AlmaLinux 2325 Published by

The following security updates are available for AlmaLinux:

ALSA-2024:1063 Important: edk2 security update
ALSA-2024:1075 Important: edk2 security update
ALSA-2024:1129 Moderate: curl security update
ALSA-2024:1130 Moderate: openssh security update
ALSA-2024:1131 Moderate: golang security update
ALSA-2024:1134 Important: tomcat security update
ALSA-2024:1139 Low: keylime security update
ALSA-2024:1141 Moderate: mysql security update
ALSA-2024:1142 Moderate: haproxy security update
ALSA-2024:1147 Moderate: rear security update
ALSA-2024:1149 Moderate: skopeo security update
ALSA-2024:1150 Moderate: buildah security update



ALSA-2024:1063 Important: edk2 security update


ID:
ALSA-2024:1063

Title:
ALSA-2024:1063 Important: edk2 security update

Type:
security

Severity:
important

Release date:
2024-03-05

Description
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.
Security Fix(es):
* edk2: Buffer overflow in the DHCPv6 client via a long Server ID option (CVE-2023-45230)
* edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message (CVE-2023-45234)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-45230
CVE-2023-45234
RHSA-2024:1063
ALSA-2024:1063

Updated packages listed below:
Architecture
Package
Checksum
noarch
edk2-ovmf-20220126gitbb1bba3d77-6.el8_9.6.alma.noarch.rpm
081ad0dd894e7a967a7744bb7c24bf7dea044c82ecdda77f204e144be1076775
noarch
edk2-aarch64-20220126gitbb1bba3d77-6.el8_9.6.alma.noarch.rpm
a952db4906227aa5887d603fdb7af7627d51facf90b74d3edc530e2f620f63ee

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

ALSA-2024:1063 Important: edk2 security update


ALSA-2024:1075 Important: edk2 security update


ID:
ALSA-2024:1075

Title:
ALSA-2024:1075 Important: edk2 security update

Type:
security

Severity:
important

Release date:
2024-03-05

Description
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.
Security Fix(es):
* edk2: Buffer overflow in the DHCPv6 client via a long Server ID option (CVE-2023-45230)
* edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message (CVE-2023-45234)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-45230
CVE-2023-45234
RHSA-2024:1075
ALSA-2024:1075

Updated packages listed below:
Architecture
Package
Checksum
aarch64
edk2-tools-20230524-4.el9_3.2.alma.aarch64.rpm
85da1cfd3ac68b41837db5960f6385ef673332aabf8d8ea21f448998b78d1f09
noarch
edk2-ovmf-20230524-4.el9_3.2.alma.noarch.rpm
672357e5f22af5021147da1e6ea2940970361d3219b3256dc24010fdaeeb1424
noarch
edk2-tools-doc-20230524-4.el9_3.2.alma.noarch.rpm
bfcb0f5d6e03f7d8b84272a53664e90bac1a421417262c4e9b2f8eefe207350d
noarch
edk2-aarch64-20230524-4.el9_3.2.alma.noarch.rpm
c344e31df64e7b01343cb0aed155d8145237772f7f844a227dd8eda235c3368c
x86_64
edk2-tools-20230524-4.el9_3.2.alma.x86_64.rpm
632efcbd906141df4d146fb2fbff5e5c68214279a2b1c83514b4376367188692

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

ALSA-2024:1075 Important: edk2 security update


ALSA-2024:1129 Moderate: curl security update


ID:
ALSA-2024:1129

Title:
ALSA-2024:1129 Moderate: curl security update

Type:
security

Severity:
moderate

Release date:
2024-03-06

Description
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
Security Fix(es):
* curl: information disclosure by exploiting a mixed case flaw (CVE-2023-46218)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-46218
RHSA-2024:1129
ALSA-2024:1129

