CLSA-2020:1605798462
Fix of 227 CVE
Copyright 2020 Cloud Linux Inc
0
- Fix bug #69720: Null pointer dereference in phar_get_fp_offset()
- Fix bug #70728: Type Confusion Vulnerability in PHP_to_XMLRPC_worker()
- Fix bug #70661: Use After Free Vulnerability in WDDX Packet Deserialization
- Fix bug #70741: Session WDDX Packet Deserialization Type Confusion Vulnerability
- Fix bug #71459: Integer overflow in iptcembed()
- Fix bug #71039: exec functions ignore length but look for NULL termination
- Fix bug #71354: Heap corruption in tar/zip/phar parser.
- Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()
- Fix bug #71323: Output of stream_get_meta_data can be falsified by its input
- Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()
- Fix bug #71587: Use-After-Free / Double-Free in WDDX Deserialize
- Fix bug #71860: Invalid memory write in phar on filename with \0 in name
- Fix bug #71798: Integer Overflow in php_raw_url_encode
- Fix bug #72837: integer overflow in bzdecompress caused heap corruption
- Fix bug #72681: PHP Session Data Injection Vulnerability
- Fix bug #72807: integer overflow in curl_escape caused heap corruption
- Fix bug #72838: Integer overflow lead to heap corruption in sql_regcase
- Fix bug #72697: select_colors write out-of-bounds
- Fix bug #72730: imagegammacorrect allows arbitrary write access
- Fix bug #72836: integer overflow in base64_decode caused heap corruption
- Fix bug #72848: integer overflow in quoted_printable_encode caused heap corruption
- Fix bug #72849: integer overflow in urlencode caused heap corruption
- Fix bug #72850: integer overflow in php_uuencode caused heap corruption
- Fix bug #72771: ftps:// wrapper is vulnerable to protocol downgrade attack
- Fix bug #72749: wddx_deserialize allows illegal memory access
- Fix bug #72750: wddx_deserialize null dereference
- Fix bug #72790: wddx_deserialize null dereference with invalid xml
- Fix bug #72799: wddx_deserialize null dereference in php_wddx_pop_element
- Fix bug #73189: Memcpy negative size parameter php_resolve_path
- Fix bug #73150: missing NULL check in dom_document_save_html
- Fix bug #73284: heap overflow in php_ereg_replace function
- Fix bug #73218: stack-buffer-overflow through "ResourceBundle" methods
- Fix bug #73208: integer overflow in imap_8bit caused heap corruption
- Fix bug #73082: string length overflow in mb_encode_* function
- Fix bug #73174: heap overflow in php_pcre_replace_impl
- Fix bug #73276: crash in openssl_random_pseudo_bytes function
- Fix bug #73275: crash in openssl_encrypt function
- Fix bug #73017: memory corruption in wordwrap function
- Fix bug #73240: Write out of bounds at number_format
- Fix bug #73073: CachingIterator null dereference when convert to string
- Fix bug #73293: NULL pointer dereference in SimpleXMLElement::asXML()
- Fix bug #73356: crash in bzcompress function
- Fix bug #72696: imagefilltoborder stackoverflow on truecolor images
- Fix bug #73418: Integer Overflow in "_php_imap_mail" leads Heap Overflow
- Fix bug #73144: Use-after-free in ArrayObject Deserialization
- Fix bug #73192: parse_url return wrong hostname
- Fix bug #73331: NULL Pointer Dereference in WDDX Packet Deserialization with PDORow
- Fix bug #73452: Segfault (Regression for #69152)
- Fix bug #73631: Invalid read when wddx decodes empty boolean element
- Fix bug #67587: Redirection loop on nginx with FPM
- Fix bug #71465: PHAR doesn't know about litespeed
- Fix bug #73737: FPE when parsing a tag format
- Fix bug #73868: Fix DOS vulnerability in gdImageCreateFromGd2Ctx()
- Fix bug #73869: Signed Integer Overflow gd_io.c
- Fix bug #73773: Seg fault when loading hostile phar
- Fix bug #70436: Use After Free Vulnerability in unserialize()
- Fix bug #74603: PHP INI Parsing Stack Buffer Overflow Vulnerability
- Fix bug #72535: arcfour encryption stream filter crashes php
- Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's
GC algorithm and unseria
- Fix bug #72455: Heap Overflow due to integer overflows
- Fix bug #74782: Reflected XSS in .phar 404 page
- Fix bug #71335: Type Confusion in WDDX Packet Deserialization
- Fix bug #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value
- Fix bug #76249: stream filter convert.iconv leads to infinite loop on
invalid sequence
- Fix bug #76248: Malicious LDAP-Server Response causes Crash
- Fix bug #76129: fix for CVE-2018-5712 may not be complete
- Fix bug #75981: stack-buffer-overflow while parsing HTTP response
- Fix bug #74385: Locale::parseLocale() broken with some arguments
- Fix bug #76335: "link(): Bad file descriptor" with non-ASCII path
- Fix bug #76383: array_map on $GLOBALS returns IS_INDIRECT
- Fix bug #73342: Vulnerability in php-fpm by changing stdin to non-blocking
- Fix bug #76505: array_merge_recursive() is duplicating sub-array keys
- Fix bug #76532: Integer overflow and excessive memory usage in mb_strimwidth
- Fix bug #76548: pg_fetch_result did not fetch the next row
- Fix bug #76488: Memory leak when fetching a BLOB field
- Fix bug #76665: SQLite3Stmt::bindValue() with SQLITE3_FLOAT doesn't juggle
- Fix bug #75402: Possible Memory Leak using PDO::CURSOR_SCROLL option
- Fix bug #76517: --with-gettext= causes configure to misjudges there is no getcwd
- Fix bug #72443: Installing shared extensions: cp: cannot stat 'modules/*':
No such file or dire
- Fix bug #68175: RegexIterator pregFlags are NULL instead of 0
- Fix bug #55146: iconv_mime_decode_headers() skips some headers
- Fix bug #63839: iconv_mime_decode_headers function is skipping headers
- Fix bug #60494: iconv_mime_decode does ignore special characters
- Fix bug #68180: iconv_mime_decode can return extra characters in a header
- Fix bug #73457: Wrong error message when fopen FTP wrapped fails to open
data connection
- Fix bug #74454: Wrong exception being thrown when using ReflectionMethod
- Fix bug #74764: Bindto IPv6 works with file_get_contents but fails with
stream_socket_client
- Fix bug #75273: php_zlib_inflate_filter() may not update bytes_consumed
- Fix bug #75696: posix_getgrnam fails to print details of group
- Fix bug #76480: Use curl_multi_wait() so that timeouts are respected
- Fix bug #76800: foreach inconsistent if array modified during loop
- Fix bug #76886: Can't build xmlrpc with expat
- Fix bug #76901: method_exists on SPL iterator passthrough method corrupts memory
- Fix bug #77242: heap out of bounds read in xmlrpc_decode()
- Fix bug #77247: heap buffer overflow in phar_detect_phar_fname_ext
- Fix bug #77270: imagecolormatch Out Of Bounds Write on Heap
- Fix bug #77370: Buffer overflow on mb regex functions - fetch_token
- Fix bug #77380: Global out of bounds read in xmlrpc base64 code
- Fix bug #77630: rename() across the device may allow unwanted access
during processing
- Fix bug #77494: Disabling class causes segfault on member access
- Fix bug #77431: openFile() silently truncates after a null byte
- Fix bug #51068: DirectoryIterator glob:// don't support current path
relative queries
- Fix bug #77396: Null Pointer Dereference in phar_create_or_parse_filename
- Fix bug #77540: Invalid Read on exif_process_SOFn
- Fix bug #77390: feof might hang on TLS streams in case of fragmented TLS records
- Fix bug #77586: phar_tar_writeheaders_int() buffer overflow
- Fix bug #77546: iptcembed broken function
- Fix bug #77563: Uninitialized read in exif_process_IFD_in_MAKERNOTE
- Fix bug #76557: heap-buffer-overflow (READ of size 48) while reading exif data
- Fix bug #77024: SplFileObject::__toString() may return array
- Fix bug #77945: Segmentation fault when constructing SoapClient with WSDL_CACHE_BOTH
- Fix bug #77697: Crash on Big_Endian platform
- Fix bug #77943: imageantialias($image, false); does not work
- Fix bug #77944: Wrong meta pdo_type for bigint on LLP64
- Fix bug #76717: var_export() does not create a parsable value for PHP_INT_MIN
- Fix bug #77921: static.php.net doesn't work anymore
- Fix bug #77934: php-fpm kill -USR2 not working
- Fix bug #77700: Writing truecolor images as GIF ignores interlace flag
- Fix bug #77765: FTP stream wrapper should set the directory as executable
- Fix bug #50020: DateInterval:createDateFromString() silently fails
- Fix bug #77742: bcpow() implementation related to gcc compiler optimization
- Fix bug #77967: Bypassing open_basedir restrictions via file uris
- Fix bug #77973: Uninitialized read in gdImageCreateFromXbm
- Fix bug #77988: heap-buffer-overflow on php_jpg_get16
- Fix bug #78192: SegFault when reuse statement after schema has changed
- Fix bug #77124: FTP with SSL memory leak
- Fix bug #78256: heap-buffer-overflow on exif_process_user_comment
- Fix bug #78222: heap-buffer-overflow on exif_scan_thumbnail
- Fix bug #77946: Bad cURL resources returned by curl_multi_info_read()
- Fix bug #78333: Exif crash (bus error) due to wrong alignment and invalid cast
- Fix bug #69100: Bus error from stream_copy_to_stream (file -> SSL stream)
with invalid length
- Fix bug #76342: file_get_contents waits twice specified timeout
- Fix bug #76859: stream_get_line skips data if used with data-generating filter
- Fix bug #78579: mb_decode_numericentity: args number inconsistency
- Fix bug #78910: Heap-buffer-overflow READ in exif
- Fix bug #78878: Buffer underflow in bc_shift_addsub
- Fix bug #78793: Use-after-free in exif parsing under memory sanitizer
- Fix bug #78863: DirectoryIterator class silently truncates after a null byte
- Fix bug #79099: OOB read in php_strip_tags_ex
- Fix bug #79082: Files added to tar with Phar::buildFromIterator have
all-access permissions
- Fix bug #79329: get_headers() silently truncates after a null byte
- Fix bug #79282: Use-of-uninitialized-value in exif
- Fix bug #61597: SimpleXMLElement doesn't include both @attributes and
textContent in properties
- Fix bug #74940: DateTimeZone loose comparison always true until properties
are initialized.
- Fix bug #79296: ZipArchive::open fails on empty file (libzip 1.6.0)
- Fix bug #79330: shell_exec() silently truncates after a null byte
- Fix bug #79364: When copy empty array, next key is unspecified.
- Fix bug #79396: DateTime hour incorrect during DST jump forward using setTime
- Fix bug #79410: system() swallows last chunk if it is exactly 4095 bytes
without newline
- Fix bug #79424: php_zip_glob uses gl_pathc after call to globfree
- Fix bug #79465: OOB Read in urldecode() (CVE-2020-7067)
- Fix bug #78221: DOMNode::normalize() doesn't remove empty text nodes
- Fix bug #78875: Long filenames cause OOM and temp files are not cleaned
(CVE-2019-11048)
- Fix bug #78876: Long variables in multipart/form-data cause OOM and temp
files are not cleaned (CVE-2019-11048)
- Fix bug #79514: Memory leaks while including unexistent file
- Fix bug #79528: Different object of the same xml between 7.4.5 and 7.4.4
- Fix bug #62890: default_socket_timeout=-1 causes connection to timeout
- Fix bug #70362: Can't copy() large 'data://' with open_basedir
- Fix bug #73527: Invalid memory access in php_filter_strip
- Fix bug #74267: segfault with streams and invalid data
- Fix bug #79787: mb_strimwidth does not trim string
- Fix bug #79877: getimagesize function silently truncates after a null byte
- Fix bug #68447: grapheme_extract take an extra trailing character
- Fix bug #68825: Inconsistent exception in DirectoryIterator::getLinkTarget()
- Fix bug #74145: wddx parsing empty boolean tag leads to SIGSEGV (CVE-2017-11143)
- Fix bug #74651: negative-size-param (-1) in memcpy in zif_openssl_seal()
(CVE-2017-11144)
- Fix bug #74435: Buffer over-read into uninitialized memory (CVE-2017-7890)
- Fix bug #73093: Unserialize Exception object can lead to infinite loop
(CVE-2016-7478)
- Fix bug #72520: Stack-based buffer overflow vulnerability in php_stream_zip_opener
(CVE-2016-6297)
- Fix bug #73825: Heap out of bounds read on unserialize in finish_nested_data()
(CVE-2016-10161)
- Fix bug #60491: Session module is adoptive (CVE-2011-4718)
- Fix bug #69253: ZIP Integer Overflow leads to writing past heap boundary
(CVE-2015-2331)
- Fix bug #69418: CVE-2006-7243 fix regressions in 5.4+ (CVE-2015-4025)
- Fix bug #68598: pcntl_exec() should not allow null char (CVE-2015-4026)
- Fix bug #69207: move_uploaded_file allows nulls in path (CVE-2015-2348)
- Fix bug #69218: potential remote code execution with apache 2.4 apache2handler
(CVE-2015-3330)
- Fix bug #69719: Incorrect handling of paths with NULs, related to bug 69353
(CVE-2015-4598)
- Fix bug #69353: Missing null byte checks for paths in various PHP extensions
(CVE-2015-3411)
- Fix bugs #70168, #70169, #70166, #70155: Use After Free Vulnerability in
unserialize() with
SplObjectStorage, SplDoublyLinkedList, SPLArrayObject, SPLArrayObject (CVE-2015-6831)
- Fix bug #70019: Files extracted from archive may be placed outside of
destination directory (CVE-2015-6833)
- Fix bug #70388: SOAP serialize_function_call() type confusion / RCE (CVE-2015-6836)
- Fix bug #69782: NULL pointer dereference (CVE-2015-6837, CVE-2015-6838)
- Fix bug #70433: Uninitialized pointer in phar_make_dirstream when zip entry
filename is "/" (CVE-2015-7804)
- Fix bug #69923: Buffer overflow and stack smashing error in phar_fix_filepath
(CVE-2015-5590)
- Fix bug #71488: Stack overflow when decompressing tar archives (CVE-2016-2554)
- Fix bug #72061: Out-of-bounds reads in zif_grapheme_stripos with negative offset
(CVE-2016-4541, CVE-2016-4540)
- Fix bug #72094: Out of bounds heap read access in exif header processing
(CVE-2016-4542)
- Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition
(CVE-2016-4537)
- Fix bug #71331: Uninitialized pointer in phar_make_dirstream() (CVE-2016-4343)
- Fix bug #72241: get_icu_value_internal out-of-bounds read (CVE-2016-5093)
- Fix bug #72135: Integer Overflow in php_html_entities() (CVE-2016-5094)
- Fix bug #72114: Integer underflow / arbitrary null write in fread/gzread
(CVE-2016-5096)
- Fix bug #72339: Integer Overflow in _gd2GetHeader() resulting in heap overflow
(CVE-2016-5766)
- Fix bug #72340: Double Free Courruption in wddx_deserialize (CVE-2016-5772)
- Fix bug #72613: Inadequate error handling in bzread() (CVE-2016-5399)
- Fix bug #70480: php_url_parse_ex() buffer overflow read (CVE-2016-6288)
- Fix bug #72513: Stack-based buffer overflow vulnerability in virtual_file_ex
(CVE-2016-6289)
- Fix bug #72562: Use After Free in unserialize() with Unexpected Session
Deserialization (CVE-2016-6290)
- Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE (CVE-2016-6291)
- Fix bug #72533: locale_accept_from_http out-of-bounds access (CVE-2016-6294)
- Fix bug #69975: PHP segfaults when accessing nvarchar(max) defined columns
(CVE-2015-8879)
- Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
(CVE-2016-6296)
- Fix bug #72293: Heap overflow in mysqlnd related to BIT fields (CVE-2016-7412)
- Fix bug #72860: wddx_deserialize use-after-free (CVE-2016-7413)
- Fix bug #72928: Out of bound when verify signature of zip phar in phar_parse_zipfile
(CVE-2016-7414)
- Fix bug #73007: SEH buffer overflow msgfmt_format_message (CVE-2016-7416)
- Fix bug #73029: Missing type check when unserializing SplArray (CVE-2016-7417)
- Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c (CVE-2016-7418)
- Fix bug #73280: Stack Buffer Overflow in GD dynamicGetbuf (CVE-2016-8670)
- Fix bug #73764: Crash while loading hostile phar archive (CVE-2016-10159)
- Fix bug #73768: Memory corruption when loading hostile phar (CVE-2016-10160)
- Fix bug #72627: Memory Leakage In exif_process_IFD_in_TIFF (CVE-2016-7128)
- Fix bug #70350: ZipArchive::extractTo allows for directory traversal when
creating directories (CVE-2014-9767)
- Fix bug #70081: SoapClient info leak / null pointer dereference via multiple
type confusions (CVE-2015-8835)
- Fix bug #70121: unserialize() could lead to unexpected methods execution / NULL
pointer deref (CVE-2015-8876)
- Fix bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
(CVE-2016-4073)
- Fix bug #70014: openssl_random_pseudo_bytes() is not cryptographically secure
(CVE-2015-8867)
- Fix bug #77371: heap buffer overflow in mb regex functions - compile_string_node
(CVE-2019-9023)
- Fix bug #77381: heap buffer overflow in multibyte match_at (CVE-2019-9023)
- Fix bug #77382: heap buffer overflow due to incorrect length in expand_case_fold_string
(CVE-2019-9023)
- Fix bug #77385: buffer overflow in fetch_token (CVE-2019-9023)
- Fix bug #77394: Buffer overflow in multibyte case folding - unicode (CVE-2019-9023)
- Fix vulnerabilities with oniguruma: CVE-2017-9226, CVE-2017-9224, CVE-2017-9227,
CVE-2017-9228, CVE-2019-13224
- Fix general vulneravilities: CVE-2014-9653, CVE-2015-0235, CVE-2015-3152,
CVE-2016-3074
- Fix bug #79699: PHP parses encoded cookie names so malicious `__Host-` cookies
can be sent (CVE-2020-7070)
- Fix bug #80007: Potential type confusion in unixtojd() parameter parsing
High
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Fix bug #69720: Null pointer dereference in phar_get_fp_offset()
- Fix bug #70728: Type Confusion Vulnerability in PHP_to_XMLRPC_worker()
- Fix bug #70661: Use After Free Vulnerability in WDDX Packet Deserialization
- Fix bug #70741: Session WDDX Packet Deserialization Type Confusion Vulnerability
- Fix bug #71459: Integer overflow in iptcembed()
- Fix bug #71039: exec functions ignore length but look for NULL termination
- Fix bug #71354: Heap corruption in tar/zip/phar parser.
- Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()
- Fix bug #71323: Output of stream_get_meta_data can be falsified by its input
- Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()
- Fix bug #71587: Use-After-Free / Double-Free in WDDX Deserialize
- Fix bug #71860: Invalid memory write in phar on filename with \0 in name
- Fix bug #71798: Integer Overflow in php_raw_url_encode
- Fix bug #72837: integer overflow in bzdecompress caused heap corruption
- Fix bug #72681: PHP Session Data Injection Vulnerability
- Fix bug #72807: integer overflow in curl_escape caused heap corruption
- Fix bug #72838: Integer overflow lead to heap corruption in sql_regcase
- Fix bug #72697: select_colors write out-of-bounds
- Fix bug #72730: imagegammacorrect allows arbitrary write access
- Fix bug #72836: integer overflow in base64_decode caused heap corruption
- Fix bug #72848: integer overflow in quoted_printable_encode caused heap corruption
- Fix bug #72849: integer overflow in urlencode caused heap corruption
- Fix bug #72850: integer overflow in php_uuencode caused heap corruption
- Fix bug #72771: ftps:// wrapper is vulnerable to protocol downgrade attack
- Fix bug #72749: wddx_deserialize allows illegal memory access
- Fix bug #72750: wddx_deserialize null dereference
- Fix bug #72790: wddx_deserialize null dereference with invalid xml
- Fix bug #72799: wddx_deserialize null dereference in php_wddx_pop_element
- Fix bug #73189: Memcpy negative size parameter php_resolve_path
- Fix bug #73150: missing NULL check in dom_document_save_html
- Fix bug #73284: heap overflow in php_ereg_replace function
- Fix bug #73218: stack-buffer-overflow through "ResourceBundle" methods
- Fix bug #73208: integer overflow in imap_8bit caused heap corruption
- Fix bug #73082: string length overflow in mb_encode_* function
- Fix bug #73174: heap overflow in php_pcre_replace_impl
- Fix bug #73276: crash in openssl_random_pseudo_bytes function
- Fix bug #73275: crash in openssl_encrypt function
- Fix bug #73017: memory corruption in wordwrap function
- Fix bug #73240: Write out of bounds at number_format
- Fix bug #73073: CachingIterator null dereference when convert to string
- Fix bug #73293: NULL pointer dereference in SimpleXMLElement::asXML()
- Fix bug #73356: crash in bzcompress function
- Fix bug #72696: imagefilltoborder stackoverflow on truecolor images
- Fix bug #73418: Integer Overflow in "_php_imap_mail" leads Heap Overflow
- Fix bug #73144: Use-after-free in ArrayObject Deserialization
- Fix bug #73192: parse_url return wrong hostname
- Fix bug #73331: NULL Pointer Dereference in WDDX Packet Deserialization with PDORow
- Fix bug #73452: Segfault (Regression for #69152)
- Fix bug #73631: Invalid read when wddx decodes empty boolean element
- Fix bug #67587: Redirection loop on nginx with FPM
- Fix bug #71465: PHAR doesn't know about litespeed
- Fix bug #73737: FPE when parsing a tag format
- Fix bug #73868: Fix DOS vulnerability in gdImageCreateFromGd2Ctx()
- Fix bug #73869: Signed Integer Overflow gd_io.c
- Fix bug #73773: Seg fault when loading hostile phar
- Fix bug #70436: Use After Free Vulnerability in unserialize()
- Fix bug #74603: PHP INI Parsing Stack Buffer Overflow Vulnerability
- Fix bug #72535: arcfour encryption stream filter crashes php
- Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's
GC algorithm and unseria
- Fix bug #72455: Heap Overflow due to integer overflows
- Fix bug #74782: Reflected XSS in .phar 404 page
- Fix bug #71335: Type Confusion in WDDX Packet Deserialization
- Fix bug #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value
- Fix bug #76249: stream filter convert.iconv leads to infinite loop on
invalid sequence
- Fix bug #76248: Malicious LDAP-Server Response causes Crash
- Fix bug #76129: fix for CVE-2018-5712 may not be complete
- Fix bug #75981: stack-buffer-overflow while parsing HTTP response
- Fix bug #74385: Locale::parseLocale() broken with some arguments
- Fix bug #76335: "link(): Bad file descriptor" with non-ASCII path
- Fix bug #76383: array_map on $GLOBALS returns IS_INDIRECT
- Fix bug #73342: Vulnerability in php-fpm by changing stdin to non-blocking
- Fix bug #76505: array_merge_recursive() is duplicating sub-array keys
- Fix bug #76532: Integer overflow and excessive memory usage in mb_strimwidth
- Fix bug #76548: pg_fetch_result did not fetch the next row
- Fix bug #76488: Memory leak when fetching a BLOB field
- Fix bug #76665: SQLite3Stmt::bindValue() with SQLITE3_FLOAT doesn't juggle
- Fix bug #75402: Possible Memory Leak using PDO::CURSOR_SCROLL option
- Fix bug #76517: --with-gettext= causes configure to misjudges there is no getcwd
- Fix bug #72443: Installing shared extensions: cp: cannot stat 'modules/*':
No such file or dire
- Fix bug #68175: RegexIterator pregFlags are NULL instead of 0
- Fix bug #55146: iconv_mime_decode_headers() skips some headers
- Fix bug #63839: iconv_mime_decode_headers function is skipping headers
- Fix bug #60494: iconv_mime_decode does ignore special characters
- Fix bug #68180: iconv_mime_decode can return extra characters in a header
- Fix bug #73457: Wrong error message when fopen FTP wrapped fails to open
data connection
- Fix bug #74454: Wrong exception being thrown when using ReflectionMethod
- Fix bug #74764: Bindto IPv6 works with file_get_contents but fails with
stream_socket_client
- Fix bug #75273: php_zlib_inflate_filter() may not update bytes_consumed
- Fix bug #75696: posix_getgrnam fails to print details of group
- Fix bug #76480: Use curl_multi_wait() so that timeouts are respected
- Fix bug #76800: foreach inconsistent if array modified during loop
- Fix bug #76886: Can't build xmlrpc with expat
- Fix bug #76901: method_exists on SPL iterator passthrough method corrupts memory
- Fix bug #77242: heap out of bounds read in xmlrpc_decode()
- Fix bug #77247: heap buffer overflow in phar_detect_phar_fname_ext
- Fix bug #77270: imagecolormatch Out Of Bounds Write on Heap
- Fix bug #77370: Buffer overflow on mb regex functions - fetch_token
- Fix bug #77380: Global out of bounds read in xmlrpc base64 code
- Fix bug #77630: rename() across the device may allow unwanted access
during processing
- Fix bug #77494: Disabling class causes segfault on member access
- Fix bug #77431: openFile() silently truncates after a null byte
- Fix bug #51068: DirectoryIterator glob:// don't support current path
relative queries
- Fix bug #77396: Null Pointer Dereference in phar_create_or_parse_filename
- Fix bug #77540: Invalid Read on exif_process_SOFn
- Fix bug #77390: feof might hang on TLS streams in case of fragmented TLS records
- Fix bug #77586: phar_tar_writeheaders_int() buffer overflow
- Fix bug #77546: iptcembed broken function
- Fix bug #77563: Uninitialized read in exif_process_IFD_in_MAKERNOTE
- Fix bug #76557: heap-buffer-overflow (READ of size 48) while reading exif data
- Fix bug #77024: SplFileObject::__toString() may return array
- Fix bug #77945: Segmentation fault when constructing SoapClient with WSDL_CACHE_BOTH
- Fix bug #77697: Crash on Big_Endian platform
- Fix bug #77943: imageantialias($image, false); does not work
- Fix bug #77944: Wrong meta pdo_type for bigint on LLP64
- Fix bug #76717: var_export() does not create a parsable value for PHP_INT_MIN
- Fix bug #77921: static.php.net doesn't work anymore
- Fix bug #77934: php-fpm kill -USR2 not working
- Fix bug #77700: Writing truecolor images as GIF ignores interlace flag
- Fix bug #77765: FTP stream wrapper should set the directory as executable
- Fix bug #50020: DateInterval:createDateFromString() silently fails
- Fix bug #77742: bcpow() implementation related to gcc compiler optimization
- Fix bug #77967: Bypassing open_basedir restrictions via file uris
- Fix bug #77973: Uninitialized read in gdImageCreateFromXbm
- Fix bug #77988: heap-buffer-overflow on php_jpg_get16
- Fix bug #78192: SegFault when reuse statement after schema has changed
- Fix bug #77124: FTP with SSL memory leak
- Fix bug #78256: heap-buffer-overflow on exif_process_user_comment
- Fix bug #78222: heap-buffer-overflow on exif_scan_thumbnail
- Fix bug #77946: Bad cURL resources returned by curl_multi_info_read()
- Fix bug #78333: Exif crash (bus error) due to wrong alignment and invalid cast
- Fix bug #69100: Bus error from stream_copy_to_stream (file -> SSL stream)
with invalid length
- Fix bug #76342: file_get_contents waits twice specified timeout
- Fix bug #76859: stream_get_line skips data if used with data-generating filter
- Fix bug #78579: mb_decode_numericentity: args number inconsistency
- Fix bug #78910: Heap-buffer-overflow READ in exif
- Fix bug #78878: Buffer underflow in bc_shift_addsub
- Fix bug #78793: Use-after-free in exif parsing under memory sanitizer
- Fix bug #78863: DirectoryIterator class silently truncates after a null byte
- Fix bug #79099: OOB read in php_strip_tags_ex
- Fix bug #79082: Files added to tar with Phar::buildFromIterator have
all-access permissions
- Fix bug #79329: get_headers() silently truncates after a null byte
- Fix bug #79282: Use-of-uninitialized-value in exif
- Fix bug #61597: SimpleXMLElement doesn't include both @attributes and
textContent in properties
- Fix bug #74940: DateTimeZone loose comparison always true until properties
are initialized.
- Fix bug #79296: ZipArchive::open fails on empty file (libzip 1.6.0)
- Fix bug #79330: shell_exec() silently truncates after a null byte
- Fix bug #79364: When copy empty array, next key is unspecified.
- Fix bug #79396: DateTime hour incorrect during DST jump forward using setTime
- Fix bug #79410: system() swallows last chunk if it is exactly 4095 bytes
without newline
- Fix bug #79424: php_zip_glob uses gl_pathc after call to globfree
- Fix bug #79465: OOB Read in urldecode() (CVE-2020-7067)
- Fix bug #78221: DOMNode::normalize() doesn't remove empty text nodes
- Fix bug #78875: Long filenames cause OOM and temp files are not cleaned
(CVE-2019-11048)
- Fix bug #78876: Long variables in multipart/form-data cause OOM and temp
files are not cleaned (CVE-2019-11048)
- Fix bug #79514: Memory leaks while including unexistent file
- Fix bug #79528: Different object of the same xml between 7.4.5 and 7.4.4
- Fix bug #62890: default_socket_timeout=-1 causes connection to timeout
- Fix bug #70362: Can't copy() large 'data://' with open_basedir
- Fix bug #73527: Invalid memory access in php_filter_strip
- Fix bug #74267: segfault with streams and invalid data
- Fix bug #79787: mb_strimwidth does not trim string
- Fix bug #79877: getimagesize function silently truncates after a null byte
- Fix bug #68447: grapheme_extract take an extra trailing character
- Fix bug #68825: Inconsistent exception in DirectoryIterator::getLinkTarget()
- Fix bug #74145: wddx parsing empty boolean tag leads to SIGSEGV (CVE-2017-11143)
- Fix bug #74651: negative-size-param (-1) in memcpy in zif_openssl_seal()
(CVE-2017-11144)
- Fix bug #74435: Buffer over-read into uninitialized memory (CVE-2017-7890)
- Fix bug #73093: Unserialize Exception object can lead to infinite loop
(CVE-2016-7478)
- Fix bug #72520: Stack-based buffer overflow vulnerability in php_stream_zip_opener
(CVE-2016-6297)
- Fix bug #73825: Heap out of bounds read on unserialize in finish_nested_data()
(CVE-2016-10161)
- Fix bug #60491: Session module is adoptive (CVE-2011-4718)
- Fix bug #69253: ZIP Integer Overflow leads to writing past heap boundary
(CVE-2015-2331)
- Fix bug #69418: CVE-2006-7243 fix regressions in 5.4+ (CVE-2015-4025)
- Fix bug #68598: pcntl_exec() should not allow null char (CVE-2015-4026)
- Fix bug #69207: move_uploaded_file allows nulls in path (CVE-2015-2348)
- Fix bug #69218: potential remote code execution with apache 2.4 apache2handler
(CVE-2015-3330)
- Fix bug #69719: Incorrect handling of paths with NULs, related to bug 69353
(CVE-2015-4598)
- Fix bug #69353: Missing null byte checks for paths in various PHP extensions
(CVE-2015-3411)
- Fix bugs #70168, #70169, #70166, #70155: Use After Free Vulnerability in
unserialize() with
SplObjectStorage, SplDoublyLinkedList, SPLArrayObject, SPLArrayObject (CVE-2015-6831)
- Fix bug #70019: Files extracted from archive may be placed outside of
destination directory (CVE-2015-6833)
- Fix bug #70388: SOAP serialize_function_call() type confusion / RCE (CVE-2015-6836)
- Fix bug #69782: NULL pointer dereference (CVE-2015-6837, CVE-2015-6838)
- Fix bug #70433: Uninitialized pointer in phar_make_dirstream when zip entry
filename is "/" (CVE-2015-7804)
- Fix bug #69923: Buffer overflow and stack smashing error in phar_fix_filepath
(CVE-2015-5590)
- Fix bug #71488: Stack overflow when decompressing tar archives (CVE-2016-2554)
- Fix bug #72061: Out-of-bounds reads in zif_grapheme_stripos with negative offset
(CVE-2016-4541, CVE-2016-4540)
- Fix bug #72094: Out of bounds heap read access in exif header processing
(CVE-2016-4542)
- Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition
(CVE-2016-4537)
- Fix bug #71331: Uninitialized pointer in phar_make_dirstream() (CVE-2016-4343)
- Fix bug #72241: get_icu_value_internal out-of-bounds read (CVE-2016-5093)
- Fix bug #72135: Integer Overflow in php_html_entities() (CVE-2016-5094)
- Fix bug #72114: Integer underflow / arbitrary null write in fread/gzread
(CVE-2016-5096)
- Fix bug #72339: Integer Overflow in _gd2GetHeader() resulting in heap overflow
(CVE-2016-5766)
- Fix bug #72340: Double Free Courruption in wddx_deserialize (CVE-2016-5772)
- Fix bug #72613: Inadequate error handling in bzread() (CVE-2016-5399)
- Fix bug #70480: php_url_parse_ex() buffer overflow read (CVE-2016-6288)
- Fix bug #72513: Stack-based buffer overflow vulnerability in virtual_file_ex
(CVE-2016-6289)
- Fix bug #72562: Use After Free in unserialize() with Unexpected Session
Deserialization (CVE-2016-6290)
- Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE (CVE-2016-6291)
- Fix bug #72533: locale_accept_from_http out-of-bounds access (CVE-2016-6294)
- Fix bug #69975: PHP segfaults when accessing nvarchar(max) defined columns
(CVE-2015-8879)
- Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
(CVE-2016-6296)
- Fix bug #72293: Heap overflow in mysqlnd related to BIT fields (CVE-2016-7412)
- Fix bug #72860: wddx_deserialize use-after-free (CVE-2016-7413)
- Fix bug #72928: Out of bound when verify signature of zip phar in phar_parse_zipfile
(CVE-2016-7414)
- Fix bug #73007: SEH buffer overflow msgfmt_format_message (CVE-2016-7416)
- Fix bug #73029: Missing type check when unserializing SplArray (CVE-2016-7417)
- Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c (CVE-2016-7418)
- Fix bug #73280: Stack Buffer Overflow in GD dynamicGetbuf (CVE-2016-8670)
- Fix bug #73764: Crash while loading hostile phar archive (CVE-2016-10159)
- Fix bug #73768: Memory corruption when loading hostile phar (CVE-2016-10160)
- Fix bug #72627: Memory Leakage In exif_process_IFD_in_TIFF (CVE-2016-7128)
- Fix bug #70350: ZipArchive::extractTo allows for directory traversal when
creating directories (CVE-2014-9767)
- Fix bug #70081: SoapClient info leak / null pointer dereference via multiple
type confusions (CVE-2015-8835)
- Fix bug #70121: unserialize() could lead to unexpected methods execution / NULL
pointer deref (CVE-2015-8876)
- Fix bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
(CVE-2016-4073)
- Fix bug #70014: openssl_random_pseudo_bytes() is not cryptographically secure
(CVE-2015-8867)
- Fix bug #77371: heap buffer overflow in mb regex functions - compile_string_node
(CVE-2019-9023)
- Fix bug #77381: heap buffer overflow in multibyte match_at (CVE-2019-9023)
- Fix bug #77382: heap buffer overflow due to incorrect length in expand_case_fold_string
(CVE-2019-9023)
- Fix bug #77385: buffer overflow in fetch_token (CVE-2019-9023)
- Fix bug #77394: Buffer overflow in multibyte case folding - unicode (CVE-2019-9023)
- Fix vulnerabilities with oniguruma: CVE-2017-9226, CVE-2017-9224, CVE-2017-9227,
CVE-2017-9228, CVE-2019-13224
- Fix general vulneravilities: CVE-2014-9653, CVE-2015-0235, CVE-2015-3152,
CVE-2016-3074
- Fix bug #79699: PHP parses encoded cookie names so malicious `__Host-` cookies
can be sent (CVE-2020-7070)
- Fix bug #80007: Potential type confusion in unixtojd() parameter parsing
0
cloudlinux-x86_64-server-6
php-zts-5.3.3-51.el6.cloudlinux.x86_64.rpm
77983a301fb34cc6a470324419a124781af4c01d193dd03dc70b8caa73e7369c
php-dba-5.3.3-51.el6.cloudlinux.x86_64.rpm
5524e3c27a0355a899b1060b5a2ea73b6c788635972c9dc207907d2883b98c5a
php-mbstring-5.3.3-51.el6.cloudlinux.x86_64.rpm
858fd17fd80c0472dec5d29f6452a79fa38f1dc315187348f149d16d24238012
php-imap-5.3.3-51.el6.cloudlinux.x86_64.rpm
1f8f8b45fb9e983ffc2b096b9f5480b68fb7ea9250517b3a9e9b0f6b93d6dfb6
php-enchant-5.3.3-51.el6.cloudlinux.x86_64.rpm
b3196af918f4d873ed1029caa6103b88872ccd3772a9061f83536406a1f05374
php-pspell-5.3.3-51.el6.cloudlinux.x86_64.rpm
0e340d999430d7a94cdb3e0714e7da313102006651f2fec86cc02c2e831714d3
php-devel-5.3.3-51.el6.cloudlinux.x86_64.rpm
b7f12738733030aa08d5ef7aecbba278a1e14614371fc3573c243caf6fc21e59
php-pdo-5.3.3-51.el6.cloudlinux.x86_64.rpm
85fe9b0f819147ea48603b12880f36b6f8c9bc86d57f6066c20e7357eecf371e
php-cli-5.3.3-51.el6.cloudlinux.x86_64.rpm
a7a3dab3b8bb72a0dad44849ac4ff9900c6e5b3c54b0f66a21270546eba7724b
php-pgsql-5.3.3-51.el6.cloudlinux.x86_64.rpm
a711f0a7a7bdd461818aa00bc3356cc1062e4b61a83598f2f94c7c88283a2fa0
php-snmp-5.3.3-51.el6.cloudlinux.x86_64.rpm
44834ac589ea68fff8efda63c96b7ba69eb62d33b89646aafef02378193a92e1
php-odbc-5.3.3-51.el6.cloudlinux.x86_64.rpm
79103255ecbdcbe115a9a9b48e07e362fe190225f4e50c663744e5a7b05c4fd1
php-5.3.3-51.el6.cloudlinux.x86_64.rpm
a9b13bff5590f340a5211ac867734599b2b3971df1f6f304e2a06cab9607aa85
php-embedded-5.3.3-51.el6.cloudlinux.x86_64.rpm
dc98822a582c74d91cbf0fb83b24304693fe9b9b60ca17c68541fbe6dd139ca3
php-common-5.3.3-51.el6.cloudlinux.x86_64.rpm
ff0397bfc6e5f1cee05de2a7f55fe93edda70e7726293ba5d7e5c163b726a0a3
php-tidy-5.3.3-51.el6.cloudlinux.x86_64.rpm
83e8a365d5aa353a692df67acb59d67be4fc0eab1f308ddc0afba149d0720111
php-xmlrpc-5.3.3-51.el6.cloudlinux.x86_64.rpm
5c075c8a7ead0f8f118433cd0d7342bcbc3d152c1cd7d6ae4987a54f767708d4
php-intl-5.3.3-51.el6.cloudlinux.x86_64.rpm
c5504a4b89ee82b1572e174786d3f8b63d261368044c429da6f0021a5b538dcf
php-xml-5.3.3-51.el6.cloudlinux.x86_64.rpm
7d04ebdd10e34d5f457bf3148641a2f7754e5b61f413192d32e73866b8c6917f
php-soap-5.3.3-51.el6.cloudlinux.x86_64.rpm
4bf39a04c66ec44fcd9ee85ad5baf0c8bb9ade238d415c78cedb36fc7523780a
php-ldap-5.3.3-51.el6.cloudlinux.x86_64.rpm
07f1c5666c59f1811e3e98a41d1faaa901d4dc3cfc788410a8188c795394aca7
php-mysql-5.3.3-51.el6.cloudlinux.x86_64.rpm
20d9877760162c544d916629682ff37969e156d8c28258e2ac3cfcf2d8038ce7
php-process-5.3.3-51.el6.cloudlinux.x86_64.rpm
afdc7274a1362ffd935fae4a63ba35aa5853f8a2cda5732aa7c84b8a41926d60
php-recode-5.3.3-51.el6.cloudlinux.x86_64.rpm
ec1e4ff9744fbd30edd7f197401c99b551c1dd294bd0aab39e16f3314116fde1
php-gd-5.3.3-51.el6.cloudlinux.x86_64.rpm
9510d1d3531504a7a28afcc47608900b67bdcd9136c0c9c74e43f835c3387af8
php-fpm-5.3.3-51.el6.cloudlinux.x86_64.rpm
324e3855c0c42066d7e2dbe720abd2bd35ab3f2546c69fbd1f01e2d1aba40b8a
php-bcmath-5.3.3-51.el6.cloudlinux.x86_64.rpm
e820af52aabe92188b7a7e8e3e272bf7e18562deb4139cd622f8a1f1ab29369c
CLSA-2020:1608724009
Fix of CVE: CVE-2020-8284
Copyright 2020 Cloud Linux Inc
0
- trusting FTP PASV responses (CVE-2020-8284)
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- trusting FTP PASV responses (CVE-2020-8284)
0
cloudlinux-x86_64-server-6
curl-7.19.7-55.el6.cloudlinux.els6.x86_64.rpm
746e86c90fbb046985500bd4c2b1190a652004ea
libcurl-7.19.7-55.el6.cloudlinux.els6.x86_64.rpm
2ca0ba4c9dfe8a012dc9664f50badd8fb4d9b61b
libcurl-devel-7.19.7-55.el6.cloudlinux.els6.x86_64.rpm
ac234396280d6a9cffc7cfd51be9817c81793a6d
CLSA-2020:1608724134
Fix CVE: CVE-2020-1971
Copyright 2020 Cloud Linux Inc
0
EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)
0
cloudlinux-x86_64-server-6
openssl-devel-1.0.1e-59.el6.cloudlinux.els6.x86_64.rpm
37478e5144de1bb57f5819e55880fb3349fd44a8
openssl-static-1.0.1e-59.el6.cloudlinux.els6.x86_64.rpm
2f6b4cd0ea35654ea09928a849dc515b9adaaaa8
openssl-perl-1.0.1e-59.el6.cloudlinux.els6.x86_64.rpm
e2d3211e23fc6d7b84e5021cd26c0382ce1bcd86
openssl-1.0.1e-59.el6.cloudlinux.els6.x86_64.rpm
dec78da49b73708a777789fb442db446593151f0
CLSA-2021:1611743864
Fix CVE-2021-3156: Heap-based buffer overflow in sudo
Copyright 2021 Cloud Linux Inc
0
Fix CVE-2021-3156: Heap-based buffer overflow in sudo.
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
Fix CVE-2021-3156: Heap-based buffer overflow in sudo.
0
cloudlinux-x86_64-server-6
sudo-devel-1.8.6p3-30.el6.cloudlinux.els6.i686.rpm
b86cef0331bc594eab100acff506ad2ea9631aec
sudo-devel-1.8.6p3-30.el6.cloudlinux.els6.x86_64.rpm
7ea34681f262db1c229fb483c6e1250682c6d336
sudo-1.8.6p3-30.el6.cloudlinux.els6.x86_64.rpm
c0a02631a0f959cd6a8498eb9fa833aa4209fd22
CLSA-2021:1614885634
Fix of CVE:CVE-2021-23841
Copyright 2021 Cloud Linux Inc
0
- Fix Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841)
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Fix Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841)
0
cloudlinux-x86_64-server-6
openssl-1.0.1e-60.el6.cloudlinux.els6.i686.rpm
345c0f9eb8a8d05d805fc28a090196893b70dd7a
openssl-perl-1.0.1e-60.el6.cloudlinux.els6.x86_64.rpm
013c876267bfdf2da276e394d3db194305e5e750
openssl-devel-1.0.1e-60.el6.cloudlinux.els6.x86_64.rpm
08c00aa5cfcb04b89f2bde3be6b4507ddaffea94
openssl-devel-1.0.1e-60.el6.cloudlinux.els6.i686.rpm
ebde5293f1880ed54b58de5a0b70b4575549905e
openssl-static-1.0.1e-60.el6.cloudlinux.els6.x86_64.rpm
fcb0dfac2f46c3701f3f1c718f502856b9b47725
openssl-1.0.1e-60.el6.cloudlinux.els6.x86_64.rpm
aa0ab87bba9e2e4a431bb468394ce7e40da2b186
CLSA-2021:1616001357
Security fix for CVE-2019-10160
Copyright 2021 Cloud Linux Inc
0
Security fix for CVE-2019-10160
Resolves: rhbz#1716744
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Security fix for CVE-2019-10160
Resolves: rhbz#1716744
0
cloudlinux-x86_64-server-6
python-libs-2.6.6-68.el6.x86_64.rpm
75b8a02cf8028755f62c209de6559c0ce32e6dd2
python-libs-2.6.6-68.el6.i686.rpm
2d00c733f1c1371f3e6b9a0c2385e22f3b6abdf0
python-tools-2.6.6-68.el6.x86_64.rpm
a618d1a1b804ee30ac0aea3dbc2d7f4296aaa8a1
python-2.6.6-68.el6.x86_64.rpm
a6a88b3c2cb8483017c411033b00e937ae4a7c2e
python-devel-2.6.6-68.el6.x86_64.rpm
029a838773637f843ae0de7ffb6b949dd8acd8eb
tkinter-2.6.6-68.el6.x86_64.rpm
f389c9e2ba00ce4aeff446e850154e009f6e7fed
python-2.6.6-68.el6.i686.rpm
c2f855eb3e3ca47738fefe9a9b7995e0f49dd814
python-devel-2.6.6-68.el6.i686.rpm
619ae3473fa66b583d620af4c1dd77f2f0b513e1
python-test-2.6.6-68.el6.x86_64.rpm
2ed7f59d6700731e7196d05f139414505f965851
CLSA-2021:1617285762
Fix of CVE-2021-22876
Copyright 2021 Cloud Linux Inc
0
- back-port urlapi from v7.75.0 (used by CVE-2021-22876)
- strip credentials from the auto-referer header (CVE-2021-22876)
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- back-port urlapi from v7.75.0 (used by CVE-2021-22876)
- strip credentials from the auto-referer header (CVE-2021-22876)
0
cloudlinux-x86_64-server-6
libcurl-devel-7.19.7-56.el6.cloudlinux.els6.x86_64.rpm
cfe023d5526391644c23a6eb98e2f411cf361cac
curl-7.19.7-56.el6.cloudlinux.els6.x86_64.rpm
e2a98267ff5b6bb0d59e3f8d9c1ae6488eee39ee
libcurl-7.19.7-56.el6.cloudlinux.els6.i686.rpm
05d9f4521b61d33b60626ff711d9564271ee8056
libcurl-7.19.7-56.el6.cloudlinux.els6.x86_64.rpm
455bc7971eb8328c56a3b48d75bb6facceb233ed
libcurl-devel-7.19.7-56.el6.cloudlinux.els6.i686.rpm
eb85dff2ede257d29fec9e0f572ef10ffa440baa
CLSA-2021:1617641265
Fix of Add fix for CVE-2020-29599
Copyright 2021 Cloud Linux Inc
0
- Add fix for CVE-2020-29599
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Add fix for CVE-2020-29599
0
cloudlinux-x86_64-server-6
ImageMagick-devel-6.7.2.7-7.el6.i686.rpm
3cfdca78b40546d88db9d7a41c93cacf17261d6c
ImageMagick-6.7.2.7-7.el6.i686.rpm
cbe1ee0004ef47312d523d6de5e5b90eb23bef19
ImageMagick-devel-6.7.2.7-7.el6.x86_64.rpm
2fd17d8c93ec570d834b4a41e24770a887f2cffa
ImageMagick-c++-devel-6.7.2.7-7.el6.x86_64.rpm
1ff1fbad67ec258c287f4577b1e81bace693e3a3
ImageMagick-6.7.2.7-7.el6.x86_64.rpm
1d09317f43477b9f2e2352f91d9429d93944d65b
ImageMagick-perl-6.7.2.7-7.el6.x86_64.rpm
61459a20aff13a5d4a67ecb77082124f4b24586d
ImageMagick-c++-6.7.2.7-7.el6.i686.rpm
8762e886846b288f385b9f4fcc8fde1233d052e1
ImageMagick-c++-devel-6.7.2.7-7.el6.i686.rpm
ed20318ea4b36fd0c342d7167b90626356f9be84
ImageMagick-doc-6.7.2.7-7.el6.x86_64.rpm
a97fbe265c0c82f2d56b360110633f9f7027b2f6
ImageMagick-c++-6.7.2.7-7.el6.x86_64.rpm
7687894bab83272e38d9f493b09c73523203cc00
CLSA-2021:1618497131
Fix of CVE: CVE-2021-26937
Copyright 2021 Cloud Linux Inc
0
- fix CVE-2021-26937
important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- fix CVE-2021-26937
0
cloudlinux-x86_64-server-6
screen-4.0.3-20.el6.cloudlinux.els6.x86_64.rpm
9645980ebd5878b3f557e7af11dd27074b70c24d
CLSA-2021:1623075541
Fix of CVE: CVE-2021-25217
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-25217: avoid buffer overrun
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-25217: avoid buffer overrun
0
cloudlinux-x86_64-server-6
dhcp-common-4.1.1-64.P1.el6.cloudlinux.els.x86_64.rpm
e7462f1ee6a0b36f7670ebdf2a227c8f0f4ed93f
dhclient-4.1.1-64.P1.el6.cloudlinux.els.x86_64.rpm
4defe0a7127d18fb0ec9122b1bb191eaeac0b060
dhcp-devel-4.1.1-64.P1.el6.cloudlinux.els.x86_64.rpm
44296a2d250495d1df0183abbd8ac11493803f9b
dhcp-devel-4.1.1-64.P1.el6.cloudlinux.els.i686.rpm
29a5bae48f1ebc32f11810087e2f91dbebd293bc
dhcp-4.1.1-64.P1.el6.cloudlinux.els.x86_64.rpm
ea14e1c55ca55b2829f2311cbdacf732830b80c6
CLSA-2021:1623075923
Fix of CVE: CVE-2021-28153
Copyright 2021 Cloud Linux Inc
0
- Fixed CVE-2021-28153: g_file_replace() with G_FILE_CREATE_REPLACE_DESTINATION
creates empty target for dangling symlink
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Fixed CVE-2021-28153: g_file_replace() with G_FILE_CREATE_REPLACE_DESTINATION
creates empty target for dangling symlink
0
cloudlinux-x86_64-server-6
glib2-2.28.8-12.el6.cloudlinux.els.i686.rpm
146c7c92e70abd79ca128db67b52ac79261822f1
glib2-doc-2.28.8-12.el6.cloudlinux.els.noarch.rpm
fbde61baf030fc44acce74d8061d4b0b1eb311ca
glib2-devel-2.28.8-12.el6.cloudlinux.els.i686.rpm
bea887e14290e96656ef874bc78ae17d23fcf5f1
glib2-devel-2.28.8-12.el6.cloudlinux.els.x86_64.rpm
4979b665041b1626a25c3e0c7e9c448b04d29461
glib2-2.28.8-12.el6.cloudlinux.els.x86_64.rpm
7e11bef638e1740c0b141c98ee13d1982719922b
glib2-static-2.28.8-12.el6.cloudlinux.els.x86_64.rpm
aa96722a8f2b2940add0011b79c32fa78b922286
CLSA-2021:1624372464
Fix of CVE: CVE-2021-3504
Copyright 2021 Cloud Linux Inc
0
- Bounds check for block exceeding page length (CVE-2021-3504)
resolves: rhbz#1950500
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Bounds check for block exceeding page length (CVE-2021-3504)
resolves: rhbz#1950500
0
cloudlinux-x86_64-server-6
hivex-devel-1.3.3-4.4.el6.cloudlinux.els.i686.rpm
43123abc93fa579c74cde5fc5f4c4c27fddd4da3
hivex-devel-1.3.3-4.4.el6.cloudlinux.els.x86_64.rpm
847aa372dbe40072e79a376d2959ef1228edb2bc
ocaml-hivex-1.3.3-4.4.el6.cloudlinux.els.x86_64.rpm
4f125a612b2605ca5c42bc88b21634398d09315c
python-hivex-1.3.3-4.4.el6.cloudlinux.els.x86_64.rpm
b504ec6a6e5fd181002e0475eeff2d186a96796d
ocaml-hivex-devel-1.3.3-4.4.el6.cloudlinux.els.i686.rpm
5d48513b79bb6f3eb8c85f7876d1c7984ac1a9cf
ocaml-hivex-devel-1.3.3-4.4.el6.cloudlinux.els.x86_64.rpm
54e29620ab72e1f311106476c3efd6776dd4769b
hivex-1.3.3-4.4.el6.cloudlinux.els.i686.rpm
e92b2e7968fc952df79b26a23ae2e15888cf01fa
perl-hivex-1.3.3-4.4.el6.cloudlinux.els.x86_64.rpm
9e946185fa6897c0745e2aa6311765db9088af8e
hivex-1.3.3-4.4.el6.cloudlinux.els.x86_64.rpm
3ee1b30906e40fcc2e9a04e609c4600b7febbc8b
CLSA-2021:1625650209
Fix of CVE: CVE-2021-23240
Copyright 2021 Cloud Linux Inc
0
- sudo-1.8.6p3-CVE-2021-23240-2.patch: fixed issue with credentials management in sudoedit
- sudo-1.8.6p3-CVE-2021-23240-3.patch: fixed issue with origin file removal in sesh
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- sudo-1.8.6p3-CVE-2021-23240-2.patch: fixed issue with credentials management in sudoedit
- sudo-1.8.6p3-CVE-2021-23240-3.patch: fixed issue with origin file removal in sesh
0
cloudlinux-x86_64-server-6
sudo-devel-1.8.6p3-32.el6.cloudlinux.els.x86_64.rpm
b44fa68be41396d987855ce5f429f850282a096e
sudo-devel-1.8.6p3-32.el6.cloudlinux.els.i686.rpm
0787690d6c7d03b2a0f0cb1145f27129e92c6812
sudo-1.8.6p3-32.el6.cloudlinux.els.x86_64.rpm
976c04cd4bccf08cbbdac61d0d123a872f649f08
CLSA-2021:1628782974
Fix of CVE: CVE-2020-8450, CVE-2020-8517, CVE-2020-8449
Copyright 2021 Cloud Linux Inc
0
- CVE-2020-8449: fix improper HTTP request validation allowing access to
resources which are prohibited by security filters
- CVE-2020-8450: fix incorrect buffer managment leading to buffer overflow
- CVE-2020-8517: fix incorrect input validation allowing writing outside of buffer
and leading to denial of service
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2020-8449: fix improper HTTP request validation allowing access to
resources which are prohibited by security filters
- CVE-2020-8450: fix incorrect buffer managment leading to buffer overflow
- CVE-2020-8517: fix incorrect input validation allowing writing outside of buffer
and leading to denial of service
0
cloudlinux-x86_64-server-6
squid-3.1.23-29.el6.cloudlinux.els.x86_64.rpm
5b69dacb42afcd69cb0ad252423d8fd111def5eb
CLSA-2021:1629395067
Fix of CVE: CVE-2021-33574, CVE-2021-35942, CVE-2021-38604
Copyright 2021 Cloud Linux Inc
0
- Adopt pthread_attr_copy functionality, test case is included
- CVE-2021-33574: avoid use-after-free vulnerability
- CVE-2021-35942: avoid out-of-bounds read via
signed integer overflow in array index
- CVE-2021-38604: considered. No NULL pointer dereference is possible
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Adopt pthread_attr_copy functionality, test case is included
- CVE-2021-33574: avoid use-after-free vulnerability
- CVE-2021-35942: avoid out-of-bounds read via
signed integer overflow in array index
- CVE-2021-38604: considered. No NULL pointer dereference is possible
0
cloudlinux-x86_64-server-6
glibc-devel-2.12-2.213.el6.cloudlinux.els.i686.rpm
6335446580a152deb9772aa6c69ed173ceb0cb54
glibc-utils-2.12-2.213.el6.cloudlinux.els.x86_64.rpm
fb64f34fe0dea2cce58fd27d8a87b272bb94e931
glibc-static-2.12-2.213.el6.cloudlinux.els.x86_64.rpm
eca1ab23cfbdc2e735c6bc1d3876bdf9fa4b0c4e
glibc-common-2.12-2.213.el6.cloudlinux.els.x86_64.rpm
4d418beb950e23526eabb6a012ca91096fd65656
nscd-2.12-2.213.el6.cloudlinux.els.x86_64.rpm
9f008811ec8ab9f441fe9d0cee3079c270050358
glibc-static-2.12-2.213.el6.cloudlinux.els.i686.rpm
a3c5dc3b7a425b6720621f876bd7429c3efb3974
glibc-devel-2.12-2.213.el6.cloudlinux.els.x86_64.rpm
1a33b24b1cbf03cf5e198835a38544947f65671a
glibc-2.12-2.213.el6.cloudlinux.els.i686.rpm
17c14274acc2b9299864f16dddd37f769b37cd4e
glibc-headers-2.12-2.213.el6.cloudlinux.els.x86_64.rpm
a9af03b229b56f5ed739700a1282494f914d082d
glibc-2.12-2.213.el6.cloudlinux.els.x86_64.rpm
9e88a04af76db3912d0d7c1f63900c0298fdad8e
CLSA-2021:1629902677
Fix of CVE: CVE-2020-14058, CVE-2020-15049
Copyright 2021 Cloud Linux Inc
0
- CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of
service
- CVE-2020-15049: fix incorrect validation of Content-Length field leading to
Http smuggling and Poisoning attack
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of
service
- CVE-2020-15049: fix incorrect validation of Content-Length field leading to
Http smuggling and Poisoning attack
0
cloudlinux-x86_64-server-6
squid-3.1.23-30.el6.cloudlinux.els.x86_64.rpm
0700fd3903aa00340270df52548e0878dabfe956
CLSA-2021:1632261610
Fix of CVE: CVE-2020-8625
Copyright 2021 Cloud Linux Inc
0
- Fix buffer overflow in the SPNEGO implementation affecting GSSAPI security
policy negotiation (CVE-2020-8625)
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Fix buffer overflow in the SPNEGO implementation affecting GSSAPI security
policy negotiation (CVE-2020-8625)
0
cloudlinux-x86_64-server-6
bind-sdb-9.8.2-0.68.rc16_10.9.cloudlinux.els.x86_64.rpm
761935c060395aed42ac52acff994af2bf09a296
bind-libs-9.8.2-0.68.rc16_10.9.cloudlinux.els.x86_64.rpm
c6384f769fcd111590546947277d1100cb421451
bind-9.8.2-0.68.rc16_10.9.cloudlinux.els.x86_64.rpm
5fc8e3df49c460c39796cd51deb2e5f470cd499b
bind-devel-9.8.2-0.68.rc16_10.9.cloudlinux.els.i686.rpm
69f801c96dc340b137e2eed1644f80a40da38a40
bind-utils-9.8.2-0.68.rc16_10.9.cloudlinux.els.x86_64.rpm
9cb6dafe4c55164d3ccce6892d656aecc43243e7
bind-chroot-9.8.2-0.68.rc16_10.9.cloudlinux.els.x86_64.rpm
b6f79f7c7f62f9d7536af767b9ab6fdcf37ccff1
bind-devel-9.8.2-0.68.rc16_10.9.cloudlinux.els.x86_64.rpm
017a1d0286b20e2c378346934fb6df152d399847
bind-libs-9.8.2-0.68.rc16_10.9.cloudlinux.els.i686.rpm
2a6c8f86ae195ca4e4ddc9ac49b86374498d718f
CLSA-2021:1632261664
Fix of CVE: CVE-2021-27364, CVE-2021-27363, CVE-2021-27365
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-27365: scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
- CVE-2021-27365: scsi: iscsi: Verify lengths on passthrough PDUs
- CVE-2021-27363: CVE-2021-27364: scsi: iscsi: Restrict sessions and handles to admin capabilities
- sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-27365: scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
- CVE-2021-27365: scsi: iscsi: Verify lengths on passthrough PDUs
- CVE-2021-27363: CVE-2021-27364: scsi: iscsi: Restrict sessions and handles to admin capabilities
- sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
0
cloudlinux-x86_64-server-6
python-perf-2.6.32-754.35.3.el6.x86_64.rpm
08050157dbc782260e86b82b291b87336cbbcc71
kernel-firmware-2.6.32-754.35.3.el6.x86_64.rpm
915c0f9f1ffc69cd267d5222e074949d202d554d
perf-2.6.32-754.35.3.el6.x86_64.rpm
2be1a425a4852e7de4da10d629cb26b83a74fd77
kernel-debug-devel-2.6.32-754.35.3.el6.x86_64.rpm
11fdb61d47b189e2b6d28ae797b0905eaade4156
kernel-devel-2.6.32-754.35.3.el6.x86_64.rpm
7916c238fd9512492dcd72074a91bdc996bef55e
kernel-debug-devel-2.6.32-754.35.3.el6.i686.rpm
0e02c83fd9e101c19c8064967d1ca5298f574704
kernel-headers-2.6.32-754.35.3.el6.x86_64.rpm
140157b14840c4536c7b7d8014c5aff9691aad30
kernel-firmware-2.6.32-754.35.3.el6.i686.rpm
182042a6525cd6d9c17f3cd5510e8ec67ce6256d
kernel-2.6.32-754.35.3.el6.x86_64.rpm
4ffa880ad37b4c1dfd420ed5bec2bec67fdd5f29
kernel-debug-2.6.32-754.35.3.el6.x86_64.rpm
a10203e9b57b1e03417746d3c82ff74ff86aa8c2
CLSA-2021:1632261705
Fix of CVE: CVE-2021-25215, CVE-2021-25214, CVE-2021-25216
Copyright 2021 Cloud Linux Inc
0
- A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly (CVE-2021-25214)
- An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215)
- A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack (CVE-2021-25216)
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly (CVE-2021-25214)
- An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215)
- A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack (CVE-2021-25216)
0
cloudlinux-x86_64-server-6
bind-sdb-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm
a033999d6a9550e1fbebef65658df3b4853438ab
bind-libs-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm
7935f5bdb9b748b46b4feea1e5e4775398f1d435
bind-devel-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm
4e14fee27e3fec6371b8b8cec55ccee33aaab9ef
bind-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm
1b2c2f019690762712619ceca3a9f809aa3b38a8
bind-utils-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm
03267c6b26391b8aa9fe8c70a52dbf8f5724c131
bind-chroot-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm
56af25d2507dd1306aedeb7cc83b1545a681ffa1
CLSA-2021:1632261741
Fix of CVE: CVE-2021-23017
Copyright 2021 Cloud Linux Inc
0
- Fixed CVE-2021-23017 : Off-by-one in ngx_resolver_copy() when
- labels are followed by a pointer to a root domain name
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Fixed CVE-2021-23017 : Off-by-one in ngx_resolver_copy() when
- labels are followed by a pointer to a root domain name
0
cloudlinux-x86_64-server-6
nginx-mod-http-image-filter-1.10.3-2.el6.cloudlinux.els.x86_64.rpm
29f74bd4b080cb0a48aa8bf920a2d446e68e2eb8
nginx-mod-http-geoip-1.10.3-2.el6.cloudlinux.els.x86_64.rpm
a37d349aa0926ede063db86d791e73bfb19198d4
nginx-mod-http-perl-1.10.3-2.el6.cloudlinux.els.x86_64.rpm
b677f2ad0b3c3c97a97a04052b0c2acc0b024f79
nginx-1.10.3-2.el6.cloudlinux.els.x86_64.rpm
7450c7212c13c31a6673bbf9ffff49e706758e87
nginx-filesystem-1.10.3-2.el6.cloudlinux.els.noarch.rpm
ee14a7768df74d7cf6e65600f2ad1e3e6cfc2428
nginx-mod-stream-1.10.3-2.el6.cloudlinux.els.x86_64.rpm
611a34f903984a4ffa89dd8228f2cb5b6ba5622e
nginx-mod-http-xslt-filter-1.10.3-2.el6.cloudlinux.els.x86_64.rpm
e9e0e404b4fca0cf479b068ce868e1141c31d9b1
nginx-mod-mail-1.10.3-2.el6.cloudlinux.els.x86_64.rpm
4bbcd67b293306584afe32b9622fae2a19457faf
nginx-all-modules-1.10.3-2.el6.cloudlinux.els.noarch.rpm
9b241447d30c10976417216ba7dc439dd7bfffac
CLSA-2021:1632261762
Fix of CVE: CVE-2021-23017
Copyright 2021 Cloud Linux Inc
0
- Update fix for CVE-2021-23017 accoding nginx.org recomendations
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Update fix for CVE-2021-23017 accoding nginx.org recomendations
0
cloudlinux-x86_64-server-6
nginx-all-modules-1.10.3-3.el6.cloudlinux.els.noarch.rpm
0b3da7a7a255f3bf3a0e93fc6465283cf208fd23
nginx-filesystem-1.10.3-3.el6.cloudlinux.els.noarch.rpm
ad0dd0442f5f2861634ace8c47498426ee9bb876
nginx-mod-stream-1.10.3-3.el6.cloudlinux.els.x86_64.rpm
0a8f5be3657d9bc3c8b49588a607fead999df182
nginx-mod-http-perl-1.10.3-3.el6.cloudlinux.els.x86_64.rpm
3250d44ba71bebfb8dfff2b75eab75d68bef5b13
nginx-mod-http-xslt-filter-1.10.3-3.el6.cloudlinux.els.x86_64.rpm
cdead0ce8c9a17826ccfca71c3bc922dc0826de8
nginx-mod-http-geoip-1.10.3-3.el6.cloudlinux.els.x86_64.rpm
5767b32b0df2fc8fbda4dcd50eb0a8fd9922fa53
nginx-mod-mail-1.10.3-3.el6.cloudlinux.els.x86_64.rpm
eec04219c3736dedb08e11050e465333769da5b6
nginx-1.10.3-3.el6.cloudlinux.els.x86_64.rpm
14fc6752bc9353a2333befd2c89823407f79e0da
nginx-mod-http-image-filter-1.10.3-3.el6.cloudlinux.els.x86_64.rpm
6e47a47a6e7151eb2e42bc601d73612e445d71e9
CLSA-2021:1632261785
Fix of CVE: CVE-2021-23840
Copyright 2021 Cloud Linux Inc
0
- Fixed integer overflow in CipherUpdate(CVE-2021-23840)
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Fixed integer overflow in CipherUpdate(CVE-2021-23840)
0
cloudlinux-x86_64-server-6
openssl-static-1.0.1e-61.el6.cloudlinux.els.x86_64.rpm
1ed6b5e009165e268debd92c7320b056f9bbe6a6
openssl-devel-1.0.1e-61.el6.cloudlinux.els.x86_64.rpm
211569f7f70b47a06006b23d684e45c31eccfb90
openssl-perl-1.0.1e-61.el6.cloudlinux.els.x86_64.rpm
b3c2deb32ba9daa48ea6fd22739c8a6992bff0ac
openssl-1.0.1e-61.el6.cloudlinux.els.x86_64.rpm
e4ae045f3ddedffe25894127dd77425b0c1e8efb
openssl-1.0.1e-61.el6.cloudlinux.els.i686.rpm
76a023652718406fa3c45e57c6785bf27a86bf87
openssl-devel-1.0.1e-61.el6.cloudlinux.els.i686.rpm
c18066e24e83d55d0a2c97c982c629e2e7c34193
CLSA-2021:1632261812
Fix of CVE: CVE-2020-25211, CVE-2020-25656, CVE-2019-19532, CVE-2020-29661
Copyright 2021 Cloud Linux Inc
0
- CKSIX-277: CVE-2020-29661: tty: Fix ->pgrp locking in tiocspgrp()
- CKSIX-277: CVE-2020-25656: vt: keyboard, extend func_buf_lock to readers
- CKSIX-277: CVE-2020-25656: tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
- CKSIX-277: CVE-2020-25656: vt: keyboard, simplify vt_kdgkbsent
- CKSIX-277: CVE-2020-25211: netfilter: ctnetlink: add a range check for l3/l4 protonum
- CKSIX-277: CKSIX-276: CVE-2019-19532: HID: Fix assumption that devices have inputs
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CKSIX-277: CVE-2020-29661: tty: Fix ->pgrp locking in tiocspgrp()
- CKSIX-277: CVE-2020-25656: vt: keyboard, extend func_buf_lock to readers
- CKSIX-277: CVE-2020-25656: tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
- CKSIX-277: CVE-2020-25656: vt: keyboard, simplify vt_kdgkbsent
- CKSIX-277: CVE-2020-25211: netfilter: ctnetlink: add a range check for l3/l4 protonum
- CKSIX-277: CKSIX-276: CVE-2019-19532: HID: Fix assumption that devices have inputs
0
cloudlinux-x86_64-server-6
kernel-firmware-2.6.32-754.35.5.el6.noarch.rpm
a03ca9bf0aa98a7b3272d141b70ac23ad2d52773
kernel-doc-2.6.32-754.35.5.el6.noarch.rpm
8dcc05f7b4eecddea73d0f05cd18fbdb47e5a3cd
kernel-abi-whitelists-2.6.32-754.35.5.el6.noarch.rpm
a68dd7ce71672be05fb0b7d20f882cfc06a30111
CLSA-2021:1632261839
Fix of CVE: CVE-2020-29661, CVE-2019-19532, CVE-2020-25656, CVE-2020-25211
Copyright 2021 Cloud Linux Inc
0
- CKSIX-277: CVE-2020-29661: tty: Fix ->pgrp locking in tiocspgrp()
- CKSIX-277: CVE-2020-25656: vt: keyboard, extend func_buf_lock to readers
- CKSIX-277: CVE-2020-25656: tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
- CKSIX-277: CVE-2020-25656: vt: keyboard, simplify vt_kdgkbsent
- CKSIX-277: CVE-2020-25211: netfilter: ctnetlink: add a range check for l3/l4 protonum
- CKSIX-277: CKSIX-276: CVE-2019-19532: HID: Fix assumption that devices have inputs
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CKSIX-277: CVE-2020-29661: tty: Fix ->pgrp locking in tiocspgrp()
- CKSIX-277: CVE-2020-25656: vt: keyboard, extend func_buf_lock to readers
- CKSIX-277: CVE-2020-25656: tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
- CKSIX-277: CVE-2020-25656: vt: keyboard, simplify vt_kdgkbsent
- CKSIX-277: CVE-2020-25211: netfilter: ctnetlink: add a range check for l3/l4 protonum
- CKSIX-277: CKSIX-276: CVE-2019-19532: HID: Fix assumption that devices have inputs
0
cloudlinux-x86_64-server-6
kernel-debug-devel-2.6.32-754.35.5.el6.i686.rpm
c4df1cb52afd01e1f5c06a96b71b09309c55dcf1
kernel-devel-2.6.32-754.35.5.el6.x86_64.rpm
17f1ffde017b5b3d0aa1dc06b470ee68e676ad98
python-perf-2.6.32-754.35.5.el6.x86_64.rpm
0bd158d65b86cf275f056c85a2826e1c9f5d0e59
kernel-debug-2.6.32-754.35.5.el6.x86_64.rpm
622650cc8ca032e6d4b1f47e31421c378f8453b3
perf-2.6.32-754.35.5.el6.x86_64.rpm
659449b29c66c7a84a21e1186c9f2251315520b4
kernel-2.6.32-754.35.5.el6.x86_64.rpm
1ddff86ff5fbf9647cabe84d871396215bccb65e
kernel-debug-devel-2.6.32-754.35.5.el6.x86_64.rpm
e2115ef7c18d6df0bd0712d16e56475fc8b98474
kernel-headers-2.6.32-754.35.5.el6.x86_64.rpm
703f1ffdb709bae2fb77f369b55095b810c44404
CLSA-2021:1632261872
Fix of CVE: CVE-2021-22898
Copyright 2021 Cloud Linux Inc
0
- check sscanf() for correct number of matches (CVE-2021-22898)
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- check sscanf() for correct number of matches (CVE-2021-22898)
0
cloudlinux-x86_64-server-6
libcurl-7.19.7-57.el6.cloudlinux.els.x86_64.rpm
22e68eda2188b7ddb9784ccaf73c718517b65f39
libcurl-devel-7.19.7-57.el6.cloudlinux.els.i686.rpm
00bd5a374dfc8ccc9014e9f942e788bb507fc8b0
libcurl-devel-7.19.7-57.el6.cloudlinux.els.x86_64.rpm
7628207010a6049a60cf27316bca92d57ffee08a
curl-7.19.7-57.el6.cloudlinux.els.x86_64.rpm
c06225543173d880ec218260118d1072798b1f1c
libcurl-7.19.7-57.el6.cloudlinux.els.i686.rpm
d0766de7f08c4af2b1b629348cec2d448fa95367
CLSA-2021:1632261894
Fix of CVE: CVE-2021-22555
Copyright 2021 Cloud Linux Inc
0
- ELS-130: CVE-2021-22555: netfilter: x_tables: fix compat match/target pad out-of-bound write
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- ELS-130: CVE-2021-22555: netfilter: x_tables: fix compat match/target pad out-of-bound write
0
cloudlinux-x86_64-server-6
python-perf-2.6.32-754.35.6.el6.x86_64.rpm
33685234da46ae97c34bd289ab70cc3cd5bbac19
kernel-debug-2.6.32-754.35.6.el6.x86_64.rpm
2ab8a724ab60e6ef13c8bdee6462999614985a3e
kernel-debug-devel-2.6.32-754.35.6.el6.x86_64.rpm
e88afeaaa0592e26877a5d7d87d27909ab7b7f10
kernel-headers-2.6.32-754.35.6.el6.x86_64.rpm
86a3d7806ef29761ef4037f7f2233abce3c3fa83
kernel-debug-devel-2.6.32-754.35.6.el6.i686.rpm
7cc16085dba1126350ea42c857e263be84e31273
kernel-2.6.32-754.35.6.el6.x86_64.rpm
5151707a4e2e380c85a12d8f56999a1fa1aacc6d
perf-2.6.32-754.35.6.el6.x86_64.rpm
65bdc0c580d290c749f15f89035798df13b9f89d
kernel-devel-2.6.32-754.35.6.el6.x86_64.rpm
da321d17a6412a453262f940fcd4a34c0abdfc16
CLSA-2021:1632261912
Fix of CVE: CVE-2021-22555
Copyright 2021 Cloud Linux Inc
0
- ELS-130: CVE-2021-22555: netfilter: x_tables: fix compat match/target pad out-of-bound write
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- ELS-130: CVE-2021-22555: netfilter: x_tables: fix compat match/target pad out-of-bound write
0
cloudlinux-x86_64-server-6
kernel-doc-2.6.32-754.35.6.el6.noarch.rpm
c9591400949ef960722299aed29f1e6a7ea94ac8
kernel-abi-whitelists-2.6.32-754.35.6.el6.noarch.rpm
acaf483604518f6243c7d7e1c735df00f20ae7d4
kernel-firmware-2.6.32-754.35.6.el6.noarch.rpm
e936ad639738666dcd21409c3549b4ac4ab9f866
CLSA-2021:1632261944
Fix of CVE: CVE-2021-22925
Copyright 2021 Cloud Linux Inc
0
- telnet stack contents disclosure again (CVE-2021-22925)
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- telnet stack contents disclosure again (CVE-2021-22925)
0
cloudlinux-x86_64-server-6
libcurl-7.19.7-58.el6.cloudlinux.els.x86_64.rpm
07cec5f292f3c687c042117030e412fb628d8249
curl-7.19.7-58.el6.cloudlinux.els.x86_64.rpm
bc58d9e5f8c944869f105cbf14fdc926ea10a975
libcurl-devel-7.19.7-58.el6.cloudlinux.els.x86_64.rpm
23d51531911d77c9af6a2aef99c3301cc077f33a
libcurl-devel-7.19.7-58.el6.cloudlinux.els.i686.rpm
0f0ed8c5667a23d63603faff9380a71afc446cdb
libcurl-7.19.7-58.el6.cloudlinux.els.i686.rpm
fa2a785ccc83b16a106e8b77d9a7540f87054736
CLSA-2021:1632261963
Fix of CVE: CVE-2021-33909
Copyright 2021 Cloud Linux Inc
0
- ELS-130: netfilter: x_tables: add missing tables zeroing
- CLKRN-800: CVE-2021-33909: seq_file: disallow extremely large seq buffer allocation
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- ELS-130: netfilter: x_tables: add missing tables zeroing
- CLKRN-800: CVE-2021-33909: seq_file: disallow extremely large seq buffer allocation
0
cloudlinux-x86_64-server-6
kernel-doc-2.6.32-754.35.7.el6.noarch.rpm
2d095cd6bf559cad0feef2271f619d1e7dca7acb
kernel-firmware-2.6.32-754.35.7.el6.noarch.rpm
3cf9ff2435663f5d871687da174d6f35f290c33f
kernel-abi-whitelists-2.6.32-754.35.7.el6.noarch.rpm
d0a21093f41e394904ef53e1e20a8abd044745cd
CLSA-2021:1632261987
Fix of CVE: CVE-2021-33909
Copyright 2021 Cloud Linux Inc
0
- ELS-130: netfilter: x_tables: add missing tables zeroing
- CLKRN-800: CVE-2021-33909: seq_file: disallow extremely large seq buffer allocation
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- ELS-130: netfilter: x_tables: add missing tables zeroing
- CLKRN-800: CVE-2021-33909: seq_file: disallow extremely large seq buffer allocation
0
cloudlinux-x86_64-server-6
kernel-devel-2.6.32-754.35.7.el6.x86_64.rpm
142c3fa8b6bc1651015b439ab8c4fe49523413e5
kernel-debug-2.6.32-754.35.7.el6.x86_64.rpm
11af608b05f59501bdaf7aff7636172c7a2da097
kernel-debug-devel-2.6.32-754.35.7.el6.i686.rpm
f4962ae0b3d57ca310dfe1885ca40b1b038823a5
kernel-headers-2.6.32-754.35.7.el6.x86_64.rpm
03c6806376302b6c3a11ad910197d1d21b08b164
perf-2.6.32-754.35.7.el6.x86_64.rpm
9aac069688e47e386c0be5286e6c571eac217feb
kernel-2.6.32-754.35.7.el6.x86_64.rpm
0c724d734254c355d84f5914a7e58f7e2d5f7c82
kernel-debug-devel-2.6.32-754.35.7.el6.x86_64.rpm
f34c5eae76c4cab8478534a73f5135dd818d322d
python-perf-2.6.32-754.35.7.el6.x86_64.rpm
8cb506a24d950091db929cd8ac4cd3ea9c2a9026
CLSA-2021:1632262065
Update of nscd, glibc-headers, glibc, glibc-utils, glibc-static, glibc-static, glibc-devel, glibc-devel, glibc, glibc-common
Copyright 2021 Cloud Linux Inc
0
- More precise DNS name checks (accepting dash-.example.com, among other things)
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- More precise DNS name checks (accepting dash-.example.com, among other things)
0
cloudlinux-x86_64-server-6
nscd-2.12-1.2126_10.4.cloudlinux.els.x86_64.rpm
aa7f704a206c4ed6030e470ac6d177ab10e6f04e
glibc-headers-2.12-1.2126_10.4.cloudlinux.els.x86_64.rpm
76f439bf5a07913eec7bb3c66eaffb5422c9257d
glibc-2.12-1.2126_10.4.cloudlinux.els.i686.rpm
68fee3ddcc72ae6452d5ffdf560eda974847586a
glibc-utils-2.12-1.2126_10.4.cloudlinux.els.x86_64.rpm
31ef784e77c4e97735d2b0ca19db7abb7fcb7aab
glibc-static-2.12-1.2126_10.4.cloudlinux.els.x86_64.rpm
f200dade730e960e753a7620551dfe2fda61c41e
glibc-static-2.12-1.2126_10.4.cloudlinux.els.i686.rpm
734619a42412a5b5234c849b9eb688a3451aff4e
glibc-devel-2.12-1.2126_10.4.cloudlinux.els.x86_64.rpm
2eb7cd79607effd8850677f1e5c3c43fcd3627fb
glibc-devel-2.12-1.2126_10.4.cloudlinux.els.i686.rpm
3309199dc7ae29cfff1078ee4ff77ae1da330f9d
glibc-2.12-1.2126_10.4.cloudlinux.els.x86_64.rpm
ee0fcc292fe9e25b02c536f79dd0b07842f03568
glibc-common-2.12-1.2126_10.4.cloudlinux.els.x86_64.rpm
a4b1ffa7592dc02535b674069662e6bdfb96ccb8
CLSA-2021:1632262184
Fix of CVE: CVE-2021-2388
Copyright 2021 Cloud Linux Inc
0
- Fix CVE-2021-2388 OpenJDK: Incorrect comparison during range check elimination
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Fix CVE-2021-2388 OpenJDK: Incorrect comparison during range check elimination
0
cloudlinux-x86_64-server-6
java-1.8.0-openjdk-devel-debug-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm
57e450b5eaf18349c1b883a2989498b771cb6a03
java-1.8.0-openjdk-src-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm
ac4af8e88893c7e977b884ab4ef0644930173aca
java-1.8.0-openjdk-headless-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm
09a22e75538c6b7e2e30b158591d89e74e9c5da6
java-1.8.0-openjdk-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm
404c6f27755488de699a3c99f4c23d26890c49c4
java-1.8.0-openjdk-headless-debug-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm
26eecffaca86a04f45144a6d149397b9d9e11656
java-1.8.0-openjdk-demo-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm
f4ab42a731574be1f37170b066d950a768abd97c
java-1.8.0-openjdk-javadoc-debug-1.8.0.275.b01-1.el6.cloudlinux.els.noarch.rpm
25ac910ef061fee4e2205277c73ec188a7cc19bf
java-1.8.0-openjdk-src-debug-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm
176f6b60f66d16fbe7c6398c39215b4b818d91da
java-1.8.0-openjdk-devel-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm
1823f2ea93c9c29e44f569bf71f1e7fb79447530
java-1.8.0-openjdk-debug-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm
0058fe04e46018ce47dd94adb58591d2427b8bd3
java-1.8.0-openjdk-demo-debug-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm
206db817a90aae67aa10dcc314c9278a77b99e75
java-1.8.0-openjdk-javadoc-1.8.0.275.b01-1.el6.cloudlinux.els.noarch.rpm
27fab509146b0bbcec06217db7a5a6d5cceced37
CLSA-2021:1632262221
Fix of CVE: CVE-2020-8517, CVE-2021-28651, CVE-2020-15049, CVE-2020-8449, CVE-2020-8450, CVE-2020-24606, CVE-2020-25097, CVE-2020-11945, CVE-2020-14058
Copyright 2021 Cloud Linux Inc
0
- CVE-2020-15049: fix incorrect validation of Content-Length field leading to
Http smuggling and Poisoning attack
- CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of
service
- CVE-2020-25097: fix improper input validation allowing HTTP smuggling from
trusted client
- CVE-2020-11945: fix nonce reference counter overflow allowing replay attack
- CVE-2020-24606: fix handle of EOF in peerDigestHandleReply() leading to Denial
of service
- CVE-2020-8517: fix incorrect input validation allowing writing outside of buffer
and leading to denial of service
- CVE-2020-8449: fix improper HTTP request validation allowing access to
resources which are prohibited by security filters
- CVE-2020-8450: fix incorrect buffer managment leading to buffer overflow
- CVE-2021-28651: fix memory leak leading to denial of service
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2020-15049: fix incorrect validation of Content-Length field leading to
Http smuggling and Poisoning attack
- CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of
service
- CVE-2020-25097: fix improper input validation allowing HTTP smuggling from
trusted client
- CVE-2020-11945: fix nonce reference counter overflow allowing replay attack
- CVE-2020-24606: fix handle of EOF in peerDigestHandleReply() leading to Denial
of service
- CVE-2020-8517: fix incorrect input validation allowing writing outside of buffer
and leading to denial of service
- CVE-2020-8449: fix improper HTTP request validation allowing access to
resources which are prohibited by security filters
- CVE-2020-8450: fix incorrect buffer managment leading to buffer overflow
- CVE-2021-28651: fix memory leak leading to denial of service
0
cloudlinux-x86_64-server-6
squid34-3.4.14-16.el6.cloudlinux.els.x86_64.rpm
318af4c858cfe105f7bb3378657f3377737e5d78
CLSA-2021:1632262236
Fix of CVE: CVE-2021-22924
Copyright 2021 Cloud Linux Inc
0
- fix connection reuse checks for issuer cert and case sensitivity (CVE-2021-22924)
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- fix connection reuse checks for issuer cert and case sensitivity (CVE-2021-22924)
0
cloudlinux-x86_64-server-6
libcurl-devel-7.19.7-59.el6.cloudlinux.els.x86_64.rpm
d4f4dc41aad5316dd9331a589c9e3907d4f0a3cf
libcurl-devel-7.19.7-59.el6.cloudlinux.els.i686.rpm
7b62b5c36b2348773a3c5c2e86780e9339dbea86
libcurl-7.19.7-59.el6.cloudlinux.els.i686.rpm
e791bfeee0511817824796aa9171ace4ed29353c
curl-7.19.7-59.el6.cloudlinux.els.x86_64.rpm
4ecb22be93cc19b549c79070722aed9b7bf2a24e
libcurl-7.19.7-59.el6.cloudlinux.els.x86_64.rpm
7da2c9bc1ce1cfe70dd1ca3211f54d1a7103a508
CLSA-2021:1632262269
Fix of CVE: CVE-2021-34693, CVE-2021-20292, CVE-2021-28972, CVE-2021-20265, CVE-2021-32399, CVE-2014-4508, CVE-2021-3612, CVE-2021-3178, CVE-2021-37159, CVE-2021-38205, CVE-2021-3573, CVE-2021-38160
Copyright 2021 Cloud Linux Inc
0
- ELSCVE-666: CVE-2021-34693: can: bcm: fix infoleak in struct bcm_msg_head
- ELSCVE-705: CVE-2021-38160: virtio_console: Assure used length from device is limited
- ELSCVE-769: CVE-2014-4508: x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508)
- ELSCVE-844: CVE-2021-3573: Bluetooth: use correct lock to prevent UAF of hdev object
- ELSCVE-503: CVE-2021-32399: bluetooth: eliminate the potential race condition when removing the HCI controller
- ELSCVE-451: CVE-2021-37159: hso: fix a use after free condition
- ELSCVE-387: CVE-2021-38205: net: xilinx_emaclite: Do not print real IOMEM pointer
- ELSCVE-547: CVE-2021-3178: nfsd4: readdirplus shouldn't return parent of export
- ELSCVE-547: nfsd: fix compose_entry_fh() failure exits
- ELSCVE-547: nfsd: make local functions static
- ELSCVE-682: CVE-2021-20265: af_unix: fix struct pid memory leak
- ELSCVE-531: CVE-2021-20292: drm/ttm/nouveau: don't call tt destroy callback on alloc failure.
