AlmaLinux 2325 Published by

The following security updates have been released for AlmaLinux:

ALSA-2024:3546 Moderate: ruby:3.1 security, bug fix, and enhancement update
ALSA-2024:3618 Moderate: kernel update
ALSA-2024:3626 Moderate: libxml2 security update
ALSA-2024:3627 Moderate: kernel-rt security and bug fix update
ALSA-2024:3666 Important: tomcat security and bug fix update
ALSA-2024:3667 Moderate: cockpit security update
ALSA-2024:3668 Moderate: ruby:3.1 security, bug fix, and enhancement update




ALSA-2024:3546 Moderate: ruby:3.1 security, bug fix, and enhancement update

ID:
ALSA-2024:3546

Title:
ALSA-2024:3546 Moderate: ruby:3.1 security, bug fix, and enhancement update

Type:
security

Severity:
moderate

Release date:
2024-06-04

Description
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
Security Fix(es):
* ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281)
* ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280)
* ruby: Arbitrary memory address read vulnerability with Regex search (CVE-2024-27282)
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:
CVE-2024-27280
CVE-2024-27281
CVE-2024-27282
RHSA-2024:3546
ALSA-2024:3546

Updated packages listed below:
Architecture
Package
Checksum
aarch64
ruby-3.1.5-143.module_el8.10.0+3854+02eaa59a.aarch64.rpm
02f5edb20bd6f9312f4e106297f665382671234770511c986502a5f3852aeeba
aarch64
rubygem-json-2.6.1-143.module_el8.10.0+3854+02eaa59a.aarch64.rpm
1b678b2cdff5514b090bdad6aea3b79eb69925e08a21f0f159ed7ec5f5e2f441
aarch64
rubygem-psych-4.0.4-143.module_el8.10.0+3854+02eaa59a.aarch64.rpm
222c1517c5c4e986d956c46992347f9cc5e5d4bd9aa33e17330c466a44fe8172
aarch64
rubygem-bigdecimal-3.1.1-143.module_el8.10.0+3854+02eaa59a.aarch64.rpm
233e17091ff514bae7199e579414d72e68a9e85bfdb5e2a5186e4029f33f67bf
aarch64
ruby-devel-3.1.5-143.module_el8.10.0+3854+02eaa59a.aarch64.rpm
466705ac9b856704ba320d98c702a3edd353cc983cc0ddc9e6173b15a0db7b80
aarch64
rubygem-io-console-0.5.11-143.module_el8.10.0+3854+02eaa59a.aarch64.rpm
48a7a83d1463f1a46fc12875137763fb5dbaba3fb1b61081317c56aff46c92c6
aarch64
ruby-libs-3.1.5-143.module_el8.10.0+3854+02eaa59a.aarch64.rpm
a8c177532c167b930447cdd3565deca94b11b921b49189228a877ae73492414b
aarch64
rubygem-pg-1.3.2-1.module_el8.9.0+3746+91b8233a.aarch64.rpm
cfc500a4226acdcbc01afa6c9b40e02c7ba1c80cd1da994ec0167d816a8e51a8
aarch64
rubygem-mysql2-0.5.3-3.module_el8.9.0+3746+91b8233a.aarch64.rpm
dbfe520cef4d3f4713a6f0ab2270b312765511985de21a1588bed57703484068
aarch64
rubygem-rbs-2.7.0-143.module_el8.10.0+3854+02eaa59a.aarch64.rpm
e103a369da8931fa17cbb5333b547b3f7a244d66e7e2262edbf8a9a34f9c1749
aarch64
ruby-bundled-gems-3.1.5-143.module_el8.10.0+3854+02eaa59a.aarch64.rpm
f5341ef65296b99a35529cd36cdc56448ce4863c34ccaddc281fa4c8b4cf4093
i686
rubygem-rbs-2.7.0-143.module_el8.10.0+3854+02eaa59a.i686.rpm
0719432e47a412c43e501184750daef857c546c71bbe6be461556b241702214c
i686
rubygem-psych-4.0.4-143.module_el8.10.0+3854+02eaa59a.i686.rpm
451214cd4cb45caf8d413c0934dc852ae86ce38b8330d80c3563f5e922272be9
i686
rubygem-bigdecimal-3.1.1-143.module_el8.10.0+3854+02eaa59a.i686.rpm
5cffe92a18892b0a7e7d455c16154157df435f296c439f3aca03c634ad8955be
i686
ruby-bundled-gems-3.1.5-143.module_el8.10.0+3854+02eaa59a.i686.rpm
786017f2a35b66eb9faa2269fe1359e728ce853b7e7c13a6a66093dde6afc902
i686
rubygem-io-console-0.5.11-143.module_el8.10.0+3854+02eaa59a.i686.rpm
7a286268a84ff39b48557c4dca418164b5369b9384da8800a9965a37aae5fec8
i686
ruby-3.1.5-143.module_el8.10.0+3854+02eaa59a.i686.rpm
8a860f499039270f1d29c798199b915c2302f35e816f38c10451578b62407532
i686
ruby-libs-3.1.5-143.module_el8.10.0+3854+02eaa59a.i686.rpm
a13625aecdc263e3ca6cf907baf5513a30686c5334fbe35ed3b10d636ba96719
i686
ruby-devel-3.1.5-143.module_el8.10.0+3854+02eaa59a.i686.rpm
b2ff79d7a15837b8ca4224bad25e6142f9e4899845c0c8063635df7f9c70c743
i686
rubygem-json-2.6.1-143.module_el8.10.0+3854+02eaa59a.i686.rpm
c2fa3b76bbf77e7c8175828627106c525a90b9d7ee88ef96f4af69cee8f6ea2d
noarch
rubygem-rss-0.2.9-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
0c2a8281df449cb486442fb90e8c40d4a79c64143c97e104614823255e3ad9ab
noarch
rubygem-minitest-5.15.0-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
43fb974852f98c5ea257784f25c2946ecfccc7bd823146cc4909467b1861f3d4
noarch
rubygem-typeprof-0.21.3-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
5676c32596c579d03f4245a4fd1d0e6eb32d1ca19c16d0a00915f30c0afb10e3
noarch
ruby-default-gems-3.1.5-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
677d0ce73518fb3ed3767bb45b999c865a46b78ecbf379db6a4ff2dbc06625c8
noarch
rubygem-rexml-3.2.5-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
8b795229fdbeb02170eed7c9056e4b0a8aeec95b856183adbe067ecea6f1bb10
noarch
ruby-doc-3.1.5-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
8c4abd4bac286747769a05badbbafe5ee20900006e5067136e1804c0972b6526
noarch
rubygem-rdoc-6.4.1.1-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
9109346d66d9d78dfb3b125ecfada795feb35e09df154e83304332552c0443e4
noarch
rubygem-irb-1.4.1-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
a1354cd498c9a05bbd486a6a800aecff6978d3d8f947d2585c9dd2ddd5c172cc
noarch
rubygems-devel-3.3.27-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
a2b501f7ed43672e9cb911b71d8c2edb2064741c83b2893db02cbd883d86e153
noarch
rubygem-abrt-0.4.0-1.module_el8.9.0+3746+91b8233a.noarch.rpm
a4de616c47a50c4a54611ff12499a00e395fcdf6e3c2ce813e27b0f581ed2c12
noarch
rubygem-mysql2-doc-0.5.3-3.module_el8.9.0+3746+91b8233a.noarch.rpm
b041e7b43395ddba070a6629f247dce8d99b56956940ee94a67a0a2e0ee1fd0a
noarch
