RHSA-2022:0672: Moderate: ruby:2.5 security update
First published: Thu Feb 24 2022(Updated: )
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.<br>Security Fix(es):<br><li> rubygem-rdoc: Command injection vulnerability in RDoc (CVE-2021-31799)</li> <li> ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host (CVE-2021-31810)</li> <li> ruby: StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/ruby | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-abrt | <0.3.0-4.module+el8.1.0+3656+f80bfa1d | 0.3.0-4.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-bson | <4.3.0-2.module+el8.1.0+3656+f80bfa1d | 4.3.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-bundler | <1.16.1-4.module+el8.5.0+13840+ec418553 | 1.16.1-4.module+el8.5.0+13840+ec418553 |
| redhat/rubygem-mongo | <2.5.1-2.module+el8.1.0+3656+f80bfa1d | 2.5.1-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-mysql2 | <0.4.10-4.module+el8.1.0+3656+f80bfa1d | 0.4.10-4.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-pg | <1.0.0-2.module+el8.1.0+3656+f80bfa1d | 1.0.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/ruby-doc | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-irb | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-abrt | <0.3.0-4.module+el8.1.0+3656+f80bfa1d | 0.3.0-4.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-abrt-doc | <0.3.0-4.module+el8.1.0+3656+f80bfa1d | 0.3.0-4.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-bson-doc | <4.3.0-2.module+el8.1.0+3656+f80bfa1d | 4.3.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-bundler | <1.16.1-4.module+el8.5.0+13840+ec418553 | 1.16.1-4.module+el8.5.0+13840+ec418553 |
| redhat/rubygem-bundler-doc | <1.16.1-4.module+el8.5.0+13840+ec418553 | 1.16.1-4.module+el8.5.0+13840+ec418553 |
| redhat/rubygem-minitest | <5.10.3-109.module+el8.5.0+14275+d9c243ca | 5.10.3-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-mongo | <2.5.1-2.module+el8.1.0+3656+f80bfa1d | 2.5.1-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-mongo-doc | <2.5.1-2.module+el8.1.0+3656+f80bfa1d | 2.5.1-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-mysql2-doc | <0.4.10-4.module+el8.1.0+3656+f80bfa1d | 0.4.10-4.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-net-telnet | <0.1.1-109.module+el8.5.0+14275+d9c243ca | 0.1.1-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-pg-doc | <1.0.0-2.module+el8.1.0+3656+f80bfa1d | 1.0.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-rake | <12.3.3-109.module+el8.5.0+14275+d9c243ca | 12.3.3-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-rdoc | <6.0.1.1-109.module+el8.5.0+14275+d9c243ca | 6.0.1.1-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-test-unit | <3.2.7-109.module+el8.5.0+14275+d9c243ca | 3.2.7-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-xmlrpc | <0.3.0-109.module+el8.5.0+14275+d9c243ca | 0.3.0-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygems | <2.7.6.3-109.module+el8.5.0+14275+d9c243ca | 2.7.6.3-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygems-devel | <2.7.6.3-109.module+el8.5.0+14275+d9c243ca | 2.7.6.3-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-debuginfo | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-debuginfo | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-debugsource | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-debugsource | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-devel | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-devel | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-libs | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-libs | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-libs-debuginfo | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-libs-debuginfo | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-bigdecimal | <1.3.4-109.module+el8.5.0+14275+d9c243ca | 1.3.4-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-bigdecimal | <1.3.4-109.module+el8.5.0+14275+d9c243ca | 1.3.4-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-bigdecimal-debuginfo | <1.3.4-109.module+el8.5.0+14275+d9c243ca | 1.3.4-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-bigdecimal-debuginfo | <1.3.4-109.module+el8.5.0+14275+d9c243ca | 1.3.4-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-bson | <4.3.0-2.module+el8.1.0+3656+f80bfa1d | 4.3.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-bson-debuginfo | <4.3.0-2.module+el8.1.0+3656+f80bfa1d | 4.3.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-bson-debugsource | <4.3.0-2.module+el8.1.0+3656+f80bfa1d | 4.3.