Updated packages listed below:
Architecture
Package
Checksum
aarch64
libcurl-minimal-7.76.1-26.el9_3.3.aarch64.rpm
1a0ac728c1032ac74a6c477ae03f05530a24ec724f7e306437d7e6958dcb8386
aarch64
curl-minimal-7.76.1-26.el9_3.3.aarch64.rpm
2e55762bac9727e4f6b6b9d1c9d31c67a8732464c0575bcd099c6bd5f2fc147f
aarch64
libcurl-devel-7.76.1-26.el9_3.3.aarch64.rpm
4c0b3822391e46650e6b833aaddea6228131e19a7552ac2c0ed1865d09a780d7
aarch64
curl-7.76.1-26.el9_3.3.aarch64.rpm
e3866506e9c67441d966bf07c3393dd869f4ae368f22463b01addd6fba88ffdb
aarch64
libcurl-7.76.1-26.el9_3.3.aarch64.rpm
f2dab683cbc8f3d0576455fb3c37f14b2290472c5d111a4160847ea6eb57ff27
i686
libcurl-devel-7.76.1-26.el9_3.3.i686.rpm
4bee876d1f7c73c35ae696ab04ccea719a0b0fd41452ae35612238406cf61245
i686
libcurl-minimal-7.76.1-26.el9_3.3.i686.rpm
7997a230dfc8a0c3ecc879cc845c075b8bd50d89814f5522b5f37d035ef8901b
i686
libcurl-7.76.1-26.el9_3.3.i686.rpm
f400e2e218b5227773902cf04aeaaa650a5a58a7a46dc2433a6febb9fcb162a8
ppc64le
libcurl-devel-7.76.1-26.el9_3.3.ppc64le.rpm
047d4216028841d022a9b075281156978a343da954827a9d11cce69950534c8f
ppc64le
curl-minimal-7.76.1-26.el9_3.3.ppc64le.rpm
3dd7c18e65293ec8752bf6a1a636c66d8bfd3ff71ec33dd964cc56ea6200198a
ppc64le
curl-7.76.1-26.el9_3.3.ppc64le.rpm
5cd1cf2205c6b4c3d6d333fbc6c644d03e4d793dd4742fc8d751e2188bb70125
ppc64le
libcurl-7.76.1-26.el9_3.3.ppc64le.rpm
70c34dc58034fa7a7f226f50b33c0467a77acabc3b5cbc5279e74bc9b6c2d194
ppc64le
libcurl-minimal-7.76.1-26.el9_3.3.ppc64le.rpm
fd2a9a48c50e38d498ed1b6fa99e2faf93a14ad175c3770a348ba67dd149bc47
s390x
libcurl-minimal-7.76.1-26.el9_3.3.s390x.rpm
17e7bd3941ac9093bc18be8c9603a64dafe2db7755fd4aea6b8707dbce34d574
s390x
libcurl-devel-7.76.1-26.el9_3.3.s390x.rpm
8579ecc8674a64c4c1138308b82d8e481e25f0762c88422e9ecd248c1620717d
s390x
libcurl-7.76.1-26.el9_3.3.s390x.rpm
977b7b901ac502dc4a2d9999c1f96ff3427e694d5a21efd430ed4addef043d90
s390x
curl-7.76.1-26.el9_3.3.s390x.rpm
9f808ae3bd9cc52bfd57a4224ad6b3db3d31b16d5cfe4e1b94d04f1e2f0bbf89
s390x
curl-minimal-7.76.1-26.el9_3.3.s390x.rpm
c98ef2f73cb3f519cbf01763e29f00d16c411b0a22a5be894fdf11e1198eca59
x86_64
libcurl-minimal-7.76.1-26.el9_3.3.x86_64.rpm
9cb6eff0d3828dff3bd99fd6942fa258dbb616d4b82e6f6992f22704f059cd53
x86_64
libcurl-devel-7.76.1-26.el9_3.3.x86_64.rpm
c625ff30c0e96e12bbba2ace7b22a8109a55bfadf717d15a62b9c3892ae65958
x86_64
curl-minimal-7.76.1-26.el9_3.3.x86_64.rpm
c82fc5326e3b1817678854409b551e0caec663d4a5e2e5d749002847e2fcabbb
x86_64
libcurl-7.76.1-26.el9_3.3.x86_64.rpm
db34779e41fccf8e0d51534a7be0c341154570eab383b5d0e3d1d3769828c514
x86_64
curl-7.76.1-26.el9_3.3.x86_64.rpm
f71a8b24a3b3d23f3d6ada279ecfe19c80f56e4ff3313313f1152de38f4fce8d

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

ALSA-2024:1129 Moderate: curl security update


ALSA-2024:1130 Moderate: openssh security update


ID:
ALSA-2024:1130

Title:
ALSA-2024:1130 Moderate: openssh security update

Type:
security

Severity:
moderate

Release date:
2024-03-06

Description
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.
Security Fix(es):
* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
* openssh: potential command injection via shell metacharacters (CVE-2023-51385)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-48795
CVE-2023-51385
RHSA-2024:1130
ALSA-2024:1130

