Lucene search
K
AlmalinuxRecent

5340 matches found

AlmaLinux
AlmaLinux
•added 2021/07/21 7:28 a.m.•44 views

Important: java-11-openjdk security update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: Incorrect comparison during range check elimination Hotspot, 8264066 CVE-2021-2388 OpenJDK: FTP PASV command response can cause FtpClient to...

7.5CVSS1.2AI score0.04238EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2021/07/20 7:58 p.m.•61 views

Important: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

4.9CVSS1AI score0.0865EPSS
Exploits2References1
AlmaLinux
AlmaLinux
•added 2021/07/20 1:30 p.m.•79 views

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: sizet-to-int conversion vulnerability in the filesystem layer CVE-2021-33909 kernel: race condition for removal of the HCI controller CVE-2021-32399 For more details about the security...

7.8CVSS7.7AI score0.09729EPSS
Exploits7References2
AlmaLinux
AlmaLinux
•added 2021/07/16 8:34 p.m.•18 views

firefox bugfix update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.12.0 ESR. Bug Fixes and Enhancements: Cannot reach websites after update from 78.11.0-3 to 78.12.0-1 BZ1983018...

3.7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/07/15 2:11 p.m.•35 views

.NET Core 3.1 bugfix update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update .NET Core 3.1 to SDK 3.1.117 and Runtime 3.1.17 BZ1978407...

1.3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/07/15 1:9 p.m.•13 views

.NET 5.0 bugfix update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update .NET 5.0 to SDK 5.0.205 and Runtime 5.0.8 BZ1980412...

1.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/07/15 10:46 a.m.•46 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.12.0 ESR. Security Fixes: Mozilla: Use-after-free in accessibility features of a document CVE-2021-29970 Mozilla: Memory safety bugs fixed in...

6.8CVSS1.3AI score0.03582EPSS
Exploits1References3
AlmaLinux
AlmaLinux
•added 2021/07/06 2:17 p.m.•30 views

Important: linuxptp security update

The linuxptp packages provide Precision Time Protocol PTP implementation for Linux according to IEEE standard 1588 for Linux. The dual design goals are to provide a robust implementation of the standard and to use the most relevant and modern Application Programming Interfaces API offered by the...

8CVSS1.1AI score0.02955EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/06/29 2:4 p.m.•16 views

resource-agents bug fix and enhancement update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Bug Fixes and Enhancements: aws-vpc-move-ip: Enable eni lookup for AWS shared networks v...

1.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 2:0 p.m.•18 views

gnome-session bug fix and enhancement update

The gnome-session package manages the GNOME desktop session. It starts up other core components of GNOME and handles logouts and saving of the sessions. Bug Fixes and Enhancements: gnome-session kiosk-session support still isn't up to muster BZ1959505...

0.5AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 2:0 p.m.•48 views

Moderate: 389-ds:1.4 security and bug fix update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: syncrepl NULL pointer dereference in synccreatestatecontrol...

4CVSS0.7AI score0.01177EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/06/29 1:59 p.m.•13 views

go-toolset:rhel8 bug fix and enhancement update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Bug Fixes and Enhancements: Rebase go-toolset to 1.15.13 BZ1967698 Memory consumption containermemoryrss steadily growing for /system.slice/kubelet.service when FIPS enabled BZ1969700...

7.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:59 p.m.•16 views

cmake bug fix and enhancement update

CMake is an open source, cross-platform build system that is used to control the software compilation process using simple platform- and compiler-independent configuration files. CMake generates native makefiles and workspaces that can be used in the compiler environment of your choice. Bug Fixes...

1.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:59 p.m.•22 views

idm:DL1 bug fix update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fixes: ipa: ipa-server-upgrade is failing while upgrading 8.3 to 8.4: Only attempt to upgrade ACME configuration fil...

1.8AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/06/29 1:59 p.m.•33 views

Moderate: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: possible heap corruption with LzmaUefiDecompressGetInfo CVE-2021-28211 For more details about the security issues,...

4.6CVSS0.5AI score0.00386EPSS
Exploits1References1
AlmaLinux
AlmaLinux
•added 2021/06/29 1:58 p.m.•25 views

cloud-init bug fix and enhancement update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: Intermittent failure to start cloud-init due to failu...