- ELSCVE-543: CVE-2021-28972: PCI: rpadlpar: Fix potential drc_name corruption in store functions
- ELSCVE-575: CVE-2021-3612: Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
- ELSCVE-575: Input: joydev - prevent potential read overflow in ioctl
- ELSCVE-575: Input: joydev - fix possible ERR_PTR() dereferencing
- ELSCVE-575: Input: joydev - use memdup_user() to duplicate memory from user-space
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- ELSCVE-666: CVE-2021-34693: can: bcm: fix infoleak in struct bcm_msg_head
- ELSCVE-705: CVE-2021-38160: virtio_console: Assure used length from device is limited
- ELSCVE-769: CVE-2014-4508: x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508)
- ELSCVE-844: CVE-2021-3573: Bluetooth: use correct lock to prevent UAF of hdev object
- ELSCVE-503: CVE-2021-32399: bluetooth: eliminate the potential race condition when removing the HCI controller
- ELSCVE-451: CVE-2021-37159: hso: fix a use after free condition
- ELSCVE-387: CVE-2021-38205: net: xilinx_emaclite: Do not print real IOMEM pointer
- ELSCVE-547: CVE-2021-3178: nfsd4: readdirplus shouldn't return parent of export
- ELSCVE-547: nfsd: fix compose_entry_fh() failure exits
- ELSCVE-547: nfsd: make local functions static
- ELSCVE-682: CVE-2021-20265: af_unix: fix struct pid memory leak
- ELSCVE-531: CVE-2021-20292: drm/ttm/nouveau: don't call tt destroy callback on alloc failure.
- ELSCVE-543: CVE-2021-28972: PCI: rpadlpar: Fix potential drc_name corruption in store functions
- ELSCVE-575: CVE-2021-3612: Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
- ELSCVE-575: Input: joydev - prevent potential read overflow in ioctl
- ELSCVE-575: Input: joydev - fix possible ERR_PTR() dereferencing
- ELSCVE-575: Input: joydev - use memdup_user() to duplicate memory from user-space
0
cloudlinux-x86_64-server-6
kernel-abi-whitelists-2.6.32-754.35.8.el6.noarch.rpm
f6176c89f04ba75382007e716e339f02aee1d631
kernel-firmware-2.6.32-754.35.8.el6.noarch.rpm
67db4ef3367626e454b0ad17d0e62d1c9de2e8ec
kernel-doc-2.6.32-754.35.8.el6.noarch.rpm
3109e4a6d989f45370b64ea4cdccab08ddf94599
CLSA-2021:1632262296
Fix of CVE: CVE-2021-38160, CVE-2021-3573, CVE-2021-38205, CVE-2021-3178, CVE-2021-20265, CVE-2021-3612, CVE-2021-32399, CVE-2021-37159, CVE-2014-4508, CVE-2021-28972, CVE-2021-34693, CVE-2021-20292
Copyright 2021 Cloud Linux Inc
0
- ELSCVE-666: CVE-2021-34693: can: bcm: fix infoleak in struct bcm_msg_head
- ELSCVE-705: CVE-2021-38160: virtio_console: Assure used length from device is limited
- ELSCVE-769: CVE-2014-4508: x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508)
- ELSCVE-844: CVE-2021-3573: Bluetooth: use correct lock to prevent UAF of hdev object
- ELSCVE-503: CVE-2021-32399: bluetooth: eliminate the potential race condition when removing the HCI controller
- ELSCVE-451: CVE-2021-37159: hso: fix a use after free condition
- ELSCVE-387: CVE-2021-38205: net: xilinx_emaclite: Do not print real IOMEM pointer
- ELSCVE-547: CVE-2021-3178: nfsd4: readdirplus shouldn't return parent of export
- ELSCVE-547: nfsd: fix compose_entry_fh() failure exits
- ELSCVE-547: nfsd: make local functions static
- ELSCVE-682: CVE-2021-20265: af_unix: fix struct pid memory leak
- ELSCVE-531: CVE-2021-20292: drm/ttm/nouveau: don't call tt destroy callback on alloc failure.
- ELSCVE-543: CVE-2021-28972: PCI: rpadlpar: Fix potential drc_name corruption in store functions
- ELSCVE-575: CVE-2021-3612: Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
- ELSCVE-575: Input: joydev - prevent potential read overflow in ioctl
- ELSCVE-575: Input: joydev - fix possible ERR_PTR() dereferencing
- ELSCVE-575: Input: joydev - use memdup_user() to duplicate memory from user-space
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- ELSCVE-666: CVE-2021-34693: can: bcm: fix infoleak in struct bcm_msg_head
- ELSCVE-705: CVE-2021-38160: virtio_console: Assure used length from device is limited
- ELSCVE-769: CVE-2014-4508: x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508)
- ELSCVE-844: CVE-2021-3573: Bluetooth: use correct lock to prevent UAF of hdev object
- ELSCVE-503: CVE-2021-32399: bluetooth: eliminate the potential race condition when removing the HCI controller
- ELSCVE-451: CVE-2021-37159: hso: fix a use after free condition
- ELSCVE-387: CVE-2021-38205: net: xilinx_emaclite: Do not print real IOMEM pointer
- ELSCVE-547: CVE-2021-3178: nfsd4: readdirplus shouldn't return parent of export
- ELSCVE-547: nfsd: fix compose_entry_fh() failure exits
- ELSCVE-547: nfsd: make local functions static
- ELSCVE-682: CVE-2021-20265: af_unix: fix struct pid memory leak
- ELSCVE-531: CVE-2021-20292: drm/ttm/nouveau: don't call tt destroy callback on alloc failure.
- ELSCVE-543: CVE-2021-28972: PCI: rpadlpar: Fix potential drc_name corruption in store functions
- ELSCVE-575: CVE-2021-3612: Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
- ELSCVE-575: Input: joydev - prevent potential read overflow in ioctl
- ELSCVE-575: Input: joydev - fix possible ERR_PTR() dereferencing
- ELSCVE-575: Input: joydev - use memdup_user() to duplicate memory from user-space
0
cloudlinux-x86_64-server-6
kernel-2.6.32-754.35.8.el6.x86_64.rpm
5bbe1ade1d943357a9eeffaacea322b2c3592a06
kernel-debug-devel-2.6.32-754.35.8.el6.x86_64.rpm
49070efcdbc337506cf1ec47b56723987f55d8fd
kernel-devel-2.6.32-754.35.8.el6.x86_64.rpm
16d5488a95ca61d50707f41bafec3c4cd47f651e
kernel-debug-2.6.32-754.35.8.el6.x86_64.rpm
478121de5892001bb296b3180f6278e5002f822a
kernel-debug-devel-2.6.32-754.35.8.el6.i686.rpm
0641dd502ea3d9ebe05f22fb8966ca9b1cfa8d0c
python-perf-2.6.32-754.35.8.el6.x86_64.rpm
2247ba6c105ba7dd56a38814bc7aa9ee6967c3e6
perf-2.6.32-754.35.8.el6.x86_64.rpm
ead005c92d646b9c41465006804618315829e16a
kernel-headers-2.6.32-754.35.8.el6.x86_64.rpm
b691829a648a63c46d98b88f8faace860205f720
CLSA-2021:1632262317
Fix of CVE: CVE-2018-0739, CVE-2018-0737, CVE-2021-3712, CVE-2018-0732
Copyright 2021 Cloud Linux Inc
0
- fix CVE-2021-3712 - handling ASN.1 string as NULL
terminated leads to read buffer overrun
- Port patches from oracle6els branch, original changelog entry:
- Oracle bug 28730228: backport CVE-2018-0732
- Oracle bug 28758493: backport CVE-2018-0737
- Merge upstream patch to fix CVE-2018-0739
- Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz
- sha256 is used for the RSA pairwise consistency test instead of sha1
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- fix CVE-2021-3712 - handling ASN.1 string as NULL
terminated leads to read buffer overrun
- Port patches from oracle6els branch, original changelog entry:
- Oracle bug 28730228: backport CVE-2018-0732
- Oracle bug 28758493: backport CVE-2018-0737
- Merge upstream patch to fix CVE-2018-0739
- Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz
- sha256 is used for the RSA pairwise consistency test instead of sha1
0
cloudlinux-x86_64-server-6
openssl-static-1.0.1e-62.el6.cloudlinux.els.x86_64.rpm
8caa5c2dc5d4211d457a7114577840a5510ec79c
openssl-1.0.1e-62.el6.cloudlinux.els.x86_64.rpm
7ba53431233234ec798f93ca6bf307be104fe864
openssl-devel-1.0.1e-62.el6.cloudlinux.els.i686.rpm
bf1039e5de910db523529ac7b9f91afd9a099cf2
openssl-perl-1.0.1e-62.el6.cloudlinux.els.x86_64.rpm
ea51c611cb766445f3f94d2417b360cf50f8533d
openssl-1.0.1e-62.el6.cloudlinux.els.i686.rpm
52cec450cf829a95ecd9e7f8a9ec5f084647517b
openssl-devel-1.0.1e-62.el6.cloudlinux.els.x86_64.rpm
56b3d143621154ebdb1fe8d43f0beb874576e85a
CLSA-2021:1632262337
Fix of CVE: CVE-2020-24513, CVE-2020-24489, CVE-2020-24512, CVE-2020-24511
Copyright 2021 Cloud Linux Inc
0
- Do not use "grep -q" in a pipe in check_caveats.
- Update Intel CPU microcode to microcode-20210608 release:
- Fixes in releasenote.md file.
- Update Intel CPU microcode to microcode-20210525 release, addresses
CVE-2020-24489, CVE-2020-24511, CVE-2020-24512, and CVE-2020-24513
(#1962659, #1962709, #1962729, #1962675):
- Addition of 06-55-05/0xb7 (CLX-SP A0) microcode at revision 0x3000010;
- Addition of 06-6a-05/0x87 (ICX-SP C0) microcode at revision 0xc0002f0;
- Addition of 06-6a-06/0x87 (ICX-SP D0) microcode at revision 0xd0002a0;
- Addition of 06-86-04/0x01 (SNR B0) microcode at revision 0xb00000f;
- Addition of 06-86-05/0x01 (SNR B1) microcode (in intel-ucode/06-86-04)
at revision 0xb00000f;
- Addition of 06-86-04/0x01 (SNR B0) microcode (in intel-ucode/06-86-05)
at revision 0xb00000f;
- Addition of 06-86-05/0x01 (SNR B1) microcode at revision 0xb00000f;
- Addition of 06-8c-02/0xc2 (TGL-R C0) microcode at revision 0x16;
- Addition of 06-8d-01/0xc2 (TGL-H R0) microcode at revision 0x2c;
- Addition of 06-96-01/0x01 (EHL B1) microcode at revision 0x11;
- Addition of 06-9c-00/0x01 (JSL A0/A1) microcode at revision 0x1d;
- Addition of 06-a7-01/0x02 (RKL-S B0) microcode at revision 0x40;
- Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in
intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xe2 up to 0xea;
- Update of 06-4f-01/0xef (BDX-E/EP/EX/ML B0/M0/R0) microcode (in
intel-06-4f-01/intel-ucode/06-4f-01) from revision 0xb000038 up
to 0xb00003e;
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006a0a up
to 0x2006b06;
- Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in
intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xe2 up to 0xea;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in
intel-06-8c-01/intel-ucode/06-8c-01) from revision 0x68 up to 0x88;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xde up
to 0xea;
- Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xde up
to 0xea;
- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xe0 up
to 0xea;
- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xde up
to 0xea;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from
revision 0xde up to 0xea;
- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xde up
to 0xea;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xde up
to 0xea;
- Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xde up
to 0xea;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xde up
to 0xea;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xde up
to 0xea;
- Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode
from revision 0x44 up to 0x46;
- Update of 06-3f-04/0x80 (HSX-EX E0) microcode from revision 0x16 up
to 0x19;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000159
up to 0x100015b;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003006
up to 0x4003102;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5003006 up to 0x5003102;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x700001e
up to 0x7002302;
- Update of 06-56-03/0x10 (BDX-DE V2/V3) microcode from revision
0x7000019 up to 0x700001b;
- Update of 06-56-04/0x10 (BDX-DE Y0) microcode from revision 0xf000017
up to 0xf000019;
- Update of 06-56-05/0x10 (BDX-NS A0/A1, HWL A1) microcode from revision
0xe00000f up to 0xe000012;
- Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x40 up
to 0x44;
- Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x1e up
to 0x20;
- Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x2e up
to 0x34;
- Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x34 up
to 0x36;
- Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x18 up
to 0x1a;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xa0
up to 0xa6;
- Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x28 up
to 0x2a;
- Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xe0 up
to 0xea;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xe0
up to 0xea;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xe0
up to 0xec;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xe0
up to 0xe8;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode from revision
0xe0 up to 0xea.
- Update Intel CPU microcode to microcode-20210216 release (#1905111):
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006a08 up
to 0x2006a0a;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003003
up to 0x4003006;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5003003 up to 0x5003006.
- Update Intel CPU microcode to microcode-20201112 release:
- Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28;
- Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up
to 0x34;
- Updated releasenote file.
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Do not use "grep -q" in a pipe in check_caveats.
- Update Intel CPU microcode to microcode-20210608 release:
- Fixes in releasenote.md file.
- Update Intel CPU microcode to microcode-20210525 release, addresses
CVE-2020-24489, CVE-2020-24511, CVE-2020-24512, and CVE-2020-24513
(#1962659, #1962709, #1962729, #1962675):
- Addition of 06-55-05/0xb7 (CLX-SP A0) microcode at revision 0x3000010;
- Addition of 06-6a-05/0x87 (ICX-SP C0) microcode at revision 0xc0002f0;
- Addition of 06-6a-06/0x87 (ICX-SP D0) microcode at revision 0xd0002a0;
- Addition of 06-86-04/0x01 (SNR B0) microcode at revision 0xb00000f;
- Addition of 06-86-05/0x01 (SNR B1) microcode (in intel-ucode/06-86-04)
at revision 0xb00000f;
- Addition of 06-86-04/0x01 (SNR B0) microcode (in intel-ucode/06-86-05)
at revision 0xb00000f;
- Addition of 06-86-05/0x01 (SNR B1) microcode at revision 0xb00000f;
- Addition of 06-8c-02/0xc2 (TGL-R C0) microcode at revision 0x16;
- Addition of 06-8d-01/0xc2 (TGL-H R0) microcode at revision 0x2c;
- Addition of 06-96-01/0x01 (EHL B1) microcode at revision 0x11;
- Addition of 06-9c-00/0x01 (JSL A0/A1) microcode at revision 0x1d;
- Addition of 06-a7-01/0x02 (RKL-S B0) microcode at revision 0x40;
- Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in
intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xe2 up to 0xea;
- Update of 06-4f-01/0xef (BDX-E/EP/EX/ML B0/M0/R0) microcode (in
intel-06-4f-01/intel-ucode/06-4f-01) from revision 0xb000038 up
to 0xb00003e;
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006a0a up
to 0x2006b06;
- Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in
intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xe2 up to 0xea;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in
intel-06-8c-01/intel-ucode/06-8c-01) from revision 0x68 up to 0x88;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xde up
to 0xea;
- Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xde up
to 0xea;
- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xe0 up
to 0xea;
- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xde up
to 0xea;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from
revision 0xde up to 0xea;
- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xde up
to 0xea;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xde up
to 0xea;
- Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xde up
to 0xea;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xde up
to 0xea;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xde up
to 0xea;
- Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode
from revision 0x44 up to 0x46;
- Update of 06-3f-04/0x80 (HSX-EX E0) microcode from revision 0x16 up
to 0x19;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000159
up to 0x100015b;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003006
up to 0x4003102;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5003006 up to 0x5003102;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x700001e
up to 0x7002302;
- Update of 06-56-03/0x10 (BDX-DE V2/V3) microcode from revision
0x7000019 up to 0x700001b;
- Update of 06-56-04/0x10 (BDX-DE Y0) microcode from revision 0xf000017
up to 0xf000019;
- Update of 06-56-05/0x10 (BDX-NS A0/A1, HWL A1) microcode from revision
0xe00000f up to 0xe000012;
- Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x40 up
to 0x44;
- Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x1e up
to 0x20;
- Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x2e up
to 0x34;
- Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x34 up
to 0x36;
- Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x18 up
to 0x1a;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xa0
up to 0xa6;
- Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x28 up
to 0x2a;
- Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xe0 up
to 0xea;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xe0
up to 0xea;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xe0
up to 0xec;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xe0
up to 0xe8;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode from revision
0xe0 up to 0xea.
- Update Intel CPU microcode to microcode-20210216 release (#1905111):
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006a08 up
to 0x2006a0a;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003003
up to 0x4003006;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5003003 up to 0x5003006.
- Update Intel CPU microcode to microcode-20201112 release:
- Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28;
- Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up
to 0x34;
- Updated releasenote file.
0
cloudlinux-x86_64-server-6
microcode_ctl-1.17-33.34.el6.cloudlinux.els.x86_64.rpm
51b23054fd2d1a9a6710590ddc10d0d317bf112f
CLSA-2021:1632328234
Fix of CVE: CVE-2020-10878
Copyright 2021 Cloud Linux Inc
0
- CVE-2020-10878: fix integer overflow leading to RCE
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2020-10878: fix integer overflow leading to RCE
0
cloudlinux-x86_64-server-6
perl-Pod-Simple-3.13-145.el6.cloudlinux.els.x86_64.rpm
2475768d684bc5e6af506fd9d2669fe78a843c43
perl-Log-Message-Simple-0.04-145.el6.cloudlinux.els.x86_64.rpm
c2c9d047ea2c78079d0d8776c3ac9f42f7def484
perl-Object-Accessor-0.34-145.el6.cloudlinux.els.x86_64.rpm
93ed416a0d575b81276c1e696a131bddc09ac4fb
perl-IPC-Cmd-0.56-145.el6.cloudlinux.els.x86_64.rpm
ab706c072245923133984e3f550905ec8db32a1e
perl-core-5.10.1-145.el6.cloudlinux.els.x86_64.rpm
a14c1f42684cd6b1d7f0899ba900431ba0831f66
perl-ExtUtils-MakeMaker-6.55-145.el6.cloudlinux.els.x86_64.rpm
f9f1a7b46200331ddd8465778b74e65300b75e5e
perl-Compress-Raw-Zlib-2.021-145.el6.cloudlinux.els.x86_64.rpm
58a11aaa28698bba7d584a65242365cb73a10df5
perl-CPAN-1.9402-145.el6.cloudlinux.els.x86_64.rpm
6e42a8b0a95b9dfeabca1aa0b26e2bf2a8d75c1e
perl-CGI-3.51-145.el6.cloudlinux.els.x86_64.rpm
cbfcd17c22d650720dc308998f2ab10fffa8cb23
perl-Digest-SHA-5.47-145.el6.cloudlinux.els.x86_64.rpm
293548c98a46178feab66b3438c3ec232970fa6e
perl-libs-5.10.1-145.el6.cloudlinux.els.i686.rpm
4fc66488946c6ea6f30bbd705bd2cb4487c00814
perl-Module-Loaded-0.02-145.el6.cloudlinux.els.x86_64.rpm
6a704e3072dd3afecc46d0526ae5177cf940bdca
perl-parent-0.221-145.el6.cloudlinux.els.x86_64.rpm
e1140280e39649b708d607b183113fe2ccc84692
perl-Module-CoreList-2.18-145.el6.cloudlinux.els.x86_64.rpm
f88a1e0510c26c11a41543223e46a6b3afe627d5
perl-Compress-Raw-Bzip2-2.021-145.el6.cloudlinux.els.x86_64.rpm
219c09c75ea749691c41bf517d8767a8d8bf368c
perl-File-Fetch-0.26-145.el6.cloudlinux.els.x86_64.rpm
9cb051ce76773580d28961a15a3fff740abe2d5f
perl-5.10.1-145.el6.cloudlinux.els.x86_64.rpm
f63706b0cb84b58e647bce35eb171d553d41dad7
perl-version-0.77-145.el6.cloudlinux.els.x86_64.rpm
ede47036e757d80c200d60abce81cbfa37507fdb
perl-ExtUtils-Embed-1.28-145.el6.cloudlinux.els.x86_64.rpm
838ee4069266f2a9c00a48d29a6a7d38306bd1b6
perl-Locale-Maketext-Simple-0.18-145.el6.cloudlinux.els.x86_64.rpm
3bfac243066178c27cacafa29c4ff730516cd5aa
perl-Time-HiRes-1.9721-145.el6.cloudlinux.els.x86_64.rpm
4181c6734f737f8a7dda5f9f2cf440089b818204
perl-Module-Load-Conditional-0.30-145.el6.cloudlinux.els.x86_64.rpm
4e6afafe913bc677275106f0fa48a99a973110f7
perl-IO-Compress-Bzip2-2.021-145.el6.cloudlinux.els.x86_64.rpm
34cb10ea7dfd41d60b927417029812e03f64908c
perl-ExtUtils-CBuilder-0.27-145.el6.cloudlinux.els.x86_64.rpm
17fd80cb1fd0669c73bee6ef1749286baedcd847
perl-Term-UI-0.20-145.el6.cloudlinux.els.x86_64.rpm
a9ba1048dc516bf722cfeeb8a4289585c359f6c1
perl-Module-Build-0.3500-145.el6.cloudlinux.els.x86_64.rpm
6292a05f8f955ee508759737fe82cfd2e3cf0121
perl-Pod-Escapes-1.04-145.el6.cloudlinux.els.x86_64.rpm
2175d2206cc6cde3a67cab4df751aef3d672e4eb
perl-IO-Compress-Base-2.021-145.el6.cloudlinux.els.x86_64.rpm
1f3a362cbaf9aa6ee8d7d73a6c3d3b9734d43c59
perl-Parse-CPAN-Meta-1.40-145.el6.cloudlinux.els.x86_64.rpm
edddb8e453e98277bee9a23e4a297afa0f5de7b4
perl-Time-Piece-1.15-145.el6.cloudlinux.els.x86_64.rpm
8016b46d2fbb2a1390961e12729def14ceecf7fa
perl-Params-Check-0.26-145.el6.cloudlinux.els.x86_64.rpm
c70b79dd609bba4e92b46f6779808a532b52137b
perl-Module-Pluggable-3.90-145.el6.cloudlinux.els.x86_64.rpm
0f107f066efe76f1f65e0b36bd840fd5d960a7e2
perl-Archive-Tar-1.58-145.el6.cloudlinux.els.x86_64.rpm
a646eec24a925026021963a11cfb683b38cc2129
perl-IO-Compress-Zlib-2.021-145.el6.cloudlinux.els.x86_64.rpm
76f7b742aa080c0f93e89207b1b736eace740aa7
perl-Package-Constants-0.02-145.el6.cloudlinux.els.x86_64.rpm
3d5a41507117679192c40a24ecb6423c028fb11a
perl-devel-5.10.1-145.el6.cloudlinux.els.x86_64.rpm
9c16057d0dbb78d32e7096b32681d1781799e330
perl-devel-5.10.1-145.el6.cloudlinux.els.i686.rpm
eb80c2ecccaeed4ebce8cc6fbbf2ee140e11c477
perl-Test-Simple-0.92-145.el6.cloudlinux.els.x86_64.rpm
787decb1b079eff7a31da1acbe8b57d693c0ac1b
perl-Test-Harness-3.17-145.el6.cloudlinux.els.x86_64.rpm
adc9242105cf733144fa9fe5a2209711e56cde83
perl-libs-5.10.1-145.el6.cloudlinux.els.x86_64.rpm
7342a4d24b0a1b762f40af6f3abda0cf05c6caad
perl-IO-Zlib-1.09-145.el6.cloudlinux.els.x86_64.rpm
708b07b027ec486ffce5c1c5c60f3c18cd9523ad
perl-ExtUtils-ParseXS-2.2003.0-145.el6.cloudlinux.els.x86_64.rpm
ace5d06d6962c5a240fb115201c015dc61f52868
perl-Archive-Extract-0.38-145.el6.cloudlinux.els.x86_64.rpm
8a984b6576e8322e50866ea59b807ee0258a5b89
perl-CPANPLUS-0.88-145.el6.cloudlinux.els.x86_64.rpm
844c15ab09768577c017d06cac3ff06da56452a7
perl-Log-Message-0.02-145.el6.cloudlinux.els.x86_64.rpm
658146d073bfeaa610d8613ee779400822a7993d
perl-Module-Load-0.16-145.el6.cloudlinux.els.x86_64.rpm
3edba77d345b5c56e7b1a5b0d96bc9d440db7af5
perl-Compress-Zlib-2.021-145.el6.cloudlinux.els.x86_64.rpm
de5b6937c5cad0df8307e22a475279acb1dbb6ab
perl-suidperl-5.10.1-145.el6.cloudlinux.els.x86_64.rpm
5d6e82b7048ae3f7e0fa69589dbea006e412cbaf
CLSA-2021:1632328264
Fix of CVE: CVE-2020-10543
Copyright 2021 Cloud Linux Inc
0
- CVE-2020-10543: fix signed integer overflow leading to heap buffer overrun
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2020-10543: fix signed integer overflow leading to heap buffer overrun
0
cloudlinux-x86_64-server-6
perl-Pod-Simple-3.13-146.el6.cloudlinux.els.x86_64.rpm
e2a36edb4ed0eac13ff7934cedf080c05e490edc
perl-IO-Compress-Bzip2-2.021-146.el6.cloudlinux.els.x86_64.rpm
96b255d19311a6f1fc8454804e21e12672892163
perl-Log-Message-0.02-146.el6.cloudlinux.els.x86_64.rpm
ec2edb4d4672d82a13d2853ae8ba9d225cadc66e
perl-CPANPLUS-0.88-146.el6.cloudlinux.els.x86_64.rpm
4ced0c983bb61ce7e416e55c483fc1d1e8df64a1
perl-Parse-CPAN-Meta-1.40-146.el6.cloudlinux.els.x86_64.rpm
64c2920b34ecfff34816c9a4c6b1d85a4ce08432
perl-Archive-Tar-1.58-146.el6.cloudlinux.els.x86_64.rpm
8e8146ed90ef7808aefb31bc3aa140b45daf8772
perl-Locale-Maketext-Simple-0.18-146.el6.cloudlinux.els.x86_64.rpm
05a56edd661fb16c73b16d8f8a1c9b2fbe0faa7b
perl-Compress-Raw-Zlib-2.021-146.el6.cloudlinux.els.x86_64.rpm
d41de6f30f4021f2caa7efa5664aa759473dd8ff
perl-ExtUtils-MakeMaker-6.55-146.el6.cloudlinux.els.x86_64.rpm
12057e6497f6af23eccbaf4d79a3988b2828055b
perl-version-0.77-146.el6.cloudlinux.els.x86_64.rpm
0f82c18a76c6dc495d5415315f2287dc6c3f774b
perl-Params-Check-0.26-146.el6.cloudlinux.els.x86_64.rpm
c584753f08baa46e615ecc9d3d447c73d7151be4
perl-Module-CoreList-2.18-146.el6.cloudlinux.els.x86_64.rpm
5a952474e6c4512b19d2cdace20b2c52b867cdd6
perl-parent-0.221-146.el6.cloudlinux.els.x86_64.rpm
3252b52f9722fea0db35ff672424f6e1427e5e43
perl-suidperl-5.10.1-146.el6.cloudlinux.els.x86_64.rpm
91e919944b089282149a1fadbe25ebade4cacbac
perl-devel-5.10.1-146.el6.cloudlinux.els.x86_64.rpm
63394e8046b91c74e9a63e504bd923bcd9460b3e
perl-Log-Message-Simple-0.04-146.el6.cloudlinux.els.x86_64.rpm
efdf930f789f9a577eeb272009efbd2fa7c1afb6
perl-IO-Compress-Base-2.021-146.el6.cloudlinux.els.x86_64.rpm
cf8a085e634888339065be7ddf171b7195878e23
perl-Archive-Extract-0.38-146.el6.cloudlinux.els.x86_64.rpm
c68e6bdbe865ba44d596de7fa6564d03465c4267
perl-Test-Harness-3.17-146.el6.cloudlinux.els.x86_64.rpm
2bc483a796ecfe172d4a16db377fcb8289f0b388
perl-libs-5.10.1-146.el6.cloudlinux.els.i686.rpm
e6e7aecf67f83647439860bb2a971fdde046723b
perl-5.10.1-146.el6.cloudlinux.els.x86_64.rpm
900a7de31a6a4b8f0ae2a3ef18eed8ea2b2b8a7f
perl-Module-Load-0.16-146.el6.cloudlinux.els.x86_64.rpm
3df23ff5616c24a5f6aea75ec0ef0f6c65fe07ed
perl-Compress-Zlib-2.021-146.el6.cloudlinux.els.x86_64.rpm
3b2fbbb4226bea318e4641627f679d0e7df345d6
perl-Module-Pluggable-3.90-146.el6.cloudlinux.els.x86_64.rpm
793fdf16789441e1a33fbd12a8a60ffa234dda65
perl-Pod-Escapes-1.04-146.el6.cloudlinux.els.x86_64.rpm
054cf5a607992002fcd45a9c6d27b9a113db772d
perl-Module-Build-0.3500-146.el6.cloudlinux.els.x86_64.rpm
01003ae439108b4765f4b1d2bf8cf081e249103c
perl-Module-Loaded-0.02-146.el6.cloudlinux.els.x86_64.rpm
97820c5e87afaf7eea68ef12dae07c0a10afa5fd
perl-Test-Simple-0.92-146.el6.cloudlinux.els.x86_64.rpm
c7f28f8a41a2e50f88899f06e68587a767d8e1d5
perl-Term-UI-0.20-146.el6.cloudlinux.els.x86_64.rpm
8c3ff5f20d6c618af2467d74de9e992c8daccf54
perl-Package-Constants-0.02-146.el6.cloudlinux.els.x86_64.rpm
8fc39fc2792ffc4c1eb58efd2f010772a47b7cd3
perl-Object-Accessor-0.34-146.el6.cloudlinux.els.x86_64.rpm
2783238ac0c18bbdb377bbbc18910c036761f4d6
perl-Digest-SHA-5.47-146.el6.cloudlinux.els.x86_64.rpm
38216171f806f25f9000716800a74af29cfacdd4
perl-ExtUtils-ParseXS-2.2003.0-146.el6.cloudlinux.els.x86_64.rpm
89631732a2fbf449cbcf0c23933384f03da612f0
perl-File-Fetch-0.26-146.el6.cloudlinux.els.x86_64.rpm
b052690c47b306c677d139debd97a6f8a4109702
perl-Time-HiRes-1.9721-146.el6.cloudlinux.els.x86_64.rpm
866532f0cc4f0eebf00d36f48a697fdfcdc0e2fe
perl-Compress-Raw-Bzip2-2.021-146.el6.cloudlinux.els.x86_64.rpm
0336d5db9e792e2b000706d37ac40f1ad836cef1
perl-Time-Piece-1.15-146.el6.cloudlinux.els.x86_64.rpm
e47d0ac5ddd765e8a1bc90ae43aca4970ef6579c
perl-CGI-3.51-146.el6.cloudlinux.els.x86_64.rpm
c25a0b315e7a3633ac602d69bc2dcf34b013fd0c
perl-ExtUtils-CBuilder-0.27-146.el6.cloudlinux.els.x86_64.rpm
b5aeed110bbc311298b97d0abdb16f70a93c58d9
perl-IO-Zlib-1.09-146.el6.cloudlinux.els.x86_64.rpm
6731d9d780640567b8555aa98dee615d18cc9cfb
perl-Module-Load-Conditional-0.30-146.el6.cloudlinux.els.x86_64.rpm
0aa8555905a0aa86c97eb6897319170467a943f9
perl-core-5.10.1-146.el6.cloudlinux.els.x86_64.rpm
ef7108f26d96122a63e54e9defe7c4413a999ac7
perl-IO-Compress-Zlib-2.021-146.el6.cloudlinux.els.x86_64.rpm
7cd86d5c7577b070d66da82d19efb125c1e6dfd3
perl-ExtUtils-Embed-1.28-146.el6.cloudlinux.els.x86_64.rpm
c191053809a36895d10d39fa8b0ed1ef7eafd6fc
perl-IPC-Cmd-0.56-146.el6.cloudlinux.els.x86_64.rpm
b07800fe5767637e0e5eb724d7640eb3ab1f5b1e
perl-libs-5.10.1-146.el6.cloudlinux.els.x86_64.rpm
3434d6f43e0e980a441d5ebe8fdd3093256bcaa7
perl-CPAN-1.9402-146.el6.cloudlinux.els.x86_64.rpm
c1a82c017ca896e2fb15103ea466f9bfbf012c01
perl-devel-5.10.1-146.el6.cloudlinux.els.i686.rpm
6e31fa3c6ed6257cc477aa42de147eacbb0ebb4b
CLSA-2021:1633442827
Fix of CVE: CVE-2021-3487
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-3487: excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section().
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-3487: excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section().
0
cloudlinux-x86_64-server-6
binutils-2.20.51.0.2-5.49.el6.cloudlinux.els.x86_64.rpm
6131aa562a6857b4ed2990a6a777f110c26834a1
binutils-devel-2.20.51.0.2-5.49.el6.cloudlinux.els.x86_64.rpm
976a947d1bb5ca6a1b04700ff1a04637daafd150
binutils-devel-2.20.51.0.2-5.49.el6.cloudlinux.els.i686.rpm
7964ed38a42f8e8aac0a34ed39f0be9d53a4d348
CLSA-2021:1633442879
Fix of CVE: CVE-2020-26116, CVE-2020-8492, CVE-2018-20852, CVE-2020-27619
Copyright 2021 Cloud Linux Inc
0
- Add Oracle Linux distribution in platform.py
- CVE-2018-20852: Prefix dot in domain for proper subdomain validation
- CVE-2020-8492: Python allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client
- CVE-2020-26116: http.client allows CRLF injection if the attacker controls the HTTP request method
- CVE-2020-27619: Unsafe use of eval() on data retrieved via HTTP in the test suite
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Add Oracle Linux distribution in platform.py
- CVE-2018-20852: Prefix dot in domain for proper subdomain validation
- CVE-2020-8492: Python allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client
- CVE-2020-26116: http.client allows CRLF injection if the attacker controls the HTTP request method
- CVE-2020-27619: Unsafe use of eval() on data retrieved via HTTP in the test suite
0
cloudlinux-x86_64-server-6
python-libs-2.6.6-70.el6.cloudlinux.els.i686.rpm
35d78dc89054d3d943b70b20f810deabb0593f60
python-tools-2.6.6-70.el6.cloudlinux.els.x86_64.rpm
5ed4f4aad0100293c260257885f55832524803dc
python-devel-2.6.6-70.el6.cloudlinux.els.i686.rpm
3a142d5fefb673115a0d75478ebebdf550979baa
python-devel-2.6.6-70.el6.cloudlinux.els.x86_64.rpm
a15c5e237976892df90d77d499d362fde800bd83
python-2.6.6-70.el6.cloudlinux.els.x86_64.rpm
74f9cbb0497812167dac31e9a5efc0e676bc369c
tkinter-2.6.6-70.el6.cloudlinux.els.x86_64.rpm
4f01388110af0be707591304893a8476dc651aa8
python-test-2.6.6-70.el6.cloudlinux.els.x86_64.rpm
0be422a4d7d024e5cad1212aede8012f0276732c
python-2.6.6-70.el6.cloudlinux.els.i686.rpm
62cde96bba571f7626b00bce5bdcdc24c40a0110
python-libs-2.6.6-70.el6.cloudlinux.els.x86_64.rpm
53a07dbe94780454a075523e7a2970a31fac177e
CLSA-2021:1633442910
Update of openssl-static, openssl-perl, openssl-devel, openssl, openssl-devel, openssl
Copyright 2021 Cloud Linux Inc
0
- Always check certificates from local root store first
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Always check certificates from local root store first
0
cloudlinux-x86_64-server-6
openssl-static-1.0.1e-63.el6.cloudlinux.els.x86_64.rpm
77c4563490ead5517f048f26e11abccc0ebad793
openssl-perl-1.0.1e-63.el6.cloudlinux.els.x86_64.rpm
e3e611b9985d2a47a873235fd62db0d633fc3fc2
openssl-devel-1.0.1e-63.el6.cloudlinux.els.x86_64.rpm
203a18f35b60dc7a385b1c023e5049f0e546a4ec
openssl-1.0.1e-63.el6.cloudlinux.els.i686.rpm
c950385d73200c26a4c605dc1429fbe5e80c5396
openssl-devel-1.0.1e-63.el6.cloudlinux.els.i686.rpm
4869f7f8387232bab238b73cbd299597d6ea3afe
openssl-1.0.1e-63.el6.cloudlinux.els.x86_64.rpm
8aa41ddf2a945781a5030c22d3a423e15af03fe1
CLSA-2021:1633442934
Fix of CVE: CVE-2020-11868
Copyright 2021 Cloud Linux Inc
0
- CVE-2020-11868: incorrect handling of packets from unauthenticated
synchronization source with spoofed IP address leads to denial of service.
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2020-11868: incorrect handling of packets from unauthenticated
synchronization source with spoofed IP address leads to denial of service.
0
cloudlinux-x86_64-server-6
ntp-perl-4.2.6p5-16.el6.cloudlinux.els.x86_64.rpm
fd006614bdd136b540a695511be799ec0bf78c72
ntp-doc-4.2.6p5-16.el6.cloudlinux.els.noarch.rpm
bb59e7bc641383835bd8edc308bb2696afcaa88f
ntp-4.2.6p5-16.el6.cloudlinux.els.x86_64.rpm
e2ba6ca54c55127348e8f6a031361e3bb363ca8e
ntpdate-4.2.6p5-16.el6.cloudlinux.els.x86_64.rpm
98cead0eb696da630e2692c1997b65f994750a16
CLSA-2021:1633601543
Fix of CVE: CVE-2020-35452
Copyright 2021 Cloud Linux Inc
0
- CVE-2020-35452: fix stack overflow in mod_auth_digest due to
crafted digest nonce
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2020-35452: fix stack overflow in mod_auth_digest due to
crafted digest nonce
0
cloudlinux-x86_64-server-6
httpd-2.2.15-71.el6.cloudlinux.els.x86_64.rpm
c32215e952ff7eef0ababfe3a9f511fc4677365c
httpd-tools-2.2.15-71.el6.cloudlinux.els.x86_64.rpm
768c8eea514e03f8b079a9c8c38c03c4e55ef787
mod_ssl-2.2.15-71.el6.cloudlinux.els.x86_64.rpm
ae84ff9ffae833af6401814fc68c0b9ab82dff0b
httpd-devel-2.2.15-71.el6.cloudlinux.els.i686.rpm
552b93ea201a2b2afa373d819d929c30989ae8d6
httpd-devel-2.2.15-71.el6.cloudlinux.els.x86_64.rpm
ff6af19abc5c67da36b3a5cec965fc3e93037976
httpd-manual-2.2.15-71.el6.cloudlinux.els.noarch.rpm
a860be5f10b1d0c41ab7d911450f585847dcd88d
CLSA-2021:1634573745
Fix of CVE: CVE-2020-25275, CVE-2020-12100
Copyright 2021 Cloud Linux Inc
0
- CVE-2020-12100: Resource exhaustion via deeply nested MIME parts
- CVE-2020-25275: Denial of service via mail MIME parsing
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2020-12100: Resource exhaustion via deeply nested MIME parts
- CVE-2020-25275: Denial of service via mail MIME parsing
0
cloudlinux-x86_64-server-6
dovecot-pigeonhole-2.0.9-23.el6.cloudlinux.els.x86_64.rpm
328f1f079c8ae9d9aa704b2ee3ca245ffeacdde6
dovecot-mysql-2.0.9-23.el6.cloudlinux.els.x86_64.rpm
862fe8e43bf86563b9426a0d4c53216cc163568f
dovecot-pgsql-2.0.9-23.el6.cloudlinux.els.x86_64.rpm
94e17beb55081f346c8289253c8ef7c0659f1df3
dovecot-2.0.9-23.el6.cloudlinux.els.i686.rpm
c4f60cdd268793f6315d295a5cef69e4c293b05f
dovecot-devel-2.0.9-23.el6.cloudlinux.els.i686.rpm
c8100c716cb6b2555320f6d5f42c861d0132fb3a
dovecot-devel-2.0.9-23.el6.cloudlinux.els.x86_64.rpm
0752c219409676210bf8b2bb5171fdb54a18fb5b
dovecot-2.0.9-23.el6.cloudlinux.els.x86_64.rpm
a61c0a5e0286c43c1adaaa82f0eaf74732ffb258
CLSA-2021:1634745118
Fix of CVE: CVE-2021-3778, CVE-2021-3796
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-3778: crafted input leads to heap-based buffer overflow
- CVE-2021-3796: crafted input leads to use-after-free
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-3778: crafted input leads to heap-based buffer overflow
- CVE-2021-3796: crafted input leads to use-after-free
0
cloudlinux-x86_64-server-6
vim-X11-7.4.629-6.el6.cloudlinux.els.x86_64.rpm
b9858acf9f53e6e59fe67ae542f37a82f0ddb7c6
vim-minimal-7.4.629-6.el6.cloudlinux.els.x86_64.rpm
f4ebaf98b07012999a074d11a211b2759bdd17f4
vim-filesystem-7.4.629-6.el6.cloudlinux.els.x86_64.rpm
00c24adaa44126a2249b4a9c2ea20f010ce57205
vim-common-7.4.629-6.el6.cloudlinux.els.x86_64.rpm
e6a2897ffe70f135d6b6b9c69c28489e82e51529
vim-enhanced-7.4.629-6.el6.cloudlinux.els.x86_64.rpm
9639220698519e919f3ad1b2dc810d8428f00798
CLSA-2021:1634745216
Fix of CVE: CVE-2021-39275
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-39275: ap_escape_quotes() algorithm which led to
buffer overflow.
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-39275: ap_escape_quotes() algorithm which led to
buffer overflow.
