Lucene search
K
AlmalinuxRecent

5315 matches found

AlmaLinux
AlmaLinux
•added 2024/07/18 12:0 a.m.•35 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 CVE-2024-6604 Mozilla: Race condition in permission assignment CVE-2024-6601 Mozilla: Memory corruption in thread creation...

7.5CVSS8AI score0.0054EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/07/18 12:0 a.m.•41 views

Important: libndp security update

Libndp is a library used by NetworkManager that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages. Security Fixes: libndp: buffer overflow in route information length field CVE-2024-5564 For more details about...

8.1CVSS7.5AI score0.01165EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/18 12:0 a.m.•28 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: Mozilla: Race condition in permission assignment CVE-2024-6601 Mozilla: Memory corruption in thread creation CVE-2024-6603 Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13...

7.5CVSS8AI score0.0054EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/07/18 12:0 a.m.•31 views

Important: qt5-qtbase security update

Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qtbase: qtbase: Delay any communication until encrypted can be responded to CVE-2024-39936 For more details about the security issues,...

8.6CVSS6.9AI score0.00494EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/17 12:0 a.m.•109 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: TIPC message reassembly use-after-free remote code execution vulnerability CVE-2024-36886 kernel: ethernet: hisilicon: hns: hnsdsafmisc: fix a possible array overflow in hnsdsafgesrstbypo...

9.8CVSS8.7AI score0.01358EPSS
Exploits1References36
AlmaLinux
AlmaLinux
•added 2024/07/17 12:0 a.m.•36 views

Important: java-21-openjdk security update

The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessive...

7.4CVSS7.5AI score0.01257EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2024/07/17 12:0 a.m.•39 views

Important: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessiv...

7.4CVSS7.4AI score0.01257EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2024/07/17 12:0 a.m.•80 views

Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessive...

7.4CVSS7.5AI score0.01257EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2024/07/16 12:0 a.m.•39 views

Important: java-11-openjdk security update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessive...

7.4CVSS5.4AI score0.01257EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2024/07/15 12:0 a.m.•28 views

Important: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 For more details about the securit...

7.5CVSS7.5AI score0.01533EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/11 12:0 a.m.•80 views

Moderate: ruby security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-uri: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755 CVE-2023-36617 ruby: Buffer overread vulnerability...

9.8CVSS7.1AI score0.02637EPSS
Exploits1References12
AlmaLinux
AlmaLinux
•added 2024/07/11 12:0 a.m.•31 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 CVE-2024-6604 Mozilla: Race condition in permission assignment CVE-2024-6601...

7.5CVSS8.1AI score0.0054EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/07/11 12:0 a.m.•21 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 CVE-2024-6604 Mozilla: Race condition in permission assignment CVE-2024-6601...

7.5CVSS8.1AI score0.0054EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/07/10 12:0 a.m.•45 views

Important: dotnet8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.107 and Runtime 8.0.7. Security...

8.1CVSS7.5AI score0.02915EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/07/10 12:0 a.m.•23 views

Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Possible remote code execution due to a race condition in signal handling affecting...

7CVSS8.2AI score0.27935EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/07/10 12:0 a.m.•32 views

Important: dotnet8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.107 and Runtime 8.0.7. Security...

8.1CVSS7.5AI score0.02915EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/07/09 12:0 a.m.•52 views

Important: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

7.8CVSS7.7AI score0.00333EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/09 12:0 a.m.•22 views

Moderate: dotnet6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.132 and Runtime 6.0.32...

7.5CVSS7.4AI score0.02719EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/09 12:0 a.m.•38 views

Moderate: fence-agents security update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: urllib3: proxy-authorization request header is not stripped during...

6.5CVSS7AI score0.01141EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/07/09 12:0 a.m.•31 views

Moderate: dotnet6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.132 and Runtime 6.0.32. Security...

7.5CVSS7.7AI score0.02719EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/08 12:0 a.m.•30 views

Important: pki-core security update

The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: dogtag ca: token authentication bypass vulnerability CVE-2023-4727 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

7.5CVSS7.1AI score0.00659EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/08 12:0 a.m.•32 views

Low: virt:rhel and virt-devel:rhel security and bug fix update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

6.2CVSS6.4AI score0.00486EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/08 12:0 a.m.•27 views

Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

6.5CVSS7.1AI score0.008EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/08 12:0 a.m.•79 views

Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: tls CVE-2024-26585,CVE-2024-26584, CVE-2024-26583 kernel-rt: kernel: PCI interrupt mapping cause oops almalinux-8 CVE-2021-46909...

9.1CVSS7.5AI score0.01401EPSS
Exploits1References118
AlmaLinux
AlmaLinux
•added 2024/07/08 12:0 a.m.•34 views

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads...

