ALSA-2022:6585

[ALSA-2022:6585] Moderate: ruby security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2023-03-13

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: ruby (3.0.4). (BZ#2109428)

Security Fix(es):

* Ruby: Double free in Regexp compilation (CVE-2022-28738)
* Ruby: Buffer overrun in String-to-Float conversion (CVE-2022-28739)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	rubygem-bigdecimal-3.0.0-160.el9_0.aarch64.rpm	1fa559dc68257ada261f1fd0e8bd3c844f31a979f4910e6b5aa11d2eab0b88b3
aarch64	rubygem-io-console-0.5.7-160.el9_0.aarch64.rpm	281d68c275fbb2a012aec1d500c2588d1532b40f2bacc684ed75a8c5de73f8e9
aarch64	ruby-libs-3.0.4-160.el9_0.aarch64.rpm	53f1924ee60714db3ee7f0883f3dba7b0a4b26bca0ee4ce205733bdf64cfc266
aarch64	ruby-devel-3.0.4-160.el9_0.aarch64.rpm	6608b670f397fba3bd987cd80ef5e0352722fc50df3d0430bce040dcf87093ce
aarch64	rubygem-psych-3.3.2-160.el9_0.aarch64.rpm	84378cf0d471f41b460e126b6a82bcd0bfd5e6993b23d628fd36ba8849bb1e7d
aarch64	ruby-3.0.4-160.el9_0.aarch64.rpm	ad147e1a796804767755a210e7d7ff9a56bc2284992d51be1dbbe11a98985a48
aarch64	rubygem-json-2.5.1-160.el9_0.aarch64.rpm	bd463741a750c119889be34acaaa64b2a307c287071778799e9ad498d5ad6b12
i686	ruby-libs-3.0.4-160.el9_0.i686.rpm	50f2e8fda32cb670ade83ab3e894d21286919b44766bacc284a1d1b12ed37ce3
i686	ruby-3.0.4-160.el9_0.i686.rpm	6fc27241dc2b85efa1af32c1f749bb3c148b322c5797c829f76367ae91f07c9a
i686	ruby-devel-3.0.4-160.el9_0.i686.rpm	f71e8769eb2acfefc8077cc64681e0a494990840a7c51aaf5191606162aa8d83
noarch	rubygem-typeprof-0.15.2-160.el9_0.noarch.rpm	0e4ebca19523f0dd89c46c21b776d45379ff1f7965dd423b1bcd5edd4c25760e
noarch	rubygems-devel-3.2.33-160.el9_0.noarch.rpm	47177d171a1e9ac58dbdbd0cfa2c2d7bfa1fbce55ee3ec6b92594bab516989d0
noarch	rubygem-rexml-3.2.5-160.el9_0.noarch.rpm	4f4959a3c7e6da46ba9d96fbdb71606c64279adf58d3a6a0911f9bfe09d6b645
noarch	rubygem-rss-0.2.9-160.el9_0.noarch.rpm	61a9cc11ee03f87dd24cf9437cd68a44069d279d19aec452a3cccc458dbdd4e5
noarch	rubygem-test-unit-3.3.7-160.el9_0.noarch.rpm	7024ae2f1fa78bc46be4bfe7431a70487ddc3cd7b2e14fd87b6cf84f73509b07
noarch	rubygem-power_assert-1.2.0-160.el9_0.noarch.rpm	8ff3ddf87d8dd8b83b9103045a0708901a7e8092d200ca2a16df15876cadf340
noarch	rubygems-3.2.33-160.el9_0.noarch.rpm	aafc90f5db348d735b316df9f67be318a979cbc3f5a86526803ec1434a9211dd
noarch	rubygem-rbs-1.4.0-160.el9_0.noarch.rpm	ad33ce0a8b6973ad3bbfba439352d266df2e1ad21de24ab67d133d3daa53c0c6
noarch	rubygem-irb-1.3.5-160.el9_0.noarch.rpm	ba2d4b5d69df5102d425754d33d39d9a3cad8fbdb4a0ea77bb8764b8abb6469d
noarch	ruby-doc-3.0.4-160.el9_0.noarch.rpm	c5aa94f05bb1afcbd2618a66cc942c7ed10a4ef69aae59317f0d3d7ee3173120
noarch	rubygem-bundler-2.2.33-160.el9_0.noarch.rpm	d08e0feb932a0abca51a465f64dc33e1846d40c17238985766802619c2f5c9c5