0
cloudlinux-x86_64-server-6
httpd-devel-2.2.15-72.el6.cloudlinux.els.x86_64.rpm
18b759eeba11fb58e3697b0f59b025f0c2091780
httpd-manual-2.2.15-72.el6.cloudlinux.els.noarch.rpm
7b642531a72e54b8f75f8acbce52f5caed9afa26
httpd-devel-2.2.15-72.el6.cloudlinux.els.i686.rpm
1ad80333c45e3a90bc8f9871a3da9db118bea11e
httpd-2.2.15-72.el6.cloudlinux.els.x86_64.rpm
9aa2194b083e40e215770116d7ce34a4baade9ab
mod_ssl-2.2.15-72.el6.cloudlinux.els.x86_64.rpm
efb95042e544d8262945de4282e7e24439a5d0b8
httpd-tools-2.2.15-72.el6.cloudlinux.els.x86_64.rpm
ac58bcb361e1dcc4e959c682788e5e1f20417633
CLSA-2021:1635439636
Fix of CVE: CVE-2017-6363, CVE-2021-40145
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-40145: check for memory allocation errors processing GD2 images
- CVE-2017-6363: make sure transparent index is within bounds of the palette
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-40145: check for memory allocation errors processing GD2 images
- CVE-2017-6363: make sure transparent index is within bounds of the palette
0
cloudlinux-x86_64-server-6
gd-devel-2.0.35-12.el6.cloudlinux.els.x86_64.rpm
9d1d1e0a2639c7e6256646a376ed73368dd2b9b3
gd-2.0.35-12.el6.cloudlinux.els.i686.rpm
ccd2191604c7e5e38eaee0fe77fce6f895387f6b
gd-devel-2.0.35-12.el6.cloudlinux.els.i686.rpm
808dcc8f464d5336e6138d487a63284ee389cedc
gd-2.0.35-12.el6.cloudlinux.els.x86_64.rpm
f28513fde6288689cde76a95227b1d1780780321
gd-progs-2.0.35-12.el6.cloudlinux.els.x86_64.rpm
ad235b9fbd63d91496b11654edb4de7fc2a79b8d
CLSA-2021:1636378490
Fix of CVE: CVE-2017-20005
Copyright 2021 Cloud Linux Inc
0
- CVE-2017-20005: fix buffer overflow for years that exceed four digits
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2017-20005: fix buffer overflow for years that exceed four digits
0
cloudlinux-x86_64-server-6
nginx-mod-mail-1.10.3-4.el6.cloudlinux.els.x86_64.rpm
b2217bd015cebc560c018e3295a83b285808b423
nginx-mod-http-geoip-1.10.3-4.el6.cloudlinux.els.x86_64.rpm
131d06f06d33a4c29a41ad4847e2b4446ac88048
nginx-mod-http-perl-1.10.3-4.el6.cloudlinux.els.x86_64.rpm
75a2012f8432fae9d801cebac704dc58822baacb
nginx-all-modules-1.10.3-4.el6.cloudlinux.els.noarch.rpm
3fa897c99168a673766c5a3844cf81480ee2fa94
nginx-filesystem-1.10.3-4.el6.cloudlinux.els.noarch.rpm
ed1ebb143664658b37eca7c9c90afa5a5dbbb133
nginx-mod-http-image-filter-1.10.3-4.el6.cloudlinux.els.x86_64.rpm
d77d42674175377216ea9119437c305207eafee7
nginx-mod-http-xslt-filter-1.10.3-4.el6.cloudlinux.els.x86_64.rpm
03f6fa131e6cad1559f53ea88e6b894cb8bd5c88
nginx-mod-stream-1.10.3-4.el6.cloudlinux.els.x86_64.rpm
ad4cdb776456d1c4c160ad7aa9fe913b59281f96
nginx-1.10.3-4.el6.cloudlinux.els.x86_64.rpm
efd1b755b530c081a866a2905e95a921ea286ed9
CLSA-2021:1637070791
Fix of CVE: CVE-2021-25219
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-25219: Fix resolver performance degradation via lame cache abuse
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-25219: Fix resolver performance degradation via lame cache abuse
0
cloudlinux-x86_64-server-6
bind-9.8.2-0.68.rc1.el6.11.cloudlinux.els.x86_64.rpm
4f7acff6ad0ada398f0ac4e3940e31812d58c497
bind-devel-9.8.2-0.68.rc1.el6.11.cloudlinux.els.x86_64.rpm
cc7013870517ef9cf689a6c690b6893fa1da37ab
bind-devel-9.8.2-0.68.rc1.el6.11.cloudlinux.els.i686.rpm
986de3902ac24d774a97b24d9726406824a5d5c1
bind-chroot-9.8.2-0.68.rc1.el6.11.cloudlinux.els.x86_64.rpm
5c28deaae53800473a05d2d09704b7f0efb34c0d
bind-libs-9.8.2-0.68.rc1.el6.11.cloudlinux.els.i686.rpm
e680a392e008447df29a513241908677cefce80e
bind-sdb-9.8.2-0.68.rc1.el6.11.cloudlinux.els.x86_64.rpm
a6559ae7020b44d4ba4bfa87ba3bf664a8eedb79
bind-utils-9.8.2-0.68.rc1.el6.11.cloudlinux.els.x86_64.rpm
2e8dd77e57c208ab55d7c00a33b9e342adcf50d7
bind-libs-9.8.2-0.68.rc1.el6.11.cloudlinux.els.x86_64.rpm
6be8184f06ff85be9a84abf1574a30847bce3207
CLSA-2021:1637583639
Fix of CVE: CVE-2021-3326, CVE-2021-43396
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-3326: avoid denial of service due to a failed assertion
- CVE-2021-43396: check actual stored character in state reset code
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-3326: avoid denial of service due to a failed assertion
- CVE-2021-43396: check actual stored character in state reset code
0
cloudlinux-x86_64-server-6
glibc-devel-2.12-2.215.el6.cloudlinux.els.i686.rpm
a21f636e3a3ec015209b970ea59dd09d2d6b4c9d
glibc-common-2.12-2.215.el6.cloudlinux.els.x86_64.rpm
28bfb8643d2c94938c506878b9d212417af189c5
glibc-2.12-2.215.el6.cloudlinux.els.i686.rpm
89d2ae7d35e96140751109e54c8ded68bdf3e41c
glibc-2.12-2.215.el6.cloudlinux.els.x86_64.rpm
61e209506bd807450679012e08117f0f42b408fe
glibc-headers-2.12-2.215.el6.cloudlinux.els.x86_64.rpm
dca990f4565e5ec15b91c005f43e07e066929380
glibc-devel-2.12-2.215.el6.cloudlinux.els.x86_64.rpm
9621fab438fdc81e8f54c30f8169cd35b3d317b2
glibc-static-2.12-2.215.el6.cloudlinux.els.i686.rpm
710afa90fefa5630efea5adf66058cb2832b6d83
glibc-utils-2.12-2.215.el6.cloudlinux.els.x86_64.rpm
81c3fcb31ccb6e5cb964b8f0b7cd7330b92c7658
nscd-2.12-2.215.el6.cloudlinux.els.x86_64.rpm
285e06c5af0893135c89b13abce54697d35f290b
glibc-static-2.12-2.215.el6.cloudlinux.els.x86_64.rpm
3b84601ca03daf5cafa05750be520112fb5b230a
CLSA-2021:1637673150
Fix of CVE: CVE-2021-3903, CVE-2021-3875, CVE-2021-3872
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-3872: fix illegal memory access if buffer name is very long
- CVE-2021-3875: fix ml_get error after search with range
- CVE-2021-3903: fix invalid memory access when scrolling without a valid screen
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-3872: fix illegal memory access if buffer name is very long
- CVE-2021-3875: fix ml_get error after search with range
- CVE-2021-3903: fix invalid memory access when scrolling without a valid screen
0
cloudlinux-x86_64-server-6
vim-filesystem-7.4.629-7.el6.cloudlinux.els.x86_64.rpm
956760771c93e1384f7cfeed3a3e481259289429
vim-minimal-7.4.629-7.el6.cloudlinux.els.x86_64.rpm
655d4d26d64bdcdc36cdc9499764c386dc2d7360
vim-enhanced-7.4.629-7.el6.cloudlinux.els.x86_64.rpm
99b72071469af4fb8f911e460357812d7c0867d4
vim-common-7.4.629-7.el6.cloudlinux.els.x86_64.rpm
81679ce9f93c934bd8c2979f3c62cb1341b5490d
vim-X11-7.4.629-7.el6.cloudlinux.els.x86_64.rpm
87ccad8c3b0c7145c8902cd569d56b902935ea2d
CLSA-2021:1637673193
Fix of CVE: CVE-2021-21704, CVE-2021-21703, CVE-2021-21705
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-21704: fix integer overflow and subsequent incorrect buffer allocation
- CVE-2021-21705: fix incorrect url password validation
- CVE-2021-21703: fix incorrect shared memory management, which led to priv escalation
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-21704: fix integer overflow and subsequent incorrect buffer allocation
- CVE-2021-21705: fix incorrect url password validation
- CVE-2021-21703: fix incorrect shared memory management, which led to priv escalation
0
cloudlinux-x86_64-server-6
php-fpm-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
a8d15d4821210a8895ea922d6ea96e4723fd7570
php-common-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
6c80e2d27f9216780816625a7b060bd69aee19b9
php-enchant-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
308ebfc0b230ccbed38fff0f2d1841d248cc4efb
php-imap-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
1ce6b432940f93d3fcba966837caf38681ae215c
php-zts-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
54c3c556b3cebc754cc30c7ab0d9984ca73c6e1c
php-xml-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
756d2ad8472491c871e0a61073b95786647fbc70
php-bcmath-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
2e5d6f8f6a34cc5662d2512275b2f00f9aa57d1b
php-pspell-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
a8a70a30f47d85c7b3ccf204fb6e6e220ff5a40e
php-soap-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
85dd64691cade8435d1bf3070fad29abdf9c3d1f
php-tidy-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
49b9c76208ca1b31d31d47e3fa1e730544e4fea6
php-process-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
a23c26f1a2037c727afef3b9732a08a562576f96
php-snmp-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
524891a12442d1552d61faa432cf891450742266
php-intl-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
d53370517baee9e3e23165bd55864e4016828715
php-embedded-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
37e1b0d7302ce7137c7cae0c84dde977f8f8e62d
php-dba-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
fa05b6dd1696de13197270caafb8662eeb21e152
php-pgsql-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
00800668d2dba0233c6d580e0419ee90e20156ae
php-gd-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
7cda5c1939066bd943a949d68f359b8f61557765
php-ldap-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
af5484bd1b87585790b81ac074df3349ddc3c665
php-recode-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
feddc59bf1fa892c45de180af3d87ed45ea68e07
php-pdo-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
d35b33511c6b6544085fa60d40feec33c3c49605
php-odbc-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
9de719df4fdee5484a690e6a5d5c4b923f84ca07
php-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
0501b6473a97c52b81ffdbf49db53fc35c7a27b1
php-mbstring-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
13f3536ce2aee45aae4ba46b7b44257d3583915e
php-cli-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
07fd3bcb4c1d9135e91c36da10c9f2d891db557a
php-devel-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
e4e8a906033dd710afe11afd676723fdaebf294c
php-xmlrpc-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
3acb93aca0b046960a8ddf345c3b42634ef2526a
php-mysql-5.3.3-55.el6.cloudlinux.els.x86_64.rpm
c124ad1669ee0094a2b7118caf7c12417b681be4
CLSA-2021:1638803748
Fix of CVE: CVE-2021-27212
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-27212: fix DoS via malicious packet
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-27212: fix DoS via malicious packet
0
cloudlinux-x86_64-server-6
openldap-clients-2.4.40-16.el6.tuxcare.els1.x86_64.rpm
50df0e1d75f873cac14b417a593278786274f2c1
openldap-servers-sql-2.4.40-16.el6.tuxcare.els1.x86_64.rpm
de8a7e846509e0250a279d2c617f56b284f163c7
openldap-devel-2.4.40-16.el6.tuxcare.els1.x86_64.rpm
35b453fb81b2bed589da4e43048b7f906ed2dcab
openldap-2.4.40-16.el6.tuxcare.els1.x86_64.rpm
20fd262feda47affccd3e600d7bd6b7cc1d2c752
openldap-2.4.40-16.el6.tuxcare.els1.i686.rpm
4c2dbb57f6b43192b2080e83a5ba459c30c8240f
openldap-devel-2.4.40-16.el6.tuxcare.els1.i686.rpm
b8d6a7d8fc7a5478debeecb1cc7c14c5d6b428e4
openldap-servers-2.4.40-16.el6.tuxcare.els1.x86_64.rpm
68da1d62b1a31d0ba6e544a7b8fbb489773737f4
CLSA-2021:1638803795
Fix of CVE: CVE-2021-3928, CVE-2021-3927
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-3927: fix heap-based buffer overflow when reading character past end of line
- CVE-2021-3928: fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestions
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-3927: fix heap-based buffer overflow when reading character past end of line
- CVE-2021-3928: fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestions
0
cloudlinux-x86_64-server-6
vim-minimal-7.4.629-5.2.el6.tuxcare.els3.x86_64.rpm
0e0daf9e7a3f4a1f28dfa8a9b8f0a9cd7f3b6c73
vim-common-7.4.629-5.2.el6.tuxcare.els3.x86_64.rpm
6f36e7e4e7263b9bf64b499e999ded447939fd72
vim-enhanced-7.4.629-5.2.el6.tuxcare.els3.x86_64.rpm
751836f9083d9ebd7b8ef5d529fa0a6f9f0f0118
vim-X11-7.4.629-5.2.el6.tuxcare.els3.x86_64.rpm
456229b29b3a46cb760a96db34658931dfe1ecb9
vim-filesystem-7.4.629-5.2.el6.tuxcare.els3.x86_64.rpm
1de1eba518c882fb8a6873596cb9acb88f935d1d
CLSA-2021:1638803819
Fix of 56 CVEs
Copyright 2021 Cloud Linux Inc
0
- CVE-2017-7223: Fix global buffer overflow (of size 1)
- CVE-2017-7224: Fix invalid write (of size 1) while disassembling
- CVE-2017-7225: Fix NULL pointer dereference and an invalid write
- CVE-2017-7226: Fix heap-based buffer over-read of size 4049
- CVE-2017-7227: Fix heap-based buffer overflow
- CVE-2017-7299: Fix invalid read (of size 8) in ELF reloc section
- CVE-2017-7300: Fix heap-based buffer over-read (off-by-one)
- CVE-2017-7301: Fix off-by-one vulnerability
- CVE-2017-7302: Fix invalid read (of size 4)
- CVE-2017-7614: Fix undefined behavior issue
- CVE-2017-8393: Fix global buffer over-read error
- CVE-2017-8394: Fix invalid read of size 4 due to NULL pointer dereferencing
- CVE-2017-8398: Fix invalid read of size 1 during dumping of debug information
- CVE-2017-8421: Fix memory leak vulnerability
- CVE-2017-9742: Fix buffer overflow
- CVE-2017-9744: Fix buffer overflow
- CVE-2017-9747: Fix buffer overflow
- CVE-2017-9748: Fix buffer overflow
- CVE-2017-9749: Fix buffer overflow
- CVE-2017-9753: Fix buffer overflow
- CVE-2017-9754: Fix buffer overflow
- CVE-2017-12448: Fix use after free
- CVE-2017-12449: Fix out of bounds heap read
- CVE-2017-12455: Fix out of bounds heap read
- CVE-2017-12457: Fix NULL dereference
- CVE-2017-12458: Fix out of bounds heap read
- CVE-2017-12459: Fix out of bounds heap write
- CVE-2017-12450: Fix out of bounds heap write
- CVE-2017-12452: Fix out of bounds heap read
- CVE-2017-12453: Fix out of bounds heap read
- CVE-2017-12454: Fix arbitrary memory read
- CVE-2017-12456: Fix out of bounds heap read
- CVE-2017-14333: Fix integer overflow, and hang because of a time-consuming loop
- CVE-2017-12451: Fix out of bounds stack read
- CVE-2017-12799: Fix buffer overflow
- CVE-2017-13710: Fix NULL pointer dereference
- CVE-2017-14130: Fix _bfd_elf_attr_strdup heap-based buffer over-read
- CVE-2017-14932: Fix infinite loop
- CVE-2017-14938: Fix excessive memory allocation
- CVE-2017-14940: Fix NULL pointer dereference
- CVE-2017-15020: Fix parse_die heap-based buffer over-read
- CVE-2017-15022: Fix bfd_hash_hash NULL pointer dereference
- CVE-2017-15225: Fix divide-by-zero error
- CVE-2017-15938: Fix find_abstract_instance_name invalid memory read, segmentation fault
- CVE-2017-15939: Fix NULL pointer dereference
- CVE-2017-15996: Fix buffer overflow on fuzzed archive header
- CVE-2017-16826: Fix invalid memory access
- CVE-2017-16827: slurp_symtab invalid free
- CVE-2017-16828: Fix integer overflow and heap-based buffer over-read
- CVE-2017-16831: Fix integer overflow or excessive memory allocation
- CVE-2017-17080: Fix bfd_getl32 heap-based buffer over-read
- CVE-2017-8396: Fix invalid read of size 1
- CVE-2017-17121: Fix memory access violation
- CVE-2017-17123: Fix NULL pointer dereference
- CVE-2017-17124: Fix excessive memory consumption or heap-based buffer overflow
- CVE-2017-17125: Fix buffer over-read
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2017-7223: Fix global buffer overflow (of size 1)
- CVE-2017-7224: Fix invalid write (of size 1) while disassembling
- CVE-2017-7225: Fix NULL pointer dereference and an invalid write
- CVE-2017-7226: Fix heap-based buffer over-read of size 4049
- CVE-2017-7227: Fix heap-based buffer overflow
- CVE-2017-7299: Fix invalid read (of size 8) in ELF reloc section
- CVE-2017-7300: Fix heap-based buffer over-read (off-by-one)
- CVE-2017-7301: Fix off-by-one vulnerability
- CVE-2017-7302: Fix invalid read (of size 4)
- CVE-2017-7614: Fix undefined behavior issue
- CVE-2017-8393: Fix global buffer over-read error
- CVE-2017-8394: Fix invalid read of size 4 due to NULL pointer dereferencing
- CVE-2017-8398: Fix invalid read of size 1 during dumping of debug information
- CVE-2017-8421: Fix memory leak vulnerability
- CVE-2017-9742: Fix buffer overflow
- CVE-2017-9744: Fix buffer overflow
- CVE-2017-9747: Fix buffer overflow
- CVE-2017-9748: Fix buffer overflow
- CVE-2017-9749: Fix buffer overflow
- CVE-2017-9753: Fix buffer overflow
- CVE-2017-9754: Fix buffer overflow
- CVE-2017-12448: Fix use after free
- CVE-2017-12449: Fix out of bounds heap read
- CVE-2017-12455: Fix out of bounds heap read
- CVE-2017-12457: Fix NULL dereference
- CVE-2017-12458: Fix out of bounds heap read
- CVE-2017-12459: Fix out of bounds heap write
- CVE-2017-12450: Fix out of bounds heap write
- CVE-2017-12452: Fix out of bounds heap read
- CVE-2017-12453: Fix out of bounds heap read
- CVE-2017-12454: Fix arbitrary memory read
- CVE-2017-12456: Fix out of bounds heap read
- CVE-2017-14333: Fix integer overflow, and hang because of a time-consuming loop
- CVE-2017-12451: Fix out of bounds stack read
- CVE-2017-12799: Fix buffer overflow
- CVE-2017-13710: Fix NULL pointer dereference
- CVE-2017-14130: Fix _bfd_elf_attr_strdup heap-based buffer over-read
- CVE-2017-14932: Fix infinite loop
- CVE-2017-14938: Fix excessive memory allocation
- CVE-2017-14940: Fix NULL pointer dereference
- CVE-2017-15020: Fix parse_die heap-based buffer over-read
- CVE-2017-15022: Fix bfd_hash_hash NULL pointer dereference
- CVE-2017-15225: Fix divide-by-zero error
- CVE-2017-15938: Fix find_abstract_instance_name invalid memory read, segmentation fault
- CVE-2017-15939: Fix NULL pointer dereference
- CVE-2017-15996: Fix buffer overflow on fuzzed archive header
- CVE-2017-16826: Fix invalid memory access
- CVE-2017-16827: slurp_symtab invalid free
- CVE-2017-16828: Fix integer overflow and heap-based buffer over-read
- CVE-2017-16831: Fix integer overflow or excessive memory allocation
- CVE-2017-17080: Fix bfd_getl32 heap-based buffer over-read
- CVE-2017-8396: Fix invalid read of size 1
- CVE-2017-17121: Fix memory access violation
- CVE-2017-17123: Fix NULL pointer dereference
- CVE-2017-17124: Fix excessive memory consumption or heap-based buffer overflow
- CVE-2017-17125: Fix buffer over-read
0
cloudlinux-x86_64-server-6
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els2.x86_64.rpm
50571ee30bea40584f82d6dc53cdb6c7c6f86039
binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els2.x86_64.rpm
b3c0bfb07f4809161a82b942c3eb13670238d6d7
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els2.i686.rpm
f1446d4c1e63f44d3b1342a8449bf6a8548676ad
CLSA-2021:1640002354
Fix of CVE: CVE-2021-43527
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-43527: Fix memory corruption in decodeECorDsaSignature with DSA
signatures (and RSA-PSS)
- Update to CKBI 2.50 from NSS 3.67
- Removing:
- # Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
- # Certificate "AddTrust Low-Value Services Root"
- # Certificate "AddTrust External Root"
- # Certificate "GeoTrust Global CA"
- # Certificate "GeoTrust Universal CA"
- # Certificate "GeoTrust Universal CA 2"
- # Certificate "QuoVadis Root CA"
- # Certificate "Sonera Class 2 Root CA"
- # Certificate "UTN USERFirst Email Root CA"
- # Certificate "Taiwan GRCA"
- # Certificate "Certplus Class 2 Primary CA"
- # Certificate "GeoTrust Primary Certification Authority"
- # Certificate "thawte Primary Root CA"
- # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5"
- # Certificate "Deutsche Telekom Root CA 2"
- # Certificate "GeoTrust Primary Certification Authority - G3"
- # Certificate "thawte Primary Root CA - G2"
- # Certificate "thawte Primary Root CA - G3"
- # Certificate "GeoTrust Primary Certification Authority - G2"
- # Certificate "VeriSign Universal Root Certification Authority"
- # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4"
- # Certificate "Staat der Nederlanden Root CA - G2"
- # Certificate "Trustis FPS Root CA"
- # Certificate "EE Certification Centre Root CA"
- # Certificate "Swisscom Root CA 2"
- # Certificate "Certinomis - Root CA"
- # Certificate "LuxTrust Global Root 2"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G4"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G4"
- Adding:
- # Certificate "Entrust Root Certification Authority - G4"
- # Certificate "Microsoft ECC Root Certificate Authority 2017"
- # Certificate "Microsoft RSA Root Certificate Authority 2017"
- # Certificate "e-Szigno Root CA 2017"
- # Certificate "certSIGN Root CA G2"
- # Certificate "Trustwave Global Certification Authority"
- # Certificate "Trustwave Global ECC P256 Certification Authority"
- # Certificate "Trustwave Global ECC P384 Certification Authority"
- # Certificate "NAVER Global Root Certification Authority"
- # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS"
- # Certificate "GlobalSign Secure Mail Root R45"
- # Certificate "GlobalSign Secure Mail Root E45"
- # Certificate "GlobalSign Root R46"
- # Certificate "GlobalSign Root E46"
- # Certificate "GLOBALTRUST 2020"
- # Certificate "ANF Secure Server Root CA"
- # Certificate "Certum EC-384 CA"
- # Certificate "Certum Trusted Root CA"
- revert last change. Patch was for nss-softokn
- Fix out-of-bounds write in NSC_EncryptUpdate (#1775909)
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-43527: Fix memory corruption in decodeECorDsaSignature with DSA
signatures (and RSA-PSS)
- Update to CKBI 2.50 from NSS 3.67
- Removing:
- # Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
- # Certificate "AddTrust Low-Value Services Root"
- # Certificate "AddTrust External Root"
- # Certificate "GeoTrust Global CA"
- # Certificate "GeoTrust Universal CA"
- # Certificate "GeoTrust Universal CA 2"
- # Certificate "QuoVadis Root CA"
- # Certificate "Sonera Class 2 Root CA"
- # Certificate "UTN USERFirst Email Root CA"
- # Certificate "Taiwan GRCA"
- # Certificate "Certplus Class 2 Primary CA"
- # Certificate "GeoTrust Primary Certification Authority"
- # Certificate "thawte Primary Root CA"
- # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5"
- # Certificate "Deutsche Telekom Root CA 2"
- # Certificate "GeoTrust Primary Certification Authority - G3"
- # Certificate "thawte Primary Root CA - G2"
- # Certificate "thawte Primary Root CA - G3"
- # Certificate "GeoTrust Primary Certification Authority - G2"
- # Certificate "VeriSign Universal Root Certification Authority"
- # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4"
- # Certificate "Staat der Nederlanden Root CA - G2"
- # Certificate "Trustis FPS Root CA"
- # Certificate "EE Certification Centre Root CA"
- # Certificate "Swisscom Root CA 2"
- # Certificate "Certinomis - Root CA"
- # Certificate "LuxTrust Global Root 2"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G4"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G4"
- Adding:
- # Certificate "Entrust Root Certification Authority - G4"
- # Certificate "Microsoft ECC Root Certificate Authority 2017"
- # Certificate "Microsoft RSA Root Certificate Authority 2017"
- # Certificate "e-Szigno Root CA 2017"
- # Certificate "certSIGN Root CA G2"
- # Certificate "Trustwave Global Certification Authority"
- # Certificate "Trustwave Global ECC P256 Certification Authority"
- # Certificate "Trustwave Global ECC P384 Certification Authority"
- # Certificate "NAVER Global Root Certification Authority"
- # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS"
- # Certificate "GlobalSign Secure Mail Root R45"
- # Certificate "GlobalSign Secure Mail Root E45"
- # Certificate "GlobalSign Root R46"
- # Certificate "GlobalSign Root E46"
- # Certificate "GLOBALTRUST 2020"
- # Certificate "ANF Secure Server Root CA"
- # Certificate "Certum EC-384 CA"
- # Certificate "Certum Trusted Root CA"
- revert last change. Patch was for nss-softokn
- Fix out-of-bounds write in NSC_EncryptUpdate (#1775909)
0
cloudlinux-x86_64-server-6
nss-tools-3.44.0-12.el6.tuxcare.els1.x86_64.rpm
9e972c3f786d5f0eb40bcb9dcbec345be7e83c26
nss-devel-3.44.0-12.el6.tuxcare.els1.i686.rpm
4e3ce4930ecac2de5919d4d8d246fbadf87fb8ef
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els1.x86_64.rpm
10a31561f099b64f122787b855e2128e198a9ea9
nss-sysinit-3.44.0-12.el6.tuxcare.els1.x86_64.rpm
5ff56fd1482cdbc9ef3ec109882699f2eed47d26
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els1.i686.rpm
ba06a335f5572804d15c9a9864a791e13b5ae3b2
nss-devel-3.44.0-12.el6.tuxcare.els1.x86_64.rpm
fe3cf5eea99aa1cc3c52f6ecc0ba2840cc8377fd
nss-3.44.0-12.el6.tuxcare.els1.i686.rpm
0138186b224db1a04279225d4a3524552f37a019
nss-3.44.0-12.el6.tuxcare.els1.x86_64.rpm
e55e088e204aef7c6b664ff398f687be66e871e2
CLSA-2021:1640621287
Fix of 36 CVEs
Copyright 2021 Cloud Linux Inc
0
- CVE-2018-6323: Fix unsigned integer overflow
- CVE-2018-19931: Fix heap-based buffer overflow in bfd_elf32_swap_phdr_in
- CVE-2018-6543: Fix integer overflow
- CVE-2018-20671: Fix integer overflow vulnerability
- CVE-2018-6759: Fix segmentation fault
- CVE-2018-7208: Fix segmentation fault
- CVE-2018-7568: Fix integer overflow
- CVE-2018-7569: Fix integer underflow or overflow
- CVE-2018-7642: Fix aout_32_swap_std_reloc_out NULL pointer dereference
- CVE-2018-7643: Fix integer overflow
- CVE-2018-8945: Fix segmentation fault
- CVE-2018-13033: Fix excessive memory allocation
- CVE-2018-10373: Fix NULL pointer dereference
- CVE-2018-10535: Fix NULL pointer dereference
- CVE-2018-18309: Fix invalid memory address dereference
- CVE-2018-18605: Fix mishandles section merges
- CVE-2018-18606: Fix NULL pointer dereference
- CVE-2018-18607: Fix NULL pointer dereference in elf_link_input_bfd
- CVE-2018-19932: Fix integer overflow and infinite loop
- CVE-2018-20002: Fix memory consumption
- CVE-2018-20623: Fix use-after-free in the error function
- CVE-2018-1000876: Fix integer overflow trigger heap overflow
- CVE-2019-9073: Fix excessive memory allocation
- CVE-2019-9075: Fix heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap
- CVE-2019-9077: Fix heap-based buffer overflow in process_mips_specific
- CVE-2019-12972: Fix heap-based buffer over-read in _bfd_doprnt
- CVE-2019-14444: Fix integer overflow
- CVE-2019-17450: Fix infinite recursion
- CVE-2016-2226: Fix integer overflow in the string_appends function in cplus-dem.c
- CVE-2016-4487: Fix use-after-free vulnerability in libiberty
- CVE-2016-4488: Fix use-after-free vulnerability in libiberty
- CVE-2016-4489: Fix integer overflow in libiberty
- CVE-2016-4490: Fix integer overflow in cp-demangle.c in libiberty
- CVE-2016-4492: Fix buffer overflow in the do_type function in cplus-dem.c in libiberty
- CVE-2016-4493: Fix out-of-bounds read in demangle_template_value_parm and do_hpacc_template_literal
- CVE-2016-6131: Fix infinite loop, stack overflow
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2018-6323: Fix unsigned integer overflow
- CVE-2018-19931: Fix heap-based buffer overflow in bfd_elf32_swap_phdr_in
- CVE-2018-6543: Fix integer overflow
- CVE-2018-20671: Fix integer overflow vulnerability
- CVE-2018-6759: Fix segmentation fault
- CVE-2018-7208: Fix segmentation fault
- CVE-2018-7568: Fix integer overflow
- CVE-2018-7569: Fix integer underflow or overflow
- CVE-2018-7642: Fix aout_32_swap_std_reloc_out NULL pointer dereference
- CVE-2018-7643: Fix integer overflow
- CVE-2018-8945: Fix segmentation fault
- CVE-2018-13033: Fix excessive memory allocation
- CVE-2018-10373: Fix NULL pointer dereference
- CVE-2018-10535: Fix NULL pointer dereference
- CVE-2018-18309: Fix invalid memory address dereference
- CVE-2018-18605: Fix mishandles section merges
- CVE-2018-18606: Fix NULL pointer dereference
- CVE-2018-18607: Fix NULL pointer dereference in elf_link_input_bfd
- CVE-2018-19932: Fix integer overflow and infinite loop
- CVE-2018-20002: Fix memory consumption
- CVE-2018-20623: Fix use-after-free in the error function
- CVE-2018-1000876: Fix integer overflow trigger heap overflow
- CVE-2019-9073: Fix excessive memory allocation
- CVE-2019-9075: Fix heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap
- CVE-2019-9077: Fix heap-based buffer overflow in process_mips_specific
- CVE-2019-12972: Fix heap-based buffer over-read in _bfd_doprnt
- CVE-2019-14444: Fix integer overflow
- CVE-2019-17450: Fix infinite recursion
- CVE-2016-2226: Fix integer overflow in the string_appends function in cplus-dem.c
- CVE-2016-4487: Fix use-after-free vulnerability in libiberty
- CVE-2016-4488: Fix use-after-free vulnerability in libiberty
- CVE-2016-4489: Fix integer overflow in libiberty
- CVE-2016-4490: Fix integer overflow in cp-demangle.c in libiberty
- CVE-2016-4492: Fix buffer overflow in the do_type function in cplus-dem.c in libiberty
- CVE-2016-4493: Fix out-of-bounds read in demangle_template_value_parm and do_hpacc_template_literal
- CVE-2016-6131: Fix infinite loop, stack overflow
0
cloudlinux-x86_64-server-6
binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els3.x86_64.rpm
0cd249c445a6376b3255c2331a9ef9806085a52a
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els3.x86_64.rpm
d095b2316ab7e9d7f6ea4c8ea5496d558476a645
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els3.i686.rpm
91325877670dd7c2882de4647e4fecf330df482d
CLSA-2021:1640621325
Fix of CVE: CVE-2021-3973, CVE-2021-3974, CVE-2021-4019, CVE-2021-4069, CVE-2021-3984
Copyright 2021 Cloud Linux Inc
0
- CVE-2021-3974: fix using freed memory with regexp using a mark
- CVE-2021-3984: fix illegal memory access when C-indenting
- CVE-2021-3973: fix crash when using CTRL-W f without finding a file name
- CVE-2021-4019: fix buffer overflow with long help argument
- CVE-2021-4069: fix using freed memory in open command
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-3974: fix using freed memory with regexp using a mark
- CVE-2021-3984: fix illegal memory access when C-indenting
- CVE-2021-3973: fix crash when using CTRL-W f without finding a file name
- CVE-2021-4019: fix buffer overflow with long help argument
- CVE-2021-4069: fix using freed memory in open command
0
cloudlinux-x86_64-server-6
vim-X11-7.4.629-5.2.el6.tuxcare.els4.x86_64.rpm
14534cf71102ac3ee746eaeae18f9e98d2b30f3e
vim-common-7.4.629-5.2.el6.tuxcare.els4.x86_64.rpm
7a03293ae1bea9a68007d40ab8eea93c9f9a4c58
vim-minimal-7.4.629-5.2.el6.tuxcare.els4.x86_64.rpm
d94e387ca73c653cd6020dca1981aff152f0e035
vim-enhanced-7.4.629-5.2.el6.tuxcare.els4.x86_64.rpm
428bac5d4e5c649a16025af4fc16b286b285ed27
vim-filesystem-7.4.629-5.2.el6.tuxcare.els4.x86_64.rpm
88dea6b124e7127fc19585340e5384abfdae67c8
CLSA-2022:1641903536
Fix of 8 CVEs
Copyright 2022 Cloud Linux Inc
0
- CVE-2021-3517.patch: validate UTF8 in xmlEncodeEntities
- CVE-2021-3518.patch: fix user-after-free with 'xmllint --xinclude --dropdtd'
- CVE-2021-3537.patch: propagate error in xmlParseElementChildrenContentDeclPriv
- CVE-2021-3541.patch: parser fix for the billion laughs attack
- CVE-2021-3516.patch: fix use-after-free with 'xmllint --html --push'
- CVE-2017-8872.patch: free input buffer in xmlHaltParser
- CVE-2019-20388.patch: fix memory leak in xmlSchemaValidateStream
- CVE-2020-24977.patch: fix out-of-bounds read with 'xmllint --htmlout'
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-3517.patch: validate UTF8 in xmlEncodeEntities
- CVE-2021-3518.patch: fix user-after-free with 'xmllint --xinclude --dropdtd'
- CVE-2021-3537.patch: propagate error in xmlParseElementChildrenContentDeclPriv
- CVE-2021-3541.patch: parser fix for the billion laughs attack
- CVE-2021-3516.patch: fix use-after-free with 'xmllint --html --push'
- CVE-2017-8872.patch: free input buffer in xmlHaltParser
- CVE-2019-20388.patch: fix memory leak in xmlSchemaValidateStream
- CVE-2020-24977.patch: fix out-of-bounds read with 'xmllint --htmlout'
0
cloudlinux-x86_64-server-6
libxml2-2.7.6-21.el6_8.1.tuxcare.els1.x86_64.rpm
cd966d71b2fb243aaaebc348413cfe2f8134b79b
libxml2-2.7.6-21.el6_8.1.tuxcare.els1.i686.rpm
18944effc5112973b7679485f884ef78028f8119
libxml2-static-2.7.6-21.el6_8.1.tuxcare.els1.x86_64.rpm
796c81d0b7b9e50add6922585322517ed14b3c79
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els1.x86_64.rpm
a76cddb0372606476ff22a90fb8a49cfb6cdec5b
libxml2-python-2.7.6-21.el6_8.1.tuxcare.els1.x86_64.rpm
7959a1ea7c460f66b027c797abc4b2dfac2d6c0d
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els1.i686.rpm
7d45bfeb4a9219027ead864259ebb3b2b24d6d9e
CLSA-2022:1641904053
Fix of 14 CVEs
Copyright 2022 Cloud Linux Inc
0
- CVE-2018-9138: Fix stack exhaustion
- CVE-2018-12641: Fix stack exhaustion
- CVE-2018-12697: Fix NULL pointer dereference
- CVE-2018-12698: Fix memory consumption
- CVE-2018-12699: Fix heap-based buffer overflow
- CVE-2018-12700: Fix infinite recursion
- CVE-2018-17794: Fix NULL pointer dereference
- CVE-2018-17985: Fix recursive calls
- CVE-2018-18484: Fix stack exhaustion
- CVE-2018-18700: Fix stack consumption vulnerability
- CVE-2018-18701: Fix infinite recursion
- CVE-2018-18483: Fix malloc call with the result of an integer-overflowing
- CVE-2018-12934: Fix excessive memory consumption
- CVE-2021-45078: Fix heap-based buffer overflow
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2018-9138: Fix stack exhaustion
- CVE-2018-12641: Fix stack exhaustion
- CVE-2018-12697: Fix NULL pointer dereference
- CVE-2018-12698: Fix memory consumption
- CVE-2018-12699: Fix heap-based buffer overflow
- CVE-2018-12700: Fix infinite recursion
- CVE-2018-17794: Fix NULL pointer dereference
- CVE-2018-17985: Fix recursive calls
- CVE-2018-18484: Fix stack exhaustion
- CVE-2018-18700: Fix stack consumption vulnerability
- CVE-2018-18701: Fix infinite recursion
- CVE-2018-18483: Fix malloc call with the result of an integer-overflowing
- CVE-2018-12934: Fix excessive memory consumption
- CVE-2021-45078: Fix heap-based buffer overflow
0
cloudlinux-x86_64-server-6
binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els4.x86_64.rpm
bb4d2a9420400c729ab32abc51e99b5b0e8cb485
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els4.i686.rpm
1db44ad15ca2b995f1450151bc95016414e88909
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els4.x86_64.rpm
d233f2d5e6a44ef760f4ab9f299326368e0efdf7
CLSA-2022:1642084196
Fix of CVE: CVE-2021-3800
Copyright 2022 Cloud Linux Inc
0
- CVE-2021-3800: Fix privilege escalation
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-3800: Fix privilege escalation
0
cloudlinux-x86_64-server-6
glib2-2.28.8-12.el6.tuxcare.els3.i686.rpm
6bae955c44cf995fddb6d7b24b56613a0951b937
glib2-static-2.28.8-12.el6.tuxcare.els3.x86_64.rpm
a73db20cfd4113ed6da59f61d38ace2527e9d22f
glib2-2.28.8-12.el6.tuxcare.els3.x86_64.rpm
99debb199c5f1a4e28bb0554db20364232b49967
glib2-devel-2.28.8-12.el6.tuxcare.els3.x86_64.rpm
722f10c1bc3b077a9b9284bcc726be5e6925c9ff
glib2-devel-2.28.8-12.el6.tuxcare.els3.i686.rpm
ee7a7dceaf453c2f44f161cb32a4a3c5a514abd1
glib2-doc-2.28.8-12.el6.tuxcare.els3.noarch.rpm
0eb653739094a2d084e38ac9d4a5186ce5a303f1
CLSA-2022:1642087497
Fix of CVE: CVE-2021-4192, CVE-2021-4193
Copyright 2022 Cloud Linux Inc
0
- CVE-2021-4192: fix using freed memory in /\%V
- CVE-2021-4193: fix going beyond the end of the line with /\%V
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-4192: fix using freed memory in /\%V
- CVE-2021-4193: fix going beyond the end of the line with /\%V
0
cloudlinux-x86_64-server-6
vim-enhanced-7.4.629-5.2.el6.tuxcare.els5.x86_64.rpm
e1f0606f268deed28bed205aa35c61a73f5c7641
vim-filesystem-7.4.629-5.2.el6.tuxcare.els5.x86_64.rpm
b37e69937bcdcd8e3b826593d85e056da34653cf
vim-common-7.4.629-5.2.el6.tuxcare.els5.x86_64.rpm
24536d7c586a3d0051b80fad0816b869a2a0a54b
vim-X11-7.4.629-5.2.el6.tuxcare.els5.x86_64.rpm
6f84d723f7bf3d074cc48e93f5f80e7153ad2bb0
vim-minimal-7.4.629-5.2.el6.tuxcare.els5.x86_64.rpm
b53acd9dd0ae6c26ce8ba50b8e10c1b27c58b13d
CLSA-2022:1642429400
Fix of CVE: CVE-2021-4104
Copyright 2022 Cloud Linux Inc
0
- CVE-2021-4104: Fix remote code execution vulnerability
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-4104: Fix remote code execution vulnerability
0
cloudlinux-x86_64-server-6
log4j-javadoc-1.2.14-6.4.el6.tuxcare.els1.x86_64.rpm
cd49d1dfdd51b04d07ca3253f95fc8172cdabafb
log4j-1.2.14-6.4.el6.tuxcare.els1.x86_64.rpm
23ccfa96324d5ff4d5f5412fcbfa55f27aec388d
log4j-manual-1.2.14-6.4.el6.tuxcare.els1.x86_64.rpm
fd5df237f7b53f232ee4c47d010e26522f739c92
CLSA-2022:1643112395
Fix of CVE: CVE-2021-44038
Copyright 2022 Cloud Linux Inc
0
- CVE-2021-44038: low privilege escalation during package installation/update due to
insecure chmod in spec file.
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-44038: low privilege escalation during package installation/update due to
insecure chmod in spec file.
0
cloudlinux-x86_64-server-6
quagga-devel-0.99.15-14.el6.tuxcare.els1.i686.rpm
7a8af437b66602c609892f021c7c1c1881b28182
quagga-devel-0.99.15-14.el6.tuxcare.els1.x86_64.rpm
8d5f84a1a17b3d71c1de3254ada091c07ff9e265
quagga-contrib-0.99.15-14.el6.tuxcare.els1.x86_64.rpm
9cd3d28e4629464c564dd9bd61a19b3e92c9af0d
quagga-0.99.15-14.el6.tuxcare.els1.x86_64.rpm
c979bfcc4a166aa77d9ff0f64ba75817e75cb223
CLSA-2022:1643211942
Fix of CVE: CVE-2021-4034
Copyright 2022 Cloud Linux Inc
0
- CVE-2021-4034: pkexec: argv overflow results in local privilege esc.
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-4034: pkexec: argv overflow results in local privilege esc.
0
cloudlinux-x86_64-server-6
polkit-devel-0.96-11.el6_10.1.tuxcare.els1.i686.rpm
5750d38410012dee9959dd400450852759294e59
polkit-0.96-11.el6_10.1.tuxcare.els1.i686.rpm
80ad715a4ef49af5cc6455d0bf7f226455dfba1a
polkit-docs-0.96-11.el6_10.1.tuxcare.els1.x86_64.rpm
09f22c2d717703e4607502dca1042ced04435118
polkit-0.96-11.el6_10.1.tuxcare.els1.x86_64.rpm
359422891e60b6f3c6d0cf88c9baada8d4f6081b
polkit-desktop-policy-0.96-11.el6_10.1.tuxcare.els1.noarch.rpm
8099159a2d25f9a3107c761fc28eddeb8010e153
polkit-devel-0.96-11.el6_10.1.tuxcare.els1.x86_64.rpm
600584d4ffeb513dd03557c0d8cb826f374fd3d5
CLSA-2022:1643640508
Fix of CVE: CVE-2022-0261, CVE-2022-0213
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-0213: fix going over the end of status line buffer
- CVE-2022-0261: fix block insert goes over the end of the line
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-0213: fix going over the end of status line buffer
- CVE-2022-0261: fix block insert goes over the end of the line
0
cloudlinux-x86_64-server-6
vim-common-7.4.629-5.2.el6.tuxcare.els6.x86_64.rpm
0769bd770d9e5cc1846ddac8fbac0b3072a2c0e4
vim-filesystem-7.4.629-5.2.el6.tuxcare.els6.x86_64.rpm
16dae484345b85dc5d8f3132135a9a22c57beb4b
vim-X11-7.4.629-5.2.el6.tuxcare.els6.x86_64.rpm
21acb5a2d76fa5b91c3f2260eb9e35842eedef8c
vim-enhanced-7.4.629-5.2.el6.tuxcare.els6.x86_64.rpm
5e89e69cfa075b37e9fc5601a2ab88677c3fcfc9
vim-minimal-7.4.629-5.2.el6.tuxcare.els6.x86_64.rpm
14108208345488954421f3ed4913db131b603545
CLSA-2022:1643818516
Fix of CVE: CVE-2022-23218, CVE-2022-23219
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-23218: fix possible buffer overflow in svcunix_create
- CVE-2022-23219: fix possible buffer overflow in clnt_create
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-23218: fix possible buffer overflow in svcunix_create
- CVE-2022-23219: fix possible buffer overflow in clnt_create
0
cloudlinux-x86_64-server-6
glibc-headers-2.12-2.215.el6.tuxcare.els6.x86_64.rpm
dad87693668a7acdf12d9fa51818ea9ba545e14b
glibc-static-2.12-2.215.el6.tuxcare.els6.i686.rpm
72b5a28a700f04e46e972f1f6c0529ddcc18e3ff
glibc-2.12-2.215.el6.tuxcare.els6.x86_64.rpm
91be09445b280626b553437bee82ed934a2b2346
glibc-utils-2.12-2.215.el6.tuxcare.els6.x86_64.rpm
58213874c9957613cc3ebac80d26ed586958f204
glibc-devel-2.12-2.215.el6.tuxcare.els6.x86_64.rpm
06c68b8a2c96f560312f07576184d0975edfec70
glibc-common-2.12-2.215.el6.tuxcare.els6.x86_64.rpm
74db17c01740c5aa6b3fb33943c30b8685501a2b
glibc-static-2.12-2.215.el6.tuxcare.els6.x86_64.rpm
1e8339fc0e8e5d791a8cbd820a18c83a6d9c6cbd
glibc-2.12-2.215.el6.tuxcare.els6.i686.rpm
fb30d6dc9135cae1b0f176b97b87ef26cfc22c1e
glibc-devel-2.12-2.215.el6.tuxcare.els6.i686.rpm
4db61e412688e7ecd72cc45fc7f5c894238afa51
nscd-2.12-2.215.el6.tuxcare.els6.x86_64.rpm
b25d3e333da1dc3e890d454114024e644aeaf115
CLSA-2022:1643918500
Fix of CVE: CVE-2022-23305
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-23305: disable JDBCAppender by default. Add optional parameter for
enabling it.
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-23305: disable JDBCAppender by default. Add optional parameter for
enabling it.
0
cloudlinux-x86_64-server-6
log4j-1.2.14-6.4.el6.tuxcare.els2.x86_64.rpm
8d62e191501c7b68d33517dd7d4a3a53cb276a0d
log4j-manual-1.2.14-6.4.el6.tuxcare.els2.x86_64.rpm
9817c1419eea0e25a0f3c7f24ba35c7a978dde2d
log4j-javadoc-1.2.14-6.4.el6.tuxcare.els2.x86_64.rpm
c17a7a8ad6578ce6fc04b4c5c562aad8fa5c44b1
CLSA-2022:1644500972
Fix of CVE: CVE-2022-23307, CVE-2022-23302
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-23307: Fix Unsafe deserialization flaw in Chainsaw log viewer
- CVE-2022-23302: Fix remote code execution when application is configured to use JMSSink
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-23307: Fix Unsafe deserialization flaw in Chainsaw log viewer
- CVE-2022-23302: Fix remote code execution when application is configured to use JMSSink
0
cloudlinux-x86_64-server-6
log4j-manual-1.2.14-6.4.el6.tuxcare.els3.x86_64.rpm
0550ade6da97ee3fa2841fef86e2dd49ae139239
log4j-1.2.14-6.4.el6.tuxcare.els3.x86_64.rpm
4519b1ffed51fd76f4c6c4e524fb005fa124fe2c
log4j-javadoc-1.2.14-6.4.el6.tuxcare.els3.x86_64.rpm
d622b6d6b557c51ad198336cb290af7e18a4d3e2
CLSA-2022:1644855718
Fix of CVE: CVE-2022-0351, CVE-2022-0368, CVE-2022-0359, CVE-2022-0361
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-0351: fix crash caused by too depth recursion
- CVE-2022-0359: fix illegal memory access with large tabstop in ex mode
- CVE-2022-0361: fix illegal memory access when copying lines in visual mode
- CVE-2022-0368: fix illegal memory access when undo makes visual area invalid
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-0351: fix crash caused by too depth recursion
- CVE-2022-0359: fix illegal memory access with large tabstop in ex mode
- CVE-2022-0361: fix illegal memory access when copying lines in visual mode
- CVE-2022-0368: fix illegal memory access when undo makes visual area invalid
0
cloudlinux-x86_64-server-6
vim-filesystem-7.4.629-5.2.el6.tuxcare.els7.x86_64.rpm
d5a7d1755782adf3aac18453997bbfdafcb9f20b
vim-enhanced-7.4.629-5.2.el6.tuxcare.els7.x86_64.rpm
c59429a28a70be9bc7a5034ca133542de8c778cf
vim-minimal-7.4.629-5.2.el6.tuxcare.els7.x86_64.rpm
97e77239701577274dfdcef1dd1d1be938ab9f42
vim-X11-7.4.629-5.2.el6.tuxcare.els7.x86_64.rpm
03d98d92ecbd72ba3d7133cb5b18667c19d3f685
vim-common-7.4.629-5.2.el6.tuxcare.els7.x86_64.rpm
88aaa0004103552dda958dd7f3f33a747cd5742f
CLSA-2022:1645466182
Fix of CVE: CVE-2022-0413, CVE-2022-0417, CVE-2022-0408, CVE-2022-0443
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-0408: fix stack corruption when looking for spell suggestions
- CVE-2022-0413: fix using freed memory when substitute with function call
- CVE-2022-0417: fix illegal memory access caused by ':retab 0'
- CVE-2022-0443: fix using freed memory with ':lopen' and ':bwipe'
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-0408: fix stack corruption when looking for spell suggestions
- CVE-2022-0413: fix using freed memory when substitute with function call
- CVE-2022-0417: fix illegal memory access caused by ':retab 0'
- CVE-2022-0443: fix using freed memory with ':lopen' and ':bwipe'
0
cloudlinux-x86_64-server-6
vim-X11-7.4.629-5.2.el6.tuxcare.els8.x86_64.rpm
eb0c7908afa022edb20da9a89bbc0f3f56a67787
vim-common-7.4.629-5.2.el6.tuxcare.els8.x86_64.rpm
5dd1ac25418a8c37b8d0e06beb2be95cf995dd62
vim-filesystem-7.4.629-5.2.el6.tuxcare.els8.x86_64.rpm
1c24a28db10689ad3300501a4e441ffb044643ff
vim-enhanced-7.4.629-5.2.el6.tuxcare.els8.x86_64.rpm
ddfe9bd945af1be73da23ea28bb73637db163248
vim-minimal-7.4.629-5.2.el6.tuxcare.els8.x86_64.rpm
779da1660d92a482c6f85d50ee68b0a343d5537a
CLSA-2022:1646060797
Fix of CVE: CVE-2022-24407
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-24407: Fix failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-24407: Fix failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands
0
cloudlinux-x86_64-server-6
cyrus-sasl-plain-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm
89d708870842d0ad02583e57c713a8d55de6194e
cyrus-sasl-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm
23475314ca1fa90a3ded4ff1d81ad97a133b24c1
cyrus-sasl-lib-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm
3091a74971126a89b35bfec7d3faf6199b0fca3f
cyrus-sasl-ntlm-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm
ce53648100e5b501e5495192bc5ecb4b225bf857
cyrus-sasl-gssapi-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm
da4cb818d8cf282f8e4a3e9588efca140c086c62
cyrus-sasl-devel-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm
575c74ddc098ab47fb080f1d6a083549ae04e278
cyrus-sasl-ldap-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm
cfaf1ccc761829aca5d869a6635add3bb6a3a6c5
cyrus-sasl-gssapi-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm
8bb6e7d77977c8232b3b20c8332394681776b869
cyrus-sasl-md5-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm
0a102f6eea8e7f53978dae2daa81a41cdd795da5
cyrus-sasl-lib-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm
91c4e532c13da0085109a04a23aff2e599f3e229
cyrus-sasl-devel-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm
5daa745dd9b046aaf6ba486dd04233dfa5cdf42d
cyrus-sasl-ntlm-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm
f9e533baee6b8a336bbc74a324fab71d89deb860
cyrus-sasl-plain-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm
7adbedc6c96ae10176a1fd2fb5172383161b39b1
cyrus-sasl-ldap-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm
9aed97374db3d4d0c9756feb3330cf02ce9b01a7
cyrus-sasl-sql-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm
81f5704e2e5aaee96ac2777b06b879b0eeaf9d59
cyrus-sasl-sql-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm
7c394920ffec05628deb38865fead9f7bd1dffe1
cyrus-sasl-md5-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm
274fa2652e87f692c3188d169f132d9ab8dcf3da
CLSA-2022:1646665957
Fix of CVE: CVE-2022-0391
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-0391: Add stripping ASCII newline and tabs from the url by urllib.parse
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-0391: Add stripping ASCII newline and tabs from the url by urllib.parse
0
cloudlinux-x86_64-server-6
python-libs-2.6.6-70.el6.tuxcare.els5.i686.rpm
15493aa5acf266668a5ff328f2a6b10b2cfd3274
python-test-2.6.6-70.el6.tuxcare.els5.x86_64.rpm
0953bfec45b136bb51a481643379f7d1b43b53c1
python-devel-2.6.6-70.el6.tuxcare.els5.i686.rpm
3b0d81faf32f458f3ddee77530d2d56253478c94
python-2.6.6-70.el6.tuxcare.els5.x86_64.rpm
34663b2bc470189448a769d9594d7afc6dde0a42
python-libs-2.6.6-70.el6.tuxcare.els5.x86_64.rpm
d4d9628929343f5c146ffb1dfeb28311537eba7b
python-2.6.6-70.el6.tuxcare.els5.i686.rpm
6cd91c4b4db95027cb006eeca72fa1e9d1ddc3b6
python-tools-2.6.6-70.el6.tuxcare.els5.x86_64.rpm
818f90a880494404d76f5d457a74394e99d3a610
tkinter-2.6.6-70.el6.tuxcare.els5.x86_64.rpm
efa28144a87e6051a7c071e53dac77d981d3ded0
python-devel-2.6.6-70.el6.tuxcare.els5.x86_64.rpm
4ef8d129b6e9e32351ba7fe1cfbc219c9a266a89
CLSA-2022:1646915237
Fix of CVE: CVE-2022-0554, CVE-2022-0729, CVE-2022-0685, CVE-2022-0572
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-0554: fix ending up with no current buffer
- CVE-2022-0572: fix crashing when repeatedly using :retab
- CVE-2022-0685: fix crashing when using special multi-byte character
- CVE-2022-0729: fix crashing with specific regexp pattern and string
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-0554: fix ending up with no current buffer
- CVE-2022-0572: fix crashing when repeatedly using :retab
- CVE-2022-0685: fix crashing when using special multi-byte character
- CVE-2022-0729: fix crashing with specific regexp pattern and string
0
cloudlinux-x86_64-server-6
vim-enhanced-7.4.629-5.2.el6.tuxcare.els9.x86_64.rpm
1378309023ac5b571715266e62c49c7c618a6115
vim-common-7.4.629-5.2.el6.tuxcare.els9.x86_64.rpm
04e6b58eabc6a9c5b7573e4d878ec1951bb9ec2c
vim-X11-7.4.629-5.2.el6.tuxcare.els9.x86_64.rpm
3eadb308ad575af5150056d04bf4a791582d9b65
vim-minimal-7.4.629-5.2.el6.tuxcare.els9.x86_64.rpm
52dada759b9f256245dcc307b8dbbba33334b918
vim-filesystem-7.4.629-5.2.el6.tuxcare.els9.x86_64.rpm
ede9842be688b21ac46c0980f3685aa14f4cc742
CLSA-2022:1646935701
Update of ca-certificates
Copyright 2022 Cloud Linux Inc
0
- remove old certificate
- Removing:
- # Certificate "DST Root CA X3"
- Update to CKBI 2.50 from NSS 3.67
- Update to CKBI 2.48 from NSS 3.66
- Removing:
- # Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
- # Certificate "GeoTrust Global CA"
- # Certificate "GeoTrust Universal CA"
- # Certificate "GeoTrust Universal CA 2"
- # Certificate "QuoVadis Root CA"
- # Certificate "Sonera Class 2 Root CA"
- # Certificate "Taiwan GRCA"
- # Certificate "GeoTrust Primary Certification Authority"
- # Certificate "thawte Primary Root CA"
- # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5"
- # Certificate "GeoTrust Primary Certification Authority - G3"
- # Certificate "thawte Primary Root CA - G2"
- # Certificate "thawte Primary Root CA - G3"
- # Certificate "GeoTrust Primary Certification Authority - G2"
- # Certificate "VeriSign Universal Root Certification Authority"
- # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4"
- # Certificate "Trustis FPS Root CA"
- # Certificate "EE Certification Centre Root CA"
- # Certificate "LuxTrust Global Root 2"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G4"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G4"
- Adding:
- # Certificate "Microsoft ECC Root Certificate Authority 2017"
- # Certificate "Microsoft RSA Root Certificate Authority 2017"
- # Certificate "e-Szigno Root CA 2017"
- # Certificate "certSIGN Root CA G2"
- # Certificate "Trustwave Global Certification Authority"
- # Certificate "Trustwave Global ECC P256 Certification Authority"
- # Certificate "Trustwave Global ECC P384 Certification Authority"
- # Certificate "NAVER Global Root Certification Authority"
- # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS"
- # Certificate "GlobalSign Secure Mail Root R45"
- # Certificate "GlobalSign Secure Mail Root E45"
- # Certificate "GlobalSign Root R46"
- # Certificate "GlobalSign Root E46"
- # Certificate "GLOBALTRUST 2020"
- # Certificate "ANF Secure Server Root CA"
- # Certificate "Certum EC-384 CA"
- # Certificate "Certum Trusted Root CA"
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- remove old certificate
- Removing:
- # Certificate "DST Root CA X3"
- Update to CKBI 2.50 from NSS 3.67
- Update to CKBI 2.48 from NSS 3.66
- Removing:
- # Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
- # Certificate "GeoTrust Global CA"
- # Certificate "GeoTrust Universal CA"
- # Certificate "GeoTrust Universal CA 2"
- # Certificate "QuoVadis Root CA"
- # Certificate "Sonera Class 2 Root CA"
- # Certificate "Taiwan GRCA"
- # Certificate "GeoTrust Primary Certification Authority"
- # Certificate "thawte Primary Root CA"
- # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5"
- # Certificate "GeoTrust Primary Certification Authority - G3"
- # Certificate "thawte Primary Root CA - G2"
- # Certificate "thawte Primary Root CA - G3"
- # Certificate "GeoTrust Primary Certification Authority - G2"
- # Certificate "VeriSign Universal Root Certification Authority"
- # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4"
- # Certificate "Trustis FPS Root CA"
- # Certificate "EE Certification Centre Root CA"
- # Certificate "LuxTrust Global Root 2"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G4"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G4"
- Adding:
- # Certificate "Microsoft ECC Root Certificate Authority 2017"
- # Certificate "Microsoft RSA Root Certificate Authority 2017"
- # Certificate "e-Szigno Root CA 2017"
- # Certificate "certSIGN Root CA G2"
- # Certificate "Trustwave Global Certification Authority"
- # Certificate "Trustwave Global ECC P256 Certification Authority"
- # Certificate "Trustwave Global ECC P384 Certification Authority"
- # Certificate "NAVER Global Root Certification Authority"
- # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS"
- # Certificate "GlobalSign Secure Mail Root R45"
- # Certificate "GlobalSign Secure Mail Root E45"
- # Certificate "GlobalSign Root R46"
- # Certificate "GlobalSign Root E46"
- # Certificate "GLOBALTRUST 2020"
- # Certificate "ANF Secure Server Root CA"
- # Certificate "Certum EC-384 CA"
- # Certificate "Certum Trusted Root CA"
0
cloudlinux-x86_64-server-6
ca-certificates-2021.2.50-60.1.el6.tuxcare.els1.noarch.rpm
40696b4e225e6b0325ee6421425f90cd707ad0cc
CLSA-2022:1647255880
Fix of CVE: CVE-2022-23308
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-23308: fix use-after-free of ID and IDREF attributes
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-23308: fix use-after-free of ID and IDREF attributes
0
cloudlinux-x86_64-server-6
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els2.i686.rpm
94307e6189df72dd34c083e921f8142da260c0bf
libxml2-2.7.6-21.el6_8.1.tuxcare.els2.i686.rpm
67bc936fb73b6f11dacd31a4e1ef4f3ed8e9390e
libxml2-2.7.6-21.el6_8.1.tuxcare.els2.x86_64.rpm
d4f1f639eb86cef08df9721f01736c13ec91d413
libxml2-static-2.7.6-21.el6_8.1.tuxcare.els2.x86_64.rpm
a9c79d07d089594a7511971ade22468b225a8911
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els2.x86_64.rpm
5db5d772b2198ccd676b45e20c53ae0e7f6bf55e
libxml2-python-2.7.6-21.el6_8.1.tuxcare.els2.x86_64.rpm
122c58584ef20bc3e6fe968e3cb24f64ffd5c84f
CLSA-2022:1647550273
Fix of CVE: CVE-2022-0778
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-0778: Fix possible infinite loop in BN_mod_sqrt()
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-0778: Fix possible infinite loop in BN_mod_sqrt()
0
cloudlinux-x86_64-server-6
openssl-1.0.1e-63.el6.tuxcare.els6.x86_64.rpm
964d2c50070921d534b27122dd7a99dd89cbf014
openssl-devel-1.0.1e-63.el6.tuxcare.els6.i686.rpm
93475f2676d0b6cebfe0b76a3d647bbf0fdbf480
openssl-perl-1.0.1e-63.el6.tuxcare.els6.x86_64.rpm
9b0c74437f923dfcf7f9bf3375ae010e54edaa36
openssl-1.0.1e-63.el6.tuxcare.els6.i686.rpm
9a523f54336c77708b1c75f06577b7813f8f0daf
openssl-static-1.0.1e-63.el6.tuxcare.els6.x86_64.rpm
63924936a1d17368b86829d3175bd22307f65129
openssl-devel-1.0.1e-63.el6.tuxcare.els6.x86_64.rpm
1ffe2108d2fb03a6b99481f5a8e23ad3a3f96e60
CLSA-2022:1647958513
Fix of CVE: CVE-2021-3737
Copyright 2022 Cloud Linux Inc
0
- CVE-2021-3737: Fix HTTP client infinite line reading (DoS) after receiving a '100 Continue' HTTP response
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-3737: Fix HTTP client infinite line reading (DoS) after receiving a '100 Continue' HTTP response
0
cloudlinux-x86_64-server-6
python-2.6.6-70.el6.tuxcare.els6.x86_64.rpm
a455985ac4e0388fda42fd65587ec0ced30a7bb3
tkinter-2.6.6-70.el6.tuxcare.els6.x86_64.rpm
b763390cb9441a316d596c5040276eba6b9da347
python-test-2.6.6-70.el6.tuxcare.els6.x86_64.rpm
588f41610cee383791ac8a1fca466c5118599fa4
python-tools-2.6.6-70.el6.tuxcare.els6.x86_64.rpm
d60b12451b55cc9794c988c447e1ca95b10c403e
python-libs-2.6.6-70.el6.tuxcare.els6.x86_64.rpm
003a7fd932e620443bd82d57fe45a3613d7e1ff2
python-devel-2.6.6-70.el6.tuxcare.els6.x86_64.rpm
7777eaa520ec2daf6346163789c9851b7cf73a89
python-devel-2.6.6-70.el6.tuxcare.els6.i686.rpm
6fd7e9b409f03d1b8c96395a6e58a007bf020e69
python-2.6.6-70.el6.tuxcare.els6.i686.rpm
8a64285024391b3d54a7d46e7e37775e0d9bcc14
python-libs-2.6.6-70.el6.tuxcare.els6.i686.rpm
36d449b722848960389e8a9b7389b4b7545f85a4
CLSA-2022:1648136177
Fix of CVE: CVE-2022-22721, CVE-2022-22720
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-22720: simpler connection close logic if discarding the request body fails
- CVE-2022-22721: make sure and check that LimitXMLRequestBody fits in system memory
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-22720: simpler connection close logic if discarding the request body fails
- CVE-2022-22721: make sure and check that LimitXMLRequestBody fits in system memory
0
cloudlinux-x86_64-server-6
httpd-devel-2.2.15-72.el6.tuxcare.els4.i686.rpm
dbab50dca1af5309e76bdec0bf000dc0e77b54a7
mod_ssl-2.2.15-72.el6.tuxcare.els4.x86_64.rpm
675b03a7fb6dc9217a0a773d87c407d705ce60c6
httpd-devel-2.2.15-72.el6.tuxcare.els4.x86_64.rpm
77fb4f6a02e581a2bbb472a6e6b43fda0a7d6bcc
httpd-tools-2.2.15-72.el6.tuxcare.els4.x86_64.rpm
e1fae3b5106171f354c4965c45f8d051e6ba1170
httpd-manual-2.2.15-72.el6.tuxcare.els4.noarch.rpm
b85e40564b7fd2a9d18654b7df42c22091c784da
httpd-2.2.15-72.el6.tuxcare.els4.x86_64.rpm
3be2130e9fc791e05a8318bb218e1665c52ea925
CLSA-2022:1648138117
Fix of CVE: CVE-2021-3999
Copyright 2022 Cloud Linux Inc
0
- CVE-2021-3999: fix single byte buffer overflow and overflow in getcwd
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-3999: fix single byte buffer overflow and overflow in getcwd
0
cloudlinux-x86_64-server-6
glibc-devel-2.12-2.215.el6.tuxcare.els7.i686.rpm
a76af3e2a5378df9db08e403475fbdf20524bbe6
glibc-2.12-2.215.el6.tuxcare.els7.i686.rpm
e4ca55508e61f38ef29628ab0096d28622882958
glibc-2.12-2.215.el6.tuxcare.els7.x86_64.rpm
1762f0332debfe425aed5a5872262d5fa3647280
glibc-devel-2.12-2.215.el6.tuxcare.els7.x86_64.rpm
2fd4cf49836700423ddaf6ba990fd8ca279155c6
glibc-static-2.12-2.215.el6.tuxcare.els7.x86_64.rpm
b283e29b44b405b047c4a39843830284d32d4b03
glibc-static-2.12-2.215.el6.tuxcare.els7.i686.rpm
6209c9455fbd1b366fbdb33a148e066ba6d1cbb2
glibc-common-2.12-2.215.el6.tuxcare.els7.x86_64.rpm
ab574837fbd3c3a64d8cda330acf2de2676d1752
glibc-headers-2.12-2.215.el6.tuxcare.els7.x86_64.rpm
018ed3d0cc650899032def864d0d8d68c29a247f
glibc-utils-2.12-2.215.el6.tuxcare.els7.x86_64.rpm
964bebd079d79a5c9fe48fdc60a1718b7059c286
nscd-2.12-2.215.el6.tuxcare.els7.x86_64.rpm
3a861c277437f7eacbcd69be1187a6b42bfa94b9
CLSA-2022:1649170979
Fix of CVE: CVE-2022-0943
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-0943: fix heap-based buffer overflow
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-0943: fix heap-based buffer overflow
0
cloudlinux-x86_64-server-6
vim-filesystem-7.4.629-5.2.el6.tuxcare.els10.x86_64.rpm
edcf782b7fd2874179f96db044d1d12c6eb9f8cf
vim-common-7.4.629-5.2.el6.tuxcare.els10.x86_64.rpm
1f75e613db500faa333b93b7d6f57a2acd752fc7
vim-X11-7.4.629-5.2.el6.tuxcare.els10.x86_64.rpm
e8ba7464083b6fb554ef5f354f463d10e063196a
vim-minimal-7.4.629-5.2.el6.tuxcare.els10.x86_64.rpm
33a1cf64db75678b9c7719a909e6dfa83c9c0992
vim-enhanced-7.4.629-5.2.el6.tuxcare.els10.x86_64.rpm
84a2a1b558184a05a8996c580a0329625e57d0b8
CLSA-2022:1649171018
Fix of CVE: CVE-2022-0547
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-0547: Fix authentication bypass via multiple deferred authentication plug-ins
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-0547: Fix authentication bypass via multiple deferred authentication plug-ins
0
cloudlinux-x86_64-server-6
openvpn-2.4.9-1.el6.tuxcare.els1.x86_64.rpm
7505e93688fd0f8d0903756b9b7e71a642fbd5b5
openvpn-devel-2.4.9-1.el6.tuxcare.els1.i686.rpm
9b5aa2230ce9d4b9604c5ebf2413bfacec6ffa0f
openvpn-devel-2.4.9-1.el6.tuxcare.els1.x86_64.rpm
1302c724e30fe5154382d49e7a9fb0e759f655b5
CLSA-2022:1649331579
Fix of CVE: CVE-2021-25220
Copyright 2022 Cloud Linux Inc
0
- CVE-2021-25220: fix possible cache poisoning from forwarder responses
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-25220: fix possible cache poisoning from forwarder responses
0
cloudlinux-x86_64-server-6
bind-9.8.2-0.68.rc1.el6.11.tuxcare.els4.x86_64.rpm
323b3c8365467a1917e3a2bc7a8cf3d1b12160bd
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els4.x86_64.rpm
a31fdf57883725de5458bb52625d7fadfd36faad
bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els4.x86_64.rpm
519c83ec818b18b2eb9df398bb1467fae6511121
bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els4.x86_64.rpm
4964932f4022e53b401c473596ca909647a98ac4
bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els4.x86_64.rpm
eb85abce41c818a8e9dedec73a0a492fb6bd4e03
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els4.i686.rpm
be06d06deda3e4046b05639e14e0c7dc076382e4
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els4.i686.rpm
1c096825f87f29cb3f93a91dfb105f6a1e9f3a84
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els4.x86_64.rpm
572ffc3707f4c4ba735ca15de10fbccf4d0188eb
CLSA-2022:1649695619
Fix of CVE: CVE-2021-3618
Copyright 2022 Cloud Linux Inc
0
- CVE-2021-3618: drop the connection after reaching the specified number of
invalid protocol commmands
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-3618: drop the connection after reaching the specified number of
invalid protocol commmands
0
cloudlinux-x86_64-server-6
nginx-mod-http-geoip-1.10.3-4.el6.tuxcare.els4.x86_64.rpm
256c0370c42cd5b6fff9b45a8612e0644c809181
nginx-mod-http-image-filter-1.10.3-4.el6.tuxcare.els4.x86_64.rpm
8bebe45acb270ad4d057ad1af8212c05351d0f2b
nginx-all-modules-1.10.3-4.el6.tuxcare.els4.noarch.rpm
9d189c1148ff7c8031816cc3d8a0a60a675ab00b
nginx-filesystem-1.10.3-4.el6.tuxcare.els4.noarch.rpm
89bcaffcefebeae5dbfddb8c7ef428318647e6a0
nginx-mod-http-xslt-filter-1.10.3-4.el6.tuxcare.els4.x86_64.rpm
496aed35a01076c7f98add281e249bb1a9f315af
nginx-1.10.3-4.el6.tuxcare.els4.x86_64.rpm
6e8c34b30aba8a12fdb1b97c7ede931f35d5de3c
nginx-mod-http-perl-1.10.3-4.el6.tuxcare.els4.x86_64.rpm
1fe92a6c21ab200cd270f8bc415560af61e7fdbb
nginx-mod-stream-1.10.3-4.el6.tuxcare.els4.x86_64.rpm
789af0456d8a86181bc55a3b23a175382be79e07
nginx-mod-mail-1.10.3-4.el6.tuxcare.els4.x86_64.rpm
61eb6191bbe3342eebe5646edd6e90e2d9161f5a
CLSA-2022:1649869347
Fix of CVE: CVE-2022-1154
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-1154: fix buffer usage after free
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-1154: fix buffer usage after free
0
cloudlinux-x86_64-server-6
vim-minimal-7.4.629-5.2.el6.tuxcare.els11.x86_64.rpm
1eb0c235ecfc361cca32924fb53edc1f2b814fd0
vim-filesystem-7.4.629-5.2.el6.tuxcare.els11.x86_64.rpm
ead37cf37ee14a072549b70218907102aa1ef27a
vim-enhanced-7.4.629-5.2.el6.tuxcare.els11.x86_64.rpm
5ecd3d17bcb9010b275f5914c700f74ff4e93a59
vim-common-7.4.629-5.2.el6.tuxcare.els11.x86_64.rpm
d7dc78f7029a2211116345b74ca491759a2277d8
vim-X11-7.4.629-5.2.el6.tuxcare.els11.x86_64.rpm
c5effb4d34bdb6e23bcbc85df2623ea748ef7f08
CLSA-2022:1650376845
Update of microcode_ctl
Copyright 2022 Cloud Linux Inc
0
- Update Intel CPU microcode to microcode-20220207 release:
- Fixes in releasenote.md file.
