ALSA-2024:3671

[ALSA-2024:3671] Moderate: ruby:3.3 security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2024-06-10

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: ruby (3.3). (AlmaLinux-37697)

Security Fix(es):

* ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280)
* ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281)
* ruby: Arbitrary memory address read vulnerability with Regex search (CVE-2024-27282)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	rubygem-rbs-3.4.0-2.module_el9.4.0+102+68a93853.aarch64.rpm	0130103a96563d9fffc288ed57fb2b2afa5a177bc201603ea4185aaec0c9a342
aarch64	rubygem-pg-1.5.4-1.module_el9.4.0+75+1a8fe981.aarch64.rpm	210298d16030e1b0a3f0d51412118ac191b4f0ddc83d16c55492ce97e097f7a5
aarch64	rubygem-racc-1.7.3-2.module_el9.4.0+102+68a93853.aarch64.rpm	326502e8d2cda542fbed21ac842e1c164fb83c98c15300c284fea2d60df6b8a6
aarch64	ruby-devel-3.3.1-2.module_el9.4.0+102+68a93853.aarch64.rpm	74e04f3d16f168684e0db3db571253d09d10411e8ac2920394402423e114502b
aarch64	ruby-libs-3.3.1-2.module_el9.4.0+102+68a93853.aarch64.rpm	75d6ccac9e6e77c4bb14709769ed70bf43cd862270f884392c3ffb728242564f
aarch64	rubygem-mysql2-0.5.5-1.module_el9.4.0+75+1a8fe981.aarch64.rpm	9405f0a05466b765bfce0fb43cbdcb0ae2f79b02e620c9e2995892d9ebaf1088
aarch64	rubygem-psych-5.1.2-2.module_el9.4.0+102+68a93853.aarch64.rpm	a7622f4ad2ade5baba82284eb185a89372ea7d362c23ec23791092b4d043a9da
aarch64	ruby-bundled-gems-3.3.1-2.module_el9.4.0+102+68a93853.aarch64.rpm	a8cfeecc49f68024634e12f0e8b4cb8d1bcf6a61e7da524814608adf455183dc
aarch64	rubygem-json-2.7.1-2.module_el9.4.0+102+68a93853.aarch64.rpm	aefef2f9d806ad8feb99afbdb785771766e0a11180bddf790d60e1021c2c4835
aarch64	rubygem-io-console-0.7.1-2.module_el9.4.0+102+68a93853.aarch64.rpm	b1ceab64a06f942fd040abaa2ae2bf548bb190782769c95c958e2d33a1865caf
aarch64	ruby-3.3.1-2.module_el9.4.0+102+68a93853.aarch64.rpm	e02c8da0608d961d65e91274d334fb67c895e8e9c1cf50f3b8413f65c36497bb
aarch64	rubygem-bigdecimal-3.1.5-2.module_el9.4.0+102+68a93853.aarch64.rpm	e80144e12f288947e4442a627427bbb9d212d62c8ea499ca17435d14b9640cc2
i686	rubygem-racc-1.7.3-2.module_el9.4.0+102+68a93853.i686.rpm	54ce792e3cac44fb8e5a69fe5dc3f67d87f8b14b0c999a916837cdd9a6ef76d4
i686	ruby-3.3.1-2.module_el9.4.0+102+68a93853.i686.rpm	60ff2326a15339e8eb48a8c696406cc93ef1076d004b83b1588ca5e9c7a1ba74
i686	ruby-devel-3.3.1-2.module_el9.4.0+102+68a93853.i686.rpm	66f509fae6dc5713971f8251a8f0165e5c99dbdd5932ed124792cc165f192386
i686	ruby-bundled-gems-3.3.1-2.module_el9.4.0+102+68a93853.i686.rpm	8ef9c125681d6dc22e6f21e562f5bd3ccc55019793a2e4c4a22a81093a5ae06b
