RLSA-2026:18556 Moderate: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: DNSBomb vulnerability CVE-2024-33655 unbound: Unbound domain hijacking via promiscuous records CVE-2025-11411 For more details about the security issues, including the impact, a CVSS...

RLSA-2026:18824 Moderate: luksmeta security update

LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in Rocky Linux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...

RLSA-2023:6699 Moderate: krb5 security and bug fix update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

Moderate: Red Hat Security Advisory: p11-kit security update

An update for p11-kit is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Moderate: open-vm-tools bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section...

RLSA-2024:2290 Moderate: mutt security update

Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fixes: mutt: null pointer dereference CVE-2023-4874 mutt: null pointer dereference...

RLSA-2024:2437 Moderate: exfatprogs security update

The exfatprogs package contains utilities for formatting and repairing exFAT filesystems. Security Fixes: exfatprogs: exfatprogs allows out-of-bounds memory access CVE-2023-45897 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

rust-toolset:rhel8 bug fix and enhancement update

An update is available for rust, module.rust. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

RLSA-2024:3166 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: scp allows command injection when using backtick characters in the destination...

RLSA-2024:9193 Moderate: python3.12-PyMySQL security update

This package contains a pure-Python MySQL client library. The goal of PyMySQL is to be a drop-in replacement for MySQLdb and work on CPython, PyPy, IronPython and Jython. Security Fixes: python-pymysql: SQL injection if used with untrusted JSON input CVE-2024-36039 For more details about the...

RLSA-2024:9192 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

RLSA-2024:9325 Low: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: Authenticated user can kill any process when enabling...

RLSA-2024:9404 Moderate: libgcrypt security update

The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fixes: libgcrypt: vulnerable to Marvin Attack CVE-2024-2236 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

RLSA-2024:9423 Moderate: python-dns security update

The python-dns package contains the dnslib module that implements a DNS client and additional modules that define certain symbolic constants used by DNS, such as dnstype, dnsclass and dnsopcode. Security Fixes: dnspython: denial of service in stub resolver CVE-2023-29483 For more details about th...

Medium: binutils

Issue Overview: A potential illegal memory access in binutils has been found when parsing a corrupt file. CVE-2023-1579 Affected Packages: binutils Issue Correction: Run dnf update binutils --releasever 2023.2.20231030 or dnf update --advisory ALAS2023-2023-425 --releasever 2023.2.20231030 to...

ALBA-2019:3638 trousers bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

Moderate: Red Hat Security Advisory: curl security, bug fix, and enhancement update

An update for curl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...