ALSA-2024:1576

[ALSA-2024:1576] Moderate: ruby:3.1 security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2024-04-02

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: ruby (3.1). (AlmaLinux-29052)

Security Fix(es):

* ruby/cgi-gem: HTTP response splitting in CGI (CVE-2021-33621)
* ruby: ReDoS vulnerability in URI (CVE-2023-28755)
* ruby: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755 (CVE-2023-36617)
* ruby: ReDoS vulnerability in Time (CVE-2023-28756)

Bug Fix(es):

* ruby/rubygem-irb: IRB has hard dependency on rubygem-rdoc (AlmaLinux-29048)
* ruby: Ruby cannot read private key in FIPS mode on AlmaLinux 9 (AlmaLinux-12437)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	rubygem-json-2.6.1-143.module_el9.3.0+60+5ebc989a.aarch64.rpm	097a19c61c75a40a42a91a99e186745b2b73273f809e4a057797bb4543e43401
aarch64	rubygem-bigdecimal-3.1.1-143.module_el9.3.0+60+5ebc989a.aarch64.rpm	106c942dc950016628ab1fa78ac6d266116336c29bbcc5f9ce3c50aca6c9e43a
aarch64	rubygem-mysql2-0.5.4-1.module_el9.1.0+8+503f6fbd.aarch64.rpm	4c5252460fea72ded437082819e93b994f278167601c79044ace259273f5c4d0
aarch64	ruby-bundled-gems-3.1.4-143.module_el9.3.0+60+5ebc989a.aarch64.rpm	4ed3523bc073e95e5e34d82db281ce3e0acd61d5bf465a811beaf98fe561aa07
aarch64	rubygem-psych-4.0.4-143.module_el9.3.0+60+5ebc989a.aarch64.rpm	5525210de5aa61cafbd14bb600d256b43205d1f61c03eff66673740dc3608e2b
aarch64	rubygem-rbs-2.7.0-143.module_el9.3.0+60+5ebc989a.aarch64.rpm	57df3e3dc18c27db43ec21b57ac9ebf4ad6f70b6cbb20c517b38a16df9115115
aarch64	rubygem-io-console-0.5.11-143.module_el9.3.0+60+5ebc989a.aarch64.rpm	6ca7a1f3f6c40a639b6fdc0555ce4cf96b19fff18da93503704aa9a44e7e4007
aarch64	ruby-libs-3.1.4-143.module_el9.3.0+60+5ebc989a.aarch64.rpm	88adc9540ff39a1a0835b91ea4a37a52aa80f804ca621473e1860de82f8f7468
aarch64	ruby-3.1.4-143.module_el9.3.0+60+5ebc989a.aarch64.rpm	a2f6e164f76d3f45abd999986d34ac8e4eb1daf20342cec8389b7fabd4f6351b
aarch64	rubygem-pg-1.3.5-1.module_el9.1.0+8+503f6fbd.aarch64.rpm	cfaf5e7863a363dca261c396cb4d88268d91e3a71ecb7e28ed36a2fa92cdb037
aarch64	ruby-devel-3.1.4-143.module_el9.3.0+60+5ebc989a.aarch64.rpm	cfd5959ea19315d7ed7dddca9ebd377fd61dad287684ad9942a86fc2b3991a6e
i686	ruby-libs-3.1.4-143.module_el9.3.0+60+5ebc989a.i686.rpm	11a224fa06c24b99c053efbf054acf9f575499ebd211f0c5848a85794cc061aa
i686	rubygem-json-2.6.1-143.module_el9.3.0+60+5ebc989a.i686.rpm	53a91f238f09f5857b68ba527c90a353382309f61289c0bf6f5c20f8b6d7cfe9
