Lucene search
K
AlmalinuxRecent

5323 matches found

AlmaLinux
AlmaLinux
•added 2021/02/16 7:33 a.m.•13 views

virt:rhel bug fix update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

0.6AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/02/16 7:33 a.m.•10 views

ostree bug fix and enhancement update

OSTree is a tool for managing bootable, immutable, versioned file system trees. Bug Fixes and Enhancements: Rebase Rebase to recent upstream BZ1906069...

3.2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:33 a.m.•14 views

fence-agents bug fix and enhancement update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Bug Fixes and Enhancements: fenceaws: add support for IMDSv2 BZ1905595...

1.3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:32 a.m.•18 views

libblockdev bug fix and enhancement update

The libblockdev packages provide a C library with GObject introspection support used for low-level operations on block devices. The library serves as a thin wrapper around plug-ins for specific functionality, such as LVM, Btrfs, LUKS, or MD RAID. Bug Fixes and Enhancements: libblockdev doesn't ru...

2.2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:32 a.m.•44 views

Moderate: nss security and bug fix update

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fixes: nss: Side channel attack on ECDSA signature generation CVE-2020-6829 nss: P-384 and P-521 implementation uses a side-channel...

6.4CVSS7.6AI score0.01541EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2021/02/16 7:32 a.m.•10 views

resource-agents bug fix and enhancement update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Bug Fixes and Enhancements: AWS resource agents: add support for IMDSv2 BZ1905587...

3.3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:32 a.m.•15 views

rust-toolset:rhel8 bug fix and enhancement update

Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, the cargo-vendor plugin, and required libraries. Rust Toolset has been updated to version 1.47.0 BZ1883839. For detailed information on changes in this release, see the AlmaLinux.1...

2.3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:31 a.m.•13 views

vulkan bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

1.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/16 7:31 a.m.•46 views

Moderate: container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API CVE-2020-14370 For more details about the security issues,...

5.3CVSS6AI score0.01402EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2021/02/15 7:4 a.m.•34 views

Important: subversion:1.10 security update

Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fixes: subversion: Remote unauthenticated denial of service in modauthzsvn...

7.5CVSS7.6AI score0.40075EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2021/02/01 11:2 p.m.•18 views

selinux-policy bug fix and enhancement update

The selinux-policy packages contain the rules that govern how confined processes run on the system. Bug Fixes and Enhancements: SELinux is preventing systemd-sleep from 'read' accesses on the file swap in EC2 Hibernate BZ1890884...

1AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/02/01 8:46 a.m.•22 views

Important: flatpak security update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: sandbox escape via spawn portal CVE-2021-21261 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.2CVSS1.8AI score0.0057EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/01/26 6:53 p.m.•131 views

Important: sudo security update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fixes: sudo: Heap buffer overflow in argument parsin...

7.2CVSS2.6AI score0.99295EPSS
Exploits81References1
AlmaLinux
AlmaLinux
•added 2021/01/26 2:11 p.m.•15 views

tzdata bug fix and enhancement update

The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2021a, which addresses recent time zone changes. Notably: South Sudan will change from UTC+03 to UTC+02 on February 1, 2021. BZ1919721, BZ1919720, BZ1920186...

3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/01/21 10:0 a.m.•96 views

java-1.8.0-openjdk bug fix and enhancement update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Bug Fixes and Enhancements: Currently, Java applications run with Speculative Store Bypass SSB, CVE-2018-3639 disabled. Disabling SSB results in a performance degradatio...

2.1CVSS0.3AI score0.60631EPSS
Exploits2
AlmaLinux
AlmaLinux
•added 2021/01/21 9:59 a.m.•22 views

java-11-openjdk bug fix and enhancement update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fixes and Enhancements: java-11-openjdk Seccomp related performance regression in RHEL8 BZ1901703 Prepare for the next quarterly OpenJDK upstream release 2021-01,...

6.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/01/19 12:37 p.m.•54 views

Important: dnsmasq security update

The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: heap-based buffer overflow in sortrrset when DNSSEC is enabled CVE-2020-25681 dnsmasq: buffer overflow in extractname due to missing...

