5323 matches found
Low: virt-v2v security, bug fix, and enhancement update
The virt-v2v package provides a tool for converting virtual machines to use the KVM Kernel-based Virtual Machine hypervisor or AlmaLinux Enterprise Virtualization. The tool modifies both the virtual machine image and its associated libvirt metadata. Also, virt-v2v can configure a guest to use...
Moderate: libtirpc security update
The libtirpc packages contain SunLib's implementation of transport-independent remote procedure call TI-RPC documentation, which includes a library required by programs in the nfs-utils and rpcbind packages. Security Fixes: libtirpc: DoS vulnerability with lots of connections CVE-2021-46828 For...
Low: guestfs-tools security, bug fix, and enhancement update
guestfs-tools is a set of tools that can be used to make batch configuration changes to guests, get disk used/free statistics, perform backups and guest clones, change registry/UUID/hostname info, build guests from scratch, and much more. Security Fixes: libguestfs: Buffer overflow in getkeys lea...
Moderate: toolbox security and bug fix update
Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang...
Moderate: python-lxml security update
lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fixes: lxml: NULL Pointer Dereference in lxml CVE-2022-2309 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
Moderate: xorg-x11-server-Xwayland security update
Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access CVE-2022-2319 xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo request handler of the Xkb extension CVE-2022-2320 For more details about...
Low: swtpm security and bug fix update
SWTPM is a TPM emulator built on libtpms providing TPM functionality for QEMU VMs. Security Fixes: swtpm: Unchecked header size indicator against expected size CVE-2022-23645 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Moderate: pcs security, bug fix, and enhancement update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: pcs: improper authentication via PAM CVE-2022-1049 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...
Important: mingw-zlib security update
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Security Fixes: zlib: A flaw found in zlib when compressing not decompressing certain inputs CVE-2018-25032 For more details about the security issues, including the impact, a CV...
Important: qatzip bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: logrotate security update
The logrotate utility simplifies the administration of multiple log files by allowing their automatic rotation, compression, removal, and mailing. Security Fixes: logrotate: potential DoS from unprivileged users via the state file CVE-2022-1348 For more details about the security issues, includin...
Low: mingw-glib2 security and bug fix update
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: gfilereplace with...
Low: libvirt security, bug fix, and enhancement update
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. The following packages have been upgraded to a later upstream version:...
Moderate: frr security, bug fix, and enhancement update
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. The following packages have been upgraded to a later upstream version: frr 8.2.2. BZ2069563 Security Fixes: frrouting: overflow bugs in...
Moderate: dnsmasq security and bug fix update
The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: Heap use after free in dhcp6norelay CVE-2022-0934 For more details about the security issues, including the impact, a CVSS score,...
Moderate: mutt security update
Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fixes: mutt: buffer overflow in uudecoder function CVE-2022-1328 For more details about the...
Moderate: dotnet7.0 security, bug fix, and enhancement update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.100 RC 2 and .NET Runtime 7.0.0 R...
Moderate: qemu-kvm security, bug fix, and enhancement update
Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. The following packages have been upgraded to a later upstream version: qemu-kvm 7.0.0...
Moderate: grafana-pcp security update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header...
Moderate: buildah security and bug fix update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
Moderate: xorg-x11-server security and bug fix update
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access CVE-2022-2319 xorg-x11-server:...
Low: runc security update
The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: runc: incorrect handling of inheritable capabilities CVE-2022-29162 For more details about the security issues, including the impact, a CVSS score,...
Moderate: 389-ds-base security, bug fix, and enhancement update
389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. The following packages have been upgraded to a later upstream version: 389-ds-base 2.1.3...
Moderate: unbound security, bug fix, and enhancement update
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. The following packages have been upgraded to a later upstream version: unbound 1.16.2. BZ2087120 Security Fixes: unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of...
Important: grafana security, bug fix, and enhancement update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. The following packages have been upgraded to a later upstream version: grafana 7.5.15. BZ2055349 Security Fixes: sanitize-url: XSS due to improper sanitization in sanitizeUrl function...
Moderate: bind security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
Moderate: dhcp security and enhancement update
The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to...
Important: device-mapper-multipath security update
The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes: device-mapper-multipath: Regression of CVE-2022-41974 fix in AlmaLinux CVE-2022-3787 For more details about the security issues, including the impact,...
Moderate: mutt security update
Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fixes: mutt: buffer overflow in uudecoder function CVE-2022-1328 For more details about the...
Low: Image Builder security, bug fix, and enhancement update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fixes: golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service...
Moderate: flatpak-builder security and bug fix update
Flatpak-builder is a tool for building flatpaks from sources. Security Fixes: flatpak: flatpak-builder --mirror-screenshots-url can access files outside the build directory CVE-2022-21682 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
Moderate: dnsmasq security and bug fix update
The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: Heap use after free in dhcp6norelay CVE-2022-0934 For more details about the security issues, including the impact, a CVSS score,...
Moderate: grafana-pcp security update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header...
Moderate: e2fsprogs security and bug fix update
The e2fsprogs packages provide a number of utilities for creating, checking, modifying, and correcting the ext2, ext3, and ext4 file systems. Security Fixes: e2fsprogs: out-of-bounds read/write via crafted filesystem CVE-2022-1304 For more details about the security issues, including the impact, ...
Moderate: libldb security, bug fix, and enhancement update
The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb 2.5.2. BZ2077484 Security Fixes: samba: AD users can induce a use-after-free ...
Moderate: xmlrpc-c security update
XML-RPC is a remote procedure call RPC protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC remote procedure call over the Internet. It converts an RPC into an XML document,...
Moderate: rsync security and enhancement update
The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...
Moderate: freetype security update
FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: FreeType: Buffer overflow in sfntinitface CVE-2022-27404 FreeType: Segmentation violation via FNTSizeRequest CVE-2022-27405...
Moderate: dovecot security update
Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: dovecot...
Moderate: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
Important: pki-core:10.6 and pki-deps:10.6 security and bug fix update
The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 For more details about the security issues, including the impact, a CVSS score,...
Low: redis:6 security, bug fix, and enhancement update
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...
Moderate: php:7.4 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.4.30, php-pear 1.10.13. BZ2055422 Security Fixes: php: Special character breaks path in xml parsing CVE-2021-21707 php: Use after free...
Low: openjpeg2 security update
OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fixes: openjpeg: segmentation fault in opj2decompress due to uninitialized pointer CVE-2022-1122 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
Moderate: xorg-x11-server and xorg-x11-server-Xwayland security and bug fix update
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: X.Org Server ProcXkbSetGeometry...
Moderate: container-tools:4.0 security and bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 golang: crash in a golang.org/x/crypto/ssh server CVE-2022-27191 runc: incorrect handlin...
Moderate: yajl security update
Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C and a small validating JSON generator. Security Fixes: yajl: heap-based buffer overflow when handling large inputs due to an integer overflow CVE-2022-24795 For more details about the security issues,...
Moderate: poppler security and bug fix update
Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: A logic error in the Hints::Hints function can cause denial of service CVE-2022-27337 For more details about the security issues, including the impact, a CVSS score,...
Moderate: openblas security update
OpenBLAS is an optimized BLAS library based on GotoBLAS2 1.13 BSD version. Security Fixes: lapack: Out-of-bounds read in larrv CVE-2021-4048 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages liste...
Moderate: libtiff security update
The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: Denial of Service via crafted TIFF file CVE-2022-0561 libtiff: Null source pointer lead to Denial of Service via crafted TIFF file CVE-2022-0562 libtiff: reachable...