Updated packages listed below:
Architecture
Package
Checksum
aarch64
openssh-clients-8.7p1-34.el9_3.3.aarch64.rpm
076069718b5c93c80dbc6f5a5a398d572d945dd9825bc0ccb36d720b06c1f13f
aarch64
openssh-keycat-8.7p1-34.el9_3.3.aarch64.rpm
10ee845b6e92f46132a062d8ede1e3c5c2430be7d1fec9b292a41d6846bc4f84
aarch64
pam_ssh_agent_auth-0.10.4-5.34.el9_3.3.aarch64.rpm
55a1376202baa545e842723996debfcd5b7018a9e393b2ff554eedcaaefe91dd
aarch64
openssh-server-8.7p1-34.el9_3.3.aarch64.rpm
6b244f5a5c338ba9b61984616a731af293af952fb44ff640330c0b02c2341970
aarch64
openssh-8.7p1-34.el9_3.3.aarch64.rpm
7b502545f5d268457ee7c3485f1b416aa57d2ede3a7041b3d5dd203b2ec25f3e
aarch64
openssh-askpass-8.7p1-34.el9_3.3.aarch64.rpm
d2653072fc31045a264361365bd16c14f1783b79148cc43d914dac92cfafcb9d
ppc64le
pam_ssh_agent_auth-0.10.4-5.34.el9_3.3.ppc64le.rpm
67f5600059d6fddeb731fb3b319b8775385cbd69b01a13d25e0537ef86b685b3
ppc64le
openssh-8.7p1-34.el9_3.3.ppc64le.rpm
902b948e6e0767f19f2ec7ff026089779f0921f819366ca510114515f3b0441e
ppc64le
openssh-server-8.7p1-34.el9_3.3.ppc64le.rpm
9ea482b9b7d677f0f7a4f89ea7358e4885e60d9e9636059adcc32e5b55998727
ppc64le
openssh-askpass-8.7p1-34.el9_3.3.ppc64le.rpm
acc55442e91c9c33ad7cccb42adbccbc7e25e68ca3079e036da01efdb23fe8c3
ppc64le
openssh-keycat-8.7p1-34.el9_3.3.ppc64le.rpm
e46afa348cd158c500081d395af0025268a86292fc64d1c66bf5e627f01c60fd
ppc64le
openssh-clients-8.7p1-34.el9_3.3.ppc64le.rpm
fc51cb3fba2522f239cb981e5f1c36bb2a07d29d53abab02e4a9617cc0be7bbb
s390x
openssh-8.7p1-34.el9_3.3.s390x.rpm
0ef492c5c53fd447caec754270b78cfdb9d0dcba92b8d1de2336e84e0177671a
s390x
openssh-askpass-8.7p1-34.el9_3.3.s390x.rpm
165f7b5fa61b942d2f8978dd713262c9610e630b5d020d68ad447edda35c483a
s390x
openssh-server-8.7p1-34.el9_3.3.s390x.rpm
2506b352b210e6024ea7ee9ca86423d0497503ae8167ee067f75bb6dfaf328c0
s390x
pam_ssh_agent_auth-0.10.4-5.34.el9_3.3.s390x.rpm
2e4b1441df878acba9ab856c0e6c9191c196d88a149bcac7a3156b7fa1fc5d7f
s390x
openssh-clients-8.7p1-34.el9_3.3.s390x.rpm
61cf3050af84030fb51b37cd4f483ff02505e601bf419647f3f20f3f55eda256
s390x
openssh-keycat-8.7p1-34.el9_3.3.s390x.rpm
f486abf0bb67dd970b64c7eb2ba346c2f92ff5a3c1239d88a10a2b974afce107
x86_64
openssh-keycat-8.7p1-34.el9_3.3.x86_64.rpm
2f8eedefb87df5aa5eb3691bf4b1359dfa9b58ebd5c279ede801522fe61c9bd5
x86_64
openssh-8.7p1-34.el9_3.3.x86_64.rpm
611051064151ab8f367d547ddbae77b46ad034b31b8f6e818dfb307c3b143207
x86_64
openssh-clients-8.7p1-34.el9_3.3.x86_64.rpm
71df6f5e24a62425f4d520ed94eb95c21402e586ffd7c064ddc8f04faa5c80ab
x86_64
openssh-askpass-8.7p1-34.el9_3.3.x86_64.rpm
92026b9a2509564cf676048474def6fb1884663eb0c9c0c2cc80c73a075437f6
x86_64
openssh-server-8.7p1-34.el9_3.3.x86_64.rpm
965c4d263a913f3bb8fac33f2ddbfc56243a452ed79962ccb02e95e02a8ed8db
x86_64
pam_ssh_agent_auth-0.10.4-5.34.el9_3.3.x86_64.rpm
f60cab5a98e39135da2e02bc22edadfaab4a38020572c2b0d7fb3711da6924d1

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

ALSA-2024:1130 Moderate: openssh security update


ALSA-2024:1131 Moderate: golang security update


ID:
ALSA-2024:1131

Title:
ALSA-2024:1131 Moderate: golang security update

Type:
security

Severity:
moderate

Release date:
2024-03-06

Description
The golang packages provide the Go programming language compiler.
Security Fix(es):
* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)
* golang: cmd/go: Protocol Fallback when fetching modules (CVE-2023-45285)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-39326
CVE-2023-45285
RHSA-2024:1131
ALSA-2024:1131

Updated packages listed below:
Architecture
Package
Checksum
aarch64
golang-bin-1.20.12-1.el9_3.aarch64.rpm
89cd46ff0bef63d1664f42e10a3c55826aff38f5fc16ee16374eefe96c267289
aarch64
go-toolset-1.20.12-1.el9_3.aarch64.rpm
9c22a546d4ce5b11ecdbf920b0c89931440e515d92115934689c8bc2fd5abfbf
aarch64
golang-1.20.12-1.el9_3.aarch64.rpm
cef342ca2e024ce75c0f6e57fd0e4412f57fc10f15116242698083612b50c80f
noarch
golang-misc-1.20.12-1.el9_3.noarch.rpm
18b5741c98702dceb2fbbe32d91ef09c212b01349c7294b51dd43633854553ab
noarch
golang-docs-1.20.12-1.el9_3.noarch.rpm
1d75032b3ba6c05155bb06eee5c1c243ef875c089d2463e917e98d6c73183614
noarch
golang-src-1.20.12-1.el9_3.noarch.rpm
a2e7b607d02fe97390525c4e2a232778d3440d36d22a0d1fca8390e5dd5bbf57
noarch
golang-tests-1.20.12-1.el9_3.noarch.rpm
adc11fe27a3a4f8626366ad43720f29f0349ab0c3b187743c0ce8a4d6b70dd7e
ppc64le
go-toolset-1.20.12-1.el9_3.ppc64le.rpm
051cae326047307675347a9fce4a1d6491efd542ceec25138c1b1891d5507074
ppc64le
golang-bin-1.20.12-1.el9_3.ppc64le.rpm
53468c4a5c25ed79de9dc5f5b1908a1e1619594b1b3dcb32188319f7a81b7b69
ppc64le
golang-1.20.12-1.el9_3.ppc64le.rpm
68a453ff64a11cacedcc0218546bf61d0264774b246ec7e66179641adae7847f
s390x
golang-bin-1.20.12-1.el9_3.s390x.rpm
87e595f0cbb17a5d9ea14e1a8c45b4a059fe4f50d9065e4525168ef99db9bff9
s390x
go-toolset-1.20.12-1.el9_3.s390x.rpm
88400e8672bdcc18e1b368974114ef535a9f53d6e99c724d90ce4d242a9d02bf
s390x
golang-1.20.12-1.el9_3.s390x.rpm
f084089e6ba850ffc2c1994ba5c535d31abaa6db369e0376fa659cb6a9bdbc34
x86_64
go-toolset-1.20.12-1.el9_3.x86_64.rpm
be9495e46fb98bb7f584deb54587de844107ae2bb7b749642011368044945db5
x86_64
golang-bin-1.20.12-1.el9_3.x86_64.rpm
c4c9c6e4c8d75fcab68cf80386fecfb45f6a44dd32620b7c25d922415b7d364b
x86_64
golang-1.20.12-1.el9_3.x86_64.rpm
ccbdf287b04faa25d855dd8c737cb8bb1e9ef311f4624f5df0be42c2e3bce05d

