RLEA-2019:3511 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libvarlink. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libvarlink-devel-18-3.el8.aarch64.rpm d6418a07e221ceb3e4f7265378a987d2d96f4e94f14e057f1e717b2357d5f2a8 RLSA-2019:3553 GNOME is the default desktop environment of Rocky Linux. Security Fix(es): * evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail() (CVE-2019-11459) * gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd (CVE-2019-12795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for pidgin, gnome-desktop3, pango, gdk-pixbuf2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME is the default desktop environment of Rocky Linux. Security Fix(es): * evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail() (CVE-2019-11459) * gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd (CVE-2019-12795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gdk-pixbuf2-xlib-2.36.12-5.el8.aarch64.rpm 395e79cc4261f2e029da140bd244270ff8d56a108a17633011ef08fb1f6674b1 gdk-pixbuf2-xlib-devel-2.36.12-5.el8.aarch64.rpm 80c9d88483e2fb30cc8364da62fa40d7f7983669fbfa054fb3b417b96b90f34b libpurple-devel-2.13.0-5.el8.aarch64.rpm f16ff1b62ce079b97d71e3a71b115cfed22e32ef1e071f82ff8d059e3309bf45 RLBA-2019:3558 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libhbaapi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libhbaapi-devel-2.2.9-13.el8.aarch64.rpm d7cb90e61dabb55e05422f89833f732e354c23e41b5e158f4b87bd45a357f18f RLBA-2019:3593 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ipset. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ipset-devel-7.1-1.el8.aarch64.rpm 0b3d12a19d21fedccf90e4caf0f04932401b42668c1bc64285e28d51c92c430b RLSA-2020:0633 The ppp packages contain the Point-to-Point Protocol (PPP) daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider (ISP) or other organization over a modem and phone line. Security Fix(es): * ppp: Buffer overflow in the eap_request and eap_response functions in eap.c (CVE-2020-8597) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for ppp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The ppp packages contain the Point-to-Point Protocol (PPP) daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider (ISP) or other organization over a modem and phone line. Security Fix(es): * ppp: Buffer overflow in the eap_request and eap_response functions in eap.c (CVE-2020-8597) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms ppp-devel-2.4.7-26.el8_1.aarch64.rpm fed85df6c00926fab96ead780e08a239a1dc405259d742dfba609c1776326e78 RLSA-2020:1766 GNOME is the default desktop environment of Rocky Linux. Security Fix(es): * LibRaw: stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp (CVE-2018-20337) * gdm: lock screen bypass when timed login is enabled (CVE-2019-3825) * gvfs: mishandling of file ownership in daemon/gvfsbackendadmin.c (CVE-2019-12447) * gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing query_info_on_read/write (CVE-2019-12448) * gvfs: mishandling of file's user and group ownership in daemon/gvfsbackendadmin.c due to unavailability of root privileges (CVE-2019-12449) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for mozjs52, gnome-tweaks, clutter, gnome-menus, mozjs60, baobab. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME is the default desktop environment of Rocky Linux. Security Fix(es): * LibRaw: stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp (CVE-2018-20337) * gdm: lock screen bypass when timed login is enabled (CVE-2019-3825) * gvfs: mishandling of file ownership in daemon/gvfsbackendadmin.c (CVE-2019-12447) * gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing query_info_on_read/write (CVE-2019-12448) * gvfs: mishandling of file's user and group ownership in daemon/gvfsbackendadmin.c due to unavailability of root privileges (CVE-2019-12449) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms clutter-devel-1.26.2-8.el8.aarch64.rpm 70d9c053a71abfa566ebc641369def4a8c4bda27d65cb85abde8082393b63b2d clutter-doc-1.26.2-8.el8.aarch64.rpm 01f4abb032bd63e896d15e15995811eb99f67813919521db123657facc4db734 gnome-menus-devel-3.13.3-11.el8.aarch64.rpm 9655f1f5dc5a6a3a36ee740e8cbd721e56bfc39791267fbe30bb13417f6e8376 mozjs52-devel-52.9.0-2.el8.aarch64.rpm 43d74c8ab5799c42af18b14e4bf4d8e545f52b3b0a217da0e4388f9de891143f mozjs60-devel-60.9.0-4.el8.aarch64.rpm dbc51c9f254cd2837672152dd7b92b627e77010d2265f56a5308e3b4e2737e79 RLBA-2020:1919 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ppp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ppp-devel-2.4.7-26.el8_1.aarch64.rpm fed85df6c00926fab96ead780e08a239a1dc405259d742dfba609c1776326e78 RLSA-2020:2755 libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): * nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for nghttp2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): * nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libnghttp2-devel-1.33.0-3.el8_3.1.aarch64.rpm 07f7c4e28be394cd871f862d451d8d009243bce39db51547305decc95f876977 nghttp2-1.33.0-3.el8_3.1.aarch64.rpm 447b50538b2bba1e82adf24b317febd2c2e1934d7f3b0db4d48710b4fafa2fd4 RLSA-2020:3654 The libcroco is a standalone Cascading Style Sheet level 2 (CSS2) parsing and manipulation library. Security Fix(es): * libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c (CVE-2020-12825) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libcroco. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libcroco is a standalone Cascading Style Sheet level 2 (CSS2) parsing and manipulation library. Security Fix(es): * libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c (CVE-2020-12825) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libcroco-devel-0.6.12-4.el8_2.1.aarch64.rpm 3490b1bce032ef7f8257a25c1d0038d19d53a6dfa446c68b78edc6ca317c15a2 RLSA-2020:4451 GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4), webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk (1.6.0). (BZ#1775345, BZ#1779691, BZ#1817143, BZ#1832347, BZ#1837406) Security Fix(es): * webkitgtk: Multiple security issues (CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925, CVE-2020-10018, CVE-2020-11793) * gnome-settings-daemon: Rocky Enterprise Software Foundation Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391) * LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for xdg-desktop-portal-gtk, tracker, LibRaw, vte291, gnome-remote-desktop, PackageKit, pipewire, pipewire0.2, potrace, gtk3, dleyna-renderer, libsoup, pygobject3, webrtc-audio-processing, frei0r-plugins, gnome-session, gsettings-desktop-schemas. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4), webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk (1.6.0). (BZ#1775345, BZ#1779691, BZ#1817143, BZ#1832347, BZ#1837406) Security Fix(es): * webkitgtk: Multiple security issues (CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925, CVE-2020-10018, CVE-2020-11793) * gnome-settings-daemon: Rocky Enterprise Software Foundation Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391) * LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms frei0r-devel-1.6.1-7.el8.aarch64.rpm 88d4506493d41c6b67a16eb3729440ca2e45fcea3425df4c36a76802eab9d596 pygobject3-devel-3.28.3-2.el8.aarch64.rpm 7c3790d68c1374f0d820f198b53b781a359e19ab3c26c28dbf4446885fc1691b tracker-devel-2.1.5-2.el8.aarch64.rpm fbf033c0c39b601858b75fcc0c9841bbe51f1ef6a392bd7d42f6ad9f0d8b66be vte291-devel-0.52.4-2.el8.aarch64.rpm 37c01b193488ba0f29867cb77e5e21d9b38a51806d3df01b088502d74b516da0 PackageKit-glib-devel-1.1.12-6.el8.0.2.aarch64.rpm 1aa41b9b134e2fc679be05d29a32ba8a24a92fb6af9a41a635019560bb35442c RLEA-2020:4555 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libpsl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libpsl-devel-0.20.2-6.el8.aarch64.rpm 122855f80f93aba722aed215a6bb8e0144b57d3b23a50f5ddcd882ac7838f911 RLEA-2020:4556 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libnetfilter_queue. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libnetfilter_queue-devel-1.0.4-3.el8.aarch64.rpm 909ba801f4c20405354ebeb119e5227930e18461acb1230a40ac0c78ed158ff8 RLBA-2020:4600 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for snappy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms snappy-devel-1.1.8-3.el8.aarch64.rpm 45a11321fcd50252e3308239180bb7a316c948868161ce495ff257cedbb1a50b RLSA-2021:1586 GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: accountsservice (0.6.55), webkit2gtk3 (2.30.4). (BZ#1846376, BZ#1883304) Security Fix(es): * webkitgtk: type confusion may lead to arbitrary code execution (CVE-2020-9948) * webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-9951) * webkitgtk: out-of-bounds write may lead to code execution (CVE-2020-9983) * webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13543) * webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13584) * glib2: insecure permissions for files and directories (CVE-2019-13012) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for enchant2, cairomm, gnome-photos, webkit2gtk3, chrome-gnome-shell, geoclue2, dleyna-server, woff2, libdazzle, gtk2, gvfs, gjs, gnome-settings-daemon, gtkmm24, accountsservice, gnome-control-center, gnome-shell, gnome-software, soundtouch, gnome-boxes, gnome-terminal, libsass, libsigc++20, nautilus, OpenEXR, gnome-online-accounts, gtkmm30, dleyna-core, vala, libvisual, geocode-glib, pangomm, gtk-doc, atkmm, gdm, gamin, glibmm24, mutter, libepubgen. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: accountsservice (0.6.55), webkit2gtk3 (2.30.4). (BZ#1846376, BZ#1883304) Security Fix(es): * webkitgtk: type confusion may lead to arbitrary code execution (CVE-2020-9948) * webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-9951) * webkitgtk: out-of-bounds write may lead to code execution (CVE-2020-9983) * webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13543) * webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13584) * glib2: insecure permissions for files and directories (CVE-2019-13012) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms atkmm-devel-2.24.2-7.el8.aarch64.rpm 3ce0f75d449203a3b38c392b77ef1140e121e782fca436176c7399a49aaff063 cairomm-devel-1.12.0-8.el8.aarch64.rpm a4332361dd3875c34647654b7eb2b8ac8906cc859c2cc6a9a332974ca12c1020 enchant2-devel-2.2.3-3.el8.aarch64.rpm 39d78a0cdf5f847dc5e03dac4beff2c8a98d8acd586f75b8580f13b9493117fc gamin-devel-0.1.10-32.el8.aarch64.rpm 224fe45aca747ec52ee7efe8238c554bc5cbeb93affb7a2ed8eb4ec98646992f geoclue2-devel-2.5.5-2.el8.aarch64.rpm 3e1fd9077722989c0137f505363af74881362f98dd77436374c719bc2212a6e9 gjs-devel-1.56.2-5.el8.aarch64.rpm 5d8c7eeab9fb183d900ec631e1835adb347f9ccad2b29f84f06e557eab14bad4 glibmm24-devel-2.56.0-2.el8.aarch64.rpm 2da7e692956a605243eac33baf176afa0689dab826071f8e1e5112f0bdc68981 gtkmm24-devel-2.24.5-6.el8.aarch64.rpm dea4c33c15f8a7f905476971d3ac890002bab261d75a4151a4e0397366121700 gtkmm30-devel-3.22.2-3.el8.aarch64.rpm e96ea81b12b138b729ea1089b71a1ad2151587f5a9608fa9519692159bdd6766 libdazzle-3.28.5-2.el8.aarch64.rpm 0b865d21693613cf5a28ee77a64ba7afe9d76a94e10846670595d72938a51450 libdazzle-devel-3.28.5-2.el8.aarch64.rpm 09b78dd3ac2868b1a16da3479ef702245b074be10804e9cbc3b23a72a75f4d4e libepubgen-devel-0.1.0-3.el8.aarch64.rpm 830206e940b4b2c8acb26587ed284b0a9a76bfcdb88c81c95571e619fc7aa929 libsass-3.4.5-6.el8.aarch64.rpm 0035af205c179c8e27c809be5f2ccf9749f3ad08cdcc112f12a1530cc778e11f libsass-devel-3.4.5-6.el8.aarch64.rpm 304b3e4ca60b9fcf0febc760ed75f4e64231cd795887c0c86af55560a4ca053e libsigc++20-devel-2.10.0-6.el8.aarch64.rpm 2ac82883d78ee3ea6404371b154122ef2edffdfac901a140c9da4255b22101f2 libvisual-devel-0.4.0-25.el8.aarch64.rpm 95827c74199bddbec86fd8a7c275476f9222dd4460179be9c0a9b24c6077e9c2 OpenEXR-devel-2.2.0-12.el8.aarch64.rpm e3d2fe1166489a18b48d61f072f212153adec8a8334b91e8beb4e66647c20384 pangomm-devel-2.40.1-6.el8.aarch64.rpm f352eb7eac3d2c3589fcb7335b582b2c255c59f49de5ae588dff1f272a0ebbab soundtouch-devel-2.0.0-3.el8.aarch64.rpm d3d1d408f971f3198b57b0c08f51081890b83bc27f419126878f2417ebfe5684 vala-0.40.19-2.el8.aarch64.rpm b60736b413a6aebda280c2cd50e0c2f8a6cf01f3df5ecc24103527c990101cd0 vala-devel-0.40.19-2.el8.aarch64.rpm dd42f9f869bf7f30a3d1958756e6c6554851c50beff34d678639463df9d1b360 woff2-devel-1.0.2-5.el8.aarch64.rpm 469ac0794b4cb1ab1c3480c407584cbfd028c41a56027d9c29bebf68b3483ef5 RLBA-2021:1587 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for librabbitmq. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms librabbitmq-devel-0.9.0-3.el8.aarch64.rpm 062252941bcfd69c109fe8a297c37596bc08359151ad7614276c5024629db899 RLBA-2021:1612 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for avahi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms avahi-compat-howl-0.7-20.el8.aarch64.rpm 5b4c3edd4f0167d2ee584c68ec876b444735afed90d9b4493be8b2198c950a2f avahi-compat-howl-devel-0.7-20.el8.aarch64.rpm 4f9e209c14bf141d9917ed2ff93ce7138dc193545399b867223a0a8fbe6df516 avahi-compat-libdns_sd-0.7-20.el8.aarch64.rpm 994f6f8bb7a45af3092b5fbebbfaf91aa82d3f79886cce0ff017f15b41cbc2b2 avahi-compat-libdns_sd-devel-0.7-20.el8.aarch64.rpm a19d9a3cf7cf7906a5a623b7420aeabeffb5d82a0bb04a16e73a29612fa5f68c avahi-devel-0.7-20.el8.aarch64.rpm 9c7d64d9f0566a3eda278833d9f5f4245d67c166637e2d1048f51ef033101862 avahi-glib-devel-0.7-20.el8.aarch64.rpm 24c2639cf117cebdf6e8ea0039af196f4ebeb250ddf99e553749fbaf591a2aaa avahi-gobject-devel-0.7-20.el8.aarch64.rpm f202dc252d7e22218a5e202ec45c68aa885112d1b84af4d6e50dbb4ff0febb5f avahi-ui-0.7-20.el8.aarch64.rpm 60a039445f2f0eba99582fa08541336678339dced48b16a719b74c6a90b44112 avahi-ui-devel-0.7-20.el8.aarch64.rpm b67f58cc3357148e1238eaa0719e43ab25192acc810982b92d7a249f267352f6 RLSA-2021:1627 TrouSerS is an implementation of the Trusted Computing Group's Software Stack (TSS) specification. TrouSerS enables the user to write applications that make use of the Trusted Platform Module (TPM) hardware. The following packages have been upgraded to a later upstream version: trousers (0.3.15). (BZ#1725782) Security Fix(es): * trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root (CVE-2020-24331) * trousers: tss user can be used to create or corrupt existing files, this could lead to DoS (CVE-2020-24332) * trousers: fails to drop the root gid privilege when no longer needed (CVE-2020-24330) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for trousers. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

TrouSerS is an implementation of the Trusted Computing Group's Software Stack (TSS) specification. TrouSerS enables the user to write applications that make use of the Trusted Platform Module (TPM) hardware. The following packages have been upgraded to a later upstream version: trousers (0.3.15). (BZ#1725782) Security Fix(es): * trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root (CVE-2020-24331) * trousers: tss user can be used to create or corrupt existing files, this could lead to DoS (CVE-2020-24332) * trousers: fails to drop the root gid privilege when no longer needed (CVE-2020-24330) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms trousers-devel-0.3.15-1.el8.aarch64.rpm 547cf97a0d331e57887d783c5392e85ef70e58e6dd98306101db7a2a18120a6a RLBA-2021:1628 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for tpm-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms tpm-tools-devel-1.3.9.2-1.el8.aarch64.rpm 2d5fc1eb59830b2f1c278ff7766fd2bccb9f4fd0fb5f4bed6e816abd800bf4fe RLBA-2021:1689 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for librepo, librhsm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms librhsm-devel-0.0.3-4.el8.aarch64.rpm 2b657d230d11a7d2bb7b26b22eeff8dc9adff54bb577279f6b8c88cc39bb33e3 RLEA-2021:1712 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libpcap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libpcap-devel-1.9.1-5.el8.aarch64.rpm 8d57af5c12dbf04882c43eb68c423e1ac65e0fae309d2562f9e46172a02e6c45 RLEA-2021:1720 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ima-evm-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ima-evm-utils-devel-1.3.2-12.el8.aarch64.rpm b03137efb42dd9df637a718e5be3f303bb9b1742138eeb8c29393eaf4311dbbb RLBA-2021:1731 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for userspace-rcu. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms userspace-rcu-devel-0.10.1-4.el8.aarch64.rpm 9feb7f8b3cbf197e236522f051da0430de530f16a4d568cae0f26437a4478135 RLBA-2021:3594 The libdb packages provide the Berkeley Database, an embedded database supporting both traditional and client/server applications. Bug Fix(es) and Enhancement(s): * [FJ8.4 Bug]: [REG]The rpm command hangs and the CPU usage reaches 100% (BZ#2001972) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libdb packages provide the Berkeley Database, an embedded database supporting both traditional and client/server applications. Bug Fix(es) and Enhancement(s): * [FJ8.4 Bug]: [REG]The rpm command hangs and the CPU usage reaches 100% (BZ#2001972) rocky-linux-8-aarch64-powertools-rpms libdb-cxx-5.3.28-42.el8_4.aarch64.rpm 1f287a8485fd6ba35a6f9c9c759f7411e6724cea7ea67c87e58357087f2b466f libdb-cxx-devel-5.3.28-42.el8_4.aarch64.rpm 72a4362de15c13453dda3bf8cc2c0782c583c302b390270b88cf3d0a2d4e696f libdb-sql-5.3.28-42.el8_4.aarch64.rpm c5cf5c1261dca953db4c11f8c4ae888d05c97691b1b7d73cfc9f98680717c13e libdb-sql-devel-5.3.28-42.el8_4.aarch64.rpm e5f06c20a11a00c96fc2725ca4e2483ed07b2c3f8e1a28aeb83c620d02eb3668 RLBA-2021:4371 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libxcrypt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libxcrypt-static-4.1.1-6.el8.aarch64.rpm e541c616e57e4b1f370758a6769e75bc337dba9d818e06d35045ea8a5bdff928 RLSA-2021:4373 PCRE is a Perl-compatible regular expression library. Security Fix(es): * pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 (CVE-2019-20838) * pcre: Integer overflow when parsing callout numeric arguments (CVE-2020-14155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for pcre. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