1.6AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:58 p.m.•14 views

nmstate bug fix update

Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner. Bug fixes: Incorrectly choose unmanaged interface for DNS configurations. BZ1961914 Activation failure for changing OVS VLAN ID. BZ1961913 Activation failure for changing MTU...

1.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:58 p.m.•75 views

Moderate: ruby:2.6 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 2.6.7. BZ1952627 Security Fixes: rubygem-bundler: Insecure permissions...

8.1CVSS8.4AI score0.06811EPSS
Exploits2References10
AlmaLinux
AlmaLinux
•added 2021/06/29 1:58 p.m.•91 views

Moderate: ruby:2.5 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 2.5.9. BZ1952626 Security Fixes: ruby: NUL injection vulnerability of...

8.1CVSS8.1AI score0.06811EPSS
Exploits2References9
AlmaLinux
AlmaLinux
•added 2021/06/29 1:58 p.m.•16 views

rsyslog bug fix and enhancement update

The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Bug Fixes and Enhancements: rsyslog fails to execute actions due to having a too lar...

2.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:57 p.m.•17 views

osbuild-composer bug fix update

Osbuild-composer provides an image-building service based on osbuild. Bug fixes: RHEL for Edge Container Commit fails silently when Repo URL doesn't have a trailing slash. BZ1951192 Unstable ordering of results from osbuild v2 causes test failures. BZ1955094...

1.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:57 p.m.•89 views

Moderate: ruby:2.7 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 2.7.3. BZ1951999 Security Fixes: ruby: Potential HTTP request smugglin...

7.5CVSS8.1AI score0.05061EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2021/06/29 1:57 p.m.•52 views

Moderate: python38:3.8 and python38-devel:3.8 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

10CVSS8.9AI score0.05984EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2021/06/29 1:44 p.m.•15 views

openldap bug fix and enhancement update

OpenLDAP is an open-source suite of Lightweight Directory Access Protocol LDAP applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, an...

0.7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:44 p.m.•20 views

firewalld bug fix and enhancement update

firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface. Bug Fixes and Enhancements: allow firewalld to set 16+ char long device names interfaces like ovs interfaces can be BZ1955594...

3.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:44 p.m.•16 views

nvme-cli bug fix and enhancement update

The nvme-cli packages provide the Non-volatile Memory Express NVMe command-line interface to manage and configure NVMe controllers. Bug Fixes and Enhancements: Lenovo 8.5 FEAT nvme-cli update BZ1970382...

2.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:44 p.m.•22 views

unzip bug fix and enhancement update

The unzip utility is used to list, test, and extract files from zip archives. Bug Fixes and Enhancements: Sync the various fixes for the zip-bomb detection cloned for AlmaLinux 8.4.z BZ1970326...

1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:43 p.m.•14 views

subscription-manager bug fix and enhancement update

The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the AlmaLinux entitlement platform. Bug Fixes and Enhancements: dnf uploadprofile does not read variables set by files in /etc/yum/vars/ BZ1951053...

3.2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:43 p.m.•25 views

NetworkManager bug fix and enhancement update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

1.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:43 p.m.•40 views

Moderate: lz4 security update

The lz4 packages provide support for LZ4, a very fast, lossless compression algorithm that provides compression speeds of 400 MB/s per core and scales with multicore CPUs. It also features an extremely fast decoder that reaches speeds of multiple GB/s per core and typically reaches RAM speed limi...

9.8CVSS9.7AI score0.03216EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2021/06/29 1:43 p.m.•30 views

Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: Signature checks bypass via corrupted rpm package CVE-2021-20271 For more details about the security issues...

5.1CVSS2.1AI score0.00827EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/06/29 1:43 p.m.•11 views

sanlock bug fix and enhancement update

The sanlock packages provide a shared storage lock manager. Hosts with shared access to a block device or a file can use sanlock to synchronize their activities. VDSM and libvirt use sanlock to synchronize access to shared devices or files. Bug Fixes and Enhancements: bad client message causes...

0.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:42 p.m.•22 views

systemd bug fix and enhancement update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

1.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:42 p.m.•19 views

sssd bug fix and enhancement update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

7.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:42 p.m.•44 views

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in net/bluetooth/hcievent.c when destroying an hcichan CVE-2021-33034 kernel: security bypass in certs/blacklist.c and certs/systemkeyring.c CVE-2020-26541 For more details...

7.8CVSS7.7AI score0.00819EPSS
Exploits2References2
AlmaLinux
AlmaLinux
•added 2021/06/29 1:42 p.m.•88 views

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Use-after-free in xmlEncodeEntitiesInternal in entities.c CVE-2021-3516 libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal in entities.c CVE-2021-3517 libxml2...

8.8CVSS8.4AI score0.0828EPSS
Exploits1References5
AlmaLinux
AlmaLinux
•added 2021/06/29 1:42 p.m.•16 views

kexec-tools bug fix and enhancement update

The kexec-tools packages contain the /sbin/kexec binary and utilities that together form the user-space component of the kernel's kexec feature. The /sbin/kexec binary facilitates a new kernel to boot using the kernel's kexec feature either on a normal or a panic reboot. The kexec fastboot...

1.6AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/29 1:41 p.m.•50 views

Moderate: fwupd security update

The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled CVE-2020-14372 grub2: Use-after-free in rmmod command CVE-2020-25632 grub2: Out-of-bounds...

7.2CVSS2.5AI score0.01738EPSS
Exploits0References7
AlmaLinux
AlmaLinux
•added 2021/06/29 1:41 p.m.•12 views

tuned bug fix and enhancement update

The tuned packages provide a service that tunes system settings according to a selected profile. Bug Fixes and Enhancements: Updates to the mssql tuned profile BZ1945617...

2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/14 7:0 p.m.•13 views

libpq bug fix and enhancement update

The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. The following packages have been upgraded to a later upstream version: libpq 13.3. BZ1966205...

3.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/06/10 9:54 a.m.•63 views

Important: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 13.3. Security Fixes: postgresql: Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027 postgresql: Memor...

8.8CVSS8.4AI score0.0199EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2021/06/10 8:45 a.m.•51 views

Important: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 12.7 Security Fixes: postgresql: Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027 postgresql: Memory...

8.8CVSS7.8AI score0.0199EPSS
Exploits2References5
AlmaLinux
AlmaLinux
•added 2021/06/10 7:45 a.m.•46 views

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: vulnerable to symlink exchange attack CVE-2021-30465 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

8.5CVSS8.3AI score0.06604EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2021/06/10 7:45 a.m.•48 views

Important: container-tools:3.0 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: vulnerable to symlink exchange attack CVE-2021-30465 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

8.5CVSS8.3AI score0.06604EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2021/06/09 12:54 p.m.•24 views

Important: gupnp security update

GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible. Security Fixes: gupnp: allows DNS rebinding which could result in tricking browser into...

8.1CVSS7.9AI score0.01084EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2021/06/09 11:21 a.m.•50 views

Important: postgresql:10 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 10.17. Security Fixes: postgresql: Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027 postgresql: Memo...

6.5CVSS1.6AI score0.0199EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2021/06/09 11:21 a.m.•47 views

Important: postgresql:9.6 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 9.6.22 Security Fixes: postgresql: Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027 postgresql: Memo...

8.8CVSS8.4AI score0.0199EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2021/06/09 9:19 a.m.•28 views

Important: dhcp security update

The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to...

3.3CVSS0.9AI score0.06118EPSS
Exploits1References1
AlmaLinux
AlmaLinux
•added 2021/06/08 11:43 p.m.•42 views

Important: microcode_ctl security, bug fix and enhancement update

The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: vt-d related privilege escalation CVE-2020-24489 hw: improper isolation of shared resources in some Intel Processors CVE-2020-24511 hw: observable timing discrepancy in some Intel Processors CVE-2020-24512 hw:...

4.6CVSS1.9AI score0.00472EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2021/06/08 11:31 p.m.•95 views

Important: libwebp security update

The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format RIFF. Webmasters, web...

7.5CVSS2.5AI score0.02662EPSS
Exploits0References3
Total number of security vulnerabilities5340