Lucene search
K
AlmalinuxRecent

5315 matches found

AlmaLinux
AlmaLinux
•added 2023/06/21 12:0 a.m.•40 views

Moderate: libvirt security update

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fixes: libvirt: Memory leak in virPCIVirtualFunctionList cleanup...

5.5CVSS7AI score0.00298EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/06/21 12:0 a.m.•36 views

Moderate: postgresql security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: schemaelement defeats protective searchpath changes CVE-2023-2454 postgresql: row security policies disregard user ID changes after inlining. CVE-2023-2455 For more details about the security...

7.2CVSS6.9AI score0.0119EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/06/21 12:0 a.m.•69 views

Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: use-after-free vulnerability in the perfgroupdetach function of the Linux Kernel Performance Events CVE-2023-2235 kernel: netfilte...

7.8CVSS8AI score0.12966EPSS
Exploits10References14
AlmaLinux
AlmaLinux
•added 2023/06/19 12:0 a.m.•19 views

Important: texlive security update

The texlive packages contain TeXLive, an implementation of TeX for Linux or UNIX systems. Security Fixes: texlive: arbitrary code execution allows document complied with older version CVE-2023-32700 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

8.8CVSS7.8AI score0.00804EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•53 views

Important: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7AI score0.20459EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•34 views

Important: c-ares security update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS6.9AI score0.01577EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•43 views

Important: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7AI score0.20459EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•32 views

Important: nodejs security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: Buffer Underwrite in aresinetnetpton CVE-2023-31130 c-ares: Insufficient...

7.5CVSS6.9AI score0.01577EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•30 views

Important: python3.11 security update

Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fixes: python: urllib.parse url blocklisting bypass...

7.5CVSS7.2AI score0.20459EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•31 views

Important: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: Buffer Underwrite in aresinetnetpton CVE-2023-31130 c-ares: Insufficient...

7.5CVSS6.9AI score0.01577EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•57 views

Important: .NET 6.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18. The...

7.5CVSS7.8AI score0.02627EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•26 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR. Security Fixes: Mozilla: Click-jacking certificate exceptions through rendering lag CVE-2023-34414 Mozilla: Memory safety bugs fixe...

9.8CVSS7.8AI score0.0093EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•130 views

Important: .NET 7.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. The...

7.5CVSS7.9AI score0.02627EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•24 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0. Security Fixes: Mozilla: Click-jacking certificate exceptions through rendering lag CVE-2023-34414 Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12...

9.8CVSS7.4AI score0.0093EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•28 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR. Security Fixes: Mozilla: Click-jacking certificate exceptions through rendering lag CVE-2023-34414 Mozilla: Memory safety bugs fixe...

9.8CVSS7.5AI score0.0093EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•51 views

Important: python3.11 security update

Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fixes: python: urllib.parse url blocklisting bypass...

7.5CVSS7.2AI score0.20459EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•31 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0. Security Fixes: Mozilla: Click-jacking certificate exceptions through rendering lag CVE-2023-34414 Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12...

9.8CVSS7.8AI score0.0093EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•84 views

Important: .NET 6.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18. The...

7.5CVSS7.8AI score0.02627EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•52 views

Important: .NET 7.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. The...

7.5CVSS7.9AI score0.02627EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2023/06/13 12:0 a.m.•23 views

Important: c-ares security update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS6.9AI score0.01577EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/06/05 12:0 a.m.•17 views

Important: cups-filters security update

The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System CUPS distribution but is now maintained independently. Security Fixes: cups-filters: remote code execution in cups-filters, beh CUPS backend CVE-2023-24805 For more...

8.8CVSS7.9AI score0.03697EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/06/05 12:0 a.m.•72 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: a use-after-free when processing maliciously crafted web content CVE-2023-32373 webkitgtk: an out-of-bounds read when processing malicious content CVE-2023-28204 For more details abou...

8.8CVSS6.9AI score0.14292EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/06/05 12:0 a.m.•63 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: a use-after-free when processing maliciously crafted web content CVE-2023-32373 webkitgtk: an out-of-bounds read when processing malicious content CVE-2023-28204 For more details abou...

8.8CVSS6.9AI score0.14292EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/06/05 12:0 a.m.•44 views

Important: cups-filters security update

The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System CUPS distribution but is now maintained independently. Security Fixes: cups-filters: remote code execution in cups-filters, beh CUPS backend CVE-2023-24805 For more...

8.8CVSS7.9AI score0.03697EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/05/30 12:0 a.m.•67 views

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netfilter: use-after-free in nftables when processing batch requests can lead to privilege escalation CVE-2023-32233 For more details about the security issues, including the impact, a CV...

7.8CVSS7.2AI score0.12966EPSS
Exploits7References4
AlmaLinux
AlmaLinux
•added 2023/05/30 12:0 a.m.•42 views

Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: netfilter: use-after-free in nftables when processing batch requests can lead to privilege escalation CVE-2023-32233 For more...

