AlmaLinux 2318 Published by

The following security updates are available for AlmaLinux 8:

ALSA-2024:0861 Important: gimp:2.8 security update
ALSA-2024:0887 Moderate: go-toolset:rhel8 security update
ALSA-2024:0888 Low: edk2 security update
ALSA-2024:0889 Moderate: oniguruma security update
ALSA-2024:0893 Important: python-pillow security update
ALSA-2024:0897 Important: kernel security update




ALSA-2024:0861 Important: gimp:2.8 security update


ID:
ALSA-2024:0861

Title:
ALSA-2024:0861 Important: gimp:2.8 security update

Type:
security

Severity:
important

Release date:
2024-02-22

Description
The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.
Security Fix(es):
* gimp: PSD buffer overflow RCE (CVE-2023-44442)
* gimp: psp off-by-one RCE (CVE-2023-44444)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-44442
CVE-2023-44444
RHSA-2024:0861
ALSA-2024:0861

Updated packages listed below:
Architecture
Package
Checksum
aarch64
gimp-libs-2.8.22-25.module_el8.9.0+3725+d1441900.aarch64.rpm
27be297b328005b5d8fabf91c2e98fc4bbebe293673f29fb0b0f9f315e848c2b
aarch64
pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.aarch64.rpm
3b2ffb23dc24e83e10c83f4ccc075cc103fd56a2764b58524a1935394872ac76
aarch64
gimp-devel-2.8.22-25.module_el8.9.0+3725+d1441900.aarch64.rpm
3b64208e03419244d826c738300055d9bb6ee06fcdd79c50d671ded6e0de2a38
aarch64
pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.aarch64.rpm
540e9dde16c8fa7c18f9542b838001305955750fe85125fcd97ba750289b5cb0
aarch64
Packages/pygobject2-devel-2.28.7-4.module_el8.4.0+2208+3d7d61b2.aarch64.rpm
5e986426d3a4104a450d3b858a816119fad7b25cc9c71070e582dab2a31222dc
aarch64
gimp-devel-tools-2.8.22-25.module_el8.9.0+3725+d1441900.aarch64.rpm
655f7be8ade94d84e27e30db06f914c74def707efc716c33c0fcbb167dd2836c
aarch64
pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.aarch64.rpm
6ef991da497a0c4d97d896c8f26b8eace58ac5c5a2ca40c2f000ee3a0b016851
aarch64
Packages/python2-cairo-1.16.3-6.module_el8.4.0+2208+3d7d61b2.aarch64.rpm
b5051773dc2f78bcbbc573b811807f7952df80eb5c231bbda48a0f683ab1f6bd
aarch64
gimp-2.8.22-25.module_el8.9.0+3725+d1441900.aarch64.rpm
c997ca7aa40b6aff7c933a4dc621c552ae432f47ce07107220e2711e91d46fdb
aarch64
Packages/python2-cairo-devel-1.16.3-6.module_el8.4.0+2208+3d7d61b2.aarch64.rpm
e67a739f11d56e8e5146fb4964a171eab10bff1c5e6f23ac2f2c13b359b7f783
aarch64
Packages/pygobject2-codegen-2.28.7-4.module_el8.4.0+2208+3d7d61b2.aarch64.rpm
f1804244663952ea4979a66e098026ab734b5b75e50079d721037c5ef06c8677
aarch64
Packages/pygobject2-2.28.7-4.module_el8.4.0+2208+3d7d61b2.aarch64.rpm
f2a7d7585b290f590a5e3604175da97e93816756b481c6507cc28fb935b03bc2
aarch64
Packages/pygobject2-doc-2.28.7-4.module_el8.4.0+2208+3d7d61b2.aarch64.rpm
fbd0e5b3c423d6a6301a6af57901e34d095615f5e8217379fe86966e636cb40b
noarch
pygtk2-doc-2.24.0-25.module_el8.9.0+3725+d1441900.noarch.rpm
bec32577bca5233d67a34af1ef0ae0d1ca15f8896607b22d94cc18d8d4c93d70
ppc64le
gimp-2.8.22-25.module_el8.9.0+3725+d1441900.ppc64le.rpm
30f2426fb258248e8c90312d21cbb46e62c585e24b6ac59ae19fedff97b0766a
ppc64le
Packages/pygobject2-doc-2.28.7-4.module_el8.5.0+17+826458aa.ppc64le.rpm
355e3ee681fce9aa4abe95f1e4ab5c3d12e9e3986d0dd7aaa8c41b18ad10ae4f
ppc64le
pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.ppc64le.rpm
400bfe9b8ecc094297226eeab20bf88f02344beb51ec20496ddd8cfe6d138b0e
ppc64le
Packages/pygobject2-codegen-2.28.7-4.module_el8.5.0+17+826458aa.ppc64le.rpm
4158c2318eb9d1bc32eb31e12c77bac46f3f5846d083a5032735f993613db944
ppc64le
Packages/python2-cairo-1.16.3-6.module_el8.5.0+17+826458aa.ppc64le.rpm
447876d5562aef72520d125b35cd7d80c3099c53a11eb21c47c39633c354c762
ppc64le
pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.ppc64le.rpm
50de78cdd9a7eb9d765416ef8b6025d0212b9f400834b8309ebacedc54f59186
ppc64le
Packages/pygobject2-devel-2.28.7-4.module_el8.5.0+17+826458aa.ppc64le.rpm
653bacae37c9ccd43c31639f30f2bc46fa3b5cffc218fb3bff5f972c8354b6cf
ppc64le
pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.ppc64le.rpm
6ffbf1d5a9ac7e89910005c28ad62626a281d20ff5b3c2b7d192e996eaedff85
ppc64le
Packages/python2-cairo-devel-1.16.3-6.module_el8.5.0+17+826458aa.ppc64le.rpm