rubygem-test-unit-3.5.3-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
b316cddb0fe59c60b512538bb1d02b3de26045e52d07ade8ec54c2583418f742
noarch
rubygem-abrt-doc-0.4.0-1.module_el8.9.0+3746+91b8233a.noarch.rpm
b3b928354f6d07cca1e7cfce71aa08f097da08d99e41f459707e928f85703485
noarch
rubygem-rake-13.0.6-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
b50f069e303b0b7c062743ffcaa8aa8e89b47739fd4b358b6d6edb19c9f441de
noarch
rubygem-pg-doc-1.3.2-1.module_el8.9.0+3746+91b8233a.noarch.rpm
baf9236c33aec08aad023fee6e81391fc5027f5860c40affd4596d3a958fabbc
noarch
rubygems-3.3.27-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
ce68996b23674776bf538b5645f63269263f5009e1eac7c07e030313436c15d5
noarch
rubygem-bundler-2.3.27-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
f89fc7ed17d529edd595b0649d769b32573989ff2ec14b5c1547cf524bb50ed9
noarch
rubygem-power_assert-2.0.1-143.module_el8.10.0+3854+02eaa59a.noarch.rpm
f907f8c26f82aa2aadcf6dcdfa364faa0b3c0fb2e06f5a64bf3984eebe5a5d54
ppc64le
rubygem-rbs-2.7.0-143.module_el8.10.0+3854+02eaa59a.ppc64le.rpm
23fa650938cebd0b7b27a206d03cb6784c8bf6c41cdadfe08a9cc2b588969952
ppc64le
ruby-devel-3.1.5-143.module_el8.10.0+3854+02eaa59a.ppc64le.rpm
27ae1fe6b2a79b3f7ff69fb04ffb75c6d63afe8d38b69294e8451b2931af962b
ppc64le
rubygem-io-console-0.5.11-143.module_el8.10.0+3854+02eaa59a.ppc64le.rpm
3e09e14e3c438f91ded93c7265c374645e1c508eebb1415d1bae4c4a636783ef
ppc64le
rubygem-mysql2-0.5.3-3.module_el8.9.0+3746+91b8233a.ppc64le.rpm
6ac16dd0dd002092ac6d5960eb63a7bd1a0639509605bb6319b65cdbae1acba1
ppc64le
ruby-3.1.5-143.module_el8.10.0+3854+02eaa59a.ppc64le.rpm
6f86b1205152586e573759738405aee160d3a676714554c849fe6513b9ad6754
ppc64le
rubygem-bigdecimal-3.1.1-143.module_el8.10.0+3854+02eaa59a.ppc64le.rpm
80522836eacec9635800f5a529736ebd607f90f8bf0d84bbc1725a104ce981a8
ppc64le
ruby-libs-3.1.5-143.module_el8.10.0+3854+02eaa59a.ppc64le.rpm
a48827a2296b3f89b583935bb80731aaeed66d1b7c82d929948d12efba96d96b
ppc64le
rubygem-psych-4.0.4-143.module_el8.10.0+3854+02eaa59a.ppc64le.rpm
bd463559a54546c0617536912537bf9bda9fb128caf3a53317182dfbe83f6d45
ppc64le
rubygem-json-2.6.1-143.module_el8.10.0+3854+02eaa59a.ppc64le.rpm
d0f67ec625fa7f639f4f4378f57a27cffa8cc4a819080ae3ceb458dc0c5ccf9a
ppc64le
rubygem-pg-1.3.2-1.module_el8.9.0+3746+91b8233a.ppc64le.rpm
dcc23bde6716f522172fee879a8e9e6fec13d37db6ee3856c03c8224d1cfbc45
ppc64le
ruby-bundled-gems-3.1.5-143.module_el8.10.0+3854+02eaa59a.ppc64le.rpm
e02cd4bcc6d9d1a43d76758fb046b4903a25ce568af40e3f6896e0f89d629225
s390x
ruby-devel-3.1.5-143.module_el8.10.0+3854+02eaa59a.s390x.rpm
23b0638bf4c33069b99f9ee9c701389f4b270f51b410557858a4f7d4a25dd55d
s390x
ruby-libs-3.1.5-143.module_el8.10.0+3854+02eaa59a.s390x.rpm
41fedd8d5671144fb8565783f47c3e4eb6340992948f1e0a16c0ae8471ac5856
s390x
rubygem-io-console-0.5.11-143.module_el8.10.0+3854+02eaa59a.s390x.rpm
56a6c8f83b227319083a0ac0e05531efa5ab0443f8e9c2f46c22edf6f73eb47e
s390x
rubygem-json-2.6.1-143.module_el8.10.0+3854+02eaa59a.s390x.rpm
6db3b463ce8c7214e87d0acc7f1c49bed9dc853ab0af72e689bde67f4c59164a
s390x
ruby-3.1.5-143.module_el8.10.0+3854+02eaa59a.s390x.rpm
713e24c88fc37baa903bc97b93045ceb13cd6af82dd9ba1c3d58a8b0aa798205
s390x
rubygem-mysql2-0.5.3-3.module_el8.9.0+3746+91b8233a.s390x.rpm
918f33bb63f2437177e2ccc66781a31b62f2b20d0a0b1449cef7c7359b24eb9d
s390x
rubygem-psych-4.0.4-143.module_el8.10.0+3854+02eaa59a.s390x.rpm
a655fbdf1c07eaf4c278422fc787c044f9d25ca3f5859f1eae470d95e81e1c00
s390x
ruby-bundled-gems-3.1.5-143.module_el8.10.0+3854+02eaa59a.s390x.rpm
b4f3caef40c48dbedc76748b64efb3b646b4a48f02bf5b5b18a009182ffbaed3
s390x
rubygem-rbs-2.7.0-143.module_el8.10.0+3854+02eaa59a.s390x.rpm
b599d878f7631e18afa17eee0b3243c12e95660dd7eb7a4fecb7e9019f5b994f
s390x
rubygem-pg-1.3.2-1.module_el8.9.0+3746+91b8233a.s390x.rpm
c5850062377cea2f45840ad208edacee1c01685eff9e15babb4969842bf65557
s390x
rubygem-bigdecimal-3.1.1-143.module_el8.10.0+3854+02eaa59a.s390x.rpm
ec5c0d71d2bc25b43e847593de07ba0c1b51ccbabdd516259f55473a86990c16
x86_64
rubygem-io-console-0.5.11-143.module_el8.10.0+3854+02eaa59a.x86_64.rpm
4fc42be0c9182354a1b3b613d22680432a6d78c955403c8ff94ededcc49423db
x86_64
rubygem-bigdecimal-3.1.1-143.module_el8.10.0+3854+02eaa59a.x86_64.rpm
75c4376050bdcf46c5ad3a6501de1187506a2ef902f46feb23b6e962275cf029
x86_64
rubygem-pg-1.3.2-1.module_el8.9.0+3746+91b8233a.x86_64.rpm
8a1549c324cd877489cfcc365ffb0c4fb94f7bd2e9f3057b68daa979604ffd9c
x86_64
ruby-devel-3.1.5-143.module_el8.10.0+3854+02eaa59a.x86_64.rpm
8c5c76960d285e41fd555b44e4652a478ee4bc2a304aa61990fefa460716fca3
x86_64
ruby-bundled-gems-3.1.5-143.module_el8.10.0+3854+02eaa59a.x86_64.rpm
8f3b3487f779d6c92b1d49afa1206f749c3ed06c55827ef99a6a4d8a82f57775
x86_64
rubygem-psych-4.0.4-143.module_el8.10.0+3854+02eaa59a.x86_64.rpm
939f4ec4a96dd10f59ee89096c0ff146b002048d364c3fd113f1d9791cb6daee
x86_64
ruby-3.1.5-143.module_el8.10.0+3854+02eaa59a.x86_64.rpm
ac7ca68cc0e8ff990b6fa206ced48f22c9192052ec493dcbb192a71ce914c178
x86_64
rubygem-json-2.6.1-143.module_el8.10.0+3854+02eaa59a.x86_64.rpm
b8ac32cac139d431d02857779b80f2b13e9f894a01f91dd23a3de5a157e0d252
x86_64
ruby-libs-3.1.5-143.module_el8.10.0+3854+02eaa59a.x86_64.rpm
d4547ac735a523688a43cb0dcb5b2ef601358d60a77d5a79c07e60563d20e063
x86_64
rubygem-rbs-2.7.0-143.module_el8.10.0+3854+02eaa59a.x86_64.rpm
e716d366fffee1159080eb0de25ba3339d2ff3f5435532026a06799fb34aa53c
x86_64
rubygem-mysql2-0.5.3-3.module_el8.9.0+3746+91b8233a.x86_64.rpm
fb225106392ed81612474aa8b87b065f733931e062efef5737a912fa9a953993

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:3546 Moderate: ruby:3.1 security, bug fix, and enhancement update


