AlmaLinux OS Errata System 0.0.1 5.10 2022-04-13T14:28:12 AlmaLinux 8 The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Users of cloud-init are advised to upgrade to these updated packages. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-0816 CVE-2019-0816 cloud-init: extra ssh keys added to authorized_keys on the Azure platform cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8325 CVE-2019-8320 rubygems: Delete directory using symlink when decompressing tar CVE-2019-8321 rubygems: Escape sequence injection vulnerability in verbose CVE-2019-8322 rubygems: Escape sequence injection vulnerability in gem owner CVE-2019-8323 rubygems: Escape sequence injection vulnerability in API response handling CVE-2019-8325 rubygems: Escape sequence injection vulnerability in errors cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-6616 CVE-2018-6616 openjpeg2: Excessive iteration in openjp2/t1.c:opj_t1_encode_cblks can allow for denial of service via crafted BMP file cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-12086 CVE-2019-12814 CVE-2019-12086 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. CVE-2019-12814 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-18224 CVE-2019-18224 libidn2: heap-based buffer overflow in idn2_to_ascii_4i in lib/lookup.c cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15719 CVE-2020-15719 openldap: Certificate validation incorrectly matches name against CN-ID cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Bug Fix(es): * IPA upgrade fails for latest ipa package when adtrust is installed (BZ#1773516) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10195 CVE-2019-14867 CVE-2019-10195 ipa: Batch API logging user passwords to /var/log/httpd/error_log CVE-2019-14867 ipa: Denial of service in IPA server due to wrong use of ber_scanf() cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. Bug Fix(es) and Enhancement(s): * net-snmpd double free or corruption error (BZ#1802055) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20892 CVE-2019-20892 net-snmp: double free in usm_free_usmStateReference function in snmplib/snmpusm.c via an SNMPv3 GetBulk request cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-3695 CVE-2019-3696 CVE-2019-3695 pcp: Local privilege escalation in pcp spec file %post section CVE-2019-3696 pcp: Local privilege escalation in pcp spec file through migrate_tempdirs cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The microcode_ctl packages provide microcode updates for Intel and AMD processors. Bug Fix(es) and Enhancement(s): * [rhel-8.3.0.z] [HPEMC 8.3.z REGRESSION] Regression in intel microcode as of 20201110 (BZ#1907898) Moderate Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-8696 CVE-2020-8696 hw: Vector Register Leakage-Active cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The opencryptoki packages contain version 2.11 of the PKCS#11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor (with the PKCS#11 firmware loaded), the IBM eServer Cryptographic Accelerator (FC 4960 on IBM eServer System p), the IBM Crypto Express2 (FC 0863 or FC 0870 on IBM System z), and the IBM CP Assist for Cryptographic Function (FC 3863 on IBM System z). The opencryptoki packages also bring a software token implementation that can be used without any cryptographic hardware. These packages contain the Slot Daemon (pkcsslotd) and general utilities. Bug Fix(es) and Enhancement(s): * RHEL8.5 - openCryptoki: Soft token does not check if an EC key is valid (BZ#1979173) Moderate Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-3798 CVE-2021-3798 openCryptoki: Soft token does not check if an EC key is valid cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The microcode_ctl packages provide microcode updates for Intel x86 processors. With this update, the Intel microcode version has been updated to microcode-20191112. Users of microcode_ctl are advised to upgrade to these updated packages, which add this enhancement. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-0117 CVE-2019-0117 hw: Intel SGX information leak cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 This update adds the following enhancement: * Update WebKitGTK to 2.24.4 (BZ#1755824). Users of webkit2gtk3 are advised to upgrade to this updated package, which adds this enhancement. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8669 CVE-2019-8674 CVE-2019-8678 CVE-2019-8680 CVE-2019-8683 CVE-2019-8684 CVE-2019-8688 CVE-2019-8707 CVE-2019-8719 CVE-2019-8733 CVE-2019-8763 CVE-2019-8765 CVE-2019-8821 CVE-2019-8822 CVE-2019-8765 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8821 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8822 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8674 webkitgtk: Incorrect state management leading to universal cross-site scripting CVE-2019-8707 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8719 webkitgtk: Incorrect state management leading to universal cross-site scripting CVE-2019-8733 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8763 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8644 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8649 webkitgtk: Incorrect state management leading to universal cross-site scripting CVE-2019-8658 webkitgtk: Incorrect state management leading to universal cross-site scripting CVE-2019-8669 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8678 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8680 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8683 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8684 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8688 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The following packages have been upgraded to a later upstream version: nodejs (12.14.1). (BZ#1791067) Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-16775 CVE-2019-16776 CVE-2019-16777 CVE-2019-16777 npm: Global node_modules Binary Overwrite CVE-2019-16775 npm: Symlink reference outside of node_modules folder through the bin field upon installation CVE-2019-16776 npm: Arbitrary file write via constructed entry in the package.json bin field cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10164 CVE-2019-10164 postgresql: Stack-based buffer overflow via setting a password cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14019 CVE-2020-14019 python-rtslib: weak permissions for /etc/target/saveconfig.json cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section. Moderate Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2017-14502 CVE-2017-14502 libarchive: Off-by-one error in the read_header function cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section. Moderate Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20391 CVE-2019-20392 CVE-2019-20393 CVE-2019-20394 CVE-2019-20395 CVE-2019-20396 CVE-2019-20397 CVE-2019-20398 CVE-2019-20392 libyang: invalid memory access when if-feature statement is used inside a list key node CVE-2019-20395 libyang: stack-overflow when parsing yang files with self-referential union types CVE-2019-20397 libyang: double-free in yyparse() when organization field is not terminated CVE-2019-20396 libyang: heap-based buffer over-read in function lys_type_free() due to malformed pattern CVE-2019-20393 libyang: double-free in function yyparse() when empty description is used CVE-2019-20394 libyang: double-free in yyparse() when a type statement is used in a notification statement CVE-2019-20391 libyang: invalid memory access in resolve_feature_value() when a if-feature is used inside a bit CVE-2019-20398 libyang: NULL pointer dereference in function lys_extension_instances_free() cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.6.1 ESR. (BZ#1690308) Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 (CVE-2019-9788) * Mozilla: Use-after-free when removing in-use DOM elements (CVE-2019-9790) * Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey (CVE-2019-9791) * Mozilla: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script (CVE-2019-9792) * Mozilla: IonMonkey MArraySlice has incorrect alias information (CVE-2019-9810) * Mozilla: Ionmonkey type confusion with __proto__ mutations (CVE-2019-9813) * Mozilla: Improper bounds checks when Spectre mitigations are disabled (CVE-2019-9793) * Mozilla: Type-confusion in IonMonkey JIT compiler (CVE-2019-9795) * Mozilla: Use-after-free with SMIL animation controller (CVE-2019-9796) * Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied (CVE-2018-18506) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-18506 CVE-2019-9788 CVE-2019-9790 CVE-2019-9791 CVE-2019-9792 CVE-2019-9793 CVE-2019-9795 CVE-2019-9796 CVE-2019-9810 CVE-2019-9813 CVE-2018-18506 Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied CVE-2019-9788 Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 CVE-2019-9790 Mozilla: Use-after-free when removing in-use DOM elements CVE-2019-9791 Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey CVE-2019-9792 Mozilla: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script CVE-2019-9793 Mozilla: Improper bounds checks when Spectre mitigations are disabled CVE-2019-9795 Mozilla: Type-confusion in IonMonkey JIT compiler CVE-2019-9796 Mozilla: Use-after-free with SMIL animation controller CVE-2019-9810 Mozilla: IonMonkey MArraySlice has incorrect alias information CVE-2019-9813 Mozilla: Ionmonkey type confusion with __proto__ mutations cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * edk2: Buffer Overflow in BlockIo service for RAM disk (CVE-2018-12180) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-12180 CVE-2018-12180 edk2: Buffer Overflow in BlockIo service for RAM disk cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix(es): * ghostscript: superexec operator is available (700585) (CVE-2019-3835) * ghostscript: forceput in DefineResource is still accessible (700576) (CVE-2019-3838) * ghostscript: missing attack vector protections for CVE-2019-6116 (CVE-2019-3839) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-3835 CVE-2019-3838 CVE-2019-3839 CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 CVE-2019-3838 ghostscript: forceput in DefineResource is still accessible (700576) CVE-2019-3835 ghostscript: superexec operator is available (700585) cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Openwsman is a project intended to provide an open source implementation of the Web Services Management specification (WS-Management) and to expose system management information on the Linux operating system using the WS-Management protocol. WS-Management is based on a suite of web services specifications and usage requirements that cover all system management aspects. Security Fix(es): * openwsman: Disclosure of arbitrary files outside of the registered URIs (CVE-2019-3816) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-3816 CVE-2019-3816 openwsman: Disclosure of arbitrary files outside of the registered URIs cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * A flaw was found in the way runc handled system file descriptors when running containers. A malicious container could use this flaw to overwrite contents of the runc binary and consequently run arbitrary commands on the container host system. (CVE-2019-5736) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [stream rhel8] rebase container-selinux to 2.94 (BZ#1693675) * [stream rhel8] unable to mount disk at `/var/lib/containers` via `systemd` unit when `container-selinux` policy installed (BZ#1695669) * [stream rhel8] don't allow a container to connect to random services (BZ#1695689) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-5736 CVE-2019-5736 runc: Execution of malicious containers allows for container escape and access to host filesystem cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: privilege escalation from modules scripts (CVE-2019-0211) * httpd: mod_ssl: access control bypass when using per-location client certification authentication (CVE-2019-0215) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-0211 CVE-2019-0215 CVE-2019-0211 httpd: privilege escalation from modules scripts CVE-2019-0215 httpd: mod_ssl: access control bypass when using per-location client certification authentication cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. SQLAlchemy is an Object Relational Mapper (ORM) that provides a flexible, high-level interface to SQL databases. Security Fix(es): * python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636) * python-sqlalchemy: SQL Injection when the order_by parameter can be controlled (CVE-2019-7164) * python-sqlalchemy: SQL Injection when the group_by parameter can be controlled (CVE-2019-7548) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-7164 CVE-2019-7548 CVE-2019-9636 CVE-2019-7548 python-sqlalchemy: SQL Injection when the group_by parameter can be controlled CVE-2019-7164 python-sqlalchemy: SQL Injection when the order_by parameter can be controlled CVE-2019-9636 python: Information Disclosure due to urlsplit improper NFKC normalization cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fix(es): * wget: do_conversion() heap-based buffer overflow vulnerability (CVE-2019-5953) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-5953 CVE-2019-5953 wget: do_conversion() heap-based buffer overflow vulnerability cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. SQLAlchemy is an Object Relational Mapper (ORM) that provides a flexible, high-level interface to SQL databases. Security Fix(es): * python-sqlalchemy: SQL Injection when the order_by parameter can be controlled (CVE-2019-7164) * python-sqlalchemy: SQL Injection when the group_by parameter can be controlled (CVE-2019-7548) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-7164 CVE-2019-7548 CVE-2019-7548 python-sqlalchemy: SQL Injection when the group_by parameter can be controlled CVE-2019-7164 python-sqlalchemy: SQL Injection when the order_by parameter can be controlled cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The mod_auth_mellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants access based on the attributes received in assertions generated by an IdP server. Security Fix(es): * mod_auth_mellon: authentication bypass in ECP flow (CVE-2019-3878) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-3878 CVE-2019-3878 mod_auth_mellon: authentication bypass in ECP flow cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [PATCH] bus-socket: Fix line_begins() to accept word matching full (BZ#1693578) Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-6454 CVE-2019-6454 systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. This package provides the "python3" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3-libs package, which should be installed automatically along with python3. The remaining parts of the Python standard library are broken out into the python3-tkinter and python3-test packages. Security Fix(es): * python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-9636 CVE-2019-9636 python: Information Disclosure due to urlsplit improper NFKC normalization cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network. Security Fix(es): * freeradius: eap-pwd: authentication bypass via an invalid curve attack (CVE-2019-11235) * freeradius: eap-pwd: fake authentication using reflection (CVE-2019-11234) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11234 CVE-2019-11235 CVE-2019-11235 freeradius: eap-pwd: authentication bypass via an invalid curve attack CVE-2019-11234 freeradius: eap-pwd: fake authentication using reflection cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: Sandbox bypass via IOCSTI (incomplete fix for CVE-2017-5226) (CVE-2019-10063) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10063 CVE-2019-10063 flatpak: Sandbox bypass via IOCSTI (incomplete fix for CVE-2017-5226) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.6.1. (BZ#1692449) Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 (CVE-2019-9788) * Mozilla: Use-after-free when removing in-use DOM elements (CVE-2019-9790) * Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey (CVE-2019-9791) * Mozilla: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script (CVE-2019-9792) * Mozilla: IonMonkey MArraySlice has incorrect alias information (CVE-2019-9810) * Mozilla: Ionmonkey type confusion with __proto__ mutations (CVE-2019-9813) * Mozilla: Improper bounds checks when Spectre mitigations are disabled (CVE-2019-9793) * Mozilla: Type-confusion in IonMonkey JIT compiler (CVE-2019-9795) * Mozilla: Use-after-free with SMIL animation controller (CVE-2019-9796) * Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied (CVE-2018-18506) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-18356 CVE-2018-18506 CVE-2018-18509 CVE-2019-5785 CVE-2019-9788 CVE-2019-9790 CVE-2019-9791 CVE-2019-9792 CVE-2019-9793 CVE-2019-9795 CVE-2019-9796 CVE-2019-9810 CVE-2019-9813 CVE-2018-18356 chromium-browser, mozilla: Use after free in Skia CVE-2019-5785 mozilla: Integer overflow in Skia CVE-2018-18509 thunderbird: flaw in verification of S/MIME signature resulting in signature spoofing CVE-2018-18506 Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied CVE-2019-9788 Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 CVE-2019-9790 Mozilla: Use-after-free when removing in-use DOM elements CVE-2019-9791 Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey CVE-2019-9792 Mozilla: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script CVE-2019-9793 Mozilla: Improper bounds checks when Spectre mitigations are disabled CVE-2019-9795 Mozilla: Type-confusion in IonMonkey JIT compiler CVE-2019-9796 Mozilla: Use-after-free with SMIL animation controller CVE-2019-9810 Mozilla: IonMonkey MArraySlice has incorrect alias information CVE-2019-9813 Mozilla: Ionmonkey type confusion with __proto__ mutations cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: Limiting simultaneous TCP clients is ineffective (CVE-2018-5743) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-5743 CVE-2018-5743 bind: Limiting simultaneous TCP clients is ineffective cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) (CVE-2019-2602) * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) (CVE-2019-2684) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-2602 CVE-2019-2684 CVE-2019-2698 CVE-2019-2602 OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) CVE-2019-2698 OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) CVE-2019-2684 OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Security Fix(es): * python-jinja2: str.format_map allows sandbox escape (CVE-2019-10906) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10906 CVE-2019-10906 python-jinja2: str.format_map allows sandbox escape cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer. (CVE-2018-12130) * Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer. (CVE-2018-12126) * Microprocessors use a ‘load port’ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU’s pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel. (CVE-2018-12127) * Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11091) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Need to remove radix-tree symbols from the whitelist (BZ#1696222) * Installation of kernel-modules-extra rpm conflicts with kmod weak-modules (BZ#1703395) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 CVE-2019-9003 CVE-2018-12126 hardware: Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12127 hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS) CVE-2019-9003 kernel: use-after-free and OOPS in drivers/char/ipmi/ipmi_msghandler.c CVE-2019-11091 hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer. (CVE-2018-12130) * Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer. (CVE-2018-12126) * Microprocessors use a ‘load port’ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU’s pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel. (CVE-2018-12127) * Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11091) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 CVE-2018-12126 hardware: Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12127 hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS) CVE-2019-11091 hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) AlmaLinux 8 Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es): * A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer. (CVE-2018-12130) * Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer. (CVE-2018-12126) * Microprocessors use a ‘load port’ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU’s pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel. (CVE-2018-12127) * Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11091) * QEMU: device_tree: heap buffer overflow while loading device tree blob (CVE-2018-20815) * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-20815 CVE-2019-11091 CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3863 CVE-2018-12126 hardware: Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12127 hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS) CVE-2019-3855 libssh2: Integer overflow in transport read resulting in out of bounds write CVE-2019-3856 libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write CVE-2019-3857 libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write CVE-2019-3863 libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes CVE-2018-20815 QEMU: device_tree: heap buffer overflow while loading device tree blob CVE-2019-11091 hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP35. Security Fix(es): * IBM JDK: buffer overflow in jio_snprintf() and jio_vsnprintf() (CVE-2018-12547) * IBM JDK: missing null check when accelerating Unsafe calls (CVE-2018-12549) * Oracle JDK: Unspecified vulnerability fixed in 7u221 and 8u211 (2D) (CVE-2019-2697) * OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290) (CVE-2019-2422) * OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) (CVE-2019-2602) * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) (CVE-2019-2684) * IBM JDK: Read beyond the end of bytecode array causing JVM crash (CVE-2019-10245) * libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c (CVE-2018-11212) * Oracle JDK: unspecified vulnerability fixed in 8u201 (Deployment) (CVE-2019-2449) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-11212 CVE-2018-12547 CVE-2018-12549 CVE-2019-10245 CVE-2019-2422 CVE-2019-2449 CVE-2019-2602 CVE-2019-2684 CVE-2019-2697 CVE-2019-2698 CVE-2018-11212 libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c CVE-2019-2422 OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290) CVE-2019-2449 Oracle JDK: unspecified vulnerability fixed in 8u201 (Deployment) CVE-2018-12547 IBM JDK: buffer overflow in jio_snprintf() and jio_vsnprintf() CVE-2018-12549 IBM JDK: missing null check when accelerating Unsafe calls CVE-2019-2602 OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) CVE-2019-2698 OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) CVE-2019-2684 OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) CVE-2019-2697 Oracle JDK: Unspecified vulnerability fixed in 7u221 and 8u211 (2D) CVE-2019-10245 IBM JDK: Read beyond the end of bytecode array causing JVM crash AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. A new version of .NET Core that address security vulnerabilities is now available. The updated version is .NET Core Runtime 2.1.11 and SDK 2.1.507. Security Fix(es): * dotnet: NuGet Tampering Vulnerability (CVE-2019-0757) * dotnet: timeouts for regular expressions are not enforced (CVE-2019-0820) * dotnet: infinite loop in URI.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0980) * dotnet: crash in IPAddress.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0981) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * dotnet: new SocketException((int)SocketError.InvalidArgument).Message is empty (BZ#1712471) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-0757 CVE-2019-0820 CVE-2019-0980 CVE-2019-0981 CVE-2019-0757 dotnet: NuGet Tampering Vulnerability CVE-2019-0980 dotnet: infinite loop in Uri.TryCreate leading to ASP.Net Core Denial of Service CVE-2019-0981 dotnet: crash in IPAddress.TryCreate leading to ASP.Net Core Denial of Service CVE-2019-0820 dotnet: timeouts for regular expressions are not enforced cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es): * libvirt: wrong permissions in systemd admin-sock due to missing SocketMode parameter (CVE-2019-10132) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10132 CVE-2019-10132 libvirt: wrong permissions in systemd admin-sock due to missing SocketMode parameter cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 (CVE-2019-9800) * Mozilla: Cross-origin theft of images with createImageBitmap (CVE-2019-9797) * Mozilla: Type confusion with object groups and UnboxedObjects (CVE-2019-9816) * Mozilla: Stealing of cross-domain images using canvas (CVE-2019-9817) * Mozilla: Compartment mismatch with fetch API (CVE-2019-9819) * Mozilla: Use-after-free of ChromeEventHandler by DocShell (CVE-2019-9820) * Mozilla: Use-after-free in XMLHttpRequest (CVE-2019-11691) * Mozilla: Use-after-free removing listeners in the event listener manager (CVE-2019-11692) * Mozilla: Buffer overflow in WebGL bufferdata on Linux (CVE-2019-11693) * mozilla: Cross-origin theft of images with ImageBitmapRenderingContext (CVE-2018-18511) * chromium-browser: Out of bounds read in Skia (CVE-2019-5798) * Mozilla: Theft of user history data through drag and drop of hyperlinks to and from bookmarks (CVE-2019-11698) * libpng: use-after-free in png_image_free in png.c (CVE-2019-7317) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-18511 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11698 CVE-2019-5798 CVE-2019-7317 CVE-2019-9797 CVE-2019-9800 CVE-2019-9816 CVE-2019-9817 CVE-2019-9819 CVE-2019-9820 CVE-2019-7317 libpng: use-after-free in png_image_free in png.c CVE-2018-18511 mozilla: Cross-origin theft of images with ImageBitmapRenderingContext CVE-2019-5798 chromium-browser: Out of bounds read in Skia CVE-2019-11691 Mozilla: Use-after-free in XMLHttpRequest CVE-2019-11692 Mozilla: Use-after-free removing listeners in the event listener manager CVE-2019-11693 Mozilla: Buffer overflow in WebGL bufferdata on Linux CVE-2019-11698 Mozilla: Theft of user history data through drag and drop of hyperlinks to and from bookmarks CVE-2019-9797 Mozilla: Cross-origin theft of images with createImageBitmap CVE-2019-9800 Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 CVE-2019-9816 Mozilla: Type confusion with object groups and UnboxedObjects CVE-2019-9817 Mozilla: Stealing of cross-domain images using canvas CVE-2019-9819 Mozilla: Compartment mismatch with fetch API CVE-2019-9820 Mozilla: Use-after-free of ChromeEventHandler by DocShell cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Security Fix(es): * pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc (CVE-2018-16877) * pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878) * pacemaker: Information disclosure through use-after-free (CVE-2019-3885) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Interrupted live migration will get full start rather than completed migration (BZ#1695247) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-16877 CVE-2018-16878 CVE-2019-3885 CVE-2018-16877 pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc CVE-2018-16878 pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS CVE-2019-3885 pacemaker: Information disclosure through use-after-free cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::highavailability cpe:/a:almalinux:almalinux:8::resilientstorage AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 (CVE-2019-9800) * Mozilla: Cross-origin theft of images with createImageBitmap (CVE-2019-9797) * Mozilla: Stealing of cross-domain images using canvas (CVE-2019-9817) * Mozilla: Compartment mismatch with fetch API (CVE-2019-9819) * Mozilla: Use-after-free of ChromeEventHandler by DocShell (CVE-2019-9820) * Mozilla: Use-after-free in XMLHttpRequest (CVE-2019-11691) * Mozilla: Use-after-free removing listeners in the event listener manager (CVE-2019-11692) * Mozilla: Buffer overflow in WebGL bufferdata on Linux (CVE-2019-11693) * mozilla: Cross-origin theft of images with ImageBitmapRenderingContext (CVE-2018-18511) * chromium-browser: Out of bounds read in Skia (CVE-2019-5798) * Mozilla: Theft of user history data through drag and drop of hyperlinks to and from bookmarks (CVE-2019-11698) * libpng: use-after-free in png_image_free in png.c (CVE-2019-7317) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-18511 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11698 CVE-2019-5798 CVE-2019-7317 CVE-2019-9797 CVE-2019-9800 CVE-2019-9817 CVE-2019-9819 CVE-2019-9820 CVE-2019-7317 libpng: use-after-free in png_image_free in png.c CVE-2018-18511 mozilla: Cross-origin theft of images with ImageBitmapRenderingContext CVE-2019-5798 chromium-browser: Out of bounds read in Skia CVE-2019-11691 Mozilla: Use-after-free in XMLHttpRequest CVE-2019-11692 Mozilla: Use-after-free removing listeners in the event listener manager CVE-2019-11693 Mozilla: Buffer overflow in WebGL bufferdata on Linux CVE-2019-11698 Mozilla: Theft of user history data through drag and drop of hyperlinks to and from bookmarks CVE-2019-9797 Mozilla: Cross-origin theft of images with createImageBitmap CVE-2019-9800 Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 CVE-2019-9817 Mozilla: Stealing of cross-domain images using canvas CVE-2019-9819 Mozilla: Compartment mismatch with fetch API CVE-2019-9820 Mozilla: Use-after-free of ChromeEventHandler by DocShell cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes. To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service (DoS). (CVE-2019-11477) * kernel: lack of check for mmap minimum address in expand_downwards in mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms (CVE-2019-9213) * Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service (CVE-2019-11478) * Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service (CVE-2019-11479) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [HPE 8.0 Bug] nvme drive power button does not turn off drive (BZ#1700288) * RHEL8.0 - hw csum failure seen in dmesg and console (using mlx5/mlx4/Mellanox) (BZ#1700289) * RHEL8.0 - vfio-ap: add subsystem to matrix device to avoid libudev failures (kvm) (BZ#1700290) * [FJ8.1 Bug]: Make Fujitsu Erratum 010001 patch work on A64FX v1r0 (BZ#1700901) * [FJ8.0 Bug]: Fujitsu A64FX processor errata - panic by unknown fault (BZ#1700902) * RHEL 8.0 Snapshot 4 - nvme create-ns command hangs after creating 20 namespaces on Bolt (NVMe) (BZ#1701140) * [Cavium/Marvell 8.0 qed] Fix qed_mcp_halt() and qed_mcp_resume() (backporting bug) (BZ#1704184) * [Intel 8.1 Bug] PBF: Base frequency display fix (BZ#1706739) * [RHEL8]read/write operation not permitted to /sys/kernel/debug/gcov/reset (BZ#1708100) * RHEL8.0 - ISST-LTE:pVM:fleetwood:LPM:raylp85:After lpm seeing the console logs on the the lpar at target side (BZ#1708102) * RHEL8.0 - Backport support for software count cache flush Spectre v2 mitigation (BZ#1708112) * [Regression] RHEL8.0 - System crashed with one stress-ng-mremap stressor on Boston (kvm host) (BZ#1708617) * [intel ice Rhel 8 RC1] ethtool -A ethx causes interfaces to go down (BZ#1709433) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-9213 CVE-2019-9213 kernel: lack of check for mmap minimum address in expand_downwards in mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms CVE-2019-11477 Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service CVE-2019-11478 Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service CVE-2019-11479 kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes. To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service (DoS). (CVE-2019-11477) * kernel: lack of check for mmap minimum address in expand_downwards in mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms (CVE-2019-9213) * Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service (CVE-2019-11478) * Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service (CVE-2019-11479) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update to the RHEL8.0.z batch#1 source tree (BZ#1704955) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-9213 CVE-2019-9213 kernel: lack of check for mmap minimum address in expand_downwards in mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms CVE-2019-11477 Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service CVE-2019-11478 Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service CVE-2019-11479 kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service AlmaLinux 8 GVFS is the GNOME Desktop Virtual File System layer that allows users to easily access local and remote data using File Transfer Protocol (FTP), Secure Shell File Transfer Protocol (SFTP), Web Distributed Authoring and Versioning (WebDAV), Common Internet File System (CIFS), Server Message Block (SMB), and other protocols. GVFS integrates with the GNOME I/O (GIO) abstraction layer. Security Fix(es): * gvfs: Incorrect authorization in admin backend allows privileged users to read and modify arbitrary files without prompting for password (CVE-2019-3827) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-3827 CVE-2019-3827 gvfs: Incorrect authorization in admin backend allows privileged users to read and modify arbitrary files without prompting for password cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) (CVE-2019-2602) * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) (CVE-2019-2684) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-2602 CVE-2019-2684 CVE-2019-2602 OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) CVE-2019-2684 OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The go-toolset:rhel8 module provides Go Toolset, a compiler toolset for building applications using the Go language and compiler suite. Security Fix(es): * golang: CRLF injection in net/http (CVE-2019-9741) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-9741 CVE-2019-9741 golang: CRLF injection in net/http cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The Windows Azure Linux Agent supports provisioning and running Linux virtual machines in the Microsoft Windows Azure cloud. Security Fix(es): * WALinuxAgent: swapfile created with weak permissions (CVE-2019-0804) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-0804 CVE-2019-0804 WALinuxAgent: swapfile created with weak permissions cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by AlmaLinux Certificate System. Security Fix(es): * tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up (CVE-2018-8037) * tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins (CVE-2018-8014) * tomcat: Open redirect in default servlet (CVE-2018-11784) * tomcat: Host name verification missing in WebSocket client (CVE-2018-8034) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-11784 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins CVE-2018-8034 tomcat: Host name verification missing in WebSocket client CVE-2018-8037 tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up CVE-2018-11784 tomcat: Open redirect in default servlet cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es): * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) * libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) * libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) * libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10161 CVE-2019-10166 CVE-2019-10167 CVE-2019-10168 CVE-2019-10166 libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients CVE-2019-10161 libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API CVE-2019-10167 libvirt: arbitrary command execution via virConnectGetDomainCapabilities API CVE-2019-10168 libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs cpe:/a:almalinux:almalinux:8::appstream Red Hat Enterprise Linux 7 AlmaLinux 8 Vim (Vi IMproved) is an updated and improved version of the vi editor. Security Fix(es): * vim/neovim: ':source!' command allows arbitrary command execution via modelines (CVE-2019-12735) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-12735 CVE-2019-12735 vim/neovim: ':source!' command allows arbitrary command execution via modelines cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Security Fix(es): * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) * Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) * thunderbird: Heap buffer over read in icalparser.c parser_get_next_char (CVE-2019-11703) * thunderbird: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c (CVE-2019-11704) * thunderbird: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c (CVE-2019-11706) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11703 CVE-2019-11704 CVE-2019-11705 CVE-2019-11706 CVE-2019-11707 CVE-2019-11708 CVE-2019-11703 libical: Heap buffer over read in icalparser.c parser_get_next_char CVE-2019-11704 libical: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c CVE-2019-11705 libical: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c CVE-2019-11706 libical: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c CVE-2019-11707 Mozilla: Type confusion in Array.pop CVE-2019-11708 Mozilla: Sandbox escape using Prompt:Open cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.2 ESR. Security Fix(es): * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11707 CVE-2019-11708 CVE-2019-11707 Mozilla: Type confusion in Array.pop CVE-2019-11708 Mozilla: Sandbox escape using Prompt:Open cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: Race condition when discarding malformed packets can cause bind to exit with assertion failure (CVE-2019-6471) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-6471 CVE-2019-6471 bind: Race condition when discarding malformed packets can cause bind to exit with assertion failure cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.8.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 (CVE-2019-11709) * Mozilla: Sandbox escape via installation of malicious language pack (CVE-2019-9811) * Mozilla: Script injection within domain through inner window reuse (CVE-2019-11711) * Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (CVE-2019-11712) * Mozilla: Use-after-free with HTTP/2 cached stream (CVE-2019-11713) * Mozilla: HTML parsing error can contribute to content XSS (CVE-2019-11715) * Mozilla: Caret character improperly escaped in origins (CVE-2019-11717) * Mozilla: Same-origin policy treats all files in a directory as having the same-origin (CVE-2019-11730) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11730 CVE-2019-9811 CVE-2019-11709 Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 CVE-2019-11711 Mozilla: Script injection within domain through inner window reuse CVE-2019-11712 Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects CVE-2019-11713 Mozilla: Use-after-free with HTTP/2 cached stream CVE-2019-11715 Mozilla: HTML parsing error can contribute to content XSS CVE-2019-11717 Mozilla: Caret character improperly escaped in origins CVE-2019-11730 Mozilla: Same-origin policy treats all files in a directory as having the same-origin CVE-2019-9811 Mozilla: Sandbox escape via installation of malicious language pack cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fix(es): * cyrus-imapd: buffer overflow in CalDAV request handling triggered by a long iCalendar property name (CVE-2019-11356) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11356 CVE-2019-11356 cyrus-imapd: buffer overflow in CalDAV request handling triggered by a long iCalendar property name cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.8.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 (CVE-2019-11709) * Mozilla: Sandbox escape via installation of malicious language pack (CVE-2019-9811) * Mozilla: Script injection within domain through inner window reuse (CVE-2019-11711) * Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (CVE-2019-11712) * Mozilla: Use-after-free with HTTP/2 cached stream (CVE-2019-11713) * Mozilla: HTML parsing error can contribute to content XSS (CVE-2019-11715) * Mozilla: Caret character improperly escaped in origins (CVE-2019-11717) * Mozilla: Same-origin policy treats all files in a directory as having the same-origin (CVE-2019-11730) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Thunderbird fails to authenticate with gmail with ssl/tls and OAuth2 (BZ#1725919) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11730 CVE-2019-9811 CVE-2019-11709 Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 CVE-2019-11711 Mozilla: Script injection within domain through inner window reuse CVE-2019-11712 Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects CVE-2019-11713 Mozilla: Use-after-free with HTTP/2 cached stream CVE-2019-11715 Mozilla: HTML parsing error can contribute to content XSS CVE-2019-11717 Mozilla: Caret character improperly escaped in origins CVE-2019-11730 Mozilla: Same-origin policy treats all files in a directory as having the same-origin CVE-2019-9811 Mozilla: Sandbox escape via installation of malicious language pack cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography (Security, 8208698) (CVE-2019-2745) * OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) (CVE-2019-2762) * OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) (CVE-2019-2769) * OpenJDK: Missing URL format validation (Networking, 8221518) (CVE-2019-2816) * OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511) (CVE-2019-2842) * OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) (CVE-2019-2786) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-2745 CVE-2019-2762 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-2842 CVE-2019-2769 OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) CVE-2019-2816 OpenJDK: Missing URL format validation (Networking, 8221518) CVE-2019-2842 OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511) CVE-2019-2786 OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) CVE-2019-2745 OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography (Security, 8208698) CVE-2019-2762 OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography (Security, 8208698) (CVE-2019-2745) * OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) (CVE-2019-2762) * OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) (CVE-2019-2769) * OpenJDK: Missing URL format validation (Networking, 8221518) (CVE-2019-2816) * OpenJDK: Incorrect handling of certificate status messages during TLS handshake (JSSE, 8222678) (CVE-2019-2821) * OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) (CVE-2019-2786) * OpenJDK: Non-constant time comparison in ChaCha20Cipher (Security, 8221344) (CVE-2019-2818) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-2745 CVE-2019-2762 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-2818 CVE-2019-2821 CVE-2019-2769 OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) CVE-2019-2818 OpenJDK: Non-constant time comparison in ChaCha20Cipher (Security, 8221344) CVE-2019-2816 OpenJDK: Missing URL format validation (Networking, 8221518) CVE-2019-2821 OpenJDK: Incorrect handling of certificate status messages during TLS handshake (JSSE, 8222678) CVE-2019-2786 OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) CVE-2019-2745 OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography (Security, 8208698) CVE-2019-2762 OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nspr (4.21.0). (BZ#1713187, BZ#1713188) Security Fix(es): * nss: NULL pointer dereference in several CMS functions resulting in a denial of service (CVE-2018-18508) * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (CVE-2019-11729) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * PQG verify fails when create DSA PQG parameters because the counts aren't returned correctly. (BZ#1685325) * zeroization of AES context missing (BZ#1719629) * RSA Pairwise consistency test (BZ#1719630) * FIPS updated for nss-softoken POST (BZ#1722373) * DH/ECDH key tests missing for the PG parameters (BZ#1722374) * NSS should implement continuous random test on it's seed data or use the kernel AF_ALG interface for random (BZ#1725059) * support setting supported signature algorithms in strsclnt utility (BZ#1725110) * certutil -F with no parameters is killed with segmentation fault message (BZ#1725115) * NSS: Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU (BZ#1725116) * NSS should use getentropy() for seeding its RNG, not /dev/urandom. Needs update to NSS 3.37 (BZ#1725117) * Disable TLS 1.3 in FIPS mode (BZ#1725773) * Wrong alert sent when client uses PKCS#1 signatures in TLS 1.3 (BZ#1728259) * x25519 allowed in FIPS mode (BZ#1728260) * post handshake authentication with selfserv does not work if SSL_ENABLE_SESSION_TICKETS is set (BZ#1728261) Enhancement(s): * Move IKEv1 and IKEv2 KDF's from libreswan to nss-softkn (BZ#1719628) Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-18508 CVE-2019-11719 CVE-2019-11727 CVE-2019-11729 CVE-2019-17007 CVE-2018-18508 nss: NULL pointer dereference in several CMS functions resulting in a denial of service CVE-2019-17007 nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS CVE-2019-11719 nss: Out-of-bounds read when importing curve25519 private key CVE-2019-11729 nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault CVE-2019-11727 nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: DMA attack using peripheral devices (Thunderclap) (BZ#1690716) * kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c leading to denial of service (CVE-2018-20784) * kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS (CVE-2019-11810) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [DELL 8.0 z-stream BUG] - "CPU unsupported" message with CFL-H/S 8+2 due to updated Stepping (BZ#1711048) * RHEL8.0 Snapshot4 - [LTC Test] Guest crashes during vfio device hot-plug/un-plug operations. (kvm) (BZ#1714746) * Using Transactional Memory (TM) in a Guest Locks-up Host Core on a Power9 System (BZ#1714751) * VRSAVE register not properly saved and restored (BZ#1714753) * Fix potential spectre gadget in arch/s390/kvm/interrupt.c (BZ#1714754) * RHEL8.0 RC2 - kernel/KVM - count cache flush Spectre v2 mitigation (required for POWER9 DD2.3) (BZ#1715018) * iommu/amd: Set exclusion range correctly (BZ#1715336) * RHEL8.0 - sched/fair: Do not re-read ->h_load_next during hierarchical load calculation (BZ#1715337) * cross compile builds are broken (BZ#1715339) * Patch generated by 'make rh-test-patch' doesn't get applied during build (BZ#1715340) * hard lockup panic in during execution of CFS bandwidth period timer (BZ#1715345) * perf annotate -P does not give full paths (BZ#1716887) * [Dell EMC 8.0 BUG] File system corrupting with I/O Stress on H330 PERC on AMD Systems if IOMMU passthrough is disabled (BZ#1717344) * Fix Spectre v1 gadgets in drivers/gpu/drm/drm_bufs.c and drivers/gpu/drm/drm_ioctl.c (BZ#1717382) * BUG: SELinux doesn't handle NFS crossmnt well (BZ#1717777) * krb5{,i,p} doesn't work with older enctypes on aarch64 (BZ#1717800) * [RHEL-8.0][s390x]ltp-lite mtest06 testing hits EWD due to: rcu: INFO: rcu_sched self-detected stall on CPU (BZ#1717801) * RHEL 8 Snapshot-6: CN1200E SW iSCSI I/O performance degradation after a SCSI device/target reset rhel-8.0.0.z] (BZ#1717804) * dm cache metadata: Fix loading discard bitset (BZ#1717868) * jit'd java code on power9 ppc64le experiences stack corruption (BZ#1717869) * BUG: connect(AF_UNSPEC, ...) on a connected socket returns an error (BZ#1717870) * mm: BUG: unable to handle kernel paging request at 0000000057ac6e9d (BZ#1718237) * [HPE 8.0 BUG] DCPMM fsdax boot initialization takes a long time causing auto-mount to fail (BZ#1719635) * AMD Rome: WARNING: CPU: 1 PID: 0 at arch/x86/kernel/cpu/mcheck/mce.c:1510 mcheck_cpu_init+0x7a/0x460 (BZ#1721233) * [RHEL8.1] AMD Rome: EDAC amd64: Error: F0 not found, device 0x1460 (broken BIOS?) (BZ#1722365) * AMD Rome: Intermittent NMI received for unknown reason (BZ#1722367) * [DELL 8.0 BUG] - "CPU unsupported" message with WHL-U due to updated Stepping (BZ#1722372) Enhancement(s): * RHEL 8 - AMD Rome Support (BZ#1721972) Users of kernel are advised to upgrade to these updated packages, which fix these bugs and add this enhancement. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-20784 CVE-2019-11085 CVE-2019-11810 CVE-2019-11811 CVE-2018-20784 kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c leading to denial of service CVE-2019-11810 kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS CVE-2019-11811 kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c CVE-2019-11085 kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: DMA attack using peripheral devices (Thunderclap) (BZ#1690716) * kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c leading to denial of service (CVE-2018-20784) * kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS (CVE-2019-11810) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update to the RHEL8.0.z batch#2 source tree (BZ#1717516) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-20784 CVE-2019-11085 CVE-2019-11810 CVE-2019-11811 CVE-2018-20784 kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c leading to denial of service CVE-2019-11810 kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS CVE-2019-11811 kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c CVE-2019-11085 kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation AlmaLinux 8 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix(es): * rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-8324 CVE-2019-8324 rubygems: Installing a malicious gem may lead to arbitrary code execution cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Security Fix(es): * redis: Heap buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10192) * redis: Stack buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10193) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10192 CVE-2019-10193 CVE-2019-10192 redis: Heap buffer overflow in HyperLogLog triggered by malicious client CVE-2019-10193 redis: Stack buffer overflow in HyperLogLog triggered by malicious client cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. IcedTea-Web now also contains PolicyEditor - a simple tool to configure Java policies. Security Fix(es): * icedtea-web: path traversal while processing <jar/> elements of JNLP files results in arbitrary file overwrite (CVE-2019-10182) * icedtea-web: directory traversal in the nested jar auto-extraction leading to arbitrary file overwrite (CVE-2019-10185) * icedtea-web: unsigned code injection in a signed JAR file (CVE-2019-10181) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10181 CVE-2019-10182 CVE-2019-10185 CVE-2019-10182 icedtea-web: path traversal while processing <jar/> elements of JNLP files results in arbitrary file overwrite CVE-2019-10185 icedtea-web: directory traversal in the nested jar auto-extraction leading to arbitrary file overwrite CVE-2019-10181 icedtea-web: unsigned code injection in a signed JAR file cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: broken permission and object lifetime handling for PTRACE_TRACEME (CVE-2019-13272) * kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-1125 CVE-2019-13272 CVE-2019-1125 kernel: hw: Spectre SWAPGS gadget vulnerability CVE-2019-13272 kernel: broken permission and object lifetime handling for PTRACE_TRACEME AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: broken permission and object lifetime handling for PTRACE_TRACEME (CVE-2019-13272) * kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-1125 CVE-2019-13272 CVE-2019-1125 kernel: hw: Spectre SWAPGS gadget vulnerability CVE-2019-13272 kernel: broken permission and object lifetime handling for PTRACE_TRACEME cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix(es): * ghostscript: -dSAFER escape via .buildfont1 (701394) (CVE-2019-10216) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10216 CVE-2019-10216 ghostscript: -dSAFER escape via .buildfont1 (701394) cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: mysql (8.0.17). Security Fix(es): * mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2019-2800, CVE-2019-2436, CVE-2019-2531, CVE-2019-2534, CVE-2019-2614, CVE-2019-2617, CVE-2019-2630, CVE-2019-2634, CVE-2019-2635, CVE-2019-2755) * mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2019-2420, CVE-2019-2481, CVE-2019-2507, CVE-2019-2529, CVE-2019-2530, CVE-2019-2581, CVE-2019-2596, CVE-2019-2607, CVE-2019-2625, CVE-2019-2681, CVE-2019-2685, CVE-2019-2686, CVE-2019-2687, CVE-2019-2688, CVE-2019-2689, CVE-2019-2693, CVE-2019-2694, CVE-2019-2695, CVE-2019-2757, CVE-2019-2774, CVE-2019-2796, CVE-2019-2802, CVE-2019-2803, CVE-2019-2808, CVE-2019-2810, CVE-2019-2812, CVE-2019-2815, CVE-2019-2830, CVE-2019-2834) * mysql: Server: Parser multiple unspecified vulnerabilities (CVE-2019-2434, CVE-2019-2455, CVE-2019-2805) * mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2482, CVE-2019-2592) * mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2019-2486, CVE-2019-2532, CVE-2019-2533, CVE-2019-2584, CVE-2019-2589, CVE-2019-2606, CVE-2019-2620, CVE-2019-2627, CVE-2019-2739, CVE-2019-2778, CVE-2019-2811, CVE-2019-2789) * mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2494, CVE-2019-2495, CVE-2019-2537, CVE-2019-2626, CVE-2019-2644) * mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2502, CVE-2019-2510, CVE-2019-2580, CVE-2019-2585, CVE-2019-2593, CVE-2019-2624, CVE-2019-2628, CVE-2019-2758, CVE-2019-2785, CVE-2019-2798, CVE-2019-2879, CVE-2019-2814) * mysql: Server: Connection Handling unspecified vulnerability (CVE-2019-2503) * mysql: Server: Partition multiple unspecified vulnerabilities (CVE-2019-2528, CVE-2019-2587) * mysql: Server: Options multiple unspecified vulnerabilities (CVE-2019-2535, CVE-2019-2623, CVE-2019-2683, CVE-2019-2752) * mysql: Server: Packaging unspecified vulnerability (CVE-2019-2536) * mysql: Server: Connection unspecified vulnerability (CVE-2019-2539) * mysql: Server: Information Schema unspecified vulnerability (CVE-2019-2631) * mysql: Server: Group Replication Plugin unspecified vulnerability (CVE-2019-2636) * mysql: Server: Security: Roles multiple unspecified vulnerabilities (CVE-2019-2691, CVE-2019-2826) * mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2019-2737) * mysql: Server: XML unspecified vulnerability (CVE-2019-2740) * mysql: Server: Components / Services unspecified vulnerability (CVE-2019-2780) * mysql: Server: DML unspecified vulnerability (CVE-2019-2784) * mysql: Server: Charsets unspecified vulnerability (CVE-2019-2795) * mysql: Client programs unspecified vulnerability (CVE-2019-2797) * mysql: Server: FTS unspecified vulnerability (CVE-2019-2801) * mysql: Server: Security: Audit unspecified vulnerability (CVE-2019-2819) * mysql: Server: Compiling unspecified vulnerability (CVE-2019-2738) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-2420 CVE-2019-2434 CVE-2019-2436 CVE-2019-2455 CVE-2019-2481 CVE-2019-2482 CVE-2019-2486 CVE-2019-2494 CVE-2019-2495 CVE-2019-2502 CVE-2019-2503 CVE-2019-2507 CVE-2019-2510 CVE-2019-2528 CVE-2019-2529 CVE-2019-2530 CVE-2019-2531 CVE-2019-2532 CVE-2019-2533 CVE-2019-2534 CVE-2019-2535 CVE-2019-2536 CVE-2019-2537 CVE-2019-2539 CVE-2019-2580 CVE-2019-2581 CVE-2019-2584 CVE-2019-2585 CVE-2019-2587 CVE-2019-2589 CVE-2019-2592 CVE-2019-2593 CVE-2019-2596 CVE-2019-2606 CVE-2019-2607 CVE-2019-2614 CVE-2019-2617 CVE-2019-2620 CVE-2019-2623 CVE-2019-2624 CVE-2019-2625 CVE-2019-2626 CVE-2019-2627 CVE-2019-2628 CVE-2019-2630 CVE-2019-2631 CVE-2019-2634 CVE-2019-2635 CVE-2019-2636 CVE-2019-2644 CVE-2019-2681 CVE-2019-2683 CVE-2019-2685 CVE-2019-2686 CVE-2019-2687 CVE-2019-2688 CVE-2019-2689 CVE-2019-2691 CVE-2019-2693 CVE-2019-2694 CVE-2019-2695 CVE-2019-2737 CVE-2019-2738 CVE-2019-2739 CVE-2019-2740 CVE-2019-2752 CVE-2019-2755 CVE-2019-2757 CVE-2019-2758 CVE-2019-2774 CVE-2019-2778 CVE-2019-2780 CVE-2019-2784 CVE-2019-2785 CVE-2019-2789 CVE-2019-2795 CVE-2019-2796 CVE-2019-2797 CVE-2019-2798 CVE-2019-2800 CVE-2019-2801 CVE-2019-2802 CVE-2019-2803 CVE-2019-2805 CVE-2019-2808 CVE-2019-2810 CVE-2019-2811 CVE-2019-2812 CVE-2019-2814 CVE-2019-2815 CVE-2019-2819 CVE-2019-2826 CVE-2019-2830 CVE-2019-2834 CVE-2019-2879 CVE-2019-2948 CVE-2019-2950 CVE-2019-2969 CVE-2019-3003 CVE-2019-2420 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2019) CVE-2019-2434 mysql: Server: Parser unspecified vulnerability (CPU Jan 2019) CVE-2019-2436 mysql: Server: Replication unspecified vulnerability (CPU Jan 2019) CVE-2019-2455 mysql: Server: Parser unspecified vulnerability (CPU Jan 2019) CVE-2019-2481 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2019) CVE-2019-2482 mysql: Server: PS unspecified vulnerability (CPU Jan 2019) CVE-2019-2486 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2019) CVE-2019-2494 mysql: Server: DDL unspecified vulnerability (CPU Jan 2019) CVE-2019-2495 mysql: Server: DDL unspecified vulnerability (CPU Jan 2019) CVE-2019-2502 mysql: InnoDB unspecified vulnerability (CPU Jan 2019) CVE-2019-2503 mysql: Server: Connection Handling unspecified vulnerability (CPU Jan 2019) CVE-2019-2507 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2019) CVE-2019-2510 mysql: InnoDB unspecified vulnerability (CPU Jan 2019) CVE-2019-2528 mysql: Server: Partition unspecified vulnerability (CPU Jan 2019) CVE-2019-2529 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2019) CVE-2019-2530 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2019) CVE-2019-2531 mysql: Server: Replication unspecified vulnerability (CPU Jan 2019) CVE-2019-2532 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2019) CVE-2019-2533 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2019) CVE-2019-2534 mysql: Server: Replication unspecified vulnerability (CPU Jan 2019) CVE-2019-2535 mysql: Server: Options unspecified vulnerability (CPU Jan 2019) CVE-2019-2536 mysql: Server: Packaging unspecified vulnerability (CPU Jan 2019) CVE-2019-2537 mysql: Server: DDL unspecified vulnerability (CPU Jan 2019) CVE-2019-2539 mysql: Server: Connection unspecified vulnerability (CPU Jan 2019) CVE-2019-2580 mysql: InnoDB unspecified vulnerability (CPU Apr 2019) CVE-2019-2581 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019) CVE-2019-2584 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) CVE-2019-2585 mysql: InnoDB unspecified vulnerability (CPU Apr 2019) CVE-2019-2587 mysql: Server: Partition unspecified vulnerability (CPU Apr 2019) CVE-2019-2589 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) CVE-2019-2592 mysql: Server: PS unspecified vulnerability (CPU Apr 2019) CVE-2019-2593 mysql: InnoDB unspecified vulnerability (CPU Apr 2019) CVE-2019-2596 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019) CVE-2019-2606 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) CVE-2019-2607 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019) CVE-2019-2614 mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) CVE-2019-2617 mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) CVE-2019-2620 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) CVE-2019-2623 mysql: Server: Options unspecified vulnerability (CPU Apr 2019) CVE-2019-2624 mysql: InnoDB unspecified vulnerability (CPU Apr 2019) CVE-2019-2625 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019) CVE-2019-2626 mysql: Server: DDL unspecified vulnerability (CPU Apr 2019) CVE-2019-2627 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) CVE-2019-2628 mysql: InnoDB unspecified vulnerability (CPU Apr 2019) CVE-2019-2630 mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) CVE-2019-2631 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2019) CVE-2019-2635 mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) CVE-2019-2636 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2019) CVE-2019-2644 mysql: Server: DDL unspecified vulnerability (CPU Apr 2019) CVE-2019-2681 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019) CVE-2019-2683 mysql: Server: Options unspecified vulnerability (CPU Apr 2019) CVE-2019-2685 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019) CVE-2019-2686 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019) CVE-2019-2687 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019) CVE-2019-2688 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019) CVE-2019-2689 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019) CVE-2019-2691 mysql: Server: Security: Roles unspecified vulnerability (CPU Apr 2019) CVE-2019-2693 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019) CVE-2019-2694 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019) CVE-2019-2695 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2019) CVE-2019-2634 mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) CVE-2019-2737 mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) CVE-2019-2738 mysql: Server: Compiling unspecified vulnerability (CPU Jul 2019) CVE-2019-2739 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) CVE-2019-2740 mysql: Server: XML unspecified vulnerability (CPU Jul 2019) CVE-2019-2752 mysql: Server: Options unspecified vulnerability (CPU Jul 2019) CVE-2019-2755 mysql: Server: Replication unspecified vulnerability (CPU Jul 2019) CVE-2019-2757 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2019) CVE-2019-2758 mysql: InnoDB unspecified vulnerability (CPU Jul 2019) CVE-2019-2774 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2019) CVE-2019-2778 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) CVE-2019-2780 mysql: Server: Components / Services unspecified vulnerability (CPU Jul 2019) CVE-2019-2784 mysql: Server: DML unspecified vulnerability (CPU Jul 2019) CVE-2019-2785 mysql: InnoDB unspecified vulnerability (CPU Jul 2019) CVE-2019-2789 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) CVE-2019-2795 mysql: Server: Charsets unspecified vulnerability (CPU Jul 2019) CVE-2019-2796 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2019) CVE-2019-2797 mysql: Client programs unspecified vulnerability (CPU Jul 2019) CVE-2019-2798 mysql: InnoDB unspecified vulnerability (CPU Jul 2019) CVE-2019-2800 mysql: Server: Replication unspecified vulnerability (CPU Jul 2019) CVE-2019-2801 mysql: Server: FTS unspecified vulnerability (CPU Jul 2019) CVE-2019-2802 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2019) CVE-2019-2803 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2019) CVE-2019-2805 mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) CVE-2019-2808 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2019) CVE-2019-2810 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2019) CVE-2019-2811 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) CVE-2019-2812 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2019) CVE-2019-2814 mysql: InnoDB unspecified vulnerability (CPU Jul 2019) CVE-2019-2815 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2019) CVE-2019-2819 mysql: Server: Security: Audit unspecified vulnerability (CPU Jul 2019) CVE-2019-2826 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2019) CVE-2019-2830 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2019) CVE-2019-2834 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2019) CVE-2019-2879 mysql: InnoDB unspecified vulnerability (CPU Jul 2019) CVE-2019-2948 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) CVE-2019-2950 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) CVE-2019-2969 mysql: Client programs unspecified vulnerability (CPU Oct 2019) CVE-2019-3003 mysql: InnoDB unspecified vulnerability (CPU Oct 2019) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fix(es): * subversion: NULL pointer dereference in svnserve leading to an unauthenticated remote DoS (CVE-2019-0203) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-0203 CVE-2019-0203 subversion: NULL pointer dereference in svnserve leading to an unauthenticated remote DoS cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Security Fix(es): * pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow (CVE-2019-1010238) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-1010238 CVE-2019-1010238 pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Security Fix(es): * IBM JDK: Out-of-bounds access in the String.getBytes method (CVE-2019-11772) * IBM JDK: Failure to privatize a value pulled out of the loop by versioning (CVE-2019-11775) * OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) (CVE-2019-2762) * OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) (CVE-2019-2769) * OpenJDK: Missing URL format validation (Networking, 8221518) (CVE-2019-2816) * OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) (CVE-2019-2786) * libpng: use-after-free in png_image_free in png.c (CVE-2019-7317) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11772 CVE-2019-11775 CVE-2019-2762 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-7317 CVE-2019-7317 libpng: use-after-free in png_image_free in png.c CVE-2019-2769 OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) CVE-2019-2816 OpenJDK: Missing URL format validation (Networking, 8221518) CVE-2019-2786 OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) CVE-2019-2762 OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) CVE-2019-11772 IBM JDK: Out-of-bounds access in the String.getBytes method CVE-2019-11775 IBM JDK: Failure to privatize a value pulled out of the loop by versioning AlmaLinux 8 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix(es): * ghostscript: Safer mode bypass by .forceput exposure in .pdf_hook_DSC_Creator (701445) (CVE-2019-14811) * ghostscript: Safer mode bypass by .forceput exposure in setuserparams (701444) (CVE-2019-14812) * ghostscript: Safer mode bypass by .forceput exposure in setsystemparams (701443) (CVE-2019-14813) * ghostscript: Safer mode bypass by .forceput exposure in .pdfexectoken and other procedures (701450) (CVE-2019-14817) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14811 CVE-2019-14812 CVE-2019-14813 CVE-2019-14817 CVE-2019-14813 ghostscript: Safer mode bypass by .forceput exposure in setsystemparams (701443) CVE-2019-14812 ghostscript: Safer mode bypass by .forceput exposure in setuserparams (701444) CVE-2019-14811 ghostscript: Safer mode bypass by .forceput exposure in .pdf_hook_DSC_Creator (701445) CVE-2019-14817 ghostscript: Safer mode bypass by .forceput exposure in .pdfexectoken and other procedures (701450) cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix(es): * squid: heap-based buffer overflow in HttpHeader::getAuth (CVE-2019-12527) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-12527 CVE-2019-12527 squid: heap-based buffer overflow in HttpHeader::getAuth cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.1.0 ESR. Security Fix(es): * Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) * Mozilla: Memory safety bugs fixed in Firefox 69 and Firefox ESR 68.1 (CVE-2019-11735) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) * Mozilla: Use-after-free while manipulating video (CVE-2019-11746) * Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) * Mozilla: Cross-origin access to unload event attributes (CVE-2019-11743) * Mozilla: Persistence of WebRTC permissions in a third party context (CVE-2019-11748) * Mozilla: Camera information available without prompting using getUserMedia (CVE-2019-11749) * Mozilla: Type confusion in Spidermonkey (CVE-2019-11750) * Mozilla: Content security policy bypass through hash-based sources in directives (CVE-2019-11738) * Mozilla: 'Forget about this site' removes sites from pre-loaded HSTS list (CVE-2019-11747) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11733 CVE-2019-11735 CVE-2019-11738 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11747 CVE-2019-11748 CVE-2019-11749 CVE-2019-11750 CVE-2019-11752 CVE-2019-9812 CVE-2019-11733 firefox: stored passwords in 'Saved Logins' can be copied without master password entry CVE-2019-11740 Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9 CVE-2019-11742 Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images CVE-2019-11743 Mozilla: Cross-origin access to unload event attributes CVE-2019-11744 Mozilla: XSS by breaking out of title and textarea elements using innerHTML CVE-2019-11746 Mozilla: Use-after-free while manipulating video CVE-2019-11752 Mozilla: Use-after-free while extracting a key value in IndexedDB CVE-2019-9812 Mozilla: Sandbox escape through Firefox Sync CVE-2019-11735 Mozilla: Memory safety bugs fixed in Firefox 69 and Firefox ESR 68.1 CVE-2019-11738 Mozilla: Content security policy bypass through hash-based sources in directives CVE-2019-11747 Mozilla: 'Forget about this site' removes sites from pre-loaded HSTS list CVE-2019-11748 Mozilla: Persistence of WebRTC permissions in a third party context CVE-2019-11749 Mozilla: Camera information available without prompting using getUserMedia CVE-2019-11750 Mozilla: Type confusion in Spidermonkey cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): * HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511) * HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-9511 CVE-2019-9513 CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846) * Kernel: KVM: nVMX: guest accesses L0 MSR causes potential DoS (CVE-2019-3887) * kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500) * kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487) * kernel: ppc: unrelated processes being able to read/write to each other's virtual memory (CVE-2019-12817) * kernel: Use-after-free in sound/usb/card.c:usb_audio_probe() (CVE-2018-19824) * kernel: brcmfmac frame validation bypass (CVE-2019-9503) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [DELL EMC 8.0 BUG]: pciehp deadlock resulting in NVMe device not being recognized when hot plugged (BZ#1712261) * Host crashed while try to boot a compatible guest attached huge page by"-object memory-backend-file *"[1G-P9] (BZ#1714758) * Setting malformed authenc key will crash the system (BZ#1715335) * BUG: memory allocation failure in inode_doinit_with_dentry()/context_to_sid() (BZ#1717780) * [HPEMC 8.1 BUG] Protect against concurrent calls into UV BIOS (BZ#1724534) * PHC jumping on I350 (igb) (BZ#1726352) * aarch64 kernel missing vulnerabilities status files (BZ#1726353) * BUG: KASAN: use-after-free in skb_release_data() (BZ#1726354) * [RHEL8][PANIC][aarch64] kernel panic when loading the dme1737 module (BZ#1726355) * [RHEL8] [aarch64] Changes for BZ1672997 break kaslr (BZ#1726357) * Network fails to come up when booting with kernel 3.10.0-862.el7.x86_64, several hung tasks can be seen in logs. (BZ#1726358) * [Intel] 'cpupower frequency-set' produces unexpected results for some processors (BZ#1726360) * HDMI/DP audio: ELD not updated on hotplug event (BZ#1726361) * [mlx5_core] CX5 Adapter works not as expected when MTU is 9000, Unable to handle kernel paging request at virtual address 3ae0aafeff4b6b5a (BZ#1726372) * [DELL 8.0 Bug] - hid-multitouch 0018:1FD2:8008.0001 ,lost function from S3 resume (BZ#1727098) * [RHEL8.1 Pre Beta] [Power8] data corruption while returning from watchpoint exception handler (BZ#1733281) * RHEL8.1 pre-Beta - cacheinfo code unsafe vs LPM (BZ#1733282) * RHEL8.1 pre-Beta - [ZZ/Zeppelin] [kernel-4.18.0-100.el8.ppc64le] Hash MMU allows child to write parents process address space (BZ#1734689) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-19824 CVE-2019-11487 CVE-2019-12817 CVE-2019-3846 CVE-2019-3887 CVE-2019-9500 CVE-2019-9503 CVE-2018-19824 kernel: Use-after-free in sound/usb/card.c:usb_audio_probe() CVE-2019-3887 Kernel: KVM: nVMX: guest accesses L0 MSR causes potential DoS CVE-2019-9500 kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results CVE-2019-9503 kernel: brcmfmac frame validation bypass CVE-2019-11487 kernel: Count overflow in FUSE request leading to use-after-free issues. CVE-2019-3846 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c CVE-2019-12817 kernel: ppc: unrelated processes being able to read/write to each other's virtual memory cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc (CVE-2019-7310) * poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc (CVE-2019-9200) * poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc (CVE-2019-10871) * poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc (CVE-2019-12293) * poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc (CVE-2018-18897) * poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc (CVE-2018-20481) * poppler: reachable Object::getString assertion in AnnotRichMedia class in Annot.c (CVE-2018-20551) * poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc (CVE-2018-20650) * poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc (CVE-2018-20662) * poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc (CVE-2019-9631) * poppler: stack consumption in function Dict::find() in Dict.cc (CVE-2019-9903) * poppler: integer overflow in JPXStream::init function leading to memory consumption (CVE-2019-9959) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-18897 CVE-2018-20481 CVE-2018-20551 CVE-2018-20650 CVE-2018-20662 CVE-2019-10871 CVE-2019-12293 CVE-2019-7310 CVE-2019-9200 CVE-2019-9631 CVE-2019-9903 CVE-2019-9959 CVE-2018-18897 poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc CVE-2018-20551 poppler: reachable Object::getString assertion in AnnotRichMedia class in Annot.c CVE-2018-20650 poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc CVE-2018-20481 poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc CVE-2018-20662 poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc CVE-2019-7310 poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc CVE-2019-9200 poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc CVE-2019-9631 poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc CVE-2019-9903 poppler: stack consumption in function Dict::find() in Dict.cc CVE-2019-10871 poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc CVE-2019-12293 poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc CVE-2019-9959 poppler: integer overflow in JPXStream::init function leading to memory consumption cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by AlmaLinux Certificate System. Security Fix(es): * jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-12384 CVE-2019-12384 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The libwmf packages provide a library for reading and converting Windows Metafile Format (WMF) vector graphics. The library is used by applications such as GIMP and ImageMagick. Security Fix(es): * gd: double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c (CVE-2019-6978) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-6978 CVE-2019-6978 gd: Double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Failure trying to conntect to image registry using TLS when buildah is compiled with FIPS mode (BZ#1743169) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-9512 CVE-2019-9514 CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 2.1.509 and Runtime 2.1.13. Security Fix(es): * dotnet: System.Net.Sockets.dll Socket.ConnectAsync Denial of Service (CVE-2019-1301) Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-1301 CVE-2019-1301 dotnet: System.Net.Sockets.dll Socket.ConnectAsync Denial of Service cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846) * Kernel: KVM: nVMX: guest accesses L0 MSR causes potential DoS (CVE-2019-3887) * kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500) * kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487) * kernel: brcmfmac frame validation bypass (CVE-2019-9503) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * BUG: scheduling while atomic in zswap (BZ#1726362) * kernel-rt: update to the RHEL8.0.z batch#3 source tree (BZ#1734475) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-19824 CVE-2019-11487 CVE-2019-3846 CVE-2019-3887 CVE-2019-9500 CVE-2019-9503 CVE-2018-19824 kernel: Use-after-free in sound/usb/card.c:usb_audio_probe() CVE-2019-3887 Kernel: KVM: nVMX: guest accesses L0 MSR causes potential DoS CVE-2019-9500 kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results CVE-2019-9503 kernel: brcmfmac frame validation bypass CVE-2019-11487 kernel: Count overflow in FUSE request leading to use-after-free issues. CVE-2019-3846 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.9.0. Security Fix(es): * Mozilla: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message (CVE-2019-11739) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) * Mozilla: Use-after-free while manipulating video (CVE-2019-11746) * Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) * Mozilla: Cross-origin access to unload event attributes (CVE-2019-11743) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11739 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11752 CVE-2019-11740 Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9 CVE-2019-11742 Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images CVE-2019-11743 Mozilla: Cross-origin access to unload event attributes CVE-2019-11744 Mozilla: XSS by breaking out of title and textarea elements using innerHTML CVE-2019-11746 Mozilla: Use-after-free while manipulating video CVE-2019-11752 Mozilla: Use-after-free while extracting a key value in IndexedDB CVE-2019-11739 Mozilla: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file). Security Fix(es): * patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969) * patch: OS shell command injection when processing crafted patch files (CVE-2019-13638) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-20969 CVE-2019-13638 CVE-2019-13638 patch: OS shell command injection when processing crafted patch files CVE-2018-20969 patch: do_ed_script in pch.c does not block strings beginning with a ! character cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 (Post Office Protocol 3) and IMAP protocols, with a focus on high concurrency, performance and low memory usage. Security Fix(es): * HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511) * HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513) * HTTP/2: 0-length headers leads to denial of service (CVE-2019-9516) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service CVE-2019-9516 HTTP/2: 0-length headers lead to denial of service cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writes (CVE-2019-11500) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11500 CVE-2019-11500 dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writes cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14835 CVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14835 CVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration AlmaLinux 8 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * HTTP/2: request for large response leads to denial of service (CVE-2019-9517) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-9517 CVE-2019-9517 HTTP/2: request for large response leads to denial of service cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (10.16.3). Security Fix(es): * HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511) * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515) * HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516) * HTTP/2: request for large response leads to denial of service (CVE-2019-9517) * HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-5737 CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 CVE-2019-9517 CVE-2019-9518 CVE-2019-5737 nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth CVE-2019-9515 HTTP/2: flood using SETTINGS frames results in unbounded memory growth CVE-2019-9518 HTTP/2: flood using empty frames results in excessive resource consumption CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service CVE-2019-9516 HTTP/2: 0-length headers lead to denial of service CVE-2019-9517 HTTP/2: request for large response leads to denial of service cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) (CVE-2019-2949) * OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn (Scripting, 8223518) (CVE-2019-2975) * OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892) (CVE-2019-2978) * OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298) (CVE-2019-2989) * OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573) (CVE-2019-2945) * OpenJDK: NULL pointer dereference in DrawGlyphList (2D, 8222690) (CVE-2019-2962) * OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684) (CVE-2019-2964) * OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression (JAXP, 8223505) (CVE-2019-2973) * OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression (JAXP, 8224532) (CVE-2019-2981) * OpenJDK: Unexpected exception thrown during Font object deserialization (Serialization, 8224915) (CVE-2019-2983) * OpenJDK: Missing glyph bitmap image dimension check in FreetypeFontScaler (2D, 8225286) (CVE-2019-2987) * OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292) (CVE-2019-2988) * OpenJDK: Excessive memory allocation in CMap when reading TrueType font (2D, 8225597) (CVE-2019-2992) * OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765) (CVE-2019-2999) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-2945 CVE-2019-2949 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2975 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2987 CVE-2019-2988 CVE-2019-2989 CVE-2019-2992 CVE-2019-2999 CVE-2019-2964 OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684) CVE-2019-2975 OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn (Scripting, 8223518) CVE-2019-2973 OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression (JAXP, 8223505) CVE-2019-2981 OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression (JAXP, 8224532) CVE-2019-2999 OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765) CVE-2019-2988 OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292) CVE-2019-2978 OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892) CVE-2019-2992 OpenJDK: Excessive memory allocation in CMap when reading TrueType font (2D, 8225597) CVE-2019-2987 OpenJDK: Missing glyph bitmap image dimension check in FreetypeFontScaler (2D, 8225286) CVE-2019-2983 OpenJDK: Unexpected exception thrown during Font object deserialization (Serialization, 8224915) CVE-2019-2962 OpenJDK: NULL pointer dereference in DrawGlyphList (2D, 8222690) CVE-2019-2949 OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) CVE-2019-2945 OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573) CVE-2019-2989 OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) (CVE-2019-2949) * OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn (Scripting, 8223518) (CVE-2019-2975) * OpenJDK: Out of bounds access in optimized String indexof implementation (Hotspot, 8224062) (CVE-2019-2977) * OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892) (CVE-2019-2978) * OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298) (CVE-2019-2989) * OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573) (CVE-2019-2945) * OpenJDK: NULL pointer dereference in DrawGlyphList (2D, 8222690) (CVE-2019-2962) * OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684) (CVE-2019-2964) * OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression (JAXP, 8223505) (CVE-2019-2973) * OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression (JAXP, 8224532) (CVE-2019-2981) * OpenJDK: Unexpected exception thrown during Font object deserialization (Serialization, 8224915) (CVE-2019-2983) * OpenJDK: Missing glyph bitmap image dimension check in FreetypeFontScaler (2D, 8225286) (CVE-2019-2987) * OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292) (CVE-2019-2988) * OpenJDK: Excessive memory allocation in CMap when reading TrueType font (2D, 8225597) (CVE-2019-2992) * OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765) (CVE-2019-2999) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-2945 CVE-2019-2949 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2975 CVE-2019-2977 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2987 CVE-2019-2988 CVE-2019-2989 CVE-2019-2992 CVE-2019-2999 CVE-2019-2964 OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684) CVE-2019-2975 OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn (Scripting, 8223518) CVE-2019-2973 OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression (JAXP, 8223505) CVE-2019-2981 OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression (JAXP, 8224532) CVE-2019-2999 OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765) CVE-2019-2988 OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292) CVE-2019-2977 OpenJDK: Out of bounds access in optimized String indexof implementation (Hotspot, 8224062) CVE-2019-2978 OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892) CVE-2019-2992 OpenJDK: Excessive memory allocation in CMap when reading TrueType font (2D, 8225597) CVE-2019-2987 OpenJDK: Missing glyph bitmap image dimension check in FreetypeFontScaler (2D, 8225286) CVE-2019-2983 OpenJDK: Unexpected exception thrown during Font object deserialization (Serialization, 8224915) CVE-2019-2962 OpenJDK: NULL pointer dereference in DrawGlyphList (2D, 8222690) CVE-2019-2949 OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) CVE-2019-2945 OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573) CVE-2019-2989 OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11757 CVE-2019-11758 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-15903 CVE-2019-15903 expat: heap-based buffer over-read via crafted XML input CVE-2019-11757 Mozilla: Use-after-free when creating index updates in IndexedDB CVE-2019-11758 Mozilla: Potentially exploitable crash due to 360 Total Security CVE-2019-11759 Mozilla: Stack buffer overflow in HKDF output CVE-2019-11760 Mozilla: Stack buffer overflow in WebRTC networking CVE-2019-11761 Mozilla: Unintended access to a privileged JSONView object CVE-2019-11762 Mozilla: document.domain-based origin isolation has same-origin-property violation CVE-2019-11763 Mozilla: Incorrect HTML parsing results in XSS bypass technique CVE-2019-11764 Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11757 CVE-2019-11758 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-15903 CVE-2019-15903 expat: heap-based buffer over-read via crafted XML input CVE-2019-11757 Mozilla: Use-after-free when creating index updates in IndexedDB CVE-2019-11758 Mozilla: Potentially exploitable crash due to 360 Total Security CVE-2019-11759 Mozilla: Stack buffer overflow in HKDF output CVE-2019-11760 Mozilla: Stack buffer overflow in WebRTC networking CVE-2019-11761 Mozilla: Unintended access to a privileged JSONView object CVE-2019-11762 Mozilla: document.domain-based origin isolation has same-origin-property violation CVE-2019-11763 Mozilla: Incorrect HTML parsing results in XSS bypass technique CVE-2019-11764 Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900) * Kernel: page cache side channel attacks (CVE-2019-5489) * hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506) * kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126) * Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821) * kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c (CVE-2018-19854) * kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169) * kernel: Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459) * kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460) * kernel: SCTP socket buffer memory leak leading to denial of service (CVE-2019-3874) * kernel: denial of service vector through vfio DMA mappings (CVE-2019-3882) * kernel: null-pointer dereference in hci_uart_set_flow_control (CVE-2019-10207) * kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599) * kernel: fs/ext4/extents.c leads to information disclosure (CVE-2019-11833) * kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884) * kernel: use-after-free in arch/x86/lib/insn-eval.c (CVE-2019-13233) * kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service (CVE-2019-15916) * kernel: oob memory read in hso_probe in drivers/net/usb/hso.c (CVE-2018-19985) * Kernel: KVM: leak of uninitialized stack contents to guest (CVE-2019-7222) * Kernel: net: weak IP ID generation leads to remote device tracking (CVE-2019-10638) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-16884 CVE-2018-19854 CVE-2018-19985 CVE-2018-20169 CVE-2019-10126 CVE-2019-10207 CVE-2019-10638 CVE-2019-11599 CVE-2019-11833 CVE-2019-11884 CVE-2019-13233 CVE-2019-14821 CVE-2019-15666 CVE-2019-15916 CVE-2019-15921 CVE-2019-15924 CVE-2019-16994 CVE-2019-3459 CVE-2019-3460 CVE-2019-3874 CVE-2019-3882 CVE-2019-3900 CVE-2019-5489 CVE-2019-7222 CVE-2019-9506 CVE-2020-10720 CVE-2018-19854 kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c CVE-2018-16884 kernel: nfs: use-after-free in svc_process_common() CVE-2018-20169 kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS CVE-2019-3459 kernel: Heap address information leak while using L2CAP_GET_CONF_OPT CVE-2019-3460 kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP CVE-2019-5489 Kernel: page cache side channel attacks CVE-2018-19985 kernel: oob memory read in hso_probe in drivers/net/usb/hso.c CVE-2019-7222 Kernel: KVM: leak of uninitialized stack contents to guest CVE-2019-3874 kernel: SCTP socket buffer memory leak leading to denial of service CVE-2019-3882 kernel: denial of service vector through vfio DMA mappings CVE-2019-3900 Kernel: vhost_net: infinite loop while receiving packets leads to DoS CVE-2019-11599 kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping CVE-2019-11884 kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command CVE-2019-11833 kernel: fs/ext4/extents.c leads to information disclosure CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c CVE-2019-13233 kernel: use-after-free in arch/x86/lib/insn-eval.c CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) CVE-2019-10638 Kernel: net: weak IP ID generation leads to remote device tracking CVE-2019-10207 kernel: null-pointer dereference in hci_uart_set_flow_control CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer CVE-2019-15666 kernel: out-of-bounds array access in __xfrm_policy_unlink CVE-2019-15916 kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service CVE-2019-16994 kernel: Memory leak in sit_init_net() in net/ipv6/sit.c CVE-2019-15921 kernel: memory leak in genl_register_family() in net/netlink/genetlink.c CVE-2019-15924 kernel: null pointer dereference in drivers/net/ethernet/intel/fm10k/fm10k_main.c CVE-2020-10720 kernel: use-after-free read in napi_gro_frags() in the Linux kernel AlmaLinux 8 Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. Security Fix(es): * numpy: crafted serialized object passed in numpy.load() in pickle python module allows arbitrary code execution (CVE-2019-6446) * python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) * python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) * python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) * python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service (CVE-2019-11236) * python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11236 CVE-2019-11324 CVE-2019-6446 CVE-2019-9740 CVE-2019-9947 CVE-2019-9948 CVE-2019-6446 numpy: crafted serialized object passed in numpy.load() in pickle python module allows arbitrary code execution CVE-2019-9740 python: CRLF injection via the query part of the url passed to urlopen() CVE-2019-9948 python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms CVE-2019-9947 python: CRLF injection via the path part of the url passed to urlopen() CVE-2019-11236 python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service CVE-2019-11324 python-urllib3: Certification mishandle when error should be thrown cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * edk2: Stack buffer overflow with corrupted BMP (CVE-2018-12181) * edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media (CVE-2019-0160) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-12181 CVE-2019-0160 CVE-2019-0161 CVE-2018-12181 edk2: Stack buffer overflow with corrupted BMP CVE-2019-0160 edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media CVE-2019-0161 edk2: stack overflow in XHCI causing denial of service cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es): * ntfs-3g: heap-based buffer overflow leads to local root privilege escalation (CVE-2019-9755) * QEMU: slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824) * QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-12155 CVE-2019-9755 CVE-2019-9824 CVE-2019-9824 QEMU: slirp: information leakage in tcp_emu() due to uninitialized stack variables CVE-2019-9755 ntfs-3g: heap-based buffer overflow leads to local root privilege escalation CVE-2019-12155 QEMU: qxl: null pointer dereference while releasing spice resources cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The GNU Debugger (GDB) allows users to debug programs written in various programming languages including C, C++, and Fortran. Security Fix(es): * libiberty: Memory leak in demangle_template function resulting in a denial of service (CVE-2018-20657) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-20657 CVE-2018-20657 libiberty: Memory leak in demangle_template function resulting in a denial of service cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network. Security Fix(es): * freeradius: privilege escalation due to insecure logrotate configuration (CVE-2019-10143) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10143 CVE-2019-10143 freeradius: privilege escalation due to insecure logrotate configuration cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The osinfo-db package contains a database that provides information about operating systems and hypervisor platforms to facilitate the automated configuration and provisioning of new virtual machines. The libosinfo packages provide a library that allows virtualization provisioning tools to determine the optimal device settings for a combination of hypervisor and operating system. Security Fix(es): * Libosinfo: osinfo-install-script option leaks password via command line argument (CVE-2019-13313) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-13313 CVE-2019-13313 Libosinfo: osinfo-install-script option leaks password via command line argument cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fix(es): * qt5-qtbase: Double free in QXmlStreamReader (CVE-2018-15518) * qt5-qtbase: QImage allocation failure in qgifhandler (CVE-2018-19870) * qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file (CVE-2018-19873) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-15518 CVE-2018-19870 CVE-2018-19873 CVE-2018-19870 qt5-qtbase: QImage allocation failure in qgifhandler CVE-2018-19873 qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file CVE-2018-15518 qt5-qtbase: Double free in QXmlStreamReader cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN). The following packages have been upgraded to a later upstream version: libreswan (3.29). (BZ#1738853) Security Fix(es): * libreswan: vulnerability in the processing of IKEv1 informational packets due to missing integrity check (CVE-2019-10155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10155 CVE-2019-12312 CVE-2019-10155 libreswan: vulnerability in the processing of IKEv1 informational packets due to missing integrity check CVE-2019-12312 libreswan: null-pointer dereference by sending two IKEv2 packets cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. The following packages have been upgraded to a later upstream version: 389-ds-base (1.4.1.3). (BZ#1712467) Security Fix(es): * 389-ds-base: Read permission check bypass via the deref plugin (CVE-2019-14824) * 389-ds-base: replication and the Retro Changelog plugin store plaintext password by default (CVE-2018-10871) * 389-ds-base: DoS via hanging secured connections (CVE-2019-3883) * 389-ds-base: using dscreate in verbose mode results in information disclosure (CVE-2019-10224) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-10871 CVE-2019-10224 CVE-2019-14824 CVE-2019-3883 CVE-2018-10871 389-ds-base: replication and the Retro Changelog plugin store plaintext password by default CVE-2019-10224 389-ds-base: using dscreate in verbose mode results in information disclosure CVE-2019-3883 389-ds-base: DoS via hanging secured connections CVE-2019-14824 389-ds-base: Read permission check bypass via the deref plugin cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378) * containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure (CVE-2019-10214) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10214 CVE-2019-14378 CVE-2019-9946 CVE-2019-9946 kubernetes: Incorrect rule injection in CNI portmap plugin CVE-2019-10214 containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure CVE-2019-14378 QEMU: slirp: heap buffer overflow during packet reassembly cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution (CVE-2018-12900) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-12900 CVE-2018-12900 libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The mod_auth_mellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants access based on the attributes received in assertions generated by an IdP server. Security Fix(es): * mod_auth_mellon: open redirect in logout url when using URLs with backslashes (CVE-2019-3877) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-3877 CVE-2019-3877 mod_auth_mellon: open redirect in logout url when using URLs with backslashes cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * golang: malformed hosts in URLs leads to authorization bypass (CVE-2019-14809) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14809 CVE-2019-14809 golang: malformed hosts in URLs leads to authorization bypass cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: mod_auth_digest: access control bypass due to race condition (CVE-2019-0217) * httpd: URL normalization inconsistency (CVE-2019-0220) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-0217 CVE-2019-0220 CVE-2019-0217 httpd: mod_auth_digest: access control bypass due to race condition CVE-2019-0220 httpd: URL normalization inconsistency cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Virtual Machine Manager (virt-manager) is a graphical tool for administering virtual machines for KVM, Xen, and Linux Containers (LXC). The virt-manager utility uses the libvirt API and can start, stop, add or remove virtualized devices, connect to a graphical or serial console, and view resource usage statistics for existing virtualized guests on local or remote machines. The following packages have been upgraded to a later upstream version: virt-manager (2.2.1). (BZ#1727881) Security Fix(es): * virt-install: unattended option leaks password via command line argument (CVE-2019-10183) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10183 CVE-2019-10183 virt-install: unattended option leaks password via command line argument cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: Improper certificate validation (CVE-2019-3814) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-3814 CVE-2019-3814 dovecot: Improper certificate validation cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix(es): * squid: XSS via user_name or auth parameter in cachemgr.cgi (CVE-2019-13345) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-13345 CVE-2019-13345 squid: XSS via user_name or auth parameter in cachemgr.cgi cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378) * containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure (CVE-2019-10214) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10214 CVE-2019-14378 CVE-2019-10214 containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure CVE-2019-14378 QEMU: slirp: heap buffer overflow during packet reassembly cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream. Security Fix(es): * nodejs: Denial of Service with large HTTP headers (CVE-2018-12121) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-12121 CVE-2018-12121 nodejs: Denial of Service with large HTTP headers cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: getaddrinfo should reject IP addresses with trailing characters (CVE-2016-10739) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2016-10739 CVE-2016-10739 glibc: getaddrinfo should reject IP addresses with trailing characters cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900) * Kernel: page cache side channel attacks (CVE-2019-5489) * hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506) * kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126) * Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821) * kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c (CVE-2018-19854) * kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169) * kernel: Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459) * kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460) * kernel: SCTP socket buffer memory leak leading to denial of service (CVE-2019-3874) * kernel: denial of service vector through vfio DMA mappings (CVE-2019-3882) * kernel: null-pointer dereference in hci_uart_set_flow_control (CVE-2019-10207) * kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599) * kernel: fs/ext4/extents.c leads to information disclosure (CVE-2019-11833) * kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884) * kernel: use-after-free in arch/x86/lib/insn-eval.c (CVE-2019-13233) * kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service (CVE-2019-15916) * kernel: Linux stack ASLR implementation Integer overflow (CVE-2015-1593) * kernel: oob memory read in hso_probe in drivers/net/usb/hso.c (CVE-2018-19985) * Kernel: KVM: leak of uninitialized stack contents to guest (CVE-2019-7222) * Kernel: net: weak IP ID generation leads to remote device tracking (CVE-2019-10638) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2015-1593 CVE-2018-16884 CVE-2018-19854 CVE-2018-19985 CVE-2018-20169 CVE-2019-10126 CVE-2019-10207 CVE-2019-10638 CVE-2019-11599 CVE-2019-11833 CVE-2019-11884 CVE-2019-12382 CVE-2019-13233 CVE-2019-13648 CVE-2019-14821 CVE-2019-15214 CVE-2019-15666 CVE-2019-15916 CVE-2019-15919 CVE-2019-15920 CVE-2019-15921 CVE-2019-15924 CVE-2019-15927 CVE-2019-16994 CVE-2019-20811 CVE-2019-3459 CVE-2019-3460 CVE-2019-3874 CVE-2019-3882 CVE-2019-3900 CVE-2019-5489 CVE-2019-7222 CVE-2019-9506 CVE-2020-10720 CVE-2015-1593 kernel: Linux stack ASLR implementation Integer overflow CVE-2018-19854 kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c CVE-2018-16884 kernel: nfs: use-after-free in svc_process_common() CVE-2018-20169 kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS CVE-2019-3459 kernel: Heap address information leak while using L2CAP_GET_CONF_OPT CVE-2019-3460 kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP CVE-2019-5489 Kernel: page cache side channel attacks CVE-2018-19985 kernel: oob memory read in hso_probe in drivers/net/usb/hso.c CVE-2019-7222 Kernel: KVM: leak of uninitialized stack contents to guest CVE-2019-3874 kernel: SCTP socket buffer memory leak leading to denial of service CVE-2019-3882 kernel: denial of service vector through vfio DMA mappings CVE-2019-3900 Kernel: vhost_net: infinite loop while receiving packets leads to DoS CVE-2019-11599 kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping CVE-2019-11884 kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command CVE-2019-11833 kernel: fs/ext4/extents.c leads to information disclosure CVE-2019-12382 kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c CVE-2019-13233 kernel: use-after-free in arch/x86/lib/insn-eval.c CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) CVE-2019-10638 Kernel: net: weak IP ID generation leads to remote device tracking CVE-2019-10207 kernel: null-pointer dereference in hci_uart_set_flow_control CVE-2019-13648 kernel: denial of service in arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c via sigreturn() system call CVE-2019-15214 kernel: use-after-free in sound/core/init.c and sound/core/info.c CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer CVE-2019-15666 kernel: out-of-bounds array access in __xfrm_policy_unlink CVE-2019-15919 kernel: use-after-free in SMB2_write function in fs/cifs/smb2pdu.c CVE-2019-15916 kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service CVE-2019-15927 kernel: out-of-bounds in function build_audio_procunit