AlmaLinux 2318 Published by

The following security updates have been released for AlmaLinux:

ALSA-2024:2113 Moderate: pcs security update
ALSA-2024:3659 Important: booth security update
ALSA-2024:3661 Important: booth security update
ALSA-2024:3670 Moderate: ruby:3.3 security, bug fix, and enhancement update
ALSA-2024:3671 Moderate: ruby:3.3 security, bug fix, and enhancement update




ALSA-2024:2113 Moderate: pcs security update

ID:
ALSA-2024:2113

Title:
ALSA-2024:2113 Moderate: pcs security update

Type:
security

Severity:
moderate

Release date:
2024-05-07

Description
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing (CVE-2024-25126)
* rubygem-rack: Possible DoS Vulnerability with Range Header in Rack (CVE-2024-26141)
* rubygem-rack: Possible Denial of Service Vulnerability in Rack Header Parsing (CVE-2024-26146)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:
CVE-2024-25126
CVE-2024-26141
CVE-2024-26146
RHSA-2024:2113
ALSA-2024:2113

Updated packages listed below:
Architecture
Package
Checksum
aarch64
pcs-0.11.7-2.el9_4.aarch64.rpm
4ea9cd634e961335e4ea19e84289e96858fd113824259aecc5e65e2bdd7f97e5
aarch64
pcs-snmp-0.11.7-2.el9_4.aarch64.rpm
68a1cd8ffb7918bf7dc6328117e03b8223a7e61500231b058871bd9f9bdc60fb
ppc64le
pcs-0.11.7-2.el9_4.ppc64le.rpm
aa7a9e9b8904d4c28c010560a1dd34e9ac3c8cb19622ff82cb18b6585f48f375
ppc64le
pcs-snmp-0.11.7-2.el9_4.ppc64le.rpm
d29b9002ce7042923fae0b34af1709d9a3ee0ca4a803294db310655b9c990c88
s390x
pcs-0.11.7-2.el9_4.s390x.rpm
05fab9a397e3d8c8f2b1a5aa89d4cb7c7fb3c5762d5fcb101b8826cc9a39a520
s390x
pcs-snmp-0.11.7-2.el9_4.s390x.rpm
ce4966e4e8957588173579130c1e552b9b01b4bff18fadb9edfcc62908c3b0b0
x86_64
pcs-snmp-0.11.7-2.el9_4.x86_64.rpm
7aec6341b5930bbb45727b7137ae6cfa352dafbe1dc31093aa1b15312c4b5677
x86_64
pcs-0.11.7-2.el9_4.x86_64.rpm
aa0a80470ba28c1506c35d81da2ad9be31eec3a8322a590d926bfb23d38fa50f

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:2113 Moderate: pcs security update


ALSA-2024:3659 Important: booth security update

ID:
ALSA-2024:3659

Title:
ALSA-2024:3659 Important: booth security update

Type:
security

Severity:
important

Release date:
2024-06-11

Description
The Booth cluster ticket manager is a component to bridge high availability
clusters spanning multiple sites, in particular, to provide decision inputs to
local Pacemaker cluster resource managers. It operates as a distributed
consensus-based service, presumably on a separate physical network. Tickets
facilitated by a Booth formation are the units of authorization that can be
bound to certain resources. This will ensure that the resources are run at only
one (granted) site at a time.
Security Fix(es):
* booth: specially crafted hash can lead to invalid HMAC being accepted by Booth server (CVE-2024-3049)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2024-3049
RHSA-2024:3659
ALSA-2024:3659

Updated packages listed below:
Architecture
Package
Checksum
aarch64
booth-1.1-1.el8_10.1.aarch64.rpm
85ea6407e2a5f69392c6962042722f0d32f155d2af3af983d3317ed4b17a690b
aarch64
booth-core-1.1-1.el8_10.1.aarch64.rpm
a5bf69a91d34fdbc8e219fc1a72d0f82b170d74a3ab25cc0fe430255d1863ed5
noarch
booth-arbitrator-1.1-1.el8_10.1.noarch.rpm
2ed42efdc796a6e5db1ceefca4ffb07a8bac87521853a49c3bf5e94878171c8b
noarch
booth-site-1.1-1.el8_10.1.noarch.rpm
9186b82d9917d72fb035cc9091e649749cda857a06ed91c147918cc90bec0e1a
noarch
booth-test-1.1-1.el8_10.1.noarch.rpm
a2b68433ada8ea79abd222e70084898349c77f54dc97321ba47c40a2317a4551
ppc64le
booth-core-1.1-1.el8_10.1.ppc64le.rpm
5b2dd5e294f22e9cedbb8e9e926f34cf0508b06f78ea588a172aa8c8edb2af19
ppc64le
booth-1.1-1.el8_10.1.ppc64le.rpm
9f737897e0c5046c16cf75d38244c9db3dac0d79feb72ec315fc375bee783416
s390x
booth-core-1.1-1.el8_10.1.s390x.rpm
22c781da2ce00b5a138c5b22be8b1a53d13a2683e08392d76a5f7059ffcfd131
s390x
booth-1.1-1.el8_10.1.s390x.rpm
a69158f089f7e2fa30984edce3c62cbad4b8875509878f3f24557c15dada8ad2
x86_64
booth-1.1-1.el8_10.1.x86_64.rpm
200af4f69b151f23912710613d8533a17dc9302f7ce72505526e47f42f7ec966
x86_64
booth-core-1.1-1.el8_10.1.x86_64.rpm
cfc8d71330da1fcb4c237b91e1193ffbd1fe6ecd673bdc76aabd8fa849930f9f

