ALSA-2024:3668

[ALSA-2024:3668] Moderate: ruby:3.1 security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2024-06-06

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: ruby (3.1). (AlmaLinux-35449)

Security Fix(es):

* ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280)
* ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281)
* ruby: Arbitrary memory address read vulnerability with Regex search (CVE-2024-27282)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	rubygem-psych-4.0.4-144.module_el9.4.0+101+d58a8d95.aarch64.rpm	013af7c9d005e99cdb9fb150e64cf6daf313556273406097681519f954bfc8f9
aarch64	rubygem-json-2.6.1-144.module_el9.4.0+101+d58a8d95.aarch64.rpm	2bc2b3a6a541aaf89f77f1dda40bc43209457b02c669594992d83e511d546960
aarch64	rubygem-rbs-2.7.0-144.module_el9.4.0+101+d58a8d95.aarch64.rpm	43ced2d4f9835e751feb7b6be913d809cb6e3213ee4fda3e79e3b1daa5ac5786
aarch64	rubygem-mysql2-0.5.4-1.module_el9.1.0+8+503f6fbd.aarch64.rpm	4c5252460fea72ded437082819e93b994f278167601c79044ace259273f5c4d0
aarch64	rubygem-bigdecimal-3.1.1-144.module_el9.4.0+101+d58a8d95.aarch64.rpm	7a446c135517f887dc828b7e6b5e8cc01463c6d9ae7552b04d106455c7fe3220
aarch64	ruby-3.1.5-144.module_el9.4.0+101+d58a8d95.aarch64.rpm	87455699ac0a6b2cd369386b224b4207a0f646f85befd354720a096da5501cea
aarch64	ruby-libs-3.1.5-144.module_el9.4.0+101+d58a8d95.aarch64.rpm	977187f8f3496256fbb3676b869f69d6e7327b84377bc354f0c2fd85e8c3db93
aarch64	ruby-devel-3.1.5-144.module_el9.4.0+101+d58a8d95.aarch64.rpm	97d4578f55aa57a7f20b71e766c6c16d858db764c59fb070eea86919bcbe7632
aarch64	ruby-bundled-gems-3.1.5-144.module_el9.4.0+101+d58a8d95.aarch64.rpm	b5eefd16f0d56bea3750a27fa6806d3bb52f4e40b4554aacd00024297b3fd5e1
aarch64	rubygem-io-console-0.5.11-144.module_el9.4.0+101+d58a8d95.aarch64.rpm	c0ad22bacf961443362154bf49bba45c7ae204391517b5a581f74e63ebb8eb01
aarch64	rubygem-pg-1.3.5-1.module_el9.1.0+8+503f6fbd.aarch64.rpm	cfaf5e7863a363dca261c396cb4d88268d91e3a71ecb7e28ed36a2fa92cdb037
i686	rubygem-psych-4.0.4-144.module_el9.4.0+101+d58a8d95.i686.rpm	05fe90220c8803b6de24e8aad3d93a751e9eefc8453cb1f2e27e553bc65cbd59
i686	rubygem-bigdecimal-3.1.1-144.module_el9.4.0+101+d58a8d95.i686.rpm	156844ebccc40686b1cfb9933716b6b5b755d83da8f1c10bb05ed5d6a742df9b
i686	rubygem-rbs-2.7.0-144.module_el9.4.0+101+d58a8d95.i686.rpm	1a99567a3dd0a6aa2b8b9c1ae9accce9f9946a647a1774cd6df0342ff0e2e9fb
i686	ruby-3.1.5-144.module_el9.4.0+101+d58a8d95.i686.rpm	30c23245bd29d2efb9054746cb1cad141de40174cda26693f0a78bac120b53b1
i686	ruby-bundled-gems-3.1.5-144.module_el9.4.0+101+d58a8d95.i686.rpm	34b70b1c66d793d5d050bae0bed10c1fcbbd31a80bf40bbd870f25f9d2c83c09
i686	ruby-devel-3.1.5-144.module_el9.4.0+101+d58a8d95.i686.rpm	413ebf1722a83218dfb63cd197d4556c31aa09bf770f3d73c8e5ef1cb6cfc116
i686	rubygem-io-console-0.5.11-144.module_el9.4.0+101+d58a8d95.i686.rpm	8cd47d2d2eae1ae758445193cfac722dff1f849bdcee16dd2b20c231bb2a809d
i686	ruby-libs-3.1.5-144.module_el9.4.0+101+d58a8d95.i686.rpm	b56e1621ddc5f7072ca54d9c293aa77fbd56d9500e44f8da972e40b77a5ea683
i686	rubygem-json-2.6.1-144.module_el9.4.0+101+d58a8d95.i686.rpm	e9adfa60c6027b8f0354a09892c91f9e95bee3b86ba1eaa9da3babe7e29920c9
noarch	rubygem-test-unit-3.5.3-144.module_el9.4.0+101+d58a8d95.noarch.rpm	1d60045ef82a5bbeecbc2287592b1591b55700fae7fd399d58baeef25a1f0e50
