- Announce - AlmaLinux List Archives

[Security Advisory] ALSA-2022:1550: An update for kernel is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. (Important)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Security Severity: Important Release date: 2023-09-15 Summary: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in RDMA listen() (CVE-2021-4028) * kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Backport DFS fixes from upstream (BZ#2056329) * [AlmaLinux8.5] lpfc driver often fails to detect storage directly connected to Broadcom FC HBA (BZ#2058193) * nf_reinject calls nf_queue_entry_free on an already freed entry->state (BZ#2061446) * gfs2 blocking in gdlm_lock (BZ#2069750) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2022-1550.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Security Advisory] ALSA-2021:2588: An update for the ruby:2.6 module is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. (Moderate)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Security Severity: Moderate Release date: 2023-09-15 Summary: Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby (2.6.7). (BZ#1952627) Security Fix(es): * rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code (CVE-2019-3881) * ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? (CVE-2019-15845) * ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication (CVE-2019-16201) * ruby: Code injection via command argument of Shell#test / Shell#[] (CVE-2019-16255) * rubygem-json: Unsafe object creation vulnerability in JSON (CVE-2020-10663) * ruby: BasicSocket#read_nonblock method leads to information disclosure (CVE-2020-10933) * ruby: Potential HTTP request smuggling in WEBrick (CVE-2020-25613) * ruby: XML round-trip vulnerability in REXML (CVE-2021-28965) * ruby: HTTP response splitting in WEBrick (CVE-2019-16254) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Resolv::DNS: ruby:2.6/ruby: timeouts if multiple IPv6 name servers are given and address contains leading zero [almalinux-8] (BZ#1954968) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2021-2588.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2019:0986: An update for the rhn-tools:1.0 module is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: AlmaLinux Network Tools provide programs and libraries that allow your system to use provisioning, monitoring, and configuration management capabilities provided by AlmaLinux Network and AlmaLinux Network Satellite. The spacewalk-remote-utils package contains the spacewalk-create-channel utility that can be used to create channels with a package set for a particular release. Bug Fix(es): * Cannot provision PPC64LE AlmaLinux8 host: grubby-bls: the option "--yaboot" was deprecated (BZ#1702181) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2019-0986.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2020:1929: An update for the nodejs:10 module is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Bug Fix(es): * Rebuild the nodejs:10 module for AlmaLinux 8.2 (BZ#1811499) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2020-1929.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2020:1928: An update for the nodejs:12 module is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Bug Fix(es): * Rebuild the nodejs:12 module for AlmaLinux 8.2 (BZ#1811502) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2020-1928.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2022:1383: An update for .NET 6.0 is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.104 and Runtime 6.0.4 [None8.5.0.z] (BZ#2073446) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2022-1383.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2021:0547: An update for the idm:DL1 module is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: AlmaLinux Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fix(es) and Enhancement(s): * IPA WebUI inaccessible after upgrading to AlmaLinux 8.3.- idoverride-memberof.js missing (BZ#1895910) * IPA should handle situations where krb5 library breaks FAST armoring with referrals (BZ#1914821) * ipa-kdb: support subordinate/superior UPN suffixes (BZ#1914823) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2021-0547.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2022:0351: An update for tigervnc is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Bug Fix(es) and Enhancement(s): * AlmaLinux8.5 Request to backport fix for endianness issue in TigerVNC vncviewer (BZ#2029319) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2022-0351.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Enhancement Advisory] ALEA-2022:1954: This advisory provides perl:5.32-related metadata required by the RHEL 8 module matrix, part 1/4. (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Enhancement update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Enhancement Severity: None Release date: 2023-09-15 Summary: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALEA-2022-1954.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Enhancement Advisory] ALEA-2022:1955: This advisory provides perl:5.32-related metadata required by the RHEL 8 module matrix, part 2/4. (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Enhancement update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Enhancement Severity: None Release date: 2023-09-15 Summary: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALEA-2022-1955.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2022:2145: An update for osbuild-composer is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: The osbuild-composer package is a service for building customized OS artifacts, such as virtual machine (VM) images and OSTree commits. Apart from building images for local usage, it can also upload images directly to cloud. The package is compatible with composer-cli and cockpit-composer clients. Bug Fix(es) and Enhancement(s): * Building AlmaLinux 8.6 with filesystem customizations will lead to incorrect LVM layout. (BZ#2079804) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2022-2145.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Security Advisory] ALSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Security Severity: Moderate Release date: 2023-09-15 Summary: MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql (8.0.30). Security Fix(es): * mysql: Server: DML multiple unspecified vulnerabilities (CVE-2021-2478, CVE-2021-2479, CVE-2021-35591, CVE-2021-35607, CVE-2022-21301, CVE-2022-21413) * mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2021-2481, CVE-2021-35575, CVE-2021-35577, CVE-2021-35610, CVE-2021-35612, CVE-2021-35626, CVE-2021-35627, CVE-2021-35628, CVE-2021-35634, CVE-2021-35635, CVE-2021-35636, CVE-2021-35638, CVE-2021-35641, CVE-2021-35642, CVE-2021-35643, CVE-2021-35644, CVE-2021-35645, CVE-2021-35646, CVE-2021-35647, CVE-2022-21253, CVE-2022-21254, CVE-2022-21264, CVE-2022-21278, CVE-2022-21297, CVE-2022-21339, CVE-2022-21342, CVE-2022-21351, CVE-2022-21370, CVE-2022-21378, CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452, CVE-2022-21459, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479, CVE-2022-21509, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553, CVE-2022-21569, CVE-2022-21265) * mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2021-35546, CVE-2022-21344, CVE-2022-21415) * mysql: Server: Error Handling unspecified vulnerability (CVE-2021-35596) * mysql: C API unspecified vulnerability (CVE-2021-35597) * mysql: Server: Options multiple unspecified vulnerabilities (CVE-2021-35602, CVE-2021-35630, CVE-2022-21515) * mysql: InnoDB multiple unspecified vulnerabilities (CVE-2021-35604, CVE-2022-21302, CVE-2022-21348, CVE-2022-21352, CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21517, CVE-2022-21537, CVE-2022-21539, CVE-2022-21423) * mysql: Server: Group Replication Plugin multiple unspecified vulnerabilities (CVE-2021-35608, CVE-2022-21256, CVE-2022-21379, CVE-2022-21454) * mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2021-35622, CVE-2022-21358, CVE-2022-21372, CVE-2022-21538) * mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2021-35624, CVE-2022-21245, CVE-2021-35625) * mysql: Server: GIS unspecified vulnerability (CVE-2021-35631) * mysql: Server: Data Dictionary unspecified vulnerability (CVE-2021-35632) * mysql: Server: PS unspecified vulnerability (CVE-2021-35637) * mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CVE-2021-35639, CVE-2022-21303, CVE-2022-21522, CVE-2022-21534) * mysql: Server: FTS multiple unspecified vulnerabilities (CVE-2021-35648, CVE-2022-21427) * mysql: Server: Federated multiple unspecified vulnerabilities (CVE-2022-21270, CVE-2022-21547) * mysql: Server: Parser unspecified vulnerability (CVE-2022-21304) * mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2022-21362, CVE-2022-21374) * mysql: Server: Compiling unspecified vulnerability (CVE-2022-21367) * mysql: Server: Components Services unspecified vulnerability (CVE-2022-21368) * mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2022-21425, CVE-2022-21444, CVE-2021-35640, CVE-2022-21249) * mysql: Server: PAM Auth Plugin unspecified vulnerability (CVE-2022-21457) * mysql: Server: Logging multiple unspecified vulnerabilities (CVE-2022-21460, CVE-2021-35633) * mysql: Server: Security: Roles unspecified vulnerability (CVE-2021-35623) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Rebuild mecab due to change in the suffix (from .el8 to .el8.0.0) [almalinux-8] (BZ#2110940) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2022-7119.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Enhancement Advisory] ALEA-2022:1957: This advisory provides perl:5.32-related metadata required by the RHEL 8 module matrix, part 4/4. (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Enhancement update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Enhancement Severity: None Release date: 2023-09-15 Summary: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALEA-2022-1957.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Security Advisory] ALSA-2021:2584: An update for the ruby:2.7 module is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. (Moderate)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Security Severity: Moderate Release date: 2023-09-15 Summary: Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby (2.7.3). (BZ#1951999) Security Fix(es): * ruby: Potential HTTP request smuggling in WEBrick (CVE-2020-25613) * ruby: XML round-trip vulnerability in REXML (CVE-2021-28965) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Resolv::DNS: ruby:2.7/ruby: timeouts if multiple IPv6 name servers are given and address contains leading zero [almalinux-8] (BZ#1952000) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2021-2584.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2022:0106: An update for .NET 6.0 is now available for AlmaLinux. (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.101 and Runtime 6.0.1 [almalinux-8.5.0.z] (BZ#2030391) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2022-0106.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2022:0883: An update for cloud-init is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fix(es) and Enhancement(s): * [AlmaLinux8] [Azure] cloud-init fails to configure the system (BZ#2040690) * [cloud-init][AlmaLinux8] Support for cloud-init datasource 'cloud-init-vmware-guestinfo' (BZ#2040704) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2022-0883.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Enhancement Advisory] ALEA-2020:4802: This advisory provides perl:5.30-related metadata required by the RHEL 8 module matrix, part 2/3. (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Enhancement update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Enhancement Severity: None Release date: 2023-09-15 Summary: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALEA-2020-4802.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Enhancement Advisory] ALEA-2020:4803: This advisory provides perl:5.30-related metadata required by the RHEL 8 module matrix, part 3/3. (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Enhancement update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Enhancement Severity: None Release date: 2023-09-15 Summary: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALEA-2020-4803.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Enhancement Advisory] ALEA-2021:5239: An update for cloud-init is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Enhancement update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Enhancement Severity: None Release date: 2023-09-15 Summary: The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fix(es) and Enhancement(s): * cloud-init.service fails to start after package update (BZ#2028738) * [AlmaLinux-8] Above 19.2 of cloud-init fails to configure routes when configuring static and default routes to the same destination IP (BZ#2028756) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALEA-2021-5239.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Enhancement Advisory] ALEA-2020:4767: This advisory provides perl:5.30-related metadata required by the RHEL 8 module matrix, part 1/3. (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Enhancement update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Enhancement Severity: None Release date: 2023-09-15 Summary: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALEA-2020-4767.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Enhancement Advisory] ALEA-2022:1956: This advisory provides perl:5.32-related metadata required by the RHEL 8 module matrix, part 3/4. (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Enhancement update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Enhancement Severity: None Release date: 2023-09-15 Summary: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALEA-2022-1956.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Bugfix Advisory] ALBA-2021:3817: An update for .NET Core 3.1 is now available for AlmaLinux. (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Bugfix update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Bugfix Severity: None Release date: 2023-09-15 Summary: .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET Core 3.1 to SDK 3.1.120 and Runtime 3.1.20 [almalinux-8.4.0.z] (BZ#2011821) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALBA-2021-3817.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Enhancement Advisory] ALEA-2022:0359: An update for tcpdump is now available for AlmaLinux (None)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Enhancement update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Enhancement Severity: None Release date: 2023-09-15 Summary: The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. Bug Fix(es) and Enhancement(s): * [RFE] tcpdump support for direction and interface needed in AlmaLinux8 (BZ#2037713) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALEA-2022-0359.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Security Advisory] ALSA-2022:7134: kernel-rt security and bug fix update (Important)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Security Severity: Important Release date: 2023-09-15 Summary: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588) * kernel: information leak in scsi_ioctl() (CVE-2022-0494) * Kernel: A kernel-info-leak issue in pfkey_register (CVE-2022-1353) * hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900) * hw: cpu: AMD: Branch Type Confusion (non-retbleed) (CVE-2022-23825) * hw: cpu: Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [almalinux8-rt] BUG: using __this_cpu_add() in preemptible [00000000] - caller is __mod_memcg_lruvec_state+0x69/0x1c0 (BZ#2122600) * The latest AlmaLinux 8.6.z4 kernel changes need to be merged into the RT source tree to keep source parity between the two kernels. (BZ#2125396) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2022-7134.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0

[Security Advisory] ALSA-2023:1584: kernel-rt security and bug fix update (Important)
by AlmaLinux Errata Notifications 18 Sep '23

18 Sep '23

Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Security Severity: Important Release date: 2023-09-15 Summary: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378) * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266) * kernel: FUSE filesystem low-privileged user privileges escalation (CVE-2023-0386) * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Lazy irq_work does not raise softirq on PREEMPT_RT [almalinux-8] (BZ#2172163) * The latest AlmaLinux 8.7.z3 kernel changes need to be merged into the RT source tree to keep source parity between the two kernels. (BZ#2172278) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2023-1584.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team

1 0