ALSA-2024:3618 Moderate: kernel update

ID:
ALSA-2024:3618

Title:
ALSA-2024:3618 Moderate: kernel update

Type:
security

Severity:
moderate

Release date:
2024-06-05

Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: Marvin vulnerability side-channel leakage in the RSA decryption
operation (CVE-2023-6240)
* kernel: Information disclosure in vhost/vhost.c:vhost_new_msg()
(CVE-2024-0340)
* kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744)
* kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593)
* kernel: pvrusb2: fix use after free on context disconnection (CVE-2023-52445)
* kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer
that cause loop forever (CVE-2024-26603)
* kernel: use after free in i2c (CVE-2019-25162)
* kernel: i2c: validate user data in compat ioctl (CVE-2021-46934)
* kernel: media: dvbdev: Fix memory leak in dvb_media_device_free()
(CVE-2020-36777)
* kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors
(CVE-2023-52477)
* kernel: mtd: require write permissions for locking and badblock ioctls
(CVE-2021-47055)
* kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump
(CVE-2024-26615)
* kernel: vt: fix memory overlapping when deleting chars in the buffer
(CVE-2022-48627)
* kernel: Integer Overflow in raid5_cache_count (CVE-2024-23307)
* kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu()
(CVE-2023-52565)
* kernel: net: bridge: data races indata-races in br_handle_frame_finish()
(CVE-2023-52578)
* kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
(CVE-2023-52528)
* kernel: platform/x86: think-lmi: Fix reference leak (CVE-2023-52520)
* kernel: RDMA/siw: Fix connection failure handling (CVE-2023-52513)
* kernel: pid: take a reference when initializing `cad_pid` (CVE-2021-47118)
* kernel: net/sched: act_ct: fix skb leak and crash on ooo frags
(CVE-2023-52610)
* kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set
with timeout (CVE-2024-26643)
* kernel: netfilter: nf_tables: disallow anonymous set with timeout flag
(CVE-2024-26642)
* kernel: i2c: i801: Don't generate an interrupt on bus reset
(CVE-2021-47153)
* kernel: xhci: handle isoc Babble and Buffer Overrun events properly
(CVE-2024-26659)
* kernel: hwmon: (coretemp) Fix out-of-bounds memory access (CVE-2024-26664)
* kernel: wifi: mac80211: fix race condition on enabling fast-xmit
(CVE-2024-26779)
* kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter
(CVE-2024-26744)
* kernel: RDMA/qedr: Fix qedr_create_user_qp error flow (CVE-2024-26743)
* kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
(CVE-2021-47185)
* kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
(CVE-2024-26901)
* kernel: RDMA/srpt: Do not register event handler until srpt device is fully
setup (CVE-2024-26872)
* kernel: usb: ulpi: Fix debugfs directory leak (CVE-2024-26919)
* kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma (CVE-2024-26964)
* kernel: USB: core: Fix deadlock in usb_deauthorize_interface()
(CVE-2024-26934)
* kernel: USB: core: Fix deadlock in port "disable" sysfs attribute
(CVE-2024-26933)
* kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection()
(CVE-2024-26993)
* kernel: fat: fix uninitialized field in nostale filehandles (CVE-2024-26973)
* kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
(CVE-2024-27059)
* kernel: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send (CVE-2021-47013)
* kernel: net: usb: fix memory leak in smsc75xx_bind (CVE-2021-47171)
* kernel: powerpc/pseries: Fix potential memleak in papr_get_attr() (CVE-2022-48669)
* kernel: uio: Fix use-after-free in uio_open (CVE-2023-52439)
* kernel: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (CVE-2023-52594)
* kernel: wifi: rt2x00: restart beacon queue when hardware reset (CVE-2023-52595)

References:
CVE-2019-25162
CVE-2020-36777
CVE-2021-46934
CVE-2021-47013
CVE-2021-47055
CVE-2021-47118
CVE-2021-47153
CVE-2021-47171
CVE-2021-47185
CVE-2022-48627
CVE-2022-48669
CVE-2023-52439
CVE-2023-52445
CVE-2023-52477
CVE-2023-52513
CVE-2023-52520
CVE-2023-52528
CVE-2023-52565
CVE-2023-52578
CVE-2023-52594
CVE-2023-52595
CVE-2023-52598
CVE-2023-52606
CVE-2023-52607
CVE-2023-52610
CVE-2023-6240
CVE-2024-0340
CVE-2024-23307
CVE-2024-25744
CVE-2024-26593
CVE-2024-26603
CVE-2024-26610
CVE-2024-26615
CVE-2024-26642
CVE-2024-26643
CVE-2024-26659
CVE-2024-26664
CVE-2024-26693
CVE-2024-26694
CVE-2024-26743
CVE-2024-26744
CVE-2024-26779
CVE-2024-26872
CVE-2024-26892
CVE-2024-26897
CVE-2024-26901
CVE-2024-26919
CVE-2024-26933
CVE-2024-26934
CVE-2024-26964
CVE-2024-26973
CVE-2024-26993
CVE-2024-27014
CVE-2024-27048
CVE-2024-27052
CVE-2024-27056
CVE-2024-27059
RHSA-2024:3618
ALSA-2024:3618