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:3659 Important: booth security update


ALSA-2024:3661 Important: booth security update

ID:
ALSA-2024:3661

Title:
ALSA-2024:3661 Important: booth security update

Type:
security

Severity:
important

Release date:
2024-06-11

Description
The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network. Tickets facilitated by a Booth formation are the units of authorization that can be bound to certain resources. This will ensure that the resources are run at only one (granted) site at a time.
Security Fix(es):
* booth: specially crafted hash can lead to invalid HMAC being accepted by Booth server (CVE-2024-3049)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2024-3049
RHSA-2024:3661
ALSA-2024:3661

Updated packages listed below:
Architecture
Package
Checksum
aarch64
booth-core-1.1-1.el9_4.1.aarch64.rpm
9fbfc642b913732a47b38b77146504bd9c50f009e7b680691159cded16795cb6
aarch64
booth-1.1-1.el9_4.1.aarch64.rpm
b70ed3bd8df74e633be046a3d47b4786adafba4acdf165d07c28d326ca3bdd3e
noarch
booth-site-1.1-1.el9_4.1.noarch.rpm
0c297c1f24f27bad5443c416d74fc11a18f52a9345fa8dd99cc5213ff742f6fb
noarch
booth-test-1.1-1.el9_4.1.noarch.rpm
d657c58145373cce5ce31bc9d505a5008903c7dac20edd1d65c9815e66da06f2
noarch
booth-arbitrator-1.1-1.el9_4.1.noarch.rpm
ec139870243943e962cb2a16267b44079ec903af79930b62d30ce9037d0a8845
ppc64le
booth-core-1.1-1.el9_4.1.ppc64le.rpm
28a02eedccf06e48b85b60004234ff4cd68a9268d2505a545cfa5c18d7891d44
ppc64le
booth-1.1-1.el9_4.1.ppc64le.rpm
a62f9d717bbbb1622b8a12c4a92f1eea588e3e00d7c5c2f723c9e66712dde856
s390x
booth-1.1-1.el9_4.1.s390x.rpm
090c0660b0288dbaf3ea5801c368d5ac3218e84897f9851100ab4fe5a6123507
s390x
booth-core-1.1-1.el9_4.1.s390x.rpm
781fe77790f129546da58195f198bf6a38d7d1ed33471caec9cecddf5f94e18a
x86_64
booth-core-1.1-1.el9_4.1.x86_64.rpm
a4111a51fcc56c8c8301ba89890c3d458896a4d60ef80c4a554fd29546131853
x86_64
booth-1.1-1.el9_4.1.x86_64.rpm
d93d508312181a0e497782ff9407e90326790c0123074a397089dd224eb60c4b

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:3661 Important: booth security update


ALSA-2024:3670 Moderate: ruby:3.3 security, bug fix, and enhancement update

ID:
ALSA-2024:3670

Title:
ALSA-2024:3670 Moderate: ruby:3.3 security, bug fix, and enhancement update

Type:
security

Severity:
moderate

Release date:
2024-06-10

Description
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
The following packages have been upgraded to a later upstream version: ruby (3.3). (AlmaLinux-37446)
Security Fix(es):
* ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280)
* ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281)
* ruby: Arbitrary memory address read vulnerability with Regex search
(CVE-2024-27282)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2024-27280
CVE-2024-27281
CVE-2024-27282
RHSA-2024:3670
ALSA-2024:3670

