Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. RubyGems is the Ruby standard for publishing and managing third-party libraries.
It was discovered that the rubygems API validated version strings using an unsafe regular expression. An application making use of this API to process a version string from an untrusted source could be vulnerable to a denial of service attack through CPU exhaustion. (CVE-2013-4287)
Red Hat would like to thank Rubygems upstream for reporting CVE-2013-4287. Upstream acknowledges Damir Sharipov as the original reporter.
All ruby193-ruby users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.