82c517441baa8376ecfaa7443a4641b26e67393b58dbee4332bf2abada0f7cfa
ppc64le
gimp-devel-2.8.22-25.module_el8.9.0+3725+d1441900.ppc64le.rpm
8ebfeb2f886a9b06a86a81712495ea1e0c1750c4828ab1c36ac33ff3db4514d2
ppc64le
gimp-libs-2.8.22-25.module_el8.9.0+3725+d1441900.ppc64le.rpm
a4bf05d4b373f6311634433f41e49a3d82177ce8b9b2b6595a5874bf427a4c51
ppc64le
Packages/pygobject2-2.28.7-4.module_el8.5.0+17+826458aa.ppc64le.rpm
a80810250f2ad22f4736ffcc09953937697e27c6e01c98b854de6589b61f8b04
ppc64le
gimp-devel-tools-2.8.22-25.module_el8.9.0+3725+d1441900.ppc64le.rpm
e0ebad1c4d8365333c25c89613e17505529bd5f5dff54271a67372da5db6c38a
s390x
pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.s390x.rpm
42ea8b58abfff83cebc7a09a7f6f264b168a95782decbb03b4fcfef37fd7c062
s390x
pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.s390x.rpm
43c790ef899908821a64cfad4af33097d1a9d9351a75d63d45e4363e0d91eec8
s390x
gimp-2.8.22-25.module_el8.9.0+3725+d1441900.s390x.rpm
44472702d5f9198e4850dfa17fbe850864ef2f71800ac04e225d36424aacffba
s390x
pygobject2-codegen-2.28.7-4.module_el8.6.0+3053+ee77682c.s390x.rpm
654c3fec6c0981ed3d27af8ce61db63f7ad42622d5a16c8f382efcecaad984f2
s390x
pygobject2-2.28.7-4.module_el8.6.0+3053+ee77682c.s390x.rpm
66aa615a3f122df9dbe58f3f53af6323a433f4aa82c097b72f2f74909717d127
s390x
gimp-libs-2.8.22-25.module_el8.9.0+3725+d1441900.s390x.rpm
750ce6ac84250481690ddda7321ab85d4503da447fcd215d4464f4cc0af6ecc8
s390x
pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.s390x.rpm
91402fea22feef9d15400358a93ae5d2ff0b95b332edfbae2245ac5846848476
s390x
python2-cairo-1.16.3-6.module_el8.6.0+3053+ee77682c.s390x.rpm
bbb48bf204fd327311765e437bb9240af682b2956dd132b14b994638cae39813
s390x
python2-cairo-devel-1.16.3-6.module_el8.6.0+3053+ee77682c.s390x.rpm
c20cfc05e65aa0ef0f53c053760397008d28e98485a92233b9bdda498ea477ac
s390x
gimp-devel-tools-2.8.22-25.module_el8.9.0+3725+d1441900.s390x.rpm
c59244c101ad464aa4e215a47e104f02aa7ae2a4827d2981a30ae7466a7ff72a
s390x
pygobject2-doc-2.28.7-4.module_el8.6.0+3053+ee77682c.s390x.rpm
e537c96016fe47c0ba5f78f97838185e8b5bce691951bea2efb1a000da3025be
s390x
pygobject2-devel-2.28.7-4.module_el8.6.0+3053+ee77682c.s390x.rpm
ef3de81facf1f86c7cc1b8e5fda35805b7a1163b5dbe650c94fe642ff9946a54
s390x
gimp-devel-2.8.22-25.module_el8.9.0+3725+d1441900.s390x.rpm
f536e685fb88d2b6846ae5f60bd83c09e90ec9a6cbd6338d1573d871915a126b
x86_64
gimp-2.8.22-25.module_el8.9.0+3725+d1441900.x86_64.rpm
27f8c59dd24e0d1dfda474ec714017efc8a74e55d0834379e8dadaabdf31bcfc
x86_64
pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.x86_64.rpm
2f4d1ad704a236fdf89e2a91bad27c1290cc018d37a94b535bfe9b56d51393b8
x86_64
Packages/pygobject2-doc-2.28.7-4.module_el8.0.0+6039+48ed2b14.x86_64.rpm
50debe94083b3e0be6d23d3f789434a9d7f03713a9be11cdf4286f2ef6188eaa
x86_64
Packages/pygobject2-devel-2.28.7-4.module_el8.0.0+6039+48ed2b14.x86_64.rpm
741358f6e64be400baad4b28614099f8e46078720ba463dbe47b4b263e1b3ad2
x86_64
gimp-libs-2.8.22-25.module_el8.9.0+3725+d1441900.x86_64.rpm
a2d4cd5deb48edd2ace32118bb4833cd06b202405da9fb909cda34cf446ef13c
x86_64
Packages/python2-cairo-devel-1.16.3-6.module_el8.0.0+6039+48ed2b14.x86_64.rpm
b68d74d89eda67f3a42a32d5ba5cf88ecbd5d2d4ea9c1f09c9cae8d307c8730c
x86_64
Packages/pygobject2-2.28.7-4.module_el8.0.0+6039+48ed2b14.x86_64.rpm
baebcad4e4719acdb589c1587c258bf683e0d3344c7fbbed9e7b4d2dbbefb961
x86_64
gimp-devel-tools-2.8.22-25.module_el8.9.0+3725+d1441900.x86_64.rpm
bc2a4eac75a00f7d20d358ffcdd59f5407c686045d1fb165cfaefbdf10b8b977
x86_64
pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.x86_64.rpm
c31a1d5dc208ac6b26e5a44000795e1e773e1e95a479c0529997765ba24fdcff
x86_64
Packages/python2-cairo-1.16.3-6.module_el8.0.0+6039+48ed2b14.x86_64.rpm
c4c2f97aaf20809a36352ce503e4a5446504273fe4b06480962daec4dd78d52a
x86_64
gimp-devel-2.8.22-25.module_el8.9.0+3725+d1441900.x86_64.rpm
d47a4e76404881e6a201ccabbcf77bed31a09c1ff2570d015f3364f464b9e920
x86_64
pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.x86_64.rpm
e091c6387576c98a524580d77825cb438dc432a85725b99800ce9d147fe93ba6
x86_64
Packages/pygobject2-codegen-2.28.7-4.module_el8.0.0+6039+48ed2b14.x86_64.rpm
e37ed21f9422055f4e294253f36646e1ea08e0232caca3f97b4872986a728ba0

