5315 matches found
Moderate: xorg-x11-server-Xwayland security update
Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367 xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions CVE-2023-6377 xorg-x11-server: out-of-bounds...
Moderate: ansible-core bug fix, enhancement, and security update
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
Moderate: buildah security update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
Moderate: buildah bug fix update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
Moderate: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...
Moderate: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 grafana: vulnerable to authorization bypass CVE-2024-1313 For more...
Moderate: Image builder components bug fix, enhancement and security update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fixes: osbuild-composer: race condition may disable GPG verification for package repositories CVE-2024-2307 For more details about the security issues,...
Important: grafana-pcp security update
grafana-pcp is an open source Grafana plugin for PCP. Security Fixes: grafana-pcp: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Moderate: mingw components security update
MinGW Minimalist GNU for Windows is a free and open source software development environment to create Microsoft Windows applications. Security Fixes: binutils: Heap-buffer-overflow binutils-gdb/bfd/libbfd.c in bfdgetl64 CVE-2023-1579 For more details about the security issues, including the impac...
Moderate: traceroute security update
The traceroute utility displays the route used by IP packets on their way to a specified network or Internet host. Security Fixes: traceroute: improper command line parsing CVE-2023-46316 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
Moderate: pcs security update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing CVE-2024-25126 rubygem-rack: Possible DoS Vulnerability with Range Header in Rack CVE-2024-26141...
Moderate: mutt security update
Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fixes: mutt: null pointer dereference CVE-2023-4874 mutt: null pointer dereference...
Moderate: skopeo security and bug fix update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms...
Moderate: libvirt security and bug fix update
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fixes: libvirt: off-by-one error in udevListInterfacesByStatus...
Moderate: sssd security and bug fix update
The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...
Important: golang security update
The golang packages provide the Go programming language compiler. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 golang: net/http/cookiejar: incorrect...
Moderate: grub2 security update
The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2:...
Low: mingw-glib2 security update
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GVariant offset table...
Moderate: toolbox security update
Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fixes: golang: html/template: improper handling of HTML-like comments within script contexts...
Moderate: tcpdump security update
The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. Security Fixes: tcpslice: use-after-free in extractslice CVE-2021-41043 For more details about th...
Moderate: qemu-kvm security update
Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: QEMU: e1000e: heap use-after-free in e1000ewritepackettoguest CVE-2023-3019...
Moderate: xorg-x11-server security update
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367...
Moderate: skopeo security update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. CVE-2023-45287 For more details about the security...
Moderate: podman security and bug fix update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in...
Moderate: mod_jk and mod_proxy_cluster security update
The modjk module is a plugin for the Apache HTTP Server to connect it with the Apache Tomcat servlet engine. The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: httpd: Apache Tomcat Connectors modjk Information Disclosure...
Moderate: mod_http2 security update
The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Moderate: runc security update
The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: golang: io/fs: stack exhaustion in Glob CVE-2022-30630 golang: compress/gzip: stack exhaustion in Reader.Read CVE-2022-30631 golang: path/filepath: stack...
Moderate: libvirt security update
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fixes: libvirt: NULL pointer dereference in...
Moderate: python3.11-cryptography security update
The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fixes: python-cryptography: NULL-dereference when loading PKCS7 certificates CVE-2023-49083 For more details...
Moderate: httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Moderate: gstreamer1-plugins-base security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. Security Fixes: gstreamer-plugins-base: heap overwrite in subtitle parsing CVE-2023-37328 For more details...
Moderate: python-jinja2 security update
The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Security Fixes: jinja2: HTML attribute injection when passing user input as keys to xmlattr...
Moderate: zziplib security update
The zziplib is a lightweight library to easily extract data from zip files. Security Fixes: zziplib: invalid memory access at zzipdiskentrytofileheader in mmapped.c CVE-2020-18770 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Important: tigervnc security update
Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...
Moderate: ipa security update
AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: freeipa: specially crafted HTTP requests potentially lead to denial of service CVE-2024-1481 For more...
Moderate: fence-agents security and bug fix update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: urllib3: Request body not stripped after redirect from 303 status chang...
Moderate: python3.11-urllib3 security update
The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 For more details about the security issues, including the impact, a CVSS...
Moderate: podman security update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: net/http/internal: Denial of Service DoS via Resource Consumption via HTTP reques...
Moderate: motif security update
The motif packages include the Motif shared libraries needed to run applications which are dynamically linked against Motif, as well as MWM, the Motif Window Manager. Security Fixes: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer CVE-2023-43788 libXpm: out of bounds read on XPM with...
Moderate: qt5-qtbase security update
Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qt: incorrect integer overflow check CVE-2023-51714 qtbase: potential buffer overflow when reading KTX images CVE-2024-25580 For more details...
Moderate: gstreamer1-plugins-bad-free security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with...
Moderate: gnutls security update
The gnutls package provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 gnutls: potential crash during chain...
Low: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...
Important: bind security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
Moderate: libjpeg-turbo security update
The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fixes: libjpeg-turbo:...
Moderate: libtiff security update
The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: infinite loop via a crafted TIFF file CVE-2022-40090 libtiff: segmentation fault in Fax3Encode in libtiff/tiffax3.c CVE-2023-3618 libtiff: integer overflow in tiffcp....
Moderate: harfbuzz security update
HarfBuzz is an implementation of the OpenType Layout engine. Security Fixes: harfbuzz: allows attackers to trigger On^2 growth via consecutive marks CVE-2023-25193 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer...
Moderate: freeglut security update
freeglut is a completely open source alternative to the OpenGL Utility Toolkit GLUT library with an OSI approved free software license. Security Fixes: freeglut: memory leak via glutAddSubMenu function CVE-2024-24258 freeglut: memory leak via glutAddMenuEntry function CVE-2024-24259 For more...
Low: LibRaw security update
LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: a heap-buffer-overflow in raw2imageex CVE-2023-1729 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
Moderate: libX11 security update
The libX11 packages contain the core X11 protocol client library. Security Fixes: libX11: out-of-bounds memory access in XkbReadKeySyms CVE-2023-43785 libX11: stack exhaustion from infinite recursion in PutSubImage CVE-2023-43786 libX11: integer overflow in XCreateImage leading to a heap overflow...