CLSA-2026:1780915393

[CLSA-2026:1780915393] alt-ruby27: Fix of 2 CVEs

Type:

security

Severity:

Moderate

Release date:

2026-06-08 10:44:56 UTC

Description:

- CVE-2024-35176: rexml dos via attribute value with many `>` characters.
- CVE-2024-39908: rexml redos via repeated space characters in ATTLIST.

CVEs fixed:

Updated packages:

alt-ruby27-2.7.8-145.el9.x86_64.rpm
sha:b7d995105f96dcc619ca77eea0459f834e8132469dfab2da607276595a6eced5
alt-ruby27-default-gems-2.7.8-145.el9.noarch.rpm
sha:8d2bcdb73f0ba76994780a581577021e88df60fc617d41bbafaa8d744bed8f82
alt-ruby27-devel-2.7.8-145.el9.x86_64.rpm
sha:80ef85816a5b2523e4076d5611f00393ebf2b3cddb6f95542ab92e37c96bbca7
alt-ruby27-doc-2.7.8-145.el9.noarch.rpm
sha:b178768ee979bf8769fbf85d80c75777a8fb54a8ad2a13c80c41af5da4116f3b
alt-ruby27-libs-2.7.8-145.el9.x86_64.rpm
sha:318bc505607d2cbb2b726510143b21207a0d1bc9152c9a8830ef9b0e646d92f0
alt-ruby27-rubygem-bigdecimal-2.0.0-145.el9.x86_64.rpm
sha:f34dc10aa12cd034112fb2b5496b2c5f8b27d4e0f5a075812fea0c9143ea1782
alt-ruby27-rubygem-bundler-2.2.24-145.el9.noarch.rpm
sha:3bb233a423faa595cfbb1afd935b381a0ae4be5d9b76941d9b65033390ded6a8
alt-ruby27-rubygem-io-console-0.5.6-145.el9.x86_64.rpm
sha:c2a1b027be6c2a870ab0ffdfba8ec47fa3ba755e880c3f18312ca3876a87bd3b
alt-ruby27-rubygem-irb-1.2.6-145.el9.noarch.rpm
sha:eb7056a11cf84b808d86abaf403f1e256b22ff80fae918465b3582ecd9e5605c
alt-ruby27-rubygem-json-2.3.0-145.el9.x86_64.rpm
sha:59f9d9599fde52fb425e4ec4818055865865ae517ff78201838b10bbcd8ef1fe
alt-ruby27-rubygem-minitest-5.13.0-145.el9.noarch.rpm
sha:e9d7e71e29c1b8763c1c97460e8cd3a33d72685180f4ddeecc32cfdf1275c6bf
alt-ruby27-rubygem-net-telnet-0.2.0-145.el9.noarch.rpm
sha:01df83f82c59f98311b7b618bdbd1d626270fa57a430ac7979e41ca4bc1fd585
alt-ruby27-rubygem-openssl-2.1.4-145.el9.x86_64.rpm
sha:6e47b314efb6e20944683146de4c15b4f0f9a053f67c133550e674d52bcf41c1
alt-ruby27-rubygem-power_assert-1.1.7-145.el9.noarch.rpm
sha:313c695fd787a75a0f1bd5428310b864e7485001631f5b89f1513a634b24ee7c
alt-ruby27-rubygem-psych-3.1.0-145.el9.x86_64.rpm
sha:3edd446932620aaab1d568a80607cf44fbf9fd4c891cab662c89ab89a813345c
alt-ruby27-rubygem-rake-13.0.1-145.el9.noarch.rpm
sha:811104482de7f5a70d9406a366d88369f12127d33728849c9e52200c3c77701a
alt-ruby27-rubygem-rdoc-6.2.1.1-145.el9.noarch.rpm
sha:e3b64c6b49d6f1113dbdf846fc71b8c12303b21e4209c8680baeb3d0ebc07abf
alt-ruby27-rubygem-test-unit-3.3.4-145.el9.noarch.rpm
sha:ab731bf094f985b7c252f7b36b90e70e3bd44a443ff81937d61b0151c0bef97b
alt-ruby27-rubygem-xmlrpc-0.3.0-145.el9.noarch.rpm
sha:036d77ddfd5b3bffb7c1d97e492803e29be8ab4cb0582d83bcbff808fd600c85
alt-ruby27-rubygems-3.1.6-145.el9.noarch.rpm
sha:c4b09266809c18c180bb469291eb1419c4e0e0f4d090b3b7df9d91e3bb668bb6
alt-ruby27-rubygems-devel-3.1.6-145.el9.noarch.rpm
sha:5492f24a2b19688633e591896f8fb477478dc28cc35e5851767f7824c07f2de0

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.