5315 matches found
Moderate: tang security update
Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service. The tang package provides the server side of the Network Bound Disk Encryption NBDE project. Security Fixes: tang: Race condition exists in the key...
Moderate: python-tornado security update
Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools. Security Fixes: python-tornado: open redirect vulnerability in StaticFileHandler under certain configurations CVE-2023-28370 For more details...
Moderate: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...
Moderate: podman security, bug fix, and enhancement update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http...
Moderate: samba security, bug fix, and enhancement update
Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version:...
Moderate: wireshark security update
The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fixes: wireshark: RTPS dissector crash CVE-2023-0666 wireshark: IEEE C37.118 Synchrophasor dissector crash CVE-2023-0668 wireshark: Candump log file parser cra...
Moderate: python3.11 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following...
Moderate: perl-CPAN security update
The CPAN module is a tool to query, download and build perl modules from CPAN sites. Security Fixes: perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS CVE-2023-31484 For more details about the security issues, including the impact, a CVSS score,...
Moderate: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
Moderate: flatpak security, bug fix, and enhancement update
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. The following packages have been upgraded to a later upstream version: flatpak 1.12.8. BZ2221792 Security Fixes: flatpak: TIOCLINUX can send commands outside sandbox if running on a virtual consol...
Moderate: ghostscript security and bug fix update
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: buffer overflow in base/sbcp.c leading to data corruption CVE-2023-28879...
Moderate: binutils security update
The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: binutils: NULL pointer...
Moderate: libqb security update
The libqb packages provide a library with the primary purpose of providing high performance client/server reusable features, such as high performance logging, tracing, inter-process communication, and polling. Security Fixes: libqb: Buffer overflow in logblackbox.c CVE-2023-39976 For more details...
Important: webkit2gtk3 security and bug fix update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: arbitrary code execution CVE-2023-32393 webkitgtk: bypass Same Origin Policy CVE-2023-38572 webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-38592...
Low: glib2 security and bug fix update
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GVariant offset table...
Moderate: c-ares security, bug fix, and enhancement update
The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. The following packages have been upgraded to a later upstream version: c-ares 1.19.1. BZ2210370 Security Fixes: c-ares: buffer overflow in configsortlist due to missing string length check...
Moderate: python-pip security update
pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index PyPI. pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". Security Fixes: python: tarfile...
Important: ghostscript security update
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: Ghostscript: GhostPDL can lead to remote code execution via crafted PostScript documen...
Moderate: curl security update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: GSS delegation too eager connection re-use CVE-2023-27536 curl: TELNET option IAC injection CVE-2023-27533 curl: SFTP...
Moderate: avahi security update
Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other...
Moderate: perl-HTTP-Tiny security update
HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl. Security Fixes: http-tiny: insecure TLS cert default CVE-2023-31486 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in th...
Moderate: libmicrohttpd security update
GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. Security Fixes: libmicrohttpd: remote DoS CVE-2023-27371 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...
Moderate: cups security and bug fix update
The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: heap buffer overflow may lead to DoS CVE-2023-32324 cups: use-after-free in cupsdAcceptClient in scheduler/client.c CVE-2023-34241 For more details about t...
Moderate: libtiff security update
The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: null pointer dereference in LZWDecode in libtiff/tiflzw.c CVE-2023-2731 libtiff: tiffcrop: null pointer dereference in TIFFClose CVE-2023-3316 libtiff: memory leak in...
Moderate: python3.9 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following...
Moderate: ncurses security and bug fix update
The ncurses new curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo...
Moderate: krb5 security and bug fix update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...
Important: curl security update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: a heap-based buffer overflow in the SOCKS5 proxy handshake CVE-2023-38545 curl: cookie injection with none file...
Moderate: python3.11-pip security update
pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index PyPI. pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". Security Fixes: python: tarfile...
Moderate: LibRaw security update
LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: stack buffer overflow in LibRawbufferdatastream::gets in src/librawdatastream.cpp CVE-2021-32142 For more details about the security issues, including the...
