ALSA-2024:2456 Moderate: grub2 security update

The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2:...

ALSA-2024:2135 Moderate: qemu-kvm security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: QEMU: e1000e: heap use-after-free in e1000ewritepackettoguest CVE-2023-3019...

ALSA-2024:2204 Moderate: libnbd security update

Network Block Device NBD is a protocol for accessing Block Devices hard disks and disk-like devices over a Network. The libnbd is a userspace client library for writing NBD clients. Security Fixes: libnbd: Malicious NBD server may crash libnbd CVE-2023-5871 libnbd: Crash or misbehaviour when NBD...

ALSA-2024:2159 Moderate: python3.11-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 For more details about the security issues, including the impact, a CVSS...

ALSA-2024:2483 Moderate: traceroute security update

The traceroute utility displays the route used by IP packets on their way to a specified network or Internet host. Security Fixes: traceroute: improper command line parsing CVE-2023-46316 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

ALSA-2024:2199 Important: pmix security update

The Process Management Interface PMI provides process management functions for MPI implementations. PMI Exascale PMIx provides an extended version of the PMI standard specifically designed to support clusters up to and including exascale sizes. Security Fixes: pmix: race condition allows attacker...

ALSA-2024:2264 Important: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message CVE-2023-45235 EDK2: heap buffer...

ALSA-2024:2512 Low: file security update

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format ELF binary files, system libraries, RPM packages, and different graphics formats. Security Fixes: file:...

ALSA-2024:2239 Moderate: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. CVE-2023-45287 For more details about the security...

ALSA-2024:2302 Moderate: gstreamer1-plugins-base security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. Security Fixes: gstreamer-plugins-base: heap overwrite in subtitle parsing CVE-2023-37328 For more details...

ALSA-2024:2290 Moderate: mutt security update

Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fixes: mutt: null pointer dereference CVE-2023-4874 mutt: null pointer dereference...

ALSA-2024:2368 Moderate: mod_http2 security update

The modhttp2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: modhttp2: DoS in HTTP/2 with initial window size 0 CVE-2023-43622 modhttp2: reset requests exhaust memory incomplete fix of CVE-2023-44487 CVE-2023-45802 For mo...

ALSA-2024:2528 Low: mingw-glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GVariant offset table...

ALSA-2024:2213 Moderate: pcp security update

Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fixes: pcp:...

ALSA-2024:2160 Moderate: toolbox security update

Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fixes: golang: html/template: improper handling of HTML-like comments within script contexts...

ALSA-2024:2170 Moderate: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367 xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions CVE-2023-6377 xorg-x11-server: out-of-bounds...

ALSA-2024:2137 Low: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: a heap-buffer-overflow in raw2imageex CVE-2023-1729 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

ALSA-2024:2410 Moderate: harfbuzz security update

HarfBuzz is an implementation of the OpenType Layout engine. Security Fixes: harfbuzz: allows attackers to trigger On^2 growth via consecutive marks CVE-2023-25193 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer...

ALSA-2024:2147 Moderate: ipa security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: freeipa: specially crafted HTTP requests potentially lead to denial of service CVE-2024-1481 For more...

ALSA-2024:2377 Moderate: zziplib security update

The zziplib is a lightweight library to easily extract data from zip files. Security Fixes: zziplib: invalid memory access at zzipdiskentrytofileheader in mmapped.c CVE-2020-18770 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...