RLEA-2019:3511 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libvarlink. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libvarlink-devel-18-3.el8.aarch64.rpm d6418a07e221ceb3e4f7265378a987d2d96f4e94f14e057f1e717b2357d5f2a8 RLSA-2019:3553 GNOME is the default desktop environment of Rocky Linux. Security Fix(es): * evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail() (CVE-2019-11459) * gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd (CVE-2019-12795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for pidgin, gnome-desktop3, pango, gdk-pixbuf2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME is the default desktop environment of Rocky Linux. Security Fix(es): * evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail() (CVE-2019-11459) * gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd (CVE-2019-12795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gdk-pixbuf2-xlib-2.36.12-5.el8.aarch64.rpm 395e79cc4261f2e029da140bd244270ff8d56a108a17633011ef08fb1f6674b1 gdk-pixbuf2-xlib-devel-2.36.12-5.el8.aarch64.rpm 80c9d88483e2fb30cc8364da62fa40d7f7983669fbfa054fb3b417b96b90f34b libpurple-devel-2.13.0-5.el8.aarch64.rpm f16ff1b62ce079b97d71e3a71b115cfed22e32ef1e071f82ff8d059e3309bf45 RLBA-2019:3558 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libhbaapi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libhbaapi-devel-2.2.9-13.el8.aarch64.rpm d7cb90e61dabb55e05422f89833f732e354c23e41b5e158f4b87bd45a357f18f RLBA-2019:3593 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ipset. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ipset-devel-7.1-1.el8.aarch64.rpm 0b3d12a19d21fedccf90e4caf0f04932401b42668c1bc64285e28d51c92c430b RLSA-2020:0633 The ppp packages contain the Point-to-Point Protocol (PPP) daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider (ISP) or other organization over a modem and phone line. Security Fix(es): * ppp: Buffer overflow in the eap_request and eap_response functions in eap.c (CVE-2020-8597) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for ppp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The ppp packages contain the Point-to-Point Protocol (PPP) daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider (ISP) or other organization over a modem and phone line. Security Fix(es): * ppp: Buffer overflow in the eap_request and eap_response functions in eap.c (CVE-2020-8597) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms ppp-devel-2.4.7-26.el8_1.aarch64.rpm fed85df6c00926fab96ead780e08a239a1dc405259d742dfba609c1776326e78 RLSA-2020:1766 GNOME is the default desktop environment of Rocky Linux. Security Fix(es): * LibRaw: stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp (CVE-2018-20337) * gdm: lock screen bypass when timed login is enabled (CVE-2019-3825) * gvfs: mishandling of file ownership in daemon/gvfsbackendadmin.c (CVE-2019-12447) * gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing query_info_on_read/write (CVE-2019-12448) * gvfs: mishandling of file's user and group ownership in daemon/gvfsbackendadmin.c due to unavailability of root privileges (CVE-2019-12449) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for mozjs52, gnome-tweaks, clutter, gnome-menus, mozjs60, baobab. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME is the default desktop environment of Rocky Linux. Security Fix(es): * LibRaw: stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp (CVE-2018-20337) * gdm: lock screen bypass when timed login is enabled (CVE-2019-3825) * gvfs: mishandling of file ownership in daemon/gvfsbackendadmin.c (CVE-2019-12447) * gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing query_info_on_read/write (CVE-2019-12448) * gvfs: mishandling of file's user and group ownership in daemon/gvfsbackendadmin.c due to unavailability of root privileges (CVE-2019-12449) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms clutter-devel-1.26.2-8.el8.aarch64.rpm 70d9c053a71abfa566ebc641369def4a8c4bda27d65cb85abde8082393b63b2d clutter-doc-1.26.2-8.el8.aarch64.rpm 01f4abb032bd63e896d15e15995811eb99f67813919521db123657facc4db734 gnome-menus-devel-3.13.3-11.el8.aarch64.rpm 9655f1f5dc5a6a3a36ee740e8cbd721e56bfc39791267fbe30bb13417f6e8376 mozjs52-devel-52.9.0-2.el8.aarch64.rpm 43d74c8ab5799c42af18b14e4bf4d8e545f52b3b0a217da0e4388f9de891143f mozjs60-devel-60.9.0-4.el8.aarch64.rpm dbc51c9f254cd2837672152dd7b92b627e77010d2265f56a5308e3b4e2737e79 RLBA-2020:1919 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ppp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ppp-devel-2.4.7-26.el8_1.aarch64.rpm fed85df6c00926fab96ead780e08a239a1dc405259d742dfba609c1776326e78 RLSA-2020:2755 libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): * nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for nghttp2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): * nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libnghttp2-devel-1.33.0-3.el8_3.1.aarch64.rpm 07f7c4e28be394cd871f862d451d8d009243bce39db51547305decc95f876977 nghttp2-1.33.0-3.el8_3.1.aarch64.rpm 447b50538b2bba1e82adf24b317febd2c2e1934d7f3b0db4d48710b4fafa2fd4 RLSA-2020:3654 The libcroco is a standalone Cascading Style Sheet level 2 (CSS2) parsing and manipulation library. Security Fix(es): * libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c (CVE-2020-12825) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libcroco. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libcroco is a standalone Cascading Style Sheet level 2 (CSS2) parsing and manipulation library. Security Fix(es): * libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c (CVE-2020-12825) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libcroco-devel-0.6.12-4.el8_2.1.aarch64.rpm 3490b1bce032ef7f8257a25c1d0038d19d53a6dfa446c68b78edc6ca317c15a2 RLSA-2020:4451 GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4), webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk (1.6.0). (BZ#1775345, BZ#1779691, BZ#1817143, BZ#1832347, BZ#1837406) Security Fix(es): * webkitgtk: Multiple security issues (CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925, CVE-2020-10018, CVE-2020-11793) * gnome-settings-daemon: Rocky Enterprise Software Foundation Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391) * LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for xdg-desktop-portal-gtk, tracker, LibRaw, vte291, gnome-remote-desktop, PackageKit, pipewire, pipewire0.2, potrace, gtk3, dleyna-renderer, libsoup, pygobject3, webrtc-audio-processing, frei0r-plugins, gnome-session, gsettings-desktop-schemas. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4), webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk (1.6.0). (BZ#1775345, BZ#1779691, BZ#1817143, BZ#1832347, BZ#1837406) Security Fix(es): * webkitgtk: Multiple security issues (CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925, CVE-2020-10018, CVE-2020-11793) * gnome-settings-daemon: Rocky Enterprise Software Foundation Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391) * LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms frei0r-devel-1.6.1-7.el8.aarch64.rpm 88d4506493d41c6b67a16eb3729440ca2e45fcea3425df4c36a76802eab9d596 pygobject3-devel-3.28.3-2.el8.aarch64.rpm 7c3790d68c1374f0d820f198b53b781a359e19ab3c26c28dbf4446885fc1691b tracker-devel-2.1.5-2.el8.aarch64.rpm fbf033c0c39b601858b75fcc0c9841bbe51f1ef6a392bd7d42f6ad9f0d8b66be vte291-devel-0.52.4-2.el8.aarch64.rpm 37c01b193488ba0f29867cb77e5e21d9b38a51806d3df01b088502d74b516da0 PackageKit-glib-devel-1.1.12-6.el8.0.2.aarch64.rpm 1aa41b9b134e2fc679be05d29a32ba8a24a92fb6af9a41a635019560bb35442c RLEA-2020:4555 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libpsl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libpsl-devel-0.20.2-6.el8.aarch64.rpm 122855f80f93aba722aed215a6bb8e0144b57d3b23a50f5ddcd882ac7838f911 RLEA-2020:4556 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libnetfilter_queue. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libnetfilter_queue-devel-1.0.4-3.el8.aarch64.rpm 909ba801f4c20405354ebeb119e5227930e18461acb1230a40ac0c78ed158ff8 RLBA-2020:4600 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for snappy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms snappy-devel-1.1.8-3.el8.aarch64.rpm 45a11321fcd50252e3308239180bb7a316c948868161ce495ff257cedbb1a50b RLSA-2021:1586 GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: accountsservice (0.6.55), webkit2gtk3 (2.30.4). (BZ#1846376, BZ#1883304) Security Fix(es): * webkitgtk: type confusion may lead to arbitrary code execution (CVE-2020-9948) * webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-9951) * webkitgtk: out-of-bounds write may lead to code execution (CVE-2020-9983) * webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13543) * webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13584) * glib2: insecure permissions for files and directories (CVE-2019-13012) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for enchant2, cairomm, gnome-photos, webkit2gtk3, chrome-gnome-shell, geoclue2, dleyna-server, woff2, libdazzle, gtk2, gvfs, gjs, gnome-settings-daemon, gtkmm24, accountsservice, gnome-control-center, gnome-shell, gnome-software, soundtouch, gnome-boxes, gnome-terminal, libsass, libsigc++20, nautilus, OpenEXR, gnome-online-accounts, gtkmm30, dleyna-core, vala, libvisual, geocode-glib, pangomm, gtk-doc, atkmm, gdm, gamin, glibmm24, mutter, libepubgen. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: accountsservice (0.6.55), webkit2gtk3 (2.30.4). (BZ#1846376, BZ#1883304) Security Fix(es): * webkitgtk: type confusion may lead to arbitrary code execution (CVE-2020-9948) * webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-9951) * webkitgtk: out-of-bounds write may lead to code execution (CVE-2020-9983) * webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13543) * webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13584) * glib2: insecure permissions for files and directories (CVE-2019-13012) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms atkmm-devel-2.24.2-7.el8.aarch64.rpm 3ce0f75d449203a3b38c392b77ef1140e121e782fca436176c7399a49aaff063 atkmm-doc-2.24.2-7.el8.noarch.rpm 2598f60483489a4d971135fe643fd9a34d755e4a96c07689ab60bad21a582f59 cairomm-devel-1.12.0-8.el8.aarch64.rpm a4332361dd3875c34647654b7eb2b8ac8906cc859c2cc6a9a332974ca12c1020 cairomm-doc-1.12.0-8.el8.noarch.rpm 138b57e136e261b564d6a902178d07fd422fe83f05caa53a50ec32705ea4174e enchant2-devel-2.2.3-3.el8.aarch64.rpm 39d78a0cdf5f847dc5e03dac4beff2c8a98d8acd586f75b8580f13b9493117fc gamin-devel-0.1.10-32.el8.aarch64.rpm 224fe45aca747ec52ee7efe8238c554bc5cbeb93affb7a2ed8eb4ec98646992f geoclue2-devel-2.5.5-2.el8.aarch64.rpm 3e1fd9077722989c0137f505363af74881362f98dd77436374c719bc2212a6e9 gjs-devel-1.56.2-5.el8.aarch64.rpm 5d8c7eeab9fb183d900ec631e1835adb347f9ccad2b29f84f06e557eab14bad4 glibmm24-devel-2.56.0-2.el8.aarch64.rpm 2da7e692956a605243eac33baf176afa0689dab826071f8e1e5112f0bdc68981 glibmm24-doc-2.56.0-2.el8.noarch.rpm e4c1b83ec081cc5d49aa33270b12bc407eea45ebad3ccdce525e46a88e79503a gtkmm24-devel-2.24.5-6.el8.aarch64.rpm dea4c33c15f8a7f905476971d3ac890002bab261d75a4151a4e0397366121700 gtkmm24-docs-2.24.5-6.el8.noarch.rpm b139c29053b16cd003baef27d687666b3ab39b9c8903011d1b3c7f82f5c275e6 gtkmm30-devel-3.22.2-3.el8.aarch64.rpm e96ea81b12b138b729ea1089b71a1ad2151587f5a9608fa9519692159bdd6766 gtkmm30-doc-3.22.2-3.el8.noarch.rpm 71f74a9b26e199050e0eaf869affba48af9648adea4818093b740b72964dca47 libdazzle-3.28.5-2.el8.aarch64.rpm 0b865d21693613cf5a28ee77a64ba7afe9d76a94e10846670595d72938a51450 libdazzle-devel-3.28.5-2.el8.aarch64.rpm 09b78dd3ac2868b1a16da3479ef702245b074be10804e9cbc3b23a72a75f4d4e libepubgen-devel-0.1.0-3.el8.aarch64.rpm 830206e940b4b2c8acb26587ed284b0a9a76bfcdb88c81c95571e619fc7aa929 libsass-3.4.5-6.el8.aarch64.rpm 0035af205c179c8e27c809be5f2ccf9749f3ad08cdcc112f12a1530cc778e11f libsass-devel-3.4.5-6.el8.aarch64.rpm 304b3e4ca60b9fcf0febc760ed75f4e64231cd795887c0c86af55560a4ca053e libsigc++20-devel-2.10.0-6.el8.aarch64.rpm 2ac82883d78ee3ea6404371b154122ef2edffdfac901a140c9da4255b22101f2 libsigc++20-doc-2.10.0-6.el8.noarch.rpm 4bd0fad981c77439d2f94977a0c5314b008dfa87658055909df65a2cae90ae80 libvisual-devel-0.4.0-25.el8.aarch64.rpm 95827c74199bddbec86fd8a7c275476f9222dd4460179be9c0a9b24c6077e9c2 OpenEXR-devel-2.2.0-12.el8.aarch64.rpm e3d2fe1166489a18b48d61f072f212153adec8a8334b91e8beb4e66647c20384 pangomm-devel-2.40.1-6.el8.aarch64.rpm f352eb7eac3d2c3589fcb7335b582b2c255c59f49de5ae588dff1f272a0ebbab pangomm-doc-2.40.1-6.el8.noarch.rpm 68d1b3c4e9b3cf47ccffa9b02a5ffc49639d3769b9ebb167cd1008c3709debf5 soundtouch-devel-2.0.0-3.el8.aarch64.rpm d3d1d408f971f3198b57b0c08f51081890b83bc27f419126878f2417ebfe5684 vala-0.40.19-2.el8.aarch64.rpm b60736b413a6aebda280c2cd50e0c2f8a6cf01f3df5ecc24103527c990101cd0 vala-devel-0.40.19-2.el8.aarch64.rpm dd42f9f869bf7f30a3d1958756e6c6554851c50beff34d678639463df9d1b360 woff2-devel-1.0.2-5.el8.aarch64.rpm 469ac0794b4cb1ab1c3480c407584cbfd028c41a56027d9c29bebf68b3483ef5 RLBA-2021:1587 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for librabbitmq. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms librabbitmq-devel-0.9.0-3.el8.aarch64.rpm 062252941bcfd69c109fe8a297c37596bc08359151ad7614276c5024629db899 RLBA-2021:1612 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for avahi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms avahi-compat-howl-0.7-20.el8.aarch64.rpm 5b4c3edd4f0167d2ee584c68ec876b444735afed90d9b4493be8b2198c950a2f avahi-compat-howl-devel-0.7-20.el8.aarch64.rpm 4f9e209c14bf141d9917ed2ff93ce7138dc193545399b867223a0a8fbe6df516 avahi-compat-libdns_sd-0.7-20.el8.aarch64.rpm 994f6f8bb7a45af3092b5fbebbfaf91aa82d3f79886cce0ff017f15b41cbc2b2 avahi-compat-libdns_sd-devel-0.7-20.el8.aarch64.rpm a19d9a3cf7cf7906a5a623b7420aeabeffb5d82a0bb04a16e73a29612fa5f68c avahi-devel-0.7-20.el8.aarch64.rpm 9c7d64d9f0566a3eda278833d9f5f4245d67c166637e2d1048f51ef033101862 avahi-glib-devel-0.7-20.el8.aarch64.rpm 24c2639cf117cebdf6e8ea0039af196f4ebeb250ddf99e553749fbaf591a2aaa avahi-gobject-devel-0.7-20.el8.aarch64.rpm f202dc252d7e22218a5e202ec45c68aa885112d1b84af4d6e50dbb4ff0febb5f avahi-ui-0.7-20.el8.aarch64.rpm 60a039445f2f0eba99582fa08541336678339dced48b16a719b74c6a90b44112 avahi-ui-devel-0.7-20.el8.aarch64.rpm b67f58cc3357148e1238eaa0719e43ab25192acc810982b92d7a249f267352f6 RLSA-2021:1627 TrouSerS is an implementation of the Trusted Computing Group's Software Stack (TSS) specification. TrouSerS enables the user to write applications that make use of the Trusted Platform Module (TPM) hardware. The following packages have been upgraded to a later upstream version: trousers (0.3.15). (BZ#1725782) Security Fix(es): * trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root (CVE-2020-24331) * trousers: tss user can be used to create or corrupt existing files, this could lead to DoS (CVE-2020-24332) * trousers: fails to drop the root gid privilege when no longer needed (CVE-2020-24330) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for trousers. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

TrouSerS is an implementation of the Trusted Computing Group's Software Stack (TSS) specification. TrouSerS enables the user to write applications that make use of the Trusted Platform Module (TPM) hardware. The following packages have been upgraded to a later upstream version: trousers (0.3.15). (BZ#1725782) Security Fix(es): * trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root (CVE-2020-24331) * trousers: tss user can be used to create or corrupt existing files, this could lead to DoS (CVE-2020-24332) * trousers: fails to drop the root gid privilege when no longer needed (CVE-2020-24330) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms trousers-devel-0.3.15-1.el8.aarch64.rpm 547cf97a0d331e57887d783c5392e85ef70e58e6dd98306101db7a2a18120a6a RLBA-2021:1628 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for tpm-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms tpm-tools-devel-1.3.9.2-1.el8.aarch64.rpm 2d5fc1eb59830b2f1c278ff7766fd2bccb9f4fd0fb5f4bed6e816abd800bf4fe RLBA-2021:1689 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for librepo, librhsm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms librhsm-devel-0.0.3-4.el8.aarch64.rpm 2b657d230d11a7d2bb7b26b22eeff8dc9adff54bb577279f6b8c88cc39bb33e3 RLEA-2021:1712 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libpcap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libpcap-devel-1.9.1-5.el8.aarch64.rpm 8d57af5c12dbf04882c43eb68c423e1ac65e0fae309d2562f9e46172a02e6c45 RLEA-2021:1720 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ima-evm-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ima-evm-utils-devel-1.3.2-12.el8.aarch64.rpm b03137efb42dd9df637a718e5be3f303bb9b1742138eeb8c29393eaf4311dbbb RLBA-2021:1731 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for userspace-rcu. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms userspace-rcu-devel-0.10.1-4.el8.aarch64.rpm 9feb7f8b3cbf197e236522f051da0430de530f16a4d568cae0f26437a4478135 RLBA-2021:3594 The libdb packages provide the Berkeley Database, an embedded database supporting both traditional and client/server applications. Bug Fix(es) and Enhancement(s): * [FJ8.4 Bug]: [REG]The rpm command hangs and the CPU usage reaches 100% (BZ#2001972) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libdb packages provide the Berkeley Database, an embedded database supporting both traditional and client/server applications. Bug Fix(es) and Enhancement(s): * [FJ8.4 Bug]: [REG]The rpm command hangs and the CPU usage reaches 100% (BZ#2001972) rocky-linux-8-aarch64-powertools-rpms libdb-cxx-5.3.28-42.el8_4.aarch64.rpm 1f287a8485fd6ba35a6f9c9c759f7411e6724cea7ea67c87e58357087f2b466f libdb-cxx-devel-5.3.28-42.el8_4.aarch64.rpm 72a4362de15c13453dda3bf8cc2c0782c583c302b390270b88cf3d0a2d4e696f libdb-devel-doc-5.3.28-42.el8_4.noarch.rpm 75d6fad816ec9f39c8f77f2d0eb7abcf6a01acb377b20d0d26e389a6a21bf15a libdb-sql-5.3.28-42.el8_4.aarch64.rpm c5cf5c1261dca953db4c11f8c4ae888d05c97691b1b7d73cfc9f98680717c13e libdb-sql-devel-5.3.28-42.el8_4.aarch64.rpm e5f06c20a11a00c96fc2725ca4e2483ed07b2c3f8e1a28aeb83c620d02eb3668 RLBA-2021:4371 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libxcrypt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libxcrypt-static-4.1.1-6.el8.aarch64.rpm e541c616e57e4b1f370758a6769e75bc337dba9d818e06d35045ea8a5bdff928 RLSA-2021:4373 PCRE is a Perl-compatible regular expression library. Security Fix(es): * pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 (CVE-2019-20838) * pcre: Integer overflow when parsing callout numeric arguments (CVE-2020-14155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for pcre. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

PCRE is a Perl-compatible regular expression library. Security Fix(es): * pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 (CVE-2019-20838) * pcre: Integer overflow when parsing callout numeric arguments (CVE-2020-14155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms pcre-static-8.42-6.el8.aarch64.rpm 7e897d5f423bd097c5b2d9a9a65e4ce5f116332d97db706783d7675bb6913b98 RLBA-2021:4377 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for quota. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms quota-devel-4.04-14.el8.aarch64.rpm de5c04e197e1fa1a441791c8d9c778c548daa3f0a618f999df322606384b95dd RLSA-2021:4381 GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gdm (40.0), webkit2gtk3 (2.32.3). (BZ#1909300) Security Fix(es): * webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution (CVE-2020-13558) * LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp (CVE-2020-24870) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918) * webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-1788) * webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789) * webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799) * webkitgtk: IFrame sandboxing policy violation (CVE-2021-1801) * webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844) * webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870) * webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1871) * webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (CVE-2021-21775) * webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution (CVE-2021-21779) * webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806) * webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663) * webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665) * webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682) * webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689) * webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720) * webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734) * webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack (CVE-2021-30744) * webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30749) * webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30795) * webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797) * webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30799) * webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623) * gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (CVE-2020-36241) * gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix) (CVE-2021-28650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for gnome-shell-extensions, webkit2gtk3, LibRaw, gnome-settings-daemon, gsettings-desktop-schemas, gnome-autoar, mutter, accountsservice, gnome-control-center, gnome-online-accounts, gnome-shell, gtk3, gdm, vino, gnome-software, gnome-session, gnome-calculator. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gdm (40.0), webkit2gtk3 (2.32.3). (BZ#1909300) Security Fix(es): * webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution (CVE-2020-13558) * LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp (CVE-2020-24870) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918) * webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-1788) * webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789) * webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799) * webkitgtk: IFrame sandboxing policy violation (CVE-2021-1801) * webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844) * webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870) * webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1871) * webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (CVE-2021-21775) * webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution (CVE-2021-21779) * webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806) * webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663) * webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665) * webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682) * webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689) * webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720) * webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734) * webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack (CVE-2021-30744) * webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30749) * webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30795) * webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797) * webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30799) * webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623) * gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (CVE-2020-36241) * gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix) (CVE-2021-28650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gnome-software-devel-3.36.1-10.el8.aarch64.rpm b1fe1ce430a9186ef8f3da64f75aae7f0fc609c6ab31094014930355f82cef9c RLEA-2021:4405 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libmodulemd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libmodulemd-devel-2.13.0-1.el8.aarch64.rpm eccd05e816f2630ab8348bc544618a5dab6eddc2304b10423eb3cd449cffcdaf RLBA-2021:4412 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for mpitests, mvapich2, ucx, qperf, opensm, rpm-mpi-hooks, rdma-core, mstflint, libvma, openmpi, fabtests, perftest, libfabric, mpich. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms opensm-devel-3.3.24-1.el8.aarch64.rpm 9828e7587346eefa799b479e3799c0767c2ffb94b78b2cdad890fea4d8b89965 RLBA-2021:4446 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for iscsi-initiator-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms iscsi-initiator-utils-devel-6.2.1.4-4.git095f59c.el8.aarch64.rpm 033481967bfd8e23125b4a47dfa4da663c1e1046efc3a19402f484cb23c8805d RLBA-2021:4475 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for freeipmi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms freeipmi-devel-1.6.8-1.el8.aarch64.rpm 1cf47dd06f60d27f912a31285b49fbbd89847dc9dc440062d0607c0fe4715a93 RLBA-2021:4477 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for parted. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms parted-devel-3.2-39.el8.aarch64.rpm 0dc8c23dff9be5f0598da039402e558a98011f15f74aeaa9f12765f0c806b664 RLBA-2021:4483 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for OpenIPMI. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms OpenIPMI-devel-2.0.31-3.el8.aarch64.rpm 740976f572fbdb3a06e21e92ff16de27f9e060abf0421f5392c5a2c09b09c1e8 RLEA-2021:4488 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for hwloc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms hwloc-devel-2.2.0-3.el8.aarch64.rpm df96f75eb5aaa70af9c688a2fe7e64688e6abc23abb48d5c9c1bbc40cac13fe2 RLBA-2021:4505 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for mobile-broadband-provider-info. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms mobile-broadband-provider-info-devel-20210805-1.el8.noarch.rpm 7a39848d36b0cce3fb579b79202c4b768831698134392940e50d2ced22975191 RLBA-2021:4507 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for fontconfig. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms fontconfig-devel-doc-2.13.1-4.el8.noarch.rpm f40bd239864c2fb6e63422c5c25a7e6c13abdf87edb075da0286845426005066 RLSA-2021:4510 The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fix(es): * lua: segmentation fault in getlocal and setlocal functions in ldebug.c (CVE-2020-24370) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for lua. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fix(es): * lua: segmentation fault in getlocal and setlocal functions in ldebug.c (CVE-2020-24370) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms lua-devel-5.3.4-12.el8.aarch64.rpm d7074e80409036c94b4af3cba4738f4bc7677fd403c87d5ab4cb7a189854b548 RLSA-2021:4513 The libsepol library provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy (the policy compiler) and similar tools, as well as by programs like load_policy that need to perform specific transformations on binary policies (for example, customizing policy boolean settings). Security Fix(es): * libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36084) * libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36085) * libsepol: use-after-free in cil_reset_classpermission() (CVE-2021-36086) * libsepol: heap-based buffer overflow in ebitmap_match_any() (CVE-2021-36087) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libsepol. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libsepol library provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy (the policy compiler) and similar tools, as well as by programs like load_policy that need to perform specific transformations on binary policies (for example, customizing policy boolean settings). Security Fix(es): * libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36084) * libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36085) * libsepol: use-after-free in cil_reset_classpermission() (CVE-2021-36086) * libsepol: heap-based buffer overflow in ebitmap_match_any() (CVE-2021-36087) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsepol-static-2.9-3.el8.aarch64.rpm 7e64f3cf5d6454ada316e380041c940c5e93622d27cc57b9043fb26c2703b25f RLEA-2022:2014 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for mpitests, ucx, rdma-core, mstflint, libvma, libpsm2, fabtests, openmpi, pmix, perftest, eth-tools, mpich, libfabric. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms pmix-devel-2.2.5-1.el8.aarch64.rpm c8463f6ed8c90aaeb9a7549dcd27bcc29f2abd23ba380c2bf1a6dbf2f87e3eb1 python3-mpich-3.4.2-1.el8.aarch64.rpm 4a49304075029ff3a6eb5aa11bd91c8b211f004ec5479fda1f7662e9658328e2 python3-openmpi-4.1.1-3.el8.aarch64.rpm 4efc4706dc706800490f4e52cb0aa1b2e618a3c7a21a1f5458135141fba7f132 RLBA-2022:2027 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for json-c. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms json-c-doc-0.13.1-3.el8.noarch.rpm d27af04338be30aed0ad2d64bb84dddd51cda618cc346f82d726f0c63a94f98a RLBA-2022:2060 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for kmod. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms kmod-devel-25-19.el8.aarch64.rpm 3d6898dedcf7caf2eda69826d7836ac488a8765f06c0f6652796fe7e389e8cd0 RLBA-2022:2009 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ModemManager. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ModemManager-devel-1.18.2-1.el8.aarch64.rpm 96722b9fbab2b20238d4d0cacfb95dd6deb20e46bbf6798bb5d8df1dc1fe97f5 ModemManager-glib-devel-1.18.2-1.el8.aarch64.rpm 06ba03a40d9fcc01b4525e109f1b6fd84dc36e81316c7941315e3065dd50d61d RLBA-2022:2035 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libstoragemgmt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libstoragemgmt-devel-1.9.1-3.el8.aarch64.rpm e361bde333186ce60f0cb34bb547ef25bb99616b02638fc5f1cb8e2a4d51f171 RLBA-2022:2046 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libcomps. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libcomps-devel-0.1.18-1.el8.aarch64.rpm 138c9389a234be30a5787c8c29d66bf4ecd6abea004af1bf78b11b2d3e9bd276 RLBA-2022:2089 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for pcsc-lite. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms pcsc-lite-devel-1.9.5-1.el8.aarch64.rpm e2cf99fb4f88d7bf5511ea099b8fea4030aa3ee4d96f6ccdf6e6fb1423191a4d RLBA-2022:2099 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sysfsutils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsysfs-devel-2.1.0-25.el8.aarch64.rpm a75966ebfc47820152f09a39b645e7f215e8135c8676e9d77c07396f4fad88db RLBA-2022:2101 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libnftnl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libnftnl-devel-1.1.5-5.el8.aarch64.rpm b6790fa35eab8837569c109c2f486c9d139d2f0ccaeaf2f77da872b6aad78dc2 RLBA-2022:2117 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gpgme. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gpgme-devel-1.13.1-11.el8.aarch64.rpm 7ae86ed2d02b649eecf6e264e10ee92255a601637fb81b67a822aee5d3492fba gpgmepp-devel-1.13.1-11.el8.aarch64.rpm 849de0ad6405675f3edffedea5d096a508c8b37ebb19fb46965d7bce9c007229 qgpgme-devel-1.13.1-11.el8.aarch64.rpm 581ec1afcad28dd03e669e8a8f5535d865ba6e842636620f8a298e010097fb02 RLBA-2022:2118 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for texinfo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms texinfo-6.5-7.el8.aarch64.rpm e33bd3ab32d75e32a56c9a0e64bbb742421ac5287f007caa20583bf1fc08915b texinfo-tex-6.5-7.el8.aarch64.rpm 1c59ee6a8d6433caa4bfdeecf9606ff6ef3b352f491ed6d10827b3e865f74c3d RLSA-2022:4991 XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fix(es): * gzip: arbitrary-file-write vulnerability (CVE-2022-1271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for xz. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fix(es): * gzip: arbitrary-file-write vulnerability (CVE-2022-1271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms xz-lzma-compat-5.2.4-4.el8_6.aarch64.rpm 8b7f1dbc1caa00b21b52ff5d4a1862ea6d2a97bdc46056eae74dcc5bbd07f829 RLSA-2022:5809 The pcre2 package contains a new generation of the Perl Compatible Regular Expression libraries for implementing regular expression pattern matching using the same syntax and semantics as Perl. Security Fix(es): * pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c (CVE-2022-1586) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for pcre2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The pcre2 package contains a new generation of the Perl Compatible Regular Expression libraries for implementing regular expression pattern matching using the same syntax and semantics as Perl. Security Fix(es): * pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c (CVE-2022-1586) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms pcre2-tools-10.32-3.el8_6.aarch64.rpm d6369bf74c05cc12866b0213c16dc0217fb02b3cef7f1c0c5598fce237c623d4 RLBA-2022:5815 The bash packages provide Bash (Bourne-again shell), which is the default shell for Rocky Linux. Bug Fix(es) and Enhancement(s): * Segfault in 'buffered_getchar()' function in bash (BZ#2097659) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for bash. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The bash packages provide Bash (Bourne-again shell), which is the default shell for Rocky Linux. Bug Fix(es) and Enhancement(s): * Segfault in 'buffered_getchar()' function in bash (BZ#2097659) rocky-linux-8-aarch64-powertools-rpms bash-devel-4.4.20-4.el8_6.aarch64.rpm 9577d3838b3a1b018850ddd4b50ae41258f97521b7ec55a8bb6144b1e0dcb6fa RLSA-2022:7089 KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Security Fix(es): * libksba: integer overflow may lead to remote code execution (CVE-2022-3515) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for libksba. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Security Fix(es): * libksba: integer overflow may lead to remote code execution (CVE-2022-3515) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libksba-devel-1.3.5-8.el8_6.aarch64.rpm ea375b017b32e8a122599ad5f51e85157f6c468225ba425e1e698b60f591376e RLBA-2022:7107 GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Bug Fix(es) and Enhancement(s): * Add --interface-info-[body|header] modes to gdbus-codegen. (BZ#2124615) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for glib2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Bug Fix(es) and Enhancement(s): * Add --interface-info-[body|header] modes to gdbus-codegen. (BZ#2124615) rocky-linux-8-aarch64-powertools-rpms glib2-doc-2.56.4-158.el8_6.1.noarch.rpm aa64cb9e557a147c0ba86aef7701e556397a660ebaa7822bdc19c57b448ee3f0 glib2-static-2.56.4-158.el8_6.1.aarch64.rpm 0f8a19b268e0fe16bd451aa6559ef625a0065c97b255f4ba78f423921b3f5948 RLBA-2022:7116 The libsemanage library provides an API for the manipulation of SELinux binary policies. It is used by the checkpolicy compiler and similar utilitlies, as well as by programs such as load_policy, which must perform specific transformations on binary policies, such as customizing policy Boolean settings. Bug Fix(es) and Enhancement(s): * libsemanage's check_ext_changes doesn't pick up boolean changes (BZ#2129139) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libsemanage. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libsemanage library provides an API for the manipulation of SELinux binary policies. It is used by the checkpolicy compiler and similar utilitlies, as well as by programs such as load_policy, which must perform specific transformations on binary policies, such as customizing policy Boolean settings. Bug Fix(es) and Enhancement(s): * libsemanage's check_ext_changes doesn't pick up boolean changes (BZ#2129139) rocky-linux-8-aarch64-powertools-rpms libsemanage-devel-2.9-9.el8.aarch64.rpm e3b68ccbc3625edefb7633a642bdc7e72c106c57caccc262292706b5a77737ae RLBA-2022:7682 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for babeltrace. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libbabeltrace-devel-1.5.4-4.el8.aarch64.rpm cf260410671ee1ecc3aa3ce1ec886016a5b3bcc51ea5bd6e855472d4be0e85ab python3-babeltrace-1.5.4-4.el8.aarch64.rpm 2b615b9a5132f0453cfb604114e7beca67a40457c165022bf46c956325be345e RLSA-2022:7683 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * off-path attacker may inject data or terminate victim's TCP session (CVE-2020-36516) * race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference (CVE-2020-36558) * use-after-free vulnerability in function sco_sock_sendmsg() (CVE-2021-3640) * memory leak for large arguments in video_usercopy function in drivers/media/v4l2-core/v4l2-ioctl.c (CVE-2021-30002) * smb2_ioctl_query_info NULL Pointer Dereference (CVE-2022-0168) * NULL pointer dereference in udf_expand_file_adinicbdue() during writeback (CVE-2022-0617) * swiotlb information leak with DMA_FROM_DEVICE (CVE-2022-0854) * uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM (CVE-2022-1016) * race condition in snd_pcm_hw_free leading to use-after-free (CVE-2022-1048) * use-after-free in tc_new_tfilter() in net/sched/cls_api.c (CVE-2022-1055) * use-after-free and memory errors in ext4 when mounting and operating on a corrupted image (CVE-2022-1184) * NULL pointer dereference in x86_emulate_insn may lead to DoS (CVE-2022-1852) * buffer overflow in nft_set_desc_concat_parse() (CVE-2022-2078) * nf_tables cross-table potential use-after-free may lead to local privilege escalation (CVE-2022-2586) * openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() (CVE-2022-2639) * use-after-free when psi trigger is destroyed while being polled (CVE-2022-2938) * net/packet: slab-out-of-bounds access in packet_recvmsg() (CVE-2022-20368) * possible to use the debugger to write zero into a location of choice (CVE-2022-21499) * Spectre-BHB (CVE-2022-23960) * Post-barrier Return Stack Buffer Predictions (CVE-2022-26373) * memory leak in drivers/hid/hid-elo.c (CVE-2022-27950) * double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c (CVE-2022-28390) * use after free in SUNRPC subsystem (CVE-2022-28893) * use-after-free due to improper update of reference count in net/sched/cls_u32.c (CVE-2022-29581) * DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c (CVE-2022-36946) * nfs_atomic_open() returns uninitialized data instead of ENOTDIR (CVE-2022-24448) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * off-path attacker may inject data or terminate victim's TCP session (CVE-2020-36516) * race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference (CVE-2020-36558) * use-after-free vulnerability in function sco_sock_sendmsg() (CVE-2021-3640) * memory leak for large arguments in video_usercopy function in drivers/media/v4l2-core/v4l2-ioctl.c (CVE-2021-30002) * smb2_ioctl_query_info NULL Pointer Dereference (CVE-2022-0168) * NULL pointer dereference in udf_expand_file_adinicbdue() during writeback (CVE-2022-0617) * swiotlb information leak with DMA_FROM_DEVICE (CVE-2022-0854) * uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM (CVE-2022-1016) * race condition in snd_pcm_hw_free leading to use-after-free (CVE-2022-1048) * use-after-free in tc_new_tfilter() in net/sched/cls_api.c (CVE-2022-1055) * use-after-free and memory errors in ext4 when mounting and operating on a corrupted image (CVE-2022-1184) * NULL pointer dereference in x86_emulate_insn may lead to DoS (CVE-2022-1852) * buffer overflow in nft_set_desc_concat_parse() (CVE-2022-2078) * nf_tables cross-table potential use-after-free may lead to local privilege escalation (CVE-2022-2586) * openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() (CVE-2022-2639) * use-after-free when psi trigger is destroyed while being polled (CVE-2022-2938) * net/packet: slab-out-of-bounds access in packet_recvmsg() (CVE-2022-20368) * possible to use the debugger to write zero into a location of choice (CVE-2022-21499) * Spectre-BHB (CVE-2022-23960) * Post-barrier Return Stack Buffer Predictions (CVE-2022-26373) * memory leak in drivers/hid/hid-elo.c (CVE-2022-27950) * double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c (CVE-2022-28390) * use after free in SUNRPC subsystem (CVE-2022-28893) * use-after-free due to improper update of reference count in net/sched/cls_u32.c (CVE-2022-29581) * DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c (CVE-2022-36946) * nfs_atomic_open() returns uninitialized data instead of ENOTDIR (CVE-2022-24448) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms kernel-tools-libs-devel-4.18.0-425.3.1.el8.aarch64.rpm 5b01115a6957b5fc706fe62d039458f47849535f808be68948e60a84a872bb7e RLBA-2022:7684 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms glibc-benchtests-2.28-211.el8.aarch64.rpm 6d58852845479bb4735702a165301ef3fedad5024a6e028d5d2902d9d72ef382 glibc-nss-devel-2.28-211.el8.aarch64.rpm 999fe735c19b950dbb43c7b1e0b3c39ea3707e27089254cdace8265c51c91fa0 glibc-static-2.28-211.el8.aarch64.rpm ad6c9af9a16f201fa46bce989f24b6315facb49a9eaec8233085cf3fcc91bfcf nss_hesiod-2.28-211.el8.aarch64.rpm 9cb58e444a438c542542a72dffb9d29739774f61e9e9b83ff44667830b046499 RLBA-2022:7688 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gcc-plugin-devel-8.5.0-15.el8.aarch64.rpm 6d685cbc9a46104895773465cabbca140142fbf4a0d3ee969f9399e736a26a9f libstdc++-static-8.5.0-15.el8.aarch64.rpm a115c9dee155c0581c5a79141d187fc41ae9f8d18aa9de4540e21e04c8adfc8f RLSA-2022:7692 XML-RPC is a remote procedure call (RPC) protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC (remote procedure call) over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Security Fix(es): * expat: Integer overflow in doProlog in xmlparse.c (CVE-2021-46143) * expat: Integer overflow in addBinding in xmlparse.c (CVE-2022-22822) * expat: Integer overflow in build_model in xmlparse.c (CVE-2022-22823) * expat: Integer overflow in defineAttribute in xmlparse.c (CVE-2022-22824) * expat: Integer overflow in lookup in xmlparse.c (CVE-2022-22825) * expat: Integer overflow in nextScaffoldPart in xmlparse.c (CVE-2022-22826) * expat: Integer overflow in storeAtts in xmlparse.c (CVE-2022-22827) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for xmlrpc-c. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

