CLSA-2023:1695326199
lz4: Fix of CVE-2021-3520
TuxCare License Agreement
0
- CVE-2021-3520: Fix potential memory corruption with negative memmove() size
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-3520: Fix potential memory corruption with negative memmove() size
0
tuxcare-centos7-els
lz4-1.8.3-1.el7.tuxcare.els1.i686.rpm
5335558b2177e7f2d82601c828adfa36538f69a0
lz4-1.8.3-1.el7.tuxcare.els1.x86_64.rpm
80c901d619bf31112141ebfa98d3b750a7c8929b
lz4-devel-1.8.3-1.el7.tuxcare.els1.i686.rpm
633bbbfcbda91e3eeee225b162c2cfab8018792f
lz4-devel-1.8.3-1.el7.tuxcare.els1.x86_64.rpm
c6b4e7a07f10ee9cf520a043f7f528819f5a923f
lz4-static-1.8.3-1.el7.tuxcare.els1.i686.rpm
2f62417720d611116bd363e7857c22836a589268
lz4-static-1.8.3-1.el7.tuxcare.els1.x86_64.rpm
588c300e0befdf3e1afa9c5d8a452933e40f8406
CLSA-2023:1695406987
libtasn1: Fix of CVE-2021-46848
TuxCare License Agreement
0
- CVE-2021-46848: Fix ETYPE_OK off by one array size check.
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-46848: Fix ETYPE_OK off by one array size check.
0
tuxcare-centos7-els
libtasn1-4.10-1.el7.tuxcare.els1.i686.rpm
bb4ca6284c31053611f8f5d09d087a420efcf26d
libtasn1-4.10-1.el7.tuxcare.els1.x86_64.rpm
f9c3a45d9b77349b6ac215e583a4a6a49a994887
libtasn1-devel-4.10-1.el7.tuxcare.els1.i686.rpm
cee8fc0819b8500a09b8a97c724ecf8717480cb0
libtasn1-devel-4.10-1.el7.tuxcare.els1.x86_64.rpm
8f8ac6ad10d11dfa3e8a29c5c89371571fdf0dec
libtasn1-tools-4.10-1.el7.tuxcare.els1.x86_64.rpm
95da1c3092b62a96a51c51ab44d7eeec65166ce1
CLSA-2023:1695752598
httpd: Fix of 4 CVEs
TuxCare License Agreement
0
- CVE-2022-23943: Fix out-of-bound write in mod_sed
- CVE-2022-22721: Fix integer overflow which resulted in out-of-bounds write
- CVE-2022-28615: Fix read beyond bounds in ap_strcmp_match()
- CVE-2022-31813: Fix possible bypass of IP based authentication
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-23943: Fix out-of-bound write in mod_sed
- CVE-2022-22721: Fix integer overflow which resulted in out-of-bounds write
- CVE-2022-28615: Fix read beyond bounds in ap_strcmp_match()
- CVE-2022-31813: Fix possible bypass of IP based authentication
0
tuxcare-centos7-els
httpd-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm
abcebff4e25b456c277b446349e4f78de5adc010
httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm
0df38b144f249b1dcbe3873a697908608a9edd21
httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els1.noarch.rpm
7135ad62ce92a941e384ced7bdc93fb130a23ff0
httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm
62376f47b9f878e613a9642b8cf12e9e5ce0be2a
mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm
c6d070bcd6b67267cb24e98ff2d6c965e8175e0e
mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm
3698fe8eb955a70e0bd60a7e8297ea029f33c11f
mod_session-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm
d772a1b36c9387cc67b5f05a7a867d72488d6f97
mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm
f8ba02ee9b65ea554aae13f7087bc465cc4c8008
CLSA-2023:1695834624
python3: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2021-3177: Replace snprintf to prevent buffer overflow
- CVE-2022-48565: Reject XML entity declarations in plist files
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-3177: Replace snprintf to prevent buffer overflow
- CVE-2022-48565: Reject XML entity declarations in plist files
0
tuxcare-centos7-els
python3-3.6.8-19.el7.tuxcare.els1.i686.rpm
ff0f7c541ae160786eca75805e0d32cfbe93309e
python3-3.6.8-19.el7.tuxcare.els1.x86_64.rpm
f49c04bfcd0b453ed60812c9ea6e3787f6951d14
python3-debug-3.6.8-19.el7.tuxcare.els1.i686.rpm
89b19ae9b52c24c1549b191055522e045b382d23
python3-debug-3.6.8-19.el7.tuxcare.els1.x86_64.rpm
f7a0a47ae24dcf550ff4f159c5379b8e757f87c9
python3-devel-3.6.8-19.el7.tuxcare.els1.i686.rpm
e5a09a3491aee9d9b31b802133fa138a3bf1bdfe
python3-devel-3.6.8-19.el7.tuxcare.els1.x86_64.rpm
6aa32329e057f1ea20e45232e67bdc295f875089
python3-idle-3.6.8-19.el7.tuxcare.els1.i686.rpm
2bd15f34dc8a940f0349b267bb7da1f6ed9c0075
python3-idle-3.6.8-19.el7.tuxcare.els1.x86_64.rpm
e36c7e71edaf38299abb42e54b2eeead1cc66883
python3-libs-3.6.8-19.el7.tuxcare.els1.i686.rpm
593a39ac99294654bf73d2d2ca63d9e05af81bce
python3-libs-3.6.8-19.el7.tuxcare.els1.x86_64.rpm
305fac9731bd59f4a597bf864259dfbe0a87fbd6
python3-test-3.6.8-19.el7.tuxcare.els1.i686.rpm
f8ef0171a9095e6cf804b9d517400e300f15ba43
python3-test-3.6.8-19.el7.tuxcare.els1.x86_64.rpm
c99d9632a768e6de14dfb849fe413594268d0aa1
python3-tkinter-3.6.8-19.el7.tuxcare.els1.i686.rpm
d0a997577fbc3900cca37c971c45eb9e382a37a0
python3-tkinter-3.6.8-19.el7.tuxcare.els1.x86_64.rpm
8419a4d1a694af5f71346de8969e9b132475778b
CLSA-2023:1695834945
openldap: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2022-29155: fix a SQL injection vulnerability in the back-sql backend
to slapd
- CVE-2021-27212: fix denial of service (daemon exit) via a short timestamp
if slapd is used
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-29155: fix a SQL injection vulnerability in the back-sql backend
to slapd
- CVE-2021-27212: fix denial of service (daemon exit) via a short timestamp
if slapd is used
0
tuxcare-centos7-els
openldap-2.4.44-25.el7_9.tuxcare.els1.i686.rpm
0beede14b5e790fa644584fa5a5bd1cec5f4e8fc
openldap-2.4.44-25.el7_9.tuxcare.els1.x86_64.rpm
06fb1dbfdcc3a325f7a696c9d17bca97db4190b8
openldap-clients-2.4.44-25.el7_9.tuxcare.els1.x86_64.rpm
26a14c009d0962993942268ff93f44a5a8af3bd8
openldap-devel-2.4.44-25.el7_9.tuxcare.els1.i686.rpm
2dae8e81a8676d1301332623de4f1f84a5ad2cf4
openldap-devel-2.4.44-25.el7_9.tuxcare.els1.x86_64.rpm
674b5b06c67e95972dcbb5f8acd18147555d4ece
openldap-servers-2.4.44-25.el7_9.tuxcare.els1.x86_64.rpm
160aa15e0841c681425725ac038d7e956a737ede
openldap-servers-sql-2.4.44-25.el7_9.tuxcare.els1.x86_64.rpm
9b66fff95147f17a9309700f9290481046d32efe
CLSA-2023:1696352100
glib2: Fix of CVE-2021-27218
TuxCare License Agreement
0
- CVE-2021-27218: gbytearray: Do not accept too large byte arrays
- Enable internal tests
- Skip several failed tests from the check
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-27218: gbytearray: Do not accept too large byte arrays
- Enable internal tests
- Skip several failed tests from the check
0
tuxcare-centos7-els
glib2-2.56.1-9.el7_9.tuxcare.els1.i686.rpm
8d95b19e06810735e439444f72563df8e7d1c7cb
glib2-2.56.1-9.el7_9.tuxcare.els1.x86_64.rpm
32274ea04cb4bc0de9751a3d70dc52d09728c65f
glib2-devel-2.56.1-9.el7_9.tuxcare.els1.i686.rpm
a53ec1271e9c78caad7bb52c4f06866ad09e453e
glib2-devel-2.56.1-9.el7_9.tuxcare.els1.x86_64.rpm
9defde80bf6e762dd4a92c343a0b606ed57c032b
glib2-doc-2.56.1-9.el7_9.tuxcare.els1.noarch.rpm
391fe71cc4ca47157c0d30f6302eec945eb20df4
glib2-fam-2.56.1-9.el7_9.tuxcare.els1.x86_64.rpm
673dc55537e03e1ea8fed1878669ab329dba1213
glib2-static-2.56.1-9.el7_9.tuxcare.els1.i686.rpm
c10f5ddef12ec9378bf6c0aebf0e651fedef0236
glib2-static-2.56.1-9.el7_9.tuxcare.els1.x86_64.rpm
46ff7152639eaacbde6817a2596da0d2423541c0
glib2-tests-2.56.1-9.el7_9.tuxcare.els1.x86_64.rpm
c7c35916aed2ebd026f249a048d16221c76cdec6
CLSA-2023:1696536930
httpd: Fix of 4 CVEs
TuxCare License Agreement
0
- CVE-2021-26690: Fix NULL pointer dereference in mod_session
- CVE-2022-22719: Fix possible process crash due to unnoticed failures in mod_lua
- CVE-2022-29404: Fix possible DoS due to no default limit on possible input size
in mod_lua
- CVE-2022-26377: Fix possible HTTP request smuggling in mod_proxy_ajp
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-26690: Fix NULL pointer dereference in mod_session
- CVE-2022-22719: Fix possible process crash due to unnoticed failures in mod_lua
- CVE-2022-29404: Fix possible DoS due to no default limit on possible input size
in mod_lua
- CVE-2022-26377: Fix possible HTTP request smuggling in mod_proxy_ajp
0
tuxcare-centos7-els
httpd-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm
8457081a779136e2455d91a593e78702d66f3142
httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm
5e0ff81be6bc38ff2a5e1b699b739b79a44e6407
httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els2.noarch.rpm
78998f720701b87eb8a031ec1d767bae891d6252
httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm
1ac6e08d603add02654d8babeca7fec4d5d0ff3e
mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm
595b84b2e24b20cd18670df68cac0f627b4b3db6
mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm
cd1de0eaa2a4e846a7e6741165df05c6e9c5105f
mod_session-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm
7596090f0b5a9d6727c24fbbca840e2899ffc813
mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm
86c41b836ea727c7f7295bed70044c2683e8a2c8
CLSA-2023:1696537106
libxml2: Fix of 5 CVEs
TuxCare License Agreement
0
- CVE-2021-3517: fix flaw in the xml entity encoding
- CVE-2021-3518: fix dangling pointers in entity reference nodes
- CVE-2022-23308: fix use-after-free of ID and IDREF attributes
- CVE-2022-40303: fix integer counters overflow when parsing a multi-gigabyte XML
- CVE-2022-40304: fix double free as a result of an invalid XML entity
- fix testapi.c to avoid false positive test errors
- fix a parser and fix a null pointer dereference
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-3517: fix flaw in the xml entity encoding
- CVE-2021-3518: fix dangling pointers in entity reference nodes
- CVE-2022-23308: fix use-after-free of ID and IDREF attributes
- CVE-2022-40303: fix integer counters overflow when parsing a multi-gigabyte XML
- CVE-2022-40304: fix double free as a result of an invalid XML entity
- fix testapi.c to avoid false positive test errors
- fix a parser and fix a null pointer dereference
0
tuxcare-centos7-els
libxml2-2.9.1-6.el7_9.6.tuxcare.els1.i686.rpm
8b71b0db977448bbdda9dd955d0c9cde68331999
libxml2-2.9.1-6.el7_9.6.tuxcare.els1.x86_64.rpm
b966212b8ff87a83e3d4516bd2b06bc2a1e374a4
libxml2-devel-2.9.1-6.el7_9.6.tuxcare.els1.i686.rpm
ef815c5e75c65301daae8033cc2541d06cec16da
libxml2-devel-2.9.1-6.el7_9.6.tuxcare.els1.x86_64.rpm
ca97c5fb9e5353e51f2eb285d41d04fed94e1fd1
libxml2-python-2.9.1-6.el7_9.6.tuxcare.els1.x86_64.rpm
f3dc45d5d820029a8bfd62b93afdeaa5c8a84d80
libxml2-static-2.9.1-6.el7_9.6.tuxcare.els1.i686.rpm
ecbcc180a370e2d9a6122cb4f49e07a05bd9b5b8
libxml2-static-2.9.1-6.el7_9.6.tuxcare.els1.x86_64.rpm
f25767e14a196f3e7e69504cb8087fb0c4b2c8bd
CLSA-2023:1696877581
binutils: Fix of 9 CVEs
TuxCare License Agreement
0
- CVE-2017-16831: Fix excessive memory allocation attempts and possible integer
overflows when attempting to read a COFF binary with a corrupt symbol count
- CVE-2020-19726: Fix parsing a corrupt PE format file
- CVE-2021-45078: Fix out-of-bounds write in stab_xcoff_builtin_type
- CVE-2021-46174: Fix buffer overflow in read_section_stabs_debugging_info
- CVE-2022-44840: Fix possible heap buffer overflow in find_section_in_set() in readelf.c
- CVE-2022-45703: Combine sanity checks, calculate element counts, not word
counts, fix typo
- CVE-2022-47695: Test symbol flags to exclude section and synthetic symbols
before attempting to check flavour
- CVE-2022-47696: Fix uninitialised field `the_bfd` of `asymbol`
- CVE-2022-47673: Fix lack of bounds checking in vms-alpha.c
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2017-16831: Fix excessive memory allocation attempts and possible integer
overflows when attempting to read a COFF binary with a corrupt symbol count
- CVE-2020-19726: Fix parsing a corrupt PE format file
- CVE-2021-45078: Fix out-of-bounds write in stab_xcoff_builtin_type
- CVE-2021-46174: Fix buffer overflow in read_section_stabs_debugging_info
- CVE-2022-44840: Fix possible heap buffer overflow in find_section_in_set() in readelf.c
- CVE-2022-45703: Combine sanity checks, calculate element counts, not word
counts, fix typo
- CVE-2022-47695: Test symbol flags to exclude section and synthetic symbols
before attempting to check flavour
- CVE-2022-47696: Fix uninitialised field `the_bfd` of `asymbol`
- CVE-2022-47673: Fix lack of bounds checking in vms-alpha.c
0
tuxcare-centos7-els
binutils-2.27-44.base.el7_9.1.tuxcare.els1.x86_64.rpm
db3088e64f1b1e386ac79846298123538eec6c61
binutils-devel-2.27-44.base.el7_9.1.tuxcare.els1.i686.rpm
59bb18516a3dba44d119fd06708c2662661788a0
binutils-devel-2.27-44.base.el7_9.1.tuxcare.els1.x86_64.rpm
acbfd87fbe8a031e1250a8727a372923a920753e
CLSA-2023:1696877712
expat: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2022-23990: lib: prevent integer overflow in function doProlog
- CVE-2022-43680: fix overeager DTD destruction in
XML_ExternalEntityParserCreate
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-23990: lib: prevent integer overflow in function doProlog
- CVE-2022-43680: fix overeager DTD destruction in
XML_ExternalEntityParserCreate
0
tuxcare-centos7-els
expat-2.1.0-15.el7_9.tuxcare.els1.i686.rpm
f1ea6a6ec0498e7f83ddc545134d26e3c9456a1a
expat-2.1.0-15.el7_9.tuxcare.els1.x86_64.rpm
825fee740f53e2f518deb1dac27f0d3bc6f355d5
expat-devel-2.1.0-15.el7_9.tuxcare.els1.i686.rpm
2fbe968a1606e65dd4cb486fda3e74cf18d2715a
expat-devel-2.1.0-15.el7_9.tuxcare.els1.x86_64.rpm
61b1d88492df6045e8fc214d44ebf1e69c7884de
expat-static-2.1.0-15.el7_9.tuxcare.els1.i686.rpm
295167ac3c991bade45f806bcd924c1d45ac35cc
expat-static-2.1.0-15.el7_9.tuxcare.els1.x86_64.rpm
dbe964c8a3045d1e9b2b9749bfb83a44b9e8d234
CLSA-2023:1696877835
python: Fix of CVE-2022-48565
TuxCare License Agreement
0
- CVE-2022-48565: Reject XML entity declarations in plist files
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-48565: Reject XML entity declarations in plist files
0
tuxcare-centos7-els
python-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm
915579284dc8e594b50d28293a38c7443dd51db4
python-debug-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm
99a0dfc939bebbdeb8a7de50ff1af2f03ea14168
python-devel-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm
7e2c2f835a4d4cc9a57dc428026f4c4e5d2aa18a
python-libs-2.7.5-92.el7_9.tuxcare.els1.i686.rpm
be64f0e26e21ac25850a628041d6e84d308fffef
python-libs-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm
753bab9de02f034362ae2e059ff14e5aa90716e7
python-test-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm
95bf46065e05cc11c7df29ac8013595120a25940
python-tools-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm
d5ac0bdb002baee41f37b05bea554ebeaa9e90d1
tkinter-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm
3c386f785b4d99d959e60affbbd3096aa8345156
CLSA-2023:1697135138
bind: Fix of CVE-2023-3341
TuxCare License Agreement
0
- Limit isccc_cc_fromwire recursion depth (CVE-2023-3341)
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Limit isccc_cc_fromwire recursion depth (CVE-2023-3341)
0
tuxcare-centos7-els
bind-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
88168d9825e7eb737b5303faf98e325734ad95bd
bind-chroot-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
5518f13b6099eac365f6a328f85d4a90017d9883
bind-devel-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm
49da1fb11e70f054e8d0cc0c39810c095e430e74
bind-devel-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
87dd6f2dd1b26643c0de9712a5a64e803e5ae650
bind-export-devel-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm
b7f24d1c432e2ead3d841ff33a73d1eca2c21e4e
bind-export-devel-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
a6e3b095201dccdf245fe4a58f106f1a7c45ecfc
bind-export-libs-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm
59807d283471b0a66cdfb7037a58dac6c0df3f7c
bind-export-libs-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
67626712a07814766979e66c236f3417faa8eef9
bind-libs-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm
97a8f0e296c2346f4ebbc83c631222408b49590e
bind-libs-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
b0b692a5df5dd14db9351b44337e5ebdaf472d11
bind-libs-lite-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm
0cc964857a3d36971772b1630f0888a749c940ac
bind-libs-lite-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
7d4495947d780a8fed63039f9dab3577a8d94018
bind-license-9.11.4-26.P2.el7.14.tuxcare.els1.noarch.rpm
9feaa2ba6c0a3c5eac28014bd19946bdbfc91c50
bind-lite-devel-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm
03fd846327d8322927066c14431598769a01c623
bind-lite-devel-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
f509540aa33f2be58bc2812aee614592e0a75c37
bind-pkcs11-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
56b2fa3d579cc899daa778385f00a65dc3a9fe88
bind-pkcs11-devel-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm
08e578b62c3bc6abe1920719209265ecc023bd33
bind-pkcs11-devel-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
0417f2ef2ca675a8f4b87d1527a2a8c8c90e67ad
bind-pkcs11-libs-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm
44a2d60883d94182fafec67ddcf268ef2aea6024
bind-pkcs11-libs-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
6553039b2b8338a7c8e3c83f3c0b5b444d6c76fe
bind-pkcs11-utils-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
6289298a02892ee9147be3e1ec9f24d7e65b4595
bind-sdb-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
2de281186a5db360d6d5651ca5c8e3c8ccc34fbc
bind-sdb-chroot-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
e90ef5d99c868c9366893ee4ef92053464979797
bind-utils-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm
e813aef0405650979f393b442cfb4d28adf0fa2b
CLSA-2023:1697135256
glib2: Fix of 5 CVEs
TuxCare License Agreement
0
- CVE-2023-29499: Fix GVariant offset table entry size which is not checked
in is_normal()
- CVE-2023-32611: Fix an issue where g_variant_byteswap() can take a long time
with some non-normal inputs
- CVE-2023-32665: Fix GVariant deserialisation which does not match spec
for non-normal data
- CVE-2023-32636: Fix a wrong timeout in fuzz_variant_text()
- CVE-2023-32643: Fix a heap-buffer-overflow in g_variant_serialised_get_child()
- Fix g_test_bug assertion in gvariant test
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-29499: Fix GVariant offset table entry size which is not checked
in is_normal()
- CVE-2023-32611: Fix an issue where g_variant_byteswap() can take a long time
with some non-normal inputs
- CVE-2023-32665: Fix GVariant deserialisation which does not match spec
for non-normal data
- CVE-2023-32636: Fix a wrong timeout in fuzz_variant_text()
- CVE-2023-32643: Fix a heap-buffer-overflow in g_variant_serialised_get_child()
- Fix g_test_bug assertion in gvariant test
0
tuxcare-centos7-els
glib2-2.56.1-9.el7_9.tuxcare.els2.i686.rpm
9643a317420b78befa8e76fcffc0b123b0f04490
glib2-2.56.1-9.el7_9.tuxcare.els2.x86_64.rpm
8ecd35ea0bded1178ee5cfd2eda7a83430f29372
glib2-devel-2.56.1-9.el7_9.tuxcare.els2.i686.rpm
99a3e920ff0d5b45a4166d3c49efc27739b4ab8b
glib2-devel-2.56.1-9.el7_9.tuxcare.els2.x86_64.rpm
313ae814c1ce6e4893f21b5e58c7f09c7e8ecca4
glib2-doc-2.56.1-9.el7_9.tuxcare.els2.noarch.rpm
90fdce49ab767693d93a0b995a62ea4a24329da8
glib2-fam-2.56.1-9.el7_9.tuxcare.els2.x86_64.rpm
3a3e8616260fd26c252d21e524ac3ed209a20e6d
glib2-static-2.56.1-9.el7_9.tuxcare.els2.i686.rpm
4a3ea3934f6f46f6ef15226db7a6fed7f8f33d68
glib2-static-2.56.1-9.el7_9.tuxcare.els2.x86_64.rpm
e512fa76e33935b14171e0880bfb3de7e4e07a7a
glib2-tests-2.56.1-9.el7_9.tuxcare.els2.x86_64.rpm
3efb02cdd3b1dd15ece27989efa933fddc3a2bc9
CLSA-2023:1697463947
curl: Fix of CVE-2023-38546
TuxCare License Agreement
0
- CVE-2023-38546: cookie: remove unnecessary struct fields
- Rebuild expired test certificates
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-38546: cookie: remove unnecessary struct fields
- Rebuild expired test certificates
0
tuxcare-centos7-els
curl-7.29.0-59.el7_9.1.tuxcare.els1.x86_64.rpm
5bf1afaaa96ddb3b00765b7941fd8380ed99d233
libcurl-7.29.0-59.el7_9.1.tuxcare.els1.i686.rpm
0047b200928a6c2e141841317caa5ea0e8e7e9b5
libcurl-7.29.0-59.el7_9.1.tuxcare.els1.x86_64.rpm
19a25bf0acee34803687097da4d59ead48a97eb4
libcurl-devel-7.29.0-59.el7_9.1.tuxcare.els1.i686.rpm
83199959cbdbd2ff4be735bfb1b3abf7ba9fd2d9
libcurl-devel-7.29.0-59.el7_9.1.tuxcare.els1.x86_64.rpm
fedbc5eb1c9f0ef1360342abdc82292a3a6dd404
CLSA-2023:1697464069
python: Fix of CVE-2022-48566
TuxCare License Agreement
0
- CVE-2022-48566: Make compare_digest more constant-time
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-48566: Make compare_digest more constant-time
0
tuxcare-centos7-els
python-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm
93e1e91e9536ad44e7caeb3cdaea00707b8a98cb
python-debug-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm
a48ce581e1852f5d8120b965b57747e1d8301e0a
python-devel-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm
398f57daa0a252080cba3067df218d9acbc0326d
python-libs-2.7.5-92.el7_9.tuxcare.els2.i686.rpm
47d73e54648b1b16c78c62657a3aa3e107836045
python-libs-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm
a263b5aa40ad27cb0e5dda090b71714637237a17
python-test-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm
0b0f1378e0f7066d9cfe1086311bdd1e3780642f
python-tools-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm
852d85cfa2834b111718757635a9b4e8b17a76f9
tkinter-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm
15bc277e37fac2a18be809181a113a22fd8c14d2
CLSA-2023:1697464186
sysstat: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2022-39377: check an overflow and exit if it be
- CVE-2023-33204: fix possible buffer overflow in an incomplete fix for
CVE-2022-39377
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-39377: check an overflow and exit if it be
- CVE-2023-33204: fix possible buffer overflow in an incomplete fix for
CVE-2022-39377
0
tuxcare-centos7-els
sysstat-10.1.5-20.el7_9.tuxcare.els1.x86_64.rpm
480369f6523658531baa8f5895f4aaa1484f82b5
CLSA-2023:1697739575
python3: Fix of 4 CVEs
TuxCare License Agreement
0
- CVE-2021-3737: Fix http client infinite line reading (DoS) after a
HTTP 100 Continue
- CVE-2021-28861: Fix an open redirection vulnerability in http.server
- CVE-2022-0391: Make urllib.parse sanitize urls containing ASCII newline and
tabs
- CVE-2022-45061: Fix quadratic time idna decoding
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-3737: Fix http client infinite line reading (DoS) after a
HTTP 100 Continue
- CVE-2021-28861: Fix an open redirection vulnerability in http.server
- CVE-2022-0391: Make urllib.parse sanitize urls containing ASCII newline and
tabs
- CVE-2022-45061: Fix quadratic time idna decoding
0
tuxcare-centos7-els
python3-3.6.8-19.el7.tuxcare.els2.i686.rpm
3a9f843d4a1d72ef21645655e0ec2d45cb0eb168
python3-3.6.8-19.el7.tuxcare.els2.x86_64.rpm
836e1f59189ef2a0965ea411bb87cec0d38ec294
python3-debug-3.6.8-19.el7.tuxcare.els2.i686.rpm
116f697c9b00f5e4348d30e34b661f2c861ebe97
python3-debug-3.6.8-19.el7.tuxcare.els2.x86_64.rpm
7ca60e05e62f1a2f0de9857441ef76192eba4036
python3-devel-3.6.8-19.el7.tuxcare.els2.i686.rpm
638289003e5c0a4cd06e97c074cb1265eeba615f
python3-devel-3.6.8-19.el7.tuxcare.els2.x86_64.rpm
5425fe6abed15fffea07f2490b1a82f265471b33
python3-idle-3.6.8-19.el7.tuxcare.els2.i686.rpm
571d17b3dc9beb1ae4ae5d7207e487c759735aaf
python3-idle-3.6.8-19.el7.tuxcare.els2.x86_64.rpm
3ab993eb231d037e4e38a1b5ca072bb88f1d448a
python3-libs-3.6.8-19.el7.tuxcare.els2.i686.rpm
cbe0a1b7689d82e8264b0e60fb8e55879fc24f25
python3-libs-3.6.8-19.el7.tuxcare.els2.x86_64.rpm
bf75827c2cc2110826cf42c8992b3c188619bf8c
python3-test-3.6.8-19.el7.tuxcare.els2.i686.rpm
4c6185cc86ccdc4e951f3f8376b0f07ddc6a24a3
python3-test-3.6.8-19.el7.tuxcare.els2.x86_64.rpm
b03a13d161add2d5e54bb12f3ed5bfab46d82c6c
python3-tkinter-3.6.8-19.el7.tuxcare.els2.i686.rpm
38e44754b55d7280ec9246c1055f18d98076a994
python3-tkinter-3.6.8-19.el7.tuxcare.els2.x86_64.rpm
73ce38d5a37dd46a31b7e9f76c1c6c08c8fdd87e
CLSA-2023:1697739734
python: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2022-45061: fix quadratic time idna decoding
- CVE-2021-3737: fix http client infinite line reading (DoS) after a HTTP 100
Continue
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-45061: fix quadratic time idna decoding
- CVE-2021-3737: fix http client infinite line reading (DoS) after a HTTP 100
Continue
0
tuxcare-centos7-els
python-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm
a9426def5f17f926f28a68396868c56774389a10
python-debug-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm
5b67e92fe71cd8470f16e6fbaf634b6b4054cf22
python-devel-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm
bf10ca97c5b76d47c88bdfef06596d85233b1342
python-libs-2.7.5-92.el7_9.tuxcare.els3.i686.rpm
fbed06bcd7b232d1a51399809425e00930da9903
python-libs-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm
d5aef9f838e8f45cbe1c420ebe72d615d77b50bc
python-test-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm
c729c328ce22635d53e3d67ff254587b78f58e96
python-tools-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm
511280c2057bf8eced73b4fedb177886c1d78421
tkinter-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm
160e520dfcd88b86ef6188f739a57255e0ee4cfb
CLSA-2023:1697741309
python3: Fix of CVE-2022-48560
TuxCare License Agreement
0
- CVE-2022-48560: fix posible crash in heapq with custom comparison operators
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-48560: fix posible crash in heapq with custom comparison operators
0
tuxcare-centos7-els
python3-3.6.8-19.el7.tuxcare.els3.i686.rpm
100c44f6d5a99b08a9718fd343a9a3103a4ce110
python3-3.6.8-19.el7.tuxcare.els3.x86_64.rpm
660fa8d678e05c73c8f8ebe733c4619ca7ef3033
python3-debug-3.6.8-19.el7.tuxcare.els3.i686.rpm
e4f10dc7ca9ecd4d15203af04c4bb32d4e7a8985
python3-debug-3.6.8-19.el7.tuxcare.els3.x86_64.rpm
3788ddf57dc6dc7100ce9ed9b8603f0ada1775a6
python3-devel-3.6.8-19.el7.tuxcare.els3.i686.rpm
732cc2ac6c7e114a2ca239c6fbac230b87eb8d92
python3-devel-3.6.8-19.el7.tuxcare.els3.x86_64.rpm
2e8c369467bea663f70d865771172263d56a5924
python3-idle-3.6.8-19.el7.tuxcare.els3.i686.rpm
9d2d920dee7b4a0d1ab37a3f485a1c1000c78c86
python3-idle-3.6.8-19.el7.tuxcare.els3.x86_64.rpm
9cef7593f0fe578d4a7feeadee80ee9bbdf05577
python3-libs-3.6.8-19.el7.tuxcare.els3.i686.rpm
0377da7f61f1ca57ab28c5c87e7f4717f32a3d81
python3-libs-3.6.8-19.el7.tuxcare.els3.x86_64.rpm
672da5c6d86218aea45f5228ef90ba2a1b520feb
python3-test-3.6.8-19.el7.tuxcare.els3.i686.rpm
4e1f1690095fe24ac39c8db71bb9c6863242ec69
python3-test-3.6.8-19.el7.tuxcare.els3.x86_64.rpm
45100434fcdaa75b17b9abb5f3e6c8152063c9ee
python3-tkinter-3.6.8-19.el7.tuxcare.els3.i686.rpm
49b88f55c68e1d5777b4aa9c3848eaf592af91e9
python3-tkinter-3.6.8-19.el7.tuxcare.els3.x86_64.rpm
4da70700291ed710983e4385d4875158a24a4861
CLSA-2023:1697816385
curl: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2022-27782: check additional TLS or SSH connection parameters that should
have prohibited connection reuse
- CVE-2023-27534: fix SFTP path '~' resolving discrepancy
- fix read off end of array for SCP home directory case
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-27782: check additional TLS or SSH connection parameters that should
have prohibited connection reuse
- CVE-2023-27534: fix SFTP path '~' resolving discrepancy
- fix read off end of array for SCP home directory case
0
tuxcare-centos7-els
curl-7.29.0-59.el7_9.1.tuxcare.els2.x86_64.rpm
c6b8cd1d033f66ec092dd6ec364d6e1bb22b513e
libcurl-7.29.0-59.el7_9.1.tuxcare.els2.i686.rpm
d779dd419635c2558f2f45cbac233ca2659ff107
libcurl-7.29.0-59.el7_9.1.tuxcare.els2.x86_64.rpm
7e7587538c86987f9c8a0b96915525a5e013ab09
libcurl-devel-7.29.0-59.el7_9.1.tuxcare.els2.i686.rpm
a696267b1ffa00bc5dfa92272e487a1bdf77e189
libcurl-devel-7.29.0-59.el7_9.1.tuxcare.els2.x86_64.rpm
d8fe927577f34acaf86d37f68430ef4dcc3e21d3
CLSA-2023:1697816511
python: Fix of CVE-2022-48560
TuxCare License Agreement
0
- CVE-2022-48560: Fix SIGSEGV in Python via heappushpop in heapq
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-48560: Fix SIGSEGV in Python via heappushpop in heapq
0
tuxcare-centos7-els
python-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm
ebe3aaa883d646e63e233a992dec5ab7ed596bb6
python-debug-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm
e619f1a91f8573b6b17f5869f38f3add902cc0b6
python-devel-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm
0e74cf9a9587dec08d13cae522d092a266f6a9ab
python-libs-2.7.5-92.el7_9.tuxcare.els4.i686.rpm
4be0057856b95ad2a13905a1340ceb01600cea62
python-libs-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm
82b9dba185b3a6d44bc741210c603f7134359217
python-test-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm
f86f4061ed4bf7ea6ae8ef2bd2dbd36b94dde6f5
python-tools-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm
f6e9ca627c3467886c8765196cb0e9d6dfe8c050
tkinter-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm
744288fb35ee3dd2a824673954381aff5219e07f
CLSA-2023:1698180296
zlib: Fix of CVE-2023-45853
TuxCare License Agreement
0
- CVE-2023-45853: Reject overflows of zip header fields in minizip
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-45853: Reject overflows of zip header fields in minizip
0
tuxcare-centos7-els
minizip-1.2.7-21.el7.tuxcare.els1.i686.rpm
b001a6bad36b4fd28ceb9858b89bfa6e74357c65
minizip-1.2.7-21.el7.tuxcare.els1.x86_64.rpm
a9f30b0fe736a6c6e19c4a085c3d6076053f2b2f
minizip-devel-1.2.7-21.el7.tuxcare.els1.i686.rpm
e061263e340be843d2c801420730339d1cc430b1
minizip-devel-1.2.7-21.el7.tuxcare.els1.x86_64.rpm
f27d2afe6b5495815868dcbcb023b79ee6d38f65
zlib-1.2.7-21.el7.tuxcare.els1.i686.rpm
18668ec89b1894995751a0301f0c3f653d94a1b7
zlib-1.2.7-21.el7.tuxcare.els1.x86_64.rpm
7cc0349a1850f2a3fcfc8f2252736347db84500e
zlib-devel-1.2.7-21.el7.tuxcare.els1.i686.rpm
1585906c9c773738177d01b8530140383231be1b
zlib-devel-1.2.7-21.el7.tuxcare.els1.x86_64.rpm
2716756879c36019ff4dd28274b9900de39aa4ed
zlib-static-1.2.7-21.el7.tuxcare.els1.i686.rpm
3e9f44673bb62f7fbec4cf0e10adaa5f9ce67bcf
zlib-static-1.2.7-21.el7.tuxcare.els1.x86_64.rpm
d7d52fee9377e2d94e79c533071d8b19bfa5e07f
CLSA-2023:1698312967
perl: Fix of CVE-2023-31484
TuxCare License Agreement
0
- CVE-2023-31484: add verify_SSL=>1 to HTTP::Tiny to verify https server
identity
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-31484: add verify_SSL=>1 to HTTP::Tiny to verify https server
identity
0
tuxcare-centos7-els
perl-5.16.3-299.el7_9.tuxcare.els1.x86_64.rpm
caf09945a7a3a458f2d847dcb9e6f0f6870e1201
perl-CPAN-1.9800-299.el7_9.tuxcare.els1.noarch.rpm
106277248b4fff2fbb68a24811f10e498ee0e1a4
perl-ExtUtils-CBuilder-0.28.2.6-299.el7_9.tuxcare.els1.noarch.rpm
8dc59965712f88066d2b0e4b6b9cf6cf4c24a9e5
perl-ExtUtils-Embed-1.30-299.el7_9.tuxcare.els1.noarch.rpm
7f58a07bf0c6340d63d47233cb5fbd9667a595bf
perl-ExtUtils-Install-1.58-299.el7_9.tuxcare.els1.noarch.rpm
0eabc5ab6bd28b35ab71b2973fb1e5306df9b33a
perl-IO-Zlib-1.10-299.el7_9.tuxcare.els1.noarch.rpm
a330e86163c2100277c9a83198eb1b801be3e670
perl-Locale-Maketext-Simple-0.21-299.el7_9.tuxcare.els1.noarch.rpm
c52adc55e97ad656a0a443d748951e15241468eb
perl-Module-CoreList-2.76.02-299.el7_9.tuxcare.els1.noarch.rpm
220a1e762557a2e60e0aca8720585160582696d6
perl-Module-Loaded-0.08-299.el7_9.tuxcare.els1.noarch.rpm
607113ca2152e7660b365294805c1868cde5af63
perl-Object-Accessor-0.42-299.el7_9.tuxcare.els1.noarch.rpm
75ff6e66a43b1830b68c6e98ce222d325bf75ab8
perl-Package-Constants-0.02-299.el7_9.tuxcare.els1.noarch.rpm
bd3501bb0368dfa36abbfda904c8c980fd2b30e0
perl-Pod-Escapes-1.04-299.el7_9.tuxcare.els1.noarch.rpm
39941d0a1a4d9fc20e089385b0eb531638ae0346
perl-Time-Piece-1.20.1-299.el7_9.tuxcare.els1.x86_64.rpm
0f5ee2c9e5d070f377c346f85023d7ad6f760dfa
perl-core-5.16.3-299.el7_9.tuxcare.els1.x86_64.rpm
b7809b3bb4e5ee878d83b2a9e7239b57bbe08b87
perl-devel-5.16.3-299.el7_9.tuxcare.els1.i686.rpm
17b15007c56ad917786cdbdf8402b5f789bd3e54
perl-devel-5.16.3-299.el7_9.tuxcare.els1.x86_64.rpm
d4b372ff51bed03b24b43196250e33c93a328a90
perl-libs-5.16.3-299.el7_9.tuxcare.els1.i686.rpm
218de637bf0206ddf47bb586c86d4aa5c7156bca
perl-libs-5.16.3-299.el7_9.tuxcare.els1.x86_64.rpm
0fe8aeccb4d6292c793c28c3cf9d5e4b51da32cb
perl-macros-5.16.3-299.el7_9.tuxcare.els1.x86_64.rpm
74bbbcdfb15c572056bc25e599498638c0a0fe98
perl-tests-5.16.3-299.el7_9.tuxcare.els1.x86_64.rpm
b5ad450e277959709d1d3ceb7ab3236d9cd84a35
CLSA-2023:1698690423
systemd: Fix of CVE-2023-26604
TuxCare License Agreement
0
- CVE-2023-26604: use only less as a pager and restrict its functionality
(e.g stop running external shell) unless environment variable
SYSTEMD_PAGERSECURE is defined
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-26604: use only less as a pager and restrict its functionality
(e.g stop running external shell) unless environment variable
SYSTEMD_PAGERSECURE is defined
0
tuxcare-centos7-els
libgudev1-219-78.el7_9.7.tuxcare.els1.i686.rpm
3f733a97866dc4d51901483e086d8fc0a3fa169f
libgudev1-219-78.el7_9.7.tuxcare.els1.x86_64.rpm
cc4d2489ba001aba7bd0442f33419093e481fc11
libgudev1-devel-219-78.el7_9.7.tuxcare.els1.i686.rpm
669d4ce1aec4fcef2420b8f9e3da88fd097c800b
libgudev1-devel-219-78.el7_9.7.tuxcare.els1.x86_64.rpm
81f97eef29880b35b821dd3d76e234e036b0a2ea
systemd-219-78.el7_9.7.tuxcare.els1.x86_64.rpm
1cb6cf6500d83932e2eff2d835892d753a95dfe2
systemd-devel-219-78.el7_9.7.tuxcare.els1.i686.rpm
480c54313409aaba5a47e3cc104f54f707d26048
systemd-devel-219-78.el7_9.7.tuxcare.els1.x86_64.rpm
592f51061240820ea951d15bfd20ba778628fafb
systemd-journal-gateway-219-78.el7_9.7.tuxcare.els1.x86_64.rpm
602a84352916078f23d9878e048ec0558a4f9ecc
systemd-libs-219-78.el7_9.7.tuxcare.els1.i686.rpm
5b96068e0effdb9c2c17c42f64521df5f7575a2e
systemd-libs-219-78.el7_9.7.tuxcare.els1.x86_64.rpm
4cffa90aac744e0df6e46d8994b1f646d124aac6
systemd-networkd-219-78.el7_9.7.tuxcare.els1.x86_64.rpm
923b830450f3d478561ecd934982869ee289d9fb
systemd-python-219-78.el7_9.7.tuxcare.els1.x86_64.rpm
fbb2651f98afab35ac5aaaedc9e839e826356fc0
systemd-resolved-219-78.el7_9.7.tuxcare.els1.i686.rpm
35631a78a8dbf506eecfe3c5038ec2c5873e23cd
systemd-resolved-219-78.el7_9.7.tuxcare.els1.x86_64.rpm
9db1ac9c5c9d4bac544508b714c74549de11e883
systemd-sysv-219-78.el7_9.7.tuxcare.els1.x86_64.rpm
20d904b6eb36be0d3ccef5ee094bf92175167fd3
CLSA-2023:1698945053
libgcrypt: Fix of 4 CVEs
TuxCare License Agreement
0
- CVE-2013-4576: Normalize the MPIs to prevent possible side-channel
attacks
- CVE-2014-3591: Use ciphertext blinding for Elgamal to prevent
possible side-channel attacks
- CVE-2021-33560: Use of smaller K for ephemeral key in ElGamal
prevent generation of weak keys
- CVE-2021-40528: Add exponent blinding as well to mitigate
side-channel attack on mpi_powm
- tests: Add a benchmark for Elgamal
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2013-4576: Normalize the MPIs to prevent possible side-channel
attacks
- CVE-2014-3591: Use ciphertext blinding for Elgamal to prevent
possible side-channel attacks
- CVE-2021-33560: Use of smaller K for ephemeral key in ElGamal
prevent generation of weak keys
- CVE-2021-40528: Add exponent blinding as well to mitigate
side-channel attack on mpi_powm
- tests: Add a benchmark for Elgamal
0
tuxcare-centos7-els
libgcrypt-1.5.3-14.el7.tuxcare.els1.i686.rpm
f8497ed9d31f9974715a42a721e0a6877b809950
libgcrypt-1.5.3-14.el7.tuxcare.els1.x86_64.rpm
0e7241b1a1b53774b334f4fe6f9f98f54213c8eb
libgcrypt-devel-1.5.3-14.el7.tuxcare.els1.i686.rpm
ea176ccdf06315d8724a3a3855383149a10bf5c1
libgcrypt-devel-1.5.3-14.el7.tuxcare.els1.x86_64.rpm
242b8feb95b6795d19a51de8ebe1ffb9b80ebac5
CLSA-2023:1698945913
python3: Fix of CVE-2020-26116
TuxCare License Agreement
0
- CVE-2020-26116: prevent header injection in http methods
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-26116: prevent header injection in http methods
0
tuxcare-centos7-els
python3-3.6.8-19.el7_9.tuxcare.els4.i686.rpm
6ceaa21ae5b2e6b18c27dd8578e4e6741d2a7339
python3-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm
c6b97d996a30ae3b8dcff12f3c552454950c4bb1
python3-debug-3.6.8-19.el7_9.tuxcare.els4.i686.rpm
dcec123dc0d050735a00c1abafec2e2d64213be6
python3-debug-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm
4e41aaff50e907720f26dccc54b5600f67648e8b
python3-devel-3.6.8-19.el7_9.tuxcare.els4.i686.rpm
792b881b47f78b627f45eb1e1ebc721e242f9b95
python3-devel-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm
26e81e4a4d564dad7fd1a0612992422bea8da27c
python3-idle-3.6.8-19.el7_9.tuxcare.els4.i686.rpm
a63b949a95b82c85d2af43f3ca307014a429a5ec
python3-idle-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm
e869849fc3d2586d215c9985b7be212b5d7219b8
python3-libs-3.6.8-19.el7_9.tuxcare.els4.i686.rpm
b14c35d228844ea4ca467eb85364736398ec3ecb
python3-libs-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm
4f79abb1a3a8f6bd33b3548d5ace06caafb071c1
python3-test-3.6.8-19.el7_9.tuxcare.els4.i686.rpm
123cd4d16c683beca0be5e1d63cd3586252827f8
python3-test-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm
bc293286458e878224e70ff855e7e6b97bec07fc
python3-tkinter-3.6.8-19.el7_9.tuxcare.els4.i686.rpm
2d5443a2aff47f1bb6db29d7ba04db51bc5df1ce
python3-tkinter-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm
73423b4dc7473ac268028e59ea9909586b293353
CLSA-2023:1698946014
sqlite: Fix of CVE-2022-35737
TuxCare License Agreement
0
- CVE-2022-35737: increase the size of loop variables in the printf()
implementation
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-35737: increase the size of loop variables in the printf()
implementation
0
tuxcare-centos7-els
lemon-3.7.17-8.el7_7.1.tuxcare.els1.x86_64.rpm
de22a512bfe3a451f976fe9de52c3999c0c7a45c
sqlite-3.7.17-8.el7_7.1.tuxcare.els1.i686.rpm
a938bf9e568ddfaee179564b7799a18c7e696a41
sqlite-3.7.17-8.el7_7.1.tuxcare.els1.x86_64.rpm
f6717a7214ea5935dbab3aedca462c5407704e91
sqlite-devel-3.7.17-8.el7_7.1.tuxcare.els1.i686.rpm
c005f36aacfa24ae5ef2655bfa3356d50842367c
sqlite-devel-3.7.17-8.el7_7.1.tuxcare.els1.x86_64.rpm
c31e8e8733ec0eb8785b6e08fdf09dd87cc3c540
sqlite-doc-3.7.17-8.el7_7.1.tuxcare.els1.noarch.rpm
806f7df903ec00725b1cc3ad22731d944f3dd7fa
sqlite-tcl-3.7.17-8.el7_7.1.tuxcare.els1.x86_64.rpm
7c89a6090c54d668ff59f58ed6327e488ee8ec86
CLSA-2023:1698949696
httpd: Fix of CVE-2023-31122
TuxCare License Agreement
0
- CVE-2023-31122: mod_macro: Fix out-of-bounds read vulnerability
by using own strncmp function
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-31122: mod_macro: Fix out-of-bounds read vulnerability
by using own strncmp function
0
tuxcare-centos7-els
httpd-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm
1333c75013de20c579b423d1981433e5c86a8a4d
httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm
64b1815668be41f36d74c4323186d11d939dfa2e
httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els3.noarch.rpm
104eb078949f9cb48cbd6af0ea3d4ee1aee12ba0
httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm
4cc954d66a5046489d83bc9c7d57da22c804bb98
mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm
6c7112ba70003d6c1e07f05875780fcf43e2cb7d
mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm
7f1b1c5005d3366c35e16ea02011004f299afa5a
mod_session-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm
934934367dcda00aadb42ffb6362b2f9c6dd7591
mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm
d5996a9241e2ac1a2b877a17296d9294c9eaa4f6
CLSA-2023:1699379448
libcap: Fix of CVE-2023-2603
TuxCare License Agreement
0
- CVE-2023-2603: integer overflow if the input string is close to 4GiB.
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-2603: integer overflow if the input string is close to 4GiB.