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

ALSA-2024:1131 Moderate: golang security update


ALSA-2024:1134 Important: tomcat security update


ID:
ALSA-2024:1134

Title:
ALSA-2024:1134 Important: tomcat security update

Type:
security

Severity:
important

Release date:
2024-03-07

Description
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* tomcat: HTTP request smuggling via malformed trailer headers (CVE-2023-46589)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-46589
RHSA-2024:1134
ALSA-2024:1134

Updated packages listed below:
Architecture
Package
Checksum
noarch
tomcat-servlet-4.0-api-9.0.62-37.el9_3.2.noarch.rpm
0164c92d3cf4769a215e18fec3fa4b459c82c6e6e52871e59c4a579b28eea94e
noarch
tomcat-admin-webapps-9.0.62-37.el9_3.2.noarch.rpm
069c57fa81e2858166dca96c08e1c93f1259f11a411ad7cbfa82440d6375830a
noarch
tomcat-docs-webapp-9.0.62-37.el9_3.2.noarch.rpm
76e70ae7ed64ac414de842c8dc61854879a92aa326155aea740a3edf0c4357a3
noarch
tomcat-webapps-9.0.62-37.el9_3.2.noarch.rpm
7789ab9419a6025cb459178543673fb5c992ce228b8b48240518be740909b1d5
noarch
tomcat-jsp-2.3-api-9.0.62-37.el9_3.2.noarch.rpm
a744337038859ecd3f416462a7170a174807534c8b7f4d4c86467990ae256edf
noarch
tomcat-lib-9.0.62-37.el9_3.2.noarch.rpm
b21f1a2fd0eaa58172ab691b12f90e7d6c42fa0988ccb63007e4e0a2ba6c8d6c
noarch
tomcat-el-3.0-api-9.0.62-37.el9_3.2.noarch.rpm
c77cf32cc2001aa81bf17b88076d291e28e4af6ac43dbf41e9fc28465906dba7
noarch
tomcat-9.0.62-37.el9_3.2.noarch.rpm
e7f160a9ff4aca2f762025d1c74fbe968415c9b8bd4f0ccdc206e148c89b895d

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

ALSA-2024:1134 Important: tomcat security update


ALSA-2024:1139 Low: keylime security update


ID:
ALSA-2024:1139

Title:
ALSA-2024:1139 Low: keylime security update

Type:
security

Severity:
low

Release date:
2024-03-06

Description
Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution.
Security Fix(es):
* keylime: Attestation failure when the quote's signature does not validate (CVE-2023-3674)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-3674
RHSA-2024:1139
ALSA-2024:1139

