AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300, SRG3300 Security Vulnerabilities

postgresql-jdbc security update

An update is available for postgresql-jdbc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced object-relational database management...

golang security update

An update is available for golang. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...

tigervnc security update

An update is available for tigervnc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Virtual Network Computing (VNC) is a remote display system which allows...

gimp security update

An update is available for gimp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The GIMP (GNU Image Manipulation Program) is an image composition and editing...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. This...

Important: git-lfs security update

Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS...

Moderate: python-jwcrypto security update

The python-jwcrypto package provides Python implementations of the JSON Web Key (JWK), JSON Web Signature (JWS), JSON Web Encryption (JWE), and JSON Web Token (JWT) JOSE (JSON Object Signing and Encryption) standards. Security Fix(es): python-jwcrypto: malicious JWE token can cause denial of...

Important: pcp security, bug fix, and enhancement update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

Important: tracker-miners security update

Tracker is a powerful desktop-neutral first class object database, tag/metadata database and search tool. This package contains various miners and metadata extractors for tracker. Security Fix(es): tracker-miners: sandbox escape (CVE-2023-5557) For more details about the security issue(s),...

Moderate: perl-CPAN security update

The CPAN module is a tool to query, download and build perl modules from CPAN sites. Security Fix(es): perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS (CVE-2023-31484) For more details about the security issue(s), including the impact, a CVSS score,...

aardvark-dns bug fix and enhancement update

An update is available for aardvark-dns. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The aardvark-dns package is and authoritative DNS server for A/AAAA...

perl-CPAN security update

An update is available for perl-CPAN. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The CPAN module is a tool to query, download and build perl modules from...

python3.11-cryptography security update

An update is available for python3.11-cryptography. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-cryptography packages contain a Python...

mod_http2 security update

An update is available for mod_http2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on...

Low: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.10.0. Security Fix(es): Mozilla: Denial of Service using HTTP/2 CONTINUATION frames (CVE-2024-3302) For more details about the security issue(s), including the impact, a CVSS score,...

Moderate: freeglut security update

freeglut is a completely open source alternative to the OpenGL Utility Toolkit (GLUT) library with an OSI approved free software license. Security Fix(es): freeglut: memory leak via glutAddSubMenu() function (CVE-2024-24258) freeglut: memory leak via glutAddMenuEntry() function...

firefox security update

An update is available for firefox. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).....

qemu-kvm security update

An update is available for qemu-kvm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine (KVM) is a full virtualization solution for...

tracker-miners security update

An update is available for tracker-miners. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Tracker is a powerful desktop-neutral first class object database,...

keylime security update

An update is available for keylime. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Keylime is a TPM based highly scalable remote boot attestation and runtime...

grafana security update

An update is available for grafana. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor...

podman security and bug fix update

An update is available for podman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of....

grafana-pcp security update

An update is available for grafana-pcp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list grafana-pcp is an open source Grafana plugin for PCP. Security Fix(es): ....

python-jwcrypto security update

An update is available for python-jwcrypto. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-jwcrypto package provides Python implementations of the...

freeglut security update

An update is available for freeglut. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list freeglut is a completely open source alternative to the OpenGL Utility...

Moderate: gstreamer1-plugins-base security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. Security Fix(es): gstreamer-plugins-base: heap overwrite in subtitle parsing (CVE-2023-37328) For more...

Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): grafana: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) grafana: vulnerable to authorization bypass...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.10.0 ESR. Security Fix(es): GetBoundName in the JIT returned the wrong object (CVE-2024-3852) Out-of-bounds-read after mis-optimized...

Low: keylime security update

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fix(es): keylime: Attestation failure when the quote's signature does not validate (CVE-2023-3674) For more details about the security issue(s), including the impact, a CVSS score,...

Moderate: python3.11-cryptography security update

The python-cryptography packages contain a Python Cryptographic Authority's (PyCA's) cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fix(es): python-cryptography: NULL-dereference when loading PKCS7 certificates (CVE-2023-49083) For more...

pcp security, bug fix, and enhancement update

An update is available for pcp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for...

Important: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fix(es): PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE...

Important: grafana-pcp security update

grafana-pcp is an open source Grafana plugin for PCP. Security Fix(es): grafana-pcp: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other...

Moderate: mod_http2 security update

The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. Security Fix(es): mod_http2: httpd: CONTINUATION frames DoS (CVE-2024-27316) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and...

Moderate: yajl security update

Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON generator. Security Fix(es): yajl: Memory leak in yajl_tree_parse function (CVE-2023-33460) For more details about the security issue(s), including the impact, a CVSS...

Moderate: libjpeg-turbo security update

The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fix(es): libjpeg-turbo:...

libjpeg-turbo security update

An update is available for libjpeg-turbo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libjpeg-turbo packages contain a library of functions for...

varnish security update

An update is available for varnish. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Varnish Cache is a high-performance HTTP accelerator. It stores web pages in....

Important: varnish security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): varnish: HTTP/2 Broken Window Attack may result in denial of service...

.NET 7.0 bugfix update

An update is available for dotnet7.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET Core is a managed-software framework. It implements a subset of the...

Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

unbound security update

An update is available for unbound. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The unbound packages provide a validating, recursive, and caching DNS or...

Important: postgresql security update

PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es): postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL (CVE-2024-0985) For more details about the security issue(s), including the impact, a CVSS score,...

Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. The default...

Moderate: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with...

Important: edk2 security update

EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message (CVE-2023-45235) EDK2:...

postgresql security update

An update is available for postgresql. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced object-relational database management system...

edk2 security update

An update is available for edk2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual.....

.NET 8.0 bug fix update

An update is available for dotnet8.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET Core is a managed-software framework. It implements a subset of the...