Release date:
2026-06-17 16:56:31 UTC
Description:
* SECURITY UPDATE: credential leak in bundled uri when combining URIs
- debian/patches/CVE-2025-61594.patch: clear stale userinfo when setting
authority components and replace authority atomically on merge in the
bundled uri 0.12.4 (lib/uri/generic.rb), so combining URIs with + / merge
no longer re-attaches the base URI's password; backport of upstream uri
0.12.5 (commit d3116ca). Bypass of the CVE-2025-27221 fix.
- CVE-2025-61594
Updated packages:
-
alt-ruby31_3.1.7-11_amd64.deb
sha:d9107ffa47a3d40e40e95de7857b5dd512d7c68a
-
alt-ruby31-bundled-gems_3.1.7-11_amd64.deb
sha:34ec9fdc00328f4bb9f5cf7b51be9e067577ebf8
-
alt-ruby31-default-gems_3.1.7-11_amd64.deb
sha:d1b1b641ff08031a86792d02f9264fe658666c49
-
alt-ruby31-devel_3.1.7-11_amd64.deb
sha:97443ae0e70a5f38357c668111eed9b30f3f3fb4
-
alt-ruby31-doc_3.1.7-11_amd64.deb
sha:4c94ba3c54d733ee15a065088666b266691822f7
-
alt-ruby31-libs_3.1.7-11_amd64.deb
sha:95b4adeb620fa99c87ae1c4ad1f39b400950623f
-
alt-ruby31-rubygem-bigdecimal_3.1.1-11_amd64.deb
sha:fd1b0ca665c73ae5143734f7db9f0e33f47dc726
-
alt-ruby31-rubygem-bundler_2.3.27-11_amd64.deb
sha:ca4e346b83169e508f7c5057f063b49a73b4b5fe
-
alt-ruby31-rubygem-io-console_0.5.11-11_amd64.deb
sha:0f70767a27675c6947a29e93f49ac72ab86ce22e
-
alt-ruby31-rubygem-irb_1.4.1-11_amd64.deb
sha:fa1c0dce401a28bd526fb27b7c9e056f93d35922
-
alt-ruby31-rubygem-json_2.6.1-11_amd64.deb
sha:f6463b5bf6ae0da20e965c9da7514a4e66f7a5c5
-
alt-ruby31-rubygem-minitest_5.15.0-11_amd64.deb
sha:05bb9f84e8834d0b1638dc3046e2a92af013f00a
-
alt-ruby31-rubygem-power-assert_2.0.1-11_amd64.deb
sha:29b58498595c572f115aa131df1a00aee0241f5c
-
alt-ruby31-rubygem-psych_4.0.4-11_amd64.deb
sha:2a5aff53fc570e5a168f935174140a153dc8b1b0
-
alt-ruby31-rubygem-rake_13.0.6-11_amd64.deb
sha:fd86a1813ff13d5d3ed14defc8ebd77457a1fa12
-
alt-ruby31-rubygem-rbs_2.7.0-11_amd64.deb
sha:0f4dc752f313174c23540a8a30450848cbf90a58
-
alt-ruby31-rubygem-rdoc_6.4.1.1-11_amd64.deb
sha:25eafe1adcf4a17c850eef72034063be80410ef8
-
alt-ruby31-rubygem-rexml_3.3.9-11_amd64.deb
sha:39e414489eecb43effcbb4757a6f58ed937a1e54
-
alt-ruby31-rubygem-rss_0.3.1-11_amd64.deb
sha:dcbd40a389fc8f637f5d9acc697f97afc3fb9f27
-
alt-ruby31-rubygem-test-unit_3.5.3-11_amd64.deb
sha:fa3ff559db3452248c6c79dc42993ae70adbe5de
-
alt-ruby31-rubygem-typeprof_0.21.3-11_amd64.deb
sha:936e29178a13aabdadf26806f271d61a732ff2ee
-
alt-ruby31-rubygems_3.3.27-11_amd64.deb
sha:bc484e173eb9a675e39884fb5a432a50438b40f5
-
alt-ruby31-rubygems-devel_3.3.27-11_amd64.deb
sha:2fd45f5fb47379915b41cec7cc2354c8f7d1ca1d
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.