Updated packages listed below:
Architecture
Package
Checksum
aarch64
keylime-registrar-7.3.0-13.el9_3.aarch64.rpm
26831a2ba9e0e978da86a168426e3c78cc589b7e6b94f281578f4487445aa2ea
aarch64
keylime-tenant-7.3.0-13.el9_3.aarch64.rpm
5d860f77ab7591f206d2c1c94f5bcc521073dc69d3e830d66dc6f3e44a7c0485
aarch64
python3-keylime-7.3.0-13.el9_3.aarch64.rpm
601ab8a0fdb64092fd81885d6a2716294b85520dad38607925a62fe58fc10d6d
aarch64
keylime-7.3.0-13.el9_3.aarch64.rpm
648d7a0bdd42656c6e8719d9c686183639cbf4781d05c13be146e00c42caf036
aarch64
keylime-verifier-7.3.0-13.el9_3.aarch64.rpm
83abfe20f008e3757b87d5354e9bcb3dedbf7961ebd8ab66d9281bb66d7e8eb5
aarch64
keylime-base-7.3.0-13.el9_3.aarch64.rpm
e49fb4d54e5a7139040458c988a58f94563f8a6c2c7b466f0354664be3a2bf80
noarch
keylime-selinux-7.3.0-13.el9_3.noarch.rpm
6fa1d17da5ef5e543bc7f876d5a207d4b9fc577d0190f6f5db1a8d9b917a7342
ppc64le
keylime-base-7.3.0-13.el9_3.ppc64le.rpm
0f6caa0940104d7e515c632309da6a006873da11ea1d38a4eed5ee3e372262af
ppc64le
keylime-registrar-7.3.0-13.el9_3.ppc64le.rpm
1026bb3bdef40aa04a22bee2c9c6ced76abf94aa16ac6281ee353d61cfc498c8
ppc64le
python3-keylime-7.3.0-13.el9_3.ppc64le.rpm
2bf1af2318293c8c11a715bff678921c8c78f5edd3b5205df2994116247268f9
ppc64le
keylime-7.3.0-13.el9_3.ppc64le.rpm
473601cfd26a3576ac70e5df735d792e5d2530471b15481db5e391e746e39471
ppc64le
keylime-tenant-7.3.0-13.el9_3.ppc64le.rpm
8a8d3f44c7317412ef03deabfc055e6e7f626afca51a0bdb2360a3969de08dfb
ppc64le
keylime-verifier-7.3.0-13.el9_3.ppc64le.rpm
b1e61116bbf922881d90faaea3252a2076792f621d12c7f1781b8d77c1ef602f
s390x
python3-keylime-7.3.0-13.el9_3.s390x.rpm
0fd943b473b99c9a02e8b52f43120e8199eed0d67b8d2fa17893d019714d1f75
s390x
keylime-base-7.3.0-13.el9_3.s390x.rpm
79fdf524f98bc88d8ef118e8b7c2378d01856adcf436f796f8dae92178098fab
s390x
keylime-registrar-7.3.0-13.el9_3.s390x.rpm
7af99c953f32ea35eae31eef1fc5c27b46a120a319da9deedcb621716b170677
s390x
keylime-verifier-7.3.0-13.el9_3.s390x.rpm
a256e0d1efd7a7c8c3795db6975aeb4e95529c5a77b2d6fb505811260f7a82dd
s390x
keylime-tenant-7.3.0-13.el9_3.s390x.rpm
aa77405fa3b68fc345a4682fb1a3979372f84ec2ab1b0a33288abeac657b2c0c
s390x
keylime-7.3.0-13.el9_3.s390x.rpm
d1cd7e9d78e0cad9cd4efff29fa4a89d87fce9a8864ed3d91933a5ff6dc111b2
x86_64
keylime-registrar-7.3.0-13.el9_3.x86_64.rpm
0a636443047a68a7f47c81e025329e8e433915839b7808a425497d1c9404eeec
x86_64
keylime-verifier-7.3.0-13.el9_3.x86_64.rpm
0b61e3a822660b34f60fc9127afce90b42623a953543e3d62cc4f80263e87114
x86_64
python3-keylime-7.3.0-13.el9_3.x86_64.rpm
150088420d606c544d80280acccbf7afd6e3c0f8cc27f803d16adb83a6af010a
x86_64
keylime-7.3.0-13.el9_3.x86_64.rpm
4333042bc5e2e71c9da7873af3cfa1903aff8fea06acd0748562834d8d832ae5
x86_64
keylime-base-7.3.0-13.el9_3.x86_64.rpm
57c49f1ed876ae05b24cec5701888a201f805ba9cbc59069a2579e8667553bdc
x86_64
keylime-tenant-7.3.0-13.el9_3.x86_64.rpm
d5463035d1a291ebc4a50a13e0f3aadbb21dc6ad76db8ae2a1453a5e40699d48

