23 matches found
RLSA-2022:7745 Moderate: freetype security update
FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: FreeType: Buffer overflow in sfntinitface CVE-2022-27404 FreeType: Segmentation violation via FNTSizeRequest CVE-2022-27405...
RLSA-2022:7715 Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Incorrect server side include parsing can lead to XSS CVE-2016-3709 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...
RLSA-2022:7704 Moderate: webkit2gtk3 security and bug fix update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functio...
RLSA-2022:7700 Moderate: gdisk security update
The gdisk packages provide the gdisk partitioning utility for GUID Partition Table GPT disks. The utility features a command-line interface similar to fdisk, direct manipulation of partition table structures, recovery tools to deal with corrupt partition tables, and the ability to convert Master...
RLSA-2022:7692 Moderate: xmlrpc-c security update
XML-RPC is a remote procedure call RPC protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC remote procedure call over the Internet. It converts an RPC into an XML document,...
kernel security, bug fix, and enhancement update
An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
RLSA-2022:7648 Moderate: grafana-pcp security update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header...
openjpeg2 security update
An update is available for openjpeg2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenJPEG is an open source library for reading and writing image files in...
RLSA-2022:7643 Important: bind9.16 security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
RLSA-2022:7628 Moderate: php:7.4 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.4.30, php-pear 1.10.13. BZ2055422 Security Fixes: php: Special character breaks path in xml parsing CVE-2021-21707 php: Use after free...
haproxy bug fix and enhancement update
An update is available for haproxy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.7...
RLSA-2022:7585 Moderate: libtiff security update
The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: Denial of Service via crafted TIFF file CVE-2022-0561 libtiff: Null source pointer lead to Denial of Service via crafted TIFF file CVE-2022-0562 libtiff: reachable...
RLSA-2022:7583 Moderate: xorg-x11-server and xorg-x11-server-Xwayland security and bug fix update
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: X.Org Server ProcXkbSetGeometry...
python38:3.8 and python38-devel:3.8 security update
An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-urllib3, PyYAML, python-attrs, python-jinja2, python-requests, python-atomicwrites, modwsgi, python3x-pip, python38, python-asn1crypto, python-chardet, python-markupsafe,...
RLSA-2022:7548 Low: Image Builder security, bug fix, and enhancement update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fixes: golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service...
RLSA-2022:7529 Moderate: container-tools:3.0 security update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 golang...
qt5-qtmultimedia bug fix and enhancement update
An update is available for qt5-qtmultimedia. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
qt5-qtbase bug fix and enhancement update
An update is available for qt5-qtbase. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8...
RLSA-2022:7469 Moderate: container-tools:4.0 security and bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 golang: crash in a golang.org/x/crypto/ssh server CVE-2022-27191 runc: incorrect handlin...
RLSA-2022:7458 Moderate: flatpak-builder security and bug fix update
Flatpak-builder is a tool for building flatpaks from sources. Security Fixes: flatpak: flatpak-builder --mirror-screenshots-url can access files outside the build directory CVE-2022-21682 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...