noarch	ruby-default-gems-3.0.4-160.el9_0.noarch.rpm	d6ff792d62fb767eafc17c3adb6ab2508483465114145d720cd973c80b4678a3
noarch	rubygem-rake-13.0.3-160.el9_0.noarch.rpm	dcf530d4f64670dd945be39f1740fe8b044ca91ad2b944e7da92ddf5ce441517
noarch	rubygem-minitest-5.14.2-160.el9_0.noarch.rpm	ddfbf5092d973b37876796cd4edaa28501cbc73352b513e5960bbe2823892814
noarch	rubygem-rdoc-6.3.3-160.el9_0.noarch.rpm	e091290bdfbdfde6d68e691c18dea88f4b765de5989f0abaa101678981fdd20b
ppc64le	rubygem-bigdecimal-3.0.0-160.el9_0.ppc64le.rpm	12dbdc0f92222163fd4a153ea660f1ffeefecb3d141869d212d8f3d7f535b683
ppc64le	rubygem-psych-3.3.2-160.el9_0.ppc64le.rpm	5a8b4ca71c7e8bcc2a62c81383f7000005447f30eb2812066d7059e34886b0e6
ppc64le	ruby-3.0.4-160.el9_0.ppc64le.rpm	5f030023047b2df4f4e67f5e8ae1bea58c4008c0504f53e265ef119746a814d5
ppc64le	rubygem-json-2.5.1-160.el9_0.ppc64le.rpm	8c5fecaaf41163c2007198982ee55cc26e7b5e5f98248d1d3ca8a02e9860b69d
ppc64le	rubygem-io-console-0.5.7-160.el9_0.ppc64le.rpm	cbc084a9018ba01cb34eaa0571d24457444ae06ba606744f590deb8180ad699c
ppc64le	ruby-devel-3.0.4-160.el9_0.ppc64le.rpm	d75c542b59f07dd7eaa235a2f31d48c32cc2df3ba7d3b1bbb219567b598562f6
ppc64le	ruby-libs-3.0.4-160.el9_0.ppc64le.rpm	ed4b09a395f557498c39d0d7af715acc3522cca1065dfea160663f082b6a23ef
s390x	rubygem-bigdecimal-3.0.0-160.el9_0.s390x.rpm	0e830553ff3a8120c2fe781a14e9764fb316b96ff32679b85327e91ae08463e3
s390x	ruby-devel-3.0.4-160.el9_0.s390x.rpm	199e39c49fa0e84c747d3b2f5b3b1928d8c31e5af866b206f48045808369e856
s390x	ruby-libs-3.0.4-160.el9_0.s390x.rpm	2904c108c6751e752e0f7f7d293fbee731c2a5dd512217277a29cd2415d0c496
s390x	rubygem-io-console-0.5.7-160.el9_0.s390x.rpm	4bdd33435032c2989bd03c2ab93b51444a3a0a90c49c37d0c172ee5d3f104964
s390x	rubygem-psych-3.3.2-160.el9_0.s390x.rpm	5779e832a7343fb377cbfca8fc45d891e1c67dc62602f7a3b2bc286623bb308c
s390x	rubygem-json-2.5.1-160.el9_0.s390x.rpm	8e2f3ec7c2baef29aa9c6901ad7f290e7d3aec1df570286124e7276cc9ae1057
s390x	ruby-3.0.4-160.el9_0.s390x.rpm	f1700bb8db49aab00553f3e737bc2b5bc06f57b07cefc5c9211caefb2f20ae0b
x86_64	ruby-libs-3.0.4-160.el9_0.x86_64.rpm	0a855cb8437b664960deec1d6f5be9ec95d6e6661f754a60b391700382a5ec6a
x86_64	ruby-devel-3.0.4-160.el9_0.x86_64.rpm	30a72b804c7d1f685fe6b4a942d1e147d59414aef4eda49498e9eae85d647c49
x86_64	rubygem-bigdecimal-3.0.0-160.el9_0.x86_64.rpm	67242c280ac3459ac26800d4ed975837eab87c5c9ba0cf408cd20d2b623a73c2
x86_64	rubygem-json-2.5.1-160.el9_0.x86_64.rpm	963d71c649dec454c85e42956a27e16d2b5d875003533484bb9fdeac42e0b63f
x86_64	rubygem-io-console-0.5.7-160.el9_0.x86_64.rpm	9e64e79bb3fef7bd97bf9f6edb82d5f36bccaa114f73bc8f1a621a53f3778a1d
x86_64	ruby-3.0.4-160.el9_0.x86_64.rpm	bd844b8b8913c1c5222bc70a6ddeae8e76f656ef50a8f6863a6882f67ba02680
x86_64	rubygem-psych-3.3.2-160.el9_0.x86_64.rpm	d399f79009f660b14470e99a7528fc0c42cf96e205152081bf68bcdc1ccbbc3b

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.