7.8CVSS7.1AI score0.12966EPSS
Exploits7References4
AlmaLinux
AlmaLinux
•added 2023/05/25 12:0 a.m.•60 views

Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 For more details about the security issues, including the impact, a CVSS score, acknowledgment...

9.8CVSS6.9AI score0.01548EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/05/25 12:0 a.m.•66 views

Important: go-toolset and golang security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fixes: golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 For more details about the...

9.8CVSS6.9AI score0.01548EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/05/22 12:0 a.m.•38 views

Important: git security update

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to wo...

7.8CVSS7.3AI score0.52164EPSS
Exploits5References12
AlmaLinux
AlmaLinux
•added 2023/05/22 12:0 a.m.•63 views

Important: git security update

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to wo...

7.8CVSS7.3AI score0.52164EPSS
Exploits5References12
AlmaLinux
AlmaLinux
•added 2023/05/18 12:0 a.m.•29 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.11.0. Security Fixes: Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential permissions reques...

8.8CVSS8.3AI score0.00753EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2023/05/18 12:0 a.m.•34 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.11.0 ESR. Security Fixes: Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver...

8.8CVSS8.3AI score0.00753EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•51 views

Moderate: container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: go/parser: stack exhaustion in all Parse functions CVE-2022-1962 golang:...

7.5CVSS6.8AI score0.05623EPSS
Exploits5References30
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•73 views

Moderate: container-tools:4.0 security and bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: go/parser: stack exhaustion in all Parse functions CVE-2022-1962 golang:...

7.5CVSS6.6AI score0.05623EPSS
Exploits5References30
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•23 views

Moderate: frr security and bug fix update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: out-of-bounds read in the BGP daemon may lead to information disclosure or denial of service CVE-2022-37032 For more...

9.1CVSS6.7AI score0.01578EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•97 views

Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.4.33. Security Fixes: XKCP: buffer overflow in the SHA-3 reference implementation CVE-2022-37454 php: standard insecure cookie could b...

9.8CVSS7.3AI score0.49336EPSS
Exploits6References12
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•33 views

Moderate: python-mako security update

Mako is a template library written in Python. It provides a familiar, non-XML syntax which compiles into Python modules for maximum performance. Security Fixes: mako: REDoS in Lexer class CVE-2022-40023 For more details about the security issues, including the impact, a CVSS score, acknowledgment...

7.5CVSS6.7AI score0.01656EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•41 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: WebKitGTK: Regression of CVE-2023-28205 fixes in the AlmaLinux CVE-2023-2203 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

8.8CVSS6.9AI score0.00934EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•73 views

Moderate: go-toolset:rhel8 security and bug fix update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: crypto/tls: large handshake records may cause panics CVE-2022-41724 golang: net/http, mime/multipart: denial of service from excessive resource consumption...

7.5CVSS6.9AI score0.01231EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•90 views

Moderate: net-snmp security and bug fix update

The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol SNMP, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command...

6.5CVSS6.8AI score0.5346EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•34 views

Moderate: gcc-toolset-12-binutils security update

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: binutils: NULL pointer...

5.5CVSS6.9AI score0.00437EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•39 views

Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: out-of-bounds write in TIFFmemcpy in libtiff/tifunix.c CVE-2022-3627 libtiff: integer overflow in function TIFFReadRGBATileExt of the file CVE-2022-3970 For more...

8.8CVSS7.1AI score0.01237EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•43 views

Moderate: bind security and bug fix update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

5.3CVSS6.7AI score0.01495EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•98 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel 4.18.0. BZ2122230, BZ2122267 Security Fixes: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564...

8.8CVSS8.1AI score0.03763EPSS
Exploits17References80
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•58 views

Moderate: emacs security and bug fix update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: ctags local command execution vulnerability CVE-2022-45939 For more details about the...

7.8CVSS6.7AI score0.00635EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•42 views

Moderate: curl security and bug fix update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: FTP too eager connection reuse CVE-2023-27535 For more details about the security issues, including the impact, a CVS...

5.9CVSS7.1AI score0.01607EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•32 views

Important: emacs security update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: Regression of CVE-2023-28617 fixes in the AlmaLinux CVE-2023-2491 For more details about t...

7.8CVSS6.8AI score0.00469EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•58 views

Moderate: unbound security and bug fix update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: NRDelegation attack leads to uncontrolled resource consumption Non-Responsive Delegation Attack CVE-2022-3204 For more details about the security issues, including the impact, a CVSS...

7.5CVSS6.7AI score0.01259EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•38 views

Moderate: libtar security update

The libtar packages contain a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions. Security Fixes: libtar: out-of-bounds read in gnulonglink CVE-2021-33643 libtar: out-of-bounds read in gnulongname...

9.1CVSS6.6AI score0.01431EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•29 views

Important: apr-util security update

The Apache Portable Runtime APR is a portability library used by the Apache HTTP Server and other projects. apr-util is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Security Fixes: apr-util:...

6.5CVSS7AI score0.01417EPSS
Exploits0References4
Total number of security vulnerabilities5315