From 6eee5b254bec1873d3fbbf183d480ee45ed14883 Mon Sep 17 00:00:00 2001
From: Huda <18461096+hudakh@users.noreply.github.com>
Date: Tue, 28 Oct 2025 23:00:19 +0000
Subject: [PATCH 1/4] Add CVE-2025-24294: DoS in resolv gem bundled with ruby

---
 .../CVE\342\200\2212025\342\200\22124294.yml" | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 "rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml"

diff --git "a/rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml" "b/rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml"
new file mode 100644
index 0000000000..08fa98cdd3
--- /dev/null
+++ "b/rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml"
@@ -0,0 +1,27 @@
+title: "CVE-2025-24294: DoS in resolv gem"
+cve: "CVE-2025-24294"
+date: "2025-07-08"
+url: "https://www.ruby-lang.org/en/news/2025/07/08/dos-resolv-cve-2025-24294/"
+description: |
+  A denial of service vulnerability has been discovered in the `resolv` gem bundled with Ruby.
+  The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet.
+  An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet,
+  the name-decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name.
+  This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition.
+affected:
+  - ruby: "3.2"
+    gem: "resolv"
+    versions: "<= 0.2.2"
+  - ruby: "3.3"
+    gem: "resolv"
+    versions: "<= 0.3.0"
+  - ruby: "3.4"
+    gem: "resolv"
+    versions: "<= 0.6.1"
+credits:
+  - name: "Manu"
+    source: "HackerOne"
+references:
+  - url: "https://www.ruby-lang.org/en/news/2025/07/08/dos-resolv-cve-2025-24294/"
+  - url: "https://www.cve.org/CVE-2025-24294"
+  - url: "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/resolv/CVE-2025-24294.yml"
\ No newline at end of file

From 5d32206f665af3164fa8b4d8f2c69178ffe96549 Mon Sep 17 00:00:00 2001
From: Huda <huda@haesemathematics.com.au>
Date: Thu, 30 Oct 2025 08:55:01 +1030
Subject: [PATCH 2/4] Better conform to ruby-advisory-db YAML schema

---
 .../CVE\342\200\2212025\342\200\22124294.yml" | 39 +++++++++----------
 1 file changed, 18 insertions(+), 21 deletions(-)

diff --git "a/rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml" "b/rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml"
index 08fa98cdd3..0df63458fc 100644
--- "a/rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml"
+++ "b/rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml"
@@ -1,27 +1,24 @@
-title: "CVE-2025-24294: DoS in resolv gem"
-cve: "CVE-2025-24294"
-date: "2025-07-08"
-url: "https://www.ruby-lang.org/en/news/2025/07/08/dos-resolv-cve-2025-24294/"
+---
+engine: ruby
+cve: 2025-24294
+url: https://www.ruby-lang.org/en/news/2025/07/08/dos-resolv-cve-2025-24294/
+title: Possible Denial of Service in resolv gem
+date: 2025-07-08
 description: |
   A denial of service vulnerability has been discovered in the `resolv` gem bundled with Ruby.
+
   The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet.
   An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet,
   the name-decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name.
   This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition.
-affected:
-  - ruby: "3.2"
-    gem: "resolv"
-    versions: "<= 0.2.2"
-  - ruby: "3.3"
-    gem: "resolv"
-    versions: "<= 0.3.0"
-  - ruby: "3.4"
-    gem: "resolv"
-    versions: "<= 0.6.1"
-credits:
-  - name: "Manu"
-    source: "HackerOne"
-references:
-  - url: "https://www.ruby-lang.org/en/news/2025/07/08/dos-resolv-cve-2025-24294/"
-  - url: "https://www.cve.org/CVE-2025-24294"
-  - url: "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/resolv/CVE-2025-24294.yml"
\ No newline at end of file
+patched_versions:
+  - "~> 3.2.9"
+  - "~> 3.3.9"
+  - ">= 3.4.5"
+related:
+  url:
+  - https://github.com/rubysec/ruby-advisory-db/blob/master/gems/resolv/CVE-2025-24294.yml
+  - https://www.cve.org/CVE-2025-24294
+  - https://www.ruby-lang.org/en/news/2025/07/24/ruby-3-2-9-released/
+  - https://www.ruby-lang.org/en/news/2025/07/24/ruby-3-3-9-released/
+  - https://www.ruby-lang.org/en/news/2025/07/15/ruby-3-4-5-released/

From 931c5ecea028a6e1bee08ad36f4355c5b7c8616f Mon Sep 17 00:00:00 2001
From: Huda <huda@haesemathematics.com.au>
Date: Tue, 4 Nov 2025 14:43:59 +1030
Subject: [PATCH 3/4] Fix indentation

---
 "rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml" | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git "a/rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml" "b/rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml"
index 0df63458fc..f177ecad58 100644
--- "a/rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml"
+++ "b/rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml"
@@ -17,8 +17,8 @@ patched_versions:
   - ">= 3.4.5"
 related:
   url:
-  - https://github.com/rubysec/ruby-advisory-db/blob/master/gems/resolv/CVE-2025-24294.yml
-  - https://www.cve.org/CVE-2025-24294
-  - https://www.ruby-lang.org/en/news/2025/07/24/ruby-3-2-9-released/
-  - https://www.ruby-lang.org/en/news/2025/07/24/ruby-3-3-9-released/
-  - https://www.ruby-lang.org/en/news/2025/07/15/ruby-3-4-5-released/
+    - https://github.com/rubysec/ruby-advisory-db/blob/master/gems/resolv/CVE-2025-24294.yml
+    - https://www.cve.org/CVE-2025-24294
+    - https://www.ruby-lang.org/en/news/2025/07/24/ruby-3-2-9-released/
+    - https://www.ruby-lang.org/en/news/2025/07/24/ruby-3-3-9-released/
+    - https://www.ruby-lang.org/en/news/2025/07/15/ruby-3-4-5-released/

From 752f187ad0cae4e2599c6be7354243c0c755f446 Mon Sep 17 00:00:00 2001
From: Huda <huda@haesemathematics.com.au>
Date: Tue, 4 Nov 2025 16:43:24 +1030
Subject: [PATCH 4/4] Rename file to include correct hyphen

---
 .../ruby/CVE-2025-24294.yml                                       | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename "rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml" => rubies/ruby/CVE-2025-24294.yml (100%)

diff --git "a/rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml" b/rubies/ruby/CVE-2025-24294.yml
similarity index 100%
rename from "rubies/ruby/CVE\342\200\2212025\342\200\22124294.yml"
rename to rubies/ruby/CVE-2025-24294.yml