Lucene search
K
AlmalinuxRecent

5340 matches found

AlmaLinux
AlmaLinux
•added 2022/03/24 10:44 a.m.•110 views

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling CVE-2022-22720 For more details about the security issues, including the impact, a CV...

9.8CVSS9.4AI score0.28189EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2022/03/23 11:9 a.m.•19 views

tzdata bug fix and enhancement update

The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2022a, which addresses recent time zone changes. Notably: In Palestine the daylight saving time DST starts on March 27, 2022, not on March 26. The zdump -v command now output...

7.2AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/03/16 12:0 a.m.•74 views

Important: expat security update

Expat is a C library for parsing XML documents. Security Fixes: expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution CVE-2022-25235 expat: Namespace-separator characters in "xmlns:prefix" attribute values can lead to arbitrary code execution CVE-2022-25236 expat:...

9.8CVSS10AI score0.34174EPSS
Exploits3References26
AlmaLinux
AlmaLinux
•added 2022/03/15 9:12 a.m.•19 views

firewalld bug fix and enhancement update

firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface. Bug Fixes and Enhancements: firewall-cmd takes hours when adding 55K ipsets BZ2046343...

2.3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/03/15 9:12 a.m.•24 views

samba bug fix and enhancement update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Bug Fixes and Enhancements: Samba 4.14.5 - virusfiltervfsopenat: Not...

3.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/03/15 9:12 a.m.•68 views

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Use-after-free of ID and IDREF attributes CVE-2022-23308 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS8AI score0.0601EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/03/15 9:12 a.m.•20 views

lvm2 bug fix and enhancement update

The lvm2 packages include complete support for handling read and write operations on physical volumes, creating volume groups from one or more physical volumes, and creating one or more logical volumes in volume groups. Bug Fixes and Enhancements: Multiple concurrent lv refreshes fail BZ2040514...

0.2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/03/15 9:12 a.m.•21 views

subscription-manager bug fix and enhancement update

The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the AlmaLinux entitlement platform. Bug Fixes and Enhancements: Subscription manager sends redundant requests to the server in SCA mode BZ2044349...

3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/03/15 9:12 a.m.•63 views

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

9.8CVSS9.5AI score0.04729EPSS
Exploits3References3
AlmaLinux
AlmaLinux
•added 2022/03/15 9:12 a.m.•13 views

linux-firmware bug fix and enhancement update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Bug Fixes and Enhancements: Certain amdgpu firmware files cause random hangs with AMD Picasso / Raven Ridge APUs BZ2018309...

1.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/03/15 9:11 a.m.•98 views

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Heap-based buffer overflow in blockinsert in src/ops.c CVE-2022-0261 vim: Heap-based buffer overflow in utfheadoff in mbyte.c CVE-2022-0318 vim: Heap-based buffer overflow in initccline in exgetln.c...

9.8CVSS2.2AI score0.02086EPSS
Exploits6References7
AlmaLinux
AlmaLinux
•added 2022/03/15 9:11 a.m.•39 views

systemd bug fix and enhancement update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

0.7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/03/15 9:11 a.m.•36 views

Moderate: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

7.8CVSS6.7AI score0.00367EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2022/03/15 9:10 a.m.•60 views

Moderate: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: NULL pointer dereference via malformed requests CVE-2021-34798 httpd: Out-of-bounds write in apescapequotes via malicious input CVE-2021-39275 For more details about the...

9.8CVSS9.1AI score0.64509EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2022/03/15 9:10 a.m.•19 views

plymouth bug fix and enhancement update

The plymouth packages provide a graphical boot animation in place of the text messages that are normally displayed. Text messages are instead redirected to a log file for viewing after boot. Bug Fixes and Enhancements: LUKS passphrase prompt not being presented on boot BZ2057275...

1.5AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/03/15 9:10 a.m.•51 views

Low: 389-ds:1.4 security and bug fix update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: double free of the virtual attribute context in persistent search...

7.5CVSS2AI score0.01983EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/03/15 9:10 a.m.•19 views

nmstate bug fix and enhancement update

Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner. Bug Fixes and Enhancements: NNCP deployment fails on applying ipv6 routes BZ2054054...