noarch	rubygem-typeprof-0.21.3-144.module_el9.4.0+101+d58a8d95.noarch.rpm	24cb1a7c1e4aeda56fa4fcdf89d1ff6b077ff837e0e687e9ae7cd7480aefd145
noarch	rubygem-rake-13.0.6-144.module_el9.4.0+101+d58a8d95.noarch.rpm	30d7cb20ddee1557f047d9b4b1d9b26b4087c95a76053d5bd4ab5a143c73fed8
noarch	ruby-default-gems-3.1.5-144.module_el9.4.0+101+d58a8d95.noarch.rpm	393efcc1c737ca8aafadf7e5e3efd4ad73d2781b7659373f27fabf02d3e28fdc
noarch	rubygem-mysql2-doc-0.5.4-1.module_el9.1.0+8+503f6fbd.noarch.rpm	47f8869c8adfe2b7eee506473440af3abe2bb171cf60cda4d0dec05db0bc3fb8
noarch	rubygem-bundler-2.3.27-144.module_el9.4.0+101+d58a8d95.noarch.rpm	74e82c75f35c48e200bdd0f13040c5d8cae6d4ab74ed7769e59622008baed436
noarch	rubygem-minitest-5.15.0-144.module_el9.4.0+101+d58a8d95.noarch.rpm	7641fcb6f89c336a71ea20debc329a809f96b29e9dc4563a574ea5cb8a62797f
noarch	rubygem-power_assert-2.0.1-144.module_el9.4.0+101+d58a8d95.noarch.rpm	92d64262b45999e76de317aad96cb770b73720d55e9ebfd275207ddad00c3d86
noarch	rubygem-rdoc-6.4.1.1-144.module_el9.4.0+101+d58a8d95.noarch.rpm	9bd1632b1cb4319201859701f1eaf84666419345c170ef93cd47ab4031829429
noarch	rubygems-3.3.27-144.module_el9.4.0+101+d58a8d95.noarch.rpm	bc697c3ad63d00ee0bad232fea31d960c9b955859ae4dc256d87c278f8d0f0da
noarch	ruby-doc-3.1.5-144.module_el9.4.0+101+d58a8d95.noarch.rpm	bebcbffa554dfed194d3fc1212ba3d01dd89f3a6ecdda3228069f2a3d6ddb640
noarch	rubygem-rss-0.2.9-144.module_el9.4.0+101+d58a8d95.noarch.rpm	c09830da0af358c4dd7f61e57c051158c302433acc0274930fe76e2b6b983c4a
noarch	rubygem-pg-doc-1.3.5-1.module_el9.1.0+8+503f6fbd.noarch.rpm	c24489067c5c62f3bb8edd8f47b01171f766eaeb0e96991878c51e5ae4b1b3e4
noarch	rubygem-rexml-3.2.5-144.module_el9.4.0+101+d58a8d95.noarch.rpm	d395d040309f58998acea87e2743d77e76cf53c44ebdfa3fe0fc26ce092eda60
noarch	rubygem-irb-1.4.1-144.module_el9.4.0+101+d58a8d95.noarch.rpm	d7f12808af01af69e86302277c2e88e8e91350d449160799c77eeb4af8509670
noarch	rubygems-devel-3.3.27-144.module_el9.4.0+101+d58a8d95.noarch.rpm	ee39f8098869a8f763ea082ee44bb91041439215ed3a24be7172710e3bd45917
ppc64le	ruby-libs-3.1.5-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm	1b2c41748217d6e13be2041b32a0de20a2536073e0783c2bcc35bfdf1c2b1eaf
ppc64le	rubygem-pg-1.3.5-1.module_el9.1.0+8+503f6fbd.ppc64le.rpm	25f3baf573cfcc8d5c67210026207ce30c1c8540d8d22869371943456fe63c71
ppc64le	rubygem-rbs-2.7.0-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm	4cf8b332013008ccd1c14a11f2119857dad59b621a420717d0497e367bca4598
ppc64le	rubygem-psych-4.0.4-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm	71209fca74d7ad5b1e375b887a5f919986d02824808aa0aa71064a01b1125aff
ppc64le	rubygem-json-2.6.1-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm	90c61b03cc433619924bf1edd21d0a96a71b05968f6952e5ad73e85aa8539f0d
ppc64le	ruby-devel-3.1.5-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm	acfdfa85a3a75e0abe7dd5411217f02fc2962bb8e8321ee1be616fd7b6969219
ppc64le	ruby-bundled-gems-3.1.5-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm	b49720e645545d3bb0e628fbbe9f972aa573fcf9b2dd8c589245a6cf5f70441e
ppc64le	rubygem-bigdecimal-3.1.1-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm	bceb971ba5c822896c070609c1dcd0780c82769a898af6871f8262a82682b52e
ppc64le	rubygem-io-console-0.5.11-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm	bd08832d442806e7b4d75d2c6f8563dd4a48eeaea0dee9fe951613ab376a0e98