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:0861 Important: gimp:2.8 security update



ALSA-2024:0887 Moderate: go-toolset:rhel8 security update


ID:
ALSA-2024:0887

Title:
ALSA-2024:0887 Moderate: go-toolset:rhel8 security update

Type:
security

Severity:
moderate

Release date:
2024-02-22

Description
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)
* golang: cmd/go: Protocol Fallback when fetching modules (CVE-2023-45285)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-39326
CVE-2023-45285
RHSA-2024:0887
ALSA-2024:0887

Updated packages listed below:
Architecture
Package
Checksum
aarch64
go-toolset-1.20.12-1.module_el8.9.0+3728+f1d47c6f.aarch64.rpm
36ca971aa2a293175a8d662662348a703f3f4b81ce0b6258d8289c088fd8b024
aarch64
golang-1.20.12-2.module_el8.9.0+3728+f1d47c6f.aarch64.rpm
a4b6795f597a49776210c08559e8d8b1ddec381e1e236d4e0f72bdf373e4d0bd
aarch64
golang-bin-1.20.12-2.module_el8.9.0+3728+f1d47c6f.aarch64.rpm
b38e06be6895c93bdf69ca966103b60b26344adf4ab52e0ebf99c22bfa1fcc43
noarch
golang-src-1.20.12-2.module_el8.9.0+3728+f1d47c6f.noarch.rpm
4b2529a8fec201a8b0eb862980a7b8cbebad1b79b2dd3767c1f59278fda99ad6
noarch
golang-docs-1.20.12-2.module_el8.9.0+3728+f1d47c6f.noarch.rpm
55beb2cc2b7eea7d42de72537d232bab18d6494e3819125ebdf7b0ab2aa5957f
noarch
golang-tests-1.20.12-2.module_el8.9.0+3728+f1d47c6f.noarch.rpm
6abcd2e55053affff3fd5cec68dc037431d1826d7fef90626ad7b7ab1daf90db
noarch
golang-misc-1.20.12-2.module_el8.9.0+3728+f1d47c6f.noarch.rpm
99b16ffb898703debec3c40606698f6a6a8111c7151fc892e33beb8d28d06667
ppc64le
golang-bin-1.20.12-2.module_el8.9.0+3728+f1d47c6f.ppc64le.rpm
ad952490cb7790f1e203ea25730205e3cb01f140910748b59a6a885d1c1e6b03
ppc64le
golang-1.20.12-2.module_el8.9.0+3728+f1d47c6f.ppc64le.rpm
e10e8215f914d5e0daa80c1701d2370ec80ece9ff0c8a062e9e4b93081403f3c
ppc64le
go-toolset-1.20.12-1.module_el8.9.0+3728+f1d47c6f.ppc64le.rpm
e9d4ac62e3cf17d12694168909a56852cd5147fd0db1ed7b0eead3759c55f02a
s390x
golang-1.20.12-2.module_el8.9.0+3728+f1d47c6f.s390x.rpm
7260bc2ae83e3a4ca3c3f665ec8dae377b326fbb58cc509954dbf6bafbc44b3e
s390x
go-toolset-1.20.12-1.module_el8.9.0+3728+f1d47c6f.s390x.rpm
7faca76560a577de35bc3154a7837075efd9c8d65ac26e99d125c851bf194b8d
s390x
golang-bin-1.20.12-2.module_el8.9.0+3728+f1d47c6f.s390x.rpm
e858a1dd7612cfba0be9637a037275c75136f5e2159f4478f011685e85ca434e
x86_64
golang-1.20.12-2.module_el8.9.0+3728+f1d47c6f.x86_64.rpm
1bbb9dac6499e0b4f637d4416da5b100bfa12785636722bfb2cb6f0b2c9776a4
x86_64
delve-1.20.2-1.module_el8.9.0+3642+43318da8.x86_64.rpm
958fc28fde30ecf442f9b5a588413780eb9c7b56243673ff501c8d0a32c6f389
x86_64
golang-bin-1.20.12-2.module_el8.9.0+3728+f1d47c6f.x86_64.rpm
b07b438d0389187c8d554e566e1af0dca77b94fc568c9c8d1b4e96487c842dcc
x86_64
go-toolset-1.20.12-1.module_el8.9.0+3728+f1d47c6f.x86_64.rpm
fd1437e6771b0f8653bb3ad7cd159c8a34410df57e0f52b6210e57da8dfdb0b4