in sound/usb/mixer.c CVE-2019-16994 kernel: Memory leak in sit_init_net() in net/ipv6/sit.c CVE-2019-15920 kernel: use-after-free information leak in SMB2_read CVE-2019-15921 kernel: memory leak in genl_register_family() in net/netlink/genetlink.c CVE-2019-15924 kernel: null pointer dereference in drivers/net/ethernet/intel/fm10k/fm10k_main.c CVE-2020-10720 kernel: use-after-free read in napi_gro_frags() in the Linux kernel CVE-2019-20811 kernel: net-sysfs: *_queue_add_kobject refcount issue cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010) * python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) * python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) * python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-5010 CVE-2019-9740 CVE-2019-9947 CVE-2019-9948 CVE-2019-5010 python: NULL pointer dereference using a specially crafted X509 certificate CVE-2019-9740 python: CRLF injection via the query part of the url passed to urlopen() CVE-2019-9948 python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms CVE-2019-9947 python: CRLF injection via the path part of the url passed to urlopen() cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es): * dhcp: double-deletion of the released addresses in the dhcpv6 code leading to crash and possible DoS (CVE-2019-6470) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-6470 CVE-2019-6470 dhcp: double-deletion of the released addresses in the dhcpv6 code leading to crash and possible DoS cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fix(es): * glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress (CVE-2019-12450) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-12450 CVE-2019-12450 glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: An assertion failure if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (CVE-2018-5745) * bind: Controls for zone transfers may not be properly applied to DLZs if the zones are writable (CVE-2019-6465) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-5745 CVE-2019-6465 CVE-2018-5745 bind: An assertion failure if a trust anchor rolls over to an unsupported key algorithm when using managed-keys CVE-2019-6465 bind: Controls for zone transfers may not be properly applied to DLZs if the zones are writable cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 GNOME is the default desktop environment of AlmaLinux. Security Fix(es): * evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail() (CVE-2019-11459) * gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd (CVE-2019-12795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11070 CVE-2019-11459 CVE-2019-12795 CVE-2019-3820 CVE-2019-6237 CVE-2019-6251 CVE-2019-8506 CVE-2019-8518 CVE-2019-8523 CVE-2019-8524 CVE-2019-8535 CVE-2019-8536 CVE-2019-8544 CVE-2019-8551 CVE-2019-8558 CVE-2019-8559 CVE-2019-8563 CVE-2019-8571 CVE-2019-8583 CVE-2019-8584 CVE-2019-8586 CVE-2019-8587 CVE-2019-8594 CVE-2019-8595 CVE-2019-8596 CVE-2019-8597 CVE-2019-8601 CVE-2019-8607 CVE-2019-8608 CVE-2019-8609 CVE-2019-8610 CVE-2019-8611 CVE-2019-8615 CVE-2019-8619 CVE-2019-8622 CVE-2019-8623 CVE-2019-8666 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8679 CVE-2019-8681 CVE-2019-8686 CVE-2019-8687 CVE-2019-8689 CVE-2019-8690 CVE-2019-8726 CVE-2019-8735 CVE-2019-8768 CVE-2019-6251 webkitgtk: processing maliciously crafted web content lead to URI spoofing CVE-2019-3820 gnome-shell: partial lock screen bypass CVE-2019-11070 webkitgtk: HTTP proxy setting deanonymization information disclosure CVE-2019-11459 evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail() CVE-2019-8506 webkitgtk: malicous web content leads to arbitrary code execution CVE-2019-8518 webkitgtk: malicious web content leads to arbitrary code execution CVE-2019-8523 webkitgtk: malicious web content leads to arbitrary code execution CVE-2019-8524 webkitgtk: malicious web content leads to arbitrary code execution CVE-2019-8535 webkitgtk: malicious crafted web content leads to arbitrary code execution CVE-2019-8536 webkitgtk: malicious crafted web content leads to arbitrary code execution CVE-2019-8544 webkitgtk: malicious crafted web content leads to arbitrary we content CVE-2019-8558 webkitgtk: malicious crafted web content leads to arbitrary code execution CVE-2019-8559 webkitgtk: malicious web content leads to arbitrary code execution CVE-2019-8563 webkitgtk: malicious web content leads to arbitrary code execution CVE-2019-8551 webkitgtk: malicious web content leads to cross site scripting CVE-2019-12795 gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd CVE-2019-8726 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8735 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8768 webkitgtk: Browsing history could not be deleted CVE-2019-8666 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8671 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8672 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8673 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8676 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8677 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8679 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8681 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8686 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8687 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8689 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8690 webkitgtk: Incorrect state management leading to universal cross-site scripting CVE-2019-6237 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8571 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8583 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8584 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8586 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8587 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8594 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8595 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8596 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8597 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8601 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8607 webkitgtk: Out-of-bounds read leading to memory disclosure CVE-2019-8608 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8609 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8610 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8615 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8611 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8619 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8622 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8623 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code. The following packages have been upgraded to a later upstream version: elfutils (0.176). (BZ#1683705) Security Fix(es): * elfutils: buffer over-read in the ebl_object_note function in eblobjnote.c in libebl (CVE-2019-7146) * elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw (CVE-2019-7149) * elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c (CVE-2019-7150) * elfutils: out of bound write in elf_cvt_note in libelf/note_xlate.h (CVE-2019-7664) * elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c (CVE-2019-7665) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-7146 CVE-2019-7149 CVE-2019-7150 CVE-2019-7664 CVE-2019-7665 CVE-2019-7146 elfutils: buffer over-read in the ebl_object_note function in eblobjnote.c in libebl CVE-2019-7149 elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw CVE-2019-7150 elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c CVE-2019-7664 elfutils: out of bound write in elf_cvt_note in libelf/note_xlate.h CVE-2019-7665 elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version: samba (4.10.4). (BZ#1638001) Security Fix(es): * samba: save registry file outside share as unprivileged user (CVE-2019-3880) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-3880 CVE-2019-3880 samba: save registry file outside share as unprivileged user cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Yum is a command-line utility that allows the user to check for updates and automatically download and install updated RPM packages. Yum automatically obtains and downloads dependencies, prompting the user for permission as necessary. The following packages have been upgraded to a later upstream version: dnf (4.2.7), dnf-plugins-core (4.0.8), libcomps (0.1.11), libdnf (0.35.1), librepo (1.10.3), libsolv (0.7.4). (BZ#1690288, BZ#1690289, BZ#1690299, BZ#1692402, BZ#1694019, BZ#1697946) Security Fix(es): * libcomps: use after free when merging two objmrtrees (CVE-2019-3817) * libsolv: illegal address access in pool_whatprovides in src/pool.h (CVE-2018-20534) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-20534 CVE-2019-3817 CVE-2018-20534 libsolv: illegal address access in pool_whatprovides in src/pool.h CVE-2019-3817 libcomps: use after free when merging two objmrtrees cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fix(es): * python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service (CVE-2019-11236) * python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11236 CVE-2019-11324 CVE-2019-11236 python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service CVE-2019-11324 python-urllib3: Certification mishandle when error should be thrown cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: systemd-resolved allows unprivileged users to configure DNS (CVE-2019-15718) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15718 CVE-2019-15718 systemd: systemd-resolved allows unprivileged users to configure DNS cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. The following packages have been upgraded to a later upstream version: gnutls (3.6.8). (BZ#1689967) Security Fix(es): * gnutls: use-after-free/double-free in certificate verification (CVE-2019-3829) * gnutls: invalid pointer access upon receiving async handshake messages (CVE-2019-3836) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-3829 CVE-2019-3836 CVE-2019-3829 gnutls: use-after-free/double-free in certificate verification CVE-2019-3836 gnutls: invalid pointer access upon receiving async handshake messages cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The libqb packages provide a library with the primary purpose of providing high performance client/server reusable features, such as high performance logging, tracing, inter-process communication, and polling. Security Fix(es): * libqb: Insecure treatment of IPC (temporary) files (CVE-2019-12779) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-12779 CVE-2019-12779 libqb: Insecure treatment of IPC (temporary) files cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The libseccomp library provides an interface to the Linux Kernel's syscall filtering mechanism, seccomp. The libseccomp API allows an application to specify which system calls or system call arguments the application is allowed to execute, all of which are then enforced by the Linux Kernel. The following packages have been upgraded to a later upstream version: libseccomp (2.4.1). (BZ#1688938) Security Fix(es): * libseccomp: incorrect generation of syscall filters in libseccomp (CVE-2019-9893) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-9893 CVE-2019-9893 libseccomp: incorrect generation of syscall filters in libseccomp cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The gettext packages provide a documentation for producing multi-lingual messages in programs, set of conventions about how programs should be written, a runtime library, and a directory and file naming organization for the message catalogs. Security Fix(es): * gettext: double free in default_add_message in read-catalog.c (CVE-2018-18751) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-18751 CVE-2018-18751 gettext: double free in default_add_message in read-catalog.c cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. The following packages have been upgraded to a later upstream version: sssd (2.2.0). (BZ#1687281) Security Fix(es): * sssd: improper implementation of GPOs due to too restrictive permissions (CVE-2018-16838) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-16838 CVE-2018-16838 sssd: improper implementation of GPOs due to too restrictive permissions cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The lldpad packages provide the Linux user space daemon and configuration tool for Intel's Link Layer Discovery Protocol (LLDP) Agent with Enhanced Ethernet support. Security Fix(es): * lldptool: improper sanitization of shell-escape codes (CVE-2018-10932) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-10932 CVE-2018-10932 lldptool: improper sanitization of shell-escape codes cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword (CVE-2019-14287) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14287 CVE-2019-14287 sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: Double free in RAR decoder resulting in a denial of service (CVE-2018-1000877) * libarchive: Use after free in RAR decoder resulting in a denial of service (CVE-2018-1000878) * libarchive: Out of bounds read in archive_read_support_format_7zip.c resulting in a denial of service (CVE-2019-1000019) * libarchive: Infinite recursion in archive_read_support_format_iso9660.c resulting in denial of service (CVE-2019-1000020) * libarchive: Out-of-bounds read in lha_read_data_none (CVE-2017-14503) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2017-14503 CVE-2018-1000877 CVE-2018-1000878 CVE-2019-1000019 CVE-2019-1000020 CVE-2017-14503 libarchive: Out-of-bounds read in lha_read_data_none CVE-2018-1000877 libarchive: Double free in RAR decoder resulting in a denial of service CVE-2018-1000878 libarchive: Use after free in RAR decoder resulting in a denial of service CVE-2019-1000020 libarchive: Infinite recursion in archive_read_support_format_iso9660.c resulting in denial of service CVE-2019-1000019 libarchive: Out of bounds read in archive_read_support_format_7zip.c resulting in a denial of service cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. Security Fix(es): * evolution-ews: all certificate errors ignored if configured to ignore an initial error in gnome-online-accounts creation resulting in the connection open to being viewed and modified. (CVE-2019-3890) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-3890 CVE-2019-3890 evolution-ews: all certificate errors ignored if error is ignored during initial account setup in gnome-online-accounts cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. The following packages have been upgraded to a later upstream version: openssl (1.1.1c). (BZ#1643026) Security Fix(es): * openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734) * openssl: timing side channel attack in the ECDSA signature generation (CVE-2018-0735) * openssl: ChaCha20-Poly1305 with long nonces (CVE-2019-1543) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-0734 CVE-2018-0735 CVE-2019-1543 CVE-2018-0735 openssl: timing side channel attack in the ECDSA signature generation CVE-2018-0734 openssl: timing side channel attack in the DSA signature algorithm CVE-2019-1543 openssl: ChaCha20-Poly1305 with long nonces cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: NTLM type-2 heap out-of-bounds buffer read (CVE-2018-16890) * wget: Information exposure in set_file_metadata function in xattr.c (CVE-2018-20483) * curl: NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822) * curl: SMTP end-of-response out-of-bounds read (CVE-2019-3823) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-16890 CVE-2018-20483 CVE-2019-3822 CVE-2019-3823 CVE-2018-20483 wget: Information exposure in set_file_metadata function in xattr.c CVE-2018-16890 curl: NTLM type-2 heap out-of-bounds buffer read CVE-2019-3822 curl: NTLMv2 type-3 header stack buffer overflow CVE-2019-3823 curl: SMTP end-of-response out-of-bounds read cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. The following packages have been upgraded to a later upstream version: openssh (8.0p1). (BZ#1691045) Security Fix(es): * openssh: scp client improper directory name validation (CVE-2018-20685) * openssh: Improper validation of object names allows malicious server to overwrite files via scp client (CVE-2019-6111) * openssh: Missing character encoding in progress display allows for spoofing of scp client output (CVE-2019-6109) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-20685 CVE-2019-6109 CVE-2019-6111 CVE-2018-20685 openssh: scp client improper directory name validation CVE-2019-6109 openssh: Missing character encoding in progress display allows for spoofing of scp client output CVE-2019-6111 openssh: Improper validation of object names allows malicious server to overwrite files via scp client cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis, a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed format for audio and music at fixed and variable bitrates. Security Fix(es): * libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392) * libvorbis: stack buffer overflow in bark_noise_hybridmp function (CVE-2018-10393) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Low Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-10392 CVE-2018-10393 CVE-2018-10392 libvorbis: heap buffer overflow in mapping0_forward function CVE-2018-10393 libvorbis: stack buffer overflow in bark_noise_hybridmp function cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The numpy packages provide NumPY. NumPY is an extension to the Python programming language, which adds support for large, multi-dimensional arrays and matrices, and a library of mathematical functions that operate on such arrays. Security Fix(es): * numpy: crafted serialized object passed in numpy.load() in pickle python module allows arbitrary code execution (CVE-2019-6446) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-6446 CVE-2019-6446 numpy: crafted serialized object passed in numpy.load() in pickle python module allows arbitrary code execution cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fix(es): * libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service (CVE-2018-14498) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-14498 CVE-2018-14498 libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fix(es): * lua: use-after-free in lua_upvaluejoin in lapi.c resulting in denial of service (CVE-2019-6706) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-6706 CVE-2019-6706 lua: use-after-free in lua_upvaluejoin in lapi.c resulting in denial of service cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix(es): * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass (CVE-2019-12749) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-12749 CVE-2019-12749 dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.17), galera (25.3.26). (BZ#1701687, BZ#1711265, BZ#1741358) Security Fix(es): * mysql: InnoDB unspecified vulnerability (CPU Jan 2019) (CVE-2019-2510) * mysql: Server: DDL unspecified vulnerability (CPU Jan 2019) (CVE-2019-2537) * mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) (CVE-2019-2614) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) (CVE-2019-2627) * mysql: InnoDB unspecified vulnerability (CPU Apr 2019) (CVE-2019-2628) * mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) (CVE-2019-2737) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) (CVE-2019-2739) * mysql: Server: XML unspecified vulnerability (CPU Jul 2019) (CVE-2019-2740) * mysql: InnoDB unspecified vulnerability (CPU Jul 2019) (CVE-2019-2758) * mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) (CVE-2019-2805) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Moderate Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-2510 CVE-2019-2537 CVE-2019-2614 CVE-2019-2627 CVE-2019-2628 CVE-2019-2737 CVE-2019-2739 CVE-2019-2740 CVE-2019-2758 CVE-2019-2805 CVE-2020-2922 CVE-2021-2007 CVE-2019-2510 mysql: InnoDB unspecified vulnerability (CPU Jan 2019) CVE-2019-2537 mysql: Server: DDL unspecified vulnerability (CPU Jan 2019) CVE-2019-2614 mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) CVE-2019-2627 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) CVE-2019-2628 mysql: InnoDB unspecified vulnerability (CPU Apr 2019) CVE-2019-2737 mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) CVE-2019-2739 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) CVE-2019-2740 mysql: Server: XML unspecified vulnerability (CPU Jul 2019) CVE-2019-2758 mysql: InnoDB unspecified vulnerability (CPU Jul 2019) CVE-2019-2805 mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) CVE-2020-2922 mysql: C API unspecified vulnerability (CPU Apr 2020) CVE-2021-2007 mysql: C API unspecified vulnerability (CPU Jan 2021) cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11043 CVE-2019-11043 php: underflow in env_path_info in fpm_main.c cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11043 CVE-2019-11043 php: underflow in env_path_info in fpm_main.c cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207) * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * hw: Intel GPU Denial Of Service while accessing MMIO in lower power state (CVE-2019-0154) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-12207 CVE-2019-0154 CVE-2019-11135 CVE-2018-12207 hw: Machine Check Error on Page Size Change (IFU) CVE-2019-0154 hw: Intel GPU Denial Of Service while accessing MMIO in lower power state CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA) cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207) * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * hw: Intel GPU Denial Of Service while accessing MMIO in lower power state (CVE-2019-0154) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-12207 CVE-2019-0154 CVE-2019-11135 CVE-2018-12207 hw: Machine Check Error on Page Size Change (IFU) CVE-2019-0154 hw: Intel GPU Denial Of Service while accessing MMIO in lower power state CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA) AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-0155 CVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-0155 CVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix(es): * ghostscript: -dSAFER escape in .charkeys (701841) (CVE-2019-14869) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14869 CVE-2019-14869 ghostscript: -dSAFER escape in .charkeys (701841) cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207) * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-12207 CVE-2019-11135 CVE-2018-12207 hw: Machine Check Error on Page Size Change (IFU) CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA) cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Security Fix(es): * SDL: heap-based buffer overflow in SDL blit functions in video/SDL_blit*.c (CVE-2019-13616) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-13616 CVE-2019-13616 SDL: heap-based buffer overflow in SDL blit functions in video/SDL_blit*.c cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.3.0 ESR. Security Fix(es): * Mozilla: Use-after-free in worker destruction (CVE-2019-17008) * Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 (CVE-2019-17012) * Mozilla: Buffer overflow in plain text serializer (CVE-2019-17005) * Mozilla: Use-after-free when performing device orientation checks (CVE-2019-17010) * Mozilla: Use-after-free when retrieving a document in antitracking (CVE-2019-17011) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-17005 CVE-2019-17008 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-17008 Mozilla: Use-after-free in worker destruction CVE-2019-17010 Mozilla: Use-after-free when performing device orientation checks CVE-2019-17005 Mozilla: Buffer overflow in plain text serializer CVE-2019-17011 Mozilla: Use-after-free when retrieving a document in antitracking CVE-2019-17012 Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11745 CVE-2019-11745 nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.3.0. Security Fix(es): * Mozilla: Use-after-free in worker destruction (CVE-2019-17008) * Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 (CVE-2019-17012) * Mozilla: Buffer overflow in plain text serializer (CVE-2019-17005) * Mozilla: Use-after-free when performing device orientation checks (CVE-2019-17010) * Mozilla: Use-after-free when retrieving a document in antitracking (CVE-2019-17011) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-17005 CVE-2019-17008 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-17008 Mozilla: Use-after-free in worker destruction CVE-2019-17010 Mozilla: Use-after-free when performing device orientation checks CVE-2019-17005 Mozilla: Buffer overflow in plain text serializer CVE-2019-17011 Mozilla: Use-after-free when retrieving a document in antitracking CVE-2019-17012 Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kpatch: hw: incomplete fix for CVE-2018-12207 (CVE-2019-19339) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-19339 CVE-2019-19339 kpatch: hw: incomplete fix for CVE-2018-12207 cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc (CVE-2019-16884) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * avc: podman run --security-opt label=type:svirt_qemu_net_t (BZ#1764318) * backport json-file logging support to 1.4.2 (BZ#1770176) * Selinux won't allow SCTP inter pod communication (BZ#1774382) Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-16884 CVE-2019-18466 CVE-2019-9512 CVE-2019-9514 CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth CVE-2019-18466 podman: resolving symlink in host filesystem leads to unexpected results of copy operation CVE-2019-16884 runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-9512 CVE-2019-9514 CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. The following packages have been upgraded to a later upstream version: git (2.18.2). (BZ#1784058) Security Fix(es): * git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387) * git: Arbitrary path overwriting via export-marks in-stream command feature (CVE-2019-1348) * git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349) * git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1387 CVE-2019-1387 git: Remote code execution in recursive clones with nested submodules CVE-2019-1349 git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ CVE-2019-1348 git: Arbitrary path overwriting via export-marks in-stream command feature CVE-2019-1352 git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The libyang package provides a library for YANG data modeling language. libyang is a YANG data modelling language parser and toolkit written (and providing API) in C. The library is used e.g. in libnetconf2, Netopeer2, sysrepo and FRRouting projects. Security Fix(es): * libyang: stack-based buffer overflow in make_canonical when bits leaf type is used (CVE-2019-19333) * libyang: stack-based buffer overflow in make_canonical when identityref leaf type is used (CVE-2019-19334) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. IMPORTANT: The libyang-devel sub-package has recently been removed from the AppStream repository. If you have previously installed libyang-devel, remove it prior to applying this advisory to make the update successful. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-19333 CVE-2019-19334 CVE-2019-19333 libyang: stack-based buffer overflow in make_canonical when bits leaf type is used CVE-2019-19334 libyang: stack-based buffer overflow in make_canonical when identityref leaf type is used cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 A library to handle bidirectional scripts (for example Hebrew, Arabic), so that the display is done in the proper way, while the text data itself is always written in logical order. Security Fix(es): * fribidi: buffer overflow in fribidi_get_par_embedding_levels_ex() in lib/fribidi-bidi.c leading to denial of service and possible code execution (CVE-2019-18397) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2019 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-18397 CVE-2019-18397 fribidi: buffer overflow in fribidi_get_par_embedding_levels_ex() in lib/fribidi-bidi.c leading to denial of service and possible code execution cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6. Security Fix(es): * OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn (Scripting, 8223518) (CVE-2019-2975) * OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892) (CVE-2019-2978) * OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298) (CVE-2019-2989) * Oracle JDK: unspecified vulnerability fixed in 8u221 (Deployment) (CVE-2019-2996) * IBM JDK: Unrestricted access to diagnostic operations (CVE-2019-17631) * OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573) (CVE-2019-2945) * OpenJDK: NULL pointer dereference in DrawGlyphList (2D, 8222690) (CVE-2019-2962) * OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684) (CVE-2019-2964) * OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression (JAXP, 8223505) (CVE-2019-2973) * OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression (JAXP, 8224532) (CVE-2019-2981) * OpenJDK: Unexpected exception thrown during Font object deserialization (Serialization, 8224915) (CVE-2019-2983) * OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292) (CVE-2019-2988) * OpenJDK: Excessive memory allocation in CMap when reading TrueType font (2D, 8225597) (CVE-2019-2992) * OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765) (CVE-2019-2999) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-17631 CVE-2019-2945 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2975 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2988 CVE-2019-2989 CVE-2019-2992 CVE-2019-2996 CVE-2019-2999 CVE-2019-2964 OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684) CVE-2019-2975 OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn (Scripting, 8223518) CVE-2019-2973 OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression (JAXP, 8223505) CVE-2019-2981 OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression (JAXP, 8224532) CVE-2019-2999 OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765) CVE-2019-2988 OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292) CVE-2019-2978 OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892) CVE-2019-2992 OpenJDK: Excessive memory allocation in CMap when reading TrueType font (2D, 8225597) CVE-2019-2983 OpenJDK: Unexpected exception thrown during Font object deserialization (Serialization, 8224915) CVE-2019-2962 OpenJDK: NULL pointer dereference in DrawGlyphList (2D, 8222690) CVE-2019-2945 OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573) CVE-2019-2989 OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298) CVE-2019-2996 Oracle JDK: unspecified vulnerability fixed in 8u221 (Deployment) CVE-2019-17631 IBM JDK: Unrestricted access to diagnostic operations AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.4.1 ESR. Security Fix(es): * Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement (CVE-2019-17026) * Mozilla: Bypass of @namespace CSS sanitization during pasting (CVE-2019-17016) * Mozilla: Type Confusion in XPCVariant.cpp (CVE-2019-17017) * Mozilla: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4 (CVE-2019-17024) * Mozilla: CSS sanitization does not escape HTML tags (CVE-2019-17022) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-17016 CVE-2019-17017 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 CVE-2019-17016 Mozilla: Bypass of @namespace CSS sanitization during pasting CVE-2019-17017 Mozilla: Type Confusion in XPCVariant.cpp CVE-2019-17022 Mozilla: CSS sanitization does not escape HTML tags CVE-2019-17024 Mozilla: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4 CVE-2019-17026 Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.4.1. Security Fix(es): * Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement (CVE-2019-17026) * Mozilla: Bypass of @namespace CSS sanitization during pasting (CVE-2019-17016) * Mozilla: Type Confusion in XPCVariant.cpp (CVE-2019-17017) * Mozilla: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4 (CVE-2019-17024) * Mozilla: CSS sanitization does not escape HTML tags (CVE-2019-17022) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-17016 CVE-2019-17017 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 CVE-2019-17016 Mozilla: Bypass of @namespace CSS sanitization during pasting CVE-2019-17017 Mozilla: Type Confusion in XPCVariant.cpp CVE-2019-17022 Mozilla: CSS sanitization does not escape HTML tags CVE-2019-17024 Mozilla: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4 CVE-2019-17026 Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: Use of unsafe RSA-MD5 checkum in Kerberos TGS (Security, 8229951) (CVE-2020-2601) * OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) (CVE-2020-2604) * OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) (CVE-2020-2590) * OpenJDK: Incorrect isBuiltinStreamHandler causing URL normalization issues (Networking, 8228548) (CVE-2020-2593) * OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654) * OpenJDK: Incorrect handling of unexpected CertificateVerify TLS handshake messages (JSSE, 8231780) (CVE-2020-2655) * OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) (CVE-2020-2583) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2655 CVE-2020-2583 OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) CVE-2020-2590 OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) CVE-2020-2601 OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951) CVE-2020-2593 OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548) CVE-2020-2604 OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) CVE-2020-2655 OpenJDK: Incorrect handling of unexpected CertificateVerify TLS handshake messages (JSSE, 8231780) CVE-2020-2654 OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.0.102 and .NET Core Runtime 3.0.2. Security Fixes: * dotnet: Memory Corruption in SignalR (CVE-2020-0603) * dotnet: SignalR Denial of Service via backpressure issue (CVE-2020-0602) Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes. For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section. Critical Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-0602 CVE-2020-0603 CVE-2020-0602 dotnet: Denial of service via backpressure issue CVE-2020-0603 dotnet: Memory Corruption in SignalR cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Python-reportlab is a library used for generation of PDF documents. Security Fix(es): * python-reportlab: code injection in colors.py allows attacker to execute code (CVE-2019-17626) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-17626 CVE-2019-17626 python-reportlab: code injection in colors.py allows attacker to execute code cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Use of unsafe RSA-MD5 checkum in Kerberos TGS (Security, 8229951) (CVE-2020-2601) * OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) (CVE-2020-2604) * OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) (CVE-2020-2590) * OpenJDK: Incorrect isBuiltinStreamHandler causing URL normalization issues (Networking, 8228548) (CVE-2020-2593) * OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654) * OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) (CVE-2020-2583) * OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795) (CVE-2020-2659) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 CVE-2020-2583 OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) CVE-2020-2590 OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) CVE-2020-2601 OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951) CVE-2020-2593 OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548) CVE-2020-2604 OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) CVE-2020-2654 OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) CVE-2020-2659 OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: use-after-free in archive_read_format_rar_read_data when there is an error in the decompression of an archive entry (CVE-2019-18408) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-18408 CVE-2019-18408 libarchive: use-after-free in archive_read_format_rar_read_data when there is an error in the decompression of an archive entry cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Security Fix(es): * sqlite: fts3: improve shadow table corruption detection (CVE-2019-13734) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-13734 CVE-2019-13734 sqlite: fts3: improve shadow table corruption detection cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es): * openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor() (CVE-2020-6851) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-6851 CVE-2020-6851 openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor() cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es): * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11135 CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA) cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816) * kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895) * kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901) * kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666) * kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS (CVE-2019-14814) * kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS (CVE-2019-14815) * kernel: incomplete fix for race condition between mmget_not_zero()/get_task_mm() and core dumping in CVE-2019-11599 (CVE-2019-14898) * Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135) (CVE-2019-19338) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.1.z2 source tree (BZ#1780326) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14895 CVE-2019-14898 CVE-2019-14901 CVE-2019-17666 CVE-2019-19338 CVE-2019-14814 kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS CVE-2019-14815 kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS CVE-2019-14816 kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver CVE-2019-17666 kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c CVE-2019-14898 kernel: incomplete fix for race condition between mmget_not_zero()/get_task_mm() and core dumping in CVE-2019-11599 CVE-2019-14895 kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135) AlmaLinux 8 Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling (CVE-2019-16276) * golang: invalid public key causes panic in dsa.Verify (CVE-2019-17596) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-16276 CVE-2019-17596 CVE-2019-16276 golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling CVE-2019-17596 golang: invalid public key causes panic in dsa.Verify cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fix(es): * grub2: grub2-set-bootflag utility causes grubenv corruption rendering the system non-bootable (CVE-2019-14865) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14865 CVE-2019-14865 grub2: grub2-set-bootflag utility causes grubenv corruption rendering the system non-bootable cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816) * kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895) * kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901) * kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666) * kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS (CVE-2019-14814) * kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS (CVE-2019-14815) * kernel: incomplete fix for race condition between mmget_not_zero()/get_task_mm() and core dumping in CVE-2019-11599 (CVE-2019-14898) * Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135) (CVE-2019-19338) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [Azure][8.1] Include patch "PCI: hv: Avoid use of hv_pci_dev->pci_slot after freeing it" (BZ#1764635) * block layer: update to v5.3 (BZ#1777766) * backport xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (BZ#1778692) * Backport important bugfixes from upstream post 5.3 (BZ#1778693) * LUN path recovery issue with Emulex LPe32002 HBA in RHEL 8.0 Server during storage side cable pull testing (BZ#1781108) * cifs tasks enter D state and error out with "CIFS VFS: SMB signature verification returned error = -5" (BZ#1781110) * Update CIFS to linux 5.3 (except RDMA and conflicts) (BZ#1781113) * RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781114) * blk-mq: overwirte performance drops on real MQ device (BZ#1782181) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14895 CVE-2019-14898 CVE-2019-14901 CVE-2019-17666 CVE-2019-19338 CVE-2019-14814 kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS CVE-2019-14815 kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS CVE-2019-14816 kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver CVE-2019-17666 kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c CVE-2019-14898 kernel: incomplete fix for race condition between mmget_not_zero()/get_task_mm() and core dumping in CVE-2019-11599 CVE-2019-14895 kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135) cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15890 CVE-2020-7039 CVE-2019-15890 QEMU: Slirp: use-after-free during packet reassembly CVE-2020-7039 QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP5. Security Fix(es): * OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) (CVE-2020-2604) * OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548) (CVE-2020-2593) * OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) (CVE-2020-2583) * OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795) (CVE-2020-2659) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-2583 CVE-2020-2593 CVE-2020-2604 CVE-2020-2659 CVE-2020-2583 OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) CVE-2020-2593 OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548) CVE-2020-2604 OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) CVE-2020-2659 OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795) AlmaLinux 8 The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: Stack based buffer overflow when pwfeedback is enabled (CVE-2019-18634) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-18634 CVE-2019-18634 sudo: Stack based buffer overflow when pwfeedback is enabled cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.5.0 ESR. Security Fix(es): * Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) * Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 (CVE-2020-6800) * Mozilla: Incorrect parsing of template tag could result in JavaScript injection (CVE-2020-6798) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-6796 CVE-2020-6798 CVE-2020-6800 CVE-2020-6796 Mozilla: Missing bounds check on shared memory read in the parent process CVE-2020-6798 Mozilla: Incorrect parsing of template tag could result in JavaScript injection CVE-2020-6800 Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992). Security Fix(es): * ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14868 CVE-2019-14868 ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es): * openjpeg: heap-based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c (CVE-2020-8112) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-8112 CVE-2020-8112 openjpeg: heap-based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: use-after-free when asynchronous polkit queries are performed (CVE-2020-1712) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * systemd: systemctl reload command breaks ordering dependencies between units (BZ#1781712) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-1712 CVE-2020-1712 systemd: use-after-free when asynchronous polkit queries are performed cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.5.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 (CVE-2020-6800) * Mozilla: Out-of-bounds read when processing certain email messages (CVE-2020-6793) * Mozilla: Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords (CVE-2020-6794) * Mozilla: Crash processing S/MIME messages with multiple signatures (CVE-2020-6795) * Mozilla: Incorrect parsing of template tag could result in JavaScript injection (CVE-2020-6798) * Mozilla: Message ID calculation was based on uninitialized data (CVE-2020-6792) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-6792 CVE-2020-6793 CVE-2020-6794 CVE-2020-6795 CVE-2020-6798 CVE-2020-6800 CVE-2020-6798 Mozilla: Incorrect parsing of template tag could result in JavaScript injection CVE-2020-6800 Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 CVE-2020-6793 Mozilla: Out-of-bounds read when processing certain email messages CVE-2020-6794 Mozilla: Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords CVE-2020-6795 Mozilla: Crash processing S/MIME messages with multiple signatures CVE-2020-6792 Mozilla: Message ID calculation was based on uninitialized data cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (10.19.0). Security Fix(es): * nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605) * nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604) * nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606) * npm: Symlink reference outside of node_modules folder through the bin field upon installation (CVE-2019-16775) * npm: Arbitrary file write via constructed entry in the package.json bin field (CVE-2019-16776) * npm: Global node_modules Binary Overwrite (CVE-2019-16777) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15604 CVE-2019-15605 CVE-2019-15606 CVE-2019-16775 CVE-2019-16776 CVE-2019-16777 CVE-2019-16777 npm: Global node_modules Binary Overwrite CVE-2019-16775 npm: Symlink reference outside of node_modules folder through the bin field upon installation CVE-2019-16776 npm: Arbitrary file write via constructed entry in the package.json bin field CVE-2019-15605 nodejs: HTTP request smuggling using malformed Transfer-Encoding header CVE-2019-15606 nodejs: HTTP header values do not have trailing optional whitespace trimmed CVE-2019-15604 nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fix(es): * python-pillow: out-of-bounds write in expandrow in libImaging/SgiRleDecode.c (CVE-2020-5311) * python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c (CVE-2020-5312) * python-pillow: reading specially crafted image files leads to allocation of large amounts of memory and denial of service (CVE-2019-16865) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-16865 CVE-2020-5311 CVE-2020-5312 CVE-2019-16865 python-pillow: reading specially crafted image files leads to allocation of large amounts of memory and denial of service CVE-2020-5312 python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c CVE-2020-5311 python-pillow: out-of-bounds write in expandrow in libImaging/SgiRleDecode.c cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (12.16.1). Security Fix(es): * nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605) * nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string (CVE-2019-15604) * nodejs: HTTP header values do not have trailing optional whitespace trimmed (CVE-2019-15606) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15604 CVE-2019-15605 CVE-2019-15606 CVE-2019-15605 nodejs: HTTP request smuggling using malformed Transfer-Encoding header CVE-2019-15606 nodejs: HTTP header values do not have trailing optional whitespace trimmed CVE-2019-15604 nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The ppp packages contain the Point-to-Point Protocol (PPP) daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider (ISP) or other organization over a modem and phone line. Security Fix(es): * ppp: Buffer overflow in the eap_request and eap_response functions in eap.c (CVE-2020-8597) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-8597 CVE-2020-8597 ppp: Buffer overflow in the eap_request and eap_response functions in eap.c cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any system calls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream. Security Fix(es): * nodejs: HTTP request smuggling using malformed Transfer-Encoding header (CVE-2019-15605) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15605 CVE-2019-15605 nodejs: HTTP request smuggling using malformed Transfer-Encoding header cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.6.0 ESR. Security Fix(es): * Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) * Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) * Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) * Mozilla: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6 (CVE-2020-6814) * Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) * Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection (CVE-2020-6811) * Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission (CVE-2020-6812) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20503 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 CVE-2020-6805 Mozilla: Use-after-free when removing data about origins CVE-2020-6806 Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion CVE-2020-6807 Mozilla: Use-after-free in cubeb during stream destruction CVE-2020-6811 Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection CVE-2019-20503 usrsctp: Out of bounds reads in sctp_load_addresses_from_init() CVE-2020-6812 Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission CVE-2020-6814 Mozilla: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The International Components for Unicode (ICU) library provides robust and full-featured Unicode services. Security Fix(es): * ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10531 CVE-2020-10531 ICU: Integer overflow in UnicodeString::doAppend() cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell (the Korn shell), but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions (with autoloading), a history mechanism, and more. Security Fix(es): * zsh: insecure dropping of privileges when unsetting PRIVILEGED option (CVE-2019-20044) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20044 CVE-2019-20044 zsh: insecure dropping of privileges when unsetting PRIVILEGED option cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.6.0. Security Fix(es): * Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) * Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) * Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) * Mozilla: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6 (CVE-2020-6814) * Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) * Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection (CVE-2020-6811) * Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission (CVE-2020-6812) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20503 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 CVE-2020-6805 Mozilla: Use-after-free when removing data about origins CVE-2020-6806 Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion CVE-2020-6807 Mozilla: Use-after-free in cubeb during stream destruction CVE-2020-6811 Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection CVE-2019-20503 usrsctp: Out of bounds reads in sctp_load_addresses_from_init() CVE-2020-6812 Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission CVE-2020-6814 Mozilla: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Security Fix(es): * libvncserver: HandleCursorShape() integer overflow resulting in heap-based buffer overflow (CVE-2019-15690) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15690 CVE-2019-20788 CVE-2019-15690 libvncserver: HandleCursorShape() integer overflow resulting in heap-based buffer overflow CVE-2019-20788 libvncserver: integer overflow and heap-based buffer overflow in libvncclient/cursor.c in HandleCursorShape function cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface (IPMI) specification. IPMI is an open standard for machine health, inventory, and remote power control. Security Fix(es): * ipmitool: Buffer overflow in read_fru_area_section function in lib/ipmi_fru.c (CVE-2020-5208) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-5208 CVE-2020-5208 ipmitool: Buffer overflow in read_fru_area_section function in lib/ipmi_fru.c cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fix(es): * haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes (CVE-2020-11100) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-11100 CVE-2020-11100 haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): * ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10531 