0
tuxcare-centos7-els
libcap-2.22-11.el7.tuxcare.els1.i686.rpm
dd4440e3053be743806c899672aecb38d0a0a558
libcap-2.22-11.el7.tuxcare.els1.x86_64.rpm
4451119880599fb308a9e298f6df87bf4deebbac
libcap-devel-2.22-11.el7.tuxcare.els1.i686.rpm
f098c98dfcbe287532b9b4f684f6328ccda301e2
libcap-devel-2.22-11.el7.tuxcare.els1.x86_64.rpm
f4fa558351fd4ea407d267618f244bb0d8523c99
CLSA-2023:1699380056
rsync: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2018-25032: fix a bug that can crash deflate on some input when using
Z_FIXED
- CVE-2022-37434: fix zlib bug with a large gzip header extra field
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2018-25032: fix a bug that can crash deflate on some input when using
Z_FIXED
- CVE-2022-37434: fix zlib bug with a large gzip header extra field
0
tuxcare-centos7-els
rsync-3.1.2-12.el7_9.tuxcare.els1.x86_64.rpm
fef3b38615daaa146cab47bc09a687d1cd757380
CLSA-2023:1699909692
sudo: Fix of CVE-2023-23240
TuxCare License Agreement
0
- CVE-2023-23240: Add security checks before using temp files for SELinux RBAC sudoedit
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-23240: Add security checks before using temp files for SELinux RBAC sudoedit
0
tuxcare-centos7-els
sudo-1.8.23-10.el7_9.3.tuxcare.els1.x86_64.rpm
38e5c2ea9d9c0eb9f6f063025aa34ee8b15ceabc
sudo-devel-1.8.23-10.el7_9.3.tuxcare.els1.i686.rpm
aa5dbb9cb9954b74e59aa655f6ab606c00bac2a8
sudo-devel-1.8.23-10.el7_9.3.tuxcare.els1.x86_64.rpm
4dda7ed55d8c92e6648d70d81407085b0ea8d0e7
CLSA-2023:1701444720
microcode_ctl: Fix of 4 CVEs
TuxCare License Agreement
0
- Update Intel CPU microcode to microcode-20231114 release, addresses
CVE-2022-40982 (INTEL-SA-00828), CVE-2022-41804 (INTEL-SA-00837),
CVE-2023-23908 (INTEL-SA-00836), CVE-2023-23583 (INTEL-SA-00950):
- Addition of 06-9a-04/0x40 microcode (in 06-9a-04) at revision 0x5;
- Addition of 06-ba-02/0xe0 microcode (in 06-ba-02) at revision 0x411c;
- Addition of 06-ba-02/0xe0 microcode (in 06-ba-02) at revision 0x411c;
- Addition of 06-ba-03/0xe0 microcode (in 06-ba-02) at revision 0x411c;
- Addition of 06-ba-02/0xe0 microcode (in 06-ba-03) at revision 0x411c;
- Addition of 06-ba-02/0xe0 microcode (in 06-ba-03) at revision 0x411c;
- Addition of 06-ba-03/0xe0 microcode (in 06-ba-03) at revision 0x411c;
- Addition of 06-be-00/0x11 microcode (in 06-be-00) at revision 0x12;
- Removal of 06-ba-02/0xc0 microcode (in 06-ba-02) at revision 0x410e;
- Removal of 06-ba-02/0xc0 microcode (in 06-ba-02) at revision 0x410e;
- Removal of 06-ba-03/0xc0 microcode (in 06-ba-02) at revision 0x410e;
- Removal of 06-ba-02/0xc0 microcode (in 06-ba-03) at revision 0x410e;
- Removal of 06-ba-02/0xc0 microcode (in 06-ba-03) at revision 0x410e;
- Removal of 06-ba-03/0xc0 microcode (in 06-ba-03) at revision 0x410e;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode (in 06-55-03) from revision
0x1000161 up to 0x1000181;
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in 06-55-04)
from revision 0x2006e05 up to 0x2007006;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode (in 06-55-06) from revision
0x4003303 up to 0x4003604;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode (in 06-55-07) from
revision 0x5003303 up to 0x5003604;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode (in 06-55-0b) from revision
0x7002503 up to 0x7002703;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in 06-6a-06) from revision
0xd000389 up to 0xd0003b9;
- Update of 06-6c-01/0x10 (ICL-D B0) microcode (in 06-6c-01) from revision
0x1000211 up to 0x1000268;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in 06-7e-05) from revision
0xb8 up to 0xc2;
- Update of 06-8a-01/0x10 (LKF B2/B3) microcode (in 06-8a-01) from revision
0x32 up to 0x33;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in 06-8c-01) from
revision 0xa6 up to 0xb4;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in 06-8c-02) from revision
0x28 up to 0x34;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in 06-8d-01) from revision
0x42 up to 0x4e;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in 06-8e-09) from
revision 0xf0 up to 0xf4;
- Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in 06-8e-09) from
revision 0xf0 up to 0xf4;
- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in 06-8e-0a)
from revision 0xf0 up to 0xf4;
- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in 06-8e-0b) from revision
0xf0 up to 0xf4;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode
(in 06-8e-0c) from revision 0xf4 up to 0xf8;
- Update of 06-8f-04/0x10 microcode (in 06-8f-04) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-04) from
revision 0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-04) from revision
0x2c000170 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-04) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-04) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-04) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-04) from
revision 0x2b000181 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000170;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision
0x2b000181;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision
0x2b000181;
- Update of 06-8f-04/0x10 microcode (in 06-8f-05) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-05) from
revision 0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-05) from revision
0x2c000170 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-05) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-05) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-05) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-05) from
revision 0x2b000181 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000170;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision
0x2b000181;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision
0x2b000181;
- Update of 06-8f-04/0x10 microcode (in 06-8f-06) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-06) from
revision 0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-06) from revision
0x2c000170 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-06) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-06) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-06) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-06) from
revision 0x2b000181 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000170;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision
0x2b000181;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision
0x2b000181;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-07) from
revision 0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-07) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-07) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-07) from
revision 0x2b000181 up to 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision
0x2b000181;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision
0x2b000181;
- Update of 06-8f-04/0x10 microcode (in 06-8f-08) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-08) from
revision 0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-08) from revision
0x2c000170 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-08) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-08) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-08) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-08) from
revision 0x2b000181 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000170;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision
0x2b000181;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision
0x2b000181;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x2c;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x2c;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-02) from
revision 0x2c up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2c
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2c
up to 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x2c;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x2c;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-05) from
revision 0x2c up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2c
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2c
up to 0x32;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x430;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x430;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x429;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x429;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-03) from
revision 0x429 up to 0x430;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x430;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x430;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x429;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x429;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-04) from
revision 0x429 up to 0x430;
- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in 06-9e-09)
from revision 0xf0 up to 0xf4;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in 06-9e-0a) from
revision 0xf0 up to 0xf4;
- Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in 06-9e-0b) from
revision 0xf0 up to 0xf4;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in 06-9e-0c) from
revision 0xf0 up to 0xf4;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in 06-9e-0d) from
revision 0xf4 up to 0xfa;
- Update of 06-a5-02/0x20 (CML-H R1) microcode (in 06-a5-02) from revision
0xf4 up to 0xf8;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode (in 06-a5-03) from
revision 0xf4 up to 0xf8;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode (in 06-a5-05) from
revision 0xf4 up to 0xf8;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode (in 06-a6-00) from
revision 0xf4 up to 0xf8;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode (in 06-a6-01) from
revision 0xf4 up to 0xf8;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode (in 06-a7-01) from revision
0x57 up to 0x5d;
- Update of 06-b7-01/0x32 (RPL-S S0) microcode (in 06-b7-01) from revision
0x112 up to 0x11d;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x2c;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x2c;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-02) from
revision 0x2c up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2c
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2c
up to 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x2c;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x2c;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-05) from
revision 0x2c up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2c
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2c
up to 0x32;
- gen_update2.py was updated to output strings having restricted length.
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update Intel CPU microcode to microcode-20231114 release, addresses
CVE-2022-40982 (INTEL-SA-00828), CVE-2022-41804 (INTEL-SA-00837),
CVE-2023-23908 (INTEL-SA-00836), CVE-2023-23583 (INTEL-SA-00950):
- Addition of 06-9a-04/0x40 microcode (in 06-9a-04) at revision 0x5;
- Addition of 06-ba-02/0xe0 microcode (in 06-ba-02) at revision 0x411c;
- Addition of 06-ba-02/0xe0 microcode (in 06-ba-02) at revision 0x411c;
- Addition of 06-ba-03/0xe0 microcode (in 06-ba-02) at revision 0x411c;
- Addition of 06-ba-02/0xe0 microcode (in 06-ba-03) at revision 0x411c;
- Addition of 06-ba-02/0xe0 microcode (in 06-ba-03) at revision 0x411c;
- Addition of 06-ba-03/0xe0 microcode (in 06-ba-03) at revision 0x411c;
- Addition of 06-be-00/0x11 microcode (in 06-be-00) at revision 0x12;
- Removal of 06-ba-02/0xc0 microcode (in 06-ba-02) at revision 0x410e;
- Removal of 06-ba-02/0xc0 microcode (in 06-ba-02) at revision 0x410e;
- Removal of 06-ba-03/0xc0 microcode (in 06-ba-02) at revision 0x410e;
- Removal of 06-ba-02/0xc0 microcode (in 06-ba-03) at revision 0x410e;
- Removal of 06-ba-02/0xc0 microcode (in 06-ba-03) at revision 0x410e;
- Removal of 06-ba-03/0xc0 microcode (in 06-ba-03) at revision 0x410e;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode (in 06-55-03) from revision
0x1000161 up to 0x1000181;
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in 06-55-04)
from revision 0x2006e05 up to 0x2007006;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode (in 06-55-06) from revision
0x4003303 up to 0x4003604;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode (in 06-55-07) from
revision 0x5003303 up to 0x5003604;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode (in 06-55-0b) from revision
0x7002503 up to 0x7002703;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in 06-6a-06) from revision
0xd000389 up to 0xd0003b9;
- Update of 06-6c-01/0x10 (ICL-D B0) microcode (in 06-6c-01) from revision
0x1000211 up to 0x1000268;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in 06-7e-05) from revision
0xb8 up to 0xc2;
- Update of 06-8a-01/0x10 (LKF B2/B3) microcode (in 06-8a-01) from revision
0x32 up to 0x33;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in 06-8c-01) from
revision 0xa6 up to 0xb4;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in 06-8c-02) from revision
0x28 up to 0x34;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in 06-8d-01) from revision
0x42 up to 0x4e;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in 06-8e-09) from
revision 0xf0 up to 0xf4;
- Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in 06-8e-09) from
revision 0xf0 up to 0xf4;
- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in 06-8e-0a)
from revision 0xf0 up to 0xf4;
- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in 06-8e-0b) from revision
0xf0 up to 0xf4;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode
(in 06-8e-0c) from revision 0xf4 up to 0xf8;
- Update of 06-8f-04/0x10 microcode (in 06-8f-04) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-04) from
revision 0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-04) from revision
0x2c000170 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-04) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-04) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-04) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-04) from
revision 0x2b000181 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000170;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision
0x2b000181;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision
0x2b000181;
- Update of 06-8f-04/0x10 microcode (in 06-8f-05) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-05) from
revision 0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-05) from revision
0x2c000170 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-05) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-05) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-05) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-05) from
revision 0x2b000181 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000170;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision
0x2b000181;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision
0x2b000181;
- Update of 06-8f-04/0x10 microcode (in 06-8f-06) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-06) from
revision 0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-06) from revision
0x2c000170 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-06) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-06) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-06) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-06) from
revision 0x2b000181 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000170;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision
0x2b000181;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision
0x2b000181;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-07) from
revision 0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-07) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-07) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-07) from
revision 0x2b000181 up to 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision
0x2b000181;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision
0x2b000181;
- Update of 06-8f-04/0x10 microcode (in 06-8f-08) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-08) from
revision 0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-08) from revision
0x2c000170 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-08) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-08) from revision 0x2c000170 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-08) from revision
0x2b000181 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-08) from
revision 0x2b000181 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000170;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision
0x2b000181;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision
0x2b000181;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x2c;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x2c;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-02) from
revision 0x2c up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2c
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2c
up to 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x2c;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x2c;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-05) from
revision 0x2c up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2c
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2c
up to 0x32;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x430;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x430;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x429;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x429;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-03) from
revision 0x429 up to 0x430;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x430;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x430;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x429;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x429;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-04) from
revision 0x429 up to 0x430;
- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in 06-9e-09)
from revision 0xf0 up to 0xf4;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in 06-9e-0a) from
revision 0xf0 up to 0xf4;
- Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in 06-9e-0b) from
revision 0xf0 up to 0xf4;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in 06-9e-0c) from
revision 0xf0 up to 0xf4;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in 06-9e-0d) from
revision 0xf4 up to 0xfa;
- Update of 06-a5-02/0x20 (CML-H R1) microcode (in 06-a5-02) from revision
0xf4 up to 0xf8;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode (in 06-a5-03) from
revision 0xf4 up to 0xf8;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode (in 06-a5-05) from
revision 0xf4 up to 0xf8;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode (in 06-a6-00) from
revision 0xf4 up to 0xf8;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode (in 06-a6-01) from
revision 0xf4 up to 0xf8;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode (in 06-a7-01) from revision
0x57 up to 0x5d;
- Update of 06-b7-01/0x32 (RPL-S S0) microcode (in 06-b7-01) from revision
0x112 up to 0x11d;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x2c;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x2c;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-02) from
revision 0x2c up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2c
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2c
up to 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x2c;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x2c;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-05) from
revision 0x2c up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2c
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2c
up to 0x32;
- gen_update2.py was updated to output strings having restricted length.
0
tuxcare-centos7-els
microcode_ctl-2.1-73.16.el7_9.tuxcare.els1.x86_64.rpm
9ed3e8ad6d115fc75d272cc8c77dd3df0e5c1adf
CLSA-2023:1703612912
openssh: Fix of CVE-2023-51385
TuxCare License Agreement
0
- CVE-2023-51385: ban user/hostnames with most shell metacharacters in
command line
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-51385: ban user/hostnames with most shell metacharacters in
command line
0
tuxcare-centos7-els
openssh-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm
edbed619f94ac534b814fe95630d1268b677aeca
openssh-askpass-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm
cde687661d4b4009f2acfec7163b24dd2d8041fc
openssh-cavs-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm
6df167f7ba307b1289b6e2c577f3167cab8ad23c
openssh-clients-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm
2cd529fcdbbe84f8d309c419fbbe22377185f7fa
openssh-keycat-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm
27547546f0ec2402a491386921b5a24cf21d232d
openssh-ldap-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm
756392880ad5f77d1da719693556aba7c1aebca9
openssh-server-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm
39303f852903e50dec9ebaf7c3f04c8d42e57689
openssh-server-sysvinit-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm
153362ae7bfa5623553668f66f13c8bdbb181a34
pam_ssh_agent_auth-0.10.3-2.23.el7_9.tuxcare.els1.i686.rpm
bb7cfaf0e9fae5c15b3c5c7f078feeac51aa5f8d
pam_ssh_agent_auth-0.10.3-2.23.el7_9.tuxcare.els1.x86_64.rpm
c0dcad557496c654cdd840b696018ff13bf3533b
CLSA-2024:1705941805
Update of ca-certificates
TuxCare License Agreement
0
- Update to CKBI 2.64_v7.0.306 from NSS 3.95
- Removing:
- # Certificate "AC1 RAIZ MTIN"
- # Certificate "ACNLB"
- # Certificate "Actalis Authentication CA G1"
- # Certificate "AddTrust External CA Root"
- # Certificate "AdminCA-CD-T01"
- # Certificate "Admin-Root-CA"
- # Certificate "ADOCA02"
- # Certificate "ANF Server CA"
- # Certificate "A-Trust-Qual-03"
- # Certificate "A-Trust-Root-05"
- # Certificate "Autoridade Certificadora Raiz Brasileira v1"
- # Certificate "Autoridade Certificadora Raiz Brasileira v2"
- # Certificate "CA Disig"
- # Certificate "CCA India 2011"
- # Certificate "Certipost E-Trust Primary Normalised CA"
- # Certificate "Certipost E-Trust Primary Qualified CA"
- # Certificate "Class 1 Primary CA"
- # Certificate "Cybertrust Global Root"
- # Certificate "D-TRUST Root Class 2 CA 2007"
- # Certificate "D-TRUST Root Class 3 CA 2007"
- # Certificate "EBG Elektronik Sertifika Hizmet Sağlayıcısı"
- # Certificate "e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi"
- # Certificate "Equifax"
- # Certificate "Equifax Secure Global eBusiness CA-1"
- # Certificate "E-Tugra Certification Authority"
- # Certificate "GeoTrust Global CA"
- # Certificate "GeoTrust Global CA 2"
- # Certificate "GTE CyberTrust Global Root"
- # Certificate "Halcom CA FO"
- # Certificate "Halcom CA PO 2"
- # Certificate "Hongkong Post Root CA 1"
- # Certificate "I.CA - Qualified Certification Authority, 09/2009"
- # Certificate "I.CA - Qualified root certificate"
- # Certificate "I.CA - Standard Certification Authority, 09/2009"
- # Certificate "I.CA - Standard root certificate"
- # Certificate "IGC/A"
- # Certificate "Japanese Government"
- # Certificate "Juur-SK"
- # Certificate "KEYNECTIS ROOT CA"
- # Certificate "LGPKI"
- # Certificate "LuxTrust Global Root"
- # Certificate "Macao Post eSignTrust Root Certification Authority (G02)"
- # Certificate "Microsec e-Szigno Root CA"
- # Certificate "Microsoft Root Authority"
- # Certificate "Microsoft Root Certificate Authority"
- # Certificate "NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado"
- # Certificate "QuoVadis Root Certification Authority"
- # Certificate "Root CA Generalitat Valenciana"
- # Certificate "SITHS CA v3"
- # Certificate "Sonera Class2 CA"
- # Certificate "Staat der Nederlanden Root CA"
- # Certificate "Staat der Nederlanden Root CA - G2"
- # Certificate "state-institutions"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
- # Certificate "Thawte Premium Server CA"
- # Certificate "Thawte Server CA"
- # Certificate "TrustCor ECA-1"
- # Certificate "TrustCor RootCert CA-1"
- # Certificate "TrustCor RootCert CA-2"
- # Certificate "TÜBİTAK UEKAE Kök Sertifika Hizmet Sağlayıcısı - Sürüm 3"
- # Certificate "UTN-USERFirst-Object"
- # Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
- # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
- # Certificate "VeriSign, Inc."
- Adding:
- # Certificate "Atos TrustedRoot Root CA ECC G2 2020"
- # Certificate "Atos TrustedRoot Root CA ECC TLS 2021"
- # Certificate "Atos TrustedRoot Root CA RSA G2 2020"
- # Certificate "Atos TrustedRoot Root CA RSA TLS 2021"
- # Certificate "CommScope Public Trust ECC Root-01"
- # Certificate "CommScope Public Trust ECC Root-02"
- # Certificate "CommScope Public Trust RSA Root-01"
- # Certificate "CommScope Public Trust RSA Root-02"
- # Certificate "LAWtrust Root CA2 (4096)"
- # Certificate "Sectigo Public Email Protection Root E46"
- # Certificate "Sectigo Public Email Protection Root R46"
- # Certificate "Sectigo Public Server Authentication Root E46"
- # Certificate "Sectigo Public Server Authentication Root R46"
- # Certificate "SSL.com Client ECC Root CA 2022"
- # Certificate "SSL.com Client RSA Root CA 2022"
- # Certificate "SSL.com TLS ECC Root CA 2022"
- # Certificate "SSL.com TLS RSA Root CA 2022"
- # Certificate "TrustAsia Global Root CA G3"
- # Certificate "TrustAsia Global Root CA G4"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update to CKBI 2.64_v7.0.306 from NSS 3.95
- Removing:
- # Certificate "AC1 RAIZ MTIN"
- # Certificate "ACNLB"
- # Certificate "Actalis Authentication CA G1"
- # Certificate "AddTrust External CA Root"
- # Certificate "AdminCA-CD-T01"
- # Certificate "Admin-Root-CA"
- # Certificate "ADOCA02"
- # Certificate "ANF Server CA"
- # Certificate "A-Trust-Qual-03"
- # Certificate "A-Trust-Root-05"
- # Certificate "Autoridade Certificadora Raiz Brasileira v1"
- # Certificate "Autoridade Certificadora Raiz Brasileira v2"
- # Certificate "CA Disig"
- # Certificate "CCA India 2011"
- # Certificate "Certipost E-Trust Primary Normalised CA"
- # Certificate "Certipost E-Trust Primary Qualified CA"
- # Certificate "Class 1 Primary CA"
- # Certificate "Cybertrust Global Root"
- # Certificate "D-TRUST Root Class 2 CA 2007"
- # Certificate "D-TRUST Root Class 3 CA 2007"
- # Certificate "EBG Elektronik Sertifika Hizmet Sağlayıcısı"
- # Certificate "e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi"
- # Certificate "Equifax"
- # Certificate "Equifax Secure Global eBusiness CA-1"
- # Certificate "E-Tugra Certification Authority"
- # Certificate "GeoTrust Global CA"
- # Certificate "GeoTrust Global CA 2"
- # Certificate "GTE CyberTrust Global Root"
- # Certificate "Halcom CA FO"
- # Certificate "Halcom CA PO 2"
- # Certificate "Hongkong Post Root CA 1"
- # Certificate "I.CA - Qualified Certification Authority, 09/2009"
- # Certificate "I.CA - Qualified root certificate"
- # Certificate "I.CA - Standard Certification Authority, 09/2009"
- # Certificate "I.CA - Standard root certificate"
- # Certificate "IGC/A"
- # Certificate "Japanese Government"
- # Certificate "Juur-SK"
- # Certificate "KEYNECTIS ROOT CA"
- # Certificate "LGPKI"
- # Certificate "LuxTrust Global Root"
- # Certificate "Macao Post eSignTrust Root Certification Authority (G02)"
- # Certificate "Microsec e-Szigno Root CA"
- # Certificate "Microsoft Root Authority"
- # Certificate "Microsoft Root Certificate Authority"
- # Certificate "NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado"
- # Certificate "QuoVadis Root Certification Authority"
- # Certificate "Root CA Generalitat Valenciana"
- # Certificate "SITHS CA v3"
- # Certificate "Sonera Class2 CA"
- # Certificate "Staat der Nederlanden Root CA"
- # Certificate "Staat der Nederlanden Root CA - G2"
- # Certificate "state-institutions"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
- # Certificate "Thawte Premium Server CA"
- # Certificate "Thawte Server CA"
- # Certificate "TrustCor ECA-1"
- # Certificate "TrustCor RootCert CA-1"
- # Certificate "TrustCor RootCert CA-2"
- # Certificate "TÜBİTAK UEKAE Kök Sertifika Hizmet Sağlayıcısı - Sürüm 3"
- # Certificate "UTN-USERFirst-Object"
- # Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
- # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
- # Certificate "VeriSign, Inc."
- Adding:
- # Certificate "Atos TrustedRoot Root CA ECC G2 2020"
- # Certificate "Atos TrustedRoot Root CA ECC TLS 2021"
- # Certificate "Atos TrustedRoot Root CA RSA G2 2020"
- # Certificate "Atos TrustedRoot Root CA RSA TLS 2021"
- # Certificate "CommScope Public Trust ECC Root-01"
- # Certificate "CommScope Public Trust ECC Root-02"
- # Certificate "CommScope Public Trust RSA Root-01"
- # Certificate "CommScope Public Trust RSA Root-02"
- # Certificate "LAWtrust Root CA2 (4096)"
- # Certificate "Sectigo Public Email Protection Root E46"
- # Certificate "Sectigo Public Email Protection Root R46"
- # Certificate "Sectigo Public Server Authentication Root E46"
- # Certificate "Sectigo Public Server Authentication Root R46"
- # Certificate "SSL.com Client ECC Root CA 2022"
- # Certificate "SSL.com Client RSA Root CA 2022"
- # Certificate "SSL.com TLS ECC Root CA 2022"
- # Certificate "SSL.com TLS RSA Root CA 2022"
- # Certificate "TrustAsia Global Root CA G3"
- # Certificate "TrustAsia Global Root CA G4"
0
tuxcare-centos7-els
ca-certificates-2023.2.64_v7.0.306-72.el7_9.tuxcare.els1.noarch.rpm
7feddba1b5c6e8fbfdf4863955ec120aa40bead4
CLSA-2024:1706698462
java-1.8.0-openjdk: Fix of 6 CVEs
TuxCare License Agreement
0
- Upgrade to shenandoah-jdk8u402-b06. That fixes following CVEs:
- CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler
- CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution
- CVE-2024-20921: Range check loop optimization issue
- CVE-2024-20926: Arbitrary Java code execution in Nashorn
- CVE-2024-20945: Logging of digital signature private keys
- CVE-2024-20952: RSA padding issue and timing side-channel attack against TLS
- Remove JDK-8312489 patch which is already in the sources
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to shenandoah-jdk8u402-b06. That fixes following CVEs:
- CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler
- CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution
- CVE-2024-20921: Range check loop optimization issue
- CVE-2024-20926: Arbitrary Java code execution in Nashorn
- CVE-2024-20945: Logging of digital signature private keys
- CVE-2024-20952: RSA padding issue and timing side-channel attack against TLS
- Remove JDK-8312489 patch which is already in the sources
0
tuxcare-centos7-els
java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm
985a45c8261c59abac4a44948037a6cc2d56e620
java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
ef4381e2d45cad05764579260dc995563441e132
java-1.8.0-openjdk-accessibility-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm
8160994f0cd9bad149e5a90fc0cb17d9140cf4ed
java-1.8.0-openjdk-accessibility-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
0fcc4e0970849055e2282c3bc8114065c7107037
java-1.8.0-openjdk-accessibility-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
4479fe7464c92190454afd066e277023d919f6fc
java-1.8.0-openjdk-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
9e86d9d96f9e181378702495a2bf70164acd85c6
java-1.8.0-openjdk-demo-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm
a0485fe0478294ff032f4c14e6c477ac3994fb8b
java-1.8.0-openjdk-demo-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
c04b4d849b0ea094fee35a171ba4a44c7370d725
java-1.8.0-openjdk-demo-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
887249dcbe96685426c54e90c41f0027c8c3e504
java-1.8.0-openjdk-devel-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm
1261c82741d6eb32f635f4e1780c024f8089575f
java-1.8.0-openjdk-devel-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
52ec594951a776a02f0df7053dc5a7571b88258f
java-1.8.0-openjdk-devel-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
b7a0efd04304fc2a8b1bcbcb0a819b6f08df4039
java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm
d74e69ba4033f60f66a6c655947de5ea1504ec86
java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
ba1beebb093fff1eb59ed81ff287cfa8a6bda89e
java-1.8.0-openjdk-headless-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
1e7d15c7b51cf0c3a6112f1f6888a340f23a9ea5
java-1.8.0-openjdk-javadoc-1.8.0.402.b06-1.el7_9.tuxcare.els1.noarch.rpm
00fae0753cef9a26e8b57febffe45c478c351c09
java-1.8.0-openjdk-javadoc-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.noarch.rpm
e6d9837df19a63c42b250d29cfe55e637375df0f
java-1.8.0-openjdk-javadoc-zip-1.8.0.402.b06-1.el7_9.tuxcare.els1.noarch.rpm
ea34729369f2f754d4106fc50b4c3e102189ed0f
java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.noarch.rpm
5ae85d29e6f1f326df3edb4f86c9329bdd0c0125
java-1.8.0-openjdk-src-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm
23a9388afe4eb4bfbe36f1ae237eb28d2fc9441c
java-1.8.0-openjdk-src-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
f840b1b5df6ba65175fedc433c404160f18e3762
java-1.8.0-openjdk-src-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm
ab2e31664231ea3bf64774767b18ad387d490a11
CLSA-2024:1706700142
php: Fix of 8 CVEs
TuxCare License Agreement
0
- CVE-2021-21702: Fix null pointer crash because of malformed
SOAP server response
- CVE-2021-21703: Fix error in php fpm shared memory organization
leading to privilage escalation
- CVE-2022-31625: Fix freeing of uninitialized memory leading to RCE
- CVE-2022-31626: Fix buffer overflow in mysqlnd driver leading to RCE
- CVE-2023-0568: Fix array overrun when appending slash to paths
in DOM and XML cases
- CVE-2023-0662: Fix DOS vulnerabality by limiting number of parsed
multipart body parts and printing upload limit exceed error
message only once
- CVE-2023-3823: Fix external entity loading in XML without enabling it,
by sanitizing libxml2 globals before parsing
- CVE-2023-3824: Fix buffer mismanagement in phar_dir_read()
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-21702: Fix null pointer crash because of malformed
SOAP server response
- CVE-2021-21703: Fix error in php fpm shared memory organization
leading to privilage escalation
- CVE-2022-31625: Fix freeing of uninitialized memory leading to RCE
- CVE-2022-31626: Fix buffer overflow in mysqlnd driver leading to RCE
- CVE-2023-0568: Fix array overrun when appending slash to paths
in DOM and XML cases
- CVE-2023-0662: Fix DOS vulnerabality by limiting number of parsed
multipart body parts and printing upload limit exceed error
message only once
- CVE-2023-3823: Fix external entity loading in XML without enabling it,
by sanitizing libxml2 globals before parsing
- CVE-2023-3824: Fix buffer mismanagement in phar_dir_read()
0
tuxcare-centos7-els
php-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
9680d4f83839998fbbc573c763e52d38eff7d7f7
php-bcmath-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
5b79e924a515c8fccc3b277164ac261d01bc9604
php-cli-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
047e34da7ee4f304bcf0d73dc2f8c111a7a2d823
php-common-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
f140115eaba2dc9c9fc3e8215f7ffc3ddffaeda1
php-dba-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
28fadfc1b2b6cd6791b1f70c9ac8fed5a32ff822
php-devel-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
ea0cf62c95f3c80c35add18057ad13540ddaeae7
php-embedded-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
9c54b3120ecaae74256339e947a6a5695347aec9
php-enchant-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
f6db7357949d50b7a9915a3961c68139d341fa54
php-fpm-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
74aa3fabc38f8fc345db50e3885dd9fe3113f6ff
php-gd-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
eec57ec10a4b6dcdd2dd766db7733bc8a5fedb30
php-intl-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
6530dbd9d5ad7a095389ce988d0c221c1ee3d25d
php-ldap-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
0501c1639360479e62744d8b02b9b86055484e79
php-mbstring-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
997ad8de250710bfaa069fb35206700d6dc7303b
php-mysql-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
bf7ea2af2196e2a7949bdc19ceda35989d9c3e4f
php-mysqlnd-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
752baac7ab2c13204eee3c97f1b8c7a98462da9a
php-odbc-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
37c3cb0c4c76c0868af9071f4cd814508973051a
php-pdo-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
10c245c93617a8607e45786dd487b1b809d5569f
php-pgsql-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
469bb9f34d74f5e24b1d74e4cf42d058f47c9211
php-process-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
b0c3602c30bd2834bdce05e266c2691e91907209
php-pspell-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
f07dd1600ef6dcff80dd38900cab5a9dfa682ca5
php-recode-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
fdbd10a6f94b7c15a746ee8fac4ba858e2b94cc9
php-snmp-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
66d81093531fa2f392fcd195b2410db476f87b19
php-soap-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
85448bcbbe56434909d288b221a35a607867dd2b
php-xml-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
29f0632ef163f5a2e26fb3ac023800c75fe985fd
php-xmlrpc-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
01b42a2bafbf16cfef05c64184cb9e147d6f081a
CLSA-2024:1707919380
openssh: Fix of CVE-2023-48795
TuxCare License Agreement
0
- CVE-2023-48795: implement "strict key exchange" in ssh and sshd
- Moved ELS patches to the top to avoid patch conflicts
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-48795: implement "strict key exchange" in ssh and sshd
- Moved ELS patches to the top to avoid patch conflicts
0
tuxcare-centos7-els
openssh-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm
add92be02b6d782b2083e92ebb70bd1c076b2dd6
openssh-askpass-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm
e38a020c7bbacbe347c6031b1ea2b7d30845aee6
openssh-cavs-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm
ca03959afe114454bceae32b821ffe70a22bb628
openssh-clients-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm
295e9b1a752cd00ea2bc1519bc5d2635c3c02ef7
openssh-keycat-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm
9a83b13d97f05fa85024a7620fafed5b45939c74
openssh-ldap-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm
e0f017ec7e626e008dff93577d632462e26a9662
openssh-server-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm
42a83385dc6a0edbcacd30f75c6aa479b11d149f
openssh-server-sysvinit-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm
19ce58d35308b933496dd2feec904feb31074402
pam_ssh_agent_auth-0.10.3-2.23.el7_9.tuxcare.els2.i686.rpm
7f114bc027bd1b665b3b2265d5b6492a65313a03
pam_ssh_agent_auth-0.10.3-2.23.el7_9.tuxcare.els2.x86_64.rpm
694398c494e6601ec374ac1ec07bc616eddcd9e5
CLSA-2024:1708417192
libxml2: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2017-7375: add validation for parsed entity references
- CVE-2017-7376: fix buffer overflow in URL handling
- CVE-2017-8872: free input buffer in xmlHaltParser
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2017-7375: add validation for parsed entity references
- CVE-2017-7376: fix buffer overflow in URL handling
- CVE-2017-8872: free input buffer in xmlHaltParser
0
tuxcare-centos7-els
libxml2-2.9.1-6.el7_9.6.tuxcare.els3.i686.rpm
9214f528ef5a5911e6f29a2dd28c0fef59437ea4
libxml2-2.9.1-6.el7_9.6.tuxcare.els3.x86_64.rpm
a08f218df8faed30a40d4cc17202bebbb635f0ea
libxml2-devel-2.9.1-6.el7_9.6.tuxcare.els3.i686.rpm
5cde1a7605d681cb8e42c2f495f377815d479645
libxml2-devel-2.9.1-6.el7_9.6.tuxcare.els3.x86_64.rpm
b01a1f3711245fe08bcf1c6ef07db38de5a0b29d
libxml2-python-2.9.1-6.el7_9.6.tuxcare.els3.x86_64.rpm
6625a7ca31068c5c845dd9bcb512eb24803bfee1
libxml2-static-2.9.1-6.el7_9.6.tuxcare.els3.i686.rpm
135d15940ef38ecb8d6ba94821fe8671f6fd5623
libxml2-static-2.9.1-6.el7_9.6.tuxcare.els3.x86_64.rpm
abce4ce166a9e14fa87571b897de93a2010427db
CLSA-2024:1709550046
bind: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed
zone responses
- CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed
zone responses
- CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3
0
tuxcare-centos7-els
bind-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
fe2a7cd869562e3ba20be19cb675e6952806c18a
bind-chroot-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
9eb1b11324b786544d1c4a0b38403659375eca2e
bind-devel-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm
415b9651285c74584bdb3585904c244ef01c0cf0
bind-devel-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
0da77ee697b3c95774d36b6e1395f009a640dd0c
bind-export-devel-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm
c0236bc639e28a954fb214d17782abf3974d435e
bind-export-devel-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
199f15094dae68c173a96859bc5c50a494ef3573
bind-export-libs-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm
55e7f51d1b1c14edc487c3073e8258728e9e32b2
bind-export-libs-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
16736bf483fa15ab33838a3191409394c508edaf
bind-libs-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm
66e7b5a1e480ddaf7aec614ee0e1120bb399a87a
bind-libs-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
1406ee012927425762e41fdff6b3c6f49bef9e3a
bind-libs-lite-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm
e2c5ac52078c5eb4a61b28856cb1286920d80975
bind-libs-lite-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
fdf58adb34f0fc3358f481ad5ccd97d603694c5c
bind-license-9.11.4-26.P2.el7.14.tuxcare.els2.noarch.rpm
c58ede0bd8b11f22588c0b0a5a28305c925a7309
bind-lite-devel-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm
fa0f9557aab88d20abecbfb446c4b6ef7b62bbea
bind-lite-devel-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
16950a1353e6fc53e537c27152cec7aa7fa1e834
bind-pkcs11-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
18273a8c69ebd60a7b99421d92155b181767e5e4
bind-pkcs11-devel-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm
e3e45b5de9f5c28a17e3092d4f5b3935f4b59904
bind-pkcs11-devel-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
e8d4a7471b37bc7ab3a51ef536e61dd4df4f8a36
bind-pkcs11-libs-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm
6e6aae3522f9d376e8092451a544132cfe14c5e5
bind-pkcs11-libs-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
74fee7f6c94f2da2631e2e47f64758992c003e43
bind-pkcs11-utils-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
4124b0e50256105b156bbff46ac46ba6a93a6ea6
bind-sdb-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
008a2263f42bb4884c9e013547decfdba677ed90
bind-sdb-chroot-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
0a90433f20ebbe87dcfd6c511bbbb4194bddadaf
bind-utils-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm
f706efc7749d642e68b785ce825300f15974c5fa
CLSA-2024:1709727025
linux-firmware: Fix of 2 CVEs
TuxCare License Agreement
0
- Update AMD CPU microcode to 2023-12-05:
- Update AMD CPU microcode for processor family 19h: sig 0x00a10f12,
sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11
- Update AMD CPU microcode for processor family 17h: sig 0x00830f10
- Fix CVE-2023-20569, CVE-2023-20593
- Use tuxcare.els suffixes for all packages
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update AMD CPU microcode to 2023-12-05:
- Update AMD CPU microcode for processor family 19h: sig 0x00a10f12,
sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11
- Update AMD CPU microcode for processor family 17h: sig 0x00830f10
- Fix CVE-2023-20569, CVE-2023-20593
- Use tuxcare.els suffixes for all packages
0
tuxcare-centos7-els
iwl100-firmware-39.31.5.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
62b263a06b9eb84d7439d8de12682e33d8894e11
iwl1000-firmware-39.31.5.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
ed62d248bdbb91e618d3e6ad9880319fa571de5e
iwl105-firmware-18.168.6.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
9648db3b145dc96fc2081bd1d2ccd752aeaade21
iwl135-firmware-18.168.6.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
e998813e681c51779daad0a52d30314ed007984a
iwl2000-firmware-18.168.6.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
4a3bd116a1ed82e9621821a0323804b47f1ae91d
iwl2030-firmware-18.168.6.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
4d98ff8c98f33c55eea843c56eee2acdfbb429f8
iwl3160-firmware-25.30.13.0-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
7646e5088e9eb33905b145c096c1a9023f9db0ec
iwl3945-firmware-15.32.2.9-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
ca2b054760c356b7164fe87d4f83d3108da562ac
iwl4965-firmware-228.61.2.24-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
26d05fddb8c51f0b9c8caffef5b22f2481cd21db
iwl5000-firmware-8.83.5.1_1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
6522a2f96c1f1465ec33e1ca99942aac8db86234
iwl5150-firmware-8.24.2.2-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
2b0cb7728b14fc02660db9a8bebaab367355659e
iwl6000-firmware-9.221.4.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
e4db79c53211b0abfa72bdf7825f1fc232039412
iwl6000g2a-firmware-18.168.6.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
1a204c5344437a1789c87765f8a931b6446db84c
iwl6000g2b-firmware-18.168.6.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
17f0c10115ec2e7196f9eb29821b0a2333a66d50
iwl6050-firmware-41.28.5.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
7fe7c1c38d1aacf636191b0e710b5fdf7203bbad
iwl7260-firmware-25.30.13.0-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
846f14b5817df35dbb60fd1ef35a5239a47a640b
linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm
3725157da6a2ed9c81c7d4f6d68d47ae8bba31cb
CLSA-2024:1709839956
nettle: Fix of CVE-2018-16869
TuxCare License Agreement
0
- Port side-channel silent functions from 3.4.1. Partially fix
for CVE-2018-16869
- CVE-2018-16869: Add side-channel silent memory, math, PKCS1,
RSA functions
- Added tests for side-channel silent implementations
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Port side-channel silent functions from 3.4.1. Partially fix
for CVE-2018-16869
- CVE-2018-16869: Add side-channel silent memory, math, PKCS1,
RSA functions
- Added tests for side-channel silent implementations
0
tuxcare-centos7-els
nettle-2.7.1-9.el7_9.tuxcare.els1.i686.rpm
30f41bf7bc176294c15b0efccbb36d21274322cf
nettle-2.7.1-9.el7_9.tuxcare.els1.x86_64.rpm
b98ab37c581e43a03714e5c47c3aec86b358d0b2
nettle-devel-2.7.1-9.el7_9.tuxcare.els1.i686.rpm
5ebbc1172282115841b35850ea6d1fe0ddb3f282
nettle-devel-2.7.1-9.el7_9.tuxcare.els1.x86_64.rpm
12794a8f50421d6713ecadf904cd7e17ba5c1501
CLSA-2024:1709840060
Update of nss
TuxCare License Agreement
0
- Update to CKBI 2.64 from NSS 3.95
- Removed:
- # Certificate "E-Tugra Certification Authority"
- # Certificate "Hongkong Post Root CA 1"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
- # Certificate "TrustCor ECA-1"
- # Certificate "TrustCor RootCert CA-1"
- # Certificate "TrustCor RootCert CA-2"
- # Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
- # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
- Added:
- # Certificate "Atos TrustedRoot Root CA ECC G2 2020"
- # Certificate "Atos TrustedRoot Root CA ECC TLS 2021"
- # Certificate "Atos TrustedRoot Root CA RSA G2 2020"
- # Certificate "Atos TrustedRoot Root CA RSA TLS 2021"
- # Certificate "CommScope Public Trust ECC Root-01"
- # Certificate "CommScope Public Trust ECC Root-02"
- # Certificate "CommScope Public Trust RSA Root-01"
- # Certificate "CommScope Public Trust RSA Root-02"
- # Certificate "LAWtrust Root CA2 (4096)"
- # Certificate "Sectigo Public Email Protection Root E46"
- # Certificate "Sectigo Public Email Protection Root R46"
- # Certificate "Sectigo Public Server Authentication Root E46"
- # Certificate "Sectigo Public Server Authentication Root R46"
- # Certificate "SSL.com Client ECC Root CA 2022"
- # Certificate "SSL.com Client RSA Root CA 2022"
- # Certificate "SSL.com TLS ECC Root CA 2022"
- # Certificate "SSL.com TLS RSA Root CA 2022"
- # Certificate "TrustAsia Global Root CA G3"
- # Certificate "TrustAsia Global Root CA G4"
- Update test certificates
- Tests were activated
- dbtests.sh waiting time was increased to pass the test on slow VM
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update to CKBI 2.64 from NSS 3.95
- Removed:
- # Certificate "E-Tugra Certification Authority"
- # Certificate "Hongkong Post Root CA 1"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
- # Certificate "TrustCor ECA-1"
- # Certificate "TrustCor RootCert CA-1"
- # Certificate "TrustCor RootCert CA-2"
- # Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
- # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
- Added:
- # Certificate "Atos TrustedRoot Root CA ECC G2 2020"
- # Certificate "Atos TrustedRoot Root CA ECC TLS 2021"
- # Certificate "Atos TrustedRoot Root CA RSA G2 2020"
- # Certificate "Atos TrustedRoot Root CA RSA TLS 2021"
- # Certificate "CommScope Public Trust ECC Root-01"
- # Certificate "CommScope Public Trust ECC Root-02"
- # Certificate "CommScope Public Trust RSA Root-01"
- # Certificate "CommScope Public Trust RSA Root-02"
- # Certificate "LAWtrust Root CA2 (4096)"
- # Certificate "Sectigo Public Email Protection Root E46"
- # Certificate "Sectigo Public Email Protection Root R46"
- # Certificate "Sectigo Public Server Authentication Root E46"
- # Certificate "Sectigo Public Server Authentication Root R46"
- # Certificate "SSL.com Client ECC Root CA 2022"
- # Certificate "SSL.com Client RSA Root CA 2022"
- # Certificate "SSL.com TLS ECC Root CA 2022"
- # Certificate "SSL.com TLS RSA Root CA 2022"
- # Certificate "TrustAsia Global Root CA G3"
- # Certificate "TrustAsia Global Root CA G4"
- Update test certificates
- Tests were activated
- dbtests.sh waiting time was increased to pass the test on slow VM
0
tuxcare-centos7-els
nss-3.90.0-2.el7_9.tuxcare.els1.i686.rpm
41fdf5f6f078b578bb8712e112d05e7f03f11a9a
nss-3.90.0-2.el7_9.tuxcare.els1.x86_64.rpm
6001e08e383d7cc3a7bceb9ab2178399839e172d
nss-devel-3.90.0-2.el7_9.tuxcare.els1.i686.rpm
f45016cbc6140436f636439c32d2eb951916f048
nss-devel-3.90.0-2.el7_9.tuxcare.els1.x86_64.rpm
c4cb6f3dec5352bae3d129e1a26ee6b680f79c5e
nss-pkcs11-devel-3.90.0-2.el7_9.tuxcare.els1.i686.rpm
88573377d386ec6feac2a109c13cc7bbaaccc427
nss-pkcs11-devel-3.90.0-2.el7_9.tuxcare.els1.x86_64.rpm
97b5b56c41bcb022582065842c48fa3fe2eba0f8
nss-sysinit-3.90.0-2.el7_9.tuxcare.els1.x86_64.rpm
cf3da6398612132fe1ee2d7ac485b2ca7e874c12
nss-tools-3.90.0-2.el7_9.tuxcare.els1.x86_64.rpm
4b70ccb086b4942413216bd36c998c26eeb01b41
CLSA-2024:1710184311
freetype: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2022-27404: Fix buffer overflow in sfnt_init_face
- CVE-2022-27405: Fix segmentation violation via FNT_Size_Request
- CVE-2022-27406: Fix segmentation violation via FT_Request_Size
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-27404: Fix buffer overflow in sfnt_init_face
- CVE-2022-27405: Fix segmentation violation via FNT_Size_Request
- CVE-2022-27406: Fix segmentation violation via FT_Request_Size
0
tuxcare-centos7-els
freetype-2.8-14.el7_9.1.tuxcare.els1.i686.rpm
310bddbdc6a3a7a2bbc27b50f33efbe319c6fa51
freetype-2.8-14.el7_9.1.tuxcare.els1.x86_64.rpm
ab1aad5e24796950103363de6322aaaca273b9d3
freetype-demos-2.8-14.el7_9.1.tuxcare.els1.x86_64.rpm
1d547f06f3a862232efbc2059faa8a6b0beea2bb
freetype-devel-2.8-14.el7_9.1.tuxcare.els1.i686.rpm
88cb215e9623a038016dd3d23f9ce99ba863f11c
freetype-devel-2.8-14.el7_9.1.tuxcare.els1.x86_64.rpm
7f16fc3510d564bad5d344b059472d9827cfc82e
CLSA-2024:1710184399
gnutls: Fix of 3 CVEs
TuxCare License Agreement
0
- Keep the broken pkcs11 tests disabled.
- Added CVE-2024-0567 PoC test.
- CVE-2023-5981-pre1: improve level of randomness for each operations,
always use _gnutls_switch_lib_state for pk wrappers.
- CVE-2023-5981-pre2: add constant time/cache operations to prevent
or minimaze timining or cache side channel attacks.
- CVE-2023-5981: removes branching that depends on secret data to
prevent potential side-channel attack.
- CVE-2024-0553: minimize branching after decryption.
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Keep the broken pkcs11 tests disabled.
- Added CVE-2024-0567 PoC test.
- CVE-2023-5981-pre1: improve level of randomness for each operations,
always use _gnutls_switch_lib_state for pk wrappers.
- CVE-2023-5981-pre2: add constant time/cache operations to prevent
or minimaze timining or cache side channel attacks.
- CVE-2023-5981: removes branching that depends on secret data to
prevent potential side-channel attack.
- CVE-2024-0553: minimize branching after decryption.