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:0887 Moderate: go-toolset:rhel8 security update



ALSA-2024:0888 Low: edk2 security update


ID:
ALSA-2024:0888

Title:
ALSA-2024:0888 Low: edk2 security update

Type:
security

Severity:
low

Release date:
2024-02-22

Description
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.
Security Fix(es):
* openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-3446
RHSA-2024:0888
ALSA-2024:0888

Updated packages listed below:
Architecture
Package
Checksum
noarch
edk2-ovmf-20220126gitbb1bba3d77-6.el8_9.3.noarch.rpm
252350e47c9a33e7c02c73e31f667935061a09496b7add2200546999c028ed10
noarch
edk2-aarch64-20220126gitbb1bba3d77-6.el8_9.3.noarch.rpm
614a1f9dd86cba18d98d43351c80471118ca5b54d7345cd888f64f328573926b

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:0888 Low: edk2 security update



ALSA-2024:0889 Moderate: oniguruma security update


ID:
ALSA-2024:0889

Title:
ALSA-2024:0889 Moderate: oniguruma security update

Type:
security

Severity:
moderate

Release date:
2024-02-22

Description
Oniguruma is a regular expressions library that supports a variety of character encodings.
Security Fix(es):
* oniguruma: Use-after-free in onig_new_deluxe() in regext.c (CVE-2019-13224)
* oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c (CVE-2019-16163)
* oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read (CVE-2019-19012)
* oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c (CVE-2019-19203)
* oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c (CVE-2019-19204)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2019-13224
CVE-2019-16163
CVE-2019-19012
CVE-2019-19203
CVE-2019-19204
RHSA-2024:0889
ALSA-2024:0889

Updated packages listed below:
Architecture
Package
Checksum
aarch64
oniguruma-devel-6.8.2-2.1.el8_9.aarch64.rpm
c40f03ec7113611ad9919034c5fdfb4eeebb1a60def800a7206f9c5b2e5ead1d
aarch64
oniguruma-6.8.2-2.1.el8_9.aarch64.rpm
f8782ebe080cc899bca4d9128f84a26488a3a933a7176a17b09152c63bf0f8ec
i686
oniguruma-devel-6.8.2-2.1.el8_9.i686.rpm
af8644714e1ad957ee17e5938a4972d07c4586ede2bcddfbad9f443750c60040
i686
oniguruma-6.8.2-2.1.el8_9.i686.rpm
e2ea0dd38130c3f2e43808c2cb7ce299142917f07bdae1fbf2290589baa68935
ppc64le
oniguruma-devel-6.8.2-2.1.el8_9.ppc64le.rpm
a0fa563ce68e683efa45ac61bda23af4fa5d8e9f3ff435eb9a5f981eadd0f4a6
ppc64le
oniguruma-6.8.2-2.1.el8_9.ppc64le.rpm
b85571c65d4cc472cb84e858c90e85aab6989e09ab34430c8a9218eb03d8a591
s390x
oniguruma-6.8.2-2.1.el8_9.s390x.rpm
767741fec9d655be5714e68e8a8fdf766d570cb71beadb91d8db0af00290e7b8
s390x
oniguruma-devel-6.8.2-2.1.el8_9.s390x.rpm
8778661eb34018d0632063a91da81c6d50aa7fd526604f247e0d994bd3c29e69
x86_64
oniguruma-devel-6.8.2-2.1.el8_9.x86_64.rpm
cf6fadc7271e5e2937820d81de94b0e4214b4e624cf53bab2d45653b4f1301e8
x86_64
oniguruma-6.8.2-2.1.el8_9.x86_64.rpm
d110a8fe14e5a0aacdaa8ebf8e61b49448e4725ee1eecd4b1cba04c05b928f3d

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:0889 Moderate: oniguruma security update



ALSA-2024:0893 Important: python-pillow security update


ID:
ALSA-2024:0893

Title:
ALSA-2024:0893 Important: python-pillow security update

Type:
security

Severity:
important

Release date:
2024-02-22

Description
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities.
Security Fix(es):
* pillow: Arbitrary Code Execution via the environment parameter (CVE-2023-50447)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-50447
RHSA-2024:0893
ALSA-2024:0893