8.3CVSS0.8AI score0.86692EPSS
Exploits2References7
AlmaLinux
AlmaLinux
•added 2020/12/17 3:30 p.m.•50 views

Important: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 12.5. Security Fixes: postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features...

8.8CVSS8.5AI score0.4644EPSS
Exploits0References7
AlmaLinux
AlmaLinux
•added 2020/12/17 3:20 p.m.•38 views

Important: postgresql:9.6 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 9.6.20. Security Fixes: postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features...

7.6CVSS1.7AI score0.4644EPSS
Exploits0References7
AlmaLinux
AlmaLinux
•added 2020/12/17 7:20 a.m.•24 views

Important: fapolicyd bug fix update

The fapolicyd software framework introduces a form of file access control based on a user-defined policy. The application file access control feature provides one of the most efficient ways to prevent running untrusted and possibly malicious applications on the system. Bug Fixes: When an update...

7.2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2020/12/16 8:3 a.m.•39 views

Important: postgresql:10 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 10.15. Security Fixes: postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features...

7.6CVSS1.6AI score0.4644EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2020/12/15 4:4 p.m.•15 views

389-ds:1.4 bug fix update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Bug Fixes: Entries conflict not resolved by replication BZ1904347 Duplicate entryUSN numbers for...

1.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2020/12/15 4:4 p.m.•16 views

xorg-x11-server bug fix and enhancement update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Bug Fixes and Enhancements: DELL 8.2 BUGThe modesetting driver does not gracefully handle missing connectors on EnterVT...

2.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2020/12/15 4:4 p.m.•80 views

Moderate: mariadb-connector-c security, bug fix, and enhancement update

The MariaDB Native Client library C driver is used to connect applications developed in C/C++ to MariaDB and MySQL databases. The following packages have been upgraded to a later upstream version: mariadb-connector-c 3.1.11. BZ1898993 Security Fixes: mysql: C API unspecified vulnerability CPU Apr...

8.8CVSS6.9AI score0.03485EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2020/12/15 4:3 p.m.•15 views

icedtea-web bug fix update

Migrate icedtea-web to use alt-java special binary in our JDK8 packages instead of plain java...

3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2020/12/15 4:3 p.m.•14 views

openscap bug fix and enhancement update

The OpenSCAP suite enables integration of the Security Content Automation Protocol SCAP line of standards. The openscap packages provide the OpenSCAP library and the oscap utility that provides various SCAP capabilities. Bug Fixes and Enhancements: Enable YAML probe to work with sets of values...

1.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2020/12/15 4:3 p.m.•77 views

Important: mariadb:10.3 security, bug fix, and enhancement update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb 10.3.27, galera 25.3.31. BZ1899082, BZ1899086 Security Fixes: mariadb: Insufficient SST method name check leading to cod...

9CVSS7.8AI score0.05539EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2020/12/15 4:3 p.m.•95 views

Moderate: nodejs:12 security and bug fix update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs-y18n: prototype pollution vulnerability CVE-2020-7774 c-ares: aresparsea,aaaareply insufficient naddrttls validation DoS CVE-2020-8277...

9.8CVSS8.2AI score0.69062EPSS
Exploits2References5
AlmaLinux
AlmaLinux
•added 2020/12/15 4:3 p.m.•8 views

container-tools:1.0 bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

1.6AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2020/12/15 4:3 p.m.•14 views

container-tools:2.0 bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fixes: update description and summary for container-tools module for 8.3.0 BZ1898251...

1.2AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2020/12/15 4:2 p.m.•17 views

container-tools:rhel8 bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fixes: update description and summary for container-tools module for 8.3.0 BZ1898204...

1.2AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2020/12/15 4:2 p.m.•46 views

Moderate: nginx:1.16 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: HTTP request smuggling in configurations with URL redirect used as errorpage CVE-2019-20372 For more details about the security issues,...

4.3CVSS5.9AI score0.14961EPSS
Exploits3References1
AlmaLinux
AlmaLinux
•added 2020/12/15 4:2 p.m.•16 views

virt:rhel bug fix update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

2.4AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2020/12/15 4:2 p.m.•38 views

Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS CVE-2020-24553 golang: math/big: panic during recursive division of very large numbers...

