5323 matches found
Moderate: expat security update
Expat is a C library for parsing XML documents. Security Fixes: expat: large number of colons in input makes parser consume high amount of resources, leading to DoS CVE-2018-20843 expat: heap-based buffer over-read via crafted XML input CVE-2019-15903 For more details about the security issues,...
Moderate: opensc security, bug fix, and enhancement update
The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. The following packages have been upgraded to a later upstream...
Moderate: libgcrypt security, bug fix, and enhancement update
The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. The following packages have been upgraded to a later upstream version: libgcrypt 1.8.5. BZ1764918 Security Fixes: libgcrypt: ECDSA timing attack allowing private key leak CVE-2019-13627 For more...
Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c CVE-2019-19956 libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c CVE-2019-20388 libxml2: infinite loop i...
iproute bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
filesystem bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
nvme-cli bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
libseccomp bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Low: cups security and bug fix update
The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: heap based buffer overflow in libcups's ppdFindOption in ppd-mark.c CVE-2020-3898 For more details about the security issues, including the impact, a CVSS...
lsof bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
shadow-utils bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
pam bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Low: binutils security update
The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: binutils: denial of service v...
Moderate: libxslt security update
libxslt is a library for transforming XML files into other textual formats including HTML, plain text, and other XML representations of the underlying data using the standard XSLT stylesheet transformation mechanism. Security Fixes: libxslt: xsltCheckRead and xsltCheckWrite routines security bypa...
initscripts bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
firewalld bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
procps-ng bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
setup bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
openldap bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
rdma-core bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
chkconfig bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
coreutils bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: vim security update
Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: users can execute arbitrary OS commands via scripting interfaces in the rvim restricted mode CVE-2019-20807 For more details about the security issues, including the impact, a CVSS score, acknowledgments, an...
libhugetlbfs bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: GNOME security, bug fix, and enhancement update
GNOME is the default desktop environment of AlmaLinux. The following packages have been upgraded to a later upstream version: gnome-remote-desktop 0.1.8, pipewire 0.3.6, vte291 0.52.4, webkit2gtk3 2.28.4, xdg-desktop-portal 1.6.0, xdg-desktop-portal-gtk 1.6.0. BZ1775345, BZ1779691, BZ1817143,...
rasdaemon bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
lz4 bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
gssproxy bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: librabbitmq security update
The librabbitmq packages provide an Advanced Message Queuing Protocol AMQP client library that allows you to communicate with AMQP servers using protocol version 0-9-1. Security Fixes: librabbitmq: integer overflow in amqphandleinput in amqpconnection.c leads to heap-based buffer overflow...
Moderate: libarchive security update
The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...
Moderate: sqlite security update
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...
glusterfs bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
openssh bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
ledmon bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
python-setuptools bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Low: gnome-software and fwupd security, bug fix, and enhancement update
The gnome-software packages contain an application that makes it easy to add, remove, and update software in the GNOME desktop. The appstream-data package provides the distribution specific AppStream metadata required for the GNOME and KDE software centers. The fwupd packages provide a service th...
abrt bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
net-tools bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: python3 security and bug fix update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Moderate: python-pip security update
pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index PyPI. pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". Security Fixes: python-pip:...
Moderate: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use after free in the video driver leads to local privilege escalation CVE-2019-9458 kernel: use-after-free in drivers/bluetooth/hcildisc.c CVE-2019-15917 kernel: out-of-bounds access in...
Moderate: nodejs:12 security and bug fix update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.18.4. Security Fixes: nodejs-dot-prop: prototype pollution CVE-2020-8116 nodejs:...
Important: virt:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
Important: mysql:8.0 security update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.21. Security Fixes: mysql: Server: Security: Privileges multiple...
Moderate: php:7.3 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.3.20. BZ1856655 Security Fixes: php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer...
zlib bug fix and enhancement update
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Bug Fixes and Enhancements: AlmaLinux8.2 - zlib on s390x may produce incomplete raw but not gzip/zlib streams BZ1860952 AlmaLinux8.2 - raw zlib test failed with DFLTCCLEVELMASK s...
Moderate: libcroco security update
The libcroco is a standalone Cascading Style Sheet level 2 CSS2 parsing and manipulation library. Security Fixes: libcroco: Stack overflow in function crparserparseanycore in cr-parser.c CVE-2020-12825 For more details about the security issues, including the impact, a CVSS score, acknowledgments...
Important: libvncserver security update
LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Security Fixes: libvncserver: websocket decoding buffer overflow CVE-2017-18922 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
ca-certificates bug fix and enhancement update
The ca-certificates package contains a set of Certificate Authority CA certificates chosen by the Mozilla Foundation for use with the Internet Public Key Infrastructure PKI. Bug Fixes and Enhancements: Annual AlmaLinux 8 ca-certificates update 2020 to nss 3.53 for Firefox 78 BZ1849732 circular...
Moderate: nss and nspr security, bug fix, and enhancement update
Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. The following packages have been upgrad...