[CLSA-2026:1781272043] alt-ruby30: Fix of 3 CVEs
Type:
security
Severity:
Important
Release date:
2026-06-12 13:49:18 UTC
Description:
- CVE-2025-27219: cgi DoS via super-linear cookie merge in CGI::Cookie.parse. - CVE-2025-27220: cgi ReDoS in CGI::Util#escapeElement / #unescapeElement. - CVE-2025-61594: uri credential leak when combining URIs with + (CVE-2025-27221 bypass).
CVEs fixed:
Updated packages:
  • alt-ruby30-3.0.7-172.el9.x86_64.rpm
    sha:2be7ee57bd0f80f8319622953cf57ce72bea088177f9d93215dd9f984de7b9ed
  • alt-ruby30-default-gems-3.0.7-172.el9.noarch.rpm
    sha:d2b389316cf74ef93222a2a8e0d9db4685bff3d42d34baf5570c88be89b779dd
  • alt-ruby30-devel-3.0.7-172.el9.x86_64.rpm
    sha:d16f13a9d8caa0105dbb22d1b3812292d0812517ceaf8fe34df16adcc0b2901d
  • alt-ruby30-doc-3.0.7-172.el9.noarch.rpm
    sha:770491a1adc2f4355156a8dff00865db96c514c65a6965c344159315fb003580
  • alt-ruby30-libs-3.0.7-172.el9.x86_64.rpm
    sha:b253e91959bdac9b20dcf75375fda26fa2f4628991bacc3c7cf4240d9cb74cd5
  • alt-ruby30-rubygem-bigdecimal-3.0.0-172.el9.x86_64.rpm
    sha:2fe34419249453b00df5a924f6c1303581687d1481767adf1720641c9ef0b2b2
  • alt-ruby30-rubygem-bundler-2.2.33-172.el9.noarch.rpm
    sha:8ac61b3be048237f561f0fb83f396819e892f5b4dc0aaf0e4460274834f66ba1
  • alt-ruby30-rubygem-io-console-0.5.7-172.el9.x86_64.rpm
    sha:6e10cb43f2300637dfb265fe2b5678a2732b09ac561d6d9197b2e15f9299a080
  • alt-ruby30-rubygem-irb-1.3.5-172.el9.noarch.rpm
    sha:f09a6abd53a27fa94d6079972cc09e9e4481baf897137ffffedc675ab787a520
  • alt-ruby30-rubygem-json-2.5.1-172.el9.x86_64.rpm
    sha:f386ac63bb28887592db347d3a3f1ab5e1a37f848beb89bcce5c39db1fb30860
  • alt-ruby30-rubygem-minitest-5.14.2-172.el9.noarch.rpm
    sha:d61325b15fa5cf16a2f946497075330cdb4d67ef70ec9fbc148477f4545e9f26
  • alt-ruby30-rubygem-power_assert-1.2.1-172.el9.noarch.rpm
    sha:595571a40f3af8e12d0f20b0ba5bb9364dc592a52b4fd14cbdd3ce4a414d7761
  • alt-ruby30-rubygem-psych-3.3.2-172.el9.x86_64.rpm
    sha:a579f4094dbca05f6a6c3ec10c09505a1210779dccef8632da0feb1af3c5c099
  • alt-ruby30-rubygem-rake-13.0.3-172.el9.noarch.rpm
    sha:6be825c70a3e13451c854276cd0d20942c6bab0157d9bf43bc3cc800294ce727
  • alt-ruby30-rubygem-rbs-1.4.0-172.el9.noarch.rpm
    sha:761f6b02cd8a881f6ac06e76d23a945f794db5e81777281f5dcc9fb0a762244c
  • alt-ruby30-rubygem-rdoc-6.3.4.1-172.el9.noarch.rpm
    sha:4bdb920aad9e1ea3c399ad11d0b75ea73c978f71e9b9dd35e7adbe4885ab0cd7
  • alt-ruby30-rubygem-rexml-3.2.5-172.el9.noarch.rpm
    sha:915c0b9c7f7e3ff04b0d450e184b3cab71a8c7fc87a0add6e7dafb46fb649c30
  • alt-ruby30-rubygem-rss-0.2.9-172.el9.noarch.rpm
    sha:008c3bbf094ce270f029e728c892db2cb3f8f995a7c7b3d9c0b4d090506e857b
  • alt-ruby30-rubygem-test-unit-3.3.7-172.el9.noarch.rpm
    sha:8e7cba8a63e2a4ca3c431bae8cb56995c09b446f8f81c75740be651ae8900ba9
  • alt-ruby30-rubygem-typeprof-0.15.2-172.el9.noarch.rpm
    sha:c3850779c9aa46b7a30374e28ea283e0c3cb1a1deab0c3ea3aa9c4cd5d3cfa2d
  • alt-ruby30-rubygems-3.2.33-172.el9.noarch.rpm
    sha:11a1a57a39d37954be666ceadfd576c52605c1c8bde5b80137bdd7c4e8d9c952
  • alt-ruby30-rubygems-devel-3.2.33-172.el9.noarch.rpm
    sha:2938af401bc0b9f9cefa70abe3af54c031a3740f2971fb3217d89c22cca43e4f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.