XML-RPC is a remote procedure call (RPC) protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC (remote procedure call) over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Security Fix(es): * expat: Integer overflow in doProlog in xmlparse.c (CVE-2021-46143) * expat: Integer overflow in addBinding in xmlparse.c (CVE-2022-22822) * expat: Integer overflow in build_model in xmlparse.c (CVE-2022-22823) * expat: Integer overflow in defineAttribute in xmlparse.c (CVE-2022-22824) * expat: Integer overflow in lookup in xmlparse.c (CVE-2022-22825) * expat: Integer overflow in nextScaffoldPart in xmlparse.c (CVE-2022-22826) * expat: Integer overflow in storeAtts in xmlparse.c (CVE-2022-22827) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms xmlrpc-c-c++-1.51.0-8.el8.aarch64.rpm 1c3ff959e2aa3555371b626616ca80b634dd4a583e8f84448ffc254adc955f0a xmlrpc-c-client++-1.51.0-8.el8.aarch64.rpm 998c7865d6a57015886f966dc09437640c11d9faf096676ac90b6c2cd5000ef1 xmlrpc-c-devel-1.51.0-8.el8.aarch64.rpm 2b91f0d1bafe0b998dc97321d6447f45df9fc8ddaf50ad674dd9644831d3fcf5 RLBA-2022:7698 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for samba. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsmbclient-devel-4.16.4-2.el8.aarch64.rpm f1e2198e2093b2091fba8dacae92c15538a8842338ff3a63549cc942a7b9c921 libwbclient-devel-4.16.4-2.el8.aarch64.rpm 81903b7db0b76afd3a59dae306692a5bb0ec78cf126f3939703333977d772af3 samba-devel-4.16.4-2.el8.aarch64.rpm 1ce18783bd06580846a4b95cdf02d6d920ab9c2de2b87a22f3a02bbe9e9aab42 RLBA-2022:7707 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nftables. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms nftables-devel-0.9.3-26.el8.aarch64.rpm a56a2130f8aa38495cdf734e7d03f92fbe132fe8a480ba2bdedc4972996e6e2b RLBA-2022:7711 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libdnf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libdnf-devel-0.63.0-11.1.el8.aarch64.rpm bd59516bab7295b99375c1e12853f94aa99540559e018bdc911cb6f5c153d71c RLBA-2022:7713 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libsolv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsolv-devel-0.7.20-3.el8.aarch64.rpm 8ca1790650859d8fa60562eb9bea3ac5c27632265c1a314fbdf20daa76a36a6d libsolv-tools-0.7.20-3.el8.aarch64.rpm 231591cf858218021f38b73f149c78a9dd72ce0dfa452b3785cfb82b697e1046 RLBA-2022:7714 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for device-mapper-multipath. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms device-mapper-multipath-devel-0.8.4-28.el8.aarch64.rpm 2344d05507232dbb9c00ada8b3891b6cb55f464d327350cd3774d1184f946a80 RLBA-2022:7717 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for elfutils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms elfutils-devel-static-0.187-4.el8.aarch64.rpm 4bae4bb7ebdb02d4be7bb665a9897c1777e1299320bf722ee0af5dbf3dd60778 elfutils-libelf-devel-static-0.187-4.el8.aarch64.rpm 615958bb396115fd3956251a2a1843e92eae082e846edb8a95e2b7ad5c318bfd RLSA-2022:7720 The e2fsprogs packages provide a number of utilities for creating, checking, modifying, and correcting the ext2, ext3, and ext4 file systems. Security Fix(es): * e2fsprogs: out-of-bounds read/write via crafted filesystem (CVE-2022-1304) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for e2fsprogs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The e2fsprogs packages provide a number of utilities for creating, checking, modifying, and correcting the ext2, ext3, and ext4 file systems. Security Fix(es): * e2fsprogs: out-of-bounds read/write via crafted filesystem (CVE-2022-1304) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libss-devel-1.45.6-5.el8.aarch64.rpm 21f73ef3c5e6a717908c3b225e2764b008893e5237c9df19a884d20725fcc69f RLBA-2022:7724 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for zlib. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms zlib-static-1.2.11-20.el8.aarch64.rpm df0ff729403eb06f1544476865d5e314ee199ac2292c81560f1ed907b761be6f RLBA-2022:7731 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ding-libs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libbasicobjects-devel-0.1.1-40.el8.aarch64.rpm d1a16c194a5d50910c095ee107a3443a1239c93e7d320cf54294c2063e959163 libcollection-devel-0.7.0-40.el8.aarch64.rpm 07ff9c398956d0a3adbbcf40e255c0a014620795fa602030aedc872594f1e43f libini_config-devel-1.3.1-40.el8.aarch64.rpm 82a8a5dbb3749c8c08c6d5d38c476bd53732d82463a96be1098e3c1829388ebf libpath_utils-devel-0.2.1-40.el8.aarch64.rpm 759a59951593006ee40bcae07b7fc5814e1150accf4a9774905d08074d2fb81e libref_array-devel-0.1.5-40.el8.aarch64.rpm a1fec07db5c9ee6cfa5f73335efd3f471fefa6381c6e13070983553d268b4d5d RLSA-2022:7730 The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb (2.5.2). (BZ#2077484) Security Fix(es): * samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request (CVE-2022-32746) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libldb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb (2.5.2). (BZ#2077484) Security Fix(es): * samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request (CVE-2022-32746) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3-ldb-devel-2.5.2-2.el8.aarch64.rpm 20ed79affadecd7b04d7337e2269d590fc0f25ab9b6001dd875dc563a876f768 python-ldb-devel-common-2.5.2-2.el8.aarch64.rpm 5f4098d0c57e6c38ccbd0b277882adf10c10dd59d2007f405ccd3fa3e52e8241 RLBA-2022:7735 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for bluez. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms bluez-libs-devel-5.63-1.el8.aarch64.rpm 9864aa8c8cbe75c84f75fdb81504e94f93540af06f73d55c76942ea6cee211f8 RLBA-2022:7737 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for opencryptoki. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms opencryptoki-devel-3.18.0-3.el8.aarch64.rpm 0d9213a2c66345bab707ad84d529821541d825e2a1dcee08cea92ac2a0e26f16 RLBA-2022:7752 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for iproute. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms iproute-devel-5.18.0-1.el8.aarch64.rpm 80ed895917d1f6d9426fa2d12564d9bd5bf7981cb9d60d50d8ecdcc533e5d6e9 RLBA-2022:7757 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sg3_utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms sg3_utils-devel-1.44-6.el8.aarch64.rpm df0409adc7e1ef13b2694178fdf741005b468a2c422d6dc207c845a3e5ceb1c9 RLBA-2022:7760 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ndctl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms daxctl-devel-71.1-4.el8.aarch64.rpm d5eed906f475779a804fbfb0dc2dccd24762197707da4d5757260dda63c42d67 ndctl-devel-71.1-4.el8.aarch64.rpm d5d856b1b7778bdb19cdc1178ff436ed4942f23d2fff9916ed9f25a06dd70d2a RLBA-2022:7767 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libbpf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libbpf-devel-0.5.0-1.el8.aarch64.rpm 778b4bdbc64e11a4cec8abddb9f04bc7c20801cc82179b2d73cf78165403dd4f libbpf-static-0.5.0-1.el8.aarch64.rpm d8d93fe728658e8357f5cbfeac7fa1ffd05925090a19dc3f347d8dba79c9a32e RLBA-2022:7768 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nfs-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libnfsidmap-devel-2.3.3-57.el8.aarch64.rpm cd2a9e6a0d1dca5a8fb1a8a74de5977e5c5d75a988c531d63d7e3c963cd674a5 RLBA-2022:7774 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sanlock. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms sanlock-devel-3.8.4-4.el8.aarch64.rpm 9d74a2ddba5a2178bf20962e11aab311d9e20cd7933f9f9962249ba5468de455 RLBA-2022:7780 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for librepo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms librepo-devel-1.14.2-3.el8.aarch64.rpm 1928eb0a8cfbccf380534dce43af9f05df3dea0192029f84e1848921038249b2 RLBA-2022:7783 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for util-linux. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libmount-devel-2.32.1-38.el8.aarch64.rpm cd68ef5a5764de0399aab711f2794bfc144dc0cecb007112c4f0002eea8f29b8 RLBA-2022:7786 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libselinux. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libselinux-static-2.9-6.el8.aarch64.rpm 46ea96a3a539b00a656bfd7d2226ac0c9c8351c55dc1f89acd36576ea3e92010 RLBA-2022:7788 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libarchive. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libarchive-devel-3.3.3-4.el8.aarch64.rpm 2b7028c3d90c5a480895c6487062d77ecffaeb2809c042ea092718cfa726c249 RLBA-2022:7792 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for lvm2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms device-mapper-devel-1.02.181-6.el8.aarch64.rpm beaaba258ffca016a1f45386505b04b2b8773ea7772e3394bd30c5a5c80a3f50 device-mapper-event-devel-1.02.181-6.el8.aarch64.rpm 794116a151399702cce2a2878d5d167bfd9b2c5bea2fb6b717ea067c04925bbd lvm2-devel-2.03.14-6.el8.aarch64.rpm 5dbe585c0e524a4927a626b25ef387415160f840b89e0a57737e78f40359a8a4 RLBA-2022:7794 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for shadow-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms shadow-utils-subid-devel-4.6-17.el8.aarch64.rpm a7a33f64077adb33913093f7c1d692eab90e0ea4c9b6c9d2e0767c72ee644b2a RLEA-2022:7797 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ucx, rdma-core, mstflint, libvma, fabtests, eth-tools, libfabric. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libfabric-devel-1.15.1-1.el8.aarch64.rpm 85e619d955fe927962cc13396e7f5c542e0c8759efb87d5885e8c04e48a99ecb RLBA-2022:7800 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for tpm2-abrmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms tpm2-abrmd-devel-2.3.3-3.el8.aarch64.rpm 3e1eba85059d6d4cf4dc5c20eff4619b7f604d17701fce881023a186fc215e66 RLBA-2022:7802 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for liblockfile. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms liblockfile-devel-1.14-2.el8.aarch64.rpm 28f5d398d669e4d48fa5373bbec28ae4a463cb7df4bb780ba31391b22e6e5c46 RLBA-2022:7803 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libtalloc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3-talloc-devel-2.3.3-2.el8.aarch64.rpm 047a908eccf73b68180f4542d28f08d9d1be0d8c560cb6057682cf15a8c7d519 RLBA-2022:7804 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libsemanage. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsemanage-devel-2.9-9.el8.aarch64.rpm e3b68ccbc3625edefb7633a642bdc7e72c106c57caccc262292706b5a77737ae RLBA-2022:7808 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for file. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms file-devel-5.33-21.el8.aarch64.rpm 48bc33073c2ae622a2e1989ddb9c6946245a39ae85835e59cdb804d6de2130bd RLBA-2022:7809 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libpwquality. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libpwquality-devel-1.4.4-5.el8.aarch64.rpm 1baff486601cdbb9410c43d87090d216f20472fec783d00ee3f7bbd5f9f6f3ad RLBA-2022:7828 NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es) and Enhancement(s): * Host ip changed when start vm (BZ#2132285) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for NetworkManager. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es) and Enhancement(s): * Host ip changed when start vm (BZ#2132285) rocky-linux-8-aarch64-powertools-rpms NetworkManager-libnm-devel-1.40.0-2.el8_7.aarch64.rpm d6afd57538d2cc032f255630faf9e154f45b87f07a029b73db172b959977bb04 RLBA-2022:7829 The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Bug Fix(es) and Enhancement(s): * Cannot SSH with AD user to ipa-client (`krb5_validate` and `pac_check` settings conflict) (BZ#2128544) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Bug Fix(es) and Enhancement(s): * Cannot SSH with AD user to ipa-client (`krb5_validate` and `pac_check` settings conflict) (BZ#2128544) rocky-linux-8-aarch64-powertools-rpms libsss_nss_idmap-devel-2.7.3-4.el8_7.1.aarch64.rpm 876fb14ca6ee70e7b6765a8c5ba645a22ff88456304b416f660290d56c48f376 RLSA-2022:7928 The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fix(es): * device-mapper-multipath: Regression of CVE-2022-41974 fix in Rocky Linux (CVE-2022-3787) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for device-mapper-multipath. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fix(es): * device-mapper-multipath: Regression of CVE-2022-41974 fix in Rocky Linux (CVE-2022-3787) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms device-mapper-multipath-devel-0.8.4-28.el8_7.1.aarch64.rpm dbf51d30037ea66cf5cae876c220600dd2324c3ab4efb4ff07fe7f77c1bf0610 RLBA-2022:9028 The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Bug Fix(es) and Enhancement(s): * Transaction picks old build to satisfy dependencies (BZ#2151895) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libsolv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Bug Fix(es) and Enhancement(s): * Transaction picks old build to satisfy dependencies (BZ#2151895) rocky-linux-8-aarch64-powertools-rpms libsolv-devel-0.7.20-4.el8_7.aarch64.rpm 1549de2fad1909d79db33b77b810a8a853bf9d344db6524129a04799ebd5aa8e libsolv-tools-0.7.20-4.el8_7.aarch64.rpm d79e51fd10c11fb718a68d23f2f439ebda6bac29e7cc1b71b07956708eb25835 RLBA-2023:0086 The opencryptoki packages contain version 2.11 of the PKCS#11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor (with the PKCS#11 firmware loaded), the IBM eServer Cryptographic Accelerator (FC 4960 on IBM eServer System p), the IBM Crypto Express2 (FC 0863 or FC 0870 on IBM System z), and the IBM CP Assist for Cryptographic Function (FC 3863 on IBM System z). The opencryptoki packages also bring a software token implementation that can be used without any cryptographic hardware. These packages contain the Slot Daemon (pkcsslotd) and general utilities. Bug Fix(es) and Enhancement(s): * Rocky Linux8.7 - opencryptoki C_GenerateKeyPair() fails after generating > 500 RSA keys with CEX7 crypto cards (BZ#2129059) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for opencryptoki. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The opencryptoki packages contain version 2.11 of the PKCS#11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor (with the PKCS#11 firmware loaded), the IBM eServer Cryptographic Accelerator (FC 4960 on IBM eServer System p), the IBM Crypto Express2 (FC 0863 or FC 0870 on IBM System z), and the IBM CP Assist for Cryptographic Function (FC 3863 on IBM System z). The opencryptoki packages also bring a software token implementation that can be used without any cryptographic hardware. These packages contain the Slot Daemon (pkcsslotd) and general utilities. Bug Fix(es) and Enhancement(s): * Rocky Linux8.7 - opencryptoki C_GenerateKeyPair() fails after generating > 500 RSA keys with CEX7 crypto cards (BZ#2129059) rocky-linux-8-aarch64-powertools-rpms opencryptoki-devel-3.18.0-5.el8_7.aarch64.rpm cb33cf1fac3fa4e85b8942a9e33bf832288d20b7f44252c45aba45332e8cfba1 RLBA-2023:0090 The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Bug Fix(es) and Enhancement(s): * Rocky Linux8.4 - zlib: inflate() does not update strm.adler if DFLTCC is used (BZ#2137336) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for zlib. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Bug Fix(es) and Enhancement(s): * Rocky Linux8.4 - zlib: inflate() does not update strm.adler if DFLTCC is used (BZ#2137336) rocky-linux-8-aarch64-powertools-rpms zlib-static-1.2.11-21.el8_7.aarch64.rpm 12cc9827423e4069ebd337fa1c112c930c058124ac2e55e4cab628467a5428e7 RLBA-2023:0098 NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es) and Enhancement(s): * crio occasionally fails to start during deployment (BZ#2132281) * DNS servers are not sorted according to priority in resolv.conf (BZ#2135733) * Hostname is not configured during IPI installation of OpenShift 4.10.3 on baremetal when using NMState and static IP config for a bond network interface. (BZ#2152891) * NMCLI OVS connections intermittently get stuck in "activating" state after power cycle or crash (BZ#2153429) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for NetworkManager. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es) and Enhancement(s): * crio occasionally fails to start during deployment (BZ#2132281) * DNS servers are not sorted according to priority in resolv.conf (BZ#2135733) * Hostname is not configured during IPI installation of OpenShift 4.10.3 on baremetal when using NMState and static IP config for a bond network interface. (BZ#2152891) * NMCLI OVS connections intermittently get stuck in "activating" state after power cycle or crash (BZ#2153429) rocky-linux-8-aarch64-powertools-rpms NetworkManager-libnm-devel-1.40.0-5.el8_7.aarch64.rpm c6e59e50faaa8759aae5dbe09873b268b011423858f1f405ac8a70c4beacdf33 RLSA-2023:0101 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964) * kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Rocky Linux8.4 - zfcp: fix missing auto port scan and thus missing target ports (BZ#2127849) * vfio zero page mappings fail after 2M instances (BZ#2128515) * ice: Driver Update up to 5.19 (BZ#2130992) * atlantic: missing hybernate/resume fixes (BZ#2131935) * Bluefield 2 DPU would crash and reboot due to a kernel panic (BZ#2134084) * Fix issue that enables STABLE_WRITES by default and causes performance regressions (BZ#2135813) * ice: Intel E810 PTP clock glitching (BZ#2136036) * ice: configure link-down-on-close on and change interface mtu to 9000,the interface can't up (BZ#2136216) * ice: dump additional CSRs for Tx hang debugging (BZ#2136513) * ice,iavf: system panic during sriov sriov_test_cntvf_reboot testing (BZ#2137270) * After upgrading to ocp4.11.1, our dpdk application using vlan strip offload is not working (BZ#2138157) * i40e: orphaned-leaky memory when interacting with driver memory parameters (BZ#2138205) * WARNING: CPU: 0 PID: 9637 at kernel/time/hrtimer.c:1309 hrtimer_start_range_ns+0x35d/0x400 (BZ#2138953) * DELL EMC 8.6-RT: System is not booting into RT Kernel with perc12. (BZ#2139216) * Lenovo 8.7: The VGA display shows no signal when install Rocky Linux8.7 (BZ#2140152) * Host Pod -> NodePort Service traffic (Host Backend - Same Node) Flow Iperf Cannot Pass Traffic (BZ#2141878) * mlx5_core: mlx5_cmd_check messages scrolling with hardware offload enabled (BZ#2141957) * net/ice: VIRTCHNL_OP_CONFIG_VSI_QUEUES command handling failure with in-tree driver (BZ#2142017) * Rocky Linux:8.6+ IBM Partner issue - Loopback driver with ABORT_TASKS causing hangs in scsi eh, this bug was cloned for Rocky Linux8.6 and need this patch in 8.6+ (BZ#2144583) * AMdCLIENT 8.8: The kernel command line parameter "nomodeset" not working properly (BZ#2145218) * Path loss during Volume Ownership Change on Rocky Linux 8.7 SAS (BZ#2147374) * net/ice: OP_SET_RSS_HENA command not supported with in-tree driver (BZ#2148130) * iavf panic: iavf 0000:ca:01.0: Failed to init adminq: -53 (BZ#2149081) * Intel 8.8 iavf: Driver Update (bugfixes) (BZ#2149742) * Azure Rocky Linux-8 PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (BZ#2150912) * Rocky Linux-8.7: System fails to boot with soft lockup while loading/unloading an unsigned (E) kernel module. (BZ#2152206) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964) * kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Rocky Linux8.4 - zfcp: fix missing auto port scan and thus missing target ports (BZ#2127849) * vfio zero page mappings fail after 2M instances (BZ#2128515) * ice: Driver Update up to 5.19 (BZ#2130992) * atlantic: missing hybernate/resume fixes (BZ#2131935) * Bluefield 2 DPU would crash and reboot due to a kernel panic (BZ#2134084) * Fix issue that enables STABLE_WRITES by default and causes performance regressions (BZ#2135813) * ice: Intel E810 PTP clock glitching (BZ#2136036) * ice: configure link-down-on-close on and change interface mtu to 9000,the interface can't up (BZ#2136216) * ice: dump additional CSRs for Tx hang debugging (BZ#2136513) * ice,iavf: system panic during sriov sriov_test_cntvf_reboot testing (BZ#2137270) * After upgrading to ocp4.11.1, our dpdk application using vlan strip offload is not working (BZ#2138157) * i40e: orphaned-leaky memory when interacting with driver memory parameters (BZ#2138205) * WARNING: CPU: 0 PID: 9637 at kernel/time/hrtimer.c:1309 hrtimer_start_range_ns+0x35d/0x400 (BZ#2138953) * DELL EMC 8.6-RT: System is not booting into RT Kernel with perc12. (BZ#2139216) * Lenovo 8.7: The VGA display shows no signal when install Rocky Linux8.7 (BZ#2140152) * Host Pod -> NodePort Service traffic (Host Backend - Same Node) Flow Iperf Cannot Pass Traffic (BZ#2141878) * mlx5_core: mlx5_cmd_check messages scrolling with hardware offload enabled (BZ#2141957) * net/ice: VIRTCHNL_OP_CONFIG_VSI_QUEUES command handling failure with in-tree driver (BZ#2142017) * Rocky Linux:8.6+ IBM Partner issue - Loopback driver with ABORT_TASKS causing hangs in scsi eh, this bug was cloned for Rocky Linux8.6 and need this patch in 8.6+ (BZ#2144583) * AMdCLIENT 8.8: The kernel command line parameter "nomodeset" not working properly (BZ#2145218) * Path loss during Volume Ownership Change on Rocky Linux 8.7 SAS (BZ#2147374) * net/ice: OP_SET_RSS_HENA command not supported with in-tree driver (BZ#2148130) * iavf panic: iavf 0000:ca:01.0: Failed to init adminq: -53 (BZ#2149081) * Intel 8.8 iavf: Driver Update (bugfixes) (BZ#2149742) * Azure Rocky Linux-8 PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (BZ#2150912) * Rocky Linux-8.7: System fails to boot with soft lockup while loading/unloading an unsigned (E) kernel module. (BZ#2152206) rocky-linux-8-aarch64-powertools-rpms kernel-tools-libs-devel-4.18.0-425.10.1.el8_7.aarch64.rpm 7dc47f3b792b17656cadf22417d942b1b7b9bf3536a0977d63bbe6329ef37092 RLBA-2023:0105 The util-linux packages contain a large variety of low-level system utilities necessary for a Linux system to function. Among others, these include the libuuid and uuidd daemon. Bug Fix(es) and Enhancement(s): * Add --cont-clock feature for libuuid and uuidd [Rocky Linux-8] (BZ#2143252) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for util-linux. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The util-linux packages contain a large variety of low-level system utilities necessary for a Linux system to function. Among others, these include the libuuid and uuidd daemon. Bug Fix(es) and Enhancement(s): * Add --cont-clock feature for libuuid and uuidd [Rocky Linux-8] (BZ#2143252) rocky-linux-8-aarch64-powertools-rpms libmount-devel-2.32.1-39.el8_7.aarch64.rpm 32beacfdb1dd7fffeff53b90bacbce2af561f804d2ddaacfedab540f21c019cf RLBA-2023:0106 The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Bug Fix(es) and Enhancement(s): * The ">>" operator of std::normal_distribution does not work properly. (BZ#2144075) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Bug Fix(es) and Enhancement(s): * The ">>" operator of std::normal_distribution does not work properly. (BZ#2144075) rocky-linux-8-aarch64-powertools-rpms gcc-plugin-devel-8.5.0-16.el8_7.aarch64.rpm f9da081971fd8bfaaf4c5e0d01025ac0ac85ac68fb6f9e508e73e00b7f920055 libstdc++-static-8.5.0-16.el8_7.aarch64.rpm af475e1a7ce587ad14fa18c36815eb6293bacbb4c5589ee4f95de16b72aeb8e3 RLBA-2023:0124 The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Bug Fix(es) and Enhancement(s): * Analyzer: Optimize and remove duplicate messages in verbose list (BZ#2139871) * SSSD: `sssctl analyze` command shouldn't require 'root' privileged (BZ#2142961) * UPN check cannot be disabled explicitly but requires krb5_validate = false' as a work-around (BZ#2148989) * authenticating against external IdP services okta (native app) with OAuth client secret failed (BZ#2152883) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Bug Fix(es) and Enhancement(s): * Analyzer: Optimize and remove duplicate messages in verbose list (BZ#2139871) * SSSD: `sssctl analyze` command shouldn't require 'root' privileged (BZ#2142961) * UPN check cannot be disabled explicitly but requires krb5_validate = false' as a work-around (BZ#2148989) * authenticating against external IdP services okta (native app) with OAuth client secret failed (BZ#2152883) rocky-linux-8-aarch64-powertools-rpms libsss_nss_idmap-devel-2.7.3-4.el8_7.3.aarch64.rpm ec11e1052c6e74eb492cb44a6510b49e3371b32bfabcf6074736c4f7c04b039b RLSA-2019:1529 The Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): * tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up (CVE-2018-8037) * tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins (CVE-2018-8014) * tomcat: Open redirect in default servlet (CVE-2018-11784) * tomcat: Host name verification missing in WebSocket client (CVE-2018-8034) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for glassfish-jaxb-api, glassfish-fastinfoset, xalan-j2, xmlstreambuffer, apache-commons-lang, jackson-module-jaxb-annotations, apache-commons-collections, javassist, python-nss, bea-stax, velocity, xml-commons-apis, resteasy, xsom, slf4j, stax-ex, xerces-j2, jakarta-commons-httpclient, glassfish-jaxb, xml-commons-resolver, relaxngDatatype. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): * tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up (CVE-2018-8037) * tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins (CVE-2018-8014) * tomcat: Open redirect in default servlet (CVE-2018-11784) * tomcat: Host name verification missing in WebSocket client (CVE-2018-8034) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms__javapackages-tools apache-commons-collections-3.2.2-10.module+el8.3.0+74+855e3f5d.noarch.rpm 1962d12108c85c26d6c44584c3414afa93177a62fe5fe31b9cb6fff51cd75cb9 apache-commons-lang-2.6-21.module+el8.3.0+74+855e3f5d.noarch.rpm 2cd3cc1c2c68b00eaf7073efe0e649c14d4cbeee76322fca4dbfe239a65e1d29 jakarta-commons-httpclient-3.1-28.module+el8.3.0+74+855e3f5d.noarch.rpm f71217b74ea2188f28ebd2b0d2f6677a94709d3e2ebbf4d02b333905d6c15b1e javassist-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 825f8edc1944e27c4611567fcb91aca046ba7994e92c1c9c215d2d83124920e0 javassist-javadoc-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 8da2a537026464a73387891f3983170d6049e939815a754e56afd4822208c687 slf4j-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm ccb1053be94370d918f0d931da4129bcc3dea1a5fd5a8bdb2786f45297e4d777 slf4j-jdk14-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm d9f73b25226e215f33eb7cb543ec0a7104fb91911fee655ed0c58ad11f10e7e3 velocity-1.7-24.module+el8.3.0+74+855e3f5d.noarch.rpm ade96d58f90efb5525b69336ef4b52e440d0f45532c0118e21805e9a925351a8 xalan-j2-2.7.1-38.module+el8.3.0+74+855e3f5d.noarch.rpm 10e75783a7ccfc438619489e7884709106c0989b344098087c8c203d1661edd1 xerces-j2-2.11.0-34.module+el8.3.0+74+855e3f5d.noarch.rpm fa10d9d0fc58d7b35ba8f873c84601f9362239a8016987f7965f72d099e8bf78 xml-commons-apis-1.4.01-25.module+el8.3.0+74+855e3f5d.noarch.rpm 275a59ebebead1b5939045d1d662ce6f5b273ce28d6fc7211d9e4e0a468d3630 xml-commons-resolver-1.2-26.module+el8.3.0+74+855e3f5d.noarch.rpm aaa1426f9361c3acd22134b8e459735af876af2716471524233b9ab02e98a522 RLSA-2019:2720 The Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): * jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for glassfish-jaxb-api, glassfish-fastinfoset, xalan-j2, xmlstreambuffer, apache-commons-lang, jackson-module-jaxb-annotations, apache-commons-collections, javassist, python-nss, bea-stax, velocity, xml-commons-apis, resteasy, xsom, slf4j, jackson-jaxrs-providers, stax-ex, xerces-j2, jakarta-commons-httpclient, glassfish-jaxb, xml-commons-resolver, relaxngDatatype. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): * jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms__javapackages-tools apache-commons-collections-3.2.2-10.module+el8.3.0+74+855e3f5d.noarch.rpm 1962d12108c85c26d6c44584c3414afa93177a62fe5fe31b9cb6fff51cd75cb9 apache-commons-lang-2.6-21.module+el8.3.0+74+855e3f5d.noarch.rpm 2cd3cc1c2c68b00eaf7073efe0e649c14d4cbeee76322fca4dbfe239a65e1d29 jakarta-commons-httpclient-3.1-28.module+el8.3.0+74+855e3f5d.noarch.rpm f71217b74ea2188f28ebd2b0d2f6677a94709d3e2ebbf4d02b333905d6c15b1e javassist-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 825f8edc1944e27c4611567fcb91aca046ba7994e92c1c9c215d2d83124920e0 javassist-javadoc-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 8da2a537026464a73387891f3983170d6049e939815a754e56afd4822208c687 slf4j-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm ccb1053be94370d918f0d931da4129bcc3dea1a5fd5a8bdb2786f45297e4d777 slf4j-jdk14-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm d9f73b25226e215f33eb7cb543ec0a7104fb91911fee655ed0c58ad11f10e7e3 velocity-1.7-24.module+el8.3.0+74+855e3f5d.noarch.rpm ade96d58f90efb5525b69336ef4b52e440d0f45532c0118e21805e9a925351a8 xalan-j2-2.7.1-38.module+el8.3.0+74+855e3f5d.noarch.rpm 10e75783a7ccfc438619489e7884709106c0989b344098087c8c203d1661edd1 xerces-j2-2.11.0-34.module+el8.3.0+74+855e3f5d.noarch.rpm fa10d9d0fc58d7b35ba8f873c84601f9362239a8016987f7965f72d099e8bf78 xml-commons-apis-1.4.01-25.module+el8.3.0+74+855e3f5d.noarch.rpm 275a59ebebead1b5939045d1d662ce6f5b273ce28d6fc7211d9e4e0a468d3630 xml-commons-resolver-1.2-26.module+el8.3.0+74+855e3f5d.noarch.rpm aaa1426f9361c3acd22134b8e459735af876af2716471524233b9ab02e98a522 RLSA-2019:2722 The libwmf packages provide a library for reading and converting Windows Metafile Format (WMF) vector graphics. The library is used by applications such as GIMP and ImageMagick. Security Fix(es): * gd: double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c (CVE-2019-6978) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for libwmf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libwmf packages provide a library for reading and converting Windows Metafile Format (WMF) vector graphics. The library is used by applications such as GIMP and ImageMagick. Security Fix(es): * gd: double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c (CVE-2019-6978) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libwmf-devel-0.2.9-8.el8_0.aarch64.rpm 717b1b76322bba8a1d02acfdb5f08ed3e55db4b62289095fd446f41e8e7421ff RLEA-2019:3367 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for google-noto-cjk-fonts. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms google-noto-sans-cjk-jp-fonts-20190416-1.el8.noarch.rpm a0e76579364810ba3d2d252d31a1596f921074ca5c231f74257bb2585c08a59b RLBA-2019:3411 This update fixes two issues in lttng-ust and subpackages. There was a bad shebang in the /usr/bin/lttng-gen-tp utility that prevented users from executing it. This issue has been fixed. lttng-ust was only available for x86_64 architectures. lttng-ust is now available for all architectures supported on Rocky Linux. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for lttng-ust. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