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

ALSA-2024:1139 Low: keylime security update


ALSA-2024:1141 Moderate: mysql security update


ID:
ALSA-2024:1141

Title:
ALSA-2024:1141 Moderate: mysql security update

Type:
security

Severity:
moderate

Release date:
2024-03-07

Description
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.
Security Fix(es):
* mysql: InnoDB unspecified vulnerability (CPU Apr 2023) (CVE-2023-21911)
* mysql: Server: DDL unspecified vulnerability (CPU Apr 2023) (CVE-2023-21919, CVE-2023-21929, CVE-2023-21933)
* mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023) (CVE-2023-21920, CVE-2023-21935, CVE-2023-21945, CVE-2023-21946, CVE-2023-21976, CVE-2023-21977, CVE-2023-21982)
* mysql: Server: Components Services unspecified vulnerability (CPU Apr 2023) (CVE-2023-21940, CVE-2023-21947, CVE-2023-21962)
* mysql: Server: Partition unspecified vulnerability (CPU Apr 2023) (CVE-2023-21953)
* mysql: Server: Partition unspecified vulnerability (CPU Apr 2023) (CVE-2023-21955)
* mysql: Server: JSON unspecified vulnerability (CPU Apr 2023) (CVE-2023-21966)
* mysql: Server: DML unspecified vulnerability (CPU Apr 2023) (CVE-2023-21972)
* mysql: Client programs unspecified vulnerability (CPU Apr 2023) (CVE-2023-21980)
* mysql: Server: Replication unspecified vulnerability (CPU Jul 2023) (CVE-2023-22005, CVE-2023-22007, CVE-2023-22057)
* mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22008)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023) (CVE-2023-22032, CVE-2023-22059, CVE-2023-22064, CVE-2023-22065, CVE-2023-22070, CVE-2023-22078, CVE-2023-22079, CVE-2023-22092, CVE-2023-22103, CVE-2023-22110, CVE-2023-22112)
* mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22033)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2023) (CVE-2023-22046)
* mysql: Client programs unspecified vulnerability (CPU Jul 2023) (CVE-2023-22053, CVE-2023-22054, CVE-2023-22056)
* mysql: Server: DDL unspecified vulnerability (CPU Jul 2023) (CVE-2023-22058)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2023) (CVE-2023-22066, CVE-2023-22068, CVE-2023-22084, CVE-2023-22097, CVE-2023-22104, CVE-2023-22114)
* mysql: Server: UDF unspecified vulnerability (CPU Oct 2023) (CVE-2023-22111)
* mysql: Server: DML unspecified vulnerability (CPU Oct 2023) (CVE-2023-22115)
* mysql: Server: RAPID unspecified vulnerability (CPU Jan 2024) (CVE-2024-20960)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024) (CVE-2024-20961, CVE-2024-20962, CVE-2024-20965, CVE-2024-20966, CVE-2024-2097, CVE-2024-20971, CVE-2024-20972, CVE-2024-20973, CVE-2024-20974, CVE-2024-20976, CVE-2024-20977, CVE-2024-20978, CVE-2024-20982)
* mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2024) (CVE-2024-20963)
* mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2024) (CVE-2024-20964)
* mysql: Server: Replication unspecified vulnerability (CPU Jan 2024) (CVE-2024-20967)
* mysql: Server: Options unspecified vulnerability (CPU Jan 2024) (CVE-2024-20968)
* mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20969)
* mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20981)
* mysql: Server: DML unspecified vulnerability (CPU Jan 2024) (CVE-2024-20983)
* mysql: Server : Security : Firewall unspecified vulnerability (CPU Jan 2024) (CVE-2024-20984)
* mysql: Server: UDF unspecified vulnerability (CPU Jan 2024) (CVE-2024-20985)
* zstd: mysql: buffer overrun in util.c (CVE-2022-4899)
* mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2023) (CVE-2023-22038)
* mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2023) (CVE-2023-22048)
* mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2023) (CVE-2023-22113)
Bug Fix(es):
* Fix for MySQL bug #33630199 in 8.0.32 introduces regression when --set-gtid-purged=OFF (AlmaLinux-22454)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2022-4899
CVE-2023-21911
CVE-2023-21919
CVE-2023-21920
CVE-2023-21929
CVE-2023-21933
CVE-2023-21935
CVE-2023-21940
CVE-2023-21945
CVE-2023-21946
CVE-2023-21947
CVE-2023-21953
CVE-2023-21955
CVE-2023-21962
CVE-2023-21966
CVE-2023-21972
CVE-2023-21976
CVE-2023-21977
CVE-2023-21980
CVE-2023-21982
CVE-2023-22005
CVE-2023-22007
CVE-2023-22008
CVE-2023-22032
CVE-2023-22033
CVE-2023-22038
CVE-2023-22046
CVE-2023-22048
CVE-2023-22053
CVE-2023-22054
CVE-2023-22056
CVE-2023-22057
CVE-2023-22058
CVE-2023-22059
CVE-2023-22064
CVE-2023-22065
CVE-2023-22066
CVE-2023-22068
CVE-2023-22070
CVE-2023-22078
CVE-2023-22079
CVE-2023-22084
CVE-2023-22092
CVE-2023-22097
CVE-2023-22103
CVE-2023-22104
CVE-2023-22110
CVE-2023-22111
CVE-2023-22112
CVE-2023-22113
CVE-2023-22114
CVE-2023-22115
CVE-2024-20960
CVE-2024-20961
CVE-2024-20962
CVE-2024-20963
CVE-2024-20964
CVE-2024-20965
CVE-2024-20966
CVE-2024-20967
CVE-2024-20968
CVE-2024-20969
CVE-2024-20970
CVE-2024-20971
CVE-2024-20972
CVE-2024-20973
CVE-2024-20974
CVE-2024-20976
CVE-2024-20977
CVE-2024-20978
CVE-2024-20981
CVE-2024-20982
CVE-2024-20983
CVE-2024-20984
CVE-2024-20985
RHSA-2024:1141
ALSA-2024:1141