0
tuxcare-centos7-els
gnutls-3.3.29-9.el7_9.tuxcare.els1.i686.rpm
df8f25dac01b6abc52b74e3e39bbbe520723d4e1
gnutls-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm
8461900ebaceb6425a4389b937f6c6899ab2691b
gnutls-c++-3.3.29-9.el7_9.tuxcare.els1.i686.rpm
ba0f50308a0e95f9dedbdd4c677e4030d428e8ed
gnutls-c++-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm
08ad1fee55b178c6b40e91204ae111f2997656b4
gnutls-dane-3.3.29-9.el7_9.tuxcare.els1.i686.rpm
427c670552afe57210ae6cfe3628d7ecc56cc6e4
gnutls-dane-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm
0f2ab15fdd7167bca864cad0bbea64887b0d0d49
gnutls-devel-3.3.29-9.el7_9.tuxcare.els1.i686.rpm
8b6dd527a1d651c4900fd42a78ae3ea214018d96
gnutls-devel-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm
b871cbdd4c9b4608b44a825e3a8982d0a3e7218b
gnutls-utils-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm
f5f370f97d8d007288267dec683ab8e38292c3d2
CLSA-2024:1710437461
python3: Fix of CVE-2022-48564
TuxCare License Agreement
0
- CVE-2022-48564: Improve validation of Plist files that prevent DoS
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-48564: Improve validation of Plist files that prevent DoS
0
tuxcare-centos7-els
python3-3.6.8-21.el7_9.tuxcare.els2.i686.rpm
462389533a561eda76b69c096f47f7fef024354c
python3-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm
24cd82f7a5ade9f8b52fed04c77dcdce9abdb8cd
python3-debug-3.6.8-21.el7_9.tuxcare.els2.i686.rpm
ac8db8e21d11c707cd219a4043f015d3663853f8
python3-debug-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm
e5c8a445e5749adc070cf1fcb95bcefc91cc5194
python3-devel-3.6.8-21.el7_9.tuxcare.els2.i686.rpm
aacf57743409b3a2e67ae4fc3438db27f4c5d0fe
python3-devel-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm
6315e8a17d3742f8b40e14db2934899ca839144e
python3-idle-3.6.8-21.el7_9.tuxcare.els2.i686.rpm
81502c64373ae0930558475657ee14829c1b2f78
python3-idle-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm
72bee843c858cee2a980d809a1f31eefe0d1fe3d
python3-libs-3.6.8-21.el7_9.tuxcare.els2.i686.rpm
52fce478ac6a7c9f3e05e8638b8b6df9eb348dbf
python3-libs-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm
a0954f8d4b4b2564955cb08fb2a3c5c964f871d8
python3-test-3.6.8-21.el7_9.tuxcare.els2.i686.rpm
11cb08293651733661a17562df9372f5071731bd
python3-test-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm
b2658406f5148a52d70d0ac0ba0e70265e5dc219
python3-tkinter-3.6.8-21.el7_9.tuxcare.els2.i686.rpm
1c4409d9fc061adeff882813adeea5e62c1184f9
python3-tkinter-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm
c45bbbfd95df822bcb6a95164333009fa635dc52
CLSA-2024:1710789286
ncurses: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-29491.patch: Mitigate vulnerability by building the packages with
modified --disable-root-environ option which now limits usage of environment
for setuid/setgid programs only
- CVE-2021-39537.patch: Add a check for end-of-string in cvtchar to handle a
malformed string in infotocap
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-29491.patch: Mitigate vulnerability by building the packages with
modified --disable-root-environ option which now limits usage of environment
for setuid/setgid programs only
- CVE-2021-39537.patch: Add a check for end-of-string in cvtchar to handle a
malformed string in infotocap
0
tuxcare-centos7-els
ncurses-5.9-14.20130511.el7_4.tuxcare.els1.x86_64.rpm
7622bf4a9f245736aca91a251693ab3a04038b26
ncurses-base-5.9-14.20130511.el7_4.tuxcare.els1.noarch.rpm
183479f9b0b27856d48542de2e485d2435942b44
ncurses-devel-5.9-14.20130511.el7_4.tuxcare.els1.i686.rpm
9c0188412545af40b9057488f8cc5de913906ed7
ncurses-devel-5.9-14.20130511.el7_4.tuxcare.els1.x86_64.rpm
3e46936a0dabf47c1197e8aefecd3c26523967e5
ncurses-libs-5.9-14.20130511.el7_4.tuxcare.els1.i686.rpm
56a86980b54c95d8686371cfde086c73153b4bf4
ncurses-libs-5.9-14.20130511.el7_4.tuxcare.els1.x86_64.rpm
f60b9a8a2ca4fed240ec3969b90dc8d92e089583
ncurses-static-5.9-14.20130511.el7_4.tuxcare.els1.i686.rpm
307cbb68b416b647a92adab5760e11c79650951b
ncurses-static-5.9-14.20130511.el7_4.tuxcare.els1.x86_64.rpm
3dd9d204c2e8a93ff3c6d58513adcedae1749898
ncurses-term-5.9-14.20130511.el7_4.tuxcare.els1.noarch.rpm
96e7a53040dcb3ee7648cd34a0d9f8233789f960
CLSA-2024:1711476689
e2fsprogs: Fix of CVE-2022-1304
TuxCare License Agreement
0
- CVE-2022-1304.patch: libext2fs: add sanity check to extent manipulation
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-1304.patch: libext2fs: add sanity check to extent manipulation
0
tuxcare-centos7-els
e2fsprogs-1.42.9-19.el7.tuxcare.els1.x86_64.rpm
7ca90ab80651cf2ea12616f3257c3440663ba649
e2fsprogs-devel-1.42.9-19.el7.tuxcare.els1.i686.rpm
cb0622cb615d65d2da5a8eefa1b8b0040a91e851
e2fsprogs-devel-1.42.9-19.el7.tuxcare.els1.x86_64.rpm
b686dd8dc4a5d3cd0ca02420073cf9a16d3b18e9
e2fsprogs-libs-1.42.9-19.el7.tuxcare.els1.i686.rpm
7619362123ec54ec68c88b57fd22f4f71635eb1d
e2fsprogs-libs-1.42.9-19.el7.tuxcare.els1.x86_64.rpm
a64cc229a60dbb19864c99ba6e2818bc7984a43c
e2fsprogs-static-1.42.9-19.el7.tuxcare.els1.i686.rpm
b1adb576dbb0f6297344e0d6579fcb5d775b0cbb
e2fsprogs-static-1.42.9-19.el7.tuxcare.els1.x86_64.rpm
84a63b84f0fb08b25ad4191c82301089b0f7a3b0
libcom_err-1.42.9-19.el7.tuxcare.els1.i686.rpm
7a11423d2c03210fd3a116a36346a9b3062bc444
libcom_err-1.42.9-19.el7.tuxcare.els1.x86_64.rpm
e45e68f972493b18231b08c9bee9ccdb04c022eb
libcom_err-devel-1.42.9-19.el7.tuxcare.els1.i686.rpm
871a0a36a3ea4cba30081730d86883993b208699
libcom_err-devel-1.42.9-19.el7.tuxcare.els1.x86_64.rpm
f7fd917fc6d0d085ee604f117461e1ca2fb0b47d
libss-1.42.9-19.el7.tuxcare.els1.i686.rpm
07506e9368bc24af93c4b1de0b16e61002431637
libss-1.42.9-19.el7.tuxcare.els1.x86_64.rpm
9bca2ff321677ef9d8b7af31e30231f7f6d36706
libss-devel-1.42.9-19.el7.tuxcare.els1.i686.rpm
8aa8e0d231c0db85a293d654a54e62b1ecea7e3d
libss-devel-1.42.9-19.el7.tuxcare.els1.x86_64.rpm
9cf481f0b77c48f2904123fa5f226e5ee75eeee5
CLSA-2024:1711477070
gmp: Fix of CVE-2021-43618
TuxCare License Agreement
0
- CVE-2021-43618: gmp security and enhancement update
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-43618: gmp security and enhancement update
0
tuxcare-centos7-els
gmp-6.0.0-15.el7.tuxcare.els1.i686.rpm
c7cabf95bad64a74ec37ebea2955038355eda69d
gmp-6.0.0-15.el7.tuxcare.els1.x86_64.rpm
e20a31c4c4e9e992f36d04ed20285b50af78ccfa
gmp-devel-6.0.0-15.el7.tuxcare.els1.i686.rpm
b38f3bec2d79eb18d720c7b0e0dcea30820c9f12
gmp-devel-6.0.0-15.el7.tuxcare.els1.x86_64.rpm
9c86c1d2eb72c38e6690fd19f52974160ff9f5e1
gmp-static-6.0.0-15.el7.tuxcare.els1.i686.rpm
aa3e2e0be2d906e0cb489f226d619f6618267f3d
gmp-static-6.0.0-15.el7.tuxcare.els1.x86_64.rpm
60a5ff787fa75c1473000aa1e383602cf02c142a
CLSA-2024:1711491407
python: Fix of CVE-2023-27043
TuxCare License Agreement
0
- CVE-2023-27043: reject malformed addresses in email.parseaddr()
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-27043: reject malformed addresses in email.parseaddr()
0
tuxcare-centos7-els
python-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm
9a57d86a5ec37fde5878c459e5a78a51f16d4679
python-debug-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm
0cc2b5dc59c694887df1efd92e83c573b0e3b4fe
python-devel-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm
f949b122a3ff8d11d99ca71a0883fb6b14bfdc74
python-libs-2.7.5-94.el7_9.tuxcare.els2.i686.rpm
a9b7e0b8ef88fd35573315083dc019618d066382
python-libs-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm
09c96ddcd72c2d0c1c2f70086ca5e95bab3a5261
python-test-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm
9f0418bcfcd1b2551e8f813086a0d6d8db88364a
python-tools-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm
d5f8f4cc625e3c7d7ad9620fc4918e3b61af7941
tkinter-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm
17773fcc3887cada40935e5dc70ed11ee66dc7f3
CLSA-2024:1711562558
curl: Fix of 3 CVEs
TuxCare License Agreement
0
- Moved tuxcare patches from 7.29.0-59.1.tuxcare.els2
- CVE-2023-38546: cookie: remove unnecessary struct fields
- CVE-2022-27782: check additional TLS or SSH connection parameters that should
have prohibited connection reuse
- CVE-2023-27534: fix SFTP path '~' resolving discrepancy
- fix read off end of array for SCP home directory case
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Moved tuxcare patches from 7.29.0-59.1.tuxcare.els2
- CVE-2023-38546: cookie: remove unnecessary struct fields
- CVE-2022-27782: check additional TLS or SSH connection parameters that should
have prohibited connection reuse
- CVE-2023-27534: fix SFTP path '~' resolving discrepancy
- fix read off end of array for SCP home directory case
0
tuxcare-centos7-els
curl-7.29.0-59.el7_9.2.tuxcare.els1.x86_64.rpm
41eec66a63677954a764a4d274c2066d5d2756e5
libcurl-7.29.0-59.el7_9.2.tuxcare.els1.i686.rpm
7774267dd1dd8c29434016350a37450e67863ab6
libcurl-7.29.0-59.el7_9.2.tuxcare.els1.x86_64.rpm
c3c2525f2cd0a9b884bfdf4890982918e7ce1d3b
libcurl-devel-7.29.0-59.el7_9.2.tuxcare.els1.i686.rpm
1723e81d78c94128adde4431980cacb86778349b
libcurl-devel-7.29.0-59.el7_9.2.tuxcare.els1.x86_64.rpm
70acfc58e39dd74948fd376cd9889f6a366069c7
CLSA-2024:1711562715
systemd: Fix of CVE-2023-26604
TuxCare License Agreement
0
- Moved tuxcare patches from 219-78.7.tuxcare.els1
- CVE-2023-26604: use only less as a pager and restrict its functionality
(e.g stop running external shell) unless environment variable
SYSTEMD_PAGERSECURE is defined
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Moved tuxcare patches from 219-78.7.tuxcare.els1
- CVE-2023-26604: use only less as a pager and restrict its functionality
(e.g stop running external shell) unless environment variable
SYSTEMD_PAGERSECURE is defined
0
tuxcare-centos7-els
libgudev1-219-78.el7_9.9.tuxcare.els1.i686.rpm
600ffbbc531d9525d5e6d75c82becd8cccc7624e
libgudev1-219-78.el7_9.9.tuxcare.els1.x86_64.rpm
443d73f6b44a0dc735e9e80891901ac88bbc6825
libgudev1-devel-219-78.el7_9.9.tuxcare.els1.i686.rpm
6c3f5ed36773f2c9bcacfa9efb496d42b5cf29d9
libgudev1-devel-219-78.el7_9.9.tuxcare.els1.x86_64.rpm
9fbd2eaed3fa1e2d3b85f071d8613c08851dee39
systemd-219-78.el7_9.9.tuxcare.els1.x86_64.rpm
97fc576af15f53a2f5b80576af0e90d2dc5e43da
systemd-devel-219-78.el7_9.9.tuxcare.els1.i686.rpm
33f697690762a0dffb5242db914d4b4e91917483
systemd-devel-219-78.el7_9.9.tuxcare.els1.x86_64.rpm
3a19be1a47e9471e4d22e06725368164b4f4f974
systemd-journal-gateway-219-78.el7_9.9.tuxcare.els1.x86_64.rpm
8125c44e813d3eda60e2aa7516ba6d8298484eab
systemd-libs-219-78.el7_9.9.tuxcare.els1.i686.rpm
c72e387afd05160e0bc5e0d75d7ddc2eabcb131e
systemd-libs-219-78.el7_9.9.tuxcare.els1.x86_64.rpm
9aaafca186a923a4a71a88ff84153f8e200616ea
systemd-networkd-219-78.el7_9.9.tuxcare.els1.x86_64.rpm
b5e05ef9e532d7367b42d9faab2c8f2802f4da2e
systemd-python-219-78.el7_9.9.tuxcare.els1.x86_64.rpm
a487989e9e3112d3390e9f22637f230e88691ebe
systemd-resolved-219-78.el7_9.9.tuxcare.els1.i686.rpm
c66136c8fb847c9450d65f836517efd52262c1c3
systemd-resolved-219-78.el7_9.9.tuxcare.els1.x86_64.rpm
8b068f8040965dc83c1d96ab57620301d696e83f
systemd-sysv-219-78.el7_9.9.tuxcare.els1.x86_64.rpm
782dd94fdf296da689b84ae79650205cb5031f1e
CLSA-2024:1711563079
Update of zlib
TuxCare License Agreement
0
- Rebuild with dist .el7_9
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Rebuild with dist .el7_9
0
tuxcare-centos7-els
minizip-1.2.7-21.el7_9.tuxcare.els1.i686.rpm
eaa78a1be0791d41b7dd18991a96e92b0db7e8ec
minizip-1.2.7-21.el7_9.tuxcare.els1.x86_64.rpm
390f396704e82eed411fe0dc52bc449c6710bed6
minizip-devel-1.2.7-21.el7_9.tuxcare.els1.i686.rpm
e70ffd395a667025e25c576dbee6292bf74a883f
minizip-devel-1.2.7-21.el7_9.tuxcare.els1.x86_64.rpm
90e927279e7350bf765b9a073fa1c048fff0fa7c
zlib-1.2.7-21.el7_9.tuxcare.els1.i686.rpm
8eb5031cdc17ac4ecc82648f10709d3dbb655d62
zlib-1.2.7-21.el7_9.tuxcare.els1.x86_64.rpm
8421c6c66e2ff45ad09c042bcc5a514077278842
zlib-devel-1.2.7-21.el7_9.tuxcare.els1.i686.rpm
5744a3425cfe49caa4e3beea9f0acb00a8141607
zlib-devel-1.2.7-21.el7_9.tuxcare.els1.x86_64.rpm
7be39e7d983d70dc550a1d5efa838f267277f232
zlib-static-1.2.7-21.el7_9.tuxcare.els1.i686.rpm
f21e58039680ac4be0c8aec5c7ed013ba0075a86
zlib-static-1.2.7-21.el7_9.tuxcare.els1.x86_64.rpm
bcff118c50f887a393a600dda456325bb2e4d13c
CLSA-2024:1712176685
gawk: Fix of CVE-2023-4156
TuxCare License Agreement
0
- Fix CVE-2023-4156: builtin.c (format_tree): When collecting positional field
widths or precisions, check for wrap around to negative values.
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Fix CVE-2023-4156: builtin.c (format_tree): When collecting positional field
widths or precisions, check for wrap around to negative values.
0
tuxcare-centos7-els
gawk-4.0.2-4.el7_3.1.tuxcare.els1.x86_64.rpm
797101704b7700a679ee05dc3ead40a8a8738dd8
CLSA-2024:1712176929
Update of libxslt
TuxCare License Agreement
0
- Fix use-after-free in xsltApplyTemplates
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Fix use-after-free in xsltApplyTemplates
0
tuxcare-centos7-els
libxslt-1.1.28-6.el7.tuxcare.els1.i686.rpm
795ec0871478b6ea66933e27d0a75f7c87fe1e46
libxslt-1.1.28-6.el7.tuxcare.els1.x86_64.rpm
dd82d50ac0f2fcf5adad46492d33fdfb27ffcbe5
libxslt-devel-1.1.28-6.el7.tuxcare.els1.i686.rpm
23f0e55a508f05b336325f69c8cdfc524a87ae71
libxslt-devel-1.1.28-6.el7.tuxcare.els1.x86_64.rpm
0cb54d5259dd02bdad58f5127307a14cc00321fe
libxslt-python-1.1.28-6.el7.tuxcare.els1.x86_64.rpm
6c442a5cf3c7f3ec167c1a982e4b7722625e7248
CLSA-2024:1712672449
Update of cpio
TuxCare License Agreement
0
- Fix integer overflow in dstring.c ds_fgetstr that triggers
an out-of-bounds heap write
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Fix integer overflow in dstring.c ds_fgetstr that triggers
an out-of-bounds heap write
0
tuxcare-centos7-els
cpio-2.11-28.el7.tuxcare.els1.x86_64.rpm
020be05b53b3af73aa9530637778f00234a346fa
CLSA-2024:1712672592
git: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2021-40330: forbid newlines in host and path in git_connect()
- CVE-2022-39260: shell - limit size of interactive commands
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-40330: forbid newlines in host and path in git_connect()
- CVE-2022-39260: shell - limit size of interactive commands
0
tuxcare-centos7-els
emacs-git-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
0763c89032e34f99efdce908ac24dc774a74daa7
emacs-git-el-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
2dbaea78f7d15ee16a8720e0e802694daacc2ba4
git-1.8.3.1-25.el7_9.tuxcare.els1.x86_64.rpm
e44d20821999b2bd125d17554b490e862542da1e
git-all-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
669b99789cdb6b6c23f5b8197dade1e15a3fd87e
git-bzr-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
130ddf01d0817f8443a73f12bd6de48829affa1d
git-cvs-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
b95758c854b7d104fd01c3a9978c89fa891603a1
git-daemon-1.8.3.1-25.el7_9.tuxcare.els1.x86_64.rpm
0e9c58b70cd3a0792a99d418c3d475643ad21c8d
git-email-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
45ab0487d627d17303c750055afe173524c62ca5
git-gnome-keyring-1.8.3.1-25.el7_9.tuxcare.els1.x86_64.rpm
b854bab94f8a69a52b8fe7b9bb2d995217cdcd3c
git-gui-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
e50d89fb6fb6c14430264d50dd8c30f7dd8843b5
git-hg-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
96dbb7bdd17adc5c6cc3294c3aef6c0c48a95da7
git-instaweb-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
cecff059eaf6f3800b32f73c9fdd8718752b9c8c
git-p4-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
95082121668c5afa71003f6351039bbf1acb7ce2
git-svn-1.8.3.1-25.el7_9.tuxcare.els1.x86_64.rpm
fa31144300189fe35db08ff45cb242b3302c9359
gitk-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
9346c3b747ab83261457f9f7cb3a84ae304a1e76
gitweb-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
6cc3330291da83c7b72d93cbdad5ba7323b3c14d
perl-Git-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
11f5c9a03fbc34cb5321ec136daf8913e02d4da8
perl-Git-SVN-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm
53062d06a336280300977c31d0fe72671a9f9caf
CLSA-2024:1712837808
postgresql: Fix of CVE-2021-23214
TuxCare License Agreement
0
- CVE-2021-23214: Reject extraneous data after SSL or GSS encryption handshake
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-23214: Reject extraneous data after SSL or GSS encryption handshake
0
tuxcare-centos7-els
postgresql-9.2.24-9.el7_9.tuxcare.els1.i686.rpm
a6b1cd3f538346f4fea68aea350c14f4a2dadf6a
postgresql-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm
d56882e00cb0ecd1f213f3f7007c1bc4323312ae
postgresql-contrib-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm
bf22f1e52cb2a8aaacc1bb887e6758a5c73e0f56
postgresql-devel-9.2.24-9.el7_9.tuxcare.els1.i686.rpm
36fda0db50c7d743034f9685aa36c69ef26e96ac
postgresql-devel-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm
2bb7a53367d6290520ca77b3b54059b96d73e54b
postgresql-docs-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm
bddb74800410ea4c06bc7b5b30fde00b43fcc11f
postgresql-libs-9.2.24-9.el7_9.tuxcare.els1.i686.rpm
a3d9b40edfbdbd64aa74fbe3ecac3db996f431b4
postgresql-libs-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm
e5af55ea2903778f50d721d93c70f5ee9c7f3560
postgresql-plperl-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm
61337e67a8738fafa0004325aed6f301c7ae732d
postgresql-plpython-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm
dc364b71d69ef21c93aa0d3e47145a205ecbcebf
postgresql-pltcl-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm
6d852b9ff60abb95a8b77b59a1ff787a7cae0c4d
postgresql-server-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm
1fcce3936a27279acc29c3c4269aaf87896cabe5
postgresql-static-9.2.24-9.el7_9.tuxcare.els1.i686.rpm
e2e4e378702a057da09de185da073f742d3a16c3
postgresql-static-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm
360345bdff1478b1bdf702559d2db6d1a02dc2ce
postgresql-test-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm
968753e1c0f53c5e2b835c7583e92c3850a72da2
postgresql-upgrade-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm
44d819a1f3031a0342654b8f13a51c70d1a688f7
CLSA-2024:1712837970
Update of microcode_ctl
TuxCare License Agreement
0
- Moved tuxcare patches from 2:2.1-73.16.tuxcare.els1
- gen_update2.py was updated to output strings having restricted length
- Update Intel CPU microcode to microcode-20231114 release (it's the same
as microcode-20231009)
- Update vendor patches
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Moved tuxcare patches from 2:2.1-73.16.tuxcare.els1
- gen_update2.py was updated to output strings having restricted length
- Update Intel CPU microcode to microcode-20231114 release (it's the same
as microcode-20231009)
- Update vendor patches
0
tuxcare-centos7-els
microcode_ctl-2.1-73.20.el7_9.tuxcare.els1.x86_64.rpm
2968ff12bf5463499feffba75cc00765fcb19137
CLSA-2024:1713346166
ImageMagick: Fix of 6 CVEs
TuxCare License Agreement
0
- Fix CVE-2022-32546 integer overflow at at coders/pcl.c.
- Fix CVE-2022-32545 outside the range of representable values at coders/psd.c.
- Fix CVE-2022-32547 misaligned address at MagickCore/property.c.
- Fix CVE-2021-20312 integer overflow in WriteTHUMBNAILImage of
coders/thumbnail.c
- Fix CVE-2021-20313 cipher leak when the calculate signatures in
TransformSignature
- Fix CVE-2021-20309 division by zero in WaveImage() of
MagickCore/visual-effects.c
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Fix CVE-2022-32546 integer overflow at at coders/pcl.c.
- Fix CVE-2022-32545 outside the range of representable values at coders/psd.c.
- Fix CVE-2022-32547 misaligned address at MagickCore/property.c.
- Fix CVE-2021-20312 integer overflow in WriteTHUMBNAILImage of
coders/thumbnail.c
- Fix CVE-2021-20313 cipher leak when the calculate signatures in
TransformSignature
- Fix CVE-2021-20309 division by zero in WaveImage() of
MagickCore/visual-effects.c
0
tuxcare-centos7-els
ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.i686.rpm
5fe3b81a5a7ee28d8472964012617a58dbee8bf0
ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.x86_64.rpm
9235765fa65752abf92bdbf3392a78dc971991ba
ImageMagick-c++-6.9.10.68-7.el7_9.tuxcare.els1.i686.rpm
96fcda33d48f4e19e5efd90edd38b2f544554d75
ImageMagick-c++-6.9.10.68-7.el7_9.tuxcare.els1.x86_64.rpm
e5c1b098d6895794e3e515c771429d88a5b3e5a0
ImageMagick-c++-devel-6.9.10.68-7.el7_9.tuxcare.els1.i686.rpm
2c0ea801fe3c20eef3444ec6d24077c693d2247a
ImageMagick-c++-devel-6.9.10.68-7.el7_9.tuxcare.els1.x86_64.rpm
991055e162ec215c750391ded96091afbbd5abc1
ImageMagick-devel-6.9.10.68-7.el7_9.tuxcare.els1.i686.rpm
dd64086e72c9db91c2cdf0027252e1ec41a19b69
ImageMagick-devel-6.9.10.68-7.el7_9.tuxcare.els1.x86_64.rpm
37edd04e2d33299e0bd518508e1fdd67d8e37cd1
ImageMagick-doc-6.9.10.68-7.el7_9.tuxcare.els1.x86_64.rpm
550f342a9eb1515cc21d8ccfcdc78c928555f9b6
ImageMagick-perl-6.9.10.68-7.el7_9.tuxcare.els1.x86_64.rpm
9cc158239b154aeff9b4cf14fc1759d91353b419
CLSA-2024:1713370315
sudo: Fix of CVE-2023-42465
TuxCare License Agreement
0
- CVE-2023-42465: Make sudo less vulnerable to ROWHAMMER attacks
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-42465: Make sudo less vulnerable to ROWHAMMER attacks
0
tuxcare-centos7-els
sudo-1.8.23-10.el7_9.3.tuxcare.els2.x86_64.rpm
8b3e85faf7348cfa36a834edcab6283bf7e7c9ec
sudo-devel-1.8.23-10.el7_9.3.tuxcare.els2.i686.rpm
a8d99655786b25d792adb15dc1f8e4eb43f6de26
sudo-devel-1.8.23-10.el7_9.3.tuxcare.els2.x86_64.rpm
e4f75670e7026f60c5151d099e338aef2ad3d57a
CLSA-2024:1714065925
less: Fix of CVE-2022-48624
TuxCare License Agreement
0
- Fix CVE-2022-48624: filename.c (close_altfile): before 606 omits shell_quote
calls for LESSCLOSE.
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Fix CVE-2022-48624: filename.c (close_altfile): before 606 omits shell_quote
calls for LESSCLOSE.
0
tuxcare-centos7-els
less-458-9.el7.tuxcare.els1.x86_64.rpm
4fbff308afca970560968b956a02cf0bd2d8a335
CLSA-2024:1714728645
git: Fix of CVE-2023-23946
TuxCare License Agreement
0
- CVE-2023-23946: apply - fix writing behind newly created symbolic links
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-23946: apply - fix writing behind newly created symbolic links
0
tuxcare-centos7-els
emacs-git-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
699cf41ee5ed67b61ee68d1a3c9068f6a6da6d48
emacs-git-el-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
e0170f3cd1bd4ab2219e5d3a093f44b3c958a521
git-1.8.3.1-25.el7_9.tuxcare.els2.x86_64.rpm
b3385033c7fd58d4907204536a10d441e1342b73
git-all-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
76831172dc99f3433b39d526928006436949adf2
git-bzr-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
4217a7f70c79dce080984b9e2df09f7267976288
git-cvs-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
041c2178ff70ef65ee3348c7a029d0629cddc679
git-daemon-1.8.3.1-25.el7_9.tuxcare.els2.x86_64.rpm
bc63824a57c53ac281c822a9e5e16cdffaddbe20
git-email-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
a65fab1ce7a93c7258312b7c8c3e8fc07c7853a8
git-gnome-keyring-1.8.3.1-25.el7_9.tuxcare.els2.x86_64.rpm
b5d07f8df2825c5d7292454168101cbe202aef5c
git-gui-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
83b0c8a1150951a9a568deaf4cda67df1fa26409
git-hg-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
a0b16ba7a555c126b69588ca53249b9f9170eb15
git-instaweb-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
959e2a527d8927c47620486d9e945679c828c91f
git-p4-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
b8ef854bbdb29161d5a1dda68965c179b6101367
git-svn-1.8.3.1-25.el7_9.tuxcare.els2.x86_64.rpm
3129a0da7305ed9ee70132163cc1c927ac0da125
gitk-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
76dc3c8613b63df77c50cb4209147b9f66836009
gitweb-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
5e365c81cabb54e23af1ae59b41662b505506647
perl-Git-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
73be34895c406d197c73cc1e25e97abae6822fcb
perl-Git-SVN-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm
d9084186acbe1bdbb9d37b2e4056a035ade8dad2
CLSA-2024:1715280815
nginx: Fix of CVE-2023-44487
TuxCare License Agreement
0
- CVE-2023-44487: HTTP/2: per-iteration stream handling limit
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-44487: HTTP/2: per-iteration stream handling limit
0
tuxcare-centos7-els
nginx-1.20.1-10.el7.tuxcare.els1.x86_64.rpm
f42bb4e3e477d8b9ede1ad34f100a0ba4bcf00d5
nginx-all-modules-1.20.1-10.el7.tuxcare.els1.noarch.rpm
926e9f1faa14ac0ec8c05e2aab693bf42707b1d1
nginx-filesystem-1.20.1-10.el7.tuxcare.els1.noarch.rpm
4a0593fc8dd4698a52848d8c8993c4bd5efa1ae9
nginx-mod-devel-1.20.1-10.el7.tuxcare.els1.x86_64.rpm
43dc00dc9376b8ce207ab6907c594b4ef42cd7e6
nginx-mod-http-image-filter-1.20.1-10.el7.tuxcare.els1.x86_64.rpm
0c4a5fd6ce2f4aa97329e755140a1e77eb23b21e
nginx-mod-http-perl-1.20.1-10.el7.tuxcare.els1.x86_64.rpm
91d5447d418b2067e5945749a8c4db42a3b2f8d1
nginx-mod-http-xslt-filter-1.20.1-10.el7.tuxcare.els1.x86_64.rpm
8034ea1c40309b87305212e4398a5fd3f7f34e3e
nginx-mod-mail-1.20.1-10.el7.tuxcare.els1.x86_64.rpm
ada6be64de13a5ddbab5815327cb4b896c2bc953
nginx-mod-stream-1.20.1-10.el7.tuxcare.els1.x86_64.rpm
ae67ce5506124f82cb0ecf8dfd5148a4774c9bef
CLSA-2024:1715672666
less: Fix of CVE-2024-32487
TuxCare License Agreement
0
- CVE-2024-32487: filename.c: quoting mishandling.
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-32487: filename.c: quoting mishandling.
0
tuxcare-centos7-els
less-458-9.el7.tuxcare.els2.x86_64.rpm
b6280046e0ec97a5bf14e0b7c6d2a18a4b939d11
CLSA-2024:1716272110
ncurses: Fix of CVE-2023-50495
TuxCare License Agreement
0
- CVE-2023-50495: check return value of _nc_save_str() (from upstream patch 20230424),
add validity checks in _nc_parse_entry() (from upstream patch 20170826)
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-50495: check return value of _nc_save_str() (from upstream patch 20230424),
add validity checks in _nc_parse_entry() (from upstream patch 20170826)
0
tuxcare-centos7-els
ncurses-5.9-14.20130511.el7_4.tuxcare.els2.x86_64.rpm
62da4d76d3d0255f30a781e37211e347a3a6fe83
ncurses-base-5.9-14.20130511.el7_4.tuxcare.els2.noarch.rpm
f12427206b4b266c4803cccf782b94708484bafa
ncurses-devel-5.9-14.20130511.el7_4.tuxcare.els2.i686.rpm
047bf5e1b38b1d905c66332c1ccc8d73575181ed
ncurses-devel-5.9-14.20130511.el7_4.tuxcare.els2.x86_64.rpm
311398d91ca74bd0125c65954109859eda5f369b
ncurses-libs-5.9-14.20130511.el7_4.tuxcare.els2.i686.rpm
0274920e98a1a5a8d60f4cf6ce96ff6b49088fd6
ncurses-libs-5.9-14.20130511.el7_4.tuxcare.els2.x86_64.rpm
1fe84404373c7b74c08978a584387e55fa391ea0
ncurses-static-5.9-14.20130511.el7_4.tuxcare.els2.i686.rpm
70894de7987dc6f625bd26300d5a1ebcfec962a6
ncurses-static-5.9-14.20130511.el7_4.tuxcare.els2.x86_64.rpm
031d03f88166dce885c2e342085aa3402ee1b162
ncurses-term-5.9-14.20130511.el7_4.tuxcare.els2.noarch.rpm
48b0125355b2d8c5d69a3c8345c3295e908bf0b9
CLSA-2024:1716915845
java-1.8.0-openjdk: Fix of 4 CVEs
TuxCare License Agreement
0
- Upgrade to shenandoah-jdk8u412-b08. That fixes the following CVEs:
- CVE-2024-21011: Denial of service due to long Exception message logging
- CVE-2024-21085: Pack200 excessive memory allocation
- CVE-2024-21068: Integer overflow in C1 compiler address generation
- CVE-2024-21094: Unauthorized data modification due to C2 compilation failure
with "Exceeded _node_regs array"
Low
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to shenandoah-jdk8u412-b08. That fixes the following CVEs:
- CVE-2024-21011: Denial of service due to long Exception message logging
- CVE-2024-21085: Pack200 excessive memory allocation
- CVE-2024-21068: Integer overflow in C1 compiler address generation
- CVE-2024-21094: Unauthorized data modification due to C2 compilation failure
with "Exceeded _node_regs array"
0
tuxcare-centos7-els
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm
01a40997ec803cfed5078c069caca1fd77846743
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm
cf2c83051d60bc8c3f2cbfcb67e050b61760b5e1
java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm
db2a5bd41f466e869352702d82136cc6c0f01942
java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm
809bf03efacc328ca2b8e4ad1ffb8f56add94ef9
java-1.8.0-openjdk-accessibility-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm
32d81a0bc78d8348d2880d0acbd8eadc0ae2b2e4
java-1.8.0-openjdk-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm
f78ef6b81dab8db24285cacd79f402f7dd87e626
java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm
149c1c6df547d3382a91f64c98be1945f9d80c4a
java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm
55964626aa0983cccf5d5543b739b5cf9030b313
java-1.8.0-openjdk-demo-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm
60583830f47e97e8c33c9b52d4861b604edf8911
java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm
7d650ab1a51509ef202b3057931ef188c17c841f
java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm
fba589c98ea9254c46440da41809d3d773ebcd4f
java-1.8.0-openjdk-devel-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm
7686958c6aa79ec46c85927c85f033804a2f7d72
java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm
b84547052b5e4e6ab79f5ec1eae4c09b02709ae8
java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm
82a40eea13104ddefa1e28d56eb42967ade10908
java-1.8.0-openjdk-headless-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm
38f6de46e7b423a7f6aab2868976ec67c69098dc
java-1.8.0-openjdk-javadoc-1.8.0.412.b08-1.el7_9.tuxcare.els1.noarch.rpm
f8642a3515383df2590594e025dc7fed2ab130a9
java-1.8.0-openjdk-javadoc-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.noarch.rpm
035dbfca6805e4c942920f7e36b5edf0788c5ccd
java-1.8.0-openjdk-javadoc-zip-1.8.0.412.b08-1.el7_9.tuxcare.els1.noarch.rpm
24bf700f119a22e53e3fab1f30584a98cf6ec6b7
java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.noarch.rpm
3df0ba4587197f4e4e705eba95c93e4fcd233c65
java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm
6ad45bb2926765910190b23f969448a7744f8e91
java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm
4d91a7a4820ff295662f318fb4043b83d24a3e40
java-1.8.0-openjdk-src-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm
dfe1ea054b53af7a05fea127fdf61a43935b69b4
CLSA-2024:1716916085
tomcat: Fix of CVE-2021-25329
TuxCare License Agreement
0
- CVE-2021-25329: use consistent approach for sub-directory checking
- Fix javadoc build
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-25329: use consistent approach for sub-directory checking
- Fix javadoc build
0
tuxcare-centos7-els
tomcat-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm
3078c616f8d0ede897376d2a378ecebc45e20401
tomcat-admin-webapps-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm
4bf0e3cab6883186ddbb6fef3586ac3a3f0753e8
tomcat-docs-webapp-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm
04edc3114db44469b410d22b77d05cb3f3bdae2c
tomcat-el-2.2-api-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm
9f6afc7a11e61385051ba5de1cb98f3a9457ffb0
tomcat-javadoc-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm
c1227d16084cc3f1363dde6ddd1af46850d07187
tomcat-jsp-2.2-api-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm
816af47712dc4137b377a3c4ea96d1d5e92544fd
tomcat-jsvc-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm
9756f68eb34382a2b7748cbcd0ac07c906f3e582
tomcat-lib-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm
6b153b839b3a59cf2cb018329c91f0d7e47151ba
tomcat-servlet-3.0-api-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm
06efec8109227d7d24a57b345ab6266a0e0db066
tomcat-webapps-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm
f5a2bf76bb6a21eab653fa409d024b1fd4b91a49
CLSA-2024:1716917767
unzip: Fix of CVE-2022-0530
TuxCare License Agreement
0
- CVE-2022-0530: possible flaw occurance during the conversion of a wide string to a local string
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-0530: possible flaw occurance during the conversion of a wide string to a local string
0
tuxcare-centos7-els
unzip-6.0-24.el7_9.tuxcare.els1.x86_64.rpm
1c09d3953d00a66e6c5246d4db4c6056f77af220
CLSA-2024:1717139314
bind: Fix of 2 CVEs
TuxCare License Agreement
0
- Moved tuxcare patches from 32:9.11.4-26.P2.14
- CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed
zone responses
- CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Moved tuxcare patches from 32:9.11.4-26.P2.14
- CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed
zone responses
- CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3
0
tuxcare-centos7-els
bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
e5f1b69cc89c32ca54094de0c27f3143b1f50905
bind-chroot-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
7e06fd45f46711feb7eb878ecb131c28cfdd69cd
bind-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm
b557fb6186f808831e0ee2b4564c56613c952289
bind-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
396c413043586924d4397fb249d5fae341515721
bind-export-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm
cbdb68c4afa94cc1fa41d1f59c632892808a30c7
bind-export-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
dad8067eb8535c67b50819782ccd4629b789a66b
bind-export-libs-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm
50d0f630fc403f45889da1b193f2e81a84bf7cca
bind-export-libs-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
01a4a51901b54553d8822a4b01933b3f40f55be6
bind-libs-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm
7269e90f38a4715abfba4b061f1f5e59b1d58bc2
bind-libs-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
5e70cc46ecb7383e5daa67b3733ed195fce84fb4
bind-libs-lite-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm
d89873efc6024da5e11035c3cb9ab2b3390fcaed
bind-libs-lite-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
6949bb222e965424111b0e16f2ae8c4028596069
bind-license-9.11.4-26.P2.el7_9.15.tuxcare.els1.noarch.rpm
e0136c765163f7c21fcbb12274d32eb58ae4cef0
bind-lite-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm
bd933c8c41d686ed592974a79a4bdc12b055a5a4
bind-lite-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
63d2ea0cb2ad8b584677bd198a6b4047af5f934c
bind-pkcs11-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
1bae7ebd15d1c2ad9afd7329e117e28ca036e400
bind-pkcs11-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm
b8e08c0a555bbe9db9a0923bb8d290ec8fa92d15
bind-pkcs11-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
b4cef18705fefbc0c9657c5b375e59a61d5dd839
bind-pkcs11-libs-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm
f4fcfdad2c3b865e49f3699cfc98569c1b9f8944
bind-pkcs11-libs-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
a307fa4b38250aca01434cd99425dba2d1bd3abc
bind-pkcs11-utils-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
1dea6f31bea11f97a41ced8d7e3a9246da86ff9e
bind-sdb-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
bb8ec89fff6dd321281c5ff6d33cd6eb4eb5e828
bind-sdb-chroot-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
a52be827e2c005104e4fb423c41e0eac9afa2a2b
bind-utils-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm
bb69275e2bce1b62d4639674037cb77a01b0c0ac
CLSA-2024:1719925589
openssl: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2022-1292: c_rehash: Do not use shell to invoke openssl to prevent
command injection
- CVE-2022-2068: c_rehash: Fix file operations to prevent command injection
- Update expired smime certificates
- Add testing using old certificates (sha1) to have both types of
certificates (sha1, sha256) checked with S/MIME
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-1292: c_rehash: Do not use shell to invoke openssl to prevent
command injection
- CVE-2022-2068: c_rehash: Fix file operations to prevent command injection
- Update expired smime certificates
- Add testing using old certificates (sha1) to have both types of
certificates (sha1, sha256) checked with S/MIME
0
tuxcare-centos7-els
openssl-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm
7f66d4f4646a48cf26af75a49ba76037d780455e
openssl-devel-1.0.2k-26.el7_9.tuxcare.els1.i686.rpm
cc9802a636d98781be9c6f33f884e5a749fbf548
openssl-devel-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm
6c67a5c9104601eddfa402c055accc5d516c5523
openssl-libs-1.0.2k-26.el7_9.tuxcare.els1.i686.rpm
24a4bf025c9bb221679863f1a7c663f2d2c9fe3a
openssl-libs-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm
459882a1f8f407d3f97b4de31e623831b6a2bf3f
openssl-perl-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm
9040a5628791e15bb864207a25650ad6adaee0ad
openssl-static-1.0.2k-26.el7_9.tuxcare.els1.i686.rpm
3bb08bb608d35424f6d7c114f99dac942d358096
openssl-static-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm
4f5ec557e5c7c5fcada89869de9f5fab20040b94
CLSA-2024:1720026957
openssl: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-0215: bio_ndef: fix a UAF resulting from a bug in BIO_new_NDEF
- CVE-2023-0464: x509v3: Limit X.509 certificate tree size to avoid exponential
use of computational resources
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-0215: bio_ndef: fix a UAF resulting from a bug in BIO_new_NDEF
- CVE-2023-0464: x509v3: Limit X.509 certificate tree size to avoid exponential
use of computational resources
0
tuxcare-centos7-els
openssl-1.0.2k-26.el7_9.tuxcare.els2.x86_64.rpm
446066cf91732dfc6821264f5b7c7e0e83f0bf89
openssl-devel-1.0.2k-26.el7_9.tuxcare.els2.i686.rpm
37956c84bf4a23b9f95d56504dedabd86c685fb8
openssl-devel-1.0.2k-26.el7_9.tuxcare.els2.x86_64.rpm
50f60ebea4c27912d1ecb766a721d8d52193e9f7
openssl-libs-1.0.2k-26.el7_9.tuxcare.els2.i686.rpm
b984173d2b139d70805899720cf45e9f1c35bf6b
openssl-libs-1.0.2k-26.el7_9.tuxcare.els2.x86_64.rpm
7500aa434d331e1539f2e31d1a105c0a07292388
openssl-perl-1.0.2k-26.el7_9.tuxcare.els2.x86_64.rpm
abfadc09975107ec2c1fa870e71c846d3cabd514
openssl-static-1.0.2k-26.el7_9.tuxcare.els2.i686.rpm
9bdd05ba32da0c717ea1a113d3cbad0c4050250c
openssl-static-1.0.2k-26.el7_9.tuxcare.els2.x86_64.rpm
792e2bc28af1c68b5963c6fe6b32b0eb0496fee6
CLSA-2024:1720027216
glibc: Fix of 4 CVEs
TuxCare License Agreement
0
- CVE-2021-3999: getcwd - Set errno to ERANGE for size == 1
- CVE-2021-35942: wordexp - handle overflow in positional parameter number
- CVE-2022-23218: Buffer overflow in sunrpc svcunix_create
- CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix"
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-3999: getcwd - Set errno to ERANGE for size == 1
- CVE-2021-35942: wordexp - handle overflow in positional parameter number
- CVE-2022-23218: Buffer overflow in sunrpc svcunix_create
- CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix"
0
tuxcare-centos7-els
glibc-2.17-326.el7_9.3.tuxcare.els1.i686.rpm
676302747e2b8ff3f37d6abc24173666aaebf386
glibc-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm
f65647df3d5736416f626a1b6b8fade0e68e601d
glibc-common-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm
8bb15a82e44598b7205875f6b963f0a9647fec45
glibc-devel-2.17-326.el7_9.3.tuxcare.els1.i686.rpm
b7dd8f4954b58fef8b10832835aa0b6ffa278808
glibc-devel-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm
a5a754fb4d00d94201c109a9555269108b93c0d0
glibc-headers-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm
3ee0b30315148a5b8fd678908237191bfe07dbd9
glibc-static-2.17-326.el7_9.3.tuxcare.els1.i686.rpm
788348c6c5665f4e9169886e4f203afd636791b9
glibc-static-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm
412cd54726adb18724780ccdd64925cc32c1e9d5
glibc-utils-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm
7a959bb00baf8bf546897172aa352fd8ffe0905c
nscd-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm
f736d7631314fe6aaee9cc59371c3fa094051693
CLSA-2024:1720178510
cups: Fix of CVE-2023-4504
TuxCare License Agreement
0
- CVE-2023-4504: scan_ps(): check for null terminator after backslash character
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-4504: scan_ps(): check for null terminator after backslash character
0
tuxcare-centos7-els
cups-1.6.3-52.el7_9.tuxcare.els1.x86_64.rpm
b44d2acb51a76227acd6ff4c230a1c6d12ff6639
cups-client-1.6.3-52.el7_9.tuxcare.els1.x86_64.rpm
a2da278b5009d51eeaaa2f344aef3863caff1678
cups-devel-1.6.3-52.el7_9.tuxcare.els1.i686.rpm
c496cd15a42517a3699d7fa165aee74265a35efe
cups-devel-1.6.3-52.el7_9.tuxcare.els1.x86_64.rpm
2941c597c2d7b56dc6fd4e4b89ea490ce78658a9
cups-filesystem-1.6.3-52.el7_9.tuxcare.els1.noarch.rpm
