[ALSA-2024:3668] ruby:3.1 security, bug fix, and enhancement update
Severity
Moderate
Affected Packages
38
CVEs
3
ruby:3.1 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
The following packages have been upgraded to a later upstream version: ruby (3.1). (AlmaLinux-35449)
Security Fix(es):
- ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280)
- ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281)
- ruby: Arbitrary memory address read vulnerability with Regex search (CVE-2024-27282)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- ID
- ALSA-2024:3668
- Severity
- moderate
- URL
- https://errata.almalinux.org/ALSA-2024:3668.html
- Published
-
2024-06-06T00:00:00
(6 months ago) - Modified
-
2024-06-06T13:02:22
(6 months ago) - Rights
- Copyright 2024 AlmaLinux OS
- Other Advisories
-
- ALAS2-2024-2634
- ALAS2-2024-2637
- ALPINE:CVE-2024-27280
- ALPINE:CVE-2024-27281
- ALPINE:CVE-2024-27282
- ALSA-2024:3500
- ALSA-2024:3546
- ALSA-2024:3670
- ALSA-2024:3671
- ALSA-2024:3838
- ALSA-2024:4499
- DSA-5677-1
- ELSA-2024-3500
- ELSA-2024-3546
- ELSA-2024-3668
- ELSA-2024-3670
- ELSA-2024-3671
- ELSA-2024-3838
- ELSA-2024-4499
- FEDORA-2024-14db7b21a2
- FEDORA-2024-31cac8b8ec
- FEDORA-2024-48bdd3abbf
- FREEBSD:2CE1A2F1-0177-11EF-A45E-08002784C58D
- GLSA-202406-03
- RHSA-2024:3500
- RHSA-2024:3546
- RHSA-2024:3668
- RHSA-2024:3670
- RHSA-2024:3671
- RHSA-2024:3838
- RHSA-2024:4499
- RUBYSEC:RDOC-2024-27281
- RUBYSEC:STRINGIO-2024-27280
- SSA:2024-114-01
- USN-6838-1
- USN-6853-1
Source | # ID | Name | URL |
---|---|---|---|
RHSA | RHSA-2024:3668 | https://access.redhat.com/errata/RHSA-2024:3668 | |
CVE | CVE-2024-27280 | https://access.redhat.com/security/cve/CVE-2024-27280 | |
CVE | CVE-2024-27281 | https://access.redhat.com/security/cve/CVE-2024-27281 | |
CVE | CVE-2024-27282 | https://access.redhat.com/security/cve/CVE-2024-27282 | |
Bugzilla | 2270749 | https://bugzilla.redhat.com/2270749 | |
Bugzilla | 2270750 | https://bugzilla.redhat.com/2270750 | |
Bugzilla | 2276810 | https://bugzilla.redhat.com/2276810 | |
Self | ALSA-2024:3668 | https://errata.almalinux.org/9/ALSA-2024-3668.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/almalinux/rubygems?arch=noarch&distro=almalinux-9.4 | almalinux | rubygems | < 3.3.27-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/rubygems-devel?arch=noarch&distro=almalinux-9.4 | almalinux | rubygems-devel | < 3.3.27-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/rubygem-typeprof?arch=noarch&distro=almalinux-9.4 | almalinux | rubygem-typeprof | < 0.21.3-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/rubygem-test-unit?arch=noarch&distro=almalinux-9.4 | almalinux | rubygem-test-unit | < 3.5.3-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/rubygem-rss?arch=noarch&distro=almalinux-9.4 | almalinux | rubygem-rss | < 0.2.9-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/rubygem-rexml?arch=noarch&distro=almalinux-9.4 | almalinux | rubygem-rexml | < 3.2.5-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/rubygem-rdoc?arch=noarch&distro=almalinux-9.4 | almalinux | rubygem-rdoc | < 6.4.1.1-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/rubygem-rbs?arch=x86_64&distro=almalinux-9.4 | almalinux | rubygem-rbs | < 2.7.0-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | x86_64 | |
Affected | pkg:rpm/almalinux/rubygem-rbs?arch=aarch64&distro=almalinux-9.4 | almalinux | rubygem-rbs | < 2.7.0-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | aarch64 | |
Affected | pkg:rpm/almalinux/rubygem-rake?arch=noarch&distro=almalinux-9.4 | almalinux | rubygem-rake | < 13.0.6-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/rubygem-psych?arch=x86_64&distro=almalinux-9.4 | almalinux | rubygem-psych | < 4.0.4-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | x86_64 | |
Affected | pkg:rpm/almalinux/rubygem-psych?arch=aarch64&distro=almalinux-9.4 | almalinux | rubygem-psych | < 4.0.4-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | aarch64 | |
Affected | pkg:rpm/almalinux/rubygem-power_assert?arch=noarch&distro=almalinux-9.4 | almalinux | rubygem-power_assert | < 2.0.1-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/rubygem-pg?arch=x86_64&distro=almalinux-9.1 | almalinux | rubygem-pg | < 1.3.5-1.module_el9.1.0+8+503f6fbd | almalinux-9.1 | x86_64 | |
