[ALSA-2022:6447] ruby:2.7 security, bug fix, and enhancement update
Severity
Moderate
Affected Packages
52
CVEs
3
ruby:2.7 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
The following packages have been upgraded to a later upstream version: ruby (2.7.6). (BZ#2109424)
Security Fix(es):
- ruby: Regular expression denial of service vulnerability of Date parsing methods (CVE-2021-41817)
- ruby: Cookie prefix spoofing in CGI::Cookie.parse (CVE-2021-41819)
- Ruby: Buffer overrun in String-to-Float conversion (CVE-2022-28739)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- ID
- ALSA-2022:6447
- Severity
- moderate
- URL
- https://errata.almalinux.org/ALSA-2022:6447.html
- Published
-
2022-09-13T00:00:00
(2 years ago) - Modified
-
2022-11-24T19:17:28
(22 months ago) - Rights
- Copyright 2022 AlmaLinux OS
- Other Advisories
-
-
ALAS-2022-1638
-
ALAS2-2022-1853
-
ALAS2-2023-2345
-
ALAS2-2024-2486
-
ALPINE:CVE-2021-41817
-
ALPINE:CVE-2021-41819
-
ALPINE:CVE-2022-28739
-
ALSA-2022:0543
-
ALSA-2022:5779
-
ALSA-2022:6450
-
ALSA-2022:6585
-
ALSA-2023:7025
-
DSA-5066-1
-
DSA-5067-1
-
ELSA-2022-0543
-
ELSA-2022-5338
-
ELSA-2022-5779
-
ELSA-2022-6447
-
ELSA-2022-6450
-
ELSA-2022-6585
-
ELSA-2023-12064
-
ELSA-2023-7025
-
FEDORA-2022-82a9edac27
-
FEDORA-2022-8cf0124add
-
FEDORA-2022-a7ca6ee0cf
-
FREEBSD:06ED6A49-BAD4-11EC-9CFE-0800270512F4
-
FREEBSD:4548EC97-4D38-11EC-A539-0800270512F4
-
FREEBSD:6916EA94-4628-11EC-BBE2-0800270512F4
-
GLSA-202401-27
-
MS:CVE-2021-41817
-
MS:CVE-2021-41819
-
MS:CVE-2022-28739
-
RHSA-2022:0543
-
RHSA-2022:5338
-
RHSA-2022:5779
-
RHSA-2022:6447
-
RHSA-2022:6450
-
RHSA-2022:6585
-
RHSA-2023:7025
-
RLSA-2022:0543
-
RLSA-2022:5338
-
RLSA-2022:5779
-
RLSA-2022:6447
-
RLSA-2022:6450
-
RLSA-2022:6585
-
RUBYSEC:CGI-2021-41819
-
RUBYSEC:DATE-2021-41817
-
SSA:2022-103-01
-
SUSE-SU-2022:1512-1
-
SUSE-SU-2022:3292-1
-
SUSE-SU-2023:4176-1
-
USN-5235-1
-
USN-5462-1
-
USN-5462-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| RHSA | RHSA-2022:6447 |
|
|
| CVE | CVE-2021-41817 |
|
|
| CVE | CVE-2021-41819 |
|
|
| CVE | CVE-2022-28739 |
|
|
| Bugzilla | 2025104 |
|
|
| Bugzilla | 2026757 |
|
|
| Bugzilla | 2075687 |
|
|
| Self | ALSA-2022:6447 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/almalinux/rubygems?arch=noarch&distro=almalinux-8.6 | almalinux |
 rubygems
|
< 3.1.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/rubygems-devel?arch=noarch&distro=almalinux-8.6 | almalinux |
rubygems-devel
|
< 3.1.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-xmlrpc?arch=noarch&distro=almalinux-8.6 | almalinux |
rubygem-xmlrpc
|
< 0.3.0-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-test-unit?arch=noarch&distro=almalinux-8.6 | almalinux |
rubygem-test-unit
|
< 3.3.4-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-rdoc?arch=noarch&distro=almalinux-8.6 | almalinux |
rubygem-rdoc
|
< 6.2.1.1-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-rake?arch=noarch&distro=almalinux-8.6 | almalinux |
rubygem-rake
|
< 13.0.1-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-psych?arch=x86_64&distro=almalinux-8.6 | almalinux |
rubygem-psych
|
< 3.1.0-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/rubygem-psych?arch=i686&distro=almalinux-8.6 | almalinux |
rubygem-psych
|
< 3.1.0-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | i686 | |
| Affected | pkg:rpm/almalinux/rubygem-psych?arch=aarch64&distro=almalinux-8.6 | almalinux |
rubygem-psych
|
< 3.1.0-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/rubygem-power_assert?arch=noarch&distro=almalinux-8.6 | almalinux |
rubygem-power_assert
|
< 1.1.7-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-pg?arch=x86_64&distro=almalinux-8.5 | almalinux |
rubygem-pg
|
< 1.2.3-1.module_el8.5.0+2595+0c654ebc | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/rubygem-pg?arch=aarch64&distro=almalinux-8.5 | almalinux |
rubygem-pg
|
< 1.2.3-1.module_el8.5.0+2595+0c654ebc | almalinux-8.5 | aarch64 | |
| Affected | pkg:rpm/almalinux/rubygem-pg?arch=aarch64&distro=almalinux-8.4 | almalinux |
rubygem-pg
|
< 1.2.3-1.module_el8.4.0+2399+4e3a532a | almalinux-8.4 | aarch64 | |
| Affected | pkg:rpm/almalinux/rubygem-pg-doc?arch=noarch&distro=almalinux-8.5 | almalinux |
rubygem-pg-doc
|
< 1.2.3-1.module_el8.5.0+2595+0c654ebc | almalinux-8.5 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-openssl?arch=x86_64&distro=almalinux-8.6 | almalinux |
rubygem-openssl
|
< 2.1.3-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/rubygem-openssl?arch=i686&distro=almalinux-8.6 | almalinux |
rubygem-openssl
|
< 2.1.3-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | i686 | |
| Affected | pkg:rpm/almalinux/rubygem-openssl?arch=aarch64&distro=almalinux-8.6 | almalinux |
rubygem-openssl
|
< 2.1.3-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/rubygem-net-telnet?arch=noarch&distro=almalinux-8.6 | almalinux |
rubygem-net-telnet
|
< 0.2.0-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-mysql2?arch=x86_64&distro=almalinux-8.5 | almalinux |
rubygem-mysql2
|
< 0.5.3-1.module_el8.5.0+2595+0c654ebc | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/rubygem-mysql2?arch=aarch64&distro=almalinux-8.5 | almalinux |
rubygem-mysql2
|
< 0.5.3-1.module_el8.5.0+2595+0c654ebc | almalinux-8.5 | aarch64 | |
| Affected | pkg:rpm/almalinux/rubygem-mysql2?arch=aarch64&distro=almalinux-8.4 | almalinux |
rubygem-mysql2
|
< 0.5.3-1.module_el8.4.0+2399+4e3a532a | almalinux-8.4 | aarch64 | |
| Affected | pkg:rpm/almalinux/rubygem-mysql2-doc?arch=noarch&distro=almalinux-8.5 | almalinux |
rubygem-mysql2-doc
|
< 0.5.3-1.module_el8.5.0+2595+0c654ebc | almalinux-8.5 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-mongo?arch=noarch&distro=almalinux-8.3 | almalinux |
rubygem-mongo
|
< 2.11.3-1.module_el8.3.0+6147+d0dfc1e4 | almalinux-8.3 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-mongo-doc?arch=noarch&distro=almalinux-8.3 | almalinux |
rubygem-mongo-doc
|
< 2.11.3-1.module_el8.3.0+6147+d0dfc1e4 | almalinux-8.3 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-minitest?arch=noarch&distro=almalinux-8.6 | almalinux |
rubygem-minitest
|
< 5.13.0-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-json?arch=x86_64&distro=almalinux-8.6 | almalinux |
rubygem-json
|
< 2.3.0-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/rubygem-json?arch=i686&distro=almalinux-8.6 | almalinux |
rubygem-json
|
< 2.3.0-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | i686 | |
| Affected | pkg:rpm/almalinux/rubygem-json?arch=aarch64&distro=almalinux-8.6 | almalinux |
rubygem-json
|
< 2.3.0-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/rubygem-irb?arch=noarch&distro=almalinux-8.6 | almalinux |
rubygem-irb
|
< 1.2.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-io-console?arch=x86_64&distro=almalinux-8.6 | almalinux |
rubygem-io-console
|
< 0.5.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/rubygem-io-console?arch=i686&distro=almalinux-8.6 | almalinux |
rubygem-io-console
|
< 0.5.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | i686 | |
| Affected | pkg:rpm/almalinux/rubygem-io-console?arch=aarch64&distro=almalinux-8.6 | almalinux |
rubygem-io-console
|
< 0.5.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/rubygem-bundler?arch=noarch&distro=almalinux-8.6 | almalinux |
rubygem-bundler
|
< 2.2.24-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-bson?arch=x86_64&distro=almalinux-8.3 | almalinux |
rubygem-bson
|
< 4.8.1-1.module_el8.3.0+6147+d0dfc1e4 | almalinux-8.3 | x86_64 | |
| Affected | pkg:rpm/almalinux/rubygem-bson?arch=aarch64&distro=almalinux-8.4 | almalinux |
rubygem-bson
|
< 4.8.1-1.module_el8.4.0+2399+4e3a532a | almalinux-8.4 | aarch64 | |
| Affected | pkg:rpm/almalinux/rubygem-bson-doc?arch=noarch&distro=almalinux-8.3 | almalinux |
rubygem-bson-doc
|
< 4.8.1-1.module_el8.3.0+6147+d0dfc1e4 | almalinux-8.3 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-bigdecimal?arch=x86_64&distro=almalinux-8.6 | almalinux |
rubygem-bigdecimal
|
< 2.0.0-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/rubygem-bigdecimal?arch=i686&distro=almalinux-8.6 | almalinux |
rubygem-bigdecimal
|
< 2.0.0-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | i686 | |
| Affected | pkg:rpm/almalinux/rubygem-bigdecimal?arch=aarch64&distro=almalinux-8.6 | almalinux |
rubygem-bigdecimal
|
< 2.0.0-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/rubygem-abrt?arch=noarch&distro=almalinux-8.5 | almalinux |
rubygem-abrt
|
< 0.4.0-1.module_el8.5.0+2595+0c654ebc | almalinux-8.5 | noarch | |
| Affected | pkg:rpm/almalinux/rubygem-abrt-doc?arch=noarch&distro=almalinux-8.5 | almalinux |
rubygem-abrt-doc
|
< 0.4.0-1.module_el8.5.0+2595+0c654ebc | almalinux-8.5 | noarch | |
| Affected | pkg:rpm/almalinux/ruby?arch=x86_64&distro=almalinux-8.6 | almalinux |
ruby
|
< 2.7.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/ruby?arch=i686&distro=almalinux-8.6 | almalinux |
ruby
|
< 2.7.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | i686 | |
| Affected | pkg:rpm/almalinux/ruby?arch=aarch64&distro=almalinux-8.6 | almalinux |
ruby
|
< 2.7.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/ruby-libs?arch=x86_64&distro=almalinux-8.6 | almalinux |
ruby-libs
|
< 2.7.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/ruby-libs?arch=i686&distro=almalinux-8.6 | almalinux |
ruby-libs
|
< 2.7.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | i686 | |
| Affected | pkg:rpm/almalinux/ruby-libs?arch=aarch64&distro=almalinux-8.6 | almalinux |
ruby-libs
|
< 2.7.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/ruby-doc?arch=noarch&distro=almalinux-8.6 | almalinux |
ruby-doc
|
< 2.7.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/ruby-devel?arch=x86_64&distro=almalinux-8.6 | almalinux |
ruby-devel
|
< 2.7.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/ruby-devel?arch=i686&distro=almalinux-8.6 | almalinux |
ruby-devel
|
< 2.7.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | i686 | |
| Affected | pkg:rpm/almalinux/ruby-devel?arch=aarch64&distro=almalinux-8.6 | almalinux |
ruby-devel
|
< 2.7.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/ruby-default-gems?arch=noarch&distro=almalinux-8.6 | almalinux |
ruby-default-gems
|
< 2.7.6-138.module_el8.6.0+3263+904da987 | almalinux-8.6 | noarch |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |