[CLSA-2026:1781514304] alt-ruby27: Fix of 3 CVEs
Type:
security
Severity:
Important
Release date:
2026-06-15 09:06:35 UTC
Description:
- CVE-2025-27219: cgi dos via super-linear CGI::Cookie.parse cookie merge. - CVE-2025-27220: cgi redos in CGI::Util#escapeElement element matcher. - CVE-2025-61594: uri password leak when combining URIs (CVE-2025-27221 bypass).
CVEs fixed:
Updated packages:
  • alt-ruby27-2.7.8-147.el10.x86_64.rpm
    sha:56a01314a0649ab6cbc2d00641023e36e42599f303e3dbe379045eff25dfa5d3
  • alt-ruby27-default-gems-2.7.8-147.el10.noarch.rpm
    sha:39724a44f5120ce1299de06b4cd8bdfb139ec8c71bf1c05c8f66aa5c4d52a9af
  • alt-ruby27-devel-2.7.8-147.el10.x86_64.rpm
    sha:5e145a27d6638fd76ac49edcdd1a6506a08d260b910f299cc0e4c472307c43b1
  • alt-ruby27-doc-2.7.8-147.el10.noarch.rpm
    sha:e9e35f9c905b9d43f32a4b7c5bc577e602478d8a447ab02d735621ffda65110d
  • alt-ruby27-libs-2.7.8-147.el10.x86_64.rpm
    sha:4504570b58509e7f2d6c5345ba5b63e6cbe16ff000a2b4685c06364546b1a24e
  • alt-ruby27-rubygem-bigdecimal-2.0.0-147.el10.x86_64.rpm
    sha:4682ce9b7781876fda3e31003335db778e1675e780ef9109aa0004823d8be1f8
  • alt-ruby27-rubygem-bundler-2.2.24-147.el10.noarch.rpm
    sha:0b8ba182b2d57c23c0792bfa0e612d06633bff182bd5080b86268fb4d65b336c
  • alt-ruby27-rubygem-io-console-0.5.6-147.el10.x86_64.rpm
    sha:db535d24df5a31e2dc2b7bddcbf94e27e6eaa19deaf7bf3908bd3362490b213b
  • alt-ruby27-rubygem-irb-1.2.6-147.el10.noarch.rpm
    sha:e5d5c4f64ab5531bba49c7e915379e4323aa5e251372e01efa5be2eb6fc9b1ed
  • alt-ruby27-rubygem-json-2.3.0-147.el10.x86_64.rpm
    sha:3ece5ea3c4abebcc57e376005cd206e017bd412fde65cc62485936baf6dc33e8
  • alt-ruby27-rubygem-minitest-5.13.0-147.el10.noarch.rpm
    sha:2560387723ddf8b70e5c70613058d9e7536fb958d34190d6130db534b576c2ac
  • alt-ruby27-rubygem-net-telnet-0.2.0-147.el10.noarch.rpm
    sha:f79c2c39c2e125fa55cb81a545597da85e440bce955d9c25fd23bd3c6b93c6ad
  • alt-ruby27-rubygem-openssl-2.1.4-147.el10.x86_64.rpm
    sha:07224ac85d8fb454a4db4a84277d97ebd94295fbec69977a539e70eb0f498602
  • alt-ruby27-rubygem-power_assert-1.1.7-147.el10.noarch.rpm
    sha:1313f3d3d4cdc60f904e5568212dd0af7bb212e004d5f7dc022fcdb8a8ebbc17
  • alt-ruby27-rubygem-psych-3.1.0-147.el10.x86_64.rpm
    sha:dc153bde8a9591b447acfb51b6d0615c361eee0fa68c0f515c14d3c0e5a2e05b
  • alt-ruby27-rubygem-rake-13.0.1-147.el10.noarch.rpm
    sha:4d2610bd4d59072761a4aab35518261be0711763c20670581caf38ae3a14d7fc
  • alt-ruby27-rubygem-rdoc-6.2.1.1-147.el10.noarch.rpm
    sha:418b18b9cfaed8b60ebc5f984ca87206ddf9960a5007b386d99c068fe4d1e455
  • alt-ruby27-rubygem-test-unit-3.3.4-147.el10.noarch.rpm
    sha:ef08948bb213c41ee8af07e94fe4cd21c33679a9579fa939a6185269e3856557
  • alt-ruby27-rubygem-xmlrpc-0.3.0-147.el10.noarch.rpm
    sha:e0d752bb2140ae632c802f56299820b3bdd93b77eb48cd8a9c43e0058fc9368b
  • alt-ruby27-rubygems-3.1.6-147.el10.noarch.rpm
    sha:4d18f542f2e3db6340ba78355e13b571549fe1a6afa60d14215f9a958b486c52
  • alt-ruby27-rubygems-devel-3.1.6-147.el10.noarch.rpm
    sha:5824b7517b16cdbce099fcd581d2612651ff61f758aaec017c03ea967b250259
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.