0.4AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/03/15 9:10 a.m.•21 views

java-11-openjdk bug fix and enhancement update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fixes: The previous OpenJDK 11 release, 11.0.14, was found to contain a regression introduced by improvements to the HTTP client. It caused both the :authority' and...

1.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/03/15 9:10 a.m.•39 views

Moderate: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

7.8CVSS1.5AI score0.0101EPSS
Exploits2References2
AlmaLinux
AlmaLinux
•added 2022/03/15 9:10 a.m.•23 views

fence-agents bug fix and enhancement update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Bug Fixes and Enhancements: fenceaws fails to find credentials when only IMDSv2 is...

1.6AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/03/15 9:10 a.m.•23 views

gdm bug fix and enhancement update

The GNOME Display Manager GDM provides the graphical login screen. The screen is shown shortly after boot, after log out, and when switching the current user. Bug Fixes and Enhancements: gdm crashed in ensuredisplayforseat, can't login to the GUI BZ2036584...

1.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/03/15 9:9 a.m.•16 views

cloud-init bug fix and enhancement update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: AlmaLinux8 Azure cloud-init fails to configure the...

7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/03/15 9:9 a.m.•21 views

pcs bug fix and enhancement update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Bug Fixes and Enhancements: Enabling sbd before starting the cluster sets an incorrect validate-with value in /var/lib/pacemaker/cib/cib.xml BZ2042433...

2.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/03/14 9:49 a.m.•39 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.7.0. Security Fixes: Mozilla: Use-after-free in XSLT parameter processing CVE-2022-26485 Mozilla: Use-after-free in WebGPU IPC Framework CVE-2022-26486 expat: Malformed 2- and 3-byte UTF-...

9.8CVSS9.3AI score0.34174EPSS
Exploits7References11
AlmaLinux
AlmaLinux
•added 2022/03/10 2:46 p.m.•46 views

Important: .NET 5.0 security and bugfix update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address security vulnerabilities are now available. The updated versions are .NET SDK 5.0.212 and .NET Runtime 5.0.15...

7.5CVSS7.9AI score0.03228EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2022/03/10 2:44 p.m.•76 views

Important: .NET Core 3.1 security and bugfix update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address security vulnerabilities are now available. The updated versions are .NET SDK 3.1.417 and .NET Runtime 3.1.23...

7.5CVSS7.9AI score0.03228EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2022/03/10 2:43 p.m.•93 views

Important: .NET 6.0 security and bugfix update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address security vulnerabilities are now available. The updated versions are .NET SDK 6.0.103 and .NET Runtime 6.0.3...

7.5CVSS7.3AI score0.03228EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2022/03/10 2:43 p.m.•111 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel 4.18.0. BZ2036888 Security Fixes: kernel: improper initialization of the "flags" member of the new pipebuffer CVE-2022-0847 kernel: U...

9CVSS8.4AI score0.88106EPSS
Exploits119References8
AlmaLinux
AlmaLinux
•added 2022/03/10 2:36 p.m.•83 views

Critical: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.7.0 ESR. Security Fixes: Mozilla: Use-after-free in XSLT parameter processing CVE-2022-26485 Mozilla: Use-after-free in WebGPU IPC Framework...

9.8CVSS9.3AI score0.34174EPSS
Exploits7References10
AlmaLinux
AlmaLinux
•added 2022/02/24 12:0 a.m.•99 views

Moderate: ruby:2.5 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-rdoc: Command injection vulnerability in RDoc CVE-2021-31799 ruby: FTP PASV command response can cause Net::FTP to connect...

7.4CVSS7.7AI score0.0305EPSS
Exploits2References12
AlmaLinux
AlmaLinux
•added 2022/02/23 1:33 p.m.•35 views

Important: cyrus-sasl security update

The cyrus-sasl packages contain the Cyrus implementation of Simple Authentication and Security Layer SASL. SASL is a method for adding authentication support to connection-based protocols. Security Fixes: cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL...

8.8CVSS9.7AI score0.04123EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2022/02/22 5:25 p.m.•59 views

Important: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions...

9.8CVSS8.5AI score0.03399EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2022/02/16 8:27 a.m.•78 views

Important: ruby:2.5 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 For more detail...