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-io-console | <0.4.6-109.module+el8.5.0+14275+d9c243ca | 0.4.6-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-io-console | <0.4.6-109.module+el8.5.0+14275+d9c243ca | 0.4.6-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-io-console-debuginfo | <0.4.6-109.module+el8.5.0+14275+d9c243ca | 0.4.6-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-io-console-debuginfo | <0.4.6-109.module+el8.5.0+14275+d9c243ca | 0.4.6-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-json | <2.1.0-109.module+el8.5.0+14275+d9c243ca | 2.1.0-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-json | <2.1.0-109.module+el8.5.0+14275+d9c243ca | 2.1.0-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-json-debuginfo | <2.1.0-109.module+el8.5.0+14275+d9c243ca | 2.1.0-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-json-debuginfo | <2.1.0-109.module+el8.5.0+14275+d9c243ca | 2.1.0-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-mysql2 | <0.4.10-4.module+el8.1.0+3656+f80bfa1d | 0.4.10-4.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-mysql2-debuginfo | <0.4.10-4.module+el8.1.0+3656+f80bfa1d | 0.4.10-4.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-mysql2-debugsource | <0.4.10-4.module+el8.1.0+3656+f80bfa1d | 0.4.10-4.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-openssl | <2.1.2-109.module+el8.5.0+14275+d9c243ca | 2.1.2-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-openssl | <2.1.2-109.module+el8.5.0+14275+d9c243ca | 2.1.2-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-openssl-debuginfo | <2.1.2-109.module+el8.5.0+14275+d9c243ca | 2.1.2-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-openssl-debuginfo | <2.1.2-109.module+el8.5.0+14275+d9c243ca | 2.1.2-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-pg | <1.0.0-2.module+el8.1.0+3656+f80bfa1d | 1.0.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-pg-debuginfo | <1.0.0-2.module+el8.1.0+3656+f80bfa1d | 1.0.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-pg-debugsource | <1.0.0-2.module+el8.1.0+3656+f80bfa1d | 1.0.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-psych | <3.0.2-109.module+el8.5.0+14275+d9c243ca | 3.0.2-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-psych | <3.0.2-109.module+el8.5.0+14275+d9c243ca | 3.0.2-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-psych-debuginfo | <3.0.2-109.module+el8.5.0+14275+d9c243ca | 3.0.2-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-psych-debuginfo | <3.0.2-109.module+el8.5.0+14275+d9c243ca | 3.0.2-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-bson-debuginfo | <4.3.0-2.module+el8.1.0+3656+f80bfa1d | 4.3.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-bson-debugsource | <4.3.0-2.module+el8.1.0+3656+f80bfa1d | 4.3.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-mysql2-debuginfo | <0.4.10-4.module+el8.1.0+3656+f80bfa1d | 0.4.10-4.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-mysql2-debugsource | <0.4.10-4.module+el8.1.0+3656+f80bfa1d | 0.4.10-4.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-pg-debuginfo | <1.0.0-2.module+el8.1.0+3656+f80bfa1d | 1.0.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-pg-debugsource | <1.0.0-2.module+el8.1.0+3656+f80bfa1d | 1.0.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/ruby | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-debuginfo | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-debugsource | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-devel | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-libs | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby-libs-debuginfo | <2.5.9-109.module+el8.5.0+14275+d9c243ca | 2.5.9-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-bigdecimal | <1.3.4-109.module+el8.5.0+14275+d9c243ca | 1.3.4-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-bigdecimal-debuginfo | <1.3.4-109.module+el8.5.0+14275+d9c243ca | 1.3.4-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-bson | <4.3.0-2.module+el8.1.0+3656+f80bfa1d | 4.3.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-bson-debuginfo | <4.3.0-2.module+el8.1.0+3656+f80bfa1d | 4.3.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-bson-debugsource | <4.3.0-2.module+el8.1.0+3656+f80bfa1d | 4.3.