5315 matches found
Moderate: linux-firmware security update
The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: kernel: Reserved fields in guest message responses may not be zero initialized CVE-2023-31346 For more details about the security issues, including the impact, a CVSS...
Important: 389-ds security update
389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ...
Moderate: httpd:2.4/httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd:2.4: httpd: HTTP response splitting CVE-2023-38709 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Important: pki-core security update
The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: dogtag ca: token authentication bypass vulnerability CVE-2023-4727 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
Important: python3.11 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Important: python3.9 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Important: git security update
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to wo...
Important: git security update
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to wo...
Important: python3.11 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Moderate: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...
Important: ghostscript security update
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: OPVP device arbitrary code execution via custom Driver library...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fixes: thunderbird: Use-after-free in networking CVE-2024-5702 thunderbird: Use-after-free in JavaScript object transplant CVE-2024-5688 thunderbird: External protocol...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fixes: thunderbird: Use-after-free in networking CVE-2024-5702 thunderbird: Use-after-free in JavaScript object transplant CVE-2024-5688 thunderbird: External protocol...
Important: ghostscript security update
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: OPVP device arbitrary code execution via custom Driver library...
Moderate: container-tools:rhel8 bug fix and enhancement update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: jose-go: improper handling of highly compressed data CVE-2024-28180 buildah: jose-go: improper handling of highly compressed data CVE-2024-28180 podman: jose-g...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.12.0 ESR. Security Fixes: firefox: Use-after-free in networking CVE-2024-5702 firefox: Use-after-free in JavaScript object transplant...
Important: flatpak security update
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: sandbox escape via RequestBackground portal CVE-2024-32462 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.12.0 ESR. Security Fixes: firefox: Use-after-free in networking CVE-2024-5702 firefox: Use-after-free in JavaScript object transplant...
Important: flatpak security update
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: sandbox escape via RequestBackground portal CVE-2024-32462 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...
Moderate: fence-agents security update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: jinja2: accepts keys containing non-attribute characters CVE-2024-34064...
Low: c-ares security update
The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Out of bounds read in aresreadline CVE-2024-25629 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Moderate: podman security and bug fix update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: jose-go: improper handling of highly compressed data CVE-2024-28180 podman: golan...
Moderate: gdk-pixbuf2 security update
The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf2: heap memory corruption on gdk-pixbuf CVE-2022-48622 For more details about the security issues,...
Important: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
Important: 389-ds-base security update
389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ...
Moderate: cockpit security update
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: command injection when deleting a sosreport with a crafted...
Moderate: ruby security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.0. AlmaLinux-35740 Security Fixes: ruby/cgi-gem: HTTP response...
Moderate: containernetworking-plugins security and bug fix update
The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...
Moderate: buildah security and bug fix update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
Moderate: python-idna security update
The hsakmt packages include a thunk library for AMD's Heterogeneous System Architecture HSA Linux kernel driver amdkfd. Security Fixes: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651...
Moderate: gvisor-tap-vsock security and bug fix update
A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fixes: golang:...
Moderate: rpm-ostree security update
The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used both on client systems and on server-side composes. The rpm-ostree-client package provides commands for client systems to perform upgrades and...
Important: idm:DL1 security update
AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: CVE-2024-2698 freeipa: delegation rules allow a proxy service to impersonate any user to access another...
Important: ipa security update
AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: freeipa: delegation rules allow a proxy service to impersonate any user to access another target service...
Moderate: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.11.0 ESR. Security Fixes: firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsi...
Moderate: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.11.0. Security Fixes: firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox: Potential...
Moderate: ruby:3.3 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.3. AlmaLinux-37446 Security Fixes: ruby: Buffer overread vulnerabili...
Moderate: ruby:3.1 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.1. AlmaLinux-35449 Security Fixes: ruby: Buffer overread vulnerabili...
Moderate: ruby:3.3 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.3. AlmaLinux-37697 Security Fixes: ruby: Buffer overread vulnerabili...
Important: booth security update
The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network...
Moderate: cockpit security update
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: command injection when deleting a sosreport with a crafted...
Important: tomcat security and bug fix update
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Tomcat: HTTP/2 header handling DoS CVE-2024-24549 Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 Bug Fixes: Rebase tomcat to version 9.0.87...
Important: booth security update
The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network...
Moderate: kernel update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation CVE-2023-6240 kernel: Information disclosure in vhost/vhost.c:vhostnewmsg CVE-2024-0340 kernel: untrusted VMM can...
Moderate: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref CVE-2024-26735 kernel: fs: sysfs: Fix reference leak in sysfsbreakactiveprotection CVE-2024-26993 For more details about the...
Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: use-after-free in XMLReader CVE-2024-25062 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...
Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation CVE-2023-6240 kernel: Information disclosure in...
Moderate: ruby:3.1 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Buffer overread vulnerability in StringIO CVE-2024-27280...
Moderate: ruby:3.0 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS...
Moderate: nghttp2 security update
libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 HTTP/2 protocol in C. Security Fixes: nghttp2: CONTINUATION frames DoS CVE-2024-28182 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refe...