28 matches found
RLSA-2024:2228 Moderate: perl security update
Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: Write past buffer end via illegal user-defined Unicode property CVE-2023-47038 For more details about the security issues, including the impact, a CVSS...
RLSA-2024:2217 Moderate: motif security update
The motif packages include the Motif shared libraries needed to run applications which are dynamically linked against Motif, as well as MWM, the Motif Window Manager. Security Fixes: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer CVE-2023-43788 libXpm: out of bounds read on XPM with...
RLSA-2024:2145 Moderate: libX11 security update
The libX11 packages contain the core X11 protocol client library. Security Fixes: libX11: out-of-bounds memory access in XkbReadKeySyms CVE-2023-43785 libX11: stack exhaustion from infinite recursion in PutSubImage CVE-2023-43786 libX11: integer overflow in XCreateImage leading to a heap overflow...
RLSA-2024:2211 Moderate: tcpdump security update
The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. Security Fixes: tcpslice: use-after-free in extractslice CVE-2021-41043 For more details about th...
RLSA-2024:2146 Moderate: libXpm security update
X.Org X11 libXpm runtime library. Security Fixes: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer CVE-2023-43788 libXpm: out of bounds read on XPM with corrupted colormap CVE-2023-43789 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
RLSA-2024:2525 Moderate: mingw-pixman security update
Pixman is a pixel manipulation library for the X Window System and Cairo. Security Fixes: pixman: Integer overflow in pixmansamplefloory leading to heap out-of-bounds write CVE-2022-44638 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
RLSA-2024:2199 Important: pmix security update
The Process Management Interface PMI provides process management functions for MPI implementations. PMI Exascale PMIx provides an extended version of the PMI standard specifically designed to support clusters up to and including exascale sizes. Security Fixes: pmix: race condition allows attacker...
RLSA-2024:2353 Moderate: mingw components security update
MinGW Minimalist GNU for Windows is a free and open source software development environment to create Microsoft Windows applications. Security Fixes: binutils: Heap-buffer-overflow binutils-gdb/bfd/libbfd.c in bfdgetl64 CVE-2023-1579 For more details about the security issues, including the impac...
RLSA-2024:2377 Moderate: zziplib security update
The zziplib is a lightweight library to easily extract data from zip files. Security Fixes: zziplib: invalid memory access at zzipdiskentrytofileheader in mmapped.c CVE-2020-18770 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
RLSA-2024:2137 Low: LibRaw security update
LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: a heap-buffer-overflow in raw2imageex CVE-2023-1729 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
RLSA-2024:2410 Moderate: harfbuzz security update
HarfBuzz is an implementation of the OpenType Layout engine. Security Fixes: harfbuzz: allows attackers to trigger On^2 growth via consecutive marks CVE-2023-25193 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer...
RLSA-2024:2483 Moderate: traceroute security update
The traceroute utility displays the route used by IP packets on their way to a specified network or Internet host. Security Fixes: traceroute: improper command line parsing CVE-2023-46316 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
libzpc bug fix and enhancement update
An update is available for libzpc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.4...
mingw-qemu-ga-win bug fix and enhancement update
An update is available for mingw-qemu-ga-win. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
RLSA-2024:2337 Moderate: python3.11-cryptography security update
The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fixes: python-cryptography: NULL-dereference when loading PKCS7 certificates CVE-2023-49083 For more details...
RLSA-2024:2366 Moderate: freeglut security update
freeglut is a completely open source alternative to the OpenGL Utility Toolkit GLUT library with an OSI approved free software license. Security Fixes: freeglut: memory leak via glutAddSubMenu function CVE-2024-24258 freeglut: memory leak via glutAddMenuEntry function CVE-2024-24259 For more...
RLSA-2024:2278 Moderate: httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
python3.11-cryptography security update
An update is available for python3.11-cryptography. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-cryptography packages contain a Python Cryptograph...
python3.12-cffi bug fix and enhancement update
An update is available for python3.12-cffi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
RLSA-2024:2287 Moderate: gstreamer1-plugins-bad-free security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with...