Moderate: cloud-init security, bug fix, and enhancement update
The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Security Fixes: cloud-init: sensitive data could be exposed in logs CVE-2023-1786...
Moderate: edk2 security, bug fix, and enhancement update
EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Function GetEfiGlobalVariable2 return value not checked in DxeImageVerificationHandler CVE-2019-14560 openssl: Possibl...
Moderate: httpd and mod_http2 security, bug fix, and enhancement update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: httpd 2.4.57. BZ2184403 Security Fixes: httpd: modproxyuwsgi HTTP response splitting CVE-2023-27522 For more details about th...
Low: gdb security update
The GNU Debugger GDB allows users to debug programs written in various programming languages including C, C++, and Fortran. Security Fixes: libiberty: Heap/stack buffer overflow in the dlanglname function in d-demangle.c CVE-2021-3826 For more details about the security issues, including the...
Moderate: qt5 security and bug fix update
Qt is a software toolkit for developing applications. Security Fixes: qt: buffer over-read via a crafted reply from a DNS server CVE-2023-33285 qt: allows remote attacker to bypass security restrictions caused by flaw in certificate validation CVE-2023-34410 qtbase: buffer overflow in...
Low: libpq security update
The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: Client memory disclosure when connecting with Kerberos to modified server CVE-2022-41862 For more details about the security issues, including the...
Moderate: libfastjson security update
The libfastjson library provides essential JavaScript Object Notation JSON handling functions. The library enables users to construct JSON objects in C, output them as JSON-formatted strings, and convert JSON-formatted strings back to the C representation of JSON objects. Security Fixes: json-c,...
Moderate: liblouis security update
Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary braille, supports contracted and uncontracted translation for many languages and has support for hyphenation. New languages can easily be added through...
Moderate: librabbitmq security update
The librabbitmq packages provide an Advanced Message Queuing Protocol AMQP client library that allows you to communicate with AMQP servers using protocol version 0-9-1. Security Fixes: rabbitmq-c/librabbitmq: Insecure credentials submission CVE-2023-35789 For more details about the security issue...
Moderate: libX11 security update
The libX11 packages contain the core X11 protocol client library. Security Fixes: libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow CVE-2023-3138 For more details about the security issues, including the impact, a CVSS...
Moderate: frr security and bug fix update
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: Reachable assertion in peekforas4capability function CVE-2022-36440 frr: denial of service by crafting a BGP OPEN message...
Low: tpm2-tss security and enhancement update
The tpm2-tss packages provide the Intel implementation of the Trusted Platform Module TPM 2.0 System API library. This library enables programs to interact with TPM 2.0 devices Security Fixes: tpm2-tss: Buffer Overlow in TSS2RCDecode CVE-2023-22745 For more details about the security issues,...
Low: procps-ng security and bug fix update
The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Security Fixes: procps: ps buffer overflow CVE-2023-4016 For more details about the security issues, including...
Important: linux-firmware security, bug fix, and enhancement update
The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw: intel: Improper access control for some IntelR PROSet/Wireless WiFi CVE-2022-27635 hw: intel: Improper access control for some IntelR PROSet/Wireless WiFi...
Low: shadow-utils security and bug fix update
The shadow-utils packages include programs for converting UNIX password files to the shadow password format, as well as utilities for managing user and group accounts. Security Fixes: shadow-utils: possible password leak during passwd1 change CVE-2023-4641 For more details about the security...
Moderate: python-cryptography security update
The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fixes: python-cryptography: memory corruption via immutable objects CVE-2023-23931 For more details about the...
Low: pcs security, bug fix, and enhancement update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: decode-uri-component: improper input validation resulting in DoS CVE-2022-38900 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...
Moderate: mod_auth_openidc security and bug fix update
The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...
Moderate: runc security update
The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: golang: crypto/tls: large handshake records may cause panics CVE-2022-41724 runc: Rootless runc makes /sys/fs/cgroup writable CVE-2023-25809 runc: volume mount...
Moderate: skopeo security update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http, golang.org/x/net/http2: avoid quadrati...