ALASRUBY3.0-2023-006

An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc. (CVE-2021-31799)

aarch64:
    ruby-3.0.1-148.amzn2.0.1.aarch64
    ruby-devel-3.0.1-148.amzn2.0.1.aarch64
    ruby-libs-3.0.1-148.amzn2.0.1.aarch64
    rubygem-bigdecimal-3.0.0-148.amzn2.0.1.aarch64
    rubygem-io-console-0.5.7-148.amzn2.0.1.aarch64
    rubygem-json-2.5.1-148.amzn2.0.1.aarch64
    rubygem-psych-3.3.0-148.amzn2.0.1.aarch64
    ruby-debuginfo-3.0.1-148.amzn2.0.1.aarch64

noarch:
    rubygems-3.2.15-148.amzn2.0.1.noarch
    rubygems-devel-3.2.15-148.amzn2.0.1.noarch
    ruby-default-gems-3.0.1-148.amzn2.0.1.noarch
    rubygem-irb-1.3.5-148.amzn2.0.1.noarch
    rubygem-rdoc-6.3.0-148.amzn2.0.1.noarch
    ruby-doc-3.0.1-148.amzn2.0.1.noarch
    rubygem-bundler-2.2.15-148.amzn2.0.1.noarch
    rubygem-minitest-5.14.2-148.amzn2.0.1.noarch
    rubygem-power_assert-1.2.0-148.amzn2.0.1.noarch
    rubygem-rake-13.0.3-148.amzn2.0.1.noarch
    rubygem-rbs-1.0.4-148.amzn2.0.1.noarch
    rubygem-test-unit-3.3.7-148.amzn2.0.1.noarch
    rubygem-rexml-3.2.5-148.amzn2.0.1.noarch
    rubygem-rss-0.2.9-148.amzn2.0.1.noarch
    rubygem-typeprof-0.12.0-148.amzn2.0.1.noarch

src:
    ruby-3.0.1-148.amzn2.0.1.src

x86_64:
    ruby-3.0.1-148.amzn2.0.1.x86_64
    ruby-devel-3.0.1-148.amzn2.0.1.x86_64
    ruby-libs-3.0.1-148.amzn2.0.1.x86_64
    rubygem-bigdecimal-3.0.0-148.amzn2.0.1.x86_64
    rubygem-io-console-0.5.7-148.amzn2.0.1.x86_64
    rubygem-json-2.5.1-148.amzn2.0.1.x86_64
    rubygem-psych-3.3.0-148.amzn2.0.1.x86_64
    ruby-debuginfo-3.0.1-148.amzn2.0.1.x86_64