Updated packages listed below:
Architecture
Package
Checksum
aarch64
kernel-debug-modules-extra-4.18.0-553.5.1.el8_10.aarch64.rpm
111bd77d8cd5b4ea3e4b3a3ef4e071196beb981bf505bf784a629a5f5920ade9
aarch64
kernel-tools-libs-devel-4.18.0-553.5.1.el8_10.aarch64.rpm
179d7560560ab029117f8167d782f6b63af1876bbaeea1fc8a78e70a9def2e89
aarch64
kernel-debug-core-4.18.0-553.5.1.el8_10.aarch64.rpm
38d22b0ae4f7c36315112c6577d6100a51cb07a3ea676c789dbe4bc0d0ba0701
aarch64
kernel-4.18.0-553.5.1.el8_10.aarch64.rpm
40abccfdbbda18e2cc2afc7b59400cc1fc9c0b7907eba4ff7ed8831b2dba5ace
aarch64
kernel-devel-4.18.0-553.5.1.el8_10.aarch64.rpm
48b41db25c8c7df6e3502d131f21b27d143157fbbf77498bc7e05fc51d8122f2
aarch64
python3-perf-4.18.0-553.5.1.el8_10.aarch64.rpm
67e2e80dcc59c74e3dd6eb1cb33627d355f10cb13492ed7d6cde79e563eb891d
aarch64
kernel-tools-libs-4.18.0-553.5.1.el8_10.aarch64.rpm
71da85752eaae5c37426ab7efe868d728988268fa8b9f73c9017b3c81047ef55
aarch64
kernel-core-4.18.0-553.5.1.el8_10.aarch64.rpm
802218c1b510027a2387c5915ee7d68b0a9677611b581574e10958ab063d83a5
aarch64
kernel-cross-headers-4.18.0-553.5.1.el8_10.aarch64.rpm
82533f3406299654f844568b0625cc9555f56d9bb87b6f1c2c1bdddc996b7ab2
aarch64
kernel-headers-4.18.0-553.5.1.el8_10.aarch64.rpm
90345d4ae0efc0d39ef3dba9b85e2c67101f2e81d05275ca4850ccca9bc2a51b
aarch64
kernel-modules-4.18.0-553.5.1.el8_10.aarch64.rpm
b9ef19584992ab4716e7a4fb510c4a7fafa0c0f43b6d8b4f09bf687089358082
aarch64
kernel-tools-4.18.0-553.5.1.el8_10.aarch64.rpm
bb9fec9999150113520bc41b83da29e8fe54524897147e0a31f81bb3f6e3dab7
aarch64
perf-4.18.0-553.5.1.el8_10.aarch64.rpm
c57c280d2f145afab1f6e30b8d3a9bb757f7377164f9ced802387816a99898fd
aarch64
kernel-debug-4.18.0-553.5.1.el8_10.aarch64.rpm
cb58f7f63c9404615ff0a867bda4b8e6924d15a7ec93ea314da6d84780e63430
aarch64
kernel-debug-modules-4.18.0-553.5.1.el8_10.aarch64.rpm
e04a8eefaac3e861dd85a723b853e462a6dc7a4b658726b9ff44022a4a25a551
aarch64
kernel-modules-extra-4.18.0-553.5.1.el8_10.aarch64.rpm
e324e05ef46d6c100a7d3bf90cea6df6bcccf1fb1d40ffba4a084408540c0515
aarch64
bpftool-4.18.0-553.5.1.el8_10.aarch64.rpm
ec186e8b8f82eea8acf917e3747bc3e061556c5698336375c6a9f282c7f06802
aarch64
kernel-debug-devel-4.18.0-553.5.1.el8_10.aarch64.rpm
fccab223df4ace564091c5a31fad9dca37c4d394a98c5079ecb07f9526c5f376
noarch
kernel-abi-stablelists-4.18.0-553.5.1.el8_10.noarch.rpm
048820253eaa4f46c8e2e907d2a58b2fccf42c1a03a25aa66ffaeb05fde6812c
noarch
kernel-doc-4.18.0-553.5.1.el8_10.noarch.rpm
7533c94575bf3af2124a0868780d242c0633c86bebbad558b76a9257f732fecd
ppc64le
kernel-cross-headers-4.18.0-553.5.1.el8_10.ppc64le.rpm
110ad2556664f4392d1a69214c1f697b792df79b31a4a2fafd168cbc77acbc0d
ppc64le
kernel-debug-devel-4.18.0-553.5.1.el8_10.ppc64le.rpm
16a39a01392c078cc1211327312097dfb09cdd8e0f56506678c9d9116ad3a2d4
ppc64le
kernel-devel-4.18.0-553.5.1.el8_10.ppc64le.rpm
192ad7a534cd07dd00f1c324f31a32f2291a8db92c341b415a726ac69f740c07
ppc64le
kernel-4.18.0-553.5.1.el8_10.ppc64le.rpm
24c219fce1052d97eee06ff698f2b7b224b1463667b52a27c3bcc81c33eddc3c
ppc64le
kernel-debug-4.18.0-553.5.1.el8_10.ppc64le.rpm
3b61d5464495cf2fafec73f5f277d0046455fcd69ff547226d016db1ec350855
ppc64le
bpftool-4.18.0-553.5.1.el8_10.ppc64le.rpm
471534cde608e95985c9301b61cdd14bfa5ebb4f702cc1d41896933d1b7a9508
ppc64le
kernel-modules-4.18.0-553.5.1.el8_10.ppc64le.rpm
4f35346abc07e556c1aaa7484e219e89b6aeea694a34530070ac19034043c69e
ppc64le
perf-4.18.0-553.5.1.el8_10.ppc64le.rpm
52bfad81c8295ff514893c25fc6a8d5f4d438a2cb7087819a5c23447aadaa59c
ppc64le
kernel-core-4.18.0-553.5.1.el8_10.ppc64le.rpm
5f93cf664414bec52ef91027e60a8c52e5d28dfb99441a777d2e225e389c7dce
ppc64le
kernel-tools-libs-devel-4.18.0-553.5.1.el8_10.ppc64le.rpm
785a08ac67f9a686cee27ee2fb577ddcc0f3f8de4fffed1411f99579f23a7c92
ppc64le
kernel-debug-core-4.18.0-553.5.1.el8_10.ppc64le.rpm
842f1baa4096d16179d6662c512af0d6ea7e9ec4c91d1425b9b8827df9b4e0e8
ppc64le
kernel-debug-modules-4.18.0-553.5.1.el8_10.ppc64le.rpm
84f82e25d7d19e84fd747b4f14070f268d445b10425dfbe12a4e8e2039b8391c
ppc64le
kernel-headers-4.18.0-553.5.1.el8_10.ppc64le.rpm
dbba2923a466f2bb1be033674fda67d794af25a5788b3321d29852b1754e8a3e
ppc64le
kernel-tools-4.18.0-553.5.1.el8_10.ppc64le.rpm
df7109a57c15c717f91007485bac4db037854d516b64c313514bceb4105d37f2
ppc64le
kernel-debug-modules-extra-4.18.0-553.5.1.el8_10.ppc64le.rpm
e20a70b5bb74bcdfecf83145f0533e1ad004d9368402cdab17e3deff5cdecb34
ppc64le
kernel-tools-libs-4.18.0-553.5.1.el8_10.ppc64le.rpm
e42e125426bbfaaf94790b840c508c583e60f88fd18e9ffad9fe479d7d3b8913
ppc64le
python3-perf-4.18.0-553.5.1.el8_10.ppc64le.rpm
ebcd0d8d1015cb02812e776a1a822a4c53bb54bcf1aa5d43afb82f86cc112ac3
ppc64le
kernel-modules-extra-4.18.0-553.5.1.el8_10.ppc64le.rpm
f217590c54c4c9e15221c890c7f52e8d77bd543025c260f5aa00c35998567517
s390x
kernel-tools-4.18.0-553.5.1.el8_10.s390x.rpm
07bbb151ca9497f32850e6e37a4e3fa6060343e2e9538460a2d422cf1c2eec90
s390x
kernel-modules-extra-4.18.0-553.5.1.el8_10.s390x.rpm
197128ae1403904a65cb289fa32a55100bd4ef5129c8eacba98eeaf489d80631
s390x
kernel-zfcpdump-modules-extra-4.18.0-553.5.1.el8_10.s390x.rpm
2d1793754cd617422308db7feb994de69ab3187df56930b251c4fd044befb968
s390x
kernel-zfcpdump-devel-4.18.0-553.5.1.el8_10.s390x.rpm
2e376ef1431ae4d8ddf61893a5d7c9b3b057ca860982a73a5dc7b106b2658065
s390x
kernel-debug-modules-4.18.0-553.5.1.el8_10.s390x.rpm
371750ce7ca0e06f9a56181d4136089a34cab762709f5caa078f98be34620d71
s390x
kernel-headers-4.18.0-553.5.1.el8_10.s390x.rpm
6744fdce5cc4b6d08c983d9bfde949d8c11aa75e56c74929f6d4529b6a943313
s390x
kernel-cross-headers-4.18.0-553.5.1.el8_10.s390x.rpm
6bb301423083a0c082585040b438a673ecc2953e16067b9707a077dc31ed94e2
s390x
kernel-4.18.0-553.5.1.el8_10.s390x.rpm
6e3fc8c5d003821529cbf07d7fce89b3bed56ce99c10a3da26628e607caaa4c6
s390x
kernel-debug-modules-extra-4.18.0-553.5.1.el8_10.s390x.rpm
8b3e3c164ae7ba857aba87eab43f01276a206db71f00933fdd10e3cc38696a4e
s390x
kernel-modules-4.18.0-553.5.1.el8_10.s390x.rpm
9474a8413972daccf00b54c7b5907ff460a90fe2d902e77dd50810c8c490346a
s390x
kernel-devel-4.18.0-553.5.1.el8_10.s390x.rpm
c35a2fc13c41287e8d777ce779dd25746dee153a90c433f2d07904844df3521d
s390x
kernel-debug-core-4.18.0-553.5.1.el8_10.s390x.rpm
cb3ef459639d285b61ad021aadd126f2a45a3951768b8358ee87e87726d9e97b
s390x
perf-4.18.0-553.5.1.el8_10.s390x.rpm
ccc82dbb11b0665b3e548c793cb0330ae469d15a72656998e1ca6caeb5273c89
s390x
kernel-zfcpdump-modules-4.18.0-553.5.1.el8_10.s390x.rpm
de4c7d61e67b0be798dd9808421017b77befe15b5fc656d04c32f9062049a43a
s390x
kernel-debug-4.18.0-553.5.1.el8_10.s390x.rpm
f02ae0a1b3f542bdc3d9d0c2b86797e750c9d1b55a00f5d90d929f0cf0128970
s390x
kernel-debug-devel-4.18.0-553.5.1.el8_10.s390x.rpm
f4b900af451c154fddcb87e1a2b22be39240f66248b3f1d7b121857a128ae7f0
s390x
bpftool-4.18.0-553.5.1.el8_10.s390x.rpm
f603d508fc6dc745170be90594930a0fe86989bd52196b7d3b5a596403c25d79
s390x
kernel-zfcpdump-core-4.18.0-553.5.1.el8_10.s390x.rpm
f6208cc880a566715d7a5a415263f3b79c1c9a5631a7ed04b5256ddae2665681
s390x
kernel-core-4.18.0-553.5.1.el8_10.s390x.rpm
f69e3fcecf0e07a6430a8537091f584dcb8dc42ccf7a7de7f34a72f6a5e86d17
s390x
python3-perf-4.18.0-553.5.1.el8_10.s390x.rpm
fc16270de6aea6f2ee0aeea69796ab6a3950516b1025a875da961e0923036a52
s390x
kernel-zfcpdump-4.18.0-553.5.1.el8_10.s390x.rpm
fffe4786e391521fec20e39a9efc592cba3c552e6b312bf555d8f85bf51cc489
x86_64
python3-perf-4.18.0-553.5.1.el8_10.x86_64.rpm
0181fd9a8d55a691107293d57aca1c4ec840560474d7dde7d618e39af7151f13
x86_64
bpftool-4.18.0-553.5.1.el8_10.x86_64.rpm
38b857316b9faccbe86f393fb4fbd47b4d4ed2b26b03339668ece9ab34ff8661
x86_64
kernel-devel-4.18.0-553.5.1.el8_10.x86_64.rpm
3b55e34b36f5d1edf4715abade6b9c731188cc9175fac57be998d006f2e4f5db
x86_64
kernel-tools-4.18.0-553.5.1.el8_10.x86_64.rpm
4459fe5e374ef7931b81496158af145ce67ca210e023c8f171f45b00e50961b2
x86_64
kernel-debug-devel-4.18.0-553.5.1.el8_10.x86_64.rpm
47054edf929f51e922940020b631024a06f6c8954bf47f1d5b6134449ed3d1d1
x86_64
kernel-debug-modules-extra-4.18.0-553.5.1.el8_10.x86_64.rpm
4c35d843c18298eee58b6af9b352f1b0dd1fead2d0e34571ddbafa823b836ef0
x86_64
kernel-tools-libs-4.18.0-553.5.1.el8_10.x86_64.rpm
4f4dec9f40e11e951a0cc8d813f1ffd31fd77072962fefe26a7ea0d7ec95c008
x86_64
kernel-modules-4.18.0-553.5.1.el8_10.x86_64.rpm
56335427f9ccb0469f6443a7ae9594a5bee50f48a9f4dc156647972b3d8bdc2b
x86_64
kernel-headers-4.18.0-553.5.1.el8_10.x86_64.rpm
876d93843f9ca400d9d08ebec0734141004132c8494029a1b46809e9a66e5389
x86_64
kernel-cross-headers-4.18.0-553.5.1.el8_10.x86_64.rpm
959f75df8e53390dd6cfcbfffae73277361a07ea54b67f631786d9c8f3bbadc7
x86_64
kernel-debug-4.18.0-553.5.1.el8_10.x86_64.rpm
9f88177f8fb795caf37a4b18ccc435f9849f998f329b8ee81742110f3dfe28ea
x86_64
kernel-modules-extra-4.18.0-553.5.1.el8_10.x86_64.rpm
ac2d4baa1e625d4d3a9a06f9f7dd0a2b5916a2671751abeae7bb940384696242
x86_64
kernel-4.18.0-553.5.1.el8_10.x86_64.rpm
b3dd01c59e54cae6a6fe1075620946e2e9cc364aea9d1e69df1ef8527f87d941
x86_64
perf-4.18.0-553.5.1.el8_10.x86_64.rpm
dc7067cd8b15016060e05cbb83c4475bad93ecfb892cb0ea28aa4c840af22921
x86_64
kernel-debug-core-4.18.0-553.5.1.el8_10.x86_64.rpm
dfb184503d7243b34966ea8a87fc65ac4142dfc05776dc8b9cf4a51cbf8ccce5
x86_64
kernel-core-4.18.0-553.5.1.el8_10.x86_64.rpm
f5253a8e351397f57f7428927bc8eed2eaa02d4d723ac53d4e8e509ac6c649fa
x86_64
kernel-debug-modules-4.18.0-553.5.1.el8_10.x86_64.rpm
f7fa9e1b3bef6e3815a60b7fd217257b6cc2e742951aa5962c27c1dfd48d345a
x86_64
kernel-tools-libs-devel-4.18.0-553.5.1.el8_10.x86_64.rpm
fe0e40ab6edde4150b56cf8b66e2e544c9a8fc38346d01e2ec68323fb038daf3

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:3618 Moderate: kernel update


ALSA-2024:3626 Moderate: libxml2 security update

ID:
ALSA-2024:3626

Title:
ALSA-2024:3626 Moderate: libxml2 security update

Type:
security

Severity:
moderate

Release date:
2024-06-05

Description
The libxml2 library is a development toolbox providing the implementation of
various XML standards.
Security Fix(es):
* libxml2: use-after-free in XMLReader (CVE-2024-25062)
For more details about the security issue(s), including the impact,
a CVSS score, acknowledgments, and other related information, refer
to the CVE page(s) listed in the References section.

References:
CVE-2024-25062
RHSA-2024:3626
ALSA-2024:3626

Updated packages listed below:
Architecture
Package
Checksum
aarch64
python3-libxml2-2.9.7-18.el8_10.1.aarch64.rpm
3763f4b99496331cb1fc3ccff859bbbd100a6e90ade2df05802f17c22c7b6c4a
aarch64
libxml2-2.9.7-18.el8_10.1.aarch64.rpm
ba712ad6be511eb5f37419631d40a6a0d49409209d85b21b052c938a39b2b74a
aarch64
libxml2-devel-2.9.7-18.el8_10.1.aarch64.rpm
e35165248d986e0ea2a308b763ae3ee1fcf6116fae49de2a25e6125594ca6e5a
i686
libxml2-2.9.7-18.el8_10.1.i686.rpm
059fa5912bc42f99bddf55004f739e18ed02df6977f7c33f03f6f504b4f09a5b
i686
libxml2-devel-2.9.7-18.el8_10.1.i686.rpm
cb19097e1b0e341e20f8449a20f71ba69fe6a586b6959469f48e9b31c0cbf83f
ppc64le
python3-libxml2-2.9.7-18.el8_10.1.ppc64le.rpm
3587efff0000d6044258fdfc50f4cd2fdd7f06337ade19d931e9c41f730c5807
ppc64le
libxml2-2.9.7-18.el8_10.1.ppc64le.rpm
6666aaafdd910a1d72f96f34c667ae3ca933a708cbfc6474798472ecb1194a88
ppc64le
libxml2-devel-2.9.7-18.el8_10.1.ppc64le.rpm
96dae69abb6e57e2206fb528fcc688396d17f961acb3ed24d8241325226cdb54
s390x
libxml2-devel-2.9.7-18.el8_10.1.s390x.rpm
33a6a9b5056187d797015053f8330455f2ff0d050300ddc9c747a8f6b5540fbf
s390x
libxml2-2.9.7-18.el8_10.1.s390x.rpm
80fed5615f73cc6b9177961fbd5ea804852216dadc99a4cd189ab0ea6298a212
s390x
python3-libxml2-2.9.7-18.el8_10.1.s390x.rpm
c92a311e608474d58f190a772ce10cf9662765649fb1fe549e3263113e45097e
x86_64
libxml2-2.9.7-18.el8_10.1.x86_64.rpm
2d3816437d81aa3d22589a9c89d056762d8b4b4e0a37b38ecbbc6d5623f31d66
x86_64
python3-libxml2-2.9.7-18.el8_10.1.x86_64.rpm
8055e4dad7446a4f1018703d5cb73d8be0ead75bf48fb98a6d92ecd7d26b1371
x86_64
libxml2-devel-2.9.7-18.el8_10.1.x86_64.rpm
92e3995d3e83a96e41d7ad3270ca241494d3ae48504d72b2dfb8227401953b03

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:3626 Moderate: libxml2 security update


ALSA-2024:3627 Moderate: kernel-rt security and bug fix update

ID:
ALSA-2024:3627

Title:
ALSA-2024:3627 Moderate: kernel-rt security and bug fix update

Type:
security

Severity:
moderate

Release date:
2024-06-05

Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)
* kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340)
* kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744)
* kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593)
* kernel: pvrusb2: fix use after free on context disconnection (CVE-2023-52445)
* kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever (CVE-2024-26603)
* kernel: use after free in i2c (CVE-2019-25162)
* kernel: i2c: validate user data in compat ioctl (CVE-2021-46934)
* kernel: media: dvbdev: Fix memory leak in dvb_media_device_free() (CVE-2020-36777)
* kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors (CVE-2023-52477)
* kernel: mtd: require write permissions for locking and badblock ioctls (CVE-2021-47055)
* kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump (CVE-2024-26615)
* kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)
* kernel: Integer Overflow in raid5_cache_count (CVE-2024-23307)
* kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu() (CVE-2023-52565)
* kernel: net: bridge: data races indata-races in br_handle_frame_finish() (CVE-2023-52578)
* kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (CVE-2023-52528)
* kernel: platform/x86: think-lmi: Fix reference leak (CVE-2023-52520)
* kernel: RDMA/siw: Fix connection failure handling (CVE-2023-52513)
* kernel: pid: take a reference when initializing `cad_pid` (CVE-2021-47118)
* kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610)
* kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (CVE-2024-26643)
* kernel: netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642)
* kernel: i2c: i801: Don't generate an interrupt on bus reset (CVE-2021-47153)
* kernel: xhci: handle isoc Babble and Buffer Overrun events properly (CVE-2024-26659)
* kernel: hwmon: (coretemp) Fix out-of-bounds memory access (CVE-2024-26664)
* kernel: wifi: mac80211: fix race condition on enabling fast-xmit (CVE-2024-26779)
* kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter (CVE-2024-26744)
* kernel: RDMA/qedr: Fix qedr_create_user_qp error flow (CVE-2024-26743)
* kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (CVE-2021-47185)
* kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (CVE-2024-26901)
* kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup (CVE-2024-26872)
* kernel: usb: ulpi: Fix debugfs directory leak (CVE-2024-26919)
* kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma (CVE-2024-26964)
* kernel: USB: core: Fix deadlock in usb_deauthorize_interface() (CVE-2024-26934)
* kernel: USB: core: Fix deadlock in port "disable" sysfs attribute (CVE-2024-26933)
* kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993)
* kernel: fat: fix uninitialized field in nostale filehandles (CVE-2024-26973)
* kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (CVE-2024-27059)
Bug Fix(es):
* kernel-rt: update RT source tree to the latest AlmaLinux-8.10.z kernel (JIRA:AlmaLinux-34640)
* kernel-rt: epoll_wait not reporting catching all events to application (JIRA:AlmaLinux-23022)