Updated packages listed below:
Architecture
Package
Checksum
aarch64
mysql-devel-8.0.36-1.el9_3.aarch64.rpm
2b6911fb740fb23a0eaad63e5952b39dee0a278b5f8eeafff5083b2a30fb5c90
aarch64
mysql-common-8.0.36-1.el9_3.aarch64.rpm
300c667e8b36375e3f5d8091770aa614082260894d36b8bd3db2399f57a26289
aarch64
mysql-test-8.0.36-1.el9_3.aarch64.rpm
b4bf63dbb0c1e4112fabd9341bca4d4d403630b2033d823af90b068314770356
aarch64
mysql-libs-8.0.36-1.el9_3.aarch64.rpm
bbbdca618b5c58e25626a29213032a9d2edb8fab2cb4f683740dd306ae3b967b
aarch64
mysql-errmsg-8.0.36-1.el9_3.aarch64.rpm
ef6a5a390ac2744f4feb6255f31ad0f7859b534f8bc18d5191b8fe918747b628
aarch64
mysql-8.0.36-1.el9_3.aarch64.rpm
f0209dd5221ac93ae0e108c00d3658919f0030c820c3730cad4caa9655de69e0
aarch64
mysql-server-8.0.36-1.el9_3.aarch64.rpm
f93628aaa2118e1bbed91237bf5f2c3e25e7d6a73d6acebd487ed4f629bf0142
ppc64le
mysql-common-8.0.36-1.el9_3.ppc64le.rpm
13f010eea6f4d37c89f30159ccf37f1fa66b1a041a30f90c93db236411bc7298
ppc64le
mysql-test-8.0.36-1.el9_3.ppc64le.rpm
1e8a20e634e5686fad24e4fa8142fb2c7946f988316eb507381059c37c1f76df
ppc64le
mysql-8.0.36-1.el9_3.ppc64le.rpm
92d1ae047a84a051981cbc5c610e43a175aa09154f81f1a3811252368e673d59
ppc64le
mysql-server-8.0.36-1.el9_3.ppc64le.rpm
9fdd7aeae4f4ebd420e24ad2338185ae52835c44aa14a4e50f462543af3a62ea
ppc64le
mysql-errmsg-8.0.36-1.el9_3.ppc64le.rpm
b754dac0bff9e4164e65193e4f3d55d1521ee27b14e5b569c3478ea94f6fa1cd
ppc64le
mysql-libs-8.0.36-1.el9_3.ppc64le.rpm
c1d38ae98657073b1dd477b21097378b62f714c97b3c3e431a7bdd4dd5a16c5d
ppc64le
mysql-devel-8.0.36-1.el9_3.ppc64le.rpm
f5491231e1cf10a9fd2f64a6867b41f1bd71d7830aa4393e0e9f219f0e6db716
s390x
mysql-server-8.0.36-1.el9_3.s390x.rpm
4ec390734148118ac4fbe60ad76a1c1c9310b43167e13b1ed428ecafdc5f31ef
s390x
mysql-8.0.36-1.el9_3.s390x.rpm
b91119edbee9832449e2a28e1770d7745ed98900f8af17dc48206465e09b2ef9
s390x
mysql-test-8.0.36-1.el9_3.s390x.rpm
d71878bfb56621aec3d33d39d61422e44a1425d9cd67c991be96afe2fd1449fe
s390x
mysql-devel-8.0.36-1.el9_3.s390x.rpm
de69222d31f8028a3b11be14bf9c4ae23c74097bbad394faa7716d2960ada8e3
s390x
mysql-common-8.0.36-1.el9_3.s390x.rpm
e72f9ab3320b9cba34888104ea7c87ded1bb7b5d2df9bff214dbf1ff6b6481a2
s390x
mysql-errmsg-8.0.36-1.el9_3.s390x.rpm
ed0515c2c91cf651c662a0a2c5b3f5f6ddcdfc26c88e90edc466cac3aa5db813
s390x
mysql-libs-8.0.36-1.el9_3.s390x.rpm
f5bd37517b6b9b9b46d84bb8c910769c8ed2c968b098b65a6d8eb08e3f3cce7d
x86_64
mysql-errmsg-8.0.36-1.el9_3.x86_64.rpm
0c62ced831a240b8ac4ed0574490bc4e6d5b2fd29b605aea56100fba815b55bd
x86_64
mysql-8.0.36-1.el9_3.x86_64.rpm
166321bb48670a3942b268e28136082b24fa341681644e60c3561ca4d0bc7ab9
x86_64
mysql-server-8.0.36-1.el9_3.x86_64.rpm
4a5e3fcc1af80651f2f4dc38dbcff79a8576a034b5470b9aeba6c10cba3dc85c
x86_64
mysql-test-8.0.36-1.el9_3.x86_64.rpm
53da53582b7fbb504f9a312efadadee7f3fcb972193a208d696f8ac3273ac396
x86_64
mysql-common-8.0.36-1.el9_3.x86_64.rpm
6ea43d2a89f425135439cee6edeebdc2e1d7df9b41ab7354e8a04ba60d1aee73
x86_64
mysql-devel-8.0.36-1.el9_3.x86_64.rpm
cf0d9c06e61c43e038372e20e6e9bcbc9e79e2a45ed7d92eefbb82e39ec19a3c
x86_64
mysql-libs-8.0.36-1.el9_3.x86_64.rpm
e72fb5f6f03b1e41c4da2370d0e499c66e8d7f5646474403f56bdeb800736b17

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

ALSA-2024:1141 Moderate: mysql security update


ALSA-2024:1142 Moderate: haproxy security update


ID:
ALSA-2024:1142

Title:
ALSA-2024:1142 Moderate: haproxy security update

Type:
security

Severity:
moderate

Release date:
2024-03-06

Description
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.
Security Fix(es):
* haproxy: Proxy forwards malformed empty Content-Length headers (CVE-2023-40225)
* haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers (CVE-2023-45539)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-40225
CVE-2023-45539
RHSA-2024:1142
ALSA-2024:1142

Updated packages listed below:
Architecture
Package
Checksum
aarch64
haproxy-2.4.22-3.el9_3.aarch64.rpm
5f16e8f4c2283534901023230a98fd38ea56c9170a74d8a30a678a046646acdd
ppc64le
haproxy-2.4.22-3.el9_3.ppc64le.rpm
7fda9008464b763d95e6d4354f765b3db6d7ccabd96b62e54758ee785ddd8eab
s390x
haproxy-2.4.22-3.el9_3.s390x.rpm
a1ada0a47fb6161557040e4eeb4aef03c4a68b439e86967fd81fc2b32674a2a1
x86_64
haproxy-2.4.22-3.el9_3.x86_64.rpm
e6950760c647e83fe460a7bae2964ee3d1277fabe38124d4001df9a261315a75

