5340 matches found
bluez bug fix and enhancement update
The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts AlmaLinux, and pcmcia configuration files. Bug Fixes and Enhancements: Dell 8.4 BUG Bluetooth keyboard paired and connected but does not work on...
Important: flatpak security update
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Sandbox bypass via recent VFS-manipulating syscalls CVE-2021-41133 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...
tzdata bug fix and enhancement update
The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2021e, which addresses recent time zone changes. Notably: The Pacific/Fiji timezone has suspended daylight saving time DST for the 2021/2022 season. The 'zic -r' command now...
firefox bug fix and enhancement update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Bug Fixes and Enhancements: When FIPS is Enabled on a RHEL 7.9/8.4 system, Firefox 91.2 will crash almost immediately BZ2016388...
Important: redis:6 security update
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...
Important: java-11-openjdk security update
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using Kerberos...
Important: java-1.8.0-openjdk security and bug fix update
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using Kerberos...
Important: redis:5 security update
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.2.0. Security Fixes: Mozilla: Use-after-free in MessageTask CVE-2021-38496 Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 CVE-2021-38500 Mozilla:...
Important: .NET 5.0 security and bugfix update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.208 and .NET Runtime 5.0.11...
.NET Core 3.1 bugfix update
.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update .NET Core 3.1 to SDK 3.1.120 and Runtime 3.1.20 almalinux-8.4.0.z BZ2011821...
Important: httpd:2.4 security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxy: SSRF via a crafted request uri-path containing "unix:" CVE-2021-40438 httpd: modsession: Heap overflow via a crafted SessionHeader value CVE-2021-26691 For more...
tzdata bug fix and enhancement update
The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2021c, which addresses recent time zone changes. Notably: Samoa does not switch to the daylight saving time DST in 2021. BZ2007732, BZ2007785, BZ2008251, BZ2010126, BZ2010127...
Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Snapshot authentication bypass CVE-2021-39226 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.2.0 ESR. Security Fixes: Mozilla: Use-after-free in MessageTask CVE-2021-38496 Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR...
Important: nodejs:14 security and bug fix update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22930 nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22940...
container-tools:rhel8 bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fix: kubelet service fail to load EnvironmentFile due to SELinux denial BZ2005053...
Important: nodejs:12 security and bug fix update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22930 nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22940...
poppler bug fix and enhancement update
Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Bug Fixes and Enhancements: Unable to open certain PDF documents BZ2002638...
grub2 bug fix and enhancement update
The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Bug Fixes and Enhancements: Make...
libdb bug fix and enhancement update
The libdb packages provide the Berkeley Database, an embedded database supporting both traditional and client/server applications. Bug Fixes and Enhancements: FJ8.4 Bug: REGThe rpm command hangs and the CPU usage reaches 100% BZ2001972...
gcc-toolset-10-elfutils bug fix update
GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. Bug fix: The gcc-toolset-10-elfutils-devel package has been updated to provide a fix that will facilitate upgrading to upcoming AlmaLinux...
selinux-policy bug fix and enhancement update
The selinux-policy packages contain the rules that govern how confined processes run on the system. Bug Fixes and Enhancements: RFE: Grant rpc.gssd access to $HOME/.k5identity in selinux-policy BZ1995594...
strace bug fix and enhancement update
The strace utility intercepts and records the system calls that are made and received by a running process and prints a record of each system call, its arguments, and its return value to standard error output or a file. It is often used for problem diagnoses, debugging, and for instructional...
Moderate: mysql:8.0 security, bug fix, and enhancement update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.26. BZ1996693 Security Fixes: mysql: Server: Stored Procedure multiple...
pcp bug fix and enhancement update
Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Bug Fixes and...
opencryptoki bug fix and enhancement update
The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...
subscription-manager bug fix and enhancement update
The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the AlmaLinux entitlement platform. Bug Fixes and Enhancements: RFE subscription-manager should return a module stream's "activity" in the modular profile BZ1993897...
Moderate: go-toolset:rhel8 security update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet CVE-2021-29923 For more details about the security issues, including the...
python3 bug fix and enhancement update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. This package...
sos bug fix and enhancement update
The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be used for diagnostic purposes and debugging. Bug Fixes and Enhancements: rhel-8.4.0.z sosreport needs to collect data about conversions and upgrades...
Moderate: curl security update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Content not matching hash in Metalink is not being discarded CVE-2021-22922 curl: Metalink download sends credentials...
resource-agents bug fix and enhancement update
The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Bug Fixes and Enhancements: LVM-activate: Start operation always recreates drop-in file...
pacemaker bug fix and enhancement update
The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Bug Fixes and Enhancements: pacemaker seems to end up in an unfence loop BZ1972273 On a three-node cluster if two nodes are...
python-ldap bug fix and enhancement update
The python-ldap packages provide an object-oriented API for working with LDAP within Python programs. It allows access to LDAP directory servers by using the OpenLDAP 2.x libraries, and contains modules for other LDAP-related tasks including processing LDIF, LDAPURLs, LDAPv3 schema, etc.. Bug Fix...
Moderate: krb5 security update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...
gcc-toolset-10-binutils bug fix update
Binutils is a collection of binary utilities, including ar for creating, modifying, and extracting from archives, as a family of GNU assemblers, gprof for displaying call graph profile data, ld the GNU linker, nm for listing symbols from object files, objcopy for copying and translating object...
rng-tools bug fix and enhancement update
The rng-tools packages contain random number generator user-space utilities, such as the rngd daemon. Bug Fixes and Enhancements: rngd uses 100% CPU while in a yield loop BZ1966437...
ca-certificates bug fix and enhancement update
The ca-certificates package contains a set of Certificate Authority CA certificates chosen by the Mozilla Foundation for use with the Internet Public Key Infrastructure PKI. Bug Fixes and Enhancements: Annual 2021 ca-certificates update 2.48 from nss 3.66 for Firefox 91 BZ1971200...
Moderate: nss and nspr security, bug fix, and enhancement update
Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. The following packages have been upgrad...
Moderate: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: SVM nested virtualization issue in KVM AVIC support CVE-2021-3653 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
.NET 5.0 bugfix update
.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update .NET 5.0 to SDK 5.0.207 and Runtime 5.0.10 rhel-8.4.0.z BZ2000460...
.NET Core 3.1 bugfix update
.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update .NET Core 3.1 to SDK 3.1.119 and Runtime 3.1.19 BZ2000459...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.14.0. Security Fixes: Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1 CVE-2021-38493 For more details about the security issues, including the...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.14.0 ESR. Security Fixes: Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1 CVE-2021-38493 For more...
Important: cyrus-imapd security update
The Cyrus IMAP server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contacts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. Security Fixes: cyrus-imapd: Denial of service via string hashing algorithm collisions CVE-2021-33582 For more details...
Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: powerpc: KVM guest OS users can cause host OS memory corruption CVE-2021-37576 kernel: slab-out-of-bounds access in xdrsetpagebase in net/sunrpc/xdr.c CVE-2021-38201 For more details abou...
Important: libsndfile security update
libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution CVE-2021-3246 For more details about the security issues, including the impact, a CVSS...
.NET Core 2.1 bugfix update
.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: BUGTITLE BZXYZ...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.13.0 ESR. Security Fixes: Mozilla: Uninitialized memory in a canvas object could have led to memory corruption CVE-2021-29980 Mozilla: Incorre...