Lucene search
K
AlmalinuxRecent

5340 matches found

AlmaLinux
AlmaLinux
•added 2022/02/01 8:9 p.m.•19 views

nmstate bug fix and enhancement update

Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner. Bug Fixes and Enhancements: nmstate changes names of existing ovs-bridge ports when attaching a veth BZ2034139 libnmstate expects VF to be named differently to its actual nam...

0.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:9 p.m.•13 views

tcpdump bug fix and enhancement update

The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. Bug Fixes and Enhancements: RFE tcpdump support for direction and interface needed in AlmaLinux8...

7.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:9 p.m.•26 views

pki-core:10.6 bug fix and enhancement update

The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Bug Fixes and Enhancements: Reinstall of the same ipa-replica fails with 'RuntimeError: CA configuration failed.' BZ2024676 ipa: ERROR: 'Certificate operation cannot be completed: Unable...

1.9AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/02/01 8:9 p.m.•21 views

freeradius:3.0 bug fix update

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized authentication and authorization for a network. Bug Fix: radiusd segfault with null homeserver in processproxyreply BZ2031168...

3.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:9 p.m.•27 views

frr bug fix update

FRRouting is free software that manages TCP/IP based routing protocols. It takes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP, and BFD. Bug Fixes: FRR reloader...

1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:9 p.m.•23 views

vulkan bug fix and enhancement update

The vulkan packages contain the reference ICD loader and validation layers for Vulkan, a graphics and compute API for cross-platform access to modern GPUs. Bug Fixes and Enhancements: Rebase vulkan-loader in 8.6 BZ2016391 Rebase vulkan-headers in 8.6 BZ2016392 Rebase spirv-headers in 8.6 BZ201639...

2.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:9 p.m.•19 views

ostree bug fix and enhancement update

OSTree is a tool for managing bootable, immutable, versioned file system trees. Bug Fixes and Enhancements: backport https://github.com/ostreedev/ostree/pull/2453 BZ2029578...

1.6AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:8 p.m.•16 views

container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.5AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/02/01 8:8 p.m.•16 views

tigervnc bug fix and enhancement update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Bug...

7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:8 p.m.•108 views

Moderate: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.18.2, nodejs-nodemon 2.0.15. BZ2027609 Security Fixes: nodejs-json-schema:...

9.8CVSS8.7AI score0.04456EPSS
Exploits6References10
AlmaLinux
AlmaLinux
•added 2022/02/01 8:7 p.m.•17 views

clevis bug fix and enhancement update

Clevis is a pluggable framework for automated decryption. It can be used to provide automated decryption of data or even automated unlocking of LUKS volumes. The clevis packages provide the client side of the Network Bound Disk Encryption NBDE project. Bug Fixes and Enhancements: Server hangs in...

1.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/02/01 8:6 p.m.•49 views

container-tools:3.0 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. For detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section...

7.1CVSS2.4AI score0.01587EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2022/02/01 8:3 p.m.•25 views

resource-agents bug fix and enhancement update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Bug Fixes and Enhancements: gcp-vpc-move-vip, gcp-vpc-move-route, gcp-pd-move: A failed...

2.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/01/31 3:40 p.m.•60 views

Critical: samba security and bug fix update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Out-of-bounds heap read/write vulnerability in VF...

9CVSS9.1AI score0.74042EPSS
Exploits1References1
AlmaLinux
AlmaLinux
•added 2022/01/31 9:52 a.m.•133 views

Important: nginx:1.20 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. The following packages have been upgraded to a later upstream version: nginx 1.20.1. BZ2031030 Security Fixes: nginx: Off-by-one in ngxresolvercopy when labels...

7.7CVSS8AI score0.52838EPSS
Exploits10References2
AlmaLinux
AlmaLinux
•added 2022/01/31 9:51 a.m.•18 views

.NET Core 3.1 bugfix and enhancement update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update .NET Core 3.1 to SDK 3.1.416 and Runtime 3.1.22 almalinux-8.5.0.z BZ2031429...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/01/27 1:47 p.m.•58 views

Moderate: java-1.8.0-openjdk security and bug fix update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Insufficient URI checks in the XS...