Updated packages listed below:
Architecture
Package
Checksum
aarch64
python3-pillow-tk-5.1.1-18.el8_9.1.alma.1.aarch64.rpm
ac06dbc64d19a02e1e46560837bd24b28b804a84773af38f148a1496bb9d473f
aarch64
python3-pillow-devel-5.1.1-18.el8_9.1.alma.1.aarch64.rpm
e4492f6d02a6f9bc2fffc21a0c8f73f96754e991d4391c7d9071a23bfade3e4d
aarch64
python3-pillow-5.1.1-18.el8_9.1.alma.1.aarch64.rpm
fd22dfa42237601ddcf37b2d73317846a0726073573fa5625ebbeda6b9dbfdc8
i686
python3-pillow-5.1.1-18.el8_9.1.alma.1.i686.rpm
2a90459cf5afe5eb73a3c4034717d9aea6faddd7e3f5f7772b14f55d3403a5be
i686
python3-pillow-devel-5.1.1-18.el8_9.1.alma.1.i686.rpm
d3f94409f65ad0dee8ae3f7bf0b407f30de9d5d23c382ae340cc94a63e044b04
noarch
python3-pillow-doc-5.1.1-18.el8_9.1.alma.1.noarch.rpm
7905756e31e07345223207d9bc7cedca64e16151b80b7e0a33957feb18f2eee1
ppc64le
python3-pillow-5.1.1-18.el8_9.1.alma.1.ppc64le.rpm
155bd37f8e60a06cb8ce77f9df09e0a6e7d9e5ab864bcb5bbb7253d0f4e73ba5
ppc64le
python3-pillow-devel-5.1.1-18.el8_9.1.alma.1.ppc64le.rpm
ca52a29f82a3c872c9c0f39f8d6b2861c6edf61d085eea28fbdb113d9fbbd1d9
ppc64le
python3-pillow-tk-5.1.1-18.el8_9.1.alma.1.ppc64le.rpm
cc9b4b59d0b2e78375f75c983a199f072847a29726e214f39263c30134e159b6
s390x
python3-pillow-5.1.1-18.el8_9.1.alma.1.s390x.rpm
58e5bafacc7cbd7a291843f0369e27b2d029afd084be8afbc62c29bd3f0dd668
s390x
python3-pillow-tk-5.1.1-18.el8_9.1.alma.1.s390x.rpm
6682e0abeda59085642da0082d5e38ca13ff02469292fb94e418a4c9fd79fcbc
s390x
python3-pillow-devel-5.1.1-18.el8_9.1.alma.1.s390x.rpm
f0a603f1dbe0b8bd5de3aa0dc881a994a6a9bcccf85cdb2f87ef2187d37beab3
x86_64
python3-pillow-devel-5.1.1-18.el8_9.1.alma.1.x86_64.rpm
28d8738fa5f476c9f7c9ffbe4fd65ce717f0e4ddfdaedae06cc41462e432973f
x86_64
python3-pillow-5.1.1-18.el8_9.1.alma.1.x86_64.rpm
55d24da29c005ec03eefff9a7e188c4fd1b0ab6b13db3483a732c61a143b8a35
x86_64
python3-pillow-tk-5.1.1-18.el8_9.1.alma.1.x86_64.rpm
56f71f5ca17dd1aaa94df5196727be04994580fb49a1c39cd33f10edaa20a2c3

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:0893 Important: python-pillow security update



ALSA-2024:0897 Important: kernel security update


ID:
ALSA-2024:0897

Title:
ALSA-2024:0897 Important: kernel security update

Type:
security

Severity:
important

Release date:
2024-02-22

Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)
* kernel: use-after-free in sch_qfq network scheduler (CVE-2023-4921)
* kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817)
* kernel: IGB driver inadequate buffer size for frames larger than MTU (CVE-2023-45871)
* kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646)
* kernel: nfp: use-after-free in area_cache_get() (CVE-2022-3545)
* kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (CVE-2022-41858)
* kernel: HID: check empty report_list in hid_validate_values() (CVE-2023-1073)
* kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend() (CVE-2023-1838)
* kernel: NULL pointer dereference in can_rcv_filter (CVE-2023-2166)
* kernel: Slab-out-of-bound read in compare_netdev_and_ip (CVE-2023-2176)
* kernel: A heap out-of-bounds write when function perf_read_group is called and sibling_list is smaller than its child's sibling_list (CVE-2023-5717)
* kernel: NULL pointer dereference in nvmet_tcp_build_iovec (CVE-2023-6356)
* kernel: NULL pointer dereference in nvmet_tcp_execute_request (CVE-2023-6535)
* kernel: NULL pointer dereference in __nvmet_req_complete (CVE-2023-6536)
* kernel: Out-Of-Bounds Read vulnerability in smbCalcSize (CVE-2023-6606)
* kernel: OOB Access in smb2_dump_detail (CVE-2023-6610)
* kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (CVE-2023-40283)
* kernel: SEV-ES local priv escalation (CVE-2023-46813)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2022-3545
CVE-2022-41858
CVE-2023-1073
CVE-2023-1838
CVE-2023-2166
CVE-2023-2176
CVE-2023-40283
CVE-2023-45871
CVE-2023-4623
CVE-2023-46813
CVE-2023-4921
CVE-2023-5717
CVE-2023-6356
CVE-2023-6535
CVE-2023-6536
CVE-2023-6606
CVE-2023-6610
CVE-2023-6817
CVE-2024-0646
RHSA-2024:0897
ALSA-2024:0897

