462caf0f5d762
ppc64le	ruby-2.5.9-114.module_el8.10.0+3991+5e651d4e.ppc64le.rpm	6cb32041232f370689368ac50ddea92545bcd6e97fa8f69f3de46b4ca4741311
ppc64le	rubygem-bigdecimal-1.3.4-114.module_el8.10.0+3991+5e651d4e.ppc64le.rpm	85731abe50e555ad3f1bb60ae1a1b5e482ed46692f504e284b81975b4b2db3cb
ppc64le	rubygem-bson-4.3.0-2.module_el8.5.0+259+8cec6917.ppc64le.rpm	a5e4457e2736c2e55169c63d83c1c69429c57c426851036811976c1ccafb28af
ppc64le	rubygem-mysql2-0.4.10-4.module_el8.5.0+259+8cec6917.ppc64le.rpm	aa75a18f3d930eff9a18793d83ef37e5a4ee20d38020be57b8ce69c175f1eac8
ppc64le	rubygem-psych-3.0.2-114.module_el8.10.0+3991+5e651d4e.ppc64le.rpm	b5e88a9fddf2f96a8e06c7a4a2fb27cbc4353e0304800f23f612fede895d07da
ppc64le	rubygem-openssl-2.1.2-114.module_el8.10.0+3991+5e651d4e.ppc64le.rpm	bfc897896accbdb47eb19ac50229959873e968fd96e94e12cd3ee1e832d52092
ppc64le	ruby-libs-2.5.9-114.module_el8.10.0+3991+5e651d4e.ppc64le.rpm	ddb9fd3af6ac37aaaff32644849c5c88685ab7d1543fb445df1661b5542e130a
s390x	ruby-libs-2.5.9-114.module_el8.10.0+3991+5e651d4e.s390x.rpm	2fc5983c2164be0056a75e00ccf8c72879a4eb9732c2d79d0bfe538dc22f7aa4
s390x	rubygem-io-console-0.4.6-114.module_el8.10.0+3991+5e651d4e.s390x.rpm	4b830015c1ce1432bd38d232b479570df73bd1d781449b64dc473434d5b922c2
s390x	rubygem-bson-4.3.0-2.module_el8.6.0+3170+4b08f9d4.s390x.rpm	871397eff83a497bf29db2e02e81837d1648c1813afa6030e2bab44d3f0db282
s390x	ruby-2.5.9-114.module_el8.10.0+3991+5e651d4e.s390x.rpm	9fe200b14be40d47787da7212fa87b52cd1f904726f6e56f1eddcdf93f072cf5
s390x	ruby-devel-2.5.9-114.module_el8.10.0+3991+5e651d4e.s390x.rpm	a2ba6282b6f4c2a4c63b2e7378776be6b2ad3d2d49922a9ef4f8c1d9b0da1f6b
s390x	rubygem-psych-3.0.2-114.module_el8.10.0+3991+5e651d4e.s390x.rpm	bc6e1485e76ef333429469012490eca540e7cb293f8bd939128fc11526583f93
s390x	rubygem-pg-1.0.0-3.module_el8.9.0+3635+c6f99506.s390x.rpm	d52a51f8cfdbeb3099ce92946748481f426b77c9da23f77737fe3d4fcd1b245c
s390x	rubygem-json-2.1.0-114.module_el8.10.0+3991+5e651d4e.s390x.rpm	d78bdf0b7aa7c45d3de5cd62b58e818b573c8d84a20c65ef962cc1c407da38ff
s390x	rubygem-openssl-2.1.2-114.module_el8.10.0+3991+5e651d4e.s390x.rpm	de0ffced594a172132b99578b7cf4a0c6886470357038c1bb6e05e643f6e7aec
s390x	rubygem-mysql2-0.4.10-4.module_el8.6.0+3170+4b08f9d4.s390x.rpm	e8ee63b6046ba22292c8ac7eb85440ace9fe11b17fef5bf5f590b754f4c7aadb
s390x	rubygem-bigdecimal-1.3.4-114.module_el8.10.0+3991+5e651d4e.s390x.rpm	fcbe5d8815605125cfaa3ef6bb05a6216ad85d802e2ca534fd4fd7fba61149ba
x86_64	rubygem-openssl-2.1.2-114.module_el8.10.0+3991+5e651d4e.x86_64.rpm	00b8573d3f365a4aa3f0d2ac12bd7a381de0a187b9f676fa707aa02c3c7d113e
x86_64	ruby-2.5.9-114.module_el8.10.0+3991+5e651d4e.x86_64.rpm	0fe8029c61563d928f36ce02cd80d52c517f6d3ee7545ea67106140369364bb6
x86_64	rubygem-psych-3.0.2-114.module_el8.10.0+3991+5e651d4e.x86_64.rpm	3f258813a563362a3ef5d0ba5492e93953e9657035cf8c62c04b0feef53cd4e8
x86_64	rubygem-bigdecimal-1.3.4-114.module_el8.10.0+3991+5e651d4e.x86_64.rpm	61fd36d9f676fe0f0ed31c71ea7706136251561038b6803e1380f1d34008e4bc
x86_64	rubygem-io-console-0.4.6-114.module_el8.10.0+3991+5e651d4e.x86_64.rpm	63ba5db157ca7294881aae1fbfc81cee77231aabe43d3ddb07459da2a5e9f95f
x86_64	Packages/rubygem-bson-4.3.0-2.module_el8.5.0+2625+ec418553.x86_64.rpm	701b12df65f3a6b04c5a716c2d13fa048539842fff558d5ca2a5517735c0ad17
x86_64	Packages/rubygem-mysql2-0.4.10-4.module_el8.5.0+2625+ec418553.x86_64.rpm	b2ebe847eeadbc351ac9bd080addfc65a5c7d8181cd5b6178b37febc62237648
x86_64	rubygem-json-2.1.0-114.module_el8.10.0+3991+5e651d4e.x86_64.rpm	b6a0a1a8d1a83619f0b7296e9dc6a9f9966393e0c8da21f3eda19236234bdf52
x86_64	ruby-devel-2.5.9-114.module_el8.10.0+3991+5e651d4e.x86_64.rpm	bb12c67a9b8e945fde91793c87633530e6dbb6c1907cd37fcb25d5d92f58d7a7
x86_64	ruby-libs-2.5.9-114.module_el8.10.0+3991+5e651d4e.x86_64.rpm	c99e0f4f8c886ade7202143d899e5faeced3b60323ca6eb2401c98cdf411ab5e
x86_64	rubygem-pg-1.0.0-3.module_el8.9.0+3635+c6f99506.x86_64.rpm	cffd2e1de04ca4f1dd8b5d1c891d63d2fbc06355bd26ad5daa9e9cc8dd33fdd2

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.