Lucene search
K
AlmalinuxRecent

5323 matches found

AlmaLinux
AlmaLinux
•added 2023/03/20 12:0 a.m.•27 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR. Security Fixes: Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 Mozilla: Memory safety bugs fixed in Firefo...

8.8CVSS9.2AI score0.00713EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2023/03/20 12:0 a.m.•22 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR. Security Fixes: Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 Mozilla: Memory safety bugs fixed in Firefo...

8.8CVSS9.3AI score0.00713EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2023/03/15 12:0 a.m.•62 views

Important: nss security update

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fixes: nss: Arbitrary memory write via PKCS 12 CVE-2023-0767 For more details about the security issues, including the impact, a CVSS...

8.8CVSS2.6AI score0.00817EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/03/07 12:0 a.m.•32 views

Moderate: gnutls security and bug fix update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: timing side-channel in the TLS RSA key exchange code CVE-2023-0361 For more details about the security issues,...

7.4CVSS7.8AI score0.01403EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/03/07 12:0 a.m.•53 views

Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: HTTP multi-header compression denial of service CVE-2023-23916 For more details about the security issues, including...

6.5CVSS7.2AI score0.01703EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/03/06 12:0 a.m.•22 views

Important: pesign security update

The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated tools. Security Fixes: pesign: Local privilege escalation on pesign systemd service CVE-2022-3560 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

5.5CVSS6AI score0.00245EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/03/06 12:0 a.m.•30 views

Moderate: libjpeg-turbo security update

The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fixes: libjpeg-turbo: heap...

5.5CVSS6.4AI score0.01009EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/02/28 12:0 a.m.•37 views

Moderate: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7.8AI score0.02453EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/02/28 12:0 a.m.•70 views

Moderate: openssl security and bug fix update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: read buffer overflow in X.509 certificate verification CVE-2022-4203 openssl: timing attack in RS...

7.5CVSS7.8AI score0.59501EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2023/02/28 12:0 a.m.•33 views

Moderate: tar security update

The GNU tar program can save multiple files in an archive and restore files from an archive. Security Fixes: tar: heap buffer overflow at fromheader in list.c via specially crafted checksum CVE-2022-48303 For more details about the security issues, including the impact, a CVSS score,...

5.5CVSS8.2AI score0.04524EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/02/28 12:0 a.m.•86 views

Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 kernel: stack overflow in doprocdointvec an...

7.8CVSS7.7AI score0.06346EPSS
Exploits5References12
AlmaLinux
AlmaLinux
•added 2023/02/28 12:0 a.m.•31 views

Moderate: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: sinatra: Reflected File Download attack CVE-2022-45442 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

8.8CVSS8.6AI score0.00642EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/02/28 12:0 a.m.•77 views

Moderate: httpd security and bug fix update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: moddav: out-of-bounds read/write of zero byte CVE-2006-20001 httpd: modproxyajp: Possible request smuggling CVE-2022-36760 httpd: modproxy: HTTP response splitting...

9CVSS7.6AI score0.57941EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2023/02/28 12:0 a.m.•53 views

Moderate: lua security update

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fixes: lua: use after free allows Sandbox Escape CVE-2021-44964 lua: stack overflow in...

6.3CVSS6.6AI score0.01136EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2023/02/28 12:0 a.m.•36 views

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: no check if the return value of XChangeGC is NULL CVE-2022-47024 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the C...

7.8CVSS7.7AI score0.0026EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/02/28 12:0 a.m.•59 views

Moderate: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.0.27. BZ2161667 Security Fixes: XKCP: buffer overflow in the SHA-3 reference implementation CVE-2022-37454 php: standard insecure cook...

9.8CVSS8.9AI score0.49336EPSS
Exploits6References12
AlmaLinux
AlmaLinux
•added 2023/02/28 12:0 a.m.•59 views

Moderate: python-setuptools security update

The python-setuptools package provides a collection of enhancements to Python distribution utilities allowing convenient building and distribution of Python packages. Security Fixes: pypa-setuptools: Regular Expression Denial of Service ReDoS in packageindex.py CVE-2022-40897 For more details abo...

5.9CVSS6.4AI score0.02617EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/02/28 12:0 a.m.•31 views

Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

5.5CVSS5.8AI score0.00867EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2023/02/28 12:0 a.m.•85 views

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 kernel: use-after-free in...

7.8CVSS7.6AI score0.06346EPSS
Exploits5References12
AlmaLinux
AlmaLinux
•added 2023/02/22 12:0 a.m.•38 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: processing maliciously crafted web content may be exploited for arbitrary code execution CVE-2023-23529 For more details about the security issues, including the impact, a CVSS score,...

8.8CVSS9.1AI score0.09426EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/02/22 12:0 a.m.•36 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: processing maliciously crafted web content may be exploited for arbitrary code execution CVE-2023-23529 For more details about the security issues, including the impact, a CVSS score,...

8.8CVSS9.1AI score0.09426EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/02/21 12:0 a.m.•44 views

Important: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and...

8.1CVSS8.2AI score0.02559EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/02/21 12:0 a.m.•181 views

Moderate: httpd:2.4 security and bug fix update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: moddav: out-of-bounds read/write of zero byte CVE-2006-20001 httpd: modproxyajp: Possible request smuggling CVE-2022-36760 httpd: modproxy: HTTP response splitting...

9CVSS7.7AI score0.57941EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2023/02/21 12:0 a.m.•54 views

Moderate: php:8.0 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.0. BZ2161666 Security Fixes: XKCP: buffer overflow in the SHA-3 reference implementation CVE-2022-37454 php: standard insecure cookie...

