- Security - AlmaLinux List Archives

AlmaLinux 9 - OpenSSh vulnerability
by Sujith PK 25 Apr '24

25 Apr '24

Hi Team, We are reaching out to inquire about the reported vulnerabilities in the OpenSSH version (openssh.x86_64 8.7p1-34.el9_3.3) on AlmaLinux 9.We would like to know whether the fixes are included same like redaht in the version of openssh.x86_64 8.7p1-34.el9_3.3? CVE-2023-48795, CVE-2023-51385 and CVE-2023-51384. Thanks & Regards, Sujith P K CIO Global Server Management [Shape Description automatically generated with medium confidence] 3rd Floor, Wing B WTC2 Bagmane World Technology Center SEZ Marathahalli Outer Ring Road, Mahadevapura, Bangalore 560 048, India [cid:image002.gif@01DA970B.9E2E2670]<mailto:> +91- 8971692387 | sujith.pk(a)mphasis.com<mailto:sujith.pk@mphasis.com> www.mphasis.com<http://www.mphasis.com/> Information Transmitted by this Email is Proprietary to Mphasis, its Associated Companies and/or its Customers and is Intended for use only by the Individual or Entity to which it is Addressed, and may contain Information that is Privileged, Confidential or Exempt from Disclosure under Applicable Law. If you are not the Intended Recipient or it appears that this Email has been Forwarded to you without proper Authority, you are Notified that any use or Dissemination of this Information in any manner is Strictly Prohibited. In such cases, please Notify us Immediately at mailmaster(a)mphasis.com and delete this Email from your Records.

1 0

Air gapped updates
by Kevin Huntly 23 Feb '24

23 Feb '24

Hello, I have an air gapped system that requires updating. It is 9.3, and I'm just not sure where to get update packages for transfer into the secure area. Any ideas?

2 1

Re: Fwd: Question regarding ALSA-2023:5244
by Adam Stackhouse 30 Oct '23

30 Oct '23

Hi, Thanks that's great to know, good job it planned reboots then. Thanks for your time on this and have a good day On Mon, 30 Oct 2023, 16:14 Andrew Lukoshko, <alukoshko(a)almalinux.org> wrote: > Hello. > > Our kernel version 4.18.0-477.27.1.el8_8 was released without > CVE-2023-3390 and CVE-2023-20593 fixes, that's why additional kernel > release version 4.18.0-477.27.2.el8_8 was necessary. > So our kernel 4.18.0-477.27.2.el8_8 corresponds to RHEL's > 4.18.0-477.27.1.el8_8. > > -- > Best Regards, > > Andrew Lukoshko | AlmaLinux OS Architect > > On Sunday, Oct 22, 2023 at 6:52 PM, Jonathan Wright < > jonathan(a)almalinux.org> wrote: > Copying @Andrew Lukoshko <alukoshko(a)almalinux.org> to make sure he sees > this. > > On Sun, Oct 22, 2023 at 11:05 AM Adam Stackhouse <adstak(a)gmail.com> wrote: > >> Hi, >> >> Wondering if this is a better place to ask this question regarding a >> kernel release for ALSA-2023:5244 >> >> Original question should be below as a forwarded message to save writing >> it out again. >> >> Thanks in advance for any help regarding this and If you require anymore >> info feel free to reach out. >> >> >> ---------- Forwarded message --------- >> From: Adam Stackhouse <adstak(a)gmail.com> >> Date: Wed, 18 Oct 2023, 10:13 >> Subject: Question regarding ALSA-2023:5244 >> To: <packager(a)almalinux.org> >> >> >> Hi, >> >> I have noticed a slight difference with the kernel release for Alma >> compared to rocky and rhel for example. I was writing to ask if this is an >> expected diverge because of the recent centos repo issues or a mistake from >> the auto generated errata and updateinfo for the package. >> >> The question is on the errata page for --> >> https://errata.almalinux.org/8/ALSA-2023-5244.html >> >> The required kernel version is 4.18.0-477.27.2.el8_8 and this is >> reflected in the updateinfo in the repo however looking to "upstream" and >> alteratives like rocky you can see the same security advisory id generated >> from rhel is showing the required kernel version to be >> --> 4.18.0-477.27.1.el8_8 >> >> So as you can see I am just wondering if this is a mistake in the >> generated output for Alma or an expected diverge as the difference to me is >> rebooting thousands of servers or not to apply security updates :D >> >> Sources for security advisories from rocky and rhel: >> >> Rhel --> https://access.redhat.com/errata/RHSA-2023:5244 >> Rocky --> https://errata.rockylinux.org/RLSA-2023:5244 >> >> Any questions let me know >> _______________________________________________ >> Security mailing list -- security(a)lists.almalinux.org >> To unsubscribe send an email to security-leave(a)lists.almalinux.org >> > > > -- > Jonathan Wright > AlmaLinux Foundation > Mattermost: chat <https://chat.almalinux.org/almalinux/messages/@jonathan> > >