i686	rubygem-psych-4.0.4-143.module_el9.3.0+60+5ebc989a.i686.rpm	753f068a1a1ab544ad990e4a749aa651eee62986eb03e912bf090e7efc02ef8e
i686	ruby-devel-3.1.4-143.module_el9.3.0+60+5ebc989a.i686.rpm	8694f80920d499a321c7f92f8ca42830765e7ae6a76bdf98d12172014097093f
i686	ruby-bundled-gems-3.1.4-143.module_el9.3.0+60+5ebc989a.i686.rpm	9d86bd09a5f3d93ec82703401396afae5162a917c5cdb8c759a45850af9d048d
i686	rubygem-rbs-2.7.0-143.module_el9.3.0+60+5ebc989a.i686.rpm	9f5d26656f65c94cebea5a89c1ea51394f848473c91cddda5d27fa3cd5f8a896
i686	ruby-3.1.4-143.module_el9.3.0+60+5ebc989a.i686.rpm	c3b422c0c257097dfaf2f4328f471df8d0c09a3fabf14c72d884118586364b4d
i686	rubygem-bigdecimal-3.1.1-143.module_el9.3.0+60+5ebc989a.i686.rpm	ea6ff5872cc45c505d2c890f23f3c19336b17f9be8f1ecf8fe6e86e4057e1a9c
i686	rubygem-io-console-0.5.11-143.module_el9.3.0+60+5ebc989a.i686.rpm	ee565894988b215a9722197e8d85bf6837110cd0174bc4a69d22c559c8e51551
noarch	rubygem-irb-1.4.1-143.module_el9.3.0+60+5ebc989a.noarch.rpm	0905ea50c6cc6d5a681460c632ba0a74e5f6d2ba1db15071c6898ecbecc2a245
noarch	ruby-default-gems-3.1.4-143.module_el9.3.0+60+5ebc989a.noarch.rpm	0c918bfd80963513ed8ebf939151fdce1a95440655605c2d67f99cd84d216be4
noarch	rubygem-bundler-2.3.26-143.module_el9.3.0+60+5ebc989a.noarch.rpm	0cfb15f8920c73930c5fec462727ff8bd0d4d1fc94390b2ad491b78cc0c212cf
noarch	rubygems-devel-3.3.26-143.module_el9.3.0+60+5ebc989a.noarch.rpm	0e7ff1f07e4a144615a899bd26379a895339f798bd29586c0fe8c704eec129c9
noarch	rubygem-typeprof-0.21.3-143.module_el9.3.0+60+5ebc989a.noarch.rpm	12b6d49f2eb37de64c5359d95338466e4c556af74df4adef525b75843d89190e
noarch	rubygem-rexml-3.2.5-143.module_el9.3.0+60+5ebc989a.noarch.rpm	354d1ca60ce97d60e2fb600c86afd727f668446370edb2394ee2935d4e106798
noarch	rubygem-rdoc-6.4.0-143.module_el9.3.0+60+5ebc989a.noarch.rpm	36f9528fb53df33c14bfec0c0b6cd001923bf8d59b7664a7e0110b900e83d99b
noarch	rubygem-mysql2-doc-0.5.4-1.module_el9.1.0+8+503f6fbd.noarch.rpm	47f8869c8adfe2b7eee506473440af3abe2bb171cf60cda4d0dec05db0bc3fb8
noarch	rubygem-test-unit-3.5.3-143.module_el9.3.0+60+5ebc989a.noarch.rpm	48b4cecfa787eb441b96cb238ac59a92721e0e96871882a0c99535a41dce07ad
noarch	ruby-doc-3.1.4-143.module_el9.3.0+60+5ebc989a.noarch.rpm	4eb51d23c8c72f8e460bd2914c19f7cd5dc68f46bbcbaa950473677350a79597
noarch	rubygems-3.3.26-143.module_el9.3.0+60+5ebc989a.noarch.rpm	60fd72d151b2e2783689c5d4470411ffa6c39cbf7a4e4bd079e17fb95dc357e4
noarch	rubygem-power_assert-2.0.1-143.module_el9.3.0+60+5ebc989a.noarch.rpm	63219994c30877b59061770b580914f572efec91b2b19317f2060f0f9bd91827