2591b106c83c4cf3060e59c5e8cc17d3a9addfd2
cups-ipptool-1.6.3-52.el7_9.tuxcare.els1.x86_64.rpm
e8b406f32d8386ce757e01cf7d8945dde8627dde
cups-libs-1.6.3-52.el7_9.tuxcare.els1.i686.rpm
160c6b4008cf92a520a8f56070aebc432cf45ae9
cups-libs-1.6.3-52.el7_9.tuxcare.els1.x86_64.rpm
0a55bbd92f7d37012d329d27f5572ba5176be533
cups-lpd-1.6.3-52.el7_9.tuxcare.els1.x86_64.rpm
de55c456d078e8b5a666d02264a5613f7f600822
CLSA-2024:1720179161
dnsmasq: Fix of CVE-2023-28450
TuxCare License Agreement
0
- change EDNS.0 UDP packet size from 4096 to 1232
- CVE-2023-28450
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- change EDNS.0 UDP packet size from 4096 to 1232
- CVE-2023-28450
0
tuxcare-centos7-els
dnsmasq-2.76-17.el7_9.3.tuxcare.els1.x86_64.rpm
2096e319d77a415176a78c9f0e9cda11ddadfd32
dnsmasq-utils-2.76-17.el7_9.3.tuxcare.els1.x86_64.rpm
1ebad9d7e39a6cf9f2fd1fd2bd160b2cd8ac7634
CLSA-2024:1720468480
kernel: Fix of 89 CVEs
TuxCare License Agreement
0
- kvm: initialize all of the kvm_debugregs structure before sending it to userspace {CVE-2023-1513}
- wifi: mac80211: fix MBSSID parsing use-after-free {CVE-2022-42719}
- mac80211: always allocate struct ieee802_11_elems {CVE-2022-42719}
- netfilter: nf_tables: initialize registers in nft_do_chain() {CVE-2022-1016}
- xprtrdma: fix incorrect header size calculations {CVE-2022-0812}
- net: usb: fix memory leak in smsc75xx_bind {CVE-2021-47171}
- i2c: i801: Don't generate an interrupt on bus reset {CVE-2021-47153}
- pid: take a reference when initializing `cad_pid` {CVE-2021-47118}
- Input: appletouch - initialize work before device registration {CVE-2021-46932}
- HID: usbhid: fix info leak in hid_submit_ctrl {CVE-2021-46906}
- quota: check block number when reading the block in quota file {CVE-2021-45868}
- mwifiex: Fix skb_over_panic in mwifiex_usb_recv() {CVE-2021-43976}
- atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait {CVE-2021-43975}
- isdn: cpai: check ctr->cnr to avoid array index out of bound {CVE-2021-43389}
- usb: hso: fix error handling code of hso_create_net_device {CVE-2021-37159}
- can: bcm: fix infoleak in struct bcm_msg_head {CVE-2021-34693}
- dm ioctl: fix out of bounds array access when no devices {CVE-2021-31916}
- KVM: x86: hyper-v: Fix Hyper-V context null-ptr-deref {CVE-2021-30178}
- perf/x86/intel: Fix a crash caused by zero PEBS status {CVE-2021-28971}
- btrfs: fix race when cloning extent buffer during rewind of an old root {CVE-2021-28964}
- ovl: fix missing negative dentry check in ovl_rename() {CVE-2021-20321}
- drm/ttm/nouveau: don't call tt destroy callback on alloc failure. {CVE-2021-20292}
- bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() {CVE-2021-4159}
- btrfs: unlock newly allocated extent buffer after error {CVE-2021-4149}
- tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. {CVE-2021-3679}
- net: mac802154: Fix general protection fault {CVE-2021-3659}
- nfsd4: readdirplus shouldn't return parent of export {CVE-2021-3178}
- Bluetooth: SMP: Fail if remote and local public keys are identical {CVE-2021-0129}
- drm/nouveau: clean up all clients on device removal {CVE-2020-27820}
- drm/nouveau: Add a dedicated mutex for the clients list {CVE-2020-27820}
- drm/nouveau: use drm_dev_unplug() during device removal {CVE-2020-27820}
- Bluetooth: SMP: Fail if remote and local public keys are identical {CVE-2020-26555}
- vsock: Fix memory leak in vsock_connect() {CVE-2022-3629}
- RDMA/core: Don't infoleak GRH fields {CVE-2021-3923}
- xen/netfront: force data bouncing when backend is untrusted {CVE-2022-33741}
- net: Rename and export copy_skb_header
- floppy: use a statically allocated error counter {CVE-2022-1652}
- fuse: fix pipe buffer lifetime for direct_io {CVE-2022-1011}
- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts {CVE-2024-26898}
- smb: client: fix use-after-free bug in cifs_debug_data_proc_show() {CVE-2023-52752}
- media: pvrusb2: fix use after free on context disconnection {CVE-2023-52445}
- media: dm1105: Fix use after free bug in dm1105_remove due to race condition {CVE-2023-35824}
- perf: Fix perf_event_validate_size() lockdep splat {CVE-2023-6931}
- perf: Fix perf_event_validate_size() {CVE-2023-6931}
- net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623}
- relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268}
- xfs: verify buffer contents when we skip log replay {CVE-2023-2124}
- Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition {CVE-2023-1989}
- Fix double fget() in vhost_net_set_backend() {CVE-2023-1838}
- net/sched: cls_tcindex: downgrade to imperfect hash {CVE-2023-1829}
- xen/netfront: fix leaking data in shared pages {CVE-2022-33740}
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path {CVE-2022-28390}
- xen/blkfront: fix leaking data in shared pages {CVE-2022-26365}
- mISDN: fix use-after-free bugs in l1oip timer handlers {CVE-2022-3565}
- drm/vgem: Close use-after-free race in vgem_gem_create {CVE-2022-1419}
- cfg80211: call cfg80211_stop_ap when switch from P2P_GO type {CVE-2021-47194}
- net: fix use-after-free in tw_timer_handler {CVE-2021-46936}
- ext4: fix race writing to an inline_data file while its xattrs are changing {CVE-2021-40490}
- virtio_console: Assure used length from device is limited {CVE-2021-38160}
- pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() {CVE-2021-4157}
- Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() {CVE-2021-3640}
- Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl {CVE-2021-3612}
- Input: joydev - prevent potential read overflow in ioctl {CVE-2021-3612}
- can: bcm: delay release of struct bcm_op after synchronize_rcu() {CVE-2021-3609}
- vt: keyboard: avoid signed integer overflow in k_ascii {CVE-2020-13974}
- i2c: Fix a potential use after free {CVE-2019-25162}
- drivers: net: slip: fix NPD bug in sl_tx_timeout() {CVE-2022-41858}
- Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934}
- btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111}
- memstick: r592: Fix UAF bug in r592_remove due to race condition {CVE-2023-3141}
- media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() {CVE-2023-1118}
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567}
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283}
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() {CVE-2023-1380}
- tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566}
- staging: rtl8712: fix use after free bugs {CVE-2022-4095}
- ext4: fix kernel infoleak via ext4_extent_header {CVE-2022-0850}
- af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register {CVE-2022-1353}
- misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os {CVE-2022-3424}
- x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit {CVE-2022-25265}
- x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK {CVE-2022-25265}
- x86/elf: Add table to document READ_IMPLIES_EXEC {CVE-2022-25265}
- ipv6: use prandom_u32() for ID generation {CVE-2021-45485}
- bpf: Fix integer overflow in prealloc_elems_and_freelist() {CVE-2021-41864}
- ipv4: make exception cache less predictible {CVE-2021-20322}
- ipv4: use siphash instead of Jenkins in fnhe_hashfun() {CVE-2021-20322}
- net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() {CVE-2023-4387}
- netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one {CVE-2023-39197}
- ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932}
- smb: client: fix potential OOB in smb2_dump_detail() {CVE-2023-6610}
- smb: client: fix OOB in smbCalcSize() {CVE-2023-6606}
- atm: Fix Use-After-Free in do_vcc_ioctl {CVE-2023-51780}
- drm/amdgpu: Fix potential fence use-after-free v2 {CVE-2023-51042}
- sched/rt: pick_next_rt_entity(): check list_entry {CVE-2023-1077}
- ath9k: fix use-after-free in ath9k_hif_usb_rx_cb {CVE-2022-1679}
- net: prevent mss overflow in skb_segment() {CVE-2023-52435}
- drm/atomic: Fix potential use-after-free in nonblocking commits {CVE-2023-42753}
- debug: Lock down kgdb {CVE-2022-21499}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- kvm: initialize all of the kvm_debugregs structure before sending it to userspace {CVE-2023-1513}
- wifi: mac80211: fix MBSSID parsing use-after-free {CVE-2022-42719}
- mac80211: always allocate struct ieee802_11_elems {CVE-2022-42719}
- netfilter: nf_tables: initialize registers in nft_do_chain() {CVE-2022-1016}
- xprtrdma: fix incorrect header size calculations {CVE-2022-0812}
- net: usb: fix memory leak in smsc75xx_bind {CVE-2021-47171}
- i2c: i801: Don't generate an interrupt on bus reset {CVE-2021-47153}
- pid: take a reference when initializing `cad_pid` {CVE-2021-47118}
- Input: appletouch - initialize work before device registration {CVE-2021-46932}
- HID: usbhid: fix info leak in hid_submit_ctrl {CVE-2021-46906}
- quota: check block number when reading the block in quota file {CVE-2021-45868}
- mwifiex: Fix skb_over_panic in mwifiex_usb_recv() {CVE-2021-43976}
- atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait {CVE-2021-43975}
- isdn: cpai: check ctr->cnr to avoid array index out of bound {CVE-2021-43389}
- usb: hso: fix error handling code of hso_create_net_device {CVE-2021-37159}
- can: bcm: fix infoleak in struct bcm_msg_head {CVE-2021-34693}
- dm ioctl: fix out of bounds array access when no devices {CVE-2021-31916}
- KVM: x86: hyper-v: Fix Hyper-V context null-ptr-deref {CVE-2021-30178}
- perf/x86/intel: Fix a crash caused by zero PEBS status {CVE-2021-28971}
- btrfs: fix race when cloning extent buffer during rewind of an old root {CVE-2021-28964}
- ovl: fix missing negative dentry check in ovl_rename() {CVE-2021-20321}
- drm/ttm/nouveau: don't call tt destroy callback on alloc failure. {CVE-2021-20292}
- bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() {CVE-2021-4159}
- btrfs: unlock newly allocated extent buffer after error {CVE-2021-4149}
- tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. {CVE-2021-3679}
- net: mac802154: Fix general protection fault {CVE-2021-3659}
- nfsd4: readdirplus shouldn't return parent of export {CVE-2021-3178}
- Bluetooth: SMP: Fail if remote and local public keys are identical {CVE-2021-0129}
- drm/nouveau: clean up all clients on device removal {CVE-2020-27820}
- drm/nouveau: Add a dedicated mutex for the clients list {CVE-2020-27820}
- drm/nouveau: use drm_dev_unplug() during device removal {CVE-2020-27820}
- Bluetooth: SMP: Fail if remote and local public keys are identical {CVE-2020-26555}
- vsock: Fix memory leak in vsock_connect() {CVE-2022-3629}
- RDMA/core: Don't infoleak GRH fields {CVE-2021-3923}
- xen/netfront: force data bouncing when backend is untrusted {CVE-2022-33741}
- net: Rename and export copy_skb_header
- floppy: use a statically allocated error counter {CVE-2022-1652}
- fuse: fix pipe buffer lifetime for direct_io {CVE-2022-1011}
- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts {CVE-2024-26898}
- smb: client: fix use-after-free bug in cifs_debug_data_proc_show() {CVE-2023-52752}
- media: pvrusb2: fix use after free on context disconnection {CVE-2023-52445}
- media: dm1105: Fix use after free bug in dm1105_remove due to race condition {CVE-2023-35824}
- perf: Fix perf_event_validate_size() lockdep splat {CVE-2023-6931}
- perf: Fix perf_event_validate_size() {CVE-2023-6931}
- net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623}
- relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268}
- xfs: verify buffer contents when we skip log replay {CVE-2023-2124}
- Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition {CVE-2023-1989}
- Fix double fget() in vhost_net_set_backend() {CVE-2023-1838}
- net/sched: cls_tcindex: downgrade to imperfect hash {CVE-2023-1829}
- xen/netfront: fix leaking data in shared pages {CVE-2022-33740}
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path {CVE-2022-28390}
- xen/blkfront: fix leaking data in shared pages {CVE-2022-26365}
- mISDN: fix use-after-free bugs in l1oip timer handlers {CVE-2022-3565}
- drm/vgem: Close use-after-free race in vgem_gem_create {CVE-2022-1419}
- cfg80211: call cfg80211_stop_ap when switch from P2P_GO type {CVE-2021-47194}
- net: fix use-after-free in tw_timer_handler {CVE-2021-46936}
- ext4: fix race writing to an inline_data file while its xattrs are changing {CVE-2021-40490}
- virtio_console: Assure used length from device is limited {CVE-2021-38160}
- pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() {CVE-2021-4157}
- Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() {CVE-2021-3640}
- Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl {CVE-2021-3612}
- Input: joydev - prevent potential read overflow in ioctl {CVE-2021-3612}
- can: bcm: delay release of struct bcm_op after synchronize_rcu() {CVE-2021-3609}
- vt: keyboard: avoid signed integer overflow in k_ascii {CVE-2020-13974}
- i2c: Fix a potential use after free {CVE-2019-25162}
- drivers: net: slip: fix NPD bug in sl_tx_timeout() {CVE-2022-41858}
- Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934}
- btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111}
- memstick: r592: Fix UAF bug in r592_remove due to race condition {CVE-2023-3141}
- media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() {CVE-2023-1118}
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567}
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283}
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() {CVE-2023-1380}
- tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566}
- staging: rtl8712: fix use after free bugs {CVE-2022-4095}
- ext4: fix kernel infoleak via ext4_extent_header {CVE-2022-0850}
- af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register {CVE-2022-1353}
- misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os {CVE-2022-3424}
- x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit {CVE-2022-25265}
- x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK {CVE-2022-25265}
- x86/elf: Add table to document READ_IMPLIES_EXEC {CVE-2022-25265}
- ipv6: use prandom_u32() for ID generation {CVE-2021-45485}
- bpf: Fix integer overflow in prealloc_elems_and_freelist() {CVE-2021-41864}
- ipv4: make exception cache less predictible {CVE-2021-20322}
- ipv4: use siphash instead of Jenkins in fnhe_hashfun() {CVE-2021-20322}
- net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() {CVE-2023-4387}
- netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one {CVE-2023-39197}
- ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932}
- smb: client: fix potential OOB in smb2_dump_detail() {CVE-2023-6610}
- smb: client: fix OOB in smbCalcSize() {CVE-2023-6606}
- atm: Fix Use-After-Free in do_vcc_ioctl {CVE-2023-51780}
- drm/amdgpu: Fix potential fence use-after-free v2 {CVE-2023-51042}
- sched/rt: pick_next_rt_entity(): check list_entry {CVE-2023-1077}
- ath9k: fix use-after-free in ath9k_hif_usb_rx_cb {CVE-2022-1679}
- net: prevent mss overflow in skb_segment() {CVE-2023-52435}
- drm/atomic: Fix potential use-after-free in nonblocking commits {CVE-2023-42753}
- debug: Lock down kgdb {CVE-2022-21499}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm
4d2a94ac1691a4d0416227ab227c31ebf6e96630
kernel-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm
025e7d2dfd1ac9c8f360830992f7eb2f7dcc9827
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm
310a4b45a13d497b36e400fc92fabadef08e1b83
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm
89153b8660dbe10f1986857007c63ca0edb3172e
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm
36f4e4e9d29a7cb69d3ef04a461df8db6a89f321
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm
0d79108bec672e19fdc48e43f48ac29fde010963
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm
257b107db14e73272fba29860411762948687279
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm
b0a49c8f8fffc8317443bd0a82ae5b9db0128475
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm
bf6ec6573c44e19fc03cc5725e8d3583a316c748
perf-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm
349fdd85419932104a67057f01e63cc2a39606d6
python-perf-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm
c14a58e001e33bfb0edd6de9a29ee2452ba3ce51
CLSA-2024:1720548714
python3: Fix of CVE-2023-6597
TuxCare License Agreement
0
- CVE-2023-6597: prevent tempfile.TemporaryDirectory class dereference symlinks
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-6597: prevent tempfile.TemporaryDirectory class dereference symlinks
0
tuxcare-centos7-els
python3-3.6.8-21.el7_9.tuxcare.els3.i686.rpm
a029f8f6dc561cf032f43d5ba6fa1e7222f35681
python3-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm
027eda47b0b6a6eb381622aff005a4b533a619e8
python3-debug-3.6.8-21.el7_9.tuxcare.els3.i686.rpm
a0735979cd020c6bb67dee06126a9c9bb03c83dd
python3-debug-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm
a0ab4edc3862a54c3dbf3cbdc6cc79918072d6d8
python3-devel-3.6.8-21.el7_9.tuxcare.els3.i686.rpm
5da5585510238dad651864ed56292442bb54a919
python3-devel-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm
dda9df186b0ea1bf18d886c38088ac7c1351465e
python3-idle-3.6.8-21.el7_9.tuxcare.els3.i686.rpm
714e99af9aca8fb6ebf14264dbffa3ea0a1808c6
python3-idle-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm
9f186b6ad2f6dbf76060221a4710f2e3c436b8a2
python3-libs-3.6.8-21.el7_9.tuxcare.els3.i686.rpm
185c57154f840161d4075a28aef4275e5bb74bf6
python3-libs-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm
02a4aec4b5a96df6ddd593ef63b44cfcbe7a88ec
python3-test-3.6.8-21.el7_9.tuxcare.els3.i686.rpm
af74a638b229a87682f982e6ac1b44bde9962a72
python3-test-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm
85310390b7c5865a57bd5f0f2a10efaca393b828
python3-tkinter-3.6.8-21.el7_9.tuxcare.els3.i686.rpm
e79eeb5d8260c8d3a8fbe5c2baf1ad1e09ef02b8
python3-tkinter-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm
e13bccf6b0a4214aeef3016215fca10f0fb6a86f
CLSA-2024:1720776957
vim: Fix of 10 CVEs
TuxCare License Agreement
0
- CVE-2023-0054: check the return value of vim_regsub()
- CVE-2023-0049: avoid going over the NUL at the end
- CVE-2023-0288: prevent the cursor from moving to line zero
- CVE-2023-0433: check for not going over the end of the line
- CVE-2023-2610: limit the text length to MAXCOL
- CVE-2023-4750: check buffer is valid before accessing it
- CVE-2023-4733: verify oldwin pointer after reset_VIsual()
- CVE-2023-4751: stop Visual mode when using :ball
- CVE-2023-5344: add NULL at end of buffer
- CVE-2024-22667: pass size of errbuf down the call stack, use snprintf()
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-0054: check the return value of vim_regsub()
- CVE-2023-0049: avoid going over the NUL at the end
- CVE-2023-0288: prevent the cursor from moving to line zero
- CVE-2023-0433: check for not going over the end of the line
- CVE-2023-2610: limit the text length to MAXCOL
- CVE-2023-4750: check buffer is valid before accessing it
- CVE-2023-4733: verify oldwin pointer after reset_VIsual()
- CVE-2023-4751: stop Visual mode when using :ball
- CVE-2023-5344: add NULL at end of buffer
- CVE-2024-22667: pass size of errbuf down the call stack, use snprintf()
0
tuxcare-centos7-els
vim-X11-7.4.629-8.el7_9.tuxcare.els1.x86_64.rpm
f3642e8f9d7253a2b8e2c71993c36d9ec21ff84f
vim-common-7.4.629-8.el7_9.tuxcare.els1.x86_64.rpm
fc069a7999ace03cd677554130f9b9df62573ecd
vim-enhanced-7.4.629-8.el7_9.tuxcare.els1.x86_64.rpm
ddb6866a85468cfdda27fa12c1e193fb21228162
vim-filesystem-7.4.629-8.el7_9.tuxcare.els1.x86_64.rpm
5965b9af2a9c899137ce747dd4bf9462bc9502a3
vim-minimal-7.4.629-8.el7_9.tuxcare.els1.x86_64.rpm
abb84fc18498c7336c52bd4828546c6f55ae8422
CLSA-2024:1720777265
Update of linux-firmware
TuxCare License Agreement
0
- Repack the linux-firmware to keep tuxcare updates
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Repack the linux-firmware to keep tuxcare updates
0
tuxcare-centos7-els
iwl100-firmware-39.31.5.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
c39a5a6d92b8eaf2e3fc9f920b408a71aa7487f1
iwl1000-firmware-39.31.5.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
bb99821f38d64c185555b322b5c32de616cabba6
iwl105-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
7ec589cee2f160d71efc785e319e48ca5477d4f8
iwl135-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
8f4257918cd4b76892facc846e08e2498cd8aba2
iwl2000-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
a24191af0d814e70d85856a3fa52949d1035ac16
iwl2030-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
5d93a5abe1c954e3313b500125962013b8e65eea
iwl3160-firmware-25.30.13.0-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
671bf087e156a73df537cb6207dd33197efdc7e7
iwl3945-firmware-15.32.2.9-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
c00926d2aa0d0a918f42a67447f89003c8ba49c9
iwl4965-firmware-228.61.2.24-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
daf3a107a2ed2c25f45920da7c0cbc5b0ee0da91
iwl5000-firmware-8.83.5.1_1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
5611066da63387974a4c48a777bffa6300bc9bf7
iwl5150-firmware-8.24.2.2-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
0f8f12d7ef424209d5d088532b649510b7d4cab2
iwl6000-firmware-9.221.4.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
731c8729abb203b2cf47db1f8f4257f5f44e6596
iwl6000g2a-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
5b14755475f6130dca5860182a4d67990c38a8a2
iwl6000g2b-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
2125a76c9bfae660527ce2c9cfdb9569f2608bdb
iwl6050-firmware-41.28.5.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
7559fe2fdbc620db667fb3c8b149faebc01bf3c4
iwl7260-firmware-25.30.13.0-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
114b5de647e4f355c67881b8b45d52db7cfb829b
linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm
17e1772d3bfff265888efb841b625d398a33f29f
CLSA-2024:1720777628
Update of bind
TuxCare License Agreement
0
- Bump the epoch to fix package upgrade
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Bump the epoch to fix package upgrade
0
tuxcare-centos7-els
bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
620086843e26f2f1d4c10c2b1c110caa775b6d81
bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
4aec6dcba6ca07df1a069b6a047cf0c616fd6187
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm
da1700dc80d1e22985b0f6f46bb68408c8a9e9d6
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
294df42e8ebfab80f494f80f3ad6bfc90b7cf8c4
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm
eac02df11e01a71d6baaf4b60720a58c181051c4
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
047bfa000528b78605f1d8b131fd1cc2b944e3e3
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm
746fbb92c10ce946725ed079425ddc7bb35d00c0
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
848c21b43b55996007d30d6b2b335bc48be9d488
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm
0ef2cf5bdfc64b9c2efefa2291a8342040608480
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
90f499c66c411c7fc48eac0b41d0319c436779b5
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm
23dfc29df8b6a178e2714d7abc013bb3f1172219
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
3bfed6e743081f480024e631fea76d38b4116f51
bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els1.noarch.rpm
1ccca31c19f476cc9db350dd7a77c3f1a3e871f1
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm
630a862adb192d0406895f04fc46916b8931fdac
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
3ac9c556cc4b5c66ca05a06a4722fbcefaa608ef
bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
f66ee7e7fc5c9a8ee2d62698373c705cfabdaee9
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm
6947c16f154c242dcd8be011c6c594db16d523c7
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
c521d66794e34a90ebd705563d1d8e97c7f256bd
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm
212fbb39a7e81f84bc59f4d8bd4b5b1862de2958
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
cf32e9ec0e87d538ee7dfd7c34dfb6dba7a7a598
bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
b6a3a1437a01b5b9c6a33bff8cee568ad7fd6779
bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
b763eff720cbc3ff7b47b42667f64d3bfc65c4fe
bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
6977fb6175c8e50ee6e97181579c963d5a1943db
bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm
a61d23d1a9f931e2aabb433277b86c075cd0b200
CLSA-2024:1721204317
grub2: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-4692: ntfs: checks to ensure that NTFS drive's sector numbers are never
written beyond the boundary
- CVE-2023-4693: ntfs: fix an out-of-bounds read flaw on NTFS filesystem driver
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-4692: ntfs: checks to ensure that NTFS drive's sector numbers are never
written beyond the boundary
- CVE-2023-4693: ntfs: fix an out-of-bounds read flaw on NTFS filesystem driver
0
tuxcare-centos7-els
grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm
ecf6e75c8ab00ef2d859c5198e8fb80d84ce7b21
grub2-common-2.02-0.87.0.2.el7.14.tuxcare.els1.noarch.rpm
512c6cb3ca68d2926dd532c6df16be67fc961edc
grub2-efi-ia32-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm
a7e6e19511ba0f307f556355113ccc3a841e8eeb
grub2-efi-ia32-cdboot-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm
6620c612835e54728bcf9212bfe9c05a90a3f4a9
grub2-efi-ia32-modules-2.02-0.87.0.2.el7.14.tuxcare.els1.noarch.rpm
05a9eb7d9c0f43034b1821eff6698392ede57d20
grub2-efi-x64-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm
4a20371ed68d3108f9f0d893859926cd1f5e5461
grub2-efi-x64-cdboot-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm
2b573e057f7fb590ef5969a681153e338d933c55
grub2-efi-x64-modules-2.02-0.87.0.2.el7.14.tuxcare.els1.noarch.rpm
0bc0e9346b95c31a8e1204a9faff18cb2566c378
grub2-i386-modules-2.02-0.87.0.2.el7.14.tuxcare.els1.noarch.rpm
d31b7cc00730ac1063a40670205a50e6a7436ee6
grub2-pc-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm
8bfdd277ae1f880502a38dc1a993338e42654604
grub2-pc-modules-2.02-0.87.0.2.el7.14.tuxcare.els1.noarch.rpm
8e49f37fdef1102e7a2331177d2ae382804af7c3
grub2-tools-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm
8bc13b7156d4e1be215fa6c6dc946dc89ed5b526
grub2-tools-extra-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm
20df08eaa11bdf5ad1c45d5f3a044a5aa7c5f83d
grub2-tools-minimal-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm
635e692dc74aede7aea8900532b59858856a73e9
CLSA-2024:1721204645
shim-signed: Fix of 4 CVEs
TuxCare License Agreement
0
- Make this package installable on a system having a either
Centos or Cloudlinux signed kernel
- Update to shim-15.8 and fix the following CVEs:
Resolves: CVE-2023-40546
Resolves: CVE-2023-40547
Resolves: СVE-2023-40548
Resolves: СVE-2023-40549
Resolves: CVE-2023-40550
Resolves: CVE-2023-40551
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Make this package installable on a system having a either
Centos or Cloudlinux signed kernel
- Update to shim-15.8 and fix the following CVEs:
Resolves: CVE-2023-40546
Resolves: CVE-2023-40547
Resolves: СVE-2023-40548
Resolves: СVE-2023-40549
Resolves: CVE-2023-40550
Resolves: CVE-2023-40551
0
tuxcare-centos7-els
mokutil-15.8-1.el7.tuxcare.els1.x86_64.rpm
34d8645c529bdabd967cebb4b041b24a8dc79b16
shim-ia32-15.8-1.el7.tuxcare.els1.x86_64.rpm
52271fb57431abc94ea7846576985a51bf84700d
shim-x64-15.8-1.el7.tuxcare.els1.x86_64.rpm
899a10faeb82c46d8bb37b94e10080ded9df9660
CLSA-2024:1721204990
Update of kernel
TuxCare License Agreement
0
- Add dependency for updated shim and grub2 with new signing key
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Add dependency for updated shim and grub2 with new signing key
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm
71b821b79a0f81577fe351c5d7c236ca1b53d72c
kernel-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm
e673aa748df3328b2a34c460acf639bab5477e6b
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm
8677515a15fc1999b107e96a46f5479a2592fddc
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm
8c59ec973e021c6fc76881ee7d1a951f084033a0
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm
e2545e48f535f7a0dcdb229db8c71374b99b8d87
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm
96496eda6d494e3ca74f77b8437a0194207ce584
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm
3268142e07dab034fd18ee2678d7e3bc2ec74197
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm
b4308fcaa024781c86b1ac971c24b9fa67eb4c89
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm
a9f9e0f3e9acf6835d04f9f4e62145a5c98978e4
perf-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm
c759d73748bc940bc389a16e497e44356fe95e09
python-perf-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm
66bdfe463a40dce715bf482722dd7e4e601a701d
CLSA-2024:1721206783
freerdp: Fix of 12 CVEs
TuxCare License Agreement
0
- CVE-2023-39352: add bound check in gdi_SolidFill
- CVE-2023-39353: check indices are within range
- CVE-2023-39356: fix checks for multi opaque rect
- CVE-2023-40181: fix cBitsRemaining calculation
- CVE-2023-40186: fix integer multiplications
- CVE-2023-40188: fix input length validation
- CVE-2023-40567: fix missing bounds checks
- CVE-2023-40569: fix missing destination checks
- CVE-2024-22211: check resolution for overflow
- CVE-2023-39351: free content of currentMessage on fail
- CVE-2023-39350: fix possible out of bound read
- CVE-2023-40589: properly verify all offsets while decoding data
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-39352: add bound check in gdi_SolidFill
- CVE-2023-39353: check indices are within range
- CVE-2023-39356: fix checks for multi opaque rect
- CVE-2023-40181: fix cBitsRemaining calculation
- CVE-2023-40186: fix integer multiplications
- CVE-2023-40188: fix input length validation
- CVE-2023-40567: fix missing bounds checks
- CVE-2023-40569: fix missing destination checks
- CVE-2024-22211: check resolution for overflow
- CVE-2023-39351: free content of currentMessage on fail
- CVE-2023-39350: fix possible out of bound read
- CVE-2023-40589: properly verify all offsets while decoding data
0
tuxcare-centos7-els
freerdp-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm
afb557972eb7b4d33d25c3ad64248245c195b643
freerdp-devel-2.1.1-5.el7_9.tuxcare.els1.i686.rpm
d4f03624edc9817a1dc308bd8fd2f7a4a336d361
freerdp-devel-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm
7e80cb7d8691f95eeed56971d7f79906c5232781
freerdp-libs-2.1.1-5.el7_9.tuxcare.els1.i686.rpm
72137a781fbf6e2bb1d9543d2d1f28efed9fefff
freerdp-libs-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm
59448f80144dab0b1c31332dd212f26d9f73db29
libwinpr-2.1.1-5.el7_9.tuxcare.els1.i686.rpm
4cd1b3f85ccd56326d09812efe9e97452bf05510
libwinpr-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm
20a4180ee750a670d5a7f9a61d7462b6b13777a9
libwinpr-devel-2.1.1-5.el7_9.tuxcare.els1.i686.rpm
94f59674ab24dbdd9a6d3daea4cc1552e89dd847
libwinpr-devel-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm
ca7d779ee67169aabea9510c2f6b481580051247
CLSA-2024:1721206996
poppler: Fix of CVE-2022-38784
TuxCare License Agreement
0
- CVE-2022-38784: fix integer overflow in JBIG2 decoder
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-38784: fix integer overflow in JBIG2 decoder
0
tuxcare-centos7-els
poppler-0.26.5-43.el7.1.tuxcare.els1.i686.rpm
cb625182dbffadcf5fea4134cb4d65139139ca83
poppler-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm
ba28c974caddb05374904c5b8b76458e66864f06
poppler-cpp-0.26.5-43.el7.1.tuxcare.els1.i686.rpm
cbde18d66b33ec1799aa94a059316966e01b8192
poppler-cpp-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm
486d3217eea2f527e0f993562a8db05b5bbaaa7d
poppler-cpp-devel-0.26.5-43.el7.1.tuxcare.els1.i686.rpm
8a1ea5621f686cb72d37302d5c556607dc405213
poppler-cpp-devel-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm
b8e5b064fabb24a967846b1c501298ea21bf8590
poppler-demos-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm
19405ec13cead08c1ab27b343aeed12ec1fb9689
poppler-devel-0.26.5-43.el7.1.tuxcare.els1.i686.rpm
7ac84430e9d178ce4be775a2e4d252b9f026a4e3
poppler-devel-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm
ae25fccbb5a548b99709a9aa4a0c464b86ba673b
poppler-glib-0.26.5-43.el7.1.tuxcare.els1.i686.rpm
4af5581b436efbda436c8c0679606c4037c7da4f
poppler-glib-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm
8fa6c2c2c58fffe4ecd2bef117e8911ef502c4ed
poppler-glib-devel-0.26.5-43.el7.1.tuxcare.els1.i686.rpm
194790c3c1f3e64cc137b9b090ef1c752a2d65b0
poppler-glib-devel-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm
e885a2117d2ce4807deb3eef2eb3a24305f1a368
poppler-qt-0.26.5-43.el7.1.tuxcare.els1.i686.rpm
6f12e23cc0eedde9c8632efad6c8e0a41da2eb88
poppler-qt-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm
6c7ae4cfde394ea8981bc90db5906751358d4cd3
poppler-qt-devel-0.26.5-43.el7.1.tuxcare.els1.i686.rpm
3bbab414595fadbc23a5fb20d08d055b4d8b2f3b
poppler-qt-devel-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm
79d4728ab8833a4dee3ec95f1f20350294a3daac
poppler-utils-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm
7bc12e40d3721f1c9d14599ae4932f8c723cd3ad
CLSA-2024:1722003981
httpd: Fix of 5 CVEs
TuxCare License Agreement
0
- CVE-2024-38474: mod_rewrite: server weakness with encoded question marks
in backreferences
- CVE-2024-38475: mod_rewrite: server weakness in mod_rewrite when first
segment of substitution matches filesystem path
- CVE-2024-38477: mod_proxy: crash resulting in Denial of Service in
mod_proxy via a malicious request
- CVE-2024-38476: http: server use exploitable/malicious backend application
output to run local handlers via internal redirect
- CVE-2024-39573: mod_rewrite: proxy handler substitution
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-38474: mod_rewrite: server weakness with encoded question marks
in backreferences
- CVE-2024-38475: mod_rewrite: server weakness in mod_rewrite when first
segment of substitution matches filesystem path
- CVE-2024-38477: mod_proxy: crash resulting in Denial of Service in
mod_proxy via a malicious request
- CVE-2024-38476: http: server use exploitable/malicious backend application
output to run local handlers via internal redirect
- CVE-2024-39573: mod_rewrite: proxy handler substitution
0
tuxcare-centos7-els
httpd-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm
7d961f78651cc718c36dbc66fce19c9c2b3cc0ad
httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm
0d8452290197a67530c5b398ac37275d7dbc7399
httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els4.noarch.rpm
dbf08f48e41f44c9d286240251f67c6dfbc3427e
httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm
7f3f3a418be39ff57a332d8265427f8b2b11a3d4
mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm
2aeb0c3f7b98cee7f0e7830c400b653b7a7e8d91
mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm
195b4b9f9177c384497680e78845df96ca53c109
mod_session-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm
a9f442976d4523d6650215c53b83fcad2d8ef17f
mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm
1f5cc7ae9affe8e1b307dfa8d76cf603e40d7d55
CLSA-2024:1722529344
git: Fix of CVE-2024-32004
TuxCare License Agreement
0
- CVE-2024-32004: detect dubious ownership of local repositories,
backport the necessary functions
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-32004: detect dubious ownership of local repositories,
backport the necessary functions
0
tuxcare-centos7-els
emacs-git-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
b0deeff09ddf25c0b06e99a573702096a1eb97d1
emacs-git-el-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
70ff2407d30f97ce1d71dc67889ee27abc800fe1
git-1.8.3.1-25.el7_9.tuxcare.els3.x86_64.rpm
b0c1700d9774718991d53c10e3da2d04234dd9a9
git-all-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
a416044a33d7d765532a7c099ba1d7f8aa181203
git-bzr-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
8af88eeadb225d442482c6c624ef2a0c04758810
git-cvs-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
433602e5220f46973c0dcdf7f9ff70a94b6c2b6b
git-daemon-1.8.3.1-25.el7_9.tuxcare.els3.x86_64.rpm
3a43d6f9913773cfc82e1c32f98ef03f1148007a
git-email-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
08c18b56fb12a7bd5ccb9bd596f5c6a228bf8fd3
git-gnome-keyring-1.8.3.1-25.el7_9.tuxcare.els3.x86_64.rpm
11d3a0932993f44aaef938d433071ff767fce338
git-gui-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
fd90a8aa5a89f9499ac3ff8f77e41eac44e6787e
git-hg-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
339f0c3962ccb0c27cd0a4aad535076c717f1a2e
git-instaweb-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
17520f98050e093d6ab4d24d346ca3a85aec1be4
git-p4-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
7b9e9c81aa6b97d01280b8d4f5319cd4e897a1f7
git-svn-1.8.3.1-25.el7_9.tuxcare.els3.x86_64.rpm
07be89392ad2ec5b582d170d52ad28f71ed76b9d
gitk-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
9fd22481e62ad333631c3b6009ca7bca449350c9
gitweb-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
e1401c833bbbecb49b29da8dfb12972ceda98574
perl-Git-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
55f04ebb4c769dbcd1d26b9dfdc447aa5a13798d
perl-Git-SVN-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm
8f520fe3eac148fd8dc284365efd2a8ff66e960d
CLSA-2024:1722529534
libtiff: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-52356: added proper validation and boundary checks to prevent
the SEGV and potential heap-buffer overflow
- CVE-2023-52355: added functionality to set a maximum possible allocation size
in bytes in order to prevent out-of-memory issues when opening a TIFF file and
added memory limit option in tools
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-52356: added proper validation and boundary checks to prevent
the SEGV and potential heap-buffer overflow
- CVE-2023-52355: added functionality to set a maximum possible allocation size
in bytes in order to prevent out-of-memory issues when opening a TIFF file and
added memory limit option in tools
0
tuxcare-centos7-els
libtiff-4.0.3-35.el7.tuxcare.els1.i686.rpm
46f0e0d5c8b8bc6e8242c60d18254ae94455af10
libtiff-4.0.3-35.el7.tuxcare.els1.x86_64.rpm
dff88e98858aaea1f05150e6b8121f8c77e9e5c7
libtiff-devel-4.0.3-35.el7.tuxcare.els1.i686.rpm
f9bd531c683b195d59b6bfaff68c5b24f98b0bf6
libtiff-devel-4.0.3-35.el7.tuxcare.els1.x86_64.rpm
0f01f6ad70f8f3017de0c19b7d1993266ff03c2c
libtiff-static-4.0.3-35.el7.tuxcare.els1.i686.rpm
becc9eed46f880cd553dd4bc1ae2767735f23f89
libtiff-static-4.0.3-35.el7.tuxcare.els1.x86_64.rpm
afb9b292dfa41e9368581502d8d426d7fa410ea9
libtiff-tools-4.0.3-35.el7.tuxcare.els1.x86_64.rpm
8f32820e11e71434ef80dfe2b647d371439571be
CLSA-2024:1722529717
unbound: Fix of CVE-2023-50387
TuxCare License Agreement
0
- CVE-2023-50387: enhanced DNS resolver performance and stability by optimizing
the handling of DNSSEC responses, reducing the potential for resource exhaustion
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-50387: enhanced DNS resolver performance and stability by optimizing
the handling of DNSSEC responses, reducing the potential for resource exhaustion
0
tuxcare-centos7-els
unbound-1.6.6-5.el7_8.tuxcare.els1.x86_64.rpm
32b7279d9548893fb0563b7f343ad71f27b1ad0b
unbound-devel-1.6.6-5.el7_8.tuxcare.els1.i686.rpm
240c0aa7d895f4b3eab672598d5ade3ebdf594e6
unbound-devel-1.6.6-5.el7_8.tuxcare.els1.x86_64.rpm
4b9ff36403e3e34362f1cc39638f74bae335d0db
unbound-libs-1.6.6-5.el7_8.tuxcare.els1.i686.rpm
31b07558d5c5129a5a49eacc875c9a745903150d
unbound-libs-1.6.6-5.el7_8.tuxcare.els1.x86_64.rpm
10bfdc30c93c44ee615f1cd7b11daec925c93efc
unbound-python-1.6.6-5.el7_8.tuxcare.els1.x86_64.rpm
049755022fa23ee9a4e611c99949bbbb0a39153e
CLSA-2024:1723059198
httpd: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2024-39884: modules: source code disclosure with handlers configured via AddType.
Resolving regression introduced by CVE-2024-38476 fix.
- CVE-2024-40725: modules: source code disclosure with handlers configured via AddType.
Resolving regression introduced by CVE-2024-39884 fix.
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-39884: modules: source code disclosure with handlers configured via AddType.
Resolving regression introduced by CVE-2024-38476 fix.
- CVE-2024-40725: modules: source code disclosure with handlers configured via AddType.
Resolving regression introduced by CVE-2024-39884 fix.