9.8CVSS8.9AI score0.49336EPSS
Exploits6References12
AlmaLinux
AlmaLinux
•added 2023/02/21 12:0 a.m.•35 views

Moderate: tar security update

The GNU tar program can save multiple files in an archive and restore files from an archive. Security Fixes: tar: heap buffer overflow at fromheader in list.c via specially crafted checksum CVE-2022-48303 For more details about the security issues, including the impact, a CVSS score,...

5.5CVSS8.2AI score0.04524EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/02/21 12:0 a.m.•64 views

Moderate: python-setuptools security update

The python-setuptools package provides a collection of enhancements to Python distribution utilities allowing convenient building and distribution of Python packages. Security Fixes: pypa-setuptools: Regular Expression Denial of Service ReDoS in packageindex.py CVE-2022-40897 For more details abo...

5.9CVSS6.4AI score0.02617EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/02/21 12:0 a.m.•61 views

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mm/mremap.c use-after-free vulnerability CVE-2022-41222 kernel: nfsd buffer overflow by RPC message over TCP with garbage data CVE-2022-43945 kernel: an out-of-bounds vulnerability in...

7.5CVSS7.7AI score0.21314EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2023/02/21 12:0 a.m.•77 views

Moderate: systemd security and bug fix update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

5.5CVSS5.8AI score0.00867EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/02/21 12:0 a.m.•41 views

Moderate: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7.8AI score0.03213EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2023/02/21 12:0 a.m.•48 views

Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: mm/mremap.c use-after-free vulnerability CVE-2022-41222 kernel: nfsd buffer overflow by RPC message over TCP with garbage data...

7.5CVSS7.5AI score0.21314EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2023/02/21 12:0 a.m.•30 views

Moderate: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: sinatra: Reflected File Download attack CVE-2022-45442 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

8.8CVSS8.6AI score0.00642EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/02/20 12:0 a.m.•33 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Security Fixes: Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation...

8.8CVSS1.6AI score0.00817EPSS
Exploits0References26
AlmaLinux
AlmaLinux
•added 2023/02/20 12:0 a.m.•32 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.8.0. Security Fixes: Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes CVE-2023-25728 Mozilla:...

8.8CVSS1.7AI score0.00817EPSS
Exploits0References28
AlmaLinux
AlmaLinux
•added 2023/02/20 12:0 a.m.•30 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.8.0. Security Fixes: Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes CVE-2023-25728 Mozilla:...

8.8CVSS8.8AI score0.00817EPSS
Exploits0References28
AlmaLinux
AlmaLinux
•added 2023/02/20 12:0 a.m.•34 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Security Fixes: Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation...

8.8CVSS8.8AI score0.00817EPSS
Exploits0References26
AlmaLinux
AlmaLinux
•added 2023/02/14 12:0 a.m.•36 views

Moderate: grub2 security update

The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2: Buffer...

8.6CVSS8.2AI score0.00872EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/02/08 12:0 a.m.•19 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.8CVSS7.8AI score0.00899EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/02/07 12:0 a.m.•41 views

Important: libksba security update

KSBA pronounced Kasbah is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Security Fixes: libksba: integer overflow to code executiona CVE-2022-47629 For more details about the security...

9.8CVSS9.6AI score0.0155EPSS
Exploits2References4
AlmaLinux
AlmaLinux
•added 2023/02/07 12:0 a.m.•51 views

Important: libksba security update

KSBA pronounced Kasbah is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Security Fixes: libksba: integer overflow to code executiona CVE-2022-47629 For more details about the security...

9.8CVSS9.6AI score0.0155EPSS
Exploits2References4
AlmaLinux
AlmaLinux
•added 2023/02/07 12:0 a.m.•37 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.8CVSS7.8AI score0.00899EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/02/06 12:0 a.m.•59 views

Important: git security update

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to wo...

9.8CVSS9.5AI score0.56334EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/02/06 12:0 a.m.•56 views

Important: git security update

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to wo...

9.8CVSS9.5AI score0.56334EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/02/06 12:0 a.m.•20 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Security Fixes: Mozilla: Revocation status of S/Mime signature certificates was not checked CVE-2023-0430 For more details about the security issues, including the impact, a CVSS...

6.5CVSS2.3AI score0.00372EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/02/06 12:0 a.m.•26 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Security Fixes: Mozilla: Revocation status of S/Mime signature certificates was not checked CVE-2023-0430 For more details about the security issues, including the impact, a CVSS...

6.5CVSS8.8AI score0.00372EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/01/26 12:0 a.m.•61 views

Moderate: java-1.8.0-openjdk security and bug fix update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: improper restrictions in CORBA deserialization Serialization, 8285021 CVE-2023-21830 OpenJDK: soundbank URL remote loading Sound, 8293742...

5.3CVSS6.2AI score0.01357EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/01/26 12:0 a.m.•65 views

Moderate: java-1.8.0-openjdk security and bug fix update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: improper restrictions in CORBA deserialization Serialization, 8285021 CVE-2023-21830 OpenJDK: soundbank URL remote loading Sound, 8293742...

5.3CVSS6.2AI score0.01357EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/01/26 12:0 a.m.•27 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Security Fixes: Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory safety bugs fixed ...

8.8CVSS8.3AI score0.00892EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2023/01/25 12:0 a.m.•55 views

Moderate: go-toolset:rhel8 security and bug fix update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters...

7.5CVSS7.9AI score0.01544EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2023/01/25 12:0 a.m.•39 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Security Fixes: Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory safety bugs fixed ...

8.8CVSS8.3AI score0.00892EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2023/01/23 12:0 a.m.•38 views

Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

5.5CVSS6.3AI score0.00412EPSS
Exploits1References4
Total number of security vulnerabilities5323