ALSA-2024:3838

[ALSA-2024:3838] Moderate: ruby security update

Type:

security

Severity:

moderate

Release date:

2024-06-13

Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: ruby
(3.0). (AlmaLinux-35740)

Security Fix(es):

* ruby/cgi-gem: HTTP response splitting in CGI (CVE-2021-33621)
* ruby: ReDoS vulnerability in URI (CVE-2023-28755)
* ruby: ReDoS vulnerability in Time (CVE-2023-28756)
* ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280)
* ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281)
* ruby: Arbitrary memory address read vulnerability with Regex search (CVE-2024-27282)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	ruby-devel-3.0.7-162.el9_4.aarch64.rpm	75f5ed7d6928627dcd3fa39a96a31fb32748294cfd53ca033a8d95778761e444
aarch64	rubygem-bigdecimal-3.0.0-162.el9_4.aarch64.rpm	7fc3809c1cad50296ac844e0a6c44c89b66bb35fbad4b350fd1e199eb03c413e
aarch64	rubygem-psych-3.3.2-162.el9_4.aarch64.rpm	8bd83b2ab2bfd5ce9625ca5f58fb3eb35f31e97829da3be63887266a7f365336
aarch64	rubygem-json-2.5.1-162.el9_4.aarch64.rpm	abce0e5bea00b7b4863889a59edef83784b31eca7a8008162e9e43d8aa9a3142
aarch64	ruby-libs-3.0.7-162.el9_4.aarch64.rpm	b973d523cc473784e011824e8553d3717bec909ec4089da56bec30fbd9d9655b
aarch64	rubygem-io-console-0.5.7-162.el9_4.aarch64.rpm	d8d80d147dcbcc5eac953434e652148404a2ee0ef59448c8f781dfa0dd03c230
aarch64	ruby-3.0.7-162.el9_4.aarch64.rpm	f1e4f2d54e6f162e064006921ae7a8bcebfe70b08ff526dffe7d74cb187c9e20
i686	ruby-libs-3.0.7-162.el9_4.i686.rpm	293ce88da73c5284fe01817c33be9df8b5d15b335207afb32c4acac3ae3f0903
i686	ruby-devel-3.0.7-162.el9_4.i686.rpm	2d5ff7c1f89aeb3ba53a1943741603444c6ef6bceae8f70f576d0b19a932ee08
i686	ruby-3.0.7-162.el9_4.i686.rpm	8ce9b5e85bef1835de9a0887d79f7a2833d6bc67f1570142c9f2cbede241d602
noarch	ruby-doc-3.0.7-162.el9_4.noarch.rpm	08fa7f7a8c78fdb7c1bcc7a1c92de0956e0c4e18dc0c8953ef596a1a75bec22b
noarch	rubygem-rbs-1.4.0-162.el9_4.noarch.rpm	0bfac6c9da7968b64d54a690969dd309c9b0150643e757efe6dc85ddf5c357d7
noarch	rubygem-irb-1.3.5-162.el9_4.noarch.rpm	1a34a95184a16559ec775224458fbb4e5d7eafa8b02c14b4d4de241a4ca24669
noarch	rubygem-rss-0.2.9-162.el9_4.noarch.rpm	1f466276d00158edc966eafaf20af5d2d8a47c474fb3cada1c487659c8046b4b
noarch	rubygems-3.2.33-162.el9_4.noarch.rpm	347e4dc030a5241683a27f18c647f3fc0e7dbc9bc5e785a0da30335cefdefacb
noarch	rubygem-rake-13.0.3-162.el9_4.noarch.rpm	35b188eebdbd09683b30a8af5a3624c9964b3fc780c7d77b6583461424e5224b
noarch	rubygem-bundler-2.2.33-162.el9_4.noarch.rpm	3f4a2346edc0c1c3446d3c66bd2ba64ab24f0742412b59c537f08239a2dfd5c8
noarch	rubygem-typeprof-0.15.2-162.el9_4.noarch.rpm	530717f0a8bfbc3fb92b8b8a71d3926c0f2f55b22c1488d92b58cb5635b99891
noarch	rubygem-rdoc-6.3.4.1-162.el9_4.noarch.rpm	61efa2918d01d92c6a737ab7b3dd698635ccdec9026edab5146425418db962b6
noarch	rubygems-devel-3.2.33-162.el9_4.noarch.rpm	8f176439e95a09833a724cde74b7c078b093659ea59454aa38b5f428c8f73480