i686	rubygem-json-2.7.1-2.module_el9.4.0+102+68a93853.i686.rpm	9e7234e803d3de25705684c6f06c84693ef4db94a78e16fcd557dfe5c2b84aae
i686	rubygem-bigdecimal-3.1.5-2.module_el9.4.0+102+68a93853.i686.rpm	a1a9e0ca7170cd0abbb9691ac93b8dcadd090fc8c126b1805ac94211a2bc8a02
i686	ruby-libs-3.3.1-2.module_el9.4.0+102+68a93853.i686.rpm	a312e0be42db30411055482b51fa66e4f45d6a937d15e8223f69925a1d29aa91
i686	rubygem-rbs-3.4.0-2.module_el9.4.0+102+68a93853.i686.rpm	af48e91508bebc080ecff3c7c39f3125e6ce1f00ef994b5e7ffa5346c779a08e
i686	rubygem-psych-5.1.2-2.module_el9.4.0+102+68a93853.i686.rpm	b63e2d153e521b812ddb6f28bd7e96f6657c0cc8ac2a5a91469e72ac5555fc42
i686	rubygem-io-console-0.7.1-2.module_el9.4.0+102+68a93853.i686.rpm	c0b16fbf83140e55ab9bd140acd3883903658eeed466c7cf5196ee7748686afd
noarch	rubygems-devel-3.5.9-2.module_el9.4.0+102+68a93853.noarch.rpm	05ba48bdeda8e01d3470d0bf7d33015690b1997e4bb25d0fc69797c9afae1916
noarch	rubygem-bundler-2.5.9-2.module_el9.4.0+102+68a93853.noarch.rpm	27a30884ae6fa12a9de09ee3bda1973c07c6d60abf1f973faffc4cc1738f44a6
noarch	rubygem-rss-0.3.0-2.module_el9.4.0+102+68a93853.noarch.rpm	2c429b7a055c6f9b412d5ee390ec6c0a88dea2567435dfae5cd4ad42b5e166d1
noarch	rubygem-pg-doc-1.5.4-1.module_el9.4.0+75+1a8fe981.noarch.rpm	37ef36e0456b9c62427f8dd08442c622c134e026ded1488b8fd55487b69d2a58
noarch	rubygem-rdoc-6.6.3.1-2.module_el9.4.0+102+68a93853.noarch.rpm	57e1d24b92a4a14badd87e0c44c6f5f8c0bab776be40835bb728b02d64e8f009
noarch	rubygem-rake-13.1.0-2.module_el9.4.0+102+68a93853.noarch.rpm	6424338c8361e0e095543455d2612460c41532b09272bc16813805ea300bbde5
noarch	rubygem-mysql2-doc-0.5.5-1.module_el9.4.0+75+1a8fe981.noarch.rpm	65b0d0cc45f0088e7962db0543b7f1672cbc730924b371f28cdda18a25b33edf
noarch	rubygem-test-unit-3.6.1-2.module_el9.4.0+102+68a93853.noarch.rpm	66cbe8756ebbeb78a8260b97a493cd2652d462769355328be41b2161ba0321ea
noarch	rubygem-rexml-3.2.6-2.module_el9.4.0+102+68a93853.noarch.rpm	7c87bbd4e24e647635f83b56c1eacbe966a0b069e0fd2b111ed825ef4f5247dd
noarch	rubygem-irb-1.11.0-2.module_el9.4.0+102+68a93853.noarch.rpm	853620c2a9729478a537a057938c253494ff63ce1fd4c042303ba942d9ac2640
noarch	ruby-doc-3.3.1-2.module_el9.4.0+102+68a93853.noarch.rpm	867cf153f94223d8490a1f00567be22df60179b5cf18b7afa9ed1895fc1bccd3
noarch	ruby-default-gems-3.3.1-2.module_el9.4.0+102+68a93853.noarch.rpm	87859f05ea0fe77e2e991a2b42083f3ffdfa0a25c19d4577bddf6e9ee95c4965
noarch	rubygem-power_assert-2.0.3-2.module_el9.4.0+102+68a93853.noarch.rpm	9f45f58c8fd93f89f7b1471e8e904876abde5bf3381d6811bd19c9cf5ab7ab93