CVE-2020-10531 ICU: Integer overflow in UnicodeString::doAppend() cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): * ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10531 CVE-2020-10531 ICU: Integer overflow in UnicodeString::doAppend() cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. Security Fix(es): * telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code (CVE-2020-10188) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10188 CVE-2020-10188 telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.6.1 ESR. Security Fix(es): * Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) * Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-6819 CVE-2020-6820 CVE-2020-6819 Mozilla: Use-after-free while running the nsDocShell destructor CVE-2020-6820 Mozilla: Use-after-free when handling a ReadableStream cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es): * QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * libvirtd: error : virCPUx86UpdateLive:3110 : operation failed: guest CPU doesn't match specification: missing features: fxsr_opt (BZ#1809510) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-1711 CVE-2020-7039 CVE-2020-7039 QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() CVE-2020-1711 QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-7039 CVE-2020-7039 QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: powerpc: local user can read vector registers of other users' processes via a Facility Unavailable exception (CVE-2019-15030) * kernel: powerpc: local user can read vector registers of other users' processes via an interrupt (CVE-2019-15031) * kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660) * kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (CVE-2019-19527) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [FJ8.1 Bug]: fs/devpts: always delete dcache dentry-s in dput() (BZ#1783959) * qla2xxx: call dma_free_coherent with correct size in all cases in qla24xx_sp_unmap (BZ#1788206) * qla2xxxx: Firmware update for Gen7 adapter could result in an unusable adapter (BZ#1790350) * s390/sclp: Fix bit checked for has_sipl (BZ#1791408) * RHEL8.1 - Error output for CPU-MF auxtrace data in perf: (BZ#1792198) * [FJ8.0 Bug]: [kernel]: using "kexec -e" to reboot A64FX system causes system panic during the boot of the 2nd kernel (BZ#1792200) * Fixup tlbie vs store ordering issue on POWER9 (BZ#1794058) * RHEL8.1 - qeth: add safeguards to RX data path (BZ#1794059) * RHEL8.1 - STC940:ZZ:Fleet:RHEL:LPM failed with no rmc connection during 6th iteration (ibmvnic) (BZ#1794060) * RHEL8.1 - disable trace-imc feature (perf:) (BZ#1794061) * [Broadcom RHEL8.2 FEAT]: megaraid_sas driver update request (BZ#1795335) * RHEL8.1 pre-Beta - [ FW940 ] [ zz P9 ] kdump fails when XIVE is enabled and dump is trigged from HMC. (BZ#1795337) * T10 DIF: OOM observed while running I/O (BZ#1795338) * backport fix for potential deadlock relative to snapshot COW throttling (BZ#1796490) * Neoverse n1 errata 1542419 "Core may fetch stale instructions from memory and violate ordering" (BZ#1797518) * [HPE 8.1 Bug] hpsa: bug fix for reset issue (BZ#1797519) * [HPE 8.0 BUG] System crash when reading /sys/block/<dm>/mq/0/cpu_list file (BZ#1797960) * kernel: T10 CRC not using hardware-accelerated version from crct10dif_pclmul (BZ#1797961) * [FJ8.1 Bug]: Dirty pages remain when write() returns ENOSPC. (BZ#1797962) * RHEL 8 - NVMe/FC Fabric Broadcom Autoconnect Script Fails to Reconnect after Controller Reset (BZ#1798381) * [RHEL8.2]: Chelsio crypto co-processor Driver (chcr) bugfixes (BZ#1798527) * [RHEL8.1][Snapshot-1]LUN discovery says unrecognized (BZ#1801216) * 8.2 snap2 kernel incorrectly signed in brew (BZ#1807231) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15030 CVE-2019-15031 CVE-2019-18660 CVE-2019-19527 CVE-2019-15030 kernel: powerpc: local user can read vector registers of other users' processes via a Facility Unavailable exception CVE-2019-15031 kernel: powerpc: local user can read vector registers of other users' processes via an interrupt CVE-2019-18660 kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure CVE-2019-19527 kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (CVE-2019-19527) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.1.z3 source tree (BZ#1794136) * [kernel-rt-debug] BUG: MAX_LOCKDEP_CHAINS too low! (BZ#1794199) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-19527 CVE-2019-19527 kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * QEMU: Slirp: potential OOB access due to unsafe snprintf() usages (CVE-2020-8608) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * useradd and groupadd fail under rootless Buildah and podman [stream-container-tools-rhel8-rhel-8.1.1] (BZ#1803495) * Podman support for FIPS Mode requires a bind mount inside the container [stream-container-tools-rhel8-rhel-8.1.1/buildah] (BZ#1804188) * Podman support for FIPS Mode requires a bind mount inside the container [stream-container-tools-rhel8-rhel-8.1.1/podman] (BZ#1804194) * fuse-overlayfs segfault [stream-container-tools-rhel8-rhel-8.1.1/fuse-overlayfs] (BZ#1805016) * buildah COPY command is slow when .dockerignore file is not present [stream-container-tools-rhel8-rhel-8.1.1/buildah] (BZ#1806119) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-8608 CVE-2020-8608 QEMU: Slirp: potential OOB access due to unsafe snprintf() usages cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.7.0 ESR. Security Fix(es): * Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) * Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) * Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-6821 CVE-2020-6822 CVE-2020-6825 CVE-2020-6821 Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method CVE-2020-6822 Mozilla: Out of bounds write in GMPDecodeData when processing large images CVE-2020-6825 Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.7.0. Security Fix(es): * Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) * Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) * Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) * Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) * Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-6819 CVE-2020-6820 CVE-2020-6821 CVE-2020-6822 CVE-2020-6825 CVE-2020-6819 Mozilla: Use-after-free while running the nsDocShell destructor CVE-2020-6820 Mozilla: Use-after-free when handling a ReadableStream CVE-2020-6821 Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method CVE-2020-6822 Mozilla: Out of bounds write in GMPDecodeData when processing large images CVE-2020-6825 Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Security Fix(es): * tigervnc: Stack use-after-return due to incorrect usage of stack memory in ZRLEDecoder (CVE-2019-15691) * tigervnc: Heap buffer overflow triggered from CopyRectDecoder due to incorrect value checks (CVE-2019-15692) * tigervnc: Heap buffer overflow in TightDecoder::FilterGradient (CVE-2019-15693) * tigervnc: Heap buffer overflow in DecodeManager::decodeRect (CVE-2019-15694) * tigervnc: Stack buffer overflow in CMsgReader::readSetCursor (CVE-2019-15695) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695 CVE-2019-15692 tigervnc: Heap buffer overflow triggered from CopyRectDecoder due to incorrect value checks CVE-2019-15691 tigervnc: Stack use-after-return due to incorrect usage of stack memory in ZRLEDecoder CVE-2019-15693 tigervnc: Heap buffer overflow in TightDecoder::FilterGradient CVE-2019-15694 tigervnc: Heap buffer overflow in DecodeManager::decodeRect CVE-2019-15695 tigervnc: Stack buffer overflow in CMsgReader::readSetCursor cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix(es): * git: Crafted URL containing new lines can cause credential leak (CVE-2020-5260) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-5260 CVE-2020-5260 git: Crafted URL containing new lines can cause credential leak cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) * OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) * OpenJDK: Application data accepted before TLS handshake completion (JSSE, 8235691) (CVE-2020-2816) * OpenJDK: Incorrect handling of Certificate messages during TLS handshake (JSSE, 8232581) (CVE-2020-2767) * OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773) * OpenJDK: Incomplete enforcement of algorithm restrictions for TLS (JSSE, 8232424) (CVE-2020-2778) * OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781) * OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800) * OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830) * OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754) * OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755) * OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756) * OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2767 CVE-2020-2773 CVE-2020-2778 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2816 CVE-2020-2830 CVE-2020-2754 OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) CVE-2020-2755 OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) CVE-2020-2756 OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) CVE-2020-2757 OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) CVE-2020-2773 OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) CVE-2020-2800 OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) CVE-2020-2830 OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) CVE-2020-2803 OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) CVE-2020-2805 OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) CVE-2020-2816 OpenJDK: Application data accepted before TLS handshake completion (JSSE, 8235691) CVE-2020-2778 OpenJDK: Incomplete enforcement of algorithm restrictions for TLS (JSSE, 8232424) CVE-2020-2767 OpenJDK: Incorrect handling of Certificate messages during TLS handshake (JSSE, 8232581) CVE-2020-2781 OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) * OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) * OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773) * OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781) * OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800) * OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830) * OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754) * OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755) * OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756) * OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-2754 OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) CVE-2020-2755 OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) CVE-2020-2756 OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) CVE-2020-2757 OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) CVE-2020-2773 OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) CVE-2020-2800 OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) CVE-2020-2830 OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) CVE-2020-2803 OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) CVE-2020-2805 OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) CVE-2020-2781 OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service (CVE-2019-8980) * kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol. (CVE-2019-17053) * kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol. (CVE-2019-17055) * kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c (CVE-2019-18805) * kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver (CVE-2019-19534) * kernel: some ipv6 protocols not encrypted over ipsec tunnel. (CVE-2020-1749) * Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR (CVE-2019-10639) * kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure (CVE-2019-15090) * kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash (CVE-2019-15099) * kernel: Null pointer dereference in the sound/usb/line6/pcm.c (CVE-2019-15221) * kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS (CVE-2019-19057) * kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS) (CVE-2019-19073) * kernel: a memory leak in the ath9k management function in allows local DoS (CVE-2019-19074) * kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications (CVE-2019-19922) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * RT: update RT source tree to the RHEL-8.2 tree (BZ#1708716) * KVM-RT guest fails boot with emulatorsched (BZ#1712781) * 8 vCPU guest need max latency < 20 us with stress [RT-8.2] (BZ#1757165) * Request nx_huge_pages=N as default value to avoid kvm-rt guest large latency spike [rt-8] (BZ#1788352) * RT: Add rpm Provide of 'kernel' to indicate that this is a kernel package (BZ#1796284) * [RHEL8] RT kernel signed by test certificate and not Red Hat Secure Boot (BZ#1806871) Enhancement(s): * update to the upstream 5.x RT patchset (BZ#1680161) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-16871 CVE-2019-10639 CVE-2019-12819 CVE-2019-15090 CVE-2019-15099 CVE-2019-15221 CVE-2019-15223 CVE-2019-16234 CVE-2019-17053 CVE-2019-17055 CVE-2019-18282 CVE-2019-18805 CVE-2019-19045 CVE-2019-19047 CVE-2019-19055 CVE-2019-19057 CVE-2019-19058 CVE-2019-19059 CVE-2019-19065 CVE-2019-19067 CVE-2019-19073 CVE-2019-19074 CVE-2019-19077 CVE-2019-19532 CVE-2019-19534 CVE-2019-19768 CVE-2019-19922 CVE-2019-5108 CVE-2019-8980 CVE-2020-10690 CVE-2020-1749 CVE-2020-7053 CVE-2018-16871 kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence CVE-2019-8980 kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service CVE-2019-12819 kernel: use-after-free in function __mdiobus_register() in drivers/net/phy/mdio_bus.c CVE-2019-10639 Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR CVE-2019-15090 kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure CVE-2019-15099 kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash CVE-2019-15221 kernel: Null pointer dereference in the sound/usb/line6/pcm.c CVE-2019-15223 kernel: Null pointer dereference in the sound/usb/line6/driver.c CVE-2019-17053 kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol CVE-2019-17055 kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol CVE-2019-16234 kernel: null pointer dereference in drivers/net/wireless/intel/iwlwifi/pcie/trans.c CVE-2019-18805 kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c CVE-2019-19074 kernel: a memory leak in the ath9k management function in allows local DoS CVE-2019-19073 kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS) CVE-2019-19067 kernel: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c allow for a DoS CVE-2019-19045 kernel: dos in mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c CVE-2019-19047 kernel: dos in mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c CVE-2019-19065 kernel: A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c allows for a DoS CVE-2019-19059 kernel: Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c allows for a DoS CVE-2019-19058 kernel: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allows for a DoS CVE-2019-19057 kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS CVE-2019-19055 kernel: memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c allows DoS CVE-2019-19077 kernel: memory leak in bnxt_re_create_srq function in drivers/infiniband/hw/bnxt_re/ib_verbs.c CVE-2019-19532 kernel: malicious USB devices can lead to multiple out-of-bounds write CVE-2019-19534 kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver CVE-2019-19768 kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c CVE-2019-5108 kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS CVE-2019-19922 kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications CVE-2020-7053 kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c CVE-2019-18282 kernel: The flow_dissector feature allows device tracking CVE-2020-1749 kernel: some ipv6 protocols not encrypted over ipsec tunnel CVE-2020-10690 kernel: use-after-free in cdev_put() when a PTP device is removed while it's chardev is open AlmaLinux 8 memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix(es): * memcached: null-pointer dereference in "lru mode" and "lru temp_ttl" causing denial of service (CVE-2019-11596) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11596 CVE-2019-11596 memcached: null-pointer dereference in "lru mode" and "lru temp_ttl" causing denial of service cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 (0.27.2). (BZ#1651917) Security Fix(es): * exiv2: infinite loop and hang in Jp2Image::readMetadata() in jp2image.cpp could lead to DoS (CVE-2019-20421) * exiv2: null pointer dereference in the Exiv2::DataValue::toLong function in value.cpp (CVE-2017-18005) * exiv2: Excessive memory allocation in Exiv2::Jp2Image::readMetadata function in jp2image.cpp (CVE-2018-4868) * exiv2: assertion failure in BigTiffImage::readData in bigtiffimage.cpp (CVE-2018-9303) * exiv2: divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp (CVE-2018-9304) * exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9305) * exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file (CVE-2018-10772) * exiv2: information leak via a crafted file (CVE-2018-11037) * exiv2: buffer overflow in samples/geotag.cpp (CVE-2018-14338) * exiv2: heap-based buffer overflow in Exiv2::d2Data in types.cpp (CVE-2018-17229) * exiv2: heap-based buffer overflow in Exiv2::ul2Data in types.cpp (CVE-2018-17230) * exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash (CVE-2018-17282) * exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service (CVE-2018-17581) * exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp (CVE-2018-18915) * exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp (CVE-2018-19107) * exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp (CVE-2018-19108) * exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp (CVE-2018-19535) * exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp (CVE-2018-19607) * exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service (CVE-2018-20096) * exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function (CVE-2018-20097) * exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20098) * exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20099) * exiv2: infinite recursion in Exiv2::Image::printTiffStructure in file image.cpp resulting in denial of service (CVE-2019-9143) * exiv2: denial of service in PngImage::readMetadata (CVE-2019-13109) * exiv2: integer overflow in WebPImage::decodeChunks leads to denial of service (CVE-2019-13111) * exiv2: uncontrolled memory allocation in PngChunk::parseChunkContent causing denial of service (CVE-2019-13112) * exiv2: invalid data location in CRW image file causing denial of service (CVE-2019-13113) * exiv2: null-pointer dereference in http.c causing denial of service (CVE-2019-13114) * exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9306) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2017-18005 CVE-2018-10772 CVE-2018-11037 CVE-2018-14338 CVE-2018-17229 CVE-2018-17230 CVE-2018-17282 CVE-2018-17581 CVE-2018-18915 CVE-2018-19107 CVE-2018-19108 CVE-2018-19535 CVE-2018-19607 CVE-2018-20096 CVE-2018-20097 CVE-2018-20098 CVE-2018-20099 CVE-2018-4868 CVE-2018-9303 CVE-2018-9304 CVE-2018-9305 CVE-2018-9306 CVE-2019-13109 CVE-2019-13111 CVE-2019-13112 CVE-2019-13113 CVE-2019-13114 CVE-2019-20421 CVE-2019-9143 CVE-2017-18005 exiv2: null pointer dereference in the Exiv2::DataValue::toLong function in value.cpp CVE-2018-4868 exiv2: Excessive memory allocation in Exiv2::Jp2Image::readMetadata function in jp2image.cpp CVE-2018-9303 exiv2: assertion failure in BigTiffImage::readData in bigtiffimage.cpp CVE-2018-9304 exiv2: divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp CVE-2018-9305 exiv2: out of bounds read in IptcData::printStructure in iptc.c CVE-2018-9306 exiv2: out of bounds read in IptcData::printStructure in iptc.c CVE-2018-11037 exiv2: information leak via a crafted file CVE-2018-10772 exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file CVE-2018-14338 exiv2: buffer overflow in samples/geotag.cpp CVE-2018-17229 exiv2: heap-based buffer overflow in Exiv2::d2Data in types.cpp CVE-2018-17230 exiv2: heap-based buffer overflow in Exiv2::ul2Data in types.cpp CVE-2018-17282 exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash CVE-2018-17581 exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service CVE-2018-18915 exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp CVE-2018-19107 exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp CVE-2018-19108 exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp CVE-2018-19535 exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp CVE-2018-19607 exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp CVE-2018-20096 exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service CVE-2018-20097 exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function CVE-2018-20098 exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service CVE-2018-20099 exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service CVE-2019-9143 exiv2: infinite recursion in Exiv2::Image::printTiffStructure in file image.cpp resulting in denial of service CVE-2019-13109 exiv2: denial of service in PngImage::readMetadata CVE-2019-13111 exiv2: integer overflow in WebPImage::decodeChunks leads to denial of service CVE-2019-13112 exiv2: uncontrolled memory allocation in PngChunk::parseChunkContent causing denial of service CVE-2019-13113 exiv2: invalid data location in CRW image file causing denial of service CVE-2019-13114 exiv2: null-pointer dereference in http.c causing denial of service CVE-2019-20421 exiv2: infinite loop and hang in Jp2Image::readMetadata() in jp2image.cpp could lead to DoS cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Security Fix(es): * wawpack: Infinite loop in WavpackPackInit function lead to DoS (CVE-2018-19840) * wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads to DoS (CVE-2018-19841) * wavpack: Use of uninitialized variable in WavpackSetConfiguration64 leads to DoS (CVE-2019-11498) * wavpack: Divide by zero in ParseDsdiffHeaderConfig leads to crash (CVE-2019-1010315) * wavpack: Use of uninitialized variable in ParseCaffHeaderConfig leads to DoS (CVE-2019-1010317) * wavpack: Use of uninitialized variable in ParseWave64HeaderConfig leads to DoS (CVE-2019-1010319) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-19840 CVE-2018-19841 CVE-2019-1010315 CVE-2019-1010317 CVE-2019-1010319 CVE-2019-11498 CVE-2018-19840 wawpack: Infinite loop in WavpackPackInit function lead to DoS CVE-2018-19841 wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads to DoS CVE-2019-11498 wavpack: Use of uninitialized variable in WavpackSetConfiguration64 leads to DoS CVE-2019-1010315 wavpack: Divide by zero in ParseDsdiffHeaderConfig leads to crash CVE-2019-1010319 wavpack: Use of uninitialized variable in ParseWave64HeaderConfig leads to DoS CVE-2019-1010317 wavpack: Use of uninitialized variable in ParseCaffHeaderConfig leads to DoS cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix(es): * libreoffice: Insufficient URL validation allowing LibreLogo script execution (CVE-2019-9850) * libreoffice: LibreLogo global-event script execution (CVE-2019-9851) * libreoffice: Insufficient URL encoding flaw in allowed script location check (CVE-2019-9852) * libreoffice: Insufficient URL decoding flaw in categorizing macro location (CVE-2019-9853) * libreoffice: Unsafe URL assembly flaw in allowed script location check (CVE-2019-9854) * libreoffice: Remote resources protection module not applied to bullet graphics (CVE-2019-9849) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-9849 CVE-2019-9850 CVE-2019-9851 CVE-2019-9852 CVE-2019-9853 CVE-2019-9854 CVE-2019-9849 libreoffice: Remote resources protection module not applied to bullet graphics CVE-2019-9850 libreoffice: Insufficient URL validation allowing LibreLogo script execution CVE-2019-9851 libreoffice: LibreLogo global-event script execution CVE-2019-9852 libreoffice: Insufficient URL encoding flaw in allowed script location check CVE-2019-9854 libreoffice: Unsafe URL assembly flaw in allowed script location check CVE-2019-9853 libreoffice: Insufficient URL decoding flaw in categorizing macro location cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was originally developed as a back end for the Evolution information management application, but is now used by various other applications. Security Fix(es): * evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages (CVE-2018-15587) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-15587 CVE-2018-15587 evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. Security Fix(es): * tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap (CVE-2018-19519) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-19519 CVE-2018-19519 tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. The following packages have been upgraded to a later upstream version: python2 (2.7.17). (BZ#1759944) Security Fix(es): * python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060) * python: Cookie domain check returns incorrect results (CVE-2018-20852) * python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service (CVE-2019-11236) * python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324) * python: email.utils.parseaddr wrongly parses email addresses (CVE-2019-16056) * python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-18074 CVE-2018-20060 CVE-2018-20852 CVE-2019-11236 CVE-2019-11324 CVE-2019-16056 CVE-2019-16935 CVE-2018-18074 python-requests: Redirect from HTTPS to HTTP does not remove Authorization header CVE-2018-20060 python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2019-11236 python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service CVE-2019-11324 python-urllib3: Certification mishandle when error should be thrown CVE-2018-20852 python: Cookie domain check returns incorrect results CVE-2019-16056 python: email.utils.parseaddr wrongly parses email addresses CVE-2019-16935 python: XSS vulnerability in the documentation XML-RPC server in server_title field cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Irssi is a modular IRC client with Perl scripting. Security Fix(es): * irssi: use after free when sending SASL login to server (CVE-2019-13045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-13045 CVE-2019-13045 irssi: use after free when sending SASL login to server cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php (7.2.24). (BZ#1726981) Security Fix(es): * php: Invalid memory access in function xmlrpc_decode() (CVE-2019-9020) * php: File rename across filesystems may allow unwanted access during processing (CVE-2019-9637) * php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9638) * php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9639) * php: Invalid read in exif_process_SOFn() (CVE-2019-9640) * php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers() (CVE-2019-11039) * php: Buffer over-read in exif_read_data() (CVE-2019-11040) * php: Buffer over-read in PHAR reading functions (CVE-2018-20783) * php: Heap-based buffer over-read in PHAR reading functions (CVE-2019-9021) * php: memcpy with negative length via crafted DNS response (CVE-2019-9022) * php: Heap-based buffer over-read in mbstring regular expression functions (CVE-2019-9023) * php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c (CVE-2019-9024) * php: Heap buffer overflow in function exif_process_IFD_TAG() (CVE-2019-11034) * php: Heap buffer overflow in function exif_iif_add_value() (CVE-2019-11035) * php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure (CVE-2019-11036) * php: Heap buffer over-read in exif_scan_thumbnail() (CVE-2019-11041) * php: Heap buffer over-read in exif_process_user_comment() (CVE-2019-11042) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-20783 CVE-2019-11034 CVE-2019-11035 CVE-2019-11036 CVE-2019-11039 CVE-2019-11040 CVE-2019-11041 CVE-2019-11042 CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 CVE-2019-9023 CVE-2019-9024 CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2018-20783 php: Buffer over-read in PHAR reading functions CVE-2019-9020 php: Invalid memory access in function xmlrpc_decode() CVE-2019-9021 php: Heap-based buffer over-read in PHAR reading functions CVE-2019-9023 php: Heap-based buffer over-read in mbstring regular expression functions CVE-2019-9024 php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c CVE-2019-9022 php: memcpy with negative length via crafted DNS response CVE-2019-9637 php: File rename across filesystems may allow unwanted access during processing CVE-2019-9638 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE CVE-2019-9639 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE CVE-2019-9640 php: Invalid read in exif_process_SOFn() CVE-2019-11035 php: Heap buffer overflow in function exif_iif_add_value() CVE-2019-11034 php: Heap buffer overflow in function exif_process_IFD_TAG() CVE-2019-11036 php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure CVE-2019-11039 php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers() CVE-2019-11040 php: Buffer over-read in exif_read_data() CVE-2019-11041 php: Heap buffer over-read in exif_scan_thumbnail() CVE-2019-11042 php: Heap buffer over-read in exif_process_user_comment() cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The GStreamer library provides a streaming media framework based on graphs of media data filters. The libmad package is an MPEG audio decoder capable of 24-bit output. Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Security Fix(es): * libmad: Double-free in the mad_decoder_run() function (CVE-2018-7263) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-7263 CVE-2018-7263 libmad: Double-free in the mad_decoder_run() function cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The GNU Debugger (GDB) allows users to debug programs written in various programming languages including C, C++, and Fortran. Security Fix(es): * gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution (CVE-2019-1010180) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-1010180 CVE-2019-1010180 gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fix(es): * libsndfile: stack-based buffer overflow in sndfile-deinterleave utility (CVE-2018-13139) * libsndfile: buffer over-read in the function i2alaw_array in alaw.c (CVE-2018-19662) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-13139 CVE-2018-19662 CVE-2018-13139 libsndfile: stack-based buffer overflow in sndfile-deinterleave utility CVE-2018-19662 libsndfile: buffer over-read in the function i2alaw_array in alaw.c cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The Public Key Infrastructure (PKI) Core contains fundamental packages required AlmaLinux Certificate System. Security Fix(es): * jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig (CVE-2019-14540) * jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource (CVE-2019-16335) * jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* (CVE-2019-16942) * jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource (CVE-2019-16943) * jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* (CVE-2019-17531) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14540 CVE-2019-16335 CVE-2019-16942 CVE-2019-16943 CVE-2019-17531 CVE-2019-20330 CVE-2020-10672 CVE-2020-10673 CVE-2020-8840 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2019-16335 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource CVE-2019-14540 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig CVE-2019-16942 jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* CVE-2019-16943 jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource CVE-2019-17531 jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* CVE-2019-20330 jackson-databind: lacks certain net.sf.ehcache blocking CVE-2020-10673 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution CVE-2020-10672 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution CVE-2020-8840 jackson-databind: Lacks certain xbean-reflect/JNDI blocking CVE-2020-9546 jackson-databind: Serialization gadgets in shaded-hikari-config CVE-2020-9547 jackson-databind: Serialization gadgets in ibatis-sqlmap CVE-2020-9548 jackson-databind: Serialization gadgets in anteros-core cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation (CVE-2019-19921) * containers/image: Container images read entire image manifest into memory (CVE-2020-1702) * podman: incorrectly allows existing files in volumes to be overwritten by a container when it is created (CVE-2020-1726) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-19921 CVE-2020-1702 CVE-2020-1726 CVE-2020-1702 containers/image: Container images read entire image manifest into memory CVE-2019-19921 runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation CVE-2020-1726 podman: incorrectly allows existing files in volumes to be overwritten by a container when it is created cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The zziplib is a lightweight library to easily extract data from zip files. Security Fix(es): * zziplib: directory traversal in unzzip_cat in the bins/unzzipcat-mem.c (CVE-2018-17828) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-17828 CVE-2018-17828 zziplib: directory traversal in unzzip_cat in the bins/unzzipcat-mem.c cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. The following packages have been upgraded to a later upstream version: grafana (6.3.6). (BZ#1725278) Security Fix(es): * grafana: incorrect access control in snapshot HTTP API leads to denial of service (CVE-2019-15043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15043 CVE-2019-15043 grafana: incorrect access control in snapshot HTTP API leads to denial of service cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The mod_auth_mellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants access based on the attributes received in assertions generated by an IdP server. Security Fix(es): * mod_auth_mellon: Open Redirect via the login?ReturnTo= substring which could facilitate information theft (CVE-2019-13038) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-13038 CVE-2019-13038 mod_auth_mellon: Open Redirect via the login?ReturnTo= substring which could facilitate information theft cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. The following packages have been upgraded to a later upstream version: qt5 (5.12.5), qt5-qt3d (5.12.5), qt5-qtbase (5.12.5), qt5-qtcanvas3d (5.12.5), qt5-qtconnectivity (5.12.5), qt5-qtdeclarative (5.12.5), qt5-qtdoc (5.12.5), qt5-qtgraphicaleffects (5.12.5), qt5-qtimageformats (5.12.5), qt5-qtlocation (5.12.5), qt5-qtmultimedia (5.12.5), qt5-qtquickcontrols (5.12.5), qt5-qtquickcontrols2 (5.12.5), qt5-qtscript (5.12.5), qt5-qtsensors (5.12.5), qt5-qtserialbus (5.12.5), qt5-qtserialport (5.12.5), qt5-qtsvg (5.12.5), qt5-qttools (5.12.5), qt5-qttranslations (5.12.5), qt5-qtwayland (5.12.5), qt5-qtwebchannel (5.12.5), qt5-qtwebsockets (5.12.5), qt5-qtx11extras (5.12.5), qt5-qtxmlpatterns (5.12.5), python-qt5 (5.13.1), sip (4.19.19). (BZ#1775603, BZ#1775604) Security Fix(es): * qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp (CVE-2018-19872) * qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869) * qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-19869 CVE-2018-19871 CVE-2018-19872 CVE-2019-18281 CVE-2018-19869 qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service CVE-2018-19871 qt5-qtimageformats: QTgaFile CPU exhaustion CVE-2018-19872 qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp CVE-2019-18281 qt5-qtbase: Out-of-bounds access in generateDirectionalRuns() function in qtextengine.cpp cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network. Security Fix(es): * freeradius: eap-pwd: Information leak due to aborting when needing more than 10 iterations (CVE-2019-13456) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-13456 CVE-2019-13456 freeradius: eap-pwd: Information leak due to aborting when needing more than 10 iterations cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The libmspack packages contain a library providing compression and extraction of the Cabinet (CAB) file format used by Microsoft. Security Fix(es): * libmspack: buffer overflow in function chmd_read_headers() (CVE-2019-1010305) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-1010305 CVE-2019-1010305 libmspack: buffer overflow in function chmd_read_headers() cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: integer overflow in _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c (CVE-2019-14973) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14973 CVE-2019-14973 libtiff: integer overflow in _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. The following packages have been upgraded to a later upstream version: rsyslog (8.1911.0). (BZ#1740683) Security Fix(es): * rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c (CVE-2019-17041) * rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c (CVE-2019-17042) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-17041 CVE-2019-17042 CVE-2019-17041 rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c CVE-2019-17042 rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary braille, supports contracted and uncontracted translation for many languages and has support for hyphenation. New languages can easily be added through tables that support a rule or dictionary based approach. Liblouis also supports math braille (Nemeth and Marburg). Security Fix(es): * liblouis: Stack-based buffer overflow in function includeFile in compileTranslationTable.c (CVE-2018-11684) * liblouis: Stack-based buffer overflow in function compileHyphenation in compileTranslationTable.c (CVE-2018-11685) * liblouis: Segmentation fault in logging.c:lou_logPrint() (CVE-2018-11577) * liblouis: Stack-based buffer overflow in compileTranslationTable.c (CVE-2018-12085) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-11577 CVE-2018-11684 CVE-2018-11685 CVE-2018-12085 CVE-2018-11577 liblouis: Segmentation fault in logging.c:lou_logPrint() CVE-2018-11684 liblouis: Stack-based buffer overflow in function includeFile in compileTranslationTable.c CVE-2018-11685 liblouis: Stack-based buffer overflow in function compileHyphenation in compileTranslationTable.c CVE-2018-12085 liblouis: Stack-based buffer overflow in compileTranslationTable.c cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib (CVE-2019-14563) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14563 CVE-2019-14563 edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server. Security Fix(es): * dnsmasq: memory leak in the create_helper() function in /src/helper.c (CVE-2019-14834) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14834 CVE-2019-14834 dnsmasq: memory leak in the create_helper() function in /src/helper.c cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * unbound: command injection with data coming from a specially crafted IPSECKEY answer (CVE-2019-18934) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-18934 CVE-2019-18934 unbound: command injection with data coming from a specially crafted IPSECKEY answer cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. The following packages have been upgraded to a later upstream version: haproxy (1.8.23). (BZ#1774745) Security Fix(es): * haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated "chunked" value (CVE-2019-18277) * haproxy: HTTP/2 implementation vulnerable to intermediary encapsulation attacks (CVE-2019-19330) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-18277 CVE-2019-19330 CVE-2019-18277 haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated "chunked" value CVE-2019-19330 haproxy: HTTP/2 implementation vulnerable to intermediary encapsulation attacks cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. The following packages have been upgraded to a later upstream version: dpdk (19.11). (BZ#1773889) Security Fix(es): * dpdk: possible memory leak leads to denial of service (CVE-2019-14818) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14818 CVE-2019-14818 dpdk: possible memory leak leads to denial of service cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Cookie domain check returns incorrect results (CVE-2018-20852) * python: email.utils.parseaddr wrongly parses email addresses (CVE-2019-16056) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-20852 CVE-2019-16056 CVE-2018-20852 python: Cookie domain check returns incorrect results CVE-2019-16056 python: email.utils.parseaddr wrongly parses email addresses cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fix(es): * cups: stack-buffer-overflow in libcups's asn1_get_type function (CVE-2019-8675) * cups: stack-buffer-overflow in libcups's asn1_get_packed function (CVE-2019-8696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-8675 CVE-2019-8696 CVE-2019-8675 cups: stack-buffer-overflow in libcups's asn1_get_type function CVE-2019-8696 cups: stack-buffer-overflow in libcups's asn1_get_packed function cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 GNOME is the default desktop environment of AlmaLinux Enterprise Linux. Security Fix(es): * LibRaw: stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp (CVE-2018-20337) * gdm: lock screen bypass when timed login is enabled (CVE-2019-3825) * gvfs: mishandling of file ownership in daemon/gvfsbackendadmin.c (CVE-2019-12447) * gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing query_info_on_read/write (CVE-2019-12448) * gvfs: mishandling of file's user and group ownership in daemon/gvfsbackendadmin.c due to unavailability of root privileges (CVE-2019-12449) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-20337 CVE-2019-12447 CVE-2019-12448 CVE-2019-12449 CVE-2019-3825 CVE-2018-20337 LibRaw: stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp CVE-2019-3825 gdm: lock screen bypass when timed login is enabled CVE-2019-12447 gvfs: mishandling of file ownership in daemon/gvfsbackendadmin.c CVE-2019-12448 gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing query_info_on_read/write CVE-2019-12449 gvfs: mishandling of file's user and group ownership in daemon/gvfsbackendadmin.c due to unavailability of root privileges cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service (CVE-2019-8980) * kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol. (CVE-2019-17053) * kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol. (CVE-2019-17055) * kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c (CVE-2019-18805) * kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver (CVE-2019-19534) * kernel: some ipv6 protocols not encrypted over ipsec tunnel. (CVE-2020-1749) * Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR (CVE-2019-10639) * kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure (CVE-2019-15090) * kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash (CVE-2019-15099) * kernel: Null pointer dereference in the sound/usb/line6/pcm.c (CVE-2019-15221) * kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS (CVE-2019-19057) * kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS) (CVE-2019-19073) * kernel: a memory leak in the ath9k management function in allows local DoS (CVE-2019-19074) * kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications (CVE-2019-19922) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-16871 CVE-2019-10639 CVE-2019-12819 CVE-2019-15090 CVE-2019-15099 CVE-2019-15221 CVE-2019-15223 CVE-2019-16234 CVE-2019-16746 CVE-2019-17053 CVE-2019-17055 CVE-2019-18282 CVE-2019-18805 CVE-2019-19045 CVE-2019-19047 CVE-2019-19055 CVE-2019-19057 CVE-2019-19058 CVE-2019-19059 CVE-2019-19065 CVE-2019-19067 CVE-2019-19073 CVE-2019-19074 CVE-2019-19077 CVE-2019-19532 CVE-2019-19534 CVE-2019-19768 CVE-2019-19922 CVE-2019-5108 CVE-2019-8980 CVE-2020-10690 CVE-2020-1749 CVE-2020-7053 CVE-2018-16871 kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence CVE-2019-8980 kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service CVE-2019-12819 kernel: use-after-free in function __mdiobus_register() in drivers/net/phy/mdio_bus.c CVE-2019-10639 Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR CVE-2019-15090 kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure CVE-2019-15099 kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash CVE-2019-15221 kernel: Null pointer dereference in the sound/usb/line6/pcm.c CVE-2019-15223 kernel: Null pointer dereference in the sound/usb/line6/driver.c CVE-2019-17053 kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol CVE-2019-17055 kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol CVE-2019-16746 kernel: buffer-overflow hardening in WiFi beacon validation code. CVE-2019-16234 kernel: null pointer dereference in drivers/net/wireless/intel/iwlwifi/pcie/trans.c CVE-2019-18805 kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c CVE-2019-19074 kernel: a memory leak in the ath9k management function in allows local DoS CVE-2019-19073 kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS) CVE-2019-19067 kernel: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c allow for a DoS CVE-2019-19045 kernel: dos in mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c CVE-2019-19047 kernel: dos in mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c CVE-2019-19065 kernel: A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c allows for a DoS CVE-2019-19059 kernel: Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c allows for a DoS CVE-2019-19058 kernel: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allows for a DoS CVE-2019-19057 kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS CVE-2019-19055 kernel: memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c allows DoS CVE-2019-19077 kernel: memory leak in bnxt_re_create_srq function in drivers/infiniband/hw/bnxt_re/ib_verbs.c CVE-2019-19532 kernel: malicious USB devices can lead to multiple out-of-bounds write CVE-2019-19534 kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver CVE-2019-19768 kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c CVE-2019-5108 kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS CVE-2019-19922 kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications CVE-2020-7053 kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c CVE-2019-18282 kernel: The flow_dissector feature allows device tracking CVE-2020-1749 kernel: some ipv6 protocols not encrypted over ipsec tunnel CVE-2020-10690 kernel: use-after-free in cdev_put() when a PTP device is removed while it's chardev is open cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The unzip utility is used to list, test, and extract files from zip archives. Security Fix(es): * unzip: overlapping of files in ZIP container leads to denial of service (CVE-2019-13232) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-13232 CVE-2019-13232 unzip: overlapping of files in ZIP container leads to denial of service cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: double free due to subsequent call of realloc() (CVE-2019-5481) * curl: heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482) * curl: TFTP receive heap buffer overflow in tftp_receive_packet() function (CVE-2019-5436) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-5436 CVE-2019-5481 CVE-2019-5482 CVE-2019-5436 curl: TFTP receive heap buffer overflow in tftp_receive_packet() function CVE-2019-5481 curl: double free due to subsequent call of realloc() CVE-2019-5482 curl: heap buffer overflow in function tftp_receive_packet() cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: services with DynamicUser can create SUID/SGID binaries (CVE-2019-3843) * systemd: services with DynamicUser can get new privileges and create SGID binaries (CVE-2019-3844) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-3843 CVE-2019-3844 CVE-2019-3843 systemd: services with DynamicUser can create SUID/SGID binaries CVE-2019-3844 systemd: services with DynamicUser can get new privileges and create SGID binaries cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fix(es): * binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c (CVE-2019-17451) * binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service (CVE-2019-1010204) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-1010204 CVE-2019-17451 CVE-2019-1010204 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service CVE-2019-17451 binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. The following packages have been upgraded to a later upstream version: sudo (1.8.29). (BZ#1733961) Security Fix(es): * sudo: attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user (CVE-2019-19232) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-19232 CVE-2019-19234 CVE-2019-19232 sudo: attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user CVE-2019-19234 sudo: by using ! character in the shadow file instead of a password hash can access to a run as all sudoer account cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Security Fix(es): * sqlite: heap out-of-bound read in function rtreenode() (CVE-2019-8457) * sqlite: fts3: improve shadow table corruption detection (CVE-2019-13752) * sqlite: fts3: incorrectly removed corruption check (CVE-2019-13753) * sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference (CVE-2019-19923) * sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting (CVE-2019-19924) * sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive (CVE-2019-19925) * sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames (CVE-2019-19959) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-13752 CVE-2019-13753 CVE-2019-19923 CVE-2019-19924 CVE-2019-19925 CVE-2019-19959 CVE-2019-8457 CVE-2019-8457 sqlite: heap out-of-bound read in function rtreenode() CVE-2019-13752 sqlite: fts3: improve shadow table corruption detection CVE-2019-13753 sqlite: fts3: incorrectly removed corruption check CVE-2019-19924 sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting CVE-2019-19923 sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference CVE-2019-19925 sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive CVE-2019-19959 sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404) * libxml2: infinite loop in xz_decomp function in xzlib.c (CVE-2018-9251) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-14404 CVE-2018-9251 CVE-2018-9251 libxml2: infinite loop in xz_decomp function in xzlib.c CVE-2018-14404 libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries (CVE-2019-19126) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-19126 CVE-2019-19126 glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: side-channel weak encryption vulnerability (CVE-2019-1547) * openssl: information disclosure in fork() (CVE-2019-1549) * openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-1547 CVE-2019-1549 CVE-2019-1563 CVE-2019-1547 openssl: side-channel weak encryption vulnerability CVE-2019-1549 openssl: information disclosure in fork() CVE-2019-1563 openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The following packages have been upgraded to a later upstream version: bind (9.11.13). (BZ#1704328) Security Fix(es): * bind: TCP Pipelining doesn't limit TCP clients on a single connection (CVE-2019-6477) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-6477 CVE-2019-6477 bind: TCP Pipelining doesn't limit TCP clients on a single connection cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file). Security Fix(es): * patch: the following of symlinks in inp.c and util.c is mishandled in cases other than input files (CVE-2019-13636) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-13636 CVE-2019-13636 patch: the following of symlinks in inp.c and util.c is mishandled in cases other than input files cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es): * gcc: POWER9 "DARN" RNG intrinsic produces repeated output (CVE-2019-15847) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15847 CVE-2019-15847 gcc: POWER9 "DARN" RNG intrinsic produces repeated output cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version: samba (4.11.2). (BZ#1754409) Security Fix(es): * samba: Combination of parameters and permissions can allow user to escape from the share path definition (CVE-2019-10197) * samba: smb client vulnerable to filenames containing path separators (CVE-2019-10218) * samba: Crash after failed character conversion at log level 3 or above (CVE-2019-14907) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10197 CVE-2019-10218 CVE-2019-14907 CVE-2019-10197 samba: Combination of parameters and permissions can allow user to escape from the share path definition CVE-2019-10218 samba: smb client vulnerable to filenames containing path separators CVE-2019-14907 samba: Crash after failed character conversion at log level 3 or above cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. The Intelligent Input Bus (IBus) is an input method framework for multilingual input in Unix-like operating systems. Security Fix(es): * ibus: missing authorization allows local attacker to access the input bus of another user (CVE-2019-14822) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14822 CVE-2019-14822 ibus: missing authorization allows local attacker to access the input bus of another user cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts (AlmaLinux), and pcmcia configuration files. Security Fix(es): * bluez: failure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devices (CVE-2018-10910) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-10910 CVE-2018-10910 bluez: failure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devices cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The e2fsprogs packages provide a number of utilities for creating, checking, modifying, and correcting the ext2, ext3, and ext4 file systems. The following packages have been upgraded to a later upstream version: e2fsprogs (1.45.4). (BZ#1783777) Security Fix(es): * e2fsprogs: crafted ext4 partition leads to out-of-bounds write (CVE-2019-5094) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-5094 CVE-2019-5188 CVE-2019-5094 e2fsprogs: Crafted ext4 partition leads to out-of-bounds write CVE-2019-5188 e2fsprogs: Out-of-bounds write in e2fsck/rehash.c cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index (PyPI). pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". Security Fix(es): * python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060) * python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service (CVE-2019-11236) * python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324) * python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-18074 CVE-2018-20060 CVE-2019-11236 CVE-2019-11324 CVE-2018-18074 python-requests: Redirect from HTTPS to HTTP does not remove Authorization header CVE-2018-20060 python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2019-11236 python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service CVE-2019-11324 python-urllib3: Certification mishandle when error should be thrown cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript (ASCII and binary Type 1, some Type 3 and Type 0), TrueType, OpenType (Type2) and CID-keyed fonts. Security Fix(es): * fontforge: out-of-bounds write in SFD_GetFontMetaData function in sfd.c (CVE-2020-5395) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-5395 CVE-2020-5395 fontforge: out-of-bounds write in SFD_GetFontMetaData function in sfd.c cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * conflicting requests: failed to install container-tools:1.0 (BZ#1813776) * podman run container error with avc denied (BZ#1816541) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10696 CVE-2020-10696 buildah: Crafted input tar file may lead to local file overwrite during image build process cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10696 CVE-2020-10696 buildah: Crafted input tar file may lead to local file overwrite during image build process cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10696 CVE-2020-10696 buildah: Crafted input tar file may lead to local file overwrite during image build process cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The targetcli package contains an administration shell for configuring Internet Small Computer System Interface (iSCSI), Fibre Channel over Ethernet (FCoE), and other SCSI targets, using the Target Core Mod/Linux-IO (TCM/LIO) kernel target subsystem. FCoE users also need to install and use the fcoe-utils package. Security Fix(es): * targetcli: world writable /var/run/targetclid.sock allows unprivileged user to execute commands (CVE-2020-10699) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10699 CVE-2020-10699 targetcli: world writable /var/run/targetclid.sock allows unprivileged user to execute commands cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. The following packages have been upgraded to a later upstream version: git (2.18.4). (BZ#1826008) Security Fix(es): * git: Crafted URL containing new lines, empty host or lacks a scheme can cause credential leak (CVE-2020-11008) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-11008 CVE-2020-11008 git: Crafted URL containing new lines, empty host or lacks a scheme can cause credential leak cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fix(es): * gnutls: DTLS client hello contains a random value of all zeroes (CVE-2020-11501) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-11501 CVE-2020-11501 gnutls: DTLS client hello contains a random value of all zeroes cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Security Fix(es): * Mozilla: Use-after-free during worker shutdown (CVE-2020-12387) * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 (CVE-2020-12395) * Mozilla: Buffer overflow in SCTP chunk input validation (CVE-2020-6831) * Mozilla: Arbitrary local file access with 'Copy as cURL' (CVE-2020-12392) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12387 CVE-2020-12392 CVE-2020-12395 CVE-2020-6831 CVE-2020-12387 Mozilla: Use-after-free during worker shutdown CVE-2020-6831 usrsctp: Buffer overflow in AUTH chunk input validation CVE-2020-12392 Mozilla: Arbitrary local file access with 'Copy as cURL' CVE-2020-12395 Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix(es): * squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow (CVE-2019-12519) * squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution (CVE-2020-11945) * squid: parsing of header Proxy-Authentication leads to memory corruption (CVE-2019-12525) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-12519 CVE-2019-12525 CVE-2020-11945 CVE-2019-12525 squid: parsing of header Proxy-Authentication leads to memory corruption CVE-2019-12519 squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix(es): * Mozilla: Use-after-free during worker shutdown (CVE-2020-12387) * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 (CVE-2020-12395) * usrsctp: Buffer overflow in AUTH chunk input validation (CVE-2020-6831) * Mozilla: Arbitrary local file access with 'Copy as cURL' (CVE-2020-12392) * Mozilla: Sender Email Address Spoofing using encoded Unicode characters (CVE-2020-12397) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12387 CVE-2020-12392 CVE-2020-12395 CVE-2020-12397 CVE-2020-6831 CVE-2020-12387 Mozilla: Use-after-free during worker shutdown CVE-2020-6831 usrsctp: Buffer overflow in AUTH chunk input validation CVE-2020-12392 Mozilla: Arbitrary local file access with 'Copy as cURL' CVE-2020-12395 Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 CVE-2020-12397 Mozilla: Sender Email Address Spoofing using encoded Unicode characters cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN). Security Fix(es): * libreswan: DoS attack via malicious IKEv1 informational exchange message (CVE-2020-1763) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-1763 CVE-2020-1763 libreswan: DoS attack via malicious IKEv1 informational exchange message cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711) * Kernel: s390: page table upgrade in secondary address mode may lead to privilege escalation (CVE-2020-11884) * Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources (CVE-2020-2732) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [RHEL8.2][Azure]Commits to resolve high network latency (BZ#1817945) * cpu.share scheduling performance issue (BZ#1819909) * [DELL 8.2 BUG] [WD 19 SC/DC/TBT] ALSA: Microphone can't record via front port after suspend (BZ#1821376) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10711 CVE-2020-11884 CVE-2020-2732 CVE-2020-2732 Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources CVE-2020-10711 Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic CVE-2020-11884 Kernel: s390: page table upgrade in secondary address mode may lead to privilege escalation cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10711 CVE-2020-10711 Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. A new version of .NET Core that addresses a security vulnerability is now available. The updated version is .NET Core Runtime 2.1.18 and SDK 2.1.514. Security Fix(es): * dotnet: Denial of service via untrusted input (CVE-2020-1108) Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-1108 CVE-2020-1108 dotnet: Denial of service via untrusted input cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711) * Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources (CVE-2020-2732) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the latest RHEL-8.2.z source tree (BZ#1831781) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10711 CVE-2020-2732 CVE-2020-2732 Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources CVE-2020-10711 Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic AlmaLinux 8 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP10. Security Fix(es): * OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) (CVE-2019-2949) * OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) * OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) * OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654) * OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781) * OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800) * OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830) * OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754) * OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755) * OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756) * OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-2949 CVE-2020-2654 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2019-2949 OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) CVE-2020-2654 OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) CVE-2020-2754 OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) CVE-2020-2755 OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) CVE-2020-2756 OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) CVE-2020-2757 OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) CVE-2020-2800 OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) CVE-2020-2830 OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) CVE-2020-2803 OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) CVE-2020-2805 OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) CVE-2020-2781 OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.104 and .NET Core Runtime 3.1.4. Security Fixes: * dotnet: Denial of service via untrusted input (CVE-2020-1108) * dotnet: Denial of service due to infinite loop (CVE-2020-1161) Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-1108 CVE-2020-1161 CVE-2020-1108 dotnet: Denial of service via untrusted input CVE-2020-1161 dotnet: Denial of service due to infinite loop cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix(es): * freerdp: Out-of-bounds write in planar.c (CVE-2020-11521) * freerdp: Integer overflow in region.c (CVE-2020-11523) * freerdp: Out-of-bounds write in interleaved.c (CVE-2020-11524) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-11521 CVE-2020-11523 CVE-2020-11524 CVE-2020-11521 freerdp: Out-of-bounds write in planar.c CVE-2020-11524 freerdp: Out-of-bounds write in interleaved.c CVE-2020-11523 freerdp: Integer overflow in region.c cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) * bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-8616 CVE-2020-8617 CVE-2020-8616 bind: BIND does not sufficiently limit the number of fetches performed when processing referrals CVE-2020-8617 bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.9.0 ESR. Security Fix(es): * Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion with NativeTypes (CVE-2020-12406) * Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 (CVE-2020-12410) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-12410 Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 CVE-2020-12406 Mozilla: JavaScript Type confusion with NativeTypes CVE-2020-12405 Mozilla: Use-after-free in SharedWorkerService cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix(es): * freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-13398 CVE-2020-13398 freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662) * unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12662 CVE-2020-12663 CVE-2020-12662 unbound: amplification of an incoming query into a large number of queries directed to a target CVE-2020-12663 unbound: infinite loop via malformed DNS answers received from upstream servers cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body (CVE-2020-12657) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel: hw: provide reporting and microcode mitigation toggle for CVE-2020-0543 / Special Register Buffer Data Sampling (SRBDS) (BZ#1827191) * ipsec interfaces: fix sending with bpf_redirect() / AF_PACKET sockets (BZ#1821375) * IB/core: deadlock on rdma_nl_mutex when netlink triggers on-demand modprobe rdma_cm (BZ#1821381) * dm: fix excessive bio splitting that results in performance regressions (BZ#1821382) * system time jumps when hotplug vcpu on a long uptime guest (BZ#1822498) * [DELL 8.2 BUG]Ethernet : e1000e doesn't work after S2I (BZ#1825262) * NFSv3 sec=krb5p fails against an ONTAP server (BZ#1826219) * Stand-alone CPU Linpack test reports bad residual on HPC Cluster node(s) while running RHEL 8 (BZ#1827619) * [DELL 8.2 BUG]bluetooth Scanning block S3 and Suspend to idle (BZ#1827620) * RHEL8.2 Beta - SMC-R connection with vlan-id fails (BZ#1827631) * RHEL8.1 - RHEL8.1 kernel 4.18.0-147.3.1.el8.bz181950_test001.ppc64le+debug failed during LPM test (p8/p9):idahop08:LPM (vtpm) (BZ#1827632) * missing version.h dependency for modpost may cause build to fail (BZ#1828229) * efi: kernel panic during ltp fs test - read_all -d /sys -q -r 10 (BZ#1829527) * Let "isolcpus=" skip unknown sub-parameters (BZ#1832367) * RHEL8.0 - Very bad performance with small blocks in FC-IO found by SAP HANA on POWER tests on RHEL8.0 (compared to RHEL7.4) (BZ#1834517) * [FJ8.2 Bug]: [REG] NFS-client panic at nfs4_get_valid_delegation+0x1c/0x40 [nfsv4] (BZ#1837969) * [RHEL-8.3] upstream bonding driver refresh (BZ#1838477) * Enable xt_u32 module (BZ#1840799) * Move xt_u32 module to kernel-modules-extra (BZ#1840800) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12657 CVE-2020-12657 kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body (CVE-2020-12657) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel: hw: provide reporting and microcode mitigation toggle for CVE-2020-0543 / Special Register Buffer Data Sampling (SRBDS) (BZ#1827193) * kernel-rt: update RT source tree to the RHEL-8.2.z1 source tree (BZ#1816271) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12657 CVE-2020-12657 kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body AlmaLinux 8 Security Fix(es): * hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543) * hw: L1D Cache Eviction Sampling (CVE-2020-0549) * hw: Vector Register Data Sampling (CVE-2020-0548) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20200602 release, addresses: - Update of 06-2d-06/0x6d (SNB-E/EN/EP C1/M0) microcode from revision 0x61f up to 0x621; - Update of 06-2d-07/0x6d (SNB-E/EN/EP C2/M1) microcode from revision 0x718 up to 0x71a; - Update of 06-3c-03/0x32 (HSW C0) microcode from revision 0x27 up to 0x28; - Update of 06-3d-04/0xc0 (BDW-U/Y E0/F0) microcode from revision 0x2e up to 0x2f; - Update of 06-45-01/0x72 (HSW-U C0/D0) microcode from revision 0x25 up to 0x26; - Update of 06-46-01/0x32 (HSW-H C0) microcode from revision 0x1b up to 0x1c; - Update of 06-47-01/0x22 (BDW-H/Xeon E3 E0/G0) microcode from revision 0x21 up to 0x22; - Update of 06-4e-03/0xc0 (SKL-U/Y D0) microcode from revision 0xd6 up to 0xdc; - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000151 up to 0x1000157; - Update of 06-55-04/0xb7 (SKX-SP H0/M0/U0, SKX-D M1) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2000065 up to 0x2006906; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x400002c up to 0x4002f01; - Update of 06-55-07/0xbf (CLX-SP B1) microcode from revision 0x500002c up to 0x5002f01; - Update of 06-5e-03/0x36 (SKL-H/S R0/N0) microcode from revision 0xd6 up to 0xdc; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x46 up to 0x78; - Update of 06-8e-09/0x10 (AML-Y22 H0) microcode from revision 0xca up to 0xd6; - Update of 06-8e-09/0xc0 (KBL-U/Y H0) microcode from revision 0xca up to 0xd6; - Update of 06-8e-0a/0xc0 (CFL-U43e D0) microcode from revision 0xca up to 0xd6; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode from revision 0xca up to 0xd6; - Update of 06-8e-0c/0x94 (AML-Y42 V0, CML-Y42 V0, WHL-U V0) microcode from revision 0xca up to 0xd6; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode from revision 0xca up to 0xd6; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E3 U0) microcode from revision 0xca up to 0xd6; - Update of 06-9e-0b/0x02 (CFL-S B0) microcode from revision 0xca up to 0xd6; - Update of 06-9e-0c/0x22 (CFL-H/S P0) microcode from revision 0xca up to 0xd6; - Update of 06-9e-0d/0x22 (CFL-H R0) microcode from revision 0xca up to 0xd6. - Change the URL to point to the GitHub repository since the microcode download section at Intel Download Center does not exist anymore. * Narrow down SKL-SP/W/X blacklist to exclude Server/FPGA/Fabric segment models. * Re-generate initramfs not only for the currently running kernel, but for several recently installed kernels as well. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 CVE-2020-0548 hw: Vector Register Data Sampling CVE-2020-0549 hw: L1D Cache Eviction Sampling CVE-2020-0543 hw: Special Register Buffer Data Sampling (SRBDS) cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.105 and .NET Core Runtime 3.1.5. Security Fixes: * dotnet: Denial of service via untrusted input (CVE-2020-1108) This is an additional update to comprehensively address CVE-2020-1108. Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-1108 CVE-2020-1108 dotnet: Denial of service via untrusted input cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): * rubygem-json: Unsafe Object Creation Vulnerability in JSON (CVE-2020-10663) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * pcs status on remotes is not working on rhel8.2 any longer (BZ#1832914) * pcs cluster stop --all throws errors and doesn't seem to honor the request-timeout option (BZ#1838084) * [GUI] Colocation constraint can't be added (BZ#1840158) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10663 CVE-2020-10663 rubygem-json: Unsafe object creation vulnerability in JSON cpe:/a:almalinux:almalinux:8::highavailability cpe:/a:almalinux:almalinux:8::resilientstorage AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. A new version of .NET Core that addresses a security vulnerability is now available. The updated version is .NET Core Runtime 2.1.19 and SDK 2.1.515. Security Fix(es): * dotnet: Denial of service via untrusted input (CVE-2020-1108) This is an additional update to comprehensively address CVE-2020-1108. Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-1108 CVE-2020-1108 dotnet: Denial of service via untrusted input cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The libexif packages provide a library for extracting extra information from image files. Security Fix(es): * libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS (CVE-2020-13112) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-13112 CVE-2020-13112 libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body (CVE-2020-12657) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12657 CVE-2020-12657 kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.9.0. Security Fix(es): * Mozilla: Security downgrade with IMAP STARTTLS leads to information leakage (CVE-2020-12398) * Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion with NativeTypes (CVE-2020-12406) * Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 (CVE-2020-12410) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12398 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-12410 Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 CVE-2020-12406 Mozilla: JavaScript Type confusion with NativeTypes CVE-2020-12405 Mozilla: Use-after-free in SharedWorkerService CVE-2020-12398 Mozilla: Security downgrade with IMAP STARTTLS leads to information leakage cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fix(es): * gnutls: session resumption works without master key allowing MITM (CVE-2020-13777) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-13777 CVE-2020-13777 gnutls: session resumption works without master key allowing MITM cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * grafana: SSRF incorrect access control vulnerability allows unauthenticated users to make grafana send HTTP requests to any URL (CVE-2020-13379) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-13379 CVE-2020-13379 grafana: SSRF incorrect access control vulnerability allows unauthenticated users to make grafana send HTTP requests to any URL cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): * nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-11080 CVE-2020-11080 nghttp2: overly large SETTINGS frames can lead to DoS cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es): * QEMU: Slirp: potential OOB access due to unsafe snprintf() usages (CVE-2020-8608) * QEMU: vnc: memory leakage upon disconnect (CVE-2019-20382) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20382 CVE-2020-8608 CVE-2020-8608 QEMU: Slirp: potential OOB access due to unsafe snprintf() usages CVE-2019-20382 QEMU: vnc: memory leakage upon disconnect cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.10.0 ESR. Security Fix(es): * Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 (CVE-2020-12417) * Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) * Mozilla: Use-after-free in nsGlobalWindowInner (CVE-2020-12419) * Mozilla: Use-After-Free when trying to connect to a STUN server (CVE-2020-12420) * Mozilla: Add-On updates did not respect the same certificate trust rules as software updates (CVE-2020-12421) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12417 Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 CVE-2020-12418 Mozilla: Information disclosure due to manipulated URL object CVE-2020-12419 Mozilla: Use-after-free in nsGlobalWindowInner CVE-2020-12420 Mozilla: Use-After-Free when trying to connect to a STUN server CVE-2020-12421 Mozilla: Add-On updates did not respect the same certificate trust rules as software updates cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (10.21.0). Security Fix(es): * nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080) * nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598) * nodejs: memory corruption in napi_get_value_string_* functions (CVE-2020-8174) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-11080 CVE-2020-7598 CVE-2020-8174 CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload CVE-2020-11080 nghttp2: overly large SETTINGS frames can lead to DoS CVE-2020-8174 nodejs: memory corruption in napi_get_value_string_* functions cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (12.18.2). Security Fix(es): * nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080) * nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598) * nodejs: TLS session reuse can lead to hostname verification bypass (CVE-2020-8172) * nodejs: memory corruption in napi_get_value_string_* functions (CVE-2020-8174) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-11080 CVE-2020-7598 CVE-2020-8172 CVE-2020-8174 CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload CVE-2020-11080 nghttp2: overly large SETTINGS frames can lead to DoS CVE-2020-8172 nodejs: TLS session reuse can lead to hostname verification bypass CVE-2020-8174 nodejs: memory corruption in napi_get_value_string_* functions cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 jbig2dec is a decoder implementation of the JBIG2 image compression format. Security Fix(es): * jbig2dec: heap-based buffer overflow in jbig2_image_compose in jbig2_image.c (CVE-2020-12268) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12268 CVE-2020-12268 jbig2dec: heap-based buffer overflow in jbig2_image_compose in jbig2_image.c cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: malformed NOOP commands leads to DoS (CVE-2020-10957) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10957 CVE-2020-10957 dovecot: malformed NOOP commands leads to DoS cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Scanner Access Now Easy (SANE) is a universal scanner interface. The SANE application programming interface (API) provides standardized access to any raster image scanner hardware (for example, flatbed scanners, hand-held scanners, video and still cameras, and frame-grabbers). Security Fix(es): * sane-backends: Heap buffer overflow in epsonds_net_read in epsonds-net.c (CVE-2020-12861) * sane-backends: Heap buffer overflow in esci2_img (CVE-2020-12865) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12861 CVE-2020-12865 CVE-2020-12861 sane-backends: Heap buffer overflow in epsonds_net_read in epsonds-net.c CVE-2020-12865 sane-backends: Heap buffer overflow in esci2_img cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. A new version of .NET Core that addresses a security vulnerability is now available. The updated version is .NET Core Runtime 2.1.20 and SDK 2.1.516. Security Fix(es): * .NT Core: XML source markup processing remote code execution (CVE-2020-1147) Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-1147 CVE-2020-1147 dotnet: XML source markup processing remote code execution cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.106 and .NET Core Runtime 3.1.6. * .NET Core: XML source markup processing remote code execution (CVE-2020-1147) Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-1147 CVE-2020-1147 dotnet: XML source markup processing remote code execution cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920) (CVE-2020-14583) * OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119) (CVE-2020-14593) * OpenJDK: Incorrect handling of access control context in ForkJoinPool (Libraries, 8237117) (CVE-2020-14556) * OpenJDK: Excessive memory usage in ImageIO TIFF plugin (ImageIO, 8233239) (CVE-2020-14562) * OpenJDK: Incomplete interface type checks in Graal compiler (Hotspot, 8236867) (CVE-2020-14573) * OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136) (CVE-2020-14621) * OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592) (CVE-2020-14577) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Enhancement(s): * Add -static-libs subpackage with statically linked OpenJDK libraries (BZ#1848701) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14556 CVE-2020-14562 CVE-2020-14573 CVE-2020-14577 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-14583 OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920) CVE-2020-14593 OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119) CVE-2020-14562 OpenJDK: Excessive memory usage in ImageIO TIFF plugin (ImageIO, 8233239) CVE-2020-14621 OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136) CVE-2020-14556 OpenJDK: Incorrect handling of access control context in ForkJoinPool (Libraries, 8237117) CVE-2020-14573 OpenJDK: Incomplete interface type checks in Graal compiler (Hotspot, 8236867) CVE-2020-14577 OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920) (CVE-2020-14583) * OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119) (CVE-2020-14593) * OpenJDK: Incorrect handling of access control context in ForkJoinPool (Libraries, 8237117) (CVE-2020-14556) * OpenJDK: Unexpected exception raised by DerInputStream (Libraries, 8237731) (CVE-2020-14578) * OpenJDK: Unexpected exception raised by DerValue.equals() (Libraries, 8237736) (CVE-2020-14579) * OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136) (CVE-2020-14621) * OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592) (CVE-2020-14577) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-14583 OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920) CVE-2020-14593 OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119) CVE-2020-14621 OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136) CVE-2020-14556 OpenJDK: Incorrect handling of access control context in ForkJoinPool (Libraries, 8237117) CVE-2020-14577 OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592) CVE-2020-14578 OpenJDK: Unexpected exception raised by DerInputStream (Libraries, 8237731) CVE-2020-14579 OpenJDK: Unexpected exception raised by DerValue.equals() (Libraries, 8237736) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in sound/core/timer.c (CVE-2019-19807) * kernel: kernel: DAX hugepages not considered during mremap (CVE-2020-10757) * kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection. (CVE-2020-10766) * kernel: Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available. (CVE-2020-10767) * kernel: Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. (CVE-2020-10768) * kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653) * kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654) * Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888) * kernel: kvm: Information leak within a KVM guest (CVE-2019-3016) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [FJ8.2 Bug]: kernel: retrieving process core dump of the init process (PID 1) fails (BZ#1821378) * [FJ8.0 Bug]: System hungs up after setting parameters for hugepages (BZ#1835789) * RHEL8.2 Alpha - ISST-LTE:PowerVM: vNIC DLPAR crashes the LPAR (ibmvnic) (BZ#1836229) * "[sig-network] Services should be rejected when no endpoints exist" test fails frequently on RHEL8 nodes (BZ#1836302) * RHEL8.2 Beta - RHEL8.2 reports EEH errors on internal SAS adapter during HTX run on PMEM (SCM/pmem) (BZ#1842406) * RHEL8.1 - s390/cio: fix virtio-ccw DMA without PV (BZ#1842620) * deadlock between modprobe and netns exit (BZ#1845164) * exit_boot failed when install RHEL8.1 (BZ#1846180) * http request is taking more time for endpoint running on different host via nodeport service (BZ#1847128) * RHEL8.1 - zEDC problems on z14 (genwqe/pci) (BZ#1847453) * WARNING: CPU: 1 PID: 0 at arch/x86/kernel/apic/vector.c:846 free_moved_vector+0x141/0x150 (BZ#1848545) * Backport conntrack race condition fixes (BZ#1851003) * nf_conntrack module unload fail and refcount become to negative (BZ#1851005) * OVS: backport performance patches from upstream to 8.2z (BZ#1851235) * RHEL8.3: backport "smp: Allow smp_call_function_single_async() to insert locked csd" (BZ#1851406) * [DELL EMC 8.2 BUG] NVMe drive is not detected after multiple hotplug (hot add + surprise remove) operations (BZ#1852045) Enhancement(s): * [Mellanox 8.3 FEAT] mlx5: drivers update upto Linux v5.5 (BZ#1843544) * [IBM 8.3 FEAT] Update nvme driver to latest level for POWER (BZ#1846405) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-19807 CVE-2019-3016 CVE-2020-10757 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-12653 CVE-2020-12654 CVE-2020-12888 CVE-2019-19807 kernel: use-after-free in sound/core/timer.c CVE-2019-3016 kernel: kvm: Information leak within a KVM guest CVE-2020-12653 kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c CVE-2020-12654 kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c CVE-2020-12888 Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario CVE-2020-10757 kernel: kernel: DAX hugepages not considered during mremap CVE-2020-10766 kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection. CVE-2020-10767 kernel: Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available. CVE-2020-10768 kernel: Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Security Fix(es): * NetworkManager: user configuration not honoured leaving the connection unauthenticated via insecure defaults (CVE-2020-10754) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * NetworkManager doesn't reconnect after DHCP failure (BZ#1843357) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10754 CVE-2020-10754 NetworkManager: user configuration not honoured leaving the connection unauthenticated via insecure defaults cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix(es): * dbus: denial of service via file descriptor leak (CVE-2020-12049) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12049 CVE-2020-12049 dbus: denial of service via file descriptor leak cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: use-after-free in sound/core/timer.c (CVE-2019-19807) * kernel: kernel: DAX hugepages not considered during mremap (CVE-2020-10757) * kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection. (CVE-2020-10766) * kernel: Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available. (CVE-2020-10767) * kernel: Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. (CVE-2020-10768) * kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653) * kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654) * Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888) * kernel: kvm: Information leak within a KVM guest (CVE-2019-3016) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.2.z2 source tree (BZ#1829582) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-19807 CVE-2019-3016 CVE-2020-10757 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-12653 CVE-2020-12654 CVE-2020-12888 CVE-2019-19807 kernel: use-after-free in sound/core/timer.c CVE-2019-3016 kernel: kvm: Information leak within a KVM guest CVE-2020-12653 kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c CVE-2020-12654 kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c CVE-2020-12888 Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario CVE-2020-10757 kernel: kernel: DAX hugepages not considered during mremap CVE-2020-10766 kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection. CVE-2020-10767 kernel: Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available. CVE-2020-10768 kernel: Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. AlmaLinux 8 The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fix(es): * mod_auth_openidc: Open redirect in logout url when using URLs with leading slashes (CVE-2019-14857) * mod_auth_openidc: Open redirect issue exists in URLs with slash and backslash (CVE-2019-20479) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Module stream mod_auth_openidc:2.3 does not have correct module.md file (BZ#1844107) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14857 CVE-2019-20479 CVE-2019-14857 mod_auth_openidc: Open redirect in logout url when using URLs with leading slashes CVE-2019-20479 mod_auth_openidc: Open redirect issue exists in URLs with slash and backslash cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Security Fix(es): * Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 (CVE-2020-12417) * Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) * Mozilla: Use-after-free in nsGlobalWindowInner (CVE-2020-12419) * Mozilla: Use-After-Free when trying to connect to a STUN server (CVE-2020-12420) * Mozilla: Add-On updates did not respect the same certificate trust rules as software updates (CVE-2020-12421) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-15646 CVE-2020-12417 Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 CVE-2020-12418 Mozilla: Information disclosure due to manipulated URL object CVE-2020-12419 Mozilla: Use-after-free in nsGlobalWindowInner CVE-2020-12420 Mozilla: Use-After-Free when trying to connect to a STUN server CVE-2020-12421 Mozilla: Add-On updates did not respect the same certificate trust rules as software updates CVE-2020-15646 Mozilla: Automatic account setup leaks Microsoft Exchange login credentials cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. The following packages have been upgraded to a later upstream version: cloud-init (19.4). (BZ#1811912) Security Fix(es): * cloud-init: default configuration disabled deletion of SSH host keys (CVE-2018-10896) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-10896 CVE-2018-10896 cloud-init: default configuration disabled deletion of SSH host keys cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * QEMU: slirp: use-after-free in ip_reass() function in ip_input.c (CVE-2020-1983) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-1983 CVE-2021-20188 CVE-2020-1983 QEMU: slirp: use-after-free in ip_reass() function in ip_input.c CVE-2021-20188 podman: container users permissions are not respected in privileged containers cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection. (CVE-2020-10766) * kernel: Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available. (CVE-2020-10767) * kernel: Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. (CVE-2020-10768) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-10766 kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection. CVE-2020-10767 kernel: Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available. CVE-2020-10768 kernel: Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fix(es): * postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692) This update introduces a backwards incompatible change required to resolve this issue. Refer to the Red Hat Knowledgebase article 5266441 linked to in the References section for information on how to re-enable the old insecure behavior. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-13692 CVE-2020-13692 postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fix(es): * python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2 (CVE-2020-11538) * python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images (CVE-2020-5313) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-11538 CVE-2020-5313 CVE-2020-5313 python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images CVE-2020-11538 python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupd packages provide a service that allows session software to update device firmware. Security Fix(es): * grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713) * grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow (CVE-2020-14308) * grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309) * grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310) * grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311) * grub2: Fail kernel validation without shim protocol (CVE-2020-15705) * grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706) * grub2: Integer overflow in initrd size handling (CVE-2020-15707) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10713 CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-15705 CVE-2020-15706 CVE-2020-15707 CVE-2020-10713 grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process CVE-2020-14308 grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow CVE-2020-14311 grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow CVE-2020-14309 grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow CVE-2020-14310 grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow CVE-2020-15705 grub2: Fail kernel validation without shim protocol CVE-2020-15706 grub2: Use-after-free redefining a function whilst the same function is already executing CVE-2020-15707 grub2: Integer overflow in initrd size handling cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: lockdown: bypass through ACPI write via efivar_ssdt (CVE-2019-20908) * kernel: lockdown: bypass through ACPI write via acpi_configfs (CVE-2020-15780) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel: provide infrastructure to support dual-signing of the kernel (foundation to help address CVE-2020-10713) (BZ#1837433) * [Regression] RHEL8.2 RC - [Boston/DD2.1] [RHEL8.2/kernel-4.18.0-193.el8.ppc64le] Host kernel crashes while running storage test bucket on KVM guest (iscsi) (BZ#1852048) * RHEL8.2 - s390/mm: fix panic in gup_fast on large pud (BZ#1853336) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20908 CVE-2020-15780 CVE-2019-20908 kernel: lockdown: bypass through ACPI write via efivar_ssdt CVE-2020-15780 kernel: lockdown: bypass through ACPI write via acpi_configfs cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: lockdown: bypass through ACPI write via efivar_ssdt (CVE-2019-20908) * kernel: lockdown: bypass through ACPI write via acpi_configfs (CVE-2020-15780) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: provide infrastructure to support dual-signing of the kernel (foundation to help address CVE-2020-10713) (BZ#1837441) * kernel-rt: update RT source tree to the RHEL-8.2.z3 source tree (BZ#1856816) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20908 CVE-2020-15780 CVE-2019-20908 kernel: lockdown: bypass through ACPI write via efivar_ssdt CVE-2020-15780 kernel: lockdown: bypass through ACPI write via acpi_configfs AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.11.0 ESR. Security Fix(es): * chromium-browser: Use after free in ANGLE (CVE-2020-6463) * chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514) * Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652) * Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15652 CVE-2020-15659 CVE-2020-6463 CVE-2020-6514 CVE-2020-6463 chromium-browser: Use after free in ANGLE CVE-2020-6514 chromium-browser: Inappropriate implementation in WebRTC CVE-2020-15652 Mozilla: Potential leak of redirect targets when loading scripts in a worker CVE-2020-15659 Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nspr (4.25.0). (BZ#1809549, BZ#1809550) Security Fix(es): * nss: UAF in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Install of update of nss.x86_64 adds i686 into transaction (BZ#1663187) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1691409) * TLS Keying Material Exporter is unsupported by command line tools (BZ#1691454) * TLS_AES_256_GCM_SHA384 is not marked as FIPS compatible (BZ#1711375) * Make TLS 1.3 work in FIPS mode (BZ#1724250) * NSS rejects records with large padding with SHA384 HMAC (BZ#1750921) * NSS missing IKEv1 Quick Mode KDF (BZ#1809637) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1825270) * FIPS needs nss to restrict valid dh primes to those primes that are approved. (BZ#1854564) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1855825) Enhancement(s): * [RFE] nss should use AES for storage of keys (BZ#1723819) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11756 CVE-2019-17006 CVE-2019-17023 CVE-2020-12399 CVE-2020-12402 CVE-2019-11756 nss: Use-after-free in sftk_FreeSession due to improper refcounting CVE-2019-17006 nss: Check length of inputs for cryptographic primitives CVE-2019-17023 nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state CVE-2020-12399 nss: Timing attack on DSA signature generation CVE-2020-12402 nss: Side channel vulnerabilities during RSA key generation cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Security Fix(es): * chromium-browser: Use after free in ANGLE (CVE-2020-6463) * chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514) * Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652) * Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15652 CVE-2020-15659 CVE-2020-6463 CVE-2020-6514 CVE-2020-6463 chromium-browser: Use after free in ANGLE CVE-2020-6514 chromium-browser: Inappropriate implementation in WebRTC CVE-2020-15652 Mozilla: Potential leak of redirect targets when loading scripts in a worker CVE-2020-15659 Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Security Fix(es): * libvncserver: websocket decoding buffer overflow (CVE-2017-18922) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2017-18922 CVE-2017-18922 libvncserver: websocket decoding buffer overflow cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP15. Security Fix(es): * OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951) (CVE-2020-2601) * OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920) (CVE-2020-14583) * OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119) (CVE-2020-14593) * IBM JDK: Information disclosure via calls to System.arraycopy() with invalid length (CVE-2019-17639) * OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) (CVE-2020-2590) * OpenJDK: Incorrect handling of access control context in ForkJoinPool (Libraries, 8237117) (CVE-2020-14556) * OpenJDK: Unexpected exception raised by DerInputStream (Libraries, 8237731) (CVE-2020-14578) * OpenJDK: Unexpected exception raised by DerValue.equals() (Libraries, 8237736) (CVE-2020-14579) * OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136) (CVE-2020-14621) * OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592) (CVE-2020-14577) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-17639 CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-2590 CVE-2020-2601 CVE-2020-2590 OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) CVE-2020-2601 OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951) CVE-2020-14583 OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920) CVE-2020-14593 OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119) CVE-2020-14621 OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136) CVE-2020-14556 OpenJDK: Incorrect handling of access control context in ForkJoinPool (Libraries, 8237117) CVE-2020-14577 OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592) CVE-2020-14578 OpenJDK: Unexpected exception raised by DerInputStream (Libraries, 8237731) CVE-2020-14579 OpenJDK: Unexpected exception raised by DerValue.equals() (Libraries, 8237736) CVE-2019-17639 IBM JDK: Information disclosure via calls to System.arraycopy() with invalid length AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.107 and .NET Core Runtime 3.1.7. Security Fixes: * .NET Core: ASP.NET Core Resource Consumption Denial of Service (CVE-2020-1597) Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-1597 CVE-2020-1597 dotnet: ASP.NET Core Resource Consumption Denial of Service cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.2.0 ESR. Security Fix(es): * Mozilla: Attacker-induced prompt for extension installation (CVE-2020-15664) * Mozilla: Use-After-Free when aborting an operation (CVE-2020-15669) * Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer (CVE-2020-12422) * Mozilla: X-Frame-Options bypass using object or embed tags (CVE-2020-15648) * Mozilla: Bypassing iframe sandbox when allowing popups (CVE-2020-15653) * Mozilla: Type confusion for special arguments in IonMonkey (CVE-2020-15656) * Mozilla: WebRTC permission prompt could have been bypassed by a compromised content process (CVE-2020-12424) * Mozilla: Out of bound read in Date.parse() (CVE-2020-12425) * Mozilla: Custom cursor can overlay user interface (CVE-2020-15654) * Mozilla: Overriding file type when saving to disk (CVE-2020-15658) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12422 CVE-2020-12424 CVE-2020-12425 CVE-2020-15648 CVE-2020-15653 CVE-2020-15654 CVE-2020-15656 CVE-2020-15658 CVE-2020-15664 CVE-2020-15669 CVE-2020-15653 Mozilla: Bypassing iframe sandbox when allowing popups CVE-2020-15656 Mozilla: Type confusion for special arguments in IonMonkey CVE-2020-15658 Mozilla: Overriding file type when saving to disk CVE-2020-15654 Mozilla: Custom cursor can overlay user interface CVE-2020-15664 Mozilla: Attacker-induced prompt for extension installation CVE-2020-15669 Mozilla: Use-After-Free when aborting an operation CVE-2020-15648 Mozilla: X-Frame-Options bypass using object or embed tags CVE-2020-12422 Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer CVE-2020-12424 Mozilla: WebRTC permission prompt could have been bypassed by a compromised content process CVE-2020-12425 Mozilla: Out of bound read in Date.parse() cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix(es): * squid: HTTP Request Smuggling could result in cache poisoning (CVE-2020-15810) * squid: HTTP Request Splitting could result in cache poisoning (CVE-2020-15811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15810 CVE-2020-15811 CVE-2020-15810 squid: HTTP Request Smuggling could result in cache poisoning CVE-2020-15811 squid: HTTP Request Splitting could result in cache poisoning cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.12.0. Security Fix(es): * Mozilla: Attacker-induced prompt for extension installation (CVE-2020-15664) * Mozilla: Use-After-Free when aborting an operation (CVE-2020-15669) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15664 CVE-2020-15669 CVE-2020-15664 Mozilla: Attacker-induced prompt for extension installation CVE-2020-15669 Mozilla: Use-After-Free when aborting an operation cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The libcroco is a standalone Cascading Style Sheet level 2 (CSS2) parsing and manipulation library. Security Fix(es): * libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c (CVE-2020-12825) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12825 CVE-2020-12825 libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The librepo library provides a C and Python API to download repository metadata. Security Fix(es): * librepo: missing path validation in repomd.xml may lead to directory traversal (CVE-2020-14352) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14352 CVE-2020-14352 librepo: missing path validation in repomd.xml may lead to directory traversal cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php (7.3.20). (BZ#1856655) Security Fix(es): * php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers() (CVE-2019-11039) * php: Buffer over-read in exif_read_data() (CVE-2019-11040) * php: DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte (CVE-2019-11045) * php: Information disclosure in exif_read_data() (CVE-2019-11047) * php: Integer wraparounds when receiving multipart forms (CVE-2019-11048) * oniguruma: Use-after-free in onig_new_deluxe() in regext.c (CVE-2019-13224) * oniguruma: NULL pointer dereference in match_at() in regexec.c (CVE-2019-13225) * oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c (CVE-2019-16163) * oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c (CVE-2019-19203) * oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c (CVE-2019-19204) * pcre: Out of bounds read in JIT mode when \X is used in non-UTF mode (CVE-2019-20454) * php: Out of bounds read in php_strip_tags_ex (CVE-2020-7059) * php: Global buffer-overflow in mbfl_filt_conv_big5_wchar function (CVE-2020-7060) * php: NULL pointer dereference in PHP session upload progress (CVE-2020-7062) * php: Files added to tar with Phar::buildFromIterator have all-access permissions (CVE-2020-7063) * php: Information disclosure in exif_read_data() function (CVE-2020-7064) * php: Using mb_strtolower() function with UTF-32LE encoding leads to potential code execution (CVE-2020-7065) * php: Heap buffer over-read in exif_scan_thumbnail() (CVE-2019-11041) * php: Heap buffer over-read in exif_process_user_comment() (CVE-2019-11042) * php: Out of bounds read when parsing EXIF information (CVE-2019-11050) * oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c (CVE-2019-19246) * php: Information disclosure in function get_headers (CVE-2020-7066) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11039 CVE-2019-11040 CVE-2019-11041 CVE-2019-11042 CVE-2019-11045 CVE-2019-11047 CVE-2019-11048 CVE-2019-11050 CVE-2019-13224 CVE-2019-13225 CVE-2019-16163 CVE-2019-19203 CVE-2019-19204 CVE-2019-19246 CVE-2019-20454 CVE-2020-7059 CVE-2020-7060 CVE-2020-7062 CVE-2020-7063 CVE-2020-7064 CVE-2020-7065 CVE-2020-7066 CVE-2019-11039 php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers() CVE-2019-11040 php: Buffer over-read in exif_read_data() CVE-2019-13225 oniguruma: NULL pointer dereference in match_at() in regexec.c CVE-2019-13224 oniguruma: Use-after-free in onig_new_deluxe() in regext.c CVE-2019-20454 pcre: Out of bounds read in JIT mode when \X is used in non-UTF mode CVE-2019-11041 php: Heap buffer over-read in exif_scan_thumbnail() CVE-2019-11042 php: Heap buffer over-read in exif_process_user_comment() CVE-2019-16163 oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c CVE-2019-19246 oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c CVE-2019-11047 php: Information disclosure in exif_read_data() CVE-2019-11045 php: DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte CVE-2019-11050 php: Out of bounds read when parsing EXIF information CVE-2020-7059 php: Out of bounds read in php_strip_tags_ex CVE-2020-7060 php: Global buffer-overflow in mbfl_filt_conv_big5_wchar function CVE-2019-19203 oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c CVE-2019-19204 oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c CVE-2020-7062 php: NULL pointer dereference in PHP session upload progress CVE-2020-7063 php: Files added to tar with Phar::buildFromIterator have all-access permissions CVE-2020-7064 php: Information disclosure in exif_read_data() function CVE-2020-7066 php: Information disclosure in function get_headers CVE-2020-7065 php: Using mb_strtolower() function with UTF-32LE encoding leads to potential code execution CVE-2019-11048 php: Integer wraparounds when receiving multipart forms cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040) * golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586) * golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14040 CVE-2020-15586 CVE-2020-16845 CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 PostgreSQL is an advanced object-relational database management system (DBMS). The following packages have been upgraded to a later upstream version: postgresql (10.14). Security Fix(es): * postgresql: Stack-based buffer overflow via setting a password (CVE-2019-10164) * postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution (CVE-2019-10208) * postgresql: Uncontrolled search path element in logical replication (CVE-2020-14349) * postgresql: Uncontrolled search path element in CREATE EXTENSION (CVE-2020-14350) * postgresql: Selectivity estimators bypass row security policies (CVE-2019-10130) * postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks (CVE-2020-1720) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Module stream postgresql:10 does not have correct module.md file (BZ#1857228) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10130 CVE-2019-10164 CVE-2019-10208 CVE-2020-14349 CVE-2020-14350 CVE-2020-1720 CVE-2019-10130 postgresql: Selectivity estimators bypass row security policies CVE-2019-10164 postgresql: Stack-based buffer overflow via setting a password CVE-2019-10208 postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution CVE-2020-1720 postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks CVE-2020-14349 postgresql: Uncontrolled search path element in logical replication CVE-2020-14350 postgresql: Uncontrolled search path element in CREATE EXTENSION cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.108 and .NET Core Runtime 3.1.8. Security Fixes: * .NET Core: ASP.NET cookie prefix spoofing vulnerability (CVE-2020-1045) Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-1045 CVE-2020-1045 dotnet: ASP.NET cookie prefix spoofing vulnerability cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: Resource exhaustion via deeply nested MIME parts (CVE-2020-12100) * dovecot: Out of bound reads in dovecot NTLM implementation (CVE-2020-12673) * dovecot: Crash due to assert in RPA implementation (CVE-2020-12674) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12100 CVE-2020-12673 CVE-2020-12674 CVE-2020-12100 dovecot: Resource exhaustion via deeply nested MIME parts CVE-2020-12673 dovecot: Out of bound reads in dovecot NTLM implementation CVE-2020-12674 dovecot: Crash due to assert in RPA implementation cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: Push diary crash on specifically crafted HTTP/2 header (CVE-2020-9490) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-9490 CVE-2020-9490 httpd: Push diary crash on specifically crafted HTTP/2 header cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql (8.0.21). Security Fix(es): * mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761, CVE-2020-2774, CVE-2020-2779, CVE-2020-2853, CVE-2020-14586, CVE-2020-14702) * mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2019-2914, CVE-2019-2957) * mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2938, CVE-2019-2963, CVE-2019-2968, CVE-2019-3018, CVE-2020-2577, CVE-2020-2589, CVE-2020-2760, CVE-2020-2762, CVE-2020-2814, CVE-2020-2893, CVE-2020-2895, CVE-2020-14568, CVE-2020-14623, CVE-2020-14633, CVE-2020-14634) * mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2946, CVE-2020-2925) * mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2019-2960, CVE-2020-2759, CVE-2020-2763, CVE-2020-14567) * mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2019-2966, CVE-2019-2967, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2998, CVE-2020-2579, CVE-2020-2660, CVE-2020-2679, CVE-2020-2686, CVE-2020-2765, CVE-2020-2892, CVE-2020-2897, CVE-2020-2901, CVE-2020-2904, CVE-2020-2923, CVE-2020-2924, CVE-2020-2928, CVE-2020-14539, CVE-2020-14547, CVE-2020-14597, CVE-2020-14614, CVE-2020-14654, CVE-2020-14680, CVE-2020-14725) * mysql: Server: C API multiple unspecified vulnerabilities (CVE-2019-2993, CVE-2019-3011) * mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2997, CVE-2020-2580) * mysql: Server: Parser multiple unspecified vulnerabilities (CVE-2019-3004, CVE-2020-2627, CVE-2020-2930, CVE-2020-14619) * mysql: Server: Connection unspecified vulnerability (CVE-2019-3009) * mysql: Server: Options multiple unspecified vulnerabilities (CVE-2020-2584, CVE-2020-14632) * mysql: Server: DML multiple unspecified vulnerabilities (CVE-2020-2588, CVE-2020-2780, CVE-2020-14540, CVE-2020-14575, CVE-2020-14620) * mysql: C API multiple unspecified vulnerabilities (CVE-2020-2752, CVE-2020-2922, CVE-2020-14550, CVE-2020-2570, CVE-2020-2573, CVE-2020-2574) * mysql: Server: Logging unspecified vulnerability (CVE-2020-2770) * mysql: Server: Memcached unspecified vulnerability (CVE-2020-2804) * mysql: Server: Stored Procedure unspecified vulnerability (CVE-2020-2812) * mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2020-2896, CVE-2020-14559, CVE-2020-2694) * mysql: Server: Charsets unspecified vulnerability (CVE-2020-2898) * mysql: Server: Connection Handling unspecified vulnerability (CVE-2020-2903) * mysql: Server: Group Replication Plugin unspecified vulnerability (CVE-2020-2921) * mysql: Server: Group Replication GCS unspecified vulnerability (CVE-2020-2926) * mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2020-14553) * mysql: Server: UDF unspecified vulnerability (CVE-2020-14576) * mysql: Server: JSON unspecified vulnerability (CVE-2020-14624) * mysql: Server: Security: Audit unspecified vulnerability (CVE-2020-14631) * mysql: Server: Security: Roles multiple unspecified vulnerabilities (CVE-2020-14641, CVE-2020-14643, CVE-2020-14651) * mysql: Server: Locking unspecified vulnerability (CVE-2020-14656) * mysql: Information Schema unspecified vulnerability (CVE-2019-2911) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-2911 CVE-2019-2914 CVE-2019-2938 CVE-2019-2946 CVE-2019-2957 CVE-2019-2960 CVE-2019-2963 CVE-2019-2966 CVE-2019-2967 CVE-2019-2968 CVE-2019-2974 CVE-2019-2982 CVE-2019-2991 CVE-2019-2993 CVE-2019-2997 CVE-2019-2998 CVE-2019-3004 CVE-2019-3009 CVE-2019-3011 CVE-2019-3018 CVE-2020-14539 CVE-2020-14540 CVE-2020-14547 CVE-2020-14550 CVE-2020-14553 CVE-2020-14559 CVE-2020-14567 CVE-2020-14568 CVE-2020-14575 CVE-2020-14576 CVE-2020-14586 CVE-2020-14597 CVE-2020-14614 CVE-2020-14619 CVE-2020-14620 CVE-2020-14623 CVE-2020-14624 CVE-2020-14631 CVE-2020-14632 CVE-2020-14633 CVE-2020-14634 CVE-2020-14641 CVE-2020-14643 CVE-2020-14651 CVE-2020-14654 CVE-2020-14656 CVE-2020-14663 CVE-2020-14678 CVE-2020-14680 CVE-2020-14697 CVE-2020-14702 CVE-2020-14725 CVE-2020-14799 CVE-2020-2570 CVE-2020-2573 CVE-2020-2574 CVE-2020-2577 CVE-2020-2579 CVE-2020-2580 CVE-2020-2584 CVE-2020-2588 CVE-2020-2589 CVE-2020-2627 CVE-2020-2660 CVE-2020-2679 CVE-2020-2686 CVE-2020-2694 CVE-2020-2752 CVE-2020-2759 CVE-2020-2760 CVE-2020-2761 CVE-2020-2762 CVE-2020-2763 CVE-2020-2765 CVE-2020-2770 CVE-2020-2774 CVE-2020-2779 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2814 CVE-2020-2853 CVE-2020-2892 CVE-2020-2893 CVE-2020-2895 CVE-2020-2896 CVE-2020-2897 CVE-2020-2898 CVE-2020-2901 CVE-2020-2903 CVE-2020-2904 CVE-2020-2921 CVE-2020-2922 CVE-2020-2923 CVE-2020-2924 CVE-2020-2925 CVE-2020-2926 CVE-2020-2928 CVE-2020-2930 CVE-2021-1998 CVE-2021-2006 CVE-2021-2007 CVE-2021-2009 CVE-2021-2012 CVE-2021-2016 CVE-2021-2019 CVE-2021-2020 CVE-2021-2144 CVE-2021-2160 CVE-2019-2911 mysql: Information Schema unspecified vulnerability (CPU Oct 2019) CVE-2019-2914 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019) CVE-2019-2938 mysql: InnoDB unspecified vulnerability (CPU Oct 2019) CVE-2019-2946 mysql: Server: PS unspecified vulnerability (CPU Oct 2019) CVE-2019-2957 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019) CVE-2019-2960 mysql: Server: Replication unspecified vulnerability (CPU Oct 2019) CVE-2019-2963 mysql: InnoDB unspecified vulnerability (CPU Oct 2019) CVE-2019-2966 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) CVE-2019-2967 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) CVE-2019-2968 mysql: InnoDB unspecified vulnerability (CPU Oct 2019) CVE-2019-2974 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) CVE-2019-2982 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) CVE-2019-2991 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) CVE-2019-2993 mysql: Server: C API unspecified vulnerability (CPU Oct 2019) CVE-2019-2997 mysql: Server: DDL unspecified vulnerability (CPU Oct 2019) CVE-2019-2998 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) CVE-2019-3004 mysql: Server: Parser unspecified vulnerability (CPU Oct 2019) CVE-2019-3009 mysql: Server: Connection unspecified vulnerability (CPU Oct 2019) CVE-2019-3011 mysql: Server: C API unspecified vulnerability (CPU Oct 2019) CVE-2019-3018 mysql: InnoDB unspecified vulnerability (CPU Oct 2019) CVE-2020-2577 mysql: InnoDB unspecified vulnerability (CPU Jan 2020) CVE-2020-2579 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020) CVE-2020-2580 mysql: Server: DDL unspecified vulnerability (CPU Jan 2020) CVE-2020-2584 mysql: Server: Options unspecified vulnerability (CPU Jan 2020) CVE-2020-2588 mysql: Server: DML unspecified vulnerability (CPU Jan 2020) CVE-2020-2589 mysql: InnoDB unspecified vulnerability (CPU Jan 2020) CVE-2020-2660 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020) CVE-2020-2679 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020) CVE-2020-2686 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020) CVE-2020-2694 mysql: Server: Information Schema unspecified vulnerability (CPU Jan 2020) CVE-2020-2627 mysql: Server: Parser unspecified vulnerability (CPU Jan 2020) CVE-2020-2570 mysql: C API unspecified vulnerability (CPU Jan 2020) CVE-2020-2573 mysql: C API unspecified vulnerability (CPU Jan 2020) CVE-2020-2574 mysql: C API unspecified vulnerability (CPU Jan 2020) CVE-2020-2759 mysql: Server: Replication unspecified vulnerability (CPU Apr 2020) CVE-2020-2761 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020) CVE-2020-2762 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) CVE-2020-2763 mysql: Server: Replication unspecified vulnerability (CPU Apr 2020) CVE-2020-2765 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) CVE-2020-2770 mysql: Server: Logging unspecified vulnerability (CPU Apr 2020) CVE-2020-2774 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020) CVE-2020-2779 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020) CVE-2020-2780 mysql: Server: DML unspecified vulnerability (CPU Apr 2020) CVE-2020-2804 mysql: Server: Memcached unspecified vulnerability (CPU Apr 2020) CVE-2020-2812 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020) CVE-2020-2814 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) CVE-2020-2853 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020) CVE-2020-2892 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) CVE-2020-2893 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) CVE-2020-2895 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) CVE-2020-2896 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2020) CVE-2020-2897 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) CVE-2020-2898 mysql: Server: Charsets unspecified vulnerability (CPU Apr 2020) CVE-2020-2901 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) CVE-2020-2903 mysql: Server: Connection Handling unspecified vulnerability (CPU Apr 2020) CVE-2020-2904 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) CVE-2020-2921 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2020) CVE-2020-2923 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) CVE-2020-2924 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) CVE-2020-2925 mysql: Server: PS unspecified vulnerability (CPU Apr 2020) CVE-2020-2926 mysql: Server: Group Replication GCS unspecified vulnerability (CPU Apr 2020) CVE-2020-2928 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) CVE-2020-2930 mysql: Server: Parser unspecified vulnerability (CPU Apr 2020) CVE-2020-2760 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) CVE-2020-2752 mysql: C API unspecified vulnerability (CPU Apr 2020) CVE-2020-2922 mysql: C API unspecified vulnerability (CPU Apr 2020) CVE-2020-14539 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) CVE-2020-14540 mysql: Server: DML unspecified vulnerability (CPU Jul 2020) CVE-2020-14547 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) CVE-2020-14550 mysql: C API unspecified vulnerability (CPU Jul 2020) CVE-2020-14553 mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2020) CVE-2020-14559 mysql: Server: Information Schema unspecified vulnerability (CPU Jul 2020) CVE-2020-14567 mysql: Server: Replication unspecified vulnerability (CPU Jul 2020) CVE-2020-14568 mysql: InnoDB unspecified vulnerability (CPU Jul 2020) CVE-2020-14575 mysql: Server: DML unspecified vulnerability (CPU Jul 2020) CVE-2020-14576 mysql: Server: UDF unspecified vulnerability (CPU Jul 2020) CVE-2020-14586 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020) CVE-2020-14597 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) CVE-2020-14614 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) CVE-2020-14619 mysql: Server: Parser unspecified vulnerability (CPU Jul 2020) CVE-2020-14620 mysql: Server: DML unspecified vulnerability (CPU Jul 2020) CVE-2020-14623 mysql: InnoDB unspecified vulnerability (CPU Jul 2020) CVE-2020-14624 mysql: Server: JSON unspecified vulnerability (CPU Jul 2020) CVE-2020-14631 mysql: Server: Security: Audit unspecified vulnerability (CPU Jul 2020) CVE-2020-14632 mysql: Server: Options unspecified vulnerability (CPU Jul 2020) CVE-2020-14633 mysql: InnoDB unspecified vulnerability (CPU Jul 2020) CVE-2020-14634 mysql: InnoDB unspecified vulnerability (CPU Jul 2020) CVE-2020-14641 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020) CVE-2020-14643 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020) CVE-2020-14654 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) CVE-2020-14656 mysql: Server: Locking unspecified vulnerability (CPU Jul 2020) CVE-2020-14663 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020) CVE-2020-14678 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020) CVE-2020-14680 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) CVE-2020-14697 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020) CVE-2020-14702 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020) CVE-2020-14725 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) CVE-2020-14651 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020) CVE-2020-14799 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2020) CVE-2021-1998 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) CVE-2021-2006 mysql: C API unspecified vulnerability (CPU Jan 2021) CVE-2021-2007 mysql: C API unspecified vulnerability (CPU Jan 2021) CVE-2021-2019 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2021) CVE-2021-2020 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) CVE-2021-2016 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) CVE-2021-2012 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2021) CVE-2021-2009 mysql: Server: Security: Roles unspecified vulnerability (CPU Jan 2021) CVE-2021-2144 mysql: Server: Parser unspecified vulnerability (CPU Apr 2021) CVE-2021-2160 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.3.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 (CVE-2020-15673) * Mozilla: XSS when pasting attacker-controlled data into a contenteditable element (CVE-2020-15676) * Mozilla: Download origin spoofing via redirect (CVE-2020-15677) * Mozilla: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario (CVE-2020-15678) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 CVE-2020-15677 Mozilla: Download origin spoofing via redirect CVE-2020-15676 Mozilla: XSS when pasting attacker-controlled data into a contenteditable element CVE-2020-15678 Mozilla: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario CVE-2020-15673 Mozilla: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es): * QEMU: usb: out-of-bounds r/w access issue while processing usb packets (CVE-2020-14364) * QEMU: slirp: networking out-of-bounds read information disclosure vulnerability (CVE-2020-10756) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10756 CVE-2020-14364 CVE-2020-10756 QEMU: slirp: networking out-of-bounds read information disclosure vulnerability CVE-2020-14364 QEMU: usb: out-of-bounds r/w access issue while processing usb packets cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.3.1. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 (CVE-2020-15673) * Mozilla: XSS when pasting attacker-controlled data into a contenteditable element (CVE-2020-15676) * Mozilla: Download origin spoofing via redirect (CVE-2020-15677) * Mozilla: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario (CVE-2020-15678) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 CVE-2020-15677 Mozilla: Download origin spoofing via redirect CVE-2020-15676 Mozilla: XSS when pasting attacker-controlled data into a contenteditable element CVE-2020-15678 Mozilla: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario CVE-2020-15673 Mozilla: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. The spice-gtk packages provide a GIMP Toolkit (GTK+) widget for Simple Protocol for Independent Computing Environments (SPICE) clients. Both Virtual Machine Manager and Virtual Machine Viewer can make use of this widget to access virtual machines using the SPICE protocol. Security Fix(es): * spice: multiple buffer overflow vulnerabilities in QUIC decoding code (CVE-2020-14355) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14355 CVE-2020-14355 spice: multiple buffer overflow vulnerabilities in QUIC decoding code cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (12.18.4). Security Fix(es): * nodejs-dot-prop: prototype pollution (CVE-2020-8116) * nodejs: HTTP request smuggling due to CR-to-Hyphen conversion (CVE-2020-8201) * npm: Sensitive information exposure through logs (CVE-2020-15095) * libuv: buffer overflow in realpath (CVE-2020-8252) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * The nodejs:12/development module is not installable (BZ#1883966) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15095 CVE-2020-8116 CVE-2020-8201 CVE-2020-8252 CVE-2020-15095 npm: sensitive information exposure through logs CVE-2020-8116 nodejs-dot-prop: prototype pollution CVE-2020-8201 nodejs: HTTP request smuggling due to CR-to-Hyphen conversion CVE-2020-8252 libuv: buffer overflow in realpath cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net: bluetooth: type confusion while processing AMP packets (CVE-2020-12351) * kernel: net: bluetooth: information leak when processing certain AMP packets (CVE-2020-12352) * kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt (CVE-2020-14385) * kernel: memory corruption in net/packet/af_packet.c leads to elevation of privilege (CVE-2020-14386) * kernel: kernel: buffer over write in vgacon_scroll (CVE-2020-14331) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [mlx5] stale ethtool steering rules remain after moving back to legacy mode (BZ#1857777) * 50% cpu in masked_flow_update with pop to pod TCP_RR (BZ#1859216) * take into account GSO and fragmented packets in execute_check_pkt_len action (BZ#1860169) * RHEL8.1 - scsi: ibmvfc: Avoid loss of all paths during SVC node reboot (BZ#1866371) * RHEL8.3 Pre-Beta - smc: SMC connections hang with later-level implementations (BZ#1866390) * Incorrect pinning of IRQ threads on isolated CPUs by drivers that use cpumask_local_spread() (BZ#1867174) * [RHEL8] Fixes for DEADLINE scheduler class (BZ#1867612) * RHEL8.1 - s390/pci: Fix unexpected write combine on resource (BZ#1869276) * dm multipath: fix spurious failures during IO completion [EIOP-8345] (BZ#1869386) * IO on virtio-scsi hangs when running cpu hotplug test (BZ#1869779) * store_rps_map doesn't accept an empty bitmask, which is required for disabling RPS on a queue (BZ#1870181) * Memory registration cache data corruption possible, fix requires backporting (BZ#1872424) * fix another case of wait list corruption for PSM/sdma (BZ#1872766) * [RHEL-8] Segmentation fault (core dumped) when fi_bw -e msg -v -T 1 -p "verbs" (BZ#1872771) * fix mounting and inode number handling on s390x (BZ#1875787) * failure to enter nohz_full mode for non SCHED_FIFO tasks (BZ#1877417) * Secure boot key is not loaded with kernel-4.18.0-232.el8.x86_64 / shim-x64-15-15 (BZ#1877528) * [RHEL-8.3] Kdump failed to start when secure boot enabled: kexec_file_load failed: Required key not available (BZ#1877530) * [RHEL-8.3] Kdump/kexec kernel panicked on EFI boot: general protection fault: 0000 [#1] SMP PTI (BZ#1879988) * Sleeping or scheduling after sched_cpu_dying() led to "scheduling while atomic" and BUG at kernel/cpu.c:907! (BZ#1880081) * [conntrack] udp packet reverse NAT occasionally fail when race condition request combination with the DNAT load balancing rules (BZ#1882095) * [Regression] RHEL8.3 Beta - Do not initiate shutdown for EPOW_SHUTDOWN_ON_UPS event (BZ#1882243) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12351 CVE-2020-12352 CVE-2020-14331 CVE-2020-14385 CVE-2020-14386 CVE-2020-14331 kernel: kernel: buffer over write in vgacon_scroll CVE-2020-14385 kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt CVE-2020-14386 kernel: memory corruption in net/packet/af_packet.c leads to elevation of privilege CVE-2020-12351 kernel: net: bluetooth: type confusion while processing AMP packets CVE-2020-12352 kernel: net: bluetooth: information leak when processing certain AMP packets cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: net: bluetooth: type confusion while processing AMP packets (CVE-2020-12351) * kernel: net: bluetooth: information leak when processing certain AMP packets (CVE-2020-12352) * kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt (CVE-2020-14385) * kernel: memory corruption in net/packet/af_packet.c leads to elevation of privilege (CVE-2020-14386) * kernel: kernel: buffer over write in vgacon_scroll (CVE-2020-14331) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.2.z Batch#4 source tree (BZ#1877921) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12351 CVE-2020-12352 CVE-2020-14331 CVE-2020-14385 CVE-2020-14386 CVE-2020-14331 kernel: kernel: buffer over write in vgacon_scroll CVE-2020-14385 kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt CVE-2020-14386 kernel: memory corruption in net/packet/af_packet.c leads to elevation of privilege CVE-2020-12351 kernel: net: bluetooth: type confusion while processing AMP packets CVE-2020-12352 kernel: net: bluetooth: information leak when processing certain AMP packets AlmaLinux 8 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781) * OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) (CVE-2020-14782) * OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114) (CVE-2020-14792) * OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685) (CVE-2020-14797) * OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136) (CVE-2020-14803) * OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862) (CVE-2020-14779) * OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680) (CVE-2020-14796) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * "java-11-openjdk-headless" scriptlet failed during RHEL7 > RHEL8 upgrade transaction (BZ#1871709) * java-11-openjdk property java.vendor is "N/A" (BZ#1873390) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14803 CVE-2020-14779 OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862) CVE-2020-14781 OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) CVE-2020-14792 OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114) CVE-2020-14782 OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) CVE-2020-14796 OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680) CVE-2020-14797 OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685) CVE-2020-14803 OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.4.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683) * chromium-browser: Use after free in WebRTC (CVE-2020-15969) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15683 CVE-2020-15969 CVE-2020-15969 chromium-browser: Use after free in WebRTC CVE-2020-15683 Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt (CVE-2020-14385) * kernel: memory corruption in net/packet/af_packet.c leads to elevation of privilege (CVE-2020-14386) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14385 CVE-2020-14386 CVE-2020-14385 kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt CVE-2020-14386 kernel: memory corruption in net/packet/af_packet.c leads to elevation of privilege cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781) * OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) (CVE-2020-14782) * OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114) (CVE-2020-14792) * OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685) (CVE-2020-14797) * OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136) (CVE-2020-14803) * OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862) (CVE-2020-14779) * OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680) (CVE-2020-14796) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14803 CVE-2020-14779 OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862) CVE-2020-14781 OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) CVE-2020-14792 OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114) CVE-2020-14782 OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) CVE-2020-14796 OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680) CVE-2020-14797 OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685) CVE-2020-14803 OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use after free in the video driver leads to local privilege escalation (CVE-2019-9458) * kernel: use-after-free in drivers/bluetooth/hci_ldisc.c (CVE-2019-15917) * kernel: out-of-bounds access in function hclge_tm_schd_mode_vnet_base_cfg (CVE-2019-15925) * kernel: memory leak in ccp_run_sha_cmd() (CVE-2019-18808) * kernel: Denial Of Service in the __ipmi_bmc_register() (CVE-2019-19046) * kernel: out-of-bounds write in ext4_xattr_set_entry (CVE-2019-19319) * Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid (CVE-2019-19332) * kernel: use-after-free in ext4_put_super (CVE-2019-19447) * kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free (CVE-2019-19524) * kernel: race condition caused by a malicious USB device in the USB character device driver layer (CVE-2019-19537) * kernel: use-after-free in serial_ir_init_module() (CVE-2019-19543) * kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry (CVE-2019-19767) * kernel: use-after-free in debugfs_remove (CVE-2019-19770) * kernel: out-of-bounds write via crafted keycode table (CVE-2019-20636) * kernel: possible use-after-free due to a race condition in cdev_get (CVE-2020-0305) * kernel: out-of-bounds read in in vc_do_resize function (CVE-2020-8647) * kernel: use-after-free in n_tty_receive_buf_common function (CVE-2020-8648) * kernel: invalid read location in vgacon_invert_region function (CVE-2020-8649) * kernel: uninitialized kernel data leak in userspace coredumps (CVE-2020-10732) * kernel: SELinux netlink permission check bypass (CVE-2020-10751) * kernel: out-of-bounds write in mpol_parse_str (CVE-2020-11565) * kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c (CVE-2020-11668) * kernel: buffer overflow in mt76_add_fragment function (CVE-2020-12465) * kernel: xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write which could result in crash and data coruption (CVE-2020-12659) * kernel: sg_write function lacks an sg_remove_request call in a certain failure case (CVE-2020-12770) * kernel: possible to send arbitrary signals to a privileged (suidroot) parent process (CVE-2020-12826) * kernel: referencing inode of removed superblock in get_futex_key() causes UAF (CVE-2020-14381) * kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in DoS (CVE-2020-25641) * kernel: kernel pointer leak due to WARN_ON statement in video driver leads to local information disclosure (CVE-2019-9455) * kernel: null pointer dereference in dlpar_parse_cc_property (CVE-2019-12614) * kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c (CVE-2019-16231) * kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c (CVE-2019-16233) * kernel: memory leak in af9005_identify_state() function (CVE-2019-18809) * kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function (CVE-2019-19056) * kernel: memory leak in the crypto_report() function (CVE-2019-19062) * kernel: Two memory leaks in the rtl_usb_probe() function (CVE-2019-19063) * kernel: A memory leak in the rtl8xxxu_submit_int_urb() function (CVE-2019-19068) * kernel: A memory leak in the predicate_parse() function (CVE-2019-19072) * kernel: information leak bug caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c (CVE-2019-19533) * kernel: Null pointer dereference in drop_sysctl_table() (CVE-2019-20054) * kernel: kernel stack information leak on s390/s390x (CVE-2020-10773) * kernel: possibility of memory disclosure when reading the file /proc/sys/kernel/rh_features (CVE-2020-10774) * kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field (CVE-2020-10942) * kernel: sync of excessive duration via an XFS v5 image with crafted metadata (CVE-2020-12655) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-12614 CVE-2019-15917 CVE-2019-15925 CVE-2019-16231 CVE-2019-16233 CVE-2019-18808 CVE-2019-18809 CVE-2019-19046 CVE-2019-19056 CVE-2019-19062 CVE-2019-19063 CVE-2019-19068 CVE-2019-19072 CVE-2019-19319 CVE-2019-19332 CVE-2019-19447 CVE-2019-19524 CVE-2019-19533 CVE-2019-19537 CVE-2019-19543 CVE-2019-19602 CVE-2019-19767 CVE-2019-19770 CVE-2019-20054 CVE-2019-20636 CVE-2019-20812 CVE-2019-9455 CVE-2019-9458 CVE-2020-0305 CVE-2020-0444 CVE-2020-10732 CVE-2020-10751 CVE-2020-10773 CVE-2020-10774 CVE-2020-10942 CVE-2020-11565 CVE-2020-11668 CVE-2020-12465 CVE-2020-12655 CVE-2020-12659 CVE-2020-12770 CVE-2020-12826 CVE-2020-14381 CVE-2020-25641 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2021-3715 CVE-2019-12614 kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service CVE-2019-15925 kernel: out-of-bounds access in function hclge_tm_schd_mode_vnet_base_cfg CVE-2019-15917 kernel: use-after-free in drivers/bluetooth/hci_ldisc.c CVE-2019-16231 kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c CVE-2019-16233 kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c CVE-2019-19072 kernel: A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c allows for a DoS CVE-2019-19068 kernel: A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c allows for a DoS CVE-2019-19046 kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c CVE-2019-19063 kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS CVE-2019-19062 kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS CVE-2019-19056 kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows to cause DoS CVE-2019-18808 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c CVE-2019-18809 kernel: memory leak in af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c CVE-2019-19332 Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid CVE-2019-19447 kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c CVE-2019-19543 kernel: use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c CVE-2019-19524 kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free CVE-2019-19533 kernel: information leak bug caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c CVE-2019-19537 kernel: race condition caused by a malicious USB device in the USB character device driver layer CVE-2019-19319 kernel: out-of-bounds write in ext4_xattr_set_entry in fs/ext4/xattr.c CVE-2019-19602 kernel: cached use of fpu_fpregs_owner_ctx in arch/x86/include/asm/fpu/internal.h can lead to DoS CVE-2019-19767 kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c CVE-2019-19770 kernel: use-after-free in debugfs_remove in fs/debugfs/inode.c CVE-2019-20054 kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c CVE-2020-8649 kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c CVE-2020-8648 kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c CVE-2020-8647 kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c CVE-2020-10942 kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field CVE-2019-9458 kernel: use after free due to race condition in the video driver leads to local privilege escalation CVE-2019-9455 kernel: kernel pointer leak due to WARN_ON statement in video driver leads to local information disclosure CVE-2020-12826 kernel: possible to send arbitrary signals to a privileged (suidroot) parent process CVE-2019-20636 kernel: out-of-bounds write via crafted keycode table CVE-2020-11668 kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c CVE-2020-11565 kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c CVE-2020-10732 kernel: uninitialized kernel data leak in userspace coredumps CVE-2020-12465 kernel: buffer overflow in mt76_add_fragment function in drivers/net/wireless/mediatek/mt76/dma.c CVE-2020-12655 kernel: sync of excessive duration via an XFS v5 image with crafted metadata CVE-2020-12659 kernel: xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write which could result in crash and data coruption CVE-2020-12770 kernel: sg_write function lacks an sg_remove_request call in a certain failure case CVE-2020-10751 kernel: SELinux netlink permission check bypass CVE-2020-10773 kernel: kernel stack information leak on s390/s390x CVE-2019-20812 kernel: af_packet: TPACKET_V3: invalid timer timeout on error CVE-2020-10774 kernel: possibility of memory disclosure when reading the file /proc/sys/kernel/rh_features CVE-2020-0305 kernel: possible use-after-free due to a race condition in cdev_get of char_dev.c CVE-2020-14381 kernel: referencing inode of removed superblock in get_futex_key() causes UAF CVE-2020-25641 kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in DoS CVE-2020-0444 kernel: bad kfree in auditfilter.c may lead to escalation of privilege CVE-2021-3715 kernel: use-after-free in route4_change() in net/sched/cls_route.c cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index (PyPI). pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". Security Fix(es): * python-pip: directory traversal in _download_http_url() function in src/pip/_internal/download.py (CVE-2019-20916) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20916 CVE-2019-20916 python-pip: directory traversal in _download_http_url() function in src/pip/_internal/download.py cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: XSS vulnerability in the documentation XML-RPC server in server_title field (CVE-2019-16935) * python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907) * python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS (CVE-2020-8492) * python: DoS via inefficiency in IPv{4,6}Interface classes (CVE-2020-14422) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-16935 CVE-2019-20907 CVE-2020-14422 CVE-2020-8492 CVE-2019-16935 python: XSS vulnerability in the documentation XML-RPC server in server_title field CVE-2020-8492 python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS CVE-2020-14422 python: DoS via inefficiency in IPv{4,6}Interface classes CVE-2019-20907 python: infinite loop in the tarfile module via crafted TAR archive cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The gnome-software packages contain an application that makes it easy to add, remove, and update software in the GNOME desktop. The appstream-data package provides the distribution specific AppStream metadata required for the GNOME and KDE software centers. The fwupd packages provide a service that allows session software to update device firmware. The following packages have been upgraded to a later upstream version: gnome-software (3.36.1), fwupd (1.4.2). Security Fix(es): * fwupd: Possible bypass in signature verification (CVE-2020-10759) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10759 CVE-2020-10759 fwupd: Possible bypass in signature verification cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Security Fix(es): * sqlite: Use-after-free in window function leading to remote code execution (CVE-2019-5018) * sqlite: Division by zero in whereLoopAddBtreeIndex in sqlite3.c (CVE-2019-16168) * sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error (CVE-2019-20218) * sqlite: Out-of-bounds read in SELECT with ON/USING clause (CVE-2020-6405) * sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations (CVE-2020-9327) * sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c (CVE-2020-13630) * sqlite: Virtual table can be renamed into the name of one of its shadow tables (CVE-2020-13631) * sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query (CVE-2020-13632) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-16168 CVE-2019-20218 CVE-2019-5018 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632 CVE-2020-6405 CVE-2020-9327 CVE-2019-5018 sqlite: Use-after-free in window function leading to remote code execution CVE-2019-16168 sqlite: Division by zero in whereLoopAddBtreeIndex in sqlite3.c CVE-2019-20218 sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error CVE-2020-6405 sqlite: Out-of-bounds read in SELECT with ON/USING clause CVE-2020-9327 sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations CVE-2020-13630 sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c CVE-2020-13631 sqlite: Virtual table can be renamed into the name of one of its shadow tables CVE-2020-13632 sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: out-of-bounds read in archive_wstring_append_from_mbs in archive_string.c (CVE-2019-19221) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-19221 CVE-2019-19221 libarchive: out-of-bounds read in archive_wstring_append_from_mbs in archive_string.c cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: array overflow in backtrace functions for powerpc (CVE-2020-1751) * glibc: use-after-free in glob() function when expanding ~user (CVE-2020-1752) * glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions (CVE-2020-10029) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10029 CVE-2020-1751 CVE-2020-1752 CVE-2020-10029 glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions CVE-2020-1752 glibc: use-after-free in glob() function when expanding ~user CVE-2020-1751 glibc: array overflow in backtrace functions for powerpc cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The librabbitmq packages provide an Advanced Message Queuing Protocol (AMQP) client library that allows you to communicate with AMQP servers using protocol version 0-9-1. Security Fix(es): * librabbitmq: integer overflow in amqp_handle_input in amqp_connection.c leads to heap-based buffer overflow (CVE-2019-18609) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-18609 CVE-2019-18609 librabbitmq: integer overflow in amqp_handle_input in amqp_connection.c leads to heap-based buffer overflow cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 GNOME is the default desktop environment of AlmaLinux. The following packages have been upgraded to a later upstream version: gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4), webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk (1.6.0). (BZ#1775345, BZ#1779691, BZ#1817143, BZ#1832347, BZ#1837406) Security Fix(es): * webkitgtk: Multiple security issues (CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925, CVE-2020-10018, CVE-2020-11793) * gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391) * LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2020-10018 CVE-2020-11793 CVE-2020-14391 CVE-2020-15503 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 CVE-2020-9952 CVE-2021-30666 CVE-2021-30761 CVE-2021-30762 CVE-2020-10018 webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp CVE-2019-8846 webkitgtk: Use after free issue may lead to remote code execution CVE-2019-8835 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution CVE-2019-8844 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution CVE-2020-11793 webkitgtk: use-after-free via crafted web content CVE-2020-15503 LibRaw: lack of thumbnail size range check can lead to buffer overflow CVE-2020-14391 gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center CVE-2020-3885 webkitgtk: Incorrect processing of file URLs CVE-2020-3894 webkitgtk: Race condition allows reading of restricted memory CVE-2020-3895 webkitgtk: Memory corruption triggered by a malicious web content CVE-2020-3897 webkitgtk: Type confusion leading to arbitrary code execution CVE-2020-3899 webkitgtk: Memory consumption issue leading to arbitrary code execution CVE-2020-3900 webkitgtk: Memory corruption triggered by a malicious web content CVE-2020-3901 webkitgtk: Type confusion leading to arbitrary code execution CVE-2020-3902 webkitgtk: Input validation issue leading to cross-site script attack CVE-2020-3862 webkitgtk: Denial of service via incorrect memory handling CVE-2020-3864 webkitgtk: Non-unique security origin for DOM object contexts CVE-2020-3865 webkitgtk: Incorrect security check for a top-level DOM object context CVE-2020-3867 webkitgtk: Incorrect state management leading to universal cross-site scripting CVE-2020-3868 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8743 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8764 webkitgtk: Incorrect state management leading to universal cross-site scripting CVE-2019-8766 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8782 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8783 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8808 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8811 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8812 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting CVE-2019-8814 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8815 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8816 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8819 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8820 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8823 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8625 webkitgtk: Incorrect state management leading to universal cross-site scripting CVE-2019-8720 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution CVE-2019-8769 webkitgtk: Websites could reveal browsing history CVE-2019-8771 webkitgtk: Violation of iframe sandboxing policy CVE-2020-9862 webkitgtk: Command injection in web inspector CVE-2020-9893 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution CVE-2020-9894 webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution CVE-2020-9895 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution CVE-2020-9915 webkitgtk: Access issue in content security policy CVE-2020-9925 webkitgtk: A logic issue may lead to cross site scripting CVE-2020-9802 webkitgtk: Logic issue may lead to arbitrary code execution CVE-2020-9803 webkitgtk: Memory corruption may lead to arbitrary code execution CVE-2020-9805 webkitgtk: Logic issue may lead to cross site scripting CVE-2020-9806 webkitgtk: Memory corruption may lead to arbitrary code execution CVE-2020-9807 webkitgtk: Memory corruption may lead to arbitrary code execution CVE-2020-9843 webkitgtk: Input validation issue may lead to cross site scripting CVE-2020-9850 webkitgtk: Logic issue may lead to arbitrary code execution CVE-2020-9952 webkitgtk: input validation issue may lead to a cross site scripting CVE-2021-30666 webkitgtk: Buffer overflow leading to arbitrary code execution CVE-2021-30761 webkitgtk: Memory corruption leading to arbitrary code execution CVE-2021-30762 webkitgtk: Use-after-free leading to arbitrary code execution cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Vim (Vi IMproved) is an updated and improved version of the vi editor. Security Fix(es): * vim: users can execute arbitrary OS commands via scripting interfaces in the rvim restricted mode (CVE-2019-20807) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20807 CVE-2019-20807 vim: users can execute arbitrary OS commands via scripting interfaces in the rvim restricted mode cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: xsltCheckRead and xsltCheckWrite routines security bypass by crafted URL (CVE-2019-11068) * libxslt: use after free in xsltCopyText in transform.c could lead to information disclosure (CVE-2019-18197) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-11068 CVE-2019-18197 CVE-2019-11068 libxslt: xsltCheckRead and xsltCheckWrite routines security bypass by crafted URL CVE-2019-18197 libxslt: use after free in xsltCopyText in transform.c could lead to information disclosure cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fix(es): * binutils: denial of service via crafted ELF file (CVE-2019-17450) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-17450 CVE-2019-17450 binutils: denial of service via crafted ELF file cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fix(es): * cups: heap based buffer overflow in libcups's ppdFindOption() in ppd-mark.c (CVE-2020-3898) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-3898 CVE-2020-3898 cups: heap based buffer overflow in libcups's ppdFindOption() in ppd-mark.c cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c (CVE-2019-19956) * libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388) * libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations (CVE-2020-7595) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-19956 CVE-2019-20388 CVE-2020-7595 CVE-2019-19956 libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c CVE-2019-20388 libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c CVE-2020-7595 libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts, and pcmcia configuration files. Security Fix(es): * bluez: Improper access control in subsystem could result in privilege escalation and DoS (CVE-2020-0556) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-0556 CVE-2020-0556 bluez: Improper access control in subsystem could result in privilege escalation and DoS cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. The following packages have been upgraded to a later upstream version: libgcrypt (1.8.5). (BZ#1764918) Security Fix(es): * libgcrypt: ECDSA timing attack allowing private key leak (CVE-2019-13627) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-13627 CVE-2019-13627 libgcrypt: ECDSA timing attack allowing private key leak cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. The following packages have been upgraded to a later upstream version: opensc (0.20.0). (BZ#1810660) Security Fix(es): * opensc: Out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c (CVE-2019-15945) * opensc: Out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c (CVE-2019-15946) * opensc: Improper handling of buffer limits for CAC certificates (CVE-2019-19481) * opensc: Double free in coolkey_free_private_data in libopensc/card-coolkey.c (CVE-2019-20792) * opensc: Incorrect read operation during parsing of a SETCOS file attribute (CVE-2019-19479) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15945 CVE-2019-15946 CVE-2019-19479 CVE-2019-19481 CVE-2019-20792 CVE-2019-15945 opensc: Out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c CVE-2019-15946 opensc: Out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c CVE-2019-19479 opensc: Incorrect read operation during parsing of a SETCOS file attribute CVE-2019-19481 opensc: Improper handling of buffer limits for CAC certificates CVE-2019-20792 opensc: Double free in coolkey_free_private_data in libopensc/card-coolkey.c cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Expat is a C library for parsing XML documents. Security Fix(es): * expat: large number of colons in input makes parser consume high amount of resources, leading to DoS (CVE-2018-20843) * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-20843 CVE-2019-15903 CVE-2018-20843 expat: large number of colons in input makes parser consume high amount of resources, leading to DoS CVE-2019-15903 expat: heap-based buffer over-read via crafted XML input cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. The following packages have been upgraded to a later upstream version: gnupg2 (2.2.20). (BZ#1663944) Security Fix(es): * GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack which leads to persistent DoS (CVE-2019-13050) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-1000858 CVE-2019-13050 CVE-2018-1000858 gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack which leads to persistent DoS cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The cyrus-sasl packages contain the Cyrus implementation of Simple Authentication and Security Layer (SASL). SASL is a method for adding authentication support to connection-based protocols. Security Fix(es): * cyrus-sasl: denial of service in _sasl_add_string function (CVE-2019-19906) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-19906 CVE-2019-19906 cyrus-sasl: denial of service in _sasl_add_string function cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The following packages have been upgraded to a later upstream version: bind (9.11.20). (BZ#1818785) Security Fix(es): * bind: asterisk character in an empty non-terminal can cause an assertion failure in rbtdb.c (CVE-2020-8619) * bind: truncated TSIG response can lead to an assertion failure (CVE-2020-8622) * bind: remotely triggerable assertion failure in pk11.c (CVE-2020-8623) * bind: incorrect enforcement of update-policy rules of type "subdomain" (CVE-2020-8624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-8619 CVE-2020-8622 CVE-2020-8623 CVE-2020-8624 CVE-2020-8619 bind: asterisk character in an empty non-terminal can cause an assertion failure in rbtdb.c CVE-2020-8622 bind: truncated TSIG response can lead to an assertion failure CVE-2020-8623 bind: remotely triggerable assertion failure in pk11.c CVE-2020-8624 bind: incorrect enforcement of update-policy rules of type "subdomain" cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. The following packages have been upgraded to a later upstream version: libsolv (0.7.11). (BZ#1809106) Security Fix(es): * libsolv: out-of-bounds read in repodata_schema2id in repodata.c (CVE-2019-20387) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20387 CVE-2019-20387 libsolv: out-of-bounds read in repodata_schema2id in repodata.c cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. The following