Lucene search
K
AlmalinuxRecent

5340 matches found

AlmaLinux
AlmaLinux
•added 2021/11/09 8:32 a.m.•32 views

Low: file-roller security update

File Roller is an application for creating and viewing archives files, such as tar or zip files. Security Fixes: file-roller: directory traversal via directory symlink pointing outside of the target directory incomplete fix for CVE-2020-11736 CVE-2020-36314 For more details about the security...

3.9CVSS5AI score0.00768EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2021/11/09 8:32 a.m.•16 views

cockpit-appstream bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/09 8:31 a.m.•16 views

vsftpd bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/09 8:31 a.m.•59 views

Moderate: exiv2 security, bug fix, and enhancement update

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to ...

7.8CVSS7.3AI score0.02555EPSS
Exploits3References12
AlmaLinux
AlmaLinux
•added 2021/11/09 8:31 a.m.•55 views

Moderate: qt5 security, bug fix, and enhancement update

Qt is a software toolkit for developing applications. The following packages have been upgraded to a later upstream version: adwaita-qt 1.2.1, python-qt5 5.15.0, qgnomeplatform 0.7.1, qt5 5.15.2, qt5-qt3d 5.15.2, qt5-qtbase 5.15.2, qt5-qtconnectivity 5.15.2, qt5-qtdeclarative 5.15.2, qt5-qtdoc...

7.1CVSS6.5AI score0.00511EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2021/11/09 8:31 a.m.•16 views

pcp bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/09 8:30 a.m.•14 views

libreoffice-voikko bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/09 8:29 a.m.•12 views

corosync bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/09 8:29 a.m.•13 views

annobin bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/09 8:28 a.m.•10 views

socat bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/11/09 8:27 a.m.•14 views

texlive bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/09 8:27 a.m.•11 views

virt-viewer bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/09 8:27 a.m.•22 views

sil-nuosu-fonts bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/11/09 8:27 a.m.•14 views

mariadb-connector-odbc bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/11/09 8:26 a.m.•61 views

Moderate: python-jinja2 security update

The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Security Fixes: python-jinja2: ReDoS vulnerability due to the sub-pattern CVE-2020-28493 For...

5.3CVSS6AI score0.03546EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2021/11/09 8:26 a.m.•79 views

Moderate: python39:3.9 and python39-devel:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.8CVSS7.3AI score0.11586EPSS
Exploits6References8
AlmaLinux
AlmaLinux
•added 2021/11/09 8:26 a.m.•17 views

rhel-system-roles bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/09 8:26 a.m.•58 views

Moderate: python-lxml security update

lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fixes: python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS CVE-2021-28957 For more details about the security issues, including the...

6.1CVSS6.7AI score0.04002EPSS
Exploits1References1
AlmaLinux
AlmaLinux
•added 2021/11/09 8:26 a.m.•14 views

nmstate bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/09 8:25 a.m.•66 views

Moderate: go-toolset:rhel8 security, bug fix, and enhancement update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The following packages have been upgraded to a later upstream version: golang 1.16.7. BZ1938071 Security Fixes: golang: net: lookup functions may return invalid host names CVE-2021-33195...

7.5CVSS7.2AI score0.034EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2021/11/09 8:25 a.m.•19 views

evince bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/09 8:24 a.m.•133 views

Moderate: container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: buildah: Host environment variables leaked in build container when using chroot isolation CVE-2021-3602 containers/storage: DoS via malicious image CVE-2021-20291 For...

7.1CVSS6.6AI score0.01587EPSS
Exploits1References3
AlmaLinux
AlmaLinux
•added 2021/11/09 8:24 a.m.•38 views

Moderate: dnsmasq security and bug fix update

The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: fixed outgoing port used when --server is used with an interface name CVE-2021-3448 For more details about the security issues,...

4.3CVSS5.3AI score0.01988EPSS
Exploits1References1
AlmaLinux
AlmaLinux
•added 2021/11/09 8:24 a.m.•16 views

modulemd-tools bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/11/09 8:24 a.m.•68 views

Moderate: python27:2.7 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.8CVSS8.1AI score0.35963EPSS
Exploits5References9
AlmaLinux
AlmaLinux
•added 2021/11/09 8:24 a.m.•67 views

Moderate: python36:3.6 security and bug fix update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7.9AI score0.03832EPSS
Exploits1References3
AlmaLinux
AlmaLinux
•added 2021/11/09 8:24 a.m.•49 views

Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow:...

9.8CVSS7.5AI score0.04851EPSS
Exploits0References15
AlmaLinux
AlmaLinux
•added 2021/11/09 8:23 a.m.•21 views

fence-agents bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/09 8:21 a.m.•82 views

Low: pcs security, bug fix, and enhancement update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. The following packages have been upgraded to a later upstream version: pcs 0.10.10. BZ1935594 Security Fixes: jquery: Cross-site scripting XSS via HTML tags containing whitespaces CVE-2020-7656...

6.9CVSS7.1AI score0.8383EPSS
Exploits9References2
AlmaLinux
AlmaLinux
•added 2021/11/09 8:20 a.m.•71 views

Moderate: resource-agents security, bug fix, and enhancement update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Security Fixes: python-pygments: Infinite loop in SML lexer may lead to DoS CVE-2021-202...

7.5CVSS7.9AI score0.03832EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2021/11/04 4:3 p.m.•30 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.3.0. Security Fixes: Mozilla: Use-after-free in HTTP2 Session object Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3 Mozilla: iframe sandbox rules did not apply to XS...

10CVSS9.3AI score0.0383EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2021/11/03 7:23 p.m.•33 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.3.0 ESR. Security Fixes: Mozilla: Use-after-free in HTTP2 Session object Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3...

10CVSS9.3AI score0.0383EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2021/11/02 10:34 a.m.•16 views

openscap bug fix and enhancement update

The OpenSCAP suite enables integration of the Security Content Automation Protocol SCAP line of standards. The openscap packages provide the OpenSCAP library and the oscap utility that provides various SCAP capabilities. Bug Fixes and Enhancements: Error when scanning DISA-STIG OpenSCAP profile o...

7.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/02 10:34 a.m.•18 views

scap-security-guide bug fix and enhancement update

The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol SCAP format and constitutes a catalog of practical hardening advice, linked to government...

6.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/02 10:34 a.m.•41 views

Moderate: webkit2gtk3 security and bug fix update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Use-after-free leading to arbitrary code execution CVE-2021-30858 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

6.8CVSS9.2AI score0.13486EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/11/02 10:33 a.m.•14 views

brasero bug fix and enhancement update

The brasero packages provide a disc-burning program, which serves as a graphical front-end to to the cdrtools, cdrskin, and growisofs utilities, and, optionally, to libburn. Bug Fixes and Enhancements: Brasero cannot burn BluRay disks BZ2005826...

7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/02 10:33 a.m.•19 views

idm:DL1 bug fix update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fixes: Dirsrv memory leak BZ2003607...

3.5AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/11/02 10:33 a.m.•20 views

container-tools:3.0 bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fixes: kubelet service fail to load EnvironmentFile due to SELinux denial BZ1999245 3.0-8.5.0: Under load, container failed to be created due to missing cgroup scope BZ1999264...

2.4AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/11/02 10:32 a.m.•20 views

osbuild-composer bug fix and enhancement update

OSBuild-Composer provides an image-building service based on OSBuild. Bug fixes and Enhancements: OSBuild Composer can now work with multiple subscriptions and custom CA certificates. This is useful, for instance, when the host system is subscribed to multiple repositories managed by Satellite...

7.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/02 10:32 a.m.•18 views

vulkan-validation-layers bug fix and enhancement update

The vulkan-validation-layers package provides Vulkan validation layers that can be enabled to assist development by enabling verification of applications' correct use of the Vulkan application programming interfaces API. Bug Fixes and Enhancements: Symbol export was missing. BZ1991465...

7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/02 7:49 a.m.•18 views

sudo bug fix and enhancement update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Bug Fixes and Enhancements: Request to backport...

6.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/02 7:49 a.m.•35 views

NetworkManager bug fix and enhancement update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/02 7:49 a.m.•34 views

Moderate: libsolv security update

The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fixes: libsolv: heap-based buffer overflow in poolinstallable in src/repo.h CVE-2021-33928 libsolv: heap-based buffer overflow in pooldisabledsolvable in src/repo.h CVE-2021-33929...

7.5CVSS8.1AI score0.01462EPSS
Exploits4References4
AlmaLinux
AlmaLinux
•added 2021/11/02 7:49 a.m.•72 views

Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols CVE-2021-22946 curl: Server responses...

5CVSS7.9AI score0.04224EPSS
Exploits2References2
AlmaLinux
AlmaLinux
•added 2021/11/02 7:48 a.m.•37 views

Moderate: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Negative idmap cache entries can cause incorrect...

6.8CVSS7.2AI score0.01616EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/11/02 7:48 a.m.•53 views

Moderate: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

4CVSS7.4AI score0.04675EPSS
Exploits1References1
AlmaLinux
AlmaLinux
•added 2021/11/02 7:47 a.m.•53 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free CVE-2020-36385 kernel: out-of-bounds write due to a heap buffer overflow in hidinputchangeresolutionmultipliers of...

8.8CVSS9AI score0.01476EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2021/11/02 7:46 a.m.•19 views

nfs-utils bug fix and enhancement update

The nfs-utils packages provide a daemon for the kernel Network File System NFS server and related tools, which provides better performance than the traditional Linux NFS server used by most users. These packages also contain the mount.nfs, umount.nfs, and showmount programs. Bug Fixes and...

6.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/02 7:46 a.m.•18 views

iptables bug fix and enhancement update

The iptables utility controls the network packet filtering code in the Linux kernel. Bug Fixes and Enhancements: iptables-nft returns incorrect result for -C when concurrently running BZ1990016...

7.2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/02 7:46 a.m.•14 views

rasdaemon bug fix and enhancement update

The rasdaemon packages provide a RAS Reliability, Availability and Serviceability logging tool, which records memory errors, using the EDAC tracing events. Bug Fixes and Enhancements: RFE latest rasdaemon hardware check for ROME and MILAN BZ1975506...

7AI score
Exploits0
Total number of security vulnerabilities5340