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

ALSA-2024:1142 Moderate: haproxy security update



ALSA-2024:1147 Moderate: rear security update


ID:
ALSA-2024:1147

Title:
ALSA-2024:1147 Moderate: rear security update

Type:
security

Severity:
moderate

Release date:
2024-03-06

Description
Relax-and-Recover is a recovery and system migration utility. The utility produces a bootable image and restores from backup using this image. It allows to restore to different hardware and can therefore be also used as a migration utility.
Security Fix(es):
* rear: creates a world-readable initrd (CVE-2024-23301)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2024-23301
RHSA-2024:1147
ALSA-2024:1147

Updated packages listed below:
Architecture
Package
Checksum
ppc64le
rear-2.6-21.el9_3.alma.ppc64le.rpm
e0223a62b7a3d3225b2bb7af1f03988ff522ffd1ba17dae1f307e4fe25b096ed
s390x
rear-2.6-21.el9_3.alma.s390x.rpm
acd907876565bb2bfbc3d6c5b80ba5b3adad6caf7440f5986c2c17c77b3e97ea
x86_64
rear-2.6-21.el9_3.alma.x86_64.rpm
f47e4cf047aa546afddf48cdca2bac52a18c841e406ac4e61297e6ee2ba02d74

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

ALSA-2024:1147 Moderate: rear security update


ALSA-2024:1149 Moderate: skopeo security update


ID:
ALSA-2024:1149

Title:
ALSA-2024:1149 Moderate: skopeo security update

Type:
security

Severity:
moderate

Release date:
2024-03-06

Description
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.
Security Fix(es):
* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-39326
RHSA-2024:1149
ALSA-2024:1149

Updated packages listed below:
Architecture
Package
Checksum
aarch64
skopeo-tests-1.13.3-4.el9_3.aarch64.rpm
80627c7d4b25090b90059d6f331dacda3db2e166410fc8aaf2d78a43ff26c71c
aarch64
skopeo-1.13.3-4.el9_3.aarch64.rpm
90be214757fb28f5aaff34ae297d8ca1b7aadef787376682bf771c0908ad02c8
ppc64le
skopeo-tests-1.13.3-4.el9_3.ppc64le.rpm
3c8904229bf77855cc0533cc938e689645fe1700155a40677c90e763167d4702
ppc64le
skopeo-1.13.3-4.el9_3.ppc64le.rpm
cea4f7efbf28aab417a6e1d3a6da39620a511a301ed5b92b34af06a7558d5d33
s390x
skopeo-tests-1.13.3-4.el9_3.s390x.rpm
4e26b53e77bb493a98fe06e9defea9916ab33a0958de2838508843153e7d702c
s390x
skopeo-1.13.3-4.el9_3.s390x.rpm
61bca8ee309412f72b0749740c511929fff57a80d46ecdb3d4fdebd6869af19c
x86_64
skopeo-tests-1.13.3-4.el9_3.x86_64.rpm
115b493eafd5e45d8df948202c266881924fd18a6ee254e0b4dfd3f11b3b5c66
x86_64
skopeo-1.13.3-4.el9_3.x86_64.rpm
79f4012fe750ec8a96c5bc1006f53c744533e77dc887a65558666e8404dfb968

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

ALSA-2024:1149 Moderate: skopeo security update


ALSA-2024:1150 Moderate: buildah security update


ID:
ALSA-2024:1150

Title:
ALSA-2024:1150 Moderate: buildah security update

Type:
security

Severity:
moderate

Release date:
2024-03-06

Description
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.
Security Fix(es):
* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-48795
RHSA-2024:1150
ALSA-2024:1150

Updated packages listed below:
Architecture
Package
Checksum
aarch64
buildah-1.31.4-1.el9_3.aarch64.rpm
74aac642565474dc67f8a26a74eb8c1a3d49885e9ce60a8d01e3fd646ab7e946
aarch64
buildah-tests-1.31.4-1.el9_3.aarch64.rpm
c78be9cae213d48238a96fd97cb9ceccd143630176d1d83c8dcae0151379c0cb
ppc64le
buildah-tests-1.31.4-1.el9_3.ppc64le.rpm
709976884489a1af6fee96fa00e87cf3a1be2a830878cf22b8a63b08fd1f90e4
ppc64le
buildah-1.31.4-1.el9_3.ppc64le.rpm
af724a24118dafa7591b2a6d00807b916d36e4cc9eb2e35655c6ed14f948de4c
s390x
buildah-tests-1.31.4-1.el9_3.s390x.rpm
daf1fd6c65e2993badc41e8479bf4651a1ecf9d4941e3b69f88fb64cc5949a3b
s390x
buildah-1.31.4-1.el9_3.s390x.rpm
fcdf0cc3333a471a26bce6ab82d0d05d98675d33ed544e43b16943adea52534a
x86_64
buildah-1.31.4-1.el9_3.x86_64.rpm
8138e37ba2df0ddd806fe258d88f21e64430c45ef95ba28032c6a5f46cc79802
x86_64
buildah-tests-1.31.4-1.el9_3.x86_64.rpm
e8ee9e8adb796098a356d4399ec21f6d4fb80de552b3012aefcad06ff973912c

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

ALSA-2024:1150 Moderate: buildah security update