1 0

Fwd: Question regarding ALSA-2023:5244
by Adam Stackhouse 22 Oct '23

22 Oct '23

Hi, Wondering if this is a better place to ask this question regarding a kernel release for ALSA-2023:5244 Original question should be below as a forwarded message to save writing it out again. Thanks in advance for any help regarding this and If you require anymore info feel free to reach out. ---------- Forwarded message --------- From: Adam Stackhouse <adstak(a)gmail.com> Date: Wed, 18 Oct 2023, 10:13 Subject: Question regarding ALSA-2023:5244 To: <packager(a)almalinux.org> Hi, I have noticed a slight difference with the kernel release for Alma compared to rocky and rhel for example. I was writing to ask if this is an expected diverge because of the recent centos repo issues or a mistake from the auto generated errata and updateinfo for the package. The question is on the errata page for --> https://errata.almalinux.org/8/ALSA-2023-5244.html The required kernel version is 4.18.0-477.27.2.el8_8 and this is reflected in the updateinfo in the repo however looking to "upstream" and alteratives like rocky you can see the same security advisory id generated from rhel is showing the required kernel version to be --> 4.18.0-477.27.1.el8_8 So as you can see I am just wondering if this is a mistake in the generated output for Alma or an expected diverge as the difference to me is rebooting thousands of servers or not to apply security updates :D Sources for security advisories from rocky and rhel: Rhel --> https://access.redhat.com/errata/RHSA-2023:5244 Rocky --> https://errata.rockylinux.org/RLSA-2023:5244 Any questions let me know

2 1

RSS Feed for https://errata.almalinux.org/
by andre.pires_carvalho＠siemens.com 06 Sep '23

06 Sep '23

Dear AlmaLinux, I'm currently monitoring the security advisories for AlmaLinux packages by subscribing your email security list. Nonetheless, I'm an avid supporter of RSS-like delivering systems. Additionally, I think it is a perfect match for structured information such as your security advisories! Is an RSS Feed something that could be provided for the information on https://errata.almalinux.org/ ? Thank you so much for the great work! André C.

2 1

Request for Permission to Conduct Passive Reconnaissance for Academic Purposes
by Robert Crowe 14 Aug '23

14 Aug '23

Dear Almalinux Foundation, I hope this email finds you well. My name is Robert Crowe, and I am currently pursuing a degree in Cybersecurity at the University of Phoenix. As part of my Ethical Hacking course, I have been tasked with conducting a passive reconnaissance assignment focused on a chosen organization. I am reaching out to request your consent to select the Almalinux Foundation as the subject of my research. The objective of this assignment is threefold: 1. Summarize the Importance of Footprinting: This section will briefly discuss the significance of footprinting in ethical hacking, and how it serves as a foundational step in penetration testing. 2. Examine Organizational, Network, and System Information: I will analyze publicly available data about the Almalinux Foundation, including organizational structure, network components, and system configurations. This will allow me to describe the results of the examination. 3. Assess the Security Posture: Based on the collected information, I will provide an analysis of the current security stance of the Almalinux Foundation and identify any potential security vulnerabilities. Please be assured that this exercise will be entirely passive and will only utilize information that is publicly available. No active probing, scanning, or intrusive techniques will be employed. Additionally, I would be more than happy to share my report and findings with you once the assignment has been graded. The integrity and ethical considerations of this task are of paramount importance to me, and I am committed to ensuring full compliance with legal and professional standards. I would not proceed with this assignment without your explicit permission. Thank you for considering my request. I eagerly await your response and assure you of my utmost respect for your privacy and security. Best Regards, Robert Crowe robert.crowe(a)mykolab.com, Abilene, TX Cybersecurity Student University of Phoenix

2 1

Zenbleed Patch Release: 7/27/2023 @ 0700 EST
by Jonathan Wright 26 Jul '23

26 Jul '23

Hi all! There was a flaw announced and patches released that is trivially executable in a large number of AMD environments (CVE-2023-20593). We announced Monday that we had a patch for Zenbleed ready <https://almalinux.org/blog/zenbleed-patch-call-for-testing/> (please read the blog post for full details), but wanted testing. So far we have seen a significant number of users and companies apply the patches with our updated linux-firmware package with no reported problems, and therefore we plan to push the updated package live at 07:00 US eastern time July 27th. If you are at all concerned, we encourage you to test in your own environment and let us know if you find any problems. As a side note: we already have been, but are continuing to discuss the right way to handle this in a sustainable way going forward. If you have interest in being part of that solution, join our chat and keep an eye out for when we start to build those structures, and make sure to join us at the AlmaLinux OS Foundation <https://almalinux.org/members/>. -- Jonathan Wright AlmaLinux Foundation Mattermost: chat <https://chat.almalinux.org/almalinux/messages/@jonathan>

1 0

Zenbleed Patches Available for Testing
by Jonathan Wright 25 Jul '23

25 Jul '23

We are happy to announce that Zenbleed patches are available now for testing. You can apply the fix as follows: AlmaLinux 8: dnf update https://build.almalinux.org/pulp/content/builds/AlmaLinux-8-x86_64-7032-br/… AlmaLinux 9: dnf update https://build.almalinux.org/pulp/content/builds/AlmaLinux-9-x86_64-7033-br/… AlmaLinux 8/9: echo 1 > /sys/devices/system/cpu/microcode/reload For full details please see our blog post at https://almalinux.org/blog/zenbleed-patch-call-for-testing/ The updates are expected to hit the production repos in the coming days. -- Jonathan Wright AlmaLinux Foundation Mattermost: chat <https://chat.almalinux.org/almalinux/messages/@jonathan>

1 0

Package missing in Podman Module container-tools:rhel8 / container-selinux-2.189.0-1.module_el8.7.0+3344+5bcd850f.noarch.rpm
by Dominik Rutkowski 02 Feb '23

02 Feb '23

Hello, I just noticed this behavior because of an trivy scan I enabled podman module RHEL8 and installed podman: dnf module enable container-tools:rhel8 dnf install podman rpm -qa podman podman-4.2.0-6.module_el8.7.0+3385+a9526ac7.x86_64 rpm -qa container-selinux container-selinux-2.189.0-1.module_el8.6.0+3336+00d107d5.noarch if I switch to container-tools:4.0 then the correct container-selinux module get installed dnf module switch-to container-tools:4.0 rpm -qa podman podman-4.0.2-8.module_el8.7.0+3344+5bcd850f.x86_64 rpm -qa container-selinux container-selinux-2.189.0-1.module_el8.7.0+3344+5bcd850f.noarch The whole Module "container-tools:rhel8" seems messed up fuse-overlayfs 1.9-1.module_el8.6.0+3070+1510fbd1 get installed, but should be 1.9-1.module_el8.7.0+3344+5bcd850f I cannot replicate it on an RHEL machine, so I don't know if this is an upstream RHEL issue Thanks in advance If you need any more infos, just let me know Greetings Dominik

1 0

Re: Can I use the Elevate tool to migrate my CentOS 7.9 with Virtualmin/Webmin to AlmaLinux 9.0?
by Turritopsis Dohrnii Teo En Ming 24 Nov '22

24 Nov '22

On Fri, 18 Nov 2022 at 21:58, Scott Blaydes <scott(a)nettek.io> wrote: > > I believe that is beyond the scope of this list. > > Best bet would be to make a clone of the system and try running Elevate. If you can't make a clone, build a new server and try it. > > Also, if you do choose to build a new server and install an Alma/Virtualmin server, you can migrate backups from the CentOS/Virtualmin and restore them on the new Alma/Virtualmin server. > > Thank you, > Scott Blaydes Dear Scott Blaydes, Thank you for your reply. I think you may have saved my day. You mean I can make full and complete backups of my web hosting control panel using the Virtualmin GUI web interface in CentOS 7.9 and restore the backups on the fresh new installation of AlmaLinux 9.1/Virtualmin server? That means I do not need to make a clone of my CentOS 7.9 linux server and run Elevate tool already. I can simply make a fresh new installation of both AlmaLinux 9.1 and Virtualmin on a brand new server. No migration needed and no headaches and complications. Thank you. Mr. Turritopsis Dohrnii Teo En Ming > > On Wed, Nov 16, 2022 at 10:45:10PM +0800, Turritopsis Dohrnii Teo En Ming wrote: > > Subject: Can I use the Elevate tool to migrate my CentOS 7.9 with > > Virtualmin/Webmin to AlmaLinux 9.0? > > > > Good day from Singapore, > > > > I understand both CentOS Linux and AlmaLinux follow Red Hat Enterprise > > Linux (RHEL). > > > > I have 2 CentOS 7.9 Linux virtual private servers (VPS) in Europe. > > They are running Virtualmin/Webmin web hosting control panel in master > > and slave configuration. > > > > Unfortunately, the end of life (EOL) date for CentOS 7.9 is 30 June > > 2024, which is less than 2 years away. > > > > Can I use the Elevate tool to migrate my CentOS 7.9 with > > Virtualmin/Webmin to AlmaLinux 9.0? Is it technically impossible or > > will result in too many complications? > > > > Should I install AlmaLinux 9.0 from fresh and then install Virtualmin > > instead? If I choose this route, I will need to ask Virtualmin > > developers how I can migrate the web hosting control panel from CentOS > > 7.9 to AlmaLinux 9.0. > > > > Please advise. > > > > Thank you. > > > > Regards, > > > > Mr. Turritopsis Dohrnii Teo En Ming > > Targeted Individual in Singapore > > Blogs: > > https://tdtemcerts.blogspot.com > > https://tdtemcerts.wordpress.com > > _______________________________________________ > > Security mailing list -- security(a)lists.almalinux.org > > To unsubscribe send an email to security-leave(a)lists.almalinux.org

2 2