5340 matches found
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.4.0 ESR. Security Fixes: Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while...
Important: mailman:2.1 security update
Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover CVE-2021-44227 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Critical: nss security update
Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fixes: nss: Memory corruption in decodeECorDsaSignature with DSA signatures and RSA-PSS CVE-2021-43527 For more details about the...
kronosnet bug fix update
Kronosnet knet is a network abstraction layer designed for High Availability use cases. Bug Fixes and Enhancements: Revert defrag buffer changes that could potentially cause instability. BZ2023847...
.NET 5.0 bugfix update
.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update to 6ce5818b1c1828ccdc8ac63d460d029c6391a401 almalinux-8.5.0.z BZ2024345...
Important: mailman:2.1 security update
Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks and account takeover CVE-2021-42097 mailman: CSRF token derived from admin password allows offline brute-force attack CVE-2021-42096 For more details about t...
Moderate: llvm-toolset:rhel8 security update
LLVM Toolset provides the LLVM compiler infrastructure framework, the Clang compiler for the C and C++ languages, the LLDB debugger, and related tools for code analysis. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks...
Moderate: gcc-toolset-10-binutils security update
The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: Developer environment:...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Insufficient validation of user-supplied sizes for the MSGCRYPTO message type CVE-2021-43267 kernel: timer tree corruption leads to missing wakeup and system freeze CVE-2021-20317 For mor...
Important: freerdp security update
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: improper client input validation for gateway connections allows...
httpd:2.4 bug fix update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Bug Fixes: proxy rewrite to unix socket fails with CVE-2021-40438 fix BZ2017854, BZ2017855, BZ2017856...
Moderate: binutils security update
The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: Developer environment:...
Moderate: gcc-toolset-11-binutils security update
The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: Developer environment:...
Moderate: annobin security update
Annobin provides a compiler plugin to annotate and tools to examine compiled binary files. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced in annobin in order to facilitate...
Moderate: gcc-toolset-10-annobin security update
Annobin provides a compiler plugin to annotate and tools to examine compiled binary files. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced in annobin in order to facilitate...
Moderate: gcc-toolset-11-annobin security update
Annobin provides a compiler plugin to annotate and tools to examine compiled binary files. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced in annobin in order to facilitate...
Moderate: rust-toolset:rhel8 security update
Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes wer...
Moderate: gcc security update
The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were...
Moderate: gcc-toolset-11-gcc security update
The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were...
Moderate: gcc-toolset-10-gcc security update
The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were...
tzdata bug fix and enhancement update
The tzdata packages contain data files with rules for various time zones. Bug Fixes and Enhancements: Update to tzdata-2021d and tzdata-2021e - changes for Pacific/Fiji and Asia/Gaza BZ2016370...
sssd bug fix and enhancement update
The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...
.NET 6.0 bugfix and enhancement update
This updates .NET 6 to SDK 6.0.100 RC 2 and Runtime 6.0.0 RC 2...
Important: java-17-openjdk security update
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation Libraries, 8266689 CVE-2021-35567 OpenJDK: Excessive memory allocation i...
flatpak bug fix and enhancement update
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Bug Fixes and Enhancements: CVE-2021-41133 flatpak: sandbox bypass via recent VFS-manipulating syscalls BZ2012868...
gnome-shell-extensions bug fix and enhancement update
GNOME Shell extensions allow for modifying the default GNOME Shell interface and its parts, such as window management and application launching. Bug Fixes and Enhancements: gnome-shell-extension-heads-up-display not in CS8 / AlmaLinux 8.5 composes BZ2014404...
Important: httpd:2.4 security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in AlmaLinux CVE-2021-20325 For more details about the security issues, including the impact, a CVSS score,...
.NET 5.0 bugfix update
Monthly update for .NET 5.0 for October 2021, for AlmaLinux 8.5...
.NET Core 3.1 bugfix update
This is the monthly update for .NET Core 3.1 for October 2021...
ibus bug fix update
The Intelligent Input Bus IBus is an input method framework for multilingual input in Unix-like operating systems. Bug fix: Previously, in GNOME Wayland desktop in AlmaLinux 8.5, the IBus emoji candidate pop-up was used with IBus UI and the selected candidate could not inserted into the target...
java-1.8.0-openjdk bug fix and enhancement update
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Bug Fixes and Enhancements: EMBARGOED java-1.8.0-openjdk: JDK: Oracle CPU 2021-10 BZ2012338...
java-11-openjdk bug fix and enhancement update
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fixes and Enhancements: java-11-openjdk: JDK: Oracle CPU 2021-10 BZ2012334...
Moderate: vim security update
Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: heap-based buffer overflow in utfptr2char in mbyte.c CVE-2021-3778 vim: use-after-free in nvreplace in normal.c CVE-2021-3796 For more details about the security issues, including the impact, a CVSS score,...
authselect bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
libldb bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
iproute bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: json-c security and bug fix update
JSON-C implements a reference counting object model that allows users to easily construct JavaScript Object Notation JSON objects in C, output them as JSON formatted strings, and parse JSON formatted strings back into the C representation of JSON objects. Security Fixes: json-c: integer overflow...
sevctl bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: python38:3.8 and python38-devel:3.8 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Important: mingw-glib2 security, bug fix, and enhancement update
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. The following packages have been upgraded to...
mingw-filesystem bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
dwarves bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
cppcheck bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
dotnet5.0-build-reference-packages bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
dotnet-build-reference-packages bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
po4a bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: autotrace security update
AutoTrace is a program for converting bitmaps to vector graphics. Security Fixes: autotrace: bitmap double free in main.c allows attackers to cause an unspecified impact CVE-2019-19005 autotrace: integer overflow in input-bmp.c CVE-2019-19004 For more details about the security issues, including...
usermode bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
libcap bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
strace bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...