Updated packages listed below:
Architecture
Package
Checksum
aarch64
ruby-libs-3.3.1-2.module_el8.10.0+3855+767cb125.aarch64.rpm
1b474ba365e7db1eb8558656daa34cecceb8a442f1d33ef70119f576e0188e36
aarch64
ruby-bundled-gems-3.3.1-2.module_el8.10.0+3855+767cb125.aarch64.rpm
5a4d035fac9c9b9840a0173e7b395ec322d87110881735c1baba322095a5d7e0
aarch64
rubygem-json-2.7.1-2.module_el8.10.0+3855+767cb125.aarch64.rpm
5d79bcf5aad1aca62925556377e5c3cad3d53118a574f109cc3395d68b5d7b01
aarch64
rubygem-bigdecimal-3.1.5-2.module_el8.10.0+3855+767cb125.aarch64.rpm
77e254be3974cc7ede5e6ae6c6ca418f7faac87293162bea78483548c87a0178
aarch64
rubygem-io-console-0.7.1-2.module_el8.10.0+3855+767cb125.aarch64.rpm
8ae0baeb3d486ee02da28af86732d44e743a7c8d10bf6ef76fda505715d74b5c
aarch64
rubygem-mysql2-0.5.5-1.module_el8.10.0+3799+191214cc.aarch64.rpm
c62a808b81b0d99fea18c0993682022ab9dbac232eab8f53a7b54c21988ab20a
aarch64
rubygem-rbs-3.4.0-2.module_el8.10.0+3855+767cb125.aarch64.rpm
e61c75dc816d4263e6296e714206172b1dc98db968ac7368a726407fb5a47124
aarch64
rubygem-pg-1.5.4-1.module_el8.10.0+3799+191214cc.aarch64.rpm
eb6c1e581602e2bf0c514423a76df8684840836b0b5b937870124eefda96a806
aarch64
ruby-devel-3.3.1-2.module_el8.10.0+3855+767cb125.aarch64.rpm
f42c9e1a1e9226ff28f5f7e5604cd6d9da1ccb6490844614df65c4071ee55aa5
aarch64
rubygem-psych-5.1.2-2.module_el8.10.0+3855+767cb125.aarch64.rpm
fac8a7ee2c5d99e4cd015a2a833b652752a62f969d6c58ab2afca9c28fc99f6f
aarch64
rubygem-racc-1.7.3-2.module_el8.10.0+3855+767cb125.aarch64.rpm
fc5e57a0388b4e34373907faf25b222f07b1c6d7500eb15c16f15e3d7e2fe580
aarch64
ruby-3.3.1-2.module_el8.10.0+3855+767cb125.aarch64.rpm
fc76ad19c7de81bcf74f732f75f8a3965ae9eb7d7957bf6a529c76694eb82c55
i686
rubygem-bigdecimal-3.1.5-2.module_el8.10.0+3855+767cb125.i686.rpm
1015a884c628e6ae45df99b183ce7fa352f2adf3c729a0970e179efbaf5bad22
i686
rubygem-json-2.7.1-2.module_el8.10.0+3855+767cb125.i686.rpm
1878dd9d06b80c8615b6f9dad43b5293a90e2e606fc9abc1d474255589405ad2
i686
rubygem-rbs-3.4.0-2.module_el8.10.0+3855+767cb125.i686.rpm
1b39a3e9e8ccd7dafcbb3762fe148f590074e2a9b2464dc65858023069cec97c
i686
ruby-libs-3.3.1-2.module_el8.10.0+3855+767cb125.i686.rpm
21ed860dc7a7232ce26462743090dbfcee86eaf6ffbf81b62cddd3bae4c39298
i686
rubygem-psych-5.1.2-2.module_el8.10.0+3855+767cb125.i686.rpm
2479cdb4d25ea0d8df698baa24b1d6d71a29d1c221134bfd06f286e46d9005a5
i686
rubygem-racc-1.7.3-2.module_el8.10.0+3855+767cb125.i686.rpm
45ea969329daa3ec1ea693f39c36a8dfcdc21c07a21cc99398010b90cde56c15
i686
ruby-bundled-gems-3.3.1-2.module_el8.10.0+3855+767cb125.i686.rpm
66f4a149d69fc17a006d84085063a0324ebbe7601e82b58c8284037838ab577f
i686
rubygem-io-console-0.7.1-2.module_el8.10.0+3855+767cb125.i686.rpm
90889479fee4dce74069543cd471133419102e2801a673c53c5b920c31083163
i686
ruby-devel-3.3.1-2.module_el8.10.0+3855+767cb125.i686.rpm
bc5b4cd1ff38dcdaf701ad6c7e94267426289b93df483dad5b89fd88b92a981b
i686
ruby-3.3.1-2.module_el8.10.0+3855+767cb125.i686.rpm
caa53143f96a454724b13ea84193e0d2b2022c7333b5b60a69b7caab01c900b3
noarch
rubygem-rake-13.1.0-2.module_el8.10.0+3855+767cb125.noarch.rpm
29a0d577255f1dc0ead45c62b14b16391b7b1c0dd9b012f74f841310de7e6eca
noarch
rubygem-rss-0.3.0-2.module_el8.10.0+3855+767cb125.noarch.rpm
2f13b5a0d6538aefd6b63102b6edf6266dc41f7b411c7a07852a64cd308a39e3
noarch
rubygems-3.5.9-2.module_el8.10.0+3855+767cb125.noarch.rpm
33d74a8a9a425f6b49dc494bf3c5fe54a28a5d9bf2a760bd1c96eb032c203608
noarch