PCRE is a Perl-compatible regular expression library. Security Fix(es): * pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 (CVE-2019-20838) * pcre: Integer overflow when parsing callout numeric arguments (CVE-2020-14155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms pcre-static-8.42-6.el8.aarch64.rpm 7e897d5f423bd097c5b2d9a9a65e4ce5f116332d97db706783d7675bb6913b98 RLBA-2021:4377 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for quota. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms quota-devel-4.04-14.el8.aarch64.rpm de5c04e197e1fa1a441791c8d9c778c548daa3f0a618f999df322606384b95dd RLSA-2021:4381 GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gdm (40.0), webkit2gtk3 (2.32.3). (BZ#1909300) Security Fix(es): * webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution (CVE-2020-13558) * LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp (CVE-2020-24870) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918) * webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-1788) * webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789) * webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799) * webkitgtk: IFrame sandboxing policy violation (CVE-2021-1801) * webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844) * webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870) * webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1871) * webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (CVE-2021-21775) * webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution (CVE-2021-21779) * webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806) * webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663) * webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665) * webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682) * webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689) * webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720) * webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734) * webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack (CVE-2021-30744) * webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30749) * webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30795) * webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797) * webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30799) * webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623) * gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (CVE-2020-36241) * gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix) (CVE-2021-28650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for gnome-shell-extensions, webkit2gtk3, LibRaw, gnome-settings-daemon, gsettings-desktop-schemas, gnome-autoar, mutter, accountsservice, gnome-control-center, gnome-online-accounts, gnome-shell, gtk3, gdm, vino, gnome-software, gnome-session, gnome-calculator. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gdm (40.0), webkit2gtk3 (2.32.3). (BZ#1909300) Security Fix(es): * webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution (CVE-2020-13558) * LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp (CVE-2020-24870) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918) * webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-1788) * webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789) * webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799) * webkitgtk: IFrame sandboxing policy violation (CVE-2021-1801) * webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844) * webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870) * webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1871) * webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (CVE-2021-21775) * webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution (CVE-2021-21779) * webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806) * webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663) * webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665) * webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682) * webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689) * webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720) * webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734) * webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack (CVE-2021-30744) * webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30749) * webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30795) * webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797) * webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30799) * webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623) * gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (CVE-2020-36241) * gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix) (CVE-2021-28650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gnome-software-devel-3.36.1-10.el8.aarch64.rpm b1fe1ce430a9186ef8f3da64f75aae7f0fc609c6ab31094014930355f82cef9c RLEA-2021:4405 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libmodulemd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libmodulemd-devel-2.13.0-1.el8.aarch64.rpm eccd05e816f2630ab8348bc544618a5dab6eddc2304b10423eb3cd449cffcdaf RLBA-2021:4412 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for mpitests, mvapich2, ucx, qperf, opensm, rpm-mpi-hooks, rdma-core, mstflint, libvma, openmpi, fabtests, perftest, libfabric, mpich. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms opensm-devel-3.3.24-1.el8.aarch64.rpm 9828e7587346eefa799b479e3799c0767c2ffb94b78b2cdad890fea4d8b89965 RLBA-2021:4446 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for iscsi-initiator-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms iscsi-initiator-utils-devel-6.2.1.4-4.git095f59c.el8.aarch64.rpm 033481967bfd8e23125b4a47dfa4da663c1e1046efc3a19402f484cb23c8805d RLBA-2021:4475 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for freeipmi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms freeipmi-devel-1.6.8-1.el8.aarch64.rpm 1cf47dd06f60d27f912a31285b49fbbd89847dc9dc440062d0607c0fe4715a93 RLBA-2021:4477 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for parted. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms parted-devel-3.2-39.el8.aarch64.rpm 0dc8c23dff9be5f0598da039402e558a98011f15f74aeaa9f12765f0c806b664 RLBA-2021:4483 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for OpenIPMI. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms OpenIPMI-devel-2.0.31-3.el8.aarch64.rpm 740976f572fbdb3a06e21e92ff16de27f9e060abf0421f5392c5a2c09b09c1e8 RLEA-2021:4488 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for hwloc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms hwloc-devel-2.2.0-3.el8.aarch64.rpm df96f75eb5aaa70af9c688a2fe7e64688e6abc23abb48d5c9c1bbc40cac13fe2 RLSA-2021:4510 The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fix(es): * lua: segmentation fault in getlocal and setlocal functions in ldebug.c (CVE-2020-24370) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for lua. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fix(es): * lua: segmentation fault in getlocal and setlocal functions in ldebug.c (CVE-2020-24370) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms lua-devel-5.3.4-12.el8.aarch64.rpm d7074e80409036c94b4af3cba4738f4bc7677fd403c87d5ab4cb7a189854b548 RLSA-2021:4513 The libsepol library provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy (the policy compiler) and similar tools, as well as by programs like load_policy that need to perform specific transformations on binary policies (for example, customizing policy boolean settings). Security Fix(es): * libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36084) * libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36085) * libsepol: use-after-free in cil_reset_classpermission() (CVE-2021-36086) * libsepol: heap-based buffer overflow in ebitmap_match_any() (CVE-2021-36087) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libsepol. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libsepol library provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy (the policy compiler) and similar tools, as well as by programs like load_policy that need to perform specific transformations on binary policies (for example, customizing policy boolean settings). Security Fix(es): * libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36084) * libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36085) * libsepol: use-after-free in cil_reset_classpermission() (CVE-2021-36086) * libsepol: heap-based buffer overflow in ebitmap_match_any() (CVE-2021-36087) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsepol-static-2.9-3.el8.aarch64.rpm 7e64f3cf5d6454ada316e380041c940c5e93622d27cc57b9043fb26c2703b25f RLEA-2022:2014 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for mpitests, ucx, rdma-core, mstflint, libvma, libpsm2, fabtests, openmpi, pmix, perftest, eth-tools, mpich, libfabric. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms pmix-devel-2.2.5-1.el8.aarch64.rpm c8463f6ed8c90aaeb9a7549dcd27bcc29f2abd23ba380c2bf1a6dbf2f87e3eb1 python3-mpich-3.4.2-1.el8.aarch64.rpm 4a49304075029ff3a6eb5aa11bd91c8b211f004ec5479fda1f7662e9658328e2 python3-openmpi-4.1.1-3.el8.aarch64.rpm 4efc4706dc706800490f4e52cb0aa1b2e618a3c7a21a1f5458135141fba7f132 RLBA-2022:2060 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for kmod. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms kmod-devel-25-19.el8.aarch64.rpm 3d6898dedcf7caf2eda69826d7836ac488a8765f06c0f6652796fe7e389e8cd0 RLBA-2022:2009 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ModemManager. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ModemManager-devel-1.18.2-1.el8.aarch64.rpm 96722b9fbab2b20238d4d0cacfb95dd6deb20e46bbf6798bb5d8df1dc1fe97f5 ModemManager-glib-devel-1.18.2-1.el8.aarch64.rpm 06ba03a40d9fcc01b4525e109f1b6fd84dc36e81316c7941315e3065dd50d61d RLBA-2022:2035 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libstoragemgmt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libstoragemgmt-devel-1.9.1-3.el8.aarch64.rpm e361bde333186ce60f0cb34bb547ef25bb99616b02638fc5f1cb8e2a4d51f171 RLBA-2022:2046 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libcomps. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libcomps-devel-0.1.18-1.el8.aarch64.rpm 138c9389a234be30a5787c8c29d66bf4ecd6abea004af1bf78b11b2d3e9bd276 RLBA-2022:2089 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for pcsc-lite. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms pcsc-lite-devel-1.9.5-1.el8.aarch64.rpm e2cf99fb4f88d7bf5511ea099b8fea4030aa3ee4d96f6ccdf6e6fb1423191a4d RLBA-2022:2099 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sysfsutils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsysfs-devel-2.1.0-25.el8.aarch64.rpm a75966ebfc47820152f09a39b645e7f215e8135c8676e9d77c07396f4fad88db RLBA-2022:2101 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libnftnl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libnftnl-devel-1.1.5-5.el8.aarch64.rpm b6790fa35eab8837569c109c2f486c9d139d2f0ccaeaf2f77da872b6aad78dc2 RLBA-2022:2117 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gpgme. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gpgme-devel-1.13.1-11.el8.aarch64.rpm 7ae86ed2d02b649eecf6e264e10ee92255a601637fb81b67a822aee5d3492fba gpgmepp-devel-1.13.1-11.el8.aarch64.rpm 849de0ad6405675f3edffedea5d096a508c8b37ebb19fb46965d7bce9c007229 qgpgme-devel-1.13.1-11.el8.aarch64.rpm 581ec1afcad28dd03e669e8a8f5535d865ba6e842636620f8a298e010097fb02 RLBA-2022:2118 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for texinfo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms texinfo-6.5-7.el8.aarch64.rpm e33bd3ab32d75e32a56c9a0e64bbb742421ac5287f007caa20583bf1fc08915b texinfo-tex-6.5-7.el8.aarch64.rpm 1c59ee6a8d6433caa4bfdeecf9606ff6ef3b352f491ed6d10827b3e865f74c3d RLSA-2022:4991 XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fix(es): * gzip: arbitrary-file-write vulnerability (CVE-2022-1271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for xz. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fix(es): * gzip: arbitrary-file-write vulnerability (CVE-2022-1271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms xz-lzma-compat-5.2.4-4.el8_6.aarch64.rpm 8b7f1dbc1caa00b21b52ff5d4a1862ea6d2a97bdc46056eae74dcc5bbd07f829 RLSA-2022:5809 The pcre2 package contains a new generation of the Perl Compatible Regular Expression libraries for implementing regular expression pattern matching using the same syntax and semantics as Perl. Security Fix(es): * pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c (CVE-2022-1586) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for pcre2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The pcre2 package contains a new generation of the Perl Compatible Regular Expression libraries for implementing regular expression pattern matching using the same syntax and semantics as Perl. Security Fix(es): * pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c (CVE-2022-1586) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms pcre2-tools-10.32-3.el8_6.aarch64.rpm d6369bf74c05cc12866b0213c16dc0217fb02b3cef7f1c0c5598fce237c623d4 RLBA-2022:5815 The bash packages provide Bash (Bourne-again shell), which is the default shell for Rocky Linux. Bug Fix(es) and Enhancement(s): * Segfault in 'buffered_getchar()' function in bash (BZ#2097659) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for bash. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The bash packages provide Bash (Bourne-again shell), which is the default shell for Rocky Linux. Bug Fix(es) and Enhancement(s): * Segfault in 'buffered_getchar()' function in bash (BZ#2097659) rocky-linux-8-aarch64-powertools-rpms bash-devel-4.4.20-4.el8_6.aarch64.rpm 9577d3838b3a1b018850ddd4b50ae41258f97521b7ec55a8bb6144b1e0dcb6fa RLSA-2022:7089 KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Security Fix(es): * libksba: integer overflow may lead to remote code execution (CVE-2022-3515) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for libksba. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Security Fix(es): * libksba: integer overflow may lead to remote code execution (CVE-2022-3515) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libksba-devel-1.3.5-8.el8_6.aarch64.rpm ea375b017b32e8a122599ad5f51e85157f6c468225ba425e1e698b60f591376e RLBA-2022:7107 GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Bug Fix(es) and Enhancement(s): * Add --interface-info-[body|header] modes to gdbus-codegen. (BZ#2124615) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for glib2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Bug Fix(es) and Enhancement(s): * Add --interface-info-[body|header] modes to gdbus-codegen. (BZ#2124615) rocky-linux-8-aarch64-powertools-rpms glib2-static-2.56.4-158.el8_6.1.aarch64.rpm 0f8a19b268e0fe16bd451aa6559ef625a0065c97b255f4ba78f423921b3f5948 RLBA-2022:7116 The libsemanage library provides an API for the manipulation of SELinux binary policies. It is used by the checkpolicy compiler and similar utilitlies, as well as by programs such as load_policy, which must perform specific transformations on binary policies, such as customizing policy Boolean settings. Bug Fix(es) and Enhancement(s): * libsemanage's check_ext_changes doesn't pick up boolean changes (BZ#2129139) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libsemanage. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libsemanage library provides an API for the manipulation of SELinux binary policies. It is used by the checkpolicy compiler and similar utilitlies, as well as by programs such as load_policy, which must perform specific transformations on binary policies, such as customizing policy Boolean settings. Bug Fix(es) and Enhancement(s): * libsemanage's check_ext_changes doesn't pick up boolean changes (BZ#2129139) rocky-linux-8-aarch64-powertools-rpms libsemanage-devel-2.9-9.el8.aarch64.rpm e3b68ccbc3625edefb7633a642bdc7e72c106c57caccc262292706b5a77737ae RLBA-2022:7682 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for babeltrace. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libbabeltrace-devel-1.5.4-4.el8.aarch64.rpm cf260410671ee1ecc3aa3ce1ec886016a5b3bcc51ea5bd6e855472d4be0e85ab python3-babeltrace-1.5.4-4.el8.aarch64.rpm 2b615b9a5132f0453cfb604114e7beca67a40457c165022bf46c956325be345e RLSA-2022:7683 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * off-path attacker may inject data or terminate victim's TCP session (CVE-2020-36516) * race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference (CVE-2020-36558) * use-after-free vulnerability in function sco_sock_sendmsg() (CVE-2021-3640) * memory leak for large arguments in video_usercopy function in drivers/media/v4l2-core/v4l2-ioctl.c (CVE-2021-30002) * smb2_ioctl_query_info NULL Pointer Dereference (CVE-2022-0168) * NULL pointer dereference in udf_expand_file_adinicbdue() during writeback (CVE-2022-0617) * swiotlb information leak with DMA_FROM_DEVICE (CVE-2022-0854) * uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM (CVE-2022-1016) * race condition in snd_pcm_hw_free leading to use-after-free (CVE-2022-1048) * use-after-free in tc_new_tfilter() in net/sched/cls_api.c (CVE-2022-1055) * use-after-free and memory errors in ext4 when mounting and operating on a corrupted image (CVE-2022-1184) * NULL pointer dereference in x86_emulate_insn may lead to DoS (CVE-2022-1852) * buffer overflow in nft_set_desc_concat_parse() (CVE-2022-2078) * nf_tables cross-table potential use-after-free may lead to local privilege escalation (CVE-2022-2586) * openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() (CVE-2022-2639) * use-after-free when psi trigger is destroyed while being polled (CVE-2022-2938) * net/packet: slab-out-of-bounds access in packet_recvmsg() (CVE-2022-20368) * possible to use the debugger to write zero into a location of choice (CVE-2022-21499) * Spectre-BHB (CVE-2022-23960) * Post-barrier Return Stack Buffer Predictions (CVE-2022-26373) * memory leak in drivers/hid/hid-elo.c (CVE-2022-27950) * double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c (CVE-2022-28390) * use after free in SUNRPC subsystem (CVE-2022-28893) * use-after-free due to improper update of reference count in net/sched/cls_u32.c (CVE-2022-29581) * DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c (CVE-2022-36946) * nfs_atomic_open() returns uninitialized data instead of ENOTDIR (CVE-2022-24448) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * off-path attacker may inject data or terminate victim's TCP session (CVE-2020-36516) * race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference (CVE-2020-36558) * use-after-free vulnerability in function sco_sock_sendmsg() (CVE-2021-3640) * memory leak for large arguments in video_usercopy function in drivers/media/v4l2-core/v4l2-ioctl.c (CVE-2021-30002) * smb2_ioctl_query_info NULL Pointer Dereference (CVE-2022-0168) * NULL pointer dereference in udf_expand_file_adinicbdue() during writeback (CVE-2022-0617) * swiotlb information leak with DMA_FROM_DEVICE (CVE-2022-0854) * uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM (CVE-2022-1016) * race condition in snd_pcm_hw_free leading to use-after-free (CVE-2022-1048) * use-after-free in tc_new_tfilter() in net/sched/cls_api.c (CVE-2022-1055) * use-after-free and memory errors in ext4 when mounting and operating on a corrupted image (CVE-2022-1184) * NULL pointer dereference in x86_emulate_insn may lead to DoS (CVE-2022-1852) * buffer overflow in nft_set_desc_concat_parse() (CVE-2022-2078) * nf_tables cross-table potential use-after-free may lead to local privilege escalation (CVE-2022-2586) * openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() (CVE-2022-2639) * use-after-free when psi trigger is destroyed while being polled (CVE-2022-2938) * net/packet: slab-out-of-bounds access in packet_recvmsg() (CVE-2022-20368) * possible to use the debugger to write zero into a location of choice (CVE-2022-21499) * Spectre-BHB (CVE-2022-23960) * Post-barrier Return Stack Buffer Predictions (CVE-2022-26373) * memory leak in drivers/hid/hid-elo.c (CVE-2022-27950) * double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c (CVE-2022-28390) * use after free in SUNRPC subsystem (CVE-2022-28893) * use-after-free due to improper update of reference count in net/sched/cls_u32.c (CVE-2022-29581) * DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c (CVE-2022-36946) * nfs_atomic_open() returns uninitialized data instead of ENOTDIR (CVE-2022-24448) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms kernel-tools-libs-devel-4.18.0-425.3.1.el8.aarch64.rpm 5b01115a6957b5fc706fe62d039458f47849535f808be68948e60a84a872bb7e RLBA-2022:7684 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms glibc-benchtests-2.28-211.el8.aarch64.rpm 6d58852845479bb4735702a165301ef3fedad5024a6e028d5d2902d9d72ef382 glibc-nss-devel-2.28-211.el8.aarch64.rpm 999fe735c19b950dbb43c7b1e0b3c39ea3707e27089254cdace8265c51c91fa0 glibc-static-2.28-211.el8.aarch64.rpm ad6c9af9a16f201fa46bce989f24b6315facb49a9eaec8233085cf3fcc91bfcf nss_hesiod-2.28-211.el8.aarch64.rpm 9cb58e444a438c542542a72dffb9d29739774f61e9e9b83ff44667830b046499 RLBA-2022:7688 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gcc-plugin-devel-8.5.0-15.el8.aarch64.rpm 6d685cbc9a46104895773465cabbca140142fbf4a0d3ee969f9399e736a26a9f libstdc++-static-8.5.0-15.el8.aarch64.rpm a115c9dee155c0581c5a79141d187fc41ae9f8d18aa9de4540e21e04c8adfc8f RLSA-2022:7692 XML-RPC is a remote procedure call (RPC) protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC (remote procedure call) over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Security Fix(es): * expat: Integer overflow in doProlog in xmlparse.c (CVE-2021-46143) * expat: Integer overflow in addBinding in xmlparse.c (CVE-2022-22822) * expat: Integer overflow in build_model in xmlparse.c (CVE-2022-22823) * expat: Integer overflow in defineAttribute in xmlparse.c (CVE-2022-22824) * expat: Integer overflow in lookup in xmlparse.c (CVE-2022-22825) * expat: Integer overflow in nextScaffoldPart in xmlparse.c (CVE-2022-22826) * expat: Integer overflow in storeAtts in xmlparse.c (CVE-2022-22827) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for xmlrpc-c. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

