[CLSA-2026:1781267919] alt-ruby30: Fix of 3 CVEs
Type:
security
Severity:
Important
Release date:
2026-06-12 12:42:12 UTC
Description:
- CVE-2025-27219: cgi DoS via super-linear cookie merge in CGI::Cookie.parse. - CVE-2025-27220: cgi ReDoS in CGI::Util#escapeElement / #unescapeElement. - CVE-2025-61594: uri credential leak when combining URIs with + (CVE-2025-27221 bypass).
CVEs fixed:
Updated packages:
  • alt-ruby30-3.0.7-172.el8.x86_64.rpm
    sha:8cd0e0d66067d526e328499ad1e85b7cc023389cf4cce521537df2ab3466875b
  • alt-ruby30-default-gems-3.0.7-172.el8.noarch.rpm
    sha:db9c3fc3b004f5c46916f8e81135219342cf21c0a960873064746e5618ccd20a
  • alt-ruby30-devel-3.0.7-172.el8.x86_64.rpm
    sha:795c1b216b73780b0ad719cdb52c49fb05789fa78806a42ac8d7b83bad126356
  • alt-ruby30-doc-3.0.7-172.el8.noarch.rpm
    sha:a044dea5e2dc7a4a538b2824abf1b275be5c311e924dbcbd4e7e06508deb3841
  • alt-ruby30-libs-3.0.7-172.el8.x86_64.rpm
    sha:cffe77302469088eecad4ee492189c7713e1faf6b7506b29fc5a659240cbc5d6
  • alt-ruby30-rubygem-bigdecimal-3.0.0-172.el8.x86_64.rpm
    sha:966002f68c0e7f42ccb761cb3f2a0dd4a8cbceef4fab821552ec0d7cfbd0a41b
  • alt-ruby30-rubygem-bundler-2.2.33-172.el8.noarch.rpm
    sha:bc741a1536551dc741d61c285121b07c26e09bb24014462eb82f370056470345
  • alt-ruby30-rubygem-io-console-0.5.7-172.el8.x86_64.rpm
    sha:1df680bbe759253256063a33953d4ad66c93292900b1908cc002ba9c036fd791
  • alt-ruby30-rubygem-irb-1.3.5-172.el8.noarch.rpm
    sha:9d37b31e98445b47ce9f4bec3820c6674e20225473109122dda3f060a1ff917e
  • alt-ruby30-rubygem-json-2.5.1-172.el8.x86_64.rpm
    sha:5f9fffb63eb1aa17518a2607d0b91d78610c3dea89f4e08fc2d243f55d117769
  • alt-ruby30-rubygem-minitest-5.14.2-172.el8.noarch.rpm
    sha:60d334da1bc95a6ea1e4c92d0f298daf2979277412d914844198a7bd87a4d05b
  • alt-ruby30-rubygem-power_assert-1.2.1-172.el8.noarch.rpm
    sha:65cc21790cd7f51ee698fa2d5bb4fcec0bc09153479231aef5d94cb6ff519f65
  • alt-ruby30-rubygem-psych-3.3.2-172.el8.x86_64.rpm
    sha:1b2b24afc1a2cef45919e90854d5e7e4211fb9d66f1c1a719e34fd822476cb47
  • alt-ruby30-rubygem-rake-13.0.3-172.el8.noarch.rpm
    sha:6ba72a697c1e1067c72cbe4d5e0ec08e3bbfbf6f31c468d3c4ccfece82f4fb2a
  • alt-ruby30-rubygem-rbs-1.4.0-172.el8.noarch.rpm
    sha:4751dce44d15ac32021b0981612224f7fb130a8b08ca6e0dd6e0b1abd1139cb7
  • alt-ruby30-rubygem-rdoc-6.3.4.1-172.el8.noarch.rpm
    sha:c74cf09f6a6d6b8ced9f4274e6549d39cfbf33a1fa05e1338e7530e09699a466
  • alt-ruby30-rubygem-rexml-3.2.5-172.el8.noarch.rpm
    sha:9b8a691b9979780f487ed11c3fcd27197161f2b2cdbdf7a35eb1b04a84f3d7ad
  • alt-ruby30-rubygem-rss-0.2.9-172.el8.noarch.rpm
    sha:8711f5f17685581e993191f9817117d79c911448ded7591d9a5793f2da818bbd
  • alt-ruby30-rubygem-test-unit-3.3.7-172.el8.noarch.rpm
    sha:59655f0826e7ba3e2749e7dbefd0611308decf6f9053c2049655a373f7712c96
  • alt-ruby30-rubygem-typeprof-0.15.2-172.el8.noarch.rpm
    sha:752925a8942e8fbdcc8f346a59c21a32590a14e80b0e60128fa0ec3252aed49c
  • alt-ruby30-rubygems-3.2.33-172.el8.noarch.rpm
    sha:f0319ae80b90c53fff8eb77aa46f9e6899cb9cb4a2db06aaf1bfade8e3235d62
  • alt-ruby30-rubygems-devel-3.2.33-172.el8.noarch.rpm
    sha:aafb5b503965ed1688cfb379373670db4a771b1a53d250dcb04019e0edaf2617
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.