540 matches found
RLSA-2025:15887 Moderate: opentelemetry-collector security update
Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fixes: net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 For more details about the security issues, including the impact, a CVSS score,...
RLSA-2025:12850 Moderate: opentelemetry-collector security update
Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 For more details about the security issues, including the impact, a CVSS score...
RLSA-2025:7479 Important: opentelemetry-collector security update
Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fixes: go-jose: Go JOSE's Parsing Vulnerable to Denial of Service CVE-2025-27144 golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jw...
RLSA-2024:4367 Important: pki-core security update
The Public Key Infrastructure PKI Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fixes: dogtag ca: token authentication bypass vulnerability CVE-2023-4727 For more details about the security issues, including the impact, a CVSS...
RLSA-2024:4165 Important: pki-core security update
The Public Key Infrastructure PKI Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fixes: dogtag ca: token authentication bypass vulnerability CVE-2023-4727 For more details about the security issues, including the impact, a CVSS...
RLSA-2024:3061 Moderate: pki-core:10.6 and pki-deps:10.6 security update
The Public Key Infrastructure PKI Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fixes: jackson-databind: denial of service via a large depth of nested objects CVE-2020-36518 For more details about the security issues, including th...
RLSA-2024:3267 Moderate: idm:DL1 and idm:client security update
Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: JWCrypto: denail of service Via specifically crafted JWE CVE-2023-6681...
RLSA-2024:3755 Important: idm:DL1 security update
Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: CVE-2024-2698 freeipa: delegation rules allow a proxy service to impersonate...
idm:DL1 security update
An update is available for module.pyusb, module.opendnssec, custodia, module.custodia, pyusb, module.python-kdcproxy, module.slapi-nis, opendnssec, python-yubico, slapi-nis, ipa-healthcheck, softhsm, module.python-qrcode, module.softhsm, module.ipa-healthcheck, python-qrcode, module.python-yubico...
gcc-toolset-13-annobin bug fix and enhancement update
An update is available for gcc-toolset-13-annobin. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
DL1 bug fix update
An update is available for custodia, module.custodia, pyusb, python-qrcode, module.slapi-nis, module.pyusb, module.softhsm, python-jwcrypto, python-kdcproxy, module.opendnssec, module.python-kdcproxy, module.ipa, ipa-healthcheck, softhsm, module.python-jwcrypto, ipa, opendnssec, python-yubico,...
nodejs security update
An update is available for nodejs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a software development platform for building fast and scalable...
RLSA-2023:4706 Important: subscription-manager security update
The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Rocky Enterprise Software Foundation entitlement platform. Security Fixes: subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allow...
RLSA-2022:7968 Low: virt-v2v security, bug fix, and enhancement update
The virt-v2v package provides a tool for converting virtual machines to use the KVM Kernel-based Virtual Machine hypervisor or Rocky Enterprise Software Foundation Enterprise Virtualization. The tool modifies both the virtual machine image and its associated libvirt metadata. Also, virt-v2v can...
virt-v2v security, bug fix, and enhancement update
An update is available for virt-v2v. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virt-v2v package provides a tool for converting virtual machines to use...
RLSA-2022:7470 Important: pki-core:10.6 and pki-deps:10.6 security and bug fix update
The Public Key Infrastructure PKI Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fixes: pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 For more details about the security issues, including the...
RLSA-2022:7326 Important: pki-core security update
The Public Key Infrastructure PKI Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fixes: pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 For more details about the security issues, including the...
insights-client bug fix and enhancement update
An update is available for insights-client. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Insights is a service that...
Satellite 6.11 Release
An update is available for libdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Satellite is a systems management tool for...
new packages: units
An update is available for units. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...