XML-RPC is a remote procedure call (RPC) protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC (remote procedure call) over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Security Fix(es): * expat: Integer overflow in doProlog in xmlparse.c (CVE-2021-46143) * expat: Integer overflow in addBinding in xmlparse.c (CVE-2022-22822) * expat: Integer overflow in build_model in xmlparse.c (CVE-2022-22823) * expat: Integer overflow in defineAttribute in xmlparse.c (CVE-2022-22824) * expat: Integer overflow in lookup in xmlparse.c (CVE-2022-22825) * expat: Integer overflow in nextScaffoldPart in xmlparse.c (CVE-2022-22826) * expat: Integer overflow in storeAtts in xmlparse.c (CVE-2022-22827) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms xmlrpc-c-c++-1.51.0-8.el8.aarch64.rpm 1c3ff959e2aa3555371b626616ca80b634dd4a583e8f84448ffc254adc955f0a xmlrpc-c-client++-1.51.0-8.el8.aarch64.rpm 998c7865d6a57015886f966dc09437640c11d9faf096676ac90b6c2cd5000ef1 xmlrpc-c-devel-1.51.0-8.el8.aarch64.rpm 2b91f0d1bafe0b998dc97321d6447f45df9fc8ddaf50ad674dd9644831d3fcf5 RLBA-2022:7698 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for samba. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsmbclient-devel-4.16.4-2.el8.aarch64.rpm f1e2198e2093b2091fba8dacae92c15538a8842338ff3a63549cc942a7b9c921 libwbclient-devel-4.16.4-2.el8.aarch64.rpm 81903b7db0b76afd3a59dae306692a5bb0ec78cf126f3939703333977d772af3 samba-devel-4.16.4-2.el8.aarch64.rpm 1ce18783bd06580846a4b95cdf02d6d920ab9c2de2b87a22f3a02bbe9e9aab42 RLBA-2022:7707 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nftables. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms nftables-devel-0.9.3-26.el8.aarch64.rpm a56a2130f8aa38495cdf734e7d03f92fbe132fe8a480ba2bdedc4972996e6e2b RLBA-2022:7711 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libdnf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libdnf-devel-0.63.0-11.1.el8.aarch64.rpm bd59516bab7295b99375c1e12853f94aa99540559e018bdc911cb6f5c153d71c RLBA-2022:7713 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libsolv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsolv-devel-0.7.20-3.el8.aarch64.rpm 8ca1790650859d8fa60562eb9bea3ac5c27632265c1a314fbdf20daa76a36a6d libsolv-tools-0.7.20-3.el8.aarch64.rpm 231591cf858218021f38b73f149c78a9dd72ce0dfa452b3785cfb82b697e1046 RLBA-2022:7714 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for device-mapper-multipath. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms device-mapper-multipath-devel-0.8.4-28.el8.aarch64.rpm 2344d05507232dbb9c00ada8b3891b6cb55f464d327350cd3774d1184f946a80 RLBA-2022:7717 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for elfutils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms elfutils-devel-static-0.187-4.el8.aarch64.rpm 4bae4bb7ebdb02d4be7bb665a9897c1777e1299320bf722ee0af5dbf3dd60778 elfutils-libelf-devel-static-0.187-4.el8.aarch64.rpm 615958bb396115fd3956251a2a1843e92eae082e846edb8a95e2b7ad5c318bfd RLSA-2022:7720 The e2fsprogs packages provide a number of utilities for creating, checking, modifying, and correcting the ext2, ext3, and ext4 file systems. Security Fix(es): * e2fsprogs: out-of-bounds read/write via crafted filesystem (CVE-2022-1304) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for e2fsprogs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The e2fsprogs packages provide a number of utilities for creating, checking, modifying, and correcting the ext2, ext3, and ext4 file systems. Security Fix(es): * e2fsprogs: out-of-bounds read/write via crafted filesystem (CVE-2022-1304) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libss-devel-1.45.6-5.el8.aarch64.rpm 21f73ef3c5e6a717908c3b225e2764b008893e5237c9df19a884d20725fcc69f RLBA-2022:7724 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for zlib. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms zlib-static-1.2.11-20.el8.aarch64.rpm df0ff729403eb06f1544476865d5e314ee199ac2292c81560f1ed907b761be6f RLBA-2022:7731 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ding-libs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libbasicobjects-devel-0.1.1-40.el8.aarch64.rpm d1a16c194a5d50910c095ee107a3443a1239c93e7d320cf54294c2063e959163 libcollection-devel-0.7.0-40.el8.aarch64.rpm 07ff9c398956d0a3adbbcf40e255c0a014620795fa602030aedc872594f1e43f libini_config-devel-1.3.1-40.el8.aarch64.rpm 82a8a5dbb3749c8c08c6d5d38c476bd53732d82463a96be1098e3c1829388ebf libpath_utils-devel-0.2.1-40.el8.aarch64.rpm 759a59951593006ee40bcae07b7fc5814e1150accf4a9774905d08074d2fb81e libref_array-devel-0.1.5-40.el8.aarch64.rpm a1fec07db5c9ee6cfa5f73335efd3f471fefa6381c6e13070983553d268b4d5d RLSA-2022:7730 The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb (2.5.2). (BZ#2077484) Security Fix(es): * samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request (CVE-2022-32746) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libldb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb (2.5.2). (BZ#2077484) Security Fix(es): * samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request (CVE-2022-32746) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3-ldb-devel-2.5.2-2.el8.aarch64.rpm 20ed79affadecd7b04d7337e2269d590fc0f25ab9b6001dd875dc563a876f768 python-ldb-devel-common-2.5.2-2.el8.aarch64.rpm 5f4098d0c57e6c38ccbd0b277882adf10c10dd59d2007f405ccd3fa3e52e8241 RLBA-2022:7735 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for bluez. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms bluez-libs-devel-5.63-1.el8.aarch64.rpm 9864aa8c8cbe75c84f75fdb81504e94f93540af06f73d55c76942ea6cee211f8 RLBA-2022:7737 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for opencryptoki. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms opencryptoki-devel-3.18.0-3.el8.aarch64.rpm 0d9213a2c66345bab707ad84d529821541d825e2a1dcee08cea92ac2a0e26f16 RLBA-2022:7752 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for iproute. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms iproute-devel-5.18.0-1.el8.aarch64.rpm 80ed895917d1f6d9426fa2d12564d9bd5bf7981cb9d60d50d8ecdcc533e5d6e9 RLBA-2022:7757 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sg3_utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms sg3_utils-devel-1.44-6.el8.aarch64.rpm df0409adc7e1ef13b2694178fdf741005b468a2c422d6dc207c845a3e5ceb1c9 RLBA-2022:7760 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ndctl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms daxctl-devel-71.1-4.el8.aarch64.rpm d5eed906f475779a804fbfb0dc2dccd24762197707da4d5757260dda63c42d67 ndctl-devel-71.1-4.el8.aarch64.rpm d5d856b1b7778bdb19cdc1178ff436ed4942f23d2fff9916ed9f25a06dd70d2a RLBA-2022:7767 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libbpf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libbpf-devel-0.5.0-1.el8.aarch64.rpm 778b4bdbc64e11a4cec8abddb9f04bc7c20801cc82179b2d73cf78165403dd4f libbpf-static-0.5.0-1.el8.aarch64.rpm d8d93fe728658e8357f5cbfeac7fa1ffd05925090a19dc3f347d8dba79c9a32e RLBA-2022:7768 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nfs-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libnfsidmap-devel-2.3.3-57.el8.aarch64.rpm cd2a9e6a0d1dca5a8fb1a8a74de5977e5c5d75a988c531d63d7e3c963cd674a5 RLBA-2022:7774 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sanlock. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms sanlock-devel-3.8.4-4.el8.aarch64.rpm 9d74a2ddba5a2178bf20962e11aab311d9e20cd7933f9f9962249ba5468de455 RLBA-2022:7780 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for librepo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms librepo-devel-1.14.2-3.el8.aarch64.rpm 1928eb0a8cfbccf380534dce43af9f05df3dea0192029f84e1848921038249b2 RLBA-2022:7783 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for util-linux. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libmount-devel-2.32.1-38.el8.aarch64.rpm cd68ef5a5764de0399aab711f2794bfc144dc0cecb007112c4f0002eea8f29b8 RLBA-2022:7786 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libselinux. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libselinux-static-2.9-6.el8.aarch64.rpm 46ea96a3a539b00a656bfd7d2226ac0c9c8351c55dc1f89acd36576ea3e92010 RLBA-2022:7788 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libarchive. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libarchive-devel-3.3.3-4.el8.aarch64.rpm 2b7028c3d90c5a480895c6487062d77ecffaeb2809c042ea092718cfa726c249 RLBA-2022:7792 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for lvm2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms device-mapper-devel-1.02.181-6.el8.aarch64.rpm beaaba258ffca016a1f45386505b04b2b8773ea7772e3394bd30c5a5c80a3f50 device-mapper-event-devel-1.02.181-6.el8.aarch64.rpm 794116a151399702cce2a2878d5d167bfd9b2c5bea2fb6b717ea067c04925bbd lvm2-devel-2.03.14-6.el8.aarch64.rpm 5dbe585c0e524a4927a626b25ef387415160f840b89e0a57737e78f40359a8a4 RLBA-2022:7794 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for shadow-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms shadow-utils-subid-devel-4.6-17.el8.aarch64.rpm a7a33f64077adb33913093f7c1d692eab90e0ea4c9b6c9d2e0767c72ee644b2a RLEA-2022:7797 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ucx, rdma-core, mstflint, libvma, fabtests, eth-tools, libfabric. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libfabric-devel-1.15.1-1.el8.aarch64.rpm 85e619d955fe927962cc13396e7f5c542e0c8759efb87d5885e8c04e48a99ecb RLBA-2022:7800 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for tpm2-abrmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms tpm2-abrmd-devel-2.3.3-3.el8.aarch64.rpm 3e1eba85059d6d4cf4dc5c20eff4619b7f604d17701fce881023a186fc215e66 RLBA-2022:7802 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for liblockfile. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms liblockfile-devel-1.14-2.el8.aarch64.rpm 28f5d398d669e4d48fa5373bbec28ae4a463cb7df4bb780ba31391b22e6e5c46 RLBA-2022:7803 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libtalloc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3-talloc-devel-2.3.3-2.el8.aarch64.rpm 047a908eccf73b68180f4542d28f08d9d1be0d8c560cb6057682cf15a8c7d519 RLBA-2022:7804 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libsemanage. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsemanage-devel-2.9-9.el8.aarch64.rpm e3b68ccbc3625edefb7633a642bdc7e72c106c57caccc262292706b5a77737ae RLBA-2022:7808 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for file. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms file-devel-5.33-21.el8.aarch64.rpm 48bc33073c2ae622a2e1989ddb9c6946245a39ae85835e59cdb804d6de2130bd RLBA-2022:7809 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libpwquality. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libpwquality-devel-1.4.4-5.el8.aarch64.rpm 1baff486601cdbb9410c43d87090d216f20472fec783d00ee3f7bbd5f9f6f3ad RLBA-2022:7828 NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es) and Enhancement(s): * Host ip changed when start vm (BZ#2132285) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for NetworkManager. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es) and Enhancement(s): * Host ip changed when start vm (BZ#2132285) rocky-linux-8-aarch64-powertools-rpms NetworkManager-libnm-devel-1.40.0-2.el8_7.aarch64.rpm d6afd57538d2cc032f255630faf9e154f45b87f07a029b73db172b959977bb04 RLBA-2022:7829 The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Bug Fix(es) and Enhancement(s): * Cannot SSH with AD user to ipa-client (`krb5_validate` and `pac_check` settings conflict) (BZ#2128544) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Bug Fix(es) and Enhancement(s): * Cannot SSH with AD user to ipa-client (`krb5_validate` and `pac_check` settings conflict) (BZ#2128544) rocky-linux-8-aarch64-powertools-rpms libsss_nss_idmap-devel-2.7.3-4.el8_7.1.aarch64.rpm 876fb14ca6ee70e7b6765a8c5ba645a22ff88456304b416f660290d56c48f376 RLSA-2022:7928 The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fix(es): * device-mapper-multipath: Regression of CVE-2022-41974 fix in Rocky Linux (CVE-2022-3787) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for device-mapper-multipath. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fix(es): * device-mapper-multipath: Regression of CVE-2022-41974 fix in Rocky Linux (CVE-2022-3787) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms device-mapper-multipath-devel-0.8.4-28.el8_7.1.aarch64.rpm dbf51d30037ea66cf5cae876c220600dd2324c3ab4efb4ff07fe7f77c1bf0610 RLBA-2022:9028 The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Bug Fix(es) and Enhancement(s): * Transaction picks old build to satisfy dependencies (BZ#2151895) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libsolv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Bug Fix(es) and Enhancement(s): * Transaction picks old build to satisfy dependencies (BZ#2151895) rocky-linux-8-aarch64-powertools-rpms libsolv-devel-0.7.20-4.el8_7.aarch64.rpm 1549de2fad1909d79db33b77b810a8a853bf9d344db6524129a04799ebd5aa8e libsolv-tools-0.7.20-4.el8_7.aarch64.rpm d79e51fd10c11fb718a68d23f2f439ebda6bac29e7cc1b71b07956708eb25835 RLBA-2023:0086 The opencryptoki packages contain version 2.11 of the PKCS#11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor (with the PKCS#11 firmware loaded), the IBM eServer Cryptographic Accelerator (FC 4960 on IBM eServer System p), the IBM Crypto Express2 (FC 0863 or FC 0870 on IBM System z), and the IBM CP Assist for Cryptographic Function (FC 3863 on IBM System z). The opencryptoki packages also bring a software token implementation that can be used without any cryptographic hardware. These packages contain the Slot Daemon (pkcsslotd) and general utilities. Bug Fix(es) and Enhancement(s): * Rocky Linux8.7 - opencryptoki C_GenerateKeyPair() fails after generating > 500 RSA keys with CEX7 crypto cards (BZ#2129059) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for opencryptoki. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The opencryptoki packages contain version 2.11 of the PKCS#11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor (with the PKCS#11 firmware loaded), the IBM eServer Cryptographic Accelerator (FC 4960 on IBM eServer System p), the IBM Crypto Express2 (FC 0863 or FC 0870 on IBM System z), and the IBM CP Assist for Cryptographic Function (FC 3863 on IBM System z). The opencryptoki packages also bring a software token implementation that can be used without any cryptographic hardware. These packages contain the Slot Daemon (pkcsslotd) and general utilities. Bug Fix(es) and Enhancement(s): * Rocky Linux8.7 - opencryptoki C_GenerateKeyPair() fails after generating > 500 RSA keys with CEX7 crypto cards (BZ#2129059) rocky-linux-8-aarch64-powertools-rpms opencryptoki-devel-3.18.0-5.el8_7.aarch64.rpm cb33cf1fac3fa4e85b8942a9e33bf832288d20b7f44252c45aba45332e8cfba1 RLBA-2023:0090 The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Bug Fix(es) and Enhancement(s): * Rocky Linux8.4 - zlib: inflate() does not update strm.adler if DFLTCC is used (BZ#2137336) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for zlib. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Bug Fix(es) and Enhancement(s): * Rocky Linux8.4 - zlib: inflate() does not update strm.adler if DFLTCC is used (BZ#2137336) rocky-linux-8-aarch64-powertools-rpms zlib-static-1.2.11-21.el8_7.aarch64.rpm 12cc9827423e4069ebd337fa1c112c930c058124ac2e55e4cab628467a5428e7 RLBA-2023:0098 NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es) and Enhancement(s): * crio occasionally fails to start during deployment (BZ#2132281) * DNS servers are not sorted according to priority in resolv.conf (BZ#2135733) * Hostname is not configured during IPI installation of OpenShift 4.10.3 on baremetal when using NMState and static IP config for a bond network interface. (BZ#2152891) * NMCLI OVS connections intermittently get stuck in "activating" state after power cycle or crash (BZ#2153429) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for NetworkManager. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Bug Fix(es) and Enhancement(s): * crio occasionally fails to start during deployment (BZ#2132281) * DNS servers are not sorted according to priority in resolv.conf (BZ#2135733) * Hostname is not configured during IPI installation of OpenShift 4.10.3 on baremetal when using NMState and static IP config for a bond network interface. (BZ#2152891) * NMCLI OVS connections intermittently get stuck in "activating" state after power cycle or crash (BZ#2153429) rocky-linux-8-aarch64-powertools-rpms NetworkManager-libnm-devel-1.40.0-5.el8_7.aarch64.rpm c6e59e50faaa8759aae5dbe09873b268b011423858f1f405ac8a70c4beacdf33 RLSA-2023:0101 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964) * kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Rocky Linux8.4 - zfcp: fix missing auto port scan and thus missing target ports (BZ#2127849) * vfio zero page mappings fail after 2M instances (BZ#2128515) * ice: Driver Update up to 5.19 (BZ#2130992) * atlantic: missing hybernate/resume fixes (BZ#2131935) * Bluefield 2 DPU would crash and reboot due to a kernel panic (BZ#2134084) * Fix issue that enables STABLE_WRITES by default and causes performance regressions (BZ#2135813) * ice: Intel E810 PTP clock glitching (BZ#2136036) * ice: configure link-down-on-close on and change interface mtu to 9000,the interface can't up (BZ#2136216) * ice: dump additional CSRs for Tx hang debugging (BZ#2136513) * ice,iavf: system panic during sriov sriov_test_cntvf_reboot testing (BZ#2137270) * After upgrading to ocp4.11.1, our dpdk application using vlan strip offload is not working (BZ#2138157) * i40e: orphaned-leaky memory when interacting with driver memory parameters (BZ#2138205) * WARNING: CPU: 0 PID: 9637 at kernel/time/hrtimer.c:1309 hrtimer_start_range_ns+0x35d/0x400 (BZ#2138953) * DELL EMC 8.6-RT: System is not booting into RT Kernel with perc12. (BZ#2139216) * Lenovo 8.7: The VGA display shows no signal when install Rocky Linux8.7 (BZ#2140152) * Host Pod -> NodePort Service traffic (Host Backend - Same Node) Flow Iperf Cannot Pass Traffic (BZ#2141878) * mlx5_core: mlx5_cmd_check messages scrolling with hardware offload enabled (BZ#2141957) * net/ice: VIRTCHNL_OP_CONFIG_VSI_QUEUES command handling failure with in-tree driver (BZ#2142017) * Rocky Linux:8.6+ IBM Partner issue - Loopback driver with ABORT_TASKS causing hangs in scsi eh, this bug was cloned for Rocky Linux8.6 and need this patch in 8.6+ (BZ#2144583) * AMdCLIENT 8.8: The kernel command line parameter "nomodeset" not working properly (BZ#2145218) * Path loss during Volume Ownership Change on Rocky Linux 8.7 SAS (BZ#2147374) * net/ice: OP_SET_RSS_HENA command not supported with in-tree driver (BZ#2148130) * iavf panic: iavf 0000:ca:01.0: Failed to init adminq: -53 (BZ#2149081) * Intel 8.8 iavf: Driver Update (bugfixes) (BZ#2149742) * Azure Rocky Linux-8 PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (BZ#2150912) * Rocky Linux-8.7: System fails to boot with soft lockup while loading/unloading an unsigned (E) kernel module. (BZ#2152206) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964) * kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Rocky Linux8.4 - zfcp: fix missing auto port scan and thus missing target ports (BZ#2127849) * vfio zero page mappings fail after 2M instances (BZ#2128515) * ice: Driver Update up to 5.19 (BZ#2130992) * atlantic: missing hybernate/resume fixes (BZ#2131935) * Bluefield 2 DPU would crash and reboot due to a kernel panic (BZ#2134084) * Fix issue that enables STABLE_WRITES by default and causes performance regressions (BZ#2135813) * ice: Intel E810 PTP clock glitching (BZ#2136036) * ice: configure link-down-on-close on and change interface mtu to 9000,the interface can't up (BZ#2136216) * ice: dump additional CSRs for Tx hang debugging (BZ#2136513) * ice,iavf: system panic during sriov sriov_test_cntvf_reboot testing (BZ#2137270) * After upgrading to ocp4.11.1, our dpdk application using vlan strip offload is not working (BZ#2138157) * i40e: orphaned-leaky memory when interacting with driver memory parameters (BZ#2138205) * WARNING: CPU: 0 PID: 9637 at kernel/time/hrtimer.c:1309 hrtimer_start_range_ns+0x35d/0x400 (BZ#2138953) * DELL EMC 8.6-RT: System is not booting into RT Kernel with perc12. (BZ#2139216) * Lenovo 8.7: The VGA display shows no signal when install Rocky Linux8.7 (BZ#2140152) * Host Pod -> NodePort Service traffic (Host Backend - Same Node) Flow Iperf Cannot Pass Traffic (BZ#2141878) * mlx5_core: mlx5_cmd_check messages scrolling with hardware offload enabled (BZ#2141957) * net/ice: VIRTCHNL_OP_CONFIG_VSI_QUEUES command handling failure with in-tree driver (BZ#2142017) * Rocky Linux:8.6+ IBM Partner issue - Loopback driver with ABORT_TASKS causing hangs in scsi eh, this bug was cloned for Rocky Linux8.6 and need this patch in 8.6+ (BZ#2144583) * AMdCLIENT 8.8: The kernel command line parameter "nomodeset" not working properly (BZ#2145218) * Path loss during Volume Ownership Change on Rocky Linux 8.7 SAS (BZ#2147374) * net/ice: OP_SET_RSS_HENA command not supported with in-tree driver (BZ#2148130) * iavf panic: iavf 0000:ca:01.0: Failed to init adminq: -53 (BZ#2149081) * Intel 8.8 iavf: Driver Update (bugfixes) (BZ#2149742) * Azure Rocky Linux-8 PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (BZ#2150912) * Rocky Linux-8.7: System fails to boot with soft lockup while loading/unloading an unsigned (E) kernel module. (BZ#2152206) rocky-linux-8-aarch64-powertools-rpms kernel-tools-libs-devel-4.18.0-425.10.1.el8_7.aarch64.rpm 7dc47f3b792b17656cadf22417d942b1b7b9bf3536a0977d63bbe6329ef37092 RLBA-2023:0105 The util-linux packages contain a large variety of low-level system utilities necessary for a Linux system to function. Among others, these include the libuuid and uuidd daemon. Bug Fix(es) and Enhancement(s): * Add --cont-clock feature for libuuid and uuidd [Rocky Linux-8] (BZ#2143252) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for util-linux. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The util-linux packages contain a large variety of low-level system utilities necessary for a Linux system to function. Among others, these include the libuuid and uuidd daemon. Bug Fix(es) and Enhancement(s): * Add --cont-clock feature for libuuid and uuidd [Rocky Linux-8] (BZ#2143252) rocky-linux-8-aarch64-powertools-rpms libmount-devel-2.32.1-39.el8_7.aarch64.rpm 32beacfdb1dd7fffeff53b90bacbce2af561f804d2ddaacfedab540f21c019cf RLBA-2023:0106 The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Bug Fix(es) and Enhancement(s): * The ">>" operator of std::normal_distribution does not work properly. (BZ#2144075) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Bug Fix(es) and Enhancement(s): * The ">>" operator of std::normal_distribution does not work properly. (BZ#2144075) rocky-linux-8-aarch64-powertools-rpms gcc-plugin-devel-8.5.0-16.el8_7.aarch64.rpm f9da081971fd8bfaaf4c5e0d01025ac0ac85ac68fb6f9e508e73e00b7f920055 libstdc++-static-8.5.0-16.el8_7.aarch64.rpm af475e1a7ce587ad14fa18c36815eb6293bacbb4c5589ee4f95de16b72aeb8e3 RLBA-2023:0124 The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Bug Fix(es) and Enhancement(s): * Analyzer: Optimize and remove duplicate messages in verbose list (BZ#2139871) * SSSD: `sssctl analyze` command shouldn't require 'root' privileged (BZ#2142961) * UPN check cannot be disabled explicitly but requires krb5_validate = false' as a work-around (BZ#2148989) * authenticating against external IdP services okta (native app) with OAuth client secret failed (BZ#2152883) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Bug Fix(es) and Enhancement(s): * Analyzer: Optimize and remove duplicate messages in verbose list (BZ#2139871) * SSSD: `sssctl analyze` command shouldn't require 'root' privileged (BZ#2142961) * UPN check cannot be disabled explicitly but requires krb5_validate = false' as a work-around (BZ#2148989) * authenticating against external IdP services okta (native app) with OAuth client secret failed (BZ#2152883) rocky-linux-8-aarch64-powertools-rpms libsss_nss_idmap-devel-2.7.3-4.el8_7.3.aarch64.rpm ec11e1052c6e74eb492cb44a6510b49e3371b32bfabcf6074736c4f7c04b039b RLSA-2019:2722 The libwmf packages provide a library for reading and converting Windows Metafile Format (WMF) vector graphics. The library is used by applications such as GIMP and ImageMagick. Security Fix(es): * gd: double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c (CVE-2019-6978) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for libwmf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libwmf packages provide a library for reading and converting Windows Metafile Format (WMF) vector graphics. The library is used by applications such as GIMP and ImageMagick. Security Fix(es): * gd: double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c (CVE-2019-6978) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libwmf-devel-0.2.9-8.el8_0.aarch64.rpm 717b1b76322bba8a1d02acfdb5f08ed3e55db4b62289095fd446f41e8e7421ff RLBA-2019:3411 This update fixes two issues in lttng-ust and subpackages. There was a bad shebang in the /usr/bin/lttng-gen-tp utility that prevented users from executing it. This issue has been fixed. lttng-ust was only available for x86_64 architectures. lttng-ust is now available for all architectures supported on Rocky Linux. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for lttng-ust. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