0
tuxcare-centos7-els
httpd-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm
cf08ca63a37e4f86e3a0a5a9f177455317517c462ee1a7c488241013b4e04f39
httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm
b398a8d950c33a30e48cfb04af3f16649c43b0090398df6f8be819f6d85683fd
httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els5.noarch.rpm
4d80233c6fb9fb8ff9ec9be1cac6ff066ca65a67190f75f32a18047ac53ed025
httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm
9876767cf61fc2d6b605b25f13c01473799f16a01ad6d1cd69961765fc3f7ab3
mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm
09671dbb670122ce6c2af731fbfbf7590d40c1620cefe49161874a223036bc2d
mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm
0f7c214839e6c51bdf2b0bc3d4aeec2c4d8c9a0e2893f39972f15579ed10f7a6
mod_session-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm
c642bc6f03f6d0a34b7a51189df3812e693b82ca7887d4bda7a056f0d4707271
mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm
17dbfe78b2971bfed25bd9592bda849e863a8d5ee97b7f68ab014c7e23c6145e
CLSA-2024:1723060343
Update of grub2
TuxCare License Agreement
0
- Update version and epoch
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update version and epoch
0
tuxcare-centos7-els
grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm
21e9fa45ecd1d364aa50dc54565a1432a98d720eecddc6723ae518ed0774b681
grub2-common-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.noarch.rpm
dcb84b66986d4ccecebaa43234ef071a68cd28c3f623acb0451b8f0a57f27b0b
grub2-efi-ia32-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm
dc464731f0f4a0014db0703a4f675bf9cf637dfe0f857f25857a4a52086d382b
grub2-efi-ia32-cdboot-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm
1a8c90764ec9aa73c7420b2ae6bddaa8e280d28f784b6c5612e2de4771cec5ce
grub2-efi-ia32-modules-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.noarch.rpm
35d12f83a601cf933a1988ab445ed075f6c9195bc88037d46e39b608a2799ef5
grub2-efi-x64-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm
246ee2e88c08cf655a71e7ee0cbf3c062fb8ce4e0e948788471a0e614b2ca579
grub2-efi-x64-cdboot-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm
b72171c084a5150c91061a6fa7802467d56a62d95dc3823124d1d56337a5296d
grub2-efi-x64-modules-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.noarch.rpm
c71863429a827700607ce7bc950cc5a68c2b2f4f88cbdc83afd9a267b92e0d3a
grub2-i386-modules-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.noarch.rpm
f823f79eba1c9e68da8e308911f1022caec4c807f4a7047fab1617e65e95796a
grub2-pc-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm
898f391d896a3fab47de5b23ac352bfc0d26f60d8a43c18593db422ed6bccf5d
grub2-pc-modules-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.noarch.rpm
c8471d4a20e445652272ff583a046d64b628c16944e9759559673756ae02bdb7
grub2-tools-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm
f920e3d5bf434f3e231930eb0614be2bbeb5512a88a5fbaedebdb657c03ab736
grub2-tools-extra-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm
ea233dec970276927b90976451019572974390f7eab160da867ca1f7fae77b7e
grub2-tools-minimal-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm
ce82fceb77c9eb7df36fa3fd4fccbf91aad8ee1a44883ec32ea84fe0811805ee
CLSA-2024:1723060627
tomcat: Fix of CVE-2021-25329
TuxCare License Agreement
0
- Fix file path bug introduced by the CVE-2021-25329 fix
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Fix file path bug introduced by the CVE-2021-25329 fix
0
tuxcare-centos7-els
tomcat-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm
9d983a9f636921f0e58538824a3211060477177a8fced24dbfb560abdede02bb
tomcat-admin-webapps-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm
bcc45b1a29d8b26561d6c5fec9a12fe2a93a577b44a7560b510cbdb8e472112c
tomcat-docs-webapp-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm
084a9b7059103c827bf43af9cf7b2789fcec723ba9136754c70e6b63207903eb
tomcat-el-2.2-api-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm
3af1d932791b0605102ceb92271c040a19d187a76af089492532a2bcf6624ea2
tomcat-javadoc-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm
44344eb8440c09b7cfa5aa61d99a1cb94c7be244363d3f313593c9b25f89e870
tomcat-jsp-2.2-api-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm
06cc7eac7814651426d53fd3ef1fe0460cac04d0ba0c32fa04237e45298ac8b3
tomcat-jsvc-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm
0cf73f0f3efb72476d3b20c82cf8c517fca5276f85b4596f76749bf6716feabd
tomcat-lib-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm
b60195aceef1da2206943432a0af7812f8a5e15dee05ed20ca5e50c56d5d164d
tomcat-servlet-3.0-api-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm
55c710446f24b3655869d49cd1f0baee2b5ca2dfd91b9f9b587a10942976ee8d
tomcat-webapps-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm
7587d8d6b229fc6ca1b41d753733e3d8abb7d444cb1576d72e436ef6fe083b6b
CLSA-2024:1723146304
jasper: Fix of CVE-2023-51257
TuxCare License Agreement
0
- CVE-2023-51257: fix an integer-overflow bug in the ICC profile parsing code
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-51257: fix an integer-overflow bug in the ICC profile parsing code
0
tuxcare-centos7-els
jasper-1.900.1-33.el7.tuxcare.els1.x86_64.rpm
638fc8bb9909908e62bc3eb80961482638a5312540ad810352ca2188efdddd34
jasper-devel-1.900.1-33.el7.tuxcare.els1.i686.rpm
1ae0aed9821871475b4ad62557315184118d67b15fa83bcbe955630e4862d6fb
jasper-devel-1.900.1-33.el7.tuxcare.els1.x86_64.rpm
d67ae955cd3d959149c4e332ee6d18772a1c8731ffe867d3c29217d1c28f64ce
jasper-libs-1.900.1-33.el7.tuxcare.els1.i686.rpm
e43dd891ba810f449f76998478458fe5465e12095b58893d8d2c53e58afc2dcc
jasper-libs-1.900.1-33.el7.tuxcare.els1.x86_64.rpm
d71c698422aad6430412ea5ad2331289bae1a89835c12d572ffd3f716a7cdecf
jasper-utils-1.900.1-33.el7.tuxcare.els1.x86_64.rpm
635b17d506cf981bb5da115d91ee0fba8bd52d64409035ee3fd6ca093de57de3
CLSA-2024:1723224273
freerdp: Fix of CVE-2021-41159
TuxCare License Agreement
0
- CVE-2021-41159: fix client out of memory
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-41159: fix client out of memory
0
tuxcare-centos7-els
freerdp-2.1.1-5.el7_9.tuxcare.els2.x86_64.rpm
d85cc7533204c8eb59ed962561248ab008a65650bfe3b63b1a2c30fee09dd4b7
freerdp-devel-2.1.1-5.el7_9.tuxcare.els2.i686.rpm
1e22be779604d8d97e78990628a10fe47dfa990f7cf3708fc57eb574d0f5d310
freerdp-devel-2.1.1-5.el7_9.tuxcare.els2.x86_64.rpm
091892b6d377f31fac4c4cb9bd6f6bbe6ec6c8e9807ad94db7153f1673127933
freerdp-libs-2.1.1-5.el7_9.tuxcare.els2.i686.rpm
3eb1637413a5906970754e580d409313c672ab42fdadb6f0222b5af902fc0370
freerdp-libs-2.1.1-5.el7_9.tuxcare.els2.x86_64.rpm
f74c72ec2d3ec78eb4355492d7ab090d1c38f35f7ec4d5893c6e9b8424858523
libwinpr-2.1.1-5.el7_9.tuxcare.els2.i686.rpm
7a4462cd84563bfb5904c579f7d50c67357244d00415fc162d3b3985758881bb
libwinpr-2.1.1-5.el7_9.tuxcare.els2.x86_64.rpm
0701dbf23ab52fa03df906b73c205a6cd31c4dd391372c1c03e5a3c14dfb42de
libwinpr-devel-2.1.1-5.el7_9.tuxcare.els2.i686.rpm
8adc73b5220e6f4c7d5cacc927799e63d7d903a2440fca69973bb6d084a7759e
libwinpr-devel-2.1.1-5.el7_9.tuxcare.els2.x86_64.rpm
ba3cdd98ac2d2f3c730624515f5427d0a55dbdef371b07d4e6d3452660cbd47e
CLSA-2024:1723623068
java-1.8.0-openjdk: Fix of 6 CVEs
TuxCare License Agreement
0
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u422-b05. That fixes following CVEs:
- CVE-2024-21131: UTF8 size overflow
- CVE-2024-21138: Infinite loop vunlerability in SymbolTable
- CVE-2024-21140: Int overflow/underflow in Range Check Elimination (RCE)
- CVE-2024-21144: Invalid header validation leads to Pack200 excessive loading time
- CVE-2024-21145: Out-of-bounds access in MaskFill
- CVE-2024-21147: Out-of-bounds array index in Range Check Elimination (RCE)
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u422-b05. That fixes following CVEs:
- CVE-2024-21131: UTF8 size overflow
- CVE-2024-21138: Infinite loop vunlerability in SymbolTable
- CVE-2024-21140: Int overflow/underflow in Range Check Elimination (RCE)
- CVE-2024-21144: Invalid header validation leads to Pack200 excessive loading time
- CVE-2024-21145: Out-of-bounds access in MaskFill
- CVE-2024-21147: Out-of-bounds array index in Range Check Elimination (RCE)
0
tuxcare-centos7-els
java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.i686.rpm
1b39ec6d025f842d8d6625e7dabd16b9c099d274901785bbd4a44b4688c78555
java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm
d097d5c4f6fa0a8b388c724399a8b5778dec0692f403eb70442110d15fe9cb96
java-1.8.0-openjdk-accessibility-1.8.0.422.b05-1.el7_9.tuxcare.els1.i686.rpm
6984c32519be294f3972d6867cb3f79b5a9fd8b0c4d39c382c2b90a908cf1edb
java-1.8.0-openjdk-accessibility-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm
2d6cbd2b6c933682ae36f407d90ce54ebb13fa926b6254a299dfb8ed5e3ab50d
java-1.8.0-openjdk-accessibility-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm
6bd26d8f55e734a44a49c0d567e75fd2e01fb0416dc41657e6706a0cc536dcf9
java-1.8.0-openjdk-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm
a9b57094feb64ccd6954d34a9eae41b1ce7251eb0e383460154e29c591f9edbb
java-1.8.0-openjdk-demo-1.8.0.422.b05-1.el7_9.tuxcare.els1.i686.rpm
35d356d55ebafa903003b49aeb13b35edc67264a8476fb922e09a49c3a4c3d11
java-1.8.0-openjdk-demo-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm
34c423711d5bee58bc6d461bda15e8ea62dd49e4446449df46cd00915faf8d18
java-1.8.0-openjdk-demo-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm
93a3631a28f68a86adb1c19fe0ceefaae727e985eec8474f46182cd6af733c8c
java-1.8.0-openjdk-devel-1.8.0.422.b05-1.el7_9.tuxcare.els1.i686.rpm
5b8167f35fdc1ff39631784679e750e8dafc1780380977ce3fe92f79af43f3e8
java-1.8.0-openjdk-devel-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm
a32b5fd312b4fe4649041a24fdf255d02dc717d071a8b62de95ec09dde116879
java-1.8.0-openjdk-devel-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm
42413079f7cd06d53ba675f73d0c0095e58f9c8c044843cc4ccc1a9f5f53d495
java-1.8.0-openjdk-headless-1.8.0.422.b05-1.el7_9.tuxcare.els1.i686.rpm
9f1c1ba57c731b712aae95f4456e2865598f8b54c2e7ad33a22957af621b3c71
java-1.8.0-openjdk-headless-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm
69436469403b5ac352b6f5c434f7ce7b1290052737a6a8c0229982cd39712bee
java-1.8.0-openjdk-headless-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm
3708e13629069659370b124fcee084db9b2054072301ad005062cb83b9dfeda1
java-1.8.0-openjdk-javadoc-1.8.0.422.b05-1.el7_9.tuxcare.els1.noarch.rpm
09c52832c473d846ea6a844e9c1f5f38fcb06862ad2c6fec9457842caf99ba91
java-1.8.0-openjdk-javadoc-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.noarch.rpm
ca19d258b3f5ab0e27068ead8ae575b50ec9c93d55c696a240131e9181481a35
java-1.8.0-openjdk-javadoc-zip-1.8.0.422.b05-1.el7_9.tuxcare.els1.noarch.rpm
147f14088d606716c90c76b25c658dfeb6853d6a5bd13eeef974c505a7d477dc
java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.noarch.rpm
c97f7cf6eda8451cddcf195158139eaaec32b73acfe54413caf67d47862eac78
java-1.8.0-openjdk-src-1.8.0.422.b05-1.el7_9.tuxcare.els1.i686.rpm
8b8e8c7e5de88a2ed0b4bd953037508ac5edd71c1359352c129945b15c7464aa
java-1.8.0-openjdk-src-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm
5a5c1ad8aaf5daaeaef6ca70433779fc42762ea8df9a9e0fc881360813d60663
java-1.8.0-openjdk-src-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm
90241f42a09c9ee5a3ddc4b36fd1a61331cd9877560123eca711f4a49da027dd
CLSA-2024:1723795896
harfbuzz: Fix of CVE-2023-25193
TuxCare License Agreement
0
- CVE-2023-25193: optimize looking back for base glyphs in hb-ot-layout-gsubgpos-private.hh
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-25193: optimize looking back for base glyphs in hb-ot-layout-gsubgpos-private.hh
0
tuxcare-centos7-els
harfbuzz-1.7.5-2.el7.tuxcare.els1.i686.rpm
e0ddb3eb6feb7f396b78992a3341af3f0ea66b65343a0a5dcdda14872917e8d8
harfbuzz-1.7.5-2.el7.tuxcare.els1.x86_64.rpm
466c8f2b8dbabe7714eee330eb5bb0636a3f0756a909e4b66079019bcb215f89
harfbuzz-devel-1.7.5-2.el7.tuxcare.els1.i686.rpm
e37ac411ac510789c5e441e5676e08193974c19ebaa9e36e37cfa49d3190cdfe
harfbuzz-devel-1.7.5-2.el7.tuxcare.els1.x86_64.rpm
91d7f962f5771a99e0c9bb34a85f8892c7626f4b12384c464568f32d3ce30791
harfbuzz-icu-1.7.5-2.el7.tuxcare.els1.i686.rpm
240ce416f0603f8e070f0b34e9a46ccc1ccd77f4351c21f621ee64c2294e1a21
harfbuzz-icu-1.7.5-2.el7.tuxcare.els1.x86_64.rpm
c94b26bdd56a7851afc54eb8e9780e20abfb07aabb383d7c949f5acc70f40076
CLSA-2024:1723796201
wget: Fix of CVE-2024-38428
TuxCare License Agreement
0
- CVE-2024-38428: properly re-implement userinfo parsing (rfc2396)
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-38428: properly re-implement userinfo parsing (rfc2396)
0
tuxcare-centos7-els
wget-1.14-18.el7_6.1.tuxcare.els1.x86_64.rpm
4a7ffb990b832ad34255b0c1c418a31dcc8cd13f302186bc38f183714273fa28
CLSA-2024:1724259497
libndp: Fix of CVE-2024-5564
TuxCare License Agreement
0
- CVE-2024-5564: validate route information option length
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-5564: validate route information option length
0
tuxcare-centos7-els
libndp-1.2-9.el7.tuxcare.els1.i686.rpm
0d21c313d967caa248b531bbb559e0100854390cca0e9094db3cfb6396de89c2
libndp-1.2-9.el7.tuxcare.els1.x86_64.rpm
f73b26c9f7e8fa32e55e33da5a38d496dfcbfa5911899b8aca0e3fdcc16c0789
libndp-devel-1.2-9.el7.tuxcare.els1.i686.rpm
a3d135a877889ed4e79aa512e6586facced48af9b7e3b9e6a14efa1cd49609b0
libndp-devel-1.2-9.el7.tuxcare.els1.x86_64.rpm
207d9afa0c14f04a956e5846d39fb82c05ebe06183c3004dbc20e148f54f80ed
CLSA-2024:1724260558
libcdio: Fix of CVE-2024-36600
TuxCare License Agreement
0
- CVE-2024-36600: Allocate more space for buffer, prevent overflow,
add input validation
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-36600: Allocate more space for buffer, prevent overflow,
add input validation
0
tuxcare-centos7-els
libcdio-0.92-3.el7.tuxcare.els1.i686.rpm
8361c915389938588af187c03a6ae45382d37c39949c5249006bdd59b84360e8
libcdio-0.92-3.el7.tuxcare.els1.x86_64.rpm
2d3077c0f4e17adc7a39f4522b5ddd0ea47af06a2a725173e59238d623ca3d36
libcdio-devel-0.92-3.el7.tuxcare.els1.i686.rpm
f27a180ff92a908aa19bb806165983414d74b0f5a503072960ac1e0b029f893f
libcdio-devel-0.92-3.el7.tuxcare.els1.x86_64.rpm
b9dcf604e79fb2c4d9561cf7c2d276020341c78d126d410ff4879db75baccc58
CLSA-2024:1724260726
samba: Fix of CVE-2023-34966
TuxCare License Agreement
0
- CVE-2023-34966: fix infinite loop vulnerability in mdssvc RPC service
- some tests were added as skipped
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-34966: fix infinite loop vulnerability in mdssvc RPC service
- some tests were added as skipped
0
tuxcare-centos7-els
ctdb-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
2c2f5896bf18752a8bac136ad573717701c68f8f35b4746aa32c96c20a453253
ctdb-tests-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
6ab400dbc65d940afcf820a655a1ae0ce9e15bb360d6a5013fbdcf141881a9f3
libsmbclient-4.10.16-25.el7_9.tuxcare.els1.i686.rpm
72031a1e26b9b1c8ed971fd9b3b1328ed29a4b628f6e2faf52b110f1aa223f31
libsmbclient-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
30644b483abc30a0cb20f2ae51b4b9734aae1c0e0e6e2e3cdf6ecd944e186e72
libsmbclient-devel-4.10.16-25.el7_9.tuxcare.els1.i686.rpm
83fdfa734674d7075b24bdcfbde0114245f992ff7c066e6b6cf3bcf1a05ba453
libsmbclient-devel-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
e696b04dded703d87e63e2eb46e7e9decbaf8d1e47eac5181f9e6533af347c3a
libwbclient-4.10.16-25.el7_9.tuxcare.els1.i686.rpm
d262ef98937aac153df21cf109ec16912b636c872282b207aa4526e31e1b145f
libwbclient-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
781381062920d4d1dae3be52dced3be78c2ffdb58dc0bcc3de571f8ff3df8079
libwbclient-devel-4.10.16-25.el7_9.tuxcare.els1.i686.rpm
fb78561b45951b2310ff3500c6ce12fa8f50298cda698ae825d08c28f7e54803
libwbclient-devel-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
598d72c98aae3700cc0a39dad32968b78221f9ba28272d0e0253542410d7e4ed
samba-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
33140fe984c9fadd078c5cd2bac9e8bdd0ebabca7f750e5c751c365aa21175f9
samba-client-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
2ea3b93949de5a785d82c6b22a8c8bc00aba54412b0a9d306a9e8cd752b3f6e7
samba-client-libs-4.10.16-25.el7_9.tuxcare.els1.i686.rpm
e59a3df2f6d6a7921318fc26150ec57ed9463a03c8ce40a7580fd0c5df0efad4
samba-client-libs-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
defd9ed8c9307b03e39b82386989c81b9583166d08059b16859ca5df3219e89b
samba-common-4.10.16-25.el7_9.tuxcare.els1.noarch.rpm
9febe3e6fb3f3a7f2b16287f10a072ea9d716ac99e757ff886b564fcbcf2a1b2
samba-common-libs-4.10.16-25.el7_9.tuxcare.els1.i686.rpm
abd7a4cf3392d41ea5b03d74c7aa02aedea938014cdc3f2366a3097069f052ea
samba-common-libs-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
3e4f6ae943f79926d86c2a8b314af3922263d4c4e6884ce5272f58e11439005b
samba-common-tools-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
d865f03f71b2de7a72da8614a385ace3013665138c3a22f8db18823e7e069c5a
samba-dc-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
233e99a882e5d6873e5603262c1d12e069df450cdc050cc7210902d4e0392598
samba-dc-libs-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
c15cec6bffe8476f677276b563b0df1d9502cefccef81a186edb524b79245c71
samba-devel-4.10.16-25.el7_9.tuxcare.els1.i686.rpm
c6e8d7931da35004ba13ca41b622110f970e2ceec954a4e0b543ced7adb4584c
samba-devel-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
38d06b836c10c5bd66d3ebaba98ba12b660dc8e73cfa5d951ee1c09b82c95351
samba-krb5-printing-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
25008ac83b805d7ce934817be646c836e3496fff2c7b48578248b5c8c84b56bc
samba-libs-4.10.16-25.el7_9.tuxcare.els1.i686.rpm
57615d9d76f6925fed28a8d198ed725b0c95722a88fcd330431cf9b016bf07fc
samba-libs-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
ed671c64637bb258cc1445a5250ee192c6c37811295d99addabc7706f355f2d2
samba-pidl-4.10.16-25.el7_9.tuxcare.els1.noarch.rpm
6a79efc6e034ecb4b9ae748617e5d38a7543b8259e29f3888c7ae40dc27e00ae
samba-python-4.10.16-25.el7_9.tuxcare.els1.i686.rpm
c1b11a7789652dd4a5082bb9b4036f0f75c140e517884e5d176caefae7ab4665
samba-python-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
0b89f0ef572c65488cbddb7cec5b2ac13e71a709893b124047753a48c9c41de8
samba-python-test-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
ed72028d6430a66a79333951f9a08a85517377e622d3f031a1b0a954c9e12d8b
samba-test-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
991017d15727ba7538589118c5f2d286c23c0bea404a627a9166d250243ae2a2
samba-test-libs-4.10.16-25.el7_9.tuxcare.els1.i686.rpm
6e27f0e4efeb91ba25cde0aeb5e2dc6383aade3e6646955447a9ccbd25382f77
samba-test-libs-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
290c5c55f2ba982d4ac8d705ea0cbc47aa50b0f542e307f15727f340a9486199
samba-vfs-glusterfs-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
1b9fcfef9ea2de4e3cdb7b01bcad4646e99b3314f569a5c719dbfa7f05f12046
samba-winbind-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
997c9acf340de001e47047fdd72571ebde932c6ed9f0e25bc79ebf41ff0636ac
samba-winbind-clients-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
8ee997c47c49aa7ef26027d266ffe578545d2d8bbab1fdf9b381965f340084c2
samba-winbind-krb5-locator-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
4df185760c28a888140007bdac4e595b99659e765b902ba32546c7bfb1c8974b
samba-winbind-modules-4.10.16-25.el7_9.tuxcare.els1.i686.rpm
e54cbaa71ff09c8584a4ef856330cdce58aa68385d5a1f6be9a57138e5e73971
samba-winbind-modules-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm
03ae74fe4089f8d561f96c88123198d20570e32487c1f863c88c74d96b207b56
CLSA-2024:1724348053
bind: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2024-1737: add a limit to the number of RRs in RRSets
and RR types for single name
- CVE-2024-1975: remove support for SIG(0) message verification
- Fix the SYSTEMTEST section in the spec file
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-1737: add a limit to the number of RRs in RRSets
and RR types for single name
- CVE-2024-1975: remove support for SIG(0) message verification
- Fix the SYSTEMTEST section in the spec file
0
tuxcare-centos7-els
bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
4f4e8784dde132353df54e5634f8a9a7020a67e7e66d981440792522da6ec3a3
bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
16cab55a3b7098986583e8321a1ff8c159cdd39b15f1197348c02920b4a22015
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm
a1341189b02fdf7787eadfe85b14cfe80d276053e35b70cc79398e8b33123107
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
47c7bda9200dbbc2f49f9d1f59d961772608144bb7387bfb84f154079859555e
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm
593f5ee550a57fac722fffebccbc8f099b32a8d400481513fb0ed1585a231f38
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
179e305e0fe5bb8bfdc3e13a44f96bdd9fb9748274dfa74908061ada148d70e4
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm
1fdf049bcc6efb1472f8ae9e2d508270aed9abac5c1f350ab7d6e988f30e64c0
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
e4efa678124bb971d20f39bb465cc30827409707aeeebae9a239c3ec8beb1ab8
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm
a49b6456c86c4e67f4ff63fce9cfa66d8db547832cf11df93f69e9693f5975ca
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
7b073ae98adfd5e146b33594350921d292540b2bb9a3ec33cd498b0682c313fa
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm
47709daeab05b7587f9a551a9ff9dd9f9221192881970a97c16b8b8c89d2caa0
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
6ad122145575a9fd835026dc010b55d52c8bccbccf3d134f417c874edafc282c
bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els2.noarch.rpm
351cf531bd668ba6332235ec61fa646f381f45a44a9339a1661c618191183327
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm
ae1ee3353d3fa0b4d35031020513ce040c19a372400e6664267ccecd4bb439c1
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
369e33bfdaee594de283ddb7bd2c181507441bdd702e24fa743da5db080ee688
bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
8109a2ed957f482d5b90d25cc2b6d48268aa58f795ad7e4d161db9e861aeacd4
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm
1a4fffc0db4ef7212f5a363429be857d6390dd12c9d1dc68ea0dcd68cf6348b0
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
472ff77d3d17eaa3188db5912bede509c1b22606a112a52caf9cedf8c11fdf1c
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm
a16d85096941a82e85f478cfcfe8e30889be844af8bfc8a90dae0f7c6b793f96
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
5ace25618ddc1512277f9ca5e73b4b89208baa7f7a64ad9b46545b1741ea55f1
bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
ee5629be925c7172b5d0e4e46bce831a842fdd54028e6ba4302471bf752d0e3c
bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
dcbe28914d7c5d64b4e2aa0b18dfb63e762af8a24aaafefe3da63c8d4dc2670c
bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
aa31f5223092430c1132b53f7baf02473dec9989e1571dc8972dc1c6a7e126e0
bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm
a43d7a085c0e3e8ee2442c551e1cf26cd9d4ae654eece40ed0c0131a1486a83a
CLSA-2024:1724693366
kernel: Fix of 15 CVEs
TuxCare License Agreement
0
- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() {CVE-2024-26855}
- tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383}
- drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960}
- Revert: GFS2: Skip dlm_unlock calls during unmount {CVE-2024-38570}
- Revert: GFS2: ignore unlock failures after withdraw {CVE-2024-38570}
- Revert: GFS2: fix skip unlock condition {CVE-2024-38570}
- ima: Fix use-after-free on a dentry's dname.name {CVE-2024-39494}
- netfilter: nft_limit: reject configurations that cause integer overflow {CVE-2024-26668}
- ipv6: remove max_size check inline with ipv4 {CVE-2023-52340}
- USB: core: Fix deadlock in usb_deauthorize_interface() {CVE-2024-26934}
- net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() {CVE-2024-26882}
- ip: validate header length on virtual device xmit
- ext4: improve error recovery code paths in __ext4_remount() {CVE-2024-0775}
- drivers/amd/pm: fix a use-after-free in kv_parse_power_table {CVE-2023-52469}
- drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc {CVE-2024-42228}
- netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() {CVE-2024-27020}
- af_unix: Fix garbage collector racing against connect() {CVE-2024-26923}
- md/raid5: fix atomicity violation in raid5_cache_count {CVE-2024-23307}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() {CVE-2024-26855}
- tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383}
- drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960}
- Revert: GFS2: Skip dlm_unlock calls during unmount {CVE-2024-38570}
- Revert: GFS2: ignore unlock failures after withdraw {CVE-2024-38570}
- Revert: GFS2: fix skip unlock condition {CVE-2024-38570}
- ima: Fix use-after-free on a dentry's dname.name {CVE-2024-39494}
- netfilter: nft_limit: reject configurations that cause integer overflow {CVE-2024-26668}
- ipv6: remove max_size check inline with ipv4 {CVE-2023-52340}
- USB: core: Fix deadlock in usb_deauthorize_interface() {CVE-2024-26934}
- net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() {CVE-2024-26882}
- ip: validate header length on virtual device xmit
- ext4: improve error recovery code paths in __ext4_remount() {CVE-2024-0775}
- drivers/amd/pm: fix a use-after-free in kv_parse_power_table {CVE-2023-52469}
- drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc {CVE-2024-42228}
- netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() {CVE-2024-27020}
- af_unix: Fix garbage collector racing against connect() {CVE-2024-26923}
- md/raid5: fix atomicity violation in raid5_cache_count {CVE-2024-23307}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm
f5788de6b933519739beaf9dd076b85cbd486b1cad4dd223e01f76737a5b6f55
kernel-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm
8b6485df872df90f48b535531a12df5c9adef720c226880a58fd7eff68c25fc2
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm
712f1ae44e958ac03e1c1b44e392d76054ff951760cd34619bf838656bdaba8e
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm
befb295526a8acdb47f1d26b33ac6ce0dc21f3d5411791b845ca211cee3188c3
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm
ee3ead168211e5ab1d83f8ae590ba9be52e651955d02ce26dc08630df59d42b1
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm
c4a1c3392c8a0875868a7798153f8b6c17c54945954509c9e5c5e04d13d79699
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm
7258aa97ff778ae1af2211e87e177e787e8027585d8ce039374438044d63863b
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm
30512e28c7c5b65a3bc8f9ab14bd4b260805c6c06ab6abb6e9f580863927d147
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm
5dca7f0bd25b6fb88f63cfdde5243ba04c2436c97a4a72b43c5500d1b5a44763
perf-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm
8b3e9a8a2ed9621456ba4b3b71f299650f4d69ba2b3c90977cc857a87bec02e6
python-perf-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm
a2359c448f8e5b23988c4afe9ed3c6353d187aad3ff60a56478b36de6783e18a
CLSA-2024:1725382183
httpd: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-38709: faulty input validation in the core of Apache allows
malicious or exploitable backend/content generators to split HTTP responses
- CVE-2024-24795: HTTP response splitting in multiple modules allows an
attacker that can inject malicious response headers into backend applications
to cause an HTTP desynchronization attack
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-38709: faulty input validation in the core of Apache allows
malicious or exploitable backend/content generators to split HTTP responses
- CVE-2024-24795: HTTP response splitting in multiple modules allows an
attacker that can inject malicious response headers into backend applications
to cause an HTTP desynchronization attack
0
tuxcare-centos7-els
httpd-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
fdb737448bce0d46aa8659b000293c1945dedfb27d2f2ee540c3e1230e2652f7
httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
1c9196bba5d2f3ef0cceab961a60fdbc5e505269cb1790cbe82303e6c507db5a
httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els6.noarch.rpm
9b46055e5a4516de55a05d9e3944593172aac762349c27c6a79ff4abd2846780
httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
11bec23f36a45ea26437c1042ae97c1aafb05eefeb7ac733ba2b4a628a295ea6
mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
2ba75ddcce763889db7da85f5ba003b62ce119662b91a00e7121acff3ef0d298
mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
f5e91f31141db1452fd0f6cda7b9db1cf68e63fcf32ac514b93480d7b070354a
mod_session-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
594c9fac228ad238203a1b3c5e82fe07e2faa08445ef73f73e40334092d6fcfe
mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
3593e8b91cee88920c8f6bda1c27a762cdd2b8a55286970c8d4bdb8e4fa6622d
CLSA-2024:1725382525
python: Fix of CVE-2023-27043
TuxCare License Agreement
0
- Bugfix for CVE-2023-27043, use str instead of unicode, adjust tests
according to python2 specification.
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Bugfix for CVE-2023-27043, use str instead of unicode, adjust tests
according to python2 specification.
0
tuxcare-centos7-els
python-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm
8e8d356b99a7b14b0cbdbaddd3f971e519fcaba535f0e15d9171a22ab4ec6191
python-debug-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm
079de43bde2cb5976b61abd90724486c3e0b291526ae9a8e319c203f4456e02a
python-devel-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm
5b0f5c2d585f5612de195720928bef4ac6e00ec33c29dc61674727d1b6c838d8
python-libs-2.7.5-94.el7_9.tuxcare.els3.i686.rpm
4c81b822a491b9a0c37b259fbab65dc5542bd6425ca34cfd0c1b8cfa81a24d74
python-libs-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm
4711718536ba74562dad2895dc2c4cbe75782a9a5dc730c8d4fe4905b8ce1524
python-test-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm
cf535135696dc23dd466d54887796c879f198df45c1b4b2549f40e58dfc32376
python-tools-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm
69fa59ed0e6913d8ad747d3745be47e0038c79580de0b480aa0f84ba9f98bfdd
tkinter-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm
4f2342ca04ff7e6455e4604b817b17575676d30016a69c2cff1c77f7d86b1a08
CLSA-2024:1725389829
kernel: Fix of 3 CVEs
TuxCare License Agreement
0
- xen/blkfront: force data bouncing when backend is untrusted {CVE-2022-33742}
- ALSA: Fix deadlocks with kctl removals at disconnection {CVE-2024-38600}
- net: fix out-of-bounds access in ops_init {CVE-2024-36883}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- xen/blkfront: force data bouncing when backend is untrusted {CVE-2022-33742}
- ALSA: Fix deadlocks with kctl removals at disconnection {CVE-2024-38600}
- net: fix out-of-bounds access in ops_init {CVE-2024-36883}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm
d648aedf085223df5e8f7ed905d8f9b72da0de0ad1f31d8843b81e194e50082a
kernel-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm
d93e258f5c1434d85e1fb1f752b5086fb292585b85d0b935ca6583d3e8491c83
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm
a59baf51a64d4b7d0fe6f0e8934f86952e78158aff75311fd45fc58e0a5132de
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm
c44c35f84b1f769aeedf87fa3bcd9db6d26d446ee6ca2b0d53c44da3a5ee6341
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm
d02fda27ccc0d98aa1beb1989b5df1c7b78df249dcbb8dc58a63a8e6bbd6da3b
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm
0721cafe08e14fcdce6c859bad0952c82113812d7cc815d50627fa9db0911d2b
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm
91fb0e6abe8a80165b37d17796030c798407b3721dc744261b88ab1767f0f55e
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm
ffb88e1279216c70a8a12614bc4144500b01e939ec29b05b02ae48c760f11b3c
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm
9c8e1bcd4a944ce809d089e3aefbf05f417a0537fcc6eaaf0856a2fa75f027a5
perf-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm
c36ecdc9d02252d8046bc1617dd7cc17604afa376dadaeaf99bafdb01abc7865
python-perf-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm
5efaef24333126f976a8182c0dbd2ea54872962c2efe59685fc43b8e7c1b7587
CLSA-2024:1725443754
bind: Fix of CVE-2024-1737
TuxCare License Agreement
0
- CVE-2024-1737: add environment variable DNS_RDATASET_MAX_RECORDS, DNS_RBTDB_MAX_RTYPES to
override hardcoded limits DDNS_RDATASET_MAX_RECORDS and DDNS_RBTDB_MAX_RTYPES
- Fix man8 pages for dnssec utils
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-1737: add environment variable DNS_RDATASET_MAX_RECORDS, DNS_RBTDB_MAX_RTYPES to
override hardcoded limits DDNS_RDATASET_MAX_RECORDS and DDNS_RBTDB_MAX_RTYPES
- Fix man8 pages for dnssec utils
0
tuxcare-centos7-els
bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
8c51c8189d9c266c0506247ed03fdb607b66b2786ae665b48aa1c03a92cb771f
bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
15046bbf6ecd39f68f24241e798d4b02eac20fc859c853e6442121b47a443e2e
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm
bc9d91d3e496b3ca3400ea4406521cf565b885351fcc9202dc9eb86ffd879cdf
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
da81224834ce74b674e5d32e584c4a257c3d2e7714994869aedcceca86756066
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm
dfc1bc92ca857e21713d13ddeb4bc769c14adcbdd81860b75d6fce7b192fdeb1
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
0af23600c981874d0f906c74c1c816631ea4faa5bcca3a9aa75f78877100fd07
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm
ef3c658605841d7c95ed9aeef621b9486018a99efe0ed55058b71478f6d8b985
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
c136f59c1309fd696a5ad94a885f2e929a97e702f645037004f8ead4c1bfdb42
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm
d67f6a751d0616f2ba6d4f311040d92b105ce26c9bb24ef3b9799c78dcfff1de
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
1f3ad381db736d5e9d35ad465b1e950a54465048184d183e1cfde190f0c19fdc
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm
96881e319004b44a6f14a0ef724c63cae9a4ad5d7cf6915b390fda0a0d1480eb
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
ff9656fb3b745c208a3c18d3c57b9bd5b59226dfdd166f3066e2449541268bc7
bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els4.noarch.rpm
f6a29cea4d334d05badfb1150aded3d03667df3be95274ea6d292ff244a4ff63
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm
d8de6710e0b89984b5b88a29863d2b4fa29213a8d22b4b7320c9c80c5eb64150
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
c8fed04c28c7c78555001a3f4e2e5b2e8a75112732bdd48ef028bf14b3a54103
bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
f6730d282414aef1abd6a0a5b9b46ba451fb872016c372651ed1fb2c9462cfb0
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm
ea4e20d3f2fad73a1ee791e46480c798fb2af82bdd4ff05e269fbe869f1de4fd
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
8f61d4ac9334ad928c603e212f6945a96aa90d4493d71372fed1a8de2ef60c83
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm
dcf426708aa1f9ad17cb977b232e12f151c806b82342df9e58241904547f119b
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
89611d7cbb1ca71abd0364126f6eed1beb6f18ee387483a67dc84dbb8e4f45c8
bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
eb4a283bb766e28a41cf2b31cb6ff9561db134996893eda8de6c36aab7fcaea9
bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
0fc646ee5735a239ee8ec303cdf781d0f6b9da9b666d7402448bdf80fd94c24d
bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
0bb915ee445cd3c06c157aa729d91f2a04786913599ab60062373f698e008f8a
bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm
051e23e5bc315681e9add0d601e71896b1b2e7d523b44f23c17d07737ff90230
CLSA-2024:1725550629
exim: Fix of CVE-2024-39929
TuxCare License Agreement
0
- CVE-2024-39929: fix incorrectly parsing MIME parses filenames that are specified
using multiple parameters
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-39929: fix incorrectly parsing MIME parses filenames that are specified
using multiple parameters
0
tuxcare-centos7-els
exim-4.97.1-1.el7.tuxcare.els1.x86_64.rpm
7d999c53fc1ac80a013150574673b6475113c038f8f81e470c863e9b9dcd955e
exim-greylist-4.97.1-1.el7.tuxcare.els1.x86_64.rpm
23a978e1612ac6bc139e17123b8aa0d257185098c844101a6401957dc561969f
exim-mon-4.97.1-1.el7.tuxcare.els1.x86_64.rpm
0f9a6a34c7419f0cb635aecfce16aacd0b2fa7b501b0fef36a3503475b886252
exim-mysql-4.97.1-1.el7.tuxcare.els1.x86_64.rpm
edf9d83dc3fefb9f588461dedb28b7b9e07af06302a8848020796e3dcf3f2d9a
exim-pgsql-4.97.1-1.el7.tuxcare.els1.x86_64.rpm
c2ac02ead999312f7f542bdd177a272fe95c3c61647f967c203bcafe2b244efd
exim-sysvinit-4.97.1-1.el7.tuxcare.els1.noarch.rpm
860c20e6b241b7c76584aa6fe1e78f8cacd0616428f2cd08798b06b4d2db6fda
CLSA-2024:1725554505
unbound: Fix of CVE-2022-3204
TuxCare License Agreement
0
- CVE-2022-3204: add max number of lookups in the cache for target nameserver names
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-3204: add max number of lookups in the cache for target nameserver names
0
tuxcare-centos7-els
unbound-1.6.6-5.el7_8.tuxcare.els2.x86_64.rpm
17b6e8792ef9e78ea91ecae0b62144afe83ed32eb12e65d55f318cde4298720a
unbound-devel-1.6.6-5.el7_8.tuxcare.els2.i686.rpm
f33f48c6f9f759e30d5aa1c6a55a40f4c57fd80bd450b0b3aac00e63a5cf14e5
unbound-devel-1.6.6-5.el7_8.tuxcare.els2.x86_64.rpm
9e462338d39540ef1f00b19321ea705ab65f27a186df27cf7b1de2b9856bebb6
unbound-libs-1.6.6-5.el7_8.tuxcare.els2.i686.rpm
5eda194435c34536009e6957a7b89d118e3bf8d4093be83b0b6e12ef27eb0ed9
unbound-libs-1.6.6-5.el7_8.tuxcare.els2.x86_64.rpm
715f4f5fd1f4a251c176076966af1e5b993a2d3cc2b4e6062343e9408c98bd31
unbound-python-1.6.6-5.el7_8.tuxcare.els2.x86_64.rpm
ffe2e769446a70f38c0948a6f144dc28ec05395cee4a089833c5ce8e78eeffa3
CLSA-2024:1725650489
orc: Fix of CVE-2024-40897
TuxCare License Agreement
0
- CVE-2024-40897: fix stack buffer overflow while construct error messages
- Disable gtk-doc building due lack of gtkdoc-mktmpl command in gtk-doc-1.28-2.el7
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-40897: fix stack buffer overflow while construct error messages
- Disable gtk-doc building due lack of gtkdoc-mktmpl command in gtk-doc-1.28-2.el7
0
tuxcare-centos7-els
orc-0.4.26-1.el7.tuxcare.els1.i686.rpm
689f84599045d82b95324c08279ccf04f72611a0e268eb7a5cd97de824787ad4
orc-0.4.26-1.el7.tuxcare.els1.x86_64.rpm
1f24ff18c0fb37ac4bb6165f047950840bcb948c66eca755f820e840a974fbed
orc-compiler-0.4.26-1.el7.tuxcare.els1.x86_64.rpm
48176814d2ed4d31de4aacadccdba628343fec4c9839db5703d03b9278fdc220
orc-devel-0.4.26-1.el7.tuxcare.els1.i686.rpm
924bc0dd84a3b4005655d227fbea0c4a8d2cbbbfa63fddd178b546413ada3e2f
orc-devel-0.4.26-1.el7.tuxcare.els1.x86_64.rpm
520b12295e1090506e46bd4b85a25fce69625188a3ea1a4b1a51579d3992fdad
orc-doc-0.4.26-1.el7.tuxcare.els1.noarch.rpm
d07d172f4d11e25662a00d5aca7c26a213e9bd487eef9a3e65f875be8de8c588
CLSA-2024:1725882897
kernel: Fix of 4 CVEs
TuxCare License Agreement
0
- media: dvb-core: Fix use-after-free due on race condition at dvb_net {CVE-2022-45886}
- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 {CVE-2022-45919}
- bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() {CVE-2024-39487}
- net: fix __dst_negative_advice() race {CVE-2024-36971}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- media: dvb-core: Fix use-after-free due on race condition at dvb_net {CVE-2022-45886}
- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 {CVE-2022-45919}
- bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() {CVE-2024-39487}
- net: fix __dst_negative_advice() race {CVE-2024-36971}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm
e9bb01ba9418370734f98d1e613eedec9f6b696bec2336c1491fead7bfccd5e5
kernel-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm
ae8ee1b6b4c54ba86778097e7bea0dc801ee85dd2122d6863f201aad05a79fe6
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm
cff165a3237b06d31735cc5bd6006e920e01a3290f5147e279d1897e293aed44
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm
71c1d4bfc46da248be31c3e3e5fb47d8b67f2db4149d0a2d0d9acb2c4b55d8b7
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm
9352ac9acd91131641a734acbed4fe2a6f8f2aadf8c6be5efc2b80eb8c21a7ec
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm
7ba1a12fcd72fcc4a9909bbef13ebecadf4fbb77db204bd4939f35004abe9f8c
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm
a66a9860e7abcad4cb6ac8a4cc0212d4b90c8371b1b2b56b9d782550eb4cef0c
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm
ae3daec61dc3b151e222a78bea326ab0c54ef961bc87c7aa4fc695c52e0b9e18
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm
5b5e2d732f5712e633af5dbcccc5ff614bf0b0dae88b4cb07473fcd6fa9653c8
perf-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm
1d6a0704db8d8a7db91d432b5a4ec532f3f57cf1e51da8376ec387b746fa1e5d
python-perf-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm
d18068da76bf525f87c24645f6fdddcd3a8e24d6b189da2958ed5ef20f5ccf4b
CLSA-2024:1726313380
flatpak: Fix of CVE-2024-42472
TuxCare License Agreement
0
- CVE-2024-42472: access to files outside sandbox for apps using persistent
directories
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-42472: access to files outside sandbox for apps using persistent
directories
0
tuxcare-centos7-els
flatpak-1.0.9-13.el7_9.tuxcare.els1.x86_64.rpm
6ca0b442b555dbb5da201eb80c8d04f3307ce38a6af78fdd8d97f464696963cd
flatpak-builder-1.0.0-13.el7_9.tuxcare.els1.x86_64.rpm
0364689a1542360681cfc4887ae4b5a9cd6b6dd0429658e3f43ed3cb3bcbe39c
flatpak-devel-1.0.9-13.el7_9.tuxcare.els1.x86_64.rpm
ad19d31dffb2c4de4c595356b1e4bbdeab7771bbcac5fd8892fdec206ebf9e19
flatpak-libs-1.0.9-13.el7_9.tuxcare.els1.x86_64.rpm
e8cce63b47c7ab72c2b1e35d01936a1ef5492a2df743b28307618d0088b7a254
CLSA-2024:1726314403
Update of httpd
TuxCare License Agreement
0
- mod_proxy: Fix ProxySourceAddress binding failure with AH00938
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- mod_proxy: Fix ProxySourceAddress binding failure with AH00938
0
tuxcare-centos7-els
httpd-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm
4fec53163dbdda346b75ec6aec34300ab7d6f4c6472e9ce3b0e9fa71fd79d3b2
httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm
8b0c8bea40562dab0ea6600a9da434fbb6f8ef449bc2b09ff5bc751ed650b060
httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els7.noarch.rpm
d8131b32ed21266b832a3bb218f417101124481b377623475d43e7647926ad16
httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm
2223c7f4454e34edf5d86e43a9b05da8914a3f0ce8e7ec048747ffb5139ce4de
mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm
4a2d8b6111a3b427b442081cf95708de9812576395ce3933d9aac3d38c9490c0
mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm
6760f799f866f6299bd7f5037b0bb3d479b7b4e4a94fd00a1dbeb407b3c74faa
mod_session-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm
326ab803a44690612e6c409bbd43117393cced60157a10d5cc2e2c0e2e8e69f9
mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm
a8535ef2ed8e875077dd55a220c2088c8dd7137319902adab4a6b93a72bdd757
CLSA-2024:1726608591
expat: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2024-45490: Reject negative length for XML_ParseBuffer in xmlparse.c
- CVE-2024-45491: Detect integer overflow in dtdCopy on 32-bit platforms
- CVE-2024-45492: Detect integer overflow in nextScaffoldPart on 32-bit platforms
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-45490: Reject negative length for XML_ParseBuffer in xmlparse.c
- CVE-2024-45491: Detect integer overflow in dtdCopy on 32-bit platforms
- CVE-2024-45492: Detect integer overflow in nextScaffoldPart on 32-bit platforms
0
tuxcare-centos7-els
expat-2.1.0-15.el7_9.tuxcare.els2.i686.rpm
ae2d96373978a1429bddd5b33be8f1b92e35000aec2f17743bb9fc5e4971ea2c
expat-2.1.0-15.el7_9.tuxcare.els2.x86_64.rpm
b713302cfc1bcc7b4800361bdda6d2db4a35bd54986f68c5efbf395876d877f8
expat-devel-2.1.0-15.el7_9.tuxcare.els2.i686.rpm
877f7999b4e86f581798823d5c6276ccbb86f162afe66f81b88a6bba08be172e
expat-devel-2.1.0-15.el7_9.tuxcare.els2.x86_64.rpm
7bf9cd00f13fe37ac283a4431ac701b27ab574564e46a72517301a19f72583d4
expat-static-2.1.0-15.el7_9.tuxcare.els2.i686.rpm
83ccf7c2f94d61895b718b5fe40c3ac3b58eb86335fe4278201b749a4755e584
expat-static-2.1.0-15.el7_9.tuxcare.els2.x86_64.rpm
fac642c8af9dca8faebaf780b3a5c06222ff8cd63faa0f83197106293766033f
CLSA-2024:1726651745
kernel: Fix of 4 CVEs
TuxCare License Agreement
0
- drm/vmwgfx: Validate the box size for the snooped cursor {CVE-2022-36280}
- USB: ene_usb6250: Allocate enough memory for full object {CVE-2023-45862}
- Bluetooth: L2CAP: Fix attempting to access uninitialized memory {CVE-2022-42895}
- stm class: Fix a double free in stm_register_device() {CVE-2024-38627}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- drm/vmwgfx: Validate the box size for the snooped cursor {CVE-2022-36280}
- USB: ene_usb6250: Allocate enough memory for full object {CVE-2023-45862}
- Bluetooth: L2CAP: Fix attempting to access uninitialized memory {CVE-2022-42895}
- stm class: Fix a double free in stm_register_device() {CVE-2024-38627}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm
5a704460e51250eed4c9cb125466f628e54566e8cf1948eeb6e16e2b1097f011
kernel-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm
df8b18201545f4c20232a3f0f2087f59392818cc9436704ed843c40b31a9f4e9
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm
944d415e1a02d55fe3d81256680012875e1c4814eeeb123e5e62916994092604
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm
20fc73a0c82a4e98d8ca79876680abaeb38f4ceaf13cec4e6039728819ac0420
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm
271828abf3017914fb573863e28b52c3dbbf7ec09df5163dc7c0ad088776351b
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm
2f75bd903e9b1404ee7d437799ee9d4a795e83f6cccd427f27487b4ad247c629
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm
c02d70bc10d0ae1700513873f5c12a0dad621a27320afada1f14b746a61698ba
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm
c3a6cf753d929ff41205e8e34412737ea56a6f251339d2a9bd09fdb17e1fdb72
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm
86a6f5b3edc1dc132d2c78b179385feeed551921b0dc6221e14443249d5f0516
perf-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm
705bef00253a1f2660ff758d9586f9b27b775add9f0b6c0e72233b0be7633bcf
python-perf-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm
9d5004e29effa928f3a714957752c46c38e5ea0cafbdf9dfa33ba15552be8385
CLSA-2024:1726840907
krb5: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2024-37370: prevent modification of Extra Count field in GSS krb5 wrap
token to avoid appearing truncated to application
- CVE-2024-37371: fix invalid memory reads during GSS message token handling
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-37370: prevent modification of Extra Count field in GSS krb5 wrap
token to avoid appearing truncated to application
- CVE-2024-37371: fix invalid memory reads during GSS message token handling
0
tuxcare-centos7-els
krb5-devel-1.15.1-55.el7_9.tuxcare.els1.i686.rpm
63e772536988063d2b45ea00a0b9f0c525e84d3f5a34418ffaebcfdb14c9e8f3
krb5-devel-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm
5f8fe636de3de015de357b1cc053e6b1ca1b7910751bb0d09a70dbec95f8f2ba
krb5-libs-1.15.1-55.el7_9.tuxcare.els1.i686.rpm
4587eda79d19a6a91378a3a45df616f7e3c94c554d28c1f03fb8b4728fcf4251
krb5-libs-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm
db466ad7a32237ae7d651a9f99c441956e9b52d14f83ae28e38435b65fb8d5ff
krb5-pkinit-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm
70b69adc25fffd68ace6a7852bd6d78ac18518143d7a1a80554b82d07132b015
krb5-server-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm
e53c1c78f3d4f9f0d59da8f3277d9ceac3270680567c313c4b423ca247c63b4c
krb5-server-ldap-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm
e0c199eb6c77026b5adc28e09dd5d9d726a2ec84855f8c6bcedc7570802f2095
krb5-workstation-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm
c1777177b43028ac82bae70f65f69a3c3b60485be94cb5e7f977d214c6a785ba
libkadm5-1.15.1-55.el7_9.tuxcare.els1.i686.rpm
039244923ab4e5cf5cac98e6cba5fc45b12d78535643959fd1e71b1e0b9e8fba
libkadm5-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm
c2f7b6d8c77abf8e8ac1e7fb8581f15f8a02e2e7c0c4f3aa32808738a5f05cb1
CLSA-2024:1727115733
ruby: Fix of CVE-2021-41819
TuxCare License Agreement
0
- CVE-2021-41819: when parsing cookies, only decode the values
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-41819: when parsing cookies, only decode the values
0
tuxcare-centos7-els
ruby-2.0.0.648-39.el7_9.tuxcare.els5.x86_64.rpm
5c5be6d491830bb1d1156e5552c1296bdacf706995d2e314a628690fa7a99daf
ruby-devel-2.0.0.648-39.el7_9.tuxcare.els5.x86_64.rpm
ce55cd1e524e64c8853879e707c990eaaaedf512e93972c714e78640767995b4
ruby-doc-2.0.0.648-39.el7_9.tuxcare.els5.noarch.rpm
05dfa268b4124f4740b61e3a6f5a7426328b1600b9b6055855167f0f344de8a4
ruby-irb-2.0.0.648-39.el7_9.tuxcare.els5.noarch.rpm
16aa3828a6bc093de2548dac79aa70e4edbd346b401c488d3c60b126727ab6b2
ruby-libs-2.0.0.648-39.el7_9.tuxcare.els5.i686.rpm
deccc265640c08f9eb8092702f7d95af06f657e7a80f0652430c2c1621154a69
ruby-libs-2.0.0.648-39.el7_9.tuxcare.els5.x86_64.rpm
ea2c04febe601f2ec70a00b3afe7504ae68d49621dafcdeb411df8ff3e6dff1b
ruby-tcltk-2.0.0.648-39.el7_9.tuxcare.els5.x86_64.rpm
a0dc76f78dc2c95e1af2924f0e37810865f012c20f353ac24e3f6b9cecd881b7
rubygem-bigdecimal-1.2.0-39.el7_9.tuxcare.els5.x86_64.rpm
05ff0e106108c34035439618d1c9f5b5cd44c92f7d0c9ed6c025d64d0b151eca
rubygem-io-console-0.4.2-39.el7_9.tuxcare.els5.x86_64.rpm
aa59cff917d931e58f3da620f2a2c2b0833b24ff953aacd5e258fd81f0d604de
rubygem-json-1.7.7-39.el7_9.tuxcare.els5.x86_64.rpm
6048f1f40838ab944004ee1885326f2192cd0d90b72e90b78202f13007c1bd7e
rubygem-minitest-4.3.2-39.el7_9.tuxcare.els5.noarch.rpm
a9b647f05c3ac23635a51a3bd891b59fc45f7f6063c45c57b7fbfa5756185f73
rubygem-psych-2.0.0-39.el7_9.tuxcare.els5.x86_64.rpm
09ec84ae7682f3b7833bdff218e75ebdf7fffff188812646c078f03577bca3a2
rubygem-rake-0.9.6-39.el7_9.tuxcare.els5.noarch.rpm
7b5dd1a1e599b9a76bf55139c5721f99e120c4265b814194a88336e296cbd2a1
rubygem-rdoc-4.0.0-39.el7_9.tuxcare.els5.noarch.rpm
bbc40475b08db0d6c22fa96177d0bc8c88b2f41dad120c6e94f8095498df3e2d
rubygems-2.0.14.1-39.el7_9.tuxcare.els5.noarch.rpm
b2a92d4928071ef1f25a294c08b8f5442679d053471a6ba3f19e048ec49eb73a
rubygems-devel-2.0.14.1-39.el7_9.tuxcare.els5.noarch.rpm
31ab7bed3850080a4540e11e404b650ca34c239eac33dc34b8a961b45ba4f86c
CLSA-2024:1727167500
kernel: Fix of 11 CVEs
TuxCare License Agreement
0
- wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071}
- bnx2x: Fix multiple UBSAN array-index-out-of-bounds {CVE-2024-42148}
- exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882}
- scsi: aacraid: Fix double-free on probe failure {CVE-2024-46673}
- ipv6: prevent UAF in ip6_send_skb() {CVE-2024-44987}
- fou: remove warn in gue_gro_receive on unsupported protocol {CVE-2024-44940}
- media: xc2028: avoid use-after-free in load_firmware_cb() {CVE-2024-43900}
- dev/parport: fix the array out-of-bounds risk {CVE-2024-42301}
- mISDN: Fix a use after free in hfcmulti_tx() {CVE-2024-42280}
- netfilter: nftables: exthdr: fix 4-byte stack OOB write {CVE-2023-52628}
- Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg {CVE-2023-51779}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071}
- bnx2x: Fix multiple UBSAN array-index-out-of-bounds {CVE-2024-42148}
- exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882}
- scsi: aacraid: Fix double-free on probe failure {CVE-2024-46673}
- ipv6: prevent UAF in ip6_send_skb() {CVE-2024-44987}
- fou: remove warn in gue_gro_receive on unsupported protocol {CVE-2024-44940}
- media: xc2028: avoid use-after-free in load_firmware_cb() {CVE-2024-43900}
- dev/parport: fix the array out-of-bounds risk {CVE-2024-42301}
- mISDN: Fix a use after free in hfcmulti_tx() {CVE-2024-42280}
- netfilter: nftables: exthdr: fix 4-byte stack OOB write {CVE-2023-52628}
- Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg {CVE-2023-51779}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm
b30ce17e019314a558643fe0f0567739cec7b5cb32965f050ff978b49915d1ac
kernel-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm
8a36c9a229dc9fa3de95139d343860cfae85dcf71fd9bc8b51dc742d2ea2b7e1
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm
a9ae4472c9132b5424e4a32486d342b27864119bd9fa8fc2dfd2721a1ca9767f
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm
f5ddec77b77dea557d2ecbf29d042ff1d5496ec33de7e8bea867f7801397e7d6
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm
3be7a16207c71204f06a841be5ef29d87801b55f2726f4873aeca7bd956621b9
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm
b07f37818d84332cae6c6d83f3230bc9e9f2c02178847fd477bec2068d3ad5c8
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm
fd7c4fb774421190b7cd4c0274c1e4e8ab08caa16ac2dbc9599c5cddcf045c32
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm
34b96af261184fd3114e25dd62c1690a34a9d18f46693bc308739f0047598f09
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm
51968d99b3ff38fa3e9fce6ec3b13cbae32931885b73a47ad4e8c1d5f71e934f
perf-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm
3315c6f82e9df63de078cff7775dcf3b5855bf972b6d938898a57bd10c53b861
python-perf-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm
5537ea7013f0f10c4b90987b244f01573719d5cfb806e87c4eaa110764773791
CLSA-2024:1727287647
emacs: Fix of CVE-2024-48337
TuxCare License Agreement
0
- CVE-2024-48337: fix etags local command injection vulnerability
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-48337: fix etags local command injection vulnerability
0
tuxcare-centos7-els
emacs-24.3-23.el7_9.1.tuxcare.els1.x86_64.rpm
f1d74034e1fd85a29ddbce0b44671475ae22c5e85ea9a079fed974be58e47ecd
emacs-common-24.3-23.el7_9.1.tuxcare.els1.x86_64.rpm
cc46e7d81c6b448149df304ce09a36de92dfc3decf5ed4effba96d428bbc3893
emacs-el-24.3-23.el7_9.1.tuxcare.els1.noarch.rpm
d70f1bd2e4ab91549b4ecbddc67dba8b1c6665e7e46227460217ee3b569adcb2
emacs-filesystem-24.3-23.el7_9.1.tuxcare.els1.noarch.rpm
08405240700bf4a5a66bcf91a2a713ec13a02dca44b04f950373b650d478f7b5
emacs-nox-24.3-23.el7_9.1.tuxcare.els1.x86_64.rpm
16b36f2e8e18f802e5c0caa3deff37f148f14371bf0029b184ab26dd544f77a1
emacs-terminal-24.3-23.el7_9.1.tuxcare.els1.noarch.rpm
646e80f307b097b69b4bd656a791a8ef3fa0627532d99d443a9ac2290a38bcda
CLSA-2024:1727288321
linux-firmware: Fix of 2 CVEs
TuxCare License Agreement
0
- Update AMD CPU microcode for processor family 0x19:
cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A10F12(ver:0x0A101248),
cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00A00F12(ver:0x0A001238),
cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A00F11(ver:0x0A0011D5);
- Update AMD CPU microcode for processor family 0x17:
cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00830F10(ver:0x0830107C);
- Fix CVE-2023-31315 (AMD-SB-7014), CVE-2023-20592 (AMD-SB-3005)
- Update AMD CPU microcode to 2024-08-11
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update AMD CPU microcode for processor family 0x19:
cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A10F12(ver:0x0A101248),
cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00A00F12(ver:0x0A001238),
cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A00F11(ver:0x0A0011D5);
- Update AMD CPU microcode for processor family 0x17:
cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00830F10(ver:0x0830107C);
- Fix CVE-2023-31315 (AMD-SB-7014), CVE-2023-20592 (AMD-SB-3005)
- Update AMD CPU microcode to 2024-08-11
0
tuxcare-centos7-els
iwl100-firmware-39.31.5.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
972a45746c118820f9580a0dc2fa8350e754741f6ffbb9817ea1abb95482dd1b
iwl1000-firmware-39.31.5.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
4eeb982a0880e099445e605041075973b839905bf3bad37778ad73ea48ec1447
iwl105-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
80197e7824b424222f1019b69d5bf9700189d23e4385ed7f37694988e2f63ac3
iwl135-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
3c3d118822d3c059ace345d308f3945ecd8cf2d723492a252a9e39344cab1ce0
iwl2000-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
dba7c2091bdac96b2abb6fd90bdcad5bfa9580726ae059255afe20b14968c0bd
iwl2030-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
77f72940a00eee64df66dbf3b2e484deeb6b31f44e5573750fb932b7269e6a2e
iwl3160-firmware-25.30.13.0-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
8249c7a3cec20f4fc7f48faa1aa5a6de8c462a2ab84e68361befbae6dfb0f0e9
iwl3945-firmware-15.32.2.9-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
8a49153c461480cf55bbda858f76c639d82f551b4c9e5babec8f8ca633826c02
iwl4965-firmware-228.61.2.24-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
279ca7f090e4097ac32590b4d4d3294605aec2973f95970bc5a10ea0028b8863
iwl5000-firmware-8.83.5.1_1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
66bdcd352dbf0dad246b6427f4b268349416615b9de642042f444773128044f3
iwl5150-firmware-8.24.2.2-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
f9f3aa6691aa76433268554100f833ba115de8dd4c04d5c3c6e45df266f8fc0b
iwl6000-firmware-9.221.4.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
75e3a39cb350f1cb3b86e12ee249188f9abeebe3dc8928f271035782026bf083
iwl6000g2a-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
0138971c7f404ac5eacf3199a22a9b6f56bba8e4d9b1a0a0770fbba0c35cd8c1
iwl6000g2b-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
32d670fd74bb0ad74086b25ce1884cd060700a72b558a70ea1bb987f9a766a5c
iwl6050-firmware-41.28.5.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
d4dfd922dc7b34dff910293b473957c59385f83da3b2d7300ab5b10b9c9625c1
iwl7260-firmware-25.30.13.0-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
94b4f82646e76d7d03c6774eaa862270d21493fd99c08a4d8cfdab17f215e227
linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm
ac05923d38bc42ea87323ee40dd8d8387986d3ee6b9027ad872065fc966fb4bf
CLSA-2024:1727288730
php: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2020-7071: fix URL validation with functions like
filter_var($url, FILTER_VALIDATE_URL)
- CVE-2021-21705: fix URL validation functionality via filter_var() function
with FILTER_VALIDATE_URL parameter when an URL with invalid password field
can be accepted as valid
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-7071: fix URL validation with functions like
filter_var($url, FILTER_VALIDATE_URL)
- CVE-2021-21705: fix URL validation functionality via filter_var() function
with FILTER_VALIDATE_URL parameter when an URL with invalid password field
can be accepted as valid
0
tuxcare-centos7-els
php-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
91b96e592deef81589c491e475181ebdf470f512f68525e335e9777583a1fb45
php-bcmath-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
82125b8f28d81b53fd393e0bcb4d2aad0d4af1e7fc447342731e06e052a986f4
php-cli-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
616ea1249ee17763608b47ce06c46009b95e2fe81caef69e68e18531f6188165
php-common-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
237d09043ceb63c0603dae79843f06cf0ef7982a47a9f2e325f6da17f79ba87c
php-dba-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
c9ab93628bfafa0b11e84a5eac1c501b1631f91719fe5e9b31dd9a12522de5dd
php-devel-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
e7c609ce08d0864957842a5acc49fd271c28477a73c6096ff63d1fda16ac9431
php-embedded-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
3dfc5399761cce7afe98bd6ff5026e1af0bd305af6377302a871f66ef8a86d9e
php-enchant-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
24f3a9509415ef9acd5fdacc494d460034177b084c813dd4993da4dbc8d6c7db
php-fpm-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
face77e0d662e27366f4e7566355e0b251390531d9653ab84f1aae880b197d97
php-gd-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
ac1969c02eac9bda199a14d8d555a3e89f6d34c64dc0c64e84874d2e232b1622
php-intl-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
74f82f7a8a7b1ae2ac63e7d0884b71aacb2573d67733e70fe29be5b0fe039938
php-ldap-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
a8e417d65265bfdf16c50948ec976a098bc49b4c88a21263c64677cc1562602a
php-mbstring-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
9a146dc91ccb8ba33e275c989a0fa2ec2dd051a55cb5e25938ed28881407e168
php-mysql-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
fc73a4edd4148fcf91f45a07485e836b320260f3ff207e721b14706b808fe896
php-mysqlnd-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
57dbf9c80e9f3ef9c0861bd3ada198170fc5a9d668b1480d4d31fcd1daf88c03
php-odbc-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
4df45113ac6c13950983986e0d595f37e4855b31938be597c150450adf5e35b7
php-pdo-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
1c0eba16e0ea248cb6deceb15f8596c350102e32518f28455acc668a984fa40c
php-pgsql-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
da6e3b289cf8e9dccb9f39e893afd3dd5acad95224896e2477859ea57d3f68cd
php-process-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
13e9361bc7b713f32de3fe3c155fd9a074c936dd271dbef9ae6136bc25b812db
php-pspell-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
87273b7ed8fd579a4ff42883dc4d4bf5bececff2c8c4e5330debe7c1f5c1b950
php-recode-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
bb14bb347d2915c3b44f5fdf77d9b4fcd66990046edc33e84bf61f2616e08641
php-snmp-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
b6805a8e9780203c53d4c71859aa6e25215198b3e1195b9c327ef8c946387aa4
php-soap-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
49ea299924b52de5a18d0227cafb6169fbff57ecdb02542825ee0c6eca1d2a90
php-xml-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
a461739866d642872691e721f5c1450b1497ac7fe3e3d7043b3fbfceca99c458
php-xmlrpc-5.4.16-48.el7.tuxcare.els2.x86_64.rpm
cee2281d806b0314e73c262fe4caf971152e2d6ff16e26f2698dd1601ee7fa7a
CLSA-2024:1727289133
python3: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2024-6232: remove backtracking when parsing tarfile headers
- CVE-2024-7592: fix quadratic complexity in parsing "-quoted cookie values
with backslashes
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-6232: remove backtracking when parsing tarfile headers
- CVE-2024-7592: fix quadratic complexity in parsing "-quoted cookie values
with backslashes
0
tuxcare-centos7-els
python3-3.6.8-21.el7_9.tuxcare.els4.i686.rpm
bc2e4502e1fabf66232ff0f43f1151788d90e14c448d6c1ca284a7d0db11203b
python3-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm
018928f7ecf11b7758489cf664b022dd2b8261c9bd48560d332b8743cdee54d4
python3-debug-3.6.8-21.el7_9.tuxcare.els4.i686.rpm
4359722a03158295398fed6b755812ca88507a034003c895c3ad2bf90c0b1070
python3-debug-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm
10bbd5639e9bb81b98f10c36039f9ad1d3e96f939ebe53b6eaaa738d396a5bb3
python3-devel-3.6.8-21.el7_9.tuxcare.els4.i686.rpm
5a2032eac3c5367015c63a6017245cdb0cf43ba00a726ce2cbc1cc049ea5b8d2
python3-devel-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm
5fdef25a3109a005fa60e4e8e34d1e1fc7838b68b53934445eabb57d74616f71
python3-idle-3.6.8-21.el7_9.tuxcare.els4.i686.rpm
b8b082040eda32e39efe352458ef6f375429ebc533d78a3a7f835d1d3371be71
python3-idle-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm
eacf88a4509dd5c65be6f9b54746b3e8f6d22557d9b80cdb78c521d207d11145
python3-libs-3.6.8-21.el7_9.tuxcare.els4.i686.rpm
bd6d0fd326e16db6145fcfa8abd73c9d2183b90506a230c929e85668236fd354
python3-libs-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm
3bfb8d3df2d5b13a921cd102f614a0c5fc540a57c133d58bbaa20557c8e4c0ac
python3-test-3.6.8-21.el7_9.tuxcare.els4.i686.rpm
f801d80020c7a340a27c943822ec341ea65a0b65c15b3c6267dbe2dea8b36965
python3-test-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm
7cfb03fc4ee2b473f1d5d01aed96122ce247938d9ed6141c35686bd3e69b30f2
python3-tkinter-3.6.8-21.el7_9.tuxcare.els4.i686.rpm
9ad11a66ba70d403360cbee149f2128290581761d2529cd030d9b762eb061283
python3-tkinter-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm
294e8ea7c05e97e60c59f0dbf4cf35a3e349d91da787db72cfb24fc72621d903
CLSA-2024:1727289456
python: Fix of CVE-2024-6232
TuxCare License Agreement
0
- CVE-2024-6232: fixed regular expressions that allowed excessive
backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS
via specifically-crafted tar archives.