References:
CVE-2019-25162
CVE-2020-36777
CVE-2021-46934
CVE-2021-47013
CVE-2021-47055
CVE-2021-47118
CVE-2021-47153
CVE-2021-47171
CVE-2021-47185
CVE-2022-48627
CVE-2023-52439
CVE-2023-52445
CVE-2023-52477
CVE-2023-52513
CVE-2023-52520
CVE-2023-52528
CVE-2023-52565
CVE-2023-52578
CVE-2023-52594
CVE-2023-52595
CVE-2023-52610
CVE-2023-6240
CVE-2024-0340
CVE-2024-23307
CVE-2024-25744
CVE-2024-26593
CVE-2024-26603
CVE-2024-26610
CVE-2024-26615
CVE-2024-26642
CVE-2024-26643
CVE-2024-26659
CVE-2024-26664
CVE-2024-26693
CVE-2024-26694
CVE-2024-26743
CVE-2024-26744
CVE-2024-26779
CVE-2024-26872
CVE-2024-26892
CVE-2024-26897
CVE-2024-26901
CVE-2024-26919
CVE-2024-26933
CVE-2024-26934
CVE-2024-26964
CVE-2024-26973
CVE-2024-26993
CVE-2024-27014
CVE-2024-27048
CVE-2024-27052
CVE-2024-27056
CVE-2024-27059
RHSA-2024:3627
ALSA-2024:3627

Updated packages listed below:
Architecture
Package
Checksum
x86_64
kernel-rt-modules-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
0a201510ab4531859baf5225649d95e26d20857ed4b19c66b3644b761091924b
x86_64
kernel-rt-debug-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
11874e743e5547157977bea6f63f7629ce418bab6ac82db9a1683a0ce9095eaf
x86_64
kernel-rt-core-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
11b9c6bd692ad5af5faba41fae8ccc5145bb018d6b448f0a71de3fbaf693c92b
x86_64
kernel-rt-modules-extra-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
2fd752a54f7601df10a8d5380d50920060fbddd604cc70a417589098b5ffb966
x86_64
kernel-rt-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
3e647e5240d4a2de96dd810c244192a7d7bc6fb0ba6400b33ea15593f8e29eb9
x86_64
kernel-rt-kvm-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
9920be18159ff1e05157bf7df8c411df4c84215952d466830452c8757f7e9753
x86_64
kernel-rt-debug-devel-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
a17b0d453aeb2057c85793c25b083c25eac3f3bda1c9daca66e26562363c156c
x86_64
kernel-rt-debug-core-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
af31f6d8005f935c5e23687f7e1d1e5be06a18753652ee8f0064c67455203a75
x86_64
kernel-rt-devel-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
b6aadd177521f2414be47aea4cb3729bf3caf490295410918712b5207f1ba5c7
x86_64
kernel-rt-debug-modules-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
be8ec3645ce02dfa2cfd5d7b6f3464b0ea8cae24576ff7d787e37e4975b56950
x86_64
kernel-rt-debug-modules-extra-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
c0e9be5a981b4bcfa01329d19741b853a99ecb523b72b837cff60953906e9d85
x86_64
kernel-rt-debug-kvm-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
ec390f44a811a7e97f19d4cf7dfbf3782ce715614df7034867103107bec9a0da

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:3627 Moderate: kernel-rt security and bug fix update


ALSA-2024:3666 Important: tomcat security and bug fix update

ID:
ALSA-2024:3666

Title:
ALSA-2024:3666 Important: tomcat security and bug fix update

Type:
security

Severity:
important

Release date:
2024-06-06

Description
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)
* Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)
Bug Fix(es):
* Rebase tomcat to version 9.0.87 (JIRA:AlmaLinux-35813)
* Amend tomcat package's changelog so that fixed CVEs are mentioned explicitly (JIRA:AlmaLinux-38548)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2024-23672
CVE-2024-24549
RHSA-2024:3666
ALSA-2024:3666

Updated packages listed below:
Architecture
Package
Checksum
noarch
tomcat-webapps-9.0.87-1.el8_10.1.alma.1.noarch.rpm
1ff32773cce5105c83c457b7ba2e261b9740a215a06c302abd11a5468ff3682a
noarch
tomcat-servlet-4.0-api-9.0.87-1.el8_10.1.alma.1.noarch.rpm
3eefdfa6953c7bf0d5b41155cb73d65b2915b357a0b2da2fe42e112610d8080c
noarch
tomcat-lib-9.0.87-1.el8_10.1.alma.1.noarch.rpm
692410447b47e283646811b2c01dc52cb0c6d0e1a3d40f0ddbe21fd1f7008015
noarch
tomcat-docs-webapp-9.0.87-1.el8_10.1.alma.1.noarch.rpm
792e3e2da00c02575cfbf3bfad26a2a138e461b2cedfe2edd3cf3c0de08112ee
noarch
tomcat-jsp-2.3-api-9.0.87-1.el8_10.1.alma.1.noarch.rpm
8c81c47b78ce8e5cb6ce97d8f42e6ac98cdd6c1e03ec6ab0c2189b581ff6f603
noarch
tomcat-el-3.0-api-9.0.87-1.el8_10.1.alma.1.noarch.rpm
8f2784f9a834bcd8d272db6fa117360e616d0d0ad82e7fd2cffc98998b180a74
noarch
tomcat-9.0.87-1.el8_10.1.alma.1.noarch.rpm
91d7afc92b11d177aca6ef6d0b57b49bd406b73ec4fc9a9ef60ac459be56af66
noarch
tomcat-admin-webapps-9.0.87-1.el8_10.1.alma.1.noarch.rpm
a00345e119cee48d48d13971b427ac714538e04deb2f402d8393583e03bd0822

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:3666 Important: tomcat security and bug fix update


ALSA-2024:3667 Moderate: cockpit security update

ID:
ALSA-2024:3667

Title:
ALSA-2024:3667 Moderate: cockpit security update

Type:
security

Severity:
moderate

Release date:
2024-06-06

Description
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more.
Security Fix(es):
* cockpit: command injection when deleting a sosreport with a crafted name (CVE-2024-2947)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2024-2947
RHSA-2024:3667
ALSA-2024:3667

Updated packages listed below:
Architecture
Package
Checksum
aarch64
cockpit-bridge-310.4-1.el8_10.aarch64.rpm
1e4ca98779caab143d57e5d43bd82d99ab3546039ebadf546cc48a7f5ac4545f
aarch64
cockpit-310.4-1.el8_10.aarch64.rpm
d18422e13f6c79a41b2f47c617ca066472b968f8140fcc94de8bbd52875b2d3b
aarch64
cockpit-ws-310.4-1.el8_10.aarch64.rpm
d5ce89e78eef1042f6d446eee4eb2e60123efe452a776a3eb9947f4188375f52
noarch
cockpit-system-310.4-1.el8_10.noarch.rpm
c45516e6904042551edbb1d459d09589ec4d65b739da0aae966bb36d3d061b68
noarch
cockpit-doc-310.4-1.el8_10.noarch.rpm
e1b29397d19e0753a737a719462be7424f3dbdcbeeff7362c6617c03bed0fac2
ppc64le
cockpit-bridge-310.4-1.el8_10.ppc64le.rpm
ae3a271fb479ff89d4032b6ba4807787d645d0329488e64a6b9242de0525e5d8
ppc64le
cockpit-310.4-1.el8_10.ppc64le.rpm
c1afa0d996fe1a8046815f255c2a1f1b1568dac6c02dfc92fdb6647b7128a38f
ppc64le
cockpit-ws-310.4-1.el8_10.ppc64le.rpm
efa8fa0a4d4149ea0c180304aa4a0e8fe1d05c020d98a4ac266b067c632f7d68
s390x
cockpit-ws-310.4-1.el8_10.s390x.rpm
18e178b685e5cf3f4f2cbd4a1cf6688c3aec24811ec6da7da931afc380ecd1e6
s390x
cockpit-bridge-310.4-1.el8_10.s390x.rpm
5f501f408255b9a8a0926d197e18a90d6044ab8a234947aca810f70c63f5cb30
s390x
cockpit-310.4-1.el8_10.s390x.rpm
d51b18241d7a892bfb087d727694ea65174989b569fb913b4f77226ffcff81dd
x86_64
cockpit-bridge-310.4-1.el8_10.x86_64.rpm
289d4fc57534ea3cf2f8ca14dd0af03be6d74b68f805ddfb99e2cb5025731b3c
x86_64
cockpit-ws-310.4-1.el8_10.x86_64.rpm
34dba5806f472bcb527c912d8c85fd18bc6a1abca4c53f5958edcc9957b6d4a0
x86_64
cockpit-310.4-1.el8_10.x86_64.rpm
71b96fb144f979f41ba0c4f1b2b01ea61e412b0a2e0dbe77d577b7a5426be55e

