AlmaLinux 2324 Published by

A ruby:2.5 security update has been released for AlmaLinux.



ALSA-2022:0672 Moderate: ruby:2.5 security update


Type:
security

Severity:
moderate

Release date:
2022-02-27

Description
Security Fix(es):
* rubygem-rdoc: Command injection vulnerability in RDoc (CVE-2021-31799)
* ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host (CVE-2021-31810)
* ruby: StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2021-31799
CVE-2021-31810
CVE-2021-32066

Updates packages:
ruby-2.5.9-109.module_el8.5.0+2627+d9c243ca.i686.rpm
ruby-2.5.9-109.module_el8.5.0+2627+d9c243ca.x86_64.rpm
ruby-devel-2.5.9-109.module_el8.5.0+2627+d9c243ca.i686.rpm
ruby-devel-2.5.9-109.module_el8.5.0+2627+d9c243ca.x86_64.rpm
ruby-doc-2.5.9-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
ruby-irb-2.5.9-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
ruby-libs-2.5.9-109.module_el8.5.0+2627+d9c243ca.i686.rpm
ruby-libs-2.5.9-109.module_el8.5.0+2627+d9c243ca.x86_64.rpm
rubygem-bigdecimal-1.3.4-109.module_el8.5.0+2627+d9c243ca.i686.rpm
rubygem-bigdecimal-1.3.4-109.module_el8.5.0+2627+d9c243ca.x86_64.rpm
rubygem-did_you_mean-1.2.0-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
rubygem-io-console-0.4.6-109.module_el8.5.0+2627+d9c243ca.i686.rpm
rubygem-io-console-0.4.6-109.module_el8.5.0+2627+d9c243ca.x86_64.rpm
rubygem-json-2.1.0-109.module_el8.5.0+2627+d9c243ca.i686.rpm
rubygem-json-2.1.0-109.module_el8.5.0+2627+d9c243ca.x86_64.rpm
rubygem-minitest-5.10.3-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
rubygem-net-telnet-0.1.1-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
rubygem-openssl-2.1.2-109.module_el8.5.0+2627+d9c243ca.i686.rpm
rubygem-openssl-2.1.2-109.module_el8.5.0+2627+d9c243ca.x86_64.rpm
rubygem-power_assert-1.1.1-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
rubygem-psych-3.0.2-109.module_el8.5.0+2627+d9c243ca.i686.rpm
rubygem-psych-3.0.2-109.module_el8.5.0+2627+d9c243ca.x86_64.rpm
rubygem-rake-12.3.3-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
rubygem-rdoc-6.0.1.1-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
rubygem-test-unit-3.2.7-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
rubygem-xmlrpc-0.3.0-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
rubygems-2.7.6.3-109.module_el8.5.0+2627+d9c243ca.noarch.rpm
rubygems-devel-2.7.6.3-109.module_el8.5.0+2627+d9c243ca.noarch.rpm

Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2022:0672 Moderate: ruby:2.5 security update