Affected | pkg:rpm/almalinux/rubygem-pg?arch=aarch64&distro=almalinux-9.1 | almalinux | rubygem-pg | < 1.3.5-1.module_el9.1.0+8+503f6fbd | almalinux-9.1 | aarch64 | |
Affected | pkg:rpm/almalinux/rubygem-pg-doc?arch=noarch&distro=almalinux-9.1 | almalinux | rubygem-pg-doc | < 1.3.5-1.module_el9.1.0+8+503f6fbd | almalinux-9.1 | noarch | |
Affected | pkg:rpm/almalinux/rubygem-mysql2?arch=x86_64&distro=almalinux-9.1 | almalinux | rubygem-mysql2 | < 0.5.4-1.module_el9.1.0+8+503f6fbd | almalinux-9.1 | x86_64 | |
Affected | pkg:rpm/almalinux/rubygem-mysql2?arch=aarch64&distro=almalinux-9.1 | almalinux | rubygem-mysql2 | < 0.5.4-1.module_el9.1.0+8+503f6fbd | almalinux-9.1 | aarch64 | |
Affected | pkg:rpm/almalinux/rubygem-mysql2-doc?arch=noarch&distro=almalinux-9.1 | almalinux | rubygem-mysql2-doc | < 0.5.4-1.module_el9.1.0+8+503f6fbd | almalinux-9.1 | noarch | |
Affected | pkg:rpm/almalinux/rubygem-minitest?arch=noarch&distro=almalinux-9.4 | almalinux | rubygem-minitest | < 5.15.0-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/rubygem-json?arch=x86_64&distro=almalinux-9.4 | almalinux | rubygem-json | < 2.6.1-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | x86_64 | |
Affected | pkg:rpm/almalinux/rubygem-json?arch=aarch64&distro=almalinux-9.4 | almalinux | rubygem-json | < 2.6.1-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | aarch64 | |
Affected | pkg:rpm/almalinux/rubygem-irb?arch=noarch&distro=almalinux-9.4 | almalinux | rubygem-irb | < 1.4.1-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/rubygem-io-console?arch=x86_64&distro=almalinux-9.4 | almalinux | rubygem-io-console | < 0.5.11-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | x86_64 | |
Affected | pkg:rpm/almalinux/rubygem-io-console?arch=aarch64&distro=almalinux-9.4 | almalinux | rubygem-io-console | < 0.5.11-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | aarch64 | |
Affected | pkg:rpm/almalinux/rubygem-bundler?arch=noarch&distro=almalinux-9.4 | almalinux | rubygem-bundler | < 2.3.27-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/rubygem-bigdecimal?arch=x86_64&distro=almalinux-9.4 | almalinux | rubygem-bigdecimal | < 3.1.1-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | x86_64 | |
Affected | pkg:rpm/almalinux/rubygem-bigdecimal?arch=aarch64&distro=almalinux-9.4 | almalinux | rubygem-bigdecimal | < 3.1.1-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | aarch64 | |
Affected | pkg:rpm/almalinux/ruby?arch=x86_64&distro=almalinux-9.4 | almalinux | ruby | < 3.1.5-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | x86_64 | |
Affected | pkg:rpm/almalinux/ruby?arch=aarch64&distro=almalinux-9.4 | almalinux | ruby | < 3.1.5-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | aarch64 | |
Affected | pkg:rpm/almalinux/ruby-libs?arch=x86_64&distro=almalinux-9.4 | almalinux | ruby-libs | < 3.1.5-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | x86_64 | |
Affected | pkg:rpm/almalinux/ruby-libs?arch=aarch64&distro=almalinux-9.4 | almalinux | ruby-libs | < 3.1.5-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | aarch64 | |
Affected | pkg:rpm/almalinux/ruby-doc?arch=noarch&distro=almalinux-9.4 | almalinux | ruby-doc | < 3.1.5-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/ruby-devel?arch=x86_64&distro=almalinux-9.4 | almalinux | ruby-devel | < 3.1.5-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | x86_64 | |
Affected | pkg:rpm/almalinux/ruby-devel?arch=aarch64&distro=almalinux-9.4 | almalinux | ruby-devel | < 3.1.5-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | aarch64 | |
Affected | pkg:rpm/almalinux/ruby-default-gems?arch=noarch&distro=almalinux-9.4 | almalinux | ruby-default-gems | < 3.1.5-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | noarch | |
Affected | pkg:rpm/almalinux/ruby-bundled-gems?arch=x86_64&distro=almalinux-9.4 | almalinux | ruby-bundled-gems | < 3.1.5-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | x86_64 | |
Affected | pkg:rpm/almalinux/ruby-bundled-gems?arch=aarch64&distro=almalinux-9.4 | almalinux | ruby-bundled-gems | < 3.1.5-144.module_el9.4.0+101+d58a8d95 | almalinux-9.4 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |