Lucene search
K
AlmalinuxRecent

5340 matches found

AlmaLinux
AlmaLinux
•added 2021/08/16 9:9 a.m.•54 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.13.0. Security Fixes: Mozilla: Uninitialized memory in a canvas object could have led to memory corruption CVE-2021-29980 Mozilla: Incorrect instruction reordering during JIT optimization...

6.8CVSS1.8AI score0.01451EPSS
Exploits5References6
AlmaLinux
AlmaLinux
•added 2021/08/16 9:8 a.m.•30 views

Important: compat-exiv2-026 security update

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Security Fixes: exiv2: Heap-based buffer...

2.5AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/08/16 9:8 a.m.•20 views

Important: exiv2 security update

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Security Fixes: exiv2: Heap-based buffer...

2.5AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/08/16 8:0 a.m.•31 views

Important: sssd security update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

9.3CVSS9.3AI score0.02524EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/08/12 6:29 a.m.•46 views

Important: .NET 5.0 security and bugfix update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address security vulnerabilities are now available. The updated versions are .NET SDK 5.0.206 and .NET Runtime 5.0.9...

5CVSS2AI score0.03858EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2021/08/11 6:43 p.m.•41 views

Low: .NET Core 2.1 security and bugfix update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 2.1.525 and .NET Core...

2.1CVSS2.7AI score0.01265EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/08/11 6:21 p.m.•46 views

Important: .NET Core 3.1 security and bugfix update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address security vulnerabilities are now available. The updated versions are .NET SDK 3.1.118 and .NET Runtime 3.1.18...

5CVSS2AI score0.03858EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2021/08/10 12:10 p.m.•20 views

resource-agents bug fix and enhancement update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Bug Fixes and Enhancements: podman resource agent logs spurious failed resource actions...

3.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 12:1 p.m.•11 views

systemtap bug fix and enhancement update

SystemTap is an instrumentation system for systems running the Linux kernel, which allows developers to write scripts to collect data on the operation of the system. Bug Fixes and Enhancements: kernel panic at stpbuildidcheck.constprop.65+0x1c7 with centos debuginfo when stap runs BZ1966742...

2.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 12:1 p.m.•23 views

gcc-toolset-10-valgrind bug fix and enhancement update

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. Bug fixes: incorrect pkgconfig virtual provides in devel packages BZ1968378 For instructions on usage, see Using GCC Toolset linked from th...

2.8AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/08/10 12:1 p.m.•22 views

gcc-toolset-10-elfutils bug fix and enhancement update

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. Bug fixes: incorrect pkgconfig virtual provides in devel packages BZ1968380 For instructions on usage, see Using GCC Toolset linked from th...

2.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 12:1 p.m.•31 views

Moderate: cloud-init security update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Security Fixes: cloud-init: randomly generated passwords logged in clear-text to...

1.4AI score0.00219EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/08/10 12:1 p.m.•71 views

Low: 389-ds:1.4 security and bug fix update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succee...

0.4AI score0.01428EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/08/10 12:1 p.m.•23 views

pcp bug fix and enhancement update

Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Bug Fixes and...

7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 12:1 p.m.•24 views

gnome-shell-extensions bug fix and enhancement update

GNOME Shell extensions allow for modifying the default GNOME Shell interface and its parts, such as window management and application launching. Bug Fixes and Enhancements: RFE Disable left edge gesture BZ1962169...

1.7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 12:0 p.m.•93 views

Moderate: go-toolset:rhel8 security, bug fix, and enhancement update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The following packages have been upgraded to a later upstream version: golang 1.15.14. BZ1982287 Security Fixes: golang: encoding/xml: infinite loop when using xml.NewTokenDecoder with a cust...

5CVSS0.06975EPSS
Exploits2References4
AlmaLinux
AlmaLinux
•added 2021/08/10 12:0 p.m.•45 views

Low: libuv security update

libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fixes: libuv: out-of-bounds read in uvidnatoascii can lead to information disclosures or crashes CVE-2021-22918 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

5.3CVSS1.5AI score0.23132EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2021/08/10 12:0 p.m.•38 views

Moderate: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.17.3. BZ1978203 Security Fixes: nodejs-hosted-git-info: Regular Expression denial...