rubygem-test-unit-3.6.1-2.module_el8.10.0+3855+767cb125.noarch.rpm
4066859a0bfd7a366b7d3abd406d7cc538c72983f68c26093108f42a863c5c75
noarch
rubygem-irb-1.11.0-2.module_el8.10.0+3855+767cb125.noarch.rpm
4468c56b17722519fa88ecf4d57e771cf0e16017717b0da19dd6373e01ff8a18
noarch
rubygem-bundler-2.5.9-2.module_el8.10.0+3855+767cb125.noarch.rpm
47659a59398ff4e68a61352f39b7e9f7bb2905539be7c25fd4fa2a3fff7506d9
noarch
rubygem-rexml-3.2.6-2.module_el8.10.0+3855+767cb125.noarch.rpm
622b7bf2b9ebc27d575b4dd6b3bb0cef17c7d813c661f412610cea54b79ef462
noarch
rubygem-rdoc-6.6.3.1-2.module_el8.10.0+3855+767cb125.noarch.rpm
83c1237de90d2c5724cb4c0a5796a21baee61e18254271fedfc6a3b6ad72ff0f
noarch
rubygem-typeprof-0.21.9-2.module_el8.10.0+3855+767cb125.noarch.rpm
9837d4fe31ea7cf91718054aaad47117c1aeb49fac12f5fc57a6f8e7682588e0
noarch
rubygem-mysql2-doc-0.5.5-1.module_el8.10.0+3799+191214cc.noarch.rpm
a1e84a63a7afd9043eb9ee27d2b4a2784de6e4790859efeb6e29353b8922b91f
noarch
ruby-doc-3.3.1-2.module_el8.10.0+3855+767cb125.noarch.rpm
a96b95f0ba62fcb579f5c06f6836aa48af7ee0019291d224ddeeed3d8515a91c
noarch
rubygem-power_assert-2.0.3-2.module_el8.10.0+3855+767cb125.noarch.rpm
b20a878d3dea8a3bf7620d01c84d87506468252d1a7009a8d7383d358b03c565
noarch
rubygem-pg-doc-1.5.4-1.module_el8.10.0+3799+191214cc.noarch.rpm
b8da427ba088e5a263b5c71d592a6515861cf12932be7ac5577f51afc1c68900
noarch
rubygem-abrt-doc-0.4.0-1.module_el8.10.0+3799+191214cc.noarch.rpm
c7018cb7e3cfdd28f00117935672e78df8eddf81f308a36b9be1dd8a3fec2afe
noarch
ruby-default-gems-3.3.1-2.module_el8.10.0+3855+767cb125.noarch.rpm
c8b0e14d0239cbe888d1684a57bbcc086222a9267e6fc145a61c1022ee08f9d0
noarch
rubygems-devel-3.5.9-2.module_el8.10.0+3855+767cb125.noarch.rpm
cb21ac5386973ddd4fffabfa61691323b34c3d04f529631923f3a79de3333c0f
noarch
rubygem-minitest-5.20.0-2.module_el8.10.0+3855+767cb125.noarch.rpm
d2fb9911fdfacd518d63e86d236a6d199467ad01ec0dc06d17591c82a009853e
noarch
rubygem-abrt-0.4.0-1.module_el8.10.0+3799+191214cc.noarch.rpm
eb0f7cad4d0f103b5e53f11647208a780406db8c8cd8c9556e219bec8e1d9893
ppc64le
rubygem-rbs-3.4.0-2.module_el8.10.0+3855+767cb125.ppc64le.rpm
181772cea3b12b9e7b6b3aafb9c0ae0c6b08712f8cb52a39278bbe114ea2f2b6
ppc64le
rubygem-json-2.7.1-2.module_el8.10.0+3855+767cb125.ppc64le.rpm
3e148723bae783e28bee1a8b282708ff70cd95394b0f06447ab38d43e06ea95a
ppc64le
ruby-3.3.1-2.module_el8.10.0+3855+767cb125.ppc64le.rpm
42b9b72127657b35334476858f677c88b361669d8cff82af5b1750ae3ea9220f
ppc64le
rubygem-pg-1.5.4-1.module_el8.10.0+3799+191214cc.ppc64le.rpm
42d6c926024708a478291ff8ed6df0105234c6923b1d1510e10627bea6cc65a6
ppc64le
rubygem-mysql2-0.5.5-1.module_el8.10.0+3799+191214cc.ppc64le.rpm
5a972434690d6ccc541727ace50749ee5c5005bae5faf4e2bff4c7acdf33d580
ppc64le
rubygem-racc-1.7.3-2.module_el8.10.0+3855+767cb125.ppc64le.rpm
705143b107dc2980d4d725299bc26de105e49265d7235c0d2b18ca89ee496e6a
ppc64le
rubygem-io-console-0.7.1-2.module_el8.10.0+3855+767cb125.ppc64le.rpm
8e206b7e74fbc46369c0c954a3291e8d595b173a9db9ec5c210643e85583a6a9
ppc64le
ruby-devel-3.3.1-2.module_el8.10.0+3855+767cb125.ppc64le.rpm
9cd9a3e792c2f13f23fba102a1a08ffce14ad5f43af28718a73ec9e3f7fe35c5
ppc64le
rubygem-bigdecimal-3.1.5-2.module_el8.10.0+3855+767cb125.ppc64le.rpm
bbde1995fe60d15cc59b12d4e9ab394058303af5a328a3a8eb63a1c681828e6b
ppc64le
rubygem-psych-5.1.2-2.module_el8.10.0+3855+767cb125.ppc64le.rpm
d3636e3bb269891c37efe9d80220e41982c0cc907bbf858673d2805b595ab7ce
ppc64le
ruby-bundled-gems-3.3.1-2.module_el8.10.0+3855+767cb125.ppc64le.rpm