noarch	rubygem-minitest-5.15.0-143.module_el9.3.0+60+5ebc989a.noarch.rpm	af3a3fc67bab63fc8271d1228f3d722e5d3eec8eb7b03b43a664aff57944e18a
noarch	rubygem-rake-13.0.6-143.module_el9.3.0+60+5ebc989a.noarch.rpm	b6ae9ba983978a8dcb31c5a552e2ebe3d3871ada40297c0a50a3709151689b62
noarch	rubygem-pg-doc-1.3.5-1.module_el9.1.0+8+503f6fbd.noarch.rpm	c24489067c5c62f3bb8edd8f47b01171f766eaeb0e96991878c51e5ae4b1b3e4
noarch	rubygem-rss-0.2.9-143.module_el9.3.0+60+5ebc989a.noarch.rpm	e81933427fea30393c52bb8cff7b70f07e284fcee5be0e2e14cca0c33afb82e9
ppc64le	ruby-3.1.4-143.module_el9.3.0+60+5ebc989a.ppc64le.rpm	11819a69dfafaf1c2756c43a1ddb188acabad4d8d8a305140e293edf5695dfe6
ppc64le	rubygem-pg-1.3.5-1.module_el9.1.0+8+503f6fbd.ppc64le.rpm	25f3baf573cfcc8d5c67210026207ce30c1c8540d8d22869371943456fe63c71
ppc64le	ruby-devel-3.1.4-143.module_el9.3.0+60+5ebc989a.ppc64le.rpm	37bf119edf042c6089b5e0676606da05dd30f9495c2fa5e9113c201a01805a7c
ppc64le	rubygem-json-2.6.1-143.module_el9.3.0+60+5ebc989a.ppc64le.rpm	49a08bbc4e18c2d85354594a809555f5bade2f9a3025147548a4a8ad13a42fd9
ppc64le	ruby-bundled-gems-3.1.4-143.module_el9.3.0+60+5ebc989a.ppc64le.rpm	6ab69f09ee7fb65527c1400984a330c40bd5b2ab72f05f89e54ca14c3d7ce601
ppc64le	rubygem-psych-4.0.4-143.module_el9.3.0+60+5ebc989a.ppc64le.rpm	a8c545cf225037f3d463ec50178a84dc7653c6d4e9c859dab631d13bdf811142
ppc64le	rubygem-io-console-0.5.11-143.module_el9.3.0+60+5ebc989a.ppc64le.rpm	c0735694d527897bd9e21c29b3a4ded012c493f4b0b709bcc3986e28eeac257f
ppc64le	rubygem-bigdecimal-3.1.1-143.module_el9.3.0+60+5ebc989a.ppc64le.rpm	cb6067181430b6b2a0858d4d17adcd30cd2e9330a3ecd3b011ead25ff47fbc0e
ppc64le	rubygem-rbs-2.7.0-143.module_el9.3.0+60+5ebc989a.ppc64le.rpm	e9343ccf9342eb2d567dd17b78dc1a93e9ef475ef394bad57fc76d405fd6f6a3
ppc64le	rubygem-mysql2-0.5.4-1.module_el9.1.0+8+503f6fbd.ppc64le.rpm	f140b9b82287b70b3ad62004723b762d170c43947bf0d3c8f86f789404744497
ppc64le	ruby-libs-3.1.4-143.module_el9.3.0+60+5ebc989a.ppc64le.rpm	f4fb94c2dd58bd011bbccf1fc71df606ce52574ad38aefa55d7e67c91359e874
s390x	rubygem-io-console-0.5.11-143.module_el9.3.0+60+5ebc989a.s390x.rpm	23912bd393f9a5bc90aeecbfe116c0db72039d79e153668824a4b8a9a0f74861
s390x	rubygem-psych-4.0.4-143.module_el9.3.0+60+5ebc989a.s390x.rpm	28171f973bcf4068f197181a32787ef152f841f9687b756db330fb2a2d0454c5
s390x	rubygem-mysql2-0.5.4-1.module_el9.1.0+8+503f6fbd.s390x.rpm	49b1f8d15c4626c94dbdf369d69aa871b2e1b4909ae4718089f41d7de50396ee
s390x	ruby-devel-3.1.4-143.module_el9.3.0+60+5ebc989a.s390x.rpm	4eefdf9735833f0d6664cf37298289b0e72cce39d7a2b9354b7d9de275f25b90
s390x	ruby-3.1.4-143.module_el9.3.0+60+5ebc989a.s390x.rpm	527be15d0d170b8cb36d98a81034ffead2e66069d07436371534a46d1b685197
s390x	rubygem-pg-1.3.5-1.module_el9.1.0+8+503f6fbd.s390x.rpm	81af584c5f98cbff30e7733f802c0711cdfb921b4fc268dc21e6e002f4c9a292
s390x	ruby-bundled-gems-3.1.4-143.module_el9.3.0+60+5ebc989a.s390x.rpm	82e860a765767761c2b83e22b938126589b14afd8a988c585abfd4d15a64187f
s390x	ruby-libs-3.1.4-143.module_el9.3.0+60+5ebc989a.s390x.rpm	88967599c39a2cf14d646d5f391da643e78ec732b8042b4f1f94f39094aac117
s390x	rubygem-json-2.6.1-143.module_el9.3.0+60+5ebc989a.s390x.rpm	946460aa34b688db4a8e888ff927d80122dcc1f2967e88bf1456753a7a8b04cf
s390x	rubygem-rbs-2.7.0-143.module_el9.3.0+60+5ebc989a.s390x.rpm	94e8127efe8fbb57ba94ce682c71a594b6f8dfde0bb61965d243dbd7f9c261bc
s390x	rubygem-bigdecimal-3.1.1-143.module_el9.3.0+60+5ebc989a.s390x.rpm	b3a914936dd74c4a447dacc8e1af759dc97075f7b1cf164ebf5db6a41dfc015f
x86_64	rubygem-psych-4.0.4-143.module_el9.3.0+60+5ebc989a.x86_64.rpm	05e7e1e31e5c925f28d9a69e727332ea3193f0d586a67464a6be21cc6e6356c6
x86_64	ruby-devel-3.1.4-143.module_el9.3.0+60+5ebc989a.x86_64.rpm	11976d1dd7e261fcb30b638592e3e7b80fc604e5ae8b22ed307dff5d7570cda2
x86_64	rubygem-bigdecimal-3.1.1-143.module_el9.3.0+60+5ebc989a.x86_64.rpm	2a546cfa11ee0b1af7ffff7ce09b8e12ee8f5b57cbf4943e56f2ff06d125debe
x86_64	ruby-bundled-gems-3.1.4-143.module_el9.3.0+60+5ebc989a.x86_64.rpm	6143e954be60749f9756f62fb865a5be3dc5e9cf9f2a2b239e2b90f8832fe84a
x86_64	rubygem-json-2.6.1-143.module_el9.3.0+60+5ebc989a.x86_64.rpm	7736920171f665084a203c8a2580386a23d0ba6866c2bf979af154775cfaac8f
x86_64	ruby-libs-3.1.4-143.module_el9.3.0+60+5ebc989a.x86_64.rpm	7a3d1b2bc8087aa07072024fe9a2e7298f6c8f912a765d022badc38db6dc5a86
x86_64	rubygem-io-console-0.5.11-143.module_el9.3.0+60+5ebc989a.x86_64.rpm	8f73968349858adabc29cdbbbb389b4edeaf47405fcf96d74b5d5e7e3bafa19a
x86_64	rubygem-mysql2-0.5.4-1.module_el9.1.0+8+503f6fbd.x86_64.rpm	dab19da2b0c280cf81790d96e39c50f37e61ff0e70a7b591600f76f8cc8d96df
x86_64	ruby-3.1.4-143.module_el9.3.0+60+5ebc989a.x86_64.rpm	ec12b8fc13490bc81027dfb175e9fdd413daf368199c59f8830124230f7b1cfa
x86_64	rubygem-pg-1.3.5-1.module_el9.1.0+8+503f6fbd.x86_64.rpm	f19ded1c673d7431f2562b768ca31c5d92eba38bb0ec8fe3aaf608b1e63e36d0
x86_64	rubygem-rbs-2.7.0-143.module_el9.3.0+60+5ebc989a.x86_64.rpm	fea8188c0ce150b31196b85817daceb2c391e97d8f31225485ba73be1239b972

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.