noarch	rubygem-minitest-5.14.2-162.el9_4.noarch.rpm	a78beda206af7255e4d33f11d78b0a9c1fa541abafcfc7741c0fb00104fe3a80
noarch	rubygem-power_assert-1.2.1-162.el9_4.noarch.rpm	cf9abec31ee790b95caeb7f3611af2fbc5682a93248f60c4a6f5db1bcd237bc2
noarch	rubygem-rexml-3.2.5-162.el9_4.noarch.rpm	d0278393db1ac1c2f56329b1d47402c84a38afdb0e76f78638b80f071db40dfd
noarch	rubygem-test-unit-3.3.7-162.el9_4.noarch.rpm	ecfdbb201207f939bafee5ce30ab3977262636e2f73b28218e6d63628828dc5d
noarch	ruby-default-gems-3.0.7-162.el9_4.noarch.rpm	f6809eb4fbdc71511e0819d5b7b419c0f51d8e2ddaa37a2c79e09159f9fa0586
ppc64le	rubygem-json-2.5.1-162.el9_4.ppc64le.rpm	7149d9ec31c6638dc584884efb606d2d5abf830d3a93249d15c4fd376706630e
ppc64le	rubygem-bigdecimal-3.0.0-162.el9_4.ppc64le.rpm	81ee03b8834b504d841a5a177247542163502854bfb1daff7b91b90ba1305053
ppc64le	ruby-3.0.7-162.el9_4.ppc64le.rpm	88502e5b06de51c586f49217a5c42ae48e1deb06be3cdde2ab79ab471b7345de
ppc64le	rubygem-psych-3.3.2-162.el9_4.ppc64le.rpm	8cddf85f84ee2460593d6452e6570d7803e74361d804701c329edecdc2cf997e
ppc64le	rubygem-io-console-0.5.7-162.el9_4.ppc64le.rpm	9885987015b574ee2f33b8f1c25003463f29a544b457808a438d11011e718aa1
ppc64le	ruby-devel-3.0.7-162.el9_4.ppc64le.rpm	9a4e48976cd2494217758d03e155779f64d3fe072f90c18c1cc66b68252c9d30
ppc64le	ruby-libs-3.0.7-162.el9_4.ppc64le.rpm	ffae6013db17d9c11f889dd81d1291381a31d52f7097ca697ce0ffa0dca94b2d
s390x	rubygem-io-console-0.5.7-162.el9_4.s390x.rpm	2707bcba6bca49f50d2aad7e9f4c0bcd336dc8f9f640267c6bc3aaa1a0bfa411
s390x	rubygem-psych-3.3.2-162.el9_4.s390x.rpm	2f3bf458cb41bc24aca18ca4b2881d13220072c0de25a68c1adb807e13189d8b
s390x	rubygem-json-2.5.1-162.el9_4.s390x.rpm	3923138897bf64417f2978c11b0fb8645af44ab568a5db9565f5cb1e23a43f23
s390x	rubygem-bigdecimal-3.0.0-162.el9_4.s390x.rpm	719faf48a4e1392e055986f296054ba7954df2d0dffed24941bd6e862c067937
s390x	ruby-libs-3.0.7-162.el9_4.s390x.rpm	bf43234f913a0e87e76e4fdb3e20d33c522f436df23f982a30f86027dc2a6b4a
s390x	ruby-devel-3.0.7-162.el9_4.s390x.rpm	e85dbd297deb15872efa7bfe1b3d9982cf3af62047faaca533cf2d705f84c40f
s390x	ruby-3.0.7-162.el9_4.s390x.rpm	eda6795ddf6af1a33c0d11d2aae22fc4c93bfb6459da7932b3de3b361ed573c0
x86_64	rubygem-json-2.5.1-162.el9_4.x86_64.rpm	2a5a33a74873d4464a9455f07be1e989a7bc499368cde6c646f47d10b89dc74a
x86_64	rubygem-bigdecimal-3.0.0-162.el9_4.x86_64.rpm	3f2764590aa62c313ca6ab1c474daee87fcac040f6c35f70296f641c16dd847e
x86_64	rubygem-io-console-0.5.7-162.el9_4.x86_64.rpm	66c0f8191b06510ad9941e2815051a6d2d296dd61590658b417276f5d3d8bfbb
x86_64	rubygem-psych-3.3.2-162.el9_4.x86_64.rpm	78754e73e62b4de8e98fd29b89a29d76365540f20f001eda7dd61a977aa334b0
x86_64	ruby-devel-3.0.7-162.el9_4.x86_64.rpm	abbfe6417747fd29c12c260b32ee718af3c50eb3285a833dc6180600a4211041
x86_64	ruby-libs-3.0.7-162.el9_4.x86_64.rpm	d4239d1798ea18f74d8103221ebdfb86bbd90572bddd4bb4d4712ff27451c0f8
x86_64	ruby-3.0.7-162.el9_4.x86_64.rpm	eb7f945c8e3ad14aeaa027be6551828cca5f8cbbbf8f8317c82ab6edbdb53d38

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.