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:3667 Moderate: cockpit security update


ALSA-2024:3668 Moderate: ruby:3.1 security, bug fix, and enhancement update

ID:
ALSA-2024:3668

Title:
ALSA-2024:3668 Moderate: ruby:3.1 security, bug fix, and enhancement update

Type:
security

Severity:
moderate

Release date:
2024-06-06

Description
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
The following packages have been upgraded to a later upstream version: ruby (3.1). (AlmaLinux-35449)
Security Fix(es):
* ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280)
* ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281)
* ruby: Arbitrary memory address read vulnerability with Regex search (CVE-2024-27282)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2024-27280
CVE-2024-27281
CVE-2024-27282
RHSA-2024:3668
ALSA-2024:3668

Updated packages listed below:
Architecture
Package
Checksum
aarch64
rubygem-psych-4.0.4-144.module_el9.4.0+101+d58a8d95.aarch64.rpm
013af7c9d005e99cdb9fb150e64cf6daf313556273406097681519f954bfc8f9
aarch64
rubygem-json-2.6.1-144.module_el9.4.0+101+d58a8d95.aarch64.rpm
2bc2b3a6a541aaf89f77f1dda40bc43209457b02c669594992d83e511d546960
aarch64
rubygem-rbs-2.7.0-144.module_el9.4.0+101+d58a8d95.aarch64.rpm
43ced2d4f9835e751feb7b6be913d809cb6e3213ee4fda3e79e3b1daa5ac5786
aarch64
rubygem-mysql2-0.5.4-1.module_el9.1.0+8+503f6fbd.aarch64.rpm
4c5252460fea72ded437082819e93b994f278167601c79044ace259273f5c4d0
aarch64
rubygem-bigdecimal-3.1.1-144.module_el9.4.0+101+d58a8d95.aarch64.rpm
7a446c135517f887dc828b7e6b5e8cc01463c6d9ae7552b04d106455c7fe3220
aarch64
ruby-3.1.5-144.module_el9.4.0+101+d58a8d95.aarch64.rpm
87455699ac0a6b2cd369386b224b4207a0f646f85befd354720a096da5501cea
aarch64
ruby-libs-3.1.5-144.module_el9.4.0+101+d58a8d95.aarch64.rpm
977187f8f3496256fbb3676b869f69d6e7327b84377bc354f0c2fd85e8c3db93
aarch64
ruby-devel-3.1.5-144.module_el9.4.0+101+d58a8d95.aarch64.rpm
97d4578f55aa57a7f20b71e766c6c16d858db764c59fb070eea86919bcbe7632
aarch64
ruby-bundled-gems-3.1.5-144.module_el9.4.0+101+d58a8d95.aarch64.rpm
b5eefd16f0d56bea3750a27fa6806d3bb52f4e40b4554aacd00024297b3fd5e1
aarch64
rubygem-io-console-0.5.11-144.module_el9.4.0+101+d58a8d95.aarch64.rpm
c0ad22bacf961443362154bf49bba45c7ae204391517b5a581f74e63ebb8eb01
aarch64
rubygem-pg-1.3.5-1.module_el9.1.0+8+503f6fbd.aarch64.rpm
cfaf5e7863a363dca261c396cb4d88268d91e3a71ecb7e28ed36a2fa92cdb037
i686
rubygem-psych-4.0.4-144.module_el9.4.0+101+d58a8d95.i686.rpm
05fe90220c8803b6de24e8aad3d93a751e9eefc8453cb1f2e27e553bc65cbd59
i686
rubygem-bigdecimal-3.1.1-144.module_el9.4.0+101+d58a8d95.i686.rpm
156844ebccc40686b1cfb9933716b6b5b755d83da8f1c10bb05ed5d6a742df9b
i686
rubygem-rbs-2.7.0-144.module_el9.4.0+101+d58a8d95.i686.rpm
1a99567a3dd0a6aa2b8b9c1ae9accce9f9946a647a1774cd6df0342ff0e2e9fb
i686
ruby-3.1.5-144.module_el9.4.0+101+d58a8d95.i686.rpm
30c23245bd29d2efb9054746cb1cad141de40174cda26693f0a78bac120b53b1
i686
ruby-bundled-gems-3.1.5-144.module_el9.4.0+101+d58a8d95.i686.rpm
34b70b1c66d793d5d050bae0bed10c1fcbbd31a80bf40bbd870f25f9d2c83c09
i686
ruby-devel-3.1.5-144.module_el9.4.0+101+d58a8d95.i686.rpm
413ebf1722a83218dfb63cd197d4556c31aa09bf770f3d73c8e5ef1cb6cfc116
i686
rubygem-io-console-0.5.11-144.module_el9.4.0+101+d58a8d95.i686.rpm
8cd47d2d2eae1ae758445193cfac722dff1f849bdcee16dd2b20c231bb2a809d
i686
ruby-libs-3.1.5-144.module_el9.4.0+101+d58a8d95.i686.rpm
b56e1621ddc5f7072ca54d9c293aa77fbd56d9500e44f8da972e40b77a5ea683
i686
rubygem-json-2.6.1-144.module_el9.4.0+101+d58a8d95.i686.rpm
e9adfa60c6027b8f0354a09892c91f9e95bee3b86ba1eaa9da3babe7e29920c9
noarch
rubygem-test-unit-3.5.3-144.module_el9.4.0+101+d58a8d95.noarch.rpm
1d60045ef82a5bbeecbc2287592b1591b55700fae7fd399d58baeef25a1f0e50
noarch
rubygem-typeprof-0.21.3-144.module_el9.4.0+101+d58a8d95.noarch.rpm
24cb1a7c1e4aeda56fa4fcdf89d1ff6b077ff837e0e687e9ae7cd7480aefd145
noarch
rubygem-rake-13.0.6-144.module_el9.4.0+101+d58a8d95.noarch.rpm
30d7cb20ddee1557f047d9b4b1d9b26b4087c95a76053d5bd4ab5a143c73fed8
noarch
ruby-default-gems-3.1.5-144.module_el9.4.0+101+d58a8d95.noarch.rpm
393efcc1c737ca8aafadf7e5e3efd4ad73d2781b7659373f27fabf02d3e28fdc
noarch
rubygem-mysql2-doc-0.5.4-1.module_el9.1.0+8+503f6fbd.noarch.rpm
47f8869c8adfe2b7eee506473440af3abe2bb171cf60cda4d0dec05db0bc3fb8
noarch
rubygem-bundler-2.3.27-144.module_el9.4.0+101+d58a8d95.noarch.rpm
74e82c75f35c48e200bdd0f13040c5d8cae6d4ab74ed7769e59622008baed436
noarch
rubygem-minitest-5.15.0-144.module_el9.4.0+101+d58a8d95.noarch.rpm
7641fcb6f89c336a71ea20debc329a809f96b29e9dc4563a574ea5cb8a62797f
noarch
rubygem-power_assert-2.0.1-144.module_el9.4.0+101+d58a8d95.noarch.rpm
92d64262b45999e76de317aad96cb770b73720d55e9ebfd275207ddad00c3d86
noarch
rubygem-rdoc-6.4.1.1-144.module_el9.4.0+101+d58a8d95.noarch.rpm
9bd1632b1cb4319201859701f1eaf84666419345c170ef93cd47ab4031829429
noarch
rubygems-3.3.27-144.module_el9.4.0+101+d58a8d95.noarch.rpm
bc697c3ad63d00ee0bad232fea31d960c9b955859ae4dc256d87c278f8d0f0da
noarch
ruby-doc-3.1.5-144.module_el9.4.0+101+d58a8d95.noarch.rpm
bebcbffa554dfed194d3fc1212ba3d01dd89f3a6ecdda3228069f2a3d6ddb640
noarch
rubygem-rss-0.2.9-144.module_el9.4.0+101+d58a8d95.noarch.rpm
c09830da0af358c4dd7f61e57c051158c302433acc0274930fe76e2b6b983c4a