7.5CVSS7.3AI score0.23132EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2021/08/10 12:0 p.m.•36 views

Moderate: nodejs:12 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.22.3. BZ1978201 Security Fixes: nodejs-hosted-git-info: Regular Expression denial...

7.5CVSS7.3AI score0.23132EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2021/08/10 12:0 p.m.•14 views

vulkan bug fix and enhancement update

The vulkan packages contain the reference ICD loader and validation layers for Vulkan, a graphics and compute API for cross-platform access to modern GPUs. Bug Fixes and Enhancements: Rebase vulkan-loader in 8.5 BZ1952989 Rebase vulkan-headers in 8.5 BZ1952990 Rebase spirv-headers in 8.5 BZ195299...

2.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 12:0 p.m.•15 views

nmstate bug fix and enhancement update

Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner. Bug Fixes and Enhancements: Cannot configure IP on an ovs interface which has the same name with ovs bridge BZ1979220 libnmstate expects VF to be named differently to its...

0.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 12:0 p.m.•23 views

container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/08/10 12:0 p.m.•10 views

esc bug fix and enhancement update

The esc packages contain the Enterprise Security Client ESC, which allows the user to manage security smart cards. The primary function of the tool is to enroll smart cards, so that they can be used for common cryptographic operations, such as to secure e-mail and website access. Bug Fixes and...

1.4AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/08/10 11:59 a.m.•16 views

fence-agents bug fix and enhancement update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Bug Fixes and Enhancements: fenceaws: add filter parameter to be able to limit which...

1.5AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:59 a.m.•17 views

Important: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe BZ1956284 For more details about the security...

1.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:59 a.m.•14 views

libwacom bug fix and enhancement update

The libwacom packages contain a library that provides access to a tablet model database. The libwacom packages expose the contents of this database to applications, allowing for tablet-specific user interfaces. The libwacom packages allow the GNOME tools to automatically configure screen mappings...

3.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:59 a.m.•17 views

ostree bug fix and enhancement update

OSTree is a tool for managing bootable, immutable, versioned file system trees. Bug Fixes and Enhancements: sysroot: Handle ro /boot but rw /sysroot BZ1969452...

2.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:59 a.m.•46 views

Moderate: rust-toolset:rhel8 security, bug fix, and enhancement update

Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. The following packages have been upgraded to a later upstream version: rust 1.52.1. BZ1953002 Security Fixes: rust: optimization for joining strings can cause...

7.5CVSS1AI score0.0289EPSS
Exploits5References7
AlmaLinux
AlmaLinux
•added 2021/08/10 11:58 a.m.•12 views

stalld bug fix and enhancement update

stalld package provides a mechanism used to prevent the starvation of operating system threads in a Linux system. Bug fixes: stalld: buffer overflow when specifying cpu-list rhel-8.4.0.z BZ1955523...

2.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:58 a.m.•55 views

Moderate: virt:rhel and virt-devel:rhel security and bug fix update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

6.7CVSS7.4AI score0.02515EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2021/08/10 11:56 a.m.•13 views

systemd bug fix and enhancement update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

1.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:56 a.m.•38 views

Moderate: glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: integer overflow in...

7.5CVSS8.3AI score0.0408EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/08/10 11:56 a.m.•111 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: race condition in net/can/bcm.c leads to local privilege escalation CVE-2021-3609 kernel: Improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks CVE-2021-22543 kernel:...

8.7CVSS8AI score0.78684EPSS
Exploits23References3
AlmaLinux
AlmaLinux
•added 2021/08/10 11:55 a.m.•12 views

nfs-utils bug fix and enhancement update

The nfs-utils packages provide a daemon for the kernel Network File System NFS server and related tools, which provides better performance than the traditional Linux NFS server used by most users. These packages also contain the mount.nfs, umount.nfs, and showmount programs. Bug Fixes and...

