5315 matches found
Important: nodejs:20 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 nodejs: permission model improperly...
Moderate: protobuf-c security update
The protobuf-c packages provide C bindings for Google's Protocol Buffers. Security Fixes: protobuf-c: unsigned integer overflow in parserequiredmember CVE-2022-48468 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, ref...
Moderate: libfastjson security update
The libfastjson library provides essential JavaScript Object Notation JSON handling functions. The library enables users to construct JSON objects in C, output them as JSON-formatted strings, and convert JSON-formatted strings back to the C representation of JSON objects. Security Fixes: json-c,...
Moderate: libX11 security update
The libX11 packages contain the core X11 protocol client library. Security Fixes: libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow CVE-2023-3138 For more details about the security issues, including the impact, a CVSS...
Moderate: container-tools:4.0 security and bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: net/http: insufficient sanitization of Host header CVE-2023-29406 For more details about the security issues, including the impact, a CVSS score,...
Important: webkit2gtk3 security and bug fix update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: arbitrary code execution CVE-2023-32393 webkitgtk: bypass Same Origin Policy CVE-2023-38572 webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-38592...
Low: tpm2-tss security and enhancement update
The tpm2-tss packages provide the Intel implementation of the Trusted Platform Module TPM 2.0 System API library. This library enables programs to interact with TPM 2.0 devices Security Fixes: tpm2-tss: Buffer Overlow in TSS2RCDecode CVE-2023-22745 For more details about the security issues,...
Moderate: python38:3.8 and python38-devel:3.8 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Moderate: python-cryptography security update
The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fixes: python-cryptography: memory corruption via immutable objects CVE-2023-23931 For more details about the...
Moderate: fwupd security update
The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Moderate: python3.11-pip security update
pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index PyPI. pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". Security Fixes: python: tarfile...
Low: libpq security update
The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: Client memory disclosure when connecting with Kerberos to modified server CVE-2022-41862 For more details about the security issues, including the...
Moderate: ruby:2.5 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: Buffer overrun in String-to-Float conversion CVE-2022-28739 ruby...
Moderate: perl-HTTP-Tiny security update
HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl. Security Fixes: http-tiny: insecure TLS cert default CVE-2023-31486 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in th...
Moderate: cups security and bug fix update
The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: heap buffer overflow may lead to DoS CVE-2023-32324 cups: use-after-free in cupsdAcceptClient in scheduler/client.c CVE-2023-34241 For more details about t...
Moderate: python3 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Moderate: xorg-x11-server-Xwayland security and bug fix update
Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability CVE-2023-1393 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...
Moderate: edk2 security and bug fix update
EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Function GetEfiGlobalVariable2 return value not checked in DxeImageVerificationHandler CVE-2019-14560 For more details...
Moderate: grafana security and enhancement update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: account takeover possible when using Azure AD OAuth CVE-2023-3128 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...
Moderate: tang security and bug fix update
Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service. The tang package provides the server side of the Network Bound Disk Encryption NBDE project. Security Fixes: tang: Race condition exists in the key...
Moderate: tomcat security and bug fix update
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Commons FileUpload: FileUpload DoS with excessive parts CVE-2023-24998 tomcat: not including the secure attribute causes information disclosure CVE-2023-28708 tomcat: Fix for...
Critical: squid:4 security update
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Denial of Service in HTTP Digest Authentication CVE-2023-46847 squid: Request/Response smuggling in HTTP/1.1 and ICAP CVE-2023-46846 For more details about the...
Moderate: python-pip security update
pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index PyPI. pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". Security Fixes: python: tarfile...
Moderate: flatpak security, bug fix, and enhancement update
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. The following packages have been upgraded to a later upstream version: flatpak 1.10.8. BZ2222103 Security Fixes: flatpak: TIOCLINUX can send commands outside sandbox if running on a virtual consol...
Moderate: yajl security update
Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C, and a small validating JSON generator. Security Fixes: yajl: Memory leak in yajltreeparse function CVE-2023-33460 For more details about the security issues, including the impact, a CVSS score,...
Moderate: linux-firmware security, bug fix, and enhancement update
The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw amd: Return Address Predictor vulnerability leading to information disclosure CVE-2023-20569 For more details about the security issues, including the impact, a CVSS...
Low: opensc security and bug fix update
The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. Security Fixes: opensc: buffer overrun vulnerability in pkcs15...
Moderate: emacs security update
GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: command execution via shell metacharacters CVE-2022-48337 emacs: command injection...
Moderate: c-ares security update
The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Heap buffer over read in aresparsesoareply CVE-2020-22217 c-ares: Buffer Underwrite in aresinetnetpton CVE-2023-31130 For more details about the security issues,...
Moderate: python3.11 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Moderate: bind security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
Moderate: cloud-init security, bug fix, and enhancement update
The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Security Fixes: cloud-init: sensitive data could be exposed in logs CVE-2023-1786...
Moderate: wireshark security update
The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fixes: wireshark: RTPS dissector crash CVE-2023-0666 wireshark: VMS TCPIPtrace file parser crash CVE-2023-2856 wireshark: NetScaler file parser crash...
Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: tun: avoid double free in tunfreenetdev CVE-2022-4744 kernel: net/sched: multiple vulnerabilities CVE-2023-3609, CVE-2023-3611, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208...
Moderate: c-ares security update
The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: buffer overflow in configsortlist due to missing string length check CVE-2022-4904 For more details about the security issues, including the impact, a CVSS score,...
Moderate: dnsmasq security and bug fix update
The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 CVE-2023-28450 For more details about the security issues,...
Moderate: container-tools:4.0 security and bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper handling of JavaScri...
Moderate: container-tools:rhel8 security and bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper handling of JavaScri...
Moderate: haproxy security and bug fix update
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: data leak via fcgi requests CVE-2023-0836 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relate...
Moderate: samba security, bug fix, and enhancement update
Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version:...
Moderate: samba security update
Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: smbd allows client access to unix domain sockets ...
Important: curl security update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: a heap-based buffer overflow in the SOCKS5 proxy handshake CVE-2023-38545 curl: cookie injection with none file...
Moderate: ncurses security and bug fix update
The ncurses new curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo...
Moderate: python-pip security update
pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index PyPI. pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". Security Fixes: python: tarfile...
Important: ghostscript security update
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: Ghostscript: GhostPDL can lead to remote code execution via crafted PostScript documen...
Moderate: krb5 security and bug fix update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...
Moderate: libX11 security update
The libX11 packages contain the core X11 protocol client library. Security Fixes: libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow CVE-2023-3138 For more details about the security issues, including the impact, a CVSS...
Moderate: perl-HTTP-Tiny security update
HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl. Security Fixes: http-tiny: insecure TLS cert default CVE-2023-31486 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in th...
Moderate: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...
Moderate: httpd and mod_http2 security, bug fix, and enhancement update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: httpd 2.4.57. BZ2184403 Security Fixes: httpd: modproxyuwsgi HTTP response splitting CVE-2023-27522 For more details about th...