9.3CVSS8.5AI score0.06307EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2022/02/16 8:26 a.m.•119 views

Important: ruby:2.6 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc:...

9.3CVSS7.9AI score0.06307EPSS
Exploits5References7
AlmaLinux
AlmaLinux
•added 2022/02/15 10:3 a.m.•36 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.6.0. Security Fixes: Mozilla: Extensions could have bypassed permission confirmation during update CVE-2022-22754 Mozilla: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6...

9.6CVSS9.3AI score0.00926EPSS
Exploits1References7
AlmaLinux
AlmaLinux
•added 2022/02/14 8:13 a.m.•45 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.6.0 ESR. Security Fixes: Mozilla: Extensions could have bypassed permission confirmation during update CVE-2022-22754 Mozilla: Memory safety...

9.6CVSS9.3AI score0.00926EPSS
Exploits1References7
AlmaLinux
AlmaLinux
•added 2022/02/09 8:26 a.m.•62 views

Important: .NET 6.0 security and bugfix update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.102 and .NET Runtime 6.0.2...

7.5CVSS0.6AI score0.03739EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/02/09 8:26 a.m.•62 views

Important: .NET 5.0 security and bugfix update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.211 and .NET Runtime 5.0.14...

0.6AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/02/07 8:12 a.m.•30 views

Important: aide security update

Advanced Intrusion Detection Environment AIDE is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Security Fixes: aide: heap-based buffer overflow on outputs larger than B64BUF CVE-2021-45417 For more...

7.8CVSS2AI score0.00493EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2022/02/03 9:29 a.m.•42 views

Important: varnish:6 security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fixes: varnish: HTTP/1 request smuggling vulnerability CVE-2022-23959 For more details...

9.1CVSS9AI score0.01973EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2022/02/01 8:13 p.m.•18 views

sssd bug fix and enhancement update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

7.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:13 p.m.•35 views

Moderate: cryptsetup security update

The cryptsetup packages provide a utility for setting up disk encryption using the dm-crypt kernel module. Security Fixes: cryptsetup: disable encryption via header rewrite CVE-2021-4122 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

4.3CVSS1.6AI score0.0028EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/02/01 8:13 p.m.•17 views

dnf-plugins-core bug fix update

The dnf-plugins-core packages provide core plugins for YUM4. They add these commands: builddep, config-manager, copr, debug, debuginfo-install, download, needs-restarting, repoclosure, repograph, repomanage, and reposync. Bug Fixes and Enhancements: "needs-restarting -r" not notifying kernel...

2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:13 p.m.•43 views

Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: RPM does not require subkeys to have a valid binding signature CVE-2021-3521 For more details about the...

4.7CVSS6.3AI score0.00302EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/02/01 8:13 p.m.•11 views

cockpit bug fix and enhancement update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Bug Fixes and Enhancements: Cockpit 251 Administrative Access MFA Prompt Window...

3.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:12 p.m.•52 views

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: heap-based buffer overflow in winredrstatus in drawscreen.c CVE-2021-3872 vim: illegal memory access in findstartbrace in cindent.c when C-indenting CVE-2021-3984 vim: heap-based buffer overflow in...

7.8CVSS7.7AI score0.01792EPSS
Exploits5References6
AlmaLinux
AlmaLinux
•added 2022/02/01 8:12 p.m.•15 views

sos bug fix and enhancement update

The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be used for diagnostic purposes and debugging. Bug Fixes and Enhancements: sosreport should use new AlmaLinux Secure FTP instead of dropbox for...

0.3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:10 p.m.•15 views

gnome-control-center bug fix update

The gnome-control-center package contains configuration utilities for the GNOME desktop, which allow to configure accessibility options, desktop fonts, keyboard and mouse properties, sound setup, desktop theme and background, user interface properties, screen resolution, and other settings. Bug...

1.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:9 p.m.•17 views

nispor bug fix and enhancement update

The nispor packages provide an API for network status querying. Bug Fixes and Enhancements: VLAN filtering cannot be configured with Intel X710 BZ2040317...

1.7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:9 p.m.•17 views

virt:rhel bug fix update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

6.7AI score
Exploits0References1
Total number of security vulnerabilities5340