5.3CVSS6.5AI score0.08346EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2022/01/26 2:27 p.m.•60 views

Important: parfait:0.5 security update

Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot PCP using the Memory Mapped Value MMV machinery for...

9.8CVSS10.3AI score0.81147EPSS
Exploits10References5
AlmaLinux
AlmaLinux
•added 2022/01/25 5:38 p.m.•57 views

Important: polkit security update

The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Security Fixes: polkit: Local privilege escalation in pkexec due to incorrect handling of argument...

7.8CVSS1.9AI score0.94921EPSS
Exploits151References2
AlmaLinux
AlmaLinux
•added 2022/01/25 12:49 p.m.•211 views

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modlua: Possible buffer overflow when parsing multipart content CVE-2021-44790 For more details about the security issues, including the impact, a CVSS score, acknowledgment...

9.8CVSS1.3AI score0.97108EPSS
Exploits4References2
AlmaLinux
AlmaLinux
•added 2022/01/24 9:3 a.m.•54 views

Moderate: java-11-openjdk security update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Incorrect reading of TIFF files in...

5.3CVSS6.6AI score0.08346EPSS
Exploits0References15
AlmaLinux
AlmaLinux
•added 2022/01/19 7:11 p.m.•35 views

Important: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

7.5CVSS7.9AI score0.02699EPSS
Exploits1References1
AlmaLinux
AlmaLinux
•added 2022/01/19 1:59 p.m.•81 views

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: xfs: raw block device data leak in XFSIOCALLOCSP IOCTL CVE-2021-4155 kernel: fscontext: heap overflow in legacy parameter handling CVE-2022-0185 For more details about the security issues...

8.4CVSS7.8AI score0.25151EPSS
Exploits11References2
AlmaLinux
AlmaLinux
•added 2022/01/19 9:43 a.m.•36 views

Important: gegl04 security update

GEGL Generic Graphics Library is a graph-based image processing framework. Security Fixes: gegl: shell expansion via a crafted pathname CVE-2021-45463 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE...

7.8CVSS2.5AI score0.01439EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/01/19 8:53 a.m.•54 views

Moderate: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Incorrect reading of TIFF files in...

5.3CVSS6.6AI score0.08346EPSS
Exploits0References15
AlmaLinux
AlmaLinux
•added 2022/01/12 11:30 a.m.•35 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Security Fixes: Mozilla: Iframe sandbox bypass with XSLT CVE-2021-4140 Mozilla: Race condition when playing audio files CVE-2022-2273...

10CVSS9.2AI score0.0134EPSS
Exploits6References12
AlmaLinux
AlmaLinux
•added 2022/01/12 11:29 a.m.•43 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Security Fixes: Mozilla: Iframe sandbox bypass with XSLT CVE-2021-4140 Mozilla: Race condition when playing audio files CVE-2022-22737 Mozilla: Heap-buffer-overflow in...

10CVSS9.1AI score0.0134EPSS
Exploits6References12
AlmaLinux
AlmaLinux
•added 2022/01/11 7:1 p.m.•17 views

.NET 6.0 bugfix update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update .NET 6.0 to SDK 6.0.101 and Runtime 6.0.1 almalinux-8.5.0.z BZ2030391...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2022/01/03 7:30 a.m.•68 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: net/http: limit growth of header canonicalization cache CVE-2021-44716 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS1.3AI score0.03958EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/12/21 9:11 a.m.•16 views

cloud-init bug fix and enhancement update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: cloud-init.service fails to start after package updat...

7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/12/21 9:11 a.m.•57 views

Low: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

6.5CVSS7.3AI score0.00358EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2021/12/21 9:10 a.m.•45 views

Moderate: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 13.5. Security Fixes: postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from...

8.1CVSS7.7AI score0.01901EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2021/12/21 9:10 a.m.•60 views

Moderate: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 12.9. Security Fixes: postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from...

8.1CVSS7.7AI score0.01901EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2021/12/21 9:9 a.m.•23 views

gnome-shell-extensions bug fix and enhancement update

GNOME Shell extensions allow for modifying the default GNOME Shell interface and its parts, such as window management and application launching. Bug Fixes and Enhancements: Disable unfullscreen gesture or a function to switch between normal mode and fullscreen mode BZ2009192 Desktop icons extensi...

1.3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/12/21 9:9 a.m.•17 views

java-11-openjdk bug fix and enhancement update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fixes and Enhancements: While in FIPS mode, the NSS Software Token does not allow the import of private or secret plain keys. This caused the OpenJDK keytool...

6.7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/12/21 9:8 a.m.•14 views

poppler bug fix and enhancement update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Bug Fixes and Enhancements: Unable to open certain PDF documents BZ2002691...

1.7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/12/21 9:8 a.m.•20 views

accountsservice bug fix and enhancement update

The accountsservice project provides a set of D-Bus interfaces for querying and manipulating user account information. It is based on the useradd, usermod, and userdel commands. Bug Fixes and Enhancements: HP WS AlmaLinux 8.5 bug Desktop presentation changes between reboots when logging in as roo...

7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/12/21 9:7 a.m.•23 views

sssd bug fix and enhancement update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

7.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/12/21 9:7 a.m.•50 views

Moderate: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: In Overlayfs missing a check for a negative dentry before calling vfsrename CVE-2021-20321 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

4.7CVSS6.4AI score0.00213EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/12/21 9:7 a.m.•59 views

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Read buffer overruns processing ASN.1 strings CVE-2021-3712 For more details about the security...

5.8CVSS1.4AI score0.50445EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/12/21 9:6 a.m.•21 views

kexec-tools bug fix and enhancement update

The kexec-tools packages contain the /sbin/kexec binary and utilities that together form the user-space component of the kernel's kexec feature. The /sbin/kexec binary facilitates a new kernel to boot using the kernel's kexec feature either on a normal or a panic reboot. The kexec fastboot...

1.6AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/12/21 9:6 a.m.•21 views

opencryptoki bug fix and enhancement update

The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...

0.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/12/16 7:31 p.m.•18 views

systemd bug fix and enhancement update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

1.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/12/16 9:37 a.m.•19 views

selinux-policy bug fix and enhancement update

The selinux-policy packages contain the rules that govern how confined processes run on the system. Bug Fixes and Enhancements: RHEL 8.4 Backport container-selinux policy to allow spct domains to set bpf rules on any domain BZ2015846 AVC prevents ping -I from running in UBI 8 container BZ2027691...

1.2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/12/15 7:9 p.m.•50 views

Moderate: nodejs:16 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.13.1, nodejs-nodemon 2.0.15. BZ2027610 Security Fixes: nodejs-json-schema:...

9.8CVSS8.9AI score0.04456EPSS
Exploits6References8
AlmaLinux
AlmaLinux
•added 2021/12/15 4:11 p.m.•73 views

Important: go-toolset:rhel8 security and bug fix update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net/http: limit growth of header canonicalization cache CVE-2021-44716 golang: syscall: don't close fd 0 on ForkExec error CVE-2021-44717 For more details about the...

7.5CVSS0.6AI score0.03958EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2021/12/15 1:44 p.m.•12 views

.NET 5.0 bugfix update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update .NET 5.0 to SDK 5.0.210 and Runtime 5.0.13 almalinux-8.5.0.z BZ2030738...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/12/15 7:39 a.m.•41 views

Moderate: idm:DL1 security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets CVE-2020-25719 For more...

9CVSS7.5AI score0.01673EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2021/12/13 8:15 a.m.•92 views

Important: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Active Directory AD domain user could become root...

8.5CVSS7.9AI score0.01953EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2021/12/09 12:14 p.m.•57 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.4.0. Security Fixes: Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 BZ2030116 Mozilla: URL leakage when navigating while executing asynchronous function CVE-2021-435...

8.8CVSS0.8AI score0.0202EPSS
Exploits0References10
Total number of security vulnerabilities5340