f9a44adb12757f60c4b8d49bd899ba4cef14f2667ed2c3e2c3586dab8648fbbe
ppc64le
ruby-libs-3.3.1-2.module_el8.10.0+3855+767cb125.ppc64le.rpm
fd210fac774a13c45c20053c186533df5c7520a1e355fe4018b128db3312f932
s390x
rubygem-mysql2-0.5.5-1.module_el8.10.0+3799+191214cc.s390x.rpm
0212e4bd0a248fdb4c10424d90e73d4c0400b209c24f90e3a5fac26348adcdc3
s390x
rubygem-io-console-0.7.1-2.module_el8.10.0+3855+767cb125.s390x.rpm
0ec6d5ab79d06322d266262462db7c71cd160ee1260b40568518fc38181952fa
s390x
rubygem-json-2.7.1-2.module_el8.10.0+3855+767cb125.s390x.rpm
2b595df5672c9965403a2f2f3777e36043e2fedc308526d5f434c5d275c5ccbc
s390x
rubygem-rbs-3.4.0-2.module_el8.10.0+3855+767cb125.s390x.rpm
369538120f605b2350672de5ae970143b066e4c71f117f529180b52363be6081
s390x
rubygem-psych-5.1.2-2.module_el8.10.0+3855+767cb125.s390x.rpm
4343da87e0eaaa8e9919a3223478a249c1ebe04542cb31c49600d6676e6f6e60
s390x
rubygem-racc-1.7.3-2.module_el8.10.0+3855+767cb125.s390x.rpm
4c0d177321393686a8f17b600c232e2257406f43a8b0a5b5f1d4be0078863bbe
s390x
rubygem-bigdecimal-3.1.5-2.module_el8.10.0+3855+767cb125.s390x.rpm
55c8d765331a951955c62701cc0234cc4df5c81223ad214beeebb47a94762e61
s390x
ruby-devel-3.3.1-2.module_el8.10.0+3855+767cb125.s390x.rpm
844b82261954d03bfffee731456b7d8d15b3877413dcdbabf11eb3f06aa162e1
s390x
ruby-bundled-gems-3.3.1-2.module_el8.10.0+3855+767cb125.s390x.rpm
9b875491830f61511bda75edebe3851eb4497ba43228c7ee6594d184f2e85ec0
s390x
rubygem-pg-1.5.4-1.module_el8.10.0+3799+191214cc.s390x.rpm
b17f6e9ce3697902b5d1a0a00f804510913440b751583002e5226f0f1bafcfad
s390x
ruby-libs-3.3.1-2.module_el8.10.0+3855+767cb125.s390x.rpm
b9d9ca3a9cf862eacc7e03191ad5101589edc6ab6337fb07ce6b62c18cbfb895
s390x
ruby-3.3.1-2.module_el8.10.0+3855+767cb125.s390x.rpm
f942eb4b448f6a0786ebfbae846905f6665716a642892aa4b99c7bcb1c53e870
x86_64
rubygem-psych-5.1.2-2.module_el8.10.0+3855+767cb125.x86_64.rpm
13cd9cdb38b7af6c100702b7dbdf38e8de13d628f8f23a1627c67aa26c667385
x86_64
rubygem-json-2.7.1-2.module_el8.10.0+3855+767cb125.x86_64.rpm
1efd828459bf305a77bfdf5298fb4b4f45b956041826ce9ceb46f34d07c55da8
x86_64
ruby-devel-3.3.1-2.module_el8.10.0+3855+767cb125.x86_64.rpm
3975b93254ee6d0a888503ea4de0262d2eabe8b19aa2b37b1162b97375dd56f3
x86_64
rubygem-pg-1.5.4-1.module_el8.10.0+3799+191214cc.x86_64.rpm
7ddeaee161c1a35868f10426b7a3549b322294671d17a3ec3157dc7da950a7eb
x86_64
ruby-libs-3.3.1-2.module_el8.10.0+3855+767cb125.x86_64.rpm
8a3455b9c21e3d3cf810ad5bd425d2bec9317b58869453416d078919a86504a4
x86_64
ruby-bundled-gems-3.3.1-2.module_el8.10.0+3855+767cb125.x86_64.rpm
8a5e3f9fccb092e06b7093ae048b197a5c5701159f9369f1aaddec4810592b90
x86_64
rubygem-bigdecimal-3.1.5-2.module_el8.10.0+3855+767cb125.x86_64.rpm
92b691ee64e741ee5948e703068de97ecf63df0989c215cca693809b84027ebe
x86_64
rubygem-rbs-3.4.0-2.module_el8.10.0+3855+767cb125.x86_64.rpm
cd48eacd314a14e81d18f76c9f4f157cf23c93990ae5ef057c4b45256ff655ef
x86_64
rubygem-racc-1.7.3-2.module_el8.10.0+3855+767cb125.x86_64.rpm
d21fe7b49977fdb5f20bef1e18146979100c399ab3c660b64172907abc702894
x86_64
rubygem-io-console-0.7.1-2.module_el8.10.0+3855+767cb125.x86_64.rpm
d89a2cfebf6def551e9915c0b539c298ad857306d78f498a4425638a57a61f1d
x86_64
ruby-3.3.1-2.module_el8.10.0+3855+767cb125.x86_64.rpm
e3e4b4f822f440866ffa95b0abadb33ada621c23d8e88edde6c48a09b6fac79e
x86_64
rubygem-mysql2-0.5.5-1.module_el8.10.0+3799+191214cc.x86_64.rpm
e70746488c18387708051b0110e5ffbf3579eecd588680bad936e954bfbd2400