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-6232: fixed regular expressions that allowed excessive
backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS
via specifically-crafted tar archives.
0
tuxcare-centos7-els
python-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
84ddd876f26a6a87440641144dd8358445e414d0b491f54bd995bf8a4dceecac
python-debug-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
f1aaeb71dc3f410e7c1dfa89fd877a8e727356c885378fbc3732c1f9f4622238
python-devel-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
c62ef0c759a86b15187c9547802f3694954e36520563f5b618c4d0ca347f98d1
python-libs-2.7.5-94.el7_9.tuxcare.els4.i686.rpm
59a0bbb309c161a5082e8142fbb15f1589f32c45d6a23ef3e0a3010a8c0b345d
python-libs-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
b46c246b21227c46c617bb933f2d6acfb0945c5df60739cf1fdf3e94c2106870
python-test-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
ee2c8d8e72326779f61f003bb5a151050ba8ed903429d23b91dfc187bafb56a1
python-tools-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
532fdf0290bfed042fc0e808c9ec5d05b0d5829ee5f88a9feb165124d1f0bee0
tkinter-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
a3cf13aa9f33939c214389f5e646327285e7b18d469c5cf7e75e61a75063b6b2
CLSA-2024:1727692412
kernel: Fix of 5 CVEs
TuxCare License Agreement
0
- sch/netem: fix use after free in netem_dequeue {CVE-2024-46800}
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() {CVE-2024-46738}
- drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number {CVE-2024-46724}
- drm/amdgpu: fix ucode out-of-bounds read warning {CVE-2024-46723}
- drm/amdgpu: fix mc_data out-of-bounds read warning {CVE-2024-46722}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- sch/netem: fix use after free in netem_dequeue {CVE-2024-46800}
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() {CVE-2024-46738}
- drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number {CVE-2024-46724}
- drm/amdgpu: fix ucode out-of-bounds read warning {CVE-2024-46723}
- drm/amdgpu: fix mc_data out-of-bounds read warning {CVE-2024-46722}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm
97df0e85d02dc921e402d7cac7a8225949b5b0a0245bc6126fab143edf7b377e
kernel-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm
35202408c77d7b5e927c35a067fbfea716607e8e8176709feebc4069788daa5a
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm
6ac9d7ce91df0264b9890dfc4dc0e046bbbb01b69cee4d3582a6659aae60d55d
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm
38c751776590bd4f6695a86b157b9f9e9540bfd4cdb1ed25fd3eace03c7809d1
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm
4bee98ef7aa42e117610fc61489b17d99e6d2dc6469030e29a2f92a7b96bec38
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm
25346b7ba17d9aab0ab1e87fac5c793ad0704acea7f85ea29edee4f84a761d49
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm
149c1b71327a7596004725dd9682e10d1211091f19ec0b3fb5689f2097bed1bd
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm
a0afe2252411bd8a2b80d7c8770653502af55bd5e36df784b35b9c65c2e1e682
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm
ab38a0b23c7c2952d48ae78790012b2b48053c9e7462a9d90cbe238b7da28b99
perf-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm
9f57debf1af47dcb0217a9d473e267b89bd1561f1e800e07b93dbb32e8ac9798
python-perf-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm
9c198c6778caf1c2791521085f5aadeaa403ae3f7ae7213eef64896087838ba4
CLSA-2024:1727980155
python: Fix of CVE-2024-7592
TuxCare License Agreement
0
- CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess
CPU resources while parsing the cookie value.
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess
CPU resources while parsing the cookie value.
0
tuxcare-centos7-els
python-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm
458f1959ee24a74c42bc7a44abf96f3b6a0571b0eb014c9eda9035e7219d4b53
python-debug-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm
1b221a91c6d5f3144118b239f9d2320da0e2f2296718cf2002b26da6bca7c02b
python-devel-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm
3a7528aa0cfe5c7326b17494f64d4be314778707fbac2b7f5170e6c83ed73f3c
python-libs-2.7.5-94.el7_9.tuxcare.els5.i686.rpm
a436b91e7b21e9df5ce1ff1de8add8cbf25b4305d95f3390afefedf41fe42b35
python-libs-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm
beb13236051ba6f39129b4b670eec1b54d1a52db49ffde6ac84fc912a52fcf72
python-test-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm
74228514a2c3edd15a1231f27ccefcc708d0b90f738d164e4c169a8fadb2b608
python-tools-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm
a1094755449666c47622bf641abd122939112a9534897ae6dcf46ed05db0ddc6
tkinter-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm
908e0e7e0478b565fbf087decb5795bcc917e9b3a9871439b78dc569aa6d004c
CLSA-2024:1728055873
emacs: Fix of CVE-2022-45939
TuxCare License Agreement
0
- CVE-2022-45939: fix ctags local command injection vulnerability
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-45939: fix ctags local command injection vulnerability
0
tuxcare-centos7-els
emacs-24.3-23.el7_9.1.tuxcare.els2.x86_64.rpm
3fac01b08a9b2b36f021f78146e11a9ba1d752f4d08752de079618b7926474c2
emacs-common-24.3-23.el7_9.1.tuxcare.els2.x86_64.rpm
d36aebaa43b36d88dc3e8748f784a0bb7b99405cb440b7a719f9822361474c72
emacs-el-24.3-23.el7_9.1.tuxcare.els2.noarch.rpm
05656bc05f85c73f3d8232d05da9250ae2533748de686d3bd7276fc0b69c3ea7
emacs-filesystem-24.3-23.el7_9.1.tuxcare.els2.noarch.rpm
fba14e9a91e33c96686bb035bf45b4c749fbf0ce70abba6c16eac466d4e800c4
emacs-nox-24.3-23.el7_9.1.tuxcare.els2.x86_64.rpm
3c0b011e6e2242d432815ed55665c737ba84524773a7ab47988cb4c5607cf961
emacs-terminal-24.3-23.el7_9.1.tuxcare.els2.noarch.rpm
041a4137cb48c9af12b978935f7a240d30cab630f9fe788bdd54bdd0ae770043
CLSA-2024:1728056039
gtk3: Fix of CVE-2024-6655
TuxCare License Agreement
0
- CVE-2024-6655: fix loading library from unstrusted search path
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-6655: fix loading library from unstrusted search path
0
tuxcare-centos7-els
gtk-update-icon-cache-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm
fa425078b1643b37210e3e00de791c6545c982b490fffd29e7392c8af4bf27fb
gtk3-3.22.30-8.el7_9.tuxcare.els1.i686.rpm
5f4032175927765b7a928a908310b4c219316c4a09024076ea68cd8fbfb2945e
gtk3-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm
44f7174e33ad124134ae0e42ad2ab8167f4df1f90d83f2ae71909fdae7a7f1e7
gtk3-devel-3.22.30-8.el7_9.tuxcare.els1.i686.rpm
cc6daf73983c6753432e49453349b7bef4512a1f852c60989b383ce8681ec0b0
gtk3-devel-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm
817ec1382680bef91f8a451295583703b04841f9867be259af9f37e642979277
gtk3-devel-docs-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm
6de049e9ee3b32dbc7a4ffa0910607875a6b365dce52f8ed6af5c767833220ea
gtk3-immodule-xim-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm
cc016935577144145587f50a92e4c82f2f3833f6e04b5bf854ea6051776e28b0
gtk3-immodules-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm
bc0ca6a028ed811e8dc163857782bd5b275eca27de1df10a02a419cce3b3efd4
gtk3-tests-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm
f59fda2b94beaa556dc9206bad91b47cd2a41d65350b26098b378445618c4183
CLSA-2024:1728297353
kernel: Fix of 5 CVEs
TuxCare License Agreement
0
- drm/amd/pm: fix the Out-of-bounds read warning {CVE-2024-46731}
- hwmon: (w83627ehf) Fix underflows seen when writing limit attributes {CVE-2024-46756}
- hwmon: (lm95234) Fix underflows seen when writing limit attributes {CVE-2024-46758}
- hwmon: (nct6775-core) Fix underflows seen when writing limit attributes {CVE-2024-46757}
- kernel/exit.c: avoid undefined behaviour when calling wait4() {CVE-2018-10087}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- drm/amd/pm: fix the Out-of-bounds read warning {CVE-2024-46731}
- hwmon: (w83627ehf) Fix underflows seen when writing limit attributes {CVE-2024-46756}
- hwmon: (lm95234) Fix underflows seen when writing limit attributes {CVE-2024-46758}
- hwmon: (nct6775-core) Fix underflows seen when writing limit attributes {CVE-2024-46757}
- kernel/exit.c: avoid undefined behaviour when calling wait4() {CVE-2018-10087}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm
5cd1482096bec2293a219efa7b5e4818c88188dc2c23a29d66349f76886a2c07
kernel-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm
b90f672950d3784cce0f87ab79acaee264f7dfc80e4f2d87273bff1ec596d380
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm
12abfe328eb10c044869c8300ed8a0c9438af9f7ac2f23e7a9dd70ffabca18bf
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm
df722cd5c50d2b0dced5c57c668f2d45be3b118fd1464687f939da5d85265a2e
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm
d0daf8004ace74cd77a19127847f4d1b731aa4359160e068b5ff8500d6bb0aea
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm
1fcd66051e5791fe5ef150a4a8ad51c6d4da06e8b0b37ff202a0af288eff4075
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm
086bb96816ca37b5788b3c370f0711ac8c776d23eea78c378b704a0b57a240cc
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm
61daaae06407041abd869fe88afea08094430bb4a434752552540bbddc03ae09
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm
573269f54a8015a92a626d1af2b3058233f3fd1c462e644247e38a95df73e8a3
perf-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm
92022c1b3d694bea05c7f6385a0e9f5082a76a44ed9afc87319b976daeab1066
python-perf-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm
1c998fe49c371eee228025a6ac191dfbf937c95f3a49781dba2591d69db2a8df
CLSA-2024:1728934930
emacs: Fix of CVE-2024-39331
TuxCare License Agreement
0
- CVE-2024-39331: do not expand link abbrevs that contain unsafe function
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-39331: do not expand link abbrevs that contain unsafe function
0
tuxcare-centos7-els
emacs-24.3-23.el7_9.1.tuxcare.els3.x86_64.rpm
a51710636afbf87ea07b5ac6fd47a862faf6e5f38d68d91930c9c0e2ed88ab83
emacs-common-24.3-23.el7_9.1.tuxcare.els3.x86_64.rpm
e2aa5131cb96d61e2d39f9791259c76813581b55333bd2afbd5fbe137b847a14
emacs-el-24.3-23.el7_9.1.tuxcare.els3.noarch.rpm
45cfd5d1ed8f02274423bd2cea54b287eaec6e7838d28f02a10993aafdc998c1
emacs-filesystem-24.3-23.el7_9.1.tuxcare.els3.noarch.rpm
2c99f8ac8e50bf32ba123593cd0cbbb6796b224f2a9739224d0a3314fb9460e2
emacs-nox-24.3-23.el7_9.1.tuxcare.els3.x86_64.rpm
48cb7344cdc7877c963a17bc9c8d19469aa7fe50f9bb0a7c16d1a05c1924be35
emacs-terminal-24.3-23.el7_9.1.tuxcare.els3.noarch.rpm
cdc74a32f6e6bb4b8d35c81adeac6d0575331e688b1d7a346fd55d4721a79b0d
CLSA-2024:1728935304
kernel: Fix of 12 CVEs
TuxCare License Agreement
0
- xfs: don't walk off the end of a directory data block {CVE-2024-41013}
- net/sched: cls_u32: fix netns refcount changes in u32_change() {CVE-2022-29581}
- net/packet: fix slab-out-of-bounds access in packet_recvmsg() {CVE-2022-20368}
- openvswitch: fix OOB access in reserve_sfa_size() {CVE-2022-2639}
- net: sched: fix use-after-free in tc_new_tfilter() {CVE-2022-1055}
- wifi: cfg80211: fix BSS refcounting bugs {CVE-2022-42720}
- wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans() {CVE-2022-41674}
- igmp: Add ip_mc_list lock in ip_check_mc_rcu {CVE-2022-20141}
- af_key: Do not call xfrm_probe_algs in parallel {CVE-2022-3028}
- drm/amd/display: Check gpio_id before used as array index {CVE-2024-46818}
- drm/amd/display: Check link_index before accessing dc->links[] {CVE-2024-46813}
- Squashfs: sanity check symbolic link size {CVE-2024-46744}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- xfs: don't walk off the end of a directory data block {CVE-2024-41013}
- net/sched: cls_u32: fix netns refcount changes in u32_change() {CVE-2022-29581}
- net/packet: fix slab-out-of-bounds access in packet_recvmsg() {CVE-2022-20368}
- openvswitch: fix OOB access in reserve_sfa_size() {CVE-2022-2639}
- net: sched: fix use-after-free in tc_new_tfilter() {CVE-2022-1055}
- wifi: cfg80211: fix BSS refcounting bugs {CVE-2022-42720}
- wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans() {CVE-2022-41674}
- igmp: Add ip_mc_list lock in ip_check_mc_rcu {CVE-2022-20141}
- af_key: Do not call xfrm_probe_algs in parallel {CVE-2022-3028}
- drm/amd/display: Check gpio_id before used as array index {CVE-2024-46818}
- drm/amd/display: Check link_index before accessing dc->links[] {CVE-2024-46813}
- Squashfs: sanity check symbolic link size {CVE-2024-46744}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm
53b989659b024c32af63b247bd3af9cfd5854df49df28f064b436fea7c7f40ad
kernel-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm
89bc4cac8b8efac970d5f00dcef004410fd25f4ed234ea32ce540782069ad972
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm
a16f430b40fa68a5e462589ea1bd6f2d3bdf69f10a574ebce1bb275bffe733dc
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm
89dea9017746e030e5630d133a52547cc0504e85a2229644ef74c42c273c8e99
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm
8a9e78584e9df243b57f97fe0fd7c0af317b0e74b0d2afcba61643b67247a4c5
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm
f15defb7a720a57b534471f19ff7348b8d71682b5d92aada816f306fe15bbb9e
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm
64e93d500ff631069d3728d9dd99c5c473a40b826ac1f39f37258de88253c28f
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm
b7e6ddb8bf73dc2dc029b5aaca56b745d8a1b9f94b7bb83b9f6e0c677a4076cc
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm
4fa9af4436e6c1e627af5383440eb0b8aaeddd01639bf896166c4668e8f7ba8c
perf-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm
9e5077685ed8fe3bf3535d27ed33b3dea8abcb4bfeef28173204650cfc2b399d
python-perf-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm
45454fc2e41dc9e8bb13fc202f36eee19f04cac6c41c22fe055ba4fd3a39db4c
CLSA-2024:1729512774
python-pip: Fix of CVE-2024-37891
TuxCare License Agreement
0
- CVE-2024-37891: strip Proxy-Authorization header on redirects
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-37891: strip Proxy-Authorization header on redirects
0
tuxcare-centos7-els
python3-pip-9.0.3-8.el7.tuxcare.els1.noarch.rpm
a9d2d61394c21551134d18ef051e068887f828135ea9c6631f0b96d632ed3e5d
CLSA-2024:1729513208
unbound: Fix of CVE-2023-50868
TuxCare License Agreement
0
- CVE-2023-50868: avoid availabiluty of the remote attackers to cause a
denial of service using DNSSEC
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-50868: avoid availabiluty of the remote attackers to cause a
denial of service using DNSSEC
0
tuxcare-centos7-els
unbound-1.6.6-5.el7_8.tuxcare.els3.x86_64.rpm
a132545f34cf0706b21f527fa5bd2742128080e0135f829ed783d8a1d88cd22a
unbound-devel-1.6.6-5.el7_8.tuxcare.els3.i686.rpm
15f60a115d85f869a0aa90c3ef1e2d55863de5b097d3a39543294273dd8cfbf5
unbound-devel-1.6.6-5.el7_8.tuxcare.els3.x86_64.rpm
7ac1f09f7c88bdd78241ced4b4f514d75f79e3166afe9f9c7ad0a15c7f9a2e5e
unbound-libs-1.6.6-5.el7_8.tuxcare.els3.i686.rpm
68529e2e355673f3c5670b69252eec62e3bbf4f2b31d2ff60d72efe4890f202a
unbound-libs-1.6.6-5.el7_8.tuxcare.els3.x86_64.rpm
7ed3d7d86af5e7d2ed238601e8e397aa0756db054e4fe490b50b7a35354a7ec6
unbound-python-1.6.6-5.el7_8.tuxcare.els3.x86_64.rpm
7de7987a2cf44ac9932a3e25696a05a8865a8436c48d40a4872d099dc959f092
CLSA-2024:1729546973
libtiff: Fix of CVE-2024-7006
TuxCare License Agreement
0
- CVE-2024-7006: check return value of _TIFFCreateAnonField()
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-7006: check return value of _TIFFCreateAnonField()
0
tuxcare-centos7-els
libtiff-4.0.3-35.el7.tuxcare.els2.i686.rpm
2cd77bde84147349654353887e19f26b76641db0a0b082a42e528629f06df9a6
libtiff-4.0.3-35.el7.tuxcare.els2.x86_64.rpm
91738eefb26a1df5267d49b100edc60f676f5a6a8d80b768deadf016fef88a20
libtiff-devel-4.0.3-35.el7.tuxcare.els2.i686.rpm
3e27671824faa9e89a28a782efe97b5e287e577c7ed530acd5785ba5dd96504e
libtiff-devel-4.0.3-35.el7.tuxcare.els2.x86_64.rpm
6a31876e08323eab9a6ab850183648befdcb74a88ab304a86ed0593a61de3cf2
libtiff-static-4.0.3-35.el7.tuxcare.els2.i686.rpm
63cf40eb0e24f3edb45b6b8d263502bec9134fe1e6378d27e840498caeff47d1
libtiff-static-4.0.3-35.el7.tuxcare.els2.x86_64.rpm
873d0c4a9c83a7626a1f4933825a14abc7a81f9fe68a7f53c8df4eddb816994d
libtiff-tools-4.0.3-35.el7.tuxcare.els2.x86_64.rpm
422fb8fb9189919e8b8ba4e516a960a1639ea48a229d22b3e7f1857a01874a2f
CLSA-2024:1729628764
php: Fix of CVE-2024-8927
TuxCare License Agreement
0
- CVE-2024-8927: Fix bypass of cgi.force_redirect configuration
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-8927: Fix bypass of cgi.force_redirect configuration
0
tuxcare-centos7-els
php-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
387a2c4f23e7837cc611f3de4d4ecb1670766a91fa3dd3f2e8c7a4a2a8a5c6d9
php-bcmath-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
dc5ff40b54c3a100a6b63b12e9793386324f5a78f9f83d09a74456b87dc2b32c
php-cli-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
2e1bfae07bdc63164b39e2809e1db16cff07130468db9b3b058ece0b185b81d9
php-common-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
862e023bbf8551a8c8bf38ff1b24160886b55d7bc003b79ea5df86464b95def1
php-dba-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
9fc3c69d8ccf8eceb41d5729f39a50b5e34487eb25ec5ddf8f324e31ea2c817b
php-devel-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
4d521228f84916f1eef125be10316068c291fd3896ca656e91bb504c87456378
php-embedded-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
68bf0ac0ae3dc216e477f7321262ee76a949b66bc6380c062f3c6823aab5e838
php-enchant-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
0f843c964ddf8a062cb6b45a645d1cad12d804908660b2b9990228f601842dbe
php-fpm-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
6f454b18e1470b046aeafec19f8c6bc61bef93099915155d85acad3ec9cd1fec
php-gd-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
face26db9412d007ecc6bb14f4755f69decd949915455458cf74a9e78db53e8e
php-intl-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
229bcbf128ace2df44dbe8b3c1d0e2b15cd8a7226a019c73865bfe3082b66caa
php-ldap-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
b16f9afdd49d8a9ae884c3297de4ee7964da7bc8d860487e6e7f0d704e04f991
php-mbstring-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
b335f1eb78b0878d2f7f62148e7e9d15f5b3b53bc6d51c832bc85b806fe37b9b
php-mysql-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
8d678660e26bc09c000ede32cab8bd51acf7653b3e5c69fdc344883720bdce7d
php-mysqlnd-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
fb5c18c77cd9744de411b4aec34804822aed195b37e22f9e04bd277f99a9bdc3
php-odbc-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
681766ea467b5fdffa274354f5a790be359e32b53dba58ca23172f068c5b9e5c
php-pdo-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
cfe2b879af44b643e20db054e54394c16573b097e990a41639bb52b3303c6b0d
php-pgsql-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
d826aa733952d7ee856d2c55e3adebf2fb794de2191d7a97e8ab673238126d79
php-process-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
350dda2244bf7bf58ef19e988c044b84060116860e322155c8ed1737883279e9
php-pspell-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
0b00ee0ceea0a3769fd7ad213776858f9950467450dfed2a9d2a99b38ea10f47
php-recode-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
501e7b821cc90fa0e276c9fb7881e2a35d8d6b7271ce3430eb57b5b35914e96c
php-snmp-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
c396e0d2b4a4bba2a817af287208d715a97b1943a12f6e10e6bee210c8115bd3
php-soap-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
0bfdd76ca5e418423ad3de93de788ae8c7e95761ca3ced9df68da7398c875e05
php-xml-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
6b184d42e4861103f63616c6cd03e543bda4b9d5e9e5454cd4d85026dcbaea43
php-xmlrpc-5.4.16-48.el7.tuxcare.els3.x86_64.rpm
1d27f3a830bb24bfad6491f1811e11caca4700808a53fc3dd4ac675c6b834cea
CLSA-2024:1729629058
python-lxml: Fix of CVE-2021-43818
TuxCare License Agreement
0
- CVE-2021-43818: prevent certain crafted script content passing
through in HTML Cleaner
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-43818: prevent certain crafted script content passing
through in HTML Cleaner
0
tuxcare-centos7-els
python-lxml-3.2.1-4.el7.tuxcare.els1.x86_64.rpm
92a16c452c1cce219ac9204ab7e461762a0b186efac71a6545cb64bd278e3d06
python-lxml-docs-3.2.1-4.el7.tuxcare.els1.noarch.rpm
02b09bda667ef686d25a6dee1a16a32589ab5bcd04bede9d386447d802b4c35c
CLSA-2024:1730141462
php: Fix of CVE-2024-8925
TuxCare License Agreement
0
- CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data
boundaries larger than the read buffer
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data
boundaries larger than the read buffer
0
tuxcare-centos7-els
php-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
dc9004a41866e50744ac343ea5172ca9d8d1ba5c02b48c3827a6cc2c8f844644
php-bcmath-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
20a352b742b4de41455830bfb572d7806dd25f2672e900899d15b452b6bf8d08
php-cli-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
a167f2b88f836809bed2a26275a952646879c92b3084f4a1b493ffd722574cf6
php-common-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
a5ec1a406eaac9ed19969c9d198a9a05386bf724647aa65dcd50f21e606cd82e
php-dba-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
9f2299fc775b2b1dc7dd188483e928a358ac1db51b9fce6cad43c1efa601deae
php-devel-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
990b6b1c1411fd54d1b9cdce6df08d41f2ec5018f255f5502e56079680ba5f27
php-embedded-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
6575f90cc605fc58dd4cf5fefd149c7451952f05ebe3c194a5f81b78d65e432a
php-enchant-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
f4d8c754f2ae7ad679956584cf14d9c43645d949b82346c3e065d5dcafa1023f
php-fpm-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
4f035ccedd3717b5d775980c88965547f7831fc451516bb010620a8ffb429510
php-gd-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
f151d842bf7b9c18cc21ce99890ce2383066814cc1e6dd86941ae5b1c61cfd95
php-intl-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
72d9f6d425f4b102aaa5c9078cbfcdc5e7ac3ef208d954feea15f07a40868481
php-ldap-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
831e5b2605a9de18e6f6a5ee1471e783fb2fbb87e72018aeabc4dfdeabac9d84
php-mbstring-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
a133d22c28fe7343f01c087ff8feb1616483767fb5cd4d648b10283dd5494680
php-mysql-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
3a0fa6882e2df47075c580d8c1ad0f5e06150aaad4fe9e51682a642da9868caa
php-mysqlnd-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
4bfeafd4d3c19cd4dd6cbfb943213f97facb9c7169daa3420a1dd7702857aeff
php-odbc-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
fb66c9eda0d8156f481c0da980e5b8a60bcdfceb488f59903e6e68e0ab4d012f
php-pdo-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
6f28898c9b331dc291cdbf51ba36ea7a895009d7e95840994b5ea51d6b180615
php-pgsql-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
1a8f00f727a16ec9b7201353c6303d3d2b5e3759f48998cae94eccf267410bc1
php-process-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
19d87749f0c7a8dff26f3bcaa88bedebf6b6ebfcd64196342fc4dec98f6564eb
php-pspell-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
339db7c4909891a6577ef0956959e0df1a2520c25b4ee74f63c77fbbca720068
php-recode-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
96d8249667a288f1f1f528448c56f508a339dc9b8214a773d8a0746bd940d0ad
php-snmp-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
766c848d33c151b0e6c94f5976b4fe0409c9231d93990c450835f1e479d106ab
php-soap-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
67b04d40821052acad65dd1e966291c7a3b2b23465c14bce70208ce88448c5c1
php-xml-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
1101980d7ccc6fcfdf5abdbc4d233f6c4437bcc8c676bbda5ada9ceb136a237a
php-xmlrpc-5.4.16-48.el7.tuxcare.els4.x86_64.rpm
e7cad3360f95d5f9b54e5f357134021f15c20cf55e3c144578d8dc83c3a506d8
CLSA-2024:1730142448
python-setuptools: Fix of CVE-2024-6345
TuxCare License Agreement
0
- CVE-2024-6345: modernize package_index VCS handling
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-6345: modernize package_index VCS handling
0
tuxcare-centos7-els
python-setuptools-0.9.8-7.el7.tuxcare.els1.noarch.rpm
2d65a9578ff7341068662edfbbf01af000fa40acc47043307fd4a93b5d809d9a
CLSA-2024:1730142536
python-urllib3: Fix of CVE-2024-37891
TuxCare License Agreement
0
- CVE-2024-37891: strip Proxy-Authorization header on redirects
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-37891: strip Proxy-Authorization header on redirects
0
tuxcare-centos7-els
python-urllib3-1.10.2-7.el7.tuxcare.els1.noarch.rpm
746ccf29a96cf40f83d12e8e51be8acf8b621138de70d14dd4f7a77232cedf2b
CLSA-2024:1730298688
Update of microcode_ctl
TuxCare License Agreement
0
- Update Intel CPU microcode to 20240813:
- Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000390;
- Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x35;
- Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x433;
- Addition of cpuid:A06A4/0xe6 microcode (in microcode.dat) at revision 0x1e;
- Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x4121;
- Addition of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) at
revision 0x4121;
- Addition of cpuid:B06A8/0xe0 microcode (in microcode.dat) at revision
0x4121;
- Addition of cpuid:C06F1/0x87 microcode (in microcode.dat) at revision
0x21000230;
- Addition of cpuid:C06F2/0x87 microcode (in microcode.dat) at revision
0x21000230;
- Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision
0x2c000290;
- Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at
revision 0x2c000290;
- Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision
0x2c000290;
- Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000290;
- Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x32;
- Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x430;
- Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x411c;
- Update of cpuid:50653/0x97 (SKX-SP B1) microcode (in microcode.dat) from
revision 0x1000181 up to 0x1000191;
- Update of cpuid:50656/0xbf (CLX-SP B0) microcode (in microcode.dat) from
revision 0x4003604 up to 0x4003605;
- Update of cpuid:50657/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat)
from revision 0x5003604 up to 0x5003707;
- Update of cpuid:5065B/0xbf (CPX-SP A1) microcode (in microcode.dat) from
revision 0x7002703 up to 0x7002904;
- Update of cpuid:50665/0x10 (BDX-NS A0/A1, HWL A1) microcode (in
microcode.dat) from revision 0xe000014 up to 0xe000015;
- Update of cpuid:506F1/0x01 (DNV B0) microcode (in microcode.dat) from
revision 0x38 up to 0x3e;
- Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from
revision 0xd0003b9 up to 0xd0003e7;
- Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from
revision 0x1000268 up to 0x10002b0;
- Update of cpuid:706A1/0x01 (GLK B0) microcode (in microcode.dat) from
revision 0x3e up to 0x42;
- Update of cpuid:706A8/0x01 (GLK-R R0) microcode (in microcode.dat) from
revision 0x22 up to 0x24;
- Update of cpuid:706E5/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from
revision 0xc2 up to 0xc6;
- Update of cpuid:806C1/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat)
from revision 0xb4 up to 0xb8;
- Update of cpuid:806C2/0xc2 (TGL-R C0) microcode (in microcode.dat) from
revision 0x34 up to 0x38;
- Update of cpuid:806D1/0xc2 (TGL-H R0) microcode (in microcode.dat) from
revision 0x4e up to 0x52;
- Update of cpuid:806E9/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from
revision 0xf4 up to 0xf6;
- Update of cpuid:806E9/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
microcode.dat) from revision 0xf4 up to 0xf6;
- Update of cpuid:806EA/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
microcode.dat) from revision 0xf4 up to 0xf6;
- Update of cpuid:806EB/0xd0 (WHL-U W0) microcode (in microcode.dat) from
revision 0xf4 up to 0xf6;
- Update of cpuid:806EC/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode
(in microcode.dat) from revision 0xf8 up to 0xfc;
- Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision
0x2c000290 up to 0x2c000390;
- Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from
revision 0x2c000290 up to 0x2c000390;
- Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision
0x2c000290 up to 0x2c000390;
- Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:90661/0x01 (EHL B1) microcode (in microcode.dat) from
revision 0x17 up to 0x1a;
- Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from
revision 0x32 up to 0x35;
- Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from
revision 0x5 up to 0x7;
- Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from
revision 0x430 up to 0x433;
- Update of cpuid:906C0/0x01 (JSL A0/A1) microcode (in microcode.dat) from
revision 0x24000024 up to 0x24000026;
- Update of cpuid:906E9/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
microcode.dat) from revision 0xf4 up to 0xf8;
- Update of cpuid:906EA/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat)
from revision 0xf4 up to 0xf8;
- Update of cpuid:906EB/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from
revision 0xf4 up to 0xf6;
- Update of cpuid:906EC/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat)
from revision 0xf4 up to 0xf8;
- Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat)
from revision 0xfa up to 0x100;
- Update of cpuid:A0652/0x20 (CML-H R1) microcode (in microcode.dat) from
revision 0xf8 up to 0xfc;
- Update of cpuid:A0653/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from
revision 0xf8 up to 0xfc;
- Update of cpuid:A0655/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat)
from revision 0xf8 up to 0xfc;
- Update of cpuid:A0660/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from
revision 0xf8 up to 0xfe;
- Update of cpuid:A0661/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat)
from revision 0xf8 up to 0xfc;
- Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from
revision 0x5d up to 0x62;
- Update of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) from
revision 0x11d up to 0x123;
- Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from
revision 0x411c up to 0x4121;
- Update of cpuid:B06E0/0x11 (ADL-N A0) microcode (in microcode.dat) from
revision 0x12 up to 0x17;
- Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x32 up to 0x35;
- Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x32 up to 0x35;
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update Intel CPU microcode to 20240813:
- Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000390;
- Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x35;
- Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x433;
- Addition of cpuid:A06A4/0xe6 microcode (in microcode.dat) at revision 0x1e;
- Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x4121;
- Addition of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) at
revision 0x4121;
- Addition of cpuid:B06A8/0xe0 microcode (in microcode.dat) at revision
0x4121;
- Addition of cpuid:C06F1/0x87 microcode (in microcode.dat) at revision
0x21000230;
- Addition of cpuid:C06F2/0x87 microcode (in microcode.dat) at revision
0x21000230;
- Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision
0x2c000290;
- Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at
revision 0x2c000290;
- Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision
0x2c000290;
- Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000290;
- Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x32;
- Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x430;
- Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x411c;
- Update of cpuid:50653/0x97 (SKX-SP B1) microcode (in microcode.dat) from
revision 0x1000181 up to 0x1000191;
- Update of cpuid:50656/0xbf (CLX-SP B0) microcode (in microcode.dat) from
revision 0x4003604 up to 0x4003605;
- Update of cpuid:50657/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat)
from revision 0x5003604 up to 0x5003707;
- Update of cpuid:5065B/0xbf (CPX-SP A1) microcode (in microcode.dat) from
revision 0x7002703 up to 0x7002904;
- Update of cpuid:50665/0x10 (BDX-NS A0/A1, HWL A1) microcode (in
microcode.dat) from revision 0xe000014 up to 0xe000015;
- Update of cpuid:506F1/0x01 (DNV B0) microcode (in microcode.dat) from
revision 0x38 up to 0x3e;
- Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from
revision 0xd0003b9 up to 0xd0003e7;
- Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from
revision 0x1000268 up to 0x10002b0;
- Update of cpuid:706A1/0x01 (GLK B0) microcode (in microcode.dat) from
revision 0x3e up to 0x42;
- Update of cpuid:706A8/0x01 (GLK-R R0) microcode (in microcode.dat) from
revision 0x22 up to 0x24;
- Update of cpuid:706E5/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from
revision 0xc2 up to 0xc6;
- Update of cpuid:806C1/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat)
from revision 0xb4 up to 0xb8;
- Update of cpuid:806C2/0xc2 (TGL-R C0) microcode (in microcode.dat) from
revision 0x34 up to 0x38;
- Update of cpuid:806D1/0xc2 (TGL-H R0) microcode (in microcode.dat) from
revision 0x4e up to 0x52;
- Update of cpuid:806E9/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from
revision 0xf4 up to 0xf6;
- Update of cpuid:806E9/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
microcode.dat) from revision 0xf4 up to 0xf6;
- Update of cpuid:806EA/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
microcode.dat) from revision 0xf4 up to 0xf6;
- Update of cpuid:806EB/0xd0 (WHL-U W0) microcode (in microcode.dat) from
revision 0xf4 up to 0xf6;
- Update of cpuid:806EC/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode
(in microcode.dat) from revision 0xf8 up to 0xfc;
- Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision
0x2c000290 up to 0x2c000390;
- Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from
revision 0x2c000290 up to 0x2c000390;
- Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision
0x2c000290 up to 0x2c000390;
- Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:90661/0x01 (EHL B1) microcode (in microcode.dat) from
revision 0x17 up to 0x1a;
- Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from
revision 0x32 up to 0x35;
- Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from
revision 0x5 up to 0x7;
- Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from
revision 0x430 up to 0x433;
- Update of cpuid:906C0/0x01 (JSL A0/A1) microcode (in microcode.dat) from
revision 0x24000024 up to 0x24000026;
- Update of cpuid:906E9/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
microcode.dat) from revision 0xf4 up to 0xf8;
- Update of cpuid:906EA/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat)
from revision 0xf4 up to 0xf8;
- Update of cpuid:906EB/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from
revision 0xf4 up to 0xf6;
- Update of cpuid:906EC/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat)
from revision 0xf4 up to 0xf8;
- Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat)
from revision 0xfa up to 0x100;
- Update of cpuid:A0652/0x20 (CML-H R1) microcode (in microcode.dat) from
revision 0xf8 up to 0xfc;
- Update of cpuid:A0653/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from
revision 0xf8 up to 0xfc;
- Update of cpuid:A0655/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat)
from revision 0xf8 up to 0xfc;
- Update of cpuid:A0660/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from
revision 0xf8 up to 0xfe;
- Update of cpuid:A0661/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat)
from revision 0xf8 up to 0xfc;
- Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from
revision 0x5d up to 0x62;
- Update of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) from
revision 0x11d up to 0x123;
- Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from
revision 0x411c up to 0x4121;
- Update of cpuid:B06E0/0x11 (ADL-N A0) microcode (in microcode.dat) from
revision 0x12 up to 0x17;
- Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x32 up to 0x35;
- Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x32 up to 0x35;
0
tuxcare-centos7-els
microcode_ctl-2.1-73.21.el7_9.tuxcare.els1.x86_64.rpm
b10c96237c12335d91399b98cc2e69695b8e84cf8fede3a77444b8e7ba4ede7d
CLSA-2024:1730374841
Update of orc
TuxCare License Agreement
0
- Backport orc_malloc() and orc_realloc()
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Backport orc_malloc() and orc_realloc()
0
tuxcare-centos7-els
orc-0.4.26-1.el7.tuxcare.els2.i686.rpm
9f192d9cb02863ea50299181721a1ed0c46508ef63a03a013ed3c70d0425130d
orc-0.4.26-1.el7.tuxcare.els2.x86_64.rpm
e5bace760fca4283d43002d3888c0ccf6906248650283078540783a808e10a77
orc-compiler-0.4.26-1.el7.tuxcare.els2.x86_64.rpm
b505ee5c33037c3763ede5506ca66a8a18fcfae2d2bce21c51e0126f19e2e82b
orc-devel-0.4.26-1.el7.tuxcare.els2.i686.rpm
b357a9329a8f5528db69eaeab0d7ee027f61c9aa0a1a3db6d6fd78634c4544ee
orc-devel-0.4.26-1.el7.tuxcare.els2.x86_64.rpm
eca1d156cd7d09670031ff00a1b1c44af6763ed3cd4c161067f486e3b0c6eb7a
orc-doc-0.4.26-1.el7.tuxcare.els2.noarch.rpm
07e814046c277b059790d1eb17d17e58fcab81867d5d40114ef94e997e3d1d69
CLSA-2024:1730912568
Update of nss
TuxCare License Agreement
0
- update to CKBI 2.70 from NSS 3.104
- updated certificates:
- # Certificate "GLOBALTRUST 2020"
- # Certificate "certSIGN ROOT CA"
- # Certificate "ACCVRAIZ1"
- # Certificate "OISTE WISeKey Global Root GC CA"
- removed certificates:
- # Certificate "Security Communication Root CA"
- # Certificate "Camerfirma Chambers of Commerce Root"
- # Certificate "Chambers of Commerce Root - 2008"
- # Certificate "Global Chambersign Root - 2008"
- # Certificate "E-Tugra Global Root CA RSA v3"
- # Certificate "E-Tugra Global Root CA ECC v3"
- added certificates:
- # Certificate "D-Trust SBR Root CA 1 2022"
- # Certificate "D-Trust SBR Root CA 2 2022"
- # Certificate "Telekom Security SMIME ECC Root 2021"
- # Certificate "Telekom Security TLS ECC Root 2020"
- # Certificate "Telekom Security SMIME RSA Root 2023"
- # Certificate "Telekom Security TLS RSA Root 2023"
- # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB"
- # Certificate "TWCA CYBER Root CA"
- # Certificate "TWCA Global Root CA G2"
- # Certificate "SecureSign Root CA12"
- # Certificate "SecureSign Root CA14"
- # Certificate "SecureSign Root CA15"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- update to CKBI 2.70 from NSS 3.104
- updated certificates:
- # Certificate "GLOBALTRUST 2020"
- # Certificate "certSIGN ROOT CA"
- # Certificate "ACCVRAIZ1"
- # Certificate "OISTE WISeKey Global Root GC CA"
- removed certificates:
- # Certificate "Security Communication Root CA"
- # Certificate "Camerfirma Chambers of Commerce Root"
- # Certificate "Chambers of Commerce Root - 2008"
- # Certificate "Global Chambersign Root - 2008"
- # Certificate "E-Tugra Global Root CA RSA v3"
- # Certificate "E-Tugra Global Root CA ECC v3"
- added certificates:
- # Certificate "D-Trust SBR Root CA 1 2022"
- # Certificate "D-Trust SBR Root CA 2 2022"
- # Certificate "Telekom Security SMIME ECC Root 2021"
- # Certificate "Telekom Security TLS ECC Root 2020"
- # Certificate "Telekom Security SMIME RSA Root 2023"
- # Certificate "Telekom Security TLS RSA Root 2023"
- # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB"
- # Certificate "TWCA CYBER Root CA"
- # Certificate "TWCA Global Root CA G2"
- # Certificate "SecureSign Root CA12"
- # Certificate "SecureSign Root CA14"
- # Certificate "SecureSign Root CA15"
0
tuxcare-centos7-els
nss-3.90.0-2.el7_9.tuxcare.els2.i686.rpm
56b17c0403e655389fd9f668568438a373a6006185a2cdc1ee64bcac1bf915fd
nss-3.90.0-2.el7_9.tuxcare.els2.x86_64.rpm
e0883bf93500b651662d9154e6338c3e1fe12d0cbf942f1b92b27a348616eddf
nss-devel-3.90.0-2.el7_9.tuxcare.els2.i686.rpm
76014741810c6fe4bf5a059d7f941242c9858f37443385417f46792b49157991
nss-devel-3.90.0-2.el7_9.tuxcare.els2.x86_64.rpm
f5f94f63cc52aec155f31be3dfa87ee79ecc5da0c0cb1e9059efdb157fe89cbc
nss-pkcs11-devel-3.90.0-2.el7_9.tuxcare.els2.i686.rpm
898f87456585a2f231844e20c96e30dd652338d1e11c524a528f91b287f21bef
nss-pkcs11-devel-3.90.0-2.el7_9.tuxcare.els2.x86_64.rpm
6124bfef08f6996471aa5685640740c76bfdf4e8d73df67130d62bee44d3f9fe
nss-sysinit-3.90.0-2.el7_9.tuxcare.els2.x86_64.rpm
b7a5017362890400c229ac30c16ec7fcdba33165f8f761217aa2286ae369739f
nss-tools-3.90.0-2.el7_9.tuxcare.els2.x86_64.rpm
6477f1f45bda964e1ea5794e06b00f8690722336342bd1f0cdd5a2e53a4c87ea
CLSA-2024:1731432106
ImageMagick: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2020-27751: fix undefined behavior due to an overly large shift exponent
in quantum-export.c
- CVE-2020-27768: fix NaN being outside the range of representable values issue
in quantum-private.h
Low
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-27751: fix undefined behavior due to an overly large shift exponent
in quantum-export.c
- CVE-2020-27768: fix NaN being outside the range of representable values issue
in quantum-private.h
0
tuxcare-centos7-els
ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.i686.rpm
030ce594206ffd929b9808837e274a1681233c54c5c0cc91b21a0f22ce7b4de2
ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.x86_64.rpm
d6c69f7d7560c807821e48b8b030d1510319694f2cc6f7bdd9ce63151da78c28
ImageMagick-c++-6.9.10.68-7.el7_9.tuxcare.els2.i686.rpm
e0082ae55a93464dcef73ff3b7e2bff64949ef1770e8529c0b827c04b117a44f
ImageMagick-c++-6.9.10.68-7.el7_9.tuxcare.els2.x86_64.rpm
9921eddf542aa58f43da58af9d2991f023c3ac12b552068c887c9ab0dc47c25b
ImageMagick-c++-devel-6.9.10.68-7.el7_9.tuxcare.els2.i686.rpm
f61bfd2393323757b4b495cac05b580549b3c172262c1e6f0931a806a0a5f1be
ImageMagick-c++-devel-6.9.10.68-7.el7_9.tuxcare.els2.x86_64.rpm
143b1d3d8a9416eb2705b933d453593c1c6d48ca7ffeac08e53000f819f29941
ImageMagick-devel-6.9.10.68-7.el7_9.tuxcare.els2.i686.rpm
fdc06ce4639d7c2be8af6b9e8e11be2e86b5ecce1185d5a17c17d55114e379c7
ImageMagick-devel-6.9.10.68-7.el7_9.tuxcare.els2.x86_64.rpm
1de1414e6c71466f2d8ae4d0332449c744331666b41a3ef530c31def7f337d16
ImageMagick-doc-6.9.10.68-7.el7_9.tuxcare.els2.x86_64.rpm
cb27e3568d6ecb011ad5aa4179094d8086decd908e15e9735096f7774c07c718
ImageMagick-perl-6.9.10.68-7.el7_9.tuxcare.els2.x86_64.rpm
1104da9270ec716eed0dd68c3f38712ec14d2d6d0c556cb0c8e4ea4a2a3972b9
CLSA-2024:1731348593
kernel: Fix of 18 CVEs
TuxCare License Agreement
0
- mm: call the security_mmap_file() LSM hook in remap_file_pages() {CVE-2024-47745}
- slip: make slhc_remember() more robust against malicious packets {CVE-2024-50033}
- drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer {CVE-2024-49991}
- firmware_loader: Block path traversal {CVE-2024-47742}
- ext4: avoid OOB when system.data xattr changes underneath the filesystem {CVE-2024-47701}
- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux {CVE-2024-50073}
- Bluetooth: L2CAP: Fix uaf in l2cap_connect {CVE-2024-49950}
- ext4: avoid use-after-free in ext4_ext_show_leaf() {CVE-2024-49889}
- driver core: bus: Fix double free in driver API bus_register() {CVE-2024-50055}
- ext4: fix timer use-after-free on failed mount {CVE-2024-49960}
- smack: tcp: ipv4, fix incorrect labeling {CVE-2024-47659}
- ppp: fix ppp_async_encode() illegal access {CVE-2024-50035}
- ALSA: asihpi: Fix potential OOB array access {CVE-2024-50007}
- ext4: no need to continue when the number of entries is 1 {CVE-2024-49967}
- drm/amd/display: Fix index out of bounds in degamma hardware format translation {CVE-2024-49894}
- ext4: fix double brelse() the buffer of the extents path {CVE-2024-49882}
- ACPI: sysfs: validate return type of _STR method {CVE-2024-49860}
- bna: adjust 'name' buf size of bna_tcb and bna_ccb structures {CVE-2024-43839}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- mm: call the security_mmap_file() LSM hook in remap_file_pages() {CVE-2024-47745}
- slip: make slhc_remember() more robust against malicious packets {CVE-2024-50033}
- drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer {CVE-2024-49991}
- firmware_loader: Block path traversal {CVE-2024-47742}
- ext4: avoid OOB when system.data xattr changes underneath the filesystem {CVE-2024-47701}
- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux {CVE-2024-50073}
- Bluetooth: L2CAP: Fix uaf in l2cap_connect {CVE-2024-49950}
- ext4: avoid use-after-free in ext4_ext_show_leaf() {CVE-2024-49889}
- driver core: bus: Fix double free in driver API bus_register() {CVE-2024-50055}
- ext4: fix timer use-after-free on failed mount {CVE-2024-49960}
- smack: tcp: ipv4, fix incorrect labeling {CVE-2024-47659}
- ppp: fix ppp_async_encode() illegal access {CVE-2024-50035}
- ALSA: asihpi: Fix potential OOB array access {CVE-2024-50007}
- ext4: no need to continue when the number of entries is 1 {CVE-2024-49967}
- drm/amd/display: Fix index out of bounds in degamma hardware format translation {CVE-2024-49894}
- ext4: fix double brelse() the buffer of the extents path {CVE-2024-49882}
- ACPI: sysfs: validate return type of _STR method {CVE-2024-49860}
- bna: adjust 'name' buf size of bna_tcb and bna_ccb structures {CVE-2024-43839}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm
a943e60ddd6c00b395f9ab38bfb1bca63dfb1073ea7346f8ff699a3978e066be
kernel-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm
5b128ee8dfdc4113cb5cda50dbc86e571b966cd65675e2ba141ece0297deeb91
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm
c695b67990e067c955ade5cbfbc3ea8f2c335dcf8e008d263a81c7e41a09bfc5
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm
246711799dc8faad648fe9b7a39865bab5dc21464be9eaf25c067423070afc6a
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm
74c3e1de9779329e4c0e400021cea0cad4ff882cfd9933291c5716769afd55b7
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm
ad0c4aae0b9429b2bd236579668222c60f163e07857091133a1e1ec958d0bf96