This update fixes two issues in lttng-ust and subpackages. There was a bad shebang in the /usr/bin/lttng-gen-tp utility that prevented users from executing it. This issue has been fixed. lttng-ust was only available for x86_64 architectures. lttng-ust is now available for all architectures supported on Rocky Linux. rocky-linux-8-aarch64-powertools-rpms lttng-ust-devel-2.8.1-11.el8.aarch64.rpm 09615b2f23fca15b7599e297aa89a3c1a8573619350f8fcd2502da18805d6a34 RLBA-2019:3416 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for glassfish-jaxb-api, glassfish-fastinfoset, xalan-j2, xmlstreambuffer, apache-commons-lang, jackson-module-jaxb-annotations, apache-commons-collections, javassist, python-nss, bea-stax, velocity, xml-commons-apis, resteasy, xsom, slf4j, jackson-jaxrs-providers, stax-ex, xerces-j2, jakarta-commons-httpclient, glassfish-jaxb, xml-commons-resolver, relaxngDatatype. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__javapackages-tools apache-commons-collections-3.2.2-10.module+el8.3.0+74+855e3f5d.noarch.rpm 1962d12108c85c26d6c44584c3414afa93177a62fe5fe31b9cb6fff51cd75cb9 apache-commons-lang-2.6-21.module+el8.3.0+74+855e3f5d.noarch.rpm 2cd3cc1c2c68b00eaf7073efe0e649c14d4cbeee76322fca4dbfe239a65e1d29 jakarta-commons-httpclient-3.1-28.module+el8.3.0+74+855e3f5d.noarch.rpm f71217b74ea2188f28ebd2b0d2f6677a94709d3e2ebbf4d02b333905d6c15b1e javassist-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 825f8edc1944e27c4611567fcb91aca046ba7994e92c1c9c215d2d83124920e0 javassist-javadoc-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 8da2a537026464a73387891f3983170d6049e939815a754e56afd4822208c687 slf4j-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm ccb1053be94370d918f0d931da4129bcc3dea1a5fd5a8bdb2786f45297e4d777 slf4j-jdk14-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm d9f73b25226e215f33eb7cb543ec0a7104fb91911fee655ed0c58ad11f10e7e3 velocity-1.7-24.module+el8.3.0+74+855e3f5d.noarch.rpm ade96d58f90efb5525b69336ef4b52e440d0f45532c0118e21805e9a925351a8 xalan-j2-2.7.1-38.module+el8.3.0+74+855e3f5d.noarch.rpm 10e75783a7ccfc438619489e7884709106c0989b344098087c8c203d1661edd1 xerces-j2-2.11.0-34.module+el8.3.0+74+855e3f5d.noarch.rpm fa10d9d0fc58d7b35ba8f873c84601f9362239a8016987f7965f72d099e8bf78 xml-commons-apis-1.4.01-25.module+el8.3.0+74+855e3f5d.noarch.rpm 275a59ebebead1b5939045d1d662ce6f5b273ce28d6fc7211d9e4e0a468d3630 xml-commons-resolver-1.2-26.module+el8.3.0+74+855e3f5d.noarch.rpm aaa1426f9361c3acd22134b8e459735af876af2716471524233b9ab02e98a522 RLBA-2019:3449 GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-dyninst packages to Rocky Enterprise Software Foundation Eneterprise Linux 8. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documented in the GCC Toolset 9 chapter. For detailed changes in this release, see the Rocky Linux 8.1 Release Notes. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gcc-toolset-9-dyninst. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-dyninst packages to Rocky Enterprise Software Foundation Eneterprise Linux 8. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documented in the GCC Toolset 9 chapter. For detailed changes in this release, see the Rocky Linux 8.1 Release Notes. rocky-linux-8-aarch64-powertools-rpms gcc-toolset-9-dyninst-devel-10.1.0-1.el8.aarch64.rpm ce191ce5e105a9dc6ba0f919f4e34a6a2a4fd872c4499cd99beca03b65180a30 gcc-toolset-9-dyninst-doc-10.1.0-1.el8.aarch64.rpm aaf0e9ef84ac71789aa0b8dfb5bfb712f4a9b4ab4fef4e4cab6e8c44afacd4d2 gcc-toolset-9-dyninst-static-10.1.0-1.el8.aarch64.rpm 864b0fcce1c5d4ac3fbb71ae345e2e51fc67d1786f51998cbe1be30baecdc420 gcc-toolset-9-dyninst-testsuite-10.1.0-1.el8.aarch64.rpm 39ca6894d36b34eac5f291bf34a984c89be38b0cbdf61a0ef054f22f5752a30f RLBA-2019:3462 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libcdio. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libcdio-devel-2.0.0-3.el8.aarch64.rpm 564e95a76c78f88225bd431cb4b8dbe36a060a18f81589ecda633323195bfdbc RLBA-2019:3490 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ldns. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ldns-devel-1.7.0-21.el8.aarch64.rpm 8dbbc08ded1fcaed06fb469a89eacd62f76b7454ef226f9526d47daaa5330dc3 RLEA-2019:3557 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for cmocka, nss_wrapper, uid_wrapper, socket_wrapper. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libcmocka-1.1.5-1.el8.aarch64.rpm 92cbca5860fc91a59e88658d92996f9394b52398bd76acd65e36cb1bd387bd77 libcmocka-devel-1.1.5-1.el8.aarch64.rpm d7dafcccc8cdeb114eefc277565bc0048883d3896514728368392175c39339b7 socket_wrapper-1.2.3-1.el8.aarch64.rpm fd06ef4a6fe6adedd2c0d1fdf71ff159745b43e256e846368768af6e283e1dec uid_wrapper-1.2.4-4.el8.aarch64.rpm c3e1b6eac7dfbfd6b60f0c47f8be3f00c777d9e519d46dc1524f7eda1d350af8 RLSA-2019:3703 The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis, a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed format for audio and music at fixed and variable bitrates. Security Fix(es): * libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392) * libvorbis: stack buffer overflow in bark_noise_hybridmp function (CVE-2018-10393) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for libvorbis. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis, a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed format for audio and music at fixed and variable bitrates. Security Fix(es): * libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392) * libvorbis: stack buffer overflow in bark_noise_hybridmp function (CVE-2018-10393) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libvorbis-devel-1.3.6-2.el8.aarch64.rpm 45b27f8070d22a81e24a5710eb61b29c0c7abeef076529d2ecaeda1acb566366 libvorbis-devel-docs-1.3.6-2.el8.noarch.rpm 0ec54402929c83ee0af4f575e419e9f859ae3c1f202e05ed60124210e96622b7 RLSA-2019:3708 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.17), galera (25.3.26). (BZ#1701687, BZ#1711265, BZ#1741358) Security Fix(es): * mysql: InnoDB unspecified vulnerability (CPU Jan 2019) (CVE-2019-2510) * mysql: Server: DDL unspecified vulnerability (CPU Jan 2019) (CVE-2019-2537) * mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) (CVE-2019-2614) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) (CVE-2019-2627) * mysql: InnoDB unspecified vulnerability (CPU Apr 2019) (CVE-2019-2628) * mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) (CVE-2019-2737) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) (CVE-2019-2739) * mysql: Server: XML unspecified vulnerability (CPU Jul 2019) (CVE-2019-2740) * mysql: InnoDB unspecified vulnerability (CPU Jul 2019) (CVE-2019-2758) * mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) (CVE-2019-2805) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for asio, Judy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.17), galera (25.3.26). (BZ#1701687, BZ#1711265, BZ#1741358) Security Fix(es): * mysql: InnoDB unspecified vulnerability (CPU Jan 2019) (CVE-2019-2510) * mysql: Server: DDL unspecified vulnerability (CPU Jan 2019) (CVE-2019-2537) * mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) (CVE-2019-2614) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) (CVE-2019-2627) * mysql: InnoDB unspecified vulnerability (CPU Apr 2019) (CVE-2019-2628) * mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) (CVE-2019-2737) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) (CVE-2019-2739) * mysql: Server: XML unspecified vulnerability (CPU Jul 2019) (CVE-2019-2740) * mysql: InnoDB unspecified vulnerability (CPU Jul 2019) (CVE-2019-2758) * mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) (CVE-2019-2805) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__mariadb-devel asio-devel-1.10.8-7.module+el8.5.0+777+18007c86.aarch64.rpm cf505dedb0f59a8623402e4faef396217633715710cbe58ef949d1c3b2779a2b RLSA-2020:1577 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 (0.27.2). (BZ#1651917) Security Fix(es): * exiv2: infinite loop and hang in Jp2Image::readMetadata() in jp2image.cpp could lead to DoS (CVE-2019-20421) * exiv2: null pointer dereference in the Exiv2::DataValue::toLong function in value.cpp (CVE-2017-18005) * exiv2: Excessive memory allocation in Exiv2::Jp2Image::readMetadata function in jp2image.cpp (CVE-2018-4868) * exiv2: assertion failure in BigTiffImage::readData in bigtiffimage.cpp (CVE-2018-9303) * exiv2: divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp (CVE-2018-9304) * exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9305) * exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file (CVE-2018-10772) * exiv2: information leak via a crafted file (CVE-2018-11037) * exiv2: buffer overflow in samples/geotag.cpp (CVE-2018-14338) * exiv2: heap-based buffer overflow in Exiv2::d2Data in types.cpp (CVE-2018-17229) * exiv2: heap-based buffer overflow in Exiv2::ul2Data in types.cpp (CVE-2018-17230) * exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash (CVE-2018-17282) * exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service (CVE-2018-17581) * exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp (CVE-2018-18915) * exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp (CVE-2018-19107) * exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp (CVE-2018-19108) * exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp (CVE-2018-19535) * exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp (CVE-2018-19607) * exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service (CVE-2018-20096) * exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function (CVE-2018-20097) * exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20098) * exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20099) * exiv2: infinite recursion in Exiv2::Image::printTiffStructure in file image.cpp resulting in denial of service (CVE-2019-9143) * exiv2: denial of service in PngImage::readMetadata (CVE-2019-13109) * exiv2: integer overflow in WebPImage::decodeChunks leads to denial of service (CVE-2019-13111) * exiv2: uncontrolled memory allocation in PngChunk::parseChunkContent causing denial of service (CVE-2019-13112) * exiv2: invalid data location in CRW image file causing denial of service (CVE-2019-13113) * exiv2: null-pointer dereference in http.c causing denial of service (CVE-2019-13114) * exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9306) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libgexiv2, gnome-color-manager, gegl, exiv2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 (0.27.2). (BZ#1651917) Security Fix(es): * exiv2: infinite loop and hang in Jp2Image::readMetadata() in jp2image.cpp could lead to DoS (CVE-2019-20421) * exiv2: null pointer dereference in the Exiv2::DataValue::toLong function in value.cpp (CVE-2017-18005) * exiv2: Excessive memory allocation in Exiv2::Jp2Image::readMetadata function in jp2image.cpp (CVE-2018-4868) * exiv2: assertion failure in BigTiffImage::readData in bigtiffimage.cpp (CVE-2018-9303) * exiv2: divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp (CVE-2018-9304) * exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9305) * exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file (CVE-2018-10772) * exiv2: information leak via a crafted file (CVE-2018-11037) * exiv2: buffer overflow in samples/geotag.cpp (CVE-2018-14338) * exiv2: heap-based buffer overflow in Exiv2::d2Data in types.cpp (CVE-2018-17229) * exiv2: heap-based buffer overflow in Exiv2::ul2Data in types.cpp (CVE-2018-17230) * exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash (CVE-2018-17282) * exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service (CVE-2018-17581) * exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp (CVE-2018-18915) * exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp (CVE-2018-19107) * exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp (CVE-2018-19108) * exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp (CVE-2018-19535) * exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp (CVE-2018-19607) * exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service (CVE-2018-20096) * exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function (CVE-2018-20097) * exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20098) * exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20099) * exiv2: infinite recursion in Exiv2::Image::printTiffStructure in file image.cpp resulting in denial of service (CVE-2019-9143) * exiv2: denial of service in PngImage::readMetadata (CVE-2019-13109) * exiv2: integer overflow in WebPImage::decodeChunks leads to denial of service (CVE-2019-13111) * exiv2: uncontrolled memory allocation in PngChunk::parseChunkContent causing denial of service (CVE-2019-13112) * exiv2: invalid data location in CRW image file causing denial of service (CVE-2019-13113) * exiv2: null-pointer dereference in http.c causing denial of service (CVE-2019-13114) * exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9306) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libgexiv2-devel-0.10.8-4.el8.aarch64.rpm 1ed9e22b26142d0dfb723c54115db96a3d20fe0344f299f735f67f6cb65cafd7 RLEA-2020:1607 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for http-parser. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms http-parser-devel-2.8.0-9.el8.aarch64.rpm 310395243967fb34ff1618f9325450b293ef702229992d790b69648754c47778 RLEA-2020:1611 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for xkeyboard-config, libevdev, libxkbcommon. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libxkbcommon-x11-devel-0.9.1-1.el8.aarch64.rpm 7620a5fd0b1703d77cd5c443726218caf7c54d774f1c7053aaf90f83bbd04f50 RLSA-2020:1616 Irssi is a modular IRC client with Perl scripting. Security Fix(es): * irssi: use after free when sending SASL login to server (CVE-2019-13045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for irssi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Irssi is a modular IRC client with Perl scripting. Security Fix(es): * irssi: use after free when sending SASL login to server (CVE-2019-13045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms irssi-devel-1.1.1-3.el8.aarch64.rpm 0517be3e3827c8c69c705d0a59041666de8bc9ce5e156808acf474f7ae880b1e RLBA-2020:1622 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for python-greenlet. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3-greenlet-devel-0.4.13-4.el8.aarch64.rpm 655d1e8316c6de9f5e8f8c0d9dc00cf09cf905c0a16c00d077ce7891c0cbfe10 RLSA-2020:1631 The GStreamer library provides a streaming media framework based on graphs of media data filters. The libmad package is an MPEG audio decoder capable of 24-bit output. Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Security Fix(es): * libmad: Double-free in the mad_decoder_run() function (CVE-2018-7263) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for libmad, gstreamer1-plugins-ugly-free, gstreamer1-plugins-bad-free, SDL2, orc, gstreamer1. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The GStreamer library provides a streaming media framework based on graphs of media data filters. The libmad package is an MPEG audio decoder capable of 24-bit output. Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Security Fix(es): * libmad: Double-free in the mad_decoder_run() function (CVE-2018-7263) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gstreamer1-plugins-bad-free-devel-1.16.1-1.el8.aarch64.rpm 0d830525b1eb12640fa39d43fab21ab1175dd3c50c2c20acf2b788fbe19d9763 libmad-devel-0.15.1b-25.el8.aarch64.rpm db9a0f107a6ddfd5ccfcd8abcfcf15baa139948521060956e3f77afd1f5d20e1 SDL2-2.0.10-2.el8.aarch64.rpm 404e875dd408a78e46de20ef1169db6fd90c0916e5ecbdfc569d1dc550b5ad02 SDL2-devel-2.0.10-2.el8.aarch64.rpm 7d8c0e9098d177cfed198c506bec92fc4da9b170ef62196ce95d704841da612f SDL2-static-2.0.10-2.el8.aarch64.rpm e83d1792909781afde7c1848a0142c03c4ccd3fe169778c9563fc6b255957d58 RLBA-2020:1633 For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libepoxy, wayland, libxcb, mesa-libGLw, wayland-protocols, libXpm, xorg-x11-drv-libinput, pixman, xorg-x11-drv-wacom. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms xorg-x11-drv-libinput-devel-0.29.0-1.el8.aarch64.rpm 2134a6b8972c02cc14535af8814b609c3318e1e42a3a30674c456d24bc5ae951 xorg-x11-drv-wacom-devel-0.38.0-1.el8.aarch64.rpm dfdb8fd54b56c3d5bce942fc342929d6f9923235de25102cba2159f073b89a04 RLSA-2020:1644 The Public Key Infrastructure (PKI) Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): * jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig (CVE-2019-14540) * jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource (CVE-2019-16335) * jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* (CVE-2019-16942) * jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource (CVE-2019-16943) * jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* (CVE-2019-17531) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for jackson-core, glassfish-jaxb-api, glassfish-fastinfoset, xalan-j2, xmlstreambuffer, jackson-annotations, jackson-databind, apache-commons-lang, jackson-module-jaxb-annotations, apache-commons-collections, javassist, python-nss, bea-stax, velocity, xml-commons-apis, resteasy, xsom, slf4j, jackson-jaxrs-providers, stax-ex, xerces-j2, jakarta-commons-httpclient, glassfish-jaxb, xml-commons-resolver, relaxngDatatype. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Public Key Infrastructure (PKI) Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): * jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig (CVE-2019-14540) * jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource (CVE-2019-16335) * jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* (CVE-2019-16942) * jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource (CVE-2019-16943) * jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* (CVE-2019-17531) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__javapackages-tools apache-commons-collections-3.2.2-10.module+el8.3.0+74+855e3f5d.noarch.rpm 1962d12108c85c26d6c44584c3414afa93177a62fe5fe31b9cb6fff51cd75cb9 apache-commons-lang-2.6-21.module+el8.3.0+74+855e3f5d.noarch.rpm 2cd3cc1c2c68b00eaf7073efe0e649c14d4cbeee76322fca4dbfe239a65e1d29 jakarta-commons-httpclient-3.1-28.module+el8.3.0+74+855e3f5d.noarch.rpm f71217b74ea2188f28ebd2b0d2f6677a94709d3e2ebbf4d02b333905d6c15b1e javassist-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 825f8edc1944e27c4611567fcb91aca046ba7994e92c1c9c215d2d83124920e0 javassist-javadoc-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 8da2a537026464a73387891f3983170d6049e939815a754e56afd4822208c687 slf4j-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm ccb1053be94370d918f0d931da4129bcc3dea1a5fd5a8bdb2786f45297e4d777 slf4j-jdk14-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm d9f73b25226e215f33eb7cb543ec0a7104fb91911fee655ed0c58ad11f10e7e3 velocity-1.7-24.module+el8.3.0+74+855e3f5d.noarch.rpm ade96d58f90efb5525b69336ef4b52e440d0f45532c0118e21805e9a925351a8 xalan-j2-2.7.1-38.module+el8.3.0+74+855e3f5d.noarch.rpm 10e75783a7ccfc438619489e7884709106c0989b344098087c8c203d1661edd1 xerces-j2-2.11.0-34.module+el8.3.0+74+855e3f5d.noarch.rpm fa10d9d0fc58d7b35ba8f873c84601f9362239a8016987f7965f72d099e8bf78 xml-commons-apis-1.4.01-25.module+el8.3.0+74+855e3f5d.noarch.rpm 275a59ebebead1b5939045d1d662ce6f5b273ce28d6fc7211d9e4e0a468d3630 xml-commons-resolver-1.2-26.module+el8.3.0+74+855e3f5d.noarch.rpm aaa1426f9361c3acd22134b8e459735af876af2716471524233b9ab02e98a522 RLSA-2020:1686 The libmspack packages contain a library providing compression and extraction of the Cabinet (CAB) file format used by Microsoft. Security Fix(es): * libmspack: buffer overflow in function chmd_read_headers() (CVE-2019-1010305) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for libmspack. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libmspack packages contain a library providing compression and extraction of the Cabinet (CAB) file format used by Microsoft. Security Fix(es): * libmspack: buffer overflow in function chmd_read_headers() (CVE-2019-1010305) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libmspack-devel-0.7-0.3.alpha.el8.4.aarch64.rpm 24c40ae57e3c09c3b8c49f8b71d6041d22dc39f181d5c3f73c94992c1f4a2a8b RLEA-2020:1694 This enhancement update adds the python38:3.8 module to Rocky Linux 8. (BZ#1747329) For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for python-more-itertools, pytest, python-psycopg2, python-urllib3, python-attrs, python-jinja2, python-requests, python-atomicwrites, mod_wsgi, python-asn1crypto, python-py, python-chardet, python-markupsafe, python-pluggy, Cython, python-psutil, python-wcwidth, babel, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python3x-setuptools, python-cffi, pytz, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

This enhancement update adds the python38:3.8 module to Rocky Linux 8. (BZ#1747329) For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__python38-devel python38-atomicwrites-1.3.0-8.module+el8.4.0+570+c2eaf144.noarch.rpm 4577930f8643eab6d5dd7d0f768cde32fcd2c7a4384f0b1cf913f2cca6713313 python38-attrs-19.3.0-3.module+el8.4.0+570+c2eaf144.noarch.rpm 1045c38f448778b2e636bd48607abc9b8cb9d767fb254f02d8fc4446de2dcdb6 python38-more-itertools-7.2.0-5.module+el8.4.0+570+c2eaf144.noarch.rpm a835104b763c20cf7aa64b8508e9c0b5cf39fa6a150327a3203fdb0a8755bdef python38-packaging-19.2-3.module+el8.4.0+570+c2eaf144.noarch.rpm 0edfb62f3f6eaa6d37cf69560eb66c4e7321fbe4d5b1a5a2cf836aa1195311be python38-pluggy-0.13.0-3.module+el8.4.0+570+c2eaf144.noarch.rpm 60dfc6122c9fd333025780bd3d6277083526e0932eb444ce6713be3f54a743d8 python38-py-1.8.0-8.module+el8.4.0+570+c2eaf144.noarch.rpm c2a1b7e33d1d1cd09325d09c9297065b85587adeaac0d805927036daae1681f1 python38-pyparsing-2.4.5-3.module+el8.4.0+570+c2eaf144.noarch.rpm 9764b2d4672b7d858a173b448213904a8eb16937add8a417987a31c3857ae7f4 python38-pytest-4.6.6-3.module+el8.4.0+570+c2eaf144.noarch.rpm 0369a5e14d4cbfd676ebd6157f0b988a1b9e2480e9fae9c00291b7c1d73abe86 python38-wcwidth-0.1.7-16.module+el8.4.0+570+c2eaf144.noarch.rpm b9652f15c965a3ec2e00be8240a592c91cdeb727b316863a34944a4de723859d RLBA-2020:1723 For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for uom-parent, parfait, uom-systems, uom-se, si-units, uom-lib, unit-api, log4j12. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__javapackages-tools log4j12-1.2.17-22.module+el8.3.0+74+855e3f5d.noarch.rpm 9961be644ddb26496002a814c140467e745ae1f78f8d2c45821b6ed204c8d895 log4j12-javadoc-1.2.17-22.module+el8.3.0+74+855e3f5d.noarch.rpm 741bc047281e2b80e32525a1edead2b0bdf377079a04e68d11e69259af00e18e RLBA-2020:1743 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for librevenge. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms librevenge-devel-0.0.4-12.el8.aarch64.rpm a9a13d6de5e0213fe4ac2fdb800da153c1cec091b804d67a13b4f900f6abdc56 RLSA-2021:4235 JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix(es): * jasper: Heap-based buffer overflow in cp_create() in jpc_enc.c (CVE-2020-27828) * jasper: Heap-based buffer over-read in jp2_decode() in jp2_dec.c (CVE-2021-3272) * jasper: Out of bounds read in jp2_decode() in jp2_dec.c (CVE-2021-26926) * jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (CVE-2021-26927) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for jasper. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix(es): * jasper: Heap-based buffer overflow in cp_create() in jpc_enc.c (CVE-2020-27828) * jasper: Heap-based buffer over-read in jp2_decode() in jp2_dec.c (CVE-2021-3272) * jasper: Out of bounds read in jp2_decode() in jp2_dec.c (CVE-2021-26926) * jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (CVE-2021-26927) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms jasper-devel-2.0.14-5.el8.aarch64.rpm 42b6247aa324c1d0971be0f6d0f6a0104c9ea6b2f3c5955d9478bdf11da62c12 RLEA-2021:4239 For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for jackson-core, ldapjdk, glassfish-jaxb-api, glassfish-fastinfoset, xalan-j2, apache-commons-net, xmlstreambuffer, jackson-annotations, jackson-databind, pki-servlet-engine, pki-core, apache-commons-lang, jackson-module-jaxb-annotations, apache-commons-collections, tomcatjss, javassist, python-nss, bea-stax, velocity, xml-commons-apis, resteasy, xsom, slf4j, jackson-jaxrs-providers, stax-ex, xerces-j2, jss, jakarta-commons-httpclient, glassfish-jaxb, xml-commons-resolver, relaxngDatatype. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__javapackages-tools apache-commons-collections-3.2.2-10.module+el8.3.0+74+855e3f5d.noarch.rpm 1962d12108c85c26d6c44584c3414afa93177a62fe5fe31b9cb6fff51cd75cb9 apache-commons-lang-2.6-21.module+el8.3.0+74+855e3f5d.noarch.rpm 2cd3cc1c2c68b00eaf7073efe0e649c14d4cbeee76322fca4dbfe239a65e1d29 apache-commons-net-3.6-3.module+el8.3.0+74+855e3f5d.noarch.rpm 0fd615658b7f48a1545a730d3142ba3c125727c552f69733e20d0c75633e7743 jakarta-commons-httpclient-3.1-28.module+el8.3.0+74+855e3f5d.noarch.rpm f71217b74ea2188f28ebd2b0d2f6677a94709d3e2ebbf4d02b333905d6c15b1e javassist-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 825f8edc1944e27c4611567fcb91aca046ba7994e92c1c9c215d2d83124920e0 javassist-javadoc-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 8da2a537026464a73387891f3983170d6049e939815a754e56afd4822208c687 slf4j-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm ccb1053be94370d918f0d931da4129bcc3dea1a5fd5a8bdb2786f45297e4d777 slf4j-jdk14-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm d9f73b25226e215f33eb7cb543ec0a7104fb91911fee655ed0c58ad11f10e7e3 velocity-1.7-24.module+el8.3.0+74+855e3f5d.noarch.rpm ade96d58f90efb5525b69336ef4b52e440d0f45532c0118e21805e9a925351a8 xalan-j2-2.7.1-38.module+el8.3.0+74+855e3f5d.noarch.rpm 10e75783a7ccfc438619489e7884709106c0989b344098087c8c203d1661edd1 xerces-j2-2.11.0-34.module+el8.3.0+74+855e3f5d.noarch.rpm fa10d9d0fc58d7b35ba8f873c84601f9362239a8016987f7965f72d099e8bf78 xml-commons-apis-1.4.01-25.module+el8.3.0+74+855e3f5d.noarch.rpm 275a59ebebead1b5939045d1d662ce6f5b273ce28d6fc7211d9e4e0a468d3630 xml-commons-resolver-1.2-26.module+el8.3.0+74+855e3f5d.noarch.rpm aaa1426f9361c3acd22134b8e459735af876af2716471524233b9ab02e98a522 RLSA-2021:4256 Graphviz is open-source graph-visualization software. Graph visualization is a way of representing structural information as diagrams of abstract graphs and networks. It has important applications in networking, bioinformatics, software engineering, database and web design, machine learning, and in visual interfaces for other technical domains. Security Fix(es): * graphviz: off-by-one in parse_reclbl() in lib/common/shapes.c (CVE-2020-18032) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for graphviz. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Graphviz is open-source graph-visualization software. Graph visualization is a way of representing structural information as diagrams of abstract graphs and networks. It has important applications in networking, bioinformatics, software engineering, database and web design, machine learning, and in visual interfaces for other technical domains. Security Fix(es): * graphviz: off-by-one in parse_reclbl() in lib/common/shapes.c (CVE-2020-18032) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms graphviz-devel-2.40.1-43.el8.aarch64.rpm e8f9a469eb575b82b50f2892e2fc637ef3d935dfbc3df6b013ef462505cf9fcc graphviz-doc-2.40.1-43.el8.aarch64.rpm 6b420964f1d54eaf941baf5d431515c9b1a7e591e5d2874212040ec9a6f235e6 graphviz-gd-2.40.1-43.el8.aarch64.rpm a3ecff72598ecb0af52654fd58167f3cf1abdf4f661f446e2d51eccab5b90a33 graphviz-python3-2.40.1-43.el8.aarch64.rpm 88b448ea959cc1d9e7f45bd2d91451941e223f4717d0766c72195267249c57aa RLSA-2020:4629 The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fix(es): * libvpx: Double free in ParseContentEncodingEntry() in mkvparser.cc (CVE-2019-2126) * libvpx: Out of bounds read in vp8_norm table (CVE-2019-9232) * libvpx: Resource exhaustion after memory leak in mkvparser.cc (CVE-2019-9371) * libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c (CVE-2019-9433) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libvpx. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fix(es): * libvpx: Double free in ParseContentEncodingEntry() in mkvparser.cc (CVE-2019-2126) * libvpx: Out of bounds read in vp8_norm table (CVE-2019-9232) * libvpx: Resource exhaustion after memory leak in mkvparser.cc (CVE-2019-9371) * libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c (CVE-2019-9433) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libvpx-devel-1.7.0-8.el8.aarch64.rpm 970df117e089f32b13f6c5f92f7b160bb2664281a4b0bc0dfa72f0a7b16e9fdb RLBA-2020:4658 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for munge. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms munge-devel-0.5.13-2.el8.aarch64.rpm af41ee20f24b596b9ead774d629c99fd79b08931bda36d156a13918daca2ff82 RLBA-2020:4678 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for tog-pegasus. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms tog-pegasus-devel-2.14.1-46.el8.aarch64.rpm 5436c3477f75e5c2b314175911b77747f6672bd74c014981f34eb47e44c3b4e6 RLEA-2020:4700 For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for drpm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms drpm-devel-0.4.1-3.el8.aarch64.rpm 670afe0006731a1965d56df01104a6b4fea219a714470e02b56d0b8d150de0f0 RLSA-2020:4847 The Public Key Infrastructure (PKI) Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): * jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251) * bootstrap: XSS in the data-target attribute (CVE-2016-10735) * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040) * bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042) * bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331) * jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358) * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) * jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023) * pki: Dogtag's python client does not validate certificates (CVE-2020-15720) * pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146) * pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179) * pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221) * pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for jackson-core, ldapjdk, glassfish-jaxb-api, glassfish-fastinfoset, xalan-j2, apache-commons-net, xmlstreambuffer, jackson-annotations, jackson-databind, pki-servlet-engine, apache-commons-lang, jackson-module-jaxb-annotations, apache-commons-collections, javassist, python-nss, bea-stax, velocity, xml-commons-apis, resteasy, xsom, slf4j, jackson-jaxrs-providers, stax-ex, xerces-j2, jakarta-commons-httpclient, glassfish-jaxb, xml-commons-resolver, relaxngDatatype. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Public Key Infrastructure (PKI) Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): * jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251) * bootstrap: XSS in the data-target attribute (CVE-2016-10735) * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040) * bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042) * bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331) * jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358) * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) * jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023) * pki: Dogtag's python client does not validate certificates (CVE-2020-15720) * pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146) * pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179) * pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221) * pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__javapackages-tools apache-commons-collections-3.2.2-10.module+el8.3.0+74+855e3f5d.noarch.rpm 1962d12108c85c26d6c44584c3414afa93177a62fe5fe31b9cb6fff51cd75cb9 apache-commons-lang-2.6-21.module+el8.3.0+74+855e3f5d.noarch.rpm 2cd3cc1c2c68b00eaf7073efe0e649c14d4cbeee76322fca4dbfe239a65e1d29 apache-commons-net-3.6-3.module+el8.3.0+74+855e3f5d.noarch.rpm 0fd615658b7f48a1545a730d3142ba3c125727c552f69733e20d0c75633e7743 jakarta-commons-httpclient-3.1-28.module+el8.3.0+74+855e3f5d.noarch.rpm f71217b74ea2188f28ebd2b0d2f6677a94709d3e2ebbf4d02b333905d6c15b1e javassist-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 825f8edc1944e27c4611567fcb91aca046ba7994e92c1c9c215d2d83124920e0 javassist-javadoc-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 8da2a537026464a73387891f3983170d6049e939815a754e56afd4822208c687 slf4j-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm ccb1053be94370d918f0d931da4129bcc3dea1a5fd5a8bdb2786f45297e4d777 slf4j-jdk14-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm d9f73b25226e215f33eb7cb543ec0a7104fb91911fee655ed0c58ad11f10e7e3 velocity-1.7-24.module+el8.3.0+74+855e3f5d.noarch.rpm ade96d58f90efb5525b69336ef4b52e440d0f45532c0118e21805e9a925351a8 xalan-j2-2.7.1-38.module+el8.3.0+74+855e3f5d.noarch.rpm 10e75783a7ccfc438619489e7884709106c0989b344098087c8c203d1661edd1 xerces-j2-2.11.0-34.module+el8.3.0+74+855e3f5d.noarch.rpm fa10d9d0fc58d7b35ba8f873c84601f9362239a8016987f7965f72d099e8bf78 xml-commons-apis-1.4.01-25.module+el8.3.0+74+855e3f5d.noarch.rpm 275a59ebebead1b5939045d1d662ce6f5b273ce28d6fc7211d9e4e0a468d3630 xml-commons-resolver-1.2-26.module+el8.3.0+74+855e3f5d.noarch.rpm aaa1426f9361c3acd22134b8e459735af876af2716471524233b9ab02e98a522 RLEA-2020:4742 For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libXft, xorg-x11-xkb-utils, xorg-x11-xtrans-devel, xorg-x11-drv-intel, libvdpau, libxkbfile, libXxf86dga, libXau, libXrandr, xorg-x11-proto-devel, xorg-x11-util-macros, libXext, libXi, libXdmcp, libXmu, libXvMC, mesa-demos, xorg-x11-drv-ati. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libvdpau-devel-1.4-2.el8.aarch64.rpm 6d15badc349ea2ebfa002851e677d222480af05439f9e025a8792a2a429ea134 libXdmcp-devel-1.1.3-1.el8.aarch64.rpm 706cfcd9ae3a844e230107446d69da31103f8a39828d7861b1ae98ab5057df7a libxkbfile-devel-1.1.0-1.el8.aarch64.rpm 241c4553b7eff5d8861ece65637674b0f4365d84eddf5c7bca5e41a7762fbde1 libXvMC-devel-1.0.12-1.el8.aarch64.rpm f8bfe60eb3c2ba2563a36a17198cd8132c4fbf8690530bb747b2a7ae1eac3801 xorg-x11-util-macros-1.19.2-1.el8.noarch.rpm cc9c2966178ea156cd7345951bc4620e234bc546bddaedbb6ffdc59aa502aa64 xorg-x11-xkb-utils-devel-7.7-28.el8.aarch64.rpm 20f22666886d9014ca0a05d1b14379a8f1c7188ac07fcca929057c133ef49a42 RLBA-2020:4773 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libgit2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libgit2-devel-0.26.8-2.el8.aarch64.rpm 268ae57f0529f7bcd507a675e0688f1f4df8ba1f30ee441d3184c223c3236754 RLSA-2020:4827 Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fix(es): * oniguruma: NULL pointer dereference in match_at() in regexec.c (CVE-2019-13225) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for oniguruma. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fix(es): * oniguruma: NULL pointer dereference in match_at() in regexec.c (CVE-2019-13225) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms oniguruma-devel-6.8.2-2.el8.aarch64.rpm 81f179af8b164e5e629f678746f876c1d4e3020c3da2b8ee0759b1df159824e7 RLBA-2020:4832 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for torque. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms torque-4.2.10-25.el8.aarch64.rpm 6d3c084a7d443f19fe243c8f29614497bfd5b5095c40726b13f0c7654de0547f torque-devel-4.2.10-25.el8.aarch64.rpm fa38f4d2ce5272566d9c72004cd0af46b3fe59db4d7eccb59d2601fab8df1534 RLBA-2020:4834 GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-10-systemtap packages to Rocky Enterprise Software Foundation Eneterprise Linux 8. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documented in the GCC Toolset 10 chapter. For detailed changes in this release, see the Rocky Linux 8.3 Release Notes. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gcc-toolset-9-gcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-10-systemtap packages to Rocky Enterprise Software Foundation Eneterprise Linux 8. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documented in the GCC Toolset 10 chapter. For detailed changes in this release, see the Rocky Linux 8.3 Release Notes. rocky-linux-8-aarch64-powertools-rpms gcc-toolset-9-gcc-plugin-devel-9.2.1-2.3.el8.aarch64.rpm 5fa7d0188c7a18facadf318e3ad521a7881a4aca6ee7e9990a19bbfba41b121a RLSA-2020:5393 The libexif packages provide a library for extracting extra information from image files. Security Fix(es): * libexif: out of bounds write due to an integer overflow in exif-entry.c (CVE-2020-0452) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for libexif. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libexif packages provide a library for extracting extra information from image files. Security Fix(es): * libexif: out of bounds write due to an integer overflow in exif-entry.c (CVE-2020-0452) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libexif-devel-0.6.22-5.el8_3.aarch64.rpm e7ba6cee81a8b9768a63dc4a5e87da987a776eed65d80c0f5499fe2ac0e39f1e RLSA-2021:1242 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.28), galera (25.3.32). Security Fix(es): * mariadb: writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user (CVE-2021-27928) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for Judy, asio, mariadb, galera. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.28), galera (25.3.32). Security Fix(es): * mariadb: writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user (CVE-2021-27928) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms__mariadb-devel asio-devel-1.10.8-7.module+el8.5.0+777+18007c86.aarch64.rpm cf505dedb0f59a8623402e4faef396217633715710cbe58ef949d1c3b2779a2b RLBA-2021:1765 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for brltty. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms brlapi-devel-0.6.7-32.el8.aarch64.rpm a6d62ffb9e55959c97698b4e4d7def2bef8e52a3a0033f2d797a39281a1369cf RLSA-2021:1775 The Public Key Infrastructure (PKI) Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): * resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for jackson-core, ldapjdk, glassfish-jaxb-api, glassfish-fastinfoset, xalan-j2, apache-commons-net, xmlstreambuffer, jackson-annotations, jackson-databind, pki-servlet-engine, apache-commons-lang, jackson-module-jaxb-annotations, apache-commons-collections, tomcatjss, javassist, python-nss, bea-stax, velocity, xml-commons-apis, resteasy, xsom, slf4j, jackson-jaxrs-providers, stax-ex, xerces-j2, jss, jakarta-commons-httpclient, glassfish-jaxb, xml-commons-resolver, relaxngDatatype. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Public Key Infrastructure (PKI) Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): * resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__javapackages-tools apache-commons-collections-3.2.2-10.module+el8.3.0+74+855e3f5d.noarch.rpm 1962d12108c85c26d6c44584c3414afa93177a62fe5fe31b9cb6fff51cd75cb9 apache-commons-lang-2.6-21.module+el8.3.0+74+855e3f5d.noarch.rpm 2cd3cc1c2c68b00eaf7073efe0e649c14d4cbeee76322fca4dbfe239a65e1d29 apache-commons-net-3.6-3.module+el8.3.0+74+855e3f5d.noarch.rpm 0fd615658b7f48a1545a730d3142ba3c125727c552f69733e20d0c75633e7743 jakarta-commons-httpclient-3.1-28.module+el8.3.0+74+855e3f5d.noarch.rpm f71217b74ea2188f28ebd2b0d2f6677a94709d3e2ebbf4d02b333905d6c15b1e javassist-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 825f8edc1944e27c4611567fcb91aca046ba7994e92c1c9c215d2d83124920e0 javassist-javadoc-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 8da2a537026464a73387891f3983170d6049e939815a754e56afd4822208c687 slf4j-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm ccb1053be94370d918f0d931da4129bcc3dea1a5fd5a8bdb2786f45297e4d777 slf4j-jdk14-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm d9f73b25226e215f33eb7cb543ec0a7104fb91911fee655ed0c58ad11f10e7e3 velocity-1.7-24.module+el8.3.0+74+855e3f5d.noarch.rpm ade96d58f90efb5525b69336ef4b52e440d0f45532c0118e21805e9a925351a8 xalan-j2-2.7.1-38.module+el8.3.0+74+855e3f5d.noarch.rpm 10e75783a7ccfc438619489e7884709106c0989b344098087c8c203d1661edd1 xerces-j2-2.11.0-34.module+el8.3.0+74+855e3f5d.noarch.rpm fa10d9d0fc58d7b35ba8f873c84601f9362239a8016987f7965f72d099e8bf78 xml-commons-apis-1.4.01-25.module+el8.3.0+74+855e3f5d.noarch.rpm 275a59ebebead1b5939045d1d662ce6f5b273ce28d6fc7211d9e4e0a468d3630 xml-commons-resolver-1.2-26.module+el8.3.0+74+855e3f5d.noarch.rpm aaa1426f9361c3acd22134b8e459735af876af2716471524233b9ab02e98a522 RLSA-2021:1789 GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible. GSSDP implements resource discovery and announcement over SSDP and is part of gUPnP. The following packages have been upgraded to a later upstream version: gssdp (1.0.5), gupnp (1.0.6). (BZ#1846589, BZ#1861928) Security Fix(es): * hostapd: UPnP SUBSCRIBE misbehavior in WPS AP (CVE-2020-12695) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for gssdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible. GSSDP implements resource discovery and announcement over SSDP and is part of gUPnP. The following packages have been upgraded to a later upstream version: gssdp (1.0.5), gupnp (1.0.6). (BZ#1846589, BZ#1861928) Security Fix(es): * hostapd: UPnP SUBSCRIBE misbehavior in WPS AP (CVE-2020-12695) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gssdp-devel-1.0.5-1.el8.aarch64.rpm 1745159b79ada50f976c3adbbad26006067698a81bd9ee6ceb4b75a49c4751b6 gssdp-docs-1.0.5-1.el8.noarch.rpm bdafd56ed53b0ceea90602bba9e077c3c9ee44a7278f44e90814d74c8ca6ad8e RLBA-2021:1802 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gnome-bluetooth. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gnome-bluetooth-libs-devel-3.34.3-1.el8.aarch64.rpm a7d6bfc6ce91eef7e95543f247950c9ff828683780988bf52f3213e5eaab0fc7 RLSA-2021:1811 LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Security Fix(es): * libvncserver: uninitialized memory contents are vulnerable to Information Leak (CVE-2018-21247) * libvncserver: buffer overflow in ConnectClientToUnixSock() (CVE-2019-20839) * libvncserver: libvncserver/rfbregion.c has a NULL pointer dereference (CVE-2020-14397) * libvncserver: libvncclient/rfbproto.c does not limit TextChat size (CVE-2020-14405) * libvncserver: libvncserver/rfbserver.c has a divide by zero which could result in DoS (CVE-2020-25708) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libvncserver. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Security Fix(es): * libvncserver: uninitialized memory contents are vulnerable to Information Leak (CVE-2018-21247) * libvncserver: buffer overflow in ConnectClientToUnixSock() (CVE-2019-20839) * libvncserver: libvncserver/rfbregion.c has a NULL pointer dereference (CVE-2020-14397) * libvncserver: libvncclient/rfbproto.c does not limit TextChat size (CVE-2020-14405) * libvncserver: libvncserver/rfbserver.c has a divide by zero which could result in DoS (CVE-2020-25708) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libvncserver-devel-0.9.11-17.el8.aarch64.rpm 84fefcd7b8af33b230572ed8144ef2222b605901f6aa1e80384c4f78668e7823 RLBA-2021:1848 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dconf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms dconf-devel-0.28.0-4.el8.aarch64.rpm 34c1abe1e86ecd00e0c563624a4e384b152497147d9e3fb0efa4d9be7c1d4a8d RLBA-2021:1858 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sendmail. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms sendmail-milter-devel-8.15.2-34.el8.aarch64.rpm 88b70c902ff88b631a2e9cc09e508bed32356952f8104b5d3bc7de8894493ef6 RLBA-2021:1902 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for uuid. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms uuid-devel-1.6.2-43.el8.aarch64.rpm 5ae0a87cf13d0715fc43f8d7fa9021fab858b0e3d2238b8e3df9d27e63226882 RLBA-2021:1903 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for pulseaudio, twolame. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms twolame-devel-0.3.13-12.el8.aarch64.rpm 053bbd7eb4b205a87ea99005bcf183deb6b5528c3dade77219329e87b56a37b3 RLBA-2021:1912 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ilmbase. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ilmbase-devel-2.2.0-13.el8.aarch64.rpm d542958699aa081830c29779d3202c2d97616a9d3d852a4bf37f3f48511d4700 RLBA-2021:1914 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libsmi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsmi-devel-0.4.8-23.el8.aarch64.rpm 6610118fc229d6f337a12fffd846b4dbab0c8a229d821b25b933b36286794b5e RLEA-2021:1919 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. This enhancement update adds the python39:3.9 module to Rocky Linux 8. (BZ#1877430) For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-toml, python-urllib3, PyYAML, python-attrs, python-iniconfig, python-requests, mod_wsgi, python3x-pip, python-py, python-chardet, python-pluggy, Cython, python-psutil, python-wcwidth, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python39, python-cffi, python3x-setuptools, pybind11, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. This enhancement update adds the python39:3.9 module to Rocky Linux 8. (BZ#1877430) For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__python39-devel python39-attrs-20.3.0-2.module+el8.4.0+574+843c4898.noarch.rpm fbb8f663205787752f8a7c5a1a7dc1497d9de97321946c2f1f959b9a83e701ba python39-Cython-0.29.21-5.module+el8.4.0+574+843c4898.aarch64.rpm 637ec2d61a3f84c6a3c79abe7c5ffd13fd5b02ba0acb854b25fecd6e8edf0282 python39-iniconfig-1.1.1-2.module+el8.4.0+574+843c4898.noarch.rpm 585177d17ab59aafa2b84d8543a424a37d750a1b7d77b13d3528fba480b8178f python39-more-itertools-8.5.0-2.module+el8.4.0+574+843c4898.noarch.rpm 783f58ba2a8c29a6be5ff43e198e37fd6a63251db3b3f2bee347fab0fb814ed0 python39-packaging-20.4-4.module+el8.4.0+574+843c4898.noarch.rpm 26959ff9006b14a57368c87762d0330e3fbfea6f3e3a635a8b19b3cf935a4e20 python39-pluggy-0.13.1-3.module+el8.4.0+574+843c4898.noarch.rpm 2f8e19389c1dae284619279fe0e20688debb67181df429c7d1ca16ba88747fda python39-py-1.10.0-1.module+el8.4.0+574+843c4898.noarch.rpm 47b83d280a2e2d2082f269fe5971adb5e2baa0d5e53e67492a3471a844b8691f python39-pyparsing-2.4.7-5.module+el8.4.0+574+843c4898.noarch.rpm c30232fe2b752fc55b6f9baab39b970d7b5b95cb01abe8cf91ccea9bc0846dd0 python39-pytest-6.0.2-2.module+el8.4.0+574+843c4898.noarch.rpm c2f636f758cd74bc1b9a16e1f42561af64af41cbfc5e7179fd204565ad051cf6 python39-wcwidth-0.2.5-3.module+el8.4.0+574+843c4898.noarch.rpm be221a900dcb8cf7ac2f7e5660522a057fd7c0b08503b9b4ed19d9564716c881 RLSA-2021:1924 The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Security Fix(es): * spice: Client initiated renegotiation denial of service (CVE-2021-20201) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for spice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Security Fix(es): * spice: Client initiated renegotiation denial of service (CVE-2021-20201) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms spice-server-devel-0.14.3-4.el8.aarch64.rpm 447055e1b7d90779f6ae72d39329caa23940f61c06716d8b5371909ecf471bda RLBA-2021:1942 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ibus-typing-booster. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ibus-typing-booster-tests-2.1.0-5.el8.noarch.rpm 1ac4fe22dcf12bb14596745aaa355c043f2379e91c39347ff3c3833255db8179 RLBA-2021:1948 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ibus-table. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ibus-table-devel-1.9.18-6.el8.noarch.rpm 5bc682aa187f8b6b8ce9d2bf0585b94cd324c8b97f3eb6aba7e125d09a0faafc ibus-table-tests-1.9.18-6.el8.noarch.rpm fc1d94b9f987c33e6ed095f0ccbc31b564362a7f806f479c1f2b559afa53cbad RLSA-2021:2363 GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible. Security Fix(es): * gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services (CVE-2021-33516) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for gupnp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible. Security Fix(es): * gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services (CVE-2021-33516) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms gupnp-devel-1.0.6-2.el8_4.aarch64.rpm bccfbbf9c0b00cc129fedbdea11a20f75f3327a21e96aa78a9f8efe12f8e114d RLSA-2021:2583 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * PyYAML: incomplete fix for CVE-2020-1747 (CVE-2020-14343) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-urllib3, PyYAML, python-attrs, python-jinja2, python-requests, python-atomicwrites, mod_wsgi, python3x-pip, python38, python-asn1crypto, python-chardet, python-markupsafe, python-pluggy, python-py, Cython, python-psutil, python-wcwidth, babel, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python3x-setuptools, python-cffi, pytz, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * PyYAML: incomplete fix for CVE-2020-1747 (CVE-2020-14343) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms__python38-devel python38-atomicwrites-1.3.0-8.module+el8.4.0+570+c2eaf144.noarch.rpm 4577930f8643eab6d5dd7d0f768cde32fcd2c7a4384f0b1cf913f2cca6713313 python38-attrs-19.3.0-3.module+el8.4.0+570+c2eaf144.noarch.rpm 1045c38f448778b2e636bd48607abc9b8cb9d767fb254f02d8fc4446de2dcdb6 python38-more-itertools-7.2.0-5.module+el8.4.0+570+c2eaf144.noarch.rpm a835104b763c20cf7aa64b8508e9c0b5cf39fa6a150327a3203fdb0a8755bdef python38-packaging-19.2-3.module+el8.4.0+570+c2eaf144.noarch.rpm 0edfb62f3f6eaa6d37cf69560eb66c4e7321fbe4d5b1a5a2cf836aa1195311be python38-pluggy-0.13.0-3.module+el8.4.0+570+c2eaf144.noarch.rpm 60dfc6122c9fd333025780bd3d6277083526e0932eb444ce6713be3f54a743d8 python38-py-1.8.0-8.module+el8.4.0+570+c2eaf144.noarch.rpm c2a1b7e33d1d1cd09325d09c9297065b85587adeaac0d805927036daae1681f1 python38-pyparsing-2.4.5-3.module+el8.4.0+570+c2eaf144.noarch.rpm 9764b2d4672b7d858a173b448213904a8eb16937add8a417987a31c3857ae7f4 python38-pytest-4.6.6-3.module+el8.4.0+570+c2eaf144.noarch.rpm 0369a5e14d4cbfd676ebd6157f0b988a1b9e2480e9fae9c00291b7c1d73abe86 python38-wcwidth-0.1.7-16.module+el8.4.0+570+c2eaf144.noarch.rpm b9652f15c965a3ec2e00be8240a592c91cdeb727b316863a34944a4de723859d RLSA-2021:3075 libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fix(es): * libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes (CVE-2021-22918) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for libuv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fix(es): * libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes (CVE-2021-22918) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libuv-devel-1.41.1-1.el8_4.aarch64.rpm 6bbf153e378f816dd56229036eab5bb49495c64ba254b5fdef7f41dd35ed8cdf RLSA-2021:4160 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Information disclosure via pydoc (CVE-2021-3426) * python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733) * python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957) * python-ipaddress: Improper input validation of octal strings (CVE-2021-29921) * python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503) * python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572) * python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-toml, python-urllib3, PyYAML, python-attrs, python-iniconfig, python-requests, mod_wsgi, python3x-pip, python-py, python-chardet, python-pluggy, Cython, python-psutil, python-wcwidth, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python39, python-cffi, python3x-setuptools, pybind11, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Information disclosure via pydoc (CVE-2021-3426) * python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733) * python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957) * python-ipaddress: Improper input validation of octal strings (CVE-2021-29921) * python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503) * python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572) * python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__python39-devel python39-attrs-20.3.0-2.module+el8.4.0+574+843c4898.noarch.rpm fbb8f663205787752f8a7c5a1a7dc1497d9de97321946c2f1f959b9a83e701ba python39-Cython-0.29.21-5.module+el8.4.0+574+843c4898.aarch64.rpm 637ec2d61a3f84c6a3c79abe7c5ffd13fd5b02ba0acb854b25fecd6e8edf0282 python39-iniconfig-1.1.1-2.module+el8.4.0+574+843c4898.noarch.rpm 585177d17ab59aafa2b84d8543a424a37d750a1b7d77b13d3528fba480b8178f python39-more-itertools-8.5.0-2.module+el8.4.0+574+843c4898.noarch.rpm 783f58ba2a8c29a6be5ff43e198e37fd6a63251db3b3f2bee347fab0fb814ed0 python39-packaging-20.4-4.module+el8.4.0+574+843c4898.noarch.rpm 26959ff9006b14a57368c87762d0330e3fbfea6f3e3a635a8b19b3cf935a4e20 python39-pluggy-0.13.1-3.module+el8.4.0+574+843c4898.noarch.rpm 2f8e19389c1dae284619279fe0e20688debb67181df429c7d1ca16ba88747fda python39-py-1.10.0-1.module+el8.4.0+574+843c4898.noarch.rpm 47b83d280a2e2d2082f269fe5971adb5e2baa0d5e53e67492a3471a844b8691f python39-pyparsing-2.4.7-5.module+el8.4.0+574+843c4898.noarch.rpm c30232fe2b752fc55b6f9baab39b970d7b5b95cb01abe8cf91ccea9bc0846dd0 python39-pytest-6.0.2-2.module+el8.4.0+574+843c4898.noarch.rpm c2f636f758cd74bc1b9a16e1f42561af64af41cbfc5e7179fd204565ad051cf6 python39-wcwidth-0.2.5-3.module+el8.4.0+574+843c4898.noarch.rpm be221a900dcb8cf7ac2f7e5660522a057fd7c0b08503b9b4ed19d9564716c881 RLBA-2021:4180 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for evolution, evolution-ews, evolution-mapi, evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms evolution-devel-3.28.5-18.el8.aarch64.rpm 160a173056e2d96fa0352390a61ca83d3aaff33bea3bd48591db64fc6798cd03 RLBA-2021:4219 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libevdev, libinput. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libevdev-devel-1.10.0-1.el8.aarch64.rpm a7ff1a93aa3e55bdb6c611d7a339c89b0d47d60d631daf43b011750b436c35ee RLBA-2021:4224 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libwacom. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libwacom-devel-1.6-3.el8.aarch64.rpm 00599d4e15c2e5f8990a4c342276af3c5d9fe57ab0f06bbfec8dcb6ecd242f42 RLBA-2021:4285 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libvoikko. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libvoikko-devel-4.1.1-3.el8.aarch64.rpm 1c026b74e3c4a16b888eff60c715c8a8c6d68c2ea034ebe728c3f55b89b5fecf RLSA-2021:4288 The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fix(es): * libjpeg-turbo: Stack-based buffer overflow in the "transform" component (CVE-2020-17541) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libjpeg-turbo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fix(es): * libjpeg-turbo: Stack-based buffer overflow in the "transform" component (CVE-2020-17541) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms turbojpeg-devel-1.5.3-12.el8.aarch64.rpm 5610aaabea7aa735fe03c5d92682eb19fdca152b5531935f1bbd675b7f82a803 RLEA-2021:4289 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sblim-gather. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms sblim-gather-provider-2.2.9-24.el8.aarch64.rpm 50d0397b99581cfa39cda47bf7ff23d05049a2216cd607ae3b3a6ad419a56f8e RLSA-2021:4316 The zziplib is a lightweight library to easily extract data from zip files. Security Fix(es): * zziplib: infinite loop via the return value of zzip_file_read() as used in unzzip_cat_file() (CVE-2020-18442) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for zziplib. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The zziplib is a lightweight library to easily extract data from zip files. Security Fix(es): * zziplib: infinite loop via the return value of zzip_file_read() as used in unzzip_cat_file() (CVE-2020-18442) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms zziplib-devel-0.13.68-9.el8.aarch64.rpm 72c80fe409252deb20805308f540e0383c072ef322b74bf3286d12d1419c1f08 RLEA-2021:4322 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for unicode-ucd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms unicode-ucd-unihan-11.0.0-2.el8.noarch.rpm 870061428ed38494e9a2d305b81fbd430429a6e5761f94caf6537f474b0f3bf0 RLEA-2021:4335 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for tesseract. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms tesseract-devel-4.1.1-2.el8.aarch64.rpm 8655d566fc5d0d054b85c8b6e470bedb4ad468259606990eb889e451a49a869d RLSA-2021:4339 Grilo is a framework that provides access to different sources of multimedia content, using a pluggable system. The grilo package contains the core library and elements. Security Fix(es): * grilo: missing TLS certificate verification (CVE-2021-39365) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for grilo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Grilo is a framework that provides access to different sources of multimedia content, using a pluggable system. The grilo package contains the core library and elements. Security Fix(es): * grilo: missing TLS certificate verification (CVE-2021-39365) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms grilo-devel-0.3.6-3.el8.aarch64.rpm 656e62f99699d2a9df33d1f977e001c102525529538e52ab156ea7355d37ac1d RLSA-2021:4162 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python-psutil: Double free because of refcount mishandling (CVE-2019-18874) * python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493) * python: Information disclosure via pydoc (CVE-2021-3426) * python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095, CVE-2021-42771) * python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336) * python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957) * python-ipaddress: Improper input validation of octal strings (CVE-2021-29921) * python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503) * python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-urllib3, PyYAML, python-attrs, python-jinja2, python-requests, python-atomicwrites, mod_wsgi, python3x-pip, python38, python-asn1crypto, python-chardet, python-markupsafe, python-pluggy, python-py, Cython, python-psutil, python-wcwidth, babel, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python3x-setuptools, python-cffi, pytz, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python-psutil: Double free because of refcount mishandling (CVE-2019-18874) * python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493) * python: Information disclosure via pydoc (CVE-2021-3426) * python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095, CVE-2021-42771) * python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336) * python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957) * python-ipaddress: Improper input validation of octal strings (CVE-2021-29921) * python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503) * python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__python38-devel python38-atomicwrites-1.3.0-8.module+el8.4.0+570+c2eaf144.noarch.rpm 4577930f8643eab6d5dd7d0f768cde32fcd2c7a4384f0b1cf913f2cca6713313 python38-attrs-19.3.0-3.module+el8.4.0+570+c2eaf144.noarch.rpm 1045c38f448778b2e636bd48607abc9b8cb9d767fb254f02d8fc4446de2dcdb6 python38-more-itertools-7.2.0-5.module+el8.4.0+570+c2eaf144.noarch.rpm a835104b763c20cf7aa64b8508e9c0b5cf39fa6a150327a3203fdb0a8755bdef python38-packaging-19.2-3.module+el8.4.0+570+c2eaf144.noarch.rpm 0edfb62f3f6eaa6d37cf69560eb66c4e7321fbe4d5b1a5a2cf836aa1195311be python38-pluggy-0.13.0-3.module+el8.4.0+570+c2eaf144.noarch.rpm 60dfc6122c9fd333025780bd3d6277083526e0932eb444ce6713be3f54a743d8 python38-py-1.8.0-8.module+el8.4.0+570+c2eaf144.noarch.rpm c2a1b7e33d1d1cd09325d09c9297065b85587adeaac0d805927036daae1681f1 python38-pyparsing-2.4.5-3.module+el8.4.0+570+c2eaf144.noarch.rpm 9764b2d4672b7d858a173b448213904a8eb16937add8a417987a31c3857ae7f4 python38-pytest-4.6.6-3.module+el8.4.0+570+c2eaf144.noarch.rpm 0369a5e14d4cbfd676ebd6157f0b988a1b9e2480e9fae9c00291b7c1d73abe86 python38-wcwidth-0.1.7-16.module+el8.4.0+570+c2eaf144.noarch.rpm b9652f15c965a3ec2e00be8240a592c91cdeb727b316863a34944a4de723859d RLBA-2021:4533 The Intelligent Input Bus (IBus) is an input method framework for multilingual input in Unix-like operating systems. Bug fix: * Previously, in GNOME Wayland desktop in Rocky Linux 8.5, the IBus emoji candidate pop-up was used with IBus UI and the selected candidate could not inserted into the target input focus smartly. With this update, the IBus emoji candidate pop-up is used with GNOME-Shell UI in GNOME Wayland desktop and the selected candidate is inserted into the input focus correctly. (BZ#2014064) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ibus. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Intelligent Input Bus (IBus) is an input method framework for multilingual input in Unix-like operating systems. Bug fix: * Previously, in GNOME Wayland desktop in Rocky Linux 8.5, the IBus emoji candidate pop-up was used with IBus UI and the selected candidate could not inserted into the target input focus smartly. With this update, the IBus emoji candidate pop-up is used with GNOME-Shell UI in GNOME Wayland desktop and the selected candidate is inserted into the input focus correctly. (BZ#2014064) rocky-linux-8-aarch64-powertools-rpms ibus-devel-1.5.19-14.el8_5.aarch64.rpm 3add74552412d440d8c82d2c6f0c125789e9a9c8c628920b3b2c757ccf2dadd1 ibus-devel-docs-1.5.19-14.el8_5.noarch.rpm 67b3b057ac52c0ba48ad6774949daad44c1f1f14a2dbc5fafac3108532735d46 RLSA-2021:4585 The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in gcc in order to facilitate detection of BiDi Unicode characters: This update implements a new warning option -Wbidirectional to warn about possibly dangerous bidirectional characters. There are three levels of warning supported by gcc: "-Wbidirectional=unpaired", which warns about improperly terminated BiDi contexts. (This is the default.) "-Wbidirectional=none", which turns the warning off. "-Wbidirectional=any", which warns about any use of bidirectional characters. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for gcc-toolset-10-gcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in gcc in order to facilitate detection of BiDi Unicode characters: This update implements a new warning option -Wbidirectional to warn about possibly dangerous bidirectional characters. There are three levels of warning supported by gcc: "-Wbidirectional=unpaired", which warns about improperly terminated BiDi contexts. (This is the default.) "-Wbidirectional=none", which turns the warning off. "-Wbidirectional=any", which warns about any use of bidirectional characters. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms gcc-toolset-10-gcc-plugin-devel-10.3.1-1.2.el8_5.aarch64.rpm e35680e5ad397a6e574e99b818be8e02c7fd2e1a44f6591e5a466e5e1768c718 RLSA-2022:0643 The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fix(es): * python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions (CVE-2022-22817) * python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c (CVE-2022-22816) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fix(es): * python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions (CVE-2022-22817) * python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c (CVE-2022-22816) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms python3-pillow-devel-5.1.1-18.el8_5.aarch64.rpm 6491d52a52cb495373090c90ee81c02d85adee6953096948733bb1a4c71d40bb python3-pillow-doc-5.1.1-18.el8_5.noarch.rpm 64ec44d65dab3eb5c18b94a53711ac2b79553ff54ec1c3aec07c94e9186ab63f python3-pillow-tk-5.1.1-18.el8_5.aarch64.rpm ad9d67a2d8db5b08af24dc4774159129d78f1ef37b72063613ac6dbb64cff9d0 RLSA-2022:1764 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following packages have been upgraded to a later upstream version: python38 (3.8), python38-devel (3.8). (BZ#1997680, BZ#1997860) Security Fix(es): * python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733) * python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818) * python: urllib.parse does not sanitize URLs containing ASCII newline and tabs (CVE-2022-0391) * python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-urllib3, PyYAML, python-attrs, python-jinja2, python-requests, python-atomicwrites, mod_wsgi, python3x-pip, python38, python-asn1crypto, python-chardet, python-markupsafe, python-pluggy, python-py, Cython, python-psutil, python-wcwidth, babel, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python3x-setuptools, python-cffi, pytz, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following packages have been upgraded to a later upstream version: python38 (3.8), python38-devel (3.8). (BZ#1997680, BZ#1997860) Security Fix(es): * python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733) * python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818) * python: urllib.parse does not sanitize URLs containing ASCII newline and tabs (CVE-2022-0391) * python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__python38-devel python38-atomicwrites-1.3.0-8.module+el8.4.0+570+c2eaf144.noarch.rpm 4577930f8643eab6d5dd7d0f768cde32fcd2c7a4384f0b1cf913f2cca6713313 python38-attrs-19.3.0-3.module+el8.4.0+570+c2eaf144.noarch.rpm 1045c38f448778b2e636bd48607abc9b8cb9d767fb254f02d8fc4446de2dcdb6 python38-more-itertools-7.2.0-5.module+el8.4.0+570+c2eaf144.noarch.rpm a835104b763c20cf7aa64b8508e9c0b5cf39fa6a150327a3203fdb0a8755bdef python38-packaging-19.2-3.module+el8.4.0+570+c2eaf144.noarch.rpm 0edfb62f3f6eaa6d37cf69560eb66c4e7321fbe4d5b1a5a2cf836aa1195311be python38-pluggy-0.13.0-3.module+el8.4.0+570+c2eaf144.noarch.rpm 60dfc6122c9fd333025780bd3d6277083526e0932eb444ce6713be3f54a743d8 python38-py-1.8.0-8.module+el8.4.0+570+c2eaf144.noarch.rpm c2a1b7e33d1d1cd09325d09c9297065b85587adeaac0d805927036daae1681f1 python38-pyparsing-2.4.5-3.module+el8.4.0+570+c2eaf144.noarch.rpm 9764b2d4672b7d858a173b448213904a8eb16937add8a417987a31c3857ae7f4 python38-pytest-4.6.6-3.module+el8.4.0+570+c2eaf144.noarch.rpm 0369a5e14d4cbfd676ebd6157f0b988a1b9e2480e9fae9c00291b7c1d73abe86 python38-wcwidth-0.1.7-16.module+el8.4.0+570+c2eaf144.noarch.rpm b9652f15c965a3ec2e00be8240a592c91cdeb727b316863a34944a4de723859d RLBA-2022:1770 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for evince. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms evince-devel-3.28.4-16.el8.aarch64.rpm a5a0b3bbf4821181fd2825face6d563f652cbbb9544a00847a374f3cc8370857 RLBA-2022:1790 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libpinyin. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libpinyin-devel-2.2.0-2.el8.aarch64.rpm 596c414aea123caaf9c8268f418fba41810772bb12811be31e9c84a51dd4d71b RLBA-2022:1794 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libmemcached. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libmemcached-devel-1.0.18-17.el8.aarch64.rpm 7cb2819f3cf4ee64a2ebdb6c5edfe77fd6f735ff3f7b55fae0006cbe8680d338 RLBA-2022:1800 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for accountsservice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms accountsservice-devel-0.6.55-4.el8.aarch64.rpm bd7f5675377ea157ae393b9642feef8824d9dea87c7bbe104e9da92c4a035c4c RLBA-2022:1822 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ibus. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ibus-devel-docs-1.5.19-14.el8_5.noarch.rpm 67b3b057ac52c0ba48ad6774949daad44c1f1f14a2dbc5fafac3108532735d46 ibus-devel-1.5.19-14.el8_5.aarch64.rpm 3add74552412d440d8c82d2c6f0c125789e9a9c8c628920b3b2c757ccf2dadd1 RLBA-2022:1827 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for librdkafka. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms librdkafka-devel-0.11.4-3.el8.aarch64.rpm c8b3275584e963d6099df5d85375a15f2d92f705ed36d4c2d06fa336d3019317 RLSA-2022:1842 Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to a later upstream version: exiv2 (0.27.5). (BZ#2018422) Security Fix(es): * exiv2: stack exhaustion issue in the printIFDStructure function may lead to DoS (CVE-2020-18898) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for exiv2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to a later upstream version: exiv2 (0.27.5). (BZ#2018422) Security Fix(es): * exiv2: stack exhaustion issue in the printIFDStructure function may lead to DoS (CVE-2020-18898) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms exiv2-devel-0.27.5-2.el8.aarch64.rpm a1948a702760e298396197624ddf5de8ad443e4c66ab9f251041d2614998b047 exiv2-doc-0.27.5-2.el8.noarch.rpm d2c75b50927dab8d284c052574cdd762ffe1c4debdc3c7c25d3b324f3626d998 RLBA-2022:1871 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for corosync. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms corosync-vqsim-3.1.5-2.el8.aarch64.rpm c7cdf0b3e7b881f844bbffc595bfbc1a223a3adf47ff6a62843b490a898e3eeb RLBA-2022:1895 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libecpg. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libecpg-devel-13.5-3.el8.aarch64.rpm f83edc444b2d82ca2a8cf88321e870a09fdc7063b0ecabe8f585ea5becbfb163 RLSA-2022:1763 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-toml, python-urllib3, PyYAML, python-attrs, python-iniconfig, python-requests, mod_wsgi, python3x-pip, python-py, python-chardet, python-pluggy, Cython, python-psutil, python-wcwidth, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python39, python-cffi, python3x-setuptools, pybind11, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__python39-devel python39-attrs-20.3.0-2.module+el8.4.0+574+843c4898.noarch.rpm fbb8f663205787752f8a7c5a1a7dc1497d9de97321946c2f1f959b9a83e701ba python39-Cython-0.29.21-5.module+el8.4.0+574+843c4898.aarch64.rpm 637ec2d61a3f84c6a3c79abe7c5ffd13fd5b02ba0acb854b25fecd6e8edf0282 python39-iniconfig-1.1.1-2.module+el8.4.0+574+843c4898.noarch.rpm 585177d17ab59aafa2b84d8543a424a37d750a1b7d77b13d3528fba480b8178f python39-more-itertools-8.5.0-2.module+el8.4.0+574+843c4898.noarch.rpm 783f58ba2a8c29a6be5ff43e198e37fd6a63251db3b3f2bee347fab0fb814ed0 python39-packaging-20.4-4.module+el8.4.0+574+843c4898.noarch.rpm 26959ff9006b14a57368c87762d0330e3fbfea6f3e3a635a8b19b3cf935a4e20 python39-pluggy-0.13.1-3.module+el8.4.0+574+843c4898.noarch.rpm 2f8e19389c1dae284619279fe0e20688debb67181df429c7d1ca16ba88747fda python39-py-1.10.0-1.module+el8.4.0+574+843c4898.noarch.rpm 47b83d280a2e2d2082f269fe5971adb5e2baa0d5e53e67492a3471a844b8691f python39-pybind11-2.7.1-1.module+el8.6.0+795+de4edbcc.aarch64.rpm 57a56a33a3460213a62048ebf84d265c3eea23799c2dbd0fc532ccce3044c5cf python39-pybind11-devel-2.7.1-1.module+el8.6.0+795+de4edbcc.aarch64.rpm b6adb9f1239d13fe2a17f26ec0245f1650f4b103b0d5eb8e5310e6058254443e python39-pyparsing-2.4.7-5.module+el8.4.0+574+843c4898.noarch.rpm c30232fe2b752fc55b6f9baab39b970d7b5b95cb01abe8cf91ccea9bc0846dd0 python39-pytest-6.0.2-2.module+el8.4.0+574+843c4898.noarch.rpm c2f636f758cd74bc1b9a16e1f42561af64af41cbfc5e7179fd204565ad051cf6 python39-wcwidth-0.2.5-3.module+el8.4.0+574+843c4898.noarch.rpm be221a900dcb8cf7ac2f7e5660522a057fd7c0b08503b9b4ed19d9564716c881 RLBA-2022:1769 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libgit2-glib. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libgit2-glib-devel-0.26.4-3.el8.aarch64.rpm 2579ed877e8b75ce137a05272b09fd9c2ced4b854d8a83842753d1fb32161568 RLBA-2022:1788 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for jq. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms jq-devel-1.6-3.el8.aarch64.rpm adec350bf750693db6cadbd62fcb6d14eaa5595262ad4299bf5ddb7520deafd5 RLSA-2022:1808 GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Security Fix(es): * aspell: Heap-buffer-overflow in acommon::ObjStack::dup_top (CVE-2019-25051) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for aspell. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Security Fix(es): * aspell: Heap-buffer-overflow in acommon::ObjStack::dup_top (CVE-2019-25051) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms aspell-devel-0.60.6.1-22.el8.aarch64.rpm e15dd4a12cb6b65f9890ae2297a8aacd132fa8db8efad8233c1a5ad9ec8f3d82 RLSA-2022:1820 The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies. Security Fix(es): * udisks2: insecure defaults in user-accessible mount helpers allow for a DoS (CVE-2021-3802) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for udisks2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies. Security Fix(es): * udisks2: insecure defaults in user-accessible mount helpers allow for a DoS (CVE-2021-3802) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libudisks2-devel-2.9.0-9.el8.aarch64.rpm 5c7ecb5f2a36f0e2a2b480bcd6c65d805d6704e5bb158a6eb679fccf210587a7 RLSA-2022:1861 Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central piece of information. Security Fix(es): * apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for apache-commons-io, atinject, maven-shared-utils, plexus-cipher, aopalliance, plexus-classworlds, glassfish-el, apache-commons-cli, guava20, plexus-containers, plexus-sec-dispatcher, httpcomponents-client, maven-resolver, jansi-native, apache-commons-logging, apache-commons-lang3, plexus-interpolation, sisu, httpcomponents-core, maven, cdi-api, jsoup, geronimo-annotation, google-guice, plexus-utils, slf4j, jboss-interceptors-1.2-api, maven-wagon, jansi, apache-commons-codec, hawtjni. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central piece of information. Security Fix(es): * apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__javapackages-tools aopalliance-1.0-17.module+el8.3.0+74+855e3f5d.noarch.rpm fbb6c1c479c14f3cfd59b7ef1410cd4fd5d0e38a3b20d988d04626b9cc984b2c apache-commons-cli-1.4-4.module+el8.3.0+74+855e3f5d.noarch.rpm 45019b04925e7755a011ea89b09ea72f83c4084017f3937292afd4c5ceb0ac98 apache-commons-codec-1.11-3.module+el8.3.0+74+855e3f5d.noarch.rpm 3aa2b01dd5152ec46aa9671caf520795ba501397d983b795c13d44ff624e1610 apache-commons-io-2.6-3.module+el8.3.0+74+855e3f5d.noarch.rpm 89e481e422ef99164e35d7211632853fcd0d4878369545985364dc50721254ab apache-commons-lang3-3.7-3.module+el8.3.0+74+855e3f5d.noarch.rpm 2a5f240d60dbc890037880b26f6611fc23dac46b8f50ae6ccaa149ee1cc5ed1a apache-commons-logging-1.2-13.module+el8.3.0+74+855e3f5d.noarch.rpm d789f181483d77171796dffad8e30470feac289a4034ee715731bbd6e1641444 atinject-1-28.20100611svn86.module+el8.3.0+74+855e3f5d.noarch.rpm e4b82afc0bb5526846c4eeb9cb79c26bce4d30934e1ced93d1d3e7307e074f74 cdi-api-1.2-8.module+el8.3.0+74+855e3f5d.noarch.rpm 2e8c720fdbc5e3482949b1de0b3eed0c2b7d8595a3ffabce476a6e1daa850018 geronimo-annotation-1.0-23.module+el8.3.0+74+855e3f5d.noarch.rpm e7b5122e8672fbe03fcb8fb36bceb4efb9a048fc2b3cd8fd0d7abb1557395780 glassfish-el-api-3.0.1-0.7.b08.module+el8.3.0+74+855e3f5d.noarch.rpm c4fc22d030b1a3a0f1b2465385e403e86f330d136a7c0eb0770d6cd26151763e google-guice-4.1-11.module+el8.3.0+74+855e3f5d.noarch.rpm df35552be68618d49606464e558fc5ba46b7700378df8925e57521f8eb3f98c3 guava20-20.0-8.module+el8.3.0+74+855e3f5d.noarch.rpm 4b8a8bac2501f5672cfffe49ebd189b8b788b60d59c26f813dfd9c8f76fc2a2b hawtjni-runtime-1.16-2.module+el8.3.0+74+855e3f5d.noarch.rpm 4c65ddc64dbfc58c468643f55731d9dd50323a6f86ec3ab2d865671ccb7d7c7a httpcomponents-core-4.4.10-3.module+el8.3.0+74+855e3f5d.noarch.rpm 288373332ddbb4d44cbbc09a258f2ef678f9f82fcc675deb67fc1cf17e5433de jansi-1.17.1-1.module+el8.3.0+74+855e3f5d.noarch.rpm 91dc0aea768418adad49fd93dc91922be6e49f27ea74d2a6d8fcde0691999e1b jansi-native-1.7-7.module+el8.3.0+74+855e3f5d.aarch64.rpm 897f38e4749a81bb05c0c678d8ddb800d89bdab2ad06da19a644effb989c3547 jboss-interceptors-1.2-api-1.0.0-8.module+el8.3.0+74+855e3f5d.noarch.rpm 1dfd33dda1d4c8109071d38142354c33ef297ad4481ae97ec23b228b0fe3f9d7 maven-lib-3.5.4-5.module+el8.3.0+74+855e3f5d.noarch.rpm 186959635948722c4a8fc4e957e62a2f684f231cb2e8dad402ac4aee732c22ef jcl-over-slf4j-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm 3c363400689340b536e66c15f577a12a5b655144873247cae92fa1ab1d84c550 jsoup-1.11.3-3.module+el8.3.0+74+855e3f5d.noarch.rpm 3992d95096226f182c24e41a93e1d0df2eea9757c1ddf8e02869944dbd9d5a56 maven-3.5.4-5.module+el8.3.0+74+855e3f5d.noarch.rpm 11eabb9b6ad822066845a124cd8fd58161bf8cea2bd30361d52b99f20bc532aa maven-resolver-api-1.1.1-2.module+el8.3.0+74+855e3f5d.noarch.rpm 78318ad89591627ff7b70d576dcfa7ddbd8b84cbc96bf10cfbfb3f00551f9d35 maven-resolver-connector-basic-1.1.1-2.module+el8.3.0+74+855e3f5d.noarch.rpm 8af445addb2ecf224118b43b189343bd81d61a7f1ed4919ba5e2a7b96884f094 maven-resolver-impl-1.1.1-2.module+el8.3.0+74+855e3f5d.noarch.rpm d9efb68794c75fb6807690fa7b154010930804532539a082cf1f8c801987b002 maven-resolver-spi-1.1.1-2.module+el8.3.0+74+855e3f5d.noarch.rpm 84864ba6c437c4a79443cc8ad6709f1e3f4bef7805953b5593e7b7f85f112f4b maven-resolver-transport-wagon-1.1.1-2.module+el8.3.0+74+855e3f5d.noarch.rpm c2ad084bdc61acc14f125e9dc97517c8b7bd1fe11f1fa51e0aa52bccae1104ba maven-resolver-util-1.1.1-2.module+el8.3.0+74+855e3f5d.noarch.rpm 50d2691f67b8937dc531975ac7b181b883dd480ff8ada2724efdbe55781271f8 maven-shared-utils-3.2.1-0.1.module+el8.3.0+74+855e3f5d.noarch.rpm 11617b79504bcb21ca362f90b50fe5a79c33f7e23a497c0f1f9fd72d875f14d5 maven-wagon-file-3.1.0-1.module+el8.3.0+74+855e3f5d.noarch.rpm ae1861c6356a25f751701921f4bb4f6d4909e30f5f0a3992f29fb20d7d7d0efd maven-wagon-http-3.1.0-1.module+el8.3.0+74+855e3f5d.noarch.rpm 5c23a755115e85f8a8244f0219d701ab4489ee8b0e342ffdbf5e3101d0b6c1a9 maven-wagon-http-shared-3.1.0-1.module+el8.3.0+74+855e3f5d.noarch.rpm 317f893fc19cafca5ffba64667b11ce5f7b888b021b199b65dc4e05dccb9093c maven-wagon-provider-api-3.1.0-1.module+el8.3.0+74+855e3f5d.noarch.rpm 72c219e7b417dcf9c0d653c51b912447866b9c54043c99e3076d81d789a642a1 plexus-cipher-1.7-14.module+el8.3.0+74+855e3f5d.noarch.rpm d15598cc6e72733579d36a2960e4fc6a5cee91f3822ec698df9d37be2890aa21 plexus-classworlds-2.5.2-9.module+el8.3.0+74+855e3f5d.noarch.rpm 4317743cf5f3c9405a29be7a128a157dcc35274d739a652244e3e81113202556 plexus-containers-component-annotations-1.7.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm cc34dedf623b784eeed97d1b32972ea29deba8822da85e125ee04f94c7283452 plexus-interpolation-1.22-9.module+el8.3.0+74+855e3f5d.noarch.rpm 2e23be2ec94ec5b6c7b655d396cfbc90ac035d22d81afc0cff2b18af207d1123 plexus-sec-dispatcher-1.4-26.module+el8.3.0+74+855e3f5d.noarch.rpm 827da035529b00c9fe3e940f5ddae520273c4b85d81df3f9be42dbfae3a0262c plexus-utils-3.1.0-3.module+el8.3.0+74+855e3f5d.noarch.rpm 00b359572d4dd27ba27a11a093533dc7eb15aa18417277d89dfb69426996aab1 sisu-inject-0.3.3-6.module+el8.3.0+74+855e3f5d.noarch.rpm f9c004d055ccbec5294f396f757fba8589320c58d0be527c7703d39cfc4e6659 sisu-plexus-0.3.3-6.module+el8.3.0+74+855e3f5d.noarch.rpm e6e9f0f557f06117e828215563eabe25c3e060d8f2929e1bb4ea142c14473d7a slf4j-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm ccb1053be94370d918f0d931da4129bcc3dea1a5fd5a8bdb2786f45297e4d777 RLBA-2022:1875 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for adwaita-icon-theme. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms adwaita-icon-theme-devel-3.28.0-3.el8.noarch.rpm 38a09e434c702743b2398bc56aac1f98b2f3bcf378e88ba7ec10569f1722ef1c RLBA-2022:1889 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for texlive. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms texlive-lib-devel-20180414-25.el8.aarch64.rpm 5db631dd1786b5247720949481d0819c9cb90c12fa3937939e7d6c4bbbb47fc7 RLBA-2022:1918 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for webrtc-audio-processing. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms webrtc-audio-processing-devel-0.3-10.el8.aarch64.rpm 0b01ae10630afaf01db449e2d53dbe214f5bdf3e9e6daddc228c9fce50b1f9e0 RLBA-2022:1944 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for netpbm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms netpbm-devel-10.82.00-7.el8.aarch64.rpm 2b481333c4884deef0e9f42b37a88170a018c6195d0cac926307e5d8fe7ede34 netpbm-doc-10.82.00-7.el8.aarch64.rpm d4ca161c0a10bdc76a1191c148d1bce3000fbc1da6302ca10b2a1629c9bd7d00 RLBA-2022:1949 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3-pillow-devel-5.1.1-18.el8_5.aarch64.rpm 6491d52a52cb495373090c90ee81c02d85adee6953096948733bb1a4c71d40bb python3-pillow-doc-5.1.1-18.el8_5.noarch.rpm 64ec44d65dab3eb5c18b94a53711ac2b79553ff54ec1c3aec07c94e9186ab63f python3-pillow-tk-5.1.1-18.el8_5.aarch64.rpm ad9d67a2d8db5b08af24dc4774159129d78f1ef37b72063613ac6dbb64cff9d0 RLSA-2022:1968 libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fix(es): * libsndfile: heap out-of-bounds read in src/flac.c in flac_buffer_copy (CVE-2021-4156) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libsndfile. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fix(es): * libsndfile: heap out-of-bounds read in src/flac.c in flac_buffer_copy (CVE-2021-4156) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsndfile-devel-1.0.28-12.el8.aarch64.rpm f7dee0d5eb29717555856f293c5c254ed76836715169bba439fbe3bca031c650 RLSA-2022:4798 The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven. Security Fix(es): * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for apache-commons-io, atinject, maven-shared-utils, plexus-cipher, aopalliance, plexus-classworlds, glassfish-el, apache-commons-cli, guava20, plexus-containers, plexus-sec-dispatcher, httpcomponents-client, maven-resolver, jansi-native, apache-commons-logging, apache-commons-lang3, plexus-interpolation, sisu, httpcomponents-core, maven, cdi-api, jsoup, geronimo-annotation, google-guice, plexus-utils, slf4j, jboss-interceptors-1.2-api, maven-wagon, jansi, apache-commons-codec, hawtjni. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven. Security Fix(es): * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms__javapackages-tools aopalliance-1.0-17.module+el8.3.0+74+855e3f5d.noarch.rpm fbb6c1c479c14f3cfd59b7ef1410cd4fd5d0e38a3b20d988d04626b9cc984b2c apache-commons-cli-1.4-4.module+el8.3.0+74+855e3f5d.noarch.rpm 45019b04925e7755a011ea89b09ea72f83c4084017f3937292afd4c5ceb0ac98 apache-commons-codec-1.11-3.module+el8.3.0+74+855e3f5d.noarch.rpm 3aa2b01dd5152ec46aa9671caf520795ba501397d983b795c13d44ff624e1610 apache-commons-io-2.6-3.module+el8.3.0+74+855e3f5d.noarch.rpm 89e481e422ef99164e35d7211632853fcd0d4878369545985364dc50721254ab apache-commons-lang3-3.7-3.module+el8.3.0+74+855e3f5d.noarch.rpm 2a5f240d60dbc890037880b26f6611fc23dac46b8f50ae6ccaa149ee1cc5ed1a apache-commons-logging-1.2-13.module+el8.3.0+74+855e3f5d.noarch.rpm d789f181483d77171796dffad8e30470feac289a4034ee715731bbd6e1641444 atinject-1-28.20100611svn86.module+el8.3.0+74+855e3f5d.noarch.rpm e4b82afc0bb5526846c4eeb9cb79c26bce4d30934e1ced93d1d3e7307e074f74 cdi-api-1.2-8.module+el8.3.0+74+855e3f5d.noarch.rpm 2e8c720fdbc5e3482949b1de0b3eed0c2b7d8595a3ffabce476a6e1daa850018 geronimo-annotation-1.0-23.module+el8.3.0+74+855e3f5d.noarch.rpm e7b5122e8672fbe03fcb8fb36bceb4efb9a048fc2b3cd8fd0d7abb1557395780 glassfish-el-api-3.0.1-0.7.b08.module+el8.3.0+74+855e3f5d.noarch.rpm c4fc22d030b1a3a0f1b2465385e403e86f330d136a7c0eb0770d6cd26151763e google-guice-4.1-11.module+el8.3.0+74+855e3f5d.noarch.rpm df35552be68618d49606464e558fc5ba46b7700378df8925e57521f8eb3f98c3 guava20-20.0-8.module+el8.3.0+74+855e3f5d.noarch.rpm 4b8a8bac2501f5672cfffe49ebd189b8b788b60d59c26f813dfd9c8f76fc2a2b hawtjni-runtime-1.16-2.module+el8.3.0+74+855e3f5d.noarch.rpm 4c65ddc64dbfc58c468643f55731d9dd50323a6f86ec3ab2d865671ccb7d7c7a httpcomponents-client-4.5.5-4.module+el8.3.0+74+855e3f5d.noarch.rpm 8caedd5d895c3f289c37183e3fd8caea734fccb9e97de32f62c7c5828d1c400c httpcomponents-core-4.4.10-3.module+el8.3.0+74+855e3f5d.noarch.rpm 288373332ddbb4d44cbbc09a258f2ef678f9f82fcc675deb67fc1cf17e5433de jansi-1.17.1-1.module+el8.3.0+74+855e3f5d.noarch.rpm 91dc0aea768418adad49fd93dc91922be6e49f27ea74d2a6d8fcde0691999e1b jansi-native-1.7-7.module+el8.3.0+74+855e3f5d.aarch64.rpm 897f38e4749a81bb05c0c678d8ddb800d89bdab2ad06da19a644effb989c3547 jboss-interceptors-1.2-api-1.0.0-8.module+el8.3.0+74+855e3f5d.noarch.rpm 1dfd33dda1d4c8109071d38142354c33ef297ad4481ae97ec23b228b0fe3f9d7 jcl-over-slf4j-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm 3c363400689340b536e66c15f577a12a5b655144873247cae92fa1ab1d84c550 jsoup-1.11.3-3.module+el8.3.0+74+855e3f5d.noarch.rpm 3992d95096226f182c24e41a93e1d0df2eea9757c1ddf8e02869944dbd9d5a56 maven-3.5.4-5.module+el8.3.0+74+855e3f5d.noarch.rpm 11eabb9b6ad822066845a124cd8fd58161bf8cea2bd30361d52b99f20bc532aa maven-lib-3.5.4-5.module+el8.3.0+74+855e3f5d.noarch.rpm 186959635948722c4a8fc4e957e62a2f684f231cb2e8dad402ac4aee732c22ef maven-resolver-api-1.1.1-2.module+el8.3.0+74+855e3f5d.noarch.rpm 78318ad89591627ff7b70d576dcfa7ddbd8b84cbc96bf10cfbfb3f00551f9d35 maven-resolver-connector-basic-1.1.1-2.module+el8.3.0+74+855e3f5d.noarch.rpm 8af445addb2ecf224118b43b189343bd81d61a7f1ed4919ba5e2a7b96884f094 maven-resolver-impl-1.1.1-2.module+el8.3.0+74+855e3f5d.noarch.rpm d9efb68794c75fb6807690fa7b154010930804532539a082cf1f8c801987b002 maven-resolver-spi-1.1.1-2.module+el8.3.0+74+855e3f5d.noarch.rpm 84864ba6c437c4a79443cc8ad6709f1e3f4bef7805953b5593e7b7f85f112f4b maven-resolver-transport-wagon-1.1.1-2.module+el8.3.0+74+855e3f5d.noarch.rpm c2ad084bdc61acc14f125e9dc97517c8b7bd1fe11f1fa51e0aa52bccae1104ba maven-resolver-util-1.1.1-2.module+el8.3.0+74+855e3f5d.noarch.rpm 50d2691f67b8937dc531975ac7b181b883dd480ff8ada2724efdbe55781271f8 maven-wagon-file-3.1.0-1.module+el8.3.0+74+855e3f5d.noarch.rpm ae1861c6356a25f751701921f4bb4f6d4909e30f5f0a3992f29fb20d7d7d0efd maven-wagon-http-3.1.0-1.module+el8.3.0+74+855e3f5d.noarch.rpm 5c23a755115e85f8a8244f0219d701ab4489ee8b0e342ffdbf5e3101d0b6c1a9 maven-wagon-http-shared-3.1.0-1.module+el8.3.0+74+855e3f5d.noarch.rpm 317f893fc19cafca5ffba64667b11ce5f7b888b021b199b65dc4e05dccb9093c maven-wagon-provider-api-3.1.0-1.module+el8.3.0+74+855e3f5d.noarch.rpm 72c219e7b417dcf9c0d653c51b912447866b9c54043c99e3076d81d789a642a1 plexus-cipher-1.7-14.module+el8.3.0+74+855e3f5d.noarch.rpm d15598cc6e72733579d36a2960e4fc6a5cee91f3822ec698df9d37be2890aa21 plexus-classworlds-2.5.2-9.module+el8.3.0+74+855e3f5d.noarch.rpm 4317743cf5f3c9405a29be7a128a157dcc35274d739a652244e3e81113202556 plexus-containers-component-annotations-1.7.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm cc34dedf623b784eeed97d1b32972ea29deba8822da85e125ee04f94c7283452 plexus-interpolation-1.22-9.module+el8.3.0+74+855e3f5d.noarch.rpm 2e23be2ec94ec5b6c7b655d396cfbc90ac035d22d81afc0cff2b18af207d1123 plexus-sec-dispatcher-1.4-26.module+el8.3.0+74+855e3f5d.noarch.rpm 827da035529b00c9fe3e940f5ddae520273c4b85d81df3f9be42dbfae3a0262c plexus-utils-3.1.0-3.module+el8.3.0+74+855e3f5d.noarch.rpm 00b359572d4dd27ba27a11a093533dc7eb15aa18417277d89dfb69426996aab1 sisu-inject-0.3.3-6.module+el8.3.0+74+855e3f5d.noarch.rpm f9c004d055ccbec5294f396f757fba8589320c58d0be527c7703d39cfc4e6659 sisu-plexus-0.3.3-6.module+el8.3.0+74+855e3f5d.noarch.rpm e6e9f0f557f06117e828215563eabe25c3e060d8f2929e1bb4ea142c14473d7a slf4j-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm ccb1053be94370d918f0d931da4129bcc3dea1a5fd5a8bdb2786f45297e4d777 RLSA-2022:5331 libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. Security Fix(es): * libinput: format string vulnerability may lead to privilege escalation (CVE-2022-1215) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libinput. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. Security Fix(es): * libinput: format string vulnerability may lead to privilege escalation (CVE-2022-1215) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libinput-devel-1.16.3-3.el8_6.aarch64.rpm bde3d4d77bd661d9256d7f2dec8e7353274f7b5eeafbf0673704413b022668aa RLSA-2022:6911 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.110 and .NET Runtime 6.0.10. Security Fix(es): * dotnet: Nuget cache poisoning on Linux via world-writable cache directory (CVE-2022-41032) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.110 and .NET Runtime 6.0.10. Security Fix(es): * dotnet: Nuget cache poisoning on Linux via world-writable cache directory (CVE-2022-41032) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.110-1.el8_6.aarch64.rpm 5bd2d0f4ec1d3b7afde4d718fc4477b62eafffd021c77b619c7a5ca0b3de46db RLSA-2022:7006 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm b7d35d9f285a1b0dec58da3c3f4a0ffc7ebc591e4153249ebdccc04dd2a9d790 java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 18d16f2d145b0a74d9c5708123ebc80234856f31d9b12140ffad3f696018a54a java-1.8.0-openjdk-demo-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 19365b81c215dbecc57340be70effc577928ce7e948433336c1ee582bac02acc java-1.8.0-openjdk-demo-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 647d993682f191b54be44e034069c6b7c440095f92b6e9fb7570a0739577e108 java-1.8.0-openjdk-devel-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 70d11b21564ba0f9687a7ecffc2d7dd9f86fe6b1a875e3ffa57d3fa9f7708815 java-1.8.0-openjdk-devel-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 320d6c5f7d96eed48a774fb425120467c3de9d3b7dee221671acc71d649892ea java-1.8.0-openjdk-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 9d00ba06ee69c2f9777b452d779a8173ca4b3b5ee2e550359b6093ca0596de16 java-1.8.0-openjdk-headless-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm a551632ab45c43f2264420ffc7910ec143bb2b9b6d9311ea2ce9556630dee26f java-1.8.0-openjdk-headless-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 0fff96db56187df2caf62c76b6dfc2991037ff451380ea4e519df9e1f4f6f2e6 java-1.8.0-openjdk-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm e59b364a29f07f98415d5cd0279e46427b44814318240ab114b8f0a7becaf884 java-1.8.0-openjdk-src-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm fcc84852a012c72513ec52f6a95f336c04b1eef97d9378d23839a1061cf52ce2 java-1.8.0-openjdk-src-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm bc1bd795a4363451df05af031f89c05069f40dcdcc3ce17b6bb42ffbf629846c RLSA-2022:7000 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618) * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) * OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366) (CVE-2022-39399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 17.0.5) [Rocky Linux-8] (BZ#2132503) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-17-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618) * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) * OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366) (CVE-2022-39399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 17.0.5) [Rocky Linux-8] (BZ#2132503) rocky-linux-8-aarch64-powertools-rpms java-17-openjdk-demo-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm ea2fa9620d5fdf59ec35ae91c3a9504a1cc5945df7f5388b85b62a6acfb08591 java-17-openjdk-demo-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm b82445472ba4c355bb43a735b0e30b3de4f1a1b0cb62d4629ffe43674000da00 java-17-openjdk-devel-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm e7f53aacf380aecdc96d775b484133b1af4f3048155085469b3b01bc7ca21883 java-17-openjdk-devel-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm dfd70437d7de24c2cfb5a737bf268a53498ede87755d67e0e604e0782364cb6a java-17-openjdk-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 85886a5ec04b03a76028a2ff29eacff6fe1b38fcce02cd752865a11a534fabd0 java-17-openjdk-headless-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 6b589a87fb9877b12254dffb2788d0535c0318bc2706255cc39fa52c0e883f5d java-17-openjdk-headless-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 590a2d579c7cca0c42f90f87b0778917ab4e85d16f996095e66c669b60a4d393 java-17-openjdk-jmods-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm f99f1112311b2ea10a2ab159169aafc99024148a3c550858386c33e48606d76f java-17-openjdk-jmods-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 12e71a0739f2651eab6357b88dfbd2f1f5d00d7261067d91b5afc226e1a55eb7 java-17-openjdk-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 81fc3ea1aa495edba990c8a40d4889f92ac663b7e6a38d225984001285d9826f java-17-openjdk-src-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 4c02eee746e86de7064e85f96ce143453e339343e3f4446fa7a5d33683b51ff3 java-17-openjdk-src-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 5f9a40ef8d1835b293d0f2d21390925e7f160b80860d08ced51435da53664521 java-17-openjdk-static-libs-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 630abef35a85663ce5d1ca20cfd7674e5a57376ebe66e0e1577bad6cf38e464b java-17-openjdk-static-libs-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 88046dc62168e0752eae3ff58f9e9dc281c5f80011e22b3f035328e67c7e6112 RLSA-2022:7012 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618) * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) * OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366) (CVE-2022-39399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 11.0.17) [Rocky Linux-8] (BZ#2131863) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618) * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) * OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366) (CVE-2022-39399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 11.0.17) [Rocky Linux-8] (BZ#2131863) rocky-linux-8-aarch64-powertools-rpms java-11-openjdk-demo-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 0bfd462430a0f2a197344437990ca4c4cddbf4801a025ba68490251c059f2b9c java-11-openjdk-demo-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 44d82fd903f9044363c769ac67c54e3ba29b63eb7023490c90d6ad6033a74027 java-11-openjdk-devel-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 048bd77ac5d000a7ac12aa6764037c8d824686a1d739803490e76fc41beaaaa6 java-11-openjdk-devel-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm f5b22c4c67bbf09fe53dec2a689bf2c0007c45669c1b8205282c62d21d9aefda java-11-openjdk-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 5a49f541ab8316e6de735f127d15569119366344541c559a99bafc6dbbac4565 java-11-openjdk-headless-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm e53e9eac134a9bc218ba00e13a3abb8cf62cd9733d0671d47d47e51f494d6781 java-11-openjdk-headless-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm d2323f8f91e658b75750ad32efe2df128498c09724f136b0b0c1bed8a79b4ca6 java-11-openjdk-jmods-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 1ed54f93628722340771739421d20bf0c65e8573fd5c475ce00ed6f418b778fc java-11-openjdk-jmods-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 2124bfd6883f11639b573a6b47db4edb6c703621a2064190689603bbc8c7cbfb java-11-openjdk-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm da5092b2bc4e5a0dec9a3b8145cb97a8c9cf9d35a3fb940baa8706749cd7c8ef java-11-openjdk-src-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm c02b7a506c3bd44e51299ac15aa5373977468de268da4d50bbe1e2e1926fd3fc java-11-openjdk-src-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 58fb748ba017d249d22412f3a377ee5b3567a97fbb4f0978664eb8eaa532fb23 java-11-openjdk-static-libs-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 5d4bbc78bc56cf20ffac042dbc71e38bbf98c9351817e9fbe1d95603e876b9e0 java-11-openjdk-static-libs-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm f88af1e194e7f3bf235c1cf902a7a5511d6ecebc19ff9c3dabf75bcb4222e885 RLBA-2022:7459 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for flatpak. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms flatpak-devel-1.10.7-1.el8.aarch64.rpm c7235062a1e914f8c93b79d81dd06f4b7c559403309f9deb50be92f6370490bf RLSA-2022:7464 The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fix(es): * protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference (CVE-2021-22570) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for protobuf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fix(es): * protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference (CVE-2021-22570) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms protobuf-devel-3.5.0-15.el8.aarch64.rpm b6fe0e2fd888fa9462acda19a8f750731cf7f5aeb6b4137e82a3ff4dec49cce0 protobuf-lite-devel-3.5.0-15.el8.aarch64.rpm 91bd7b661b1a51403db5daa2f455e83a68c8d6293e9af269139a5427293d80b7 RLBA-2022:7465 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nmstate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms nmstate-devel-1.3.3-1.el8.aarch64.rpm 09b526f1ba5a2eccee4c21d63cfe373c74914bf0e4093c446e32df0497123e9c RLBA-2022:7468 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libnma. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libnma-devel-1.8.38-1.el8.aarch64.rpm fc78208f60388d2835d2771c2f541659c998d66ce87cbf2dcc470e1ab5fb4280 RLSA-2022:7470 The Public Key Infrastructure (PKI) Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): * pki-core: access to external entities when parsing XML can lead to XXE (CVE-2022-2414) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for jackson-core, ldapjdk, glassfish-jaxb-api, glassfish-fastinfoset, xalan-j2, apache-commons-net, xmlstreambuffer, jackson-annotations, jackson-databind, pki-core, apache-commons-lang, jackson-module-jaxb-annotations, apache-commons-collections, tomcatjss, javassist, python-nss, bea-stax, velocity, xml-commons-apis, resteasy, xsom, slf4j, jackson-jaxrs-providers, stax-ex, xerces-j2, jss, jakarta-commons-httpclient, glassfish-jaxb, xml-commons-resolver, relaxngDatatype. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Public Key Infrastructure (PKI) Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): * pki-core: access to external entities when parsing XML can lead to XXE (CVE-2022-2414) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__javapackages-tools apache-commons-collections-3.2.2-10.module+el8.3.0+74+855e3f5d.noarch.rpm 1962d12108c85c26d6c44584c3414afa93177a62fe5fe31b9cb6fff51cd75cb9 apache-commons-lang-2.6-21.module+el8.3.0+74+855e3f5d.noarch.rpm 2cd3cc1c2c68b00eaf7073efe0e649c14d4cbeee76322fca4dbfe239a65e1d29 apache-commons-net-3.6-3.module+el8.3.0+74+855e3f5d.noarch.rpm 0fd615658b7f48a1545a730d3142ba3c125727c552f69733e20d0c75633e7743 jakarta-commons-httpclient-3.1-28.module+el8.3.0+74+855e3f5d.noarch.rpm f71217b74ea2188f28ebd2b0d2f6677a94709d3e2ebbf4d02b333905d6c15b1e javassist-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 825f8edc1944e27c4611567fcb91aca046ba7994e92c1c9c215d2d83124920e0 javassist-javadoc-3.18.1-8.module+el8.3.0+74+855e3f5d.noarch.rpm 8da2a537026464a73387891f3983170d6049e939815a754e56afd4822208c687 slf4j-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm ccb1053be94370d918f0d931da4129bcc3dea1a5fd5a8bdb2786f45297e4d777 slf4j-jdk14-1.7.25-4.module+el8.3.0+74+855e3f5d.noarch.rpm d9f73b25226e215f33eb7cb543ec0a7104fb91911fee655ed0c58ad11f10e7e3 velocity-1.7-24.module+el8.3.0+74+855e3f5d.noarch.rpm ade96d58f90efb5525b69336ef4b52e440d0f45532c0118e21805e9a925351a8 xalan-j2-2.7.1-38.module+el8.3.0+74+855e3f5d.noarch.rpm 10e75783a7ccfc438619489e7884709106c0989b344098087c8c203d1661edd1 xerces-j2-2.11.0-34.module+el8.3.0+74+855e3f5d.noarch.rpm fa10d9d0fc58d7b35ba8f873c84601f9362239a8016987f7965f72d099e8bf78 xml-commons-apis-1.4.01-25.module+el8.3.0+74+855e3f5d.noarch.rpm 275a59ebebead1b5939045d1d662ce6f5b273ce28d6fc7211d9e4e0a468d3630 xml-commons-resolver-1.2-26.module+el8.3.0+74+855e3f5d.noarch.rpm aaa1426f9361c3acd22134b8e459735af876af2716471524233b9ab02e98a522 RLBA-2022:7471 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libestr. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libestr-devel-0.1.10-3.el8.aarch64.rpm 37abc0b20d075c39066ca3795fad7c9ae0c3ac0cd8a35256af231cd99d559ef8 RLBA-2022:7481 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for python-qt5. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3-qt5-devel-5.15.0-3.el8.aarch64.rpm 13528a03d8033ab2ad3a56f4f6da30acfc70c785ecebb11b76c66a95fee49f63 RLSA-2022:7482 The Qt5 libraries packages provide Qt 5, version 5 of the Qt cross-platform application framework. The following packages have been upgraded to a later upstream version: qt5 (5.15.3). (BZ#2061377) Security Fix(es): * qt: QProcess could execute a binary from the current working directory when not found in the PATH (CVE-2022-25255) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for qt5. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Qt5 libraries packages provide Qt 5, version 5 of the Qt cross-platform application framework. The following packages have been upgraded to a later upstream version: qt5 (5.15.3). (BZ#2061377) Security Fix(es): * qt: QProcess could execute a binary from the current working directory when not found in the PATH (CVE-2022-25255) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-devel-5.15.3-1.el8.noarch.rpm 87cf5f9cb20eff95e0e51a8f3ab82a3cb7191d6dbde6fce6e30d7f9f1c94290c RLBA-2022:7487 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for qt5-qtbase. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-qtbase-static-5.15.3-1.el8.aarch64.rpm 8bcb5111814f8310415b2090162f38f2400288218da98284294ddead29882542 RLBA-2022:7490 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for qt5-qtdeclarative. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-qtdeclarative-static-5.15.3-1.el8.aarch64.rpm 131664c43d738c1c7a41ba9ca6a60562df1f4b05ec94357e2d63a0d83c9e019e RLBA-2022:7495 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3-sip-devel-4.19.25-1.el8.aarch64.rpm 29645e6f340bb0dbb905ef636e9ca03c5961ca45eef9ce690d6a3d3cc60c7832 sip-4.19.25-1.el8.aarch64.rpm f149b5742bf77733dc4a740512e7ede6fc67d53322ace9c708505813f4285005 RLBA-2022:7498 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for qt5-qtquickcontrols2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-qtquickcontrols2-devel-5.15.3-1.el8.aarch64.rpm 3ba93d954fb561785c5f883d5c0071937537c1b5e7a815b044eea281f123cd32 RLBA-2022:7501 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for qt5-qtserialbus. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-qtserialbus-devel-5.15.3-1.el8.aarch64.rpm db10173970e2dfa3ba6cd61cfe1d84f75e0d340d9e64c811f1c7498bdfacdb45 RLBA-2022:7504 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for qt5-qttools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-qttools-static-5.15.3-2.el8.aarch64.rpm b117b12723ba7771f8dfc72f4666d7a78497dd7c41496e0097e138b18334b459 RLBA-2022:7506 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for qt5-qtwayland. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-qtwayland-devel-5.15.3-1.el8.aarch64.rpm 0f7e0c3d56d40b3d626d9804bb6b7c9e7830f3b5e77197155713ffff24f6ee2e RLBA-2022:7515 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libpfm, papi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libpfm-static-4.10.1-5.el8.aarch64.rpm ff79c990b2eb8667692b376106a95a48257cd10acd73b22afa338b70ce744c29 papi-testsuite-5.6.0-16.el8.aarch64.rpm 82269cd4fb424ccaf75bcdfae576fc11c3c5735ecb4a75c7ceeac13eed1157ec python3-libpfm-4.10.1-5.el8.aarch64.rpm 63f5c49e106e2358d2d16b788c086aede1fa941ca15a3cb455d9757d2a41c6be RLBA-2022:7518 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dyninst. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms dyninst-devel-12.1.0-1.el8.aarch64.rpm 1a8d904eb105a235bc77cd6098447357c42f0614d5ee595919e421250108c3ef dyninst-doc-12.1.0-1.el8.aarch64.rpm 6dd34df92943d3d650be2a12667c87ebd607b50dba2439272d9cbd72579bdf81 dyninst-static-12.1.0-1.el8.aarch64.rpm 27b638ad8f18faca3f7e2e53c518886e0805dae51152c805ddbdc22cdce3aaa7 dyninst-testsuite-12.1.0-1.el8.aarch64.rpm ee74e728780b1d9f046476770488b1c9e8c56b5a9022fd1ed02fac4b1bdd12b8 RLSA-2022:7524 Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C and a small validating JSON generator. Security Fix(es): * yajl: heap-based buffer overflow when handling large inputs due to an integer overflow (CVE-2022-24795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for yajl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C and a small validating JSON generator. Security Fix(es): * yajl: heap-based buffer overflow when handling large inputs due to an integer overflow (CVE-2022-24795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms yajl-devel-2.1.0-11.el8.aarch64.rpm 0ead758ab7b0f236e0a814bf4751e83a9583e1ab2f8f3a5cb9410fc408890dff RLBA-2022:7531 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms evolution-data-server-doc-3.28.5-20.el8.noarch.rpm 7bcaa23e44e2feee8abadd9a231b1d4d64a0b5f5d802a429bc2715a95e07a0e1 evolution-data-server-perl-3.28.5-20.el8.aarch64.rpm 8e436e4b34f0b6659c09e8643a24127e570c62ace7fe6bc582f025c65ac0e218 evolution-data-server-tests-3.28.5-20.el8.aarch64.rpm 16ee72aed8c1870f09ca92d71929d12cc336bbce02efc6af66a8c3d36dfa34ef RLBA-2022:7536 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nautilus. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms nautilus-devel-3.28.1-21.el8.aarch64.rpm 0c08f730a29a9d017024c4fadf8b92556ddbfda7dc69d5901e59ae2af1f9e372 RLBA-2022:7559 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for lasso. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms lasso-devel-2.6.0-13.el8.aarch64.rpm f6ef40563d46e867b4927b85565b77812fa472e04680ea09a6d941f5471e2436 RLSA-2022:7558 WavPack is a completely open audio compression format providing lossless, high-quality lossy and a unique hybrid compression mode. Security Fix(es): * wavpack: Heap out-of-bounds read in WavpackPackSamples() (CVE-2021-44269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for wavpack. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

WavPack is a completely open audio compression format providing lossless, high-quality lossy and a unique hybrid compression mode. Security Fix(es): * wavpack: Heap out-of-bounds read in WavpackPackSamples() (CVE-2021-44269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms wavpack-devel-5.1.0-16.el8.aarch64.rpm 877e3ccc2818bde9fd8d7f03beb379944ac28e76f5efb339b641a556a778e8ea RLBA-2022:7561 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for crash. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms crash-devel-7.3.2-2.el8.aarch64.rpm 02367c77f1e1f8fddd549898d7f36bc4ad0b1b2c16d7900a08d9bda95a8237a5 RLBA-2022:7564 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gdm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gdm-devel-40.0-24.el8.aarch64.rpm cfc9e8b37a4ca03f325b47d3885b01c1552e4bebe0a050ff936f8326580a6636 gdm-pam-extensions-devel-40.0-24.el8.aarch64.rpm 6a2dc5291bf7b3c5554f658f181016c4516b5161aafe1859ef492d02cd49aa26 RLSA-2022:7581 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: mailcap: findmatch() function does not sanitize the second argument (CVE-2015-20107) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-urllib3, PyYAML, python-attrs, python-jinja2, python-requests, python-atomicwrites, mod_wsgi, python3x-pip, python38, python-asn1crypto, python-chardet, python-markupsafe, python-pluggy, python-py, Cython, python-psutil, python-wcwidth, babel, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python3x-setuptools, python-cffi, pytz, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: mailcap: findmatch() function does not sanitize the second argument (CVE-2015-20107) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__python38-devel python38-atomicwrites-1.3.0-8.module+el8.4.0+570+c2eaf144.noarch.rpm 4577930f8643eab6d5dd7d0f768cde32fcd2c7a4384f0b1cf913f2cca6713313 python38-attrs-19.3.0-3.module+el8.4.0+570+c2eaf144.noarch.rpm 1045c38f448778b2e636bd48607abc9b8cb9d767fb254f02d8fc4446de2dcdb6 python38-more-itertools-7.2.0-5.module+el8.4.0+570+c2eaf144.noarch.rpm a835104b763c20cf7aa64b8508e9c0b5cf39fa6a150327a3203fdb0a8755bdef python38-packaging-19.2-3.module+el8.4.0+570+c2eaf144.noarch.rpm 0edfb62f3f6eaa6d37cf69560eb66c4e7321fbe4d5b1a5a2cf836aa1195311be python38-pluggy-0.13.0-3.module+el8.4.0+570+c2eaf144.noarch.rpm 60dfc6122c9fd333025780bd3d6277083526e0932eb444ce6713be3f54a743d8 python38-py-1.8.0-8.module+el8.4.0+570+c2eaf144.noarch.rpm c2a1b7e33d1d1cd09325d09c9297065b85587adeaac0d805927036daae1681f1 python38-pyparsing-2.4.5-3.module+el8.4.0+570+c2eaf144.noarch.rpm 9764b2d4672b7d858a173b448213904a8eb16937add8a417987a31c3857ae7f4 python38-pytest-4.6.6-3.module+el8.4.0+570+c2eaf144.noarch.rpm 0369a5e14d4cbfd676ebd6157f0b988a1b9e2480e9fae9c00291b7c1d73abe86 python38-wcwidth-0.1.7-16.module+el8.4.0+570+c2eaf144.noarch.rpm b9652f15c965a3ec2e00be8240a592c91cdeb727b316863a34944a4de723859d RLSA-2022:7583 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access (CVE-2022-2319) * xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo request handler of the Xkb extension (CVE-2022-2320) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for xorg-x11-xtrans-devel, xorg-x11-server-Xwayland, xorg-x11-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access (CVE-2022-2319) * xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo request handler of the Xkb extension (CVE-2022-2320) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms xorg-x11-server-devel-1.20.11-9.el8.aarch64.rpm 653a4590a91bc0828bc645f87aa0e6ca25ed7d084d7fca25546f5160d6ad36f5 xorg-x11-server-source-1.20.11-9.el8.noarch.rpm 3f465e1af2b55d00046615a3cc9113a0b6f600ddfce17d74e286218782f4b823 xorg-x11-xtrans-devel-1.4.0-4.el8.noarch.rpm d59bbc4e1c42e0203d582e8825b3751c20cddca6a30b1dab48fbe5591f0c2daf RLSA-2022:7585 The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: Denial of Service via crafted TIFF file (CVE-2022-0561) * libtiff: Null source pointer lead to Denial of Service via crafted TIFF file (CVE-2022-0562) * libtiff: reachable assertion (CVE-2022-0865) * libtiff: Out-of-bounds Read error in tiffcp (CVE-2022-0924) * libtiff: stack-buffer-overflow in tiffcp.c in main() (CVE-2022-1355) * libtiff: out-of-bounds read in _TIFFmemcpy() in tif_unix.c (CVE-2022-22844) * libtiff: heap buffer overflow in extractImageSection (CVE-2022-0891) * tiff: Null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() in tif_dirread.c (CVE-2022-0908) * tiff: Divide By Zero error in tiffcrop (CVE-2022-0909) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libtiff. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: Denial of Service via crafted TIFF file (CVE-2022-0561) * libtiff: Null source pointer lead to Denial of Service via crafted TIFF file (CVE-2022-0562) * libtiff: reachable assertion (CVE-2022-0865) * libtiff: Out-of-bounds Read error in tiffcp (CVE-2022-0924) * libtiff: stack-buffer-overflow in tiffcp.c in main() (CVE-2022-1355) * libtiff: out-of-bounds read in _TIFFmemcpy() in tif_unix.c (CVE-2022-22844) * libtiff: heap buffer overflow in extractImageSection (CVE-2022-0891) * tiff: Null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() in tif_dirread.c (CVE-2022-0908) * tiff: Divide By Zero error in tiffcrop (CVE-2022-0909) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libtiff-tools-4.0.9-23.el8.aarch64.rpm db24b77d8946476a17964f518bdb9f9c97b66732bfcbd5744dde58905ba6fea8 RLBA-2022:7589 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for yara. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms yara-devel-4.2.3-1.el8.aarch64.rpm 23d29c346cc8acfd85441ac000a68c3f1f0b6bb32c186dc210cc54d5b8516fa1 RLSA-2022:7592 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: mailcap: findmatch() function does not sanitize the second argument (CVE-2015-20107) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-toml, python-urllib3, PyYAML, python-attrs, python-iniconfig, python-requests, mod_wsgi, python3x-pip, python-py, python-chardet, python-pluggy, Cython, python-psutil, python-wcwidth, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python39, python-cffi, python3x-setuptools, pybind11, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: mailcap: findmatch() function does not sanitize the second argument (CVE-2015-20107) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__python39-devel python39-attrs-20.3.0-2.module+el8.4.0+574+843c4898.noarch.rpm fbb8f663205787752f8a7c5a1a7dc1497d9de97321946c2f1f959b9a83e701ba python39-Cython-0.29.21-5.module+el8.4.0+574+843c4898.aarch64.rpm 637ec2d61a3f84c6a3c79abe7c5ffd13fd5b02ba0acb854b25fecd6e8edf0282 python39-iniconfig-1.1.1-2.module+el8.4.0+574+843c4898.noarch.rpm 585177d17ab59aafa2b84d8543a424a37d750a1b7d77b13d3528fba480b8178f python39-more-itertools-8.5.0-2.module+el8.4.0+574+843c4898.noarch.rpm 783f58ba2a8c29a6be5ff43e198e37fd6a63251db3b3f2bee347fab0fb814ed0 python39-packaging-20.4-4.module+el8.4.0+574+843c4898.noarch.rpm 26959ff9006b14a57368c87762d0330e3fbfea6f3e3a635a8b19b3cf935a4e20 python39-pluggy-0.13.1-3.module+el8.4.0+574+843c4898.noarch.rpm 2f8e19389c1dae284619279fe0e20688debb67181df429c7d1ca16ba88747fda python39-py-1.10.0-1.module+el8.4.0+574+843c4898.noarch.rpm 47b83d280a2e2d2082f269fe5971adb5e2baa0d5e53e67492a3471a844b8691f python39-pybind11-2.7.1-1.module+el8.6.0+795+de4edbcc.aarch64.rpm 57a56a33a3460213a62048ebf84d265c3eea23799c2dbd0fc532ccce3044c5cf python39-pybind11-devel-2.7.1-1.module+el8.6.0+795+de4edbcc.aarch64.rpm b6adb9f1239d13fe2a17f26ec0245f1650f4b103b0d5eb8e5310e6058254443e python39-pyparsing-2.4.7-5.module+el8.4.0+574+843c4898.noarch.rpm c30232fe2b752fc55b6f9baab39b970d7b5b95cb01abe8cf91ccea9bc0846dd0 python39-pytest-6.0.2-2.module+el8.4.0+574+843c4898.noarch.rpm c2f636f758cd74bc1b9a16e1f42561af64af41cbfc5e7179fd204565ad051cf6 python39-wcwidth-0.2.5-3.module+el8.4.0+574+843c4898.noarch.rpm be221a900dcb8cf7ac2f7e5660522a057fd7c0b08503b9b4ed19d9564716c881 RLSA-2022:7594 Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): * poppler: A logic error in the Hints::Hints function can cause denial of service (CVE-2022-27337) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for poppler. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): * poppler: A logic error in the Hints::Hints function can cause denial of service (CVE-2022-27337) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms poppler-glib-devel-20.11.0-5.el8.aarch64.rpm a687d84fe81cdd580892cd4d621a11da7c8b538373c00ba6cee275d50bb011ac poppler-cpp-20.11.0-5.el8.aarch64.rpm e555996db19fdb26407079440b3276b8fd8c06efdfd6cee6dbbdf9eb6d1af4a9 poppler-cpp-devel-20.11.0-5.el8.aarch64.rpm 15887778f889ec8c12b2ea97e2f1a97f3448721fb92f33103092deaa5722c9fa poppler-devel-20.11.0-5.el8.aarch64.rpm badae6f3964c77b1889fa60f9da52df8e7952b032a54d54f251d6960e0cf7a06 poppler-qt5-devel-20.11.0-5.el8.aarch64.rpm 231d620ab952a12cc55f2aae0a681dd4aeb7ac630e6cc2f895fdc3521864a3df RLBA-2022:7595 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for bcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms bcc-devel-0.24.0-2.el8.aarch64.rpm 65208000b6381ffcba98bcba6b029052a245ecfd8c88c0fc2cb2d12945b60587 bcc-doc-0.24.0-2.el8.noarch.rpm 68ec3588aaefcfce81f7a7e1de97007ca70673e6a1eea83584fcfd7e34c969fb RLBA-2022:7600 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for boost. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms boost-build-1.66.0-13.el8.noarch.rpm b55abb54da2283abaa0c6253aeb6df7706152ce702492c34f504e25cd31de932 boost-doc-1.66.0-13.el8.noarch.rpm bef5031eb15715588ba45b1fa0062da8652663029f75c9d0b94b7a4bb5b3aad2 boost-examples-1.66.0-13.el8.noarch.rpm ede1620a32a2a69de585e91b93eb2dc742fae2e70ce793c5c38346eec58cfac3 boost-graph-mpich-1.66.0-13.el8.aarch64.rpm 1cd6cb3880b0f4873f388f3c4bdf3dfd5646dbb471465fbe2f51cab29a98e4c0 boost-graph-openmpi-1.66.0-13.el8.aarch64.rpm 2ef6c16f663ef20125137858b759549b37e4d69553e078c7c4053b15168153a5 boost-jam-1.66.0-13.el8.aarch64.rpm eeb110538b3714e32b6d6753a2a8be98cfcf8f0213f2ba10bbb16cfd7ef52717 boost-mpich-1.66.0-13.el8.aarch64.rpm 19d3e04865cbf2481f1442b356ccd346130fd50c2230798e94749620768aed1c boost-mpich-devel-1.66.0-13.el8.aarch64.rpm 12765e2dc004c3edf09057cac6df591d724b0e0460b968e36ba3819db80e2871 boost-mpich-python3-1.66.0-13.el8.aarch64.rpm 8480324e00396c5c365c79a430c17e8b657f98088379f54b11912a611a91d810 boost-numpy3-1.66.0-13.el8.aarch64.rpm 51c09f941fb419f45df5232e54464cee730428def60cebc43d29ab3bebaf1d8c boost-openmpi-1.66.0-13.el8.aarch64.rpm ec115b2a96b6fa1d801db761d378a72b470ff3a818b4c2b6367b054c9123cc71 boost-openmpi-devel-1.66.0-13.el8.aarch64.rpm d624c10c050f52aea3409b81ea8d3eb32be7271a8a45634dd0226bbaa0ec97d3 boost-openmpi-python3-1.66.0-13.el8.aarch64.rpm fcac33cbee23efa4e85ba93984907bca50446526cb93335a642c34b6107fb797 boost-python3-1.66.0-13.el8.aarch64.rpm f9f86c2a5a1fe7fd766b3893da9f2a5fdd4b23dbd1807281bb5eac52918f5271 boost-python3-devel-1.66.0-13.el8.aarch64.rpm 5934e3f54190f365eaec0e87b79486311ef40f28ce685d86dc8f0c2fb31887fc boost-static-1.66.0-13.el8.aarch64.rpm 7ce65907b8701cd345f13f4ec4d4002f4ab88fd0af78b7c4819c8398f91b3fef RLEA-2022:7601 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for wayland-protocols, libdrm, mesa. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms mesa-libgbm-devel-22.1.5-2.el8.aarch64.rpm 73d16528ddf32211f9e710c61f6f8fca731f89943655427d63f33dd0a1d7692a mesa-libOSMesa-devel-22.1.5-2.el8.aarch64.rpm 95e63a3c63c09fa660fa842bcb9ddb70ff7204e1707d66b4db8b64076b241619 RLBA-2022:7614 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for xxhash. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms xxhash-devel-0.8.1-3.el8.aarch64.rpm 31a943cd2ec4a0b6991f574ed9d8382e26a7429b8d8bca5e8201b1bdbef56cb4 xxhash-doc-0.8.1-3.el8.noarch.rpm 68b481dfb90bc6128f2f6e11cde7157f7f30422bdde8f464dc49539ef75494cd RLSA-2022:7623 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for dovecot. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms dovecot-devel-2.3.16-3.el8.aarch64.rpm dcc4ac93e85a6558c76a805b31e7920d5fc0e8bc0a1793df483a419d925c5280 RLBA-2022:7631 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ghostscript. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ghostscript-doc-9.27-4.el8.noarch.rpm 63caef3cf225a40dc30d6c8349e4f999d43d38e4b30a71a600dc0eaf90b697b2 ghostscript-tools-dvipdf-9.27-4.el8.aarch64.rpm b66ab65b846373eacf9e3ce210e8b3a70bd8461946a14657b3528e6b0c7be604 ghostscript-tools-fonts-9.27-4.el8.aarch64.rpm fbc4469c9613607db5e43a666b1293eccc337045d783c22bde99360724ab3900 ghostscript-tools-printing-9.27-4.el8.aarch64.rpm 423cc0e059d6ef21513986df102c100f98b1dccfe005e3a96947cfc7ca8edc6b libgs-devel-9.27-4.el8.aarch64.rpm 0a65401dea9547b396e917e8ad7fc7556bf418547333ac08df9580037efc7672 RLSA-2022:7639 OpenBLAS is an optimized BLAS library based on GotoBLAS2 1.13 BSD version. Security Fix(es): * lapack: Out-of-bounds read in *larrv (CVE-2021-4048) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for openblas. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