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:3670 Moderate: ruby:3.3 security, bug fix, and enhancement update


ALSA-2024:3671 Moderate: ruby:3.3 security, bug fix, and enhancement update

ID:
ALSA-2024:3671

Title:
ALSA-2024:3671 Moderate: ruby:3.3 security, bug fix, and enhancement update

Type:
security

Severity:
moderate

Release date:
2024-06-10

Description
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
The following packages have been upgraded to a later upstream version: ruby (3.3). (AlmaLinux-37697)
Security Fix(es):
* ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280)
* ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281)
* ruby: Arbitrary memory address read vulnerability with Regex search (CVE-2024-27282)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2024-27280
CVE-2024-27281
CVE-2024-27282
RHSA-2024:3671
ALSA-2024:3671

Updated packages listed below:
Architecture
Package
Checksum
aarch64
rubygem-rbs-3.4.0-2.module_el9.4.0+102+68a93853.aarch64.rpm
0130103a96563d9fffc288ed57fb2b2afa5a177bc201603ea4185aaec0c9a342
aarch64
rubygem-pg-1.5.4-1.module_el9.4.0+75+1a8fe981.aarch64.rpm
210298d16030e1b0a3f0d51412118ac191b4f0ddc83d16c55492ce97e097f7a5
aarch64
rubygem-racc-1.7.3-2.module_el9.4.0+102+68a93853.aarch64.rpm
326502e8d2cda542fbed21ac842e1c164fb83c98c15300c284fea2d60df6b8a6
aarch64
ruby-devel-3.3.1-2.module_el9.4.0+102+68a93853.aarch64.rpm
74e04f3d16f168684e0db3db571253d09d10411e8ac2920394402423e114502b
aarch64
ruby-libs-3.3.1-2.module_el9.4.0+102+68a93853.aarch64.rpm
75d6ccac9e6e77c4bb14709769ed70bf43cd862270f884392c3ffb728242564f
aarch64
rubygem-mysql2-0.5.5-1.module_el9.4.0+75+1a8fe981.aarch64.rpm
9405f0a05466b765bfce0fb43cbdcb0ae2f79b02e620c9e2995892d9ebaf1088
aarch64
rubygem-psych-5.1.2-2.module_el9.4.0+102+68a93853.aarch64.rpm
a7622f4ad2ade5baba82284eb185a89372ea7d362c23ec23791092b4d043a9da
aarch64
ruby-bundled-gems-3.3.1-2.module_el9.4.0+102+68a93853.aarch64.rpm
a8cfeecc49f68024634e12f0e8b4cb8d1bcf6a61e7da524814608adf455183dc
aarch64
rubygem-json-2.7.1-2.module_el9.4.0+102+68a93853.aarch64.rpm
aefef2f9d806ad8feb99afbdb785771766e0a11180bddf790d60e1021c2c4835
aarch64
rubygem-io-console-0.7.1-2.module_el9.4.0+102+68a93853.aarch64.rpm
b1ceab64a06f942fd040abaa2ae2bf548bb190782769c95c958e2d33a1865caf
aarch64
ruby-3.3.1-2.module_el9.4.0+102+68a93853.aarch64.rpm
e02c8da0608d961d65e91274d334fb67c895e8e9c1cf50f3b8413f65c36497bb
aarch64
rubygem-bigdecimal-3.1.5-2.module_el9.4.0+102+68a93853.aarch64.rpm
e80144e12f288947e4442a627427bbb9d212d62c8ea499ca17435d14b9640cc2
i686
rubygem-racc-1.7.3-2.module_el9.4.0+102+68a93853.i686.rpm
54ce792e3cac44fb8e5a69fe5dc3f67d87f8b14b0c999a916837cdd9a6ef76d4
i686
ruby-3.3.1-2.module_el9.4.0+102+68a93853.i686.rpm
60ff2326a15339e8eb48a8c696406cc93ef1076d004b83b1588ca5e9c7a1ba74
i686
ruby-devel-3.3.1-2.module_el9.4.0+102+68a93853.i686.rpm
66f509fae6dc5713971f8251a8f0165e5c99dbdd5932ed124792cc165f192386
i686
ruby-bundled-gems-3.3.1-2.module_el9.4.0+102+68a93853.i686.rpm
8ef9c125681d6dc22e6f21e562f5bd3ccc55019793a2e4c4a22a81093a5ae06b
i686
rubygem-json-2.7.1-2.module_el9.4.0+102+68a93853.i686.rpm
9e7234e803d3de25705684c6f06c84693ef4db94a78e16fcd557dfe5c2b84aae
i686
rubygem-bigdecimal-3.1.5-2.module_el9.4.0+102+68a93853.i686.rpm
a1a9e0ca7170cd0abbb9691ac93b8dcadd090fc8c126b1805ac94211a2bc8a02
i686
ruby-libs-3.3.1-2.module_el9.4.0+102+68a93853.i686.rpm
a312e0be42db30411055482b51fa66e4f45d6a937d15e8223f69925a1d29aa91
i686
rubygem-rbs-3.4.0-2.module_el9.4.0+102+68a93853.i686.rpm
af48e91508bebc080ecff3c7c39f3125e6ce1f00ef994b5e7ffa5346c779a08e
i686
rubygem-psych-5.1.2-2.module_el9.4.0+102+68a93853.i686.rpm