7.5CVSS7.8AI score0.01533EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/08 12:0 a.m.•55 views

Moderate: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/mlx5e: Fix operation precedence bug in port timestamping napipoll context CVE-2023-52626 kernel: Bluetooth: Avoid potential use-after-free in hcierrorreset CVE-2024-26801 kernel:...

9.1CVSS7.3AI score0.01401EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2024/07/08 12:0 a.m.•19 views

Important: gvisor-tap-vsock security update

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fixes:...

7.5CVSS7.8AI score0.01533EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/08 12:0 a.m.•21 views

Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

7.5CVSS7.8AI score0.01533EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/03 12:0 a.m.•59 views

Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Possible remote code execution due to a race condition in signal handling...

8.1CVSS7.9AI score0.99506EPSS
Exploits68References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•27 views

Moderate: python3.11-PyMySQL security update

This package contains a pure-Python MySQL client library. The goal of PyMySQL is to be a drop-in replacement for MySQLdb and work on CPython, PyPy, IronPython and Jython. Security Fixes: python-pymysql: SQL injection if used with untrusted JSON input CVE-2024-36039 For more details about the...

6.3CVSS8.2AI score0.00691EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•48 views

Moderate: python-jinja2 security update

The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Security Fixes: jinja2: accepts keys containing non-attribute characters CVE-2024-34064 For...

5.4CVSS7.2AI score0.00979EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•21 views

Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

6.5CVSS7AI score0.01008EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•22 views

Important: 389-ds security update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ...

7.5CVSS6.9AI score0.01256EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•40 views

Moderate: iperf3 security update

Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss. Security Fixes: iperf3: possible denial of service CVE-2023-7250 iperf3: vulnerable to marvin attack if the authentication option...

5.9CVSS7.4AI score0.01107EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•20 views

Moderate: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.3CVSS8.2AI score0.00691EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•32 views

Moderate: container-tools security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON CVE-2024-24786 For mo...

7.5CVSS7.2AI score0.01262EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•34 views

Moderate: go-toolset security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses CVE-2024-2479...

9.8CVSS7.3AI score0.01952EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•32 views

Moderate: nghttp2 security update

libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 HTTP/2 protocol in C. Security Fixes: nghttp2: CONTINUATION frames DoS CVE-2024-28182 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refe...

5.3CVSS7.2AI score0.8496EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•27 views

Moderate: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.2CVSS7.2AI score0.00333EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•24 views

Low: c-ares security update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Out of bounds read in aresreadline CVE-2024-25629 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

5.5CVSS7.2AI score0.00349EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•60 views

Moderate: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: kernel: Reserved fields in guest message responses may not be zero initialized CVE-2023-31346 For more details about the security issues, including the impact, a CVSS...

6CVSS7AI score0.00309EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•27 views

Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: buffer overflow in imagingcms.c CVE-2024-28219 For more details about...

6.7CVSS7.8AI score0.00989EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•20 views

Moderate: libuv security update

libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fixes: libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.3CVSS7.3AI score0.02003EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•39 views

Moderate: xmlrpc-c security and bug fix update

XML-RPC is a remote procedure call RPC protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC remote procedure call over the Internet. It converts an RPC into an XML document,...

7.5CVSS7.4AI score0.01815EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•30 views

Moderate: fontforge security update

FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: command injection via crafted filenames CVE-2024-25081...

6.5CVSS7.9AI score0.0187EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•39 views

Important: less security update

The "less" utility is a text file browser that resembles "more", but allows users to move backwards in the file as well as forwards. Since "less" does not read the entire input file at startup, it also starts more quickly than ordinary text editors. Security Fixes: less: OS command injection...

8.6CVSS7.7AI score0.01059EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•31 views

Moderate: python-idna security update

The hsakmt packages include a thunk library for AMD's Heterogeneous System Architecture HSA Linux kernel driver amdkfd. Security Fixes: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 For more details about the security issues, includi...

7.5CVSS7.1AI score0.01386EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•24 views

Moderate: cups security update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: Cupsd Listen arbitrary chmod 0140777 CVE-2024-35235 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

6.7CVSS7.4AI score0.02421EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•32 views

Low: openldap security update

OpenLDAP is an open-source suite of Lightweight Directory Access Protocol LDAP applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. Security Fixes: openldap: null pointer dereference in bermemallo...

7.5CVSS7AI score0.01947EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•94 views

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack CVE-2020-26555 kernel:TCP-spoofed ghost ACKs and leak leak initial sequence number...

9.1CVSS7.4AI score0.01401EPSS
Exploits1References124
Total number of security vulnerabilities5315