OpenBLAS is an optimized BLAS library based on GotoBLAS2 1.13 BSD version. Security Fix(es): * lapack: Out-of-bounds read in *larrv (CVE-2021-4048) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms openblas-devel-0.3.15-4.el8.aarch64.rpm 33aa3c49a45f273406d61d77c6b57d67a0761d4862de5eb08d3869d0c4465a59 openblas-openmp-0.3.15-4.el8.aarch64.rpm 1a00bf04d6c9a656cf403ec2bc1c10170bd1687c7405767f119c3d646175e568 openblas-openmp64_-0.3.15-4.el8.aarch64.rpm 0d715a815f22ee12146649b7ec4757b72ad7f9dbfda6ce51d8091bf65425e921 openblas-openmp64-0.3.15-4.el8.aarch64.rpm f4bc9d985b0ee822e72178609053162acae57be4280ae7647a70a9f5a02b2b63 openblas-Rblas-0.3.15-4.el8.aarch64.rpm 82770ef574c11659990de8f57170ec733045b8c26781d19b6ea5a4117561d2cd openblas-serial64_-0.3.15-4.el8.aarch64.rpm a75be6d79eb93af81c72aca5cae93b7ff47697338287a22a50b4418b79a7affc openblas-serial64-0.3.15-4.el8.aarch64.rpm 17b229fae5baeed538da874b4bf5d0bdbe0578f8686e6445ab24cdd278804bb1 openblas-static-0.3.15-4.el8.aarch64.rpm 7bd6f43f90b37da04ae54a63a7aeaa9604836fb2b2f731d7f0ef1350da9a5a20 openblas-threads64_-0.3.15-4.el8.aarch64.rpm e51c0725e14ae454d73913249dae557a5ea7113ac5c636a13a9a06d59f8d2a78 openblas-threads64-0.3.15-4.el8.aarch64.rpm 9e6d05e8fadaef9bf2240c138f350fb9100770232674eff9c72e50e4a8c9f609 RLBA-2022:7641 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for fstrm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms fstrm-utils-0.6.1-3.el8.aarch64.rpm 7cbe9801e2001e028544b213f20210cc3411dabfa2c551bad620256c78f25595 RLSA-2022:7643 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220) * bind: DoS from specifically crafted TCP packets (CVE-2022-0396) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for bind9.16. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220) * bind: DoS from specifically crafted TCP packets (CVE-2022-0396) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms bind9.16-devel-9.16.23-0.9.el8.1.aarch64.rpm 8f5b735830df77f937084df2c692b0cca2d5952e08c9447912ed574cdad04fa4 bind9.16-dnssec-utils-9.16.23-0.9.el8.1.aarch64.rpm 64020cd9f65a95de49d6f1d1bf50c26d6587ecf824bd2174101e12087dd17786 bind9.16-doc-9.16.23-0.9.el8.1.noarch.rpm ef26712cfaaae27376f5e0ec5f4f2d57804ea16ce3668997d15a50ea6698106a python3-bind9.16-9.16.23-0.9.el8.1.noarch.rpm ca260ea4c3d4b4ea57741b6ceb3ff53bc81c9437d67e502f2cb5013ec596688e RLSA-2022:7645 OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es): * openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer (CVE-2022-1122) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for openjpeg2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es): * openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer (CVE-2022-1122) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms openjpeg2-devel-2.4.0-5.el8.aarch64.rpm 9fcb4ad792d52f614e8212966dbe933b46a259e03f8f02cf92671453edcd5cc6 RLBA-2022:7646 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libblockdev. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libblockdev-crypto-devel-2.24-11.el8.aarch64.rpm cb14c1f82e01f1371de7591977a41c114135cff1745cc17dfd7ca9c2d480de8f libblockdev-devel-2.24-11.el8.aarch64.rpm 18b97b9d72772bba6ecaa8816bbce22a64925876ce8c0c9506d3b5d4722be889 libblockdev-fs-devel-2.24-11.el8.aarch64.rpm a43a737349195369e421329867f67320166e3a2a2c96649ea9c98a28bb0607ee libblockdev-loop-devel-2.24-11.el8.aarch64.rpm e1ae1aa43c2d91514d8c01d07c713e9467180a5389624494459b47f6f1e247a9 libblockdev-lvm-devel-2.24-11.el8.aarch64.rpm 6263292aa499a6270409a992a5ccf1c75912f5fce9b21465dcdccb5fff04a238 libblockdev-mdraid-devel-2.24-11.el8.aarch64.rpm fd66045929c3d697425c068c41c9e6da49d4501407f2060f5b08a6510aef17bb libblockdev-part-devel-2.24-11.el8.aarch64.rpm 9e73605337bdb599811ac2abd3f897a3fc1b80880dc87e3b279b55a4c5ff038a libblockdev-swap-devel-2.24-11.el8.aarch64.rpm d832627d8d846cf5dfc525ee80158cc6a69273fcedd4c6d27359ad24f23bb7e1 libblockdev-utils-devel-2.24-11.el8.aarch64.rpm 2af0351939fe20b9329f0ee6010c275416633487fc517a57a09332a2f62424eb libblockdev-vdo-devel-2.24-11.el8.aarch64.rpm 3b1444a751f48ee93012c329d8fcce0325ecfadc1b03323daf8adaaf990980eb RLBA-2022:7653 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for cups-filters. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms cups-filters-devel-1.20.0-28.el8.aarch64.rpm 99ae6233a0c2336fe1611de06ccea9f47b5dea7afc307715cc119860b0c6ec33 RLBA-2022:7657 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for openslp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms openslp-devel-2.0.0-20.el8.aarch64.rpm 4988b4c0c314cc2e5740e8f8b572e729f0ebc8a58fe2ef727f041348943a50a2 RLBA-2022:7659 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gtk3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gtk3-devel-docs-3.22.30-11.el8.aarch64.rpm 60f28864adf3dbd71fa6d0a11a0ad7527b762b08a3ef5195a6f718b9b787b257 RLBA-2022:7658 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for freerdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms freerdp-devel-2.2.0-8.el8.aarch64.rpm 00ac3254caea61fedf694e2c9a8cddf10bba3d68d4c880b4bd0cc8147ec71ccd RLBA-2022:7661 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for spirv-tools, vulkan-loader, vulkan-headers, vulkan-validation-layers, vulkan-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms spirv-tools-devel-2022.2-2.el8.aarch64.rpm 72a67441532207bc8bab6fd8c3db8933c7029d916a52c469a448106bee0917eb RLBA-2022:7662 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for opencv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms opencv-3.4.6-8.el8.aarch64.rpm 95efe1563ffdce8aee024abcb4fd75ac5beabda037656eec08cb6c44c5899186 opencv-devel-3.4.6-8.el8.aarch64.rpm 50d207869310fbe19253099bd51cbf05de17ca28471664fdaad1b797eb8b2138 RLBA-2022:7663 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for wireshark. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms wireshark-devel-2.6.2-15.el8.aarch64.rpm b327e17562ebea8d11e5232530af268ee81f70e4ce577b871b968ff1aa3cd137 RLBA-2022:7674 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for openwsman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libwsman-devel-2.6.5-9.el8.aarch64.rpm b5d8993c673e125011436e3fd2fd66aa36f54e3c5643c13dbe721d4ca755713c RLBA-2022:7091 This erratum reinstates changes made to java-1.8.0-openjdk in Rocky Linux 8.7 GA. The original builds for Rocky Linux 8.7 GA will have been superseded by newer binaries released as part of the October 2022 security update for Rocky Linux 8.6. For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

This erratum reinstates changes made to java-1.8.0-openjdk in Rocky Linux 8.7 GA. The original builds for Rocky Linux 8.7 GA will have been superseded by newer binaries released as part of the October 2022 security update for Rocky Linux 8.6. For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm b7d35d9f285a1b0dec58da3c3f4a0ffc7ebc591e4153249ebdccc04dd2a9d790 java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 18d16f2d145b0a74d9c5708123ebc80234856f31d9b12140ffad3f696018a54a java-1.8.0-openjdk-demo-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 19365b81c215dbecc57340be70effc577928ce7e948433336c1ee582bac02acc java-1.8.0-openjdk-demo-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 647d993682f191b54be44e034069c6b7c440095f92b6e9fb7570a0739577e108 java-1.8.0-openjdk-devel-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 70d11b21564ba0f9687a7ecffc2d7dd9f86fe6b1a875e3ffa57d3fa9f7708815 java-1.8.0-openjdk-devel-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 320d6c5f7d96eed48a774fb425120467c3de9d3b7dee221671acc71d649892ea java-1.8.0-openjdk-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 9d00ba06ee69c2f9777b452d779a8173ca4b3b5ee2e550359b6093ca0596de16 java-1.8.0-openjdk-headless-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm a551632ab45c43f2264420ffc7910ec143bb2b9b6d9311ea2ce9556630dee26f java-1.8.0-openjdk-headless-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 0fff96db56187df2caf62c76b6dfc2991037ff451380ea4e519df9e1f4f6f2e6 java-1.8.0-openjdk-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm e59b364a29f07f98415d5cd0279e46427b44814318240ab114b8f0a7becaf884 java-1.8.0-openjdk-src-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm fcc84852a012c72513ec52f6a95f336c04b1eef97d9378d23839a1061cf52ce2 java-1.8.0-openjdk-src-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm bc1bd795a4363451df05af031f89c05069f40dcdcc3ce17b6bb42ffbf629846c RLBA-2022:7835 Mutter is a compositing window manager that displays and manages desktop through OpenGL. It combines the window-management logic inherited from the Metacity window manager with a display engine that uses the Clutter toolkit. Bug Fix(es) and Enhancement(s): * [AMDCLIENT 8.7 Bug] [Lenovo]When switch to some resolutions will be black screen [Rocky Linux-8.7.0.z] (BZ#2136746) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for mutter. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mutter is a compositing window manager that displays and manages desktop through OpenGL. It combines the window-management logic inherited from the Metacity window manager with a display engine that uses the Clutter toolkit. Bug Fix(es) and Enhancement(s): * [AMDCLIENT 8.7 Bug] [Lenovo]When switch to some resolutions will be black screen [Rocky Linux-8.7.0.z] (BZ#2136746) rocky-linux-8-aarch64-powertools-rpms mutter-devel-3.32.2-67.el8_7.aarch64.rpm 3c003fecdd9f9bb0d839d505ee2f17c7167fe3859b91a3c7bc09ed294a795253 RLBA-2022:7258 This erratum reinstates changes made to java-17-openjdk in Rocky Linux 8.7 GA. The original builds for Rocky Linux 8.7 GA will have been superseded by newer binaries released as part of the October 2022 security update for Rocky Linux 8.6. For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for java-17-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

This erratum reinstates changes made to java-17-openjdk in Rocky Linux 8.7 GA. The original builds for Rocky Linux 8.7 GA will have been superseded by newer binaries released as part of the October 2022 security update for Rocky Linux 8.6. For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms java-17-openjdk-demo-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 1db7038e4b8776b58c8473e7e8f2f1b1f5fc53f51059eab6b31daea1947a501f java-17-openjdk-demo-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm cec3c9a04ebe8db2186a5f559611282138209afccfc4e021b36ffa674b145ae1 java-17-openjdk-devel-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm ed35d711c9f2d217fa186df26467f32a979e97da2229293234f77a5e44e23e1e java-17-openjdk-devel-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 0f3e00f91e2d13b1b80747afad0370e13440edde56ac5461cf1e105a35092b9b java-17-openjdk-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 423f987c2d734e2adafa322917a78e441c0f68ddc972353bba46538252b84464 java-17-openjdk-headless-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 2c43cbce2932c0d49ea4bdad39b566c9d562980797b66147cb6760696da1fece java-17-openjdk-headless-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm fa43fecb9ea9a1ae9f8a24be70ac5b2ade6e6ba59cb3ea65aa3b5499e5fc11d3 java-17-openjdk-jmods-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 1d8c409947f4de1e5d35079f90a1c270bc2dc964b0b55244f20cf982342392a2 java-17-openjdk-jmods-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 9e45b8ed819fdb3cad881c2fb55e81186e9ee571569b00bce52c9ffb1893668a java-17-openjdk-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 32ab580d468a726d1d098e7c92693f4b283a7cec346dc12151f90fd557214818 java-17-openjdk-src-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm b3faff2c204b1820e96aa8e094c953271f55e3b13f6336d8188b7806175646d2 java-17-openjdk-src-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 80d9f410eb8d947c67fc5a271f791879d8a70aeca174c25570b31af93045909e java-17-openjdk-static-libs-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 97471dda81e66315849e5a9221450159ee71f4745b8b261c9c74c5a5fd5534db java-17-openjdk-static-libs-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 1b157a81cf7d09063a79b81668ae9cce76edaf96fb2033c69c5c942d108ee409 RLBA-2022:7438 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fix(es) and Enhancement(s): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 11.0.17) [Rocky Linux-8] (BZ#2131862) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fix(es) and Enhancement(s): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 11.0.17) [Rocky Linux-8] (BZ#2131862) rocky-linux-8-aarch64-powertools-rpms java-11-openjdk-demo-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 3bfaf40d6ce1959875cb008f43624e57f206f6cd1a89c76c9930e86c538dd26d java-11-openjdk-demo-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm e71e09ff9afeb55ea50b20eb34617087a6a289c6b4eb382e1497e3f57e6101d2 java-11-openjdk-devel-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 2d4d87d7a55274e14e6c859c7eac753ec8334ddf3652869b2298f56ea0746b20 java-11-openjdk-devel-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm c87abd7dfc24b22c3caf80a96534964442549b62a0d6c4e9cb6ba937746562e8 java-11-openjdk-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm bcf162dc622e3e291c90b25a55b790c63e9bfbc3794147f01388df4f36245319 java-11-openjdk-headless-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm e6448cf97698420d5bb4b899d16660984eee1eed4f5814f8ca877700d5513f11 java-11-openjdk-headless-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 715903def691dcec7ebd0353f2816f4b953d2956d00e08bc11611adf0595d4f3 java-11-openjdk-jmods-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 023baf80b46b8d26e103d52cc29607b30309c7166964fa74ecb54df7e6941335 java-11-openjdk-jmods-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 2c0ddbd460a485cf844412f73354b60edae85e3508a5ce2b4461a46271f1c1e3 java-11-openjdk-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 92e5b26d8be188201782fdd085116005517a83d0405d55cb62cd5df434be380e java-11-openjdk-src-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 6e799747d770be54bed3f0f4200cc7718372a58fc710548afa4e08c2d3300a63 java-11-openjdk-src-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 6f5e87875377f5538082bc755ed223b7146ca53f8e31ade3cecce242b126d845 java-11-openjdk-static-libs-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 744db94b1d921ef0ad34f790fd7442a05d30bf18690f0d700f25992e2a7ba34b java-11-openjdk-static-libs-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm c61da47cf51158889e07011475d6f0c5272ef5d75af0cf549bbed91c66f70bed RLBA-2022:7861 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.100 and Runtime 7.0.0 [Rocky Linux-8.7.0.z] (BZ#2137943) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.100 and Runtime 7.0.0 [Rocky Linux-8.7.0.z] (BZ#2137943) rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.100-1.el8_7.aarch64.rpm 62b0f7566db6102a5f317409cefb4e7c6c04037c04efbd4d24111c8e6c104fc8 RLBA-2022:9019 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.112 and Runtime 6.0.12 [Rocky Linux-8.7.0.z] (BZ#2150147) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.112 and Runtime 6.0.12 [Rocky Linux-8.7.0.z] (BZ#2150147) rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.112-1.el8_7.aarch64.rpm 082c3d9e67e99d567ce6f9e37e9fcca07ee2c0e2776950207b754f96d5b83148 RLBA-2022:9020 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.101 and Runtime 7.0.1 [Rocky Linux-8.7.0.z] (BZ#2150151) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.101 and Runtime 7.0.1 [Rocky Linux-8.7.0.z] (BZ#2150151) rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.101-1.el8_7.aarch64.rpm 95a0b68ad8cbc159f939575b8c77cd50f6edbc1bb608199a571c0e6aef6a13ba RLSA-2023:0079 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.113 and .NET Runtime 6.0.13. The following packages have been upgraded to a later upstream version: dotnet6.0 (6.0.113). (BZ#2154458) Security Fix(es): * dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process (CVE-2023-21538) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.113 and .NET Runtime 6.0.13. The following packages have been upgraded to a later upstream version: dotnet6.0 (6.0.113). (BZ#2154458) Security Fix(es): * dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process (CVE-2023-21538) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.113-1.el8_7.aarch64.rpm 34ca919af35ec55475602d07a47d001e1987a30bba1f4db9eb7405e72fc7c33c RLBA-2023:0081 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.102 and Runtime 7.0.2 [Rocky Linux-8.7.0.z] (BZ#2154466) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.102 and Runtime 7.0.2 [Rocky Linux-8.7.0.z] (BZ#2154466) rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.102-1.el8_7.aarch64.rpm 0d7f83838df27c16ca0f62fc32c2a791ebc773ef2e5e7e7ab55805b8ddba59b9 RLSA-2023:0095 The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * LibTiff: DoS from Divide By Zero Error (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058) * libtiff: Double free or corruption in rotateImage() function at tiffcrop.c (CVE-2022-2519) * libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c (CVE-2022-2867) * libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits() (CVE-2022-2869) * libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c (CVE-2022-2953) * libtiff: Assertion fail in rotateImage() function at tiffcrop.c (CVE-2022-2520) * libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c (CVE-2022-2521) * libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() (CVE-2022-2868) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libtiff. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * LibTiff: DoS from Divide By Zero Error (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058) * libtiff: Double free or corruption in rotateImage() function at tiffcrop.c (CVE-2022-2519) * libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c (CVE-2022-2867) * libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits() (CVE-2022-2869) * libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c (CVE-2022-2953) * libtiff: Assertion fail in rotateImage() function at tiffcrop.c (CVE-2022-2520) * libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c (CVE-2022-2521) * libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() (CVE-2022-2868) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libtiff-tools-4.0.9-26.el8_7.aarch64.rpm 7a5f511c8aa743a1575e9948272a6c70688f9b5498b8f7925e3e30653013faf3 RLBA-2023:0102 Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Bug Fix(es) and Enhancement(s): * nmstate verificationError on OpenshiftSDN (BZ#2128555) * kubernetes-nmstate-operator deletes Virtual Functions created by sriov-fec-operator (BZ#2139698) * Addresses configured at different order than specified at state (BZ#2149048) * fail to create many veth interfaces (BZ#2150705) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nmstate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Bug Fix(es) and Enhancement(s): * nmstate verificationError on OpenshiftSDN (BZ#2128555) * kubernetes-nmstate-operator deletes Virtual Functions created by sriov-fec-operator (BZ#2139698) * Addresses configured at different order than specified at state (BZ#2149048) * fail to create many veth interfaces (BZ#2150705) rocky-linux-8-aarch64-powertools-rpms nmstate-devel-1.3.3-4.el8_7.aarch64.rpm 9e40cae0bb9f7d5c03667e91e9ffced778125e449ac06b279ed913855fb17756 RLSA-2023:0192 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * In FIPS mode, the use of a SQLite database provided by NSS was assumed, which was opened in read-only mode and with no PIN expected. This prevented the use of other databases or setting a PIN on the NSS database. This update allows more control over database use using two new properties - fips.nssdb.path and fips.nssdb.pin - which can be configured permanently in the java.security file or temporarily via command-line arguments to the Java virtual machine (RHBZ#2147473) * Prepare for the next quarterly OpenJDK upstream release (2023-01, 17.0.6) [Rocky Linux-8] (BZ#2153010) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-17-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * In FIPS mode, the use of a SQLite database provided by NSS was assumed, which was opened in read-only mode and with no PIN expected. This prevented the use of other databases or setting a PIN on the NSS database. This update allows more control over database use using two new properties - fips.nssdb.path and fips.nssdb.pin - which can be configured permanently in the java.security file or temporarily via command-line arguments to the Java virtual machine (RHBZ#2147473) * Prepare for the next quarterly OpenJDK upstream release (2023-01, 17.0.6) [Rocky Linux-8] (BZ#2153010) rocky-linux-8-aarch64-powertools-rpms java-17-openjdk-demo-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm c7c63b500143352eb941dacfdd1fee33bc542cd5329bc61efb535e6e1e6e68d7 java-17-openjdk-demo-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 000524decd5696a63699ad97eb589afc9c042ee61a511fde70884edc83f4fd74 java-17-openjdk-devel-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm fed3879cb41ff565775633146aa88f652f44b764e0f8b6ad52375098893fc538 java-17-openjdk-devel-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 840272e38a328803d4ecc23fb873570d8bc49798e0e8aaebb74d149726ada9e8 java-17-openjdk-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 3f7aede4b3980c91b70e809a767cfcd58ceb917dd5ad202dd0b17f88f72b052d java-17-openjdk-headless-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 2b5187f33c68429870c18cb0c6e47e27b0cf309decf15ef16ed6580b509ba327 java-17-openjdk-headless-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 01cb48158a5bbb8aa428f325677f21f2514443086c374a9291f73f2b98f7af59 java-17-openjdk-jmods-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 962256fd306e03853f2612752261b794d261a7665964439ae7dc8e0277dc38f4 java-17-openjdk-jmods-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 345f48a7070883571146f9661874f51037b5be2918241e3155659153e07bbf6a java-17-openjdk-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 7ddae8dd66f6fd349b3cadc391d9f51a48030f340458741a75ae0c1371560719 java-17-openjdk-src-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 5e58dc693e487294d3f6784b2678cc4ea62b947d20f33a32f64aaa7f657219b4 java-17-openjdk-src-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 060e7990bd30cfa353fcb871937fb1885521b1f525763bb07d85d1f33a3cacee java-17-openjdk-static-libs-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 5889972f86fe241481c01e594e8ae47305cb0de9242c52797a28cf1ac487c423 java-17-openjdk-static-libs-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm ebc81f7ac437f2d537f807acca4eae4e03e720bf08895c526f57409634f51dfb RLSA-2023:0200 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 11.0.18) [Rocky Linux-8] (BZ#2157797) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 11.0.18) [Rocky Linux-8] (BZ#2157797) rocky-linux-8-aarch64-powertools-rpms java-11-openjdk-demo-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 2f44c2f88619c67d1164fe100f7479955578564fb35d60e2016140f5b782c061 java-11-openjdk-demo-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 597cb5a6dc375af471fcd13f008ef53bf17759a7eab6dc68f94ec88c77dda4e6 java-11-openjdk-devel-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 356aebde455468b10c943efd821522502fe6b1a0d8e3d863f8b42d0ceff8231f java-11-openjdk-devel-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm c73bb86e6d3d97103a6d69897cafe6a7082c7bd98b4d9718a5894c282882d92d java-11-openjdk-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 1f27baaff8bb0218f465ccc6863d33e74b565ff7deadffd9e2620fc7a6aa33f9 java-11-openjdk-headless-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 153c9ee1bbbbdb25d8e32ee89ad8abbe31effa6ef51e206999f75f50f7fb4201 java-11-openjdk-headless-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm c44568cd91724942755b96fbb79070721b1e9c6de5f5d49fdbc59fcd6c6b5f57 java-11-openjdk-jmods-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm d355711dd5326e0864e8e16d452e1eef11f5c65cebc7821ba20a281aa67af01b java-11-openjdk-jmods-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm dc8e42f5d4dc0d4641f5aab7b41b5765db0bbb14b1c9f7c909036179482e3c4b java-11-openjdk-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm ae74329fd5a73e000d460332935bbc57ca7ebdad72712c21445d74bd07a74823 java-11-openjdk-src-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm eaa3723c053b67df72df94e52d5f19b72953bebd559b2143868dabd9d9e66766 java-11-openjdk-src-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 2119bf5c4c28fead21b9a1bf6bf3401aa5f9a88c0015162661a236a7f802d5bd java-11-openjdk-static-libs-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 050a263d6e1fb4d52fa016e5e4f44ab0558c228aa7af4bc7162340e2eaa89021 java-11-openjdk-static-libs-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 6997953eeff92c5cae9f857867350715be30bd684e2d2418246cf48b2763b3d8 RLBA-2022:7815 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for kronosnet. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libknet1-1.24-2.el8.aarch64.rpm 83109d06e8afb5ffa7919c788d4b9e753e09585180b8d023d5ca089a35c92d31 libknet1-devel-1.24-2.el8.aarch64.rpm 3b188051d0a9c7014233fc959aefb2192e68e5a09b949c89e12369f71879b842 RLEA-2020:4838 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dtc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms dtc-1.6.0-1.el8.aarch64.rpm bd44c1b92210f89ce787ee1ee9530d1c104bb0abb3c11db6ea1c84d384918e59 libfdt-devel-1.6.0-1.el8.aarch64.rpm bb45c74cd9a86723f6d3945371c8aa3e711fe84581fd10c7fe30116abe574578 RLBA-2020:4499 For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for network-manager-applet. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms jimtcl-devel-0.77-6.el8.1.aarch64.rpm 41df21377ee0f98f6cd1201f5416e90dfc400c9978b33c43b3f3e3beaee4d79a RLBA-2022:2000 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for glib2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms glib2-doc-2.56.4-158.el8_6.1.noarch.rpm aa64cb9e557a147c0ba86aef7701e556397a660ebaa7822bdc19c57b448ee3f0 glib2-static-2.56.4-158.el8_6.1.aarch64.rpm 0f8a19b268e0fe16bd451aa6559ef625a0065c97b255f4ba78f423921b3f5948 RLBA-2022:7739 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsss_nss_idmap-devel-2.7.3-4.el8_7.1.aarch64.rpm 876fb14ca6ee70e7b6765a8c5ba645a22ff88456304b416f660290d56c48f376 RLBA-2022:7766 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for fwupd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms fwupd-devel-1.7.8-1.el8.rocky.0.3.aarch64.rpm d0cf8802b3aa1cf546d49ee80e22f3aa5810aed4c31a99ebed05b7ae305e8710 RLSA-2023:0208 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI() (BZ#2139705) * Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-8] (BZ#2159910) * solr broken due to access denied ("java.io.FilePermission" "/etc/pki/java/cacerts" "read") [rhel-8, openjdk-8] (BZ#2163595) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI() (BZ#2139705) * Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-8] (BZ#2159910) * solr broken due to access denied ("java.io.FilePermission" "/etc/pki/java/cacerts" "read") [rhel-8, openjdk-8] (BZ#2163595) rocky-linux-8-aarch64-powertools-rpms java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm 84ca154b41c0a60fc145dda85cd4bfc370c3341b4a20789fab480eadda0b3a86 java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm e929c0200229d2455a80e69e8a2fe40659aa0f51e7483e7f2d6b8e8d11455cc7 java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm fca8be62a3d98c5674d91b003673b1683301dcd1b852b67ad01f0c1663af20ea java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm b5dae2e1539a65d47e9a0de07026941357df28684452045ee5637d4ef78e4c8c java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm 436c3fe864d618ae96d28eac21897c8ea266946cddfc62f6af6b7c6881711c41 java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm c10d620b06db9fd583e8e6166cb235943f601a0d1fc75036b3723901a4ecae8f java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm 725e9e267b322e8770921b47697ce64ada67cc53afc11b8c76e831f857f98440 java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm f6d27a485b2fbe33b914192173b684fc3538e91340b3245ee8270de8ab8f2d4f java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm 6f6bbf587b09c9dd27fef5fc0bbce541c3d6a49c4109f3bae9702fcc20baf1ae java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm ca05de79562c8ac83fdcc3c833a344906ed4a81325522ee7216e557ec471a507 java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm e464756dd4e4ace64fe22f419bc2d1528c4beb30c55ae7ed8942b2ed415fea51 java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm 84e2f1c1e1e748fa02fc9648c1fa3b89000662b79163858ad5e024dfda2004ab RLSA-2023:0625 KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Security Fix(es): * libksba: integer overflow to code executiona (CVE-2022-47629) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for libksba. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Security Fix(es): * libksba: integer overflow to code executiona (CVE-2022-47629) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libksba-devel-1.3.5-9.el8_7.aarch64.rpm ff3e268c4fe5fa67c372c7332e948c594909c5626d8175ffdac0c7359ae48369 RLBA-2023:0783 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address bugs are now available. The updated versions are .NET SDK 7.0.103 and .NET Runtime 7.0.3. Bug Fix(es) and Enhancement(s): * 2166775 - Update .NET 7.0 to SDK 7.0.103 and Runtime 7.0.3 [rhel-8.7.0.z] Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address bugs are now available. The updated versions are .NET SDK 7.0.103 and .NET Runtime 7.0.3. Bug Fix(es) and Enhancement(s): * 2166775 - Update .NET 7.0 to SDK 7.0.103 and Runtime 7.0.3 [rhel-8.7.0.z] rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.103-1.el8_7.aarch64.rpm 498719b17fc506174bc1fc755cb166045adcb391e8041d773df242cf8e7f448f RLBA-2023:0784 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address bugfixes are now available. The updated versions are .NET SDK 6.0.114 and .NET Runtime 6.0.14. Security Fix(es): * 2166769 - Update .NET 6.0 to SDK 6.0.114 and Runtime 6.0.14 [rhel-8.7.0.z] Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address bugfixes are now available. The updated versions are .NET SDK 6.0.114 and .NET Runtime 6.0.14. Security Fix(es): * 2166769 - Update .NET 6.0 to SDK 6.0.114 and Runtime 6.0.14 [rhel-8.7.0.z] rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.114-1.el8_7.aarch64.rpm 82f29580b41e2759ac0a0db2fd28e68a9d5271f0bdb649d77c1a6402fdb8641c RLEA-2020:4672 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for autogen. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms autogen-5.18.12-8.el8.1.aarch64.rpm 0650d5b015f1463a2114cfd40dfda59558f6c8ef4393647fb85324ca308fb6ff autogen-libopts-devel-5.18.12-8.el8.1.aarch64.rpm fa8189b9ac3938cd80103cbd1be9a1d984e411b465f169c47082d2a58fa8910a RLBA-2020:4734 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libblockdev. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libblockdev-crypto-devel-2.24-11.el8.aarch64.rpm cb14c1f82e01f1371de7591977a41c114135cff1745cc17dfd7ca9c2d480de8f libblockdev-devel-2.24-11.el8.aarch64.rpm 18b97b9d72772bba6ecaa8816bbce22a64925876ce8c0c9506d3b5d4722be889 libblockdev-fs-devel-2.24-11.el8.aarch64.rpm a43a737349195369e421329867f67320166e3a2a2c96649ea9c98a28bb0607ee libblockdev-loop-devel-2.24-11.el8.aarch64.rpm e1ae1aa43c2d91514d8c01d07c713e9467180a5389624494459b47f6f1e247a9 libblockdev-lvm-devel-2.24-11.el8.aarch64.rpm 6263292aa499a6270409a992a5ccf1c75912f5fce9b21465dcdccb5fff04a238 libblockdev-mdraid-devel-2.24-11.el8.aarch64.rpm fd66045929c3d697425c068c41c9e6da49d4501407f2060f5b08a6510aef17bb libblockdev-part-devel-2.24-11.el8.aarch64.rpm 9e73605337bdb599811ac2abd3f897a3fc1b80880dc87e3b279b55a4c5ff038a libblockdev-swap-devel-2.24-11.el8.aarch64.rpm d832627d8d846cf5dfc525ee80158cc6a69273fcedd4c6d27359ad24f23bb7e1 libblockdev-utils-devel-2.24-11.el8.aarch64.rpm 2af0351939fe20b9329f0ee6010c275416633487fc517a57a09332a2f62424eb libblockdev-vdo-devel-2.24-11.el8.aarch64.rpm 3b1444a751f48ee93012c329d8fcce0325ecfadc1b03323daf8adaaf990980eb RLBA-2022:7462 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for anaconda. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms anaconda-widgets-devel-33.16.7.12-1.el8.rocky.0.1.aarch64.rpm 02fec851b51fd4c6e181ac2633ce588df41619ecbbbece9747a727b96fc405b8 RLBA-2022:7635 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for openscap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms openscap-engine-sce-devel-1.3.6-4.el8.rocky.0.2.aarch64.rpm f57145920f2b265a0c7f77920599faf6834fddf5c470dbe38bf177a63f4726aa RLSA-2021:1734 The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fix(es): * grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372) * grub2: Use-after-free in rmmod command (CVE-2020-25632) * grub2: Out-of-bounds write in grub_usb_device_initialize() (CVE-2020-25647) * grub2: Stack buffer overflow in grub_parser_split_cmdline() (CVE-2020-27749) * grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled (CVE-2020-27779) * grub2: Heap out-of-bounds write in short form option parser (CVE-2021-20225) * grub2: Heap out-of-bounds write due to miscalculation of space required for quoting (CVE-2021-20233) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for shim-unsigned-aarch64. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fix(es): * grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372) * grub2: Use-after-free in rmmod command (CVE-2020-25632) * grub2: Out-of-bounds write in grub_usb_device_initialize() (CVE-2020-25647) * grub2: Stack buffer overflow in grub_parser_split_cmdline() (CVE-2020-27749) * grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled (CVE-2020-27779) * grub2: Heap out-of-bounds write in short form option parser (CVE-2021-20225) * grub2: Heap out-of-bounds write due to miscalculation of space required for quoting (CVE-2021-20233) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms shim-unsigned-aarch64-15-7.el8.1.1.aarch64.rpm 50d3fdb8369d8b026f80727bf61924a9d167b365f18718a1f42c4e6d41c70e27 RLBA-2023:0831 The nfs-utils packages provide a daemon for the kernel Network File System (NFS) server and related tools, which provides better performance than the traditional Linux NFS server used by most users. These packages also contain the mount.nfs, umount.nfs, and showmount programs. Bug Fix(es) and Enhancement(s): * Update to nfs-utils 2.3.3-51 broke nfs-mountd service on Rocky Linux8.2 (BZ#2150899) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nfs-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The nfs-utils packages provide a daemon for the kernel Network File System (NFS) server and related tools, which provides better performance than the traditional Linux NFS server used by most users. These packages also contain the mount.nfs, umount.nfs, and showmount programs. Bug Fix(es) and Enhancement(s): * Update to nfs-utils 2.3.3-51 broke nfs-mountd service on Rocky Linux8.2 (BZ#2150899) rocky-linux-8-aarch64-powertools-rpms libnfsidmap-devel-2.3.3-57.el8_7.1.aarch64.rpm 25a347435dde9ac7dc003426bf7f1bb035c61e807f50c078f7771c799cbe6272 RLSA-2023:0832 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: mm/mremap.c use-after-free vulnerability (CVE-2022-41222) * kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945) * kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134586) * Hardware error: RIP: copy_user_enhanced_fast_string+0xe (BZ#2137592) * Cannot trigger kernel dump using NMI on SNO node running PAO and RT kernel (BZ#2139580) * MEI support for Alder Lake-S (BZ#2141783) * Host Pod -> Cluster IP Service traffic (Pod Backend - Different Node) Flow Iperf Cannot Connect (BZ#2141959) * Rocky Linux8.7: Xorg cannot display resolution higher than 1024x768 on system using ast graphics driver (BZ#2149287) * Intel 8.7 Bug: OS doesn't boot when vmd and interrupt remapping are enabled (BZ#2149474) * i40e,iavf: SR-IOV VF devices send GARP with wrong MAC address (BZ#2149745) * Rocky Linux8.4 - boot: Add secure boot trailer (BZ#2151530) * error 524 from seccomp(2) when trying to load filter (BZ#2152138) * Workqueue: WQ_MEM_RECLAIM iscsi_ctrl_1:98 __iscsi_unbind_session [scsi_transport_iscsi] (BZ#2152734) * Connectivity issue with vDPA driver (BZ#2152912) * High Load average due to cfs cpu throttling (BZ#2153108) * The "kernel BUG at mm/usercopy.c:103!" from BZ 2041529 is back on rhel-8.5 (BZ#2153230) * Rocky Linux8: tick storm on nohz (isolated) CPU cores (BZ#2153653) * kernel BUG: scheduling while atomic: crio/7295/0x00000002 (BZ#2154460) * Azure Rocky Linux 8 z-stream: Sometimes newly deployed VMs are not getting accelerated network during provisioning (BZ#2155272) * Azure: VM Deployment Failures Patch Request (BZ#2155280) * Azure vPCI Rocky Linux-8: add the support of multi-MSI (BZ#2155289) * MSFT MANA NET Patch Rocky Linux-8: Fix race on per-CQ variable napi_iperf panic fix (BZ#2155437) * GSS: OCP 4.10.30 node crash after ODF upgrade : unable to handle kernel NULL pointer dereference at 0000000000000000 : ceph_get_snap_realm+0x68/0xa0 [ceph] (BZ#2155797) * Error in /usr/src/kernels/4.18.0-423.el8.x86_64/scripts/kernel-doc script causing irdma build to fail (BZ#2157905) * Rocky Linux8.8: Backport upstream patches to reduce memory cgroup memory consumption and OOM problem (BZ#2157922) * The 'date' command shows wrong time in nested KVM s390x guest (BZ#2158813) * ethtool -m results in an out-of-bounds slab write in the be2net driver (BZ#2160182) * (Redhat OpenShift)Error downloading big ZIP files inside pod on power OCP and pod getting restarted (BZ#2160221) * i40e/iavf: VF reset task fails "Never saw reset" with 5 second timeout per VF (BZ#2160460) * iavf: It takes long time to create multiple VF interfaces and the VF interface names are not consistent (BZ#2163257) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: mm/mremap.c use-after-free vulnerability (CVE-2022-41222) * kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945) * kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134586) * Hardware error: RIP: copy_user_enhanced_fast_string+0xe (BZ#2137592) * Cannot trigger kernel dump using NMI on SNO node running PAO and RT kernel (BZ#2139580) * MEI support for Alder Lake-S (BZ#2141783) * Host Pod -> Cluster IP Service traffic (Pod Backend - Different Node) Flow Iperf Cannot Connect (BZ#2141959) * Rocky Linux8.7: Xorg cannot display resolution higher than 1024x768 on system using ast graphics driver (BZ#2149287) * Intel 8.7 Bug: OS doesn't boot when vmd and interrupt remapping are enabled (BZ#2149474) * i40e,iavf: SR-IOV VF devices send GARP with wrong MAC address (BZ#2149745) * Rocky Linux8.4 - boot: Add secure boot trailer (BZ#2151530) * error 524 from seccomp(2) when trying to load filter (BZ#2152138) * Workqueue: WQ_MEM_RECLAIM iscsi_ctrl_1:98 __iscsi_unbind_session [scsi_transport_iscsi] (BZ#2152734) * Connectivity issue with vDPA driver (BZ#2152912) * High Load average due to cfs cpu throttling (BZ#2153108) * The "kernel BUG at mm/usercopy.c:103!" from BZ 2041529 is back on rhel-8.5 (BZ#2153230) * Rocky Linux8: tick storm on nohz (isolated) CPU cores (BZ#2153653) * kernel BUG: scheduling while atomic: crio/7295/0x00000002 (BZ#2154460) * Azure Rocky Linux 8 z-stream: Sometimes newly deployed VMs are not getting accelerated network during provisioning (BZ#2155272) * Azure: VM Deployment Failures Patch Request (BZ#2155280) * Azure vPCI Rocky Linux-8: add the support of multi-MSI (BZ#2155289) * MSFT MANA NET Patch Rocky Linux-8: Fix race on per-CQ variable napi_iperf panic fix (BZ#2155437) * GSS: OCP 4.10.30 node crash after ODF upgrade : unable to handle kernel NULL pointer dereference at 0000000000000000 : ceph_get_snap_realm+0x68/0xa0 [ceph] (BZ#2155797) * Error in /usr/src/kernels/4.18.0-423.el8.x86_64/scripts/kernel-doc script causing irdma build to fail (BZ#2157905) * Rocky Linux8.8: Backport upstream patches to reduce memory cgroup memory consumption and OOM problem (BZ#2157922) * The 'date' command shows wrong time in nested KVM s390x guest (BZ#2158813) * ethtool -m results in an out-of-bounds slab write in the be2net driver (BZ#2160182) * (Redhat OpenShift)Error downloading big ZIP files inside pod on power OCP and pod getting restarted (BZ#2160221) * i40e/iavf: VF reset task fails "Never saw reset" with 5 second timeout per VF (BZ#2160460) * iavf: It takes long time to create multiple VF interfaces and the VF interface names are not consistent (BZ#2163257) rocky-linux-8-aarch64-powertools-rpms kernel-tools-libs-devel-4.18.0-425.13.1.el8_7.aarch64.rpm 010869ff3cda80feb58182eadb7292e0fbc50e6b9b45d460e32766cb61500551 RLSA-2023:0838 Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided (CVE-2022-38023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for samba. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided (CVE-2022-38023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libsmbclient-devel-4.16.4-4.el8_7.aarch64.rpm 8748deb897fb5a7271e2d92a834f07138130e23a5e2efd226cd26397222f027d libwbclient-devel-4.16.4-4.el8_7.aarch64.rpm 8afb151fcaf908cefb5c0e8432e9cd15294ad36ad337bd0ef4a53ea06cbd0489 samba-devel-4.16.4-4.el8_7.aarch64.rpm 8157f0dca8e0221e70b1020395c1fa0e7428b865310f0e3fb5cda84345bc7d53 RLBA-2023:0850 The OpenSCAP suite enables integration of the Security Content Automation Protocol (SCAP) line of standards. The openscap packages provide the OpenSCAP library and the oscap utility that provides various SCAP capabilities. Bug Fix(es) and Enhancement(s): * xmlfilecontent probe produces invalid OVAL results (BZ#2165577) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for openscap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The OpenSCAP suite enables integration of the Security Content Automation Protocol (SCAP) line of standards. The openscap packages provide the OpenSCAP library and the oscap utility that provides various SCAP capabilities. Bug Fix(es) and Enhancement(s): * xmlfilecontent probe produces invalid OVAL results (BZ#2165577) rocky-linux-8-aarch64-powertools-rpms openscap-engine-sce-devel-1.3.6-5.el8_7.rocky.0.2.aarch64.rpm 8833b00e6629abb91dbca0367542e588961aeade5060f4e39e27f91b9a93f757 RLBA-2023:1245 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.104 and Runtime 7.0.4 [rhel-8.7.0.z] (BZ#2175026) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.104 and Runtime 7.0.4 [rhel-8.7.0.z] (BZ#2175026) rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.104-1.el8_7.aarch64.rpm 1d410a382fbd371928e3dfc7bc3961ef155035deb48d53a69f1d5c892d7ebc61 RLBA-2023:1565 The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Bug Fix(es): *Multipath segfault after running newest patched version (BZ#2161393) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for device-mapper-multipath. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Bug Fix(es): *Multipath segfault after running newest patched version (BZ#2161393) rocky-linux-8-aarch64-powertools-rpms device-mapper-multipath-devel-0.8.4-28.el8_7.3.aarch64.rpm e5a1407fa7df5f6df25e0d4d476be782b3b1abb611fa2f20b124f060567087ad RLSA-2023:1566 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378) * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266) * kernel: FUSE filesystem low-privileged user privileges escalation (CVE-2023-0386) * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel panic on reboot due to a bug in mei_wdt module (BZ#2139770) * Rocky Linux8: Practically limit "Dummy wait" workaround to old Intel systems (BZ#2142170) * AMDSERVER 8.7: amdpstate driver incorrectly designed to load as default for Genoa (BZ#2151275) * Rocky Linux-8.8: Update RDMA core to Linux v6.0 (BZ#2161750) * Kernel panic observed during VxFS module unload (BZ#2162763) * Client not able to connect to rhel server: SYN is answered by chalange ACK and RST is ignored (BZ#2165587) * Rocky Linux8.4: s390/kexec: fix ipl report address for kdump (BZ#2166296) * kvm-unit-test reports unhandled exception on AMD (BZ#2166362) * Windows Server 2019 guest randomly pauses with "KVM: entry failed, hardware error 0x80000021" (BZ#2166368) * Unable to get QinQ working with ConnectX-4 Lx in SR-IOV scenario (BZ#2166665) * panic in fib6_rule_suppress+0x22 with custom xdp prog involved in (BZ#2167602) * net/mlx5e: Fix use-after-free when reverting termination table (BZ#2167640) * Rocky Linux 8.7: EEH injection failed to recover on Mellanox adapter. (BZ#2167645) * mlx5: lag and sriov fixes (BZ#2167647) * Rocky Linux8.4: dasd: fix no record found for raw_track_access (BZ#2167776) * GSS: Set of fixes in ceph kernel module to prevent OCS node kernel crash - blocklist the kclient when receiving corrupted snap trace (BZ#2168896) * Azure Rocky Linux8 scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM (BZ#2170228) * fast_isolate_freepages scans out of target zone (BZ#2170576) * Backport Request for locking/rwsem commits (BZ#2170939) * ipv6 traffic stop when an sriov vf have ipv6 address (BZ#2172550) * Hyper-V Rocky Linux8.8: Update MANA driver (BZ#2173103) Enhancement(s): * Intel 8.8 FEAT SPR CPU: AMX: Improve the init_fpstate setup code (BZ#2168384) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378) * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266) * kernel: FUSE filesystem low-privileged user privileges escalation (CVE-2023-0386) * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel panic on reboot due to a bug in mei_wdt module (BZ#2139770) * Rocky Linux8: Practically limit "Dummy wait" workaround to old Intel systems (BZ#2142170) * AMDSERVER 8.7: amdpstate driver incorrectly designed to load as default for Genoa (BZ#2151275) * Rocky Linux-8.8: Update RDMA core to Linux v6.0 (BZ#2161750) * Kernel panic observed during VxFS module unload (BZ#2162763) * Client not able to connect to rhel server: SYN is answered by chalange ACK and RST is ignored (BZ#2165587) * Rocky Linux8.4: s390/kexec: fix ipl report address for kdump (BZ#2166296) * kvm-unit-test reports unhandled exception on AMD (BZ#2166362) * Windows Server 2019 guest randomly pauses with "KVM: entry failed, hardware error 0x80000021" (BZ#2166368) * Unable to get QinQ working with ConnectX-4 Lx in SR-IOV scenario (BZ#2166665) * panic in fib6_rule_suppress+0x22 with custom xdp prog involved in (BZ#2167602) * net/mlx5e: Fix use-after-free when reverting termination table (BZ#2167640) * Rocky Linux 8.7: EEH injection failed to recover on Mellanox adapter. (BZ#2167645) * mlx5: lag and sriov fixes (BZ#2167647) * Rocky Linux8.4: dasd: fix no record found for raw_track_access (BZ#2167776) * GSS: Set of fixes in ceph kernel module to prevent OCS node kernel crash - blocklist the kclient when receiving corrupted snap trace (BZ#2168896) * Azure Rocky Linux8 scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM (BZ#2170228) * fast_isolate_freepages scans out of target zone (BZ#2170576) * Backport Request for locking/rwsem commits (BZ#2170939) * ipv6 traffic stop when an sriov vf have ipv6 address (BZ#2172550) * Hyper-V Rocky Linux8.8: Update MANA driver (BZ#2173103) Enhancement(s): * Intel 8.8 FEAT SPR CPU: AMX: Improve the init_fpstate setup code (BZ#2168384) rocky-linux-8-aarch64-powertools-rpms kernel-tools-libs-devel-4.18.0-425.19.2.el8_7.aarch64.rpm 3e5af635ab3ca5eb4ee1929b2358c82531ba7750cb1737a14e22a592341bf981 RLBA-2023:1567 Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Bug Fix(es) and Enhancement(s): * Samba shares not accessible from MacOS Ventura after upgrade to Samba 4.16.4-2.el8 (BZ#2170394) * ctdb should have dependency for package samba-winbind-clients (BZ#2170467) * Samba with Winbind can not retrieve user groups from Active Directory (BZ#2170468) * samba-tool reports an uncaught exception (BZ#2170469) * Ship new samba subpackages (BZ#2173975) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for samba. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Bug Fix(es) and Enhancement(s): * Samba shares not accessible from MacOS Ventura after upgrade to Samba 4.16.4-2.el8 (BZ#2170394) * ctdb should have dependency for package samba-winbind-clients (BZ#2170467) * Samba with Winbind can not retrieve user groups from Active Directory (BZ#2170468) * samba-tool reports an uncaught exception (BZ#2170469) * Ship new samba subpackages (BZ#2173975) rocky-linux-8-aarch64-powertools-rpms libsmbclient-devel-4.16.4-6.el8_7.aarch64.rpm 7e2e3ec5bdc2e7bf66cf4b20e65d97dfe402f04f1867306f0e5d89dc9678e550 libwbclient-devel-4.16.4-6.el8_7.aarch64.rpm e000ae3f5aebba46da219b8f425080ba5df6afdc6b85d50bb0056689a8587b60 samba-devel-4.16.4-6.el8_7.aarch64.rpm 4c2a41bf8f3ddc71c79c6f6af6207026ba91b83b4b64deff55eaded4c8dcb971 RLBA-2023:1570 NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es) and Enhancement(s): * NetworkManager hostname lookup fails with IPv6 (BZ#2174362) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for NetworkManager. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es) and Enhancement(s): * NetworkManager hostname lookup fails with IPv6 (BZ#2174362) rocky-linux-8-aarch64-powertools-rpms NetworkManager-libnm-devel-1.40.0-6.el8_7.aarch64.rpm 3da9406c37f4594eb8a8f88f5a7ed6e06c026d1d7bdd34eccec02fe806738b08 RLEA-2023:1574 Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Bug Fix(es) and Enhancement(s): * SR-IOV VF not disabled as desired, gets IPv4 and default route via DHCP (BZ#2169642) * Dual stack profiles do not set may-fail correctly (BZ#2170078) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nmstate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Bug Fix(es) and Enhancement(s): * SR-IOV VF not disabled as desired, gets IPv4 and default route via DHCP (BZ#2169642) * Dual stack profiles do not set may-fail correctly (BZ#2170078) rocky-linux-8-aarch64-powertools-rpms nmstate-devel-1.3.3-8.el8_7.aarch64.rpm 4ba2f7d3b0c516d2167c08615ae1b2ca85303c07a2efdcc4fa31f40952b6c3ff RLBA-2023:1579 UPower is a DBus daemon and a client library that provides an interface for other programs to enumerate power sources on the system and control system-wide power management. Bug Fix(es) and Enhancement(s): * Rocky Linux 8.7 Missing battery icon while the battery is charging. (BZ#2170088) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for upower. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

UPower is a DBus daemon and a client library that provides an interface for other programs to enumerate power sources on the system and control system-wide power management. Bug Fix(es) and Enhancement(s): * Rocky Linux 8.7 Missing battery icon while the battery is charging. (BZ#2170088) rocky-linux-8-aarch64-powertools-rpms upower-devel-0.99.7-4.el8_7.aarch64.rpm c7e8a1cd4477d1266651f21d2559619de838667467a9500dfb485d4b9fa70dea upower-devel-docs-0.99.7-4.el8_7.noarch.rpm 1c90886eb71223a62206ed760389e25ed8a20f292f2a15f8c466044da1b3a26b RLSA-2023:1898 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * In FIPS mode, the list of cryptographic services and algorithms available is limited to those that are FIPS compliant. It was found that this filtering was too strict and was also excluding service attributes. These attributes are now made available in FIPS mode, as they are in non-FIPS mode. (RHBZ#2186835) * Previously, the XML signature provider was unable to operate in FIPS mode. Following recent enhancements to FIPS mode support, the XML signature provider can now be supported. It is now enabled in FIPS mode. (RHBZ#2186827) * The PKCS#11 provider used by FIPS mode can be supported by different PKCS#11 tokens. It was found that some PKCS#11 tokens may not be initialised fully before use, leading to an exception being thrown by the provider. With this release, this exception is now expected and handled by the FIPS support code. (RHBZ#2186831) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for java-17-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * In FIPS mode, the list of cryptographic services and algorithms available is limited to those that are FIPS compliant. It was found that this filtering was too strict and was also excluding service attributes. These attributes are now made available in FIPS mode, as they are in non-FIPS mode. (RHBZ#2186835) * Previously, the XML signature provider was unable to operate in FIPS mode. Following recent enhancements to FIPS mode support, the XML signature provider can now be supported. It is now enabled in FIPS mode. (RHBZ#2186827) * The PKCS#11 provider used by FIPS mode can be supported by different PKCS#11 tokens. It was found that some PKCS#11 tokens may not be initialised fully before use, leading to an exception being thrown by the provider. With this release, this exception is now expected and handled by the FIPS support code. (RHBZ#2186831) rocky-linux-8-aarch64-powertools-rpms java-17-openjdk-demo-fastdebug-17.0.7.0.7-1.el8_7.aarch64.rpm c4fb9688490a1e8d357e1d0e276806eac25dd879cc3af86e71deb7d785c0d904 java-17-openjdk-demo-slowdebug-17.0.7.0.7-1.el8_7.aarch64.rpm 4a6b1a0772ad883b8c9ccd16820b2815e935654aca4dfd71baeb609f06593440 java-17-openjdk-devel-fastdebug-17.0.7.0.7-1.el8_7.aarch64.rpm c806241a90ecc005cddc6172942a1640c48baf46c688a5cd649176a7ba718cc5 java-17-openjdk-devel-slowdebug-17.0.7.0.7-1.el8_7.aarch64.rpm d55b56c767d6181af409277178dcaaf9df3e4eea9ac708d658a097e03fe18e36 java-17-openjdk-fastdebug-17.0.7.0.7-1.el8_7.aarch64.rpm 41058d39fbe0abe1bdc9472600816cdac0613cb61b5040a54d992635ef370ae5 java-17-openjdk-headless-fastdebug-17.0.7.0.7-1.el8_7.aarch64.rpm a21a7567fd1db6345eb021c26d206de461270c8254722975ab709bfc0b7caf21 java-17-openjdk-headless-slowdebug-17.0.7.0.7-1.el8_7.aarch64.rpm c5da803bbb523b0e21b3fe49d662e8646939f1104c030b2dd71a44eaa597ae9d java-17-openjdk-jmods-fastdebug-17.0.7.0.7-1.el8_7.aarch64.rpm dc8780cd5d86e272bcef8f31aa3ccc362fb88dd50e843c080bb9a4197d9b8a49 java-17-openjdk-jmods-slowdebug-17.0.7.0.7-1.el8_7.aarch64.rpm 94119ffe5e98c4c910647d639d5e292e79fdf7881f646668e9477be1d767317e java-17-openjdk-slowdebug-17.0.7.0.7-1.el8_7.aarch64.rpm 41c544211dd921db28d5e655a6cd8674ebf929b518581cfc752538b8ed6395a5 java-17-openjdk-src-fastdebug-17.0.7.0.7-1.el8_7.aarch64.rpm d44c2177c00ce73825653f1831b53b9ef73fd038e9917511dff9eb8a8d0ca1c6 java-17-openjdk-src-slowdebug-17.0.7.0.7-1.el8_7.aarch64.rpm 307ccf0aab5ef162d4abb8669d3b6039ceb5b3d83e87ffb94d2157b699f04c9d java-17-openjdk-static-libs-fastdebug-17.0.7.0.7-1.el8_7.aarch64.rpm 0403d8b1ecbee4ccff84b4b7e000ad3f91199b3f31543ca4a719212a6cc428a1 java-17-openjdk-static-libs-slowdebug-17.0.7.0.7-1.el8_7.aarch64.rpm 4326c4eef49b9ed591ba09cb0cddcf9ab534fe16342291840d49c67f47042a3e RLSA-2023:1895 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms java-11-openjdk-demo-fastdebug-11.0.19.0.7-1.el8_7.aarch64.rpm 25fa6c088b1c6003ae4e3b8af74099f153367546395d9e8858c0901bead64dae java-11-openjdk-demo-slowdebug-11.0.19.0.7-1.el8_7.aarch64.rpm e420b8ddf742512472763e5058372c68dcc46168519cf36ee17f993ced9a2592 java-11-openjdk-devel-fastdebug-11.0.19.0.7-1.el8_7.aarch64.rpm 4f824e3c51388f377cc764857b93d38dda7c6485eb1213298be5bef83c3cabf0 java-11-openjdk-devel-slowdebug-11.0.19.0.7-1.el8_7.aarch64.rpm 8b194ac76d92bfae88587633de2758f25273f1c35a5f2dd08a1e83c2238a640f java-11-openjdk-fastdebug-11.0.19.0.7-1.el8_7.aarch64.rpm 85e6e8c2705e424337efc4432025cbfe81335d50f79031dbfbb54c5397a2f1c9 java-11-openjdk-headless-fastdebug-11.0.19.0.7-1.el8_7.aarch64.rpm 45a114b1e59929af1ae435836d4cd58e3a7e33ca021b50a6e1e7b6d6a3011882 java-11-openjdk-headless-slowdebug-11.0.19.0.7-1.el8_7.aarch64.rpm 7d741365dbb464e18dd9f1840d16d327a86613ab72f18490e6b64bb6020aaedc java-11-openjdk-jmods-fastdebug-11.0.19.0.7-1.el8_7.aarch64.rpm 31044d85192d358800bde37f3296c4e69c7d6cec7316b5f0da7595118fd4f7d9 java-11-openjdk-jmods-slowdebug-11.0.19.0.7-1.el8_7.aarch64.rpm 79204939ad3b55c4f57260fbbaa91a79c8d21aa720ff47971993ea71abae0eab java-11-openjdk-slowdebug-11.0.19.0.7-1.el8_7.aarch64.rpm 31b6e063df8d867c804422110dbf84ee3986dd926b22792b36b01d9c8f408afe java-11-openjdk-src-fastdebug-11.0.19.0.7-1.el8_7.aarch64.rpm 6034d0a94c29c2bff515da904556eb38e9a16226e5c32856c9f16a0bfff80633 java-11-openjdk-src-slowdebug-11.0.19.0.7-1.el8_7.aarch64.rpm b1f0fb85860bb1d9d6dec88846b8985041ff57f3c5b38c235fe27c6e56d468c9 java-11-openjdk-static-libs-fastdebug-11.0.19.0.7-1.el8_7.aarch64.rpm 25f2c1b0181106b4286cc275c7a49eb3733de70378b254f1c3da94d0deb7f157 java-11-openjdk-static-libs-slowdebug-11.0.19.0.7-1.el8_7.aarch64.rpm 77a1d249c98ceb9cc1ac3acb1dd787535adf32d1a759fb63b25f29b7ff839d5b RLBA-2023:2991 For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libtalloc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3-talloc-devel-2.3.4-1.el8.aarch64.rpm 67914a7b492edbf5dd3f9141bf5f0251c351ebe005b4472b6d1ce22da2fac6f2 RLBA-2023:3007 For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libtraceevent. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libtraceevent-devel-1.5.3-1.el8.aarch64.rpm 93ec8ddb9567420af1fc62e8790486a88a77d4b09b3b7ec2126e8b4e689f6f8a RLBA-2023:3048 For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for lvm2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms device-mapper-devel-1.02.181-9.el8.aarch64.rpm d0ea2d8a90c77b54af39f2f2908aa263134c924c90f503d55aebacc6b07aa0ca device-mapper-event-devel-1.02.181-9.el8.aarch64.rpm 4f3d30cbfe9c01b316d7cab49a5662ae922e25a88ca7fca5f86291eb090bd06d lvm2-devel-2.03.14-9.el8.aarch64.rpm 9433f339f0f1d10e703f5bb263ef81843a63ec2f42bf61973aaca3e8e1abf361 RLSA-2021:1849 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. The following packages have been upgraded to a later upstream version: freerdp (2.2.0). (BZ#1881971) Security Fix(es): * freerdp: out of bounds read in TrioParse (CVE-2020-4030) * freerdp: out of bound reads resulting in accessing memory location outside of static array PRIMARY_DRAWING_ORDER_FIELD_BYTES (CVE-2020-11095) * freerdp: out of bounds read in PRIMARY_DRAWING_ORDER_FIELD_BYTES (CVE-2020-11097) * freerdp: out of bounds read in license_read_new_or_upgrade_license_packet (CVE-2020-11099) * freerdp: integer overflow due to missing input sanitation in rdpegfx channel (CVE-2020-15103) * freerdp: out-of-bounds read in RLEDECOMPRESS (CVE-2020-4033) * freerdp: out-of-bound read in update_read_cache_bitmap_v3_order (CVE-2020-11096) * freerdp: out-of-bound read in glyph_cache_put (CVE-2020-11098) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for freerdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. The following packages have been upgraded to a later upstream version: freerdp (2.2.0). (BZ#1881971) Security Fix(es): * freerdp: out of bounds read in TrioParse (CVE-2020-4030) * freerdp: out of bound reads resulting in accessing memory location outside of static array PRIMARY_DRAWING_ORDER_FIELD_BYTES (CVE-2020-11095) * freerdp: out of bounds read in PRIMARY_DRAWING_ORDER_FIELD_BYTES (CVE-2020-11097) * freerdp: out of bounds read in license_read_new_or_upgrade_license_packet (CVE-2020-11099) * freerdp: integer overflow due to missing input sanitation in rdpegfx channel (CVE-2020-15103) * freerdp: out-of-bounds read in RLEDECOMPRESS (CVE-2020-4033) * freerdp: out-of-bound read in update_read_cache_bitmap_v3_order (CVE-2020-11096) * freerdp: out-of-bound read in glyph_cache_put (CVE-2020-11098) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms freerdp-devel-2.2.0-10.el8.aarch64.rpm f392eb8e91d56a8f73e196b00b51d593ab48cd6e5fa0893063c1ae75d0bd9f26 RLBA-2023:2783 For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for wpebackend-fdo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms wpebackend-fdo-devel-1.10.0-3.el8.aarch64.rpm 9512eb0bf4175da28cc84c288b8d7e7cfd51226f41d8b3e0e18cb0e231703398 RLSA-2023:2810 Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): * poppler: integer overflow in JBIG2 decoder using malformed files (CVE-2022-38784) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for poppler. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): * poppler: integer overflow in JBIG2 decoder using malformed files (CVE-2022-38784) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms poppler-cpp-20.11.0-6.el8.aarch64.rpm 35d9912b060d0de81aaf5826f024ed061cabff5e21a66dbaef28edd35909d9a9 poppler-cpp-devel-20.11.0-6.el8.aarch64.rpm fc87b4181ccbc70ae66d7b069552d5285762c02ffc00004cd80d6b90b2ae2ff9 poppler-devel-20.11.0-6.el8.aarch64.rpm ad840b0f32274c06a8baab3dc136213c8c2d44a4336bc6d5125dd0bbc686dc07 poppler-glib-devel-20.11.0-6.el8.aarch64.rpm cd7bde41b823120557ded2b60a535605a77d274904895eb2318da6740d2119b3 poppler-qt5-devel-20.11.0-6.el8.aarch64.rpm 4684b1c920d80ab9ad7836c5ee10ebe18f6c4ea7c675e0e98fb82f8b08d62c3b RLBA-2023:3102 The util-linux packages contain a large variety of low-level system utilities necessary for a Linux system to function. Among others, these include the libuuid and uuidd daemon. Bug Fix(es) and Enhancement(s): * Backport hint about systemd daemon-reload. (BZ#2180442) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for util-linux. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The util-linux packages contain a large variety of low-level system utilities necessary for a Linux system to function. Among others, these include the libuuid and uuidd daemon. Bug Fix(es) and Enhancement(s): * Backport hint about systemd daemon-reload. (BZ#2180442) rocky-linux-8-aarch64-powertools-rpms libmount-devel-2.32.1-42.el8_8.aarch64.rpm 595c4ed836b4237afcf8ae02c084de6a87e16797c08e79d9ffb4c92975808ccf RLBA-2023:2765 For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gnome-software. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gnome-software-devel-3.36.1-11.el8.aarch64.rpm 4f17c61a3445c4953a6073cbb11600075360466a0607352f8e5aad60ddab4640 RLBA-2023:2812 For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for qt5-qttools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-qttools-static-5.15.3-4.el8.aarch64.rpm c13adc8e12426f5b1638fcddbc3f14382acadea5e94b9d7f325ccfb4b870278f RLBA-2023:2922 For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for python3.11-psycopg2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3.11-psycopg2-debug-2.9.3-1.el8.aarch64.rpm a000c16fb01af3b3f34b8584611bd7585062a92cdd0b4184d185d928e6666494 python3.11-psycopg2-tests-2.9.3-1.el8.aarch64.rpm 1300ac924295321d3f9e9c3994423c9b1f835977cd5f7209980ba555a8f54b01 RLBA-2023:3092 Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Bug Fix(es) and Enhancement(s): * Rebase nmstate to latest 1.x branch. (BZ#2181166) * Failures when DNS is set to auto with DHCP and there is a static DNS search string defined. (BZ#2186178) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nmstate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Bug Fix(es) and Enhancement(s): * Rebase nmstate to latest 1.x branch. (BZ#2181166) * Failures when DNS is set to auto with DHCP and there is a static DNS search string defined. (BZ#2186178) rocky-linux-8-aarch64-powertools-rpms nmstate-devel-1.4.4-1.el8_8.aarch64.rpm 379b764005703a9bbaca1d7083d4fc1539eb4d276752ce734c671cf24c22306f RLBA-2023:3093 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.116-2.el8_8.aarch64.rpm f7ad4769e6097cd7716c8f851a48248bb40cf6f0dcf8ae3746926dca12161caa RLBA-2023:3094 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.105 and Runtime 7.0.5 [rhel-8.8.0.z] (BZ#2183589) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.105 and Runtime 7.0.5 [rhel-8.8.0.z] (BZ#2183589) rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.105-2.el8_8.aarch64.rpm 599e71d22144d86142246ce52af4b032693aa0f84f9bb3197cbdd43d1b28b6ba RLBA-2023:3099 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Bug Fix(es): * All Rocky Linux versions now share a single OpenJDK build (RHBZ#2189330) * In FIPS mode, the list of cryptographic services and algorithms available is limited to those that are FIPS compliant. It was found that this filtering was too strict and was also excluding service attributes. These attributes are now made available in FIPS mode, as they are in non-FIPS mode. (RHBZ#2186834) * Previously, the XML signature provider was unable to operate in FIPS mode. Following recent enhancements to FIPS mode support, the XML signature provider can now be supported. It is now enabled in FIPS mode. (RHBZ#2186826) * The PKCS#11 provider used by FIPS mode can be supported by different PKCS#11 tokens. It was found that some PKCS#11 tokens may not be initialised fully before use, leading to an exception being thrown by the provider. With this release, this exception is now expected and handled by the FIPS support code. (RHBZ#2186830) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for java-17-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Bug Fix(es): * All Rocky Linux versions now share a single OpenJDK build (RHBZ#2189330) * In FIPS mode, the list of cryptographic services and algorithms available is limited to those that are FIPS compliant. It was found that this filtering was too strict and was also excluding service attributes. These attributes are now made available in FIPS mode, as they are in non-FIPS mode. (RHBZ#2186834) * Previously, the XML signature provider was unable to operate in FIPS mode. Following recent enhancements to FIPS mode support, the XML signature provider can now be supported. It is now enabled in FIPS mode. (RHBZ#2186826) * The PKCS#11 provider used by FIPS mode can be supported by different PKCS#11 tokens. It was found that some PKCS#11 tokens may not be initialised fully before use, leading to an exception being thrown by the provider. With this release, this exception is now expected and handled by the FIPS support code. (RHBZ#2186830) rocky-linux-8-aarch64-powertools-rpms java-17-openjdk-demo-fastdebug-17.0.7.0.7-3.el8.aarch64.rpm f56a7fe460427dc12573174aae21d0c570e1b2c052c90d7e6fa945804b076a72 java-17-openjdk-demo-slowdebug-17.0.7.0.7-3.el8.aarch64.rpm 61e408777f72cd9e96cb5b47ae38cb6df49318a3c4c4b302bafd74be2cc55e3d java-17-openjdk-devel-fastdebug-17.0.7.0.7-3.el8.aarch64.rpm fa234a5c67deb1985a7a8e96fdcdd37d630f6691160dc2c7895a2e69a37324a2 java-17-openjdk-devel-slowdebug-17.0.7.0.7-3.el8.aarch64.rpm 49be380a52576f7b3f3a749d53f31688d9e1ba72c97b78f845b386913e7a9700 java-17-openjdk-fastdebug-17.0.7.0.7-3.el8.aarch64.rpm 10b878d6fb4e40f95c6f61952c830b66d36f04ed637049efc10e3ad9d08c9c26 java-17-openjdk-headless-fastdebug-17.0.7.0.7-3.el8.aarch64.rpm 88e762a6c982163c1eca1cffdf8c50267e2137e26171c9d5425306d2ea87527b java-17-openjdk-headless-slowdebug-17.0.7.0.7-3.el8.aarch64.rpm 2f5bcc0c19e1c635b4fa8442b670f42d7b356556ca15557cfc028c1866d51ae2 java-17-openjdk-jmods-fastdebug-17.0.7.0.7-3.el8.aarch64.rpm 93924523c4e8c7186b3f7b3d6a42b610a70dad4d1f49e9578235129574e9f098 java-17-openjdk-jmods-slowdebug-17.0.7.0.7-3.el8.aarch64.rpm 6b351b49498f030480dd6f1735349cc25b065e27f7ebbdf2143a52b577c286cb java-17-openjdk-slowdebug-17.0.7.0.7-3.el8.aarch64.rpm 01366dbba18afc93fbd307ef2b180bade10dc33f25448cc480f2aa47f61099d6 java-17-openjdk-src-fastdebug-17.0.7.0.7-3.el8.aarch64.rpm 2e3a9ee5d73a90474468e6c3c55638c206f179b8b21e345c0244cc2b3d8ad907 java-17-openjdk-src-slowdebug-17.0.7.0.7-3.el8.aarch64.rpm 188645bea12bad2c82af6ca36b4d397ffcd884e22af4f853a799287554a9d5bc java-17-openjdk-static-libs-fastdebug-17.0.7.0.7-3.el8.aarch64.rpm eb2b0aae148e8d5f9cf5bb84a348a7121a3e8904b2f44ee20d6e40e5ecc4b6e1 java-17-openjdk-static-libs-slowdebug-17.0.7.0.7-3.el8.aarch64.rpm 598b4228b969eed66e8a362c8fb17a907ae02ccfdd7c4277242c1a9eaa783eb7 RLBA-2023:3100 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fix(es): * All Rocky Linux versions now share a single OpenJDK build (RHBZ#2189327) * Attempting to obtain a HMac key generation using the Sun PKCS11 provider, as in FIPS mode, caused an error to be thrown. This is because the PKCS#11 provider did not offer the corresponding key generation algorithms. The Sun PKCS11 provider has been updated to support these algorithms. (RHBZ#2190091) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fix(es): * All Rocky Linux versions now share a single OpenJDK build (RHBZ#2189327) * Attempting to obtain a HMac key generation using the Sun PKCS11 provider, as in FIPS mode, caused an error to be thrown. This is because the PKCS#11 provider did not offer the corresponding key generation algorithms. The Sun PKCS11 provider has been updated to support these algorithms. (RHBZ#2190091) rocky-linux-8-aarch64-powertools-rpms java-11-openjdk-demo-fastdebug-11.0.19.0.7-4.el8.aarch64.rpm fabb37d5a5a3d4a3174a4b2f93be0adfff1063b393420252e896c0243dc0b157 java-11-openjdk-demo-slowdebug-11.0.19.0.7-4.el8.aarch64.rpm c193708d624805002368a92081b2e86b1418f84a51b4cae0ae2baf1c1fea25f9 java-11-openjdk-devel-fastdebug-11.0.19.0.7-4.el8.aarch64.rpm 7fa4c6d47e9b0bf196f3e304aeb8a6ffb40506754d500be8e62ebe5727457e59 java-11-openjdk-devel-slowdebug-11.0.19.0.7-4.el8.aarch64.rpm c985a5c87a04654273145f742013dfbd0a3e3b37a198826f9e20e4514fd9a604 java-11-openjdk-fastdebug-11.0.19.0.7-4.el8.aarch64.rpm 0292d7fe36cb6285c6c50ddb71a851afa3dbda72f993422dd0ac44f5c21fc060 java-11-openjdk-headless-fastdebug-11.0.19.0.7-4.el8.aarch64.rpm 2b36c0280d8469539528844e26f06f6082f25201e6051a945eb4f2af9754bcc1 java-11-openjdk-headless-slowdebug-11.0.19.0.7-4.el8.aarch64.rpm 5ed1da3d696df1d035a4b4597829c3350be7fc6d8ced52dafabcf7402c4cfb10 java-11-openjdk-jmods-fastdebug-11.0.19.0.7-4.el8.aarch64.rpm 48a1c919fa28c5c1a454f7501a9df2de968c97b886f9f8368a12014d871f0a41 java-11-openjdk-jmods-slowdebug-11.0.19.0.7-4.el8.aarch64.rpm 3489889816800b08d3a90f4fc3e76faddab6e024ab6f570c6df544a90d842d68 java-11-openjdk-slowdebug-11.0.19.0.7-4.el8.aarch64.rpm 6d6790040120a87407cb280d675610abd553b0b92fcc302953214abee7c32265 java-11-openjdk-src-fastdebug-11.0.19.0.7-4.el8.aarch64.rpm 133d56f72bbe7e4caf6361a7a63b5ffca25dee1c0c57f5eed9c4e5e2c21c4aa5 java-11-openjdk-src-slowdebug-11.0.19.0.7-4.el8.aarch64.rpm f44c72a4c82269ee59ea6590634a75927221ee46d52ce8301891200b7791013d java-11-openjdk-static-libs-fastdebug-11.0.19.0.7-4.el8.aarch64.rpm 28aa1daf596dd460662f39975f488eeb167c04a0600ffb6be0b40e45e41e0bba java-11-openjdk-static-libs-slowdebug-11.0.19.0.7-4.el8.aarch64.rpm 0f83ab95454f4423dfad7ec328e7e0ca531f3c38cf7e8fdbda41caa96d57144f RLBA-2023:3101 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Bug Fix(es): * All Rocky Linux versions now share a single OpenJDK build (RHBZ#2189328) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Bug Fix(es): * All Rocky Linux versions now share a single OpenJDK build (RHBZ#2189328) rocky-linux-8-aarch64-powertools-rpms java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.372.b07-4.el8.aarch64.rpm 5c29181edb11d2991d6fc500e356114e3a115ff40d4cd93f06fa5ed34d49bc37 java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.372.b07-4.el8.aarch64.rpm d1ae233695f53e3b362e2f0aa2e459b97d56a7c37688fbec55f80a5a403a9632 java-1.8.0-openjdk-demo-fastdebug-1.8.0.372.b07-4.el8.aarch64.rpm 5437e7c674163e3bb507fd490c330005e6d814a6a65acb6dfe3f273ad32a8bb3 java-1.8.0-openjdk-demo-slowdebug-1.8.0.372.b07-4.el8.aarch64.rpm 6f101a1b34a0ee8fae2e431e5d43970fb3f78bb4fb6058268d510cf088da6b30 java-1.8.0-openjdk-devel-fastdebug-1.8.0.372.b07-4.el8.aarch64.rpm b122d1777de9cacd0365a7430abd657a891954b0c5faa9dc79c55bdccef55a9a java-1.8.0-openjdk-devel-slowdebug-1.8.0.372.b07-4.el8.aarch64.rpm 422e27f5305c34760a3044c238092de383995ab031af33b9e7538e2a91ccadac java-1.8.0-openjdk-fastdebug-1.8.0.372.b07-4.el8.aarch64.rpm c1da5dda55a7eed9cd9d9158fb1e8276f6949d6e945e921600140ac35141a13f java-1.8.0-openjdk-headless-fastdebug-1.8.0.372.b07-4.el8.aarch64.rpm a9b2366fc782801de00319b2e7c38522c3dd52908265f0ba2763f986f5cabec0 java-1.8.0-openjdk-headless-slowdebug-1.8.0.372.b07-4.el8.aarch64.rpm 2de261314ac0a79ecbeec7621ba23d9fbfb21596c66137d7e5e0d8eb16efcd61 java-1.8.0-openjdk-slowdebug-1.8.0.372.b07-4.el8.aarch64.rpm 4bcda9cbfd2ca9c4e8cd6f8fe263176a0b5a24aefdb4794001bb534484d6010b java-1.8.0-openjdk-src-fastdebug-1.8.0.372.b07-4.el8.aarch64.rpm 952ced30c699bb7af5856f824883bf373dbda304b132d4c1d134015ec0c9328f java-1.8.0-openjdk-src-slowdebug-1.8.0.372.b07-4.el8.aarch64.rpm 124a129226d74746628d219c9e9aa7d9eb4a5908f134e27169e4574bb4fc7820 RLBA-2023:2978 For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for opencryptoki. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms opencryptoki-devel-3.19.0-2.el8.aarch64.rpm 56b85bb8770eb1539f90478bcea597c64846a21f722650248d7d084af0fdd002 RLBA-2023:2979 For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libdnf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libdnf-devel-0.63.0-14.el8_8.aarch64.rpm d3e1e986ab6498d603cda25baf87a8f857163e74743608cb5ef88bff4f83a1c6 RLBA-2023:3010 For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libtracefs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libtracefs-devel-1.3.1-2.el8.aarch64.rpm 8e4af60d91fd420dc9c54af64d6c877d11f708b377aaa6c0513824c70087f9d1 RLBA-2023:3036 For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for librhsm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms librhsm-devel-0.0.3-5.el8.aarch64.rpm f83fe5a4ef9c9e9e0a8028ee126e4dadebdd6026553d29d37e4d3cc5936ce998 RLBA-2023:3063 For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for file. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms file-devel-5.33-24.el8.aarch64.rpm 7cdb0c2b08b351800c419674091d78e612e3c8d146d6e119bc455a0708521cb0 RLBA-2021:1801 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libgpod. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libgpod-0.8.3-24.el8.aarch64.rpm 9a2ac829d7f81e2f06b6aec6b726cb1311fb42c7457f7f0b07bd3ec64917e25e libgpod-devel-0.8.3-24.el8.aarch64.rpm 65ae4b96f8f497d581578577fd25ee939f4524a0599077b430a36def7c10b167 libgpod-doc-0.8.3-24.el8.aarch64.rpm 5cb11d20b4e3282b1d8ccaad17645b39564e2c5b323748274d37d0e6343e53a8 RLBA-2021:1837 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for liblangtag. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms liblangtag-devel-0.6.2-8.el8.aarch64.rpm 95a7a89b590ed6f6ad7bda2edfdb08cddce529dcd5dd27d90ee1641eab7a8f36 liblangtag-doc-0.6.2-8.el8.noarch.rpm f43ea18bb2eaf66a6fc1097c3d708353a0a9acfbf9031191db36ba233d6eee37 liblangtag-gobject-0.6.2-8.el8.aarch64.rpm 088dd9bb18cb323bf24edebd5ec40e7a281025af55ef8c7d8b5e2d3202323006 RLSA-2021:1842 Raptor is the RDF Parser Toolkit for Redland that provides a set of standalone RDF parsers, generating triples from RDF/XML or N-Triples. Security Fix(es): * raptor: heap-based buffer overflows due to an error in calculating the maximum nspace declarations for the XML writer (CVE-2017-18926) * raptor2: malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common (CVE-2020-25713) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for raptor2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Raptor is the RDF Parser Toolkit for Redland that provides a set of standalone RDF parsers, generating triples from RDF/XML or N-Triples. Security Fix(es): * raptor: heap-based buffer overflows due to an error in calculating the maximum nspace declarations for the XML writer (CVE-2017-18926) * raptor2: malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common (CVE-2020-25713) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms raptor2-devel-2.0.15-16.el8.aarch64.rpm 66bbc94e0c4acf980d9bbfe2c6544f56237cefe0fd247d9f681c4ca26e4b77ee RLBA-2021:4348 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for brasero. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms brasero-devel-3.12.2-5.el8.aarch64.rpm d683e41c40d8355245ac9e1f637e28b57e5c8f5e500ea7f4f2c9217c9a8c873f brasero-libs-3.12.2-5.el8.aarch64.rpm 8c1d9c22d85d7b888633240a1a63958df1001d112a244c308ae09859b4e742ab RLBA-2020:3148 Rocky Enterprise Software Foundation OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud running on commonly available physical hardware. For additional information about the items in this advisory, refer to the Technical Notes chapter of the Release Notes, https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.1/html/release_notes/chap-technical_notes Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for python-gflags, python-oauth2client, google-api-python-client, python-httplib2, python-uritemplate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Rocky Enterprise Software Foundation OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud running on commonly available physical hardware. For additional information about the items in this advisory, refer to the Technical Notes chapter of the Release Notes, https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.1/html/release_notes/chap-technical_notes rocky-linux-8-aarch64-powertools-rpms python3-httplib2-0.10.3-4.el8.noarch.rpm 6e8b831ea4c97e85d08e061f6ed8f03ffd62a7ab0df8bc9b2f3222fd2c33e8b7 RLSA-2023:3661 The texlive packages contain TeXLive, an implementation of TeX for Linux or UNIX systems. Security Fix(es): * texlive: arbitrary code execution allows document complied with older version (CVE-2023-32700) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for texlive. This update affects Rocky Linux 9, Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The texlive packages contain TeXLive, an implementation of TeX for Linux or UNIX systems. Security Fix(es): * texlive: arbitrary code execution allows document complied with older version (CVE-2023-32700) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms texlive-lib-devel-20180414-29.el8_8.aarch64.rpm 9de7c731763b28a9ba00cfd015e2f7f5141b2481fd224a57b4cee24d8d55abff RLBA-2023:3845 NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es): * NetworkManager brings down connection when the IPv6 link-local address is removed (BZ#2209355) * ifcfg: Mask the high bit in InfiniBand P-Key IDs again (BZ#2209975) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for NetworkManager. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es): * NetworkManager brings down connection when the IPv6 link-local address is removed (BZ#2209355) * ifcfg: Mask the high bit in InfiniBand P-Key IDs again (BZ#2209975) rocky-linux-8-aarch64-powertools-rpms NetworkManager-libnm-devel-1.40.16-3.el8_8.aarch64.rpm 9de945a92b44aaa378d82a612557bc53ed449d10b05d33b6be7cf61e7d06b6d4 RLSA-2023:4100 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: named's configured cache size limit can be significantly exceeded (CVE-2023-2828) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for bind9.16. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: named's configured cache size limit can be significantly exceeded (CVE-2023-2828) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms bind9.16-devel-9.16.23-0.14.el8_8.1.aarch64.rpm 41e522a2d796494c6854cb8333ae437b8abae69f4ed485f59a859aef8bf584e7 bind9.16-doc-9.16.23-0.14.el8_8.1.noarch.rpm 9e0afbfc91960e8fcdebe49b409519c4fa1243f58b39e1102f8a3c244a6a5a10 RLSA-2023:4176 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049) * OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-07, 8u382) [rhel-8] (BZ#2219727) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049) * OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-07, 8u382) [rhel-8] (BZ#2219727) rocky-linux-8-aarch64-powertools-rpms java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.382.b05-2.el8.aarch64.rpm 2946dcb9692203d17d6baee6a5630fe2f8b72c86c802d871ebc939b373b771ab java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.382.b05-2.el8.aarch64.rpm 8f4e3fb7a742ec4b82acc7325dce0429404512b2656bff1d24c5760eafa9d976 java-1.8.0-openjdk-demo-fastdebug-1.8.0.382.b05-2.el8.aarch64.rpm b3221175168fc04c5826d51ea2594c0cd314cd6760a8c982fbb1c68bc5bce0b6 java-1.8.0-openjdk-demo-slowdebug-1.8.0.382.b05-2.el8.aarch64.rpm ba1c6e4d6096c8eccd762bc8fe97afdaeb107fba20dc201b31e737f21de2c02d java-1.8.0-openjdk-devel-fastdebug-1.8.0.382.b05-2.el8.aarch64.rpm 2b7b426615751527f371458ec9d672811bf390f25881d6971a60f2a438110f91 java-1.8.0-openjdk-devel-slowdebug-1.8.0.382.b05-2.el8.aarch64.rpm aee2149789fc20a3a4e721e5212f5cc50f075e0148e353a82da975ce9884b881 java-1.8.0-openjdk-fastdebug-1.8.0.382.b05-2.el8.aarch64.rpm 505828f36404fd44205bbefcfb800ad9041f0c4ebb433b7bea2afee0e0b3e067 java-1.8.0-openjdk-headless-fastdebug-1.8.0.382.b05-2.el8.aarch64.rpm cfe57958bfa077703489be3e231ea07f3b120d48ba5206beba7f79202587cf17 java-1.8.0-openjdk-headless-slowdebug-1.8.0.382.b05-2.el8.aarch64.rpm c2581a10123dccc6e4b95e7503c27aa047f77447c10ecb2d815fd2592904ffde java-1.8.0-openjdk-slowdebug-1.8.0.382.b05-2.el8.aarch64.rpm 8a0676aacd235ab065d38883431f5adfcd5b6a4a5a91c761657bc2236daeaeb7 java-1.8.0-openjdk-src-fastdebug-1.8.0.382.b05-2.el8.aarch64.rpm 5c0234ebc6dfaa1a26eeb90c962e9377cb116560903986e57e37a4e24b9dc6cb java-1.8.0-openjdk-src-slowdebug-1.8.0.382.b05-2.el8.aarch64.rpm 0df71b9caf6233e1e22ce59091c8951cdb34ba06faa0349518761a9b5aa21a26 RLSA-2023:3847 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference (CVE-2023-28466) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * RPL-P IOTG/RPL-S IOTG: cpu frequency issues (BZ#2179332) * iscsi target deadlocks when the same host acts as an initiator to itself (i.e. connects via 127.0.0.1) (BZ#2182092) * HPEMC Rocky Linux 8 REGRESSION: acpi-cpufreq: Skip initialization if a cpufreq driver exists (BZ#2186305) * kernel[-rt]: task deadline_test:2526 blocked for more than 600 seconds. (BZ#2188623) * Dying percpu kworkers cause issues on isolated CPUs [rhel-8] (BZ#2189595) * block layer: cherry pick recent upstream fixes (up to v6.3-rc1) for 8.9 (BZ#2193236) * xfs: deadlock in xfs_btree_split_worker (BZ#2196390) * Rocky Linux 8.9 hwpoison: data loss when memory error occurs on hugetlb pagecache (BZ#2196665) * Intel E810 card unable to create a MACVLAN on interface already configured as SRIOV (BZ#2203214) * mlxsw: kselftest case -usr-libexec-kselftests-drivers-net-mlxsw-devlink-trap-policer-sh trigger call trace (BZ#2207564) * Invalid character detected by rpminspect in Documentation/translations/zh_CN/process/magic-number.rst (BZ#2208284) Enhancement(s): * Intel 8.9 FEAT SPR power: Intel SST SNC4 support (BZ#2185604) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference (CVE-2023-28466) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * RPL-P IOTG/RPL-S IOTG: cpu frequency issues (BZ#2179332) * iscsi target deadlocks when the same host acts as an initiator to itself (i.e. connects via 127.0.0.1) (BZ#2182092) * HPEMC Rocky Linux 8 REGRESSION: acpi-cpufreq: Skip initialization if a cpufreq driver exists (BZ#2186305) * kernel[-rt]: task deadline_test:2526 blocked for more than 600 seconds. (BZ#2188623) * Dying percpu kworkers cause issues on isolated CPUs [rhel-8] (BZ#2189595) * block layer: cherry pick recent upstream fixes (up to v6.3-rc1) for 8.9 (BZ#2193236) * xfs: deadlock in xfs_btree_split_worker (BZ#2196390) * Rocky Linux 8.9 hwpoison: data loss when memory error occurs on hugetlb pagecache (BZ#2196665) * Intel E810 card unable to create a MACVLAN on interface already configured as SRIOV (BZ#2203214) * mlxsw: kselftest case -usr-libexec-kselftests-drivers-net-mlxsw-devlink-trap-policer-sh trigger call trace (BZ#2207564) * Invalid character detected by rpminspect in Documentation/translations/zh_CN/process/magic-number.rst (BZ#2208284) Enhancement(s): * Intel 8.9 FEAT SPR power: Intel SST SNC4 support (BZ#2185604) rocky-linux-8-aarch64-powertools-rpms kernel-tools-libs-devel-4.18.0-477.15.1.el8_8.aarch64.rpm 1c039ead7a34762b4b657b36dc72cbf6c728c9eb4e590441b1ff2b460ea7b977 RLEA-2023:3849 The iproute packages contain networking utilities, such as ip and rtmon, designed to use the advanced networking capabilities of the Linux kernel. Bug Fix(es): * macvlan: Add bclim parameter (BZ#2209687) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for iproute. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The iproute packages contain networking utilities, such as ip and rtmon, designed to use the advanced networking capabilities of the Linux kernel. Bug Fix(es): * macvlan: Add bclim parameter (BZ#2209687) rocky-linux-8-aarch64-powertools-rpms iproute-devel-5.18.0-1.1.el8_8.aarch64.rpm 8d2257d5cdd3b06a19f08bacf04ac79f35c6bfdff96823f4a4ba348a7217349b RLSA-2023:3425 The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System (CUPS) distribution but is now maintained independently. Security Fix(es): * cups-filters: remote code execution in cups-filters, beh CUPS backend (CVE-2023-24805) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for cups-filters. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System (CUPS) distribution but is now maintained independently. Security Fix(es): * cups-filters: remote code execution in cups-filters, beh CUPS backend (CVE-2023-24805) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms cups-filters-devel-1.20.0-29.el8_8.2.aarch64.rpm 69868778fb90249c2d1d37f184d1fa410dc6420e2dd24fc10bf1149837ee320d RLSA-2023:3582 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18. The following packages have been upgraded to a later upstream version: dotnet6.0 (6.0.118). (BZ#2212378) Security Fix(es): * dotnet: .NET Kestrel: Denial of Service processing X509 Certificates (CVE-2023-29331) * dotnet: vulnerability exists in NuGet where a potential race condition can lead to a symlink attack (CVE-2023-29337) * dotnet: Remote Code Execution - Source generators issue can lead to a crash due to unmanaged heap corruption (CVE-2023-33128) * dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML (CVE-2023-24936) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18. The following packages have been upgraded to a later upstream version: dotnet6.0 (6.0.118). (BZ#2212378) Security Fix(es): * dotnet: .NET Kestrel: Denial of Service processing X509 Certificates (CVE-2023-29331) * dotnet: vulnerability exists in NuGet where a potential race condition can lead to a symlink attack (CVE-2023-29337) * dotnet: Remote Code Execution - Source generators issue can lead to a crash due to unmanaged heap corruption (CVE-2023-33128) * dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML (CVE-2023-24936) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.118-1.el8_8.aarch64.rpm 4cc7c20ca703c83cf78ca15a899dd4eca67d0edaa169643d10c21ddb49485be3 RLSA-2023:3593 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. The following packages have been upgraded to a later upstream version: dotnet7.0 (7.0.107). (BZ#2211876) Security Fix(es): * dotnet: .NET Kestrel: Denial of Service processing X509 Certificates (CVE-2023-29331) * dotnet: vulnerability exists in NuGet where a potential race condition can lead to a symlink attack (CVE-2023-29337) * dotnet: Elevation of privilege - TarFile.ExtractToDirectory ignores extraction directory argument (CVE-2023-32032) * dotnet: Remote Code Execution - Source generators issue can lead to a crash due to unmanaged heap corruption (CVE-2023-33128) * dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML (CVE-2023-24936) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. The following packages have been upgraded to a later upstream version: dotnet7.0 (7.0.107). (BZ#2211876) Security Fix(es): * dotnet: .NET Kestrel: Denial of Service processing X509 Certificates (CVE-2023-29331) * dotnet: vulnerability exists in NuGet where a potential race condition can lead to a symlink attack (CVE-2023-29337) * dotnet: Elevation of privilege - TarFile.ExtractToDirectory ignores extraction directory argument (CVE-2023-32032) * dotnet: Remote Code Execution - Source generators issue can lead to a crash due to unmanaged heap corruption (CVE-2023-33128) * dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML (CVE-2023-24936) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.107-1.el8_8.aarch64.rpm 8887c82e7caa0487c1db241cd88928f6454487b008a05f2db49d1da80e0593d1 RLSA-2023:3594 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fix(es): * python: urllib.parse url blocklisting bypass (CVE-2023-24329) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for python3.11. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fix(es): * python: urllib.parse url blocklisting bypass (CVE-2023-24329) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms python3.11-debug-3.11.2-2.el8_8.1.aarch64.rpm 331ae9086b3f7b1b5b32dca52eb1240558859e2710a69b7103b189550aeccc7d python3.11-idle-3.11.2-2.el8_8.1.aarch64.rpm 1ad2f82d4d18878c20f07187d959e9d8a9bab4113438fbee4c0b377e415676c6 python3.11-test-3.11.2-2.el8_8.1.aarch64.rpm b6cae6f932d1b53de26033d08ff6bce3223f7244c435e737085e02ee37f45c64 RLBA-2023:3823 Mutter is a compositing window manager that displays and manages desktop through OpenGL. It combines the window-management logic inherited from the Metacity window manager with a display engine that uses the Clutter toolkit. Bug Fix(es): * [DELL 8.6 BUG]System hang after plug-in 4K monitor to Atomic dock (BZ#2209025) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for mutter. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mutter is a compositing window manager that displays and manages desktop through OpenGL. It combines the window-management logic inherited from the Metacity window manager with a display engine that uses the Clutter toolkit. Bug Fix(es): * [DELL 8.6 BUG]System hang after plug-in 4K monitor to Atomic dock (BZ#2209025) rocky-linux-8-aarch64-powertools-rpms mutter-devel-3.32.2-69.el8_8.aarch64.rpm e6f7858818bbf0191a14cbe0e4bcbddfe88d970e7f8b9b60817ec088511c3ef2 RLSA-2023:3827 The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c (CVE-2022-48281) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libtiff. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c (CVE-2022-48281) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libtiff-tools-4.0.9-28.el8_8.aarch64.rpm 3da7ddc42d48554111b1d264fed2a2cd6896a334ae9944e682c64e92daf273e1 RLBA-2023:3832 Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Enhancement(s): * [Backport to 8.X] DHCP based installation shall allow creation network bonding and allowing custom/specifying routes with nmstate. (BZ#2213554) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nmstate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Enhancement(s): * [Backport to 8.X] DHCP based installation shall allow creation network bonding and allowing custom/specifying routes with nmstate. (BZ#2213554) rocky-linux-8-aarch64-powertools-rpms nmstate-devel-1.4.4-2.el8_8.aarch64.rpm 28007faa3aedc1c67fc6fcfc9601f367d6694e78c562161923185ce7ae4b22bd RLBA-2023:3834 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.119 and Runtime 6.0.19 [rhel-8.8.0.z] (BZ#2216221) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.119 and Runtime 6.0.19 [rhel-8.8.0.z] (BZ#2216221) rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.119-1.el8_8.aarch64.rpm 82d9f9e1caaa471fb57c859b5d478acb1c21ee9654c2004bc1d7424bbe1e5277 RLBA-2023:3835 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.108 and Runtime 7.0.8 [rhel-8.8.0.z] (BZ#2216225) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.108 and Runtime 7.0.8 [rhel-8.8.0.z] (BZ#2216225) rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.108-1.el8_8.aarch64.rpm 2b4e86300ca7246199b6fbfcb32aa98812394d99d80e6f5c9fe8914b5c3d0f13 RLSA-2023:4058 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. The following packages have been upgraded to a later upstream version: dotnet7.0 (SDK 7.0.109, Runtime 7.0.9). (BZ#2219633) Security Fix(es): * dotnet: race condition in Core SignInManager<TUser> PasswordSignInAsync method (CVE-2023-33170) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. The following packages have been upgraded to a later upstream version: dotnet7.0 (SDK 7.0.109, Runtime 7.0.9). (BZ#2219633) Security Fix(es): * dotnet: race condition in Core SignInManager<TUser> PasswordSignInAsync method (CVE-2023-33170) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.109-1.el8_8.aarch64.rpm 6db1761b8cc67dd09c50d6cffb29aed7ff23c2785feca27f9bd18acccd07d26b RLSA-2023:4059 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. The following packages have been upgraded to a later upstream version: dotnet6.0 (SDK 6.0.120, Runtime 6.0.20). (BZ#2219639) Security Fix(es): * dotnet: race condition in Core SignInManager<TUser> PasswordSignInAsync method (CVE-2023-33170) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. The following packages have been upgraded to a later upstream version: dotnet6.0 (SDK 6.0.120, Runtime 6.0.20). (BZ#2219639) Security Fix(es): * dotnet: race condition in Core SignInManager<TUser> PasswordSignInAsync method (CVE-2023-33170) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.120-1.el8_8.aarch64.rpm 954da152bd262c898f1a615125fabcfef79cd1fd52f2c6c09dc8933a67b1c7e4 RLSA-2023:5144 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.122 and .NET Runtime 6.0.22. Security Fix(es): * dotnet: Denial of Service with Client Certificates using .NET Kestrel (CVE-2023-36799) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.122 and .NET Runtime 6.0.22. Security Fix(es): * dotnet: Denial of Service with Client Certificates using .NET Kestrel (CVE-2023-36799) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.122-1.el8_8.aarch64.rpm e7c6265f70fec383248621c3580c84ca5112609eb8229c4b171ad9b18dc8d88e RLSA-2023:5244 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090) * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests (CVE-2023-3390) * kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function (CVE-2023-3776) * kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove() (CVE-2023-4004) * kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() (CVE-2023-35001) * kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788) * kernel: bluetooth: Unauthorized management command execution (CVE-2023-2002) * hw: amd: Cross-Process Information Leak (CVE-2023-20593) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * low memory deadlock with md devices and external (imsm) metadata handling - requires a kernfs notification backport (BZ#2208540) * Intel 8.9 BUG, SPR EMR FHF ACPI: Fix system hang during S3 wakeup (BZ#2218025) * OCS 4.8, cephfs kernel crash: mds_dispatch ceph_handle_snap unable to handle kernel NULL (BZ#2218271) * st_gmac: tx-checksum offload on vlan is not consistent with st_gmac interface (BZ#2219907) * refcount_t overflow often happens in mem_cgroup_id_get_online() (BZ#2221010) * avoid unnecessary page fault retires on shared memory types (BZ#2221100) * enable conntrack clash resolution for GRE (BZ#2223542) * ice: avoid bonding causing auxiliary plug/unplug under RTNL lock (BZ#2224515) * libceph: harden msgr2.1 frame segment length checks [8.x] (BZ#2227073) * Important iavf bug fixes July 2023 (BZ#2228161) * i40e error: Cannot set interface MAC/vlanid to 1e:b7:e2:02:b1:aa/0 for ifname ens4f0 vf 0: Resource temporarily unavailable (BZ#2228163) * oops on cifs_mount due to null tcon (BZ#2229128) * iptables argument "--suppl-groups" in extension "owner" does not work in Rocky Linux8 (BZ#2229715) * Hyper-V Rocky Linux 8: incomplete fc_transport implementation in storvsc causes null dereference in fc_timed_out() (BZ#2230743) * Withdrawal: GFS2: could not freeze filesystem: -16 (BZ#2231825) * Rocky Linux 8 Hyper-V: Excessive hv_storvsc driver logging with srb_status SRB_STATUS_INTERNAL_ERROR (0x30) (BZ#2231988) * Rocky Linux-8: crypto: rng - Fix lock imbalance in crypto_del_rng (BZ#2232215) * Intel 8.9 iavf: Driver Update (BZ#2232399) * Hyper-V Rocky Linux-8 hv_storvsc driver logging excessive storvsc_log events for storvsc_on_io_completion() function (BZ#2233227) Enhancement(s): * Intel 8.9 FEAT, EMR perf: Add EMR CPU PMU support (BZ#2230152) * Intel 8.9 FEAT, SPR EMR power: Add uncore frequency control driver (BZ#2230158) * Intel 8.9 FEAT EMR perf: RAPL PMU support on EMR (BZ#2230162) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090) * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests (CVE-2023-3390) * kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function (CVE-2023-3776) * kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove() (CVE-2023-4004) * kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() (CVE-2023-35001) * kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788) * kernel: bluetooth: Unauthorized management command execution (CVE-2023-2002) * hw: amd: Cross-Process Information Leak (CVE-2023-20593) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * low memory deadlock with md devices and external (imsm) metadata handling - requires a kernfs notification backport (BZ#2208540) * Intel 8.9 BUG, SPR EMR FHF ACPI: Fix system hang during S3 wakeup (BZ#2218025) * OCS 4.8, cephfs kernel crash: mds_dispatch ceph_handle_snap unable to handle kernel NULL (BZ#2218271) * st_gmac: tx-checksum offload on vlan is not consistent with st_gmac interface (BZ#2219907) * refcount_t overflow often happens in mem_cgroup_id_get_online() (BZ#2221010) * avoid unnecessary page fault retires on shared memory types (BZ#2221100) * enable conntrack clash resolution for GRE (BZ#2223542) * ice: avoid bonding causing auxiliary plug/unplug under RTNL lock (BZ#2224515) * libceph: harden msgr2.1 frame segment length checks [8.x] (BZ#2227073) * Important iavf bug fixes July 2023 (BZ#2228161) * i40e error: Cannot set interface MAC/vlanid to 1e:b7:e2:02:b1:aa/0 for ifname ens4f0 vf 0: Resource temporarily unavailable (BZ#2228163) * oops on cifs_mount due to null tcon (BZ#2229128) * iptables argument "--suppl-groups" in extension "owner" does not work in Rocky Linux8 (BZ#2229715) * Hyper-V Rocky Linux 8: incomplete fc_transport implementation in storvsc causes null dereference in fc_timed_out() (BZ#2230743) * Withdrawal: GFS2: could not freeze filesystem: -16 (BZ#2231825) * Rocky Linux 8 Hyper-V: Excessive hv_storvsc driver logging with srb_status SRB_STATUS_INTERNAL_ERROR (0x30) (BZ#2231988) * Rocky Linux-8: crypto: rng - Fix lock imbalance in crypto_del_rng (BZ#2232215) * Intel 8.9 iavf: Driver Update (BZ#2232399) * Hyper-V Rocky Linux-8 hv_storvsc driver logging excessive storvsc_log events for storvsc_on_io_completion() function (BZ#2233227) Enhancement(s): * Intel 8.9 FEAT, EMR perf: Add EMR CPU PMU support (BZ#2230152) * Intel 8.9 FEAT, SPR EMR power: Add uncore frequency control driver (BZ#2230158) * Intel 8.9 FEAT EMR perf: RAPL PMU support on EMR (BZ#2230162) rocky-linux-8-aarch64-powertools-rpms kernel-tools-libs-devel-4.18.0-477.27.1.el8_8.aarch64.rpm 40784c33e2195e9d6886cf63e9ea2e46c2d95bc25fe8a022019b7fb5b13e3ded RLSA-2023:5353 The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0800) * libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c (CVE-2023-0801) * libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c (CVE-2023-0802) * libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0803) * libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c (CVE-2023-0804) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libtiff. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0800) * libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c (CVE-2023-0801) * libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c (CVE-2023-0802) * libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0803) * libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c (CVE-2023-0804) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libtiff-tools-4.0.9-29.el8_8.aarch64.rpm c4ad0306f1abb169f56088fc4590f1658ab631a471f41e8846933fc71b8bff15 RLSA-2023:5455 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: buffer overflow in ld.so leading to privilege escalation (CVE-2023-4911) * glibc: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) * glibc: potential use-after-free in getaddrinfo() (CVE-2023-4806) * glibc: potential use-after-free in gaih_inet() (CVE-2023-4813) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: buffer overflow in ld.so leading to privilege escalation (CVE-2023-4911) * glibc: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) * glibc: potential use-after-free in getaddrinfo() (CVE-2023-4806) * glibc: potential use-after-free in gaih_inet() (CVE-2023-4813) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms glibc-benchtests-2.28-225.el8_8.6.aarch64.rpm 731eb88c6f36edc571c31f3f45a6115e220232ea3c9b66ee06d3405a85c72d08 glibc-nss-devel-2.28-225.el8_8.6.aarch64.rpm a30c801cfeff8f46eed95ddd1326373c53e7c11fa5f83d4801b4e2a952859ffe glibc-static-2.28-225.el8_8.6.aarch64.rpm 91970a7825428451bda57184ae2f011deee55643890f08bdf1db3ee15f9293b1 nss_hesiod-2.28-225.el8_8.6.aarch64.rpm 66bd2d69f6c9b13a09a54992ec2986b583542536d355f467e8b24f99d5528ff5 RLSA-2023:5463 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fix(es): * python: TLS handshake bypass (CVE-2023-40217) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for python3.11. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fix(es): * python: TLS handshake bypass (CVE-2023-40217) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms python3.11-debug-3.11.2-2.el8_8.2.aarch64.rpm d7a7b3cc62b7e17c9185bf0906ebbab3d07b1496f3edad0680cc8616b4cebe7c python3.11-idle-3.11.2-2.el8_8.2.aarch64.rpm 1d3c9eb54bcf97d2c0c489ad2b38a1c9888516307178951ecff98247aa6436ab python3.11-test-3.11.2-2.el8_8.2.aarch64.rpm 885c4ff0c4e9eade220a6b6f0bf463d8aa6d141130b39bcab3195f8bd256c193 RLSA-2023:4517 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896) * kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation (CVE-2023-1281) * kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter (CVE-2023-1829) * kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events (CVE-2023-2235) * kernel: OOB access in the Linux kernel's XFS subsystem (CVE-2023-2124) * kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer() (CVE-2023-2194) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * simultaneous writes to a page on xfs can result in zero-byte data (BZ#2184101) * Rocky Linux 8.4 - kernel: fix __clear_user() inline assembly constraints (BZ#2192602) * LPAR is crashed by Phyp when doing DLPAR CPU operations (BZ#2193375) * ice: ptp4l cpu usage spikes (BZ#2203285) * Kernel - Significant performance drop for getrandom system call when FIPS is enabled (compared to Rocky Linux 8.x for all x < 6.z) (BZ#2208127) * macvlan: backports from upstream (BZ#2209686) * Intel 8.9 BUG VROC: Pull VMD secondary bus reset patch (BZ#2211198) * Incorrect target abort handling causes iscsi deadlock (BZ#2211494) * swap deadlock when attempt to charge a page to a cgroup stalls waiting on I/O plugged on another task in swap code (BZ#2211513) * BUG_ON "kernel BUG at mm/rmap.c:1041!" in __page_set_anon_rmap() when vma->anon_vma==NULL (BZ#2211658) * Rocky Linux 8.9: IPMI updates and bug fixes (BZ#2211667) * Rocky Linux 8.6 opening console with mkvterm on novalink terminal fails due to drmgr reporting failure (L3:) (BZ#2212373) * Rocky Linux 8.8 - P10 DD2.0: Wrong numa_node is assigned to vpmem device (BZ#2212451) * Rocky Linux 8.8 beta: Occasional stall during initialization of ipmi_msghandler (BZ#2213189) * ESXi Rocky Linux 8: Haswell generation CPU are impacted with performance due to IBRS (BZ#2213366) * xen: fix section mismatch error with xen_callback_vector() and alloc_intr_gate() (BZ#2214281) * jitter: Fix RCT/APT health test during initialization (BZ#2215079) * aacraid misses interrupts when a CPU is disabled resulting in scsi timeouts and the adapter being unusable until reboot. (BZ#2216498) * Hyper-V Rocky Linux 8: Fix VM crash/hang Issues due to fast VF add/remove events (BZ#2216543) * rbd: avoid fast-diff corruption in snapshot-based mirroring [8.9] (BZ#2216769) * Regression of 3b8cc6298724 ("blk-cgroup: Optimize blkcg_rstat_flush()") (BZ#2220810) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896) * kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation (CVE-2023-1281) * kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter (CVE-2023-1829) * kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events (CVE-2023-2235) * kernel: OOB access in the Linux kernel's XFS subsystem (CVE-2023-2124) * kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer() (CVE-2023-2194) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * simultaneous writes to a page on xfs can result in zero-byte data (BZ#2184101) * Rocky Linux 8.4 - kernel: fix __clear_user() inline assembly constraints (BZ#2192602) * LPAR is crashed by Phyp when doing DLPAR CPU operations (BZ#2193375) * ice: ptp4l cpu usage spikes (BZ#2203285) * Kernel - Significant performance drop for getrandom system call when FIPS is enabled (compared to Rocky Linux 8.x for all x < 6.z) (BZ#2208127) * macvlan: backports from upstream (BZ#2209686) * Intel 8.9 BUG VROC: Pull VMD secondary bus reset patch (BZ#2211198) * Incorrect target abort handling causes iscsi deadlock (BZ#2211494) * swap deadlock when attempt to charge a page to a cgroup stalls waiting on I/O plugged on another task in swap code (BZ#2211513) * BUG_ON "kernel BUG at mm/rmap.c:1041!" in __page_set_anon_rmap() when vma->anon_vma==NULL (BZ#2211658) * Rocky Linux 8.9: IPMI updates and bug fixes (BZ#2211667) * Rocky Linux 8.6 opening console with mkvterm on novalink terminal fails due to drmgr reporting failure (L3:) (BZ#2212373) * Rocky Linux 8.8 - P10 DD2.0: Wrong numa_node is assigned to vpmem device (BZ#2212451) * Rocky Linux 8.8 beta: Occasional stall during initialization of ipmi_msghandler (BZ#2213189) * ESXi Rocky Linux 8: Haswell generation CPU are impacted with performance due to IBRS (BZ#2213366) * xen: fix section mismatch error with xen_callback_vector() and alloc_intr_gate() (BZ#2214281) * jitter: Fix RCT/APT health test during initialization (BZ#2215079) * aacraid misses interrupts when a CPU is disabled resulting in scsi timeouts and the adapter being unusable until reboot. (BZ#2216498) * Hyper-V Rocky Linux 8: Fix VM crash/hang Issues due to fast VF add/remove events (BZ#2216543) * rbd: avoid fast-diff corruption in snapshot-based mirroring [8.9] (BZ#2216769) * Regression of 3b8cc6298724 ("blk-cgroup: Optimize blkcg_rstat_flush()") (BZ#2220810) rocky-linux-8-aarch64-powertools-rpms kernel-tools-libs-devel-4.18.0-477.21.1.el8_8.aarch64.rpm 4088b9290a8f62ce47776bdc941d9770c9ec1a9af5c90f656e03a80656c8aaba RLBA-2023:4518 The iscsi-initiator-utils packages provide the server daemon for the Internet Small Computer System Interface (iSCSI) protocol, as well as the utility programs used to manage it. The iSCSI protocol is a protocol for distributed disk access using SCSI commands sent over Internet Protocol (IP) networks. Bug Fix(es): * Patch3 reverts a patch merged upstream (BZ#2215111) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for iscsi-initiator-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The iscsi-initiator-utils packages provide the server daemon for the Internet Small Computer System Interface (iSCSI) protocol, as well as the utility programs used to manage it. The iSCSI protocol is a protocol for distributed disk access using SCSI commands sent over Internet Protocol (IP) networks. Bug Fix(es): * Patch3 reverts a patch merged upstream (BZ#2215111) rocky-linux-8-aarch64-powertools-rpms iscsi-initiator-utils-devel-6.2.1.4-8.git095f59c.el8_8.aarch64.rpm 4185e4f6c56eb43d5bee3c69723030c7fbe956e9a9c295adbf4c33b2d4a2164c RLBA-2023:4521 NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es): * VLAN of bond will not get autoconnect when bond port link revived. (BZ#2217899) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for NetworkManager. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es): * VLAN of bond will not get autoconnect when bond port link revived. (BZ#2217899) rocky-linux-8-aarch64-powertools-rpms NetworkManager-libnm-devel-1.40.16-4.el8_8.aarch64.rpm b099bfc052526614f86950444206f0921cfcbc9734c1d3b784952f8a60f4844f RLBA-2023:4525 The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Bug Fix(es): * [sssd] User lookup on IPA client fails with 's2n get_fqlist request failed'. (BZ#2196838) * SSSD enters failed state after heavy load in the system. (BZ#2219351) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Bug Fix(es): * [sssd] User lookup on IPA client fails with 's2n get_fqlist request failed'. (BZ#2196838) * SSSD enters failed state after heavy load in the system. (BZ#2219351) rocky-linux-8-aarch64-powertools-rpms libsss_nss_idmap-devel-2.8.2-3.el8_8.aarch64.rpm 3374b1ec11e8674b3fcca1e10e39f183c30730c087e99a29e5ca1b5f954a8712 RLBA-2023:4528 The crash packages provide the core analysis suite, which is a self-contained tool that can be used to investigate live systems, as well as kernel core dumps created by the kexec-tools packages or the Rocky Linux kernel. Bug Fix(es): * The crash utility results in segmentation fault when non-panicking CPUs fail to get stopped at panic. (BZ#2213678) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for crash. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The crash packages provide the core analysis suite, which is a self-contained tool that can be used to investigate live systems, as well as kernel core dumps created by the kexec-tools packages or the Rocky Linux kernel. Bug Fix(es): * The crash utility results in segmentation fault when non-panicking CPUs fail to get stopped at panic. (BZ#2213678) rocky-linux-8-aarch64-powertools-rpms crash-devel-7.3.2-4.el8_8.1.aarch64.rpm 221672002de2ea1be362027f8a13be0a5259e6a7884c8eccc93c95d8e5dc98c7 RLBA-2023:4533 Mutter is a compositing window manager that displays and manages desktop through OpenGL. It combines the window-management logic inherited from the Metacity window manager with a display engine that uses the Clutter toolkit. Bug Fix(es): * Barcode scanner result is not shown correctly on gnome-terminal. (BZ#2218521) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for mutter. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mutter is a compositing window manager that displays and manages desktop through OpenGL. It combines the window-management logic inherited from the Metacity window manager with a display engine that uses the Clutter toolkit. Bug Fix(es): * Barcode scanner result is not shown correctly on gnome-terminal. (BZ#2218521) rocky-linux-8-aarch64-powertools-rpms mutter-devel-3.32.2-70.el8_8.aarch64.rpm 21cab5d4b7ec77eb211e1e94c73bbdbee59827e3966c0a40e528b35506483bd2 RLBA-2023:4538 For detailed information on changes in this release, see the Rocky Linux 8.9 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.9 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms java-11-openjdk-demo-fastdebug-11.0.20.0.8-3.el8_8.aarch64.rpm c6a122a1835a2bbf62b836c982a43a4ec8dcac285e829dffeb023920f1d0dd4f java-11-openjdk-demo-slowdebug-11.0.20.0.8-3.el8_8.aarch64.rpm 84c1fbeca45f002ee0d2f4d431fc58e03305a972499a23d1ae8edb3c1d532c24 java-11-openjdk-devel-fastdebug-11.0.20.0.8-3.el8_8.aarch64.rpm 55b89b26bc3010020f81c13c5cbe18df940a23c8fc01d873cf24b6ab3bf75ae8 java-11-openjdk-devel-slowdebug-11.0.20.0.8-3.el8_8.aarch64.rpm d2c72012326af55d9a930dcbb174864192e3f9b38b55a18e629c2de444c4e8e0 java-11-openjdk-fastdebug-11.0.20.0.8-3.el8_8.aarch64.rpm fb90aa2f08312f4e4ab642c508004a993a6d882df67e10f1512525e209952159 java-11-openjdk-headless-fastdebug-11.0.20.0.8-3.el8_8.aarch64.rpm ada82fb8631f641511d8255023a96e93d3feff462546d1f3cb6f86ef3bb10cb9 java-11-openjdk-headless-slowdebug-11.0.20.0.8-3.el8_8.aarch64.rpm 8974cbe8d920baa16d729647974c86932a6073132095694d458b4a16cac461e4 java-11-openjdk-jmods-fastdebug-11.0.20.0.8-3.el8_8.aarch64.rpm 9af3b5caa8ef49b05fcdc5a5f90c8408d84c77a906aee530accfd91f3202b86c java-11-openjdk-jmods-slowdebug-11.0.20.0.8-3.el8_8.aarch64.rpm 27582d8d9926208a6180ca79d070f79c6c051cda12f33cced0b0ae79af8bcf0e java-11-openjdk-slowdebug-11.0.20.0.8-3.el8_8.aarch64.rpm 38c63863b288ddf9072d989ea7e956ab3f87eb2ebbd164f151ed13b7a36cd488 java-11-openjdk-src-fastdebug-11.0.20.0.8-3.el8_8.aarch64.rpm d660d458ba43c39e11db970ee06c5d00d4652883703b61d828ec4b0e67f6f907 java-11-openjdk-src-slowdebug-11.0.20.0.8-3.el8_8.aarch64.rpm 50b5c185da3dd7f2aa9bf8ae621d8e3c76975925752d1e41d9fc7551e1fdc16b java-11-openjdk-static-libs-fastdebug-11.0.20.0.8-3.el8_8.aarch64.rpm 297eff811dfda74f48f35a13536939acd8b4592ef29d0f831257f6504f356bb4 java-11-openjdk-static-libs-slowdebug-11.0.20.0.8-3.el8_8.aarch64.rpm 453721cfbef38dab5f3aca498d90235eceebad170d9962e85ab199a949a28f36 RLSA-2023:4643 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.110 and .NET Runtime 7.0.10. Security Fix(es): * dotnet: RCE under dotnet commands (CVE-2023-35390) * dotnet: Kestrel vulnerability to slow read attacks leading to Denial of Service attack (CVE-2023-38180) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.110 and .NET Runtime 7.0.10. Security Fix(es): * dotnet: RCE under dotnet commands (CVE-2023-35390) * dotnet: Kestrel vulnerability to slow read attacks leading to Denial of Service attack (CVE-2023-38180) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.110-1.el8_8.aarch64.rpm 2950128a0fd8bb144b25ef1d64680542206a42dfc060a1fa39215f33d883321c RLSA-2023:4645 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.121 and .NET Runtime 6.0.21. Security Fix(es): * dotnet: RCE under dotnet commands (CVE-2023-35390) * dotnet: Kestrel vulnerability to slow read attacks leading to Denial of Service attack (CVE-2023-38180) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.121 and .NET Runtime 6.0.21. Security Fix(es): * dotnet: RCE under dotnet commands (CVE-2023-35390) * dotnet: Kestrel vulnerability to slow read attacks leading to Denial of Service attack (CVE-2023-38180) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.121-1.el8_8.aarch64.rpm 6cb8eb00c5556efa5a8c86b9b105dc8330df622f00b4dc600b24b4c2309d4b77 RLSA-2023:5742 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Additional validity checks in the handling of Zip64 files, JDK-8302483, were introduced in the 11.0.20 release of OpenJDK, causing the use of some valid zip files to now fail with an error. This release, 11.0.20.1, allows for zero-length headers and additional padding produced by some Zip64 creation tools. With both releases, the checks can be disabled using -Djdk.util.zip.disableZip64ExtraFieldValidation=true. (RHBZ#2237170) * A maximum signature file size property, jdk.jar.maxSignatureFileSize, was introduced in the 11.0.20 release of OpenJDK by JDK-8300596, with a default of 8 MB. This default proved to be too small for some JAR files. This release, 11.0.20.1, increases it to 16 MB. * The serviceability agent would print an exception when encountering null addresses while producing thread dumps. These null values are now handled appropriately. (JDK-8243210, Rocky Linux-2763) * The /usr/bin/jfr alternative is now owned by the java-11-openjdk package (Rocky Linux-13559) * The jcmd tool is now provided by the java-11-openjdk-headless package, rather than java-11-openjdk-devel, to make it more accessible (Rocky Linux-13566) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Additional validity checks in the handling of Zip64 files, JDK-8302483, were introduced in the 11.0.20 release of OpenJDK, causing the use of some valid zip files to now fail with an error. This release, 11.0.20.1, allows for zero-length headers and additional padding produced by some Zip64 creation tools. With both releases, the checks can be disabled using -Djdk.util.zip.disableZip64ExtraFieldValidation=true. (RHBZ#2237170) * A maximum signature file size property, jdk.jar.maxSignatureFileSize, was introduced in the 11.0.20 release of OpenJDK by JDK-8300596, with a default of 8 MB. This default proved to be too small for some JAR files. This release, 11.0.20.1, increases it to 16 MB. * The serviceability agent would print an exception when encountering null addresses while producing thread dumps. These null values are now handled appropriately. (JDK-8243210, Rocky Linux-2763) * The /usr/bin/jfr alternative is now owned by the java-11-openjdk package (Rocky Linux-13559) * The jcmd tool is now provided by the java-11-openjdk-headless package, rather than java-11-openjdk-devel, to make it more accessible (Rocky Linux-13566) rocky-linux-8-aarch64-powertools-rpms java-11-openjdk-demo-fastdebug-11.0.21.0.9-2.el8_8.aarch64.rpm 54d436990fb4b01f99dca52e9ea81664e1c97464fa1fe272977c135b5bf80680 java-11-openjdk-demo-slowdebug-11.0.21.0.9-2.el8_8.aarch64.rpm 2d13edb20c7bb9c47e50fabb2ce3950d9310223ade1a5604bd115849a961f2a0 java-11-openjdk-devel-fastdebug-11.0.21.0.9-2.el8_8.aarch64.rpm 22abd045ee637e88fb77ea99bfdbc47ff96a35390410fddeb13f158f0796ffb4 java-11-openjdk-devel-slowdebug-11.0.21.0.9-2.el8_8.aarch64.rpm be5555ffc56eb526850afa0dbe093c8cb822f6d283ff9245be25ae7633029c48 java-11-openjdk-fastdebug-11.0.21.0.9-2.el8_8.aarch64.rpm 51dd2da9418b79c609d8872138c62cdbcc27d4bee8545e433519f0024b069c69 java-11-openjdk-headless-fastdebug-11.0.21.0.9-2.el8_8.aarch64.rpm 617332c700026ce003801c7a82909dcafd7a95052e6cca7f418667a46be7df35 java-11-openjdk-headless-slowdebug-11.0.21.0.9-2.el8_8.aarch64.rpm 3455ca6d6ace968d980668699ebfbadea5085a4b53c3290f690737a78fe40b18 java-11-openjdk-jmods-fastdebug-11.0.21.0.9-2.el8_8.aarch64.rpm 025e07d22a1c8922ace3f3fde7a3a545dd52ec551dd5e605e37f7dcc6a054d3f java-11-openjdk-jmods-slowdebug-11.0.21.0.9-2.el8_8.aarch64.rpm aad15e05d64ab5d6b36cf0c50d094c2371886ee888d948fef5defd1289e59345 java-11-openjdk-slowdebug-11.0.21.0.9-2.el8_8.aarch64.rpm fabf238b589bb41aefd8816a4de8bd9c63172ada3e6a185276d5a4e38e0aa009 java-11-openjdk-src-fastdebug-11.0.21.0.9-2.el8_8.aarch64.rpm d446a04d4d2e97f76232beb5e61e8d1abc6e2694fec5a4a7f5766cd6784d136d java-11-openjdk-src-slowdebug-11.0.21.0.9-2.el8_8.aarch64.rpm 3d0cd97402fd6d2bfa87e9139f3044b875daf39090e55c2a2145cdc3e4a02c81 java-11-openjdk-static-libs-fastdebug-11.0.21.0.9-2.el8_8.aarch64.rpm 8003873ebf11a2cccd39bc421619848f5882c3ccf5d47f8c7adcd7905fdd6d0d java-11-openjdk-static-libs-slowdebug-11.0.21.0.9-2.el8_8.aarch64.rpm 18a4d5e639e97b5bc4adf5a327b15939190495aa1f7b8356ed7a0aadf8236f42