ppc64le	ruby-3.1.5-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm	dfa9ae9b4d29fc355bb434a4aa0169ebca4438293dbf3da116e4ee4bfac7202e
ppc64le	rubygem-mysql2-0.5.4-1.module_el9.1.0+8+503f6fbd.ppc64le.rpm	f140b9b82287b70b3ad62004723b762d170c43947bf0d3c8f86f789404744497
s390x	rubygem-rbs-2.7.0-144.module_el9.4.0+101+d58a8d95.s390x.rpm	1d1a112fc3b8a27fbfc1d73dce926b687e2c7998fbf68b8f881a483d0d824847
s390x	rubygem-psych-4.0.4-144.module_el9.4.0+101+d58a8d95.s390x.rpm	22a821d1c12c5ad1ff12c6cda4a7a94407fb084f58b768f80f434cb97baad40e
s390x	rubygem-mysql2-0.5.4-1.module_el9.1.0+8+503f6fbd.s390x.rpm	49b1f8d15c4626c94dbdf369d69aa871b2e1b4909ae4718089f41d7de50396ee
s390x	rubygem-io-console-0.5.11-144.module_el9.4.0+101+d58a8d95.s390x.rpm	5a7fe7c4cf6774ae29562ab21f65d5888a38fd6e0356488982b82619b29095f5
s390x	ruby-bundled-gems-3.1.5-144.module_el9.4.0+101+d58a8d95.s390x.rpm	78f31ee25053c1754e7d9af6d5d78dada2e6543542d02ce71988d9a1868ac1a6
s390x	rubygem-bigdecimal-3.1.1-144.module_el9.4.0+101+d58a8d95.s390x.rpm	7d665dff78a913ffd0872a4258d892d7ac21bd24a5af53a4c88bdb50c397d9dc
s390x	rubygem-pg-1.3.5-1.module_el9.1.0+8+503f6fbd.s390x.rpm	81af584c5f98cbff30e7733f802c0711cdfb921b4fc268dc21e6e002f4c9a292
s390x	ruby-3.1.5-144.module_el9.4.0+101+d58a8d95.s390x.rpm	a461424388708e06d84966f9622e3556f44b6ba9cd310beae2a6b89be341b5ab
s390x	ruby-devel-3.1.5-144.module_el9.4.0+101+d58a8d95.s390x.rpm	cf88b45dd320b39708857de29827fc2b0d2ec7fdd46867eceecbc4278221302d
s390x	rubygem-json-2.6.1-144.module_el9.4.0+101+d58a8d95.s390x.rpm	d1bbc50c4d944f76cbee80c3acef48a6f14b2bfd955b40d66fe8eb5849e2560b
s390x	ruby-libs-3.1.5-144.module_el9.4.0+101+d58a8d95.s390x.rpm	dccf903729d176701eef0f2752264af70372f0b2693911249731aebaa60a853d
x86_64	rubygem-psych-4.0.4-144.module_el9.4.0+101+d58a8d95.x86_64.rpm	49057e8b8f904d42c7683aaf6739306d2b618a3bdd4572b9b9b977f0b4e24865
x86_64	rubygem-rbs-2.7.0-144.module_el9.4.0+101+d58a8d95.x86_64.rpm	573f44bf9e116e4f6a3c81a49a842bd2f6c36aa18831d01104b556ab1df1211f
x86_64	ruby-3.1.5-144.module_el9.4.0+101+d58a8d95.x86_64.rpm	a3b9ad4f673b6a8619b175c4a3a1fab84df864add3bdaa366e9f1e70174615ed
x86_64	rubygem-io-console-0.5.11-144.module_el9.4.0+101+d58a8d95.x86_64.rpm	aecadd6b4b60d12ee243eba8614377e97d1de8de70b8237982aa401485bd8e9a
x86_64	ruby-devel-3.1.5-144.module_el9.4.0+101+d58a8d95.x86_64.rpm	c03e3db160d65468d907facb6192eac72b2d593bc74498fddbd48e9bdb3aac9d
x86_64	ruby-libs-3.1.5-144.module_el9.4.0+101+d58a8d95.x86_64.rpm	cd51731befdb50cacba3c22e2b2c4b917bdad5bd9d04fa1800465a64e67e1097
x86_64	rubygem-bigdecimal-3.1.1-144.module_el9.4.0+101+d58a8d95.x86_64.rpm	d4cd4d83f7fd2e720cb2b2ebd5dcf969db2caf23162464fcb2643a7e69ba3266
x86_64	rubygem-mysql2-0.5.4-1.module_el9.1.0+8+503f6fbd.x86_64.rpm	dab19da2b0c280cf81790d96e39c50f37e61ff0e70a7b591600f76f8cc8d96df
x86_64	rubygem-json-2.6.1-144.module_el9.4.0+101+d58a8d95.x86_64.rpm	e1615d435b80d402ba4677139656cb3b39452dcec2193a983b11a5ffe461fbf0
x86_64	ruby-bundled-gems-3.1.5-144.module_el9.4.0+101+d58a8d95.x86_64.rpm	ea2a2a53ffc6ef000d91416a9ff7f4dd581bab734f67d562f65b3f0b5e57e7df
x86_64	rubygem-pg-1.3.5-1.module_el9.1.0+8+503f6fbd.x86_64.rpm	f19ded1c673d7431f2562b768ca31c5d92eba38bb0ec8fe3aaf608b1e63e36d0

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.