CVE-2023-46219 affecting package cmake for versions less than 3.29.6-1

CVE-2023-46219 affecting package cmake for versions less than 3.29.6-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-6129 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

CVE-2023-6129 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...

java-21-openjdk security update

1:21.0.4.0.7-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.4.0.7-1 - Update to jdk-21.0.4+7 GA - Update release notes to 21.0.4+7 - Switch to GA mode. - Sync the copy of the portable specfile with the latest update - Add missing section headers in NEWS - This tarball is embargoed unti...

CVE-2022-48822

In the Linux kernel, the following vulnerability has been resolved: usb: ffs: Fix use-after-free for epfile Consider a case where ffsfuncepsdisable is called from ffsfuncdisable as part of composition switch and at the same time ffsepfilerelease get called from userspace. ffsepfilerelease will fr...

git security update

2.43.5-1 - Update to 2.43.5 - Related: RHEL-36402, RHEL-36414 2.43.4-1 - Update to 2.43.4 - Resolves: RHEL-36402, RHEL-36414...

CVE-2024-3727 affecting package ig for versions less than 0.29.0-1

CVE-2024-3727 affecting package ig for versions less than 0.29.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-49569 affecting package cri-o for versions less than 1.30.1-1

CVE-2023-49569 affecting package cri-o for versions less than 1.30.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-27013 affecting package kernel for versions less than 5.15.158.1-1

CVE-2024-27013 affecting package kernel for versions less than 5.15.158.1-1. An upgraded version of the package is available that resolves this issue...

ruby:3.3 security, bug fix, and enhancement update

ruby 3.3.1-2 - Upgrade to Ruby 3.3.1. Resolves: RHEL-37697 - Fix buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-37699 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281 Resolves: RHEL-37696 - Fix Arbitrary memory address read vulnerability with Regex searc...

python39:3.9 and python39-devel:3.9 security update

modwsgi numpy python39 3.9.19-1 - Update to 3.9.19 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix tests for XMLPullParser with Expat with fixed CVE Resolves: RHEL-33676, RHEL-33688 python3x-pip python3x-setuptools python3x-six python-cffi python-chardet python-cryptography python-idna...

CVE-2024-36018

In the Linux kernel, the following vulnerability has been resolved: nouveau/uvmm: fix addr/range calcs for remap operations dEQP-VK.sparseresources.imagerebind.2darray.r64i.1281288 was causing a remap operation like the below. opremap: prev: 0000003fffed0000 00000000000f0000 00000000a5abd18a...

Oracle Linux 8 : tigervnc (ELSA-2024-3067)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3067 advisory. - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20388 - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap...

Fedora: Security Advisory (FEDORA-2024-9963d77dcb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for c-ares (FEDORA-2024-d351e7318e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

gstreamer1-plugins-bad-free security update

1.16.1-4.0.1 - Update origin URL Orabug: 36209826 1.16.1-4 - Patch CVE-2023-40474: Integer overflow - Patch CVE-2023-40475: Integer overflow - Patch CVE-2023-40476: Integer overflow in H.265 video parser - Resolves: RHEL-19500, RHEL-19504, RHEL-19507 1.16.1-3 - Bump to avoid conflict with z strea...

ghostscript security update

9.27-12 - fix to prevent divison by zero in devices - Resolves: rhbz2235009...

webkit2gtk3 security update

2.42.5-1 - Update to 2.42.5 Resolves: RHEL-3961 2.42.4-1 - Update to 2.42.4 Resolves: RHEL-3961 Resolves: RHEL-19365 2.42.3-1 - Update to 2.42.3 Resolves: RHEL-3961 2.42.2-1 - Update to 2.42.2 Resolves: RHEL-3961 2.42.1-1 - Update to 2.42.1 Resolves: RHEL-3961 2.42.0-1 - Upgrade to 2.42.0 Resolve...

pcs security update

0.10.18-2.0.1 - Replace HAM-logo.png with a generic one 0.10.18-2 - Fixed CVE-2024-25126, CVE-2024-26141, CVE-2024-26146 in bundled dependency rack Resolves: RHEL-26445, RHEL-26447, RHEL-26449 0.10.18-1 - Rebased to the latest sources see CHANGELOG.md Resolves: RHEL-7741 0.10.17-6 - Rebased to th...

python3.11-cryptography security update

37.0.2-6 - Security fix for CVE-2023-49083 - Resolves: RHEL-19831...

gstreamer1-plugins-base security update

1.16.1-3.0.1 - Update origin URL Orabug: 36209826 1.16.1-3 - CVE-2023-37328 gstreamer1-plugins-base: heap overwrite in subtitle parsing - Resolves: RHEL-19472...