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm
f3e4b311df7984242b40aafd823c512ea6d82a267f990c0e81907fe2ccd9b15c
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm
212acf284903015740cb34d923a6818b17b3bb7378ae8a0649331569a97e9246
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm
42b03cc2e8bfccf3ee3a0b3a67419c1fd3477081674af473be51706d5d4fdeb5
perf-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm
d470c706442cbcb3861b9815988faa12b405e732fdfb6482834d248326c0a632
python-perf-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm
9640ef3e1fa9c8b7e6d99fdb606a981d7568cca2cac68a096207c1ca9ff9d92c
CLSA-2024:1730910767
Update of ca-certificates
TuxCare License Agreement
0
- update to CKBI 2.69 from NSS 3.103
- updated certificates:
- # Certificate "GLOBALTRUST 2020"
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
- # Certificate "Entrust.net Premium 2048 Secure Server CA"
- # Certificate "Baltimore CyberTrust Root"
- # Certificate "Entrust Root Certification Authority"
- # Certificate "Certum Root CA"
- # Certificate "Comodo AAA Services root"
- # Certificate "QuoVadis Root CA 2"
- # Certificate "QuoVadis Root CA 3"
- # Certificate "XRamp Global CA Root"
- # Certificate "Go Daddy Class 2 CA"
- # Certificate "Starfield Class 2 CA"
- # Certificate "DigiCert Assured ID Root CA"
- # Certificate "DigiCert Global Root CA"
- # Certificate "DigiCert High Assurance EV Root CA"
- # Certificate "SwissSign Gold CA - G2"
- # Certificate "SwissSign Silver CA - G2"
- # Certificate "SecureTrust CA"
- # Certificate "Secure Global CA"
- # Certificate "COMODO ECC Certification Authority"
- # Certificate "OISTE WISeKey Global Root GA CA"
- # Certificate "Certigna"
- # Certificate "ePKI Root Certification Authority"
- # Certificate "certSIGN ROOT CA"
- # Certificate "SecureSign RootCA11"
- # Certificate "Microsec e-Szigno Root CA 2009"
- # Certificate "GlobalSign Root CA - R3"
- # Certificate "Go Daddy Root Certificate Authority - G2"
- # Certificate "Starfield Root Certificate Authority - G2"
- # Certificate "Starfield Services Root Certificate Authority - G2"
- # Certificate "AffirmTrust Commercial"
- # Certificate "AffirmTrust Networking"
- # Certificate "AffirmTrust Premium"
- # Certificate "AffirmTrust Premium ECC"
- # Certificate "Certum Trusted Network CA"
- # Certificate "TWCA Root Certification Authority"
- # Certificate "Security Communication RootCA2"
- # Certificate "Actalis Authentication Root CA"
- # Certificate "D-TRUST Root Class 3 CA 2 2009"
- # Certificate "D-TRUST Root Class 3 CA 2 EV 2009"
- # Certificate "CA Disig Root R2"
- # Certificate "ACCVRAIZ1"
- # Certificate "TWCA Global Root CA"
- # Certificate "Atos TrustedRoot 2011"
- # Certificate "QuoVadis Root CA 1 G3"
- # Certificate "QuoVadis Root CA 2 G3"
- # Certificate "QuoVadis Root CA 3 G3"
- # Certificate "DigiCert Assured ID Root G2"
- # Certificate "DigiCert Assured ID Root G3"
- # Certificate "DigiCert Global Root G2"
- # Certificate "DigiCert Global Root G3"
- # Certificate "DigiCert Trusted Root G4"
- # Certificate "COMODO RSA Certification Authority"
- # Certificate "USERTrust RSA Certification Authority"
- # Certificate "USERTrust ECC Certification Authority"
- # Certificate "GlobalSign ECC Root CA - R5"
- # Certificate "IdenTrust Commercial Root CA 1"
- # Certificate "Entrust Root Certification Authority - G2"
- # Certificate "Entrust Root Certification Authority - EC1"
- # Certificate "CFCA EV ROOT"
- # Certificate "OISTE WISeKey Global Root GB CA"
- # Certificate "Certum Trusted Network CA 2"
- # Certificate "Hellenic Academic and Research Institutions RootCA 2015"
- # Certificate "Hellenic Academic and Research Institutions ECC RootCA 2015"
- # Certificate "AC RAIZ FNMT-RCM"
- # Certificate "Amazon Root CA 2"
- # Certificate "SSL.com Root Certification Authority RSA"
- # Certificate "SSL.com Root Certification Authority ECC"
- # Certificate "SSL.com EV Root Certification Authority RSA R2"
- # Certificate "SSL.com EV Root Certification Authority ECC"
- # Certificate "GlobalSign Root CA - R6"
- # Certificate "OISTE WISeKey Global Root GC CA"
- # Certificate "UCA Global G2 Root"
- # Certificate "UCA Extended Validation Root"
- # Certificate "Certigna Root CA"
- # Certificate "emSign ECC Root CA - G3"
- # Certificate "emSign ECC Root CA - C3"
- # Certificate "Entrust Root Certification Authority - G4"
- # Certificate "e-Szigno Root CA 2017"
- # Certificate "Trustwave Global Certification Authority"
- # Certificate "Trustwave Global ECC P256 Certification Authority"
- # Certificate "Trustwave Global ECC P384 Certification Authority"
- # Certificate "Certum EC-384 CA"
- # Certificate "Certum Trusted Root CA"
- # Certificate "GlobalSign ECC Root CA - R4"
- # Certificate "Security Communication RootCA3"
- # Certificate "Security Communication ECC RootCA1"
- removed certificates:
- # Certificate "Security Communication Root CA"
- # Certificate "Camerfirma Chambers of Commerce Root"
- # Certificate "Chambers of Commerce Root - 2008"
- # Certificate "Global Chambersign Root - 2008"
- # Certificate "Certification Authority of WoSign G2"
- # Certificate "CA WoSign ECC Root"
- # Certificate "A-Trust-Qual-02"
- # Certificate "Certification Authority of WoSign"
- # Certificate "CA 沃通根证书"
- # Certificate "StartCom Certification Authority G2"
- # Certificate "China Internet Network Information Center EV Certificates Root"
- # Certificate "VI Registru Centras RCSC (RootCA)"
- # Certificate "StartCom Certification Authority"
- # Certificate "CNNIC ROOT"
- # Certificate "ANCERT Certificados CGN"
- # Certificate "ANCERT Certificados Notariales"
- # Certificate "ANCERT Corporaciones de Derecho Publico"
- # Certificate "Global Chambersign Root"
- # Certificate "CHAMBERS OF COMMERCE ROOT - 2016"
- # Certificate "E-Tugra Global Root CA RSA v3"
- # Certificate "E-Tugra Global Root CA ECC v3"
- # Certificate "Tunisian Root Certificate Authority - TunRootCA2"
- added certificates:
- # Certificate "D-Trust SBR Root CA 1 2022"
- # Certificate "D-Trust SBR Root CA 2 2022"
- # Certificate "Telekom Security SMIME ECC Root 2021"
- # Certificate "Telekom Security TLS ECC Root 2020"
- # Certificate "Telekom Security SMIME RSA Root 2023"
- # Certificate "Telekom Security TLS RSA Root 2023"
- # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB"
- remove duplicated certificate record:
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- update to CKBI 2.69 from NSS 3.103
- updated certificates:
- # Certificate "GLOBALTRUST 2020"
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
- # Certificate "Entrust.net Premium 2048 Secure Server CA"
- # Certificate "Baltimore CyberTrust Root"
- # Certificate "Entrust Root Certification Authority"
- # Certificate "Certum Root CA"
- # Certificate "Comodo AAA Services root"
- # Certificate "QuoVadis Root CA 2"
- # Certificate "QuoVadis Root CA 3"
- # Certificate "XRamp Global CA Root"
- # Certificate "Go Daddy Class 2 CA"
- # Certificate "Starfield Class 2 CA"
- # Certificate "DigiCert Assured ID Root CA"
- # Certificate "DigiCert Global Root CA"
- # Certificate "DigiCert High Assurance EV Root CA"
- # Certificate "SwissSign Gold CA - G2"
- # Certificate "SwissSign Silver CA - G2"
- # Certificate "SecureTrust CA"
- # Certificate "Secure Global CA"
- # Certificate "COMODO ECC Certification Authority"
- # Certificate "OISTE WISeKey Global Root GA CA"
- # Certificate "Certigna"
- # Certificate "ePKI Root Certification Authority"
- # Certificate "certSIGN ROOT CA"
- # Certificate "SecureSign RootCA11"
- # Certificate "Microsec e-Szigno Root CA 2009"
- # Certificate "GlobalSign Root CA - R3"
- # Certificate "Go Daddy Root Certificate Authority - G2"
- # Certificate "Starfield Root Certificate Authority - G2"
- # Certificate "Starfield Services Root Certificate Authority - G2"
- # Certificate "AffirmTrust Commercial"
- # Certificate "AffirmTrust Networking"
- # Certificate "AffirmTrust Premium"
- # Certificate "AffirmTrust Premium ECC"
- # Certificate "Certum Trusted Network CA"
- # Certificate "TWCA Root Certification Authority"
- # Certificate "Security Communication RootCA2"
- # Certificate "Actalis Authentication Root CA"
- # Certificate "D-TRUST Root Class 3 CA 2 2009"
- # Certificate "D-TRUST Root Class 3 CA 2 EV 2009"
- # Certificate "CA Disig Root R2"
- # Certificate "ACCVRAIZ1"
- # Certificate "TWCA Global Root CA"
- # Certificate "Atos TrustedRoot 2011"
- # Certificate "QuoVadis Root CA 1 G3"
- # Certificate "QuoVadis Root CA 2 G3"
- # Certificate "QuoVadis Root CA 3 G3"
- # Certificate "DigiCert Assured ID Root G2"
- # Certificate "DigiCert Assured ID Root G3"
- # Certificate "DigiCert Global Root G2"
- # Certificate "DigiCert Global Root G3"
- # Certificate "DigiCert Trusted Root G4"
- # Certificate "COMODO RSA Certification Authority"
- # Certificate "USERTrust RSA Certification Authority"
- # Certificate "USERTrust ECC Certification Authority"
- # Certificate "GlobalSign ECC Root CA - R5"
- # Certificate "IdenTrust Commercial Root CA 1"
- # Certificate "Entrust Root Certification Authority - G2"
- # Certificate "Entrust Root Certification Authority - EC1"
- # Certificate "CFCA EV ROOT"
- # Certificate "OISTE WISeKey Global Root GB CA"
- # Certificate "Certum Trusted Network CA 2"
- # Certificate "Hellenic Academic and Research Institutions RootCA 2015"
- # Certificate "Hellenic Academic and Research Institutions ECC RootCA 2015"
- # Certificate "AC RAIZ FNMT-RCM"
- # Certificate "Amazon Root CA 2"
- # Certificate "SSL.com Root Certification Authority RSA"
- # Certificate "SSL.com Root Certification Authority ECC"
- # Certificate "SSL.com EV Root Certification Authority RSA R2"
- # Certificate "SSL.com EV Root Certification Authority ECC"
- # Certificate "GlobalSign Root CA - R6"
- # Certificate "OISTE WISeKey Global Root GC CA"
- # Certificate "UCA Global G2 Root"
- # Certificate "UCA Extended Validation Root"
- # Certificate "Certigna Root CA"
- # Certificate "emSign ECC Root CA - G3"
- # Certificate "emSign ECC Root CA - C3"
- # Certificate "Entrust Root Certification Authority - G4"
- # Certificate "e-Szigno Root CA 2017"
- # Certificate "Trustwave Global Certification Authority"
- # Certificate "Trustwave Global ECC P256 Certification Authority"
- # Certificate "Trustwave Global ECC P384 Certification Authority"
- # Certificate "Certum EC-384 CA"
- # Certificate "Certum Trusted Root CA"
- # Certificate "GlobalSign ECC Root CA - R4"
- # Certificate "Security Communication RootCA3"
- # Certificate "Security Communication ECC RootCA1"
- removed certificates:
- # Certificate "Security Communication Root CA"
- # Certificate "Camerfirma Chambers of Commerce Root"
- # Certificate "Chambers of Commerce Root - 2008"
- # Certificate "Global Chambersign Root - 2008"
- # Certificate "Certification Authority of WoSign G2"
- # Certificate "CA WoSign ECC Root"
- # Certificate "A-Trust-Qual-02"
- # Certificate "Certification Authority of WoSign"
- # Certificate "CA 沃通根证书"
- # Certificate "StartCom Certification Authority G2"
- # Certificate "China Internet Network Information Center EV Certificates Root"
- # Certificate "VI Registru Centras RCSC (RootCA)"
- # Certificate "StartCom Certification Authority"
- # Certificate "CNNIC ROOT"
- # Certificate "ANCERT Certificados CGN"
- # Certificate "ANCERT Certificados Notariales"
- # Certificate "ANCERT Corporaciones de Derecho Publico"
- # Certificate "Global Chambersign Root"
- # Certificate "CHAMBERS OF COMMERCE ROOT - 2016"
- # Certificate "E-Tugra Global Root CA RSA v3"
- # Certificate "E-Tugra Global Root CA ECC v3"
- # Certificate "Tunisian Root Certificate Authority - TunRootCA2"
- added certificates:
- # Certificate "D-Trust SBR Root CA 1 2022"
- # Certificate "D-Trust SBR Root CA 2 2022"
- # Certificate "Telekom Security SMIME ECC Root 2021"
- # Certificate "Telekom Security TLS ECC Root 2020"
- # Certificate "Telekom Security SMIME RSA Root 2023"
- # Certificate "Telekom Security TLS RSA Root 2023"
- # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB"
- remove duplicated certificate record:
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
0
tuxcare-centos7-els
ca-certificates-2024.2.69_v7.0.306-72.el7_9.tuxcare.els1.noarch.rpm
5922e538c8077e4683e23042810fefdeaaa0958784e22b2689244df4f30be2c3
CLSA-2024:1732267577
kernel: Fix of 2 CVEs
TuxCare License Agreement
0
- net: bridge: xmit: make sure we have at least eth header len bytes {CVE-2024-38538}
- SUNRPC: Fix UAF in svc_tcp_listen_data_ready() {CVE-2023-52885}
- Fix: Revert "smb: client: fix use-after-free bug in cifs_debug_data_proc_show()" double lock
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- net: bridge: xmit: make sure we have at least eth header len bytes {CVE-2024-38538}
- SUNRPC: Fix UAF in svc_tcp_listen_data_ready() {CVE-2023-52885}
- Fix: Revert "smb: client: fix use-after-free bug in cifs_debug_data_proc_show()" double lock
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm
e5da24135cb9c0508f34ae58cb899683c328bb2476432c78a06894c1a97a35e3
kernel-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm
282195fb69c35732b8e67267e1f2b5099777ded4aadf430ac853124d379d8c38
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm
bd528059fd94b90498db92bd1a12a804acda183b29871c915c78516f9a9ce96d
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm
7b70ea72c5bdd152897d3b3f87bc9c87ced3ef77f6a16e05b6c10a10bffca5ee
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm
a622b0610750e15e7d709bd30731e0b598b9094d5c01fb026355c8f1770d68df
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm
20c0c65664e97202b08ff4e166a843440f75c6b49c46e7d613f89098a55d8c31
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm
0e939d4322c2e98251628ae7ce16b1bbf1dfd235a59fdc8eea620436d14a8d15
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm
c9ba32c7e1ff5af24439b2e8c52d14ad75926832ddd63cfd0b02b7272c8b72ea
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm
52658efc9551aa0c4216a23a8991be7df3825f7fa794196359cfe01dac7bd4e1
perf-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm
362bde16799495fd5818bb9687ec99be9ca54d154bcd5473aae0e5952eb9e574
python-perf-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm
009bd7a770728f040ce850cc7d3812b49113542e5d3a35bc2bdb44b8cff97fde
CLSA-2024:1733158948
php: Fix of CVE-2024-11234
TuxCare License Agreement
0
- CVE-2024-11234: fix HTTP fulluri CRLF injection
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-11234: fix HTTP fulluri CRLF injection
0
tuxcare-centos7-els
php-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
06d6d925eff794def3b096ade202b28e9d9fe3c32ee13419346d1d7503a405e6
php-bcmath-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
59bb500a7cdb2a25cdf20ad1930a9bfa3295c1dcd7f1581e69211f4536bc354a
php-cli-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
f8425ad6043cc35b1e22d1f7de103088135db314da5efdf06cdc0125b0cdae05
php-common-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
b7fe19ac2377a7af1d4fbc7f59835095f3cd8e71b2159292dc9b213dd649b739
php-dba-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
8b38100e5abd947c2cbc0bde5cc3a830e34ff8f1baac2548fb753c80096ae6b4
php-devel-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
c6f05216edbd420806fd30ab4f00c323ba6395b8449a6b6b8dbe5e262debe57a
php-embedded-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
6297ddcd15ae68dddbd13cdf119fbfe02c6ebe6688109435f9818096caf231e3
php-enchant-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
782638b5572eab8c13b95a27369befb8c4466b6a383673ba870e37cf5c3f243d
php-fpm-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
e4d4f77b534aa6cab4dba85a15313be07fd788e9b3b40377f6a6f75bdfe9af36
php-gd-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
2b77a84be5d90622ca8739e7b2e155682eb821e50da52cea3236e1546472847d
php-intl-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
2b517d45d2f5a75fa9dffed14cacbf459057d0f98b72ab43b2325c990196892e
php-ldap-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
e37c3cb2aced769842fda440c59d35ae4330087f22a820d93fbb9e6af3578e51
php-mbstring-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
07f00197f57c40bd339dc720b1829a54a4cf58d92d9717347b8c2d8acfb2fb13
php-mysql-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
b28ad75436a1ad2e7c4fd4cc9eb95895349938647db06dab3ac70a74fa953258
php-mysqlnd-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
d13926651ab484ca496513c65060b69aa44e4cb68264ff3ec2f1c386d24e14f7
php-odbc-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
af05264c4fb0bdbd2e76f9a9c8e096d5e8ca5096d92546f3207b939241f5d4e2
php-pdo-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
4cf17961ceea9ebca84d8737f02d4918c4ad69d8db27320547160125f9b4829c
php-pgsql-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
66a9621ed33a897482c230b808141feba60c25c582ef4b48dd5ce6b59033cfbb
php-process-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
f42e6716fd08264cc4702e25054dd38d374c564056677f6170e99c3513ceaf4e
php-pspell-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
1755974720455e13d6b98b7fa8126c6b055bf87a6827e8179c979b52ac6c16b5
php-recode-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
b2b307e2f213135fcebbe798fcc5e90c5bc4dd7de8cee3a247855ed6c44a686d
php-snmp-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
428234f0b3ed1ffe77b8c5ae4f5f60f261f6a4e4037855c2fa9045d72f104627
php-soap-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
bca008758db4fb924de866ec50d32e14884bb1f21cb8bf147e004cfc0ffb8c16
php-xml-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
65b025e476b9008bdfa372c89ea6e3735756bbcd2666620356e7167bfd6ddc0a
php-xmlrpc-5.4.16-48.el7.tuxcare.els5.x86_64.rpm
d864c0b041ffa17ccbf45511ed599e36db5994e2ad135048080b6c542845fe08
CLSA-2024:1733246329
php: Fix of CVE-2024-11233
TuxCare License Agreement
0
- CVE-2024-11233: fix buffer overflow vulnerability in convert.quoted-printable-decode
filter
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-11233: fix buffer overflow vulnerability in convert.quoted-printable-decode
filter
0
tuxcare-centos7-els
php-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
201d0b30ffe86871a6d4eea341b4971c14f551ca6499eeba08b44c25ca075944
php-bcmath-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
5527bb3adac14981e969c2c10cbdbba80678c29c48b5bbcc5d8792190f0d60eb
php-cli-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
ce7738e3d2bef702a412f3296e139494a535cfb7c1250524cf5185096efafa6e
php-common-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
e35933efca262c97685b57cbada64457691b7c9bcd3091ae8c3bee70b2c5466f
php-dba-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
09f6cc9b14cb87d280997d1c7f15f1fd6266998ca0cacd022fcc52778b7d2c34
php-devel-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
e1b9bd81bad7cc914b90336fa8f06f7ee1eecff704e1892aa92c4021e3e0cdce
php-embedded-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
15911f5d7727a571754c211af69e5511e975f53dea4857f61dd65df650540ee5
php-enchant-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
c2aed1e8e1d6e16fb370bc923c2d99839367b7602355485fb4086af92bf58192
php-fpm-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
5253792691b8150f2b95de6e7276eb664d66641bfad6e683ffe85c46c36f096b
php-gd-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
c231796787c167cf44160c0ef2e38633cbc5151a8c63c12b32509ba9adbfff50
php-intl-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
b60966935050716a73a2e74cc0bf18ae2c10e2af39580f8627864bf2dd524d7c
php-ldap-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
b35b3eaa48e6cfc1ddd67476b1436c90fe671ea7b844bbf8b7545ac25c0226b3
php-mbstring-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
839b7b8c1f9a49c32b2524f6a7cd02d80303c4b06852cc0b788292ef1bc1e68f
php-mysql-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
834ee96f6b0b18f42b8b680615e67d1da87c3b562034cf8b2f8de03ba1c4139f
php-mysqlnd-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
a52681bbbfd941ddd63cb02d2939c7d5fd1d163874218badbe5fa3ca4c8425f0
php-odbc-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
1e87d329f66b9e4ae208aecaa6e867fdd33efa8bc86dba798ffb6f46acde4c17
php-pdo-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
b13a0f8fe1283100d3f71ed5119cc056802b6732ae2b50154a8ed32c679c9401
php-pgsql-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
dc1ecbb6498029e8250969aae057e26d274be09ae746b4aa24b701a05e5610b3
php-process-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
c403d696760cfdf2ed390a870e1493f917e184d135c3649213093a9b3fd03c70
php-pspell-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
463e245d93bd50cfea1d70a75e4276a8cd8b78c42b5c689dd1f81a9811300485
php-recode-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
f7e9ef91942cb40d2cc4e49032660effb88342c3eb31344cac55c12523e4d316
php-snmp-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
f5eb57cffb9bc946ccdfc5893f037bed2fb70f97b27b41e2b894562afba3d4b0
php-soap-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
c03728b98957ae3325a6d00e8f8de6dd33a91a0cefb212507cc3f458705b891c
php-xml-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
f4af1a3ec0138571726f61777068a262b132c10cc46ae6ecba95e162a946cef3
php-xmlrpc-5.4.16-48.el7.tuxcare.els6.x86_64.rpm
1e8747bdce2e9d1ba4c1c0d4bfaa765a8b37c3b834a1dde16141848a998d8ff0
CLSA-2024:1734041590
Update of grub2
TuxCare License Agreement
0
- Update version and epoch
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update version and epoch
0
tuxcare-centos7-els
grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm
4537271ee6ca2fb395db75b005636443eba93cfac8c840463745c149352b63e5
grub2-common-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.noarch.rpm
aa5b6f21c1c116356f240d976a64dc21f6b8245137bf77f662c9084800a1207a
grub2-efi-ia32-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm
da6282b8d1bf08c228ae8e6e4ed99ef622a58cf26b67aaf4b0a3d790acf79073
grub2-efi-ia32-cdboot-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm
3b446b4d552e9d079eb480ce483a9e11ad6f68e72325eb45a2522e4defa02f93
grub2-efi-ia32-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.noarch.rpm
4863c82ad5f6d3c05e63e92a8b7d4d5d996d7d31bf0c5d6b508b5d1ed2b1ea82
grub2-efi-x64-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm
3af31e1dd9aee93f3d0069aae9ba1a79dc6dec5fc0dd2be97490eb7b403f2600
grub2-efi-x64-cdboot-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm
2a5991f0cad3c38ce20522bb90b31b3d00143f53f9b87bd9b0a55e1dd9c8ef81
grub2-efi-x64-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.noarch.rpm
f750a3fbfa92ed9f1fd9d7cb0c02cb9586cedd4c8aeecbd31ed31011d023470f
grub2-i386-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.noarch.rpm
543d0e1eb6a919496494d773cbdcd8301171f7b5acb559a7bb0ddb8103518896
grub2-pc-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm
ed8c58ae36804d18f4a743484473c54934b486728bf56b5143ce64200425e89f
grub2-pc-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.noarch.rpm
cc71f54abb31b3c41d5b071c415346dbffa5d0b2dec021ab4231dbe68a7bcddb
grub2-tools-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm
2b1f98b8b5c851993980c07f18ca7d97419b22fdab9c616a135b3f8db1810ac4
grub2-tools-extra-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm
c93a1a41b9b7d5a3720aa6b45475fe4e572245708bb2f279988ee975471c59c1
grub2-tools-minimal-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm
88329cb9eb346be6d398df07e280e31bb05e56fb811924cb0e2c08afec73740f
CLSA-2024:1734372021
postgresql: Fix of CVE-2024-10979
TuxCare License Agreement
0
- CVE-2024-10979: Prevent trusted PL/Perl code from changing environment
variables
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-10979: Prevent trusted PL/Perl code from changing environment
variables
0
tuxcare-centos7-els
postgresql-9.2.24-9.el7_9.tuxcare.els2.i686.rpm
aa0b29db924af77397fb69f9dad0051586a6de2c5bd1f54afa2fe616b1247477
postgresql-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm
281ff12ec665cb04da51d7f911f4dd180d3bfb6fc398c2e03b5d9a5e5c8c2c86
postgresql-contrib-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm
bd73f5baf3ad94aa0a50fe9b03c5567e907e78723fbf1ba9626fbc42f82dae81
postgresql-devel-9.2.24-9.el7_9.tuxcare.els2.i686.rpm
08c850a043815001cb35b6507be93cebb47e6d0aaa14409515543656e7f9f922
postgresql-devel-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm
93d581accb5087064e4fa48b6f5fa7b373534a6bc619eb2a0c3907b114b7b47e
postgresql-docs-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm
2969e14fc3517dbc838839fa31726b3b503b66094e132f99f2d99e2f08105204
postgresql-libs-9.2.24-9.el7_9.tuxcare.els2.i686.rpm
883594fe1e280b5c504c81591cb238cc4e735c795006b0f4a1f774e4b8606999
postgresql-libs-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm
34b94aeca3a62ea273f43c38f60aed7ca0f286bce043295b1cf871d777faba21
postgresql-plperl-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm
37c4fecea75e6ede1f288e0edbfc6ee7e1ad3f2ad77957f858d36e4fb25e3b08
postgresql-plpython-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm
3b4a406e79f758b9580bcf192b531bae85594386411c21a721b1cc4d31e7d27a
postgresql-pltcl-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm
5ec1b6ac042f5996627bf1a51b67550111e8edd1e73e31f9ed89afef16df0509
postgresql-server-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm
25874aa2f4e229005286bc8df9a26b0316c5a831e959ce7e9d26844a55d152a7
postgresql-static-9.2.24-9.el7_9.tuxcare.els2.i686.rpm
7669bd2f8c733dc203e8b996937fb06721fea8eb6bda6cb30870f1cc394e3827
postgresql-static-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm
b3f1e568ab554f46feebfc4f4aa0e68b9bbb6354043e8467d3067e3fd2ee86ba
postgresql-test-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm
3aefc716d1377ad805f0833dfc4001b6d654dc289efbc714c5f71b8176b3fa37
postgresql-upgrade-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm
6ff32f38a6919bfaefcd6483801dbda4a6459c66ad1a7608ca1318c651e65498
CLSA-2024:1735300286
gnome-shell: Fix of CVE-2024-36472
TuxCare License Agreement
0
- CVE-2024-36472: fix portal helper from launching automatically based on
network responses to prevent loading untrusted JavaScript code
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-36472: fix portal helper from launching automatically based on
network responses to prevent loading untrusted JavaScript code
0
tuxcare-centos7-els
gnome-shell-3.28.3-34.el7_9.tuxcare.els1.x86_64.rpm
8fa37c166f2c541669e5d6326309c4114a29eee50b6512468b3408cf7840c7d8
CLSA-2024:1735311722
bind: Fix of CVE-2023-2828
TuxCare License Agreement
0
- Removed the bind-9.11.4-CVE-2023-2828-fixup.patch which caused problems with named-pkcs11
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Removed the bind-9.11.4-CVE-2023-2828-fixup.patch which caused problems with named-pkcs11
0
tuxcare-centos7-els
bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
c8b7a61e5db91c19cddfde900da28703e23be6a6d0e18a5e2fb20f39a8c65d1c
bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
a60e13ef7afb9f4f717efe5b18dedd0b831a0ef2948d6eab1ebd077221a4ab69
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm
2069466d1065184aaae071edfd04861a5467f6acfd198066839824f92d8a4b91
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
60a934f8153f3ee3a3758f3701c29897ae96e2551d0371d108d5e5531dae042e
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm
7489f06b8b96b597b8b7c3d295e71ed2ee56928af8950fa43339f5cfdbbbea1f
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
f6c8fd8a49aa6d4b51eebdb55d28ec86369f84742a6593185880e599e44344b0
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm
3010a9080c1fdb5bc996b872d75b54fd1f1f11c6bd3cf7e3cd9a636af284269b
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
d8cdebfdf9a07b17f5cb47bca017e634ab65db721874ccbfaeaadbd3df57cb7e
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm
643e02ccf532ae6809f7c22cf53ff9fd5f6a9f22c64105c58bb24cafd9fc902b
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
392aa757974874b91b79fb35036d8de9d7842eec8df55a9b4b2979e69a6f3725
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm
3f89b7f3ba23547e39e61a368767ddcc474bf603796f9545551a5aa562fabfbe
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
177c1d1c7c152ec20fd59865bf875ecde7b8eb732340c6691d85aba5f4dcc169
bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els5.noarch.rpm
de9447d3a012f29b113285fa7fa93486e05b4110eef20619b0c617fecd98bd8f
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm
0ae74cc8011cd898358afdbc2f4ed3d4b4e9744c2a025bd5bdd2b28a25d9d6fd
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
3dcc1d447a828a78fb343747a65631fb357eb8dd86b054cf55984d615f241c75
bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
05e4f7041b921c4813786fb827ef30e5c7a28501a5f34261d8a4a76642292e41
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm
eced85db9b6011733d574a9fc509803f1e3f92c6e2c90a92b16bd19245c09405
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
b140d5f83a4d2f0fd3a8b87829a826dc6242576d5fa12e11b60856042560f5bb
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm
88dfe9070a7c02fe25928089d0534fe00ea7aa5ed0a6b660495a57415c782433
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
7e13451a38aed1b6c887a578e6c8f2ffc2ed44ea86bd20e38251fe93709f4e69
bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
5b17a53b9d56d90142c813157cb706d4dd4f8b2b7193939300d32ddf7e5f8985
bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
9c7831987686ac20a70e1f31dbb1ba2d63109998648f3e48ba56ab050877d12e
bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
72b8493bdac5033b74a76fc8c95d2a588852519fb6ec0f00d4fdaca2111c8ef3
bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm
778235647936091712cf298a226751841707b2e3ccb0fcfe0c12091a064f8218
CLSA-2024:1735125596
Update of httpd
TuxCare License Agreement
0
- mod_session: Fix separator parsing
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- mod_session: Fix separator parsing
0
tuxcare-centos7-els
httpd-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm
b17a842900953d7ec2e5982b160fc149ffc6e6f66210f4fd1ea2fc68802bb9a2
httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm
ac1c0b3e8d902e366a9150a727ff70925010009733e9d72bb96caeb49b8d532e
httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els8.noarch.rpm
2aa58aa31454d5b60530522eb3e339cd93cb95a74be837e146cdf1509f2a0f6f
httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm
223cfda2ccb972d5630e7e9f32a3e55deb6bee7376cdb9894863b8ef3eee2b0e
mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm
48decd7c6cfdb1b4ca8411a6a658876640f1cb1457240f12f02c77760f90afed
mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm
1034142e47778822fffb07c07e7ccb6d83b3dedc13cad826b2dd121f35d6a2b3
mod_session-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm
dd047cb2390b43dfd09d6bc80f84e33bf953f5ebf326dcf3087ce0c4491f5ddc
mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm
920bdf8fc3c6865abcbffa56ee8931ec2d5d9c39eff4234982dc9b2144ff3e57
CLSA-2025:1737468474
kernel: Fix of 4 CVEs
TuxCare License Agreement
0
- media: edia: dvbdev: fix a use-after-free {CVE-2024-27043}
- btrfs: dev-replace: properly validate device names {CVE-2024-26791}
- KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory {CVE-2024-50115}
- net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT {CVE-2024-53057}
- ipc/sem.c: bugfix for semctl(,,GETZCNT)
- Increase KEXEC_AUTO_RESERVED_SIZE to 256M
- x86/apic/x2apic: set affinity of a single interrupt to one cpu
- bonding:avoid repeated display of same link status change
- xen/netfront: stop tx queues during live migration
- xen/balloon: Support xend-based toolstack
- md/raid5: fix oops during stripe resizing
- block: fix null pointer dereference in blk_mq_rq_timed_out()
- block: init flush rq ref count to 1
- blk-mq: Remove generation seqeunce
- Revert "driver core: bus: Fix double free in driver API bus_register()"
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- media: edia: dvbdev: fix a use-after-free {CVE-2024-27043}
- btrfs: dev-replace: properly validate device names {CVE-2024-26791}
- KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory {CVE-2024-50115}
- net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT {CVE-2024-53057}
- ipc/sem.c: bugfix for semctl(,,GETZCNT)
- Increase KEXEC_AUTO_RESERVED_SIZE to 256M
- x86/apic/x2apic: set affinity of a single interrupt to one cpu
- bonding:avoid repeated display of same link status change
- xen/netfront: stop tx queues during live migration
- xen/balloon: Support xend-based toolstack
- md/raid5: fix oops during stripe resizing
- block: fix null pointer dereference in blk_mq_rq_timed_out()
- block: init flush rq ref count to 1
- blk-mq: Remove generation seqeunce
- Revert "driver core: bus: Fix double free in driver API bus_register()"
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm
25c8d179523cceaca58f4e759c6d6a876d1a8687c12cdb6cd32ff85d57eb6d1c
kernel-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm
0b24225b81eceaecb5e15ea92acfa4b315f920cbe0170bc68f1597084efd4222
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm
5dc5d6ff59419b8ecb76b53695ec0ba2f84f59393c90235b1eb5ef854766dc68
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm
bc52da38d9d459b71d378ac7eec9f9e85145b0ff7c701b31e2cdd5e40cb1b1e5
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm
d8052d4ee01ae1bafa0250b47526c45cbb1a58957f28dea92ecbe8b8a2682526
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm
a48567eafde5846a6d3bf44b19718367cb7a3a69556a5bad9ffb153b87612a74
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm
c82ff4a1b895d318039202640e6c4ba66145e12aa4c2587e695816c2d72aff29
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm
0ba63876a2fbb322503d3bc6e341994897fa96fbf3b927cd1504de6d8e33aa4b
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm
6f9b6c7b24341b99f26a78a1b4604aa20f5ff80f732fa92a29d82b90451fe93c
perf-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm
21b5e8e0cc26001b60d45c0292055eaa54c29d87b56e145790fac08e89a03753
python-perf-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm
ba09ffcde39c08cbbf234f67a1132193be406e4cca1a27fc2380c821d1efa2c4
CLSA-2025:1737569565
rsync: Fix of CVE-2024-12085
TuxCare License Agreement
0
- CVE-2024-12085: fix to prevent information leak off the stack
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-12085: fix to prevent information leak off the stack
0
tuxcare-centos7-els
rsync-3.1.2-12.el7_9.tuxcare.els2.x86_64.rpm
679fb3334c8ec1c2bd3caafa73adcace6410c4a8fd114efada89b9688835d4a3
CLSA-2025:1737993791
postgresql: Fix of CVE-2024-7348
TuxCare License Agreement
0
- CVE-2024-7348: Fix TOCTOU race condition in pg_dump
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-7348: Fix TOCTOU race condition in pg_dump
0
tuxcare-centos7-els
postgresql-9.2.24-9.el7_9.tuxcare.els3.i686.rpm
0b426c19356ba042d2e62bae4d39bf33cead3d2fdd67b5a9d1a17f3453f2d5fd
postgresql-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm
6d1a441fb28232493360f4ef467fb5688001e8b1248d661496159dd96a2c8b0b
postgresql-contrib-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm
73659d77fa59789f3138230a5e3cc868f6590935ebc56002ac00646405c95750
postgresql-devel-9.2.24-9.el7_9.tuxcare.els3.i686.rpm
8e7245aaafae7fd3ac3d31d16cc11b3acb02c8ad00be9d165d13c37358019970
postgresql-devel-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm
698c3ed1edeb78f1e2fa5d58139f39a8fc993872f4b2db29403973a0251231e6
postgresql-docs-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm
812c105aa767b6575bf616fec5d6487f3195eb0ed545ed54932932c17082c880
postgresql-libs-9.2.24-9.el7_9.tuxcare.els3.i686.rpm
59b3066e669fb3c7100cec74652142734dbc85f875cdbb430ed997dee42fc488
postgresql-libs-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm
4e060b18daf4f50b93cbd322b016c9362195f614afe69253ab3927e20d496bfd
postgresql-plperl-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm
cc96c980663dff4b4e73a6f6d0b8891cd24cd4e6eaa6f56deb46d2abb272a6f3
postgresql-plpython-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm
1ba66f0e958cec34ec00725e7edef529e1f8707981bee370bdabc744bcedd62e
postgresql-pltcl-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm
cd9fdb36339774d4735317daeb1c624b96a5a1d816e3323b7d6baa287aa7633d
postgresql-server-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm
0beca8e39132953b3706d08c88fc49c3766f2b7b25d9edc571e54e70277d22b2
postgresql-static-9.2.24-9.el7_9.tuxcare.els3.i686.rpm
04498ef71077e48979e9a1e0ba251c0e79203c2eaf840aac49f5004f473eacfb
postgresql-static-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm
110696a2383762bcca7babd12d25b00c4e8abc0d6a61091adec8284bb66a7877
postgresql-test-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm
eed5eb1b946fbe715a6fe397adeb2a70b97fde75dcdd0e977bc99731c0074ecc
postgresql-upgrade-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm
6a4f76f3dfd812245148192df2f08b56b80bd3f4abfcf465c00411b3aab3bd44
CLSA-2025:1738672047
kernel: Fix of 15 CVEs
TuxCare License Agreement
0
- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() {CVE-2024-50282}
- drm/amdgpu: fix usage slab after free {CVE-2024-56551}
- Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() {CVE-2022-3640}
- netfilter: ipset: add missing range check in bitmap_ip_uadt {CVE-2024-53141}
- ceph: prevent use-after-free in encode_cap_msg() {CVE-2024-26689}
- net: af_can: do not leave a dangling sk pointer in can_create() {CVE-2024-56603}
- NFSv4.0: Fix a use-after-free problem in the asynchronous open() {CVE-2024-53173}
- netfilter: x_tables: fix LED ID check in led_tg_check() {CVE-2024-56650}
- scsi: bfa: Fix use-after-free in bfad_im_module_exit() {CVE-2024-53227}
- af_packet: avoid erroring out after sock_init_data() in packet_create() {CVE-2024-56606}
- Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() {CVE-2024-56605}
- wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() {CVE-2024-53156}
- Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() {CVE-2024-56604}
- initramfs: avoid filename buffer overrun {CVE-2024-53142}
- hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer {CVE-2024-53103}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() {CVE-2024-50282}
- drm/amdgpu: fix usage slab after free {CVE-2024-56551}
- Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() {CVE-2022-3640}
- netfilter: ipset: add missing range check in bitmap_ip_uadt {CVE-2024-53141}
- ceph: prevent use-after-free in encode_cap_msg() {CVE-2024-26689}
- net: af_can: do not leave a dangling sk pointer in can_create() {CVE-2024-56603}
- NFSv4.0: Fix a use-after-free problem in the asynchronous open() {CVE-2024-53173}
- netfilter: x_tables: fix LED ID check in led_tg_check() {CVE-2024-56650}
- scsi: bfa: Fix use-after-free in bfad_im_module_exit() {CVE-2024-53227}
- af_packet: avoid erroring out after sock_init_data() in packet_create() {CVE-2024-56606}
- Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() {CVE-2024-56605}
- wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() {CVE-2024-53156}
- Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() {CVE-2024-56604}
- initramfs: avoid filename buffer overrun {CVE-2024-53142}
- hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer {CVE-2024-53103}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm
f6f5fc3c40f2f8642b37ec69c27b48a20928442ff59677f6099f8c9afb937fd5
kernel-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm
ede3dd7bc1882f29fb9b5125283808b4d261793b055647097019a1de2496c4d2
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm
ad1a2509c348d59e591f9e3c4913b124ede5debe80f955e577952ca0b6177c28
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm
3d6452d3de2f86e1e66eeded4555728665eefeeb82bef4b546aeb3676bba5f9a
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm
e5cc03ceeed9b3075cc95adf407949f956b951523dee61ece7d8fb9712f46c0a
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm
b46d6c8febf598f57f01105c715c29226a61c72528b68ecc7a76e8be69f4c871
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm
758f15b5af9233335262ec604d287c9431c7fa8e97edd87c4dc2ad0ec247c60b
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm
fe74af4e92bbdf203f9b983c3402bda97f4531f5083b056d1151d4857075bdad
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm
fd396242bc943fa2cc97d8dc0f6cb9ec8cce5e317144aeaa12c3ced42e61ddcd
perf-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm
b33b21036b0d5735e9af1e0b9b9bdd99047cdb6d170eb9a62291ce2153831e99
python-perf-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm
51ccd300b4dbd935580b63acead1418b39775f96310b300a6666ba8a8156ca78
CLSA-2025:1738852614
rsync: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2024-12087: fix path traversal vulnerability in rsync enabled by the '--inc-recursive' option
- CVE-2024-12088: make --safe-links stricter
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-12087: fix path traversal vulnerability in rsync enabled by the '--inc-recursive' option
- CVE-2024-12088: make --safe-links stricter
0
tuxcare-centos7-els
rsync-3.1.2-12.el7_9.tuxcare.els3.x86_64.rpm
b298ea8b5dab0c23ab57977bd047b0e7ae6d23af2607ce11b4612ca3cecdcb01
CLSA-2025:1738695324
php: Fix of CVE-2024-8929
TuxCare License Agreement
0
- CVE-2024-8929: fix various heap buffer over-reads
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-8929: fix various heap buffer over-reads
0
tuxcare-centos7-els
php-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
e4d060420008fc644819bbe5b2bc27a9e06cc29d13fdaee3f52b69a25837cf94
php-bcmath-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
0b6f320761635602d071930690b25213c77832ae746101aedaefdf71860e98c8
php-cli-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
61476f4f09735304f0bc7a5bb4daa2e52be9f6208b8ec42ba81dcd7b4c917ee6
php-common-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
d41c01e62d8cbcecfca0b3c9945160ec0386b9f0203ca35cc9d2c8ab06efff08
php-dba-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
b55faccaef37d3ff538ea85a5a9f84bdb237cb50303325c06fef3aad0a1d534b
php-devel-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
9e89a92524589406375d2501d325b0bb6bf5830e0aa4c466555fff33daa343be
php-embedded-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
b3be03891eb0dbc54a7e69ba1cf74dcbdb90453dbe7ddcfb2953f4e55b87ac84
php-enchant-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
f6fd63c5500e0f8611394ccca21d6014f76e34a9e9f0392baf1ad5871971a42f
php-fpm-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
8bfe56bfc47a0363e7c4e31c68ea515bb2d65101a0cc8ea635e248dfd4776e6b
php-gd-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
b2f78208169a7f6f88d7f6eab336d80be666022c7550ac525d968664ec9e7aa1
php-intl-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
c3187cc3897774ceba656ddc1156ab3c9c2e782cfab2efbe6ccd29091e6f35bd
php-ldap-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
dcfbe150e09473a29ab3d554527e7e95aae86f2ec49f5615c2c4bb3a66af036a
php-mbstring-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
0e7cf5ec20ef155488dd51d74741a7d0a84ff575cda47d2f8efd1bf329e6458d
php-mysql-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
4d52159d54ffca911f88ca59ef6a3a189fb84719b60c4f2319b4a9b0c9ec04e3
php-mysqlnd-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
97b9f069eb74a9616389427d4dfea71bd80fb6a9cc71c36fe3932b56bab8b9c1
php-odbc-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
33dbd95092a028dd09284c487b47d3238cf7c558b34fcd74840e0952b4d35d5d
php-pdo-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
b73e22952d79fe052cb0843f29e75ff356dcb74976fb5bd0f5d636d6b43cf9d3
php-pgsql-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
1190ccbec666fde6e0dfa3024ccf608aa3c864b3c9a0c8b54e998d982cccd21f
php-process-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
eb1ec288b5cfe888421d7bd468832ac44c87ad849485fa0f23374745fa8fd663
php-pspell-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
03817e9790d459eb3e81c7324a3af92f8ff5300c4dadf10cf4174171a3b00dc8
php-recode-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
65d8529951684564fde15ebed55dc629738b49f7781904bdbe275c466a6319c4
php-snmp-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
8cea4fc6f2292a39d19e6171ca68cb4ce26736e24530f80d55085bd8b499c3de
php-soap-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
91fa98e870dc8201674d2c8fc3ae2c2f968b8393718a5c5ea7ae0a73ea628ea0
php-xml-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
93697000ab1c0236f4f2bcddbd306f429cfbe8bcaee7bddd9e91fd9e1ca425f3
php-xmlrpc-5.4.16-48.el7.tuxcare.els7.x86_64.rpm
534af8e0f2d44916849274286e9ea0b822e78883b26719d84e71e381387f6ed4
CLSA-2025:1739387995
krb5: Fix of CVE-2024-3596
TuxCare License Agreement
0
- CVE-2024-3596: implement support for Message-Authenticator in libkrad
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-3596: implement support for Message-Authenticator in libkrad
0
tuxcare-centos7-els
krb5-devel-1.15.1-55.el7_9.tuxcare.els2.i686.rpm
8505963082efbfe88cdefb8021ae0f2ef9385c338ef142a7534398874a8a04f2
krb5-devel-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm
87ce6fe40c83b3f6400217f7289da8bf4dfd0944596e998efe587b2545f01087
krb5-libs-1.15.1-55.el7_9.tuxcare.els2.i686.rpm
0c9d982cb5207e4cc44af0c56250b02c5b229b28229c20cdaa125e045072a349
krb5-libs-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm
ca9a20517fa351cc4649d49a98b612c7a48dbda8abcf6c107c2ba27d7bb00720
krb5-pkinit-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm
089d5eecdbce72e0135abb68aac1a343b3a7204cdc0f2653461f5c07c00e1752
krb5-server-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm
1436f4ecd0578016772ec475b8a50581e42a43b293303adbc28027f0d9100d93