This update fixes two issues in lttng-ust and subpackages. There was a bad shebang in the /usr/bin/lttng-gen-tp utility that prevented users from executing it. This issue has been fixed. lttng-ust was only available for x86_64 architectures. lttng-ust is now available for all architectures supported on Rocky Linux. rocky-linux-8-aarch64-powertools-rpms lttng-ust-devel-2.8.1-11.el8.aarch64.rpm 09615b2f23fca15b7599e297aa89a3c1a8573619350f8fcd2502da18805d6a34 RLBA-2019:3449 GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-dyninst packages to Rocky Enterprise Software Foundation Eneterprise Linux 8. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documented in the GCC Toolset 9 chapter. For detailed changes in this release, see the Rocky Linux 8.1 Release Notes. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gcc-toolset-9-dyninst. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-dyninst packages to Rocky Enterprise Software Foundation Eneterprise Linux 8. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documented in the GCC Toolset 9 chapter. For detailed changes in this release, see the Rocky Linux 8.1 Release Notes. rocky-linux-8-aarch64-powertools-rpms gcc-toolset-9-dyninst-devel-10.1.0-1.el8.aarch64.rpm ce191ce5e105a9dc6ba0f919f4e34a6a2a4fd872c4499cd99beca03b65180a30 gcc-toolset-9-dyninst-doc-10.1.0-1.el8.aarch64.rpm aaf0e9ef84ac71789aa0b8dfb5bfb712f4a9b4ab4fef4e4cab6e8c44afacd4d2 gcc-toolset-9-dyninst-static-10.1.0-1.el8.aarch64.rpm 864b0fcce1c5d4ac3fbb71ae345e2e51fc67d1786f51998cbe1be30baecdc420 gcc-toolset-9-dyninst-testsuite-10.1.0-1.el8.aarch64.rpm 39ca6894d36b34eac5f291bf34a984c89be38b0cbdf61a0ef054f22f5752a30f RLBA-2019:3462 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libcdio. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libcdio-devel-2.0.0-3.el8.aarch64.rpm 564e95a76c78f88225bd431cb4b8dbe36a060a18f81589ecda633323195bfdbc RLBA-2019:3490 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ldns. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ldns-devel-1.7.0-21.el8.aarch64.rpm 8dbbc08ded1fcaed06fb469a89eacd62f76b7454ef226f9526d47daaa5330dc3 RLEA-2019:3557 For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for cmocka, nss_wrapper, uid_wrapper, socket_wrapper. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libcmocka-1.1.5-1.el8.aarch64.rpm 92cbca5860fc91a59e88658d92996f9394b52398bd76acd65e36cb1bd387bd77 libcmocka-devel-1.1.5-1.el8.aarch64.rpm d7dafcccc8cdeb114eefc277565bc0048883d3896514728368392175c39339b7 socket_wrapper-1.2.3-1.el8.aarch64.rpm fd06ef4a6fe6adedd2c0d1fdf71ff159745b43e256e846368768af6e283e1dec uid_wrapper-1.2.4-4.el8.aarch64.rpm c3e1b6eac7dfbfd6b60f0c47f8be3f00c777d9e519d46dc1524f7eda1d350af8 RLSA-2019:3703 The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis, a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed format for audio and music at fixed and variable bitrates. Security Fix(es): * libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392) * libvorbis: stack buffer overflow in bark_noise_hybridmp function (CVE-2018-10393) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for libvorbis. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis, a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed format for audio and music at fixed and variable bitrates. Security Fix(es): * libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392) * libvorbis: stack buffer overflow in bark_noise_hybridmp function (CVE-2018-10393) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libvorbis-devel-1.3.6-2.el8.aarch64.rpm 45b27f8070d22a81e24a5710eb61b29c0c7abeef076529d2ecaeda1acb566366 RLSA-2019:3708 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.17), galera (25.3.26). (BZ#1701687, BZ#1711265, BZ#1741358) Security Fix(es): * mysql: InnoDB unspecified vulnerability (CPU Jan 2019) (CVE-2019-2510) * mysql: Server: DDL unspecified vulnerability (CPU Jan 2019) (CVE-2019-2537) * mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) (CVE-2019-2614) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) (CVE-2019-2627) * mysql: InnoDB unspecified vulnerability (CPU Apr 2019) (CVE-2019-2628) * mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) (CVE-2019-2737) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) (CVE-2019-2739) * mysql: Server: XML unspecified vulnerability (CPU Jul 2019) (CVE-2019-2740) * mysql: InnoDB unspecified vulnerability (CPU Jul 2019) (CVE-2019-2758) * mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) (CVE-2019-2805) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for asio, Judy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.17), galera (25.3.26). (BZ#1701687, BZ#1711265, BZ#1741358) Security Fix(es): * mysql: InnoDB unspecified vulnerability (CPU Jan 2019) (CVE-2019-2510) * mysql: Server: DDL unspecified vulnerability (CPU Jan 2019) (CVE-2019-2537) * mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) (CVE-2019-2614) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) (CVE-2019-2627) * mysql: InnoDB unspecified vulnerability (CPU Apr 2019) (CVE-2019-2628) * mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) (CVE-2019-2737) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) (CVE-2019-2739) * mysql: Server: XML unspecified vulnerability (CPU Jul 2019) (CVE-2019-2740) * mysql: InnoDB unspecified vulnerability (CPU Jul 2019) (CVE-2019-2758) * mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) (CVE-2019-2805) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__mariadb-devel asio-devel-1.10.8-7.module+el8.5.0+777+18007c86.aarch64.rpm cf505dedb0f59a8623402e4faef396217633715710cbe58ef949d1c3b2779a2b RLSA-2020:1577 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 (0.27.2). (BZ#1651917) Security Fix(es): * exiv2: infinite loop and hang in Jp2Image::readMetadata() in jp2image.cpp could lead to DoS (CVE-2019-20421) * exiv2: null pointer dereference in the Exiv2::DataValue::toLong function in value.cpp (CVE-2017-18005) * exiv2: Excessive memory allocation in Exiv2::Jp2Image::readMetadata function in jp2image.cpp (CVE-2018-4868) * exiv2: assertion failure in BigTiffImage::readData in bigtiffimage.cpp (CVE-2018-9303) * exiv2: divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp (CVE-2018-9304) * exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9305) * exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file (CVE-2018-10772) * exiv2: information leak via a crafted file (CVE-2018-11037) * exiv2: buffer overflow in samples/geotag.cpp (CVE-2018-14338) * exiv2: heap-based buffer overflow in Exiv2::d2Data in types.cpp (CVE-2018-17229) * exiv2: heap-based buffer overflow in Exiv2::ul2Data in types.cpp (CVE-2018-17230) * exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash (CVE-2018-17282) * exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service (CVE-2018-17581) * exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp (CVE-2018-18915) * exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp (CVE-2018-19107) * exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp (CVE-2018-19108) * exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp (CVE-2018-19535) * exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp (CVE-2018-19607) * exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service (CVE-2018-20096) * exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function (CVE-2018-20097) * exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20098) * exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20099) * exiv2: infinite recursion in Exiv2::Image::printTiffStructure in file image.cpp resulting in denial of service (CVE-2019-9143) * exiv2: denial of service in PngImage::readMetadata (CVE-2019-13109) * exiv2: integer overflow in WebPImage::decodeChunks leads to denial of service (CVE-2019-13111) * exiv2: uncontrolled memory allocation in PngChunk::parseChunkContent causing denial of service (CVE-2019-13112) * exiv2: invalid data location in CRW image file causing denial of service (CVE-2019-13113) * exiv2: null-pointer dereference in http.c causing denial of service (CVE-2019-13114) * exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9306) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libgexiv2, gnome-color-manager, gegl, exiv2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 (0.27.2). (BZ#1651917) Security Fix(es): * exiv2: infinite loop and hang in Jp2Image::readMetadata() in jp2image.cpp could lead to DoS (CVE-2019-20421) * exiv2: null pointer dereference in the Exiv2::DataValue::toLong function in value.cpp (CVE-2017-18005) * exiv2: Excessive memory allocation in Exiv2::Jp2Image::readMetadata function in jp2image.cpp (CVE-2018-4868) * exiv2: assertion failure in BigTiffImage::readData in bigtiffimage.cpp (CVE-2018-9303) * exiv2: divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp (CVE-2018-9304) * exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9305) * exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file (CVE-2018-10772) * exiv2: information leak via a crafted file (CVE-2018-11037) * exiv2: buffer overflow in samples/geotag.cpp (CVE-2018-14338) * exiv2: heap-based buffer overflow in Exiv2::d2Data in types.cpp (CVE-2018-17229) * exiv2: heap-based buffer overflow in Exiv2::ul2Data in types.cpp (CVE-2018-17230) * exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash (CVE-2018-17282) * exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service (CVE-2018-17581) * exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp (CVE-2018-18915) * exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp (CVE-2018-19107) * exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp (CVE-2018-19108) * exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp (CVE-2018-19535) * exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp (CVE-2018-19607) * exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service (CVE-2018-20096) * exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function (CVE-2018-20097) * exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20098) * exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20099) * exiv2: infinite recursion in Exiv2::Image::printTiffStructure in file image.cpp resulting in denial of service (CVE-2019-9143) * exiv2: denial of service in PngImage::readMetadata (CVE-2019-13109) * exiv2: integer overflow in WebPImage::decodeChunks leads to denial of service (CVE-2019-13111) * exiv2: uncontrolled memory allocation in PngChunk::parseChunkContent causing denial of service (CVE-2019-13112) * exiv2: invalid data location in CRW image file causing denial of service (CVE-2019-13113) * exiv2: null-pointer dereference in http.c causing denial of service (CVE-2019-13114) * exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9306) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libgexiv2-devel-0.10.8-4.el8.aarch64.rpm 1ed9e22b26142d0dfb723c54115db96a3d20fe0344f299f735f67f6cb65cafd7 RLEA-2020:1607 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for http-parser. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms http-parser-devel-2.8.0-9.el8.aarch64.rpm 310395243967fb34ff1618f9325450b293ef702229992d790b69648754c47778 RLEA-2020:1611 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for xkeyboard-config, libevdev, libxkbcommon. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libxkbcommon-x11-devel-0.9.1-1.el8.aarch64.rpm 7620a5fd0b1703d77cd5c443726218caf7c54d774f1c7053aaf90f83bbd04f50 RLSA-2020:1616 Irssi is a modular IRC client with Perl scripting. Security Fix(es): * irssi: use after free when sending SASL login to server (CVE-2019-13045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for irssi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Irssi is a modular IRC client with Perl scripting. Security Fix(es): * irssi: use after free when sending SASL login to server (CVE-2019-13045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms irssi-devel-1.1.1-3.el8.aarch64.rpm 0517be3e3827c8c69c705d0a59041666de8bc9ce5e156808acf474f7ae880b1e RLBA-2020:1622 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for python-greenlet. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3-greenlet-devel-0.4.13-4.el8.aarch64.rpm 655d1e8316c6de9f5e8f8c0d9dc00cf09cf905c0a16c00d077ce7891c0cbfe10 RLSA-2020:1631 The GStreamer library provides a streaming media framework based on graphs of media data filters. The libmad package is an MPEG audio decoder capable of 24-bit output. Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Security Fix(es): * libmad: Double-free in the mad_decoder_run() function (CVE-2018-7263) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for libmad, gstreamer1-plugins-ugly-free, gstreamer1-plugins-bad-free, SDL2, orc, gstreamer1. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The GStreamer library provides a streaming media framework based on graphs of media data filters. The libmad package is an MPEG audio decoder capable of 24-bit output. Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Security Fix(es): * libmad: Double-free in the mad_decoder_run() function (CVE-2018-7263) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gstreamer1-plugins-bad-free-devel-1.16.1-1.el8.aarch64.rpm 0d830525b1eb12640fa39d43fab21ab1175dd3c50c2c20acf2b788fbe19d9763 libmad-devel-0.15.1b-25.el8.aarch64.rpm db9a0f107a6ddfd5ccfcd8abcfcf15baa139948521060956e3f77afd1f5d20e1 SDL2-2.0.10-2.el8.aarch64.rpm 404e875dd408a78e46de20ef1169db6fd90c0916e5ecbdfc569d1dc550b5ad02 SDL2-devel-2.0.10-2.el8.aarch64.rpm 7d8c0e9098d177cfed198c506bec92fc4da9b170ef62196ce95d704841da612f SDL2-static-2.0.10-2.el8.aarch64.rpm e83d1792909781afde7c1848a0142c03c4ccd3fe169778c9563fc6b255957d58 RLBA-2020:1633 For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libepoxy, wayland, libxcb, mesa-libGLw, wayland-protocols, libXpm, xorg-x11-drv-libinput, pixman, xorg-x11-drv-wacom. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms xorg-x11-drv-libinput-devel-0.29.0-1.el8.aarch64.rpm 2134a6b8972c02cc14535af8814b609c3318e1e42a3a30674c456d24bc5ae951 xorg-x11-drv-wacom-devel-0.38.0-1.el8.aarch64.rpm dfdb8fd54b56c3d5bce942fc342929d6f9923235de25102cba2159f073b89a04 RLSA-2020:1686 The libmspack packages contain a library providing compression and extraction of the Cabinet (CAB) file format used by Microsoft. Security Fix(es): * libmspack: buffer overflow in function chmd_read_headers() (CVE-2019-1010305) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for libmspack. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libmspack packages contain a library providing compression and extraction of the Cabinet (CAB) file format used by Microsoft. Security Fix(es): * libmspack: buffer overflow in function chmd_read_headers() (CVE-2019-1010305) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libmspack-devel-0.7-0.3.alpha.el8.4.aarch64.rpm 24c40ae57e3c09c3b8c49f8b71d6041d22dc39f181d5c3f73c94992c1f4a2a8b RLBA-2020:1743 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for librevenge. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.2 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms librevenge-devel-0.0.4-12.el8.aarch64.rpm a9a13d6de5e0213fe4ac2fdb800da153c1cec091b804d67a13b4f900f6abdc56 RLSA-2020:4629 The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fix(es): * libvpx: Double free in ParseContentEncodingEntry() in mkvparser.cc (CVE-2019-2126) * libvpx: Out of bounds read in vp8_norm table (CVE-2019-9232) * libvpx: Resource exhaustion after memory leak in mkvparser.cc (CVE-2019-9371) * libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c (CVE-2019-9433) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libvpx. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fix(es): * libvpx: Double free in ParseContentEncodingEntry() in mkvparser.cc (CVE-2019-2126) * libvpx: Out of bounds read in vp8_norm table (CVE-2019-9232) * libvpx: Resource exhaustion after memory leak in mkvparser.cc (CVE-2019-9371) * libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c (CVE-2019-9433) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libvpx-devel-1.7.0-8.el8.aarch64.rpm 970df117e089f32b13f6c5f92f7b160bb2664281a4b0bc0dfa72f0a7b16e9fdb RLBA-2020:4658 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for munge. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms munge-devel-0.5.13-2.el8.aarch64.rpm af41ee20f24b596b9ead774d629c99fd79b08931bda36d156a13918daca2ff82 RLBA-2020:4678 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for tog-pegasus. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms tog-pegasus-devel-2.14.1-46.el8.aarch64.rpm 5436c3477f75e5c2b314175911b77747f6672bd74c014981f34eb47e44c3b4e6 RLEA-2020:4700 For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for drpm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms drpm-devel-0.4.1-3.el8.aarch64.rpm 670afe0006731a1965d56df01104a6b4fea219a714470e02b56d0b8d150de0f0 RLEA-2020:4742 For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libXft, xorg-x11-xkb-utils, xorg-x11-xtrans-devel, xorg-x11-drv-intel, libvdpau, libxkbfile, libXxf86dga, libXau, libXrandr, xorg-x11-proto-devel, xorg-x11-util-macros, libXext, libXi, libXdmcp, libXmu, libXvMC, mesa-demos, xorg-x11-drv-ati. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libvdpau-devel-1.4-2.el8.aarch64.rpm 6d15badc349ea2ebfa002851e677d222480af05439f9e025a8792a2a429ea134 libXdmcp-devel-1.1.3-1.el8.aarch64.rpm 706cfcd9ae3a844e230107446d69da31103f8a39828d7861b1ae98ab5057df7a libxkbfile-devel-1.1.0-1.el8.aarch64.rpm 241c4553b7eff5d8861ece65637674b0f4365d84eddf5c7bca5e41a7762fbde1 libXvMC-devel-1.0.12-1.el8.aarch64.rpm f8bfe60eb3c2ba2563a36a17198cd8132c4fbf8690530bb747b2a7ae1eac3801 xorg-x11-xkb-utils-devel-7.7-28.el8.aarch64.rpm 20f22666886d9014ca0a05d1b14379a8f1c7188ac07fcca929057c133ef49a42 RLBA-2020:4773 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libgit2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libgit2-devel-0.26.8-2.el8.aarch64.rpm 268ae57f0529f7bcd507a675e0688f1f4df8ba1f30ee441d3184c223c3236754 RLSA-2020:4827 Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fix(es): * oniguruma: NULL pointer dereference in match_at() in regexec.c (CVE-2019-13225) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for oniguruma. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fix(es): * oniguruma: NULL pointer dereference in match_at() in regexec.c (CVE-2019-13225) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms oniguruma-devel-6.8.2-2.el8.aarch64.rpm 81f179af8b164e5e629f678746f876c1d4e3020c3da2b8ee0759b1df159824e7 RLBA-2020:4832 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for torque. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms torque-4.2.10-25.el8.aarch64.rpm 6d3c084a7d443f19fe243c8f29614497bfd5b5095c40726b13f0c7654de0547f torque-devel-4.2.10-25.el8.aarch64.rpm fa38f4d2ce5272566d9c72004cd0af46b3fe59db4d7eccb59d2601fab8df1534 RLBA-2020:4834 GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-10-systemtap packages to Rocky Enterprise Software Foundation Eneterprise Linux 8. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documented in the GCC Toolset 10 chapter. For detailed changes in this release, see the Rocky Linux 8.3 Release Notes. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gcc-toolset-9-gcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-10-systemtap packages to Rocky Enterprise Software Foundation Eneterprise Linux 8. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documented in the GCC Toolset 10 chapter. For detailed changes in this release, see the Rocky Linux 8.3 Release Notes. rocky-linux-8-aarch64-powertools-rpms gcc-toolset-9-gcc-plugin-devel-9.2.1-2.3.el8.aarch64.rpm 5fa7d0188c7a18facadf318e3ad521a7881a4aca6ee7e9990a19bbfba41b121a RLSA-2020:5393 The libexif packages provide a library for extracting extra information from image files. Security Fix(es): * libexif: out of bounds write due to an integer overflow in exif-entry.c (CVE-2020-0452) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for libexif. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libexif packages provide a library for extracting extra information from image files. Security Fix(es): * libexif: out of bounds write due to an integer overflow in exif-entry.c (CVE-2020-0452) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libexif-devel-0.6.22-5.el8_3.aarch64.rpm e7ba6cee81a8b9768a63dc4a5e87da987a776eed65d80c0f5499fe2ac0e39f1e RLSA-2021:1242 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.28), galera (25.3.32). Security Fix(es): * mariadb: writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user (CVE-2021-27928) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for Judy, asio, mariadb, galera. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.28), galera (25.3.32). Security Fix(es): * mariadb: writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user (CVE-2021-27928) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms__mariadb-devel asio-devel-1.10.8-7.module+el8.5.0+777+18007c86.aarch64.rpm cf505dedb0f59a8623402e4faef396217633715710cbe58ef949d1c3b2779a2b RLBA-2021:1765 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for brltty. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms brlapi-devel-0.6.7-32.el8.aarch64.rpm a6d62ffb9e55959c97698b4e4d7def2bef8e52a3a0033f2d797a39281a1369cf RLSA-2021:1789 GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible. GSSDP implements resource discovery and announcement over SSDP and is part of gUPnP. The following packages have been upgraded to a later upstream version: gssdp (1.0.5), gupnp (1.0.6). (BZ#1846589, BZ#1861928) Security Fix(es): * hostapd: UPnP SUBSCRIBE misbehavior in WPS AP (CVE-2020-12695) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for gssdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible. GSSDP implements resource discovery and announcement over SSDP and is part of gUPnP. The following packages have been upgraded to a later upstream version: gssdp (1.0.5), gupnp (1.0.6). (BZ#1846589, BZ#1861928) Security Fix(es): * hostapd: UPnP SUBSCRIBE misbehavior in WPS AP (CVE-2020-12695) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gssdp-devel-1.0.5-1.el8.aarch64.rpm 1745159b79ada50f976c3adbbad26006067698a81bd9ee6ceb4b75a49c4751b6 RLBA-2021:1802 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gnome-bluetooth. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gnome-bluetooth-libs-devel-3.34.3-1.el8.aarch64.rpm a7d6bfc6ce91eef7e95543f247950c9ff828683780988bf52f3213e5eaab0fc7 RLSA-2021:1811 LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Security Fix(es): * libvncserver: uninitialized memory contents are vulnerable to Information Leak (CVE-2018-21247) * libvncserver: buffer overflow in ConnectClientToUnixSock() (CVE-2019-20839) * libvncserver: libvncserver/rfbregion.c has a NULL pointer dereference (CVE-2020-14397) * libvncserver: libvncclient/rfbproto.c does not limit TextChat size (CVE-2020-14405) * libvncserver: libvncserver/rfbserver.c has a divide by zero which could result in DoS (CVE-2020-25708) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libvncserver. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Security Fix(es): * libvncserver: uninitialized memory contents are vulnerable to Information Leak (CVE-2018-21247) * libvncserver: buffer overflow in ConnectClientToUnixSock() (CVE-2019-20839) * libvncserver: libvncserver/rfbregion.c has a NULL pointer dereference (CVE-2020-14397) * libvncserver: libvncclient/rfbproto.c does not limit TextChat size (CVE-2020-14405) * libvncserver: libvncserver/rfbserver.c has a divide by zero which could result in DoS (CVE-2020-25708) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libvncserver-devel-0.9.11-17.el8.aarch64.rpm 84fefcd7b8af33b230572ed8144ef2222b605901f6aa1e80384c4f78668e7823 RLBA-2021:1848 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dconf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms dconf-devel-0.28.0-4.el8.aarch64.rpm 34c1abe1e86ecd00e0c563624a4e384b152497147d9e3fb0efa4d9be7c1d4a8d RLBA-2021:1858 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sendmail. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms sendmail-milter-devel-8.15.2-34.el8.aarch64.rpm 88b70c902ff88b631a2e9cc09e508bed32356952f8104b5d3bc7de8894493ef6 RLBA-2021:1902 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for uuid. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms uuid-devel-1.6.2-43.el8.aarch64.rpm 5ae0a87cf13d0715fc43f8d7fa9021fab858b0e3d2238b8e3df9d27e63226882 RLBA-2021:1903 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for pulseaudio, twolame. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms twolame-devel-0.3.13-12.el8.aarch64.rpm 053bbd7eb4b205a87ea99005bcf183deb6b5528c3dade77219329e87b56a37b3 RLBA-2021:1912 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ilmbase. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ilmbase-devel-2.2.0-13.el8.aarch64.rpm d542958699aa081830c29779d3202c2d97616a9d3d852a4bf37f3f48511d4700 RLBA-2021:1914 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libsmi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsmi-devel-0.4.8-23.el8.aarch64.rpm 6610118fc229d6f337a12fffd846b4dbab0c8a229d821b25b933b36286794b5e RLEA-2021:1919 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. This enhancement update adds the python39:3.9 module to Rocky Linux 8. (BZ#1877430) For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-toml, python-urllib3, PyYAML, python-attrs, python-iniconfig, python-requests, mod_wsgi, python3x-pip, python-py, python-chardet, python-pluggy, Cython, python-psutil, python-wcwidth, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python39, python-cffi, python3x-setuptools, pybind11, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. This enhancement update adds the python39:3.9 module to Rocky Linux 8. (BZ#1877430) For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__python39-devel python39-Cython-0.29.21-5.module+el8.4.0+574+843c4898.aarch64.rpm 637ec2d61a3f84c6a3c79abe7c5ffd13fd5b02ba0acb854b25fecd6e8edf0282 RLSA-2021:1924 The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Security Fix(es): * spice: Client initiated renegotiation denial of service (CVE-2021-20201) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for spice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Security Fix(es): * spice: Client initiated renegotiation denial of service (CVE-2021-20201) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms spice-server-devel-0.14.3-4.el8.aarch64.rpm 447055e1b7d90779f6ae72d39329caa23940f61c06716d8b5371909ecf471bda RLSA-2021:2363 GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible. Security Fix(es): * gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services (CVE-2021-33516) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for gupnp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible. Security Fix(es): * gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services (CVE-2021-33516) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms gupnp-devel-1.0.6-2.el8_4.aarch64.rpm bccfbbf9c0b00cc129fedbdea11a20f75f3327a21e96aa78a9f8efe12f8e114d RLSA-2021:3075 libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fix(es): * libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes (CVE-2021-22918) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for libuv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fix(es): * libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes (CVE-2021-22918) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libuv-devel-1.41.1-1.el8_4.aarch64.rpm 6bbf153e378f816dd56229036eab5bb49495c64ba254b5fdef7f41dd35ed8cdf RLSA-2021:4160 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Information disclosure via pydoc (CVE-2021-3426) * python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733) * python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957) * python-ipaddress: Improper input validation of octal strings (CVE-2021-29921) * python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503) * python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572) * python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-toml, python-urllib3, PyYAML, python-attrs, python-iniconfig, python-requests, mod_wsgi, python3x-pip, python-py, python-chardet, python-pluggy, Cython, python-psutil, python-wcwidth, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python39, python-cffi, python3x-setuptools, pybind11, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Information disclosure via pydoc (CVE-2021-3426) * python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733) * python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957) * python-ipaddress: Improper input validation of octal strings (CVE-2021-29921) * python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503) * python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572) * python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__python39-devel python39-Cython-0.29.21-5.module+el8.4.0+574+843c4898.aarch64.rpm 637ec2d61a3f84c6a3c79abe7c5ffd13fd5b02ba0acb854b25fecd6e8edf0282 RLBA-2021:4180 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for evolution, evolution-ews, evolution-mapi, evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms evolution-devel-3.28.5-18.el8.aarch64.rpm 160a173056e2d96fa0352390a61ca83d3aaff33bea3bd48591db64fc6798cd03 RLBA-2021:4219 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libevdev, libinput. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libevdev-devel-1.10.0-1.el8.aarch64.rpm a7ff1a93aa3e55bdb6c611d7a339c89b0d47d60d631daf43b011750b436c35ee RLBA-2021:4224 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libwacom. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libwacom-devel-1.6-3.el8.aarch64.rpm 00599d4e15c2e5f8990a4c342276af3c5d9fe57ab0f06bbfec8dcb6ecd242f42 RLSA-2021:4235 JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix(es): * jasper: Heap-based buffer overflow in cp_create() in jpc_enc.c (CVE-2020-27828) * jasper: Heap-based buffer over-read in jp2_decode() in jp2_dec.c (CVE-2021-3272) * jasper: Out of bounds read in jp2_decode() in jp2_dec.c (CVE-2021-26926) * jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (CVE-2021-26927) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for jasper. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix(es): * jasper: Heap-based buffer overflow in cp_create() in jpc_enc.c (CVE-2020-27828) * jasper: Heap-based buffer over-read in jp2_decode() in jp2_dec.c (CVE-2021-3272) * jasper: Out of bounds read in jp2_decode() in jp2_dec.c (CVE-2021-26926) * jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (CVE-2021-26927) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms jasper-devel-2.0.14-5.el8.aarch64.rpm 42b6247aa324c1d0971be0f6d0f6a0104c9ea6b2f3c5955d9478bdf11da62c12 RLSA-2021:4256 Graphviz is open-source graph-visualization software. Graph visualization is a way of representing structural information as diagrams of abstract graphs and networks. It has important applications in networking, bioinformatics, software engineering, database and web design, machine learning, and in visual interfaces for other technical domains. Security Fix(es): * graphviz: off-by-one in parse_reclbl() in lib/common/shapes.c (CVE-2020-18032) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for graphviz. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Graphviz is open-source graph-visualization software. Graph visualization is a way of representing structural information as diagrams of abstract graphs and networks. It has important applications in networking, bioinformatics, software engineering, database and web design, machine learning, and in visual interfaces for other technical domains. Security Fix(es): * graphviz: off-by-one in parse_reclbl() in lib/common/shapes.c (CVE-2020-18032) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms graphviz-devel-2.40.1-43.el8.aarch64.rpm e8f9a469eb575b82b50f2892e2fc637ef3d935dfbc3df6b013ef462505cf9fcc graphviz-doc-2.40.1-43.el8.aarch64.rpm 6b420964f1d54eaf941baf5d431515c9b1a7e591e5d2874212040ec9a6f235e6 graphviz-gd-2.40.1-43.el8.aarch64.rpm a3ecff72598ecb0af52654fd58167f3cf1abdf4f661f446e2d51eccab5b90a33 graphviz-python3-2.40.1-43.el8.aarch64.rpm 88b448ea959cc1d9e7f45bd2d91451941e223f4717d0766c72195267249c57aa RLBA-2021:4285 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libvoikko. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libvoikko-devel-4.1.1-3.el8.aarch64.rpm 1c026b74e3c4a16b888eff60c715c8a8c6d68c2ea034ebe728c3f55b89b5fecf RLSA-2021:4288 The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fix(es): * libjpeg-turbo: Stack-based buffer overflow in the "transform" component (CVE-2020-17541) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libjpeg-turbo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fix(es): * libjpeg-turbo: Stack-based buffer overflow in the "transform" component (CVE-2020-17541) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms turbojpeg-devel-1.5.3-12.el8.aarch64.rpm 5610aaabea7aa735fe03c5d92682eb19fdca152b5531935f1bbd675b7f82a803 RLEA-2021:4289 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sblim-gather. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms sblim-gather-provider-2.2.9-24.el8.aarch64.rpm 50d0397b99581cfa39cda47bf7ff23d05049a2216cd607ae3b3a6ad419a56f8e RLSA-2021:4316 The zziplib is a lightweight library to easily extract data from zip files. Security Fix(es): * zziplib: infinite loop via the return value of zzip_file_read() as used in unzzip_cat_file() (CVE-2020-18442) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for zziplib. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The zziplib is a lightweight library to easily extract data from zip files. Security Fix(es): * zziplib: infinite loop via the return value of zzip_file_read() as used in unzzip_cat_file() (CVE-2020-18442) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms zziplib-devel-0.13.68-9.el8.aarch64.rpm 72c80fe409252deb20805308f540e0383c072ef322b74bf3286d12d1419c1f08 RLEA-2021:4335 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for tesseract. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms tesseract-devel-4.1.1-2.el8.aarch64.rpm 8655d566fc5d0d054b85c8b6e470bedb4ad468259606990eb889e451a49a869d RLSA-2021:4339 Grilo is a framework that provides access to different sources of multimedia content, using a pluggable system. The grilo package contains the core library and elements. Security Fix(es): * grilo: missing TLS certificate verification (CVE-2021-39365) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for grilo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Grilo is a framework that provides access to different sources of multimedia content, using a pluggable system. The grilo package contains the core library and elements. Security Fix(es): * grilo: missing TLS certificate verification (CVE-2021-39365) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms grilo-devel-0.3.6-3.el8.aarch64.rpm 656e62f99699d2a9df33d1f977e001c102525529538e52ab156ea7355d37ac1d RLBA-2021:4533 The Intelligent Input Bus (IBus) is an input method framework for multilingual input in Unix-like operating systems. Bug fix: * Previously, in GNOME Wayland desktop in Rocky Linux 8.5, the IBus emoji candidate pop-up was used with IBus UI and the selected candidate could not inserted into the target input focus smartly. With this update, the IBus emoji candidate pop-up is used with GNOME-Shell UI in GNOME Wayland desktop and the selected candidate is inserted into the input focus correctly. (BZ#2014064) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ibus. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Intelligent Input Bus (IBus) is an input method framework for multilingual input in Unix-like operating systems. Bug fix: * Previously, in GNOME Wayland desktop in Rocky Linux 8.5, the IBus emoji candidate pop-up was used with IBus UI and the selected candidate could not inserted into the target input focus smartly. With this update, the IBus emoji candidate pop-up is used with GNOME-Shell UI in GNOME Wayland desktop and the selected candidate is inserted into the input focus correctly. (BZ#2014064) rocky-linux-8-aarch64-powertools-rpms ibus-devel-1.5.19-14.el8_5.aarch64.rpm 3add74552412d440d8c82d2c6f0c125789e9a9c8c628920b3b2c757ccf2dadd1 RLSA-2021:4585 The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in gcc in order to facilitate detection of BiDi Unicode characters: This update implements a new warning option -Wbidirectional to warn about possibly dangerous bidirectional characters. There are three levels of warning supported by gcc: "-Wbidirectional=unpaired", which warns about improperly terminated BiDi contexts. (This is the default.) "-Wbidirectional=none", which turns the warning off. "-Wbidirectional=any", which warns about any use of bidirectional characters. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for gcc-toolset-10-gcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in gcc in order to facilitate detection of BiDi Unicode characters: This update implements a new warning option -Wbidirectional to warn about possibly dangerous bidirectional characters. There are three levels of warning supported by gcc: "-Wbidirectional=unpaired", which warns about improperly terminated BiDi contexts. (This is the default.) "-Wbidirectional=none", which turns the warning off. "-Wbidirectional=any", which warns about any use of bidirectional characters. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms gcc-toolset-10-gcc-plugin-devel-10.3.1-1.2.el8_5.aarch64.rpm e35680e5ad397a6e574e99b818be8e02c7fd2e1a44f6591e5a466e5e1768c718 RLSA-2022:0643 The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fix(es): * python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions (CVE-2022-22817) * python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c (CVE-2022-22816) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fix(es): * python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions (CVE-2022-22817) * python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c (CVE-2022-22816) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms python3-pillow-devel-5.1.1-18.el8_5.aarch64.rpm 6491d52a52cb495373090c90ee81c02d85adee6953096948733bb1a4c71d40bb python3-pillow-tk-5.1.1-18.el8_5.aarch64.rpm ad9d67a2d8db5b08af24dc4774159129d78f1ef37b72063613ac6dbb64cff9d0 RLBA-2022:1770 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for evince. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms evince-devel-3.28.4-16.el8.aarch64.rpm a5a0b3bbf4821181fd2825face6d563f652cbbb9544a00847a374f3cc8370857 RLBA-2022:1790 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libpinyin. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libpinyin-devel-2.2.0-2.el8.aarch64.rpm 596c414aea123caaf9c8268f418fba41810772bb12811be31e9c84a51dd4d71b RLBA-2022:1794 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libmemcached. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libmemcached-devel-1.0.18-17.el8.aarch64.rpm 7cb2819f3cf4ee64a2ebdb6c5edfe77fd6f735ff3f7b55fae0006cbe8680d338 RLBA-2022:1800 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for accountsservice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms accountsservice-devel-0.6.55-4.el8.aarch64.rpm bd7f5675377ea157ae393b9642feef8824d9dea87c7bbe104e9da92c4a035c4c RLBA-2022:1822 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ibus. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ibus-devel-1.5.19-14.el8_5.aarch64.rpm 3add74552412d440d8c82d2c6f0c125789e9a9c8c628920b3b2c757ccf2dadd1 RLBA-2022:1827 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for librdkafka. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms librdkafka-devel-0.11.4-3.el8.aarch64.rpm c8b3275584e963d6099df5d85375a15f2d92f705ed36d4c2d06fa336d3019317 RLSA-2022:1842 Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to a later upstream version: exiv2 (0.27.5). (BZ#2018422) Security Fix(es): * exiv2: stack exhaustion issue in the printIFDStructure function may lead to DoS (CVE-2020-18898) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for exiv2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to a later upstream version: exiv2 (0.27.5). (BZ#2018422) Security Fix(es): * exiv2: stack exhaustion issue in the printIFDStructure function may lead to DoS (CVE-2020-18898) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms exiv2-devel-0.27.5-2.el8.aarch64.rpm a1948a702760e298396197624ddf5de8ad443e4c66ab9f251041d2614998b047 RLBA-2022:1871 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for corosync. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms corosync-vqsim-3.1.5-2.el8.aarch64.rpm c7cdf0b3e7b881f844bbffc595bfbc1a223a3adf47ff6a62843b490a898e3eeb RLBA-2022:1895 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libecpg. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libecpg-devel-13.5-3.el8.aarch64.rpm f83edc444b2d82ca2a8cf88321e870a09fdc7063b0ecabe8f585ea5becbfb163 RLSA-2022:1763 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-toml, python-urllib3, PyYAML, python-attrs, python-iniconfig, python-requests, mod_wsgi, python3x-pip, python-py, python-chardet, python-pluggy, Cython, python-psutil, python-wcwidth, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python39, python-cffi, python3x-setuptools, pybind11, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__python39-devel python39-Cython-0.29.21-5.module+el8.4.0+574+843c4898.aarch64.rpm 637ec2d61a3f84c6a3c79abe7c5ffd13fd5b02ba0acb854b25fecd6e8edf0282 python39-pybind11-2.7.1-1.module+el8.6.0+795+de4edbcc.aarch64.rpm 57a56a33a3460213a62048ebf84d265c3eea23799c2dbd0fc532ccce3044c5cf python39-pybind11-devel-2.7.1-1.module+el8.6.0+795+de4edbcc.aarch64.rpm b6adb9f1239d13fe2a17f26ec0245f1650f4b103b0d5eb8e5310e6058254443e RLBA-2022:1769 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libgit2-glib. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libgit2-glib-devel-0.26.4-3.el8.aarch64.rpm 2579ed877e8b75ce137a05272b09fd9c2ced4b854d8a83842753d1fb32161568 RLBA-2022:1788 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for jq. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms jq-devel-1.6-3.el8.aarch64.rpm adec350bf750693db6cadbd62fcb6d14eaa5595262ad4299bf5ddb7520deafd5 RLSA-2022:1808 GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Security Fix(es): * aspell: Heap-buffer-overflow in acommon::ObjStack::dup_top (CVE-2019-25051) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for aspell. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Security Fix(es): * aspell: Heap-buffer-overflow in acommon::ObjStack::dup_top (CVE-2019-25051) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms aspell-devel-0.60.6.1-22.el8.aarch64.rpm e15dd4a12cb6b65f9890ae2297a8aacd132fa8db8efad8233c1a5ad9ec8f3d82 RLSA-2022:1820 The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies. Security Fix(es): * udisks2: insecure defaults in user-accessible mount helpers allow for a DoS (CVE-2021-3802) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for udisks2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies. Security Fix(es): * udisks2: insecure defaults in user-accessible mount helpers allow for a DoS (CVE-2021-3802) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libudisks2-devel-2.9.0-9.el8.aarch64.rpm 5c7ecb5f2a36f0e2a2b480bcd6c65d805d6704e5bb158a6eb679fccf210587a7 RLSA-2022:1861 Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central piece of information. Security Fix(es): * apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for apache-commons-io, atinject, maven-shared-utils, plexus-cipher, aopalliance, plexus-classworlds, glassfish-el, apache-commons-cli, guava20, plexus-containers, plexus-sec-dispatcher, httpcomponents-client, maven-resolver, jansi-native, apache-commons-logging, apache-commons-lang3, plexus-interpolation, sisu, httpcomponents-core, maven, cdi-api, jsoup, geronimo-annotation, google-guice, plexus-utils, slf4j, jboss-interceptors-1.2-api, maven-wagon, jansi, apache-commons-codec, hawtjni. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central piece of information. Security Fix(es): * apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__javapackages-tools jansi-native-1.7-7.module+el8.3.0+74+855e3f5d.aarch64.rpm 897f38e4749a81bb05c0c678d8ddb800d89bdab2ad06da19a644effb989c3547 RLBA-2022:1889 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for texlive. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms texlive-lib-devel-20180414-25.el8.aarch64.rpm 5db631dd1786b5247720949481d0819c9cb90c12fa3937939e7d6c4bbbb47fc7 RLBA-2022:1918 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for webrtc-audio-processing. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms webrtc-audio-processing-devel-0.3-10.el8.aarch64.rpm 0b01ae10630afaf01db449e2d53dbe214f5bdf3e9e6daddc228c9fce50b1f9e0 RLBA-2022:1944 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for netpbm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms netpbm-devel-10.82.00-7.el8.aarch64.rpm 2b481333c4884deef0e9f42b37a88170a018c6195d0cac926307e5d8fe7ede34 netpbm-doc-10.82.00-7.el8.aarch64.rpm d4ca161c0a10bdc76a1191c148d1bce3000fbc1da6302ca10b2a1629c9bd7d00 RLBA-2022:1949 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3-pillow-devel-5.1.1-18.el8_5.aarch64.rpm 6491d52a52cb495373090c90ee81c02d85adee6953096948733bb1a4c71d40bb python3-pillow-tk-5.1.1-18.el8_5.aarch64.rpm ad9d67a2d8db5b08af24dc4774159129d78f1ef37b72063613ac6dbb64cff9d0 RLSA-2022:1968 libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fix(es): * libsndfile: heap out-of-bounds read in src/flac.c in flac_buffer_copy (CVE-2021-4156) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libsndfile. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fix(es): * libsndfile: heap out-of-bounds read in src/flac.c in flac_buffer_copy (CVE-2021-4156) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsndfile-devel-1.0.28-12.el8.aarch64.rpm f7dee0d5eb29717555856f293c5c254ed76836715169bba439fbe3bca031c650 RLSA-2022:4798 The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven. Security Fix(es): * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for apache-commons-io, atinject, maven-shared-utils, plexus-cipher, aopalliance, plexus-classworlds, glassfish-el, apache-commons-cli, guava20, plexus-containers, plexus-sec-dispatcher, httpcomponents-client, maven-resolver, jansi-native, apache-commons-logging, apache-commons-lang3, plexus-interpolation, sisu, httpcomponents-core, maven, cdi-api, jsoup, geronimo-annotation, google-guice, plexus-utils, slf4j, jboss-interceptors-1.2-api, maven-wagon, jansi, apache-commons-codec, hawtjni. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven. Security Fix(es): * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms__javapackages-tools jansi-native-1.7-7.module+el8.3.0+74+855e3f5d.aarch64.rpm 897f38e4749a81bb05c0c678d8ddb800d89bdab2ad06da19a644effb989c3547 RLSA-2022:5331 libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. Security Fix(es): * libinput: format string vulnerability may lead to privilege escalation (CVE-2022-1215) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libinput. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. Security Fix(es): * libinput: format string vulnerability may lead to privilege escalation (CVE-2022-1215) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libinput-devel-1.16.3-3.el8_6.aarch64.rpm bde3d4d77bd661d9256d7f2dec8e7353274f7b5eeafbf0673704413b022668aa RLSA-2022:6911 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.110 and .NET Runtime 6.0.10. Security Fix(es): * dotnet: Nuget cache poisoning on Linux via world-writable cache directory (CVE-2022-41032) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.110 and .NET Runtime 6.0.10. Security Fix(es): * dotnet: Nuget cache poisoning on Linux via world-writable cache directory (CVE-2022-41032) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.110-1.el8_6.aarch64.rpm 5bd2d0f4ec1d3b7afde4d718fc4477b62eafffd021c77b619c7a5ca0b3de46db RLSA-2022:7006 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm b7d35d9f285a1b0dec58da3c3f4a0ffc7ebc591e4153249ebdccc04dd2a9d790 java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 18d16f2d145b0a74d9c5708123ebc80234856f31d9b12140ffad3f696018a54a java-1.8.0-openjdk-demo-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 19365b81c215dbecc57340be70effc577928ce7e948433336c1ee582bac02acc java-1.8.0-openjdk-demo-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 647d993682f191b54be44e034069c6b7c440095f92b6e9fb7570a0739577e108 java-1.8.0-openjdk-devel-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 70d11b21564ba0f9687a7ecffc2d7dd9f86fe6b1a875e3ffa57d3fa9f7708815 java-1.8.0-openjdk-devel-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 320d6c5f7d96eed48a774fb425120467c3de9d3b7dee221671acc71d649892ea java-1.8.0-openjdk-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 9d00ba06ee69c2f9777b452d779a8173ca4b3b5ee2e550359b6093ca0596de16 java-1.8.0-openjdk-headless-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm a551632ab45c43f2264420ffc7910ec143bb2b9b6d9311ea2ce9556630dee26f java-1.8.0-openjdk-headless-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 0fff96db56187df2caf62c76b6dfc2991037ff451380ea4e519df9e1f4f6f2e6 java-1.8.0-openjdk-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm e59b364a29f07f98415d5cd0279e46427b44814318240ab114b8f0a7becaf884 java-1.8.0-openjdk-src-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm fcc84852a012c72513ec52f6a95f336c04b1eef97d9378d23839a1061cf52ce2 java-1.8.0-openjdk-src-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm bc1bd795a4363451df05af031f89c05069f40dcdcc3ce17b6bb42ffbf629846c RLSA-2022:7000 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618) * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) * OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366) (CVE-2022-39399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 17.0.5) [Rocky Linux-8] (BZ#2132503) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-17-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618) * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) * OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366) (CVE-2022-39399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 17.0.5) [Rocky Linux-8] (BZ#2132503) rocky-linux-8-aarch64-powertools-rpms java-17-openjdk-demo-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm ea2fa9620d5fdf59ec35ae91c3a9504a1cc5945df7f5388b85b62a6acfb08591 java-17-openjdk-demo-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm b82445472ba4c355bb43a735b0e30b3de4f1a1b0cb62d4629ffe43674000da00 java-17-openjdk-devel-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm e7f53aacf380aecdc96d775b484133b1af4f3048155085469b3b01bc7ca21883 java-17-openjdk-devel-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm dfd70437d7de24c2cfb5a737bf268a53498ede87755d67e0e604e0782364cb6a java-17-openjdk-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 85886a5ec04b03a76028a2ff29eacff6fe1b38fcce02cd752865a11a534fabd0 java-17-openjdk-headless-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 6b589a87fb9877b12254dffb2788d0535c0318bc2706255cc39fa52c0e883f5d java-17-openjdk-headless-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 590a2d579c7cca0c42f90f87b0778917ab4e85d16f996095e66c669b60a4d393 java-17-openjdk-jmods-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm f99f1112311b2ea10a2ab159169aafc99024148a3c550858386c33e48606d76f java-17-openjdk-jmods-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 12e71a0739f2651eab6357b88dfbd2f1f5d00d7261067d91b5afc226e1a55eb7 java-17-openjdk-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 81fc3ea1aa495edba990c8a40d4889f92ac663b7e6a38d225984001285d9826f java-17-openjdk-src-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 4c02eee746e86de7064e85f96ce143453e339343e3f4446fa7a5d33683b51ff3 java-17-openjdk-src-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 5f9a40ef8d1835b293d0f2d21390925e7f160b80860d08ced51435da53664521 java-17-openjdk-static-libs-fastdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 630abef35a85663ce5d1ca20cfd7674e5a57376ebe66e0e1577bad6cf38e464b java-17-openjdk-static-libs-slowdebug-17.0.5.0.8-2.el8_6.aarch64.rpm 88046dc62168e0752eae3ff58f9e9dc281c5f80011e22b3f035328e67c7e6112 RLSA-2022:7012 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618) * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) * OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366) (CVE-2022-39399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 11.0.17) [Rocky Linux-8] (BZ#2131863) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618) * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) * OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366) (CVE-2022-39399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 11.0.17) [Rocky Linux-8] (BZ#2131863) rocky-linux-8-aarch64-powertools-rpms java-11-openjdk-demo-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 0bfd462430a0f2a197344437990ca4c4cddbf4801a025ba68490251c059f2b9c java-11-openjdk-demo-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 44d82fd903f9044363c769ac67c54e3ba29b63eb7023490c90d6ad6033a74027 java-11-openjdk-devel-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 048bd77ac5d000a7ac12aa6764037c8d824686a1d739803490e76fc41beaaaa6 java-11-openjdk-devel-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm f5b22c4c67bbf09fe53dec2a689bf2c0007c45669c1b8205282c62d21d9aefda java-11-openjdk-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 5a49f541ab8316e6de735f127d15569119366344541c559a99bafc6dbbac4565 java-11-openjdk-headless-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm e53e9eac134a9bc218ba00e13a3abb8cf62cd9733d0671d47d47e51f494d6781 java-11-openjdk-headless-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm d2323f8f91e658b75750ad32efe2df128498c09724f136b0b0c1bed8a79b4ca6 java-11-openjdk-jmods-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 1ed54f93628722340771739421d20bf0c65e8573fd5c475ce00ed6f418b778fc java-11-openjdk-jmods-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 2124bfd6883f11639b573a6b47db4edb6c703621a2064190689603bbc8c7cbfb java-11-openjdk-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm da5092b2bc4e5a0dec9a3b8145cb97a8c9cf9d35a3fb940baa8706749cd7c8ef java-11-openjdk-src-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm c02b7a506c3bd44e51299ac15aa5373977468de268da4d50bbe1e2e1926fd3fc java-11-openjdk-src-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 58fb748ba017d249d22412f3a377ee5b3567a97fbb4f0978664eb8eaa532fb23 java-11-openjdk-static-libs-fastdebug-11.0.17.0.8-2.el8_6.aarch64.rpm 5d4bbc78bc56cf20ffac042dbc71e38bbf98c9351817e9fbe1d95603e876b9e0 java-11-openjdk-static-libs-slowdebug-11.0.17.0.8-2.el8_6.aarch64.rpm f88af1e194e7f3bf235c1cf902a7a5511d6ecebc19ff9c3dabf75bcb4222e885 RLBA-2022:7459 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for flatpak. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms flatpak-devel-1.10.7-1.el8.aarch64.rpm c7235062a1e914f8c93b79d81dd06f4b7c559403309f9deb50be92f6370490bf RLSA-2022:7464 The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fix(es): * protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference (CVE-2021-22570) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for protobuf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fix(es): * protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference (CVE-2021-22570) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms protobuf-devel-3.5.0-15.el8.aarch64.rpm b6fe0e2fd888fa9462acda19a8f750731cf7f5aeb6b4137e82a3ff4dec49cce0 protobuf-lite-devel-3.5.0-15.el8.aarch64.rpm 91bd7b661b1a51403db5daa2f455e83a68c8d6293e9af269139a5427293d80b7 RLBA-2022:7465 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nmstate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms nmstate-devel-1.3.3-1.el8.aarch64.rpm 09b526f1ba5a2eccee4c21d63cfe373c74914bf0e4093c446e32df0497123e9c RLBA-2022:7468 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libnma. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libnma-devel-1.8.38-1.el8.aarch64.rpm fc78208f60388d2835d2771c2f541659c998d66ce87cbf2dcc470e1ab5fb4280 RLBA-2022:7471 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libestr. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libestr-devel-0.1.10-3.el8.aarch64.rpm 37abc0b20d075c39066ca3795fad7c9ae0c3ac0cd8a35256af231cd99d559ef8 RLBA-2022:7481 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for python-qt5. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3-qt5-devel-5.15.0-3.el8.aarch64.rpm 13528a03d8033ab2ad3a56f4f6da30acfc70c785ecebb11b76c66a95fee49f63 RLBA-2022:7487 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for qt5-qtbase. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-qtbase-static-5.15.3-1.el8.aarch64.rpm 8bcb5111814f8310415b2090162f38f2400288218da98284294ddead29882542 RLBA-2022:7490 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for qt5-qtdeclarative. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-qtdeclarative-static-5.15.3-1.el8.aarch64.rpm 131664c43d738c1c7a41ba9ca6a60562df1f4b05ec94357e2d63a0d83c9e019e RLBA-2022:7495 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms python3-sip-devel-4.19.25-1.el8.aarch64.rpm 29645e6f340bb0dbb905ef636e9ca03c5961ca45eef9ce690d6a3d3cc60c7832 sip-4.19.25-1.el8.aarch64.rpm f149b5742bf77733dc4a740512e7ede6fc67d53322ace9c708505813f4285005 RLBA-2022:7498 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for qt5-qtquickcontrols2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-qtquickcontrols2-devel-5.15.3-1.el8.aarch64.rpm 3ba93d954fb561785c5f883d5c0071937537c1b5e7a815b044eea281f123cd32 RLBA-2022:7501 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for qt5-qtserialbus. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-qtserialbus-devel-5.15.3-1.el8.aarch64.rpm db10173970e2dfa3ba6cd61cfe1d84f75e0d340d9e64c811f1c7498bdfacdb45 RLBA-2022:7504 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for qt5-qttools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-qttools-static-5.15.3-2.el8.aarch64.rpm b117b12723ba7771f8dfc72f4666d7a78497dd7c41496e0097e138b18334b459 RLBA-2022:7506 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for qt5-qtwayland. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms qt5-qtwayland-devel-5.15.3-1.el8.aarch64.rpm 0f7e0c3d56d40b3d626d9804bb6b7c9e7830f3b5e77197155713ffff24f6ee2e RLBA-2022:7515 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libpfm, papi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libpfm-static-4.10.1-5.el8.aarch64.rpm ff79c990b2eb8667692b376106a95a48257cd10acd73b22afa338b70ce744c29 papi-testsuite-5.6.0-16.el8.aarch64.rpm 82269cd4fb424ccaf75bcdfae576fc11c3c5735ecb4a75c7ceeac13eed1157ec python3-libpfm-4.10.1-5.el8.aarch64.rpm 63f5c49e106e2358d2d16b788c086aede1fa941ca15a3cb455d9757d2a41c6be RLBA-2022:7518 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dyninst. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms dyninst-devel-12.1.0-1.el8.aarch64.rpm 1a8d904eb105a235bc77cd6098447357c42f0614d5ee595919e421250108c3ef dyninst-doc-12.1.0-1.el8.aarch64.rpm 6dd34df92943d3d650be2a12667c87ebd607b50dba2439272d9cbd72579bdf81 dyninst-static-12.1.0-1.el8.aarch64.rpm 27b638ad8f18faca3f7e2e53c518886e0805dae51152c805ddbdc22cdce3aaa7 dyninst-testsuite-12.1.0-1.el8.aarch64.rpm ee74e728780b1d9f046476770488b1c9e8c56b5a9022fd1ed02fac4b1bdd12b8 RLSA-2022:7524 Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C and a small validating JSON generator. Security Fix(es): * yajl: heap-based buffer overflow when handling large inputs due to an integer overflow (CVE-2022-24795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for yajl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C and a small validating JSON generator. Security Fix(es): * yajl: heap-based buffer overflow when handling large inputs due to an integer overflow (CVE-2022-24795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms yajl-devel-2.1.0-11.el8.aarch64.rpm 0ead758ab7b0f236e0a814bf4751e83a9583e1ab2f8f3a5cb9410fc408890dff RLBA-2022:7531 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms evolution-data-server-perl-3.28.5-20.el8.aarch64.rpm 8e436e4b34f0b6659c09e8643a24127e570c62ace7fe6bc582f025c65ac0e218 evolution-data-server-tests-3.28.5-20.el8.aarch64.rpm 16ee72aed8c1870f09ca92d71929d12cc336bbce02efc6af66a8c3d36dfa34ef RLBA-2022:7536 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nautilus. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms nautilus-devel-3.28.1-21.el8.aarch64.rpm 0c08f730a29a9d017024c4fadf8b92556ddbfda7dc69d5901e59ae2af1f9e372 RLBA-2022:7559 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for lasso. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms lasso-devel-2.6.0-13.el8.aarch64.rpm f6ef40563d46e867b4927b85565b77812fa472e04680ea09a6d941f5471e2436 RLSA-2022:7558 WavPack is a completely open audio compression format providing lossless, high-quality lossy and a unique hybrid compression mode. Security Fix(es): * wavpack: Heap out-of-bounds read in WavpackPackSamples() (CVE-2021-44269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for wavpack. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

