ALSA-2023:6341 Moderate: xorg-x11-server-Xwayland security, bug fix, and enhancement update

Xwayland is an X server for running X clients under Wayland. The following packages have been upgraded to a later upstream version: xorg-x11-server-Xwayland 22.1.9. BZ2158761 Security Fixes: xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability...

Moderate: libqb security update

The libqb packages provide a library with the primary purpose of providing high performance client/server reusable features, such as high performance logging, tracing, inter-process communication, and polling. Security Fixes: libqb: Buffer overflow in logblackbox.c CVE-2023-39976 For more details...

Low: gmp security and enhancement update

The gmp packages contain GNU MP, a library for arbitrary precision arithmetics, signed integers operations, rational numbers, and floating point numbers. Security Fixes: gmp: Integer overflow and resultant buffer overflow via crafted input CVE-2021-43618 For more details about the security issues...

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...

Low: gdb security update

The GNU Debugger GDB allows users to debug programs written in various programming languages including C, C++, and Fortran. Security Fixes: libiberty: Heap/stack buffer overflow in the dlanglname function in d-demangle.c CVE-2021-3826 For more details about the security issues, including the...

Moderate: python3.11-pip security update

pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index PyPI. pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". Security Fixes: python: tarfile...

Moderate: libfastjson security update

The libfastjson library provides essential JavaScript Object Notation JSON handling functions. The library enables users to construct JSON objects in C, output them as JSON-formatted strings, and convert JSON-formatted strings back to the C representation of JSON objects. Security Fixes: json-c,...

Moderate: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: stack buffer overflow in LibRawbufferdatastream::gets in src/librawdatastream.cpp CVE-2021-32142 For more details about the security issues, including the...

Moderate: xorg-x11-server security and bug fix update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability...

Moderate: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http, golang.org/x/net/http2: avoid quadrati...

Moderate: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: golang: crypto/tls: large handshake records may cause panics CVE-2022-41724 runc: Rootless runc makes /sys/fs/cgroup writable CVE-2023-25809 runc: volume mount...

Moderate: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

Moderate: dnsmasq security and bug fix update

The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 CVE-2023-28450 For more details about the security issues,...

Moderate: sysstat security and bug fix update

The sysstat packages provide the sar and iostat commands. These commands enable system monitoring of disk, network, and other I/O activity. Security Fixes: sysstat: checkoverflow function can work incorrectly, which could lead to an overflow CVE-2023-33204 For more details about the security...

Moderate: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Commons FileUpload: FileUpload DoS with excessive parts CVE-2023-24998 tomcat: not including the secure attribute causes information disclosure CVE-2023-28708 tomcat: Fix for...

Moderate: xorg-x11-server-Xwayland security, bug fix, and enhancement update

Xwayland is an X server for running X clients under Wayland. The following packages have been upgraded to a later upstream version: xorg-x11-server-Xwayland 22.1.9. BZ2158761 Security Fixes: xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability...

Moderate: haproxy security and bug fix update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: data leak via fcgi requests CVE-2023-0836 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relate...

Moderate: podman security, bug fix, and enhancement update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http...

Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

ALSA-2023:6420 Moderate: grafana security and enhancement update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: persistent xss in grafana core plugins CVE-2022-23552 grafana: plugin signature bypass CVE-2022-31123 grafana: data source and plugin proxy endpoints leaking...