noarch
rubygem-pg-doc-1.3.5-1.module_el9.1.0+8+503f6fbd.noarch.rpm
c24489067c5c62f3bb8edd8f47b01171f766eaeb0e96991878c51e5ae4b1b3e4
noarch
rubygem-rexml-3.2.5-144.module_el9.4.0+101+d58a8d95.noarch.rpm
d395d040309f58998acea87e2743d77e76cf53c44ebdfa3fe0fc26ce092eda60
noarch
rubygem-irb-1.4.1-144.module_el9.4.0+101+d58a8d95.noarch.rpm
d7f12808af01af69e86302277c2e88e8e91350d449160799c77eeb4af8509670
noarch
rubygems-devel-3.3.27-144.module_el9.4.0+101+d58a8d95.noarch.rpm
ee39f8098869a8f763ea082ee44bb91041439215ed3a24be7172710e3bd45917
ppc64le
ruby-libs-3.1.5-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm
1b2c41748217d6e13be2041b32a0de20a2536073e0783c2bcc35bfdf1c2b1eaf
ppc64le
rubygem-pg-1.3.5-1.module_el9.1.0+8+503f6fbd.ppc64le.rpm
25f3baf573cfcc8d5c67210026207ce30c1c8540d8d22869371943456fe63c71
ppc64le
rubygem-rbs-2.7.0-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm
4cf8b332013008ccd1c14a11f2119857dad59b621a420717d0497e367bca4598
ppc64le
rubygem-psych-4.0.4-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm
71209fca74d7ad5b1e375b887a5f919986d02824808aa0aa71064a01b1125aff
ppc64le
rubygem-json-2.6.1-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm
90c61b03cc433619924bf1edd21d0a96a71b05968f6952e5ad73e85aa8539f0d
ppc64le
ruby-devel-3.1.5-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm
acfdfa85a3a75e0abe7dd5411217f02fc2962bb8e8321ee1be616fd7b6969219
ppc64le
ruby-bundled-gems-3.1.5-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm
b49720e645545d3bb0e628fbbe9f972aa573fcf9b2dd8c589245a6cf5f70441e
ppc64le
rubygem-bigdecimal-3.1.1-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm
bceb971ba5c822896c070609c1dcd0780c82769a898af6871f8262a82682b52e
ppc64le
rubygem-io-console-0.5.11-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm
bd08832d442806e7b4d75d2c6f8563dd4a48eeaea0dee9fe951613ab376a0e98
ppc64le
ruby-3.1.5-144.module_el9.4.0+101+d58a8d95.ppc64le.rpm
dfa9ae9b4d29fc355bb434a4aa0169ebca4438293dbf3da116e4ee4bfac7202e
ppc64le
rubygem-mysql2-0.5.4-1.module_el9.1.0+8+503f6fbd.ppc64le.rpm
f140b9b82287b70b3ad62004723b762d170c43947bf0d3c8f86f789404744497
s390x
rubygem-rbs-2.7.0-144.module_el9.4.0+101+d58a8d95.s390x.rpm
1d1a112fc3b8a27fbfc1d73dce926b687e2c7998fbf68b8f881a483d0d824847
s390x
rubygem-psych-4.0.4-144.module_el9.4.0+101+d58a8d95.s390x.rpm
22a821d1c12c5ad1ff12c6cda4a7a94407fb084f58b768f80f434cb97baad40e
s390x
rubygem-mysql2-0.5.4-1.module_el9.1.0+8+503f6fbd.s390x.rpm
49b1f8d15c4626c94dbdf369d69aa871b2e1b4909ae4718089f41d7de50396ee
s390x
rubygem-io-console-0.5.11-144.module_el9.4.0+101+d58a8d95.s390x.rpm
5a7fe7c4cf6774ae29562ab21f65d5888a38fd6e0356488982b82619b29095f5
s390x
ruby-bundled-gems-3.1.5-144.module_el9.4.0+101+d58a8d95.s390x.rpm
78f31ee25053c1754e7d9af6d5d78dada2e6543542d02ce71988d9a1868ac1a6
s390x
rubygem-bigdecimal-3.1.1-144.module_el9.4.0+101+d58a8d95.s390x.rpm
7d665dff78a913ffd0872a4258d892d7ac21bd24a5af53a4c88bdb50c397d9dc
s390x
rubygem-pg-1.3.5-1.module_el9.1.0+8+503f6fbd.s390x.rpm
81af584c5f98cbff30e7733f802c0711cdfb921b4fc268dc21e6e002f4c9a292
s390x
ruby-3.1.5-144.module_el9.4.0+101+d58a8d95.s390x.rpm
a461424388708e06d84966f9622e3556f44b6ba9cd310beae2a6b89be341b5ab
s390x
ruby-devel-3.1.5-144.module_el9.4.0+101+d58a8d95.s390x.rpm
cf88b45dd320b39708857de29827fc2b0d2ec7fdd46867eceecbc4278221302d
s390x
rubygem-json-2.6.1-144.module_el9.4.0+101+d58a8d95.s390x.rpm
d1bbc50c4d944f76cbee80c3acef48a6f14b2bfd955b40d66fe8eb5849e2560b
s390x
ruby-libs-3.1.5-144.module_el9.4.0+101+d58a8d95.s390x.rpm
dccf903729d176701eef0f2752264af70372f0b2693911249731aebaa60a853d
x86_64
rubygem-psych-4.0.4-144.module_el9.4.0+101+d58a8d95.x86_64.rpm
49057e8b8f904d42c7683aaf6739306d2b618a3bdd4572b9b9b977f0b4e24865
x86_64
rubygem-rbs-2.7.0-144.module_el9.4.0+101+d58a8d95.x86_64.rpm
573f44bf9e116e4f6a3c81a49a842bd2f6c36aa18831d01104b556ab1df1211f
x86_64
ruby-3.1.5-144.module_el9.4.0+101+d58a8d95.x86_64.rpm
a3b9ad4f673b6a8619b175c4a3a1fab84df864add3bdaa366e9f1e70174615ed
x86_64
rubygem-io-console-0.5.11-144.module_el9.4.0+101+d58a8d95.x86_64.rpm
aecadd6b4b60d12ee243eba8614377e97d1de8de70b8237982aa401485bd8e9a
x86_64
ruby-devel-3.1.5-144.module_el9.4.0+101+d58a8d95.x86_64.rpm
c03e3db160d65468d907facb6192eac72b2d593bc74498fddbd48e9bdb3aac9d
x86_64
ruby-libs-3.1.5-144.module_el9.4.0+101+d58a8d95.x86_64.rpm
cd51731befdb50cacba3c22e2b2c4b917bdad5bd9d04fa1800465a64e67e1097
x86_64
rubygem-bigdecimal-3.1.1-144.module_el9.4.0+101+d58a8d95.x86_64.rpm
d4cd4d83f7fd2e720cb2b2ebd5dcf969db2caf23162464fcb2643a7e69ba3266
x86_64
rubygem-mysql2-0.5.4-1.module_el9.1.0+8+503f6fbd.x86_64.rpm
dab19da2b0c280cf81790d96e39c50f37e61ff0e70a7b591600f76f8cc8d96df
x86_64
rubygem-json-2.6.1-144.module_el9.4.0+101+d58a8d95.x86_64.rpm
e1615d435b80d402ba4677139656cb3b39452dcec2193a983b11a5ffe461fbf0
x86_64
ruby-bundled-gems-3.1.5-144.module_el9.4.0+101+d58a8d95.x86_64.rpm
ea2a2a53ffc6ef000d91416a9ff7f4dd581bab734f67d562f65b3f0b5e57e7df
x86_64
rubygem-pg-1.3.5-1.module_el9.1.0+8+503f6fbd.x86_64.rpm
f19ded1c673d7431f2562b768ca31c5d92eba38bb0ec8fe3aaf608b1e63e36d0

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2024:3668 Moderate: ruby:3.1 security, bug fix, and enhancement update