5340 matches found
Low: file-roller security update
File Roller is an application for creating and viewing archives files, such as tar or zip files. Security Fixes: file-roller: directory traversal via directory symlink pointing outside of the target directory incomplete fix for CVE-2020-11736 CVE-2020-36314 For more details about the security...
cockpit-appstream bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
vsftpd bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: exiv2 security, bug fix, and enhancement update
Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to ...
Moderate: qt5 security, bug fix, and enhancement update
Qt is a software toolkit for developing applications. The following packages have been upgraded to a later upstream version: adwaita-qt 1.2.1, python-qt5 5.15.0, qgnomeplatform 0.7.1, qt5 5.15.2, qt5-qt3d 5.15.2, qt5-qtbase 5.15.2, qt5-qtconnectivity 5.15.2, qt5-qtdeclarative 5.15.2, qt5-qtdoc...
pcp bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
libreoffice-voikko bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
corosync bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
annobin bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
socat bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
texlive bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
virt-viewer bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
sil-nuosu-fonts bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
mariadb-connector-odbc bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: python-jinja2 security update
The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Security Fixes: python-jinja2: ReDoS vulnerability due to the sub-pattern CVE-2020-28493 For...
Moderate: python39:3.9 and python39-devel:3.9 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
rhel-system-roles bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: python-lxml security update
lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fixes: python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS CVE-2021-28957 For more details about the security issues, including the...
nmstate bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: go-toolset:rhel8 security, bug fix, and enhancement update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The following packages have been upgraded to a later upstream version: golang 1.16.7. BZ1938071 Security Fixes: golang: net: lookup functions may return invalid host names CVE-2021-33195...
evince bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: container-tools:rhel8 security, bug fix, and enhancement update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: buildah: Host environment variables leaked in build container when using chroot isolation CVE-2021-3602 containers/storage: DoS via malicious image CVE-2021-20291 For...
Moderate: dnsmasq security and bug fix update
The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: fixed outgoing port used when --server is used with an interface name CVE-2021-3448 For more details about the security issues,...
modulemd-tools bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Moderate: python27:2.7 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Moderate: python36:3.6 security and bug fix update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Moderate: python-pillow security update
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...
fence-agents bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Low: pcs security, bug fix, and enhancement update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. The following packages have been upgraded to a later upstream version: pcs 0.10.10. BZ1935594 Security Fixes: jquery: Cross-site scripting XSS via HTML tags containing whitespaces CVE-2020-7656...
Moderate: resource-agents security, bug fix, and enhancement update
The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Security Fixes: python-pygments: Infinite loop in SML lexer may lead to DoS CVE-2021-202...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.3.0. Security Fixes: Mozilla: Use-after-free in HTTP2 Session object Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3 Mozilla: iframe sandbox rules did not apply to XS...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.3.0 ESR. Security Fixes: Mozilla: Use-after-free in HTTP2 Session object Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3...
openscap bug fix and enhancement update
The OpenSCAP suite enables integration of the Security Content Automation Protocol SCAP line of standards. The openscap packages provide the OpenSCAP library and the oscap utility that provides various SCAP capabilities. Bug Fixes and Enhancements: Error when scanning DISA-STIG OpenSCAP profile o...
scap-security-guide bug fix and enhancement update
The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol SCAP format and constitutes a catalog of practical hardening advice, linked to government...
Moderate: webkit2gtk3 security and bug fix update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Use-after-free leading to arbitrary code execution CVE-2021-30858 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
brasero bug fix and enhancement update
The brasero packages provide a disc-burning program, which serves as a graphical front-end to to the cdrtools, cdrskin, and growisofs utilities, and, optionally, to libburn. Bug Fixes and Enhancements: Brasero cannot burn BluRay disks BZ2005826...
idm:DL1 bug fix update
AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fixes: Dirsrv memory leak BZ2003607...
container-tools:3.0 bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fixes: kubelet service fail to load EnvironmentFile due to SELinux denial BZ1999245 3.0-8.5.0: Under load, container failed to be created due to missing cgroup scope BZ1999264...
osbuild-composer bug fix and enhancement update
OSBuild-Composer provides an image-building service based on OSBuild. Bug fixes and Enhancements: OSBuild Composer can now work with multiple subscriptions and custom CA certificates. This is useful, for instance, when the host system is subscribed to multiple repositories managed by Satellite...
vulkan-validation-layers bug fix and enhancement update
The vulkan-validation-layers package provides Vulkan validation layers that can be enabled to assist development by enabling verification of applications' correct use of the Vulkan application programming interfaces API. Bug Fixes and Enhancements: Symbol export was missing. BZ1991465...
sudo bug fix and enhancement update
The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Bug Fixes and Enhancements: Request to backport...
NetworkManager bug fix and enhancement update
NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...
Moderate: libsolv security update
The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fixes: libsolv: heap-based buffer overflow in poolinstallable in src/repo.h CVE-2021-33928 libsolv: heap-based buffer overflow in pooldisabledsolvable in src/repo.h CVE-2021-33929...
Moderate: curl security update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols CVE-2021-22946 curl: Server responses...
Moderate: samba security update
Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Negative idmap cache entries can cause incorrect...
Moderate: python3 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free CVE-2020-36385 kernel: out-of-bounds write due to a heap buffer overflow in hidinputchangeresolutionmultipliers of...
nfs-utils bug fix and enhancement update
The nfs-utils packages provide a daemon for the kernel Network File System NFS server and related tools, which provides better performance than the traditional Linux NFS server used by most users. These packages also contain the mount.nfs, umount.nfs, and showmount programs. Bug Fixes and...
iptables bug fix and enhancement update
The iptables utility controls the network packet filtering code in the Linux kernel. Bug Fixes and Enhancements: iptables-nft returns incorrect result for -C when concurrently running BZ1990016...
rasdaemon bug fix and enhancement update
The rasdaemon packages provide a RAS Reliability, Availability and Serviceability logging tool, which records memory errors, using the EDAC tracing events. Bug Fixes and Enhancements: RFE latest rasdaemon hardware check for ROME and MILAN BZ1975506...