5323 matches found
idm:DL1 bug fix update
AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fixes: IPA krb5kdc crash possible doublefree ipadbmspacstructfree finishprocessasreq BZ1930562 krb5kdc is crashing...
resource-agents bug fix and enhancement update
The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Bug Fixes and Enhancements: azure-lb: nc listener dies when attempting to write to stdou...
pcs bug fix and enhancement update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Bug Fixes and Enhancements: Pcsd logs to system log by mistake BZ1919318...
Important: flatpak security update
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: "file forwarding" feature can be used to gain unprivileged access to files CVE-2021-21381 For more details about the security issues, including the impact, a CVSS score,...
Moderate: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
Important: openssl security update
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: NULL pointer dereference in signaturealgorithms processing CVE-2021-3449 openssl: CA certificate...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Security Fixes: Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read CVE-2021-23981 Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Security Fixes: Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read CVE-2021-23981 Mozilla: Memor...
Important: pki-core:10.6 security update
The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: pki-core: Unprivileged users can renew any certificate CVE-2021-20179 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
Important: wpa_supplicant security update
The wpasupplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 IEEE 802.11i / RSN, and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association o...
Important: .NET Core on RHEL 8 security and bugfix update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.104 and .NET Runtime 5.0.4...
Important: dotnet3.1 security and bugfix update
.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.113 and .NET Core...
Important: dotnet security and bugfix update
.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 2.1.522 and .NET Core...
Important: nodejs:14 security and bug fix update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.16.0. Security Fixes: nodejs: HTTP2 'unknownProtocol' cause DoS by resource...
Important: nodejs:10 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.24.0. Security Fixes: nodejs: HTTP2 'unknownProtocol' cause DoS by resource...
Important: nodejs:12 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.21.0. Security Fixes: nodejs: HTTP2 'unknownProtocol' cause DoS by resource...
Important: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
Moderate: grub2 security update
The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2: acpi comma...
Important: container-tools:2.0 security update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: container users permissions are not respected in privileged containers CVE-2021-20188 For more details about the security issues, including the impact, a CVSS...
Important: container-tools:1.0 security update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: container users permissions are not respected in privileged containers CVE-2021-20188 For more details about the security issues, including the impact, a CVSS...
Important: bind security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0. Security Fixes: Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968 Mozilla: Content Security Policy violation report...
Critical: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR. Security Fixes: Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968...
microcode_ctl bug fix and enhancement update
The microcodectl packages provide microcode updates for Intel and AMD processors. Bug Fixes and Enhancements: rhel-8.3.0.z HPEMC 8.3.z REGRESSION Regression in intel microcode as of 20201110 BZ1907898...
Important: stunnel security update
Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection encrypted using SSL or TLS or to provide an encrypted means of connecting to services that do not natively support encryption. Security Fixes: stunnel: client...
Important: xterm security update
The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. Security Fixes: xterm: crash when processing combining characters CVE-2021-27135 For more details about the...
tuned bug fix and enhancement update
The tuned packages provide a service that tunes system settings according to a selected profile. Bug Fixes and Enhancements: AlmaLinux-8.2 Tuned causes duplication of kernel comand line flags. BZ1918995...
subscription-manager bug fix and enhancement update
The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the AlmaLinux entitlement platform. Bug Fixes and Enhancements: RFE Automatic Registration for Cloud Virtual Systems BZ1918775 The rhsmcertd contains confusing log...
postfix bug fix and enhancement update
The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Bug Fixes and Enhancements: backport TLS 1.3 support to postfix 3.3.1 as provided in 3.3.2 BZ1919233...
dbxtool bug fix and enhancement update
The dbxtool packages provide a command line utility and a one-shot systemd service for applying UEFI Secure Boot DBX updates. Bug Fixes and Enhancements: Dell AlmaLinux 8.2 BUG dbxtool: fails to list with 'EFI Signature List is malformed' BZ1912474...
NetworkManager bug fix and enhancement update
NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...
dbus bug fix and enhancement update
D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Bug Fixes and Enhancements: dbus-x11 could start per-connect session bus when user does ssh X11 DISPLAY forwarding BZ1916124...
kmod bug fix and enhancement update
The kmod packages provide various programs needed for automatic loading and unloading of modules under 2.6, 3.x, and later kernels, as well as other module management programs. Bug Fixes and Enhancements: Symbolic links are not created after applying an errata kernel BZ1915253...
kexec-tools bug fix and enhancement update
The kexec-tools packages contain the /sbin/kexec binary and utilities that together form the user-space component of the kernel's kexec feature. The /sbin/kexec binary facilitates a new kernel to boot using the kernel's kexec feature either on a normal or a panic reboot. The kexec fastboot...
Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: locking issue in drivers/tty/ttyjobctrl.c can lead to an use-after-free CVE-2020-29661 kernel: performance counters race condition use-after-free CVE-2020-14351 kernel: ICMP rate limiting...
Moderate: perl security update
Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: corruption of intermediate language state of compiled regular expression due to recursive Sstudychunk calls leads to DoS CVE-2020-12723 For more details...
glibc bug fix and enhancement update
The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Bug Fixes and Enhancement...
samba bug fix and enhancement update
Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Bug Fixes and Enhancements: DFS links broken in 4.12 BZ1903555...
lvm2 bug fix and enhancement update
The lvm2 packages include complete support for handling read and write operations on physical volumes, creating volume groups from one or more physical volumes, and creating one or more logical volumes in volume groups. Bug Fixes and Enhancements: lvmvdo7 manpage bugs manpage needs refinement...
dracut bug fix and enhancement update
The dracut packages contain an event-driven initial RAM file system initramfs generator infrastructure based on the udev device manager. The virtual file system, initramfs, is loaded together with the kernel at boot time and initializes the system, so it can read and boot from the root partition...
cloud-init bug fix and enhancement update
The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: Azure Update existing user password RHEL8x BZ1916839...
Moderate: nodejs:14 security and bug fix update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.15.4. Security Fixes: nodejs-npm-user-validate: improper input validation when...
pcp bug fix and enhancement update
Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Bug Fixes and...
Moderate: nodejs:12 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.20.1, nodejs-nodemon 2.0.3. Security Fixes: nodejs-mixin-deep: prototype pollutio...
Moderate: nodejs:10 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.23.1. Security Fixes: libuv: buffer overflow in realpath CVE-2020-8252...
idm:DL1 bug fix and enhancement update
AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fixes and Enhancements: IPA WebUI inaccessible after upgrading to AlmaLinux 8.3.- idoverride-memberof.js missing...
container-tools:2.0 bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fixes: podman exec is fragile in the presence of signals BZ1913294...
nmstate bug fix and enhancement update
Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner. Bug Fixes and Enhancements: Only a default gw is supported per device BZ1910193 SR-IOV i40e After setting SR-IOV number of VFs, nmstate reports success before VFs links are...
rpm-ostree bug fix and enhancement update
The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used both on client systems and on server-side composes. The rpm-ostree-client package provides commands for client systems to perform upgrades and...
telnet bug fix and enhancement update
Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. Bug Fixes and Enhancements: in.telnetd needs to tolerate temporary EIO...