September 2023 - Announce - AlmaLinux List Archives

[Security Advisory] ALSA-2022:0188: An update for kernel is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. (Important)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Security Severity: Important Release date: 2023-09-15 Summary: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155) * kernel: fs_context: heap overflow in legacy parameter handling (CVE-2022-0185) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel show “ BUG: scheduling while atomic:xxx“ and reboot when an uncorrectable memory error injection on AlmaLinux8.4 beta and GA (BZ#2008789) * tcp: Sockets can be orphaned in the FIN-WAIT-1 or CLOSING states. (BZ#2021574) * Hostnetwork pod to service backed by hostnetwork on the same node is not working with OVN Kubernetes (BZ#2024411) * ice: bug fixes for kernel crashes (BZ#2026698) * [AlmaLinux-8.6][SanityOnly] Backport leftover migrate_disable BPF related change (BZ#2027689) * xfs: I_DONTCACHE flag is ignored [xfstests: xfs/177] (BZ#2028534) * FIPS: deadlock between PID 1 and "modprobe crypto-jitterentropy_rng" at boot, preventing system to boot (BZ#2029365) * AlmaLinux8.6: Backport upstream RCU commits up to v5.12 (BZ#2029449) * i40e,ixgbe: revert XDP partial backport from kernel 5.13 (BZ#2029845) * spec: Support separate tools build (BZ#2031053) * RCU stall WARNING: at kernel/rcu/tree.c:1392 rcu_advance_cbs_nowake+0x51/0x60 (BZ#2032579) * block: update to upstream v5.14 (BZ#2034396) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2022-0188.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2021:5146: An update for .NET 5.0 is now available for AlmaLinux. (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 5.0 to SDK 5.0.210 and Runtime 5.0.13 [almalinux-8.5.0.z] (BZ#2030738) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2021-5146.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2022:1731: An update for java-1.8.0-openjdk is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: This erratum reinstates changes made to java-1.8.0-openjdk in AlmaLinux 8.6 GA. The original builds for AlmaLinux 8.6 GA will have been superseded by newer binaries released as part of the April 2022 security update for AlmaLinux 8.5. For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2022-1731.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2021:1985: An update for java-1.8.0-openjdk is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Bug Fix(es) and Enhancement(s): * Prepare for the next quarterly OpenJDK upstream release (2021-04, 8u292) [almalinux-8] (BZ#1942308) * EMBARGOED java-1.8.0-openjdk: JDK: Oracle CPU 2021-04 (BZ#1943839) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2021-1985.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2021:1984: An update for java-11-openjdk is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fix(es) and Enhancement(s): * Prepare for the next quarterly OpenJDK upstream release (2021-04, 11.0.11) [almalinux-8] (BZ#1942311) * java-11-openjdk: JDK: Oracle CPU 2021-04 (BZ#1943233) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2021-1984.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2022:0371: An update for sssd is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Bug Fix(es) and Enhancement(s): * sssd-kcm has requirement on krb5 symbol "krb5_unmarshal_credentials" only available in latest AlmaLinux8.5 krb5 libraries (BZ#2030651) * AD Domain in the AD Forest Missing after sssd latest update (BZ#2035285) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2022-0371.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Security Advisory] ALSA-2022:1550: An update for kernel is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. (Important)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Security Severity: Important Release date: 2023-09-15 Summary: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in RDMA listen() (CVE-2021-4028) * kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Backport DFS fixes from upstream (BZ#2056329) * [AlmaLinux8.5] lpfc driver often fails to detect storage directly connected to Broadcom FC HBA (BZ#2058193) * nf_reinject calls nf_queue_entry_free on an already freed entry->state (BZ#2061446) * gfs2 blocking in gdlm_lock (BZ#2069750) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2022-1550.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Security Advisory] ALSA-2021:2588: An update for the ruby:2.6 module is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. (Moderate)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Security Severity: Moderate Release date: 2023-09-15 Summary: Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby (2.6.7). (BZ#1952627) Security Fix(es): * rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code (CVE-2019-3881) * ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? (CVE-2019-15845) * ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication (CVE-2019-16201) * ruby: Code injection via command argument of Shell#test / Shell#[] (CVE-2019-16255) * rubygem-json: Unsafe object creation vulnerability in JSON (CVE-2020-10663) * ruby: BasicSocket#read_nonblock method leads to information disclosure (CVE-2020-10933) * ruby: Potential HTTP request smuggling in WEBrick (CVE-2020-25613) * ruby: XML round-trip vulnerability in REXML (CVE-2021-28965) * ruby: HTTP response splitting in WEBrick (CVE-2019-16254) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Resolv::DNS: ruby:2.6/ruby: timeouts if multiple IPv6 name servers are given and address contains leading zero [almalinux-8] (BZ#1954968) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2021-2588.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2019:0986: An update for the rhn-tools:1.0 module is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: AlmaLinux Network Tools provide programs and libraries that allow your system to use provisioning, monitoring, and configuration management capabilities provided by AlmaLinux Network and AlmaLinux Network Satellite. The spacewalk-remote-utils package contains the spacewalk-create-channel utility that can be used to create channels with a package set for a particular release. Bug Fix(es): * Cannot provision PPC64LE AlmaLinux8 host: grubby-bls: the option "--yaboot" was deprecated (BZ#1702181) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2019-0986.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2020:1929: An update for the nodejs:10 module is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Bug Fix(es): * Rebuild the nodejs:10 module for AlmaLinux 8.2 (BZ#1811499) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2020-1929.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0