5.1CVSS3.1AI score0.03813EPSS
Exploits2References4
AlmaLinux
AlmaLinux
•added 2020/12/15 4:1 p.m.•35 views

Moderate: pacemaker security update

The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Security Fixes: pacemaker: ACL restrictions bypass CVE-2020-25654 For more details about the security issues, including the...

9CVSS7AI score0.02002EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2020/12/15 4:1 p.m.•22 views

keepalived bug fix and enhancement update

The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server IPVS kernel module providing layer-4 transport layer load balancing. Keepalived implements a set of checke...

1.9AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2020/12/15 4:1 p.m.•15 views

xdg-desktop-portal bug fix and enhancement update

The xdg-desktop-portal packages provide a portal front-end service to flatpak. Thesis service exposes a series of D-Bus interfaces known as portals under a well-known name org.freedesktop.portal.Desktop and object path /org/freedesktop/portal/desktop. The portal interfaces include APIs for file...

3.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2020/12/15 4:0 p.m.•13 views

tigervnc bug fix and enhancement update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Bug...

2.6AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2020/12/15 3:58 p.m.•34 views

Moderate: gnutls security and bug fix update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Heap buffer overflow in handshake with norenegotiation alert sent CVE-2020-24659 For more details about the...

5CVSS0.4AI score0.0373EPSS
Exploits1References1
AlmaLinux
AlmaLinux
•added 2020/12/15 3:57 p.m.•14 views

curl bug fix and enhancement update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Bug Fixes and Enhancements: libcurl: Segfault when HTTPSPROXY and NOPROXY is used together BZ1900102...

1.4AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2020/12/15 3:56 p.m.•36 views

Important: net-snmp security and bug fix update

The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol SNMP, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command...

7.2CVSS0.6AI score0.00382EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2020/12/15 3:56 p.m.•25 views

Important: linux-firmware security and enhancement update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hardware: buffer overflow in bluetooth firmware CVE-2020-12321 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

5.8CVSS1.4AI score0.0097EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2020/12/15 3:56 p.m.•14 views

systemd bug fix and enhancement update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

1.2AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2020/12/15 3:56 p.m.•207 views

iptables bug fix and enhancement update

The iptables utility controls the network packet filtering code in the Linux kernel. Bug Fixes and Enhancements: openshift-sdn reports failure with iptables-restore: CHAINUSERDEL failed Device or resource busy BZ1891880 Improve IP address match performance BZ1894619...

0.7AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2020/12/15 3:55 p.m.•64 views

Important: openssl security and bug fix update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: EDIPARTYNAME NULL pointer de-reference CVE-2020-1971 For more details about the security issues,...

4.3CVSS0.06968EPSS
Exploits3References1
AlmaLinux
AlmaLinux
•added 2020/12/14 12:34 p.m.•41 views

Important: libpq security update

The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. The following packages have been upgraded to a later upstream version: libpq 12.5. BZ1898228, BZ1901558 Security Fixes: postgresql: Reconnection can downgrade connection securi...

7.6CVSS3.6AI score0.02586EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2020/12/14 11:19 a.m.•25 views

Important: libexif security update

The libexif packages provide a library for extracting extra information from image files. Security Fixes: libexif: out of bounds write due to an integer overflow in exif-entry.c CVE-2020-0452 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...

9.8CVSS9.4AI score0.03189EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2020/11/12 2:11 p.m.•13 views

nodejs:14 bug fix and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs 14.15.0. BZ1891809...

7.1AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2020/11/12 9:17 a.m.•19 views

eclipse:rhel8 bug fix update

Eclipse is an integrated development environment IDE. The metadata for the eclipse:rhel8 module has been updated to remove the following unused profiles: c everything To check whether you have the obsolete profiles installed, run: yum module list eclipse The installed profiles have the i indicato...

1.1AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2020/11/05 8:26 a.m.•32 views

Important: freetype security update

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: freetype: Heap-based buffer overflow due to integer truncation in LoadSBitPng CVE-2020-15999 For more details about the...

9.6CVSS7.8AI score0.5063EPSS
Exploits2References2
Total number of security vulnerabilities5323