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-io-console | <0.4.6-109.module+el8.5.0+14275+d9c243ca | 0.4.6-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-io-console-debuginfo | <0.4.6-109.module+el8.5.0+14275+d9c243ca | 0.4.6-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-json | <2.1.0-109.module+el8.5.0+14275+d9c243ca | 2.1.0-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-json-debuginfo | <2.1.0-109.module+el8.5.0+14275+d9c243ca | 2.1.0-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-mysql2 | <0.4.10-4.module+el8.1.0+3656+f80bfa1d | 0.4.10-4.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-mysql2-debuginfo | <0.4.10-4.module+el8.1.0+3656+f80bfa1d | 0.4.10-4.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-mysql2-debugsource | <0.4.10-4.module+el8.1.0+3656+f80bfa1d | 0.4.10-4.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-openssl | <2.1.2-109.module+el8.5.0+14275+d9c243ca | 2.1.2-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-openssl-debuginfo | <2.1.2-109.module+el8.5.0+14275+d9c243ca | 2.1.2-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-pg | <1.0.0-2.module+el8.1.0+3656+f80bfa1d | 1.0.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-pg-debuginfo | <1.0.0-2.module+el8.1.0+3656+f80bfa1d | 1.0.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-pg-debugsource | <1.0.0-2.module+el8.1.0+3656+f80bfa1d | 1.0.0-2.module+el8.1.0+3656+f80bfa1d |
| redhat/rubygem-psych | <3.0.2-109.module+el8.5.0+14275+d9c243ca | 3.0.2-109.module+el8.5.0+14275+d9c243ca |
| redhat/rubygem-psych-debuginfo | <3.0.2-109.module+el8.5.0+14275+d9c243ca | 3.0.2-109.module+el8.5.0+14275+d9c243ca |
| redhat/ruby | <2.5.9-109.module+el8.5.0+14275+d9c243ca.aa | 2.5.9-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/ruby-debuginfo | <2.5.9-109.module+el8.5.0+14275+d9c243ca.aa | 2.5.9-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/ruby-debugsource | <2.5.9-109.module+el8.5.0+14275+d9c243ca.aa | 2.5.9-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/ruby-devel | <2.5.9-109.module+el8.5.0+14275+d9c243ca.aa | 2.5.9-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/ruby-libs | <2.5.9-109.module+el8.5.0+14275+d9c243ca.aa | 2.5.9-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/ruby-libs-debuginfo | <2.5.9-109.module+el8.5.0+14275+d9c243ca.aa | 2.5.9-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/rubygem-bigdecimal | <1.3.4-109.module+el8.5.0+14275+d9c243ca.aa | 1.3.4-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/rubygem-bigdecimal-debuginfo | <1.3.4-109.module+el8.5.0+14275+d9c243ca.aa | 1.3.4-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/rubygem-bson | <4.3.0-2.module+el8.1.0+3656+f80bfa1d.aa | 4.3.0-2.module+el8.1.0+3656+f80bfa1d.aa |
| redhat/rubygem-bson-debuginfo | <4.3.0-2.module+el8.1.0+3656+f80bfa1d.aa | 4.3.0-2.module+el8.1.0+3656+f80bfa1d.aa |
| redhat/rubygem-bson-debugsource | <4.3.0-2.module+el8.1.0+3656+f80bfa1d.aa | 4.3.0-2.module+el8.1.0+3656+f80bfa1d.aa |
| redhat/rubygem-io-console | <0.4.6-109.module+el8.5.0+14275+d9c243ca.aa | 0.4.6-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/rubygem-io-console-debuginfo | <0.4.6-109.module+el8.5.0+14275+d9c243ca.aa | 0.4.6-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/rubygem-json | <2.1.0-109.module+el8.5.0+14275+d9c243ca.aa | 2.1.0-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/rubygem-json-debuginfo | <2.1.0-109.module+el8.5.0+14275+d9c243ca.aa | 2.1.0-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/rubygem-mysql2 | <0.4.10-4.module+el8.1.0+3656+f80bfa1d.aa | 0.4.10-4.module+el8.1.0+3656+f80bfa1d.aa |
| redhat/rubygem-mysql2-debuginfo | <0.4.10-4.module+el8.1.0+3656+f80bfa1d.aa | 0.4.10-4.module+el8.1.0+3656+f80bfa1d.aa |
| redhat/rubygem-mysql2-debugsource | <0.4.10-4.module+el8.1.0+3656+f80bfa1d.aa | 0.4.10-4.module+el8.1.0+3656+f80bfa1d.aa |
| redhat/rubygem-openssl | <2.1.2-109.module+el8.5.0+14275+d9c243ca.aa | 2.1.2-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/rubygem-openssl-debuginfo | <2.1.2-109.module+el8.5.0+14275+d9c243ca.aa | 2.1.2-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/rubygem-pg | <1.0.0-2.module+el8.1.0+3656+f80bfa1d.aa | 1.0.0-2.module+el8.1.0+3656+f80bfa1d.aa |
| redhat/rubygem-pg-debuginfo | <1.0.0-2.module+el8.1.0+3656+f80bfa1d.aa | 1.0.0-2.module+el8.1.0+3656+f80bfa1d.aa |
| redhat/rubygem-pg-debugsource | <1.0.0-2.module+el8.1.0+3656+f80bfa1d.aa | 1.0.0-2.module+el8.1.0+3656+f80bfa1d.aa |
| redhat/rubygem-psych | <3.0.2-109.module+el8.5.0+14275+d9c243ca.aa | 3.0.2-109.module+el8.5.0+14275+d9c243ca.aa |
| redhat/rubygem-psych-debuginfo | <3.0.2-109.module+el8.5.0+14275+d9c243ca.aa | 3.0.2-109.module+el8.5.0+14275+d9c243ca.aa |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2022:0672
- agent/software-canonical-lookup
- package-manager/redhat