WavPack is a completely open audio compression format providing lossless, high-quality lossy and a unique hybrid compression mode. Security Fix(es): * wavpack: Heap out-of-bounds read in WavpackPackSamples() (CVE-2021-44269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms wavpack-devel-5.1.0-16.el8.aarch64.rpm 877e3ccc2818bde9fd8d7f03beb379944ac28e76f5efb339b641a556a778e8ea RLBA-2022:7561 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for crash. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms crash-devel-7.3.2-2.el8.aarch64.rpm 02367c77f1e1f8fddd549898d7f36bc4ad0b1b2c16d7900a08d9bda95a8237a5 RLBA-2022:7564 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gdm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gdm-devel-40.0-24.el8.aarch64.rpm cfc9e8b37a4ca03f325b47d3885b01c1552e4bebe0a050ff936f8326580a6636 gdm-pam-extensions-devel-40.0-24.el8.aarch64.rpm 6a2dc5291bf7b3c5554f658f181016c4516b5161aafe1859ef492d02cd49aa26 RLSA-2022:7583 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access (CVE-2022-2319) * xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo request handler of the Xkb extension (CVE-2022-2320) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for xorg-x11-xtrans-devel, xorg-x11-server-Xwayland, xorg-x11-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access (CVE-2022-2319) * xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo request handler of the Xkb extension (CVE-2022-2320) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms xorg-x11-server-devel-1.20.11-9.el8.aarch64.rpm 653a4590a91bc0828bc645f87aa0e6ca25ed7d084d7fca25546f5160d6ad36f5 RLSA-2022:7585 The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: Denial of Service via crafted TIFF file (CVE-2022-0561) * libtiff: Null source pointer lead to Denial of Service via crafted TIFF file (CVE-2022-0562) * libtiff: reachable assertion (CVE-2022-0865) * libtiff: Out-of-bounds Read error in tiffcp (CVE-2022-0924) * libtiff: stack-buffer-overflow in tiffcp.c in main() (CVE-2022-1355) * libtiff: out-of-bounds read in _TIFFmemcpy() in tif_unix.c (CVE-2022-22844) * libtiff: heap buffer overflow in extractImageSection (CVE-2022-0891) * tiff: Null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() in tif_dirread.c (CVE-2022-0908) * tiff: Divide By Zero error in tiffcrop (CVE-2022-0909) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libtiff. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: Denial of Service via crafted TIFF file (CVE-2022-0561) * libtiff: Null source pointer lead to Denial of Service via crafted TIFF file (CVE-2022-0562) * libtiff: reachable assertion (CVE-2022-0865) * libtiff: Out-of-bounds Read error in tiffcp (CVE-2022-0924) * libtiff: stack-buffer-overflow in tiffcp.c in main() (CVE-2022-1355) * libtiff: out-of-bounds read in _TIFFmemcpy() in tif_unix.c (CVE-2022-22844) * libtiff: heap buffer overflow in extractImageSection (CVE-2022-0891) * tiff: Null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() in tif_dirread.c (CVE-2022-0908) * tiff: Divide By Zero error in tiffcrop (CVE-2022-0909) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libtiff-tools-4.0.9-23.el8.aarch64.rpm db24b77d8946476a17964f518bdb9f9c97b66732bfcbd5744dde58905ba6fea8 RLBA-2022:7589 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for yara. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms yara-devel-4.2.3-1.el8.aarch64.rpm 23d29c346cc8acfd85441ac000a68c3f1f0b6bb32c186dc210cc54d5b8516fa1 RLSA-2022:7592 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: mailcap: findmatch() function does not sanitize the second argument (CVE-2015-20107) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-toml, python-urllib3, PyYAML, python-attrs, python-iniconfig, python-requests, mod_wsgi, python3x-pip, python-py, python-chardet, python-pluggy, Cython, python-psutil, python-wcwidth, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python39, python-cffi, python3x-setuptools, pybind11, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: mailcap: findmatch() function does not sanitize the second argument (CVE-2015-20107) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms__python39-devel python39-Cython-0.29.21-5.module+el8.4.0+574+843c4898.aarch64.rpm 637ec2d61a3f84c6a3c79abe7c5ffd13fd5b02ba0acb854b25fecd6e8edf0282 python39-pybind11-2.7.1-1.module+el8.6.0+795+de4edbcc.aarch64.rpm 57a56a33a3460213a62048ebf84d265c3eea23799c2dbd0fc532ccce3044c5cf python39-pybind11-devel-2.7.1-1.module+el8.6.0+795+de4edbcc.aarch64.rpm b6adb9f1239d13fe2a17f26ec0245f1650f4b103b0d5eb8e5310e6058254443e RLSA-2022:7594 Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): * poppler: A logic error in the Hints::Hints function can cause denial of service (CVE-2022-27337) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for poppler. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): * poppler: A logic error in the Hints::Hints function can cause denial of service (CVE-2022-27337) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms poppler-glib-devel-20.11.0-5.el8.aarch64.rpm a687d84fe81cdd580892cd4d621a11da7c8b538373c00ba6cee275d50bb011ac poppler-cpp-20.11.0-5.el8.aarch64.rpm e555996db19fdb26407079440b3276b8fd8c06efdfd6cee6dbbdf9eb6d1af4a9 poppler-cpp-devel-20.11.0-5.el8.aarch64.rpm 15887778f889ec8c12b2ea97e2f1a97f3448721fb92f33103092deaa5722c9fa poppler-devel-20.11.0-5.el8.aarch64.rpm badae6f3964c77b1889fa60f9da52df8e7952b032a54d54f251d6960e0cf7a06 poppler-qt5-devel-20.11.0-5.el8.aarch64.rpm 231d620ab952a12cc55f2aae0a681dd4aeb7ac630e6cc2f895fdc3521864a3df RLBA-2022:7595 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for bcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms bcc-devel-0.24.0-2.el8.aarch64.rpm 65208000b6381ffcba98bcba6b029052a245ecfd8c88c0fc2cb2d12945b60587 RLBA-2022:7600 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for boost. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms boost-graph-mpich-1.66.0-13.el8.aarch64.rpm 1cd6cb3880b0f4873f388f3c4bdf3dfd5646dbb471465fbe2f51cab29a98e4c0 boost-graph-openmpi-1.66.0-13.el8.aarch64.rpm 2ef6c16f663ef20125137858b759549b37e4d69553e078c7c4053b15168153a5 boost-jam-1.66.0-13.el8.aarch64.rpm eeb110538b3714e32b6d6753a2a8be98cfcf8f0213f2ba10bbb16cfd7ef52717 boost-mpich-1.66.0-13.el8.aarch64.rpm 19d3e04865cbf2481f1442b356ccd346130fd50c2230798e94749620768aed1c boost-mpich-devel-1.66.0-13.el8.aarch64.rpm 12765e2dc004c3edf09057cac6df591d724b0e0460b968e36ba3819db80e2871 boost-mpich-python3-1.66.0-13.el8.aarch64.rpm 8480324e00396c5c365c79a430c17e8b657f98088379f54b11912a611a91d810 boost-numpy3-1.66.0-13.el8.aarch64.rpm 51c09f941fb419f45df5232e54464cee730428def60cebc43d29ab3bebaf1d8c boost-openmpi-1.66.0-13.el8.aarch64.rpm ec115b2a96b6fa1d801db761d378a72b470ff3a818b4c2b6367b054c9123cc71 boost-openmpi-devel-1.66.0-13.el8.aarch64.rpm d624c10c050f52aea3409b81ea8d3eb32be7271a8a45634dd0226bbaa0ec97d3 boost-openmpi-python3-1.66.0-13.el8.aarch64.rpm fcac33cbee23efa4e85ba93984907bca50446526cb93335a642c34b6107fb797 boost-python3-1.66.0-13.el8.aarch64.rpm f9f86c2a5a1fe7fd766b3893da9f2a5fdd4b23dbd1807281bb5eac52918f5271 boost-python3-devel-1.66.0-13.el8.aarch64.rpm 5934e3f54190f365eaec0e87b79486311ef40f28ce685d86dc8f0c2fb31887fc boost-static-1.66.0-13.el8.aarch64.rpm 7ce65907b8701cd345f13f4ec4d4002f4ab88fd0af78b7c4819c8398f91b3fef RLEA-2022:7601 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for wayland-protocols, libdrm, mesa. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms mesa-libgbm-devel-22.1.5-2.el8.aarch64.rpm 73d16528ddf32211f9e710c61f6f8fca731f89943655427d63f33dd0a1d7692a mesa-libOSMesa-devel-22.1.5-2.el8.aarch64.rpm 95e63a3c63c09fa660fa842bcb9ddb70ff7204e1707d66b4db8b64076b241619 RLBA-2022:7614 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for xxhash. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms xxhash-devel-0.8.1-3.el8.aarch64.rpm 31a943cd2ec4a0b6991f574ed9d8382e26a7429b8d8bca5e8201b1bdbef56cb4 RLSA-2022:7623 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for dovecot. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms dovecot-devel-2.3.16-3.el8.aarch64.rpm dcc4ac93e85a6558c76a805b31e7920d5fc0e8bc0a1793df483a419d925c5280 RLBA-2022:7631 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for ghostscript. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms ghostscript-tools-dvipdf-9.27-4.el8.aarch64.rpm b66ab65b846373eacf9e3ce210e8b3a70bd8461946a14657b3528e6b0c7be604 ghostscript-tools-fonts-9.27-4.el8.aarch64.rpm fbc4469c9613607db5e43a666b1293eccc337045d783c22bde99360724ab3900 ghostscript-tools-printing-9.27-4.el8.aarch64.rpm 423cc0e059d6ef21513986df102c100f98b1dccfe005e3a96947cfc7ca8edc6b libgs-devel-9.27-4.el8.aarch64.rpm 0a65401dea9547b396e917e8ad7fc7556bf418547333ac08df9580037efc7672 RLSA-2022:7639 OpenBLAS is an optimized BLAS library based on GotoBLAS2 1.13 BSD version. Security Fix(es): * lapack: Out-of-bounds read in *larrv (CVE-2021-4048) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for openblas. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

OpenBLAS is an optimized BLAS library based on GotoBLAS2 1.13 BSD version. Security Fix(es): * lapack: Out-of-bounds read in *larrv (CVE-2021-4048) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms openblas-devel-0.3.15-4.el8.aarch64.rpm 33aa3c49a45f273406d61d77c6b57d67a0761d4862de5eb08d3869d0c4465a59 openblas-openmp-0.3.15-4.el8.aarch64.rpm 1a00bf04d6c9a656cf403ec2bc1c10170bd1687c7405767f119c3d646175e568 openblas-openmp64_-0.3.15-4.el8.aarch64.rpm 0d715a815f22ee12146649b7ec4757b72ad7f9dbfda6ce51d8091bf65425e921 openblas-openmp64-0.3.15-4.el8.aarch64.rpm f4bc9d985b0ee822e72178609053162acae57be4280ae7647a70a9f5a02b2b63 openblas-Rblas-0.3.15-4.el8.aarch64.rpm 82770ef574c11659990de8f57170ec733045b8c26781d19b6ea5a4117561d2cd openblas-serial64_-0.3.15-4.el8.aarch64.rpm a75be6d79eb93af81c72aca5cae93b7ff47697338287a22a50b4418b79a7affc openblas-serial64-0.3.15-4.el8.aarch64.rpm 17b229fae5baeed538da874b4bf5d0bdbe0578f8686e6445ab24cdd278804bb1 openblas-static-0.3.15-4.el8.aarch64.rpm 7bd6f43f90b37da04ae54a63a7aeaa9604836fb2b2f731d7f0ef1350da9a5a20 openblas-threads64_-0.3.15-4.el8.aarch64.rpm e51c0725e14ae454d73913249dae557a5ea7113ac5c636a13a9a06d59f8d2a78 openblas-threads64-0.3.15-4.el8.aarch64.rpm 9e6d05e8fadaef9bf2240c138f350fb9100770232674eff9c72e50e4a8c9f609 RLBA-2022:7641 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for fstrm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms fstrm-utils-0.6.1-3.el8.aarch64.rpm 7cbe9801e2001e028544b213f20210cc3411dabfa2c551bad620256c78f25595 RLSA-2022:7643 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220) * bind: DoS from specifically crafted TCP packets (CVE-2022-0396) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Important

An update is available for bind9.16. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220) * bind: DoS from specifically crafted TCP packets (CVE-2022-0396) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms bind9.16-devel-9.16.23-0.9.el8.1.aarch64.rpm 8f5b735830df77f937084df2c692b0cca2d5952e08c9447912ed574cdad04fa4 bind9.16-dnssec-utils-9.16.23-0.9.el8.1.aarch64.rpm 64020cd9f65a95de49d6f1d1bf50c26d6587ecf824bd2174101e12087dd17786 RLSA-2022:7645 OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es): * openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer (CVE-2022-1122) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Low

An update is available for openjpeg2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es): * openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer (CVE-2022-1122) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms openjpeg2-devel-2.4.0-5.el8.aarch64.rpm 9fcb4ad792d52f614e8212966dbe933b46a259e03f8f02cf92671453edcd5cc6 RLBA-2022:7646 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libblockdev. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libblockdev-crypto-devel-2.24-11.el8.aarch64.rpm cb14c1f82e01f1371de7591977a41c114135cff1745cc17dfd7ca9c2d480de8f libblockdev-devel-2.24-11.el8.aarch64.rpm 18b97b9d72772bba6ecaa8816bbce22a64925876ce8c0c9506d3b5d4722be889 libblockdev-fs-devel-2.24-11.el8.aarch64.rpm a43a737349195369e421329867f67320166e3a2a2c96649ea9c98a28bb0607ee libblockdev-loop-devel-2.24-11.el8.aarch64.rpm e1ae1aa43c2d91514d8c01d07c713e9467180a5389624494459b47f6f1e247a9 libblockdev-lvm-devel-2.24-11.el8.aarch64.rpm 6263292aa499a6270409a992a5ccf1c75912f5fce9b21465dcdccb5fff04a238 libblockdev-mdraid-devel-2.24-11.el8.aarch64.rpm fd66045929c3d697425c068c41c9e6da49d4501407f2060f5b08a6510aef17bb libblockdev-part-devel-2.24-11.el8.aarch64.rpm 9e73605337bdb599811ac2abd3f897a3fc1b80880dc87e3b279b55a4c5ff038a libblockdev-swap-devel-2.24-11.el8.aarch64.rpm d832627d8d846cf5dfc525ee80158cc6a69273fcedd4c6d27359ad24f23bb7e1 libblockdev-utils-devel-2.24-11.el8.aarch64.rpm 2af0351939fe20b9329f0ee6010c275416633487fc517a57a09332a2f62424eb libblockdev-vdo-devel-2.24-11.el8.aarch64.rpm 3b1444a751f48ee93012c329d8fcce0325ecfadc1b03323daf8adaaf990980eb RLBA-2022:7653 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for cups-filters. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms cups-filters-devel-1.20.0-28.el8.aarch64.rpm 99ae6233a0c2336fe1611de06ccea9f47b5dea7afc307715cc119860b0c6ec33 RLBA-2022:7657 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for openslp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms openslp-devel-2.0.0-20.el8.aarch64.rpm 4988b4c0c314cc2e5740e8f8b572e729f0ebc8a58fe2ef727f041348943a50a2 RLBA-2022:7659 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for gtk3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms gtk3-devel-docs-3.22.30-11.el8.aarch64.rpm 60f28864adf3dbd71fa6d0a11a0ad7527b762b08a3ef5195a6f718b9b787b257 RLBA-2022:7658 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for freerdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms freerdp-devel-2.2.0-8.el8.aarch64.rpm 00ac3254caea61fedf694e2c9a8cddf10bba3d68d4c880b4bd0cc8147ec71ccd RLBA-2022:7661 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for spirv-tools, vulkan-loader, vulkan-headers, vulkan-validation-layers, vulkan-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms spirv-tools-devel-2022.2-2.el8.aarch64.rpm 72a67441532207bc8bab6fd8c3db8933c7029d916a52c469a448106bee0917eb RLBA-2022:7662 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for opencv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms opencv-3.4.6-8.el8.aarch64.rpm 95efe1563ffdce8aee024abcb4fd75ac5beabda037656eec08cb6c44c5899186 opencv-devel-3.4.6-8.el8.aarch64.rpm 50d207869310fbe19253099bd51cbf05de17ca28471664fdaad1b797eb8b2138 RLBA-2022:7663 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for wireshark. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms wireshark-devel-2.6.2-15.el8.aarch64.rpm b327e17562ebea8d11e5232530af268ee81f70e4ce577b871b968ff1aa3cd137 RLBA-2022:7674 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for openwsman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libwsman-devel-2.6.5-9.el8.aarch64.rpm b5d8993c673e125011436e3fd2fd66aa36f54e3c5643c13dbe721d4ca755713c RLBA-2022:7091 This erratum reinstates changes made to java-1.8.0-openjdk in Rocky Linux 8.7 GA. The original builds for Rocky Linux 8.7 GA will have been superseded by newer binaries released as part of the October 2022 security update for Rocky Linux 8.6. For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

This erratum reinstates changes made to java-1.8.0-openjdk in Rocky Linux 8.7 GA. The original builds for Rocky Linux 8.7 GA will have been superseded by newer binaries released as part of the October 2022 security update for Rocky Linux 8.6. For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm b7d35d9f285a1b0dec58da3c3f4a0ffc7ebc591e4153249ebdccc04dd2a9d790 java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 18d16f2d145b0a74d9c5708123ebc80234856f31d9b12140ffad3f696018a54a java-1.8.0-openjdk-demo-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 19365b81c215dbecc57340be70effc577928ce7e948433336c1ee582bac02acc java-1.8.0-openjdk-demo-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 647d993682f191b54be44e034069c6b7c440095f92b6e9fb7570a0739577e108 java-1.8.0-openjdk-devel-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 70d11b21564ba0f9687a7ecffc2d7dd9f86fe6b1a875e3ffa57d3fa9f7708815 java-1.8.0-openjdk-devel-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 320d6c5f7d96eed48a774fb425120467c3de9d3b7dee221671acc71d649892ea java-1.8.0-openjdk-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 9d00ba06ee69c2f9777b452d779a8173ca4b3b5ee2e550359b6093ca0596de16 java-1.8.0-openjdk-headless-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm a551632ab45c43f2264420ffc7910ec143bb2b9b6d9311ea2ce9556630dee26f java-1.8.0-openjdk-headless-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm 0fff96db56187df2caf62c76b6dfc2991037ff451380ea4e519df9e1f4f6f2e6 java-1.8.0-openjdk-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm e59b364a29f07f98415d5cd0279e46427b44814318240ab114b8f0a7becaf884 java-1.8.0-openjdk-src-fastdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm fcc84852a012c72513ec52f6a95f336c04b1eef97d9378d23839a1061cf52ce2 java-1.8.0-openjdk-src-slowdebug-1.8.0.352.b08-2.el8_7.aarch64.rpm bc1bd795a4363451df05af031f89c05069f40dcdcc3ce17b6bb42ffbf629846c RLBA-2022:7835 Mutter is a compositing window manager that displays and manages desktop through OpenGL. It combines the window-management logic inherited from the Metacity window manager with a display engine that uses the Clutter toolkit. Bug Fix(es) and Enhancement(s): * [AMDCLIENT 8.7 Bug] [Lenovo]When switch to some resolutions will be black screen [Rocky Linux-8.7.0.z] (BZ#2136746) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for mutter. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mutter is a compositing window manager that displays and manages desktop through OpenGL. It combines the window-management logic inherited from the Metacity window manager with a display engine that uses the Clutter toolkit. Bug Fix(es) and Enhancement(s): * [AMDCLIENT 8.7 Bug] [Lenovo]When switch to some resolutions will be black screen [Rocky Linux-8.7.0.z] (BZ#2136746) rocky-linux-8-aarch64-powertools-rpms mutter-devel-3.32.2-67.el8_7.aarch64.rpm 3c003fecdd9f9bb0d839d505ee2f17c7167fe3859b91a3c7bc09ed294a795253 RLBA-2022:7258 This erratum reinstates changes made to java-17-openjdk in Rocky Linux 8.7 GA. The original builds for Rocky Linux 8.7 GA will have been superseded by newer binaries released as part of the October 2022 security update for Rocky Linux 8.6. For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for java-17-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