krb5-server-ldap-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm
dcd9da37680d275429e2129ba042206b4402abc3a0c8fd2963e2520701562ffa
krb5-workstation-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm
1d19aa1d37ceb7972ab61035d1d24f73a6d80a7a2f73dece39811c791d01cb27
libkadm5-1.15.1-55.el7_9.tuxcare.els2.i686.rpm
4c70d19e603d11387131a475beb5b91f57642da4eaa5c171b00c6d4b1a71d68f
libkadm5-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm
5616e0c2856cc7380b8f9b49f52df6b8b78006ae14a45b0db8ea40c2bfca626d
CLSA-2025:1739388106
libevent: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2016-10195: fix an out-of-bounds stack read in the name_parse function
- CVE-2016-10196: fix a stack-based buffer overflow in the
evutil_parse_sockaddr_port function
- CVE-2016-10197: fix DoS via an empty hostname in the search_make_new function
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2016-10195: fix an out-of-bounds stack read in the name_parse function
- CVE-2016-10196: fix a stack-based buffer overflow in the
evutil_parse_sockaddr_port function
- CVE-2016-10197: fix DoS via an empty hostname in the search_make_new function
0
tuxcare-centos7-els
libevent-2.0.21-4.el7.tuxcare.els1.i686.rpm
e5d1749887d34ce121444f147b1ed17f0d7a32ad1275eb34404f3f5c3aa7b626
libevent-2.0.21-4.el7.tuxcare.els1.x86_64.rpm
ee3624af3ed6d4d10034c014b7ca3c801924b36ef8ccc59de235f4cef245acb0
libevent-devel-2.0.21-4.el7.tuxcare.els1.i686.rpm
f88efe2761ed6b97882f2df15d262afaedfb8ca083ad683bedfed76a548ff697
libevent-devel-2.0.21-4.el7.tuxcare.els1.x86_64.rpm
a84e0d1331c3a865f38a86723c60221d459af5bfde913f554d28230f144ef4f9
libevent-doc-2.0.21-4.el7.tuxcare.els1.noarch.rpm
a95871e43a3f56c50615decd0d0d95869d5c42c0584fd6ccc91f4b8b9bf65b90
CLSA-2025:1739388237
rsync: Fix of CVE-2024-12747
TuxCare License Agreement
0
- CVE-2024-12747: fix symlink race condition in sender
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-12747: fix symlink race condition in sender
0
tuxcare-centos7-els
rsync-3.1.2-12.el7_9.tuxcare.els4.x86_64.rpm
67afbc36e8a8238a1a37f576369443908f510f5414e68b64985176e3e0ef441d
CLSA-2025:1739825397
freerdp: Fix of 6 CVEs
TuxCare License Agreement
0
- CVE-2024-32458: fix missing input length checks
- CVE-2024-32459: fix missing input length check
- CVE-2024-32460: fix out-of-bound read in interleaved_decompress
- CVE-2024-32039: fix integer overflow
- CVE-2024-32040: fix missing check
- CVE-2024-32041: fix integer overflow
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-32458: fix missing input length checks
- CVE-2024-32459: fix missing input length check
- CVE-2024-32460: fix out-of-bound read in interleaved_decompress
- CVE-2024-32039: fix integer overflow
- CVE-2024-32040: fix missing check
- CVE-2024-32041: fix integer overflow
0
tuxcare-centos7-els
freerdp-2.1.1-5.el7_9.tuxcare.els4.x86_64.rpm
cfd7ff75fe86733fed32c6763207c1bfa4cc207be59882926fd112194da6ca32
freerdp-devel-2.1.1-5.el7_9.tuxcare.els4.i686.rpm
7c163ee8f771a6ca4ed1b8da57a4f1ed6e78236f016a99783acb749579ca60e0
freerdp-devel-2.1.1-5.el7_9.tuxcare.els4.x86_64.rpm
b4bfbc0a2a9a72ce6b69fa74ec12e0a9586a35ff43eb7fda58812d98cb80f09d
freerdp-libs-2.1.1-5.el7_9.tuxcare.els4.i686.rpm
7832afad3da5fd9b7f2c5ee0bd6ac85518617d93104d143f47e7712f1673286f
freerdp-libs-2.1.1-5.el7_9.tuxcare.els4.x86_64.rpm
4e5622754463086809570ab3049edb18e27210b3a5ee81f41eff8d4dc07fb6c0
libwinpr-2.1.1-5.el7_9.tuxcare.els4.i686.rpm
b6814a45bc20e82718180fe0fe50baa18ef1e48b73318022265af2cbf179183e
libwinpr-2.1.1-5.el7_9.tuxcare.els4.x86_64.rpm
0865e0287cda7ef73119d291a29d69f5b0447f29c2a2982d7fdee633491a95cb
libwinpr-devel-2.1.1-5.el7_9.tuxcare.els4.i686.rpm
a2234e3f7cbf1ff9460c56699f856ac5a161bf2d36e57c27a25e71eb2ad6db19
libwinpr-devel-2.1.1-5.el7_9.tuxcare.els4.x86_64.rpm
3d003130f20a7c09184dca94c8de0010c286026380fe1a87e4e6224f12446fea
CLSA-2025:1739823342
httpd: Fix of CVE-2022-30522
TuxCare License Agreement
0
- CVE-2022-30522: fix possible DoS
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-30522: fix possible DoS
0
tuxcare-centos7-els
httpd-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm
cd6fbd0bdacaf27c96951d9b2ee020e40aa76141bae95cf3f645aeba7b6d54a1
httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm
23d70d183ab199f060f878671a194c4bbcf2b002fd4ffd243cb299b6d7c0249e
httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els9.noarch.rpm
5edb33c5c92cb889c27866cc95694b89618d2ae4b66d5529ab880844b2e65880
httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm
0fc46b003e087f60e997772f257e07641c53b96b73381ce28fc93738ba804f0c
mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm
ffc1a8f9368ad8402b902306a08470c366c5a234c3d6b232e2ef2f801db64a81
mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm
b7de9cd111ce1512e22eb2b9ce685f92ccc31e7cbbb75651a8cba6617c9c4f2e
mod_session-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm
0532ae2e897773d127d0ab8a4c9e7e2ba5a26af4192ba6d8ffc20c986a36b66d
mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm
24044537c6d17d194ad6228e76475c1e105ab6acae5e6ff5ead80305bc6bddc4
CLSA-2025:1739975489
nss-softokn: Fix of CVE-2023-5388
TuxCare License Agreement
0
- CVE-2023-5388: fix timing attack against RSA decryption
- Bug 1784253: avoid processing unexpected inputs by checking for m_exptmod base sign
- Bug 1911912: avoid misuse of ctype(3) functions
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-5388: fix timing attack against RSA decryption
- Bug 1784253: avoid processing unexpected inputs by checking for m_exptmod base sign
- Bug 1911912: avoid misuse of ctype(3) functions
0
tuxcare-centos7-els
nss-softokn-3.90.0-6.el7_9.tuxcare.els1.i686.rpm
f9f43968a5f9eed26c68205ffef19d5cc8f55e3cc0571442b3b3a55e9000778b
nss-softokn-3.90.0-6.el7_9.tuxcare.els1.x86_64.rpm
65c2267134dadc54faf595e089306fea0e042fe861f31928d3a5c6d2adeba95f
nss-softokn-devel-3.90.0-6.el7_9.tuxcare.els1.i686.rpm
9bf32ce73ab4031cfde0aef8d7606b1554c84b67291aa25f54cfa32147dc78ef
nss-softokn-devel-3.90.0-6.el7_9.tuxcare.els1.x86_64.rpm
7ce0abae7cda0903c20cc6a72bbcf37a1fe9c0517c7b37ee727322bd5c3bf1c7
nss-softokn-freebl-3.90.0-6.el7_9.tuxcare.els1.i686.rpm
fbcf9e1009f406220b93f4d75b8bcf2cef47cf62bd67c0da2ebc406686d5c921
nss-softokn-freebl-3.90.0-6.el7_9.tuxcare.els1.x86_64.rpm
ba7bd413e289d0ecd937075f534d963f732e1df7c20fba45f1ff49ce98927618
nss-softokn-freebl-devel-3.90.0-6.el7_9.tuxcare.els1.i686.rpm
67c48ef6c4f8ac114037b73efba1a1ad29403d02e014cbb09b0c3738224e1882
nss-softokn-freebl-devel-3.90.0-6.el7_9.tuxcare.els1.x86_64.rpm
cb7a29dc357f6d3d5e69d5652e154edd1d1a3a73f415d693416a39dda09c1efa
CLSA-2025:1740075135
kernel: Fix of 4 CVEs
TuxCare License Agreement
0
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format {CVE-2024-53104}
- ALSA: 6fire: Release resources at card release {CVE-2024-53239}
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() {CVE-2024-35849}
- btrfs: fix use-after-free when COWing tree bock and tracing is enabled {CVE-2024-56759}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format {CVE-2024-53104}
- ALSA: 6fire: Release resources at card release {CVE-2024-53239}
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() {CVE-2024-35849}
- btrfs: fix use-after-free when COWing tree bock and tracing is enabled {CVE-2024-56759}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm
c7d5e6635b927c8a5233d3695c4e88ed06407de9deba15cd3dd37ed8cb0d9e68
kernel-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm
4fb8da3b2d9ffa5c8027011a9f43abca386fad93ec13bbdc3bb6ba1026f7836b
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm
8a0baef9649bcb6b30fceb160bf28bf423f142037eef4ca19ceccd6c4a3b5f9b
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm
fcf6cb1841b6d77ae7bb44d5c5ec9fa19362a6a388127cfcb48ae8a630b7a8bb
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm
9839891592e213eaef385a82d5e432051723b029bcbeefcbd9fa859483a4a7b2
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm
be821a09624a163ec8ca2fd573468e9f130e6d22afbee59a76f132735eadb433
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm
02abdfb6580a740939a289e35166d1ab5c2a3dad9000ba4e2f48c8e98765509b
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm
19905f7f44d801e46a1be4bdd810a00c924745b4d85326939683a66bcb5aaea2
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm
41d53dbaaaae72f33822388533bdc6ce0a5e15c9484442dc9c79874c718ba882
perf-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm
af7dc2343b9e1816f26164ef50da061806c7e33bc745181375272ebd895d970a
python-perf-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm
f0bd9e2f5c85e0af3cbc2c3cdad8e6e4eb9f18b15ff734e57c90782e037aaaca
CLSA-2025:1740133056
python3: Fix of CVE-2024-9287
TuxCare License Agreement
0
- CVE-2024-9287: fix path names quoting to prevent command injection in virtual
environment activation scripts
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-9287: fix path names quoting to prevent command injection in virtual
environment activation scripts
0
tuxcare-centos7-els
python3-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm
b1beeb989c36fce188a6da430f5a524db460d8628996eaf09af466a68744d989
python3-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm
22d3a480635c86833f145175272fdbcaa781118d55b48048ad6bdf754cb429f6
python3-debug-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm
6e0dcd1dfec8b1995fcdc7f0d598baf071bca5004b06bee6ebcaef1a50be5d39
python3-debug-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm
2c9f9af238452ecc1dac27268ae2411efcddff33f2e170b3a625caca4f017214
python3-devel-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm
b226fb6a00bd1d0b8288fbbaf3b54ff78cc3eb023af9cb23e5bf6019a41f77df
python3-devel-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm
fe7f12e56b829b3abd471ac626626a2e4fe58669929af90cfcf0a0acba961774
python3-idle-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm
94c2464dd8623962e3082615375ce46abf78ec7eca886952638674b950780a0e
python3-idle-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm
dd71ef2d80555d38a78041356c73f1ba7e7ded3b794ddc1eb08ff2ca1b196b36
python3-libs-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm
7e28503264d95111a9ee1ec512d0a3efd2407aa23ff7a280c1d2233dc160700f
python3-libs-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm
1b454a6a422f62cfbfbc896be8753404d4a494b843e799f3f143f9b8fd44e84f
python3-test-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm
09922f50b079b39b31abcb1ecd4f84da14f5260673789650e5c646d64815858e
python3-test-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm
ac99c6d0607bd3a44f67257b1b3b781a2ff782d68b8fe794b01b1e4e57d3a707
python3-tkinter-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm
eaaada2bcb5014f3d47959276c4e0b10b958f1476ba6a4adb63d24d0cfecb9c2
python3-tkinter-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm
47329830c97adc638f129c55aa7c3b260bbe4a82c2c23dc08f116f85ca7364b1
CLSA-2025:1740242864
php: Fix of CVE-2024-8929
TuxCare License Agreement
0
- Fixup for CVE-2024-8929: support COM_FIELD_LIST
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Fixup for CVE-2024-8929: support COM_FIELD_LIST
0
tuxcare-centos7-els
php-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
6420505192c433c0cd16c2e253e63c5992de665bc0b6ffb27177433637746a28
php-bcmath-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
c78c1136a5f6bced5349dc72e2f33494383c7cf378dbe61a46adfc52f630efc2
php-cli-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
559b31ce5bf5d962448eb6747ab9badbdacaa05b909aacf93831b800cf9e2f49
php-common-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
229213af2dab910d46793f90e393cb8014a8778e2777e4695aba75ded76fb16e
php-dba-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
2e6e7c945ca8a50fdf7ec9ae8ca417b9918fa22b81f24c4cd0499ffe51c0de78
php-devel-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
5cc4754a2b3e25edd315b539fc20889ec987d56f37297949174e7321d2061118
php-embedded-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
fb73f15465fe6cb8bcc59eda6d566dde356dc6d062c32625b0c69771df425cdd
php-enchant-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
9ca851dd268fab85e55ab7eb6d90dd1d2b48696f8ceb336d8749c1f6568957f3
php-fpm-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
3aa0aa8d9768fe314812b6c8f30362a185c558562af830d7ac1a9330502ad404
php-gd-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
59bc4871aa57871fc732dee58a8efb53af3f5ddbe5df7c555755e5cc016886bc
php-intl-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
193c1ced6cdb3f535399945e4f1ea5aee46d0907dac3b00748a84f000320e1bc
php-ldap-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
4c1a8e5a61b8b7d2f5fb43cc57723db5fcbb27c451e864b02ccd687d71bc026c
php-mbstring-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
f2ee71b57579f6732a64c471e94063ecf1303e4c213b5074b0694f4f47ca97ea
php-mysql-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
34259f6229fff4f321eb19f6690d4dcb9aed3b6db2f26313ea6be1c25ece2ae9
php-mysqlnd-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
820cf7241890b9dfcc91a3c3f0090d686c9093c0340a583ef5e4a8d5f33e7c2a
php-odbc-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
6b254cea4f9e9328ad6bc54da80447ba400b05daa9e0ee44f13f88f5019e3abd
php-pdo-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
d0e4e01b530287fc6ca4f1fc665a31b82b2b47ac53e73b912bdb2d5956cbf208
php-pgsql-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
a9b42f18c25f975fed13576f380fed183cf58d5ef3c92cfef2e01a4754957d66
php-process-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
08d0cc2907eed274c38e17d3aad230a2a150ee155360e09d7ecb287ac045281d
php-pspell-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
f6562ac8532fd92cd7214cde16f162e62e5023aafed597f8fa39879e447e9197
php-recode-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
57e925980b7d75912793b8792dc203ef79e8a7cbda3a3bc5520be0cb10cc94fd
php-snmp-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
551208955862572fe60bb10fe97fae9bdb774360b0026609f5f2fced9390a6dc
php-soap-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
3b4533482dfef43268aafc93a2debece3c14d0a418d2786cc6270ec8e33eb4c8
php-xml-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
3b14393905f3d52d403ab850778f8df3394e3be94ff6920fecf97352850f8a0d
php-xmlrpc-5.4.16-48.el7.tuxcare.els8.x86_64.rpm
ebca101d631072d589dc41972cc07dbba3ce990b543b11db63511f07efcb6e8a
CLSA-2025:1740649075
kernel: Fix of 3 CVEs
TuxCare License Agreement
0
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources {CVE-2024-53150}
- drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() {CVE-2024-57798}
- els15 crashes accessing CephFS storage from a cluster {CVE-2024-26689}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources {CVE-2024-53150}
- drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() {CVE-2024-57798}
- els15 crashes accessing CephFS storage from a cluster {CVE-2024-26689}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm
9eae48fa65ad5f649afa394e146043e4a5fbc4e7430d153428f46733a2fa2dcf
kernel-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm
afd8a59a62c7d8abb3f546bf30262ffb1d48e7d512ebfd326e68fe04f6a00813
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm
8064f819cf41a32eed0b9d0163cc446aaade28532f1caf8ab4658e2339215fed
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm
8b23cec1845ad41d8f6e71790336051c51bd18c6d4fb89500d1d3f4fdbf393cd
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm
e402cb82f8da84a75cbc11bfc69091877603d670b1f990dd94901acc6b51f64a
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm
d43cef2b1da48741ce2ef20c3f32b16a79dac4b8b7ab7342f0b7558e2e6c0fb7
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm
409368636cee97f3caaa9f2d080707a7f9f8efe371e03aceafe0329ded7256fa
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm
6038ab0717605f225e9e7d592e93b8bf9610c6c4084d50e16d2dc23b37bb47de
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm
af2241510ae2350cf736a579ae2021657be5dad3a4f7c1b819ddf8f68adc439a
perf-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm
370061d2b15f91382bb4a3ad1247e0be69e73e64a2ed43ce3f699b86bdcac535
python-perf-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm
773b3b3eabfd621a6417c6d12f41e812b581d65ce459178011bdec37ca75c321
CLSA-2025:1741291888
libxml2: Fix of CVE-2025-27113
TuxCare License Agreement
0
- CVE-2025-27113: fix compilation of explicit child axis
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-27113: fix compilation of explicit child axis
0
tuxcare-centos7-els
libxml2-2.9.1-6.0.3.el7_9.6.tuxcare.els2.i686.rpm
9230357b5ac13fe0c7f4e0d470369c8e50a7e89073f8112186d7b6267fe53b70
libxml2-2.9.1-6.0.3.el7_9.6.tuxcare.els2.x86_64.rpm
ce28af90b457006ffdbab419724d30f1c5c19b28d4cf3565aea9a26314c5483e
libxml2-devel-2.9.1-6.0.3.el7_9.6.tuxcare.els2.i686.rpm
84b7c93dc2a868a9c0ad1738d5d06b4ce0b40e94a19318d4b2b899b0b0a89b5c
libxml2-devel-2.9.1-6.0.3.el7_9.6.tuxcare.els2.x86_64.rpm
baf4e61270c8e30df6dfa49dfd5cd11f968973df156788f4ea90ac557dca41e5
libxml2-python-2.9.1-6.0.3.el7_9.6.tuxcare.els2.x86_64.rpm
ce1aa86919b24d16bd37f37c2ca2f60ef48ec717ec24398403bc60c34467f036
libxml2-static-2.9.1-6.0.3.el7_9.6.tuxcare.els2.i686.rpm
63ded894c575efc78999241b74a0999ccc76bbb2d0a9e487eee94a6e20d3fd34
libxml2-static-2.9.1-6.0.3.el7_9.6.tuxcare.els2.x86_64.rpm
3ea572ca03ccc6b4b36c088b323b7a41d9a4e19e6957b882173dbffc9bee8116
CLSA-2025:1741216880
bind: Fix of CVE-2024-11187
TuxCare License Agreement
0
- CVE-2024-11187: fix Denial of Service via Additional Section Resource Exhaustion in BIND 9
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-11187: fix Denial of Service via Additional Section Resource Exhaustion in BIND 9
0
tuxcare-centos7-els
bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
f027f8961b4eb2e2d52e89f3c4e1bd8bba97923fda68ebab2b24974773c0d2ac
bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
2de3c9c428e153280ef7382f976ff0cf52a769cd1bc5343b0f8a96883a0ddc70
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm
a709e657ebb7d23dd2180b523075f878793c71209814220690ef010e8ec31568
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
85858c0f6fb05e3f92e73c82b1777add44920fe24aa63f4d68eb3c7fc9aec8b6
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm
9d5d91ecef579b7803f9d4225dd0430df4959e7ce7b2da4629c03234e892aaad
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
fcc9d047542ab5fd4698d9587234ff0376bfd54e2edaf810533f57a9903a1d1a
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm
5b9d03730c184b362e6014b607cd739f552c51e46bfcc31e02869fd9c98f80d2
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
455c66ccb39f06ef7b0dbff61babd937aa34b1d77c50921c5ee7c974b736970c
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm
2b46d38241b146f2c0a50befaf43bfc7e6b47632f927b38c9c2e2260660376cf
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
983adb2dc742512e04b45ef1682fe310d44862ad702a7012e339c6df61241086
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm
5048299a908b9836602e3dd77535d653318ad1f6a49266324872a74b92bc3c04
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
38e077744a18a46bfbbf5e96c50d3bdef4d3e79a92e84c1ff1403c7baeecf213
bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els6.noarch.rpm
7402583f5a9f3a20514401e152d3c3404ffa3c0e615b4af06de94a833540bf02
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm
0e33ca09ec586dd5ae2d38cea8390fd1fb97771699930466fb41aaf36bb3fd8d
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
f5e4bf3bd1d726faba9d336175fef074a90e929db88c74b6ea53d8d6293c8ca7
bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
3a428ea3231d8b69f81c436c838feb7c789f95481a1d00da7a567313824a9c8a
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm
42d8c0b57e7313b982b728f61ed65834546bfce17aef10d22129fd214c3a1767
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
54c068b1c015962c0d55edb5ec183d8fc038aecd0c31bc1116dfa1e10b962946
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm
3a232460ef44fa06e1619e6f8f1aacaf661b9aee9b04d3d2a1fa17189aede0d1
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
d0a33079ce2e2dd6e1dd1f6db0851cc13078089089a991b1d179258edd91bba4
bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
00701123da326ca385e60d7c782ddc71a7d240db5efb3d97e59ea096cb5ef3fb
bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
a24cc176133774f5163ceb81a733442baa4bf70ea390f4bf45d6b752252316e9
bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
920685fab412d1acc74c6c8576ca8015cf73e545ea0acb1d1ebad8105eab53c2
bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm
7efa291f7a0c2d6830f5e46932235533d57cdcd5aafc4bf3525b294c8c4abdde
CLSA-2025:1741787747
binutils: Fix of CVE-2025-0840
TuxCare License Agreement
0
- CVE-2025-0840: fix stack-buffer-overflow at objdump disassemble_bytes
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-0840: fix stack-buffer-overflow at objdump disassemble_bytes
0
tuxcare-centos7-els
binutils-2.27-44.base.el7_9.1.tuxcare.els2.x86_64.rpm
58400707ccae548994e214d05559f9821483781e4b4db36124425691ebefa91a
binutils-devel-2.27-44.base.el7_9.1.tuxcare.els2.i686.rpm
8b6e296f098544ea750cdc5cf2c6ee17cbdc6a16b12454805cbc2498991ae0a8
binutils-devel-2.27-44.base.el7_9.1.tuxcare.els2.x86_64.rpm
da02687d581a2cb907d94ef3f3e921f9880e84a0fd6bc9f1b76444420db8dbaf
CLSA-2025:1741624133
kernel: Fix of 5 CVEs
TuxCare License Agreement
0
- HID: core: zero-initialize the report buffer {CVE-2024-50302}
- Revert "drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()"
- drm/amd/amdgpu: Fix GPR read from debugfs (v2) {CVE-2024-50282}
- USB: serial: io_edgeport: fix use after free in debug printk {CVE-2024-50267}
- wifi: iwlegacy: Clear stale interrupts before resuming device {CVE-2024-50234}
- udf: fix uninit-value use in udf_get_fileshortad {CVE-2024-50143}
- Update dependency for shim and signing key
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- HID: core: zero-initialize the report buffer {CVE-2024-50302}
- Revert "drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()"
- drm/amd/amdgpu: Fix GPR read from debugfs (v2) {CVE-2024-50282}
- USB: serial: io_edgeport: fix use after free in debug printk {CVE-2024-50267}
- wifi: iwlegacy: Clear stale interrupts before resuming device {CVE-2024-50234}
- udf: fix uninit-value use in udf_get_fileshortad {CVE-2024-50143}
- Update dependency for shim and signing key
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm
623e119df8eaf24ae0d44d5096fe0d52cb0759aaca604caf12c83e5f265991c0
kernel-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm
10f0bd5570e354e9a46eed639714822de499375cf491a2972bcb6d4c278128a5
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm
9462f60bf2ab0a318c3f85414044ec31ae71ada1cfc77e2d8da843cced139bd7
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm
7a839203e811e40d32b12f0df344898c3b2feb0d9892469279699e2d6338595e
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm
42289c73b1ae8afefd64bb78ae4058619988bf1799fc9b1dd63fc55003f89dc7
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm
d25797fd681ae45f237662574c1138c7d0b49947f9ec55c93acb3408706a3ede
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm
c9f0f3d4af5833afd2f270862d9b8e9877bddd404f8a1b1d2ab49b47873c263f
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm
a52186413ff4a529d857eb29abf9762f7b379ae6035821bf937182f9cde8e273
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm
1cea210c3aeb6f044fe3c17bc57ea00f6f9da00b5969e0cbfcd5ee3474e91c2f
perf-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm
85604647c27391d98b374a9b308c0c1dfc75080ba504095287b7b08bb396e21a
python-perf-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm
3ef41d1378cffdcc7850c0ddef42d648d6fbd34cd6478000c79e6e3175291861
CLSA-2025:1742474086
bind: Fix of CVE-2022-3094
TuxCare License Agreement
0
- CVE-2022-3094: fix resources exhaustion issue caused by flood of dynamic
DNS updates
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-3094: fix resources exhaustion issue caused by flood of dynamic
DNS updates
0
tuxcare-centos7-els
bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
a0e9c7745dc5565347119be0b00cf028ed59123319cb248430a8939c33c6b718
bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
134d713721425c4e78ef30f1da287e32b7042bb51a31bfba2f203d7c1cd659d5
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm
2a53a4bfdef920826b0db400319d1e4d4a36aea639ba114fbaa99034313e857d
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
6201c63791da528e3ccf7efbdb213c386fee175f68707018f6b78c1dbb4561ee
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm
1cd7e57a0fb314f8623130e81ffbff4048aa6830a37cab23a3a5368b5157d376
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
ced3886aed415e225389860bdbaa5b077e106b6a1ac397a422b8ff0b980656c5
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm
d678a7c4fd888493eb852a85633a62e0a09bd5914169d690bc1491cbc2cde14e
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
7693a1f8775125c965a2d203533deddd4d3640d3393bb8ad7d36f730776b248d
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm
4bd238cd0644f30a5b828aa6a1ff8c644ffe05d4f6ff6cf6e8425e89081912e9
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
15ba0ebd94f54e22a5d660fb60107c77430605ef2fb30de93cf9592bea56539c
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm
76f9ddf46fa8819af8ac21458426b018baf0116e9673f0c1ae9999b439d0b1d9
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
572c9623afdb026606c7eaf142df46f394403e1ff7f6b85841606b100716ceb5
bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els7.noarch.rpm
27163cb80827660c120d4b3d5f12fb44cbd470ef7a6ca3c41127c67a42306128
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm
72525855a157ed94478934cca319d071509680d025a2bd484cd1e94032dab46b
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
9e3da8c246e93da3869444a1e978500ee6161df3cb4cefefffd15c832462e4e9
bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
3093b8be19fe726a99f75de21f2de320c5c08bbaa948c81a3c927c58d969566d
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm
7265cb1734cceb2f2ad71b9196a56f552ddbd8fa4f44421e715e02db20444504
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
b2c6292d77659b65909f8b9a4b15cfc9ab1d2666a63cece2f247b7745d57c04e
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm
b3bc760a1d620f0d69a57442d19f3ad75c3207d49fb48e4530778c641e62af35
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
23ffe440cea772a8b2fb843d8f8af3fde6f2c2893ad8c8324b4dd34f6f871ab0
bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
a265ccb471736dbfae3bab33920c35da4db019c00df40a6b68943b40af0b39fd
bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
038b953863c6bd7eaa841a4188440828d9c38bf2231b968dd9850fba93d84474
bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
cad5eee4faf86643cc29d0d0b6da3bdb5e2703f61c91d0eef3ed7ce33b58a7d9
bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm
b161d20f2b4355653fa9862c4355c2b224f31232a2ffe0c652c8eb276fc3e348
CLSA-2025:1742319123
java-11-openjdk: Fix of 11 CVEs
TuxCare License Agreement
0
- Upgrade to openjdk-11.0.26+4. The following CVEs were fixed:
- CVE-2024-21131: potential UTF8 size overflow
- CVE-2024-21138: excessive symbol length can lead to infinite loop
- CVE-2024-21140: range Check Elimination (RCE) pre-loop limit overflow
- CVE-2024-21144: Pack200 increase loading time due to improper header
validation
- CVE-2024-21145: out-of-bounds access in 2D image handling
- CVE-2024-21147: RangeCheckElimination array index overflow
- CVE-2024-21208: HTTP client improper handling of maxHeaderSize
- CVE-2024-21210: array indexing integer overflow
- CVE-2024-21217: unbounded allocation leads to out-of-memory error
- CVE-2024-21235: integer conversion error leads to incorrect range check
- CVE-2025-21502: enhance array handling
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to openjdk-11.0.26+4. The following CVEs were fixed:
- CVE-2024-21131: potential UTF8 size overflow
- CVE-2024-21138: excessive symbol length can lead to infinite loop
- CVE-2024-21140: range Check Elimination (RCE) pre-loop limit overflow
- CVE-2024-21144: Pack200 increase loading time due to improper header
validation
- CVE-2024-21145: out-of-bounds access in 2D image handling
- CVE-2024-21147: RangeCheckElimination array index overflow
- CVE-2024-21208: HTTP client improper handling of maxHeaderSize
- CVE-2024-21210: array indexing integer overflow
- CVE-2024-21217: unbounded allocation leads to out-of-memory error
- CVE-2024-21235: integer conversion error leads to incorrect range check
- CVE-2025-21502: enhance array handling
0
tuxcare-centos7-els
java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm
70c9436fd498fcf052a80ca576ad83767fb605a4c68e63e63802f0f0df0856d9
java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
6f660300cd92728106efe436170d1477c74493b25c6ff4e254c40a3067bed5dc
java-11-openjdk-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
95083dd5b8bf8d8ae09eca79112bbb537349c9b99715b74453060c5601c33303
java-11-openjdk-demo-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm
d1a45c3d5c08d049c56331844dac550176f74eee52d85229f909321774f65c9f
java-11-openjdk-demo-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
0842c3ad42e8b17c22551ce907a0a81a7c7275567a1306752749acaf0562bb5a
java-11-openjdk-demo-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
5d5d57ece5942ce47bdb76b0a63f552e553144750e4243bc1e41ebf54030643d
java-11-openjdk-devel-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm
ea5b300d7e511701c8ea64b5be92426b1d02b3f22dd625ce9edfe067533ca2c0
java-11-openjdk-devel-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
ef30e01b15b4913e085549d4fe24791f45d1be91bcecccdb487b7582f811a2b7
java-11-openjdk-devel-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
e19f41cde3a218934c529d18b13e64f5d1a0ed614d996179aff8b9d32ec65b87
java-11-openjdk-headless-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm
5144f75b41a024ef1fc241af2c3f7f62d687b8f0900936ca3d05c027b0e2c089
java-11-openjdk-headless-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
b5066b5019b9a20b65af5e8e7ec86496312928271e884a55c22887e5aa36d06c
java-11-openjdk-headless-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
ab10df9343a06a85971db2d216e3bd4bbd947ab2a26f65dc9e0c655a20b044c3
java-11-openjdk-javadoc-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm
bc1985234438dff69904314504cce84bf31dcb1fd0125717a5054ffa35e931da
java-11-openjdk-javadoc-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
21c3ff4f82fac8b6507f415855cab060f0adfb9d7fcea456eb55476cd57c5a17
java-11-openjdk-javadoc-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
1da9abb75f31531f7e557f8d05e58cc1e7cb7da61fcf229de9cbc3bd0fc3a59c
java-11-openjdk-javadoc-zip-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm
f1d037529130ae269690112b900b13a80eb73d49fbb6573cd070b143b007a131
java-11-openjdk-javadoc-zip-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
bcd08917cd8c625eac529350051530c5e4a244a1bfb4c1167d3fd0a8c5474811
java-11-openjdk-javadoc-zip-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
81606c032f49d43f848b54339eda08e14f6f6992c0d1e11d50eb4eab432f0fc9
java-11-openjdk-jmods-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm
c73e8d531b763730b7ea32c4a0e16cf88fa7c274f3806062fa5a5ab50bac842b
java-11-openjdk-jmods-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
59595e94b3cf49e5e5d709fb97e206aa9f1d478982f625dd973970ce1f356941
java-11-openjdk-jmods-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
cb745337182bddd32822997f3d842fc39db32428eef2211234b43ee4b166652b
java-11-openjdk-src-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm
dc8d49011b9627003c414752402c75054a9480144e6a2473f9f151dd742bd30b
java-11-openjdk-src-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
123a49c3956581119b3c345d11952d23906e84b4e2c0e4a9b0b0930d76973640
java-11-openjdk-src-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
1b723d6287909e5fd75318343418701de42097c9f82be2210cdddca4bca3914b
java-11-openjdk-static-libs-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm
e83ec788800cef322a773d6c5236352dcad117ff5a668157ce040a138027b373
java-11-openjdk-static-libs-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
8eb28e0af3b4a3bb36394ad95dd03f90d28d65ded51e7743b8d8edeeaf9673b5
java-11-openjdk-static-libs-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm
fa78cdc869397d2e99675f872f13de3d13f0e993dc4c3e27d878d8fe1a7336af
CLSA-2025:1742926277
openssh: Fix of CVE-2025-26465
TuxCare License Agreement
0
- CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option is enabled
- enlarge format buffer size for certificate serial number so the log message can record any 64-bit
integer without truncation (openssh bz#3012) [Orabug: 30448895]
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option is enabled
- enlarge format buffer size for certificate serial number so the log message can record any 64-bit
integer without truncation (openssh bz#3012) [Orabug: 30448895]
0
tuxcare-centos7-els
openssh-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm
35f70cd9f34f270ebf42d65765b2e31e0d9dfba48da68d93eece8c9778806260
openssh-askpass-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm
a01770dc68367c22714a8a35b153fe162857fc08d256780a1ac85ce2cfbd3e1e
openssh-cavs-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm
ddc28a0724579b812fd1530f6aff1ced95f1a8fda797c6ff21e6c3aab946b46a
openssh-clients-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm
9712fe8a255f2d982d15234a96735f7328fc71d5cc4e1d214460431d1b44bb31
openssh-keycat-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm
6bcefbf2c687d8a8d3d324e10b6a5af8880118f5cdc6e78a89f83827e2a243ec
openssh-ldap-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm
ab4b72e218a0c19154ba0b769e91cb746e8ac789e6a550d5a66fe8cbe73e5cda
openssh-server-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm
b43183b99f1c4a21a1bfb0bd2305397659d25e9b41a16d27579a40d010e7c2d4
openssh-server-sysvinit-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm
94550772325cbbc0bacfeb2b1228b4c29c8ebd8d7fc96ed23c51e0ebeb5e15a7
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els1.i686.rpm
f8b7b15f0e10fa6935ac91127a2e7951dad00e32cddca0987e178eafa86b1405
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els1.x86_64.rpm
21af54382dcb1c29ba96d7303391ef423528b0e50550c60c2dc707be98d3d67e
CLSA-2025:1742926404
freetype: Fix of CVE-2025-27363
TuxCare License Agreement
0
- CVE-2025-27363: fix OOB write when parsing font subglyph structures
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-27363: fix OOB write when parsing font subglyph structures
0
tuxcare-centos7-els
freetype-2.8-14.el7_9.1.tuxcare.els2.i686.rpm
fb20746eabbcafe0887dacc29b5ff99dbe25880e1e77e63e6e7cb0406d1ad07b
freetype-2.8-14.el7_9.1.tuxcare.els2.x86_64.rpm
f28053c045e9d48579e804fb9891820cd6722281130e4d53cb42f16b1d6eff3d
freetype-demos-2.8-14.el7_9.1.tuxcare.els2.x86_64.rpm
0985513a4a735d0e16663c4b42cc7cc5870f3b6979ec938ce56119631391415e
freetype-devel-2.8-14.el7_9.1.tuxcare.els2.i686.rpm
e051fd807c6c5990716bb055151c40584e3e20ef6263e0a8de91ee41a4aa5abf
freetype-devel-2.8-14.el7_9.1.tuxcare.els2.x86_64.rpm
b5ae1b2c2bb0caf6d1e43939a9e689f1782bea518edfc7a66c45e0cd0344e573
CLSA-2025:1742929277
Update of shim-signed
TuxCare License Agreement
0
- Add support for oraclelinux7
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Add support for oraclelinux7
0
tuxcare-centos7-els
mokutil-15.8-2.el7.tuxcare.els1.x86_64.rpm
432d79a39b8587471d47e5ae701722710563fb6a70ef5627bb29ed5c877f45b9
shim-ia32-15.8-2.el7.tuxcare.els1.x86_64.rpm
4ecc1e860df79cb567cab36d4cce3c66d32f19cd2124c9198aeb76953184b050
shim-x64-15.8-2.el7.tuxcare.els1.x86_64.rpm
f75d5f0514923546115b4e8bb72cefde2e40381b57aa1a0bfa770c1aac0fa9ee
CLSA-2025:1743184619
bind: Fix of CVE-2023-4408
TuxCare License Agreement
0
- Remove bind-9.11.4-CVE-2023-4408.patch which introduces an ABI change that
breaks bind-dyndb-ldap
- Enforce that bind-dyndb-ldap is updated after ABI changes introduced in 9.11.4-26.P2.15
update
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Remove bind-9.11.4-CVE-2023-4408.patch which introduces an ABI change that
breaks bind-dyndb-ldap
- Enforce that bind-dyndb-ldap is updated after ABI changes introduced in 9.11.4-26.P2.15
update
0
tuxcare-centos7-els
bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
c9b145e620308495576d7fc2977264eea0725bd5a7829422680fcbf2a8371fd5
bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
00bb2054c1a5a92199b177c7c09fd3e3e97105a12e478cd2ae5328ad4c8e2e3d
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm
07670e2efe5a90a41907c0ae146e23969b2b63a7df589fc4abec492036090dc4
bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
f8bc0f5be0e6c7369cc456f5718b23bfdc280405a3e3788d568c4731e63eba36
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm
76543c5f2ab47496a2666ab64bfa8fd66da7f2645d67bf87b701750e0a9d408d
bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
b965fd09fbe006836022e9dcb6c6c1dbe524f5dfa56c6e46e2322b75af43dc5e
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm
9d10ae4b0371e6b125b204480377bb115ed00086913aa55925bfd1a6f53789b5
bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
21055280250a5a6ec47670fef45098dabac9b487f2bc98da6f04363ea9753a58
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm
3f8239ed6fbdb8ba3c766c0f0e963101c50ded8b15927d57ec51303aec534e1f
bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
b67edee4717448a7de7e4c5193dbac9ec0a3cd9f2ad9bd87ea461ea93a3313fa
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm
3d59b4ba38cdd3a396b56bbfab82883183181749d1c01be0836f86804415ffbe
bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
eec0f60b2c0e4820e5ed2b2a003ed4b951ea67da3cef3ecf1536e72fe46eb944
bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els8.noarch.rpm
096306b06c3eb80b1b8582484ccbb03d71c23f9d876e09f4b7d9e6a79e5ec547
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm
23bb0e83e9df1e735b4d59dadf5e1f3ffb5d9787a725560dc10c8900d4a606ed
bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
8a621fce09e02c20b5a5ac295421dba807ca8910ec8c03607af89a7a36fb053b
bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
9e976427b5a4630b7d185e784d918ed356bc65cd724227ef5afb01a6c1bbe69b
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm
8c616092cb5b6e6a78fa3f0b4b2a01ed4d55403ce371dacc1ea3453abe6fe2a5
bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
d8b59dbb82dfa62cc44a78e28d2f716c57cb108c5876089e348c48ae2b2d77e1
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm
0b45119677459aad66b41b964f9fb5ea71016e3aa8208ee115b8c6260b56212b
bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
65629b83ab33e7a3aa3a6149d5e4af0b6422d86a0b65f024ce684175bfa446d1
bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
ff68a9b89f98d1c2562efbebc392b66e023909e0be1200453e0691930d609975
bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
85a65c14ed0e96ca4efa3a1b1baa1275400e5e1e749a3d4a82dfbce47c9d85e7
bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
3aaecd68916db5b5eca0d39c4dad16f1f3950bc3670c4c237e8a5d332d637ba5
bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm
b32347d16d9699a8b62ce129893db23bda0f5a3aaece403dce1d1b56719dd029
CLSA-2025:1743676155
kernel: Fix of 2 CVEs
TuxCare License Agreement
0
- drm: nv04: Fix out of bounds access {CVE-2024-27008}
- media: uvcvideo: Fix double free in error path {CVE-2024-57980}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- drm: nv04: Fix out of bounds access {CVE-2024-27008}
- media: uvcvideo: Fix double free in error path {CVE-2024-57980}
0
tuxcare-centos7-els
bpftool-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm
c4d9a7247eb151f1e71810c9442a72c646b33c7e35c21fa59ad7267389da3509
kernel-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm
7cb85dc9dd035886de7bcc83acd53e98c6500f46be7e6ee481c83b846089e51a
kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm
eebed0943d00b73fd75f4a28537f17a7a7b92f628067a3f6b3dd184fe9595cee
kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm
dfac976f278aab87012c4d1c92dff6b016a0664158c994fd44ccb92ff7389903
kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm
d2ff39fb2a223c0f1ef4e4410f8b5dfd62902cf05a731827bcc5ccc2cf17ed30
kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm
06ae52f61ccbd903739e058cac84793ad1df58c084559459f23c2adbfe2b857b
kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm
3120e0660d5282e12323892981cb12a137bd7bdd514c2a65bfa0d620990d69ee
kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm
29a8ed6ef5134b137de910686b41561435785f179ebf16e4fa2fc3a6f4fa56e3
kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm
3c7b1b8cfd03bf00067e9bdbcf6b6b6411126a8f33e276b13222ce7885fb1059
perf-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm
fcb490111fe66e90dc336ad722297154dacb4d4dda881354613e1e108f8d8f2a
python-perf-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm
3deeaf5357439fe901c290399db84aaec361fb7fc0db8e1cd288f08bede12f78
CLSA-2025:1743763948
libxslt: Fix of CVE-2025-24855
TuxCare License Agreement
0
- CVE-2025-24855: fix use-after-free issue in numbers.c by restoring XPath
context node in nested XPath evaluations
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-24855: fix use-after-free issue in numbers.c by restoring XPath
context node in nested XPath evaluations
0
tuxcare-centos7-els
libxslt-1.1.28-6.el7.tuxcare.els2.i686.rpm
e1b37adcd960f1480fd8ca901343132105f892a92220666b09d4c3dc8ac43a9d
libxslt-1.1.28-6.el7.tuxcare.els2.x86_64.rpm
095c36492365a6c40d7f34a7edd25464b5419d43abfea26b049661291941d3d4
libxslt-devel-1.1.28-6.el7.tuxcare.els2.i686.rpm
4f965b026cf128d33b24a123c7dbcc98a4dac856185c5d98f1e22a7cb83ad939
libxslt-devel-1.1.28-6.el7.tuxcare.els2.x86_64.rpm
78cbf5d391d50004d7c7cda284a825e24492c79400c98b81f6a1a41fd8632110
libxslt-python-1.1.28-6.el7.tuxcare.els2.x86_64.rpm
ba2fe0f3531233dae7857527fe75d2b1179dd76f1533324165b2027fde3a9ca0
CLSA-2025:1744623757
libxslt: Fix of CVE-2024-55549
TuxCare License Agreement
0
- CVE-2024-55549: fix use-after-free issue related to exclusion
of result prefixes
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-55549: fix use-after-free issue related to exclusion
of result prefixes
0
tuxcare-centos7-els
libxslt-1.1.28-6.el7.tuxcare.els3.i686.rpm
2996432bcc07e56a879c2502992f22947175c62c5045f17c97c4ba8d613fcb24
libxslt-1.1.28-6.el7.tuxcare.els3.x86_64.rpm
a264315ab3565910b95abac9b0ae099336040f693bfe02962d529a275e2d6a8a
libxslt-devel-1.1.28-6.el7.tuxcare.els3.i686.rpm
16e44ecbc781f312f723d71889215d0e9382465d851e5b9967e5f11c3acb098b
libxslt-devel-1.1.28-6.el7.tuxcare.els3.x86_64.rpm
3f67f538e56af38d7be6c1464c5e395c138b4f92ba082964f2b0fe31aa941cd8
libxslt-python-1.1.28-6.el7.tuxcare.els3.x86_64.rpm
e7901ec7dbac871b7386b8c8a33bc9807dbb7a2a3dca4809228f5b637b754b00
CLSA-2025:1744724536
grub2: Fix of 5 CVEs
TuxCare License Agreement
0
- CVE-2025-0624: net: Out-of-bounds write in grub_net_search_configfile()
- CVE-2025-0690: read: Integer overflow may lead to out-of-bounds write
- CVE-2025-1118: commands/dump: The dump command is not in lockdown when
secure boot is enabled
- CVE-2025-0678: squash4: Integer overflow may lead to heap based
out-of-bounds write when reading data
- CVE-2025-1125: fs/hfs: Integer overflow may lead to heap based
out-of-bounds write
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-0624: net: Out-of-bounds write in grub_net_search_configfile()
- CVE-2025-0690: read: Integer overflow may lead to out-of-bounds write
- CVE-2025-1118: commands/dump: The dump command is not in lockdown when
secure boot is enabled
- CVE-2025-0678: squash4: Integer overflow may lead to heap based
out-of-bounds write when reading data
- CVE-2025-1125: fs/hfs: Integer overflow may lead to heap based
out-of-bounds write
0
tuxcare-centos7-els
grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm
d5b2454d89c894f7728227ae72399632b48e72905f239034283f4cc5e87f6250
grub2-common-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.noarch.rpm
e8660fc02747ba305700b3ecc58df1e1cc7202f836e39679b54411ed06c25426
grub2-efi-ia32-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm
5c729bb4a5679ea349b73c12a7eceaeee1aa107ee330928c12501ef00a66b962
grub2-efi-ia32-cdboot-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm
2e085f568d9db8dee28478a5408f8be9461c05f16fe8f31a9f07775598a64953
grub2-efi-ia32-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.noarch.rpm
72d9602ddc8a2ca5b6192473a25aac6a282f1ac3dce11f55a4ad37d2fb9be7ef
grub2-efi-x64-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm
679856d7b8802e9d74176be20aec95130bd312f21d23261df50d901f300bd5e7
grub2-efi-x64-cdboot-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm
257a28a7963ee69b969c8f407e533df5371712e1ba0f2d1f8092fd4101b4e51b
grub2-efi-x64-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.noarch.rpm
60aee0fe3c832396ea805d83abef626b5209370823404efcf8cd5dba9df32a6d
grub2-i386-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.noarch.rpm
09fbdfb24a5b5ac399d7bbccf6fa0ff774db699870d4090da3cc7adbd1040a57
grub2-pc-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm
c7e6e8211fb541f2fc807fa3d0c0ac60e8caed283c16afeaa14a3a75084440c7
grub2-pc-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.noarch.rpm
bbd972e0ce809ff4657024d32dc7f2a86dc48a11eefb233184a320dc6827e230
grub2-tools-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm
850c0f75e5afdee787ace6e241f37f4dcb5a7ca7ff0616a0cecb313cb20b464a
grub2-tools-extra-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm
6549d428d213de14f2630faefd8ef4f57e9848b1307e19a9d2f6e1c6e2c5d4a4
grub2-tools-minimal-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm
e4e2bd29af37c9f1e353b9edb81065570807ce8e763e7b1a041e065827f0367c