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Update Intel CPU microcode to microcode-20220207 release:
- Fixes in releasenote.md file.
0
cloudlinux-x86_64-server-6
microcode_ctl-1.17-33.37.el6_10.tuxcare.els.x86_64.rpm
24f733f9671f96478d3c734aba2ec9a343dd4be2
CLSA-2022:1650376937
Fix of CVE: CVE-2022-28391
Copyright 2022 Cloud Linux Inc
0
- CVE-2022-28391: fix possible terminal injection attacks from DNS query results
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-28391: fix possible terminal injection attacks from DNS query results
0
cloudlinux-x86_64-server-6
busybox-1.15.1-21.el6_6.tuxcare.els1.x86_64.rpm
f135c090bc85ec09f3bb7ce7386ae521f2a884a4
busybox-petitboot-1.15.1-21.el6_6.tuxcare.els1.x86_64.rpm
46bb4ca698a7a06af388bb81ee9e257077b8c74e
CLSA-2022:1650377026
Fix of CVE: CVE-2021-3609, CVE-2022-28390
Copyright 2022 Cloud Linux Inc
0
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path [ELSCVE-3847] {CVE-2022-28390}
- can: bcm: delay release of struct bcm_op after synchronize_rcu() [ELSCVE-1694] {CVE-2021-3609}
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path [ELSCVE-3847] {CVE-2022-28390}
- can: bcm: delay release of struct bcm_op after synchronize_rcu() [ELSCVE-1694] {CVE-2021-3609}
0
cloudlinux-x86_64-server-6
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els9.noarch.rpm
c7e4d3e2ec7f907001bb6b20490c75f7a0468b78
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els9.noarch.rpm
41fb9230c1d5aaa6bfbeec5aaf116a88c70cc2ec
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els9.noarch.rpm
b34df554c8a9783ce4f1aa7f798c56208cdb5920
CLSA-2022:1650377052
Fix of CVE: CVE-2022-28390, CVE-2021-3609
Copyright 2022 Cloud Linux Inc
0
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path [ELSCVE-3847] {CVE-2022-28390}
- can: bcm: delay release of struct bcm_op after synchronize_rcu() [ELSCVE-1694] {CVE-2021-3609}
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path [ELSCVE-3847] {CVE-2022-28390}
- can: bcm: delay release of struct bcm_op after synchronize_rcu() [ELSCVE-1694] {CVE-2021-3609}
0
cloudlinux-x86_64-server-6
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els9.x86_64.rpm
40b2d075a173aefb3ae0fc5df1054b97b65df8db
perf-2.6.32-754.35.8.el6.tuxcare.els9.x86_64.rpm
a8f5ff388d72b32e42952335c4237ddc80cac0a0
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els9.i686.rpm
24a2231fba76b34b589546883242869670b10d5f
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els9.x86_64.rpm
41505575a54252aeedf324ef14b009f9cf2fd3ce
perf-2.6.32-754.35.8.el6.tuxcare.els9.i686.rpm
59f4f849ec1dc92441ea65ae7cc6a6b3b884eccc
python-perf-2.6.32-754.35.8.el6.tuxcare.els9.x86_64.rpm
205dc1dfd40a0ca4abbceeaa146bcfff47469554
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els9.x86_64.rpm
b026cb79bb112e0f272038621108a59c85de1932
kernel-2.6.32-754.35.8.el6.tuxcare.els9.x86_64.rpm
1c53173d9f5bf91914a786b4a62901819e353345
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els9.x86_64.rpm
923945b7af9bc59d783e1b057936c9d13716978b
CLSA-2022:1650575725
Update of php 5.3: Fix segfault during graceful Apache restart
Copyright 2022 Cloud Linux Inc
0
- ELS-42: Fix segfault during graceful Apache restart
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- ELS-42: Fix segfault during graceful Apache restart
0
cloudlinux-x86_64-server-6
php-odbc-5.3.3-53.el6.cloudlinux.x86_64.rpm
23fa416cc556f8c36be1b164abf4e743df8edf8e
php-mysql-5.3.3-53.el6.cloudlinux.x86_64.rpm
14504cbdf8cc580de9c914c919d7e2857c84ca96
php-soap-5.3.3-53.el6.cloudlinux.x86_64.rpm
df4fe305325a03f354b8713f1796574c4b81a70b
php-cli-5.3.3-53.el6.cloudlinux.x86_64.rpm
40856e67b9370e44b99e8c61fa5c81044a71cb0c
php-xml-5.3.3-53.el6.cloudlinux.x86_64.rpm
7faa00661708ea2795f89a472b204bf9f91f22af
php-gd-5.3.3-53.el6.cloudlinux.x86_64.rpm
c4ba8eba68e9df70c18f6d517359729d1952e30c
php-zts-5.3.3-53.el6.cloudlinux.x86_64.rpm
fa85fb3aeb902708cda0b4c7feb518102ef07bb6
php-snmp-5.3.3-53.el6.cloudlinux.x86_64.rpm
faf6eb8c408a9ca43d7423ee104a7e92ca390f85
php-5.3.3-53.el6.cloudlinux.x86_64.rpm
a91e636919a9569593a4026a23d2e5161ba524b1
php-dba-5.3.3-53.el6.cloudlinux.x86_64.rpm
892d23099e8483be769a36d4489f5db544f3b716
php-pspell-5.3.3-53.el6.cloudlinux.x86_64.rpm
1de22fca0369e1289c388533d3b1708033e801ce
php-pdo-5.3.3-53.el6.cloudlinux.x86_64.rpm
beaa959343f44f88f2ebbabcc246c298b710b840
php-fpm-5.3.3-53.el6.cloudlinux.x86_64.rpm
b9c3276e72c8ed0543f9ab9fcf3d50b189906044
php-enchant-5.3.3-53.el6.cloudlinux.x86_64.rpm
f1531421f86d3de954fa936494dbe16fc140a265
php-process-5.3.3-53.el6.cloudlinux.x86_64.rpm
e23d4b444d5e0ff29cf58c38dac6cf1190d94767
php-intl-5.3.3-53.el6.cloudlinux.x86_64.rpm
e69618ad666df2ec7592bdc50e208c269df6cbbd
php-bcmath-5.3.3-53.el6.cloudlinux.x86_64.rpm
c16689d6def32424df04c537e3c0a627015e204f
php-xmlrpc-5.3.3-53.el6.cloudlinux.x86_64.rpm
a728007ed04ae06bd346800d63322b1447d57712
php-imap-5.3.3-53.el6.cloudlinux.x86_64.rpm
6ccec667f8815b089be760e8b063d5cef94df014
php-mbstring-5.3.3-53.el6.cloudlinux.x86_64.rpm
8064843e970ef05b12e5dea1bffc46b103a105af
php-common-5.3.3-53.el6.cloudlinux.x86_64.rpm
30ced2bf12a2eb9454d2ba7f5485913bc73b01fe
php-ldap-5.3.3-53.el6.cloudlinux.x86_64.rpm
94f44e7b53546f4363b3a0e64b7279bfb9869ae6
php-devel-5.3.3-53.el6.cloudlinux.x86_64.rpm
fb5872f9c7ae282ca0946d6485000e1ff5b58f47
php-embedded-5.3.3-53.el6.cloudlinux.x86_64.rpm
d7eed5543dc9c65ded1e87bb50146ab72212de85
php-tidy-5.3.3-53.el6.cloudlinux.x86_64.rpm
abe8700320f512e4ab32a498d4b06dfc43acee34
php-recode-5.3.3-53.el6.cloudlinux.x86_64.rpm
8aaab63fd54428a8c047158c7c72a8b8e9a87955
php-pgsql-5.3.3-53.el6.cloudlinux.x86_64.rpm
598f4bc8df9c78446637b446e2f3c6dd69cf55d6
CLSA-2022:1650575892
Update of php 5.3: Remove mariadb102 patch to eliminate faulty functionality
Copyright 2022 Cloud Linux Inc
0
- Remove mariadb102 patch to eliminate faulty functionality
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Remove mariadb102 patch to eliminate faulty functionality
0
cloudlinux-x86_64-server-6
php-gd-5.3.3-54.el6.cloudlinux.x86_64.rpm
e4fb8128bb7f8264635760753e8ac43ccd4f825d
php-dba-5.3.3-54.el6.cloudlinux.x86_64.rpm
f542da8aaaf22d847db8edc0fb3d349032d24f6c
php-5.3.3-54.el6.cloudlinux.x86_64.rpm
a2f6b9301e65195569e8f8b9f35624ce3e9e656d
php-tidy-5.3.3-54.el6.cloudlinux.x86_64.rpm
3998bcfa97816372941cee1574883d78e0397dbc
php-pspell-5.3.3-54.el6.cloudlinux.x86_64.rpm
622242725cc1102d067c93bd855d50bd02c65dc1
php-snmp-5.3.3-54.el6.cloudlinux.x86_64.rpm
d2b893dbe7729b62b4ebaf3ca00701ef84b38778
php-common-5.3.3-54.el6.cloudlinux.x86_64.rpm
2f718f92f0f1bf77df0ad0ca3b3a57d7aad5bc16
php-fpm-5.3.3-54.el6.cloudlinux.x86_64.rpm
7f4e474b43d3bc07182b3e2357a261f46594e274
php-zts-5.3.3-54.el6.cloudlinux.x86_64.rpm
fa7ee2100d6f583e4a1bdc1bdef476ed4440ee18
php-mysql-5.3.3-54.el6.cloudlinux.x86_64.rpm
1e721e8d72b8864e7590b8622be0ead70f5edc43
php-cli-5.3.3-54.el6.cloudlinux.x86_64.rpm
e5d1bd983e4667e959fafbf741be0b75dc458afe
php-pgsql-5.3.3-54.el6.cloudlinux.x86_64.rpm
c99e20960baf2877676e52d53bcccd4aa19ef49e
php-soap-5.3.3-54.el6.cloudlinux.x86_64.rpm
4baaf1488820503c40cd2cab90195af920a53b89
php-ldap-5.3.3-54.el6.cloudlinux.x86_64.rpm
cae508644fdf58511019b41cf7cfda0c0a557af5
php-xmlrpc-5.3.3-54.el6.cloudlinux.x86_64.rpm
e84500e918219cb7f5c5e7d890979f9b02772f15
php-pdo-5.3.3-54.el6.cloudlinux.x86_64.rpm
a212db5100c1bb1cf30518c4cc5f94490aaf5d79
php-imap-5.3.3-54.el6.cloudlinux.x86_64.rpm
5cb0e95675377cbcbf60b58f492327ddf751ed74
php-mbstring-5.3.3-54.el6.cloudlinux.x86_64.rpm
33edcf1fb0cbb5b55c0c4d21c6b685147115ff09
php-enchant-5.3.3-54.el6.cloudlinux.x86_64.rpm
d193df87b6cc5b6fbfd7da686fc2e9941662c369
php-bcmath-5.3.3-54.el6.cloudlinux.x86_64.rpm
20d357ba65fe83fc411b352b870200512ffa7887
php-embedded-5.3.3-54.el6.cloudlinux.x86_64.rpm
1aefac4702075caa4f33d40f677b658fe44a5099
php-recode-5.3.3-54.el6.cloudlinux.x86_64.rpm
45b93bc0b3dd5cc0db484698e0da8733f974413c
php-process-5.3.3-54.el6.cloudlinux.x86_64.rpm
8c571748c28569e6ccf3868a82a21b8e8b93f939
php-devel-5.3.3-54.el6.cloudlinux.x86_64.rpm
2d9e238253a7866a0b02489121ff49d9040b2cf0
php-xml-5.3.3-54.el6.cloudlinux.x86_64.rpm
b890f74e5c7898b58ef45d3441b8fdd6e040e99c
php-intl-5.3.3-54.el6.cloudlinux.x86_64.rpm
224d421c0a1048477586738c73c143edc1cf2824
php-odbc-5.3.3-54.el6.cloudlinux.x86_64.rpm
f05d6bf4a284461e12fbdf555b266cd3b1ded38e
CLSA-2022:1650575956
Fix of CVE: CVE-2021-28651
Copyright 2022 Cloud Linux Inc
0
- CVE-2021-28651: fix memory leak leading to denial of service
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-28651: fix memory leak leading to denial of service
0
cloudlinux-x86_64-server-6
squid-3.1.23-25.el6.cloudlinux.els.x86_64.rpm
62be8889fc5d599cb6b021329b5ef316b0cf2e7f
CLSA-2022:1650575983
Fix of CVE: CVE-2021-27135
Copyright 2022 Cloud Linux Inc
0
- CVE-2021-27135: fix crash when processing combining characters
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-27135: fix crash when processing combining characters
0
cloudlinux-x86_64-server-6
xterm-253-2.el6.cloudlinux.els.x86_64.rpm
b956563089d37e849004af65d52ceea906f27c31
CLSA-2022:1650576008
Update of els-define
Copyright 2022 Cloud Linux Inc
0
- Add OracleLinux support
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Add OracleLinux support
0
cloudlinux-x86_64-server-6
els-define-1-1.0.1.el6.x86_64.rpm
d7c7056c12d58974ddb115bab1b9f32fd9ab83fc
CLSA-2022:1650576075
Fix of 13 CVEs
Copyright 2022 Cloud Linux Inc
0
- CKSIX-267: USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data
- CKSIX-267: CVE-2019-14615: drm/i915/gen9: Clear residual context state on context switch
- CKSIX-267: CVE-2020-8647, CVE-2020-8649: vgacon: Fix a UAF in vgacon_invert_region
- CKSIX-267: CVE-2020-14331: vgacon: Fix for missing check in scrollback handling
- CKSIX-268: CVE-2021-3347: futex: Handle faults correctly for PI futexes
- CKSIX-268: CVE-2021-3347: futex: Provide and use pi_state_update_owner()
- CKSIX-263: KEYS: allow reaching the keys quotas exactly
- CKSIX-263: KEYS: reaching the keys quotas correctly
- CKSIX-263: fix -ENOMEM result with invalid user space pointer in sendto() syscall
- CKSIX-263: CVE-2017-18344: posix-timer: Properly check sigevent->sigev_notify
- CKSIX-263: CVE-2018-6927: futex: Prevent overflow by strengthen input validation
- CKSIX-258: CVE-2017-6951: KEYS: Change the name of the dead type to ".dead" to prevent user access
- CKSIX-258: CVE-2017-15299: KEYS: don't let add_key() update an uninstantiated key
- CKSIX-258: fix CVE-2016-9604
- CKSIX-258: KEYS: add missing permission check for request_key() destination
- CKSIX-258: CVE-2017-10661: timerfd: Protect the might cancel mechanism proper
- CKSIX-258: fix CVE-2017-7472
- CKSIX-258: fix CVE-2017-15274
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CKSIX-267: USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data
- CKSIX-267: CVE-2019-14615: drm/i915/gen9: Clear residual context state on context switch
- CKSIX-267: CVE-2020-8647, CVE-2020-8649: vgacon: Fix a UAF in vgacon_invert_region
- CKSIX-267: CVE-2020-14331: vgacon: Fix for missing check in scrollback handling
- CKSIX-268: CVE-2021-3347: futex: Handle faults correctly for PI futexes
- CKSIX-268: CVE-2021-3347: futex: Provide and use pi_state_update_owner()
- CKSIX-263: KEYS: allow reaching the keys quotas exactly
- CKSIX-263: KEYS: reaching the keys quotas correctly
- CKSIX-263: fix -ENOMEM result with invalid user space pointer in sendto() syscall
- CKSIX-263: CVE-2017-18344: posix-timer: Properly check sigevent->sigev_notify
- CKSIX-263: CVE-2018-6927: futex: Prevent overflow by strengthen input validation
- CKSIX-258: CVE-2017-6951: KEYS: Change the name of the dead type to ".dead" to prevent user access
- CKSIX-258: CVE-2017-15299: KEYS: don't let add_key() update an uninstantiated key
- CKSIX-258: fix CVE-2016-9604
- CKSIX-258: KEYS: add missing permission check for request_key() destination
- CKSIX-258: CVE-2017-10661: timerfd: Protect the might cancel mechanism proper
- CKSIX-258: fix CVE-2017-7472
- CKSIX-258: fix CVE-2017-15274
0
cloudlinux-x86_64-server-6
kernel-debug-2.6.32-754.35.2.el6.x86_64.rpm
28b38ec6fc31f80ffc683ada1baf41ecf92499dd
python-perf-2.6.32-754.35.2.el6.x86_64.rpm
708f976a712309cfba0a10d800156e2a6b29cad7
kernel-debug-devel-2.6.32-754.35.2.el6.i686.rpm
efc3281b7f117472e467562cb6dc2efd2d657630
kernel-firmware-2.6.32-754.35.2.el6.i686.rpm
714db75eb6c0191c110079922d4627fc799b54ef
kernel-devel-2.6.32-754.35.2.el6.x86_64.rpm
6f54e5624d865d2e9b42f9639472d8160c8689a0
kernel-2.6.32-754.35.2.el6.x86_64.rpm
de7efb4e6180f523879f8e7e474d2246e77a0c65
perf-2.6.32-754.35.2.el6.x86_64.rpm
39bdcf89cb3c9f648c14a3a0bdf20a16be15fa76
kernel-headers-2.6.32-754.35.2.el6.x86_64.rpm
3333bd22923bc3e27728ccfbe656c462f9a0ded4
kernel-debug-devel-2.6.32-754.35.2.el6.x86_64.rpm
92b002b0e62970126f62de39800037c1c59fd8c1
kernel-firmware-2.6.32-754.35.2.el6.x86_64.rpm
956baaf6b44244a4e19c66be2f4b55be3b65baa3
CLSA-2022:1650910003
Fix of CVE: CVE-2019-18276
Copyright 2022 Cloud Linux Inc
0
- CVE-2019-18276: Fix priviledge dropping when running with effective
UID not equal to real UID
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2019-18276: Fix priviledge dropping when running with effective
UID not equal to real UID
0
cloudlinux-x86_64-server-6
bash-doc-4.1.2-48.el6.tuxcare.els1.x86_64.rpm
75d41e2b3b4ca7d092c61cf8eebfb908975fef9e
bash-4.1.2-48.el6.tuxcare.els1.x86_64.rpm
d7aeeee3c4aa1ceb24e489e92daefff1fd1d9383
CLSA-2022:1650986488
Fix of CVE: CVE-2020-0466, CVE-2022-0492, CVE-2021-4155, CVE-2021-0920
Copyright 2022 Cloud Linux Inc
0
- cgroup-v1: Require capabilities to set release_agent [ELSCVE-3555] {CVE-2022-0492}
- xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate [ELSCVE-3891] {CVE-2021-4155}
- af_unix: fix garbage collect vs MSG_PEEK [ELSCVE-3728] {CVE-2021-0920}
- epoll: Keep a reference on files added to the check list [ELSCVE-3890] {CVE-2020-0466}
- Revert "cipso,calipso: resolve a number of problems with the DOI refcounts"
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- cgroup-v1: Require capabilities to set release_agent [ELSCVE-3555] {CVE-2022-0492}
- xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate [ELSCVE-3891] {CVE-2021-4155}
- af_unix: fix garbage collect vs MSG_PEEK [ELSCVE-3728] {CVE-2021-0920}
- epoll: Keep a reference on files added to the check list [ELSCVE-3890] {CVE-2020-0466}
- Revert "cipso,calipso: resolve a number of problems with the DOI refcounts"
0
cloudlinux-x86_64-server-6
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els10.noarch.rpm
5cb8f200de8ac62215a70a21527c46ed7df61568
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els10.noarch.rpm
d5dfc66d6a363b5f29f69dbfed4d741264157303
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els10.noarch.rpm
138ffb7109e2c7611534caed17bd878e0b26cb43
CLSA-2022:1650986589
Fix of CVE: CVE-2021-0920, CVE-2022-0492, CVE-2020-0466, CVE-2021-4155
Copyright 2022 Cloud Linux Inc
0
- cgroup-v1: Require capabilities to set release_agent [ELSCVE-3555] {CVE-2022-0492}
- xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate [ELSCVE-3891] {CVE-2021-4155}
- af_unix: fix garbage collect vs MSG_PEEK [ELSCVE-3728] {CVE-2021-0920}
- epoll: Keep a reference on files added to the check list [ELSCVE-3890] {CVE-2020-0466}
- Revert "cipso,calipso: resolve a number of problems with the DOI refcounts"
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- cgroup-v1: Require capabilities to set release_agent [ELSCVE-3555] {CVE-2022-0492}
- xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate [ELSCVE-3891] {CVE-2021-4155}
- af_unix: fix garbage collect vs MSG_PEEK [ELSCVE-3728] {CVE-2021-0920}
- epoll: Keep a reference on files added to the check list [ELSCVE-3890] {CVE-2020-0466}
- Revert "cipso,calipso: resolve a number of problems with the DOI refcounts"
0
cloudlinux-x86_64-server-6
python-perf-2.6.32-754.35.8.el6.tuxcare.els10.x86_64.rpm
376ae9dea079539f089cc51acbf78822448e0888
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els10.x86_64.rpm
4d283e8842549fcbf4a3f8e5d4876768b5683bf2
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els10.x86_64.rpm
6efaceaab6d5fe6ac0f80d4a78b3d5d857b9dd22
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els10.x86_64.rpm
e29b65520096af823c03f4f5dcfc638f837b62ef
kernel-2.6.32-754.35.8.el6.tuxcare.els10.x86_64.rpm
85d3eb186cd9b2ac04a085ad48b8844f0a278fab
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els10.i686.rpm
68fcbad037941a82e3ef6a46a820687829b3a36a
perf-2.6.32-754.35.8.el6.tuxcare.els10.i686.rpm
6a9f266d3e9228b7028ef860178af2073f339fcb
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els10.x86_64.rpm
4d067b6d684eab67ba769293839e9c86d809d593
perf-2.6.32-754.35.8.el6.tuxcare.els10.x86_64.rpm
60b8033ba62ee63874271df78343f9fea1757366
CLSA-2022:1652706231
Fixed CVE-2018-25032 in zlib
TuxCare License Agreement
0
- CVE-2018-25032: Fix memory corruption when deflating
if the input has many distant matches
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2018-25032: Fix memory corruption when deflating
if the input has many distant matches
0
cloudlinux-x86_64-server-6
zlib-static-1.2.3-29.el6.tuxcare.els1.x86_64.rpm
95083f5c8ffd26679bc1608e246b8cdd772ce277
zlib-1.2.3-29.el6.tuxcare.els1.x86_64.rpm
2f6a8f1ae9e4275b3dd6d86e8bba84eb1a81b1eb
zlib-devel-1.2.3-29.el6.tuxcare.els1.i686.rpm
d877935782ae171c7f60357993055030305c6216
zlib-1.2.3-29.el6.tuxcare.els1.i686.rpm
532958d9c9498819fd0926988ce2e33257c9d001
minizip-1.2.3-29.el6.tuxcare.els1.i686.rpm
11e529c03b9029431f332a83a1f2a0a4cc702bfa
minizip-devel-1.2.3-29.el6.tuxcare.els1.i686.rpm
c69a5dd95873c3c871fca82c3314edae327ebf92
minizip-1.2.3-29.el6.tuxcare.els1.x86_64.rpm
9cb114d7439c6893d8d194694c8076fdbbbd8679
minizip-devel-1.2.3-29.el6.tuxcare.els1.x86_64.rpm
0ec36752c67028d820b2e0786d41e79161c0acad
zlib-devel-1.2.3-29.el6.tuxcare.els1.x86_64.rpm
09d30cb99f449fb60d76c38d4c5ee6cae517854f
CLSA-2022:1653004535
Fixed CVE-2018-25032 in rsync
TuxCare License Agreement
0
- CVE-2018-25032: Fix memory corruption when deflating if the input
has many distant matches
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2018-25032: Fix memory corruption when deflating if the input
has many distant matches
0
cloudlinux-x86_64-server-6
rsync-3.0.6-12.el6.tuxcare.els1.x86_64.rpm
455821279fe8d783232eadbea0dba2d04851dd7f
CLSA-2022:1653005178
Fixed CVE-2022-1271 in gzip
TuxCare License Agreement
0
- CVE-2022-1271: Fix arbitrary file override with crafted file names
Low
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-1271: Fix arbitrary file override with crafted file names
0
cloudlinux-x86_64-server-6
gzip-1.3.12-24.el6.tuxcare.els1.x86_64.rpm
1a9e2f718c47ba0f3f4cc4b794f81b14b63b7227
CLSA-2022:1653006752
Fixed CVEs in vim: CVE-2022-1620, CVE-2022-1616, CVE-2022-1629, CVE-2022-1621, CVE-2022-1619
TuxCare License Agreement
0
- CVE-2022-1619: fix going before the command line start with latin1 encoding
- CVE-2022-1620: fix NULL pointer dereference when using invalig regexp
- CVE-2022-1621: fix to avoid adding invalid bytes with :spellgood
- CVE-2022-1629: fix reading past end of line if ended with trailing backslash
- CVE-2022-1616: fix buffer overflow with invalid command with composing chars
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-1619: fix going before the command line start with latin1 encoding
- CVE-2022-1620: fix NULL pointer dereference when using invalig regexp
- CVE-2022-1621: fix to avoid adding invalid bytes with :spellgood
- CVE-2022-1629: fix reading past end of line if ended with trailing backslash
- CVE-2022-1616: fix buffer overflow with invalid command with composing chars
0
cloudlinux-x86_64-server-6
vim-enhanced-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
bfe7e0506613d95dd12a44dcdcd4479fe6c2f52d
vim-minimal-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
f4d3a727ea8ca66c22b499664d1f89e6d740f775
vim-filesystem-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
33a3440f8660db4b9587e0c55a80c679dd964d95
vim-common-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
93f4335f48ba135f32661ddc32918986cf924eef
vim-X11-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
5b3adf42859f87810f4a490a5359180b1de8b81d
CLSA-2022:1653933185
Fixed CVEs in vim: CVE-2022-1735, CVE-2022-1733
TuxCare License Agreement
0
- CVE-2022-1733: fix reading past end of the line when C-indenting
- CVE-2022-1735: fix invalid memory access caused by changing text in Visual mode
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-1733: fix reading past end of the line when C-indenting
- CVE-2022-1735: fix invalid memory access caused by changing text in Visual mode
0
cloudlinux-x86_64-server-6
vim-enhanced-7.4.629-5.2.el6.tuxcare.els13.x86_64.rpm
3355e1bba2ecc46ed93737dba52f73bc4bb00d35
vim-filesystem-7.4.629-5.2.el6.tuxcare.els13.x86_64.rpm
081a7f895dca495ad4d74194d6a69d810a0cc14d
vim-minimal-7.4.629-5.2.el6.tuxcare.els13.x86_64.rpm
64710c105965ada1a7e8084fba01893553d624a7
vim-common-7.4.629-5.2.el6.tuxcare.els13.x86_64.rpm
ec63b466a9b7dc277de4c3aba1cf5ea4946bb509
vim-X11-7.4.629-5.2.el6.tuxcare.els13.x86_64.rpm
57aadf54c2be5f63a9a3bcbc2b502356be3d2ced
CLSA-2022:1654107183
Fixed CVE-2021-33582 in cyrus-imapd
TuxCare License Agreement
0
- CVE-2021-33582: Fix a bad string hashing algorithm which could lead to
collisions and cause a CPU denial of service
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-33582: Fix a bad string hashing algorithm which could lead to
collisions and cause a CPU denial of service
0
cloudlinux-x86_64-server-6
cyrus-imapd-utils-2.3.16-15.el6.tuxcare.els1.x86_64.rpm
ee2d6bc59a1403ac790304bb755f2ee066eddf9c
cyrus-imapd-devel-2.3.16-15.el6.tuxcare.els1.x86_64.rpm
cb728012bab0bc844fa0419c5a7c3d2c4b9bd74f
cyrus-imapd-devel-2.3.16-15.el6.tuxcare.els1.i686.rpm
d9fe0497a46600ed67abcbd1b38f85a83eb73918
cyrus-imapd-2.3.16-15.el6.tuxcare.els1.x86_64.rpm
69be577834169884dded6f06503503cc56ab4948
CLSA-2022:1654174749
Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21426, CVE-2022-21496
TuxCare License Agreement
0
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u332-b09. That fixes following CVEs:
- CVE-2022-21476: Defective secure validation in Apache Santuario
- CVE-2022-21496: URI parsing inconsistencies
- CVE-2022-21434: Improper object-to-string conversion in AnnotationInvocationHandler
- CVE-2022-21426: Unbounded memory allocation when compiling crafted XPath expressions
- CVE-2022-21443: Missing check for negative ObjectIdentifier
- Remove patch files from previous change due to their presence in newer versions
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u332-b09. That fixes following CVEs:
- CVE-2022-21476: Defective secure validation in Apache Santuario
- CVE-2022-21496: URI parsing inconsistencies
- CVE-2022-21434: Improper object-to-string conversion in AnnotationInvocationHandler
- CVE-2022-21426: Unbounded memory allocation when compiling crafted XPath expressions
- CVE-2022-21443: Missing check for negative ObjectIdentifier
- Remove patch files from previous change due to their presence in newer versions
0
cloudlinux-x86_64-server-6
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
8a58c934a4e3429a849f578fe2725e2f0e898e3d
java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el6.tuxcare.els1.noarch.rpm
d91e45e52ef4f43ce565c91b576bb4b0b55aa52f
java-1.8.0-openjdk-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
e020b06799d5c16886f4de6255645ba69576b055
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
f3777d4dd18f11883d0e3a07a621a86d00c9f5f4
java-1.8.0-openjdk-demo-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
73abb46cd2f5aeab6ebd4243624fdcc29e5875d3
java-1.8.0-openjdk-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
225aefa7169ead6a01233bcb873bb2518adec68f
java-1.8.0-openjdk-javadoc-debug-1.8.0.332.b09-1.el6.tuxcare.els1.noarch.rpm
bbcafffd379c7e505b4c0440e2317c9e41ed73cf
java-1.8.0-openjdk-devel-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
6a09f9da247cdc2e4230cd1b014b27f5cb3566a8
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
b26a622e3c5517439e144b0e480b2b8f5ca7ccfa
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
0a24dc486952b22dafa21c5e9c549293765b4c11
java-1.8.0-openjdk-src-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
e00ed68bb79e2fdc3bb75b866b57e3bfe67bd797
java-1.8.0-openjdk-headless-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm
08a881aef8f3e159059b90f3160ebdcdacbe7fd0
CLSA-2022:1654529495
Fixed CVEs in vim: CVE-2022-1785, CVE-2022-1796
TuxCare License Agreement
0
- CVE-2022-1785: fix out-of-bounds write by disallowing changing window
in substitute expression
- CVE-2022-1796: fix use after free by making a copy of a line
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-1785: fix out-of-bounds write by disallowing changing window
in substitute expression
- CVE-2022-1796: fix use after free by making a copy of a line
0
cloudlinux-x86_64-server-6
vim-minimal-7.4.629-5.2.el6.tuxcare.els14.x86_64.rpm
963de8c94c628b580cda628fbabe5a39bfe82bce
vim-X11-7.4.629-5.2.el6.tuxcare.els14.x86_64.rpm
0e633d4974d06c9c5a759d8c45b47665658120e7
vim-enhanced-7.4.629-5.2.el6.tuxcare.els14.x86_64.rpm
9617017ff5a62d1a81ffe3910ae5fb40769675e7
vim-filesystem-7.4.629-5.2.el6.tuxcare.els14.x86_64.rpm
665314c2e2a9aaf83a27c619c0d4b817d76399ba
vim-common-7.4.629-5.2.el6.tuxcare.els14.x86_64.rpm
e8cb479450e667022a818ece72cbb3c071d7a102
CLSA-2022:1654717777
Fixed CVE-2022-24903 in rsyslog
TuxCare License Agreement
0
- CVE-2022-24903: fix heap-based overflow in TCP syslog server
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-24903: fix heap-based overflow in TCP syslog server
0
cloudlinux-x86_64-server-6
rsyslog-pgsql-5.8.10-12.el6.tuxcare.els1.x86_64.rpm
4db2b03ca39438da721c39dd8fdf6b0b1c753348
rsyslog-5.8.10-12.el6.tuxcare.els1.x86_64.rpm
f23529392184954dc1f9976745dc06bfe4f551cf
rsyslog-mysql-5.8.10-12.el6.tuxcare.els1.x86_64.rpm
f22401f913e08e21997fe364937f8990f43fd3b4
rsyslog-gnutls-5.8.10-12.el6.tuxcare.els1.x86_64.rpm
5a5aac72b4a14ab700c43024a3a9006072acf264
rsyslog-snmp-5.8.10-12.el6.tuxcare.els1.x86_64.rpm
4cad852a2a1f61f9b25bf1afa70db506c101412e
rsyslog-relp-5.8.10-12.el6.tuxcare.els1.x86_64.rpm
fc296f670b2c9f8b4a98e96f7c974677781121ce
rsyslog-gssapi-5.8.10-12.el6.tuxcare.els1.x86_64.rpm
1d3cf4a5df955890b90588d0b5b29879e6c2ea83
CLSA-2022:1654804579
Fixed CVEs in vim: CVE-2022-0319, CVE-2022-1886, CVE-2022-1898, CVE-2022-1851
TuxCare License Agreement
0
- CVE-2022-0319: correct end of Visual area when entering another buffer
- CVE-2022-1851: fix invalid cursor position after text formatting
- CVE-2022-1886: fix access before start of text with a put command
- CVE-2022-1898: fix using freed memory with ']d'
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-0319: correct end of Visual area when entering another buffer
- CVE-2022-1851: fix invalid cursor position after text formatting
- CVE-2022-1886: fix access before start of text with a put command
- CVE-2022-1898: fix using freed memory with ']d'
0
cloudlinux-x86_64-server-6
vim-minimal-7.4.629-5.2.el6.tuxcare.els15.x86_64.rpm
efeb7e76d7598b374767619f578bf27da992039b
vim-filesystem-7.4.629-5.2.el6.tuxcare.els15.x86_64.rpm
f9c7b0af73cf493e06cbb116ee45e375f0d22460
vim-enhanced-7.4.629-5.2.el6.tuxcare.els15.x86_64.rpm
ce26062eb6e2bfbe4c5efddef0f86161b31e06a2
vim-common-7.4.629-5.2.el6.tuxcare.els15.x86_64.rpm
643b3a6b9d0739d1d302c294e8f56bc8c9376ecd
vim-X11-7.4.629-5.2.el6.tuxcare.els15.x86_64.rpm
2232f2c5157451c10add9f6ae1955382d839f1f6
CLSA-2022:1655320860
Fixed CVEs in vim: CVE-2022-1927, CVE-2022-1897
TuxCare License Agreement
0
- CVE-2022-1897: fix substitution which overwrites an allocated buffer
- CVE-2022-1927: fix invalid cursor position after '0;' range
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-1897: fix substitution which overwrites an allocated buffer
- CVE-2022-1927: fix invalid cursor position after '0;' range
0
cloudlinux-x86_64-server-6
vim-minimal-7.4.629-5.2.el6.tuxcare.els16.x86_64.rpm
00bfab450d4f879c8029abad3f64180c598f98b8
vim-filesystem-7.4.629-5.2.el6.tuxcare.els16.x86_64.rpm
904ff5c1044e35fffd8f1534fffd980f066feca3
vim-common-7.4.629-5.2.el6.tuxcare.els16.x86_64.rpm
d4d3ff9c0fca798f807229771d1e428bfb203677
vim-enhanced-7.4.629-5.2.el6.tuxcare.els16.x86_64.rpm
88bb2bac4a5ae778726219a00c69a97a1c26deef
vim-X11-7.4.629-5.2.el6.tuxcare.els16.x86_64.rpm
1b0f007ff875cf1108d5cd71e4fbe4f92f950e0b
CLSA-2022:1655843011
Fixed CVE-2019-17571 in log4j
TuxCare License Agreement
0
- CVE-2019-17571: Fix the deserialization of untrusted data in SocketServer
that allows an attacker to remotely execute arbitrary code
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2019-17571: Fix the deserialization of untrusted data in SocketServer
that allows an attacker to remotely execute arbitrary code
0
cloudlinux-x86_64-server-6
log4j-manual-1.2.14-6.4.el6.tuxcare.els4.x86_64.rpm
68c4db4d8a1b13d0284482b880b537c8ab1fd290
log4j-1.2.14-6.4.el6.tuxcare.els4.x86_64.rpm
ae333618265cb0da0b4fd7a21b84aba14a171616
log4j-javadoc-1.2.14-6.4.el6.tuxcare.els4.x86_64.rpm
a289826dd2bcdf5c5760f209229697c266dc9bfe
CLSA-2022:1655901698
Fixed CVE-2022-2042 in vim
TuxCare License Agreement
0
- CVE-2022-2042: fix using uninitialized value and freed memory in spell command
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-2042: fix using uninitialized value and freed memory in spell command
0
cloudlinux-x86_64-server-6
vim-minimal-7.4.629-5.2.el6.tuxcare.els18.x86_64.rpm
a685318100f90d3194d46b8a16bd24e3fe3a0e5e
vim-enhanced-7.4.629-5.2.el6.tuxcare.els18.x86_64.rpm
bf2794f9154e793c308f85dbac30fcd6822364d1
vim-X11-7.4.629-5.2.el6.tuxcare.els18.x86_64.rpm
5cfa872578cfa7b3e2f970905d52ba522326c49c
vim-filesystem-7.4.629-5.2.el6.tuxcare.els18.x86_64.rpm
ab7ec85ec08742078804ffd0bb39ae1b7baa88c9
vim-common-7.4.629-5.2.el6.tuxcare.els18.x86_64.rpm
97caad76b60c9231445ed1d58a85465412eade8d
CLSA-2022:1656447241
Fixed CVEs in httpd: CVE-2022-31813, CVE-2022-28615, CVE-2022-26377
TuxCare License Agreement
0
- CVE-2022-26377: mod_proxy_ajp: fix HTTP request smuggling
- CVE-2022-28615: fix possible out-of-bounds read in ap_strcmp_match()
- CVE-2022-31813: mod_proxy: preserve original request headers so an upstream knows what
the original request hostname was, and so send X-Forwarded-* headers correctly
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-26377: mod_proxy_ajp: fix HTTP request smuggling
- CVE-2022-28615: fix possible out-of-bounds read in ap_strcmp_match()
- CVE-2022-31813: mod_proxy: preserve original request headers so an upstream knows what
the original request hostname was, and so send X-Forwarded-* headers correctly
0
cloudlinux-x86_64-server-6
httpd-tools-2.2.15-72.el6.tuxcare.els5.x86_64.rpm
ef52dc544ebbf32683a8a23d319feec050db8c67
mod_ssl-2.2.15-72.el6.tuxcare.els5.x86_64.rpm
917ee071999f4deb83af8af42e5c3e08e75fd5e1
httpd-2.2.15-72.el6.tuxcare.els5.x86_64.rpm
892532268201c5a6123b1cae6ae1c44385a9855c
httpd-devel-2.2.15-72.el6.tuxcare.els5.x86_64.rpm
8792b5bef0fe44340fee436d7b8f3e24e1361c2c
httpd-manual-2.2.15-72.el6.tuxcare.els5.noarch.rpm
19d08664e4168e67b5f51173b8dcdea41bba410b
httpd-devel-2.2.15-72.el6.tuxcare.els5.i686.rpm
9732c46fa2cdb2c0b6488832dcae1474c2f70c45
CLSA-2022:1656961923
Fixed CVE-2022-27782 in curl
TuxCare License Agreement
0
- CVE-2022-27782: add missing checks of ssl and ssh options during matching
a connection for reuse
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-27782: add missing checks of ssl and ssh options during matching
a connection for reuse
0
cloudlinux-x86_64-server-6
libcurl-devel-7.19.7-59.el6.tuxcare.els6.x86_64.rpm
5ac82479a5179e18f07c666cee8bc940337097ba
libcurl-devel-7.19.7-59.el6.tuxcare.els6.i686.rpm
a9efbeab5d00c84bcc06c83f8b109fa2c50f4444
libcurl-7.19.7-59.el6.tuxcare.els6.x86_64.rpm
3ea2fae27f0cd76c9a2d7f11262737fb65f85878
libcurl-7.19.7-59.el6.tuxcare.els6.i686.rpm
db02bbe874e9c0f79770608a83ac2f5c7acfdf4c
curl-7.19.7-59.el6.tuxcare.els6.x86_64.rpm
a4577b7e61a1b491cde4c98e8994e74fc2a514db
CLSA-2022:1656962023
Fixed CVE-2016-10009 in openssh-5.3p1
TuxCare License Agreement
0
- CVE-2016-10009: add whitelist of paths which may ssh-agent load from
in order to prevent execution of arbitrary local pkcs#11
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2016-10009: add whitelist of paths which may ssh-agent load from
in order to prevent execution of arbitrary local pkcs#11
0
cloudlinux-x86_64-server-6
pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els1.x86_64.rpm
c28acde0e75d62f44ac26493424ba517d17f7ba4
openssh-ldap-5.3p1-125.el6.tuxcare.els1.x86_64.rpm
21193649a28f7666037a651ca0595801f26e23c6
openssh-clients-5.3p1-125.el6.tuxcare.els1.x86_64.rpm
369adabda82c9f83e52b21bf654c004175f1da2a
openssh-askpass-5.3p1-125.el6.tuxcare.els1.x86_64.rpm
a49d23f127e83befc4fc9b8249a997894af132f4
openssh-5.3p1-125.el6.tuxcare.els1.x86_64.rpm
a9a4abc5a4a407b814f53295ca4553a424d844aa
pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els1.i686.rpm
79093e253a129d1647f8d389851c37b7f46ebda7
openssh-server-5.3p1-125.el6.tuxcare.els1.x86_64.rpm
40e9ab1f886f15e44350a12a884f648546c60569
CLSA-2022:1657182572
Fixed CVEs in vim: CVE-2022-2124, CVE-2022-2129, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720
TuxCare License Agreement
0
- CVE-2022-2125: add checking for NUL to avoid running over the end of line
- CVE-2022-1720: do not include the NUL in the length to avoid reading past end
of line with "gf" in Visual block mode
- CVE-2022-2124: add checking for NUL to avoid running over the end of line
- CVE-2022-2129: disallow switching buffers in a substitute expression to avoid
overruning destination buffer
- CVE-2022-2126: do not decrement the index when it is zero
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-2125: add checking for NUL to avoid running over the end of line
- CVE-2022-1720: do not include the NUL in the length to avoid reading past end
of line with "gf" in Visual block mode
- CVE-2022-2124: add checking for NUL to avoid running over the end of line
- CVE-2022-2129: disallow switching buffers in a substitute expression to avoid
overruning destination buffer
- CVE-2022-2126: do not decrement the index when it is zero
0
cloudlinux-x86_64-server-6
vim-common-7.4.629-5.2.el6.tuxcare.els19.x86_64.rpm
f8cd7bbc0062d4c53a154a0d0881812fa8394ab1
vim-X11-7.4.629-5.2.el6.tuxcare.els19.x86_64.rpm
9958777d2d982eb7db5806444bbb57a6f59ceada
vim-filesystem-7.4.629-5.2.el6.tuxcare.els19.x86_64.rpm
f529222b131d838b8980fc355f59904347123f1f
vim-minimal-7.4.629-5.2.el6.tuxcare.els19.x86_64.rpm
c3829d249ffe9b2865e2d297e3f5d44023b81710
vim-enhanced-7.4.629-5.2.el6.tuxcare.els19.x86_64.rpm
9b3ac3b37fb1dd9dab5436afe42cd12e13cdcef9
CLSA-2022:1657561005
Fixed CVE-2020-12723 in perl-5.10.1
TuxCare License Agreement
0
- CVE-2020-12723: fix a buffer overflow caused by a crafted regular expression
because of recursive S_study_chunk calls
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2020-12723: fix a buffer overflow caused by a crafted regular expression
because of recursive S_study_chunk calls
0
cloudlinux-x86_64-server-6
perl-version-0.77-146.el6.tuxcare.els3.x86_64.rpm
981e20a1c1ce4128472baec64e2dc71d87e7b88d
perl-suidperl-5.10.1-146.el6.tuxcare.els3.x86_64.rpm
663eff95539e0af67ab9e3f2f15a1e15c92f1078
perl-ExtUtils-Embed-1.28-146.el6.tuxcare.els3.x86_64.rpm
53fba72cf9025eb850565d0b009291087fc89f44
perl-Time-HiRes-1.9721-146.el6.tuxcare.els3.x86_64.rpm
cd6c80978a8da54fa533941de3007b6569e36ea3
perl-Object-Accessor-0.34-146.el6.tuxcare.els3.x86_64.rpm
c2ee626b5e358a7439446566d7584ca59a0392fc
perl-devel-5.10.1-146.el6.tuxcare.els3.x86_64.rpm
e2ad40c2c58f19a7b23dd525e12127462c61e72f
perl-Locale-Maketext-Simple-0.18-146.el6.tuxcare.els3.x86_64.rpm
76ea6714ecd17ca443f508a3dca2b19d531d8b46
perl-Compress-Zlib-2.021-146.el6.tuxcare.els3.x86_64.rpm
49b568bc85f786ef45215e4191e0e3a72f6b888f
perl-Archive-Extract-0.38-146.el6.tuxcare.els3.x86_64.rpm
607639e0f2ec0bdc4039a634017580ca6b2ac5f8
perl-ExtUtils-ParseXS-2.2003.0-146.el6.tuxcare.els3.x86_64.rpm
ec90416f025c7687134dea25833fa0c2d01c5607
perl-Module-Pluggable-3.90-146.el6.tuxcare.els3.x86_64.rpm
91cf903f87000a61b569617f71a34b29198cf2fc
perl-Pod-Simple-3.13-146.el6.tuxcare.els3.x86_64.rpm
2b3536380efce04ccea3437c0bdcfdadf08e4101
perl-Term-UI-0.20-146.el6.tuxcare.els3.x86_64.rpm
7cfe07ecbfce9064370871daf78e19551e3fb6c0
perl-Module-Load-0.16-146.el6.tuxcare.els3.x86_64.rpm
085f9b53c0e6812003a4e39a454d85c8e61d053a
perl-Compress-Raw-Bzip2-2.021-146.el6.tuxcare.els3.x86_64.rpm
74056459bbeacab1379a2dd1bfefefeff3cd2a0a
perl-Package-Constants-0.02-146.el6.tuxcare.els3.x86_64.rpm
2989c43ee3a9352df175c59ad74a5dfb77feef46
perl-File-Fetch-0.26-146.el6.tuxcare.els3.x86_64.rpm
ee6984a5bfc7862ac3645257d5c74fa0f8367773
perl-Archive-Tar-1.58-146.el6.tuxcare.els3.x86_64.rpm
a7dd9f430d067969f1b36ac0bc24c21ff38cf9e9
perl-CPANPLUS-0.88-146.el6.tuxcare.els3.x86_64.rpm
c6561f1808bfdc84d06abce00b813649f2a40cf5
perl-Time-Piece-1.15-146.el6.tuxcare.els3.x86_64.rpm
2b6b2f2f759d72ceb8c6b332139c2e539285607e
perl-parent-0.221-146.el6.tuxcare.els3.x86_64.rpm
898b6028b622e526a1852e8d66373d7025019b52
perl-core-5.10.1-146.el6.tuxcare.els3.x86_64.rpm
1fc36f323a2b8658ee6b1a0d23804c55224ebf53
perl-Params-Check-0.26-146.el6.tuxcare.els3.x86_64.rpm
305b912fb0f1eaf1b6b7d9fe89e780b750284d73
perl-IO-Zlib-1.09-146.el6.tuxcare.els3.x86_64.rpm
fa7133689bda88731e9ddafe8d4d8db219ae688b
perl-Log-Message-Simple-0.04-146.el6.tuxcare.els3.x86_64.rpm
2b28e9779f55cb5933d4e1630fc23e2060427942
perl-Module-CoreList-2.18-146.el6.tuxcare.els3.x86_64.rpm
24f1eb9d5fc6fe50701bff144b85584a3806153e
perl-Log-Message-0.02-146.el6.tuxcare.els3.x86_64.rpm
a4c02e9520487f0c4c961c3c87c86d176d8fb68b
perl-IO-Compress-Bzip2-2.021-146.el6.tuxcare.els3.x86_64.rpm
5d5f4aab345c6517ae8b186abe5cc351f30f79e6
perl-Test-Simple-0.92-146.el6.tuxcare.els3.x86_64.rpm
8f11c65ccfedf0712bbeabfe3e605c9920280863
perl-IO-Compress-Base-2.021-146.el6.tuxcare.els3.x86_64.rpm
f172d718eb18737d9b469dd82c35409238229fde
perl-ExtUtils-MakeMaker-6.55-146.el6.tuxcare.els3.x86_64.rpm
1879cfe5d6a059f44553e45430d426e1948580b0
perl-IPC-Cmd-0.56-146.el6.tuxcare.els3.x86_64.rpm
a7b8b4dab5ac0ee99f7f15bf5d6bbe81ab0c8c1b
perl-libs-5.10.1-146.el6.tuxcare.els3.i686.rpm
a6fc1dbe778ad6742bb31cfa6b1e6dee9b1d7185
perl-Digest-SHA-5.47-146.el6.tuxcare.els3.x86_64.rpm
efbccb99b54cab39fad81408517d4b33a2c2f803
perl-Module-Build-0.3500-146.el6.tuxcare.els3.x86_64.rpm
08c50f6f54b822e3423f28700f004e4fb9c03557
perl-devel-5.10.1-146.el6.tuxcare.els3.i686.rpm
86efe580eda2d55b6b2edd02930ba147530a15a4
perl-CPAN-1.9402-146.el6.tuxcare.els3.x86_64.rpm
c8c7162a67032888fcdb7b3961adb73231ee740e
perl-Test-Harness-3.17-146.el6.tuxcare.els3.x86_64.rpm
23150b8225de7ca2dd0ca2e1dd615ab95221b1e0
perl-CGI-3.51-146.el6.tuxcare.els3.x86_64.rpm
f9d19dfde902b23b3eac8d46bcca7769ce298b06
perl-ExtUtils-CBuilder-0.27-146.el6.tuxcare.els3.x86_64.rpm
0e33380470119d99660ec8110bc3b54212040128
perl-Module-Loaded-0.02-146.el6.tuxcare.els3.x86_64.rpm
c8aa7540c917d51cd80a63cc71b958e5bfcd063f
perl-Pod-Escapes-1.04-146.el6.tuxcare.els3.x86_64.rpm
2d2f9c99a2baa56594043e2d69f9c5bff8de87c0
perl-libs-5.10.1-146.el6.tuxcare.els3.x86_64.rpm
f54787f955a3278dfadb2b86371454f8bb59cdfb
perl-Parse-CPAN-Meta-1.40-146.el6.tuxcare.els3.x86_64.rpm
5700ddcb5d7ec9b6eff6cde82b991ccff10c4cd6
perl-5.10.1-146.el6.tuxcare.els3.x86_64.rpm
ddff9aa48850b1a08abd57f23380eace58474dd6
perl-Module-Load-Conditional-0.30-146.el6.tuxcare.els3.x86_64.rpm
b24557ddc37665582c3b4f0621e5a2e5e2a41482
perl-Compress-Raw-Zlib-2.021-146.el6.tuxcare.els3.x86_64.rpm
44a7ab602b0f66cd292806dee11d98f5eeb8c3c7
perl-IO-Compress-Zlib-2.021-146.el6.tuxcare.els3.x86_64.rpm
02c9f2786351ca4533296917c5c1c83e0fb336e0
CLSA-2022:1657561196
Fixed CVE-2018-5741 in bind
TuxCare License Agreement
0
- CVE-2018-5741: update {krb5,ms}-{self,subdomain} descriptions
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2018-5741: update {krb5,ms}-{self,subdomain} descriptions
0
cloudlinux-x86_64-server-6
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els5.i686.rpm
b465fee4fb98a603e2947837f9b9da552214598f
bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els5.x86_64.rpm
119aa3c24e201e31644b87657c21f26def4fe0f6
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els5.x86_64.rpm
6ffb0fb5e9abc421eca498210b15f3bb36745f84
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els5.i686.rpm
c514e1488c79a451f390f03adcf871f0bd3a49ef
bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els5.x86_64.rpm
91e5fd3379e826017808b2116be0ca1a0f8adc83
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els5.x86_64.rpm
e510fda5152ecd615e310c17021a61c6dbab8e0d
bind-9.8.2-0.68.rc1.el6.11.tuxcare.els5.x86_64.rpm
0d655a6803e136cea056f455a01d48662bd1cae4
bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els5.x86_64.rpm
a58a18f5214e572aa340564cfe506e7add31e04c
CLSA-2022:1657561632
Fixed CVEs in openssh-5.3p1: CVE-2016-10708, CVE-2016-10012
TuxCare License Agreement
0
- CVE-2016-10708: fix crash in packet handling code by moving inbound NEWKEYS
handling to kex layer
- CVE-2016-10012: abandon the fix due to compression mode issues
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2016-10708: fix crash in packet handling code by moving inbound NEWKEYS
handling to kex layer
- CVE-2016-10012: abandon the fix due to compression mode issues
0
cloudlinux-x86_64-server-6
pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els2.i686.rpm
33a6c24cc2496ba34696ac28d537ce987c0e5e5f
openssh-ldap-5.3p1-125.el6.tuxcare.els2.x86_64.rpm
b6744bab74e796907aeee2a14ecb945fbe357d2e
openssh-askpass-5.3p1-125.el6.tuxcare.els2.x86_64.rpm
907aa0bd92c80bcf0abea1f1b16af6d8e65dd30a
pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els2.x86_64.rpm
acd16614f40d285392d4ded7279bff1f4ae69d70
openssh-5.3p1-125.el6.tuxcare.els2.x86_64.rpm
ac8df161f7a0fadd956457964ca0f5b9812ea100
openssh-server-5.3p1-125.el6.tuxcare.els2.x86_64.rpm
2685ef722dad4439049ae04d0a0495f4d8b46680
openssh-clients-5.3p1-125.el6.tuxcare.els2.x86_64.rpm
980770160169bb374040c9e9cb300ae33aeb02f1
CLSA-2022:1657817606
Fixed CVEs in openssl: CVE-2022-1292, CVE-2022-2068
TuxCare License Agreement
0
- CVE-2022-1292: c_rehash: Do not use shell to invoke openssl to prevent
command injection
- CVE-2022-2068: c_rehash: Fix file operations to prevent command injection
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-1292: c_rehash: Do not use shell to invoke openssl to prevent
command injection
- CVE-2022-2068: c_rehash: Fix file operations to prevent command injection
0
cloudlinux-x86_64-server-6
openssl-devel-1.0.1e-63.el6.tuxcare.els7.i686.rpm
cae8bb0b9318f43dc3faf18c589db3e4e01abb42
openssl-static-1.0.1e-63.el6.tuxcare.els7.x86_64.rpm
81b788827549734eff626ec2203c0d960ffe9930
openssl-perl-1.0.1e-63.el6.tuxcare.els7.x86_64.rpm
682ec7969e7bd0662f1034f34e55c3c88b4acea9
openssl-devel-1.0.1e-63.el6.tuxcare.els7.x86_64.rpm
b27fed76646d753b936bed80cdac79928a137fe3
openssl-1.0.1e-63.el6.tuxcare.els7.i686.rpm
cde68338970d226a0f52ffb52c9b975c1c57505f
openssl-1.0.1e-63.el6.tuxcare.els7.x86_64.rpm
4aae941e7c421c9794bea74f6554e75f83dc8f78
CLSA-2022:1657817751
Fixed CVEs in vim: CVE-2022-2183, CVE-2022-2182, CVE-2022-2207, CVE-2022-2210
TuxCare License Agreement
0
- CVE-2022-2182: when on line zero check the column is valid for line one
- CVE-2022-2183: avoid going over the NUL at the end of the line
- CVE-2022-2207: check the cursor column is more than zero
- CVE-2022-2210: use zero offset when change removes all lines in a diff block.
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-2182: when on line zero check the column is valid for line one
- CVE-2022-2183: avoid going over the NUL at the end of the line
- CVE-2022-2207: check the cursor column is more than zero
- CVE-2022-2210: use zero offset when change removes all lines in a diff block.