This erratum reinstates changes made to java-17-openjdk in Rocky Linux 8.7 GA. The original builds for Rocky Linux 8.7 GA will have been superseded by newer binaries released as part of the October 2022 security update for Rocky Linux 8.6. For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms java-17-openjdk-demo-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 1db7038e4b8776b58c8473e7e8f2f1b1f5fc53f51059eab6b31daea1947a501f java-17-openjdk-demo-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm cec3c9a04ebe8db2186a5f559611282138209afccfc4e021b36ffa674b145ae1 java-17-openjdk-devel-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm ed35d711c9f2d217fa186df26467f32a979e97da2229293234f77a5e44e23e1e java-17-openjdk-devel-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 0f3e00f91e2d13b1b80747afad0370e13440edde56ac5461cf1e105a35092b9b java-17-openjdk-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 423f987c2d734e2adafa322917a78e441c0f68ddc972353bba46538252b84464 java-17-openjdk-headless-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 2c43cbce2932c0d49ea4bdad39b566c9d562980797b66147cb6760696da1fece java-17-openjdk-headless-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm fa43fecb9ea9a1ae9f8a24be70ac5b2ade6e6ba59cb3ea65aa3b5499e5fc11d3 java-17-openjdk-jmods-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 1d8c409947f4de1e5d35079f90a1c270bc2dc964b0b55244f20cf982342392a2 java-17-openjdk-jmods-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 9e45b8ed819fdb3cad881c2fb55e81186e9ee571569b00bce52c9ffb1893668a java-17-openjdk-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 32ab580d468a726d1d098e7c92693f4b283a7cec346dc12151f90fd557214818 java-17-openjdk-src-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm b3faff2c204b1820e96aa8e094c953271f55e3b13f6336d8188b7806175646d2 java-17-openjdk-src-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 80d9f410eb8d947c67fc5a271f791879d8a70aeca174c25570b31af93045909e java-17-openjdk-static-libs-fastdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 97471dda81e66315849e5a9221450159ee71f4745b8b261c9c74c5a5fd5534db java-17-openjdk-static-libs-slowdebug-17.0.5.0.8-1.el8_7.aarch64.rpm 1b157a81cf7d09063a79b81668ae9cce76edaf96fb2033c69c5c942d108ee409 RLBA-2022:7438 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fix(es) and Enhancement(s): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 11.0.17) [Rocky Linux-8] (BZ#2131862) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fix(es) and Enhancement(s): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 11.0.17) [Rocky Linux-8] (BZ#2131862) rocky-linux-8-aarch64-powertools-rpms java-11-openjdk-demo-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 3bfaf40d6ce1959875cb008f43624e57f206f6cd1a89c76c9930e86c538dd26d java-11-openjdk-demo-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm e71e09ff9afeb55ea50b20eb34617087a6a289c6b4eb382e1497e3f57e6101d2 java-11-openjdk-devel-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 2d4d87d7a55274e14e6c859c7eac753ec8334ddf3652869b2298f56ea0746b20 java-11-openjdk-devel-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm c87abd7dfc24b22c3caf80a96534964442549b62a0d6c4e9cb6ba937746562e8 java-11-openjdk-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm bcf162dc622e3e291c90b25a55b790c63e9bfbc3794147f01388df4f36245319 java-11-openjdk-headless-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm e6448cf97698420d5bb4b899d16660984eee1eed4f5814f8ca877700d5513f11 java-11-openjdk-headless-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 715903def691dcec7ebd0353f2816f4b953d2956d00e08bc11611adf0595d4f3 java-11-openjdk-jmods-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 023baf80b46b8d26e103d52cc29607b30309c7166964fa74ecb54df7e6941335 java-11-openjdk-jmods-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 2c0ddbd460a485cf844412f73354b60edae85e3508a5ce2b4461a46271f1c1e3 java-11-openjdk-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 92e5b26d8be188201782fdd085116005517a83d0405d55cb62cd5df434be380e java-11-openjdk-src-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 6e799747d770be54bed3f0f4200cc7718372a58fc710548afa4e08c2d3300a63 java-11-openjdk-src-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 6f5e87875377f5538082bc755ed223b7146ca53f8e31ade3cecce242b126d845 java-11-openjdk-static-libs-fastdebug-11.0.17.0.8-1.el8_7.aarch64.rpm 744db94b1d921ef0ad34f790fd7442a05d30bf18690f0d700f25992e2a7ba34b java-11-openjdk-static-libs-slowdebug-11.0.17.0.8-1.el8_7.aarch64.rpm c61da47cf51158889e07011475d6f0c5272ef5d75af0cf549bbed91c66f70bed RLBA-2022:7861 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.100 and Runtime 7.0.0 [Rocky Linux-8.7.0.z] (BZ#2137943) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.100 and Runtime 7.0.0 [Rocky Linux-8.7.0.z] (BZ#2137943) rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.100-1.el8_7.aarch64.rpm 62b0f7566db6102a5f317409cefb4e7c6c04037c04efbd4d24111c8e6c104fc8 RLBA-2022:9019 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.112 and Runtime 6.0.12 [Rocky Linux-8.7.0.z] (BZ#2150147) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.112 and Runtime 6.0.12 [Rocky Linux-8.7.0.z] (BZ#2150147) rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.112-1.el8_7.aarch64.rpm 082c3d9e67e99d567ce6f9e37e9fcca07ee2c0e2776950207b754f96d5b83148 RLBA-2022:9020 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.101 and Runtime 7.0.1 [Rocky Linux-8.7.0.z] (BZ#2150151) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.101 and Runtime 7.0.1 [Rocky Linux-8.7.0.z] (BZ#2150151) rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.101-1.el8_7.aarch64.rpm 95a0b68ad8cbc159f939575b8c77cd50f6edbc1bb608199a571c0e6aef6a13ba RLSA-2023:0079 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.113 and .NET Runtime 6.0.13. The following packages have been upgraded to a later upstream version: dotnet6.0 (6.0.113). (BZ#2154458) Security Fix(es): * dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process (CVE-2023-21538) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.113 and .NET Runtime 6.0.13. The following packages have been upgraded to a later upstream version: dotnet6.0 (6.0.113). (BZ#2154458) Security Fix(es): * dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process (CVE-2023-21538) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.113-1.el8_7.aarch64.rpm 34ca919af35ec55475602d07a47d001e1987a30bba1f4db9eb7405e72fc7c33c RLBA-2023:0081 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.102 and Runtime 7.0.2 [Rocky Linux-8.7.0.z] (BZ#2154466) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.102 and Runtime 7.0.2 [Rocky Linux-8.7.0.z] (BZ#2154466) rocky-linux-8-aarch64-powertools-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.102-1.el8_7.aarch64.rpm 0d7f83838df27c16ca0f62fc32c2a791ebc773ef2e5e7e7ab55805b8ddba59b9 RLSA-2023:0095 The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * LibTiff: DoS from Divide By Zero Error (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058) * libtiff: Double free or corruption in rotateImage() function at tiffcrop.c (CVE-2022-2519) * libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c (CVE-2022-2867) * libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits() (CVE-2022-2869) * libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c (CVE-2022-2953) * libtiff: Assertion fail in rotateImage() function at tiffcrop.c (CVE-2022-2520) * libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c (CVE-2022-2521) * libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() (CVE-2022-2868) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for libtiff. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * LibTiff: DoS from Divide By Zero Error (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058) * libtiff: Double free or corruption in rotateImage() function at tiffcrop.c (CVE-2022-2519) * libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c (CVE-2022-2867) * libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits() (CVE-2022-2869) * libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c (CVE-2022-2953) * libtiff: Assertion fail in rotateImage() function at tiffcrop.c (CVE-2022-2520) * libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c (CVE-2022-2521) * libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() (CVE-2022-2868) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-8-aarch64-powertools-rpms libtiff-tools-4.0.9-26.el8_7.aarch64.rpm 7a5f511c8aa743a1575e9948272a6c70688f9b5498b8f7925e3e30653013faf3 RLBA-2023:0102 Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Bug Fix(es) and Enhancement(s): * nmstate verificationError on OpenshiftSDN (BZ#2128555) * kubernetes-nmstate-operator deletes Virtual Functions created by sriov-fec-operator (BZ#2139698) * Addresses configured at different order than specified at state (BZ#2149048) * fail to create many veth interfaces (BZ#2150705) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for nmstate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Bug Fix(es) and Enhancement(s): * nmstate verificationError on OpenshiftSDN (BZ#2128555) * kubernetes-nmstate-operator deletes Virtual Functions created by sriov-fec-operator (BZ#2139698) * Addresses configured at different order than specified at state (BZ#2149048) * fail to create many veth interfaces (BZ#2150705) rocky-linux-8-aarch64-powertools-rpms nmstate-devel-1.3.3-4.el8_7.aarch64.rpm 9e40cae0bb9f7d5c03667e91e9ffced778125e449ac06b279ed913855fb17756 RLSA-2023:0192 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * In FIPS mode, the use of a SQLite database provided by NSS was assumed, which was opened in read-only mode and with no PIN expected. This prevented the use of other databases or setting a PIN on the NSS database. This update allows more control over database use using two new properties - fips.nssdb.path and fips.nssdb.pin - which can be configured permanently in the java.security file or temporarily via command-line arguments to the Java virtual machine (RHBZ#2147473) * Prepare for the next quarterly OpenJDK upstream release (2023-01, 17.0.6) [Rocky Linux-8] (BZ#2153010) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-17-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * In FIPS mode, the use of a SQLite database provided by NSS was assumed, which was opened in read-only mode and with no PIN expected. This prevented the use of other databases or setting a PIN on the NSS database. This update allows more control over database use using two new properties - fips.nssdb.path and fips.nssdb.pin - which can be configured permanently in the java.security file or temporarily via command-line arguments to the Java virtual machine (RHBZ#2147473) * Prepare for the next quarterly OpenJDK upstream release (2023-01, 17.0.6) [Rocky Linux-8] (BZ#2153010) rocky-linux-8-aarch64-powertools-rpms java-17-openjdk-demo-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm c7c63b500143352eb941dacfdd1fee33bc542cd5329bc61efb535e6e1e6e68d7 java-17-openjdk-demo-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 000524decd5696a63699ad97eb589afc9c042ee61a511fde70884edc83f4fd74 java-17-openjdk-devel-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm fed3879cb41ff565775633146aa88f652f44b764e0f8b6ad52375098893fc538 java-17-openjdk-devel-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 840272e38a328803d4ecc23fb873570d8bc49798e0e8aaebb74d149726ada9e8 java-17-openjdk-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 3f7aede4b3980c91b70e809a767cfcd58ceb917dd5ad202dd0b17f88f72b052d java-17-openjdk-headless-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 2b5187f33c68429870c18cb0c6e47e27b0cf309decf15ef16ed6580b509ba327 java-17-openjdk-headless-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 01cb48158a5bbb8aa428f325677f21f2514443086c374a9291f73f2b98f7af59 java-17-openjdk-jmods-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 962256fd306e03853f2612752261b794d261a7665964439ae7dc8e0277dc38f4 java-17-openjdk-jmods-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 345f48a7070883571146f9661874f51037b5be2918241e3155659153e07bbf6a java-17-openjdk-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 7ddae8dd66f6fd349b3cadc391d9f51a48030f340458741a75ae0c1371560719 java-17-openjdk-src-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 5e58dc693e487294d3f6784b2678cc4ea62b947d20f33a32f64aaa7f657219b4 java-17-openjdk-src-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 060e7990bd30cfa353fcb871937fb1885521b1f525763bb07d85d1f33a3cacee java-17-openjdk-static-libs-fastdebug-17.0.6.0.10-3.el8_7.aarch64.rpm 5889972f86fe241481c01e594e8ae47305cb0de9242c52797a28cf1ac487c423 java-17-openjdk-static-libs-slowdebug-17.0.6.0.10-3.el8_7.aarch64.rpm ebc81f7ac437f2d537f807acca4eae4e03e720bf08895c526f57409634f51dfb RLSA-2023:0200 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 11.0.18) [Rocky Linux-8] (BZ#2157797) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 11.0.18) [Rocky Linux-8] (BZ#2157797) rocky-linux-8-aarch64-powertools-rpms java-11-openjdk-demo-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 2f44c2f88619c67d1164fe100f7479955578564fb35d60e2016140f5b782c061 java-11-openjdk-demo-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 597cb5a6dc375af471fcd13f008ef53bf17759a7eab6dc68f94ec88c77dda4e6 java-11-openjdk-devel-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 356aebde455468b10c943efd821522502fe6b1a0d8e3d863f8b42d0ceff8231f java-11-openjdk-devel-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm c73bb86e6d3d97103a6d69897cafe6a7082c7bd98b4d9718a5894c282882d92d java-11-openjdk-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 1f27baaff8bb0218f465ccc6863d33e74b565ff7deadffd9e2620fc7a6aa33f9 java-11-openjdk-headless-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 153c9ee1bbbbdb25d8e32ee89ad8abbe31effa6ef51e206999f75f50f7fb4201 java-11-openjdk-headless-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm c44568cd91724942755b96fbb79070721b1e9c6de5f5d49fdbc59fcd6c6b5f57 java-11-openjdk-jmods-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm d355711dd5326e0864e8e16d452e1eef11f5c65cebc7821ba20a281aa67af01b java-11-openjdk-jmods-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm dc8e42f5d4dc0d4641f5aab7b41b5765db0bbb14b1c9f7c909036179482e3c4b java-11-openjdk-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm ae74329fd5a73e000d460332935bbc57ca7ebdad72712c21445d74bd07a74823 java-11-openjdk-src-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm eaa3723c053b67df72df94e52d5f19b72953bebd559b2143868dabd9d9e66766 java-11-openjdk-src-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 2119bf5c4c28fead21b9a1bf6bf3401aa5f9a88c0015162661a236a7f802d5bd java-11-openjdk-static-libs-fastdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 050a263d6e1fb4d52fa016e5e4f44ab0558c228aa7af4bc7162340e2eaa89021 java-11-openjdk-static-libs-slowdebug-11.0.18.0.10-2.el8_7.aarch64.rpm 6997953eeff92c5cae9f857867350715be30bd684e2d2418246cf48b2763b3d8 RLBA-2022:7815 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for kronosnet. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libknet1-1.24-2.el8.aarch64.rpm 83109d06e8afb5ffa7919c788d4b9e753e09585180b8d023d5ca089a35c92d31 libknet1-devel-1.24-2.el8.aarch64.rpm 3b188051d0a9c7014233fc959aefb2192e68e5a09b949c89e12369f71879b842 RLEA-2020:4838 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for dtc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms dtc-1.6.0-1.el8.aarch64.rpm bd44c1b92210f89ce787ee1ee9530d1c104bb0abb3c11db6ea1c84d384918e59 libfdt-devel-1.6.0-1.el8.aarch64.rpm bb45c74cd9a86723f6d3945371c8aa3e711fe84581fd10c7fe30116abe574578 RLBA-2020:4499 For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for network-manager-applet. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms jimtcl-devel-0.77-6.el8.1.aarch64.rpm 41df21377ee0f98f6cd1201f5416e90dfc400c9978b33c43b3f3e3beaee4d79a RLBA-2022:2000 For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for glib2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms glib2-static-2.56.4-158.el8_6.1.aarch64.rpm 0f8a19b268e0fe16bd451aa6559ef625a0065c97b255f4ba78f423921b3f5948 RLSA-2023:0208 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI() (BZ#2139705) * Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-8] (BZ#2159910) * solr broken due to access denied ("java.io.FilePermission" "/etc/pki/java/cacerts" "read") [rhel-8, openjdk-8] (BZ#2163595) Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI() (BZ#2139705) * Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-8] (BZ#2159910) * solr broken due to access denied ("java.io.FilePermission" "/etc/pki/java/cacerts" "read") [rhel-8, openjdk-8] (BZ#2163595) rocky-linux-8-aarch64-powertools-rpms java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm 84ca154b41c0a60fc145dda85cd4bfc370c3341b4a20789fab480eadda0b3a86 java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm e929c0200229d2455a80e69e8a2fe40659aa0f51e7483e7f2d6b8e8d11455cc7 java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm fca8be62a3d98c5674d91b003673b1683301dcd1b852b67ad01f0c1663af20ea java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm b5dae2e1539a65d47e9a0de07026941357df28684452045ee5637d4ef78e4c8c java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm 436c3fe864d618ae96d28eac21897c8ea266946cddfc62f6af6b7c6881711c41 java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm c10d620b06db9fd583e8e6166cb235943f601a0d1fc75036b3723901a4ecae8f java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm 725e9e267b322e8770921b47697ce64ada67cc53afc11b8c76e831f857f98440 java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm f6d27a485b2fbe33b914192173b684fc3538e91340b3245ee8270de8ab8f2d4f java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm 6f6bbf587b09c9dd27fef5fc0bbce541c3d6a49c4109f3bae9702fcc20baf1ae java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm ca05de79562c8ac83fdcc3c833a344906ed4a81325522ee7216e557ec471a507 java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm e464756dd4e4ace64fe22f419bc2d1528c4beb30c55ae7ed8942b2ed415fea51 java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm 84e2f1c1e1e748fa02fc9648c1fa3b89000662b79163858ad5e024dfda2004ab RLBA-2022:7739 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libsss_nss_idmap-devel-2.7.3-4.el8_7.1.aarch64.rpm 876fb14ca6ee70e7b6765a8c5ba645a22ff88456304b416f660290d56c48f376 RLBA-2022:7766 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for fwupd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms fwupd-devel-1.7.8-1.el8.rocky.0.3.aarch64.rpm d0cf8802b3aa1cf546d49ee80e22f3aa5810aed4c31a99ebed05b7ae305e8710 RLEA-2020:4672 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for autogen. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms autogen-5.18.12-8.el8.1.aarch64.rpm 0650d5b015f1463a2114cfd40dfda59558f6c8ef4393647fb85324ca308fb6ff autogen-libopts-devel-5.18.12-8.el8.1.aarch64.rpm fa8189b9ac3938cd80103cbd1be9a1d984e411b465f169c47082d2a58fa8910a RLBA-2020:4734 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for libblockdev. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 8.3 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms libblockdev-crypto-devel-2.24-11.el8.aarch64.rpm cb14c1f82e01f1371de7591977a41c114135cff1745cc17dfd7ca9c2d480de8f libblockdev-devel-2.24-11.el8.aarch64.rpm 18b97b9d72772bba6ecaa8816bbce22a64925876ce8c0c9506d3b5d4722be889 libblockdev-fs-devel-2.24-11.el8.aarch64.rpm a43a737349195369e421329867f67320166e3a2a2c96649ea9c98a28bb0607ee libblockdev-loop-devel-2.24-11.el8.aarch64.rpm e1ae1aa43c2d91514d8c01d07c713e9467180a5389624494459b47f6f1e247a9 libblockdev-lvm-devel-2.24-11.el8.aarch64.rpm 6263292aa499a6270409a992a5ccf1c75912f5fce9b21465dcdccb5fff04a238 libblockdev-mdraid-devel-2.24-11.el8.aarch64.rpm fd66045929c3d697425c068c41c9e6da49d4501407f2060f5b08a6510aef17bb libblockdev-part-devel-2.24-11.el8.aarch64.rpm 9e73605337bdb599811ac2abd3f897a3fc1b80880dc87e3b279b55a4c5ff038a libblockdev-swap-devel-2.24-11.el8.aarch64.rpm d832627d8d846cf5dfc525ee80158cc6a69273fcedd4c6d27359ad24f23bb7e1 libblockdev-utils-devel-2.24-11.el8.aarch64.rpm 2af0351939fe20b9329f0ee6010c275416633487fc517a57a09332a2f62424eb libblockdev-vdo-devel-2.24-11.el8.aarch64.rpm 3b1444a751f48ee93012c329d8fcce0325ecfadc1b03323daf8adaaf990980eb RLBA-2022:7462 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for anaconda. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms anaconda-widgets-devel-33.16.7.12-1.el8.rocky.0.1.aarch64.rpm 02fec851b51fd4c6e181ac2633ce588df41619ecbbbece9747a727b96fc405b8 RLBA-2022:7635 For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 None

An update is available for openscap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms openscap-engine-sce-devel-1.3.6-4.el8.rocky.0.2.aarch64.rpm f57145920f2b265a0c7f77920599faf6834fddf5c470dbe38bf177a63f4726aa RLSA-2021:1734 The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fix(es): * grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372) * grub2: Use-after-free in rmmod command (CVE-2020-25632) * grub2: Out-of-bounds write in grub_usb_device_initialize() (CVE-2020-25647) * grub2: Stack buffer overflow in grub_parser_split_cmdline() (CVE-2020-27749) * grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled (CVE-2020-27779) * grub2: Heap out-of-bounds write in short form option parser (CVE-2021-20225) * grub2: Heap out-of-bounds write due to miscalculation of space required for quoting (CVE-2021-20233) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. Copyright 2023 Rocky Enterprise Software Foundation Rocky Linux 8 1 Moderate

An update is available for shim-unsigned-aarch64. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fix(es): * grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372) * grub2: Use-after-free in rmmod command (CVE-2020-25632) * grub2: Out-of-bounds write in grub_usb_device_initialize() (CVE-2020-25647) * grub2: Stack buffer overflow in grub_parser_split_cmdline() (CVE-2020-27749) * grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled (CVE-2020-27779) * grub2: Heap out-of-bounds write in short form option parser (CVE-2021-20225) * grub2: Heap out-of-bounds write due to miscalculation of space required for quoting (CVE-2021-20233) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section. rocky-linux-8-aarch64-powertools-rpms shim-unsigned-aarch64-15-7.el8.1.1.aarch64.rpm 50d3fdb8369d8b026f80727bf61924a9d167b365f18718a1f42c4e6d41c70e27