b63e2d153e521b812ddb6f28bd7e96f6657c0cc8ac2a5a91469e72ac5555fc42
i686
rubygem-io-console-0.7.1-2.module_el9.4.0+102+68a93853.i686.rpm
c0b16fbf83140e55ab9bd140acd3883903658eeed466c7cf5196ee7748686afd
noarch
rubygems-devel-3.5.9-2.module_el9.4.0+102+68a93853.noarch.rpm
05ba48bdeda8e01d3470d0bf7d33015690b1997e4bb25d0fc69797c9afae1916
noarch
rubygem-bundler-2.5.9-2.module_el9.4.0+102+68a93853.noarch.rpm
27a30884ae6fa12a9de09ee3bda1973c07c6d60abf1f973faffc4cc1738f44a6
noarch
rubygem-rss-0.3.0-2.module_el9.4.0+102+68a93853.noarch.rpm
2c429b7a055c6f9b412d5ee390ec6c0a88dea2567435dfae5cd4ad42b5e166d1
noarch
rubygem-pg-doc-1.5.4-1.module_el9.4.0+75+1a8fe981.noarch.rpm
37ef36e0456b9c62427f8dd08442c622c134e026ded1488b8fd55487b69d2a58
noarch
rubygem-rdoc-6.6.3.1-2.module_el9.4.0+102+68a93853.noarch.rpm
57e1d24b92a4a14badd87e0c44c6f5f8c0bab776be40835bb728b02d64e8f009
noarch
rubygem-rake-13.1.0-2.module_el9.4.0+102+68a93853.noarch.rpm
6424338c8361e0e095543455d2612460c41532b09272bc16813805ea300bbde5
noarch
rubygem-mysql2-doc-0.5.5-1.module_el9.4.0+75+1a8fe981.noarch.rpm
65b0d0cc45f0088e7962db0543b7f1672cbc730924b371f28cdda18a25b33edf
noarch
rubygem-test-unit-3.6.1-2.module_el9.4.0+102+68a93853.noarch.rpm
66cbe8756ebbeb78a8260b97a493cd2652d462769355328be41b2161ba0321ea
noarch
rubygem-rexml-3.2.6-2.module_el9.4.0+102+68a93853.noarch.rpm
7c87bbd4e24e647635f83b56c1eacbe966a0b069e0fd2b111ed825ef4f5247dd
noarch
rubygem-irb-1.11.0-2.module_el9.4.0+102+68a93853.noarch.rpm
853620c2a9729478a537a057938c253494ff63ce1fd4c042303ba942d9ac2640
noarch
ruby-doc-3.3.1-2.module_el9.4.0+102+68a93853.noarch.rpm
867cf153f94223d8490a1f00567be22df60179b5cf18b7afa9ed1895fc1bccd3
noarch
ruby-default-gems-3.3.1-2.module_el9.4.0+102+68a93853.noarch.rpm
87859f05ea0fe77e2e991a2b42083f3ffdfa0a25c19d4577bddf6e9ee95c4965
noarch
rubygem-power_assert-2.0.3-2.module_el9.4.0+102+68a93853.noarch.rpm
9f45f58c8fd93f89f7b1471e8e904876abde5bf3381d6811bd19c9cf5ab7ab93
noarch
rubygem-typeprof-0.21.9-2.module_el9.4.0+102+68a93853.noarch.rpm
a73909cc8567623583c4366b91370617bfdf02a0f098a2402b2b90b279bda810
noarch
rubygems-3.5.9-2.module_el9.4.0+102+68a93853.noarch.rpm
d7e394a7d6504872209c8e49a4adf8c212a55ab52ac30e81834535b8788a0b49
noarch
rubygem-minitest-5.20.0-2.module_el9.4.0+102+68a93853.noarch.rpm
e288892ef6dc536761fff9f15fb42502eb7c4cee7dd69426b95dd69290bdfe42
ppc64le
ruby-bundled-gems-3.3.1-2.module_el9.4.0+102+68a93853.ppc64le.rpm
108b850abb27a7d53e0e82fe6810f0e05f1d616db03fa1092a88bbcdbd67c6bf
ppc64le
rubygem-json-2.7.1-2.module_el9.4.0+102+68a93853.ppc64le.rpm
1401de28dba684ad92f080adec136d872293ea95f964356b038ada98ffca4565
ppc64le
rubygem-rbs-3.4.0-2.module_el9.4.0+102+68a93853.ppc64le.rpm
2384aa23dfc874adc9d957d931ed76ea328d254687b902078ee46ef70742cda2
ppc64le
rubygem-bigdecimal-3.1.5-2.module_el9.4.0+102+68a93853.ppc64le.rpm
3ba88ee498a5c1166827520178f9c81bb33485b68dd775a414389b89ab65a582
ppc64le
ruby-libs-3.3.1-2.module_el9.4.0+102+68a93853.ppc64le.rpm
54659cb8788f48e02175753cb2dc3d2498e3ccb94dff8d580d9b497b2ee4709d
ppc64le
rubygem-mysql2-0.5.5-1.module_el9.4.0+75+1a8fe981.ppc64le.rpm
789dc34e64e7fe67837e75689f16d856a0131837c53d197a0f314f7e713678d6
ppc64le
rubygem-psych-5.1.2-2.module_el9.4.0+102+68a93853.ppc64le.rpm
82e621cf42d46df157e35bb57d6251f2c64130c83bcdbeb05b347fbf5a51a724
ppc64le
rubygem-io-console-0.7.1-2.module_el9.4.0+102+68a93853.ppc64le.rpm
9c893eda2a0ac035f361cc8831fa169434d9f64ad4f704c13ff8426962d8eede
ppc64le
rubygem-racc-1.7.3-2.module_el9.4.0+102+68a93853.ppc64le.rpm
a3ea582a88ba86bdabf41607a1d959aa331f63ab0b186b58c22187289cc708d2
ppc64le
ruby-3.3.1-2.module_el9.4.0+102+68a93853.ppc64le.rpm
