Lucene search
K
AlmalinuxRecent

5323 matches found

AlmaLinux
AlmaLinux
•added 2021/04/06 1:31 p.m.•16 views

idm:DL1 bug fix update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fixes: IPA krb5kdc crash possible doublefree ipadbmspacstructfree finishprocessasreq BZ1930562 krb5kdc is crashing...

1.6AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/04/06 1:30 p.m.•12 views

resource-agents bug fix and enhancement update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Bug Fixes and Enhancements: azure-lb: nc listener dies when attempting to write to stdou...

3.5AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/04/06 1:30 p.m.•22 views

pcs bug fix and enhancement update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Bug Fixes and Enhancements: Pcsd logs to system log by mistake BZ1919318...

2.1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/04/06 7:26 a.m.•28 views

Important: flatpak security update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: "file forwarding" feature can be used to gain unprivileged access to files CVE-2021-21381 For more details about the security issues, including the impact, a CVSS score,...

5.8CVSS1.3AI score0.01546EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/04/05 4:17 p.m.•83 views

Moderate: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

6.5CVSS6.9AI score0.0051EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2021/03/29 7:3 p.m.•62 views

Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: NULL pointer dereference in signaturealgorithms processing CVE-2021-3449 openssl: CA certificate...

5.8CVSS1.5AI score0.62906EPSS
Exploits4References2
AlmaLinux
AlmaLinux
•added 2021/03/25 11:31 a.m.•31 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Security Fixes: Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read CVE-2021-23981 Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR...

6.8CVSS0.5AI score0.01404EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2021/03/25 11:30 a.m.•26 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Security Fixes: Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read CVE-2021-23981 Mozilla: Memor...

6.8CVSS0.1AI score0.01404EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2021/03/23 10:29 a.m.•32 views

Important: pki-core:10.6 security update

The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: pki-core: Unprivileged users can renew any certificate CVE-2021-20179 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

5.5CVSS2.8AI score0.01187EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/03/11 7:9 a.m.•35 views

Important: wpa_supplicant security update

The wpasupplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 IEEE 802.11i / RSN, and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association o...

5.4CVSS2.4AI score0.01228EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/03/09 8:33 p.m.•35 views

Important: .NET Core on RHEL 8 security and bugfix update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.104 and .NET Runtime 5.0.4...

7.5CVSS2.8AI score0.30315EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/03/09 7:46 p.m.•34 views

Important: dotnet3.1 security and bugfix update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.113 and .NET Core...

7.5CVSS2.8AI score0.30315EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/03/09 7:44 p.m.•32 views

Important: dotnet security and bugfix update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 2.1.522 and .NET Core...

7.5CVSS2.8AI score0.30315EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/03/08 9:55 a.m.•46 views

Important: nodejs:14 security and bug fix update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.16.0. Security Fixes: nodejs: HTTP2 'unknownProtocol' cause DoS by resource...

7.8CVSS8AI score0.77385EPSS
Exploits1References3
AlmaLinux
AlmaLinux
•added 2021/03/04 3:17 p.m.•55 views

Important: nodejs:10 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.24.0. Security Fixes: nodejs: HTTP2 'unknownProtocol' cause DoS by resource...

7.8CVSS8AI score0.77385EPSS
Exploits1References3
AlmaLinux
AlmaLinux
•added 2021/03/04 3:17 p.m.•35 views

Important: nodejs:12 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.21.0. Security Fixes: nodejs: HTTP2 'unknownProtocol' cause DoS by resource...

7.8CVSS8AI score0.77385EPSS
Exploits1References3
AlmaLinux
AlmaLinux
•added 2021/03/03 12:22 p.m.•44 views

Important: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

8.2CVSS8.1AI score0.00522EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2021/03/02 6:54 p.m.•68 views

Moderate: grub2 security update

The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2: acpi comma...

7.2CVSS1.3AI score0.01738EPSS
Exploits0References7
AlmaLinux
AlmaLinux
•added 2021/03/02 6:48 p.m.•33 views

Important: container-tools:2.0 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: container users permissions are not respected in privileged containers CVE-2021-20188 For more details about the security issues, including the impact, a CVSS...

7CVSS2.6AI score0.00261EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2021/03/02 6:20 p.m.•39 views

Important: container-tools:1.0 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: container users permissions are not respected in privileged containers CVE-2021-20188 For more details about the security issues, including the impact, a CVSS...

7CVSS2.6AI score0.00261EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2021/03/01 1:54 p.m.•36 views

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

6.8CVSS2.2AI score0.64161EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/02/24 2:31 p.m.•33 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0. Security Fixes: Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968 Mozilla: Content Security Policy violation report...

6.8CVSS1.4AI score0.0153EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2021/02/24 2:17 p.m.•38 views

Critical: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR. Security Fixes: Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968...

6.8CVSS1.4AI score0.0153EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2021/02/22 9:59 a.m.•14 views

microcode_ctl bug fix and enhancement update

The microcodectl packages provide microcode updates for Intel and AMD processors. Bug Fixes and Enhancements: rhel-8.3.0.z HPEMC 8.3.z REGRESSION Regression in intel microcode as of 20201110 BZ1907898...

7.1AI score0.00438EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/02/22 9:54 a.m.•26 views

Important: stunnel security update

Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection encrypted using SSL or TLS or to provide an encrypted means of connecting to services that do not natively support encryption. Security Fixes: stunnel: client...

7.5CVSS1.1AI score0.01179EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2021/02/18 2:32 p.m.•32 views

Important: xterm security update

The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. Security Fixes: xterm: crash when processing combining characters CVE-2021-27135 For more details about the...

9.8CVSS9.2AI score0.07541EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2021/02/16 7:37 a.m.•15 views

tuned bug fix and enhancement update

The tuned packages provide a service that tunes system settings according to a selected profile. Bug Fixes and Enhancements: AlmaLinux-8.2 Tuned causes duplication of kernel comand line flags. BZ1918995...

2.2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:37 a.m.•15 views

subscription-manager bug fix and enhancement update

The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the AlmaLinux entitlement platform. Bug Fixes and Enhancements: RFE Automatic Registration for Cloud Virtual Systems BZ1918775 The rhsmcertd contains confusing log...

2.5AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:37 a.m.•19 views

postfix bug fix and enhancement update

The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Bug Fixes and Enhancements: backport TLS 1.3 support to postfix 3.3.1 as provided in 3.3.2 BZ1919233...

1.3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:37 a.m.•15 views

dbxtool bug fix and enhancement update

The dbxtool packages provide a command line utility and a one-shot systemd service for applying UEFI Secure Boot DBX updates. Bug Fixes and Enhancements: Dell AlmaLinux 8.2 BUG dbxtool: fails to list with 'EFI Signature List is malformed' BZ1912474...

7.1AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/02/16 7:36 a.m.•26 views

NetworkManager bug fix and enhancement update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

1.7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:36 a.m.•18 views

dbus bug fix and enhancement update

D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Bug Fixes and Enhancements: dbus-x11 could start per-connect session bus when user does ssh X11 DISPLAY forwarding BZ1916124...

0.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:36 a.m.•15 views

kmod bug fix and enhancement update

The kmod packages provide various programs needed for automatic loading and unloading of modules under 2.6, 3.x, and later kernels, as well as other module management programs. Bug Fixes and Enhancements: Symbolic links are not created after applying an errata kernel BZ1915253...

1.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:36 a.m.•14 views

kexec-tools bug fix and enhancement update

The kexec-tools packages contain the /sbin/kexec binary and utilities that together form the user-space component of the kernel's kexec feature. The /sbin/kexec binary facilitates a new kernel to boot using the kernel's kexec feature either on a normal or a panic reboot. The kexec fastboot...

1.5AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:36 a.m.•90 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: locking issue in drivers/tty/ttyjobctrl.c can lead to an use-after-free CVE-2020-29661 kernel: performance counters race condition use-after-free CVE-2020-14351 kernel: ICMP rate limiting...

7.8CVSS8.1AI score0.06692EPSS
Exploits3References3
AlmaLinux
AlmaLinux
•added 2021/02/16 7:35 a.m.•34 views

Moderate: perl security update

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: corruption of intermediate language state of compiled regular expression due to recursive Sstudychunk calls leads to DoS CVE-2020-12723 For more details...

5CVSS1.7AI score0.05971EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/02/16 7:35 a.m.•16 views

glibc bug fix and enhancement update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Bug Fixes and Enhancement...

7.2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:35 a.m.•15 views

samba bug fix and enhancement update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Bug Fixes and Enhancements: DFS links broken in 4.12 BZ1903555...

4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:35 a.m.•10 views

lvm2 bug fix and enhancement update

The lvm2 packages include complete support for handling read and write operations on physical volumes, creating volume groups from one or more physical volumes, and creating one or more logical volumes in volume groups. Bug Fixes and Enhancements: lvmvdo7 manpage bugs manpage needs refinement...

0.7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:34 a.m.•19 views

dracut bug fix and enhancement update

The dracut packages contain an event-driven initial RAM file system initramfs generator infrastructure based on the udev device manager. The virtual file system, initramfs, is loaded together with the kernel at boot time and initializes the system, so it can read and boot from the root partition...

2.6AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:34 a.m.•13 views

cloud-init bug fix and enhancement update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: Azure Update existing user password RHEL8x BZ1916839...

1.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:34 a.m.•64 views

Moderate: nodejs:14 security and bug fix update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.15.4. Security Fixes: nodejs-npm-user-validate: improper input validation when...

9.8CVSS7.8AI score0.69062EPSS
Exploits6References8
AlmaLinux
AlmaLinux
•added 2021/02/16 7:34 a.m.•16 views

pcp bug fix and enhancement update

Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Bug Fixes and...

2.3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:34 a.m.•112 views

Moderate: nodejs:12 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.20.1, nodejs-nodemon 2.0.3. Security Fixes: nodejs-mixin-deep: prototype pollutio...

9.8CVSS8.9AI score0.16296EPSS
Exploits8References8
AlmaLinux
AlmaLinux
•added 2021/02/16 7:34 a.m.•66 views

Moderate: nodejs:10 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.23.1. Security Fixes: libuv: buffer overflow in realpath CVE-2020-8252...

9.8CVSS7.9AI score0.69062EPSS
Exploits8References11
AlmaLinux
AlmaLinux
•added 2021/02/16 7:34 a.m.•14 views

idm:DL1 bug fix and enhancement update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fixes and Enhancements: IPA WebUI inaccessible after upgrading to AlmaLinux 8.3.- idoverride-memberof.js missing...

7AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/02/16 7:33 a.m.•16 views

container-tools:2.0 bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fixes: podman exec is fragile in the presence of signals BZ1913294...

7.1AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/02/16 7:33 a.m.•25 views

nmstate bug fix and enhancement update

Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner. Bug Fixes and Enhancements: Only a default gw is supported per device BZ1910193 SR-IOV i40e After setting SR-IOV number of VFs, nmstate reports success before VFs links are...

7.3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:33 a.m.•18 views

rpm-ostree bug fix and enhancement update

The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used both on client systems and on server-side composes. The rpm-ostree-client package provides commands for client systems to perform upgrades and...

2.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:33 a.m.•24 views

telnet bug fix and enhancement update

Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. Bug Fixes and Enhancements: in.telnetd needs to tolerate temporary EIO...

2.4AI score
Exploits0
Total number of security vulnerabilities5323