0
cloudlinux-x86_64-server-6
vim-filesystem-7.4.629-5.2.el6.tuxcare.els21.x86_64.rpm
687ec1d46c3a08cfbe9e99ae98c2ef36cc018bbc
vim-X11-7.4.629-5.2.el6.tuxcare.els21.x86_64.rpm
6e436b0bd8bf7eb5557230a84ce4dd1518c9f838
vim-minimal-7.4.629-5.2.el6.tuxcare.els21.x86_64.rpm
d0dd0ebcf2490fede12b412859e5ad1cfeeb21aa
vim-common-7.4.629-5.2.el6.tuxcare.els21.x86_64.rpm
c7e9d8cf36d258b3f8cd64c1ca2474c268f95d6a
vim-enhanced-7.4.629-5.2.el6.tuxcare.els21.x86_64.rpm
f35b1c376d6c76b7b9f0fff5e87ef89989dbb7e3
CLSA-2022:1658171011
Fixed CVE-2016-10012 in openssh
TuxCare License Agreement
0
- CVE-2016-10012: re-remove pre-authentication compression and potentially
unsecure shared memory manager used by zlib
- Move not yet valid timestamps for certs to 2030-2040 range, make sure all
tests are passed and add %check
unset DISPLAY
section
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2016-10012: re-remove pre-authentication compression and potentially
unsecure shared memory manager used by zlib
- Move not yet valid timestamps for certs to 2030-2040 range, make sure all
tests are passed and add %check
unset DISPLAY
section
0
cloudlinux-x86_64-server-6
openssh-ldap-5.3p1-125.el6.tuxcare.els3.x86_64.rpm
51ede232e1d05b041514632159c982c3cb5060f8
openssh-server-5.3p1-125.el6.tuxcare.els3.x86_64.rpm
063f208a6c64ce2123c0f4c33f4088adc00cc000
openssh-askpass-5.3p1-125.el6.tuxcare.els3.x86_64.rpm
319056478ebe77049457a46976cad6be1799e432
openssh-5.3p1-125.el6.tuxcare.els3.x86_64.rpm
184b3b9e99acf6b3ccb89c923231601398bd565f
openssh-clients-5.3p1-125.el6.tuxcare.els3.x86_64.rpm
79d6f892ddb1ef952c353ad7e6879e95d618efbc
pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els3.i686.rpm
d0f19886cd4a918d11cb9fa6ffc60b6e25d6e240
pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els3.x86_64.rpm
3f27989ea61e6e9fd72210f3da92c8fa8504d9e7
CLSA-2022:1658171149
Fixed CVE-2022-31625 in php
TuxCare License Agreement
0
- ELS-189: Fix for Harden PHP
- CVE-2022-31625: Fix freeing of uninitialized memory leading to RCE
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- ELS-189: Fix for Harden PHP
- CVE-2022-31625: Fix freeing of uninitialized memory leading to RCE
0
cloudlinux-x86_64-server-6
php-recode-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
9b690745a5574daa76db0824b19c0a71d948fc10
php-snmp-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
d0a196cc8be48b4d6d8face6c24ade48812615be
php-bcmath-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
10501ee7440418608f7ccbd422c866798e4b668a
php-mysql-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
f17d1960872a28519f466fbb7fdcc169dee3f712
php-gd-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
bf6d020b01251af38790947c021dbae399a9dac5
php-fpm-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
f65769889f1a19ba8c81f624b5c0de38313a5047
php-process-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
55779371ba91830e04feff17ad8228659f9aee17
php-xml-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
677c1d256152093735c1a80697eb69490c6fb1d4
php-ldap-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
451c9a4c4b4ee43930bdcb1ea8d75682a968f79f
php-mbstring-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
cfcb1efce51ed9cfc76b0dfb0797b446b5b6bb69
php-soap-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
3278231b8b873b7d05db30a61c1a707c561ed7ba
php-xmlrpc-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
74ffb332e46b3907c9feafc005f59df52726f03c
php-zts-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
cb5ccf1ffb9a5a5d53da6c3550ea08995de5f340
php-intl-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
2603de5f92fb6b61c2a823ee407c52f77861b823
php-odbc-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
5ea098a2c12041ffb533ccc9bb2780f469faadf2
php-pdo-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
b2708bd167cf395e8ec8b2a7a62808c8b5fbe537
php-imap-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
f6dae8d7546b36f26521c3d3a47eee44e451ec9f
php-enchant-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
9c5c45666ca69698645a93d3d4fe467b5544e525
php-embedded-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
96865145df15396f6c231415c0c5e12a9ee9d179
php-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
2c42e30c3e6d46eb28b028684e741edd13502480
php-common-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
a22644851dd946f905eb6e61cf7da0fbcae41c20
php-devel-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
31bc7e3f72226e79518ddba2cc2132e767142b63
php-dba-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
ab6bfb6839d9303c699649ed77945140822d3d9f
php-pgsql-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
fc86540d653d424e24d82c8cbe5cc1a800602247
php-cli-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
1a8ff2eb128f9979d9062e2fb70af033b762a0fe
php-tidy-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
3989dedc5a40f9c46c96103cd38ec21ec2d97935
php-pspell-5.3.3-55.el6.tuxcare.els2.x86_64.rpm
2b8080026f1c1ba4070d423aa966fc265009badd
CLSA-2022:1658171278
Fixed 7 CVEs in vim
TuxCare License Agreement
0
- CVE-2022-2206: adjust cmdline_row and msg_row to the value of Rows
- CVE-2022-2284: stop visual mode when closing a window
- CVE-2022-2285: put a NUL after the typeahead
- CVE-2022-2286: check the length of the string
- CVE-2022-2287: disallow adding a word with control characters or a trailing slash
- CVE-2022-2264: adjust the end mark position
- CVE-2022-2257: check for NUL on string special values parsing
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-2206: adjust cmdline_row and msg_row to the value of Rows
- CVE-2022-2284: stop visual mode when closing a window
- CVE-2022-2285: put a NUL after the typeahead
- CVE-2022-2286: check the length of the string
- CVE-2022-2287: disallow adding a word with control characters or a trailing slash
- CVE-2022-2264: adjust the end mark position
- CVE-2022-2257: check for NUL on string special values parsing
0
cloudlinux-x86_64-server-6
vim-enhanced-7.4.629-5.2.el6.tuxcare.els22.x86_64.rpm
772851320f74f7031497825ff06106b7fd286f1e
vim-X11-7.4.629-5.2.el6.tuxcare.els22.x86_64.rpm
f83095ef0e22c229c46588b6ff575ff9d8bf5392
vim-minimal-7.4.629-5.2.el6.tuxcare.els22.x86_64.rpm
713471cd8122a5dbe07dd75b60182791d5be4cbf
vim-filesystem-7.4.629-5.2.el6.tuxcare.els22.x86_64.rpm
949c09fc3117b501ec3601ca3884d025a1d0a380
vim-common-7.4.629-5.2.el6.tuxcare.els22.x86_64.rpm
ea77477fd50ca5a86c7c985ab2b935dd76acae5c
CLSA-2022:1658347112
Fixed CVE-2015-20170 in python
TuxCare License Agreement
0
- CVE-2015-20170: mailcap: findmatch() function does not sanitise the second
argument allowing to inject shell commands
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2015-20170: mailcap: findmatch() function does not sanitise the second
argument allowing to inject shell commands
0
cloudlinux-x86_64-server-6
tkinter-2.6.6-70.el6.tuxcare.els7.x86_64.rpm
c1fe30cebeca52b10d3f47bbfa262c413dd8e0f0
python-test-2.6.6-70.el6.tuxcare.els7.x86_64.rpm
ea158bc4733fbf19e85695c31f73e899a57c9a57
python-tools-2.6.6-70.el6.tuxcare.els7.x86_64.rpm
e1e8ea00f2153657d3a0482765aac6983c0c0bcb
python-devel-2.6.6-70.el6.tuxcare.els7.x86_64.rpm
f0023f56ff2e7ec3833219621635f0143c2e33b3
python-libs-2.6.6-70.el6.tuxcare.els7.x86_64.rpm
0a76412cadf1b35c81b09a8fbceaf1de53eb8357
python-2.6.6-70.el6.tuxcare.els7.x86_64.rpm
8e9e489cfa4c546efb65c63538585f20f029f4dd
python-2.6.6-70.el6.tuxcare.els7.i686.rpm
ce5a1e0211b273bd1841aa83df89620ed2945c13
python-libs-2.6.6-70.el6.tuxcare.els7.i686.rpm
7e2d6946f4320f698d107f3d88c2e713146dc14f
python-devel-2.6.6-70.el6.tuxcare.els7.i686.rpm
f0c5586af3b3705d4147677311c185e7fd67e57e
CLSA-2022:1658853743
Fixed CVEs in vim: CVE-2022-2289, CVE-2022-2304
TuxCare License Agreement
0
- CVE-2022-2289: bail out when diff pointer is no longer valid to avoid accessing
freed memory with diff put
- CVE-2022-2304: limit the word length to avoid out of bound accesing
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-2289: bail out when diff pointer is no longer valid to avoid accessing
freed memory with diff put
- CVE-2022-2304: limit the word length to avoid out of bound accesing
0
cloudlinux-x86_64-server-6
vim-common-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm
01bba3662d5e86f2dcfbe8a080dfef0e3fe27a45
vim-X11-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm
a35712587fbff30f694c6147b08328812b0583cf
vim-enhanced-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm
94a10cdf8e8a0c18355d07b3270496b0419f94e5
vim-minimal-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm
3fbc6863631ab462c60a921472414eb7187a5e77
vim-filesystem-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm
cd7b02601348ff6196e565443d2ce5260fcc14ae
CLSA-2022:1659017902
Fixed CVE-2021-22543 in kernel
TuxCare License Agreement
0
- KVM: do not allow mapping valid but non-reference-counted pages {CVE-2021-22543}
None
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- KVM: do not allow mapping valid but non-reference-counted pages {CVE-2021-22543}
0
cloudlinux-x86_64-server-6
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els11.noarch.rpm
d129db5c73bf8f8e44abbf6bcab0687d5cde63bd
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els11.noarch.rpm
0d5300634f574740aef1c2f2cc0f6b3767886ff6
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els11.noarch.rpm
8a645071ae2cba847baad652a5ff3cd85ccb9eab
CLSA-2022:1659018147
Fixed CVE-2021-22543 in kernel
TuxCare License Agreement
0
- KVM: do not allow mapping valid but non-reference-counted pages {CVE-2021-22543}
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- KVM: do not allow mapping valid but non-reference-counted pages {CVE-2021-22543}
0
cloudlinux-x86_64-server-6
kernel-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm
254db9577d278a56dc3689dcc0ddfa27e1962153
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm
73fe0192b2ee9b54fdbdc6bc257fcc8adec3ee5c
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm
6b86ee97e43d30f536311e633ce09c42fc16db5c
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm
4f89d2179671519829ba52eb7b56a4ea7b4f9268
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els11.i686.rpm
14cc315094b67f29ca47a8c27eeb116efc698c6c
python-perf-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm
eef5564fbd8accdde196ad62d3dbec914a927ca8
perf-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm
05cf18fc8e2de1af64a190a5f1c61b218e7c3fd4
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm
b708d7e5092155e587eb408cfd065aeda0993a1e
CLSA-2022:1659638796
Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21541, CVE-2022-34169, CVE-2022-21540
TuxCare License Agreement
0
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07. That fixes following CVEs:
- CVE-2022-34169: Integer truncation issue in Xalan-J
- CVE-2022-21540: Class compilation issue
- CVE-2022-21541: Improper restriction of MethodHandle.invokeBasic()
- Update tzdata requirement to 2022a to match JDK-8283350
- Remove patch for MakeBase.gmk cause issue was fixed in sources
- Correct parameters passing to CheckVendor test
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07. That fixes following CVEs:
- CVE-2022-34169: Integer truncation issue in Xalan-J
- CVE-2022-21540: Class compilation issue
- CVE-2022-21541: Improper restriction of MethodHandle.invokeBasic()
- Update tzdata requirement to 2022a to match JDK-8283350
- Remove patch for MakeBase.gmk cause issue was fixed in sources
- Correct parameters passing to CheckVendor test
0
cloudlinux-x86_64-server-6
java-1.8.0-openjdk-src-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm
753581ab077148066ad70b2da694dd7505ef5704
java-1.8.0-openjdk-demo-debug-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm
9b2683e0a3a8c1baaaafb180c1c837024c6afec7
java-1.8.0-openjdk-src-debug-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm
27227b0e2753bd80cc42537d111fef38ceeefcac
java-1.8.0-openjdk-javadoc-1.8.0.342.b07-1.el6.tuxcare.els1.noarch.rpm
939a2a5ee4228d13419ac3d84556bc8af12f6cb9
java-1.8.0-openjdk-javadoc-debug-1.8.0.342.b07-1.el6.tuxcare.els1.noarch.rpm
91e35ac540c042aa6752d99afc2f47c57b05d478
java-1.8.0-openjdk-headless-debug-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm
3b167ce70b8299f717e8499e29d5ee557e603395
java-1.8.0-openjdk-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm
86437d9b8fa03b9f6a2624d70682c55eb95203b7
java-1.8.0-openjdk-devel-debug-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm
1b099ae012966f843aee1ea41c17c113f0a1317e
java-1.8.0-openjdk-devel-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm
74394511328723eb2802524f87a855551835a4d0
java-1.8.0-openjdk-debug-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm
50a36839e4f91c9a2cf41b522cc41f39e3a7c286
java-1.8.0-openjdk-demo-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm
bdb9ecfde6b9047b427e117c11d9b938d9121df0
java-1.8.0-openjdk-headless-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm
66fe5a7d02d1f4de2016c9494095c847571b5a27
CLSA-2022:1659638964
Fixed CVE-2021-21702 in php
TuxCare License Agreement
0
- CVE-2021-21702: Fix null pointer dereference in Soap Client
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2021-21702: Fix null pointer dereference in Soap Client
0
cloudlinux-x86_64-server-6
php-zts-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
e2fa55a8bff556ce1191f6420f08593b053e9956
php-xmlrpc-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
3e1b582950b6aece2444a61aa18d4240a2797400
php-process-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
ff34aaf2fcc709bb744e10cd02d5936075907898
php-gd-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
913ceb6de4838ed023fffef1fa8f888ad41439c4
php-common-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
da485fc69b386e523c2e64def8b646a0de119be5
php-ldap-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
33510f916efcf85d165472ae7ff38801a3577e45
php-pdo-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
3f6d63a67fe5fe0da2b7587246d58b3857729c32
php-tidy-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
2cb4d10dab16967f8fda237d74434b3c69fca47e
php-pgsql-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
0c0427a8832718efdfdff22a38faebe5b7d223a0
php-dba-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
0caa0fa5864f6194042177bf5a5eda486ff9b5ad
php-intl-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
3e35d2959b29aeb502404bc8994a4be3c0453269
php-bcmath-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
1a5ef1f4418f8ed60c27d42cfab1a4ab0736770e
php-imap-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
c541a6ef58caad845166505a1ee87db52cd4d410
php-recode-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
56523f1c217da0a681c569869be8488c3824aec9
php-mysql-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
9edee0924f1152ff3ab6dc81bdf0bac79a4287c5
php-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
b7f7ff3e8df5760907e78dccd0eb81fbb1941d16
php-odbc-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
c6a3fefde3dc7db29039ba9d6c91d1d8e0a97060
php-cli-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
3166038be21f0bd20b7f7113afe535906971910f
php-soap-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
5dfc3f8cd580c892681abff4d331d3d963650e55
php-mbstring-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
55870a3bad92cc7d405b0d81366cdc5bfaa56801
php-enchant-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
ebd0ea286a6b7c96fd088b6e712397d73995cf63
php-devel-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
e91f2d59aef5940e72b962c37c7ac66d9596e4c5
php-embedded-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
6d871c2595b62977f6facdf4321b776ee9f2a68d
php-xml-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
6f04a02ca94a94f7e30e62904d5692b0624dc7b8
php-snmp-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
263c38b43500d3f66d9dab0451db2716cdd9486a
php-pspell-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
6e3b33a72893062b72721fe1c076f37c83587702
php-fpm-5.3.3-55.el6.tuxcare.els3.x86_64.rpm
449b377e7705fd1d35072e7ea2f6ecb75ae21d62
CLSA-2022:1659639100
Fixed CVEs in vim: CVE-2022-2345, CVE-2022-2344, CVE-2022-2343, CVE-2022-2522
TuxCare License Agreement
0
- CVE-2022-2345: fix using freed memory with recursive substitute
- CVE-2022-2344: fix reading past end of completion with duplicate match
- CVE-2022-2343: fix reading past end of completion with a long line and 'infercase'
set
- CVE-2022-2522: fix accessing uninitialized memory when completing long line
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-2345: fix using freed memory with recursive substitute
- CVE-2022-2344: fix reading past end of completion with duplicate match
- CVE-2022-2343: fix reading past end of completion with a long line and 'infercase'
set
- CVE-2022-2522: fix accessing uninitialized memory when completing long line
0
cloudlinux-x86_64-server-6
vim-enhanced-7.4.629-5.2.el6.tuxcare.els24.x86_64.rpm
3241d2958059504a1ed23fbb1170319d36de9826
vim-minimal-7.4.629-5.2.el6.tuxcare.els24.x86_64.rpm
36fce227263ca61027138f66439f852cda981a30
vim-common-7.4.629-5.2.el6.tuxcare.els24.x86_64.rpm
9164e7d8e70b9fb916f2fd23b389880d43707871
vim-X11-7.4.629-5.2.el6.tuxcare.els24.x86_64.rpm
bd2ee57511a2aff873323056eea6980c5008ed76
vim-filesystem-7.4.629-5.2.el6.tuxcare.els24.x86_64.rpm
d756ebac5188db285a6b2b1c5ff6d16a558dd4d1
CLSA-2022:1660761670
Fixed CVEs in exim: CVE-2022-37451, CVE-2022-37452
TuxCare License Agreement
0
- CVE-2022-37452: fix heap-based buffer overflow for the alias list in
host_name_lookup()
- CVE-2022-37451: fix invalid free in pam_converse()
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-37452: fix heap-based buffer overflow for the alias list in
host_name_lookup()
- CVE-2022-37451: fix invalid free in pam_converse()
0
cloudlinux-x86_64-server-6
exim-mysql-4.92.3-3.el6.tuxcare.els2.x86_64.rpm
e01b2af2bf1cc1cf80d702738d86719d04795556
exim-greylist-4.92.3-3.el6.tuxcare.els2.x86_64.rpm
0fd564c8327b1d633e7f7b59a4da3f5746f51786
exim-4.92.3-3.el6.tuxcare.els2.x86_64.rpm
50df8f4911707dc32c573c8d12aeac88187ecbc5
exim-pgsql-4.92.3-3.el6.tuxcare.els2.x86_64.rpm
ef7a571125d596d29f12448ffa5dc1b54256cb07
exim-mon-4.92.3-3.el6.tuxcare.els2.x86_64.rpm
00c54aad90e26a7268ee78c35726769fac20e1c1
CLSA-2022:1660761947
Fixed CVE-2022-29154 in rsync
TuxCare License Agreement
0
- CVE-2022-29154: fix arbitrary file write vulnerability via malicious rysnc
server (MITM attack)
- Add '%check
unset DISPLAY
' section but disable broken 'daemon' and 'hardlinks' tests
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-29154: fix arbitrary file write vulnerability via malicious rysnc
server (MITM attack)
- Add '%check
unset DISPLAY
' section but disable broken 'daemon' and 'hardlinks' tests
0
cloudlinux-x86_64-server-6
rsync-3.0.6-12.el6.tuxcare.els2.x86_64.rpm
939ddf8471070f75269a1adcad2afc3fefdfd5ea
CLSA-2022:1660762053
Fixed CVE-2022-37434 in zlib
TuxCare License Agreement
0
- CVE-2022-37434: fix possible buffer overflow when getting a gzip header extra field
with inflate()
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-37434: fix possible buffer overflow when getting a gzip header extra field
with inflate()
0
cloudlinux-x86_64-server-6
zlib-devel-1.2.3-29.el6.tuxcare.els2.x86_64.rpm
3b7ac60f9445a6db50ff463f6543743671a36cf5
minizip-devel-1.2.3-29.el6.tuxcare.els2.x86_64.rpm
e7dd28277d911e0a98e0d6402f242478ead43f3e
zlib-1.2.3-29.el6.tuxcare.els2.i686.rpm
b9b4bb2258dad2f7202f4770d7f91645441a4a20
minizip-devel-1.2.3-29.el6.tuxcare.els2.i686.rpm
f012a3738df7f973b6055c1cde14614bd7ecfb9e
minizip-1.2.3-29.el6.tuxcare.els2.x86_64.rpm
526b1892f2abe5ef669068fe502f7b008c85c143
zlib-1.2.3-29.el6.tuxcare.els2.x86_64.rpm
a86c10f1454ffab62b42a32a1711afa9f01bacdf
zlib-devel-1.2.3-29.el6.tuxcare.els2.i686.rpm
37b05e95c96e738c9bac25d376525b0d0c64bcfa
minizip-1.2.3-29.el6.tuxcare.els2.i686.rpm
19fabf9a06cb76ab50b03479c0d372089c72666b
zlib-static-1.2.3-29.el6.tuxcare.els2.x86_64.rpm
acb705d844f1858ba6b480716416f787808dd51b
CLSA-2022:1660762248
Fixed 13 CVEs in expat
TuxCare License Agreement
0
- CVE-2022-25236: Fix insertion of namespace-separator characters into
namespace URIs
- CVE-2022-25235: Fix malformed UTF-8 sequences which can lead to
arbitrary code execution
- CVE-2022-25315: Fix integer overflow in storeRawNames()
- CVE-2022-22822: Fix integer overflow in addBinding()
- CVE-2022-22823: Fix integer overflow in build_model()
- CVE-2022-22824: Fix integer overflow in defineAttribute()
- CVE-2022-22825: Fix integer overflow in lookup()
- CVE-2022-22826: Fix integer overflow in nextScaffoldPart()
- CVE-2022-22827: Fix integer overflow in storeAtts()
- CVE-2022-23852: Fix integer overflow in XML_GetBuffer()
- CVE-2021-46143: Fix integer overflow on m_groupSize in doProlog()
- CVE-2021-45960: Fix troublesome left shifts in storeAtts()
- CVE-2022-23990: Fix integer overflow in doProlog()
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-25236: Fix insertion of namespace-separator characters into
namespace URIs
- CVE-2022-25235: Fix malformed UTF-8 sequences which can lead to
arbitrary code execution
- CVE-2022-25315: Fix integer overflow in storeRawNames()
- CVE-2022-22822: Fix integer overflow in addBinding()
- CVE-2022-22823: Fix integer overflow in build_model()
- CVE-2022-22824: Fix integer overflow in defineAttribute()
- CVE-2022-22825: Fix integer overflow in lookup()
- CVE-2022-22826: Fix integer overflow in nextScaffoldPart()
- CVE-2022-22827: Fix integer overflow in storeAtts()
- CVE-2022-23852: Fix integer overflow in XML_GetBuffer()
- CVE-2021-46143: Fix integer overflow on m_groupSize in doProlog()
- CVE-2021-45960: Fix troublesome left shifts in storeAtts()
- CVE-2022-23990: Fix integer overflow in doProlog()
0
cloudlinux-x86_64-server-6
expat-devel-2.0.1-13.el6_8.tuxcare.els1.x86_64.rpm
dfe2668d2bf1bf611e9f55629380af7dd2cf7547
expat-2.0.1-13.el6_8.tuxcare.els1.x86_64.rpm
48223a82ba1acc85408c6d8a544df8fb097e123b
expat-2.0.1-13.el6_8.tuxcare.els1.i686.rpm
f303b453eaff6adb0abeb69addadaa3ab3fd044d
expat-devel-2.0.1-13.el6_8.tuxcare.els1.i686.rpm
b07248fbd97219570a8a55900f113e5c0af2dc5f
CLSA-2022:1660762683
Fixed CVE-2022-2581 in vim
TuxCare License Agreement
0
- CVE-2022-2581: fix illegal memory access when pattern starts with illegal byte
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-2581: fix illegal memory access when pattern starts with illegal byte
0
cloudlinux-x86_64-server-6
vim-X11-7.4.629-5.2.el6.tuxcare.els25.x86_64.rpm
cd6c0eba6940fb2e1ed8dd24ac337b668542e617
vim-filesystem-7.4.629-5.2.el6.tuxcare.els25.x86_64.rpm
2ea42972d59257df77a3afd5e84a65f0538da457
vim-enhanced-7.4.629-5.2.el6.tuxcare.els25.x86_64.rpm
f2afc1202c289947f4e03f5ba84f86f068b51f27
vim-common-7.4.629-5.2.el6.tuxcare.els25.x86_64.rpm
5db6e7d2f7c6499c94ca78b0c5b2cfa733aabfc5
vim-minimal-7.4.629-5.2.el6.tuxcare.els25.x86_64.rpm
fd424bacca3a72c6d5e3be4e4fe9ecf080b6cdfd
CLSA-2022:1661176564
Fixed 50 CVEs in java-1.7.0-openjdk
TuxCare License Agreement
0
- Bump to 2.6.28 and OpenJDK 7u351-b01.
- Security fixes in 7u351:
- CVE-2022-21540: Improve class compilation (JDK-8281859)
- CVE-2022-21541: Enhance MethodHandle invocations (JDK-8281866)
- CVE-2022-34169: Improve Xalan supports (JDK-8285407)
- Security fixes in 7u341:
- CVE-2022-21426: Better XPath expression handling (JDK-8270504)
- CVE-2022-21434: Better invocation handler handling (JDK-8277672)
- CVE-2022-21443: Improved Object Identification (JDK-8275151)
- CVE-2022-21476: Improve Santuario processing (JDK-8278008)
- CVE-2022-21496: Improve URL supports (JDK-8278972)
- Security fixes in 7u331:
- CVE-2022-21248: Enhance cross VM serialization (JDK-8264934)
- CVE-2022-21282: Better resolution of URIs (JDK-8270492)
- CVE-2022-21283: Better String matching (JDK-8268813)
- CVE-2022-21293: Improve String constructions (JDK-8270392)
- CVE-2022-21294: Enhance construction of Identity maps (JDK-8270416)
- CVE-2022-21296: Improve SAX Parser configuration management (JDK-8270498)
- CVE-2022-21299: Improved scanning of XML entities (JDK-8270646)
- CVE-2022-21305: Better array indexing (JDK-8272014)
- CVE-2022-21340: Verify Jar Verification (JDK-8272026)
- CVE-2022-21341: Improve serial forms for transport (JDK-8272236)
- CVE-2022-21349: Improve Solaris font rendering (JDK-8273748)
- CVE-2022-21360: Enhance BMP image support (JDK-8273756)
- CVE-2022-21365: Enhanced BMP processing (JDK-8273838)
- Security fixes in 7u321:
- CVE-2021-35550: Update the default enabled cipher suites preference
(JDK-8163326)
- CVE-2021-35556: Richer Text Editors (JDK-8265167)
- CVE-2021-35559: Enhanced style for RTF kit (JDK-8265580)
- CVE-2021-35561: Better hashing support (JDK-8266097)
- CVE-2021-35564: Improve Keystore integrity (JDK-8266137)
- CVE-2021-35565: com.sun.net.HttpsServer spins on TLS session close
(JDK-8254967)
- CVE-2021-35586: Better BMP support (JDK-8267735)
- CVE-2021-35588: InnerClasses: VM permits wrong Throw ClassFormatError if
InnerClasses attribute's inner_class_info_index is 0 (JDK-8130183)
- CVE-2021-35603: Better session identification (JDK-8269618)
- Security fixes in 7u311:
- CVE-2021-2341: Improve file transfers (JDK-8258432)
- CVE-2021-2369: Better jar file validation (JDK-8260967)
- CVE-2021-2432: Provide better LDAP provider support (JDK-8267412)
- Security fixes in 7u301:
- CVE-2021-2161: Less ambiguous processing (JDK-8250568)
- CVE-2021-2163: Enhance opening JARs (JDK-8249906)
- Security fixes in 7u281:
- CVE-2020-14779: Enhance support of Proxy class (JDK-8236862)
- CVE-2020-14781: Enhanced LDAP contexts (JDK-8237990)
- CVE-2020-14782: Enhance certificate processing (JDK-8237995)
- CVE-2020-14792: Better range handling (JDK-8241114)
- CVE-2020-14796: Improved URI Support (JDK-8242680)
- CVE-2020-14797: Better Path Validation (JDK-8242685)
- CVE-2020-14798: Enhanced buffer support (JDK-8242695)
- CVE-2020-14803: Improved Buffer supports (JDK-8244136)
- Security fixes in 7u271:
- CVE-2020-14577: Enhance certificate verification (JDK-8237592)
- CVE-2020-14578: NegativeArraySizeException in
sun.security.util.DerInputStream.getUnalignedBitString() (JDK-8028591)
- CVE-2020-14579: NullPointerException in DerValue.equals(DerValue)
(JDK-8028431)
- CVE-2020-14581: Better matrix operations (JDK-8238002)
- CVE-2020-14583: Better Buffer support (JDK-8238920)
- CVE-2020-14593: Less Affine Transformations (JDK-8240119)
- CVE-2020-14621: Better XML namespace handling (JDK-8242136)
- Update tzdata requirement to 2022a to match JDK-8283350
- Update NEWS from IcedTea
- Adjust jdk8076221-pr2809-disable_rc4_cipher_suites.patch to apply after
bump OpenJDK version
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- Bump to 2.6.28 and OpenJDK 7u351-b01.
- Security fixes in 7u351:
- CVE-2022-21540: Improve class compilation (JDK-8281859)
- CVE-2022-21541: Enhance MethodHandle invocations (JDK-8281866)
- CVE-2022-34169: Improve Xalan supports (JDK-8285407)
- Security fixes in 7u341:
- CVE-2022-21426: Better XPath expression handling (JDK-8270504)
- CVE-2022-21434: Better invocation handler handling (JDK-8277672)
- CVE-2022-21443: Improved Object Identification (JDK-8275151)
- CVE-2022-21476: Improve Santuario processing (JDK-8278008)
- CVE-2022-21496: Improve URL supports (JDK-8278972)
- Security fixes in 7u331:
- CVE-2022-21248: Enhance cross VM serialization (JDK-8264934)
- CVE-2022-21282: Better resolution of URIs (JDK-8270492)
- CVE-2022-21283: Better String matching (JDK-8268813)
- CVE-2022-21293: Improve String constructions (JDK-8270392)
- CVE-2022-21294: Enhance construction of Identity maps (JDK-8270416)
- CVE-2022-21296: Improve SAX Parser configuration management (JDK-8270498)
- CVE-2022-21299: Improved scanning of XML entities (JDK-8270646)
- CVE-2022-21305: Better array indexing (JDK-8272014)
- CVE-2022-21340: Verify Jar Verification (JDK-8272026)
- CVE-2022-21341: Improve serial forms for transport (JDK-8272236)
- CVE-2022-21349: Improve Solaris font rendering (JDK-8273748)
- CVE-2022-21360: Enhance BMP image support (JDK-8273756)
- CVE-2022-21365: Enhanced BMP processing (JDK-8273838)
- Security fixes in 7u321:
- CVE-2021-35550: Update the default enabled cipher suites preference
(JDK-8163326)
- CVE-2021-35556: Richer Text Editors (JDK-8265167)
- CVE-2021-35559: Enhanced style for RTF kit (JDK-8265580)
- CVE-2021-35561: Better hashing support (JDK-8266097)
- CVE-2021-35564: Improve Keystore integrity (JDK-8266137)
- CVE-2021-35565: com.sun.net.HttpsServer spins on TLS session close
(JDK-8254967)
- CVE-2021-35586: Better BMP support (JDK-8267735)
- CVE-2021-35588: InnerClasses: VM permits wrong Throw ClassFormatError if
InnerClasses attribute's inner_class_info_index is 0 (JDK-8130183)
- CVE-2021-35603: Better session identification (JDK-8269618)
- Security fixes in 7u311:
- CVE-2021-2341: Improve file transfers (JDK-8258432)
- CVE-2021-2369: Better jar file validation (JDK-8260967)
- CVE-2021-2432: Provide better LDAP provider support (JDK-8267412)
- Security fixes in 7u301:
- CVE-2021-2161: Less ambiguous processing (JDK-8250568)
- CVE-2021-2163: Enhance opening JARs (JDK-8249906)
- Security fixes in 7u281:
- CVE-2020-14779: Enhance support of Proxy class (JDK-8236862)
- CVE-2020-14781: Enhanced LDAP contexts (JDK-8237990)
- CVE-2020-14782: Enhance certificate processing (JDK-8237995)
- CVE-2020-14792: Better range handling (JDK-8241114)
- CVE-2020-14796: Improved URI Support (JDK-8242680)
- CVE-2020-14797: Better Path Validation (JDK-8242685)
- CVE-2020-14798: Enhanced buffer support (JDK-8242695)
- CVE-2020-14803: Improved Buffer supports (JDK-8244136)
- Security fixes in 7u271:
- CVE-2020-14577: Enhance certificate verification (JDK-8237592)
- CVE-2020-14578: NegativeArraySizeException in
sun.security.util.DerInputStream.getUnalignedBitString() (JDK-8028591)
- CVE-2020-14579: NullPointerException in DerValue.equals(DerValue)
(JDK-8028431)
- CVE-2020-14581: Better matrix operations (JDK-8238002)
- CVE-2020-14583: Better Buffer support (JDK-8238920)
- CVE-2020-14593: Less Affine Transformations (JDK-8240119)
- CVE-2020-14621: Better XML namespace handling (JDK-8242136)
- Update tzdata requirement to 2022a to match JDK-8283350
- Update NEWS from IcedTea
- Adjust jdk8076221-pr2809-disable_rc4_cipher_suites.patch to apply after
bump OpenJDK version
0
cloudlinux-x86_64-server-6
java-1.7.0-openjdk-devel-1.7.0.351-2.6.28.0.el6.tuxcare.els1.x86_64.rpm
4b9df5509ae76e05823a5724def99477f2bbdafe
java-1.7.0-openjdk-src-1.7.0.351-2.6.28.0.el6.tuxcare.els1.x86_64.rpm
81e862622d761805e10c631c88f1dc16410602c8
java-1.7.0-openjdk-1.7.0.351-2.6.28.0.el6.tuxcare.els1.x86_64.rpm
4c3bdb72aa6b41e273279223bbbbeab2d55ff2e9
java-1.7.0-openjdk-demo-1.7.0.351-2.6.28.0.el6.tuxcare.els1.x86_64.rpm
abb4b23926196713c3ef4244776918279855140e
java-1.7.0-openjdk-javadoc-1.7.0.351-2.6.28.0.el6.tuxcare.els1.noarch.rpm
2ac07bc0dd1144ee0bd708003eb63a71c03c7a0e
CLSA-2022:1661442764
Fixed CVEs in vim: CVE-2022-2845, CVE-2022-2849
TuxCare License Agreement
0
- CVE-2022-2849: fix invalid memory access with for loop over NULL string
- CVE-2022-2845: fix reading before the start of the line
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-2849: fix invalid memory access with for loop over NULL string
- CVE-2022-2845: fix reading before the start of the line
0
cloudlinux-x86_64-server-6
vim-minimal-7.4.629-5.2.el6.tuxcare.els26.x86_64.rpm
8404bf3df4a58b57c4b995ffbe6851228399ca39
vim-enhanced-7.4.629-5.2.el6.tuxcare.els26.x86_64.rpm
fef9c4242c7b1ed6a33a10a54451ab1828b62294
vim-common-7.4.629-5.2.el6.tuxcare.els26.x86_64.rpm
b30e82a37b3c2bd733797f185244fecfe5931139
vim-X11-7.4.629-5.2.el6.tuxcare.els26.x86_64.rpm
7e441b1ca91573f98efbb8664cc3e666f8f65bce
vim-filesystem-7.4.629-5.2.el6.tuxcare.els26.x86_64.rpm
5a56aa6eeb8dda9c8584cfb3f6caac144c06abf1
CLSA-2022:1661442999
Fixed CVE-2022-37434 in rsync
TuxCare License Agreement
0
- CVE-2022-37434: fix possible buffer overflow when getting a gzip header extra field
with inflate()
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-37434: fix possible buffer overflow when getting a gzip header extra field
with inflate()
0
cloudlinux-x86_64-server-6
rsync-3.0.6-12.el6.tuxcare.els3.x86_64.rpm
b7e244509a36587147c4c4ab4d327a95bda25a41
CLSA-2022:1662658348
Fixed CVE-2022-29154 in rsync
TuxCare License Agreement
0
- CVE-2022-29154: fix arbitrary file write vulnerability via malicious rsync
server (MITM attack), refactoring
- fix test-system components, enable 'daemon' and 'hardlinks' tests
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-29154: fix arbitrary file write vulnerability via malicious rsync
server (MITM attack), refactoring
- fix test-system components, enable 'daemon' and 'hardlinks' tests
0
cloudlinux-x86_64-server-6
rsync-3.0.6-12.el6.tuxcare.els4.x86_64.rpm
e3aa484231e9ff02c3313f6db2e2c571d387cb5f
CLSA-2022:1663173256
Fixed CVE-2022-28614 in httpd
TuxCare License Agreement
0
- CVE-2022-28614: fix out-of-bounds read via ap_rwrite()
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-28614: fix out-of-bounds read via ap_rwrite()
0
cloudlinux-x86_64-server-6
httpd-tools-2.2.15-72.el6.tuxcare.els6.x86_64.rpm
16cd6fa15bd813ca764c199799de92bc327fc258
httpd-manual-2.2.15-72.el6.tuxcare.els6.noarch.rpm
37d11003c92a015a7c6b0ce9af22278d1e3e8ae4
httpd-devel-2.2.15-72.el6.tuxcare.els6.x86_64.rpm
6f10fc7dfb42779c85167f733f7571a5e80fe5a1
httpd-2.2.15-72.el6.tuxcare.els6.x86_64.rpm
2f9c7e2e6376cab524e001337eb9999e429df928
mod_ssl-2.2.15-72.el6.tuxcare.els6.x86_64.rpm
4cca664f4e0a86f78ba9a757e6f0a2b6e65927da
httpd-devel-2.2.15-72.el6.tuxcare.els6.i686.rpm
9a76eb55d69e83ceda5d10e9b64dd8d4fd29e0d7
CLSA-2022:1663591920
Fixed CVE-2022-28614 in httpd
TuxCare License Agreement
0
- CVE-2022-28614: fix out-of-bounds read via ap_rwrite(), refactoring
Moderate
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-28614: fix out-of-bounds read via ap_rwrite(), refactoring
0
cloudlinux-x86_64-server-6
mod_ssl-2.2.15-72.el6.tuxcare.els7.x86_64.rpm
543031dd8e03cb52b0ff07666d584161b788e9b1
httpd-devel-2.2.15-72.el6.tuxcare.els7.x86_64.rpm
79b03f6d08639d64d2df2b82e25c1813cc02b7fb
httpd-tools-2.2.15-72.el6.tuxcare.els7.x86_64.rpm
a2bbc2de66e5d94520257701ab9b873505a5fa34
httpd-manual-2.2.15-72.el6.tuxcare.els7.noarch.rpm
1ae44fc6c7f7d8b5026af6eb27abc3955823e49c
httpd-devel-2.2.15-72.el6.tuxcare.els7.i686.rpm
ff5bd251f6001360331f721ed49cf523ec16d142
httpd-2.2.15-72.el6.tuxcare.els7.x86_64.rpm
3e7faca5be5e2fd0e8cfeecaabe5715d67f9120b
CLSA-2022:1664193203
Fixed CVE-2022-40674 in expat
TuxCare License Agreement
0
- CVE-2022-40674: Ensure raw tagnames are safe exiting
internalEntityParser
- fix tests leak
- fix xmlparse leak
Critical
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-40674: Ensure raw tagnames are safe exiting
internalEntityParser
- fix tests leak
- fix xmlparse leak
0
cloudlinux-x86_64-server-6
expat-devel-2.0.1-13.el6_8.tuxcare.els2.x86_64.rpm
c17f0f6e1afe403cf23eeded16d23dc9ec3d57e3
expat-2.0.1-13.el6_8.tuxcare.els2.x86_64.rpm
df692233ec1f07422a8fb78a52a3023302775d1d
expat-2.0.1-13.el6_8.tuxcare.els2.i686.rpm
05c562ce10a17b3df356c58fab7a884cd6e10b97
expat-devel-2.0.1-13.el6_8.tuxcare.els2.i686.rpm
006b6a955d52ac5754c5bbf9ca6bbf52ca58b93e
CLSA-2022:1664476383
Fixed CVE-2022-3256 in vim
TuxCare License Agreement
0
- CVE-2022-3256: copy the mark before editing another buffer
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-3256: copy the mark before editing another buffer
0
cloudlinux-x86_64-server-6
vim-filesystem-7.4.629-5.2.el6.tuxcare.els30.x86_64.rpm
4c11ce96154183fa9ac8fb7f4998e71f1dbe6392
vim-enhanced-7.4.629-5.2.el6.tuxcare.els30.x86_64.rpm
59d06b0f4454f97e581d41c7acf0d7561a1c2ba4
vim-X11-7.4.629-5.2.el6.tuxcare.els30.x86_64.rpm
737168bc7f82f5397131926033b0dcbed23803fe
vim-common-7.4.629-5.2.el6.tuxcare.els30.x86_64.rpm
f261524cda998d0524b304d811f3737c557c9a03
vim-minimal-7.4.629-5.2.el6.tuxcare.els30.x86_64.rpm
097d2c7f215764bde621b1a0b53b99a041772428
CLSA-2022:1664476612
Fixed CVE-2022-2795 in bind
TuxCare License Agreement
0
- CVE-2022-2795: fix possible resolver performance degradation when processing large delegations
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-2795: fix possible resolver performance degradation when processing large delegations
0
cloudlinux-x86_64-server-6
bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els6.x86_64.rpm
ddc8b1d5e2e3e0d410976665e3f66da580ece252
bind-9.8.2-0.68.rc1.el6.11.tuxcare.els6.x86_64.rpm
41414c689589f5a7cc9a31d5c0acdcfd06d470b2
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els6.i686.rpm
d5a77f6d84b6d65af0fabc0205964c4c3dc81cd6
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els6.x86_64.rpm
d28df6d46002b7045e69099e0ca6ba5498563c91
bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els6.x86_64.rpm
853e8a2b2c0aa1339d3d7ab2ab37a50ff36510f6
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els6.i686.rpm
7b7977a59d444e26f810565e43be58bc5116492f
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els6.x86_64.rpm
bce1d7d7de2c0bf4b54c0e6ab1ebb8f86609a235
bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els6.x86_64.rpm
9e552df5926c8c2ce03e05aea1869fe0f1ccdd74
CLSA-2022:1665428177
Fixed CVEs in sqlite: CVE-2020-35525, CVE-2020-13435
TuxCare License Agreement
0
- CVE-2020-13435: add a code that tries to prevent a recurrence of
problems
- CVE-2020-35525: a potential null pointer dereference was fixed
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2020-13435: add a code that tries to prevent a recurrence of
problems
- CVE-2020-35525: a potential null pointer dereference was fixed
0
cloudlinux-x86_64-server-6
sqlite-devel-3.6.20-1.el6_7.2.tuxcare.els1.x86_64.rpm
b55f053f19c0c48e204601d241d95a7f70a4c47e
sqlite-tcl-3.6.20-1.el6_7.2.tuxcare.els1.x86_64.rpm
7da56a0666d00aea76493b440eee769d4a5b983a
sqlite-3.6.20-1.el6_7.2.tuxcare.els1.x86_64.rpm
26073a0f0c45976ac7aa8bad85e739e1021a91e0
sqlite-devel-3.6.20-1.el6_7.2.tuxcare.els1.i686.rpm
3b1ddc8b7d768d548006205904b2c33fcb891247
sqlite-doc-3.6.20-1.el6_7.2.tuxcare.els1.x86_64.rpm
efae06e94b72b70e395793fa7bebff669fbe1cf7
sqlite-3.6.20-1.el6_7.2.tuxcare.els1.i686.rpm
ac673cf5e91e577555f50fa6b785ea7c21896c44
lemon-3.6.20-1.el6_7.2.tuxcare.els1.x86_64.rpm
155baf072084ff529c017e687b7cb8e58ba4261d
CLSA-2022:1665501369
Fixed CVE-2022-41318 in squid
TuxCare License Agreement
0
- CVE-2022-41318: Fix buffer-over-read in SSPI and SMB authentication
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-41318: Fix buffer-over-read in SSPI and SMB authentication
0
cloudlinux-x86_64-server-6
squid-3.1.23-30.el6.tuxcare.els7.x86_64.rpm
63d5c81cffbbe5ace1eac6c2a7f77267e4d0f49e
CLSA-2022:1665501511
Fixed CVE-2022-41318 in squid34
TuxCare License Agreement
0
- CVE-2022-41318: Fix buffer-over-read in SSPI and SMB authentication
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-41318: Fix buffer-over-read in SSPI and SMB authentication
0
cloudlinux-x86_64-server-6
squid34-3.4.14-16.el6.tuxcare.els2.x86_64.rpm
43155b3b9f3670de63573fa1a9218794a65c8518
CLSA-2022:1665680212
Fixed CVEs in vim: CVE-2022-3296, CVE-2022-3324
TuxCare License Agreement
0
- CVE-2022-3296: check CSF_TRY can be found
- CVE-2022-3324: make sure the window width does not become negative
Important
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the CLN.
- CVE-2022-3296: check CSF_TRY can be found
- CVE-2022-3324: make sure the window width does not become negative
0
cloudlinux-x86_64-server-6
vim-common-7.4.629-5.2.el6.tuxcare.els31.x86_64.rpm
391bf84fa3c0c66c0ac0cdc5b16113afea81a6cf
vim-filesystem-7.4.629-5.2.el6.tuxcare.els31.x86_64.rpm
91866aed5409e34239ccfbae4704ffaa876a5cf1
vim-minimal-7.4.629-5.2.el6.tuxcare.els31.x86_64.rpm
c4a788fb6a80ce44d15e5c5ddea3e51b5cbd586d
vim-enhanced-7.4.629-5.2.el6.tuxcare.els31.x86_64.rpm
a1fdf325828ad8658873100f757b4d6ab5aaf0cc
vim-X11-7.4.629-5.2.el6.tuxcare.els31.x86_64.rpm
3fdcc7bfe446aba86a0bb0d74c549109ed6da531
CLSA-2022:1667493762
expat: Fix of CVE-2022-43680
TuxCare License Agreement
0
- CVE-2022-43680: Fix overeager DTD destruction
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-43680: Fix overeager DTD destruction
0
tuxcare-centos6-els
expat-2.0.1-13.el6_8.tuxcare.els3.i686.rpm
688f87da4716ab6dd02d84026250a2587c0a134a
expat-2.0.1-13.el6_8.tuxcare.els3.x86_64.rpm
b459dc47b2d2f9f8245728d66fdba65fa2c29bdf
expat-devel-2.0.1-13.el6_8.tuxcare.els3.i686.rpm
4de206c8fdc9a332ab32857c52ce8d8de30b7683
expat-devel-2.0.1-13.el6_8.tuxcare.els3.x86_64.rpm
a42279f206f123e499afe79de3f712ed7092fd03
CLSA-2022:1668120434
perl: Fix of CVE-2020-16156
TuxCare License Agreement
0
- CVE-2020-16156: recognize CANNOT_VERIFY signature verification type
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-16156: recognize CANNOT_VERIFY signature verification type
0
tuxcare-centos6-els
perl-5.10.1-146.el6.tuxcare.els4.x86_64.rpm
cb3dfacf8b233e8a3194f133f6bd711b9e6026c0
perl-Archive-Extract-0.38-146.el6.tuxcare.els4.x86_64.rpm
3c5e30913b9e58adab60dd5a68eec00d57987163
perl-Archive-Tar-1.58-146.el6.tuxcare.els4.x86_64.rpm
3dcce35200e380938a31e5d8b249f2e7388f0d19
perl-CGI-3.51-146.el6.tuxcare.els4.x86_64.rpm
b8ef0ba60a034039ee70fd33032ff009a79d071c
perl-CPAN-1.9402-146.el6.tuxcare.els4.x86_64.rpm
e01f4049ae776673b7bbfc6813541e53deabeb1b
perl-CPANPLUS-0.88-146.el6.tuxcare.els4.x86_64.rpm
22afb55ae2ce8dd5f48e22bd385f55f66d672b9a
perl-Compress-Raw-Bzip2-2.021-146.el6.tuxcare.els4.x86_64.rpm
d6afaa0a78576cbea0bcd256f2ba274bd7aef5f7
perl-Compress-Raw-Zlib-2.021-146.el6.tuxcare.els4.x86_64.rpm
c340d4d9eb2413cc74970578f73bc0e21f60a21a
perl-Compress-Zlib-2.021-146.el6.tuxcare.els4.x86_64.rpm
7d0918f86e33bdff66d1b814ec2af9a494c35e49
perl-Digest-SHA-5.47-146.el6.tuxcare.els4.x86_64.rpm
554935a691cda0fc549dea5270d1ff01326338db
perl-ExtUtils-CBuilder-0.27-146.el6.tuxcare.els4.x86_64.rpm
3da6eab3b2060fd7264f7c476d1e2b8bd0851f92
perl-ExtUtils-Embed-1.28-146.el6.tuxcare.els4.x86_64.rpm
89f209445f9fe101be3c495824a9521169c9677c
perl-ExtUtils-MakeMaker-6.55-146.el6.tuxcare.els4.x86_64.rpm
5468a1a4b484c4fd181d69b1c073dab389f5d106
perl-ExtUtils-ParseXS-2.2003.0-146.el6.tuxcare.els4.x86_64.rpm
4aeef4ba0a0ed72fb060817326a8d49f21280407
perl-File-Fetch-0.26-146.el6.tuxcare.els4.x86_64.rpm
ccbd8141582e05f35842f14be5831866f965c8a7
perl-IO-Compress-Base-2.021-146.el6.tuxcare.els4.x86_64.rpm
f6709e7cd74c21b417bd4f99a54bed1600f09a3f
perl-IO-Compress-Bzip2-2.021-146.el6.tuxcare.els4.x86_64.rpm
80b3389a294bcd61b58b4e85ec7f3bd02c64d8fc
perl-IO-Compress-Zlib-2.021-146.el6.tuxcare.els4.x86_64.rpm
887ca50346cc74cbc6272bd3186986f1bc76cf1a
perl-IO-Zlib-1.09-146.el6.tuxcare.els4.x86_64.rpm
1b6ebee39f367bbcfecfb877610f40a5fea1905f
perl-IPC-Cmd-0.56-146.el6.tuxcare.els4.x86_64.rpm
392372db6afcc6dcefc367e86f8d1adf40d0d978
perl-Locale-Maketext-Simple-0.18-146.el6.tuxcare.els4.x86_64.rpm
a082e66d5f512a9d93bbc69b424cc0aaccf5365f
perl-Log-Message-0.02-146.el6.tuxcare.els4.x86_64.rpm
34e813fc4b8ba53c1b9013e295ff2ecc70895441
perl-Log-Message-Simple-0.04-146.el6.tuxcare.els4.x86_64.rpm
f693b3223fd332eed7c25fedc9369ce7bac491e6
perl-Module-Build-0.3500-146.el6.tuxcare.els4.x86_64.rpm
42c1c58e0963477b076e1bc371fd99c23b290a97
perl-Module-CoreList-2.18-146.el6.tuxcare.els4.x86_64.rpm
3ace7b95d3a7b063aea9d5a85331801b094097d6
perl-Module-Load-0.16-146.el6.tuxcare.els4.x86_64.rpm
463717024309b6364e28b9c0303fd1f80313ae05
perl-Module-Load-Conditional-0.30-146.el6.tuxcare.els4.x86_64.rpm
0a5591cab8d49383e8d4dea456e77d6899eb69b0
perl-Module-Loaded-0.02-146.el6.tuxcare.els4.x86_64.rpm
81ba5793a0d065c6abf83488966b04920ac60ace
perl-Module-Pluggable-3.90-146.el6.tuxcare.els4.x86_64.rpm
c594a20bf39cb408cb4e351e95c627ceedea96ba
perl-Object-Accessor-0.34-146.el6.tuxcare.els4.x86_64.rpm
8d05864e355a534086a15d7dbbcc081501b40f7b
perl-Package-Constants-0.02-146.el6.tuxcare.els4.x86_64.rpm
e4d786bb9ad7264fbf56441ced961e45b1074c6e
perl-Params-Check-0.26-146.el6.tuxcare.els4.x86_64.rpm
d1e7b533f15b0be66ecb140e1d829379e313761e
perl-Parse-CPAN-Meta-1.40-146.el6.tuxcare.els4.x86_64.rpm
040ca8ab71ccd183a74a1928fc8fc572a24aa5a0
perl-Pod-Escapes-1.04-146.el6.tuxcare.els4.x86_64.rpm
e52449baa77792bb99277be7dd368c3af28b3626
perl-Pod-Simple-3.13-146.el6.tuxcare.els4.x86_64.rpm
311cdd1a907d3f2700892799f5b3cba71bbd4b38
perl-Term-UI-0.20-146.el6.tuxcare.els4.x86_64.rpm
e833e4b562102480d6cd5a98b1b50462f43e9a09
perl-Test-Harness-3.17-146.el6.tuxcare.els4.x86_64.rpm
cac4dfc784c0a93614fbcb87d2b516c68ed4f0c2
perl-Test-Simple-0.92-146.el6.tuxcare.els4.x86_64.rpm
80be9c3c5a2eaec2b2321e774bc8b44626704a09
perl-Time-HiRes-1.9721-146.el6.tuxcare.els4.x86_64.rpm
8754b3a7bad8463e16a143bc4966dc2855b1e186
perl-Time-Piece-1.15-146.el6.tuxcare.els4.x86_64.rpm
61f194dba214f12b99926bbed2eabaa10a51c18c
perl-core-5.10.1-146.el6.tuxcare.els4.x86_64.rpm
50acc8517d6dd358afb57ecb9f72bad1a727dfff
perl-devel-5.10.1-146.el6.tuxcare.els4.i686.rpm
e89411d0a6c12915290e45ec6dc0edaefbe34552
perl-devel-5.10.1-146.el6.tuxcare.els4.x86_64.rpm
05efb0eaef467755012a5e7bc81fa8e0200e7dc6
perl-libs-5.10.1-146.el6.tuxcare.els4.i686.rpm
caf5dd365c6bc9c78db2985f2d43d95d00f4a446
perl-libs-5.10.1-146.el6.tuxcare.els4.x86_64.rpm
5805db4a6fb47919394ea6c47c25c59e5dded374
perl-parent-0.221-146.el6.tuxcare.els4.x86_64.rpm
82fb4c2363a8c1a718d1d533479c9593350c5042
perl-suidperl-5.10.1-146.el6.tuxcare.els4.x86_64.rpm
a62ac4cf9e063e910578b5d363ac8d283c52bfae
perl-version-0.77-146.el6.tuxcare.els4.x86_64.rpm
abe975166fccd129d0cbabe4648bfad85f9f68e8
CLSA-2022:1668121215
sqlite: Fix of CVE-2022-35737
TuxCare License Agreement
0
- CVE-2022-35737: fix a buffer overflow
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-35737: fix a buffer overflow
0
tuxcare-centos6-els
lemon-3.6.20-1.el6_7.2.tuxcare.els2.x86_64.rpm
5b6b69d839717b146cd4d404fae48a1d3d5730d3
sqlite-3.6.20-1.el6_7.2.tuxcare.els2.i686.rpm
caa2687a44e159d19d2974a68d62d7395bd83265
sqlite-3.6.20-1.el6_7.2.tuxcare.els2.x86_64.rpm
7758c5d9728f757007d828f6611c782cd29b37a3
sqlite-devel-3.6.20-1.el6_7.2.tuxcare.els2.i686.rpm
450db91b430f5769a4fdd4ef1e246217889ac2eb
sqlite-devel-3.6.20-1.el6_7.2.tuxcare.els2.x86_64.rpm
592b4a42f8077d6bfb89d1c8489ef76e3f7edd86
sqlite-doc-3.6.20-1.el6_7.2.tuxcare.els2.x86_64.rpm
167c2476a646f2b1578418037f8797406837b0dd
sqlite-tcl-3.6.20-1.el6_7.2.tuxcare.els2.x86_64.rpm
f4b0679923825939ac6f65aee56631962fbd46a6
CLSA-2022:1669066613
nginx: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2022-41741: fix memory corruption in the ngx_http_mp4_module
- CVE-2022-41742: fix memory disclosure in the ngx_http_mp4_module
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-41741: fix memory corruption in the ngx_http_mp4_module
- CVE-2022-41742: fix memory disclosure in the ngx_http_mp4_module
0
tuxcare-centos6-els
nginx-1.10.3-4.el6.tuxcare.els5.x86_64.rpm
f6b4591167bedfc0d6e9e821b84818e6cb3f9515
nginx-all-modules-1.10.3-4.el6.tuxcare.els5.noarch.rpm
794f50eaec736b0269c3706cc9e247a31a523753
nginx-filesystem-1.10.3-4.el6.tuxcare.els5.noarch.rpm
336867e7a8334a2bb1aa854a7b1545a0592de3c2
nginx-mod-http-geoip-1.10.3-4.el6.tuxcare.els5.x86_64.rpm
4764f994a07ca6afb5b28dc3b51d2510b91430f0
nginx-mod-http-image-filter-1.10.3-4.el6.tuxcare.els5.x86_64.rpm
42f97c28fa371333ea0e96fad1ec5cac9f330b63
nginx-mod-http-perl-1.10.3-4.el6.tuxcare.els5.x86_64.rpm
4b555d5c605a200fe6635d2488dd8d044f3e8152
nginx-mod-http-xslt-filter-1.10.3-4.el6.tuxcare.els5.x86_64.rpm
e154437038145fca1bc2d2c21de208a128cb95f0
nginx-mod-mail-1.10.3-4.el6.tuxcare.els5.x86_64.rpm
e23858651ee67ddde490225bd6bc5b79de2b971e
nginx-mod-stream-1.10.3-4.el6.tuxcare.els5.x86_64.rpm
d78f794b15cd56a188ddc1e724a58baf04c52b72
CLSA-2022:1669236294
xterm: Fix of CVE-2022-45063
TuxCare License Agreement
0
- CVE-2022-45063: improve error recovery when setting a bitmap font for the VT100 window
- Add NULL pointer checks in x_strcasecmp() and x_strncasecmp() to help with error
recovery for a missing font
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-45063: improve error recovery when setting a bitmap font for the VT100 window
- Add NULL pointer checks in x_strcasecmp() and x_strncasecmp() to help with error
recovery for a missing font
0
tuxcare-centos6-els
xterm-253-2.el6.tuxcare.els2.x86_64.rpm
d879202b48d6b86df3c37ee8e9f61f55d6636f38
CLSA-2022:1669236630
python: Fix of CVE-2022-45061
TuxCare License Agreement
0
- CVE-2022-45061: Fix quadratic time idna decoding
- fix tests to be compatible with expat 2.0.1-tuxcare.els
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-45061: Fix quadratic time idna decoding
- fix tests to be compatible with expat 2.0.1-tuxcare.els
0
tuxcare-centos6-els
python-2.6.6-70.el6.tuxcare.els8.i686.rpm
6d8a77ba9eb42f9d43e864958d223fbfe329b35b
python-2.6.6-70.el6.tuxcare.els8.x86_64.rpm
6999dda04e4c3fd78bcb22038ad556c7f9d0b8a0
python-devel-2.6.6-70.el6.tuxcare.els8.i686.rpm
9896c1569e2e34b167226ac1582896c6d3ed0226
python-devel-2.6.6-70.el6.tuxcare.els8.x86_64.rpm
cb7c02ac6100b93883445289ec62c3ba539feceb
python-libs-2.6.6-70.el6.tuxcare.els8.i686.rpm
64d75ea7cc64f32f475bb367e93f0688f94eba9d
python-libs-2.6.6-70.el6.tuxcare.els8.x86_64.rpm
80ed9213c91ae3b0c2916c6c8c59789bee462254
python-test-2.6.6-70.el6.tuxcare.els8.x86_64.rpm
dcc70cf8d69bdc6d6e92f91e12b8bc9cad2b1c77
python-tools-2.6.6-70.el6.tuxcare.els8.x86_64.rpm
b14471ff8c8f6e25b88868909509486bf96ae29b
tkinter-2.6.6-70.el6.tuxcare.els8.x86_64.rpm
af00ace54c57f030be02b5a6ec3d80ca259ed70f
CLSA-2022:1669236934
vim: Fix of CVE-2022-3352
TuxCare License Agreement
0
- CVE-2022-3352: disallow deleting the current buffer to avoid using freed memory
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-3352: disallow deleting the current buffer to avoid using freed memory
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els32.x86_64.rpm
13a21a81ed39ef4a0a4a98e367ba1d4e3ad64794
vim-common-7.4.629-5.2.el6.tuxcare.els32.x86_64.rpm
c5957d6409421afdcb3db0dff8c8e003b91affb5
vim-enhanced-7.4.629-5.2.el6.tuxcare.els32.x86_64.rpm
973345adf8c8bfc0fba6f3f5dac21ba584a3b8a7
vim-filesystem-7.4.629-5.2.el6.tuxcare.els32.x86_64.rpm
50d1912e854531d73eb646d409a034a1e83c51ff
vim-minimal-7.4.629-5.2.el6.tuxcare.els32.x86_64.rpm
e52e414cb81c0ffdc177698d6f740b7b94cd5606
CLSA-2022:1670521677
libxml2: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2022-40303: fix integer overflows with XML_PARSE_HUGE
- CVE-2022-40304: fix dict corruption caused by entity reference cycles
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-40303: fix integer overflows with XML_PARSE_HUGE
- CVE-2022-40304: fix dict corruption caused by entity reference cycles
0
tuxcare-centos6-els
libxml2-2.7.6-21.el6_8.1.tuxcare.els3.i686.rpm
2d11a385619b2f47c24c1f84fc38f7c3a82fc6ae
libxml2-2.7.6-21.el6_8.1.tuxcare.els3.x86_64.rpm
8d8dca274da0c190fc03df3bfc96529f4689f01a
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els3.i686.rpm
a33261ab10c45b4b80f653e82e3759b85b31dd32
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els3.x86_64.rpm
b07fc840c8949dcd667f412ccceb1974780ab854
libxml2-python-2.7.6-21.el6_8.1.tuxcare.els3.x86_64.rpm
56d336f43f23a4702bf8c3ca192dbda1035079c0
libxml2-static-2.7.6-21.el6_8.1.tuxcare.els3.x86_64.rpm
519268ef3276f967c1c90d9cd158c197eeb6400b
CLSA-2022:1670874451
krb5: Fix of CVE-2022-42898
TuxCare License Agreement
0
- CVE-2022-42898: Fix integer overflows in PAC parsing
- A test-suite was activated
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-42898: Fix integer overflows in PAC parsing
- A test-suite was activated
0
tuxcare-centos6-els
krb5-devel-1.10.3-65.el6.tuxcare.els1.i686.rpm
c4d876915934481d57791d0e4b5c688a859b7764
krb5-devel-1.10.3-65.el6.tuxcare.els1.x86_64.rpm
0830eb39dd046103de83d2c1dfb855c021f3e3b4
krb5-libs-1.10.3-65.el6.tuxcare.els1.i686.rpm
61cf0f0f6b120969c8d8fcf277cfb3440faf12fe
krb5-libs-1.10.3-65.el6.tuxcare.els1.x86_64.rpm
772d96a3805a6180a3b527f9fa666e971f965de5
krb5-pkinit-openssl-1.10.3-65.el6.tuxcare.els1.x86_64.rpm
8cbb181ee0761420a56da9ead1f2411262434de6
krb5-server-1.10.3-65.el6.tuxcare.els1.x86_64.rpm
1472f61cdae4ef1881cd622b36565159a6cefd09
krb5-server-ldap-1.10.3-65.el6.tuxcare.els1.i686.rpm
9c623672e17439218a7a62ffbbfeeccc257e3db4
krb5-server-ldap-1.10.3-65.el6.tuxcare.els1.x86_64.rpm
a90cf049cdfc3b5606772d4b0b34d4827fd7c28e
krb5-workstation-1.10.3-65.el6.tuxcare.els1.x86_64.rpm
b4aba9ddcccb7aaa4d0eaa5f5c3b535c893c002d
libkadm5-1.10.3-65.el6.tuxcare.els1.i686.rpm
d27a5b3cf23246eeafd084613f59480779eb498e
libkadm5-1.10.3-65.el6.tuxcare.els1.x86_64.rpm
4251a1355b6effd0d1effe2b0f2823dcea6e1fa9
CLSA-2022:1670874574
vim: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2022-4141: check for text locked in CTRL-W gf
- CVE-2022-3520: check that the column does not become negative
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-4141: check for text locked in CTRL-W gf
- CVE-2022-3520: check that the column does not become negative
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els33.x86_64.rpm
8d5e57485cf547689cf3b5811bf42dbbcdc8139d
vim-common-7.4.629-5.2.el6.tuxcare.els33.x86_64.rpm
ce5a69c8a14448e25382563b7043fd861d4c6ef0
vim-enhanced-7.4.629-5.2.el6.tuxcare.els33.x86_64.rpm
03bc9128a6dae1634f699ccc2d2d9a9514f4aa32
vim-filesystem-7.4.629-5.2.el6.tuxcare.els33.x86_64.rpm
5b041c97f8865a0f626aeb90e6fe8350ff895b48
vim-minimal-7.4.629-5.2.el6.tuxcare.els33.x86_64.rpm
ea6d2c255cd61554c77add8b93485ad737540157
CLSA-2022:1671033543
vim: Fix of CVE-2022-4292
TuxCare License Agreement
0
- CVE-2022-4292: bail out if the window no longer exists
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-4292: bail out if the window no longer exists
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els34.x86_64.rpm
424a687b0ceac4dc4c11ea6b992561324ca947b3
vim-common-7.4.629-5.2.el6.tuxcare.els34.x86_64.rpm
9ec53b82c291fdf4719f218864eddb1c6aec8676
vim-enhanced-7.4.629-5.2.el6.tuxcare.els34.x86_64.rpm
78914e825a352f3f004246c6074b0f9a978e3b47
vim-filesystem-7.4.629-5.2.el6.tuxcare.els34.x86_64.rpm
935d335a1d5bbc57ffc48999dc781987697bdb2c
vim-minimal-7.4.629-5.2.el6.tuxcare.els34.x86_64.rpm
1bac96fb4a0896f48d5a8dd2b6d6f445677fdbd8
CLSA-2022:1671126165
curl: Fix of CVE-2022-32221
TuxCare License Agreement
0
- CVE-2022-32221: fix issue when POST following PUT confusion
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-32221: fix issue when POST following PUT confusion
0
tuxcare-centos6-els
curl-7.19.7-59.el6.tuxcare.els7.x86_64.rpm
4c17434894455d31df041a812a869122d00b71bc
libcurl-7.19.7-59.el6.tuxcare.els7.i686.rpm
14727ebeb1eaa64d81bc56f9d45bacb87ffd0e53
libcurl-7.19.7-59.el6.tuxcare.els7.x86_64.rpm
5bc527c6fd4dc25a4684ea7ff39934e1d02ce960
libcurl-devel-7.19.7-59.el6.tuxcare.els7.i686.rpm
897b69deb1501bc01525eb4c81e4000834f8e00b
libcurl-devel-7.19.7-59.el6.tuxcare.els7.x86_64.rpm
64b29312d96f500a03d9be46e68dfb2480e307d7
CLSA-2022:1671126265
vim: Fix of CVE-2022-3591
TuxCare License Agreement
0
- CVE-2022-3591: disallow navigating to a dummy buffer
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-3591: disallow navigating to a dummy buffer
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els35.x86_64.rpm
0f2686db35f1a887703b3e3985242068c4a73961
vim-common-7.4.629-5.2.el6.tuxcare.els35.x86_64.rpm
13b3f2a58604d30da4ccaa333216b8bf2abe7b0f
vim-enhanced-7.4.629-5.2.el6.tuxcare.els35.x86_64.rpm
7f589e18ecf380c1fb0ab454c29e1d8fd7712b19
vim-filesystem-7.4.629-5.2.el6.tuxcare.els35.x86_64.rpm
4ea1c073c66b258686c8e3af4282691728d409b8
vim-minimal-7.4.629-5.2.el6.tuxcare.els35.x86_64.rpm
96638f9ab7d7702cadb91f89f0c5b95e842b83dd
CLSA-2022:1671481339
openssh: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2019-6109: verify character encoding in progress display to avoid
spoofing of scp client output
- CVE-2016-10012: updated to fix server-side protocol errors observed
during rekeying with compression enabled
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2019-6109: verify character encoding in progress display to avoid
spoofing of scp client output
- CVE-2016-10012: updated to fix server-side protocol errors observed
during rekeying with compression enabled
0
tuxcare-centos6-els
openssh-5.3p1-125.el6.tuxcare.els4.x86_64.rpm
e35b66600c1036237fce5c30ab8de1a05f9b3cf6
openssh-askpass-5.3p1-125.el6.tuxcare.els4.x86_64.rpm
a980b3e0c4c356e09321b8c25f48ed7fca158dac
openssh-clients-5.3p1-125.el6.tuxcare.els4.x86_64.rpm
6228e00bf521c72d08910e9336d9753b2429a29f
openssh-ldap-5.3p1-125.el6.tuxcare.els4.x86_64.rpm
621523c6f70b0a4cf7f50711c71e7c48192ed0bc
openssh-server-5.3p1-125.el6.tuxcare.els4.x86_64.rpm
7e0fce5a4fd33f4f489a1c8a6b23bb9ff871a84c
pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els4.i686.rpm
2b702883cee3b8bb6852c07c2b8fd2aa0cba8a36
pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els4.x86_64.rpm
e024be739ac0b6e2fa93d882157f463aa1a6b50b
CLSA-2022:1671656169
Update of ca-certificates
TuxCare License Agreement
0
- update to CKBI 2.58 from NSS 3.67
- removed old certificates:
- # Certificate "Camerfirma Global Chambersign Root"
- # Certificate "Cybertrust Global Root"
- # Certificate "Equifax Secure eBusiness CA 1"
- # Certificate "Equifax Secure Global eBusiness CA"
- # Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2"
- # Certificate "GlobalSign Root CA - R2"
- # Certificate "Hellenic Academic and Research Institutions RootCA 2011"
- # Certificate "Staat der Nederlanden EV Root CA"
- # Certificate "Thawte Premium Server CA"
- # Certificate "Thawte Premium Server CA, with pkcs1-sha1-rsa signature"
- # Certificate "Thawte Server CA"
- # Certificate "Verisign Class 2 Public Primary Certification Authority - G2"
- # Certificate "Verisign Class 3 Public Primary Certification Authority"
- # Certificate "Verisign Class 3 Public Primary Certification Authority - G2"
- added new certificates:
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
- # Certificate "Certainly Root E1"
- # Certificate "Certainly Root R1"
- # Certificate "DigiCert SMIME ECC P384 Root G5"
- # Certificate "DigiCert SMIME RSA4096 Root G5"
- # Certificate "DigiCert TLS ECC P384 Root G5"
- # Certificate "DigiCert TLS RSA4096 Root G5"
- # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA"
- # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA"
- # Certificate "D-TRUST BR Root CA 1 2020"
- # Certificate "D-TRUST EV Root CA 1 2020"
- # Certificate "E-Tugra Global Root CA ECC v3"
- # Certificate "E-Tugra Global Root CA RSA v3"
- # Certificate "GlobalSign ECC Root CA - R4"
- # Certificate "GTS Root R1"
- # Certificate "GTS Root R2"
- # Certificate "GTS Root R3"
- # Certificate "GTS Root R4"
- # Certificate "HARICA Client ECC Root CA 2021"
- # Certificate "HARICA Client RSA Root CA 2021"
- # Certificate "HARICA TLS ECC Root CA 2021"
- # Certificate "HARICA TLS RSA Root CA 2021"
- # Certificate "HiPKI Root CA - G1"
- # Certificate "ISRG Root X2"
- # Certificate "Security Communication ECC RootCA1"
- # Certificate "Security Communication RootCA3"
- # Certificate "Telia Root CA v2"
- # Certificate "TunTrust Root CA"
- # Certificate "vTrus ECC Root CA"
- # Certificate "vTrus Root CA"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- update to CKBI 2.58 from NSS 3.67
- removed old certificates:
- # Certificate "Camerfirma Global Chambersign Root"
- # Certificate "Cybertrust Global Root"
- # Certificate "Equifax Secure eBusiness CA 1"
- # Certificate "Equifax Secure Global eBusiness CA"
- # Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2"
- # Certificate "GlobalSign Root CA - R2"
- # Certificate "Hellenic Academic and Research Institutions RootCA 2011"
- # Certificate "Staat der Nederlanden EV Root CA"
- # Certificate "Thawte Premium Server CA"
- # Certificate "Thawte Premium Server CA, with pkcs1-sha1-rsa signature"
- # Certificate "Thawte Server CA"
- # Certificate "Verisign Class 2 Public Primary Certification Authority - G2"
- # Certificate "Verisign Class 3 Public Primary Certification Authority"
- # Certificate "Verisign Class 3 Public Primary Certification Authority - G2"
- added new certificates:
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
- # Certificate "Certainly Root E1"
- # Certificate "Certainly Root R1"
- # Certificate "DigiCert SMIME ECC P384 Root G5"
- # Certificate "DigiCert SMIME RSA4096 Root G5"
- # Certificate "DigiCert TLS ECC P384 Root G5"
- # Certificate "DigiCert TLS RSA4096 Root G5"
- # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA"
- # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA"
- # Certificate "D-TRUST BR Root CA 1 2020"
- # Certificate "D-TRUST EV Root CA 1 2020"
- # Certificate "E-Tugra Global Root CA ECC v3"
- # Certificate "E-Tugra Global Root CA RSA v3"
- # Certificate "GlobalSign ECC Root CA - R4"
- # Certificate "GTS Root R1"
- # Certificate "GTS Root R2"
- # Certificate "GTS Root R3"
- # Certificate "GTS Root R4"
- # Certificate "HARICA Client ECC Root CA 2021"
- # Certificate "HARICA Client RSA Root CA 2021"
- # Certificate "HARICA TLS ECC Root CA 2021"
- # Certificate "HARICA TLS RSA Root CA 2021"
- # Certificate "HiPKI Root CA - G1"
- # Certificate "ISRG Root X2"
- # Certificate "Security Communication ECC RootCA1"
- # Certificate "Security Communication RootCA3"
- # Certificate "Telia Root CA v2"
- # Certificate "TunTrust Root CA"
- # Certificate "vTrus ECC Root CA"
- # Certificate "vTrus Root CA"
0
tuxcare-centos6-els
ca-certificates-2022.2.58-60.1.el6.tuxcare.els1.noarch.rpm
bcd1679d1f4cef83fad4853bca2f327380a636de
CLSA-2023:1674813830
vim: Fix of CVE-2023-0049
TuxCare License Agreement
0
- CVE-2023-0049: fix out-of-bounds read
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-0049: fix out-of-bounds read
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els36.x86_64.rpm
47a7fa4ec2d783b4d3d233250370b780aa0eb228
vim-common-7.4.629-5.2.el6.tuxcare.els36.x86_64.rpm
acd3ffe09ddd3deb4ccd5feb8848cac216c768eb
vim-enhanced-7.4.629-5.2.el6.tuxcare.els36.x86_64.rpm
91befbd0d74fe023da20e84911217ec9b62518e6
vim-filesystem-7.4.629-5.2.el6.tuxcare.els36.x86_64.rpm
c9d495e32f8e332eb35eecd4c737a36233ff5e8c
vim-minimal-7.4.629-5.2.el6.tuxcare.els36.x86_64.rpm
b31aab4cb7c4de4e898662e388d91da3360df430
CLSA-2023:1675111939
httpd: Fix of CVE-2022-36760
TuxCare License Agreement
0
- CVE-2022-36760: mod_proxy_ajp: fix possible HTTP request smuggling
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-36760: mod_proxy_ajp: fix possible HTTP request smuggling
0
tuxcare-centos6-els
httpd-2.2.15-72.el6.tuxcare.els8.x86_64.rpm
c79a4ddad552f161045b4f684d809948cde4db5e
httpd-devel-2.2.15-72.el6.tuxcare.els8.i686.rpm
93529c816bd7e40ef06d8d724b6df9c65d3bfb46
httpd-devel-2.2.15-72.el6.tuxcare.els8.x86_64.rpm
5bf638213a7ea2be36d9765d7c460e51ac4df1b2
httpd-manual-2.2.15-72.el6.tuxcare.els8.noarch.rpm
2fc245f6b95363265a6e240c94cc9a5c6624de73
httpd-tools-2.2.15-72.el6.tuxcare.els8.x86_64.rpm
005f2e2f327929fc3be2dd2cf5d2bedb78d41764
mod_ssl-2.2.15-72.el6.tuxcare.els8.x86_64.rpm
24e4efc7a4a1e92648f743371e46e8dfd149e984
CLSA-2023:1675373662
vim: Fix of CVE-2023-0433
TuxCare License Agreement
0
- CVE-2023-0433: check for not going over the end of the line
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-0433: check for not going over the end of the line
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els37.x86_64.rpm
28e5e93ff52683be1c5d4269bc5efaf4db6097bd
vim-common-7.4.629-5.2.el6.tuxcare.els37.x86_64.rpm
4860ccd9ac1bc44fb81ef07cb7d9c51d1345be05
vim-enhanced-7.4.629-5.2.el6.tuxcare.els37.x86_64.rpm
99c377cd4dbab63fd9afa73df94e894b102dd9f6
vim-filesystem-7.4.629-5.2.el6.tuxcare.els37.x86_64.rpm
2553da827680af34f1915f47627782a343501e77
vim-minimal-7.4.629-5.2.el6.tuxcare.els37.x86_64.rpm
36fe51cd0db4ea13e49859e49b974a89f2745f75
CLSA-2023:1675985571
sudo: Fix of CVE-2023-22809
TuxCare License Agreement
0
- CVE-2023-22809: do not permit editor arguments to include "--" for sudoedit
- build tests have been enabled
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-22809: do not permit editor arguments to include "--" for sudoedit
- build tests have been enabled
0
tuxcare-centos6-els
sudo-1.8.6p3-32.el6.tuxcare.els1.x86_64.rpm
2f8bccc985f0fb16dea5263039eec6d1699b27c6
sudo-devel-1.8.6p3-32.el6.tuxcare.els1.i686.rpm
74c7604fbd53e39caab712b88df52ca99a0c7e64
sudo-devel-1.8.6p3-32.el6.tuxcare.els1.x86_64.rpm
9af7f95017a943317cae5cd97957fe534d2417f5
CLSA-2023:1675985787
Update of tzdata
TuxCare License Agreement
0
- Upgrade to tzdata-2022g
- The northern edge of the Mexican state of Chihuahua will
change time zone to agree with nearby US locations on
2022-11-30.
- Added a new Zone America/Ciudad_Juarez that splits from
America/Ojinaga.
- Mexico will stop observing DST except near the US border.
- Chihuahua moved to -06 year round starting on 2022-10-30.
- Fiji no longer observes DST.
- Add a work-around for an awk bug in FreeBSD, macOS, etc.
- Improve tzselect with respect to intercontinental Zones.
- Chile transitions to DST on 2022-09-11, not 2022-09-04
- 'make install' now defaults LOCALTIME to Factory rather than GMT
- More zones that are the same since 1970 have been moved to backzone.
- Include patch for awk workaround.
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to tzdata-2022g
- The northern edge of the Mexican state of Chihuahua will
change time zone to agree with nearby US locations on
2022-11-30.
- Added a new Zone America/Ciudad_Juarez that splits from
America/Ojinaga.
- Mexico will stop observing DST except near the US border.
- Chihuahua moved to -06 year round starting on 2022-10-30.
- Fiji no longer observes DST.
- Add a work-around for an awk bug in FreeBSD, macOS, etc.
- Improve tzselect with respect to intercontinental Zones.
- Chile transitions to DST on 2022-09-11, not 2022-09-04
- 'make install' now defaults LOCALTIME to Factory rather than GMT
- More zones that are the same since 1970 have been moved to backzone.
- Include patch for awk workaround.
0
tuxcare-centos6-els
tzdata-2022g-1.el6.noarch.rpm
3f41705e5253e80c2490b7eeab99b1e062e2a281
tzdata-java-2022g-1.el6.noarch.rpm
c4c083c930067353b08c08a294cc9a74fec4eec3
CLSA-2023:1675985852
java-1.8.0-openjdk: Fix of 2 CVEs
TuxCare License Agreement
0
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b09. That fixes following CVEs:
- CVE-2023-21830: Improper restrictions in CORBA deserialization (Serialization, 8285021)
- CVE-2023-21843: Soundbank URL remote loading (Sound, 8293742)
- Update tzdata requirement to 2022g to match JDK-8297804
- Remove patches which are in upstream now
- Remove the obsolete rh1163501 patch
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b09. That fixes following CVEs:
- CVE-2023-21830: Improper restrictions in CORBA deserialization (Serialization, 8285021)
- CVE-2023-21843: Soundbank URL remote loading (Sound, 8293742)
- Update tzdata requirement to 2022g to match JDK-8297804
- Remove patches which are in upstream now
- Remove the obsolete rh1163501 patch
0
tuxcare-centos6-els
java-1.8.0-openjdk-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm
5afb301cc8d924e2c16d009ef9468b20d19a2600
java-1.8.0-openjdk-debug-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm
389e4642a00a0e29e9463dfbea13fa43c7204c5c
java-1.8.0-openjdk-demo-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm
4175b3826b57d4b3d4a88957ffecbb7ced4b0bee
java-1.8.0-openjdk-demo-debug-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm
dc294e02735e28b7c9a16d9e567af52ba91ba9d7
java-1.8.0-openjdk-devel-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm
5be4aadec1d36a167694488ee0ad1d97e3e1c3ff
java-1.8.0-openjdk-devel-debug-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm
b9c471a36e52c194fe84d12bd76052579312c511
java-1.8.0-openjdk-headless-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm
f15a447c5aa566b5311cf14eb8c4185dd12bbd96
java-1.8.0-openjdk-headless-debug-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm
1d7ded93928ee8dcb6f549174586953f42e7a7d4
java-1.8.0-openjdk-javadoc-1.8.0.362.b09-1.el6.tuxcare.els1.noarch.rpm
f5e10e960a4150e98a8f240f52e53213d4e12dff
java-1.8.0-openjdk-javadoc-debug-1.8.0.362.b09-1.el6.tuxcare.els1.noarch.rpm
21803baf6da257b1dd0de92806a978ca2dbab0ff
java-1.8.0-openjdk-src-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm
6a31791a4dddaa496a38a1c7b702d876af010de4
java-1.8.0-openjdk-src-debug-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm
c45eb00f12ffd840e41890a3df8329d356445793
CLSA-2023:1676025596
openssl: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-0215: Fix a UAF resulting from a bug in BIO_new_NDEF
- CVE-2023-0286: Fix GENERAL_NAME_cmp for x400Address
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-0215: Fix a UAF resulting from a bug in BIO_new_NDEF
- CVE-2023-0286: Fix GENERAL_NAME_cmp for x400Address
0
tuxcare-centos6-els
openssl-1.0.1e-63.el6.tuxcare.els8.i686.rpm
b6b730f6e6a169c77442e298d52a7a3c3932282b
openssl-1.0.1e-63.el6.tuxcare.els8.x86_64.rpm
5cfb688208fd26a1c261dd6f7770ef7ab2c7d9bf
openssl-devel-1.0.1e-63.el6.tuxcare.els8.i686.rpm
16507487fc380463aa7d627d3a0881837fcb4854
openssl-devel-1.0.1e-63.el6.tuxcare.els8.x86_64.rpm
094548221b173cbdec2cc44d2da80880063fecb4
openssl-perl-1.0.1e-63.el6.tuxcare.els8.x86_64.rpm
d5015b2ca83d05f3ed91eaa1a4b19bef0497192f
openssl-static-1.0.1e-63.el6.tuxcare.els8.x86_64.rpm
8146f7a13a740d7cce2bfe1fc012908c774f6c2b
CLSA-2023:1676979221
Update of nss
TuxCare License Agreement
0
- Update to CKBI 2.60 from NSS 3.86
- Removed:
- # Certificate "Camerfirma Global Chambersign Root"
- # Certificate "Cybertrust Global Root"
- # Certificate "DST Root CA X3"
- # Certificate "EC-ACC"
- # Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2"
- # Certificate "GlobalSign Root CA - R2"
- # Certificate "Hellenic Academic and Research Institutions RootCA 2011"
- # Certificate "Network Solutions Certificate Authority"
- # Certificate "Staat der Nederlanden EV Root CA"
- # Certificate "SwissSign Platinum CA - G2"
- # Certificate "GlobalSign ECC Root CA - R4"
- # Certificate "GTS Root R4"
- # Certificate "GTS Root R3"
- # Certificate "GTS Root R2"
- # Certificate "GTS Root R1"
- Added:
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
- # Certificate "Certainly Root E1"
- # Certificate "Certainly Root R1"
- # Certificate "DigiCert SMIME ECC P384 Root G5"
- # Certificate "DigiCert SMIME RSA4096 Root G5"
- # Certificate "DigiCert TLS ECC P384 Root G5"
- # Certificate "DigiCert TLS RSA4096 Root G5"
- # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA"
- # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA"
- # Certificate "D-TRUST BR Root CA 1 2020"
- # Certificate "D-TRUST EV Root CA 1 2020"
- # Certificate "E-Tugra Global Root CA ECC v3"
- # Certificate "E-Tugra Global Root CA RSA v3"
- # Certificate "HARICA Client ECC Root CA 2021"
- # Certificate "HARICA Client RSA Root CA 2021"
- # Certificate "HARICA TLS ECC Root CA 2021"
- # Certificate "HARICA TLS RSA Root CA 2021"
- # Certificate "HiPKI Root CA - G1"
- # Certificate "ISRG Root X2"
- # Certificate "Security Communication ECC RootCA1"
- # Certificate "Security Communication RootCA3"
- # Certificate "Telia Root CA v2"
- # Certificate "TunTrust Root CA"
- # Certificate "vTrus ECC Root CA"
- # Certificate "vTrus Root CA"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update to CKBI 2.60 from NSS 3.86
- Removed:
- # Certificate "Camerfirma Global Chambersign Root"
- # Certificate "Cybertrust Global Root"
- # Certificate "DST Root CA X3"
- # Certificate "EC-ACC"
- # Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2"
- # Certificate "GlobalSign Root CA - R2"
- # Certificate "Hellenic Academic and Research Institutions RootCA 2011"
- # Certificate "Network Solutions Certificate Authority"
- # Certificate "Staat der Nederlanden EV Root CA"
- # Certificate "SwissSign Platinum CA - G2"
- # Certificate "GlobalSign ECC Root CA - R4"
- # Certificate "GTS Root R4"
- # Certificate "GTS Root R3"
- # Certificate "GTS Root R2"
- # Certificate "GTS Root R1"
- Added:
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
- # Certificate "Certainly Root E1"
- # Certificate "Certainly Root R1"
- # Certificate "DigiCert SMIME ECC P384 Root G5"
- # Certificate "DigiCert SMIME RSA4096 Root G5"
- # Certificate "DigiCert TLS ECC P384 Root G5"
- # Certificate "DigiCert TLS RSA4096 Root G5"
- # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA"
- # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA"
- # Certificate "D-TRUST BR Root CA 1 2020"
- # Certificate "D-TRUST EV Root CA 1 2020"
- # Certificate "E-Tugra Global Root CA ECC v3"
- # Certificate "E-Tugra Global Root CA RSA v3"
- # Certificate "HARICA Client ECC Root CA 2021"
- # Certificate "HARICA Client RSA Root CA 2021"
- # Certificate "HARICA TLS ECC Root CA 2021"
- # Certificate "HARICA TLS RSA Root CA 2021"
- # Certificate "HiPKI Root CA - G1"
- # Certificate "ISRG Root X2"
- # Certificate "Security Communication ECC RootCA1"
- # Certificate "Security Communication RootCA3"
- # Certificate "Telia Root CA v2"
- # Certificate "TunTrust Root CA"
- # Certificate "vTrus ECC Root CA"
- # Certificate "vTrus Root CA"
0
tuxcare-centos6-els
nss-3.44.0-12.el6.tuxcare.els2.i686.rpm
565eb230b667b19a74ed5e0b2fe1ab0ac4f7a176
nss-3.44.0-12.el6.tuxcare.els2.x86_64.rpm
db83459b7c9a8bb16354d1f4218be5b70a628bc8
nss-devel-3.44.0-12.el6.tuxcare.els2.i686.rpm
a30e42d09eb2e391f49f1ffc794a014b09b43d29
nss-devel-3.44.0-12.el6.tuxcare.els2.x86_64.rpm
ea959f9b6e8f2b90954954f72392dd37eff31ac5
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els2.i686.rpm
783b0f755b2bed7f9b0709fdb708d69336543df0
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els2.x86_64.rpm
206fa0d67cbf9bca113e1b51791c6fb05e722b0a
nss-sysinit-3.44.0-12.el6.tuxcare.els2.x86_64.rpm
2a350eb6df538af88175190d48b5ed0ba3b91295
nss-tools-3.44.0-12.el6.tuxcare.els2.x86_64.rpm
3417e053c5a6caef476231563d9659126e2f47e1
CLSA-2023:1676981312
Update of ca-certificates
TuxCare License Agreement
0
- update to CKBI 2.60 from NSS 3.86
- removed old certificates:
- # Certificate "EC-ACC"
- # Certificate "GlobalSign ECC Root CA - R4"
- # Certificate "GTS Root R1"
- # Certificate "GTS Root R2"
- # Certificate "GTS Root R3"
- # Certificate "GTS Root R4"
- # Certificate "Hellenic Academic and Research Institutions RootCA 2011"
- # Certificate "Network Solutions Certificate Authority"
- # Certificate "SwissSign Platinum CA - G2"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- update to CKBI 2.60 from NSS 3.86
- removed old certificates:
- # Certificate "EC-ACC"
- # Certificate "GlobalSign ECC Root CA - R4"
- # Certificate "GTS Root R1"
- # Certificate "GTS Root R2"
- # Certificate "GTS Root R3"
- # Certificate "GTS Root R4"
- # Certificate "Hellenic Academic and Research Institutions RootCA 2011"
- # Certificate "Network Solutions Certificate Authority"
- # Certificate "SwissSign Platinum CA - G2"
0
tuxcare-centos6-els
ca-certificates-2022.2.60-60.1.el6.tuxcare.els1.noarch.rpm
335351c453ea51f244a696dd3b0cedfb690e8deb
CLSA-2023:1677231280
git: Fix of 4 CVEs
TuxCare License Agreement
0
- CVE-2022-41903: fix out-of-bounds write caused by integer overflow
- CVE-2021-40330: forbid newlines in host and path
- CVE-2022-39260: reject too long command line strings
- CVE-2023-23946: prevent git-apply from writing behind newly created symbolic links
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-41903: fix out-of-bounds write caused by integer overflow
- CVE-2021-40330: forbid newlines in host and path
- CVE-2022-39260: reject too long command line strings
- CVE-2023-23946: prevent git-apply from writing behind newly created symbolic links
0
tuxcare-centos6-els
emacs-git-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm
ea208d20f96c799b3d29c907cb1ba9b5f9097b1e
emacs-git-el-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm
de92c2a38829b987ffa33a79533b55612ccfafb4
git-1.7.1-10.el6_10.tuxcare.els1.x86_64.rpm
862386ab3612dafae4ab936fc52d500f80bf8c38
git-all-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm
691dc32a74c22b9c735bfc3043bf406fdd106b54
git-cvs-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm
bf7f1cea962e9711de558b48ce3b0e26e99b77f8
git-daemon-1.7.1-10.el6_10.tuxcare.els1.x86_64.rpm
ee6ce52f977fa7a9ba184193610babe087556066
git-email-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm
1449c54d02feb4c4b0e76be551af4a60f22af3e1
git-gui-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm
2e9af3d43d8e05861719ecc0bc33d12361e8444b
git-svn-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm
164f8f7d13ba5846dd5e4851bbd0a00011e30596
gitk-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm
3e05a1721b3cd46542e2cf3a5ce30a496365f253
gitweb-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm
eaba88291b51df5c24b4151fe88f27e80bb33f3c
perl-Git-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm
bcf77ce4c45fc433a46f37d799681fc266bd1c1f
CLSA-2023:1677791921
tar: Fix of CVE-2022-48303
TuxCare License Agreement
0
- CVE-2022-48303: check for the end of field after leading byte (0x80 or 0xff)
of base-256 encoded header value
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-48303: check for the end of field after leading byte (0x80 or 0xff)
of base-256 encoded header value
0
tuxcare-centos6-els
tar-1.23-15.el6_8.tuxcare.els1.x86_64.rpm
d80e4a2a078f5fa80155549c1198d54331b25655
CLSA-2023:1678136793
httpd: Fix of CVE-2006-20001
TuxCare License Agreement
0
- CVE-2006-20001: mod_dav: out-of-bounds read/write
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2006-20001: mod_dav: out-of-bounds read/write
0
tuxcare-centos6-els
httpd-2.2.15-72.el6.tuxcare.els9.x86_64.rpm
616857ddb5f37cc461862bcc74ec87b1f95cc70d
httpd-devel-2.2.15-72.el6.tuxcare.els9.i686.rpm
cae52e90c5977a8286934cf4fee3f9f64f8792d4
httpd-devel-2.2.15-72.el6.tuxcare.els9.x86_64.rpm
ffdfc7e7c34748f5074be62240cf430a460584ce
httpd-manual-2.2.15-72.el6.tuxcare.els9.noarch.rpm
770fdb7670c8a253813fdb1d5927003a8c405143
httpd-tools-2.2.15-72.el6.tuxcare.els9.x86_64.rpm
12501cf1bd272ff1e9ac5d4ca4039a52243e82f7
mod_ssl-2.2.15-72.el6.tuxcare.els9.x86_64.rpm
e8e8efb055509bb2219958fb55cfbd259a5a6a2c
CLSA-2023:1678136944
python: Fix of CVE-2023-24329
TuxCare License Agreement
0
- CVE-2023-24329: Prevent urllib.parse.urlparse from accepting schemes that
don't begin with an alphabetical ASCII character
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-24329: Prevent urllib.parse.urlparse from accepting schemes that
don't begin with an alphabetical ASCII character
0
tuxcare-centos6-els
python-2.6.6-70.el6.tuxcare.els9.i686.rpm
7839d2b74e19e740b9dd707f96ba8496965d93d3
python-2.6.6-70.el6.tuxcare.els9.x86_64.rpm
4c440290802b157673f94fa660449c1ded3bdbcf
python-devel-2.6.6-70.el6.tuxcare.els9.i686.rpm
923e197d141f1dce6304fee513ae461ad644316f
python-devel-2.6.6-70.el6.tuxcare.els9.x86_64.rpm
940bf0da43dd129fc9f9a7e5e76850c11b49145f
python-libs-2.6.6-70.el6.tuxcare.els9.i686.rpm
64661eed7360cd0b700b64a4e093dcbfc91bcf5a
python-libs-2.6.6-70.el6.tuxcare.els9.x86_64.rpm
8003148b667ee781bcacad40ad6d1508d032ae42
python-test-2.6.6-70.el6.tuxcare.els9.x86_64.rpm
483c15d69879023c9f1249a35d03f736a2327219
python-tools-2.6.6-70.el6.tuxcare.els9.x86_64.rpm
9c1e01bb99be8e5f0c3b0f87ede192003c121d85
tkinter-2.6.6-70.el6.tuxcare.els9.x86_64.rpm
e2d0722ae946bddf92785fd366f982e036422086
CLSA-2023:1678395661
php: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2023-0567: crypt: Fix validation of malformed BCrypt hashes
- CVE-2023-0568: Fix array overrun when appending slash to paths
- CVE-2023-0662: Fix DoS vulnerability when parsing multipart request body
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-0567: crypt: Fix validation of malformed BCrypt hashes
- CVE-2023-0568: Fix array overrun when appending slash to paths
- CVE-2023-0662: Fix DoS vulnerability when parsing multipart request body
0
tuxcare-centos6-els
php-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
dfbd066f04c33ddbfcc06d70b9a351225235fa0c
php-bcmath-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
1ca3aacda5c62ee99dac439cab48f04522af2e7a
php-cli-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
d25bdfc2b370d1ea4b6823a5115e394f8837dad1
php-common-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
01c4b06fad511139d31b0128e75178e23aa043cc
php-dba-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
c224de30531b1aec8872385b09048d29d3fbcb58
php-devel-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
1f8270bd5c125355610c879fc67f32bb2a8f85b6
php-embedded-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
bd91df9383f30878e12e4fe451597678a7967daf
php-enchant-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
ac119a7c10fbdb4900b47d89ec0604c1604f1c80
php-fpm-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
b6d7fe029cad282bb8c459447218d8e09eb19887
php-gd-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
e44aeb54c247b2b21f711b9dd4acb6a262cb61b7
php-imap-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
dec7cde8988673c35cb618396e3d341cc288c788
php-intl-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
7603318f848b0bcc3f815e6a6f638e260fb699c7
php-ldap-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
6658735ff3017100daa96026115e4ecd2ee4f8fb
php-mbstring-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
8a6f8b48b305175aef2fb015942936b3f01e7600
php-mysql-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
1a7fc47a3c10f2192f812598f98eeaff9ea235d5
php-odbc-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
953c8a6650de78aee6012a2652f75102501bdf50
php-pdo-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
6e1defc4f825f8a8feea8ac39ac443829f4aef6d
php-pgsql-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
ff91073998a7f43451b167ae039bcba0e48fb269
php-process-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
e3ce61046899172f43a25490640f5400d40c352b
php-pspell-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
d200fbd42fe5051db3188464ab6e658475e3a825
php-recode-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
7264d737a02efb45fbf86a030c4f1af23d766013
php-snmp-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
bec5bb1b7c6c351bc0194d6f72ba35b67f972681
php-soap-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
c86ef4950a3ce1863b1586661c843e757103af1d
php-tidy-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
04c101c83defa27ef2e3b473298011e582ecdd4c
php-xml-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
285e284ddb569370bbe140057431273b9ad6608b
php-xmlrpc-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
1d135ba7b6bc686368352996e632297b52d6345b
php-zts-5.3.3-55.el6.tuxcare.els4.x86_64.rpm
a0494afcf91db5002721bc2de5dc53f0fcd1d70f
CLSA-2023:1678820960
vim: Fix of CVE-2023-1175
TuxCare License Agreement
0
- CVE-2023-1175: make sure "startspaces" is not negative
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-1175: make sure "startspaces" is not negative
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els38.x86_64.rpm
e428e2fd7edef8887307eeb96e0a746a61dfae65
vim-common-7.4.629-5.2.el6.tuxcare.els38.x86_64.rpm
2c64f69d59984f01bb00085caf0448f25eb63050
vim-enhanced-7.4.629-5.2.el6.tuxcare.els38.x86_64.rpm
e21ae6a8f3fd3df066d497e714325955fc2e8357
vim-filesystem-7.4.629-5.2.el6.tuxcare.els38.x86_64.rpm
3f34d6f5749d6a0753610e00c30ce3258c6ae149
vim-minimal-7.4.629-5.2.el6.tuxcare.els38.x86_64.rpm
af4a3ca5eeb3fe5aa32dfcf923d2633399dc9d11
CLSA-2023:1679924984
vim: Fix of CVE-2023-1170
TuxCare License Agreement
0
- CVE-2023-1170: adjust the cursor column if needed
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-1170: adjust the cursor column if needed
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els39.x86_64.rpm
1e4f1d904b4963bdec315a82f447127a6468eb6c
vim-common-7.4.629-5.2.el6.tuxcare.els39.x86_64.rpm
2b04c88c4be693e864e5daac3e5dbc07ad0a87a3
vim-enhanced-7.4.629-5.2.el6.tuxcare.els39.x86_64.rpm
32062469f4cd26ffd69d37e12d74139b3147cdf3
vim-filesystem-7.4.629-5.2.el6.tuxcare.els39.x86_64.rpm
433766315334d33a7c1af63851918df9dc998161
vim-minimal-7.4.629-5.2.el6.tuxcare.els39.x86_64.rpm
27d4ec743d95b573186bb0437e235f4886d163fc
CLSA-2023:1681288130
Update of microcode_ctl
TuxCare License Agreement
0
- Update Intel CPU microcode to microcode-20230214 release:
- Addition of 06-6c-01/0x10 microcode (in microcode.dat) at revision
0x1000211;
- Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429;
- Addition of 06-9a-04/0x80 microcode (in microcode.dat) at revision 0x429;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429;
- Addition of 06-9a-04/0x80 microcode (in microcode.dat) at revision 0x429;
- Addition of 06-b7-01/0x32 microcode (in microcode.dat) at revision 0x112;
- Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e;
- Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e;
- Addition of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x410e;
- Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e;
- Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e;
- Addition of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x410e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Update of 06-37-09/0x0f (VLV D0) microcode (in microcode.dat) from revision
0x90c up to 0x90d;
- Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in microcode.dat)
from revision 0xec up to 0xf0;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode (in microcode.dat) from
revision 0x100015c up to 0x1000161;
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
microcode.dat) from revision 0x2006c0a up to 0x2006e05;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode (in microcode.dat) from
revision 0x400320a up to 0x4003303;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat)
from revision 0x500320a up to 0x5003303;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode (in microcode.dat) from
revision 0x7002402 up to 0x7002503;
- Update of 06-5c-09/0x03 (APL D0) microcode (in microcode.dat) from revision
0x46 up to 0x48;
- Update of 06-5c-0a/0x03 (APL B1/F1) microcode (in microcode.dat) from
revision 0x24 up to 0x28;
- Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in
microcode.dat) from revision 0xec up to 0xf0;
- Update of 06-5f-01/0x01 (DNV B0) microcode (in microcode.dat) from revision
0x36 up to 0x38;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in microcode.dat) from
revision 0xd000331 up to 0xd000389;
- Update of 06-7a-01/0x01 (GLK B0) microcode (in microcode.dat) from revision
0x38 up to 0x3e;
- Update of 06-7a-08/0x01 (GLK-R R0) microcode (in microcode.dat) from
revision 0x1c up to 0x22;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from
revision 0xa8 up to 0xb8;
- Update of 06-8a-01/0x10 (LKF B2/B3) microcode (in microcode.dat) from
revision 0x2d up to 0x32;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from
revision 0x9a up to 0xa6;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in microcode.dat) from
revision 0x22 up to 0x28;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in microcode.dat) from
revision 0x3c up to 0x42;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from
revision 0xec up to 0xf0;
- Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in microcode.dat)
from revision 0xec up to 0xf0;
- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
microcode.dat) from revision 0xec up to 0xf0;
- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in microcode.dat) from
revision 0xec up to 0xf0;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode
(in microcode.dat) from revision 0xec up to 0xf4;
- Update of 06-96-01/0x01 (EHL B1) microcode (in microcode.dat) from revision
0x15 up to 0x17;
- Update of 06-9c-00/0x01 (JSL A0/A1) microcode (in microcode.dat) from
revision 0x2400001f up to 0x24000024;
- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
microcode.dat) from revision 0xec up to 0xf0;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat)
from revision 0xec up to 0xf0;
- Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from
revision 0xec up to 0xf0;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat)
from revision 0xec up to 0xf0;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat)
from revision 0xec up to 0xf4;
- Update of 06-a5-02/0x20 (CML-H R1) microcode (in microcode.dat) from
revision 0xec up to 0xf4;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from
revision 0xec up to 0xf4;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from
revision 0xee up to 0xf4;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from
revision 0xea up to 0xf4;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from
revision 0xec up to 0xf4;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode (in microcode.dat) from
revision 0x50 up to 0x57;
- Fixes in releasenote.md file.
- Improving of the auxilary script gen_updates2.py.
- Increase a number of the epoch.
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update Intel CPU microcode to microcode-20230214 release:
- Addition of 06-6c-01/0x10 microcode (in microcode.dat) at revision
0x1000211;
- Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000170;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000181;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429;
- Addition of 06-9a-04/0x80 microcode (in microcode.dat) at revision 0x429;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429;
- Addition of 06-9a-04/0x80 microcode (in microcode.dat) at revision 0x429;
- Addition of 06-b7-01/0x32 microcode (in microcode.dat) at revision 0x112;
- Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e;
- Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e;
- Addition of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x410e;
- Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e;
- Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e;
- Addition of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x410e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c;
- Update of 06-37-09/0x0f (VLV D0) microcode (in microcode.dat) from revision
0x90c up to 0x90d;
- Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in microcode.dat)
from revision 0xec up to 0xf0;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode (in microcode.dat) from
revision 0x100015c up to 0x1000161;
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
microcode.dat) from revision 0x2006c0a up to 0x2006e05;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode (in microcode.dat) from
revision 0x400320a up to 0x4003303;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat)
from revision 0x500320a up to 0x5003303;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode (in microcode.dat) from
revision 0x7002402 up to 0x7002503;
- Update of 06-5c-09/0x03 (APL D0) microcode (in microcode.dat) from revision
0x46 up to 0x48;
- Update of 06-5c-0a/0x03 (APL B1/F1) microcode (in microcode.dat) from
revision 0x24 up to 0x28;
- Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in
microcode.dat) from revision 0xec up to 0xf0;
- Update of 06-5f-01/0x01 (DNV B0) microcode (in microcode.dat) from revision
0x36 up to 0x38;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in microcode.dat) from
revision 0xd000331 up to 0xd000389;
- Update of 06-7a-01/0x01 (GLK B0) microcode (in microcode.dat) from revision
0x38 up to 0x3e;
- Update of 06-7a-08/0x01 (GLK-R R0) microcode (in microcode.dat) from
revision 0x1c up to 0x22;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from
revision 0xa8 up to 0xb8;
- Update of 06-8a-01/0x10 (LKF B2/B3) microcode (in microcode.dat) from
revision 0x2d up to 0x32;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from
revision 0x9a up to 0xa6;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in microcode.dat) from
revision 0x22 up to 0x28;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in microcode.dat) from
revision 0x3c up to 0x42;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from
revision 0xec up to 0xf0;
- Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in microcode.dat)
from revision 0xec up to 0xf0;
- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
microcode.dat) from revision 0xec up to 0xf0;
- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in microcode.dat) from
revision 0xec up to 0xf0;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode
(in microcode.dat) from revision 0xec up to 0xf4;
- Update of 06-96-01/0x01 (EHL B1) microcode (in microcode.dat) from revision
0x15 up to 0x17;
- Update of 06-9c-00/0x01 (JSL A0/A1) microcode (in microcode.dat) from
revision 0x2400001f up to 0x24000024;
- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
microcode.dat) from revision 0xec up to 0xf0;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat)
from revision 0xec up to 0xf0;
- Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from
revision 0xec up to 0xf0;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat)
from revision 0xec up to 0xf0;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat)
from revision 0xec up to 0xf4;
- Update of 06-a5-02/0x20 (CML-H R1) microcode (in microcode.dat) from
revision 0xec up to 0xf4;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from
revision 0xec up to 0xf4;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from
revision 0xee up to 0xf4;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from
revision 0xea up to 0xf4;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from
revision 0xec up to 0xf4;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode (in microcode.dat) from
revision 0x50 up to 0x57;
- Fixes in releasenote.md file.
- Improving of the auxilary script gen_updates2.py.
- Increase a number of the epoch.
0
tuxcare-centos6-els
microcode_ctl-1.17-33.38.el6_10.tuxcare.els1.x86_64.rpm
cac77a3416667c56b84c795fc33bb46148ae39d4
CLSA-2023:1681327540
nss: Fix of CVE-2023-0767
TuxCare License Agreement
0
- CVE-2023-0767: nss: improve handling of unknown PKCS#12 safe bag types
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-0767: nss: improve handling of unknown PKCS#12 safe bag types
0
tuxcare-centos6-els
nss-3.44.0-12.el6.tuxcare.els3.i686.rpm
08bd7126115b16c16df2f49389e73b28caf6ad5c
nss-3.44.0-12.el6.tuxcare.els3.x86_64.rpm
a7b7e76d4358ebfe25c38e2c10f8a60b7f840c9b
nss-devel-3.44.0-12.el6.tuxcare.els3.i686.rpm
5469a49f3e799971fed0cab75f86668d888e972f
nss-devel-3.44.0-12.el6.tuxcare.els3.x86_64.rpm
36600282fa71c67a8582aa5e42f76ab32d39d783
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els3.i686.rpm
4e0459ada06ec962e1c8b953dc484412aed5da8a
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els3.x86_64.rpm
596b683b2c2660944fd2081c37d875a9b251934a
nss-sysinit-3.44.0-12.el6.tuxcare.els3.x86_64.rpm
8b0a7d235cb0a53837ceb569bb05041fa2b49021
nss-tools-3.44.0-12.el6.tuxcare.els3.x86_64.rpm
8d04b83e032d8d7d584eb851723ffbe8474d6ae0
CLSA-2023:1681490707
curl: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2023-27533: prevent TELNET option from IAC injection
- CVE-2023-27535: fix behavior when FTP too eager connection reuse
- CVE-2023-27536: do not reuse connections with different GSS delegations
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-27533: prevent TELNET option from IAC injection
- CVE-2023-27535: fix behavior when FTP too eager connection reuse
- CVE-2023-27536: do not reuse connections with different GSS delegations
0
tuxcare-centos6-els
curl-7.19.7-59.el6.tuxcare.els8.x86_64.rpm
6720f5bc166cafc57c08681f949d2b45c29edfa2
libcurl-7.19.7-59.el6.tuxcare.els8.i686.rpm
3f3d153596d6cb8d28d340dbf178fa2359499073
libcurl-7.19.7-59.el6.tuxcare.els8.x86_64.rpm
c5f4076ff2bef77fb95489b5e8456688daf3d9ec
libcurl-devel-7.19.7-59.el6.tuxcare.els8.i686.rpm
4e6c3eb7544f748dbeb06b4f9b2eadabfead468a
libcurl-devel-7.19.7-59.el6.tuxcare.els8.x86_64.rpm
bcb8a750aae5cceabc058de9193e92814075465d
CLSA-2023:1682347721
curl: Fix of CVE-2023-27534
TuxCare License Agreement
0
- CVE-2023-27534: fix SFTP path '~' resolving discrepancy
- fix resolving SCP relative path
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-27534: fix SFTP path '~' resolving discrepancy
- fix resolving SCP relative path
0
tuxcare-centos6-els
curl-7.19.7-59.el6.tuxcare.els9.x86_64.rpm
950f950a011519513778f6538a4554d64f9de5a2
libcurl-7.19.7-59.el6.tuxcare.els9.i686.rpm
6c745ad14f2c463bb33efd77f4a33cdc6f8009a5
libcurl-7.19.7-59.el6.tuxcare.els9.x86_64.rpm
6b51e6423cec17c1b3ce93ccdf3c7bc883d52111
libcurl-devel-7.19.7-59.el6.tuxcare.els9.i686.rpm
ada2e68caf9e43481ebf6d4d556d181a39e179ce
libcurl-devel-7.19.7-59.el6.tuxcare.els9.x86_64.rpm
3e6dfc5b1c8fcf2a730370072ab1ec99d4922b86
CLSA-2023:1682705952
kernel: Fix of 7 CVEs
TuxCare License Agreement
0
- mISDN: fix use-after-free bugs in l1oip timer handlers {CVE-2022-3565}
- media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() {CVE-2023-1118}
- Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work {CVE-2023-1989}
- proc: proc_skip_spaces() shouldn't think it is working on C strings {CVE-2022-4378}
- proc: avoid integer type confusion in get_proc_long {CVE-2022-4378}
- floppy: use a statically allocated error counter {CVE-2022-1652}
- af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register {CVE-2022-1353}
- usb: mon: make mmapped memory read only {CVE-2022-43750}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- mISDN: fix use-after-free bugs in l1oip timer handlers {CVE-2022-3565}
- media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() {CVE-2023-1118}
- Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work {CVE-2023-1989}
- proc: proc_skip_spaces() shouldn't think it is working on C strings {CVE-2022-4378}
- proc: avoid integer type confusion in get_proc_long {CVE-2022-4378}
- floppy: use a statically allocated error counter {CVE-2022-1652}
- af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register {CVE-2022-1353}
- usb: mon: make mmapped memory read only {CVE-2022-43750}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm
7bc1d6419b9da5671fdce0af165d3382d5f3f577
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm
95f30a3a77c1ec0ef51ce4d5840c6a7646c1317a
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els12.i686.rpm
8148fb43945be7155633c052344c2b2d7880d7d0
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm
9d09330dcd75fc0aebee359d1f9b9cd5f0a69801
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm
5aeca82f4981f516ff6ab848a1b732be63677798
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm
ca99dacb9f559a7982c9ddabd3dce68992304d50
perf-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm
af9da221e18290407cc8d1e4d6e2110c02b5a6b5
python-perf-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm
81bdeac5ecfecc2c013b39132798f9541504b0d1
CLSA-2023:1682711481
kernel: Fix of 7 CVEs
TuxCare License Agreement
0
- mISDN: fix use-after-free bugs in l1oip timer handlers {CVE-2022-3565}
- media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() {CVE-2023-1118}
- Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work {CVE-2023-1989}
- proc: proc_skip_spaces() shouldn't think it is working on C strings {CVE-2022-4378}
- proc: avoid integer type confusion in get_proc_long {CVE-2022-4378}
- floppy: use a statically allocated error counter {CVE-2022-1652}
- af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register {CVE-2022-1353}
- usb: mon: make mmapped memory read only {CVE-2022-43750}
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- mISDN: fix use-after-free bugs in l1oip timer handlers {CVE-2022-3565}
- media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() {CVE-2023-1118}
- Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work {CVE-2023-1989}
- proc: proc_skip_spaces() shouldn't think it is working on C strings {CVE-2022-4378}
- proc: avoid integer type confusion in get_proc_long {CVE-2022-4378}
- floppy: use a statically allocated error counter {CVE-2022-1652}
- af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register {CVE-2022-1353}
- usb: mon: make mmapped memory read only {CVE-2022-43750}
0
tuxcare-centos6-els
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els12.noarch.rpm
299302d885f8c88721b8ec6a680c163360417fdc
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els12.noarch.rpm
5011ab81a7cb9e0be4a0e12268bb4ea3c3f0659e
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els12.noarch.rpm
0ce4d3163bd05ccadd1302363bc46f797afb31f5
CLSA-2023:1683236532
openssl: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2023-0464: Fix excessive resource use verifying X.509 policy constraints
- CVE-2023-0466: Fix documentation of X509_VERIFY_PARAM_add0_policy()
- CVE-2022-3996: Drop redundant flag setting in policy_cache_set_mapping()
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-0464: Fix excessive resource use verifying X.509 policy constraints
- CVE-2023-0466: Fix documentation of X509_VERIFY_PARAM_add0_policy()
- CVE-2022-3996: Drop redundant flag setting in policy_cache_set_mapping()
0
tuxcare-centos6-els
openssl-1.0.1e-63.el6.tuxcare.els9.i686.rpm
99628e1a21638273b69cb2ef84f64c8c3ecda122
openssl-1.0.1e-63.el6.tuxcare.els9.x86_64.rpm
8a3780f5e3b474609605c35f9a9c2e22777e922a
openssl-devel-1.0.1e-63.el6.tuxcare.els9.i686.rpm
fb70a65a7aefb7864f5f5d5ceef6e15562315868
openssl-devel-1.0.1e-63.el6.tuxcare.els9.x86_64.rpm
e56ba76a0063a8b3a3acbd2bfbfafd85e9280a1b
openssl-perl-1.0.1e-63.el6.tuxcare.els9.x86_64.rpm
5c05e4287a621d8da9bfe13dc3113f870449fb39
openssl-static-1.0.1e-63.el6.tuxcare.els9.x86_64.rpm
2772a2818b4bfdc6f012cc67ab3f6670972c1751
CLSA-2023:1683814164
git: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-25652: removing a link instead of writing into
- CVE-2023-29007: restrict the config file line length to parse it whole
- tests were activated
- a buffer overflow during reading of configuration's enormous value has been fixed
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-25652: removing a link instead of writing into
- CVE-2023-29007: restrict the config file line length to parse it whole
- tests were activated
- a buffer overflow during reading of configuration's enormous value has been fixed
0
tuxcare-centos6-els
emacs-git-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm
95c29d35096ac6654c930f8a926a00d20ea2c37b
emacs-git-el-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm
9b95c060d362c54b43c566e0983aa23402edee5e
git-1.7.1-10.el6_10.tuxcare.els2.x86_64.rpm
5f829c92476b8e16f800cd09e9ce78f6b0810727
git-all-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm
612c3fa5f61f4f7368d3aa102a2690b39a27c632
git-cvs-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm
ace5cb173d8208e92aa31d91a3ee347657b684d1
git-daemon-1.7.1-10.el6_10.tuxcare.els2.x86_64.rpm
7ca00d97cc38a62c84111cc2503a6b61bd0f0541
git-email-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm
f2fbf7b4580a8c4fb1b553ca4d9ba189b8724704
git-gui-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm
9ca35eaf55148aaa953ae4a14f5b91ff7babd7f1
git-svn-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm
7cf07ded6b4270714f3ff39f5ab86e0378b34e29
gitk-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm
3bf1ed4d26fda74f1d9690de50785904a6d07390
gitweb-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm
aff336c1cf8906450f1c29f0c9f17b302cfb652b
perl-Git-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm
cf19c1aa7c1d8e5481648aa40999386f72c3fdee
CLSA-2023:1685377120
sysstat: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2022-39377: fix possible buffer overflow
- CVE-2023-33204: fix possible buffer overflow in an incomplete fix for
CVE-2022-39377
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-39377: fix possible buffer overflow
- CVE-2023-33204: fix possible buffer overflow in an incomplete fix for
CVE-2022-39377
0
tuxcare-centos6-els
sysstat-9.0.4-33.el6_9.1.tuxcare.els1.x86_64.rpm
09dc93d1a3873ec7a8883668357b52df6588ceb4
CLSA-2023:1685377319
vim: Fix of CVE-2023-2610
TuxCare License Agreement
0
- CVE-2023-2610: limit the text length to MAXCOL
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-2610: limit the text length to MAXCOL
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els40.x86_64.rpm
c4748c10e9648586fc56ae90516c91ded484fc5e
vim-common-7.4.629-5.2.el6.tuxcare.els40.x86_64.rpm
580eecbbe570752504fd14e54eaf4b780cac9fc4
vim-enhanced-7.4.629-5.2.el6.tuxcare.els40.x86_64.rpm
dab5102f1aaf9c30f28c5907d65cf1340dad65ca
vim-filesystem-7.4.629-5.2.el6.tuxcare.els40.x86_64.rpm
b0d443a1699e74f699d077edad9d8f5789ae89a7
vim-minimal-7.4.629-5.2.el6.tuxcare.els40.x86_64.rpm
7c00584b1c303bf79c9a403eb08a0ded7d41d615
CLSA-2023:1685634253
vim: Fix of CVE-2023-2609
TuxCare License Agreement
0
- CVE-2023-2609: check "y_array" is not NULL
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-2609: check "y_array" is not NULL
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els41.x86_64.rpm
4053410522ba5f8d7e264310c449a2d6fb2c9a6d
vim-common-7.4.629-5.2.el6.tuxcare.els41.x86_64.rpm
358fc7ececee012daacbf6ebdf038c1726dc99d4
vim-enhanced-7.4.629-5.2.el6.tuxcare.els41.x86_64.rpm
3cb18f7ab7b67ccf74c02482d474d5a53109e469
vim-filesystem-7.4.629-5.2.el6.tuxcare.els41.x86_64.rpm
b1c91c7e6ae6e3665e60debb2c0cada7d3dcf6c0
vim-minimal-7.4.629-5.2.el6.tuxcare.els41.x86_64.rpm
ecfd017385513eb6acc9b27cb28d111af3744b7c
CLSA-2023:1687268961
openssl: Fix of CVE-2023-2650
TuxCare License Agreement
0
- CVE-2023-2650: Restrict the size of OBJECT IDENTIFIERs that OBJ_obj2txt will
translate
- Update expired smime/SM2 certificates that affect tests.
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-2650: Restrict the size of OBJECT IDENTIFIERs that OBJ_obj2txt will
translate
- Update expired smime/SM2 certificates that affect tests.
0
tuxcare-centos6-els
openssl-1.0.1e-63.el6.tuxcare.els10.i686.rpm
a6f355ad0ee1569c949b4285621e510896bb38a2
openssl-1.0.1e-63.el6.tuxcare.els10.x86_64.rpm
3b2e075880843e387efab969d675160ee8e021ec
openssl-devel-1.0.1e-63.el6.tuxcare.els10.i686.rpm
20eb73d8e46ef94cac585eda63df714ef9d231f2
openssl-devel-1.0.1e-63.el6.tuxcare.els10.x86_64.rpm
1d087378232e25c88afab61fae89f8de04544beb
openssl-perl-1.0.1e-63.el6.tuxcare.els10.x86_64.rpm
da5b3655214dc382049c9c692459072d3a54dfe2
openssl-static-1.0.1e-63.el6.tuxcare.els10.x86_64.rpm
386d3da78b853cf1ea0c1ec823fff141c6fceb82
CLSA-2023:1687794906
exim: Fix of CVE-2021-38371
TuxCare License Agreement
0
- CVE-2021-38371: Enforce STARTTLS sync point, client side
in src/transports/smtp.c
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2021-38371: Enforce STARTTLS sync point, client side
in src/transports/smtp.c
0
tuxcare-centos6-els
exim-4.92.3-3.el6.tuxcare.els3.x86_64.rpm
072534d6edbe5a1966593b19577b9482c4a409d9
exim-greylist-4.92.3-3.el6.tuxcare.els3.x86_64.rpm
d681192c1ab46c0fc753fb5e177950fe696415cc
exim-mon-4.92.3-3.el6.tuxcare.els3.x86_64.rpm
c5774e0275370c5c9500c284e319bf7bbcc7f7f8
exim-mysql-4.92.3-3.el6.tuxcare.els3.x86_64.rpm
63797e7d4ecc7d86e16f0ccb061a7ec938fa5648
exim-pgsql-4.92.3-3.el6.tuxcare.els3.x86_64.rpm
204d1ae2ac7eed3df818d040f67399bee091d125
CLSA-2023:1688679460
Update of tzdata
TuxCare License Agreement
0
- Upgrade to tzdata-2023c (code and data are identical to 2023a)
- Egypt now uses DST again, from April through October.
- This year Morocco springs forward April 23, not April 30.
- Palestine delays the start of DST this year.
- Much of Greenland still uses DST from 2024 on.
- America/Yellowknife now links to America/Edmonton.
- tzselect can now use current time to help infer timezone.
- Adapt 0003-continue-to-ship-posixrules.patch to the new source code.
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to tzdata-2023c (code and data are identical to 2023a)
- Egypt now uses DST again, from April through October.
- This year Morocco springs forward April 23, not April 30.
- Palestine delays the start of DST this year.
- Much of Greenland still uses DST from 2024 on.
- America/Yellowknife now links to America/Edmonton.
- tzselect can now use current time to help infer timezone.
- Adapt 0003-continue-to-ship-posixrules.patch to the new source code.
0
tuxcare-centos6-els
tzdata-2023c-1.el6.tuxcare.els1.noarch.rpm
769edd544dc785a3dd5df54b76ca5181c0c912b8
tzdata-java-2023c-1.el6.tuxcare.els1.noarch.rpm
7e9414916f45390c10cbfc6fe1cef2c6a165ec41
CLSA-2023:1688679628
java-1.8.0-openjdk: Fix of 7 CVEs
TuxCare License Agreement
0
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u372-b07. That fixes following CVEs:
- CVE-2023-21930: Improper connection handling during TLS handshake (8294474)
- CVE-2023-21937: Missing string checks for NULL characters (8296622)
- CVE-2023-21938: Incorrect handling of NULL characters in ProcessBuilder (8295304)
- CVE-2023-21939: Swing HTML parsing issue (8296832)
- CVE-2023-21954: Incorrect enqueue of references in garbage collector (8298191)
- CVE-2023-21967: Certificate validation issue in TLS session negotiation (8298310)
- CVE-2023-21968: Missing check for slash characters in URI-to-path conversion (8298667)
- Update tzdata requirement to 2023c to match JDK-8305113
- Include JDK-8271199 fix from the upcoming jdk8u382 in advance
- Remove patches which are not used
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u372-b07. That fixes following CVEs:
- CVE-2023-21930: Improper connection handling during TLS handshake (8294474)
- CVE-2023-21937: Missing string checks for NULL characters (8296622)
- CVE-2023-21938: Incorrect handling of NULL characters in ProcessBuilder (8295304)
- CVE-2023-21939: Swing HTML parsing issue (8296832)
- CVE-2023-21954: Incorrect enqueue of references in garbage collector (8298191)
- CVE-2023-21967: Certificate validation issue in TLS session negotiation (8298310)
- CVE-2023-21968: Missing check for slash characters in URI-to-path conversion (8298667)
- Update tzdata requirement to 2023c to match JDK-8305113
- Include JDK-8271199 fix from the upcoming jdk8u382 in advance
- Remove patches which are not used
0
tuxcare-centos6-els
java-1.8.0-openjdk-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm
5faaf0bd55abe5bf216bc7a042ef2ed0cad470e7
java-1.8.0-openjdk-debug-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm
032fc1c2a2e9655d9e8410af23985e28f8824e4f
java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm
115f6adf150d4daf147123bcee06b6a3e6415dda
java-1.8.0-openjdk-demo-debug-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm
d42154b9db9d4579add944c7687bc3bd0dbf9fa3
java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm
022cc8236812376b556642375113aee82eb512cd
java-1.8.0-openjdk-devel-debug-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm
ece48975021efd97ba732b015a70779a19e6f4d4
java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm
f0d617ece53f9aedc6c85d9a109ab4f4f6dbfe06
java-1.8.0-openjdk-headless-debug-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm
e91f230f17a2c840543ce42642d91818c6cc9e04
java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.el6.tuxcare.els1.noarch.rpm
09845d569b150200903de0c968b1b7647060b8c7
java-1.8.0-openjdk-javadoc-debug-1.8.0.372.b07-1.el6.tuxcare.els1.noarch.rpm
096d8aacccc64763153f62eeaeb53493599d1ab3
java-1.8.0-openjdk-src-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm
601f6fcb55a61145062a1430613e6caec4ca7c1f
java-1.8.0-openjdk-src-debug-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm
2768dc6d1e82dd8ce48158be7b784e2bb92944ff
CLSA-2023:1689702499
openldap: Fix of CVE-2023-2953
TuxCare License Agreement
0
- CVE-2023-2953: added check for strdup failure, to avoid null pointer dereference
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-2953: added check for strdup failure, to avoid null pointer dereference
0
tuxcare-centos6-els
openldap-2.4.40-16.el6.tuxcare.els3.i686.rpm
18f4ed5266f453e6d5c20d442c6a55cd075c191b
openldap-2.4.40-16.el6.tuxcare.els3.x86_64.rpm
c454951d324cf31213488629eee951504da4d4d6
openldap-clients-2.4.40-16.el6.tuxcare.els3.x86_64.rpm
9baefe87f33037c6739f6d3a820e9f84e5d7c74d
openldap-devel-2.4.40-16.el6.tuxcare.els3.i686.rpm
b6a9f388d5bd53661c62679b387ce1234e7973a7
openldap-devel-2.4.40-16.el6.tuxcare.els3.x86_64.rpm
9ae58866e0421a26e1815cacabbf65c36aa5d1f4
openldap-servers-2.4.40-16.el6.tuxcare.els3.x86_64.rpm
c80ff0a9d9e37a4e91a878692b4747072d26bcaa
openldap-servers-sql-2.4.40-16.el6.tuxcare.els3.x86_64.rpm
b6ee9e57bc20072ec56ae6e429a14c19bf9acae8
CLSA-2023:1689886440
python: Fix of CVE-2023-24329
TuxCare License Agreement
0
- CVE-2023-24329: part2: Start stripping C0 control and space chars in `urlsplit`
- Also correct the first CVE-2023-24329 patch: Fix test_attributes_bad_scheme
to check for non-ascii symbol as first character of url
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-24329: part2: Start stripping C0 control and space chars in `urlsplit`
- Also correct the first CVE-2023-24329 patch: Fix test_attributes_bad_scheme
to check for non-ascii symbol as first character of url
0
tuxcare-centos6-els
python-2.6.6-70.el6.tuxcare.els10.i686.rpm
f773323f993de7a7ef60ee1c7bc573e3b05370eb
python-2.6.6-70.el6.tuxcare.els10.x86_64.rpm
d9c3b2e98e22c6d8551dd68759b6b7bf5f42d8b9
python-devel-2.6.6-70.el6.tuxcare.els10.i686.rpm
b9e45e633e82e2125d8649c29140279c3029a5e7
python-devel-2.6.6-70.el6.tuxcare.els10.x86_64.rpm
0d8994bf443094e690962a95f4ed06ed93e23ef2
python-libs-2.6.6-70.el6.tuxcare.els10.i686.rpm
2207442a5d6a70f6fc0f789e651ad07cac9be035
python-libs-2.6.6-70.el6.tuxcare.els10.x86_64.rpm
2f9ac15463524ef18a32133eb12f6d5cc8ab6efd
python-test-2.6.6-70.el6.tuxcare.els10.x86_64.rpm
12b11bca3b6bc381e13fb635104dc838895050d0
python-tools-2.6.6-70.el6.tuxcare.els10.x86_64.rpm
da792c255db3071fe44e5d4e53d76dd8c2c4bfc5
tkinter-2.6.6-70.el6.tuxcare.els10.x86_64.rpm
30cd56c7ef57d1d283affff09ca2e1d00687c235
CLSA-2023:1691073784
Update of ca-certificates
TuxCare License Agreement
0
- update to CKBI 2.62 from NSS 3.91
- added new certificates:
- # Certificate "BJCA Global Root CA1"
- # Certificate "BJCA Global Root CA2"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- update to CKBI 2.62 from NSS 3.91
- added new certificates:
- # Certificate "BJCA Global Root CA1"
- # Certificate "BJCA Global Root CA2"
0
tuxcare-centos6-els
ca-certificates-2023.2.62-60.1.el6.tuxcare.els1.noarch.rpm
3618ad86ffaf4bc52280796280f2582d449a8656
CLSA-2023:1691073928
Update of nss
TuxCare License Agreement
0
- Update to CKBI 2.62 from NSS 3.91
- Added:
- # Certificate "BJCA Global Root CA1"
- # Certificate "BJCA Global Root CA2"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update to CKBI 2.62 from NSS 3.91
- Added:
- # Certificate "BJCA Global Root CA1"
- # Certificate "BJCA Global Root CA2"
0
tuxcare-centos6-els
nss-3.44.0-12.el6.tuxcare.els4.i686.rpm
261ac171080927a2366d766caab195afa36906f0
nss-3.44.0-12.el6.tuxcare.els4.x86_64.rpm
86260fbd6f07948c1faf96b071023c8ba35f80c7
nss-devel-3.44.0-12.el6.tuxcare.els4.i686.rpm
276c079ce81b79356d5fa724918a7f10679cd559
nss-devel-3.44.0-12.el6.tuxcare.els4.x86_64.rpm
26c77aa0b5721cc610d858889a0d1a6063db3fd8
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els4.i686.rpm
7bae50f962ce8fe068b11e265e80460022f4fc20
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els4.x86_64.rpm
35bae943944106c357eec86e83db99b0d2a5f4e7
nss-sysinit-3.44.0-12.el6.tuxcare.els4.x86_64.rpm
5dd38441f2e303ddde00dffbe0d05937eeba366d
nss-tools-3.44.0-12.el6.tuxcare.els4.x86_64.rpm
8e00743d19c25fb364a058f7e026d30dce0ae9dd
CLSA-2023:1691081846
java-1.8.0-openjdk: Fix of 2 CVEs
TuxCare License Agreement
0
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u382-b05. That fixes following CVEs:
- CVE-2023-22045: Array indexing integer overflow issue. (8304468)
- CVE-2023-22049: Improper handling of slash characters in URI-to-path conversion (8305312)
- Remove patch for pkcs11 cause issue was fixed in sources
Low
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u382-b05. That fixes following CVEs:
- CVE-2023-22045: Array indexing integer overflow issue. (8304468)
- CVE-2023-22049: Improper handling of slash characters in URI-to-path conversion (8305312)
- Remove patch for pkcs11 cause issue was fixed in sources
0
tuxcare-centos6-els
java-1.8.0-openjdk-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm
2da2c051bde5ddc058c527fc714a63b378189416
java-1.8.0-openjdk-debug-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm
453b66157a118336536127d35ef2703c76e3ed86
java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm
6092e8f702a6d7c0229cc6e8bf80356676c5b23e
java-1.8.0-openjdk-demo-debug-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm
14626213c59e2da9f7497e1dee0acc39e8219c19
java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm
598c39b04b8dd1e93076242802bf7e91dcc748c5
java-1.8.0-openjdk-devel-debug-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm
ba3464b328a215005bb71493649d25a90ca5cba8
java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm
868280398a75e295434e5485eae845df83e071ff
java-1.8.0-openjdk-headless-debug-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm
15652e3e52a2c3f72311f6912edcafe7e3018400
java-1.8.0-openjdk-javadoc-1.8.0.382.b05-1.el6.tuxcare.els1.noarch.rpm
bfe8fbf93d605bcf482ac53be0e16501c5206d6a
java-1.8.0-openjdk-javadoc-debug-1.8.0.382.b05-1.el6.tuxcare.els1.noarch.rpm
fb782162fd1f444bea5cf0cd355556467e2e2fa0
java-1.8.0-openjdk-src-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm
1bda3c6444f43710c54f4f14c74dde4d0b86fd6e
java-1.8.0-openjdk-src-debug-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm
6acff8b0d2206c8217f48cde8f3a342a4d58829b
CLSA-2023:1691576939
openssh: Fix of CVE-2023-38408
TuxCare License Agreement
0
- CVE-2023-38408: checks libraries before dlopen
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-38408: checks libraries before dlopen
0
tuxcare-centos6-els
openssh-5.3p1-125.el6.tuxcare.els5.x86_64.rpm
d112b75567070e2ebc3ab3bee6172b0293e8e72e
openssh-askpass-5.3p1-125.el6.tuxcare.els5.x86_64.rpm
84d451dfd2f58648b35942e3863692b84be03bde
openssh-clients-5.3p1-125.el6.tuxcare.els5.x86_64.rpm
900f94298376d27a8ec74049edd3347b224b21bf
openssh-ldap-5.3p1-125.el6.tuxcare.els5.x86_64.rpm
75d1856e75dfc32d0bbd68ee583383bc5be89aeb
openssh-server-5.3p1-125.el6.tuxcare.els5.x86_64.rpm
c102eaf12a7a06f02eb654ef40b1ce0f1c3dfddc
pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els5.i686.rpm
20cf62cb85a9d4e71b29445795b7a2d3261921ac
pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els5.x86_64.rpm
8ff114eb344d2b8499f2e79d93cdebb249a16f0c
CLSA-2023:1692108914
microcode_ctl: Fix of CVE-2023-20593
TuxCare License Agreement
0
- Update AMD CPU microcode to 2023-07-19 addresses CVE-2023-20593:
- Addition AMD CPU microcode for processor family 17h: sig 0x008a0f00;
- Update AMD CPU microcode for processor family 19h: sig 0x00a00f10,
sig 0x00a00f11, sig 0x00a00f12;
- Update AMD CPU microcode for processor family 17h: sig 0x00830f10;
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update AMD CPU microcode to 2023-07-19 addresses CVE-2023-20593:
- Addition AMD CPU microcode for processor family 17h: sig 0x008a0f00;
- Update AMD CPU microcode for processor family 19h: sig 0x00a00f10,
sig 0x00a00f11, sig 0x00a00f12;
- Update AMD CPU microcode for processor family 17h: sig 0x00830f10;
0
tuxcare-centos6-els
microcode_ctl-1.17-33.39.el6_10.tuxcare.els2.x86_64.rpm
cdf48a5a87084e3f3d2ee388d74a28e412422ddf
CLSA-2023:1692293040
amanda: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2022-37705: fix tar option filtering
- CVE-2023-30577: introduce tar option allow list
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-37705: fix tar option filtering
- CVE-2023-30577: introduce tar option allow list
0
tuxcare-centos6-els
amanda-2.6.1p2-9.el6_6.tuxcare.els1.i686.rpm
a43993a973f6668fe46f871ceebc0bcd544c7ce9
amanda-2.6.1p2-9.el6_6.tuxcare.els1.x86_64.rpm
9373e162fef7170fe511c58035e44c3889577cb6
amanda-client-2.6.1p2-9.el6_6.tuxcare.els1.x86_64.rpm
fabd4cc56b3605ae94e56cbac361a8aa2f9c8dfa
amanda-devel-2.6.1p2-9.el6_6.tuxcare.els1.i686.rpm
c7dcdd41a2d6d97d9ee08d3c52221db59190a5b2
amanda-devel-2.6.1p2-9.el6_6.tuxcare.els1.x86_64.rpm
3f18490ada662bc6e5997290e0eb9c17363e8809
amanda-server-2.6.1p2-9.el6_6.tuxcare.els1.x86_64.rpm
a9d41ca42db7e0fab9558fb417d2652af40d9403
CLSA-2023:1692293238
samba: Fix of CVE-2022-2127
TuxCare License Agreement
0
- CVE-2022-2127: Fix oud-of-bounds read triggered by maliciously request
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-2127: Fix oud-of-bounds read triggered by maliciously request
0
tuxcare-centos6-els
libsmbclient-3.6.23-53.el6_10.tuxcare.els1.i686.rpm
82d44290f79119a8bf95ef90a48db426d8f86672
libsmbclient-3.6.23-53.el6_10.tuxcare.els1.x86_64.rpm
7fdf0e300d024b202cefbe44a63e5a86df3ce49d
libsmbclient-devel-3.6.23-53.el6_10.tuxcare.els1.i686.rpm
7674e59d1fa4160973ccf065b9b94f78ce16d481
libsmbclient-devel-3.6.23-53.el6_10.tuxcare.els1.x86_64.rpm
ce2c9452a91f0fa4d6d2458fe4fb917f51605558
samba-3.6.23-53.el6_10.tuxcare.els1.x86_64.rpm
cbafb6d34eea739e6317f9acca0870e8621eff86
samba-client-3.6.23-53.el6_10.tuxcare.els1.x86_64.rpm
0d6325a1e3354e408081f1e5b3f3c32844b26a1f
samba-common-3.6.23-53.el6_10.tuxcare.els1.i686.rpm
567187b722df05fd1019527b45767358ac7775b9
samba-common-3.6.23-53.el6_10.tuxcare.els1.x86_64.rpm
0a79235a9c88f5aab6383c516b4d8cf273fc1930
samba-doc-3.6.23-53.el6_10.tuxcare.els1.x86_64.rpm
34e947e32e713e90121d8747ea258fa16579a8d1
samba-domainjoin-gui-3.6.23-53.el6_10.tuxcare.els1.x86_64.rpm
cde1824c3f68b245f8631c2af9ce837e10a44396
samba-glusterfs-3.6.23-53.el6_10.tuxcare.els1.x86_64.rpm
a12a54406ab50107f50f06bb2c89e9992684ba91
samba-swat-3.6.23-53.el6_10.tuxcare.els1.x86_64.rpm
f84b28e4e5b32dc5bbae2835342bfad5aeba6531
samba-winbind-3.6.23-53.el6_10.tuxcare.els1.x86_64.rpm
598030553048ab8907c0f6d838e95cdfe5cde3d3
samba-winbind-clients-3.6.23-53.el6_10.tuxcare.els1.i686.rpm
bfb342571bcaff190f8990d19198daad696f5de0
samba-winbind-clients-3.6.23-53.el6_10.tuxcare.els1.x86_64.rpm
cff30cd86f0d1c11141e12d9061b06a164acd5b5
samba-winbind-devel-3.6.23-53.el6_10.tuxcare.els1.i686.rpm
0c7a89574202592c7e98832760758d10426b7a73
samba-winbind-devel-3.6.23-53.el6_10.tuxcare.els1.x86_64.rpm
d6c1ca89f08df3065ce011057b64a4699dfdf048
samba-winbind-krb5-locator-3.6.23-53.el6_10.tuxcare.els1.x86_64.rpm
f184c11653c50f0d1e5cb96eac67d2e9640c0051
CLSA-2023:1692632368
php: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-3823: Fix external entity loading in XML without enabling by
sanitizing libxml2 globals before parsing
- CVE-2023-3824: Fix buffer mismanagement in phar_dir_read()
Low
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-3823: Fix external entity loading in XML without enabling by
sanitizing libxml2 globals before parsing
- CVE-2023-3824: Fix buffer mismanagement in phar_dir_read()
0
tuxcare-centos6-els
php-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
9aa4750d9c3ff6e823bd4bad190b5604cd601780
php-bcmath-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
146c56cc0f2a0b559cc293a9c468d557c14a76f4
php-cli-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
cb3acae99646a2b24e7ddc092550489d7f9c3426
php-common-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
3527b871f13270466e8ea2ba24920b735e22bbc4
php-dba-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
c4013acefab83f928ae2453a3c82abf9a01382e5
php-devel-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
15964865d7adcf05a3e510e0877d3afa81c74890
php-embedded-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
8c0ab5559c2a19b96489dcf4cf6dc92954c08019
php-enchant-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
bff2956db59486f9b77ba86ec208e2d6ced51415
php-fpm-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
f80c1e27fde8553649e6e13d41204b8ca7fdd88d
php-gd-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
45fb06eb1dabf1292307625bf84759b4e546615e
php-imap-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
ac562ead3f89af5ab4a8aa0f38a2d4f0a90c189f
php-intl-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
c2e591a6f5e5340aa16f697b9a3db116d2aedb35
php-ldap-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
5e63e58b13358183fa4ec4a1f5a64f605a7dd221
php-mbstring-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
ef84751cefa61d291252e1e8372a3ddc7b7cb242
php-mysql-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
a0696e3ff6d18516c237cd22b65a50fe0800c557
php-odbc-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
47d1a0ce0381f5c611453a0bee7ee652721ee9e2
php-pdo-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
35159628bd14af37166d2bc5f50fc84d3035c005
php-pgsql-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
1e7f2ad2efed3a2da7380ca6bfce58558a529aa7
php-process-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
3db42b59f9ac647e42118a0b8e99267a65e76dbf
php-pspell-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
a262a459e9f1c9032d8df5719161e0d30b6e69b2
php-recode-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
da242724a0cabbc470afc502e60c9697456ad5ad
php-snmp-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
74313ff0e86d44e9d46120fb9b79557a31e7d3ef
php-soap-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
539420e801ac717815e685c4c3609f098d61b902
php-tidy-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
f992129df8057f1a4c1ca262e8b35f6fe991d599
php-xml-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
fe909b82e64335e4590ba9d16611a285e881e1cf
php-xmlrpc-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
8635e5ba12489dcb4f398d21948ffba97a880214
php-zts-5.3.3-55.el6.tuxcare.els6.x86_64.rpm
d3685435de8d64d55a3bfe69cef83f516590ea6f
CLSA-2023:1693410662
microcode_ctl: Fix of CVE-2022-40982
TuxCare License Agreement
0
- Update Intel CPU microcode to microcode-20230808 release addresses
CVE-2022-40982:
- Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119;
- Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119;
- Addition of 06-ba-03/0xe0 microcode (in microcode.dat) at revision 0x4119;
- Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119;
- Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119;
- Addition of 06-ba-03/0xe0 microcode (in microcode.dat) at revision 0x4119;
- Addition of 06-be-00/0x11 microcode (in microcode.dat) at revision 0x11;
- Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112;
- Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112;
- Removal of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x4112;
- Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112;
- Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112;
- Removal of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x4112;
- Removal of 06-be-00/0x01 microcode (in microcode.dat) at revision 0x10;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode (in microcode.dat) from
revision 0x1000171 up to 0x1000181;
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
microcode.dat) from revision 0x2006f05 up to 0x2007006;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode (in microcode.dat) from
revision 0x4003501 up to 0x4003604;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat)
from revision 0x5003501 up to 0x5003604;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode (in microcode.dat) from
revision 0x7002601 up to 0x7002703;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in microcode.dat) from
revision 0xd000390 up to 0xd0003a5;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from
revision 0xba up to 0xbc;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from
revision 0xaa up to 0xac;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in microcode.dat) from
revision 0x2a up to 0x2c;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in microcode.dat) from
revision 0x44 up to 0x46;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from
revision 0xf2 up to 0xf4;
- Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in microcode.dat)
from revision 0xf2 up to 0xf4;
- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
microcode.dat) from revision 0xf2 up to 0xf4;
- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in microcode.dat) from
revision 0xf2 up to 0xf4;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode
(in microcode.dat) from revision 0xf6 up to 0xf8;
- Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c;
- Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a;
- Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a;
- Update of 06-9a-04/0x80 microcode (in microcode.dat) from revision 0x42a up
to 0x42c;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c;
- Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a;
- Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a;
- Update of 06-9a-04/0x80 microcode (in microcode.dat) from revision 0x42a up
to 0x42c;
- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
microcode.dat) from revision 0xf2 up to 0xf4;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat)
from revision 0xf2 up to 0xf4;
- Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from
revision 0xf2 up to 0xf4;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat)
from revision 0xf2 up to 0xf4;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat)
from revision 0xf8 up to 0xfa;
- Update of 06-a5-02/0x20 (CML-H R1) microcode (in microcode.dat) from
revision 0xf6 up to 0xf8;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from
revision 0xf6 up to 0xf8;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from
revision 0xf6 up to 0xf8;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from
revision 0xf6 up to 0xf8;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from
revision 0xf6 up to 0xf8;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode (in microcode.dat) from
revision 0x58 up to 0x59;
- Update of 06-b7-01/0x32 microcode (in microcode.dat) from revision 0x113 up
to 0x119;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update Intel CPU microcode to microcode-20230808 release addresses
CVE-2022-40982:
- Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119;
- Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119;
- Addition of 06-ba-03/0xe0 microcode (in microcode.dat) at revision 0x4119;
- Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119;
- Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119;
- Addition of 06-ba-03/0xe0 microcode (in microcode.dat) at revision 0x4119;
- Addition of 06-be-00/0x11 microcode (in microcode.dat) at revision 0x11;
- Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112;
- Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112;
- Removal of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x4112;
- Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112;
- Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112;
- Removal of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x4112;
- Removal of 06-be-00/0x01 microcode (in microcode.dat) at revision 0x10;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode (in microcode.dat) from
revision 0x1000171 up to 0x1000181;
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
microcode.dat) from revision 0x2006f05 up to 0x2007006;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode (in microcode.dat) from
revision 0x4003501 up to 0x4003604;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat)
from revision 0x5003501 up to 0x5003604;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode (in microcode.dat) from
revision 0x7002601 up to 0x7002703;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in microcode.dat) from
revision 0xd000390 up to 0xd0003a5;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from
revision 0xba up to 0xbc;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from
revision 0xaa up to 0xac;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in microcode.dat) from
revision 0x2a up to 0x2c;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in microcode.dat) from
revision 0x44 up to 0x46;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from
revision 0xf2 up to 0xf4;
- Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in microcode.dat)
from revision 0xf2 up to 0xf4;
- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
microcode.dat) from revision 0xf2 up to 0xf4;
- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in microcode.dat) from
revision 0xf2 up to 0xf4;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode
(in microcode.dat) from revision 0xf6 up to 0xf8;
- Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision
0x2b000461 up to 0x2b0004b1;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision
0x2c0001d1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision
0x2b000461;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c;
- Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a;
- Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a;
- Update of 06-9a-04/0x80 microcode (in microcode.dat) from revision 0x42a up
to 0x42c;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c;
- Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c;
- Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a;
- Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a;
- Update of 06-9a-04/0x80 microcode (in microcode.dat) from revision 0x42a up
to 0x42c;
- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
microcode.dat) from revision 0xf2 up to 0xf4;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat)
from revision 0xf2 up to 0xf4;
- Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from
revision 0xf2 up to 0xf4;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat)
from revision 0xf2 up to 0xf4;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat)
from revision 0xf8 up to 0xfa;
- Update of 06-a5-02/0x20 (CML-H R1) microcode (in microcode.dat) from
revision 0xf6 up to 0xf8;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from
revision 0xf6 up to 0xf8;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from
revision 0xf6 up to 0xf8;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from
revision 0xf6 up to 0xf8;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from
revision 0xf6 up to 0xf8;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode (in microcode.dat) from
revision 0x58 up to 0x59;
- Update of 06-b7-01/0x32 microcode (in microcode.dat) from revision 0x113 up
to 0x119;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c;
- Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
- Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up
to 0x2e;
0
tuxcare-centos6-els
microcode_ctl-1.17-33.40.el6_10.tuxcare.els1.x86_64.rpm
857d68092f1b46efd7f6cc95920e3a96c9101846
CLSA-2023:1693416068
Update of amanda
TuxCare License Agreement
0
- Fix bug that leads to amdump and runtar problem due to options
recognized as invalid falsely
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Fix bug that leads to amdump and runtar problem due to options
recognized as invalid falsely
0
tuxcare-centos6-els
amanda-2.6.1p2-9.el6_6.tuxcare.els2.i686.rpm
9e15985e4655c432ebd7f361a4c231436e5c9a2f
amanda-2.6.1p2-9.el6_6.tuxcare.els2.x86_64.rpm
13b288ef5dc52b74ea706a2e35a96d89b5c0033c
amanda-client-2.6.1p2-9.el6_6.tuxcare.els2.x86_64.rpm
4297dce2b462ce6f7176ecd37f2decd19d70c4ce
amanda-devel-2.6.1p2-9.el6_6.tuxcare.els2.i686.rpm
ed9a092c2ac0d30d5537e75499e0b166928e6563
amanda-devel-2.6.1p2-9.el6_6.tuxcare.els2.x86_64.rpm
4ad98bff9323cf56219f6ba9058f29945e3a1559
amanda-server-2.6.1p2-9.el6_6.tuxcare.els2.x86_64.rpm
5a632ca1e40286994b2dd84b3cf3f68f4bc936ed
CLSA-2023:1693906015
busybox: Fix of CVE-2022-48174
TuxCare License Agreement
0
- CVE-2022-48174: fix unlikely stack overflow
- testsuite was enabled
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-48174: fix unlikely stack overflow
- testsuite was enabled
0
tuxcare-centos6-els
busybox-1.15.1-21.el6_6.tuxcare.els2.x86_64.rpm
33fb348cee4106f3bb39d0347c22f2d4219ade3b
busybox-petitboot-1.15.1-21.el6_6.tuxcare.els2.x86_64.rpm
524bf2b4471ce3d777641a634572506b26dd1815
CLSA-2023:1694536738
binutils: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2022-47673: Fix multiple out of bound reads which may cause a DoS
- CVE-2022-47695: Fix NULL pointer segmentation fault which may cause a DoS
- CVE-2022-47696: Fix read of unitialized field which may cause a DoS
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-47673: Fix multiple out of bound reads which may cause a DoS
- CVE-2022-47695: Fix NULL pointer segmentation fault which may cause a DoS
- CVE-2022-47696: Fix read of unitialized field which may cause a DoS
0
tuxcare-centos6-els
binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els6.x86_64.rpm
c32e149155b10a10f2f226f2b7f763955b84501b
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els6.i686.rpm
9afbc78a31ef8cf4cb161979a1e8edd692551733
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els6.x86_64.rpm
bdba78f5177c67766f114d8bc572d4c024cf1b2c
CLSA-2023:1695063163
vim: Fix of CVE-2023-4733
TuxCare License Agreement
0
- CVE-2023-4733: verify oldwin pointer after reset_VIsual()
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-4733: verify oldwin pointer after reset_VIsual()
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els42.x86_64.rpm
e38fca594ec7d3c37be9387bfa65ecc685405efc
vim-common-7.4.629-5.2.el6.tuxcare.els42.x86_64.rpm
d7bed67e94858df7011b20333a7cef7a2d318249
vim-enhanced-7.4.629-5.2.el6.tuxcare.els42.x86_64.rpm
f821b13e8dd489a85ea1ead9de259bc1b23bc867
vim-filesystem-7.4.629-5.2.el6.tuxcare.els42.x86_64.rpm
a76b9e874d9a851adc9bf00f1f621d656352e673
vim-minimal-7.4.629-5.2.el6.tuxcare.els42.x86_64.rpm
f4b1bbca24dd0cd5387c284f8d27e6548b9f4f0d
CLSA-2023:1695319372
vim: Fix of CVE-2023-4736
TuxCare License Agreement
0
- CVE-2023-4736: improve search path to avoid run an executable in untrusted dir
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-4736: improve search path to avoid run an executable in untrusted dir
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els44.x86_64.rpm
6ef00145bb096ede73e6b88197daabc95e64e0a0
vim-common-7.4.629-5.2.el6.tuxcare.els44.x86_64.rpm
b7751d73a9718d250a64568910070beec3e6a052
vim-enhanced-7.4.629-5.2.el6.tuxcare.els44.x86_64.rpm
f70c8d52672c20a46a7ce47301d42b348cae0466
vim-filesystem-7.4.629-5.2.el6.tuxcare.els44.x86_64.rpm
4d1b94adf4b48a748f9c49e3449eacd0e0d9f278
vim-minimal-7.4.629-5.2.el6.tuxcare.els44.x86_64.rpm
7a053d64be644952f64690f49beb62d41e02e061
CLSA-2023:1695835423
libssh2: Fix of CVE-2020-22218
TuxCare License Agreement
0
- CVE-2020-22218: doing total_num zero length check
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-22218: doing total_num zero length check
0
tuxcare-centos6-els
libssh2-1.4.2-3.el6_10.1.tuxcare.els1.i686.rpm
ec9d959bffff18306f36712cd892f61e54ee091c
libssh2-1.4.2-3.el6_10.1.tuxcare.els1.x86_64.rpm
ae3377a123f7bb93d54d6f58e36d7a57ed1f8995
libssh2-devel-1.4.2-3.el6_10.1.tuxcare.els1.i686.rpm
1cd93efebb5441884b8011304aeaa55e39f20589
libssh2-devel-1.4.2-3.el6_10.1.tuxcare.els1.x86_64.rpm
d3db0f4dc3a9c6c47dd08070f36e30663f713b0b
libssh2-docs-1.4.2-3.el6_10.1.tuxcare.els1.x86_64.rpm
1f9b01d9f692043a30dbb4ee2b086fe5c03e3cbf
CLSA-2023:1696878189
python: Fix of CVE-2022-48565
TuxCare License Agreement
0
- CVE-2022-48565: Reject XML entity declarations in plist files
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-48565: Reject XML entity declarations in plist files
0
tuxcare-centos6-els
python-2.6.6-70.el6.tuxcare.els11.i686.rpm
6486a0314617992c1d034e2aad13ae12aa5debf6
python-2.6.6-70.el6.tuxcare.els11.x86_64.rpm
b4822633ef4a823a8754e5e375a72b21374438a7
python-devel-2.6.6-70.el6.tuxcare.els11.i686.rpm
32c8ede1230e5862b29aeec7085965b50c070934
python-devel-2.6.6-70.el6.tuxcare.els11.x86_64.rpm
c89264ef40a5e63911b11148f67d5fd05e200502
python-libs-2.6.6-70.el6.tuxcare.els11.i686.rpm
79047e612b1db4166811b3292079fd0ba22ed3e7
python-libs-2.6.6-70.el6.tuxcare.els11.x86_64.rpm
dc270ffa6094d13c1f4093d87bd675f550f0a470
python-test-2.6.6-70.el6.tuxcare.els11.x86_64.rpm
362c00d3bd02530bd0f69ec4fd80050db6129ab3
python-tools-2.6.6-70.el6.tuxcare.els11.x86_64.rpm
fdfdc74f6ea30b2f74eb6f4fcb7c6221e6e22e23
tkinter-2.6.6-70.el6.tuxcare.els11.x86_64.rpm
6435103186f43b2eac10216581f9ad631caa278a
CLSA-2023:1696971066
binutils: Fix of CVE-2020-19726
TuxCare License Agreement
0
- CVE-2020-19726: Fix an illegal memory access in the BFD library which can be
triggered by attempting to parse a corrupt PE format file
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-19726: Fix an illegal memory access in the BFD library which can be
triggered by attempting to parse a corrupt PE format file
0
tuxcare-centos6-els
binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els7.x86_64.rpm
b7a4ef0c8dfbbe538751b6f74621042745331511
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els7.i686.rpm
284151a282cdc478a42cdce13db2fd7b22ede183
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els7.x86_64.rpm
550c3e67195a23b04a1faabcb21af3e0952f8770
CLSA-2023:1697136085
libwebp: Fix of CVE-2023-1999
TuxCare License Agreement
0
- CVE-2023-1999: avoids a double free
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-1999: avoids a double free
0
tuxcare-centos6-els
libwebp-0.4.3-3.el6.tuxcare.els1.i686.rpm
7e08740da10a78016b62584c796a9f8952d86427
libwebp-0.4.3-3.el6.tuxcare.els1.x86_64.rpm
2ba7b0c51a441415ba55885f754d411ed73f1cba
libwebp-devel-0.4.3-3.el6.tuxcare.els1.i686.rpm
7b8a85074687e8984794661e43b66b55993352bd
libwebp-devel-0.4.3-3.el6.tuxcare.els1.x86_64.rpm
63eebe45cf14e1627b7d9b5f50c881537afb171d
libwebp-java-0.4.3-3.el6.tuxcare.els1.x86_64.rpm
65c3b16959a0afd263f57178d52e3d2bd7b0a0ed
libwebp-tools-0.4.3-3.el6.tuxcare.els1.x86_64.rpm
0d8f0a7b0d8d84dfc13a9aed01c9a6a27a39e069
CLSA-2023:1697136232
bind: Fix of CVE-2023-3341
TuxCare License Agreement
0
- CVE-2023-3341: Limit isccc_cc_fromwire recursion depth
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-3341: Limit isccc_cc_fromwire recursion depth
0
tuxcare-centos6-els
bind-9.8.2-0.68.rc1.el6.11.tuxcare.els7.x86_64.rpm
fd384652292e86728422adebec4c7bdf1085f714
bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els7.x86_64.rpm
a9e27b38cfdee05724ee7b7f29285dd7caebf064
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els7.i686.rpm
711069af5bf8368a06aaee09441adf0546cc167d
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els7.x86_64.rpm
706e926fe34fd7ab4e3633c41395cb2d41574eba
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els7.i686.rpm
c473218241773f3867549ff2e55d0d2664d403a7
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els7.x86_64.rpm
b0da8a51783ace6cb6c9af884fbdedb90db67898
bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els7.x86_64.rpm
1a8022487bd753a152db018ce7cbb40d85681ce7
bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els7.x86_64.rpm
9104947e828ce48b086ed053c6d5f6156cd5dd64
CLSA-2023:1697464688
curl: Fix of CVE-2023-38546
TuxCare License Agreement
0
- CVE-2023-38546: cookie: remove unnecessary struct fields
- Rebuild expired test certificates
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-38546: cookie: remove unnecessary struct fields
- Rebuild expired test certificates
0
tuxcare-centos6-els
curl-7.19.7-59.el6.tuxcare.els10.x86_64.rpm
6f8e6d3ce72e79a2da4ca786193d1fd3c5fd8a9a
libcurl-7.19.7-59.el6.tuxcare.els10.i686.rpm
038ad2b50ae68b63bb737ed6624c314e53316ff9
libcurl-7.19.7-59.el6.tuxcare.els10.x86_64.rpm
b37545443b1bd1c405efc5cc8e09a08c13413c23
libcurl-devel-7.19.7-59.el6.tuxcare.els10.i686.rpm
9f620fc74f70b353b4b9fd6f037c2980f5ffdfb6
libcurl-devel-7.19.7-59.el6.tuxcare.els10.x86_64.rpm
737a985722f8360d1491682714b1e14501b26c4b
CLSA-2023:1697482739
exim: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-42114: fix possible OOB read in SPA authenticator
- CVE-2023-42116: fix possible OOB write in SPA authenticator
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-42114: fix possible OOB read in SPA authenticator
- CVE-2023-42116: fix possible OOB write in SPA authenticator
0
tuxcare-centos6-els
exim-4.92.3-3.el6.tuxcare.els4.x86_64.rpm
b3dd5222a6073a94f33e71d4b9e8b667f47c805f
exim-greylist-4.92.3-3.el6.tuxcare.els4.x86_64.rpm
0a6a7e054a8198e8329451bd0d792eaf7dca3567
exim-mon-4.92.3-3.el6.tuxcare.els4.x86_64.rpm
f56123cc0643385e3a16dfc23507f839c3960309
exim-mysql-4.92.3-3.el6.tuxcare.els4.x86_64.rpm
3d457832e6f38be685c458a582f88f56a67b6730
exim-pgsql-4.92.3-3.el6.tuxcare.els4.x86_64.rpm
1a3b2c050b563509c77c21303f1ed081c698d0ee
CLSA-2023:1697817200
quagga: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-41360: don't read the first byte of ORF header if we are ahead of
stream
- CVE-2023-41358: do not process NLRIs if the attribute length is zero
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-41360: don't read the first byte of ORF header if we are ahead of
stream
- CVE-2023-41358: do not process NLRIs if the attribute length is zero
0
tuxcare-centos6-els
quagga-0.99.15-14.el6.tuxcare.els2.x86_64.rpm
edfc8c6cd8d4c038851664c8ae966e588b2ca1bf
quagga-contrib-0.99.15-14.el6.tuxcare.els2.x86_64.rpm
bb719471f3f1c36e58f582038782e0d2a9c984de
quagga-devel-0.99.15-14.el6.tuxcare.els2.i686.rpm
2e7e7f3c0ec549f4ae42696ffeeb6543554ae89c
quagga-devel-0.99.15-14.el6.tuxcare.els2.x86_64.rpm
0a481bece123851dce30c0fd9db349d1207519b3
CLSA-2023:1698101447
nginx: Fix of CVE-2023-44487
TuxCare License Agreement
0
- CVE-2023-44487: HTTP/2 - per-iteration stream handling limit
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-44487: HTTP/2 - per-iteration stream handling limit
0
tuxcare-centos6-els
nginx-1.10.3-4.el6.tuxcare.els6.x86_64.rpm
200d43918422aca68ce60c9fa26296e9951c8d3f
nginx-all-modules-1.10.3-4.el6.tuxcare.els6.noarch.rpm
43610d591002a4198a1275a67bc24a0318d0fdfd
nginx-filesystem-1.10.3-4.el6.tuxcare.els6.noarch.rpm
080366475950663756f5ba571ad4fa7b89d4962b
nginx-mod-http-geoip-1.10.3-4.el6.tuxcare.els6.x86_64.rpm
28aad7eada36b684e7c6a2450f69da4288d6dfce
nginx-mod-http-image-filter-1.10.3-4.el6.tuxcare.els6.x86_64.rpm
202645fc9c7a638500806f95b7ec7ba9397dcde5
nginx-mod-http-perl-1.10.3-4.el6.tuxcare.els6.x86_64.rpm
a9fc2835f8968c3b389b91bac4954b28613366be
nginx-mod-http-xslt-filter-1.10.3-4.el6.tuxcare.els6.x86_64.rpm
7e6558d4f6ee625b6a6ac1073ebfbce7aaccd5ac
nginx-mod-mail-1.10.3-4.el6.tuxcare.els6.x86_64.rpm
d752f8171efbd5cb556216fb212356c208edeb99
nginx-mod-stream-1.10.3-4.el6.tuxcare.els6.x86_64.rpm
6348a2d35dcf46db6570ccbaa781e2a67d79b037
CLSA-2023:1698101603
python: Fix of CVE-2022-48560
TuxCare License Agreement
0
- CVE-2022-48560: Fix SIGSEGV in Python via heappushpop in heapq
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-48560: Fix SIGSEGV in Python via heappushpop in heapq
0
tuxcare-centos6-els
python-2.6.6-70.el6.tuxcare.els12.i686.rpm
637f58cb494dfa9223c851997633e3eb15fb54a0
python-2.6.6-70.el6.tuxcare.els12.x86_64.rpm
d2a3ca4651f06308115f822e84e71dd8058bee6a
python-devel-2.6.6-70.el6.tuxcare.els12.i686.rpm
a6648519cc5836b7b635d27678e94a6c58b1a538
python-devel-2.6.6-70.el6.tuxcare.els12.x86_64.rpm
ef9862d231dfe9466ac4fbef2b583fc36cb09cc7
python-libs-2.6.6-70.el6.tuxcare.els12.i686.rpm
09f351b56c0d51a35a48540951fabff51960bc64
python-libs-2.6.6-70.el6.tuxcare.els12.x86_64.rpm
b244f39b7d51649b2e37b9a9b3e0b5f0c6c01664
python-test-2.6.6-70.el6.tuxcare.els12.x86_64.rpm
c138151d74e898aa5de34a6158af07a5fb8af731
python-tools-2.6.6-70.el6.tuxcare.els12.x86_64.rpm
1ab0682aa97823450cd689ee60c272136e3c385d
tkinter-2.6.6-70.el6.tuxcare.els12.x86_64.rpm
ec550a5cd87b08c681de36242156389f0a948123
CLSA-2023:1698180806
zlib: Fix of CVE-2023-45853
TuxCare License Agreement
0
- CVE-2023-45853: Reject overflows of zip header fields in minizip
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-45853: Reject overflows of zip header fields in minizip
0
tuxcare-centos6-els
minizip-1.2.3-29.el6.tuxcare.els3.i686.rpm
cb983af322994aa4279f606cf910bba5e395f0cf
minizip-1.2.3-29.el6.tuxcare.els3.x86_64.rpm
b31a9ed0fbeab9141ffc46047e963e8f4aba3174
minizip-devel-1.2.3-29.el6.tuxcare.els3.i686.rpm
12e5598e829c284d813df6b7cea03bce13f665ae
minizip-devel-1.2.3-29.el6.tuxcare.els3.x86_64.rpm
9af2b9d120667a66098e612a5f86207cf14fcf20
zlib-1.2.3-29.el6.tuxcare.els3.i686.rpm
8e2f23735ee9b18df3c5bed371eab28558f4511e
zlib-1.2.3-29.el6.tuxcare.els3.x86_64.rpm
084c8a4ec936840a3556f02065ce96dc8f64e8a0
zlib-devel-1.2.3-29.el6.tuxcare.els3.i686.rpm
759a7b2ff47a79c97720f64ce0130205cfd74fcc
zlib-devel-1.2.3-29.el6.tuxcare.els3.x86_64.rpm
4c04ee7ba11be3ca0bf6238976ffcdafdba5e13e
zlib-static-1.2.3-29.el6.tuxcare.els3.x86_64.rpm
0a21a78b953557a2ff9409f2aeafab2daf7ff2dc
CLSA-2023:1698352063
vim: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-5441: segfault in exmode
- CVE-2023-5344: buffer overflow in trunc_string()
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-5441: segfault in exmode
- CVE-2023-5344: buffer overflow in trunc_string()
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els45.x86_64.rpm
136500d8d630610da6b506cc7d040bcad07edc06
vim-common-7.4.629-5.2.el6.tuxcare.els45.x86_64.rpm
158aa00537ca103ac9c8c8322d3851be80d8ae86
vim-enhanced-7.4.629-5.2.el6.tuxcare.els45.x86_64.rpm
972306054f7994b6e0159ef410a5320968c5262c
vim-filesystem-7.4.629-5.2.el6.tuxcare.els45.x86_64.rpm
5cfc53db41f0a523cda51c9f684cb17a241418b6
vim-minimal-7.4.629-5.2.el6.tuxcare.els45.x86_64.rpm
22b4ada59e7d90d50c96f8046f7749d4bead742a
CLSA-2023:1699381307
libxml2: Fix of CVE-2016-4658
TuxCare License Agreement
0
- CVE-2016-4658: disallow namespace nodes in XPointer ranges
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2016-4658: disallow namespace nodes in XPointer ranges
0
tuxcare-centos6-els
libxml2-2.7.6-21.el6_8.1.tuxcare.els4.i686.rpm
bf036ddaed339bb3f6a9cd1c88303ee0403cf234
libxml2-2.7.6-21.el6_8.1.tuxcare.els4.x86_64.rpm
36f8653433cf8bcbd5f9b276e0b6aef1d81e9246
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els4.i686.rpm
37ee1e4ae4c1f2eeef0078b49bacbb07122f808c
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els4.x86_64.rpm
a9690a1116919f9c6a95e726a60a5f16bbf392c0
libxml2-python-2.7.6-21.el6_8.1.tuxcare.els4.x86_64.rpm
b1731d642704400a8240b41f72153e802cdc34c9
libxml2-static-2.7.6-21.el6_8.1.tuxcare.els4.x86_64.rpm
c19cf7544377026757c0060b919346d23939c0f5
CLSA-2023:1699908139
exim: Fix of CVE-2022-3559
TuxCare License Agreement
0
- CVE-2022-3559: Fix $regex<n> use-after-free
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-3559: Fix $regex<n> use-after-free
0
tuxcare-centos6-els
exim-4.92.3-3.el6.tuxcare.els5.x86_64.rpm
044aa8c21842e9bc0861a15beffdeb6256056a3b
exim-greylist-4.92.3-3.el6.tuxcare.els5.x86_64.rpm
787e044e75b57c37c714b623bab34c1d10460596
exim-mon-4.92.3-3.el6.tuxcare.els5.x86_64.rpm
3ef60548c18b659ec1ba0473179d724ef25a03c8
exim-mysql-4.92.3-3.el6.tuxcare.els5.x86_64.rpm
f641776a14d69d046c55da13f0591c55248e4c13
exim-pgsql-4.92.3-3.el6.tuxcare.els5.x86_64.rpm
5907a20774fbdc5cd1d4951346cbb8d8316877ec
CLSA-2023:1700164396
squid: Fix of CVE-2023-46847
TuxCare License Agreement
0
- CVE-2023-46847: Fix stack buffer overflow when parsing Digest Authorization
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-46847: Fix stack buffer overflow when parsing Digest Authorization
0
tuxcare-centos6-els
squid-3.1.23-30.el6.tuxcare.els8.x86_64.rpm
7e92babedf80c396edca392ba450770263eb12ea
CLSA-2023:1700591071
kernel: Fix of 10 CVEs
TuxCare License Agreement
0
- openvswitch: fix OOB access in reserve_sfa_size() {CVE-2022-2639}
- xen/blkfront: fix leaking data in shared pages {CVE-2022-26365}
- Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() {CVE-2020-36386}
- btrfs: only search for left_info if there is no right_info in try_merge_free_space {CVE-2019-19448}
- filldir[64]: remove WARN_ON_ONCE() for bad directory entries {CVE-2019-10220}
- Make filldir[64]() verify the directory entry filename is valid {CVE-2019-10220}
- ath9k: release allocated buffer if timed out {CVE-2019-19074}
- net: sched: sch_qfq: prevent slab-out-of-bounds in {CVE-2023-31436}
- memstick: r592: Fix UAF bug in r592_remove due to race {CVE-2023-3141}
- wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid {CVE-2023-23559}
- ext4: fix kernel infoleak via ext4_extent_header {CVE-2022-0850}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- openvswitch: fix OOB access in reserve_sfa_size() {CVE-2022-2639}
- xen/blkfront: fix leaking data in shared pages {CVE-2022-26365}
- Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() {CVE-2020-36386}
- btrfs: only search for left_info if there is no right_info in try_merge_free_space {CVE-2019-19448}
- filldir[64]: remove WARN_ON_ONCE() for bad directory entries {CVE-2019-10220}
- Make filldir[64]() verify the directory entry filename is valid {CVE-2019-10220}
- ath9k: release allocated buffer if timed out {CVE-2019-19074}
- net: sched: sch_qfq: prevent slab-out-of-bounds in {CVE-2023-31436}
- memstick: r592: Fix UAF bug in r592_remove due to race {CVE-2023-3141}
- wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid {CVE-2023-23559}
- ext4: fix kernel infoleak via ext4_extent_header {CVE-2022-0850}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm
f9185a3211dcbc6078e9db6dabbaf58d31d4ad2a
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm
732209e078780c9abf873a2abaef15928bc7b377
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els13.i686.rpm
1bc1d894c3dd6ff2c541d789cba7fbc9a72ef74a
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm
9dd40e7ac966fa6e850df82a2fb4e0f9ae70c9c0
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm
91d9d2536760a99f7fbead425d639dd7ca7771bb
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm
3d3393287b636b99dbbb9d292c545f729c6f2d68
perf-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm
4e92d8e8cdc44620d07ad728c222d400f448c30c
python-perf-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm
7f9d988821212107ce186caea9f6031674db0128
CLSA-2023:1700591846
kernel: Fix of 10 CVEs
TuxCare License Agreement
0
- openvswitch: fix OOB access in reserve_sfa_size() {CVE-2022-2639}
- xen/blkfront: fix leaking data in shared pages {CVE-2022-26365}
- Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() {CVE-2020-36386}
- btrfs: only search for left_info if there is no right_info in try_merge_free_space {CVE-2019-19448}
- filldir[64]: remove WARN_ON_ONCE() for bad directory entries {CVE-2019-10220}
- Make filldir[64]() verify the directory entry filename is valid {CVE-2019-10220}
- ath9k: release allocated buffer if timed out {CVE-2019-19074}
- net: sched: sch_qfq: prevent slab-out-of-bounds in {CVE-2023-31436}
- memstick: r592: Fix UAF bug in r592_remove due to race {CVE-2023-3141}
- wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid {CVE-2023-23559}
- ext4: fix kernel infoleak via ext4_extent_header {CVE-2022-0850}
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- openvswitch: fix OOB access in reserve_sfa_size() {CVE-2022-2639}
- xen/blkfront: fix leaking data in shared pages {CVE-2022-26365}
- Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() {CVE-2020-36386}
- btrfs: only search for left_info if there is no right_info in try_merge_free_space {CVE-2019-19448}
- filldir[64]: remove WARN_ON_ONCE() for bad directory entries {CVE-2019-10220}
- Make filldir[64]() verify the directory entry filename is valid {CVE-2019-10220}
- ath9k: release allocated buffer if timed out {CVE-2019-19074}
- net: sched: sch_qfq: prevent slab-out-of-bounds in {CVE-2023-31436}
- memstick: r592: Fix UAF bug in r592_remove due to race {CVE-2023-3141}
- wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid {CVE-2023-23559}
- ext4: fix kernel infoleak via ext4_extent_header {CVE-2022-0850}
0
tuxcare-centos6-els
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els13.noarch.rpm
2f3a3e7506b5ea894d5661d145c80ae1bc992c43
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els13.noarch.rpm
f807b254dea7c72369ce8dcd628969ca5f170a21
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els13.noarch.rpm
acb337e41d7b4bc5908e15ab3c0e4726035dc477
CLSA-2023:1700686706
Update of microcode_ctl
TuxCare License Agreement
0
- Fix silent microcode rejection in some cases
- Loading to /dev/null is enabled on VM
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Fix silent microcode rejection in some cases
- Loading to /dev/null is enabled on VM
0
tuxcare-centos6-els
microcode_ctl-1.17-33.40.el6_10.tuxcare.els2.x86_64.rpm
4cc6501725979310d601affc3392d091630c2549
CLSA-2023:1700852317
samba: Fix of CVE-2023-3961
TuxCare License Agreement
0
- CVE-2023-3961: Fix a path traversal out of the socket directory
- fix chagelog's versions
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-3961: Fix a path traversal out of the socket directory
- fix chagelog's versions
0
tuxcare-centos6-els
libsmbclient-3.6.23-53.el6_10.tuxcare.els2.i686.rpm
102652cf2153f8d58eaaae985a495365f3bb519c
libsmbclient-3.6.23-53.el6_10.tuxcare.els2.x86_64.rpm
01982774a6b9ec9012326648531124f4a4ad769f
libsmbclient-devel-3.6.23-53.el6_10.tuxcare.els2.i686.rpm
741c13d1c4c6ede8fa4df6ba6775e1ac9f27e1e2
libsmbclient-devel-3.6.23-53.el6_10.tuxcare.els2.x86_64.rpm
d99a639d1b0332e8124d860e6d5fd88316cceb35
samba-3.6.23-53.el6_10.tuxcare.els2.x86_64.rpm
9801f72dcb36c4dc239570d6b8730e5fbaea58c4
samba-client-3.6.23-53.el6_10.tuxcare.els2.x86_64.rpm
c8681be32e6e5ae1007fd0d65ca76433f9b0e392
samba-common-3.6.23-53.el6_10.tuxcare.els2.i686.rpm
db05978c840e9d8e121a473ba73ed064adbc481a
samba-common-3.6.23-53.el6_10.tuxcare.els2.x86_64.rpm
91b0487b1babd2b0dfdcebed688b58b5a36a59a6
samba-doc-3.6.23-53.el6_10.tuxcare.els2.x86_64.rpm
128bd1ac8ceebb6c0c46603573356cd011331c83
samba-domainjoin-gui-3.6.23-53.el6_10.tuxcare.els2.x86_64.rpm
46fa0c77eff85b96315198808afaeeff77300ca5
samba-glusterfs-3.6.23-53.el6_10.tuxcare.els2.x86_64.rpm
4442a964b60bff3272813258716b75ffb462c44e
samba-swat-3.6.23-53.el6_10.tuxcare.els2.x86_64.rpm
756a8e284d09f5b0554dac1d8f8d144331dee94a
samba-winbind-3.6.23-53.el6_10.tuxcare.els2.x86_64.rpm
a4036b6c37ee12b6a531d0bad283745f9a884e78
samba-winbind-clients-3.6.23-53.el6_10.tuxcare.els2.i686.rpm
5c429a6a8f191ef249ae8a4522df885a03712cee
samba-winbind-clients-3.6.23-53.el6_10.tuxcare.els2.x86_64.rpm
b1a74648a95fd45c3edf85bad96ff7db21c9a63e
samba-winbind-devel-3.6.23-53.el6_10.tuxcare.els2.i686.rpm
472d739ada9cae4206645fe1b1721e7f873aae59
samba-winbind-devel-3.6.23-53.el6_10.tuxcare.els2.x86_64.rpm
d8756451d2a3453f6eb0e8fe1a550e576875e1b8
samba-winbind-krb5-locator-3.6.23-53.el6_10.tuxcare.els2.x86_64.rpm
b153ef132e10d5cc918941f6f1a86456b14f7fa2
CLSA-2023:1701285908
exim: Fix of CVE-2023-42117
TuxCare License Agreement
0
- CVE-2023-42117: fix string_is_ip_address()
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-42117: fix string_is_ip_address()
0
tuxcare-centos6-els
exim-4.92.3-3.el6.tuxcare.els6.x86_64.rpm
4ef171c1777571e19072b0bd47f1b906f31e5cd0
exim-greylist-4.92.3-3.el6.tuxcare.els6.x86_64.rpm
d1af5b111a679bbfcce5f26402c3db2b3c78f550
exim-mon-4.92.3-3.el6.tuxcare.els6.x86_64.rpm
6198b38159c92f3024235d9a9149e31c51b46147
exim-mysql-4.92.3-3.el6.tuxcare.els6.x86_64.rpm
a8b2b10feac2da0296f0ca98dab6176699c567b1
exim-pgsql-4.92.3-3.el6.tuxcare.els6.x86_64.rpm
27e003e84a2b2e1cce45368cead4a4e28307c9be
CLSA-2023:1701286147
squid34: Fix of CVE-2023-46724
TuxCare License Agreement
0
- CVE-2023-46724: Fix validation of certificates with CN=*
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-46724: Fix validation of certificates with CN=*
0
tuxcare-centos6-els
squid34-3.4.14-16.el6.tuxcare.els3.x86_64.rpm
9d5bbb484521bf9cab95282fff9ec08fa9e92b83
CLSA-2023:1701286463
squid34: Fix of CVE-2023-46847
TuxCare License Agreement
0
- CVE-2023-46847: Fix stack buffer overflow when parsing Digest Authorization
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-46847: Fix stack buffer overflow when parsing Digest Authorization
0
tuxcare-centos6-els
squid34-3.4.14-16.el6.tuxcare.els4.x86_64.rpm
965e0b7d27a68e1f7cbce39b41bfb87e50a03f42
CLSA-2023:1701445092
libksba: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2022-3515: detect a possible overflow directly in the TLV parser
- CVE-2022-47629: fix an integer overflow in the CRL signature parser
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-3515: detect a possible overflow directly in the TLV parser
- CVE-2022-47629: fix an integer overflow in the CRL signature parser
0
tuxcare-centos6-els
libksba-1.0.7-4.el6.tuxcare.els1.i686.rpm
e602932d52dfc005fedcc5953f9ec9f13a4f4e86
libksba-1.0.7-4.el6.tuxcare.els1.x86_64.rpm
29de90fa9b2db6485d8aa5f43cae484487ea8a2c
libksba-devel-1.0.7-4.el6.tuxcare.els1.i686.rpm
bd6fcecf5b48df06e75905a9ae2603c2040fae9f
libksba-devel-1.0.7-4.el6.tuxcare.els1.x86_64.rpm
4a56b9f3546a47c53efbd97dc35d7efc2691f7b5
CLSA-2023:1702421029
microcode_ctl: Fix of CVE-2023-23583
TuxCare License Agreement
0
- Update Intel CPU microcode to microcode-20231114 release, addresses
CVE-2023-23583 (INTEL-SA-00950):
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in 06-6a-06) from revision
0xd0003a5 up to 0xd0003b9;
- Update of 06-6c-01/0x10 (ICL-D B0) microcode (in 06-6c-01) from revision
0x1000230 up to 0x1000268;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in 06-7e-05) from revision
0xbc up to 0xc2;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in 06-8c-01) from
revision 0xac up to 0xb4;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in 06-8c-02) from revision
0x2c up to 0x34;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in 06-8d-01) from revision
0x46 up to 0x4e;
- Update of 06-8f-04/0x10 microcode (in 06-8f-04) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-04) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-04) from revision
0x2c000271 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-04) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-04) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-04) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-04) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000271;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision
0x2b0004b1;
- Update of 06-8f-04/0x10 microcode (in 06-8f-05) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-05) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-05) from revision
0x2c000271 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-05) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-05) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-05) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-05) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000271;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision
0x2b0004b1;
- Update of 06-8f-04/0x10 microcode (in 06-8f-06) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-06) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-06) from revision
0x2c000271 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-06) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-06) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-06) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-06) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000271;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision
0x2b0004b1;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-07) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-07) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-07) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-07) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision
0x2b0004b1;
- Update of 06-8f-04/0x10 microcode (in 06-8f-08) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-08) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-08) from revision
0x2c000271 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-08) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-08) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-08) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-08) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000271;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision
0x2b0004b1;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x2e;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x2e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-02) from
revision 0x2e up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2e
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2e
up to 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x2e;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x2e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-05) from
revision 0x2e up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2e
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2e
up to 0x32;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x430;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x430;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x42c;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x42c;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-03) from
revision 0x42c up to 0x430;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x430;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x430;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x42c;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x42c;
- Update of 06-9a-04/0x40 (AZB A0) microcode (in 06-9a-04) from revision 0x4
up to 0x5;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-04) from
revision 0x42c up to 0x430;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode (in 06-a7-01) from revision
0x59 up to 0x5d;
- Update of 06-b7-01/0x32 (RPL-S B0) microcode (in 06-b7-01) from revision
0x119 up to 0x11d;
- Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at
revision 0x411c;
- Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at
revision 0x411c;
- Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at
revision 0x4119;
- Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at
revision 0x4119;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in 06-ba-02) from
revision 0x4119 up to 0x411c;
- Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at
revision 0x411c;
- Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at
revision 0x411c;
- Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at
revision 0x4119;
- Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at
revision 0x4119;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in 06-ba-03) from
revision 0x4119 up to 0x411c;
- Update of 06-be-00/0x11 (ADL-N A0) microcode (in 06-be-00) from revision
0x11 up to 0x12;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x2e;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x2e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-02) from
revision 0x2e up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2e
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2e
up to 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x2e;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x2e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-05) from
revision 0x2e up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2e
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2e
up to 0x32.
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update Intel CPU microcode to microcode-20231114 release, addresses
CVE-2023-23583 (INTEL-SA-00950):
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in 06-6a-06) from revision
0xd0003a5 up to 0xd0003b9;
- Update of 06-6c-01/0x10 (ICL-D B0) microcode (in 06-6c-01) from revision
0x1000230 up to 0x1000268;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in 06-7e-05) from revision
0xbc up to 0xc2;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in 06-8c-01) from
revision 0xac up to 0xb4;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in 06-8c-02) from revision
0x2c up to 0x34;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in 06-8d-01) from revision
0x46 up to 0x4e;
- Update of 06-8f-04/0x10 microcode (in 06-8f-04) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-04) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-04) from revision
0x2c000271 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-04) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-04) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-04) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-04) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision
0x2c000271;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision
0x2b0004b1;
- Update of 06-8f-04/0x10 microcode (in 06-8f-05) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-05) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-05) from revision
0x2c000271 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-05) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-05) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-05) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-05) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision
0x2c000271;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision
0x2b0004b1;
- Update of 06-8f-04/0x10 microcode (in 06-8f-06) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-06) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-06) from revision
0x2c000271 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-06) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-06) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-06) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-06) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision
0x2c000271;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision
0x2b0004b1;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-07) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-07) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-07) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-07) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision
0x2b0004b1;
- Update of 06-8f-04/0x10 microcode (in 06-8f-08) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-08) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-08) from revision
0x2c000271 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-08) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in 06-8f-08) from revision 0x2c000271 up
to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-08) from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-08) from
revision 0x2b0004b1 up to 0x2b0004d0;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000290;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000290;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000271;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision
0x2c000271;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at
revision 0x2b0004d0;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at
revision 0x2b0004d0;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision
0x2b0004b1;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision
0x2b0004b1;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x2e;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at
revision 0x2e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-02) from
revision 0x2e up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2e
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2e
up to 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x2e;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at
revision 0x2e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-05) from
revision 0x2e up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2e
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2e
up to 0x32;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x430;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x430;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x42c;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at
revision 0x42c;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-03) from
revision 0x42c up to 0x430;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x430;
- Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x430;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x42c;
- Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at
revision 0x42c;
- Update of 06-9a-04/0x40 (AZB A0) microcode (in 06-9a-04) from revision 0x4
up to 0x5;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-04) from
revision 0x42c up to 0x430;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode (in 06-a7-01) from revision
0x59 up to 0x5d;
- Update of 06-b7-01/0x32 (RPL-S B0) microcode (in 06-b7-01) from revision
0x119 up to 0x11d;
- Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at
revision 0x411c;
- Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at
revision 0x411c;
- Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at
revision 0x4119;
- Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at
revision 0x4119;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in 06-ba-02) from
revision 0x4119 up to 0x411c;
- Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at
revision 0x411c;
- Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at
revision 0x411c;
- Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at
revision 0x4119;
- Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at
revision 0x4119;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in 06-ba-03) from
revision 0x4119 up to 0x411c;
- Update of 06-be-00/0x11 (ADL-N A0) microcode (in 06-be-00) from revision
0x11 up to 0x12;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x2e;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at
revision 0x2e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-02) from
revision 0x2e up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2e
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2e
up to 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x32;
- Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x32;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x2e;
- Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at
revision 0x2e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-05) from
revision 0x2e up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2e
up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2e
up to 0x32.
0
tuxcare-centos6-els
microcode_ctl-1.17-33.41.el6_10.tuxcare.els1.x86_64.rpm
3dd4d22e729c5d81080daea3b7bc01e740d7b666
CLSA-2023:1702496332
squid: Fix of CVE-2023-46728
TuxCare License Agreement
0
- CVE-2023-46728: Remove support for Gopher protocol
- Enable test-suite
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-46728: Remove support for Gopher protocol
- Enable test-suite
0
tuxcare-centos6-els
squid-3.1.23-30.el6.tuxcare.els9.x86_64.rpm
01005cf60647e47745ed9049bafae79e6e11dc49
CLSA-2023:1702496473
squid34: Fix of CVE-2023-46728
TuxCare License Agreement
0
- CVE-2023-46728: Remove support for Gopher protocol
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-46728: Remove support for Gopher protocol
0
tuxcare-centos6-els
squid34-3.4.14-16.el6.tuxcare.els5.x86_64.rpm
86be4f5a0624c0a7442c6aab4accc769b98321c0
CLSA-2023:1703183093
haproxy: Fix of CVE-2023-45539
TuxCare License Agreement
0
- CVE-2023-45539: do not accept '#' as part of the URI component
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-45539: do not accept '#' as part of the URI component
0
tuxcare-centos6-els
haproxy-1.5.18-1.el6.tuxcare.els1.x86_64.rpm
d1a74ba71d6f13302644efa9433c1182657ac4b4
CLSA-2023:1703183242
squid34: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-49285: Fix date parsing in RFC 1123 to prevent Buffer OverRead
- CVE-2023-49286: Fix DoS attack against Helper process management
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-49285: Fix date parsing in RFC 1123 to prevent Buffer OverRead
- CVE-2023-49286: Fix DoS attack against Helper process management
0
tuxcare-centos6-els
squid34-3.4.14-16.el6.tuxcare.els6.x86_64.rpm
e0d56331f82ab734bee2c4dd00cb757ae9db6d7c
CLSA-2023:1703183411
squid: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-49285: Fix date parsing in RFC 1123 to prevent Buffer OverRead
- CVE-2023-49286: Fix DoS attack against Helper process management
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-49285: Fix date parsing in RFC 1123 to prevent Buffer OverRead
- CVE-2023-49286: Fix DoS attack against Helper process management
0
tuxcare-centos6-els
squid-3.1.23-30.el6.tuxcare.els10.x86_64.rpm
610069ba4d750384e003d971d88d219aaadf2830
CLSA-2023:1703785140
openssh: Fix of CVE-2023-51385
TuxCare License Agreement
0
- CVE-2023-51385: ban user/hostnames with most shell metacharacters in
command line
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-51385: ban user/hostnames with most shell metacharacters in
command line
0
tuxcare-centos6-els
openssh-5.3p1-125.el6.tuxcare.els6.x86_64.rpm
fbc61c93289fe48bfb0afa5129a8931cb9cb0d1f
openssh-askpass-5.3p1-125.el6.tuxcare.els6.x86_64.rpm
fe0ed474e3dd103a495910785a3f5da621758382
openssh-clients-5.3p1-125.el6.tuxcare.els6.x86_64.rpm
ab04e73436d71d110dc749a0ce171ceabfdf7f0c
openssh-ldap-5.3p1-125.el6.tuxcare.els6.x86_64.rpm
afe03615a9d1061e758f06bc16f2bd8ef8d158a6
openssh-server-5.3p1-125.el6.tuxcare.els6.x86_64.rpm
b9a458a8b6664f11f8ea9faab31e88bc718c2b4b
pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els6.i686.rpm
7625674ab101935a580dbbf526747114c1012929
pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els6.x86_64.rpm
16333723af1ba7d04088729c3cafdd8895fd3b27
CLSA-2024:1705079922
python: Fix of CVE-2023-40217
TuxCare License Agreement
0
- CVE-2023-40217: Fix TLS handshake bypass
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-40217: Fix TLS handshake bypass
0
tuxcare-centos6-els
python-2.6.6-70.el6.tuxcare.els13.i686.rpm
22d82f629c58103b7824b7524a41c6e07feead46
python-2.6.6-70.el6.tuxcare.els13.x86_64.rpm
d813b4c1c871b513a7232a63a94fc0ad46e204a9
python-devel-2.6.6-70.el6.tuxcare.els13.i686.rpm
0ed9e4f855e487c3c391f31e851b725db8c9fc6f
python-devel-2.6.6-70.el6.tuxcare.els13.x86_64.rpm
5a6fb08fcd5b5e6e1c27adaf97b7cbee57150b6c
python-libs-2.6.6-70.el6.tuxcare.els13.i686.rpm
2eb387d7f727a344d1369365cf03e2ae149db388
python-libs-2.6.6-70.el6.tuxcare.els13.x86_64.rpm
ec4c9c922c6383356fe006379585b2c1b6ab1d72
python-test-2.6.6-70.el6.tuxcare.els13.x86_64.rpm
be7c8d857ad12b1efa6a32c0ce6bf099854781f6
python-tools-2.6.6-70.el6.tuxcare.els13.x86_64.rpm
556b240516eeaf167ba54fb383da08f8bb0b76d7
tkinter-2.6.6-70.el6.tuxcare.els13.x86_64.rpm
741463ead5a6d66ce27e8eecc0995dd718ac6500
CLSA-2024:1705494430
kernel: Fix of 13 CVEs
TuxCare License Agreement
0
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283}
- ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932}
- smb: client: fix OOB in smbCalcSize() {CVE-2023-6606}
- net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623}
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776}
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567}
- relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268}
- btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111}
- xirc2ps_cs: Fix use after free bug in xirc2ps_detach {CVE-2023-1670}
- Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934}
- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896}
- tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566}
- ipv6: use prandom_u32() for ID generation {CVE-2021-45485}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283}
- ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932}
- smb: client: fix OOB in smbCalcSize() {CVE-2023-6606}
- net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623}
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776}
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567}
- relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268}
- btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111}
- xirc2ps_cs: Fix use after free bug in xirc2ps_detach {CVE-2023-1670}
- Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934}
- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896}
- tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566}
- ipv6: use prandom_u32() for ID generation {CVE-2021-45485}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm
7a15d54de0d1296164241b93bc1822a6d934ff55
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm
0b22e2c10b02edbed22033f8e151e0f424f78e35
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els14.i686.rpm
d7c4dfa56b88c906cf00bc34a4132394df709c31
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm
61fee98197256eeb813b6c30e935d7b901345a58
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm
ce48c45d022eab72074d8ff5ccee1961b7bcf967
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm
0de334aa92698da5bcbfc96d119f9034d3661b76
perf-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm
aafd97873063abe206c1a8f02a7d5a2271986aa4
python-perf-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm
5f0e40a0990f3005cbd3f0b1630e893c197e718d
CLSA-2024:1705494763
kernel: Fix of 13 CVEs
TuxCare License Agreement
0
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283}
- ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932}
- smb: client: fix OOB in smbCalcSize() {CVE-2023-6606}
- net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623}
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776}
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567}
- relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268}
- btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111}
- xirc2ps_cs: Fix use after free bug in xirc2ps_detach {CVE-2023-1670}
- Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934}
- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896}
- tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566}
- ipv6: use prandom_u32() for ID generation {CVE-2021-45485}
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283}
- ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932}
- smb: client: fix OOB in smbCalcSize() {CVE-2023-6606}
- net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623}
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776}
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567}
- relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268}
- btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111}
- xirc2ps_cs: Fix use after free bug in xirc2ps_detach {CVE-2023-1670}
- Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934}
- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896}
- tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566}
- ipv6: use prandom_u32() for ID generation {CVE-2021-45485}
0
tuxcare-centos6-els
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els14.noarch.rpm
02d287321837996d1f62a4e00cee65cd2a94cc90
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els14.noarch.rpm
9bde92b8bd1a3febc5d6f6850a456f2da41a291c
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els14.noarch.rpm
1c7fd207e203b32548d9ef50e64d94bc697c8062
CLSA-2024:1705945513
Update of ca-certificates
TuxCare License Agreement
0
- update to CKBI 2.64 from NSS 3.95
- updated:
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
- removed old certificates:
- # Certificate "E-Tugra Certification Authority"
- # Certificate "Hongkong Post Root CA 1"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
- # Certificate "TrustCor ECA-1"
- # Certificate "TrustCor RootCert CA-1"
- # Certificate "TrustCor RootCert CA-2"
- # Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
- # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
- added new certificates:
- # Certificate "Atos TrustedRoot Root CA ECC G2 2020"
- # Certificate "Atos TrustedRoot Root CA ECC TLS 2021"
- # Certificate "Atos TrustedRoot Root CA RSA G2 2020"
- # Certificate "Atos TrustedRoot Root CA RSA TLS 2021"
- # Certificate "CommScope Public Trust ECC Root-01"
- # Certificate "CommScope Public Trust ECC Root-02"
- # Certificate "CommScope Public Trust RSA Root-01"
- # Certificate "CommScope Public Trust RSA Root-02"
- # Certificate "LAWtrust Root CA2 (4096)"
- # Certificate "Sectigo Public Email Protection Root E46"
- # Certificate "Sectigo Public Email Protection Root R46"
- # Certificate "Sectigo Public Server Authentication Root E46"
- # Certificate "Sectigo Public Server Authentication Root R46"
- # Certificate "SSL.com Client ECC Root CA 2022"
- # Certificate "SSL.com Client RSA Root CA 2022"
- # Certificate "SSL.com TLS ECC Root CA 2022"
- # Certificate "SSL.com TLS RSA Root CA 2022"
- # Certificate "TrustAsia Global Root CA G3"
- # Certificate "TrustAsia Global Root CA G4"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- update to CKBI 2.64 from NSS 3.95
- updated:
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
- removed old certificates:
- # Certificate "E-Tugra Certification Authority"
- # Certificate "Hongkong Post Root CA 1"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
- # Certificate "TrustCor ECA-1"
- # Certificate "TrustCor RootCert CA-1"
- # Certificate "TrustCor RootCert CA-2"
- # Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
- # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
- added new certificates:
- # Certificate "Atos TrustedRoot Root CA ECC G2 2020"
- # Certificate "Atos TrustedRoot Root CA ECC TLS 2021"
- # Certificate "Atos TrustedRoot Root CA RSA G2 2020"
- # Certificate "Atos TrustedRoot Root CA RSA TLS 2021"
- # Certificate "CommScope Public Trust ECC Root-01"
- # Certificate "CommScope Public Trust ECC Root-02"
- # Certificate "CommScope Public Trust RSA Root-01"
- # Certificate "CommScope Public Trust RSA Root-02"
- # Certificate "LAWtrust Root CA2 (4096)"
- # Certificate "Sectigo Public Email Protection Root E46"
- # Certificate "Sectigo Public Email Protection Root R46"
- # Certificate "Sectigo Public Server Authentication Root E46"
- # Certificate "Sectigo Public Server Authentication Root R46"
- # Certificate "SSL.com Client ECC Root CA 2022"
- # Certificate "SSL.com Client RSA Root CA 2022"
- # Certificate "SSL.com TLS ECC Root CA 2022"
- # Certificate "SSL.com TLS RSA Root CA 2022"
- # Certificate "TrustAsia Global Root CA G3"
- # Certificate "TrustAsia Global Root CA G4"
0
tuxcare-centos6-els
ca-certificates-2023.2.64-60.1.el6.tuxcare.els1.noarch.rpm
e1179d05f950fa4b29122d8e275ee3d8d7e59759
CLSA-2024:1706027577
squid34: Fix of CVE-2023-50269
TuxCare License Agreement
0
- CVE-2023-50269: Limit the number of allowed X-Forwarded-For hops to prevent DoS
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-50269: Limit the number of allowed X-Forwarded-For hops to prevent DoS
0
tuxcare-centos6-els
squid34-3.4.14-16.el6.tuxcare.els7.x86_64.rpm
2939a7a5005467749f18ba963f9e6d6127d5b660
CLSA-2024:1706027727
squid: Fix of CVE-2023-50269
TuxCare License Agreement
0
- CVE-2023-50269: Limit the number of allowed X-Forwarded-For hops to prevent DoS
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-50269: Limit the number of allowed X-Forwarded-For hops to prevent DoS
0
tuxcare-centos6-els
squid-3.1.23-30.el6.tuxcare.els11.x86_64.rpm
47c0630723fba940f0deec14f6e36585b9fef6ca
CLSA-2024:1706698228
java-1.8.0-openjdk: Fix of 8 CVEs
TuxCare License Agreement
0
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u402-b06. That fixes following CVEs:
- CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler
- CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution
- CVE-2024-20921: Range check loop optimization issue
- CVE-2024-20926: Arbitrary Java code execution in Nashorn
- CVE-2024-20945: Logging of digital signature private keys
- CVE-2024-20952: RSA padding issue and timing side-channel attack against TLS
- CVE-2023-22067: IOR deserialization issue in CORBA (fixed in jdk8u392)
- CVE-2023-22081: Certificate path validation issue during client authentication (fixed in jdk8u392)
- Adapt pr2462 patch to the new sources
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u402-b06. That fixes following CVEs:
- CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler
- CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution
- CVE-2024-20921: Range check loop optimization issue
- CVE-2024-20926: Arbitrary Java code execution in Nashorn
- CVE-2024-20945: Logging of digital signature private keys
- CVE-2024-20952: RSA padding issue and timing side-channel attack against TLS
- CVE-2023-22067: IOR deserialization issue in CORBA (fixed in jdk8u392)
- CVE-2023-22081: Certificate path validation issue during client authentication (fixed in jdk8u392)
- Adapt pr2462 patch to the new sources
0
tuxcare-centos6-els
java-1.8.0-openjdk-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
8fd7f45a0d4d811d019c28fb88dfb53606067b49
java-1.8.0-openjdk-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
ffb704c0f7a77caa96e4a0fbdf76d1fe5b81000c
java-1.8.0-openjdk-demo-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
d074035c651b13193f063df0fc17e91f70078f8b
java-1.8.0-openjdk-demo-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
792344b9fdcb511ff203ad08bfa4eac967d847a9
java-1.8.0-openjdk-devel-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
ae071e9d1300f22d67d3fc2578e068d73318af04
java-1.8.0-openjdk-devel-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
11d0a26137a60764a24285d6fa07f8d48709e02a
java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
e71fac9ecbc3eb9839df634fa0ecd4a9245dcd03
java-1.8.0-openjdk-headless-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
015bbd09d0f8252ca0af85d97b790fba95f3c60b
java-1.8.0-openjdk-javadoc-1.8.0.402.b06-1.el6.tuxcare.els1.noarch.rpm
466ae3ecc3f207ee8655e5b1e11571f987666625
java-1.8.0-openjdk-javadoc-debug-1.8.0.402.b06-1.el6.tuxcare.els1.noarch.rpm
20d747317b94f854d018ec0b0f0c19c3a2381d35
java-1.8.0-openjdk-src-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
60d1e3339d7c17a27ad1420bbec179a96ea2f9bf
java-1.8.0-openjdk-src-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm
2eabc83583424c92c6643520b54c8ea2ecc86e39
CLSA-2024:1708028140
Update of microcode_ctl
TuxCare License Agreement
0
- Update AMD CPU microcode to 2023-10-19:
- Addition AMD CPU microcode for processor family 19h: sig 0x00a10f12,
sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11;
- Update AMD CPU microcode for processor family 17h: sig 0x00830f10.
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update AMD CPU microcode to 2023-10-19:
- Addition AMD CPU microcode for processor family 19h: sig 0x00a10f12,
sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11;
- Update AMD CPU microcode for processor family 17h: sig 0x00830f10.
0
tuxcare-centos6-els
microcode_ctl-1.17-33.41.el6_10.tuxcare.els2.x86_64.rpm
a7eabbec04fc7b0f03193a45b065d74cc5b15a99
CLSA-2024:1708028290
Update of nss
TuxCare License Agreement
0
- Update to CKBI 2.64 from NSS 3.95
- Removed:
- # Certificate "E-Tugra Certification Authority"
- # Certificate "Hongkong Post Root CA 1"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
- # Certificate "TrustCor ECA-1"
- # Certificate "TrustCor RootCert CA-1"
- # Certificate "TrustCor RootCert CA-2"
- # Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
- # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
- Added:
- # Certificate "Atos TrustedRoot Root CA ECC G2 2020"
- # Certificate "Atos TrustedRoot Root CA ECC TLS 2021"
- # Certificate "Atos TrustedRoot Root CA RSA G2 2020"
- # Certificate "Atos TrustedRoot Root CA RSA TLS 2021"
- # Certificate "CommScope Public Trust ECC Root-01"
- # Certificate "CommScope Public Trust ECC Root-02"
- # Certificate "CommScope Public Trust RSA Root-01"
- # Certificate "CommScope Public Trust RSA Root-02"
- # Certificate "LAWtrust Root CA2 (4096)"
- # Certificate "Sectigo Public Email Protection Root E46"
- # Certificate "Sectigo Public Email Protection Root R46"
- # Certificate "Sectigo Public Server Authentication Root E46"
- # Certificate "Sectigo Public Server Authentication Root R46"
- # Certificate "SSL.com Client ECC Root CA 2022"
- # Certificate "SSL.com Client RSA Root CA 2022"
- # Certificate "SSL.com TLS ECC Root CA 2022"
- # Certificate "SSL.com TLS RSA Root CA 2022"
- # Certificate "TrustAsia Global Root CA G3"
- # Certificate "TrustAsia Global Root CA G4"
- Update test certificates
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update to CKBI 2.64 from NSS 3.95
- Removed:
- # Certificate "E-Tugra Certification Authority"
- # Certificate "Hongkong Post Root CA 1"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
- # Certificate "TrustCor ECA-1"
- # Certificate "TrustCor RootCert CA-1"
- # Certificate "TrustCor RootCert CA-2"
- # Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
- # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
- Added:
- # Certificate "Atos TrustedRoot Root CA ECC G2 2020"
- # Certificate "Atos TrustedRoot Root CA ECC TLS 2021"
- # Certificate "Atos TrustedRoot Root CA RSA G2 2020"
- # Certificate "Atos TrustedRoot Root CA RSA TLS 2021"
- # Certificate "CommScope Public Trust ECC Root-01"
- # Certificate "CommScope Public Trust ECC Root-02"
- # Certificate "CommScope Public Trust RSA Root-01"
- # Certificate "CommScope Public Trust RSA Root-02"
- # Certificate "LAWtrust Root CA2 (4096)"
- # Certificate "Sectigo Public Email Protection Root E46"
- # Certificate "Sectigo Public Email Protection Root R46"
- # Certificate "Sectigo Public Server Authentication Root E46"
- # Certificate "Sectigo Public Server Authentication Root R46"
- # Certificate "SSL.com Client ECC Root CA 2022"
- # Certificate "SSL.com Client RSA Root CA 2022"
- # Certificate "SSL.com TLS ECC Root CA 2022"
- # Certificate "SSL.com TLS RSA Root CA 2022"
- # Certificate "TrustAsia Global Root CA G3"
- # Certificate "TrustAsia Global Root CA G4"
- Update test certificates
0
tuxcare-centos6-els
nss-3.44.0-12.el6.tuxcare.els5.i686.rpm
929b37eb8e5026b2caa0b99edabde759b6d1b931
nss-3.44.0-12.el6.tuxcare.els5.x86_64.rpm
145020cbe5a933f28e9427cee05c14918ed78f50
nss-devel-3.44.0-12.el6.tuxcare.els5.i686.rpm
6e45308a8cf4e906db16f70ab2da4931169392c5
nss-devel-3.44.0-12.el6.tuxcare.els5.x86_64.rpm
feddf4a00e0102840b1dae6c3f5dfebaab11cdc6
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els5.i686.rpm
5137d5414874d4d7ecd0c6065074564d42778fa5
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els5.x86_64.rpm
3fbcad0a0f17897e9467901b5ca99e4e4401e15a
nss-sysinit-3.44.0-12.el6.tuxcare.els5.x86_64.rpm
ac176316964310954ac726e9c0b5dde692ec91f0
nss-tools-3.44.0-12.el6.tuxcare.els5.x86_64.rpm
995c7a09fedadd76a8ac63e1077fc190e84366f9
CLSA-2024:1708427919
sudo: Fix of CVE-2023-42465
TuxCare License Agreement
0
- CVE-2023-42465: make sudo less vulnerable to ROWHAMMER attacks
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-42465: make sudo less vulnerable to ROWHAMMER attacks
0
tuxcare-centos6-els
sudo-1.8.6p3-32.el6.tuxcare.els2.x86_64.rpm
1288391624f8758edacb35a366fbe1d2b56a967c
sudo-devel-1.8.6p3-32.el6.tuxcare.els2.i686.rpm
939ed00dae57abb02bbb63fef5a517ec4f4419c8
sudo-devel-1.8.6p3-32.el6.tuxcare.els2.x86_64.rpm
45ef4fd375b0746182729259253c9710644f2641
CLSA-2024:1708639232
libxml2: Fix of CVE-2024-25062
TuxCare License Agreement
0
- CVE-2024-25062: Fix xmlValidatePopElement use-after-free in XML Reader
interface with DTD validation and XInclude expansion enabled
- test suite was partially activated
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-25062: Fix xmlValidatePopElement use-after-free in XML Reader
interface with DTD validation and XInclude expansion enabled
- test suite was partially activated
0
tuxcare-centos6-els
libxml2-2.7.6-21.el6_8.1.tuxcare.els5.i686.rpm
265c50dd2fdd9b98f6d2a2335fe28e40d67d32c0
libxml2-2.7.6-21.el6_8.1.tuxcare.els5.x86_64.rpm
fd40eff69944fe642e4c39ec0d34e80eb5c4aa91
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els5.i686.rpm
d05ee80ce72eb2fd0725ffbcead7af2d97431582
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els5.x86_64.rpm
c5405aa09c156e4e9a424167264999120e7ff10a
libxml2-python-2.7.6-21.el6_8.1.tuxcare.els5.x86_64.rpm
4bad63d6562a409b633965485edf0c63eec183cb
libxml2-static-2.7.6-21.el6_8.1.tuxcare.els5.x86_64.rpm
4d548d29a020e7aefdd2df5588d98e8008584630
CLSA-2024:1708639645
sudo: Fix of CVE-2023-42465
TuxCare License Agreement
0
- Remove sudo-1.9.15-CVE-2023-42465.patch due to bug
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Remove sudo-1.9.15-CVE-2023-42465.patch due to bug
0
tuxcare-centos6-els
sudo-1.8.6p3-32.el6.tuxcare.els3.x86_64.rpm
5970fefdb8ef070456bed30e6d9158a0bf3d3251
sudo-devel-1.8.6p3-32.el6.tuxcare.els3.i686.rpm
5c046a5c821a6a5b138ac0c6e5b466e9d32d7bda
sudo-devel-1.8.6p3-32.el6.tuxcare.els3.x86_64.rpm
982c54e73dac0b31cc1eb50e40358110b0cc4283
CLSA-2024:1709204660
kernel: Fix of 7 CVEs
TuxCare License Agreement
0
- KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) {CVE-2021-3653}
- xen/netfront: fix leaking data in shared pages {CVE-2022-33740}
- xfs: fix up non-directory creation in SGID directories {CVE-2021-4037}
- net_sched: cls_route: remove from list when handle is 0 {CVE-2022-2588}
- atm: Fix Use-After-Free in do_vcc_ioctl {CVE-2023-51780}
- ida: Fix crash in ida_free when the bitmap is empty {CVE-2023-6915}
- drm/atomic: Fix potential use-after-free in nonblocking commits {CVE-2023-51043}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) {CVE-2021-3653}
- xen/netfront: fix leaking data in shared pages {CVE-2022-33740}
- xfs: fix up non-directory creation in SGID directories {CVE-2021-4037}
- net_sched: cls_route: remove from list when handle is 0 {CVE-2022-2588}
- atm: Fix Use-After-Free in do_vcc_ioctl {CVE-2023-51780}
- ida: Fix crash in ida_free when the bitmap is empty {CVE-2023-6915}
- drm/atomic: Fix potential use-after-free in nonblocking commits {CVE-2023-51043}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm
48e6263852f25dacafc138dc9817126cc1c4dafc
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm
c0ea530a023233c05b55ebac64afde7a3b786903
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els15.i686.rpm
78469ecef43b84a53b82b5686fdd7042fff9aaa0
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm
80952d995d45629eb72a11f2fbee34d7e783d03c
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm
8c4e2d9582822ebb16fe11ee4bd8b5549a017699
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm
785b8562644132b1fa0dda8f43ab6e8a37281a0e
perf-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm
27bf45ef575e0040122a33eecc32a7063917e311
python-perf-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm
d3989954fb2a1806f2ce4459b6051b49c4640dd3
CLSA-2024:1709204778
kernel: Fix of 7 CVEs
TuxCare License Agreement
0
- KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) {CVE-2021-3653}
- xen/netfront: fix leaking data in shared pages {CVE-2022-33740}
- xfs: fix up non-directory creation in SGID directories {CVE-2021-4037}
- net_sched: cls_route: remove from list when handle is 0 {CVE-2022-2588}
- atm: Fix Use-After-Free in do_vcc_ioctl {CVE-2023-51780}
- ida: Fix crash in ida_free when the bitmap is empty {CVE-2023-6915}
- drm/atomic: Fix potential use-after-free in nonblocking commits {CVE-2023-51043}
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) {CVE-2021-3653}
- xen/netfront: fix leaking data in shared pages {CVE-2022-33740}
- xfs: fix up non-directory creation in SGID directories {CVE-2021-4037}
- net_sched: cls_route: remove from list when handle is 0 {CVE-2022-2588}
- atm: Fix Use-After-Free in do_vcc_ioctl {CVE-2023-51780}
- ida: Fix crash in ida_free when the bitmap is empty {CVE-2023-6915}
- drm/atomic: Fix potential use-after-free in nonblocking commits {CVE-2023-51043}
0
tuxcare-centos6-els
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els15.noarch.rpm
951e528e6dd060101a0fdc382ab5d382f5038975
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els15.noarch.rpm
b2e2afe31a16e403a30e7f414dd5a77d7d3759c4
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els15.noarch.rpm
d0ba0ae517c576a2429564d7d57b4022826e03b1
CLSA-2024:1709563938
vim: Fix of CVE-2024-22667
TuxCare License Agreement
0
- CVE-2024-22667: addressing a potential stack-buffer-overflow in option
processing functions
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-22667: addressing a potential stack-buffer-overflow in option
processing functions
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els46.x86_64.rpm
2e4d20e7f94e3e1c8a0b1b75ea8d098b0a0fcfcd
vim-common-7.4.629-5.2.el6.tuxcare.els46.x86_64.rpm
8b667c62e924e37e482fdeca6c873f4625fb965f
vim-enhanced-7.4.629-5.2.el6.tuxcare.els46.x86_64.rpm
17e6da2f3c00f2b58b01d582fd18c867c4d19b17
vim-filesystem-7.4.629-5.2.el6.tuxcare.els46.x86_64.rpm
4f756790675096925a1838238a7718ca86140ca1
vim-minimal-7.4.629-5.2.el6.tuxcare.els46.x86_64.rpm
d40f904425d41a7afa2eb21fc9f74896809afc72
CLSA-2024:1710437162
bind: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed
zone responses
- CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3
- Enable internal tests by default
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed
zone responses
- CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3
- Enable internal tests by default
0
tuxcare-centos6-els
bind-9.8.2-0.68.rc1.el6.11.tuxcare.els8.x86_64.rpm
9f391bb1d369ebc8f7d5800faf8fcda105bfa0f4
bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els8.x86_64.rpm
4f225c5450ef92092cd74550bd9043cde7d98701
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els8.i686.rpm
670b7c4fd3b18ff49930e642604e99d204ede9a0
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els8.x86_64.rpm
6946ff0cefba9eafdc51a42968327ecebc5fe937
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els8.i686.rpm
8f122726aee14fe4eac0349b3322f65e6e54f75d
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els8.x86_64.rpm
e676720138008f363ff578a3a051310542bef64f
bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els8.x86_64.rpm
a466b19d6a748eeb8616ed408a66044700984fc8
bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els8.x86_64.rpm
65f76c51b764c30b025eeeb35c27d110f7976b3b
CLSA-2024:1711491615
squid: Fix of CVE-2024-25617
TuxCare License Agreement
0
- CVE-2024-25617: Fix denial of service in HTTP header parser
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-25617: Fix denial of service in HTTP header parser
0
tuxcare-centos6-els
squid-3.1.23-30.el6.tuxcare.els12.x86_64.rpm
d1b43fa1781abb3653a3d379943827548ddde5e1
CLSA-2024:1711563462
Update of tzdata
TuxCare License Agreement
0
- Upgrade to tzdata-2024a
- Kazakhstan unifies on UTC+5 beginning 2024-03-01.
