- Announce - AlmaLinux List Archives

[Security Advisory] ALSA-2022:6057: .NET Core 3.1 security, bug fix,
by AlmaLinux Errata Notifications 18 Aug '22

18 Aug '22

Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Security Severity: Moderate Release date: 2022-08-17 Summary: .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.422 and .NET Runtime 3.1.28. Security Fix(es): * dotnet: External Entity Injection during XML signature verification (CVE-2022-34716) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2022-6057.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Security Advisory] ALSA-2022:6058: .NET 6.0 security, bug fix, and
by AlmaLinux Errata Notifications 18 Aug '22

18 Aug '22

Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Security Severity: Moderate Release date: 2022-08-17 Summary: .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.108 and .NET Runtime 6.0.8. Security Fix(es): * dotnet: External Entity Injection during XML signature verification (CVE-2022-34716) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2022-6058.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Security Advisory] ALSA-2022:6003: kernel security, bug fix, and
by AlmaLinux Errata Notifications 17 Aug '22

17 Aug '22

Hi, you are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 9 Type: Security Severity: Moderate Release date: 2022-08-10 Summary: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * information leak in scsi_ioctl() (CVE-2022-0494) * use-after-free in tc_new_tfilter() in net/sched/cls_api.c (CVE-2022-1055) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Power9 - LPAR fails to boot in shared processing mode and call traces are seen [Hash] (BZ#2092248) * Hard lockups are observed while running stress-ng and LPAR hangs (BZ#2092253) * FIPS module identification via name and version (BZ#2093384) * gfs2: File corruption with large writes when memory is tight (BZ#2097306) * i/o on initiator stuck when network is disrupted (4.18.0-372.9.1.el8.x86_64) (BZ#2098251) * AlmaLinux 9.1 doesn't support 3rd SATA (BZ#2099740) * Guest call trace when reboot after postcopy migration with high stress workload (BZ#2100903) * Oops or general protection fault with RIP decode_attr_security_label at decode_getfattr_attrs (BZ#2101854) * Oops as BUG: unable to handle page fault as free of uninitialized nfs4_label on nfs referral lookup (BZ#2101858) * lpar crash with Oops: Kernel access of bad area, sig: 11 [#1] when changing mtu of a bond interface (P10/ ibmvnic/ Haleakala) (BZ#2103085) * OS doesn't boot when vmd and interrupt remapping are enabled (BZ#2109974) Enhancement(s): * iommu/vt-d: Make DMAR_UNITS_SUPPORTED a config setting (BZ#2105326) Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2022-6003.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux team

1 0

[Security Advisory] ALSA-2022:5813: vim security update (Moderate)
by AlmaLinux Errata Notifications 17 Aug '22

17 Aug '22

Hi, you are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Security Severity: Moderate Release date: 2022-08-10 Summary: Vim (Vi IMproved) is an updated and improved version of the vi editor. Security Fix(es): * vim: Out-of-bounds Write (CVE-2022-1785) * vim: out-of-bounds write in vim_regsub_both() in regexp.c (CVE-2022-1897) * vim: buffer over-read in utf_ptr2char() in mbyte.c (CVE-2022-1927) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2022-5813.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux team

1 0

AlmaLinux 8.6 Stable Now Available
by Jack Aboutboul 12 May '22

12 May '22

Hell All, AlmaLinux OS 8.6 Stable, Codenamed Sky Tiger, is now available for your casual consumption, on a mirror near you. Mirrors: https://mirrors.almalinux.org Release Notes: https://wiki.almalinux.org/release-notes/8.6.html Blog: https://almalinux.org/blog/almalinux-86-stable-is-now-available/ Join us on https://chat.almalinux.org and all the various and sundry social channels. Thanks, Jack

1 0

AlmaLinux 8.6 Beta Now Available
by Jack Aboutboul 06 May '22

06 May '22

Hello All, Just a quick note to let you all know that we've just released AlmaLinux 8.6 Beta. Read/comment/discuss here: https://almalinux.discourse.group/t/almalinux-8-6-sky-tiger-beta-now-availa… and https://www.reddit.com/r/AlmaLinux/comments/ujtjc2/almalinux_86_sky_tiger_b… You can find it on the mirrors: https://mirrors.almalinux.org/isos.html Have a great weekend, Jack

1 0

AlmaLinux 9 Beta -- Now Available
by Jack Aboutboul 20 Apr '22

20 Apr '22

Hello, Community! AlmaLinux OS is proud to announce AlmaLinux OS 9.0 Beta <https://mirrors.almalinux.org/isos.html> for all 4 architectures: x86_64 <https://mirrors.almalinux.org/isos/x86_64/9.0-beta.html>, aarch64 <https://mirrors.almalinux.org/isos/aarch64/9.0-beta.html>, ppc64le <https://mirrors.almalinux.org/isos/ppc64le/9.0-beta.html> and s390x <https://mirrors.almalinux.org/isos/s390x/9.0-beta.html>, achieving architecture parity with upstream. As this is a *BETA* release it should not be used for production installations. The provided upgrade instructions should not be used on production machines unless you don't mind if something breaks. Now if you wanna test this somehow, somewhere to see how things will work in 9.0 stable, you're on the right track. Cloud Images and Containers Cloud images and containers are in process and we anticipate the first batch to be ready in 1-2 days. Release Notes and More Information AlmaLinux OS 9.0 Beta is based on upstream kernel version 5.14 and contains enhancements around cloud and container development and improvements to the web console. This release also delivers enhancements for security and compliance including additional security profiles. Other various updates include Python 3.9, GCC 11 with the latest versions of LLVM, Rust and Go to make modernizing the applications faster and easier. You can read more about it by checking out the Release Notes <https://wiki.almalinux.org/release-notes/9.0-beta.html>. Test Days Please make sure to stay tuned to the blog, community chat and various social channels and mailing lists (links below) for the upcoming announcement of test days, where we will gather together and have ourselves a good ole' fashioned bug hunt. What you can do to help? Test, test, test. Your feedback is what helps make great production releases. Please report any bugs you may see on the Bug Tracker <https://bugs.almalinux.org/>. You can also pop into the AlmaLinux Community Chat <https://chat.almalinux.org/> and join our Testing Channel, post a question on our 9.0 Beta Forum <https://almalinux.discourse.group/c/devel/9-0-beta/29>, on our AlmaLinux Community on Reddit <https://reddit.com/r/almalinux> or catch us on Twitter <https://twitter.com/almalinux>. Please enjoy this Beta release, let us know what you think and stay tuned for more updates and announcements coming soon. Happy Testing!

1 0

AlmaLinux for PowerPC 8.5 Stable Now Available
by Jack Aboutboul 25 Feb '22

25 Feb '22

Hello All, We've just released AlmaLinux OS 8.5 for ppc64le. A highly requested arch from the community. You can read more here: https://almalinux.org/blog/almalinux-for-powerpc-85-stable-now-available/ ISO images: https://repo.almalinux.org/almalinux/8.5/isos/ppc64le/ Release Notes: https://wiki.almalinux.org/release-notes/8.5-ppc.html Please join us on https://chat.almalinux.org and https://forums.almalinux.org for any questions you may have or support you might need. We'd also like to give a shout out to our good friends at OSUOSL, CERN and other ppc64le community members for everyone's support in making the release for this architecture possible. Pray for Peace, Jack

1 0

AlmaLinux Live Media and Cloud Images 8.5 Updates
by Jack Aboutboul 18 Feb '22

18 Feb '22

Hello All, I just threw up an announcement on our recent updates to Cloud, Container and Live images. Everything is now on 8.5, although most of it has been for a while. The Live images were the last missing piece. You can read more here: https://almalinux.org/blog/almalinux-live-media-and-cloud-images-85-updates/ Also a huge thanks to Bala. That man is magic. Jack

1 0

Generic Cloud (cloud-init) Images Now Available for PPC64LE
by Jack Aboutboul 03 Feb '22

03 Feb '22

Hello All, Just a quick note to let everyone know that cloud-init/generic cloud images are now available for the PPC64LE architecture as part of the ongoing beta. The image is available from: https://repo.almalinux.org/almalinux/8/cloud/ppc64le/images/ and you can of course find the relevant documentation on the wiki here: https://wiki.almalinux.org/cloud/Generic-cloud.html. Thanks, Jack

1 0