Updated packages listed below:
Architecture
Package
Checksum
aarch64
kernel-cross-headers-4.18.0-513.18.1.el8_9.aarch64.rpm
02efac3aa33424a213f64e66ceaa1f528703c63b74499a9753e110234ea16069
aarch64
kernel-modules-4.18.0-513.18.1.el8_9.aarch64.rpm
21c50909b84bc5cf915edc6b2d4b5115eb484c6886c531a8cf15e4492c440a83
aarch64
kernel-debug-core-4.18.0-513.18.1.el8_9.aarch64.rpm
3f830518b6463cadc83652881d5aacb83a76491d98453aaa90595a3ae6703119
aarch64
kernel-debug-devel-4.18.0-513.18.1.el8_9.aarch64.rpm
4f1936fb5f8b647b9be4d7137b9b49643cd01361550c6b3bd53b7f2115099d9e
aarch64
kernel-modules-extra-4.18.0-513.18.1.el8_9.aarch64.rpm
520b6c143e93587f701ccb56418988d69557eb8fbf02d96b79b5e7fb07856135
aarch64
kernel-tools-4.18.0-513.18.1.el8_9.aarch64.rpm
6aed71462a081389db4f56221ff295ab90a7e5442d535862f742cec8ca2c3b85
aarch64
kernel-4.18.0-513.18.1.el8_9.aarch64.rpm
6c2763693dddbc97e410b97efb85669577901f3759f286371e10dacb9418d274
aarch64
perf-4.18.0-513.18.1.el8_9.aarch64.rpm
6d67321f2fa40b741d0a6bf87f3ebe82bed1254965286ef5dfe17123935790cd
aarch64
kernel-tools-libs-4.18.0-513.18.1.el8_9.aarch64.rpm
8cd29d58ad280c50dda6bb82af648ac758c00c13b32c895a00127ce9c1ddb4f4
aarch64
kernel-core-4.18.0-513.18.1.el8_9.aarch64.rpm
8cfece41e310a4def99c7821b960c6f92d8cfd685c1005f821dcb37e130096dc
aarch64
kernel-debug-modules-4.18.0-513.18.1.el8_9.aarch64.rpm
9ce2f68c74c0e2aa34fd493e72cf8686ca4dbaba2c4c1322b693668c7f250030
aarch64
kernel-debug-modules-extra-4.18.0-513.18.1.el8_9.aarch64.rpm
acfc34719d8310f2373c38d80e9650d6d69af598882fc0a1a0eccdd0bf83effa
aarch64
kernel-tools-libs-devel-4.18.0-513.18.1.el8_9.aarch64.rpm
be9559ec102e031ae9903759d81672bf812a3176a3c650b41d61bbfbd7fed013
aarch64
bpftool-4.18.0-513.18.1.el8_9.aarch64.rpm
c5d47d5857d1f5ba4d9bae89bfe6641d22fe9500805ae3d4e4998b26af090da0
aarch64
kernel-debug-4.18.0-513.18.1.el8_9.aarch64.rpm
e72fb726095c8c5f7e1951dceb06a464aff3c616752062f6e42531396a945778
aarch64
kernel-devel-4.18.0-513.18.1.el8_9.aarch64.rpm
e7ffc0f0c01a80b6e681047c99143f5f6460c9b3b05c01c04c0f2afcaa0de6cc
aarch64
python3-perf-4.18.0-513.18.1.el8_9.aarch64.rpm
ec73327ca3a34c80a3708dab1dbae7adf54fad5540570d82710b3f7247517798
noarch
kernel-doc-4.18.0-513.18.1.el8_9.noarch.rpm
18b9071604ad6c306874ba20c3e8ebf95fdc655c776ee6b5fe7787bcf53f1d5f
noarch
kernel-abi-stablelists-4.18.0-513.18.1.el8_9.noarch.rpm
63c2082704ccdbc2cf1de47a833ab3f514b7d71d0ccd4212941228294165dee4
ppc64le
bpftool-4.18.0-513.18.1.el8_9.ppc64le.rpm
0737a901f11131c19c782be90dd6dada95412c9f4c1c95b702d02eec97916960
ppc64le
kernel-debug-4.18.0-513.18.1.el8_9.ppc64le.rpm
0a85182828b06cc9f1fb65b49692e509546194ac9a4913f213b228f25971b91b
ppc64le
kernel-tools-libs-4.18.0-513.18.1.el8_9.ppc64le.rpm
1876e93c0ee7ee592a46bf336a3b4b2b9a092efac246f291b639a86313f266ce
ppc64le
kernel-tools-libs-devel-4.18.0-513.18.1.el8_9.ppc64le.rpm
4b4a242c975a9d27d75b752d7b12042765e58c16596a684ee447a9f8ca8a9270
ppc64le
kernel-4.18.0-513.18.1.el8_9.ppc64le.rpm
5be2e68f1ddd0743d16b510fbc2c72456f4f870562314badbcf128d7a467dc95
ppc64le