noarch	rubygem-typeprof-0.21.9-2.module_el9.4.0+102+68a93853.noarch.rpm	a73909cc8567623583c4366b91370617bfdf02a0f098a2402b2b90b279bda810
noarch	rubygems-3.5.9-2.module_el9.4.0+102+68a93853.noarch.rpm	d7e394a7d6504872209c8e49a4adf8c212a55ab52ac30e81834535b8788a0b49
noarch	rubygem-minitest-5.20.0-2.module_el9.4.0+102+68a93853.noarch.rpm	e288892ef6dc536761fff9f15fb42502eb7c4cee7dd69426b95dd69290bdfe42
ppc64le	ruby-bundled-gems-3.3.1-2.module_el9.4.0+102+68a93853.ppc64le.rpm	108b850abb27a7d53e0e82fe6810f0e05f1d616db03fa1092a88bbcdbd67c6bf
ppc64le	rubygem-json-2.7.1-2.module_el9.4.0+102+68a93853.ppc64le.rpm	1401de28dba684ad92f080adec136d872293ea95f964356b038ada98ffca4565
ppc64le	rubygem-rbs-3.4.0-2.module_el9.4.0+102+68a93853.ppc64le.rpm	2384aa23dfc874adc9d957d931ed76ea328d254687b902078ee46ef70742cda2
ppc64le	rubygem-bigdecimal-3.1.5-2.module_el9.4.0+102+68a93853.ppc64le.rpm	3ba88ee498a5c1166827520178f9c81bb33485b68dd775a414389b89ab65a582
ppc64le	ruby-libs-3.3.1-2.module_el9.4.0+102+68a93853.ppc64le.rpm	54659cb8788f48e02175753cb2dc3d2498e3ccb94dff8d580d9b497b2ee4709d
ppc64le	rubygem-mysql2-0.5.5-1.module_el9.4.0+75+1a8fe981.ppc64le.rpm	789dc34e64e7fe67837e75689f16d856a0131837c53d197a0f314f7e713678d6
ppc64le	rubygem-psych-5.1.2-2.module_el9.4.0+102+68a93853.ppc64le.rpm	82e621cf42d46df157e35bb57d6251f2c64130c83bcdbeb05b347fbf5a51a724
ppc64le	rubygem-io-console-0.7.1-2.module_el9.4.0+102+68a93853.ppc64le.rpm	9c893eda2a0ac035f361cc8831fa169434d9f64ad4f704c13ff8426962d8eede
ppc64le	rubygem-racc-1.7.3-2.module_el9.4.0+102+68a93853.ppc64le.rpm	a3ea582a88ba86bdabf41607a1d959aa331f63ab0b186b58c22187289cc708d2
ppc64le	ruby-3.3.1-2.module_el9.4.0+102+68a93853.ppc64le.rpm	cd3dc0d7b1a5771c5ae8a44afc26b84dd50373caf2691fbd659196625ea3283c
ppc64le	rubygem-pg-1.5.4-1.module_el9.4.0+75+1a8fe981.ppc64le.rpm	e933771485523c0c2bdbd2e105e107502fab8d94f2d4f4cd37ee5e3d6b876e33
ppc64le	ruby-devel-3.3.1-2.module_el9.4.0+102+68a93853.ppc64le.rpm	fb78cf1b4420370919373b1757870ff474a8e25147406938c6b6cc8e445d7be5
s390x	rubygem-mysql2-0.5.5-1.module_el9.4.0+75+1a8fe981.s390x.rpm	05258957f4a8ba14cc6ebf5219ecc4e0e325a64dcd11edc78435445fb2231e41
s390x	rubygem-bigdecimal-3.1.5-2.module_el9.4.0+102+68a93853.s390x.rpm	070997a41248e01966472fd84011e64ca60b38c54ad3b7b0efced72a73a19683
s390x	ruby-bundled-gems-3.3.1-2.module_el9.4.0+102+68a93853.s390x.rpm	271f85b5aea662819ea92e65551c40763eb378a222f2c2c4e800418f775e779e
s390x	ruby-devel-3.3.1-2.module_el9.4.0+102+68a93853.s390x.rpm	66449393d742e738c7f96433fcef925158e73e4636fb20d658c769f8719ae45b
s390x	rubygem-psych-5.1.2-2.module_el9.4.0+102+68a93853.s390x.rpm	a1edcdca84c8298d7688944f30e419a2c29624bb5196fa715fa9cda1c2b688b2