packages have been upgraded to a later upstream version: openssl (1.1.1g). (BZ#1817593) Security Fix(es): * openssl: Integer overflow in RSAZ modular exponentiation on x86_64 (CVE-2019-1551) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-1551 CVE-2019-1551 openssl: Integer overflow in RSAZ modular exponentiation on x86_64 cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The pcre2 package contains a new generation of the Perl Compatible Regular Expression libraries for implementing regular expression pattern matching using the same syntax and semantics as Perl. Security Fix(es): * pcre: Out of bounds read in JIT mode when \X is used in non-UTF mode (CVE-2019-20454) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20454 CVE-2019-20454 pcre: Out of bounds read in JIT mode when \X is used in non-UTF mode cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The cryptsetup packages provide a utility for setting up disk encryption using the dm-crypt kernel module. The following packages have been upgraded to a later upstream version: cryptsetup (2.3.3). (BZ#1796826) Security Fix(es): * cryptsetup: Out-of-bounds write when validating segments (CVE-2020-14382) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14382 CVE-2020-14382 cryptsetup: Out-of-bounds write when validating segments cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages have been upgraded to a later upstream version: libssh (0.9.4). (BZ#1804797) Security Fix(es): * libssh: denial of service when handling AES-CTR (or DES) ciphers (CVE-2020-1730) * libssh: unsanitized location in scp could lead to unwanted command execution (CVE-2019-14889) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14889 CVE-2020-1730 CVE-2019-14889 libssh: unsanitized location in scp could lead to unwanted command execution CVE-2020-1730 libssh: denial of service when handling AES-CTR (or DES) ciphers cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The libpcap packages provide a portable framework for low-level network monitoring. The libpcap library provides network statistics collection, security monitoring, and network debugging. The following packages have been upgraded to a later upstream version: libpcap (1.9.1). (BZ#1806422) Security Fix(es): * libpcap: Resource exhaustion during PHB header length validation (CVE-2019-15165) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15165 CVE-2019-15165 libpcap: Resource exhaustion during PHB header length validation cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: memory leak in button_open() in login/logind-button.c when udev events are received (CVE-2019-20386) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20386 CVE-2019-20386 systemd: memory leak in button_open() in login/logind-button.c when udev events are received cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb (2.1.3). (BZ#1817567) Security Fix(es): * samba: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results (CVE-2020-10730) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10730 CVE-2020-10730 samba: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: Incorrect argument check can allow remote servers to overwrite local files (CVE-2020-8177) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-8177 CVE-2020-8177 curl: Incorrect argument check can allow remote servers to overwrite local files cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability (HA) environment. Security Fix(es): * python-httplib2: CRLF injection via an attacker controlled unescaped part of uri for httplib2.Http.request function (CVE-2020-11078) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-11078 CVE-2020-11078 python-httplib2: CRLF injection via an attacker controlled unescaped part of uri for httplib2.Http.request function cpe:/a:almalinux:almalinux:8::highavailability cpe:/a:almalinux:almalinux:8::resilientstorage AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: use after free due to race condition in the video driver leads to local privilege escalation (CVE-2019-9458) * kernel: use-after-free in drivers/bluetooth/hci_ldisc.c (CVE-2019-15917) * kernel: out-of-bounds access in function hclge_tm_schd_mode_vnet_base_cfg (CVE-2019-15925) * kernel: memory leak in ccp_run_sha_cmd() (CVE-2019-18808) * kernel: Denial Of Service in the __ipmi_bmc_register() (CVE-2019-19046) * kernel: out-of-bounds write in ext4_xattr_set_entry in fs/ext4/xattr.c (CVE-2019-19319) * Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid (CVE-2019-19332) * kernel: use-after-free in ext4_put_super (CVE-2019-19447) * kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free (CVE-2019-19524) * kernel: race condition caused by a malicious USB device in the USB character device driver layer (CVE-2019-19537) * kernel: use-after-free in serial_ir_init_module() (CVE-2019-19543) * kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry (CVE-2019-19767) * kernel: use-after-free in debugfs_remove (CVE-2019-19770) * kernel: out-of-bounds write via crafted keycode table (CVE-2019-20636) * kernel: possible use-after-free due to a race condition in cdev_get of char_dev.c (CVE-2020-0305) * kernel: out-of-bounds read in in vc_do_resize (CVE-2020-8647) * kernel: use-after-free in n_tty_receive_buf_common (CVE-2020-8648) * kernel: invalid read location in vgacon_invert_region (CVE-2020-8649) * kernel: uninitialized kernel data leak in userspace coredumps (CVE-2020-10732) * kernel: SELinux netlink permission check bypass (CVE-2020-10751) * kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c (CVE-2020-11565) * kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c (CVE-2020-11668) * kernel: out-of-bounds write in xdp_umem_reg (CVE-2020-12659) * kernel: sg_write function lacks an sg_remove_request call in a certain failure case (CVE-2020-12770) * kernel: possible to send arbitrary signals to a privileged (suidroot) parent process (CVE-2020-12826) * kernel: referencing inode of removed superblock in get_futex_key() causes UAF (CVE-2020-14381) * kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in DoS (CVE-2020-25641) * kernel: kernel pointer leak due to WARN_ON statement in video driver leads to local information disclosure (CVE-2019-9455) * kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c (CVE-2019-16231) * kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c (CVE-2019-16233) * kernel: memory leak in af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c (CVE-2019-18809) * kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() (CVE-2019-19056) * kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS (CVE-2019-19062) * kernel: Two memory leaks in the rtl_usb_probe() (CVE-2019-19063) * kernel: A memory leak in the rtl8xxxu_submit_int_urb() (CVE-2019-19068) * kernel: A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c allows for a DoS (CVE-2019-19072) * kernel: information leak bug caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c (CVE-2019-19533) * kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c (CVE-2019-20054) * kernel: possibility of memory disclosure when reading the file /proc/sys/kernel/rh_features (CVE-2020-10774) * kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field (CVE-2020-10942) * kernel: sync of excessive duration via an XFS v5 image with crafted metadata (CVE-2020-12655) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15917 CVE-2019-15925 CVE-2019-16231 CVE-2019-16233 CVE-2019-18808 CVE-2019-18809 CVE-2019-19046 CVE-2019-19056 CVE-2019-19062 CVE-2019-19063 CVE-2019-19068 CVE-2019-19072 CVE-2019-19319 CVE-2019-19332 CVE-2019-19447 CVE-2019-19524 CVE-2019-19533 CVE-2019-19537 CVE-2019-19543 CVE-2019-19767 CVE-2019-19770 CVE-2019-20054 CVE-2019-20636 CVE-2019-9455 CVE-2019-9458 CVE-2020-0305 CVE-2020-10732 CVE-2020-10751 CVE-2020-10774 CVE-2020-10942 CVE-2020-11565 CVE-2020-11668 CVE-2020-12655 CVE-2020-12659 CVE-2020-12770 CVE-2020-12826 CVE-2020-14381 CVE-2020-25641 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2021-3715 CVE-2019-15925 kernel: out-of-bounds access in function hclge_tm_schd_mode_vnet_base_cfg CVE-2019-15917 kernel: use-after-free in drivers/bluetooth/hci_ldisc.c CVE-2019-16231 kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c CVE-2019-16233 kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c CVE-2019-19072 kernel: A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c allows for a DoS CVE-2019-19068 kernel: A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c allows for a DoS CVE-2019-19046 kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c CVE-2019-19063 kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS CVE-2019-19062 kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS CVE-2019-19056 kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows to cause DoS CVE-2019-18808 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c CVE-2019-18809 kernel: memory leak in af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c CVE-2019-19332 Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid CVE-2019-19447 kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c CVE-2019-19543 kernel: use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c CVE-2019-19524 kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free CVE-2019-19533 kernel: information leak bug caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c CVE-2019-19537 kernel: race condition caused by a malicious USB device in the USB character device driver layer CVE-2019-19319 kernel: out-of-bounds write in ext4_xattr_set_entry in fs/ext4/xattr.c CVE-2019-19767 kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c CVE-2019-19770 kernel: use-after-free in debugfs_remove in fs/debugfs/inode.c CVE-2019-20054 kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c CVE-2020-8649 kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c CVE-2020-8648 kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c CVE-2020-8647 kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c CVE-2020-10942 kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field CVE-2019-9458 kernel: use after free due to race condition in the video driver leads to local privilege escalation CVE-2019-9455 kernel: kernel pointer leak due to WARN_ON statement in video driver leads to local information disclosure CVE-2020-12826 kernel: possible to send arbitrary signals to a privileged (suidroot) parent process CVE-2019-20636 kernel: out-of-bounds write via crafted keycode table CVE-2020-11668 kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c CVE-2020-11565 kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c CVE-2020-10732 kernel: uninitialized kernel data leak in userspace coredumps CVE-2020-12655 kernel: sync of excessive duration via an XFS v5 image with crafted metadata CVE-2020-12659 kernel: xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write which could result in crash and data coruption CVE-2020-12770 kernel: sg_write function lacks an sg_remove_request call in a certain failure case CVE-2020-10751 kernel: SELinux netlink permission check bypass CVE-2020-10774 kernel: possibility of memory disclosure when reading the file /proc/sys/kernel/rh_features CVE-2020-0305 kernel: possible use-after-free due to a race condition in cdev_get of char_dev.c CVE-2020-14381 kernel: referencing inode of removed superblock in get_futex_key() causes UAF CVE-2020-25641 kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in DoS CVE-2021-3715 kernel: use-after-free in route4_change() in net/sched/cls_route.c AlmaLinux 8 FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fix(es): * frr: default permission issue eases information leaks (CVE-2020-12831) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12831 CVE-2020-12831 frr: default permission issue eases information leaks cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The SpamAssassin tool provides a way to reduce unsolicited commercial email (spam) from incoming email. Security Fix(es): * spamassassin: crafted configuration files can run system commands without any output or errors (CVE-2018-11805) * spamassassin: crafted email message can lead to DoS (CVE-2019-12420) * spamassassin: command injection via crafted configuration file (CVE-2020-1930) * spamassassin: command injection via crafted configuration file (CVE-2020-1931) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-11805 CVE-2019-12420 CVE-2020-1930 CVE-2020-1931 CVE-2018-11805 spamassassin: crafted configuration files can run system commands without any output or errors CVE-2019-12420 spamassassin: crafted email message can lead to DoS CVE-2020-1931 spamassassin: command injection via crafted configuration file CVE-2020-1930 spamassassin: command injection via crafted configuration file cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Security Fix(es): * SDL: buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c (CVE-2019-7572) * SDL: heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c (CVE-2019-7575) * SDL: heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c (CVE-2019-7636) * SDL: heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c (CVE-2019-7637) * SDL: heap-based buffer over-read in Map1toN in video/SDL_pixels.c (CVE-2019-7638) * SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (CVE-2019-7573) * SDL: heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c (CVE-2019-7574) * SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (CVE-2019-7576) * SDL: buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c (CVE-2019-7577) * SDL: heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c (CVE-2019-7578) * SDL: heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c (CVE-2019-7635) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638 CVE-2019-7577 SDL: buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c CVE-2019-7575 SDL: heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c CVE-2019-7574 SDL: heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c CVE-2019-7573 SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c CVE-2019-7572 SDL: buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c CVE-2019-7576 SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c CVE-2019-7578 SDL: heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c CVE-2019-7638 SDL: heap-based buffer over-read in Map1toN in video/SDL_pixels.c CVE-2019-7637 SDL: heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c CVE-2019-7636 SDL: heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c CVE-2019-7635 SDL: heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. The following packages have been upgraded to a later upstream version: libreoffice (6.3.6.2), libcmis (0.5.2), liborcus (0.14.1). (BZ#1796893) Security Fix(es): * libreoffice: 'stealth mode' remote resource restrictions bypass (CVE-2020-12802) * libreoffice: forms allowed to be submitted to any URI could result in local file overwrite (CVE-2020-12803) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12802 CVE-2020-12803 CVE-2020-12803 libreoffice: forms allowed to be submitted to any URI could result in local file overwrite CVE-2020-12802 libreoffice: 'stealth mode' remote resource restrictions bypass cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fix(es): * libvpx: Double free in ParseContentEncodingEntry() in mkvparser.cc (CVE-2019-2126) * libvpx: Out of bounds read in vp8_norm table (CVE-2019-9232) * libvpx: Resource exhaustion after memory leak in mkvparser.cc (CVE-2019-9371) * libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c (CVE-2019-9433) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-2126 CVE-2019-9232 CVE-2019-9371 CVE-2019-9433 CVE-2019-9232 libvpx: Out of bounds read in vp8_norm table CVE-2019-9433 libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c CVE-2019-9371 libvpx: Resource exhaustion after memory leak in mkvparser.cc CVE-2019-2126 libvpx: Double free in ParseContentEncodingEntry() in mkvparser.cc cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c (CVE-2019-17546) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-17546 CVE-2019-17546 libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The sysstat packages provide the sar and iostat commands. These commands enable system monitoring of disk, network, and other I/O activity. Security Fix(es): * sysstat: memory corruption due to an integer overflow in remap_struct in sa_common.c (CVE-2019-16167) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-16167 CVE-2019-16167 sysstat: memory corruption due to an integer overflow in remap_struct in sa_common.c cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following packages have been upgraded to a later upstream version: python38 (3.8.3). (BZ#1847416) Security Fix(es): * PyYAML: command execution through python/object/apply constructor in FullLoader (CVE-2019-20477) * python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907) * PyYAML: arbitrary command execution through python/object/new when FullLoader is used (CVE-2020-1747) * python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS (CVE-2020-8492) * python: DoS via inefficiency in IPv{4,6}Interface classes (CVE-2020-14422) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20477 CVE-2019-20907 CVE-2020-14422 CVE-2020-1747 CVE-2020-8492 CVE-2019-20477 PyYAML: command execution through python/object/apply constructor in FullLoader CVE-2020-1747 PyYAML: arbitrary command execution through python/object/new when FullLoader is used CVE-2020-8492 python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS CVE-2020-14422 python: DoS via inefficiency in IPv{4,6}Interface classes CVE-2019-20907 python: infinite loop in the tarfile module via crafted TAR archive cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): * poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc (CVE-2019-14494) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14494 CVE-2019-14494 poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. The vinagre packages provide the Vinagre remote desktop viewer for the GNOME desktop. The following packages have been upgraded to a later upstream version: freerdp (2.1.1). (BZ#1834287) Security Fix(es): * freerdp: Out of bound read in cliprdr_server_receive_capabilities (CVE-2020-11018) * freerdp: Out of bound read/write in usb redirection channel (CVE-2020-11039) * freerdp: out-of-bounds read in update_read_icon_info function (CVE-2020-11042) * freerdp: out-of-bounds read in autodetect_recv_bandwidth_measure_results function (CVE-2020-11047) * freerdp: Out-of-bounds read in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. (CVE-2020-13396) * freerdp: Out-of-bounds read in security_fips_decrypt in libfreerdp/core/security.c (CVE-2020-13397) * freerdp: Out of bound read in update_recv could result in a crash (CVE-2020-11019) * freerdp: Integer overflow in VIDEO channel (CVE-2020-11038) * freerdp: Out of bound access in clear_decompress_subcode_rlex (CVE-2020-11040) * freerdp: Unchecked read of array offset in rdpsnd_recv_wave2_pdu (CVE-2020-11041) * freerdp: out of bound read in rfx_process_message_tileset (CVE-2020-11043) * freerdp: double free in update_read_cache_bitmap_v3_order function (CVE-2020-11044) * freerdp: out of bounds read in update_read_bitmap_data function (CVE-2020-11045) * freerdp: out of bounds seek in update_read_synchronize function could lead out of bounds read (CVE-2020-11046) * freerdp: out-of-bounds read could result in aborting the session (CVE-2020-11048) * freerdp: out-of-bound read of client memory that is then passed on to the protocol parser (CVE-2020-11049) * freerdp: stream out-of-bounds seek in rdp_read_font_capability_set could lead to out-of-bounds read (CVE-2020-11058) * freerdp: out-of-bounds read in cliprdr_read_format_list function (CVE-2020-11085) * freerdp: out-of-bounds read in ntlm_read_ntlm_v2_client_challenge function (CVE-2020-11086) * freerdp: out-of-bounds read in ntlm_read_AuthenticateMessage (CVE-2020-11087) * freerdp: out-of-bounds read in ntlm_read_NegotiateMessage (CVE-2020-11088) * freerdp: out-of-bounds read in irp functions (CVE-2020-11089) * freerdp: out-of-bounds read in gdi.c (CVE-2020-11522) * freerdp: out-of-bounds read in bitmap.c (CVE-2020-11525) * freerdp: Stream pointer out of bounds in update_recv_secondary_order could lead out of bounds read later (CVE-2020-11526) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-11018 CVE-2020-11019 CVE-2020-11038 CVE-2020-11039 CVE-2020-11040 CVE-2020-11041 CVE-2020-11042 CVE-2020-11043 CVE-2020-11044 CVE-2020-11045 CVE-2020-11046 CVE-2020-11047 CVE-2020-11048 CVE-2020-11049 CVE-2020-11058 CVE-2020-11085 CVE-2020-11086 CVE-2020-11087 CVE-2020-11088 CVE-2020-11089 CVE-2020-11522 CVE-2020-11525 CVE-2020-11526 CVE-2020-13396 CVE-2020-13397 CVE-2020-11042 freerdp: out-of-bounds read in update_read_icon_info function CVE-2020-11044 freerdp: double free in update_read_cache_bitmap_v3_order function CVE-2020-11045 freerdp: out of bounds read in update_read_bitmap_data function CVE-2020-11046 freerdp: out of bounds seek in update_read_synchronize function could lead out of bounds read CVE-2020-11047 freerdp: out-of-bounds read in autodetect_recv_bandwidth_measure_results function CVE-2020-11048 freerdp: out-of-bounds read could result in aborting the session CVE-2020-11049 freerdp: out-of-bound read of client memory that is then passed on to the protocol parser CVE-2020-11058 freerdp: stream out-of-bounds seek in rdp_read_font_capability_set could lead to out-of-bounds read CVE-2020-11522 freerdp: out-of-bounds read in gdi.c CVE-2020-11525 freerdp: out-of-bounds read in bitmap.c CVE-2020-11526 freerdp: Stream pointer out of bounds in update_recv_secondary_order could lead out of bounds read later CVE-2020-13396 freerdp: Out-of-bounds read in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. CVE-2020-13397 freerdp: Out-of-bounds read in security_fips_decrypt in libfreerdp/core/security.c CVE-2020-11085 freerdp: out-of-bounds read in cliprdr_read_format_list function CVE-2020-11086 freerdp: out-of-bounds read in ntlm_read_ntlm_v2_client_challenge function CVE-2020-11087 freerdp: out-of-bounds read in ntlm_read_AuthenticateMessage CVE-2020-11088 freerdp: out-of-bounds read in ntlm_read_NegotiateMessage CVE-2020-11089 freerdp: out-of-bounds read in irp functions CVE-2020-11018 freerdp: Out of bound read in cliprdr_server_receive_capabilities CVE-2020-11019 freerdp: Out of bound read in update_recv could result in a crash CVE-2020-11038 freerdp: Integer overflow in VIDEO channel CVE-2020-11039 freerdp: Out of bound read/write in usb redirection channel CVE-2020-11040 freerdp: Out of bound access in clear_decompress_subcode_rlex CVE-2020-11041 freerdp: Unchecked read of array offset in rdpsnd_recv_wave2_pdu CVE-2020-11043 freerdp: out of bound read in rfx_process_message_tileset cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was originally developed as a back end for the Evolution information management application, but is now used by various other applications. OpenChange provides libraries to access Microsoft Exchange servers using native protocols. Security Fix(es): * evolution-data-server: Response injection via STARTTLS in SMTP and POP3 (CVE-2020-14928) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Low Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14928 CVE-2020-14928 evolution-data-server: Response injection via STARTTLS in SMTP and POP3 cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Security Fix(es): * cloud-init: Use of random.choice when generating random password (CVE-2020-8631) * cloud-init: Too short random password length in cc_set_password in config/cc_set_passwords.py (CVE-2020-8632) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-8631 CVE-2020-8632 CVE-2020-8632 cloud-init: Too short random password length in cc_set_password in config/cc_set_passwords.py CVE-2020-8631 cloud-init: Use of random.choice when generating random password cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. Security Fix(es): * python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907) * python-pip: directory traversal in _download_http_url() function in src/pip/_internal/download.py (CVE-2019-20916) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20907 CVE-2019-20916 CVE-2019-20907 python: infinite loop in the tarfile module via crafted TAR archive CVE-2019-20916 python-pip: directory traversal in _download_http_url() function in src/pip/_internal/download.py cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fix(es): * cyrus-imapd: privilege escalation in HTTP request (CVE-2019-18928) * cyrus-imapd: lmtpd component created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks (CVE-2019-19783) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-18928 CVE-2019-19783 CVE-2019-18928 cyrus-imapd: privilege escalation in HTTP request CVE-2019-19783 cyrus-imapd: lmtpd component created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 GD is an open source code library for the dynamic creation of images by programmers. GD creates PNG, JPEG, GIF, WebP, XPM, BMP images, among other formats. Security Fix(es): * gd: Heap-based buffer overflow in gdImageColorMatch() in gd_color_match.c (CVE-2019-6977) * gd: NULL pointer dereference in gdImageClone (CVE-2018-14553) * gd: Double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c (CVE-2019-6978) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-14553 CVE-2019-6977 CVE-2019-6978 CVE-2018-14553 gd: NULL pointer dereference in gdImageClone CVE-2019-6978 gd: Double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c CVE-2019-6977 gd: Heap-based buffer overflow in gdImageColorMatch() in gd_color_match.c cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mailman is a program used to help manage e-mail discussion lists. Security Fix(es): * mailman: XSS via file attachments in list archives (CVE-2020-12137) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12137 CVE-2020-12137 mailman: XSS via file attachments in list archives cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 AlmaLinux Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. The following packages have been upgraded to a later upstream version: ipa (4.8.7), softhsm (2.6.0), opendnssec (2.1.6). (BZ#1759888, BZ#1818765, BZ#1818877) Security Fix(es): * js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251) * bootstrap: XSS in the data-target attribute (CVE-2016-10735) * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040) * bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042) * bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676) * bootstrap: XSS in the affix configuration target property (CVE-2018-20677) * bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331) * js-jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358) * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) * ipa: No password length restriction leads to denial of service (CVE-2020-1722) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2015-9251 CVE-2016-10735 CVE-2018-14040 CVE-2018-14042 CVE-2018-20676 CVE-2018-20677 CVE-2019-11358 CVE-2019-8331 CVE-2020-11022 CVE-2020-1722 CVE-2015-9251 jquery: Cross-site scripting via cross-domain ajax requests CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip CVE-2018-20676 bootstrap: XSS in the tooltip data-viewport attribute CVE-2018-20677 bootstrap: XSS in the affix configuration target property CVE-2016-10735 bootstrap: XSS in the data-target attribute CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection CVE-2020-1722 ipa: No password length restriction leads to denial of service CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. The following packages have been upgraded to a later upstream version: hivex (1.3.18), libguestfs (1.40.2), libguestfs-winsupport (8.2), libvirt (6.0.0), libvirt-dbus (1.3.0), libvirt-python (6.0.0), nbdkit (1.16.2), perl-Sys-Virt (6.0.0), qemu-kvm (4.2.0), seabios (1.13.0), SLOF (20191022). (BZ#1810193, BZ#1844296) Security Fix(es): * libvirt: leak of /dev/mapper/control into QEMU guests (CVE-2020-14339) * QEMU: Slirp: use-after-free during packet reassembly (CVE-2019-15890) * libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent (CVE-2019-20485) * QEMU: slirp: use-after-free in ip_reass() function in ip_input.c (CVE-2020-1983) * libvirt: Potential denial of service via active pool without target path (CVE-2020-10703) * libvirt: leak of sensitive cookie information via dumpxml (CVE-2020-14301) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15890 CVE-2019-20485 CVE-2020-10703 CVE-2020-14301 CVE-2020-14339 CVE-2020-1983 CVE-2019-15890 QEMU: Slirp: use-after-free during packet reassembly CVE-2019-20485 libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent CVE-2020-10703 libvirt: Potential denial of service via active pool without target path CVE-2020-1983 QEMU: slirp: use-after-free in ip_reass() function in ip_input.c CVE-2020-14301 libvirt: leak of sensitive cookie information via dumpxml CVE-2020-14339 libvirt: leak of /dev/mapper/control into QEMU guests cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. The following packages have been upgraded to a later upstream version: grafana (6.7.4). (BZ#1807323) Security Fix(es): * grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen (CVE-2018-18624) * grafana: arbitrary file read via MySQL data source (CVE-2019-19499) * grafana: stored XSS (CVE-2020-11110) * grafana: XSS annotation popup vulnerability (CVE-2020-12052) * grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245) * grafana: information disclosure through world-readable /var/lib/grafana/grafana.db (CVE-2020-12458) * grafana: information disclosure through world-readable grafana configuration files (CVE-2020-12459) * grafana: XSS via the OpenTSDB datasource (CVE-2020-13430) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-18624 CVE-2019-19499 CVE-2020-11110 CVE-2020-12052 CVE-2020-12245 CVE-2020-12458 CVE-2020-12459 CVE-2020-13430 CVE-2020-12458 grafana: information disclosure through world-readable /var/lib/grafana/grafana.db CVE-2020-12459 grafana: information disclosure through world-readable grafana configuration files CVE-2020-12052 grafana: XSS annotation popup vulnerability CVE-2020-13430 grafana: XSS via the OpenTSDB datasource CVE-2020-12245 grafana: XSS via column.title or cellLinkTooltip CVE-2018-18624 grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen CVE-2020-11110 grafana: stored XSS CVE-2019-19499 grafana: arbitrary file read via MySQL data source cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net: bluetooth: heap buffer overflow when processing extended advertising report events (CVE-2020-24490) * kernel: Red Hat only CVE-2020-12351 regression (CVE-2020-25661) * kernel: Red Hat only CVE-2020-12352 regression (CVE-2020-25662) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-24490 CVE-2020-25661 CVE-2020-25662 CVE-2020-24490 kernel: net: bluetooth: heap buffer overflow when processing extended advertising report events CVE-2020-25661 kernel: Red Hat only CVE-2020-12351 regression CVE-2020-25662 kernel: Red Hat only CVE-2020-12352 regression cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: net: bluetooth: heap buffer overflow when processing extended advertising report events (CVE-2020-24490) * kernel: Red Hat only CVE-2020-12351 regression (CVE-2020-25661) * kernel: Red Hat only CVE-2020-12352 regression (CVE-2020-25662) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-24490 CVE-2020-25661 CVE-2020-25662 CVE-2020-24490 kernel: net: bluetooth: heap buffer overflow when processing extended advertising report events CVE-2020-25661 kernel: Red Hat only CVE-2020-12351 regression CVE-2020-25662 kernel: Red Hat only CVE-2020-12352 regression AlmaLinux 8 The oddjob packages contain a D-Bus service which performs particular tasks for clients which connect to it and issue requests using the system-wide message bus. The following packages have been upgraded to a later upstream version: oddjob (0.34.5). (BZ#1833289) Security Fix(es): * oddjob: race condition in oddjob_selinux_mkdir function in mkhomedir.c can lead to symlink attack (CVE-2020-10737) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10737 CVE-2020-10737 oddjob: race condition in oddjob_selinux_mkdir function in mkhomedir.c can lead to symlink attack cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Openwsman is a project intended to provide an open source implementation of the Web Services Management specification (WS-Management) and to expose system management information on the Linux operating system using the WS-Management protocol. WS-Management is based on a suite of web services specifications and usage requirements that cover all system management aspects. Security Fix(es): * openwsman: Infinite loop in process_connection() allows denial of service (CVE-2019-3833) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-3833 CVE-2019-3833 openwsman: Infinite loop in process_connection() allows denial of service cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fix(es): * qt: XML entity expansion vulnerability (CVE-2015-9541) * qt5-qtwebsockets: websocket implementation allows only limited size for frames and messages therefore attacker can cause DOS (CVE-2018-21035) * qt: files placed by attacker can influence the working directory and lead to malicious code execution (CVE-2020-0569) * qt: files placed by attacker can influence the working directory and lead to malicious code execution (CVE-2020-0570) * qt5: incorrectly calls SSL_shutdown() in OpenSSL mid-handshake causing denial of service in TLS applications (CVE-2020-13962) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2015-9541 CVE-2018-21035 CVE-2020-0569 CVE-2020-0570 CVE-2020-13962 CVE-2020-0569 qt: files placed by attacker can influence the working directory and lead to malicious code execution CVE-2020-0570 qt: files placed by attacker can influence the working directory and lead to malicious code execution CVE-2015-9541 qt: XML entity expansion vulnerability CVE-2018-21035 qt5-qtwebsockets: websocket implementation allows only limited size for frames and messages therefore attacker can cause DOS CVE-2020-13962 qt5: incorrectly calls SSL_shutdown() in OpenSSL mid-handshake causing denial of service in TLS applications cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749) * QEMU: slirp: networking out-of-bounds read information disclosure vulnerability (CVE-2020-10756) * golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10749 CVE-2020-10756 CVE-2020-14040 CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters CVE-2020-10756 QEMU: slirp: networking out-of-bounds read information disclosure vulnerability CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The targetcli package contains an administration shell for configuring Internet Small Computer System Interface (iSCSI), Fibre Channel over Ethernet (FCoE), and other SCSI targets, using the Target Core Mod/Linux-IO (TCM/LIO) kernel target subsystem. FCoE users also need to install and use the fcoe-utils package. The following packages have been upgraded to a later upstream version: targetcli (2.1.53). (BZ#1845167) Security Fix(es): * targetcli: weak permissions for /etc/target and backup files (CVE-2020-13867) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-13867 CVE-2020-13867 targetcli: weak permissions for /etc/target and backup files cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The librsvg2 packages provide a Scalable Vector Graphics (SVG) library based on the libart library. Security Fix(es): * librsvg: Resource exhaustion via crafted SVG file with nested patterns (CVE-2019-20446) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20446 CVE-2019-20446 librsvg: Resource exhaustion via crafted SVG file with nested patterns cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fix(es): * subversion: remotely triggerable DoS vulnerability in svnserve 'get-deleted-rev' (CVE-2018-11782) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-11782 CVE-2018-11782 subversion: remotely triggerable DoS vulnerability in svnserve 'get-deleted-rev' cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid (4.11). (BZ#1829467) Security Fix(es): * squid: Improper input validation in request allows for proxy manipulation (CVE-2019-12520) * squid: Off-by-one error in addStackElement allows for heap buffer overflow and crash (CVE-2019-12521) * squid: Improper input validation in URI processor (CVE-2019-12523) * squid: Improper access restriction in url_regex may lead to security bypass (CVE-2019-12524) * squid: Heap overflow issue in URN processing (CVE-2019-12526) * squid: Information Disclosure issue in FTP Gateway (CVE-2019-12528) * squid: Out of bounds read in Proxy-Authorization header causes DoS (CVE-2019-12529) * squid: Denial of service in cachemgr.cgi (CVE-2019-12854) * squid: Buffer overflow in URI processor (CVE-2019-18676) * squid: Cross-Site Request Forgery issue in HTTP Request processing (CVE-2019-18677) * squid: HTTP Request Splitting issue in HTTP message processing (CVE-2019-18678) * squid: Information Disclosure issue in HTTP Digest Authentication (CVE-2019-18679) * squid: Mishandled HTML in the host parameter to cachemgr.cgi results in insecure behaviour (CVE-2019-18860) * squid: Improper input validation issues in HTTP Request processing (CVE-2020-8449) * squid: Buffer overflow in reverse-proxy configurations (CVE-2020-8450) * squid: DoS in TLS handshake (CVE-2020-14058) * squid: Request smuggling and poisoning attack against the HTTP cache (CVE-2020-15049) * squid: Improper input validation could result in a DoS (CVE-2020-24606) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-12520 CVE-2019-12521 CVE-2019-12523 CVE-2019-12524 CVE-2019-12526 CVE-2019-12528 CVE-2019-12529 CVE-2019-12854 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2019-18860 CVE-2020-14058 CVE-2020-15049 CVE-2020-24606 CVE-2020-8449 CVE-2020-8450 CVE-2019-12854 squid: Denial of service in cachemgr.cgi CVE-2019-12529 squid: Out of bounds read in Proxy-Authorization header causes DoS CVE-2019-18678 squid: HTTP Request Splitting issue in HTTP message processing CVE-2019-12526 squid: Heap overflow issue in URN processing CVE-2019-18679 squid: Information Disclosure issue in HTTP Digest Authentication CVE-2019-18677 squid: Cross-Site Request Forgery issue in HTTP Request processing CVE-2019-12523 squid: Improper input validation in URI processor CVE-2019-18676 squid: Buffer overflow in URI processor CVE-2019-12528 squid: Information Disclosure issue in FTP Gateway CVE-2020-8449 squid: Improper input validation issues in HTTP Request processing CVE-2020-8450 squid: Buffer overflow in reverse-proxy configurations CVE-2019-18860 squid: Mishandled HTML in the host parameter to cachemgr.cgi results in insecure behaviour CVE-2019-12520 squid: Improper input validation in request allows for proxy manipulation CVE-2019-12521 squid: Off-by-one error in addStackElement allows for heap buffer overflow and crash CVE-2019-12524 squid: Improper access restriction in url_regex may lead to security bypass CVE-2020-15049 squid: Request smuggling and poisoning attack against the HTTP cache CVE-2020-14058 squid: DoS in TLS handshake CVE-2020-24606 squid: Improper input validation could result in a DoS cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: mod_http2 (1.15.7). (BZ#1814236) Security Fix(es): * httpd: memory corruption on early pushes (CVE-2019-10081) * httpd: read-after-free in h2 connection shutdown (CVE-2019-10082) * httpd: null-pointer dereference in mod_remoteip (CVE-2019-10097) * httpd: mod_rewrite configurations vulnerable to open redirect (CVE-2020-1927) * httpd: mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189) * httpd: mod_http2: read-after-free on a string compare (CVE-2019-0196) * httpd: mod_http2: possible crash on late upgrade (CVE-2019-0197) * httpd: limited cross-site scripting in mod_proxy error page (CVE-2019-10092) * httpd: mod_rewrite potential open redirect (CVE-2019-10098) * httpd: mod_proxy_ftp use of uninitialized value (CVE-2020-1934) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-17189 CVE-2019-0196 CVE-2019-0197 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2020-1927 CVE-2020-1934 CVE-2018-17189 httpd: mod_http2: DoS via slow, unneeded request bodies CVE-2019-0196 httpd: mod_http2: read-after-free on a string compare CVE-2019-0197 httpd: mod_http2: possible crash on late upgrade CVE-2019-10092 httpd: limited cross-site scripting in mod_proxy error page CVE-2019-10098 httpd: mod_rewrite potential open redirect CVE-2019-10081 httpd: memory corruption on early pushes CVE-2019-10082 httpd: read-after-free in h2 connection shutdown CVE-2019-10097 httpd: null-pointer dereference in mod_remoteip CVE-2020-1927 httpd: mod_rewrite configurations vulnerable to open redirect CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. The following packages have been upgraded to a later upstream version: varnish (6.0.6). (BZ#1795673) Security Fix(es): * varnish: denial of service handling certain crafted HTTP/1 requests (CVE-2019-15892) * varnish: remote clients may cause Varnish to assert and restart which could result in DoS (CVE-2020-11653) * varnish: not clearing pointer between two client requests leads to information disclosure (CVE-2019-20637) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-15892 CVE-2019-20637 CVE-2020-11653 CVE-2019-15892 varnish: denial of service handling certain crafted HTTP/1 requests CVE-2019-20637 varnish: not clearing pointer between two client requests leads to information disclosure CVE-2020-11653 varnish: remote clients may cause Varnish to assert and restart which could result in DoS cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. The following packages have been upgraded to a later upstream version: tcpdump (4.9.3). (BZ#1804063) Security Fix(es): * tcpdump: SMB data printing mishandled (CVE-2018-10103) * tcpdump: SMB data printing mishandled (CVE-2018-10105) * tcpdump: Out of bounds read/write in get_next_file() in tcpdump.c (CVE-2018-14879) * tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c (CVE-2018-14461) * tcpdump: Buffer over-read in icmp_print() function in print-icmp.c (CVE-2018-14462) * tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c (CVE-2018-14463) * tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c (CVE-2018-14464) * tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c (CVE-2018-14465) * tcpdump: Buffer over-read in print-icmp6.c (CVE-2018-14466) * tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c (CVE-2018-14467) * tcpdump: Buffer over-read in mfr_print() function in print-fr.c (CVE-2018-14468) * tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c (CVE-2018-14469) * tcpdump: Buffer over-read in babel_print_v2() in print-babel.c (CVE-2018-14470) * tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c (CVE-2018-14880) * tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c (CVE-2018-14881) * tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c (CVE-2018-14882) * tcpdump: Buffer over-read in print-802_11.c (CVE-2018-16227) * tcpdump: Access to uninitialized buffer in print_prefix() function in print-hncp.c (CVE-2018-16228) * tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c (CVE-2018-16229) * tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c (CVE-2018-16230) * tcpdump: Resource exhaustion in bgp_attr_print() function in print-bgp.c (CVE-2018-16300) * tcpdump: Buffer over-read in print_trans() function in print-smb.c (CVE-2018-16451) * tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c (CVE-2018-16452) * tcpdump: Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c (CVE-2019-15166) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16451 CVE-2018-16452 CVE-2019-15166 CVE-2018-14882 tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c CVE-2018-16300 tcpdump: Resource exhaustion in bgp_attr_print() function in print-bgp.c CVE-2018-14469 tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c CVE-2018-14465 tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c CVE-2018-14463 tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c CVE-2018-14462 tcpdump: Buffer over-read in icmp_print() function in print-icmp.c CVE-2018-14879 tcpdump: Out of bounds read/write in in get_next_file() in tcpdump.c CVE-2018-16229 tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c CVE-2018-16227 tcpdump: Buffer over-read in print-802_11.c CVE-2018-14881 tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c CVE-2018-14468 tcpdump: Buffer over-read in mfr_print() function in print-fr.c CVE-2018-14880 tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c CVE-2018-10103 tcpdump: SMB data printing mishandled CVE-2018-10105 tcpdump: SMB data printing mishandled CVE-2018-14461 tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c CVE-2018-14464 tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c CVE-2018-14466 tcpdump: Buffer over-read in print-icmp6.c CVE-2018-14467 tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c CVE-2018-14470 tcpdump: Buffer over-read in babel_print_v2() in print-babel.c CVE-2018-16228 tcpdump: Access to uninitialized buffer in print_prefix() function in print-hncp.c CVE-2018-16230 tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c CVE-2018-16451 tcpdump: Buffer over-read in print_trans() function in print-smb.c CVE-2018-16452 tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c CVE-2019-15166 tcpdump: Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: command followed by sufficient number of newlines leads to use-after-free (CVE-2020-10958) * dovecot: sending mail with empty quoted localpart leads to DoS (CVE-2020-10967) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10958 CVE-2020-10967 CVE-2020-10958 dovecot: command followed by sufficient number of newlines leads to use-after-free CVE-2020-10967 dovecot: sending mail with empty quoted localpart leads to DoS cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The libexif packages provide a library for extracting extra information from image files. The following packages have been upgraded to a later upstream version: libexif (0.6.22). (BZ#1841320) Security Fix(es): * libexif: out of bounds write in exif-data.c (CVE-2019-9278) * libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c (CVE-2020-0093) * libexif: integer overflow in exif_data_load_data_thumbnail function in exif-data.c (CVE-2020-0181) * libexif: integer overflow in exif_data_load_data_content function in exif-data.c (CVE-2020-0198) * libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and use-after-free (CVE-2020-13113) * libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time (CVE-2020-13114) * libexif: out of bounds read due to a missing bounds check in exif_entry_get_value function in exif-entry.c (CVE-2020-0182) * libexif: divide-by-zero in exif_entry_get_value function in exif-entry.c (CVE-2020-12767) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-9278 CVE-2020-0093 CVE-2020-0181 CVE-2020-0182 CVE-2020-0198 CVE-2020-12767 CVE-2020-13113 CVE-2020-13114 CVE-2019-9278 libexif: out of bounds write in exif-data.c CVE-2020-12767 libexif: divide-by-zero in exif_entry_get_value function in exif-entry.c CVE-2020-13113 libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and use-after-free CVE-2020-13114 libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time CVE-2020-0181 libexif: integer overflow in exif_data_load_data_thumbnail function in exif-data.c CVE-2020-0198 libexif: integer overflow in exif_data_load_data_content function in exif-data.c CVE-2020-0093 libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c CVE-2020-0182 libexif: out of bounds read due to a missing bounds check in exif_entry_get_value function in exif-entry.c cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network. Security Fix(es): * freeradius: eap-pwd: DoS issues due to multithreaded BN_CTX access (CVE-2019-17185) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-17185 CVE-2019-17185 freeradius: eap-pwd: DoS issues due to multithreaded BN_CTX access cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * edk2: memory leak in ArpOnFrameRcvdDpc (CVE-2019-14559) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-14559 CVE-2019-14559 edk2: memory leak in ArpOnFrameRcvdDpc cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. The following packages have been upgraded to a later upstream version: dpdk (19.11.3). (BZ#1824905) Security Fix(es): * dpdk: librte_vhost Malicious guest could cause segfault by sending invalid Virtio descriptor (CVE-2020-10725) * dpdk: librte_vhost Integer overflow in vhost_user_set_log_base() (CVE-2020-10722) * dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723) * dpdk: librte_vhost VHOST_USER_GET_INFLIGHT_FD message flooding to result in a DoS (CVE-2020-10726) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-10722 CVE-2020-10723 CVE-2020-10725 CVE-2020-10726 CVE-2020-10722 dpdk: librte_vhost Integer overflow in vhost_user_set_log_base() CVE-2020-10723 dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() CVE-2020-10725 dpdk: librte_vhost Malicious guest could cause segfault by sending invalid Virtio descriptor CVE-2020-10726 dpdk: librte_vhost VHOST_USER_GET_INFLIGHT_FD message flooding to result in a DoS cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target. Security Fix(es): * snakeyaml: Billion laughs attack via alias feature (CVE-2017-18640) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2017-18640 CVE-2017-18640 snakeyaml: Billion laughs attack via alias feature cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 File Roller is an application for creating and viewing archives files, such as tar or zip files. Security Fix(es): * file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive (CVE-2019-16680) * file-roller: directory traversal via directory symlink pointing outside of the target directory (CVE-2020-11736) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-16680 CVE-2020-11736 CVE-2019-16680 file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive CVE-2020-11736 file-roller: directory traversal via directory symlink pointing outside of the target directory cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fix(es): * oniguruma: NULL pointer dereference in match_at() in regexec.c (CVE-2019-13225) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-13225 CVE-2019-13225 oniguruma: NULL pointer dereference in match_at() in regexec.c cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript (ASCII and binary Type 1, some Type 3 and Type 0), TrueType, OpenType (Type2) and CID-keyed fonts. Security Fix(es): * fontforge: SFD_GetFontMetaData() insufficient CVE-2020-5395 backport (CVE-2020-25690) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-25690 CVE-2020-25690 fontforge: SFD_GetFontMetaData() insufficient CVE-2020-5395 backport cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. Security Fix(es): * expat: large number of colons in input makes parser consume high amount of resources, leading to DoS (CVE-2018-20843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-20843 CVE-2018-20843 expat: large number of colons in input makes parser consume high amount of resources, leading to DoS cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 The Public Key Infrastructure (PKI) Core contains fundamental packages required by AlmaLinux Certificate System. Security Fix(es): * jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251) * bootstrap: XSS in the data-target attribute (CVE-2016-10735) * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040) * bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042) * bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331) * jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358) * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) * jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023) * pki: Dogtag's python client does not validate certificates (CVE-2020-15720) * pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146) * pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179) * pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221) * pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2015-9251 CVE-2016-10735 CVE-2018-14040 CVE-2018-14042 CVE-2019-10146 CVE-2019-10179 CVE-2019-10221 CVE-2019-11358 CVE-2019-8331 CVE-2020-11022 CVE-2020-11023 CVE-2020-15720 CVE-2020-1721 CVE-2020-1935 CVE-2020-25715 CVE-2015-9251 jquery: Cross-site scripting via cross-domain ajax requests CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip CVE-2016-10735 bootstrap: XSS in the data-target attribute CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute CVE-2019-10179 pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection CVE-2019-10146 pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page CVE-2019-10221 pki-core: Reflected XSS in getcookies?url= endpoint in CA CVE-2020-1721 pki-core: KRA vulnerable to reflected XSS via the getPk12 page CVE-2020-1935 tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method CVE-2020-11023 jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods CVE-2020-15720 pki: Dogtag's python client does not validate certificates CVE-2020-25715 pki-core: XSS in the certificate search results cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683) * chromium-browser: Use after free in WebRTC (CVE-2020-15969) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15683 CVE-2020-15969 CVE-2020-15969 chromium-browser: Use after free in WebRTC CVE-2020-15683 Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fix(es): * freetype: Heap-based buffer overflow due to integer truncation in Load_SBit_Png (CVE-2020-15999) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15999 CVE-2020-15999 freetype: Heap-based buffer overflow due to integer truncation in Load_SBit_Png cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Security Fix(es): * hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695) * hw: Vector Register Leakage-Active (CVE-2020-8696) * hw: Fast forward store predictor (CVE-2020-8698) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20201027 release, addresses: - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e; - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68; - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0; - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0; - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0; - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision 0xe0; - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up to 0x2006a08; - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up to 0xde; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up to 0xde; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up to 0xe0; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up to 0xde; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from revision 0xd6 up to 0xde; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up to 0xde; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up to 0xde; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up to 0xde; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up to 0xde; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up to 0xde; - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode from revision 0x43 up to 0x44; - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157 up to 0x1000159; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01 up to 0x4003003; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5002f01 up to 0x5003003; - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up to 0x40; - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up to 0x1e; - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up to 0x18; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78 up to 0xa0; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca up to 0xe0. * Add README file to the documentation directory. * Add publicly-sourced codenames list to supply to gen_provides.sh; update the latter to handle the somewhat different format. * Add SUMMARY.intel-ucode file containing metadata information from the microcode file headers. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface CVE-2020-8696 hw: Vector Register Leakage-Active CVE-2020-8698 hw: Fast forward store predictor cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.4.1 ESR. Security Fix(es): * Mozilla: Write side effects in MCallGetProperty opcode not accounted for (CVE-2020-26950) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-26950 CVE-2020-26950 Mozilla: Write side effects in MCallGetProperty opcode not accounted for cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.3. Security Fix(es): * Mozilla: Write side effects in MCallGetProperty opcode not accounted for (CVE-2020-26950) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-26950 CVE-2020-26950 Mozilla: Write side effects in MCallGetProperty opcode not accounted for cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.5.0. Security Fix(es): * Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code (CVE-2020-26951) * Mozilla: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5 (CVE-2020-26968) * Mozilla: Variable time processing of cross-origin images during drawImage calls (CVE-2020-16012) * Mozilla: Fullscreen could be enabled without displaying the security UI (CVE-2020-26953) * Mozilla: XSS through paste (manual and clipboard API) (CVE-2020-26956) * Mozilla: Requests intercepted through ServiceWorkers lacked MIME type restrictions (CVE-2020-26958) * Mozilla: Use-after-free in WebRequestService (CVE-2020-26959) * Mozilla: Potential use-after-free in uses of nsTArray (CVE-2020-26960) * Mozilla: DoH did not filter IPv4 mapped IP Addresses (CVE-2020-26961) * Mozilla: Software keyboards may have remembered typed passwords (CVE-2020-26965) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-16012 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26968 CVE-2020-26951 Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code CVE-2020-16012 Mozilla: Variable time processing of cross-origin images during drawImage calls CVE-2020-26953 Mozilla: Fullscreen could be enabled without displaying the security UI CVE-2020-26956 Mozilla: XSS through paste (manual and clipboard API) CVE-2020-26958 Mozilla: Requests intercepted through ServiceWorkers lacked MIME type restrictions CVE-2020-26959 Mozilla: Use-after-free in WebRequestService CVE-2020-26960 Mozilla: Potential use-after-free in uses of nsTArray CVE-2020-26961 Mozilla: DoH did not filter IPv4 mapped IP Addresses CVE-2020-26965 Mozilla: Software keyboards may have remembered typed passwords CVE-2020-26968 Mozilla: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.5.0 ESR. Security Fix(es): * Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code (CVE-2020-26951) * Mozilla: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5 (CVE-2020-26968) * Mozilla: Variable time processing of cross-origin images during drawImage calls (CVE-2020-16012) * Mozilla: Fullscreen could be enabled without displaying the security UI (CVE-2020-26953) * Mozilla: XSS through paste (manual and clipboard API) (CVE-2020-26956) * Mozilla: Requests intercepted through ServiceWorkers lacked MIME type restrictions (CVE-2020-26958) * Mozilla: Use-after-free in WebRequestService (CVE-2020-26959) * Mozilla: Potential use-after-free in uses of nsTArray (CVE-2020-26960) * Mozilla: DoH did not filter IPv4 mapped IP Addresses (CVE-2020-26961) * Mozilla: Software keyboards may have remembered typed passwords (CVE-2020-26965) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-16012 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26968 CVE-2020-26951 Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code CVE-2020-16012 Mozilla: Variable time processing of cross-origin images during drawImage calls CVE-2020-26953 Mozilla: Fullscreen could be enabled without displaying the security UI CVE-2020-26956 Mozilla: XSS through paste (manual and clipboard API) CVE-2020-26958 Mozilla: Requests intercepted through ServiceWorkers lacked MIME type restrictions CVE-2020-26959 Mozilla: Use-after-free in WebRequestService CVE-2020-26960 Mozilla: Potential use-after-free in uses of nsTArray CVE-2020-26961 Mozilla: DoH did not filter IPv4 mapped IP Addresses CVE-2020-26965 Mozilla: Software keyboards may have remembered typed passwords CVE-2020-26968 Mozilla: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The libexif packages provide a library for extracting extra information from image files. Security Fix(es): * libexif: out of bounds write due to an integer overflow in exif-entry.c (CVE-2020-0452) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-0452 CVE-2020-0452 libexif: out of bounds write due to an integer overflow in exif-entry.c cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.5.1. Security Fix(es): * Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes (CVE-2020-26970) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-26970 CVE-2020-26970 Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. The following packages have been upgraded to a later upstream version: libpq (12.5). (BZ#1898228, BZ#1901558) Security Fix(es): * postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694) * postgresql: psql's \gset allows overwriting specially treated variables (CVE-2020-25696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-25694 CVE-2020-25696 CVE-2020-25694 postgresql: Reconnection can downgrade connection security settings CVE-2020-25696 postgresql: psql's \gset allows overwriting specially treated variables cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: information exposure in drivers/char/random.c and kernel/time/timer.c (CVE-2020-16166) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Backport upstream OVS performance patch fix (BZ#1879935) * Sleeping or scheduling after sched_cpu_dying() led to "scheduling while atomic" and BUG at kernel/cpu.c:907! (BZ#1880080) * [conntrack] udp packet reverse NAT occasionally fail when race condition request combination with the DNAT load balancing rules (BZ#1882094) * Unexpected fragmentation needed error, OpenShift 4, OVS, VXLAN, GSO, Azure (BZ#1885766) * Unable to attach VLAN-based logical networks to a bond (BZ#1886017) * NFS server with krb5p fails in FIPS mode: context_derive_keys_new: Error 22 deriving initiator_seal key (BZ#1886189) * XFS: reflinked file data corruption (BZ#1886895) * [HPE 8.3 Bug] Kdump bootup failure caused by an amd iommu commit for Rhel8.3 BetaOS on DL325Gen10 (BZ#1888113) * dm: fix bio splitting and its bio completion order for regular IO (BZ#1890233) * geneve: add transport ports in route lookup for geneve (BZ#1891818) * HRTICK not armed in specific cases with SCHED_DEADLINE (BZ#1894073) * PM/swap Speed up hibernation by batching requests (BZ#1894629) * RHEL8.1 - ibmveth is producing TX errors over VXLAN when large send (TSO) is enabled (-> related to Red Hat bug 1816254 - OCP 4.3 - Authentication clusteroperator is in unknown state on POWER 9 servers") (BZ#1896299) * RHEL8.2 - mm/gup: fix gup_fast with dynamic page table folding (BZ#1896351) * [Azure][RHEL-8]TX/RX packets stop increasing after hibernation/resume in VM with CX4 VF NIC (BZ#1896433) * [Azure][RHEL-8]VM hangs after hibernation/resume if the VM has SRIOV NIC and has been deallocated (BZ#1896434) * [Azure] hv_irq_unmask() failed: 0x5 after resume from hibernation in NV6 size (BZ#1896435) * block layer: update to upstream v5.8 (BZ#1896787) * [Regression] RHEL8.2 zstream - Undetected Data corruption in MPI workloads that use VSX for reductions on POWER9 DD2.1 systems (BZ#1897278) * Incorrect system time reported through the CPU Accounting statistics (BZ#1897716) * debug kernel reports BUG: sleeping function called from invalid context at mm/slab.h:496 in aws t4g instances (BZ#1898758) * ARO: excessive pod memory allocation causes node lockup (BZ#1901547) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-16166 CVE-2020-16166 kernel: information exposure in drivers/char/random.c and kernel/time/timer.c cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Reject certificates with explicit EC parameters in strict mode (BZ#1891541) * Add FIPS selftest for HKDF, SSKDF, SSHKDF, and TLS12PRF; add DH_compute_key KAT to DH selftest (BZ#1891542) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-1971 CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * hardware: buffer overflow in bluetooth firmware (CVE-2020-12321) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Enhancement(s): * [Intel 8.3 FEAT] ice: Update to the Default OS DDP Package for ice driver (BZ#1896597) * [Intel 8.3 FEAT] ice: Pull Comms Market Segment Package into RHEL 8.3 (BZ#1896598) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12321 CVE-2020-12321 hardware: buffer overflow in bluetooth firmware cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. Security Fix(es): * net-snmp: Improper Privilege Management in EXTEND MIB may lead to privileged commands execution (CVE-2020-15862) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * In RHEL 8, snmpd using v3 is unable to send out default 60 maxGetbulkResponses when invalid PID specified. (BZ#1896760) * AVC denied for snmpd / snmptrapd (BZ#1902662) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15862 CVE-2020-15862 net-snmp: Improper Privilege Management in EXTEND MIB may lead to privileged commands execution cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fix(es): * gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent (CVE-2020-24659) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * gnutls: Add self-tests for implemented KDF algorithms and CMAC (BZ#1903037) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-24659 CVE-2020-24659 gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Security Fix(es): * pacemaker: ACL restrictions bypass (CVE-2020-25654) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-25654 CVE-2020-25654 pacemaker: ACL restrictions bypass cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::highavailability cpe:/a:almalinux:almalinux:8::resilientstorage AlmaLinux 8 Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS (CVE-2020-24553) * golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362) * golang: malicious symbol names can lead to code execution at build time (CVE-2020-28366) * golang: improper validation of cgo flags can lead to code execution at build time (CVE-2020-28367) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-24553 CVE-2020-28362 CVE-2020-28366 CVE-2020-28367 CVE-2020-24553 golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers CVE-2020-28366 golang: malicious symbol names can lead to code execution at build time CVE-2020-28367 golang: improper validation of cgo flags can lead to code execution at build time cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): * nginx: HTTP request smuggling in configurations with URL redirect used as error_page (CVE-2019-20372) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-20372 CVE-2019-20372 nginx: HTTP request smuggling in configurations with URL redirect used as error_page cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): * nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774) * c-ares: ares_parse_{a,aaaa}_reply() insufficient naddrttls validation DoS (CVE-2020-8277) * nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * yarn install crashes with nodejs:12 on aarch64 (BZ#1901045) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15366 CVE-2020-7608 CVE-2020-7774 CVE-2020-8277 CVE-2020-7608 nodejs-yargs-parser: prototype pollution vulnerability CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function CVE-2020-8277 c-ares: ares_parse_{a,aaaa}_reply() insufficient naddrttls validation DoS CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.27), galera (25.3.31). (BZ#1899082, BZ#1899086) Security Fix(es): * mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep (CVE-2020-15180) * mysql: InnoDB unspecified vulnerability (CPU Oct 2019) (CVE-2019-2938) * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) (CVE-2019-2974) * mysql: C API unspecified vulnerability (CPU Apr 2020) (CVE-2020-2752) * mysql: InnoDB unspecified vulnerability (CPU Apr 2020) (CVE-2020-2760) * mysql: Server: DML unspecified vulnerability (CPU Apr 2020) (CVE-2020-2780) * mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020) (CVE-2020-2812) * mysql: InnoDB unspecified vulnerability (CPU Apr 2020) (CVE-2020-2814) * mariadb-connector-c: Improper validation of content in a OK packet received from server (CVE-2020-13249) * mysql: Server: FTS unspecified vulnerability (CPU Oct 2020) (CVE-2020-14765) * mysql: InnoDB unspecified vulnerability (CPU Oct 2020) (CVE-2020-14776) * mysql: Server: FTS unspecified vulnerability (CPU Oct 2020) (CVE-2020-14789) * mysql: Server: Locking unspecified vulnerability (CPU Oct 2020) (CVE-2020-14812) * mysql: C API unspecified vulnerability (CPU Jan 2020) (CVE-2020-2574) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * FTBFS: -D_GLIBCXX_ASSERTIONS (BZ#1899009) * Queries with entity_id IN ('1', '2', …, '70000') run much slower in MariaDB 10.3 than on MariaDB 10.1 (BZ#1899017) * Cleanup race with wsrep_rsync_sst_tunnel may prevent full galera cluster bootstrap (BZ#1899021) * There are undeclared file conflicts in several mariadb and mysql packages (BZ#1899077) Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-2938 CVE-2019-2974 CVE-2020-13249 CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812 CVE-2020-15180 CVE-2020-2574 CVE-2020-2752 CVE-2020-2760 CVE-2020-2780 CVE-2020-2812 CVE-2020-2814 CVE-2021-2022 CVE-2021-2144 CVE-2021-2194 CVE-2019-2938 mysql: InnoDB unspecified vulnerability (CPU Oct 2019) CVE-2019-2974 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) CVE-2020-2574 mysql: C API unspecified vulnerability (CPU Jan 2020) CVE-2020-2780 mysql: Server: DML unspecified vulnerability (CPU Apr 2020) CVE-2020-2812 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020) CVE-2020-2814 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) CVE-2020-2760 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) CVE-2020-2752 mysql: C API unspecified vulnerability (CPU Apr 2020) CVE-2020-13249 mariadb-connector-c: Improper validation of content in a OK packet received from server CVE-2020-14765 mysql: Server: FTS unspecified vulnerability (CPU Oct 2020) CVE-2020-14776 mysql: InnoDB unspecified vulnerability (CPU Oct 2020) CVE-2020-14789 mysql: Server: FTS unspecified vulnerability (CPU Oct 2020) CVE-2020-14812 mysql: Server: Locking unspecified vulnerability (CPU Oct 2020) CVE-2020-15180 mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep CVE-2021-2022 mysql: InnoDB unspecified vulnerability (CPU Jan 2021) CVE-2021-2144 mysql: Server: Parser unspecified vulnerability (CPU Apr 2021) CVE-2021-2194 mysql: InnoDB unspecified vulnerability (CPU Apr 2021) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The MariaDB Native Client library (C driver) is used to connect applications developed in C/C++ to MariaDB and MySQL databases. The following packages have been upgraded to a later upstream version: mariadb-connector-c (3.1.11). (BZ#1898993) Security Fix(es): * mysql: C API unspecified vulnerability (CPU Apr 2020) (CVE-2020-2752) * mysql: C API unspecified vulnerability (CPU Apr 2020) (CVE-2020-2922) * mariadb-connector-c: Improper validation of content in a OK packet received from server (CVE-2020-13249) * mysql: C API unspecified vulnerability (CPU Jan 2020) (CVE-2020-2574) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Code utilizing plugins can't be compiled properly (BZ#1899001) * Add "zlib-devel" requirement in "-devel" subpackage (BZ#1899005) * Replace hard-coded /usr with %{_prefix} (BZ#1899099) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-13249 CVE-2020-2574 CVE-2020-2752 CVE-2020-2922 CVE-2021-2007 CVE-2020-2574 mysql: C API unspecified vulnerability (CPU Jan 2020) CVE-2020-2752 mysql: C API unspecified vulnerability (CPU Apr 2020) CVE-2020-2922 mysql: C API unspecified vulnerability (CPU Apr 2020) CVE-2020-13249 mariadb-connector-c: Improper validation of content in a OK packet received from server CVE-2021-2007 mysql: C API unspecified vulnerability (CPU Jan 2021) cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: information exposure in drivers/char/random.c and kernel/time/timer.c (CVE-2020-16166) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.3.z2 source tree (BZ#1894706) Moderate Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-16166 CVE-2020-16166 kernel: information exposure in drivers/char/random.c and kernel/time/timer.c AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.6.0 ESR. Security Fix(es): * chromium-browser: Uninitialized Use in V8 (CVE-2020-16042) * Mozilla: Heap buffer overflow in WebGL (CVE-2020-26971) * Mozilla: CSS Sanitizer performed incorrect sanitization (CVE-2020-26973) * Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free (CVE-2020-26974) * Mozilla: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6 (CVE-2020-35113) * Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2020-26978) * Mozilla: The proxy.onRequest API did not catch view-source URLs (CVE-2020-35111) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-16042 CVE-2020-26971 CVE-2020-26973 CVE-2020-26974 CVE-2020-26978 CVE-2020-35111 CVE-2020-35113 CVE-2020-16042 chromium-browser: Uninitialized Use in V8 CVE-2020-26971 Mozilla: Heap buffer overflow in WebGL CVE-2020-26973 Mozilla: CSS Sanitizer performed incorrect sanitization CVE-2020-26974 Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free CVE-2020-26978 Mozilla: Internal network hosts could have been probed by a malicious webpage CVE-2020-35111 Mozilla: The proxy.onRequest API did not catch view-source URLs CVE-2020-35113 Mozilla: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 PostgreSQL is an advanced object-relational database management system (DBMS). The following packages have been upgraded to a later upstream version: postgresql (10.15). Security Fix(es): * postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694) * postgresql: Multiple features escape "security restricted operation" sandbox (CVE-2020-25695) * postgresql: psql's \gset allows overwriting specially treated variables (CVE-2020-25696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2020-25694 postgresql: Reconnection can downgrade connection security settings CVE-2020-25695 postgresql: Multiple features escape "security restricted operation" sandbox CVE-2020-25696 postgresql: psql's \gset allows overwriting specially treated variables cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 PostgreSQL is an advanced object-relational database management system (DBMS). The following packages have been upgraded to a later upstream version: postgresql (9.6.20). Security Fix(es): * postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694) * postgresql: Multiple features escape "security restricted operation" sandbox (CVE-2020-25695) * postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution (CVE-2019-10208) * postgresql: Uncontrolled search path element in CREATE EXTENSION (CVE-2020-14350) * postgresql: psql's \gset allows overwriting specially treated variables (CVE-2020-25696) * postgresql: Selectivity estimators bypass row security policies (CVE-2019-10130) * postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks (CVE-2020-1720) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2019-10130 CVE-2019-10208 CVE-2020-14350 CVE-2020-1720 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2019-10130 postgresql: Selectivity estimators bypass row security policies CVE-2019-10208 postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution CVE-2020-1720 postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks CVE-2020-14350 postgresql: Uncontrolled search path element in CREATE EXTENSION CVE-2020-25694 postgresql: Reconnection can downgrade connection security settings CVE-2020-25695 postgresql: Multiple features escape "security restricted operation" sandbox CVE-2020-25696 postgresql: psql's \gset allows overwriting specially treated variables cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 PostgreSQL is an advanced object-relational database management system (DBMS). The following packages have been upgraded to a later upstream version: postgresql (12.5). Security Fix(es): * postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694) * postgresql: Multiple features escape "security restricted operation" sandbox (CVE-2020-25695) * postgresql: Uncontrolled search path element in logical replication (CVE-2020-14349) * postgresql: Uncontrolled search path element in CREATE EXTENSION (CVE-2020-14350) * postgresql: psql's \gset allows overwriting specially treated variables (CVE-2020-25696) * postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks (CVE-2020-1720) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14349 CVE-2020-14350 CVE-2020-1720 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2020-1720 postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks CVE-2020-14349 postgresql: Uncontrolled search path element in logical replication CVE-2020-14350 postgresql: Uncontrolled search path element in CREATE EXTENSION CVE-2020-25694 postgresql: Reconnection can downgrade connection security settings CVE-2020-25695 postgresql: Multiple features escape "security restricted operation" sandbox CVE-2020-25696 postgresql: psql's \gset allows overwriting specially treated variables cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.0. Security Fix(es): * chromium-browser: Uninitialized Use in V8 (CVE-2020-16042) * Mozilla: Heap buffer overflow in WebGL (CVE-2020-26971) * Mozilla: CSS Sanitizer performed incorrect sanitization (CVE-2020-26973) * Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free (CVE-2020-26974) * Mozilla: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6 (CVE-2020-35113) * Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2020-26978) * Mozilla: The proxy.onRequest API did not catch view-source URLs (CVE-2020-35111) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2020 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-16042 CVE-2020-26971 CVE-2020-26973 CVE-2020-26974 CVE-2020-26978 CVE-2020-35111 CVE-2020-35113 CVE-2020-16042 chromium-browser: Uninitialized Use in V8 CVE-2020-26971 Mozilla: Heap buffer overflow in WebGL CVE-2020-26973 Mozilla: CSS Sanitizer performed incorrect sanitization CVE-2020-26974 Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free CVE-2020-26978 Mozilla: Internal network hosts could have been probed by a malicious webpage CVE-2020-35111 Mozilla: The proxy.onRequest API did not catch view-source URLs CVE-2020-35113 Mozilla: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * avoid flush_backlog IPI for isolated CPUs by configuring RPS cpumask (BZ#1883314) * rngd consumes 100% cpu on rhel-8.3 system in fips mode (BZ#1886192) * RHEL8.1 - Random memory corruption may occur due to incorrect tlbflush (BZ#1899208) * fips mode boot is broken after adding extrng (BZ#1899584) * pmtu of 1280 for vxlan as bridge port won't work (BZ#1902082) * rpc task loop with kworker spinning at 100% CPU for 10 minutes when umount an NFS 4.x share with sec=krb5 triggered by unmount of the NFS share (BZ#1907667) Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-25211 CVE-2020-25211 kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.3.z source tree (BZ#1906140) Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-25211 CVE-2020-25211 kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.6.1 ESR. Security Fix(es): * Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-16044 CVE-2020-16044 Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.1. Security Fix(es): * Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-16044 CVE-2020-16044 Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.102 and .NET Runtime 5.0.2. Security Fix(es): * dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2 (CVE-2021-1723) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-1723 CVE-2021-1723 dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.111 and .NET Core Runtime 3.1.11. Security Fix(es): * dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2 (CVE-2021-1723) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-1723 CVE-2021-1723 dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server. Security Fix(es): * dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681) * dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682) * dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683) * dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684) * dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685) * dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686) * dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 CVE-2020-25687 CVE-2020-25681 dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled CVE-2020-25682 dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled CVE-2020-25683 dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker CVE-2020-25687 dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: Heap buffer overflow in argument parsing (CVE-2021-3156) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-3156 CVE-2021-3156 sudo: Heap buffer overflow in argument parsing cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.7.0 ESR. Security Fix(es): * Mozilla: Cross-origin information leakage via redirected PDF requests (CVE-2021-23953) * Mozilla: Type confusion when using logical assignment operators in JavaScript switch statements (CVE-2021-23954) * Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7 (CVE-2021-23964) * Mozilla: HTTPS pages could have been intercepted by a registered service worker when they should not have been (CVE-2020-26976) * Mozilla: Use-after-poison for incorrectly redeclared JavaScript variables during GC (CVE-2021-23960) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-26976 CVE-2021-23953 CVE-2021-23954 CVE-2021-23960 CVE-2021-23964 CVE-2021-23953 Mozilla: Cross-origin information leakage via redirected PDF requests CVE-2021-23954 Mozilla: Type confusion when using logical assignment operators in JavaScript switch statements CVE-2020-26976 Mozilla: HTTPS pages could have been intercepted by a registered service worker when they should not have been CVE-2021-23960 Mozilla: Use-after-poison for incorrectly redeclared JavaScript variables during GC CVE-2021-23964 Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Security Fix(es): * Mozilla: Cross-origin information leakage via redirected PDF requests (CVE-2021-23953) * Mozilla: Type confusion when using logical assignment operators in JavaScript switch statements (CVE-2021-23954) * Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7 (CVE-2021-23964) * Mozilla: IMAP Response Injection when using STARTTLS (CVE-2020-15685) * Mozilla: HTTPS pages could have been intercepted by a registered service worker when they should not have been (CVE-2020-26976) * Mozilla: Use-after-poison for incorrectly redeclared JavaScript variables during GC (CVE-2021-23960) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15685 CVE-2020-26976 CVE-2021-23953 CVE-2021-23954 CVE-2021-23960 CVE-2021-23964 CVE-2021-23953 Mozilla: Cross-origin information leakage via redirected PDF requests CVE-2021-23954 Mozilla: Type confusion when using logical assignment operators in JavaScript switch statements CVE-2020-26976 Mozilla: HTTPS pages could have been intercepted by a registered service worker when they should not have been CVE-2021-23960 Mozilla: Use-after-poison for incorrectly redeclared JavaScript variables during GC CVE-2021-23964 Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7 CVE-2020-15685 Mozilla: IMAP Response Injection when using STARTTLS cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: sandbox escape via spawn portal (CVE-2021-21261) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-21261 CVE-2021-21261 flatpak: sandbox escape via spawn portal cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.112 and .NET Core Runtime 3.1.12. Security Fix(es): * dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-1721 CVE-2021-1721 dotnet: certificate chain building recursion Denial of Service cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 2.1.521 and .NET Core Runtime 2.1.25. Security Fix(es): * dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-1721 CVE-2021-1721 dotnet: certificate chain building recursion Denial of Service cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.103 and .NET Runtime 5.0.3. Security Fix(es): * dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-1721 CVE-2021-1721 dotnet: certificate chain building recursion Denial of Service cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fix(es): * subversion: Remote unauthenticated denial of service in mod_authz_svn (CVE-2020-17525) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-17525 CVE-2020-17525 subversion: Remote unauthenticated denial of service in mod_authz_svn cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP20. Security Fix(es): * OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685) (CVE-2020-14797) * OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862) (CVE-2020-14779) * OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680) (CVE-2020-14796) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14779 CVE-2020-14796 CVE-2020-14797 CVE-2020-14779 OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862) CVE-2020-14796 OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680) CVE-2020-14797 OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685) AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Moderate Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14370 CVE-2020-14370 podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free (CVE-2020-29661) * kernel: performance counters race condition use-after-free (CVE-2020-14351) * kernel: ICMP rate limiting can be used for DNS poisoning attack (CVE-2020-25705) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.3.z2 source tree (BZ#1908433) Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14351 CVE-2020-25705 CVE-2020-29661 CVE-2020-14351 kernel: performance counters race condition use-after-free CVE-2020-25705 kernel: ICMP rate limiting can be used for DNS poisoning attack CVE-2020-29661 kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free AlmaLinux 8 Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Support key wrap/unwrap with RSA-OAEP (BZ#1896431) * 1536bit group from RFC3526 is allowed in FIPS mode when in policy DH-MIN is set to be lower than 1536 (BZ#1896432) * when NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess [rhel-8] (BZ#1896933) * Policy should allow overriding library defaults (BZ#1898702) * KDF-self-tests-induced changes for nss in RHEL 8.4 (BZ#1898953) * nss: non-blocksize requests to IKEv1 KDF returns bogus output (BZ#1904408) Moderate Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12400 CVE-2020-12403 CVE-2020-6829 CVE-2020-6829 nss: Side channel attack on ECDSA signature generation CVE-2020-12400 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function CVE-2020-12403 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (10.23.1). Security Fix(es): * libuv: buffer overflow in realpath (CVE-2020-8252) * nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS (CVE-2020-7754) * nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774) * nodejs-ini: prototype pollution via malicious INI file (CVE-2020-7788) * nodejs-dot-prop: prototype pollution (CVE-2020-8116) * nodejs: use-after-free in the TLS implementation (CVE-2020-8265) * npm: sensitive information exposure through logs (CVE-2020-15095) * nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366) * nodejs-yargs-parser: prototype pollution vulnerability (CVE-2020-7608) * nodejs: HTTP request smuggling via two copies of a header field in an http request (CVE-2020-8287) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15095 CVE-2020-15366 CVE-2020-7608 CVE-2020-7754 CVE-2020-7774 CVE-2020-7788 CVE-2020-8116 CVE-2020-8252 CVE-2020-8265 CVE-2020-8287 CVE-2020-7608 nodejs-yargs-parser: prototype pollution vulnerability CVE-2020-15095 npm: sensitive information exposure through logs CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function CVE-2020-8116 nodejs-dot-prop: prototype pollution CVE-2020-8252 libuv: buffer overflow in realpath CVE-2020-7754 nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability CVE-2020-7788 nodejs-ini: Prototype pollution via malicious INI file CVE-2020-8265 nodejs: use-after-free in the TLS implementation CVE-2020-8287 nodejs: HTTP request smuggling via two copies of a header field in an http request cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (12.20.1), nodejs-nodemon (2.0.3). Security Fix(es): * nodejs-mixin-deep: prototype pollution in function mixin-deep (CVE-2019-10746) * nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747) * nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS (CVE-2020-7754) * nodejs-ini: prototype pollution via malicious INI file (CVE-2020-7788) * nodejs: use-after-free in the TLS implementation (CVE-2020-8265) * nodejs: HTTP request smuggling via two copies of a header field in an http request (CVE-2020-8287) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2018-3750 CVE-2019-10746 CVE-2019-10747 CVE-2020-7754 CVE-2020-7788 CVE-2020-8265 CVE-2020-8287 CVE-2018-3750 nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties CVE-2019-10746 nodejs-mixin-deep: prototype pollution in function mixin-deep CVE-2019-10747 nodejs-set-value: prototype pollution in function set-value CVE-2020-7754 nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS CVE-2020-7788 nodejs-ini: Prototype pollution via malicious INI file CVE-2020-8265 nodejs: use-after-free in the TLS implementation CVE-2020-8287 nodejs: HTTP request smuggling via two copies of a header field in an http request cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (14.15.4). Security Fix(es): * nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS (CVE-2020-7754) * nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774) * nodejs-ini: prototype pollution via malicious INI file (CVE-2020-7788) * nodejs: use-after-free in the TLS implementation (CVE-2020-8265) * c-ares: ares_parse_{a,aaaa}_reply() insufficient naddrttls validation DoS (CVE-2020-8277) * nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366) * nodejs: HTTP request smuggling via two copies of a header field in an http request (CVE-2020-8287) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * yarn install crashes with nodejs:14 on aarch64 (BZ#1916465) Moderate Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-15366 CVE-2020-7754 CVE-2020-7774 CVE-2020-7788 CVE-2020-8265 CVE-2020-8277 CVE-2020-8287 CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function CVE-2020-7754 nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS CVE-2020-8277 c-ares: ares_parse_{a,aaaa}_reply() insufficient naddrttls validation DoS CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability CVE-2020-7788 nodejs-ini: Prototype pollution via malicious INI file CVE-2020-8265 nodejs: use-after-free in the TLS implementation CVE-2020-8287 nodejs: HTTP request smuggling via two copies of a header field in an http request cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): * perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (CVE-2020-12723) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-12723 CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free (CVE-2020-29661) * kernel: performance counters race condition use-after-free (CVE-2020-14351) * kernel: ICMP rate limiting can be used for DNS poisoning attack (CVE-2020-25705) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Final fixes + drop alpha_support flag requirement for Tigerlake (BZ#1882620) * OVS complains Invalid Argument on TCP packets going into conntrack (BZ#1892744) * BUG: using smp_processor_id() in preemptible [00000000] code: handler106/3082 (BZ#1893281) * Icelake performance - add intel_idle: Customize IceLake server support to RHEL-8 (BZ#1897183) * [mlx5] IPV6 TOS rewrite flows are not getting offloaded in HW (BZ#1897688) * RHEL 8.3 SAS - multipathd fails to re-establish paths during controller random reset (BZ#1900112) * RHEL8.3 Beta - RHEL8.3 hangs on dbginfo.sh execution, crash dump generated (mm-) (BZ#1903019) * Win10 guest automatic reboot after migration in Win10 and WSL2 on AMD hosts (BZ#1905084) * block, dm: fix IO splitting for stacked devices (BZ#1905136) * Failed to hotplug scsi-hd disks (BZ#1905214) * PCI quirk needed to prevent GPU hang (BZ#1906516) * RHEL8.2 - various patches to stabilize the OPAL error log processing and the powernv dump processing (ESS) (BZ#1907301) * pmtu not working with tunnels as bridge ports and br_netfilter loaded (BZ#1907576) * [ThinkPad X13/T14/T14s AMD]: Kdump failed (BZ#1907775) * NFSv4 client improperly handles interrupted slots (BZ#1908312) * NFSv4.1 client ignores ERR_DELAY during LOCK recovery, could lead to data corruption (BZ#1908313) * [Regression] RHEL8.2 - [kernel 148.el8] cpu (sys) time regression in SAP HANA 2.0 benchmark benchInsertSubSelectPerformance (BZ#1908519) * RHEL8: kernel-rt: kernel BUG at kernel/sched/deadline.c:1462! (BZ#1908731) * SEV VM hang at efi_mokvar_sysfs_init+0xa9/0x19d during boot (BZ#1909243) * C6gn support requires "Ensure dirty bit is preserved across pte_wrprotect" patch (BZ#1909577) * [Lenovo 8.3 & 8.4 Bug] [Regression] No response from keyboard and mouse when boot from tboot kernel (BZ#1911555) * Kernel crash with krb5p (BZ#1912478) * [RHEL8] Need additional backports for FIPS 800-90A DRBG entropy seeding source (BZ#1912872) * [Hyper-V][RHEL-8] Request to included a commit that adds a timeout to vmbus_wait_for_unload (BZ#1913528) * Host becomes unresponsive during stress-ng --cyclic test rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: (BZ#1913964) * RHEL8.4: Backport upstream RCU patches up to v5.6 (BZ#1915638) * Missing mm backport to fix regression introduced by another mm backport (BZ#1915814) * [Hyper-V][RHEL-8]video: hyperv_fb: Fix the cache type when mapping the VRAM Edit (BZ#1917711) * ionic 0000:39:00.0 ens2: IONIC_CMD_Q_INIT (40) failed: IONIC_RC_ERROR (-5) (BZ#1918372) * [certification] mlx5_core depends on tls triggering TAINT_TECH_PREVIEW even if no ConnectX-6 card is present (BZ#1918743) * kvm-rhel8.3 [AMD] - system crash observed while powering on virtual machine with attached VF interfaces. (BZ#1919885) Enhancement(s): * [Mellanox 8.4 FEAT] mlx5: Add messages when VF-LAG fails to start (BZ#1892344) Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14351 CVE-2020-25705 CVE-2020-29661 CVE-2020-14351 kernel: performance counters race condition use-after-free CVE-2020-25705 kernel: ICMP rate limiting can be used for DNS poisoning attack CVE-2020-29661 kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free cpe:/a:almalinux:almalinux:8::powertools cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. Security Fix(es): * xterm: crash when processing combining characters (CVE-2021-27135) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-27135 CVE-2021-27135 xterm: crash when processing combining characters cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection (encrypted using SSL or TLS) or to provide an encrypted means of connecting to services that do not natively support encryption. Security Fix(es): * stunnel: client certificate not correctly verified when redirect and verifyChain options are used (CVE-2021-20230) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-20230 CVE-2021-20230 stunnel: client certificate not correctly verified when redirect and verifyChain options are used cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR. Security Fix(es): * Mozilla: Content Security Policy violation report could have contained the destination of a redirect (CVE-2021-23968) * Mozilla: Content Security Policy violation report could have contained the destination of a redirect (CVE-2021-23969) * Mozilla: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8 (CVE-2021-23978) * Mozilla: MediaError message property could have leaked information about cross-origin resources (CVE-2021-23973) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-23968 CVE-2021-23969 CVE-2021-23973 CVE-2021-23978 CVE-2021-23969 Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968 Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23973 Mozilla: MediaError message property could have leaked information about cross-origin resources CVE-2021-23978 Mozilla: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0. Security Fix(es): * Mozilla: Content Security Policy violation report could have contained the destination of a redirect (CVE-2021-23968) * Mozilla: Content Security Policy violation report could have contained the destination of a redirect (CVE-2021-23969) * Mozilla: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8 (CVE-2021-23978) * Mozilla: MediaError message property could have leaked information about cross-origin resources (CVE-2021-23973) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-23968 CVE-2021-23969 CVE-2021-23973 CVE-2021-23978 CVE-2021-23969 Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968 Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23973 Mozilla: MediaError message property could have leaked information about cross-origin resources CVE-2021-23978 Mozilla: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8 cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation (CVE-2020-8625) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-8625 CVE-2020-8625 bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation cpe:/a:almalinux:almalinux:8::appstream cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fix(es): * grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372) * grub2: Use-after-free in rmmod command (CVE-2020-25632) * grub2: Out-of-bounds write in grub_usb_device_initialize() (CVE-2020-25647) * grub2: Stack buffer overflow in grub_parser_split_cmdline() (CVE-2020-27749) * grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled (CVE-2020-27779) * grub2: Heap out-of-bounds write in short form option parser (CVE-2021-20225) * grub2: Heap out-of-bounds write due to miscalculation of space required for quoting (CVE-2021-20233) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Moderate Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 CVE-2020-14372 grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled CVE-2020-25632 grub2: Use-after-free in rmmod command CVE-2020-25647 grub2: Out-of-bounds write in grub_usb_device_initialize() CVE-2020-27749 grub2: Stack buffer overflow in grub_parser_split_cmdline() CVE-2020-27779 grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled CVE-2021-20225 grub2: Heap out-of-bounds write in short form option parser CVE-2021-20233 grub2: Heap out-of-bounds write due to miscalculation of space required for quoting cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * podman: container users permissions are not respected in privileged containers (CVE-2021-20188) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-20188 CVE-2021-20188 podman: container users permissions are not respected in privileged containers cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * podman: container users permissions are not respected in privileged containers (CVE-2021-20188) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-20188 CVE-2021-20188 podman: container users permissions are not respected in privileged containers cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es): * QEMU: virtiofsd: potential privileged host device access from guest (CVE-2020-35517) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-35517 CVE-2020-35517 QEMU: virtiofsd: potential privileged host device access from guest cpe:/a:almalinux:almalinux:8::appstream cpe:/a:almalinux:almalinux:8::powertools AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (12.21.0). Security Fix(es): * nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion (CVE-2021-22883) * nodejs: DNS rebinding in --inspect (CVE-2021-22884) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-22883 CVE-2021-22884 CVE-2021-22883 nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion CVE-2021-22884 nodejs: DNS rebinding in --inspect cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (10.24.0). Security Fix(es): * nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion (CVE-2021-22883) * nodejs: DNS rebinding in --inspect (CVE-2021-22884) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-22883 CVE-2021-22884 CVE-2021-22883 nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion CVE-2021-22884 nodejs: DNS rebinding in --inspect cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP25. Security Fix(es): * IBM JDK: Stack-based buffer overflow when converting from UTF-8 characters to platform encoding (CVE-2020-27221) * OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773) * OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781) * OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) (CVE-2020-14782) * OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136) (CVE-2020-14803) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Critical Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2020-14781 CVE-2020-14782 CVE-2020-14803 CVE-2020-27221 CVE-2020-2773 CVE-2020-2773 OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) CVE-2020-14781 OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) CVE-2020-14782 OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) CVE-2020-14803 OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136) CVE-2020-27221 IBM JDK: Stack-based buffer overflow when converting from UTF-8 characters to platform encoding AlmaLinux 8 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (14.16.0). Security Fix(es): * nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion (CVE-2021-22883) * nodejs: DNS rebinding in --inspect (CVE-2021-22884) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Node.js should not be built with "--debug-nghttp2" (BZ#1932427) Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-22883 CVE-2021-22884 CVE-2021-22883 nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion CVE-2021-22884 nodejs: DNS rebinding in --inspect cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 2.1.522 and .NET Core Runtime 2.1.26. Security Fix(es): * dotnet: System.Text.Encodings.Web Remote Code Execution (CVE-2021-26701) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-26701 CVE-2021-26701 dotnet: System.Text.Encodings.Web Remote Code Execution cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.113 and .NET Core Runtime 3.1.13. Security Fix(es): * dotnet: System.Text.Encodings.Web Remote Code Execution (CVE-2021-26701) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-26701 CVE-2021-26701 dotnet: System.Text.Encodings.Web Remote Code Execution cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.104 and .NET Runtime 5.0.4. Security Fix(es): * dotnet: System.Text.Encodings.Web Remote Code Execution (CVE-2021-26701) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-26701 CVE-2021-26701 dotnet: System.Text.Encodings.Web Remote Code Execution cpe:/a:almalinux:almalinux:8::appstream AlmaLinux 8 The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Security Fix(es): * wpa_supplicant: Use-after-free in P2P provision discovery processing (CVE-2021-27803) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-27803 CVE-2021-27803 wpa_supplicant: Use-after-free in P2P provision discovery processing cpe:/o:almalinux:almalinux:8::baseos AlmaLinux 8 The Public Key Infrastructure (PKI) Core contains fundamental packages required by AlmaLinux Certificate System. Security Fix(es): * pki-core: Unprivileged users can renew any certificate (CVE-2021-20179) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Important Copyright 2021 Red Hat, Inc. Copyright 2022 AlmaLinux OS Foundation CVE-2021-20179 CVE-2021-20179 pki-core: Unprivileged users can renew any certificate cpe:/a:almalinux:almalinux:8::appstream