kernel-tools-4.18.0-513.18.1.el8_9.ppc64le.rpm
61a9d69b31ed3aea1f508081c08a71f1680eacaf3ec887cf3e52cc50c4cafd09
ppc64le
python3-perf-4.18.0-513.18.1.el8_9.ppc64le.rpm
6fdf19cf7b4992830859c9699607592e257bbbcd99ebee133ab043dc90e1f1b0
ppc64le
kernel-modules-4.18.0-513.18.1.el8_9.ppc64le.rpm
72ff3271488e4a79b1983bca1ce4349bdd821fccd7c1ca8d0d84e0022459a728
ppc64le
kernel-modules-extra-4.18.0-513.18.1.el8_9.ppc64le.rpm
8a6fb19e7024a34e58ba077629043b34dff8276a69ec3d9f9eacff0315d71579
ppc64le
kernel-cross-headers-4.18.0-513.18.1.el8_9.ppc64le.rpm
8e52e1567d7c746c9d4c75396450e168c5cb8402bd0cdd526568740cebdf77f2
ppc64le
kernel-debug-modules-extra-4.18.0-513.18.1.el8_9.ppc64le.rpm
9ade5a67f0654cf5dc3418fccdcb97b795b74178603dc4688d785155aac61f4d
ppc64le
kernel-debug-modules-4.18.0-513.18.1.el8_9.ppc64le.rpm
9d2f260b140a60f0c4d26aeff97a0d39d0edc398c389f12a4df35e7db42a3551
ppc64le
kernel-debug-devel-4.18.0-513.18.1.el8_9.ppc64le.rpm
a58fc344c17b661cd09bc87100d6084f4be5c5478d54f3fc0a6bd31846c98dcf
ppc64le
perf-4.18.0-513.18.1.el8_9.ppc64le.rpm
a6658353b3993ccd4c777cabd7a8f59a5dfd1a3e4397d0c216e00b76dc012961
ppc64le
kernel-debug-core-4.18.0-513.18.1.el8_9.ppc64le.rpm
cbbfdb4f1affd9b7d0799b60a0fce2fa3752e2f0f8907b53340208bbeaa68cca
ppc64le
kernel-devel-4.18.0-513.18.1.el8_9.ppc64le.rpm
e762a7a28477232d7d2c4e48ebc4e584b9959aa65e99b04297ff20204821a3bc
ppc64le
kernel-core-4.18.0-513.18.1.el8_9.ppc64le.rpm
fcb686630229f7f3f354a5e6b56eb14839d74e8443386bf7e6e08b4861a47de6
s390x
kernel-zfcpdump-4.18.0-513.18.1.el8_9.s390x.rpm
0cb4a2e90e51352eb7c0831efd25685ada3e234e9f356f6b584abf8799747024
s390x
kernel-modules-4.18.0-513.18.1.el8_9.s390x.rpm
1840de9f305819337e01002c936ad3f5d951707960af12b6152dfe381f9cdf60
s390x
kernel-cross-headers-4.18.0-513.18.1.el8_9.s390x.rpm
1a5735cec145de1268f88ab51846bbaddbb58ca97faa8658bf35b41a2bc44ac7
s390x
kernel-zfcpdump-devel-4.18.0-513.18.1.el8_9.s390x.rpm
258b6760c45e1dc4100bba00500d2977b317b87731ac4b2c021e5a97bf703b80
s390x
kernel-debug-core-4.18.0-513.18.1.el8_9.s390x.rpm
6bb14a049ae36e74eee8aa1246029d15e58c9b9a8ffa08f65977af59338c7e13
s390x
kernel-core-4.18.0-513.18.1.el8_9.s390x.rpm
8168e1a9c98cd4efbf23eac76458e471ad0d0d72886de0a39804a38748226862
s390x
kernel-zfcpdump-modules-4.18.0-513.18.1.el8_9.s390x.rpm
8213ee12060cab3ebbe6688593734c390fd81dde2663784b43d62a9b55692501
s390x
kernel-tools-4.18.0-513.18.1.el8_9.s390x.rpm
8954e9f475e37e69c9a14829855dc026733f7219dd65cc1564447007584b5dd5
s390x
python3-perf-4.18.0-513.18.1.el8_9.s390x.rpm
9e67aebd2428f657c92bb34a6a718b46ef1eb2db7c779897c469d49892c4a7d9
s390x
kernel-modules-extra-4.18.0-513.18.1.el8_9.s390x.rpm
9f0474dae5e36443062181979b22cf638e12d5062c8f513f7e2b494e8a42b10e
s390x
kernel-zfcpdump-modules-extra-4.18.0-513.18.1.el8_9.s390x.rpm
b46821247f8bacd950af8ca456e0189b4d0d619daa225f29093116d17acf35d3
s390x
kernel-zfcpdump-core-4.18.0-513.18.1.el8_9.s390x.rpm
b67df14503ba1b9054a046531a7dcb8295e0657cef7c76cb88fd64deff4b1845
s390x
perf-4.18.0-513.18.1.el8_9.s390x.rpm