s390x	rubygem-pg-1.5.4-1.module_el9.4.0+75+1a8fe981.s390x.rpm	a81354cf449ea715f53abe583ed241f40275e30991a4a7bafc454729c2c75cc0
s390x	ruby-libs-3.3.1-2.module_el9.4.0+102+68a93853.s390x.rpm	c003eed5620ebef2e1676b387ce5cd0a266ab049e20f092314bdb7fccccaa271
s390x	rubygem-racc-1.7.3-2.module_el9.4.0+102+68a93853.s390x.rpm	cc830be351ac4e58b68d72c98f2e52af38c5b84440c511a7d82981b9df2bcadd
s390x	rubygem-json-2.7.1-2.module_el9.4.0+102+68a93853.s390x.rpm	d72f6a43a476fe9aeb005cabfa1bce800c8e29321dcb73149580bdef67b4aace
s390x	rubygem-io-console-0.7.1-2.module_el9.4.0+102+68a93853.s390x.rpm	e48ab13a898bdd492d9d3babf10b8055c387e2da20a27b2b23d088cd3f37cd74
s390x	rubygem-rbs-3.4.0-2.module_el9.4.0+102+68a93853.s390x.rpm	ea47fad4821a191daf1244dc80d8bbaca6b85d66992fdc742f90cf1eccda0131
s390x	ruby-3.3.1-2.module_el9.4.0+102+68a93853.s390x.rpm	f2a4e212bb8ad6d97b4e04bb409bf8681c4f3147c6d7ca817efad5796c703bf0
x86_64	rubygem-psych-5.1.2-2.module_el9.4.0+102+68a93853.x86_64.rpm	048a38ef285fe9f603af61af1b135eb982693be8c0960600c9df526d683df48e
x86_64	rubygem-mysql2-0.5.5-1.module_el9.4.0+75+1a8fe981.x86_64.rpm	2306c7e3f20481fc2c29d0b4f67e34aea30d3a54f36d98be8976311447864da6
x86_64	ruby-bundled-gems-3.3.1-2.module_el9.4.0+102+68a93853.x86_64.rpm	24d1ae3981a753ccf31d40e026e1cdf03d5330615d392bc1d64ac755f6ac7535
x86_64	rubygem-racc-1.7.3-2.module_el9.4.0+102+68a93853.x86_64.rpm	4840d8f1a1c805f5e01fce7ff1d74fc7412920db116d18698ef28825fe22391c
x86_64	rubygem-rbs-3.4.0-2.module_el9.4.0+102+68a93853.x86_64.rpm	5079432013da4b8f4d14fc6cd75a7e0a1e518be5c669aa60313f61b5a28a33fc
x86_64	rubygem-json-2.7.1-2.module_el9.4.0+102+68a93853.x86_64.rpm	53322ba7119372aa25456c74b94aa954720dbf9d4e75f7ee1baec35120df176f
x86_64	ruby-devel-3.3.1-2.module_el9.4.0+102+68a93853.x86_64.rpm	56fc5c8ff82f97bebefb054145f57c45f0933c9149327bf043bf5e71ac1cd2e4
x86_64	rubygem-io-console-0.7.1-2.module_el9.4.0+102+68a93853.x86_64.rpm	651e307cec141b591c1cd7562923adb076b57814bc9c47ba173784130e61fc3c
x86_64	rubygem-pg-1.5.4-1.module_el9.4.0+75+1a8fe981.x86_64.rpm	7e81c000c66bad27864ea6a2747f3b90f2192d71866e7e4bc4a26a34ac2ec27a
x86_64	ruby-libs-3.3.1-2.module_el9.4.0+102+68a93853.x86_64.rpm	929687ab399a8979a12602e81120f8798d38d6bb699af0ac08997392bc30ec29
x86_64	ruby-3.3.1-2.module_el9.4.0+102+68a93853.x86_64.rpm	db626df991b9b4e95ab91a227f22853437db2cb745b989115afd3312a6353445
x86_64	rubygem-bigdecimal-3.1.5-2.module_el9.4.0+102+68a93853.x86_64.rpm	f43c660ffe8e16069a14291bad4cdf4bb641cc923316503fa37a066e539e169c

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.