3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:55 a.m.•19 views

NetworkManager bug fix and enhancement update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

1.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:55 a.m.•18 views

opencryptoki bug fix and enhancement update

The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...

1.2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:55 a.m.•19 views

virt-what bug fix and enhancement update

The virt-what utility is used to detect whether the operating system is running inside a virtual machine. Bug Fixes and Enhancements: Nutanix AHV is detected as hyperv BZ1979952...

1.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:55 a.m.•16 views

kexec-tools bug fix and enhancement update

The kexec-tools packages contain the /sbin/kexec binary and utilities that together form the user-space component of the kernel's kexec feature. The /sbin/kexec binary facilitates a new kernel to boot using the kernel's kexec feature either on a normal or a panic reboot. The kexec fastboot...

1.6AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:55 a.m.•15 views

selinux-policy bug fix and enhancement update

The selinux-policy packages contain the rules that govern how confined processes run on the system. Bug Fixes and Enhancements: SELinux is preventing kexec from read access on the file /var/lib/kdump/initramfs-kdump.img BZ1976260...

2.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:54 a.m.•17 views

samba bug fix and enhancement update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Bug Fixes and Enhancements: /sbin/ldconfig: /lib64/libsmbldap.so.2 is no...

1.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:54 a.m.•21 views

pcsc-lite bug fix and enhancement update

PC/SC Lite provides a Windows SCard compatible interface for communicating with smart cards, smart card readers, and other security tokens. Bug Fixes: Increase global reader array size to 48 to address issue with RHCS secure channel creation BZ1972569 Increase global reader array size to 48 to...

1.4AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/08/10 11:54 a.m.•20 views

autofs bug fix and enhancement update

The autofs utility controls the operation of the automount daemon. The daemon automatically mounts file systems when in use and unmounts them when they are not busy. Bug Fixes and Enhancements: autofs: already mounted as other than autofs or failed to unlink entry in tree BZ1973888...

2.2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:54 a.m.•24 views

perl bug fix and enhancement update

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Bug Fixes and Enhancements: perl-net-ping wrong return value on failing DNS name lookup BZ1973176...

1.6AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/10 11:54 a.m.•15 views

mdadm bug fix and enhancement update

The mdadm packages contain a utility for creating, managing, and monitoring Linux multiple disk MD devices. Bug Fixes and Enhancements: FJ8.2 Bug: RAID volume status is not updated when multiple drives fail. BZ1965414...

1.3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/08/09 9:19 a.m.•55 views

Important: microcode_ctl security, bug fix and enhancement update

The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543 hw: Vector Register Data Sampling CVE-2020-0548 hw: L1D Cache Eviction Sampling CVE-2020-0549 hw: vt-d related privilege escalation CVE-2020-24489 hw:...

4.6CVSS2.8AI score0.00587EPSS
Exploits0References9
AlmaLinux
AlmaLinux
•added 2021/08/05 2:6 p.m.•113 views

Important: ruby:2.7 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc:...

9.3CVSS7.9AI score0.06307EPSS
Exploits3References5
AlmaLinux
AlmaLinux
•added 2021/08/02 2:30 p.m.•36 views

Important: varnish:6 security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fixes: varnish: HTTP/2 request smuggling attack via a large Content-Length header for ...

6.4CVSS0.4AI score0.01599EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/07/29 11:25 a.m.•16 views

dotnet5.0 bugfix update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update .NET 5.0 to SDK 5.0.205 and Runtime 5.0.8 BZ1985446...

1.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/07/26 10:57 a.m.•49 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Security Fixes: Mozilla: IMAP server responses sent by a MITM prior to STARTTLS could be processed CVE-2021-29969 Mozilla: Use-after-free in accessibility features of a document...

6.8CVSS1.4AI score0.03582EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2021/07/21 7:31 a.m.•50 views

Important: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: Incorrect comparison during range check elimination Hotspot, 8264066 CVE-2021-2388 OpenJDK: FTP PASV command response can cause FtpClient to...

7.5CVSS1.2AI score0.04238EPSS
Exploits0References3
Total number of security vulnerabilities5340