[CLSA-2026:1781511945] alt-ruby27: Fix of 3 CVEs
Type:
security
Severity:
Important
Release date:
2026-06-15 08:27:42 UTC
Description:
- CVE-2025-27219: cgi dos via super-linear CGI::Cookie.parse cookie merge. - CVE-2025-27220: cgi redos in CGI::Util#escapeElement element matcher. - CVE-2025-61594: uri password leak when combining URIs (CVE-2025-27221 bypass).
CVEs fixed:
Updated packages:
  • alt-ruby27-2.7.8-147.el8.x86_64.rpm
    sha:121d181e95f9b4f28bd8f6182ee8760967ccedd24a7eb0380f7f102128d29378
  • alt-ruby27-default-gems-2.7.8-147.el8.noarch.rpm
    sha:608b7a77122a94c2d34ea7e5c7b44faf07132a8106de30c3d786b7fb836b1cc0
  • alt-ruby27-devel-2.7.8-147.el8.x86_64.rpm
    sha:244c0f473d529f35e6e64a21d9f3f066c34a223220025907e3122860c7c85982
  • alt-ruby27-doc-2.7.8-147.el8.noarch.rpm
    sha:aa27208be2b6fff23068f5e48ebb1cbce9abb77028a3fd7a00afe1bc831d409a
  • alt-ruby27-libs-2.7.8-147.el8.x86_64.rpm
    sha:86b13ce06d319149896352272cb25de0e35ab59e43f18887ddf5a61c7da4d110
  • alt-ruby27-rubygem-bigdecimal-2.0.0-147.el8.x86_64.rpm
    sha:1bee8229eec064a719a9074748ec164b5bc253f31d71252cdf9e20c74375b417
  • alt-ruby27-rubygem-bundler-2.2.24-147.el8.noarch.rpm
    sha:be5515749df08f40652fccce9a075d2681d2b00b16c6370016853a49a5afae45
  • alt-ruby27-rubygem-io-console-0.5.6-147.el8.x86_64.rpm
    sha:43038918f22bf38bd35f4e17bbdb43ca693a401789fcd1103512ffd37c61dcc4
  • alt-ruby27-rubygem-irb-1.2.6-147.el8.noarch.rpm
    sha:7924cf9dd1ff3dd4e355ca32ca6116f5360aa14992346a79700909486e925065
  • alt-ruby27-rubygem-json-2.3.0-147.el8.x86_64.rpm
    sha:ff26af5f74e83f95aa4768f594642399ec9eb40fb451b9b51069908c17826613
  • alt-ruby27-rubygem-minitest-5.13.0-147.el8.noarch.rpm
    sha:2129ca8e7de0c0f42cacba21a2b25852ced84ffb5beda07d5ae4cf4e0dfb38da
  • alt-ruby27-rubygem-net-telnet-0.2.0-147.el8.noarch.rpm
    sha:9e2182ca79f9e78746c2b1e86c4b956c7c07974bc44a1561f262ef5ef7b24695
  • alt-ruby27-rubygem-openssl-2.1.4-147.el8.x86_64.rpm
    sha:9e87c1bafe325be27e53394705b677dcd24bf54dfb8c6ac7cc4cdbf86fa1e8e8
  • alt-ruby27-rubygem-power_assert-1.1.7-147.el8.noarch.rpm
    sha:f0a81f5fdf728793432cc08f84fdc5656294a47db4e481d74262d2a0ed11d8aa
  • alt-ruby27-rubygem-psych-3.1.0-147.el8.x86_64.rpm
    sha:c7582be03e7a4a3f6764d0a37f33d6d98335397327960b4aea4493847ab12e7a
  • alt-ruby27-rubygem-rake-13.0.1-147.el8.noarch.rpm
    sha:2cb91b22d57817a8f93ac4ab91968a3abf0235c6b217a7ca96ffab3571f75749
  • alt-ruby27-rubygem-rdoc-6.2.1.1-147.el8.noarch.rpm
    sha:cd4aa46a0696ba01f44adaabf779e2ac63ba25550824e11f920805be86203116
  • alt-ruby27-rubygem-test-unit-3.3.4-147.el8.noarch.rpm
    sha:b2c71d1f020a93e2dd0ef4556a396f65c91bb1f22307236f43ad86fdebcf01bc
  • alt-ruby27-rubygem-xmlrpc-0.3.0-147.el8.noarch.rpm
    sha:4707096796a8bef55c02dd1b67fbb0c71a606f24b219d4c0ce3685d078a9478e
  • alt-ruby27-rubygems-3.1.6-147.el8.noarch.rpm
    sha:eb2b2f416f2276f1fbb0429ad8ed9a33fbc076394920604d1fee46cb38dc2104
  • alt-ruby27-rubygems-devel-3.1.6-147.el8.noarch.rpm
    sha:6d0aa59c17d2747737ec9866ba5b3240f8163c36771b2d311d41b9453b19a55e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.