[CLSA-2026:1778255703] Fix CVE(s): CVE-2021-43809
Type:
security
Severity:
Important
Release date:
2026-05-08 15:55:17 UTC
Description:
* SECURITY UPDATE: Bundler argument injection via leading-dash Gemfile git URL - debian/patches/CVE-2021-43809.patch: insert "--" end-of-options separator before configured_uri in the clone and fetch commands built by lib/bundler/source/git/git_proxy.rb (the override .txz ships Bundler 2.2.24, predating the fix in 2.2.33). The clone command also reorders args so all flags precede "--", matching the upstream PR #5142 idiom. - CVE-2021-43809
Updated packages:
  • alt-ruby27_2.7.8-3_amd64.deb
    sha:2a876f6294abcb340e38758a8e6101920e705f7d
  • alt-ruby27-default-gems_2.7.8-3_amd64.deb
    sha:60b6d6e0da9ac6f9ef92b5e415652d113537b0b6
  • alt-ruby27-devel_2.7.8-3_amd64.deb
    sha:cae9aab20b7d60e8fc929902a7b53602e9d7af49
  • alt-ruby27-doc_2.7.8-3_amd64.deb
    sha:568750e9c7ac15b1c74cdab69f25ba0dbb69e283
  • alt-ruby27-libs_2.7.8-3_amd64.deb
    sha:c68bd4ab3840c30464b567e3460936af9b4d46f4
  • alt-ruby27-rubygem-bigdecimal_2.0.0-3_amd64.deb
    sha:9c9dccfa19d1282d41b9d9c837ded798dc2e7167
  • alt-ruby27-rubygem-bundler_2.2.24-3_amd64.deb
    sha:83791fed36236b68a50aa4e4cab90a46fe02e589
  • alt-ruby27-rubygem-io-console_0.5.6-3_amd64.deb
    sha:7d58d8e24765b3ec909465499b99a2ee37e788d1
  • alt-ruby27-rubygem-irb_1.2.6-3_amd64.deb
    sha:1c4d98eee2b82b018e1dae01660a3db83c8298b7
  • alt-ruby27-rubygem-json_2.3.0-3_amd64.deb
    sha:5355432b2f601b622185d9d93dc22290408ccd3f
  • alt-ruby27-rubygem-minitest_5.13.0-3_amd64.deb
    sha:b2ba40d13c111d0161652eafb911fe2b939d1331
  • alt-ruby27-rubygem-net-telnet_0.2.0-3_amd64.deb
    sha:5cf5e64b89cfe0eea2322d4ec10c799691a9e97b
  • alt-ruby27-rubygem-power-assert_1.1.7-3_amd64.deb
    sha:fdfa59faf8f0a793e7c37c4fee1eb32c629a7182
  • alt-ruby27-rubygem-psych_3.1.0-3_amd64.deb
    sha:1039270658aa432b8e04753a06a563d29bd1d238
  • alt-ruby27-rubygem-rake_13.0.1-3_amd64.deb
    sha:930f96701c645465776839b0e04e8d60018a437c
  • alt-ruby27-rubygem-rdoc_6.2.1.1-3_amd64.deb
    sha:83dfded128e74bf2806ae0ea63c1cee0af793cfd
  • alt-ruby27-rubygem-test-unit_3.3.4-3_amd64.deb
    sha:a9dafe0e5c3060aae04edc9c47bf1cae5de1c6cf
  • alt-ruby27-rubygem-typeprof_2.7.8-3_amd64.deb
    sha:a8f79f4cecee5aa77ecdbec9cbfb561c27423725
  • alt-ruby27-rubygem-xmlrpc_0.3.0-3_amd64.deb
    sha:10789df708273148e2cb8fa72dc7fea1e1ebc42e
  • alt-ruby27-rubygems_3.1.6-3_amd64.deb
    sha:0d79b88023ea4efbc73b9543ea4a21f26a86bf4d
  • alt-ruby27-rubygems-devel_3.1.6-3_amd64.deb
    sha:4ae49630c537e1df0403545e1efae77e9526ae87
  • alt-ruby27_2.7.8-3_arm64.deb
    sha:4d8255c392b3d994566c52102058f55e4b174af9
  • alt-ruby27-default-gems_2.7.8-3_arm64.deb
    sha:d412223599dff691b6305416248606941e691914
  • alt-ruby27-devel_2.7.8-3_arm64.deb
    sha:79c5ccd3ac5cf8401d76823b8fef283e8206e112
  • alt-ruby27-doc_2.7.8-3_arm64.deb
    sha:e7726b6d67ded585338c6e9cd6b20cc6b3cbb8b6
  • alt-ruby27-libs_2.7.8-3_arm64.deb
    sha:dd144a4ad301748bdffbf236cc1a20fd726fe50e
  • alt-ruby27-rubygem-bigdecimal_2.0.0-3_arm64.deb
    sha:c2ce9d489680715ef20cab15be2865e6cb4c5b15
  • alt-ruby27-rubygem-bundler_2.2.24-3_arm64.deb
    sha:d36a385a0aec79b2037241f77fc8f54d6dd86a7b
  • alt-ruby27-rubygem-io-console_0.5.6-3_arm64.deb
    sha:5781abe70fc2bde5db8c91799463259ad3ba8417
  • alt-ruby27-rubygem-irb_1.2.6-3_arm64.deb
    sha:9348f9a9e918cca88359891c92e924a256ec7931
  • alt-ruby27-rubygem-json_2.3.0-3_arm64.deb
    sha:2fd8a03a1e4f51c1af39a1197317cbb4786ed677
  • alt-ruby27-rubygem-minitest_5.13.0-3_arm64.deb
    sha:af1bbc73fc0b1bc2708896467fe569727ce98475
  • alt-ruby27-rubygem-net-telnet_0.2.0-3_arm64.deb
    sha:8b20ced4438e56295605fe6b6294f862dc81fa84
  • alt-ruby27-rubygem-power-assert_1.1.7-3_arm64.deb
    sha:921853ba128b07ab58abdf59cbc9211033e0b141
  • alt-ruby27-rubygem-psych_3.1.0-3_arm64.deb
    sha:768c876d86e3169aa350b9d369e9546b832e039b
  • alt-ruby27-rubygem-rake_13.0.1-3_arm64.deb
    sha:d7893acbcc34e100622d081a86cf388ac8945f68
  • alt-ruby27-rubygem-rdoc_6.2.1.1-3_arm64.deb
    sha:cfd4fb3eecd7e5f2eb24fa013b65566aa310e465
  • alt-ruby27-rubygem-test-unit_3.3.4-3_arm64.deb
    sha:91bd86a2973228d0c17ac063cae40f9ec729ae07
  • alt-ruby27-rubygem-typeprof_2.7.8-3_arm64.deb
    sha:1d5e4c4761734b58e55e820241083a7814e6166a
  • alt-ruby27-rubygem-xmlrpc_0.3.0-3_arm64.deb
    sha:3ab4e4aa85526a7fb20e0db00434cdb307de54cc
  • alt-ruby27-rubygems_3.1.6-3_arm64.deb
    sha:65cbb13b098f01abb488457ef19958430021e158
  • alt-ruby27-rubygems-devel_3.1.6-3_arm64.deb
    sha:d06fe40eb30a0536ed9b498367e4dcacba960406
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.