cd3dc0d7b1a5771c5ae8a44afc26b84dd50373caf2691fbd659196625ea3283c
ppc64le
rubygem-pg-1.5.4-1.module_el9.4.0+75+1a8fe981.ppc64le.rpm
e933771485523c0c2bdbd2e105e107502fab8d94f2d4f4cd37ee5e3d6b876e33
ppc64le
ruby-devel-3.3.1-2.module_el9.4.0+102+68a93853.ppc64le.rpm
fb78cf1b4420370919373b1757870ff474a8e25147406938c6b6cc8e445d7be5
s390x
rubygem-mysql2-0.5.5-1.module_el9.4.0+75+1a8fe981.s390x.rpm
05258957f4a8ba14cc6ebf5219ecc4e0e325a64dcd11edc78435445fb2231e41
s390x
rubygem-bigdecimal-3.1.5-2.module_el9.4.0+102+68a93853.s390x.rpm
070997a41248e01966472fd84011e64ca60b38c54ad3b7b0efced72a73a19683
s390x
ruby-bundled-gems-3.3.1-2.module_el9.4.0+102+68a93853.s390x.rpm
271f85b5aea662819ea92e65551c40763eb378a222f2c2c4e800418f775e779e
s390x
ruby-devel-3.3.1-2.module_el9.4.0+102+68a93853.s390x.rpm
66449393d742e738c7f96433fcef925158e73e4636fb20d658c769f8719ae45b
s390x
rubygem-psych-5.1.2-2.module_el9.4.0+102+68a93853.s390x.rpm
a1edcdca84c8298d7688944f30e419a2c29624bb5196fa715fa9cda1c2b688b2
s390x
rubygem-pg-1.5.4-1.module_el9.4.0+75+1a8fe981.s390x.rpm
a81354cf449ea715f53abe583ed241f40275e30991a4a7bafc454729c2c75cc0
s390x
ruby-libs-3.3.1-2.module_el9.4.0+102+68a93853.s390x.rpm
c003eed5620ebef2e1676b387ce5cd0a266ab049e20f092314bdb7fccccaa271
s390x
rubygem-racc-1.7.3-2.module_el9.4.0+102+68a93853.s390x.rpm
cc830be351ac4e58b68d72c98f2e52af38c5b84440c511a7d82981b9df2bcadd
s390x
rubygem-json-2.7.1-2.module_el9.4.0+102+68a93853.s390x.rpm
d72f6a43a476fe9aeb005cabfa1bce800c8e29321dcb73149580bdef67b4aace
s390x
rubygem-io-console-0.7.1-2.module_el9.4.0+102+68a93853.s390x.rpm
e48ab13a898bdd492d9d3babf10b8055c387e2da20a27b2b23d088cd3f37cd74
s390x
rubygem-rbs-3.4.0-2.module_el9.4.0+102+68a93853.s390x.rpm
ea47fad4821a191daf1244dc80d8bbaca6b85d66992fdc742f90cf1eccda0131
s390x
ruby-3.3.1-2.module_el9.4.0+102+68a93853.s390x.rpm
f2a4e212bb8ad6d97b4e04bb409bf8681c4f3147c6d7ca817efad5796c703bf0
x86_64
rubygem-psych-5.1.2-2.module_el9.4.0+102+68a93853.x86_64.rpm
048a38ef285fe9f603af61af1b135eb982693be8c0960600c9df526d683df48e
x86_64
rubygem-mysql2-0.5.5-1.module_el9.4.0+75+1a8fe981.x86_64.rpm
2306c7e3f20481fc2c29d0b4f67e34aea30d3a54f36d98be8976311447864da6
x86_64
ruby-bundled-gems-3.3.1-2.module_el9.4.0+102+68a93853.x86_64.rpm
24d1ae3981a753ccf31d40e026e1cdf03d5330615d392bc1d64ac755f6ac7535
x86_64
rubygem-racc-1.7.3-2.module_el9.4.0+102+68a93853.x86_64.rpm
4840d8f1a1c805f5e01fce7ff1d74fc7412920db116d18698ef28825fe22391c
x86_64
rubygem-rbs-3.4.0-2.module_el9.4.0+102+68a93853.x86_64.rpm
5079432013da4b8f4d14fc6cd75a7e0a1e518be5c669aa60313f61b5a28a33fc
x86_64
rubygem-json-2.7.1-2.module_el9.4.0+102+68a93853.x86_64.rpm
53322ba7119372aa25456c74b94aa954720dbf9d4e75f7ee1baec35120df176f
x86_64
ruby-devel-3.3.1-2.module_el9.4.0+102+68a93853.x86_64.rpm
56fc5c8ff82f97bebefb054145f57c45f0933c9149327bf043bf5e71ac1cd2e4
x86_64
rubygem-io-console-0.7.1-2.module_el9.4.0+102+68a93853.x86_64.rpm
651e307cec141b591c1cd7562923adb076b57814bc9c47ba173784130e61fc3c
x86_64
rubygem-pg-1.5.4-1.module_el9.4.0+75+1a8fe981.x86_64.rpm
7e81c000c66bad27864ea6a2747f3b90f2192d71866e7e4bc4a26a34ac2ec27a
x86_64
ruby-libs-3.3.1-2.module_el9.4.0+102+68a93853.x86_64.rpm
929687ab399a8979a12602e81120f8798d38d6bb699af0ac08997392bc30ec29
x86_64
ruby-3.3.1-2.module_el9.4.0+102+68a93853.x86_64.rpm
db626df991b9b4e95ab91a227f22853437db2cb745b989115afd3312a6353445
x86_64
rubygem-bigdecimal-3.1.5-2.module_el9.4.0+102+68a93853.x86_64.rpm
f43c660ffe8e16069a14291bad4cdf4bb641cc923316503fa37a066e539e169c

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:3671 Moderate: ruby:3.3 security, bug fix, and enhancement update