5404 matches found
Moderate: tigervnc security update
Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...
Low: krb5 security update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...
Moderate: harfbuzz security update
HarfBuzz is an implementation of the OpenType Layout engine. Security Fixes: harfbuzz: allows attackers to trigger On^2 growth via consecutive marks CVE-2023-25193 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer...
Moderate: podman security update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: net/http/internal: Denial of Service DoS via Resource Consumption via HTTP reques...
Important: golang security update
The golang packages provide the Go programming language compiler. Security Fixes: golang: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394...
Important: postgresql:10 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...
Important: postgresql:15 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...
Important: postgresql security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-5868 postgresql: extension script @substitutions@...
Moderate: dotnet7.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.114 and .NET Runtime 7.0.14...
Moderate: tang security and bug fix update
Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service. The tang package provides the server side of the Network Bound Disk Encryption NBDE project. Security Fixes: tang: Race condition exists in the key...
Moderate: LibRaw security update
LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: stack buffer overflow in LibRawbufferdatastream::gets in src/librawdatastream.cpp CVE-2021-32142 For more details about the security issues, including the...
Important: .NET 6.0 security, bug fix, and enhancement update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.121 and .NET Runtime 6.0.21...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Security Fixes: Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used...
Moderate: libeconf security update
Libeconf is a highly flexible and configurable library to parse and manage key=value configuration files. It reads configuration file snippets from different directories and builds the final configuration file from it. Security Fixes: libeconf: stack-based buffer overflow in readfile in...
Moderate: samba security and bug fix update
Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: SMB2 packet signing is not enforced when "server...
Moderate: java-1.8.0-openjdk security and bug fix update
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 OpenJDK: array indexing integer overflow issue 8304468...
Moderate: virt:rhel and virt-devel:rhel security and bug fix update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
Moderate: device-mapper-multipath security and bug fix update
The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes: device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 For more details about the securi...
Moderate: device-mapper-multipath security and bug fix update
The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes: device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 For more details about the securi...
Moderate: freeradius security and bug fix update
FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized authentication and authorization for a network. Security Fixes: freeradius: Information leakage in EAP-PWD CVE-2022-41859 freeradius: Crash on...
Moderate: sysstat security and bug fix update
The sysstat packages provide the sar and iostat commands. These commands enable system monitoring of disk, network, and other I/O activity. Security Fixes: sysstat: arithmetic overflow in allocatestructures on 32 bit systems CVE-2022-39377 For more details about the security issues, including the...
Moderate: poppler security and bug fix update
Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: integer overflow in JBIG2 decoder using malformed files CVE-2022-38784 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
Moderate: gdk-pixbuf2 security update
The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: heap-buffer overflow when decoding the lzw compressed stream of image data CVE-2021-44648 gdk-pixbu...
Important: webkit2gtk3 security update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: WebKitGTK: Regression of CVE-2023-28205 fixes in the AlmaLinux CVE-2023-2203 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Moderate: tar security update
The GNU tar program can save multiple files in an archive and restore files from an archive. Security Fixes: tar: heap buffer overflow at fromheader in list.c via specially crafted checksum CVE-2022-48303 For more details about the security issues, including the impact, a CVSS score,...
Moderate: postgresql:10 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Extension scripts replace objects not belonging to the extension. CVE-2022-2625 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...
Important: squid:4 security update
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: DoS when processing gopher server responses CVE-2021-46784 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
Important: pcs security update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: sinatra: path traversal possible outside of publicdir when serving static files CVE-2022-29970 For more details about the security issues, including the impact, a CVSS score,...
java-1.8.0-openjdk bug fix and enhancement update
This erratum reinstates changes made to java-1.8.0-openjdk in AlmaLinux 8.6 GA. The original builds for AlmaLinux 8.6 GA will have been superseded by newer binaries released as part of the April 2022 security update for AlmaLinux 8.5. For detailed information on changes in this release, see the...
Moderate: libsndfile security update
libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: heap out-of-bounds read in src/flac.c in flacbuffercopy CVE-2021-4156 For more details about the security issues, including the impact, a CVSS score,...
Moderate: libtiff security update
The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: a buffer overflow via the "invertImage" may lead to DoS CVE-2020-19131 For more details about the security issues, including the impact, a CVSS score, acknowledgments...
Moderate: qt5-qtbase security update
Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qt: out-of-bounds write in QOutlineMapper::convertPath called from QRasterPaintEngine::fill and QPaintEngineEx::stroke CVE-2021-38593 For mor...
Moderate: libreoffice security, bug fix, and enhancement update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
Moderate: fetchmail security update
Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6, and IPSEC for retrieval...
python-suds bug fix and enhancement update
The suds project is a python soap web services client lib. Suds leverages python meta programming to provide an intuitive API for consuming web services. Objectification of types defined in the WSDL is provided without class generation. Programmers rarely need to read the WSDL since services and...
Moderate: polkit security update
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Security Fixes: polkit: file descriptor leak allows an unprivileged user to cause a crash...
Important: gzip security update
The gzip packages contain the gzip GNU zip data compression utility. gzip is used to compress regular files. It replaces them with files containing the .gz extension, while retaining ownership modes, access, and modification times. Security Fixes: gzip: arbitrary-file-write vulnerability...
Moderate: cryptsetup security update
The cryptsetup packages provide a utility for setting up disk encryption using the dm-crypt kernel module. Security Fixes: cryptsetup: disable encryption via header rewrite CVE-2021-4122 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Security Fixes: Mozilla: Iframe sandbox bypass with XSLT CVE-2021-4140 Mozilla: Race condition when playing audio files CVE-2022-2273...
Moderate: gcc-toolset-10-binutils security update
The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: Developer environment:...
Moderate: gnutls and nettle security, bug fix, and enhancement update
The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages...
Moderate: libjpeg-turbo security and bug fix update
The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fixes: libjpeg-turbo:...
Low: tcpdump security and bug fix update
The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. Security Fixes: tcpdump: ppp decapsulator can be convinced to allocate a large amount of memory...
NetworkManager bug fix and enhancement update
NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...
Moderate: libsolv security update
The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fixes: libsolv: heap-based buffer overflow in poolinstallable in src/repo.h CVE-2021-33928 libsolv: heap-based buffer overflow in pooldisabledsolvable in src/repo.h CVE-2021-33929...
Important: flatpak security update
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Sandbox bypass via recent VFS-manipulating syscalls CVE-2021-41133 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...
.NET Core 3.1 bugfix update
.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update .NET Core 3.1 to SDK 3.1.117 and Runtime 3.1.17 BZ1978407...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.11.0. Security Fixes: Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 CVE-2021-29967 Mozilla: Thunderbird stored OpenPGP secret keys without master password protecti...
Moderate: qt5-qtbase security and bug fix update
Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qt: buffer over-read in readxbmbody in gui/image/qxbmhandler.cpp CVE-2020-17507 For more details about the security issues, including the...
libarchive bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...