[SECURITY] Fedora 41 Update: c-ares-1.34.5-1.fc41

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...

freetype security update

2.10.4-10 - Fix for CVE-2025-27363 out-of-bound write vulnerability - Patch initially by Marc Deslauriers of Canonical - https://www.openwall.com/lists/oss-security/2025/03/14/3 - Adjusted for EL9 by Jonathan Wright of AlmaLinux - and a member of the Meta security team - Resolves: RHEL-83105...

perl-App-cpanminus security update

1.7044-14.1 - Patch the code to use https instead of http CVE-2024-45321 - Resolves: RHEL-56519...

grafana-pcp security update

5.1.1-9 - Resolves: RHEL-57932 5.1.1-8 - Add a premade uwsgi dashboard for the vector datasource...

CVE-2024-53082 virtio_net: Add hash_key_length check

In the Linux kernel, the following vulnerability has been resolved: virtionet: Add hashkeylength check Add hashkeylength check in virtnetprobe to avoid possible out of bound errors when setting/reading the hash key...

jose security update

14-1 - Rebase jose-14 upstream version Resolves: RHEL-38079...

CVE-2024-50016 affecting package kernel for versions less than 6.6.57.1-2

CVE-2024-50016 affecting package kernel for versions less than 6.6.57.1-2. An upgraded version of the package is available that resolves this issue...

CVE-2024-49890 affecting package kernel for versions less than 6.6.57.1-2

CVE-2024-49890 affecting package kernel for versions less than 6.6.57.1-2. An upgraded version of the package is available that resolves this issue...

CVE-2024-49883 affecting package kernel for versions less than 6.6.57.1-2

CVE-2024-49883 affecting package kernel for versions less than 6.6.57.1-2. An upgraded version of the package is available that resolves this issue...

CVE-2024-49863 affecting package kernel for versions less than 6.6.56.1-5

CVE-2024-49863 affecting package kernel for versions less than 6.6.56.1-5. An upgraded version of the package is available that resolves this issue...

CVE-2024-49860 affecting package kernel for versions less than 6.6.56.1-5

CVE-2024-49860 affecting package kernel for versions less than 6.6.56.1-5. An upgraded version of the package is available that resolves this issue...

CVE-2024-50013 affecting package kernel for versions less than 6.6.57.1-2

CVE-2024-50013 affecting package kernel for versions less than 6.6.57.1-2. An upgraded version of the package is available that resolves this issue...

CVE-2024-47753 affecting package kernel for versions less than 6.6.56.1-5

CVE-2024-47753 affecting package kernel for versions less than 6.6.56.1-5. An upgraded version of the package is available that resolves this issue...

CVE-2024-46858 affecting package kernel for versions less than 6.6.56.1-5

CVE-2024-46858 affecting package kernel for versions less than 6.6.56.1-5. An upgraded version of the package is available that resolves this issue...

grafana-pcp security update

5.1.1-9 - Resolves RHEL-61780: CVE-2024-9355...

CVE-2024-9026 affecting package php for versions less than 8.1.30-1

CVE-2024-9026 affecting package php for versions less than 8.1.30-1. An upgraded version of the package is available that resolves this issue...

mod_http2 security update

2.0.26-2.1 - Resolves: RHEL-45803 - modhttp2: DoS by null pointer in websocket over HTTP/2 CVE-2024-36387...

grafana security update

9.2.10-19 - Resolves RHEL-62309: CVE-2024-47875 9.2.10-18 - Resolves RHEL-61049: CVE-2024-9355...

CVE-2024-21159 affecting package mysql for versions less than 8.0.40-1

CVE-2024-21159 affecting package mysql for versions less than 8.0.40-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-20996 affecting package mysql for versions less than 8.0.40-1

CVE-2024-20996 affecting package mysql for versions less than 8.0.40-1. An upgraded version of the package is available that resolves this issue...