ALSA-2022:0543

See a problem?
Please try reporting it to the source first.
Source
https://errata.almalinux.org/8/ALSA-2022-0543.html
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2022:0543.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2022:0543
Related
Published
2022-02-16T08:26:13Z
Modified
2022-02-17T11:10:41Z
Summary
Important: ruby:2.6 security update
Details

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

Security Fix(es):

  • rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source (CVE-2020-36327)

  • rubygem-rdoc: Command injection vulnerability in RDoc (CVE-2021-31799)

  • ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host (CVE-2021-31810)

  • ruby: StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066)

  • ruby: Regular expression denial of service vulnerability of Date parsing methods (CVE-2021-41817)

  • ruby: Cookie prefix spoofing in CGI::Cookie.parse (CVE-2021-41819)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:8 / ruby

Package

Name
ruby

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.9-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / ruby

Package

Name
ruby

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.9-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / ruby-devel

Package

Name
ruby-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.9-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / ruby-devel

Package

Name
ruby-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.9-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / ruby-doc

Package

Name
ruby-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.9-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / ruby-doc

Package

Name
ruby-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.9-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / ruby-libs

Package

Name
ruby-libs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.9-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / ruby-libs

Package

Name
ruby-libs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.9-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-abrt

Package

Name
rubygem-abrt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.3.0-4.module_el8.5.0+259+8cec6917

AlmaLinux:8 / rubygem-abrt

Package

Name
rubygem-abrt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.3.0-4.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-abrt-doc

Package

Name
rubygem-abrt-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.3.0-4.module_el8.5.0+259+8cec6917

AlmaLinux:8 / rubygem-abrt-doc

Package

Name
rubygem-abrt-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.3.0-4.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-bigdecimal

Package

Name
rubygem-bigdecimal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.1-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-bigdecimal

Package

Name
rubygem-bigdecimal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.1-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-bson

Package

Name
rubygem-bson

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.5.0-1.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-bson

Package

Name
rubygem-bson

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.5.0-1.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-bson-doc

Package

Name
rubygem-bson-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.5.0-1.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-bson-doc

Package

Name
rubygem-bson-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.5.0-1.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-bundler

Package

Name
rubygem-bundler

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.17.2-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-bundler

Package

Name
rubygem-bundler

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.17.2-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-did_you_mean

Package

Name
rubygem-did_you_mean

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.0-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-did_you_mean

Package

Name
rubygem-did_you_mean

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.0-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-io-console

Package

Name
rubygem-io-console

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.4.7-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-io-console

Package

Name
rubygem-io-console

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.4.7-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-irb

Package

Name
rubygem-irb

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.0-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-irb

Package

Name
rubygem-irb

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.0-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-json

Package

Name
rubygem-json

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.0-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-json

Package

Name
rubygem-json

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.0-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-minitest

Package

Name
rubygem-minitest

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.11.3-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-minitest

Package

Name
rubygem-minitest

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.11.3-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-mongo

Package

Name
rubygem-mongo

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.8.0-1.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-mongo

Package

Name
rubygem-mongo

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.8.0-1.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-mongo-doc

Package

Name
rubygem-mongo-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.8.0-1.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-mongo-doc

Package

Name
rubygem-mongo-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.8.0-1.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-mysql2

Package

Name
rubygem-mysql2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.5.2-1.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-mysql2

Package

Name
rubygem-mysql2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.5.2-1.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-mysql2-doc

Package

Name
rubygem-mysql2-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.5.2-1.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-mysql2-doc

Package

Name
rubygem-mysql2-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.5.2-1.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-net-telnet

Package

Name
rubygem-net-telnet

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2.0-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-net-telnet

Package

Name
rubygem-net-telnet

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2.0-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-openssl

Package

Name
rubygem-openssl

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.2-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-openssl

Package

Name
rubygem-openssl

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.2-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-pg

Package

Name
rubygem-pg

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.4-1.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-pg

Package

Name
rubygem-pg

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.4-1.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-pg-doc

Package

Name
rubygem-pg-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.4-1.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-pg-doc

Package

Name
rubygem-pg-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.4-1.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-power_assert

Package

Name
rubygem-power_assert

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.3-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-power_assert

Package

Name
rubygem-power_assert

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.3-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-psych

Package

Name
rubygem-psych

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.1.0-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-psych

Package

Name
rubygem-psych

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.1.0-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-rake

Package

Name
rubygem-rake

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
12.3.3-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-rake

Package

Name
rubygem-rake

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
12.3.3-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-rdoc

Package

Name
rubygem-rdoc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.2.1-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-rdoc

Package

Name
rubygem-rdoc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.2.1-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-test-unit

Package

Name
rubygem-test-unit

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.2.9-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygem-test-unit

Package

Name
rubygem-test-unit

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.2.9-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-xmlrpc

Package

Name
rubygem-xmlrpc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.3.0-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygem-xmlrpc

Package

Name
rubygem-xmlrpc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.3.0-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygems

Package

Name
rubygems

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.3.1-108.module_el8.5.0+250+ba22dbf7

AlmaLinux:8 / rubygems

Package

Name
rubygems

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.3.1-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygems-devel

Package

Name
rubygems-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.3.1-108.module_el8.5.0+2623+08a8ba32

AlmaLinux:8 / rubygems-devel

Package

Name
rubygems-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.3.1-108.module_el8.5.0+250+ba22dbf7