b7430ae016969cce3dc0cccec531350df73f25db98cf0ac253974e57f9be46ba
s390x
bpftool-4.18.0-513.18.1.el8_9.s390x.rpm
bfb7a7507edcf7d5e770191aa33fe35f9cf37ceeb86c1a21a0433ff6402b365c
s390x
kernel-4.18.0-513.18.1.el8_9.s390x.rpm
c6b235dcb5021aea60e0200a36dcbc9edaa08d8521d89c283ebc9b43db351e7c
s390x
kernel-debug-4.18.0-513.18.1.el8_9.s390x.rpm
c97dab94b1733e45d799d756c6dd48db42a13f538cf2318ee72d31c969fa9018
s390x
kernel-debug-devel-4.18.0-513.18.1.el8_9.s390x.rpm
cdf3b790b60eec7dfa19d01f3b46956eee2b8f03cf3d92ee363bd994faa5b0ca
s390x
kernel-devel-4.18.0-513.18.1.el8_9.s390x.rpm
d26285dfa57694614f95c2b9cb1ec746f14d8eb29600829fd3ae81acea567608
s390x
kernel-debug-modules-4.18.0-513.18.1.el8_9.s390x.rpm
ed6036513c0ba269295ec8345a627865a118e76140742357e1f92f9b935f0f05
s390x
kernel-debug-modules-extra-4.18.0-513.18.1.el8_9.s390x.rpm
f91d84e51d460551c4c666058ff6db0a0ecef3468ee79212ed62225e83274ecf
x86_64
kernel-4.18.0-513.18.1.el8_9.x86_64.rpm
06de590be23ebbbe62a5dad31b4dc5b614db83a77128f0ddf3c60234387b5518
x86_64
kernel-tools-libs-4.18.0-513.18.1.el8_9.x86_64.rpm
0b0720ff31bfd195c08f9417bd929bd70e8106ac65a4d130ed3af2d544b5ec8e
x86_64
kernel-tools-libs-devel-4.18.0-513.18.1.el8_9.x86_64.rpm
249006195fd4e7b0711de649563b3fcd68c3d15361a3752a65e974ac833c2e9d
x86_64
kernel-cross-headers-4.18.0-513.18.1.el8_9.x86_64.rpm
378d3d95d67968d77e7a81e6634c9c73f30d7c79facaa038d00c4f575b0e9ea8
x86_64
python3-perf-4.18.0-513.18.1.el8_9.x86_64.rpm
392c793a3317d26c8853000de44c2fdef39a2bb0f9481bf8979e9563c5a0d5ca
x86_64
kernel-debug-core-4.18.0-513.18.1.el8_9.x86_64.rpm
3a127cbd28ffb6c6225338231ed855365b0c6f67e8379b43effa325d2216e7b4
x86_64
bpftool-4.18.0-513.18.1.el8_9.x86_64.rpm
40a34401752d765bc46f74c037e951b57abbeed5d70b28e15bb5b686266269f7
x86_64
kernel-modules-extra-4.18.0-513.18.1.el8_9.x86_64.rpm
483424cd3630e5dcb09c79807837db7b328fd9765fb108c18519b6935c53fc62
x86_64
kernel-devel-4.18.0-513.18.1.el8_9.x86_64.rpm
7e745b7debb309cb275eece565da37c11dbc2de4ec9c4e886965baf16f78d909
x86_64
kernel-modules-4.18.0-513.18.1.el8_9.x86_64.rpm
899fc277029b1040a481e35e5dacbdcca819d6e161f3e2e70e2b91b5b66a070e
x86_64
kernel-debug-modules-4.18.0-513.18.1.el8_9.x86_64.rpm
97495791115e313d5a66bb85b9bb83a118260123a409be792e48e6edfebcd011
x86_64
kernel-tools-4.18.0-513.18.1.el8_9.x86_64.rpm
b75ae0eaf83f321463a385007143a5dcdd7e8fc866c0a24681299a107c665420
x86_64
kernel-core-4.18.0-513.18.1.el8_9.x86_64.rpm
c4b01a06911412a471a0ee350938ca57eaf5218cf6800dd976175bb466879b22
x86_64
kernel-debug-4.18.0-513.18.1.el8_9.x86_64.rpm
da2fc9f89b18bf3d7d8a185c2e93d5862cff8060ad1c85001b98ab101628e273
x86_64
kernel-debug-devel-4.18.0-513.18.1.el8_9.x86_64.rpm
dc72b42bfa4a5d482e61bdc929a47daf5909f0cf1b145094a30afdd2864561dd
x86_64
kernel-debug-modules-extra-4.18.0-513.18.1.el8_9.x86_64.rpm
f57d3aa40bfd25a7f67890a55218c4ad3c5f265f652f19341b3cc0ba08601e0e
x86_64
perf-4.18.0-513.18.1.el8_9.x86_64.rpm
fba99834a37f478346080b9d8da5e5bd0b2394e74f6465887969c959940d0b9a

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:0897 Important: kernel security update