- Palestine springs forward a week later after Ramadan.
- localtime no longer mishandles Ciudad Juárez in 2422.
- zic no longer pretends to support indefinite-past DST.
- Ittoqqortoormiit, Greenland changes time zones on 2024-03-31.
- Vostok, Antarctica changed time zones on 2023-12-18.
- Casey, Antarctica changed time zones five times since 2020.
- Code and data fixes for Palestine timestamps starting in 2072.
- A new data file zonenow.tab for timestamps starting now.
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to tzdata-2024a
- Kazakhstan unifies on UTC+5 beginning 2024-03-01.
- Palestine springs forward a week later after Ramadan.
- localtime no longer mishandles Ciudad Juárez in 2422.
- zic no longer pretends to support indefinite-past DST.
- Ittoqqortoormiit, Greenland changes time zones on 2024-03-31.
- Vostok, Antarctica changed time zones on 2023-12-18.
- Casey, Antarctica changed time zones five times since 2020.
- Code and data fixes for Palestine timestamps starting in 2072.
- A new data file zonenow.tab for timestamps starting now.
0
tuxcare-centos6-els
tzdata-2024a-1.el6.tuxcare.els1.noarch.rpm
38876d60466c83a396d3e58bf6b5f9480213e109
tzdata-java-2024a-1.el6.tuxcare.els1.noarch.rpm
4a9901845669357990677471855d3c21b7e14324
CLSA-2024:1712262573
unixODBC: Fix of CVE-2024-1013
TuxCare License Agreement
0
- CVE-2024-1013: Fix out-of-bounds stack write issue by adjusting callee write
size from 8 to 4 bytes
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-1013: Fix out-of-bounds stack write issue by adjusting callee write
size from 8 to 4 bytes
0
tuxcare-centos6-els
unixODBC-2.2.14-14.el6.tuxcare.els1.i686.rpm
a0344666750f81185401c3b5ca61ac8fcab7892a
unixODBC-2.2.14-14.el6.tuxcare.els1.x86_64.rpm
fc630c2d50258f71b02e75ab6fafeb2fe6172135
unixODBC-devel-2.2.14-14.el6.tuxcare.els1.i686.rpm
d27578e96d6d55ee0d589e6fc7c0e64add92b739
unixODBC-devel-2.2.14-14.el6.tuxcare.els1.x86_64.rpm
370efc36c8fce93118894ac4b3adbab5e75d2308
unixODBC-kde-2.2.14-14.el6.tuxcare.els1.i686.rpm
68f4a685d548f7adabb3afe336e4e66334e893d2
unixODBC-kde-2.2.14-14.el6.tuxcare.els1.x86_64.rpm
e0de237a10a6628d69a9b6f45949818ab70b4f32
CLSA-2024:1713523278
less: Fix of CVE-2022-48624
TuxCare License Agreement
0
- CVE-2022-48624: shell-quote filenames when invoking LESSCLOSE
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-48624: shell-quote filenames when invoking LESSCLOSE
0
tuxcare-centos6-els
less-436-13.el6.tuxcare.els1.x86_64.rpm
14d69c0e195d3cb136f77d52e44fc7157de8ff1f
CLSA-2024:1715280966
php: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2022-31629: Add cookie integrity validation
- CVE-2024-2756: Move cookie integrity validation downwards
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-31629: Add cookie integrity validation
- CVE-2024-2756: Move cookie integrity validation downwards
0
tuxcare-centos6-els
php-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
d5ba215b40d9e388c18b9b3e6a1d4e13bb90283a
php-bcmath-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
3b056fd72f83a8f378a3c380a58eba88ac35983c
php-cli-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
cc5a2742424163901195a89bcaf4ba05de4a6d76
php-common-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
6c1c3bcc8208cc4e46f604972c14118e7d9a26b2
php-dba-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
b4ebafef48b3343aa9ff907c56715754fae185c4
php-devel-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
b9904f819a31dc3285fb21332062b0a1079d64b9
php-embedded-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
6b56764399563f8f13888668e5fcc15d4a4f82a0
php-enchant-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
428f206df2f3ea2c0dab0612275cf56b611d0192
php-fpm-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
81697155636855149a6cd02b42cbd29abff8da4f
php-gd-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
be915cab04660569b0f15acf7f33b4c47eae0f06
php-imap-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
114c94b0733a63353e4f2bf6c499b15cd3b6d7a9
php-intl-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
6c5082b2c3b44a4b0427bd116f1a009987af74dd
php-ldap-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
477bb1ee76a27353b621eac113d74917b5c01d34
php-mbstring-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
8d751ca690cd0e14f6af3ae20d1e04752ab77ca6
php-mysql-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
912776660471712a6cdb85d31e03f1189305f41f
php-odbc-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
9126ff7b7ccbf086c1a87f3f913ea3be7c88d60c
php-pdo-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
89a6bde9b001d1d965d6722694acb6d48c614790
php-pgsql-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
bc878c1063efd234e9cd4f8cd0d7fd20fe4dd873
php-process-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
317831d7c2a31f3c685fd9cdf85b10b54b212eee
php-pspell-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
b112cfcdf815e5540c338fc5cc421bf6361f08f5
php-recode-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
bf65e9ecc36e833325a45e43b52b92e4375297e5
php-snmp-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
729d37dbc78127b2c39347caa661213e7e20acac
php-soap-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
73e9de9369fa99b04dea76c4b743d9b3cf4c6ff5
php-tidy-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
262adfbf3ad6da1b3deeb4994272283356fa5c1e
php-xml-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
e9fb3222dfac211432e463818e3ab0d9f8c0cccb
php-xmlrpc-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
58178420be0b04b31e5bd9cb4b789e85a092a4fe
php-zts-5.3.3-55.el6.tuxcare.els7.x86_64.rpm
ea03df9ea127d395391ccdbac955dcc1d4c1a92a
CLSA-2024:1715946466
less: Fix of CVE-2024-32487
TuxCare License Agreement
0
- CVE-2024-32487: filename.c: quoting mishandling
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-32487: filename.c: quoting mishandling
0
tuxcare-centos6-els
less-436-13.el6.tuxcare.els2.x86_64.rpm
79d9fe5d1dfe82233b717ca4611a733b47478075
CLSA-2024:1716287930
ansible: Fix of CVE-2023-5764
TuxCare License Agreement
0
- CVE-2023-5764: avoid evaluate unsafe conditions
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-5764: avoid evaluate unsafe conditions
0
tuxcare-centos6-els
ansible-2.6.20-1.el6.tuxcare.els1.noarch.rpm
d6c8b24d13c87150fa1cb8ae3bba232f294227c2
ansible-doc-2.6.20-1.el6.tuxcare.els1.noarch.rpm
8b646a4394054ad21ee07f5c5f9ac3a981741552
CLSA-2024:1717694505
glibc: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2018-11236: fix stack buffer overflow when realpath() input length is close
to SSIZE_MAX.
- CVE-2024-2961: fix out-of-bound writes in ISO-2022-CN-EXT escape sequences
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2018-11236: fix stack buffer overflow when realpath() input length is close
to SSIZE_MAX.
- CVE-2024-2961: fix out-of-bound writes in ISO-2022-CN-EXT escape sequences
0
tuxcare-centos6-els
glibc-2.12-2.215.el6.tuxcare.els8.i686.rpm
4b23f126a102a6041bcb1843242dbf53dff9a280
glibc-2.12-2.215.el6.tuxcare.els8.x86_64.rpm
bcc2788a2a40504cb085ed1cac4bb863fa0bddef
glibc-common-2.12-2.215.el6.tuxcare.els8.x86_64.rpm
3ab7da644101f375bfa72613ee52f9f767d3c1b6
glibc-devel-2.12-2.215.el6.tuxcare.els8.i686.rpm
3ddca8a5b09d46c5b009f311d48ab4b182a4f0f1
glibc-devel-2.12-2.215.el6.tuxcare.els8.x86_64.rpm
4fb4eebe063b242187334e708987e484e878f432
glibc-headers-2.12-2.215.el6.tuxcare.els8.x86_64.rpm
041348d3f5b5c452bccc08513e73128a9b348fd1
glibc-static-2.12-2.215.el6.tuxcare.els8.i686.rpm
9e54aca59cac47e62b276312d57c362cb1d7a722
glibc-static-2.12-2.215.el6.tuxcare.els8.x86_64.rpm
8b2cfab40288c7908207632ec8880e0dbe35adba
glibc-utils-2.12-2.215.el6.tuxcare.els8.x86_64.rpm
314a0287051db4dcf2ef0c643d2896304fa67ea4
nscd-2.12-2.215.el6.tuxcare.els8.x86_64.rpm
ff833f54b1ce1cb15be7160ba07085c07045a989
CLSA-2024:1718901417
glibc: Fix of CVE-2024-33599
TuxCare License Agreement
0
- CVE-2024-33599: Fix buffer overflow in netgroup cache
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-33599: Fix buffer overflow in netgroup cache
0
tuxcare-centos6-els
glibc-2.12-2.215.el6.tuxcare.els9.i686.rpm
5c211a8cd671ed812ee677950ad8873966474a45
glibc-2.12-2.215.el6.tuxcare.els9.x86_64.rpm
1d9a93eaf7374e8848d8cc08a8dcc1aeac492f6c
glibc-common-2.12-2.215.el6.tuxcare.els9.x86_64.rpm
7ab448834823c640979036d97c3026d88608b02e
glibc-devel-2.12-2.215.el6.tuxcare.els9.i686.rpm
2e2e21adcaa76ae9ee026ce833150c140afd2e7c
glibc-devel-2.12-2.215.el6.tuxcare.els9.x86_64.rpm
64c054765ff34b83b746c197f89caab5b8f32a38
glibc-headers-2.12-2.215.el6.tuxcare.els9.x86_64.rpm
f9a8909f621565c4e9b9df52d0b68bd217c7fc6b
glibc-static-2.12-2.215.el6.tuxcare.els9.i686.rpm
c1ed93cc5ef7fd28c29959efa8916bab3e13a7db
glibc-static-2.12-2.215.el6.tuxcare.els9.x86_64.rpm
ffa64cd23bbdda25219c4cbd7f2842653d4efd1b
glibc-utils-2.12-2.215.el6.tuxcare.els9.x86_64.rpm
769d1e2dd338fda63515ed2472ee16b8419c02be
nscd-2.12-2.215.el6.tuxcare.els9.x86_64.rpm
98b1ea0c9ed7e7979c31175ed5f71f5d453147f3
CLSA-2024:1724705338
bind: Fix of CVE-2024-1975
TuxCare License Agreement
0
- CVE-2024-1975: Remove support for SIG(0) message verification
- Fix tsiggss test
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-1975: Remove support for SIG(0) message verification
- Fix tsiggss test
0
tuxcare-centos6-els
bind-9.8.2-0.68.rc1.el6.11.tuxcare.els9.x86_64.rpm
82265e87292de4b2541cc837d58d85c93a8abb4e156da450d07ecd4601c8df8a
bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els9.x86_64.rpm
635783c0a28d4016f8d729d380d9bd70f3bb061a76f8515d2313c916f146a4be
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els9.i686.rpm
bd89cc17ba1808914e0a4ae1cd351ad5020632f7bb2505ea77731804b0143533
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els9.x86_64.rpm
f302967d0960a6cb7768ff322613a1d30c868e3c41ab8425bebc172cde6c714c
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els9.i686.rpm
e2c1f4a60c22607f03aea059de5eac3bad023a0a0cf8387cc6efd1078f65bb6a
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els9.x86_64.rpm
bf221f0b4f9080a38bd1fa9675193cd51668f53651e873e7ff86e83be08b43c5
bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els9.x86_64.rpm
6a617dd4e01014c53b8fd2ec00c34cb0a267d19285d56202e2b37e18fb7f534e
bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els9.x86_64.rpm
787f315bf42f8f9eb4c328cb2273f8fda4a214eab691fd57a91fcfec8b362806
CLSA-2024:1724774331
kernel: Fix of 11 CVEs
TuxCare License Agreement
0
- drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960}
- af_unix: Fix garbage collector racing against connect() {CVE-2024-26923}
- ipv6: remove max_size check inline with ipv4 {CVE-2023-52340}
- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts {CVE-2023-6270}
- smb: client: fix use-after-free bug in cifs_debug_data_proc_show() {CVE-2023-52752}
- hdlc_ppp: add range checks in ppp_cp_parse_cr() {CVE-2020-25643}
- perf/core: Fix race in the perf_mmap_close() function {CVE-2020-14351}
- media: xirlink_cit: add missing descriptor sanity checks {CVE-2020-11668}
- vt: selection, close sel_buffer race {CVE-2020-8648}
- net: sched: sch_qfq: Fix UAF in qfq_dequeue() {CVE-2023-4921}
- media: pvrusb2: fix use after free on context disconnection {CVE-2023-52445}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960}
- af_unix: Fix garbage collector racing against connect() {CVE-2024-26923}
- ipv6: remove max_size check inline with ipv4 {CVE-2023-52340}
- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts {CVE-2023-6270}
- smb: client: fix use-after-free bug in cifs_debug_data_proc_show() {CVE-2023-52752}
- hdlc_ppp: add range checks in ppp_cp_parse_cr() {CVE-2020-25643}
- perf/core: Fix race in the perf_mmap_close() function {CVE-2020-14351}
- media: xirlink_cit: add missing descriptor sanity checks {CVE-2020-11668}
- vt: selection, close sel_buffer race {CVE-2020-8648}
- net: sched: sch_qfq: Fix UAF in qfq_dequeue() {CVE-2023-4921}
- media: pvrusb2: fix use after free on context disconnection {CVE-2023-52445}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm
1f9b174d060ad87cb5c83dc8157d529c9df01b13cb3c8a694e74c7335c361c6e
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm
7218d72c6d7e2f61621fecf4aaf62ddc601b6f97288ddd6dbc833ce9a439578b
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els16.i686.rpm
260ad38909e25d03ab29eab87e575f3e17d297823f1cc32b15bc89689b6f89d1
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm
4248746da4f3a13c0e9d7c970b7fb02cb7cba5d9f27d9bda4f7b7ff9cc4caaad
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm
6dabf34b1b0b770e38dba80d9023f0d25be5351b5ea5637e8ed6de63ca4e27d2
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm
af64904cc42a92d7f60af02d204a6baddbd3ce96bdc1e5c8c6cd405f995954b1
perf-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm
dfcad9164ca373633b3a88652a94afaf9be30e9ab9d49f4ef6c5e68292c12232
python-perf-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm
ab5113afe8e8f3f5d9ded22cb660a7d5f5184aa1537360e84ac048c6bcdf900b
CLSA-2024:1725385588
clamav: Fix of 2 CVEs
TuxCare License Agreement
0
- Update to 0.103.11
- CVE-2023-20032: fix missing buffer size check that may result
in a heap buffer overflow write
- Don't apply clamav-check.patch and CVE-2022-20698.patch as they have already
been applied in new 0.103.11 version
- Don't apply clamav-clamonacc-service.patch since el6 doesn't have systemd
and service file is useless
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update to 0.103.11
- CVE-2023-20032: fix missing buffer size check that may result
in a heap buffer overflow write
- Don't apply clamav-check.patch and CVE-2022-20698.patch as they have already
been applied in new 0.103.11 version
- Don't apply clamav-clamonacc-service.patch since el6 doesn't have systemd
and service file is useless
0
tuxcare-centos6-els
clamav-0.103.11-1.el6.tuxcare.els1.i686.rpm
471864c4cdbce371a1b1877e822d9a11ddba5407838d35c24d8a479a9e480bc8
clamav-0.103.11-1.el6.tuxcare.els1.x86_64.rpm
dc9801c40074a9aedb01bf97701f19b6bab0e13a43482f6f53ab9ea6ecf2e6e9
clamav-data-0.103.11-1.el6.tuxcare.els1.noarch.rpm
b4a8a46c1638d7f6e0d6b63a9a4528da07bedf2badba44e62e122e1646553e91
clamav-devel-0.103.11-1.el6.tuxcare.els1.i686.rpm
b5c53a5d7337b72b577543e373f33deaaee57bd2e2f7a4deb21eac6e9aa24527
clamav-devel-0.103.11-1.el6.tuxcare.els1.x86_64.rpm
2ece7a7f01fd5d720dfdc5532b8f5c36ef1a0e1d319294d90d4c362f23e26fd0
clamav-filesystem-0.103.11-1.el6.tuxcare.els1.noarch.rpm
7794466095e3b19d4e148a11cabfce5d4926bf69ccd89d895fde2cdf4432bd06
clamav-lib-0.103.11-1.el6.tuxcare.els1.x86_64.rpm
6da6b7025357cc11cdf4fd1df70100549c62da304f00d8f5861caad85bb5d517
clamav-milter-0.103.11-1.el6.tuxcare.els1.x86_64.rpm
3f91fc649776688825d9be0aa1327cba1b18616e418154bd524165be89dc9230
clamav-update-0.103.11-1.el6.tuxcare.els1.x86_64.rpm
aa5e6cbcd9c8c589f2d1c4739c71bbc5be61cfd44098d537ec34e1b3c059687f
clamd-0.103.11-1.el6.tuxcare.els1.x86_64.rpm
31f28bc7a336fb7297aed9f3f728d9aeb4a00099398558cb229d2d50f76fc223
CLSA-2024:1725655852
git: Fix of CVE-2024-32004
TuxCare License Agreement
0
- CVE-2024-32004: integrating ownership checking to detect dubious local
repositories during cloning
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-32004: integrating ownership checking to detect dubious local
repositories during cloning
0
tuxcare-centos6-els
emacs-git-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm
1cea242fd455c5dc9f38a5b7c5535f0ac1c3fe04f5cd15a3b97e604f60fd6b8e
emacs-git-el-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm
e79bc2c682de403728b238c3e57be94a8f8c1a4042d001e77934bda9a2bb73d6
git-1.7.1-10.el6_10.tuxcare.els3.x86_64.rpm
1dfe6d7aa951f90f6c49f39edf7b4b71cb38cd9fb26ae78f6e5035d8a3dad379
git-all-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm
ef86da9ce9de1d70560d82721f0253d36b040d18fed1cbd9c0d11e7581751910
git-cvs-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm
eadec70717a65824fc325bb455ae593eea30c63bca6af777bdde0a2ae8c04e2a
git-daemon-1.7.1-10.el6_10.tuxcare.els3.x86_64.rpm
e0c31f1125ccb0ba6eaffacf349344f483c4b5b5c4fabaf76629e204eda8a439
git-email-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm
af0a35fc117a2f080a8390aabb10585870bb25cb165b22e5462d55de86faee8d
git-gui-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm
a1f1143376195252c8f9fe4239b639661b1aed4898d0316ff0ace7f229520665
git-svn-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm
391925035ec7e3766a27e3c991ddbcdf609b3a98a9e38ea76b1511668ae1180a
gitk-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm
f4b02044fde9bddd8ee2b0c7282704834c0db99a879e082e2f5bd02078cfd69e
gitweb-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm
21bbc62217ef10a8249582a386bd8d6437456c5e523df8d4eb4defc0d9608cd6
perl-Git-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm
d3c28a8878d784b24b315936a3e51d832efcf22f9aa3ed525f9d746516f5ee4d
CLSA-2024:1725993966
expat: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2024-45491: Detect integer overflow in dtdCopy on 32-bit platforms
- CVE-2024-45492: Detect integer overflow in nextScaffoldPart on 32-bit platforms
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-45491: Detect integer overflow in dtdCopy on 32-bit platforms
- CVE-2024-45492: Detect integer overflow in nextScaffoldPart on 32-bit platforms
0
tuxcare-centos6-els
expat-2.0.1-13.el6_8.tuxcare.els5.i686.rpm
97dc48fcebf50806c8df115097934bc6cd8edc36139738c6050e8ed83ea2629f
expat-2.0.1-13.el6_8.tuxcare.els5.x86_64.rpm
5cbbb9d43c4ffa7859b46a955d8f86093aff516798ae5451d5f70fda68dc0333
expat-devel-2.0.1-13.el6_8.tuxcare.els5.i686.rpm
d7d5bb9887d5e15715eb50627d7773c012db0b3af3c0f54702ebbd0ffca99fd4
expat-devel-2.0.1-13.el6_8.tuxcare.els5.x86_64.rpm
833db325a2ac3e3628aff4278a53c89f44d266bc0cee027ecd1f10bbefcc0805
CLSA-2024:1726059935
java-1.8.0-openjdk: Fix of 6 CVEs
TuxCare License Agreement
0
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u422-b05. That fixes following CVEs:
- CVE-2024-21131: UTF8 size overflow
- CVE-2024-21138: Infinite loop vunlerability in SymbolTable
- CVE-2024-21140: Int overflow/underflow in Range Check Elimination (RCE)
- CVE-2024-21144: Invalid header validation leads to Pack200 excessive loading time
- CVE-2024-21145: Out-of-bounds access in MaskFill
- CVE-2024-21147: Out-of-bounds array index in Range Check Elimination (RCE)
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u422-b05. That fixes following CVEs:
- CVE-2024-21131: UTF8 size overflow
- CVE-2024-21138: Infinite loop vunlerability in SymbolTable
- CVE-2024-21140: Int overflow/underflow in Range Check Elimination (RCE)
- CVE-2024-21144: Invalid header validation leads to Pack200 excessive loading time
- CVE-2024-21145: Out-of-bounds access in MaskFill
- CVE-2024-21147: Out-of-bounds array index in Range Check Elimination (RCE)
0
tuxcare-centos6-els
java-1.8.0-openjdk-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm
dbd2a029835e0e8541b2599e261b3afaf45808d8dd4b15021fcc2d5b9954beb2
java-1.8.0-openjdk-debug-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm
661e48bb99fde5ed98ad1565e9085a9a037a04722026dd59190ab18a8d8285d0
java-1.8.0-openjdk-demo-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm
0e1c4e7d9acc2af2b298cf806bbbbc2b4801c47271a4fa92ecf86ffe266bda8e
java-1.8.0-openjdk-demo-debug-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm
8f23beaa93df926d4aff5f4fb3f69bd4606383844d92fef29c00ccc5cecf3b47
java-1.8.0-openjdk-devel-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm
268237a5cab92b29377fe10b82edf79e803d4db1e8c6ede38e680bf67d0f12f0
java-1.8.0-openjdk-devel-debug-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm
bb6f615fd84c3df4e1ffba4823e6cea9ffcb90e5323d5f82015033d1d0394063
java-1.8.0-openjdk-headless-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm
c98fceb0c9da28936f3de58c6450b56a4ce5a1bf9cc342d8562640620128301f
java-1.8.0-openjdk-headless-debug-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm
5db575cba9ce953d6084b88d86b92dd9ab8afaf14f9d653448d8e6da1a7526ce
java-1.8.0-openjdk-javadoc-1.8.0.422.b05-1.el6.tuxcare.els1.noarch.rpm
a4adf988aacae5d1e11b92c368136a260d461590b651cf3f765a819a3d0996ff
java-1.8.0-openjdk-javadoc-debug-1.8.0.422.b05-1.el6.tuxcare.els1.noarch.rpm
a06a6226cf4b09388166e258ff0fb51c31cf4dce72f4ea44d3b3874210466dbd
java-1.8.0-openjdk-src-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm
5f9404ed51cde3f0e13c67792868002d0d9406ba0261da19028f080f9f2994bd
java-1.8.0-openjdk-src-debug-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm
6d7d1ccd6bd4b9a3c1d2e04f0ef530e9699c3a8a5a283ddd5c16ca36619c8b36
CLSA-2024:1726655093
kernel: Fix of 8 CVEs
TuxCare License Agreement
0
- blktrace: fix dereference after null check {CVE-2019-19768}
- blktrace: Protect q->blk_trace with RCU {CVE-2019-19768}
- blktrace: fix unlocked access to init/start-stop/teardown
- blktrace: Fix potential deadlock between delete & sysfs ops
- net: fix out-of-bounds access in ops_init {CVE-2024-36883}
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue {CVE-2023-3611}
- scsi: pm8001: Fix use-after-free for aborted TMF sas_task {CVE-2022-48791}
- net: fix use-after-free in tw_timer_handler {CVE-2021-46936}
- ALSA: rawmidi: Fix racy buffer resize under concurrent accesses {CVE-2020-27786}
- ALSA: rawmidi: Fix race at copying & updating the position {CVE-2020-27786}
- tty: make FONTX ioctl use the tty pointer they were actually passed {CVE-2020-25668}
- vt: keyboard: avoid signed integer overflow in k_ascii {CVE-2020-13974}
- spec: make single build including noarch packages
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- blktrace: fix dereference after null check {CVE-2019-19768}
- blktrace: Protect q->blk_trace with RCU {CVE-2019-19768}
- blktrace: fix unlocked access to init/start-stop/teardown
- blktrace: Fix potential deadlock between delete & sysfs ops
- net: fix out-of-bounds access in ops_init {CVE-2024-36883}
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue {CVE-2023-3611}
- scsi: pm8001: Fix use-after-free for aborted TMF sas_task {CVE-2022-48791}
- net: fix use-after-free in tw_timer_handler {CVE-2021-46936}
- ALSA: rawmidi: Fix racy buffer resize under concurrent accesses {CVE-2020-27786}
- ALSA: rawmidi: Fix race at copying & updating the position {CVE-2020-27786}
- tty: make FONTX ioctl use the tty pointer they were actually passed {CVE-2020-25668}
- vt: keyboard: avoid signed integer overflow in k_ascii {CVE-2020-13974}
- spec: make single build including noarch packages
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm
82785370e8250341c4810ce8ee5c6e89ffb1231b80bf48f39a846e1e211c306f
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els17.noarch.rpm
e9130d407da009ee1c5818bf4305ae7f29461801eae01e85222d3a63ca28f4a6
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm
5c2e365fe964d3df4c64e0593c2311df4c703ab8d2a22e6c2d6a2ee38b41f1d3
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els17.i686.rpm
b6c35406eaf5aee35f9ba56e4c64217d77b54e7c73c9068bfe4222225620ee92
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm
a39f1f2dc385f2ae761fa89d7a157a6454c4c6decd648235872a6570d13cffb1
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm
cfad634c0a214b6418918c528511063caef6e4f462aa06f2d447e6ad2782b5c5
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els17.noarch.rpm
95e21d3d26cf2eb5c6616624a775a1f1e76d6462e3341eca9683e4544f1962a4
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els17.noarch.rpm
1615e84d105307447680602fcc442cafe97d9b5b105ebec7252add4055985eca
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm
00a78d0ab45353a2e19e59604a33908651ca410034b743518743780710aafc2b
perf-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm
f964450962f3f409f6b2ba427b605dc6db25bb36a950209b0d3d7dc49cb94997
python-perf-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm
670d105ddbca7de473685229d8cf538aa315836fa9ecfa99f3264eb1cf2eb1b1
CLSA-2024:1728071619
python: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess
CPU resources while parsing the cookie value
- CVE-2024-6232: fix regular expressions that allowed excessive
backtracking during tarfile.TarFile header parsing and was vulnerable to ReDoS
via specifically-crafted tar archives
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess
CPU resources while parsing the cookie value
- CVE-2024-6232: fix regular expressions that allowed excessive
backtracking during tarfile.TarFile header parsing and was vulnerable to ReDoS
via specifically-crafted tar archives
0
tuxcare-centos6-els
python-2.6.6-70.el6.tuxcare.els14.i686.rpm
8b5299b752231126b385db8fbc7537aa231623f10011c9d16937b15f217ae743
python-2.6.6-70.el6.tuxcare.els14.x86_64.rpm
4c30ec845925864a338f0a1304f0c0d236c2d395a40bef647d76444e880300fc
python-devel-2.6.6-70.el6.tuxcare.els14.i686.rpm
afa6ef783535921c137ac9ff263996370561149768feae46d913e15348ec8383
python-devel-2.6.6-70.el6.tuxcare.els14.x86_64.rpm
940ed0c6f2d6e85c7f37d4e968838060e0c72b17d8fa330073e81c8542f0fcbe
python-libs-2.6.6-70.el6.tuxcare.els14.i686.rpm
6bb39707edc4009aa3259fb178928d872fccdb9a56c318e48ddd1eee4f894384
python-libs-2.6.6-70.el6.tuxcare.els14.x86_64.rpm
bd4b0d2e717d50804feceaeb71011d2c89014ad29669ebd093fc59a8c47bc4ca
python-test-2.6.6-70.el6.tuxcare.els14.x86_64.rpm
4b4f6aa95e8d2573d70256e505489ea7e36c84e358f2fe0dcdabbf903035cb29
python-tools-2.6.6-70.el6.tuxcare.els14.x86_64.rpm
add52acfa2bf2c935049823a004862ecce27e97f01b4b77071f8d2d73434f6a2
tkinter-2.6.6-70.el6.tuxcare.els14.x86_64.rpm
0c94ebdbebb60e7ad73aeb7a881eb4e63cfcea71eb9b99c425941f05b2ded380
CLSA-2024:1728297376
kernel: Fix of 13 CVEs
TuxCare License Agreement
0
- btrfs: fix use-after-free after failure to create a snapshot {CVE-2022-48733}
- hwmon: (nct6775-core) Fix underflows seen when writing limit attributes {CVE-2024-46757}
- wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071}
- netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one {CVE-2023-39197}
- ipv6: prevent UAF in ip6_send_skb() {CVE-2024-44987}
- exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882}
- dm btree remove: fix use after free in rebalance_children() {CVE-2021-47600}
- isdn: cpai: check ctr->cnr to avoid array index out of bound {CVE-2021-4439}
- scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() {CVE-2021-47576}
- igbvf: fix double free in `igbvf_probe` {CVE-2021-47589}
- mISDN: Fix a use after free in hfcmulti_tx() {CVE-2024-42280}
- dev/parport: fix the array out-of-bounds risk {CVE-2024-42301}
- scsi: aacraid: Fix double-free on probe failure {CVE-2024-46673}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- btrfs: fix use-after-free after failure to create a snapshot {CVE-2022-48733}
- hwmon: (nct6775-core) Fix underflows seen when writing limit attributes {CVE-2024-46757}
- wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071}
- netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one {CVE-2023-39197}
- ipv6: prevent UAF in ip6_send_skb() {CVE-2024-44987}
- exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882}
- dm btree remove: fix use after free in rebalance_children() {CVE-2021-47600}
- isdn: cpai: check ctr->cnr to avoid array index out of bound {CVE-2021-4439}
- scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() {CVE-2021-47576}
- igbvf: fix double free in `igbvf_probe` {CVE-2021-47589}
- mISDN: Fix a use after free in hfcmulti_tx() {CVE-2024-42280}
- dev/parport: fix the array out-of-bounds risk {CVE-2024-42301}
- scsi: aacraid: Fix double-free on probe failure {CVE-2024-46673}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm
37a85496e412257ad1a3f15c33c15234ea7c53ff5da0cfe30389163f4b070086
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els18.noarch.rpm
02eb2aeb93b3adeb3c442871669a5ec3cd21b32b6d8d41d0a66802d6c4bfc473
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm
ce188a41311735cf0d08e3ae3face131138782e552b026e10bc88e7731d7c7d2
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els18.i686.rpm
4cb94954bc8d43f39aead4071b37204a2bb1bab1218e60d9ae603d056882af91
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm
21099d59a3c0c68dd02b80acad2d1d351a43a198ee8f6ad575860f584c83c35a
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm
dfc846c350542b4669fe114ee09f5cfc879627a8ffdc3f43663d3b44023f95de
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els18.noarch.rpm
45c8c3355cc32f957326ad15db5e99353d4f53953f9251909a701e7eeac2fca2
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els18.noarch.rpm
470b1601030915d36c4b1091336cc4f45551a94063b3eef2a9c54cb949eddcac
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm
76de49cd87576953ecc89c15a36c86f9f9401dbacb566e98a3b34083b807aaa1
perf-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm
aae7d55a89a14c07523a88ae4cb660f9a902f4ee8e478868553f382c147154b3
python-perf-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm
0775729dac059f27ee1d07d4b086905013f343cb2a818712f8c8e71b97ecd152
CLSA-2024:1728582568
microcode_ctl: Fix of CVE-2023-31315
TuxCare License Agreement
0
- Update Intel CPU microcode to 20240813:
- Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000390;
- Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x35;
- Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x433;
- Addition of cpuid:A06A4/0xe6 microcode (in microcode.dat) at revision 0x1e;
- Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x4121;
- Addition of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) at
revision 0x4121;
- Addition of cpuid:B06A8/0xe0 microcode (in microcode.dat) at revision
0x4121;
- Addition of cpuid:C06F1/0x87 microcode (in microcode.dat) at revision
0x21000230;
- Addition of cpuid:C06F2/0x87 microcode (in microcode.dat) at revision
0x21000230;
- Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision
0x2c000290;
- Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at
revision 0x2c000290;
- Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision
0x2c000290;
- Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000290;
- Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x32;
- Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x430;
- Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x411c;
- Update of cpuid:50653/0x97 (SKX-SP B1) microcode (in microcode.dat) from
revision 0x1000181 up to 0x1000191;
- Update of cpuid:50656/0xbf (CLX-SP B0) microcode (in microcode.dat) from
revision 0x4003604 up to 0x4003605;
- Update of cpuid:50657/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat)
from revision 0x5003604 up to 0x5003707;
- Update of cpuid:5065B/0xbf (CPX-SP A1) microcode (in microcode.dat) from
revision 0x7002703 up to 0x7002904;
- Update of cpuid:50665/0x10 (BDX-NS A0/A1, HWL A1) microcode (in
microcode.dat) from revision 0xe000014 up to 0xe000015;
- Update of cpuid:506F1/0x01 (DNV B0) microcode (in microcode.dat) from
revision 0x38 up to 0x3e;
- Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from
revision 0xd0003b9 up to 0xd0003e7;
- Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from
revision 0x1000268 up to 0x10002b0;
- Update of cpuid:706A1/0x01 (GLK B0) microcode (in microcode.dat) from
revision 0x3e up to 0x42;
- Update of cpuid:706A8/0x01 (GLK-R R0) microcode (in microcode.dat) from
revision 0x22 up to 0x24;
- Update of cpuid:706E5/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from
revision 0xc2 up to 0xc6;
- Update of cpuid:806C1/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat)
from revision 0xb4 up to 0xb8;
- Update of cpuid:806C2/0xc2 (TGL-R C0) microcode (in microcode.dat) from
revision 0x34 up to 0x38;
- Update of cpuid:806D1/0xc2 (TGL-H R0) microcode (in microcode.dat) from
revision 0x4e up to 0x52;
- Update of cpuid:806E9/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from
revision 0xf4 up to 0xf6;
- Update of cpuid:806E9/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
microcode.dat) from revision 0xf4 up to 0xf6;
- Update of cpuid:806EA/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
microcode.dat) from revision 0xf4 up to 0xf6;
- Update of cpuid:806EB/0xd0 (WHL-U W0) microcode (in microcode.dat) from
revision 0xf4 up to 0xf6;
- Update of cpuid:806EC/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode
(in microcode.dat) from revision 0xf8 up to 0xfc;
- Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision
0x2c000290 up to 0x2c000390;
- Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from
revision 0x2c000290 up to 0x2c000390;
- Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision
0x2c000290 up to 0x2c000390;
- Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:90661/0x01 (EHL B1) microcode (in microcode.dat) from
revision 0x17 up to 0x1a;
- Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from
revision 0x32 up to 0x35;
- Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from
revision 0x5 up to 0x7;
- Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from
revision 0x430 up to 0x433;
- Update of cpuid:906C0/0x01 (JSL A0/A1) microcode (in microcode.dat) from
revision 0x24000024 up to 0x24000026;
- Update of cpuid:906E9/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
microcode.dat) from revision 0xf4 up to 0xf8;
- Update of cpuid:906EA/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat)
from revision 0xf4 up to 0xf8;
- Update of cpuid:906EB/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from
revision 0xf4 up to 0xf6;
- Update of cpuid:906EC/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat)
from revision 0xf4 up to 0xf8;
- Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat)
from revision 0xfa up to 0x100;
- Update of cpuid:A0652/0x20 (CML-H R1) microcode (in microcode.dat) from
revision 0xf8 up to 0xfc;
- Update of cpuid:A0653/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from
revision 0xf8 up to 0xfa;
- Update of cpuid:A0655/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat)
from revision 0xf8 up to 0xfc;
- Update of cpuid:A0660/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from
revision 0xf8 up to 0xfe;
- Update of cpuid:A0661/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat)
from revision 0xf8 up to 0xfc;
- Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from
revision 0x5d up to 0x62;
- Update of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) from
revision 0x11d up to 0x123;
- Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from
revision 0x411c up to 0x4121;
- Update of cpuid:B06E0/0x11 (ADL-N A0) microcode (in microcode.dat) from
revision 0x12 up to 0x17;
- Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x32 up to 0x35;
- Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x32 up to 0x35;
- Update AMD CPU microcode to 2024-08-11 addresses CVE-2023-31315 (AMD-SB-7014):
- Update AMD CPU microcode for processor family 0x19:
cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A10F12(ver:0x0A101248),
cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00A00F12(ver:0x0A001238),
cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A00F11(ver:0x0A0011D5);
- Update AMD CPU microcode for processor family 0x17:
cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00830F10(ver:0x0830107C);
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update Intel CPU microcode to 20240813:
- Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000390;
- Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x35;
- Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x433;
- Addition of cpuid:A06A4/0xe6 microcode (in microcode.dat) at revision 0x1e;
- Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x4121;
- Addition of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) at
revision 0x4121;
- Addition of cpuid:B06A8/0xe0 microcode (in microcode.dat) at revision
0x4121;
- Addition of cpuid:C06F1/0x87 microcode (in microcode.dat) at revision
0x21000230;
- Addition of cpuid:C06F2/0x87 microcode (in microcode.dat) at revision
0x21000230;
- Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision
0x2c000290;
- Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at
revision 0x2c000290;
- Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision
0x2c000290;
- Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000290;
- Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x32;
- Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x430;
- Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x411c;
- Update of cpuid:50653/0x97 (SKX-SP B1) microcode (in microcode.dat) from
revision 0x1000181 up to 0x1000191;
- Update of cpuid:50656/0xbf (CLX-SP B0) microcode (in microcode.dat) from
revision 0x4003604 up to 0x4003605;
- Update of cpuid:50657/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat)
from revision 0x5003604 up to 0x5003707;
- Update of cpuid:5065B/0xbf (CPX-SP A1) microcode (in microcode.dat) from
revision 0x7002703 up to 0x7002904;
- Update of cpuid:50665/0x10 (BDX-NS A0/A1, HWL A1) microcode (in
microcode.dat) from revision 0xe000014 up to 0xe000015;
- Update of cpuid:506F1/0x01 (DNV B0) microcode (in microcode.dat) from
revision 0x38 up to 0x3e;
- Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from
revision 0xd0003b9 up to 0xd0003e7;
- Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from
revision 0x1000268 up to 0x10002b0;
- Update of cpuid:706A1/0x01 (GLK B0) microcode (in microcode.dat) from
revision 0x3e up to 0x42;
- Update of cpuid:706A8/0x01 (GLK-R R0) microcode (in microcode.dat) from
revision 0x22 up to 0x24;
- Update of cpuid:706E5/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from
revision 0xc2 up to 0xc6;
- Update of cpuid:806C1/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat)
from revision 0xb4 up to 0xb8;
- Update of cpuid:806C2/0xc2 (TGL-R C0) microcode (in microcode.dat) from
revision 0x34 up to 0x38;
- Update of cpuid:806D1/0xc2 (TGL-H R0) microcode (in microcode.dat) from
revision 0x4e up to 0x52;
- Update of cpuid:806E9/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from
revision 0xf4 up to 0xf6;
- Update of cpuid:806E9/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
microcode.dat) from revision 0xf4 up to 0xf6;
- Update of cpuid:806EA/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
microcode.dat) from revision 0xf4 up to 0xf6;
- Update of cpuid:806EB/0xd0 (WHL-U W0) microcode (in microcode.dat) from
revision 0xf4 up to 0xf6;
- Update of cpuid:806EC/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode
(in microcode.dat) from revision 0xf8 up to 0xfc;
- Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision
0x2c000290 up to 0x2c000390;
- Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from
revision 0x2c000290 up to 0x2c000390;
- Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision
0x2c000290 up to 0x2c000390;
- Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from
revision 0x2b0004d0 up to 0x2b0005c0;
- Update of cpuid:90661/0x01 (EHL B1) microcode (in microcode.dat) from
revision 0x17 up to 0x1a;
- Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from
revision 0x32 up to 0x35;
- Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from
revision 0x5 up to 0x7;
- Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from
revision 0x430 up to 0x433;
- Update of cpuid:906C0/0x01 (JSL A0/A1) microcode (in microcode.dat) from
revision 0x24000024 up to 0x24000026;
- Update of cpuid:906E9/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
microcode.dat) from revision 0xf4 up to 0xf8;
- Update of cpuid:906EA/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat)
from revision 0xf4 up to 0xf8;
- Update of cpuid:906EB/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from
revision 0xf4 up to 0xf6;
- Update of cpuid:906EC/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat)
from revision 0xf4 up to 0xf8;
- Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat)
from revision 0xfa up to 0x100;
- Update of cpuid:A0652/0x20 (CML-H R1) microcode (in microcode.dat) from
revision 0xf8 up to 0xfc;
- Update of cpuid:A0653/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from
revision 0xf8 up to 0xfa;
- Update of cpuid:A0655/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat)
from revision 0xf8 up to 0xfc;
- Update of cpuid:A0660/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from
revision 0xf8 up to 0xfe;
- Update of cpuid:A0661/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat)
from revision 0xf8 up to 0xfc;
- Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from
revision 0x5d up to 0x62;
- Update of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) from
revision 0x11d up to 0x123;
- Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from
revision 0x411c up to 0x4121;
- Update of cpuid:B06E0/0x11 (ADL-N A0) microcode (in microcode.dat) from
revision 0x12 up to 0x17;
- Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x32 up to 0x35;
- Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x32 up to 0x35;
- Update AMD CPU microcode to 2024-08-11 addresses CVE-2023-31315 (AMD-SB-7014):
- Update AMD CPU microcode for processor family 0x19:
cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A10F12(ver:0x0A101248),
cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00A00F12(ver:0x0A001238),
cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A00F11(ver:0x0A0011D5);
- Update AMD CPU microcode for processor family 0x17:
cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00830F10(ver:0x0830107C);
0
tuxcare-centos6-els
microcode_ctl-1.17-33.42.el6_10.tuxcare.els1.x86_64.rpm
f38ec30ba11b3d6f814e5335358246cebf18433d9e7c9dec16eadbb4b33121d5
CLSA-2024:1729628500
php: Fix of CVE-2024-8927
TuxCare License Agreement
0
- CVE-2024-8927: Fix bypass of cgi.force_redirect configuration
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-8927: Fix bypass of cgi.force_redirect configuration
0
tuxcare-centos6-els
php-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
41878432c6f9f0322c4d8d1122d14710e4893716033559bcf5ad4d79638a67f4
php-bcmath-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
6748df17c513829d7a8ba75b45e225aa2ed6e7b9b89b8a2d869e5dac3498c58a
php-cli-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
cf1812875621dbc917737a7f0aef5712a43d4775f9c467dd01c5beec4abdd268
php-common-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
7084a6ca3cf511f002c704e9806df5c189d0045e3b9ec64f9608dc2c6797f86c
php-dba-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
f3ef06944912d36b34e8427d06663649879552e20c526672b7bb95d9d6cf6656
php-devel-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
be7f40597916e8a5448ce0cc24c7e13d66e643fd455d05dfe3807d0534a6dc01
php-embedded-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
06019902f54b1c954f4c0a71bf37b35c842759e133fd9e009322bc63e12ddd93
php-enchant-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
80fc19921d6b6009ccaed8721422f0b50d893d9d5b77ea536e27a7adfb8de7d8
php-fpm-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
dc80f548084d5c367118b44fc77a49e350a1d5f8a04ce589a8826de40c8acdc5
php-gd-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
ab57ad119ef992fe0aeef4de38ac316e923b1fb9ed68f01374ab0db158f5ae4c
php-imap-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
3fcbd2df1a9e4d781f97903af9034d1cbee4b222e17891d863ee5500425a97f8
php-intl-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
ba1df580c876b02d98cf36c97672562e301dd97f48f5586928935e3b4b5a5f25
php-ldap-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
6db12d334a97d33336fd08ed331c7eb9dbbd627651acee2f5f1ce363717a606c
php-mbstring-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
c4011f12d169ee32ef6cd78ad66d94e28803b204b5af23aabac5f05f9b65945e
php-mysql-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
1a94b1c7a670dbcfb24a1a4053030c786620328858c09a6a3823268a536cd42c
php-odbc-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
1d51ca38bac51c5267ada9f9f6d8dced93e70830b0ff02cc2be474f03decd8e5
php-pdo-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
b38f83ac7001de60dc8df1cf7e49a83582be9707ca69a254a5f88870ca961835
php-pgsql-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
eb0dc06f67edd6241e6ed800b066313129f9eff4d498c03c271864222797ae70
php-process-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
919042aaba1e6b0d7f28393bf9abea41aff0ce407d94d3af82caa55bc326935a
php-pspell-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
c8812b2439cde6ce0f49c916a4d2b13ea9d9432725dc37acb28a33cc649d2881
php-recode-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
a0062fef27533e4644db478161c45735dfb49af20b54e225e86b717fb724a3ae
php-snmp-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
f3e2fd3e72679fe44a16734429482205fc8f3cfff4ca59b17ffd3a6bbd04f2b7
php-soap-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
d2f9e480ad5ac3ae4b70addfcc3c372b57bc46b849cd07285812d52c142b0646
php-tidy-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
496ac1b0159fac1e49ed61b9353fdaef37f43df42477ed903677a58ee85d1e52
php-xml-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
e6e1757d5d685b3442e14287c39ece3f93610da6b7df254fe48f3dfd127a1512
php-xmlrpc-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
0595541ad8f17acc7bb24bc43eba698ebe3621f24d0f3c2c5154dbf0e4cbe015
php-zts-5.3.3-55.el6.tuxcare.els8.x86_64.rpm
b95721f829210a658e97558529727da39640fb33f1cd0d733a4b6bec9ddf3fa0
CLSA-2024:1730139582
php: Fix of CVE-2024-8925
TuxCare License Agreement
0
- CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data
boundaries larger than the read buffer
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data
boundaries larger than the read buffer
0
tuxcare-centos6-els
php-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
433a12f7491fc132261da1c435271c8bc1b03f41d487f0e01e6f3d7984434b4d
php-bcmath-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
8238915c7e5aceea3a583b65722c93a6e0197b8eadad40f3a4cc56c9f122bf39
php-cli-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
c390c71257442a2ac78d2da1767c07178b4f33276b8c964f8c16107259ff3fb0
php-common-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
dc7f9a91645f0507940f65febebd0a7b773e0c41233e94317f1a52dbd4584f4d
php-dba-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
8be6d44fe1f1bebcf296b801bc39e1745c44f23668cb7893c29d28eea5e3b800
php-devel-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
b581a7130391a0bcf2f4ba20a54e030c562884760deb685733dd6e6268aa095b
php-embedded-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
634768e0bb099e3cf953f00b7f913907044d468199140cf6341ae6553b74ed25
php-enchant-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
8439641c525ba1f063c27cc2f99c121f32eeb0785fd20efd4f5f7b0892fa4ab1
php-fpm-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
1849d6ef7c61af3d8dbc72ec6b8434d0aad52b86d3e094bf7d7c866461bbc83d
php-gd-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
50ad22b0e30cef038573f2458280d063f9780061a473a67a15f817a03169853d
php-imap-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
10c466fd8082a6a023395c65d9c9a50f1c8753640059007d70960fa0986cd771
php-intl-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
62cd256f4160b91b190eb57379aeda008db30fd6ecfcd286021faf6714f2c2d8
php-ldap-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
a9e888e30554abb0941c8981c0baac291c3a3d30a05b291123ea1bb82b452f4e
php-mbstring-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
9582c687bebb735d95e1646c09859fb1bb1a9017513043f676365f7762912a37
php-mysql-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
f5cbb183133ac4c7c5b8b347da32dbfd158547064328fbab1d1ae34ffcbab64e
php-odbc-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
bef51611482ec40aeac0681fd800fa9c2a73affb0885351fc387f73432047d22
php-pdo-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
c93e74c011898d1fe67aa7f9d7cb67c443d63946dcc59232ce34692cd47b3b07
php-pgsql-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
9f85320f95a668531547f6f4dfcf96fa7a390ffd227ef44c3e4b64404352d2c3
php-process-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
561b6d502cfc2c175d71674db7fbb3d8fb722c08c1e51b4b55cc503ee820e155
php-pspell-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
25c03ee5a6bbc3c0e82ab39a00e48d6460caa968e35b9052097fdea6232bd988
php-recode-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
758712e2902e4f92bcc0f2822c000f3b17cf4ec4fc326f84d76867cd4e0b1774
php-snmp-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
33b24e15f0126f2e77167122df6213e09e28b60b6c4eb4df88fbc690f356dec3
php-soap-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
e5852573f218a51ef0de6645e5ea124aca710c94d7cb7625c6cefc44ed7ca0ef
php-tidy-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
0128dd18db47a4dca8d737ee9836feacbef1fab371cdd9870af34d729e4f8b5e
php-xml-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
eca6a5d1f697b2429a6fc1503d71a69bce8a4a7cd07cf8cc0e82bcb6eebb3eea
php-xmlrpc-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
f12d0d323232d01bdfc00f54a17ad260d2cb629282c9a35b4a06753e8ac9c7d3
php-zts-5.3.3-55.el6.tuxcare.els9.x86_64.rpm
1fc96232bb3653a75391435867146e8e6ae65e27b4131f28649010b30509a49f
CLSA-2024:1730910207
Update of ca-certificates
TuxCare License Agreement
0
- update to CKBI 2.69 from NSS 3.103
- updated certificates:
- # Certificate "GLOBALTRUST 2020"
- # Certificate "OISTE WISeKey Global Root GC CA"
- removed certificates:
- # Certificate "Security Communication Root CA"
- # Certificate "Camerfirma Chambers of Commerce Root"
- # Certificate "Chambers of Commerce Root - 2008"
- # Certificate "Global Chambersign Root - 2008"
- # Certificate "E-Tugra Global Root CA RSA v3"
- # Certificate "E-Tugra Global Root CA ECC v3"
- added certificates:
- # Certificate "D-Trust SBR Root CA 1 2022"
- # Certificate "D-Trust SBR Root CA 2 2022"
- # Certificate "Telekom Security SMIME ECC Root 2021"
- # Certificate "Telekom Security TLS ECC Root 2020"
- # Certificate "Telekom Security SMIME RSA Root 2023"
- # Certificate "Telekom Security TLS RSA Root 2023"
- # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB"
- remove duplicated certificate record:
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- update to CKBI 2.69 from NSS 3.103
- updated certificates:
- # Certificate "GLOBALTRUST 2020"
- # Certificate "OISTE WISeKey Global Root GC CA"
- removed certificates:
- # Certificate "Security Communication Root CA"
- # Certificate "Camerfirma Chambers of Commerce Root"
- # Certificate "Chambers of Commerce Root - 2008"
- # Certificate "Global Chambersign Root - 2008"
- # Certificate "E-Tugra Global Root CA RSA v3"
- # Certificate "E-Tugra Global Root CA ECC v3"
- added certificates:
- # Certificate "D-Trust SBR Root CA 1 2022"
- # Certificate "D-Trust SBR Root CA 2 2022"
- # Certificate "Telekom Security SMIME ECC Root 2021"
- # Certificate "Telekom Security TLS ECC Root 2020"
- # Certificate "Telekom Security SMIME RSA Root 2023"
- # Certificate "Telekom Security TLS RSA Root 2023"
- # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB"
- remove duplicated certificate record:
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
0
tuxcare-centos6-els
ca-certificates-2024.2.69-60.1.el6.tuxcare.els1.noarch.rpm
3f9d9c94acfc0005e9b859a358c8a32ad6b4744bf88cb4f2bbc6a8c4086b3adb
CLSA-2024:1730910356
Update of nss
TuxCare License Agreement
0
- update to CKBI 2.69 from NSS 3.103
- updated certificates:
- # Certificate "OISTE WISeKey Global Root GC CA"
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
- removed certificates:
- # Certificate "Security Communication Root CA"
- # Certificate "Camerfirma Chambers of Commerce Root"
- # Certificate "Hongkong Post Root CA 1"
- # Certificate "Chambers of Commerce Root - 2008"
- # Certificate "Global Chambersign Root - 2008"
- # Certificate "E-Tugra Certification Authority"
- # Certificate "TrustCor RootCert CA-1"
- # Certificate "TrustCor RootCert CA-2"
- # Certificate "TrustCor ECA-1"
- # Certificate "E-Tugra Global Root CA RSA v3"
- # Certificate "E-Tugra Global Root CA ECC v3"
- added certificates:
- # Certificate "LAWtrust Root CA2 (4096)"
- # Certificate "Sectigo Public Email Protection Root E46"
- # Certificate "Sectigo Public Email Protection Root R46"
- # Certificate "Sectigo Public Server Authentication Root E46"
- # Certificate "Sectigo Public Server Authentication Root R46"
- # Certificate "SSL.com TLS RSA Root CA 2022"
- # Certificate "SSL.com TLS ECC Root CA 2022"
- # Certificate "SSL.com Client ECC Root CA 2022"
- # Certificate "SSL.com Client RSA Root CA 2022"
- # Certificate "Atos TrustedRoot Root CA ECC G2 2020"
- # Certificate "Atos TrustedRoot Root CA RSA G2 2020"
- # Certificate "Atos TrustedRoot Root CA ECC TLS 2021"
- # Certificate "Atos TrustedRoot Root CA RSA TLS 2021"
- # Certificate "TrustAsia Global Root CA G3"
- # Certificate "TrustAsia Global Root CA G4"
- # Certificate "CommScope Public Trust ECC Root-01"
- # Certificate "CommScope Public Trust ECC Root-02"
- # Certificate "CommScope Public Trust RSA Root-01"
- # Certificate "CommScope Public Trust RSA Root-02"
- # Certificate "D-Trust SBR Root CA 1 2022"
- # Certificate "D-Trust SBR Root CA 2 2022"
- # Certificate "Telekom Security SMIME ECC Root 2021"
- # Certificate "Telekom Security TLS ECC Root 2020"
- # Certificate "Telekom Security SMIME RSA Root 2023"
- # Certificate "Telekom Security TLS RSA Root 2023"
- # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB"
- remove duplicated certificate record:
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- update to CKBI 2.69 from NSS 3.103
- updated certificates:
- # Certificate "OISTE WISeKey Global Root GC CA"
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
- removed certificates:
- # Certificate "Security Communication Root CA"
- # Certificate "Camerfirma Chambers of Commerce Root"
- # Certificate "Hongkong Post Root CA 1"
- # Certificate "Chambers of Commerce Root - 2008"
- # Certificate "Global Chambersign Root - 2008"
- # Certificate "E-Tugra Certification Authority"
- # Certificate "TrustCor RootCert CA-1"
- # Certificate "TrustCor RootCert CA-2"
- # Certificate "TrustCor ECA-1"
- # Certificate "E-Tugra Global Root CA RSA v3"
- # Certificate "E-Tugra Global Root CA ECC v3"
- added certificates:
- # Certificate "LAWtrust Root CA2 (4096)"
- # Certificate "Sectigo Public Email Protection Root E46"
- # Certificate "Sectigo Public Email Protection Root R46"
- # Certificate "Sectigo Public Server Authentication Root E46"
- # Certificate "Sectigo Public Server Authentication Root R46"
- # Certificate "SSL.com TLS RSA Root CA 2022"
- # Certificate "SSL.com TLS ECC Root CA 2022"
- # Certificate "SSL.com Client ECC Root CA 2022"
- # Certificate "SSL.com Client RSA Root CA 2022"
- # Certificate "Atos TrustedRoot Root CA ECC G2 2020"
- # Certificate "Atos TrustedRoot Root CA RSA G2 2020"
- # Certificate "Atos TrustedRoot Root CA ECC TLS 2021"
- # Certificate "Atos TrustedRoot Root CA RSA TLS 2021"
- # Certificate "TrustAsia Global Root CA G3"
- # Certificate "TrustAsia Global Root CA G4"
- # Certificate "CommScope Public Trust ECC Root-01"
- # Certificate "CommScope Public Trust ECC Root-02"
- # Certificate "CommScope Public Trust RSA Root-01"
- # Certificate "CommScope Public Trust RSA Root-02"
- # Certificate "D-Trust SBR Root CA 1 2022"
- # Certificate "D-Trust SBR Root CA 2 2022"
- # Certificate "Telekom Security SMIME ECC Root 2021"
- # Certificate "Telekom Security TLS ECC Root 2020"
- # Certificate "Telekom Security SMIME RSA Root 2023"
- # Certificate "Telekom Security TLS RSA Root 2023"
- # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB"
- remove duplicated certificate record:
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
0
tuxcare-centos6-els
nss-3.44.0-12.el6.tuxcare.els6.i686.rpm
65c97029c4727704573d1a6d27cb8499d09da18b780d50b98b36fb82597a6b59
nss-3.44.0-12.el6.tuxcare.els6.x86_64.rpm
a18b6b214174d43acd951c8cf3ecce1276e7f44a498046b77318e658eb4e03ed
nss-devel-3.44.0-12.el6.tuxcare.els6.i686.rpm
b4487add8375f904bebb2d90384e57cf99fb1acf14eb6b71e5be43548518d6c7
nss-devel-3.44.0-12.el6.tuxcare.els6.x86_64.rpm
558b26dc7cdfe117b8d2b94d061dccad53b2c2c666b1b71a77eaf267663594bf
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els6.i686.rpm
cb8b19889c91b99fa8ae2aa0a9f1f70b62983cad9ebbe23ef5e2b92a60d141f5
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els6.x86_64.rpm
293628a1abaa84c3ea399200367fce05298f82fd89cb2192da4d5188ed8baed6
nss-sysinit-3.44.0-12.el6.tuxcare.els6.x86_64.rpm
c29ea1d13ca5734db7173d36cd9a7a58929069449ce25ea44ba3e8df6cc37cb5
nss-tools-3.44.0-12.el6.tuxcare.els6.x86_64.rpm
3071dbef40d1721a5a29cf5196f759821cf7fff9794a05f70dd98bd92238cb4a
CLSA-2024:1731956848
ImageMagick: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2020-27751: fix shift exponent that is too large for 64-bit type at
magick/quantum-export.c
- CVE-2020-27757: fix outside the range of representable values of type
'unsigned long long' bug at magick/quantum-private.h
- CVE-2020-27768: fix outside the range of representable values of type
'unsigned int' at magick/quantum-private.h
Low
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-27751: fix shift exponent that is too large for 64-bit type at
magick/quantum-export.c
- CVE-2020-27757: fix outside the range of representable values of type
'unsigned long long' bug at magick/quantum-private.h
- CVE-2020-27768: fix outside the range of representable values of type
'unsigned int' at magick/quantum-private.h
0
tuxcare-centos6-els
ImageMagick-6.7.2.7-7.el6.tuxcare.els1.i686.rpm
79f857333547ce1b5039d9d2da4b0b39c1bef212896395422050b5c995fcb5f9
ImageMagick-6.7.2.7-7.el6.tuxcare.els1.x86_64.rpm
c22b003eb7de064bcfff61f691ebb69da85bf5c87db5277f57e0708ef2d40f53
ImageMagick-c++-6.7.2.7-7.el6.tuxcare.els1.i686.rpm
c14441fbb560ca53e28916b287f170c07d801806c461f7b4bfa8091a9c5b2a2d
ImageMagick-c++-6.7.2.7-7.el6.tuxcare.els1.x86_64.rpm
dd5187ee284514916a97da38ddc57aeacc1ce59245aff51c46559cd57263fed5
ImageMagick-c++-devel-6.7.2.7-7.el6.tuxcare.els1.i686.rpm
3d8be22a3be22d128a93282b9ea20d378952cce237518614123e5e4c878fe76a
ImageMagick-c++-devel-6.7.2.7-7.el6.tuxcare.els1.x86_64.rpm
10da94f3b988ce5dc0af87dfa986ecda21b0b5438e83fcc29c9158a65cacdc07
ImageMagick-devel-6.7.2.7-7.el6.tuxcare.els1.i686.rpm
d5fde2adb2d5cc049e1fd1642ee12c82b17879bda772893ab7b40b31db33ecd7
ImageMagick-devel-6.7.2.7-7.el6.tuxcare.els1.x86_64.rpm
a7416165e1bea0cd4ec6be1cc56001f5275e2659a9ab9697cefd84acdfaa6fe4
ImageMagick-doc-6.7.2.7-7.el6.tuxcare.els1.x86_64.rpm
26a8a87ea39979ffc5a0ed910097a01f9c880ab323117322df16ce6e58a2f4bc
ImageMagick-perl-6.7.2.7-7.el6.tuxcare.els1.x86_64.rpm
8f77fb9c971283f2a0f5056e830b182028a35e0bac7f99a4289485ff74ac504d
CLSA-2024:1732702350
squid: Fix of CVE-2024-45802
TuxCare License Agreement
0
- CVE-2024-45802: disable ESI
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-45802: disable ESI
0
tuxcare-centos6-els
squid-3.1.23-30.el6.tuxcare.els13.x86_64.rpm
fc9133515ffb59f4d13553bd7d6155c50a023ca733b43553525eb49c819f8840
CLSA-2024:1732702216
squid34: Fix of CVE-2024-45802
TuxCare License Agreement
0
- CVE-2024-45802: disable ESI
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-45802: disable ESI
0
tuxcare-centos6-els
squid34-3.4.14-16.el6.tuxcare.els8.x86_64.rpm
062b0361e943c5c2afd9d2f1fcce035ccd9854c25142b8517d91ef0f79c274f1
CLSA-2024:1733158910
kernel: Fix of 6 CVEs
TuxCare License Agreement
0
- hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails {CVE-2022-49029}
- ppp: fix ppp_async_encode() illegal access {CVE-2024-50035}
- ext4: no need to continue when the number of entries is 1 {CVE-2024-49967}
- net/packet: fix slab-out-of-bounds access in packet_recvmsg() {CVE-2022-20368}
- packet: in recvmsg msg_name return at least sizeof sockaddr_ll {CVE-2022-20368}
- ath9k: fix use-after-free in ath9k_hif_usb_rx_cb {CVE-2022-1679}
- Squashfs: sanity check symbolic link size {CVE-2024-46744}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails {CVE-2022-49029}
- ppp: fix ppp_async_encode() illegal access {CVE-2024-50035}
- ext4: no need to continue when the number of entries is 1 {CVE-2024-49967}
- net/packet: fix slab-out-of-bounds access in packet_recvmsg() {CVE-2022-20368}
- packet: in recvmsg msg_name return at least sizeof sockaddr_ll {CVE-2022-20368}
- ath9k: fix use-after-free in ath9k_hif_usb_rx_cb {CVE-2022-1679}
- Squashfs: sanity check symbolic link size {CVE-2024-46744}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm
e7dc39db9e898fa1a8e0d2227759eac5f19285e6a67144bbc3693195cc16c5f1
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els19.noarch.rpm
f286b6d2e2429e35260f65efb3e14066b185b4121665e61c6117311cfd511833
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm
0cfdee392d06bb87efc8825682214b362523c94979fe0a0ed0d4c936b443fe61
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els19.i686.rpm
f1b2c01ef6e40a59bc937edf4f955abb03f68b682ebefc886034dc19eca4f1a7
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm
4a3e083cf95a048cd446b01995505283598c29351e2e0ca73795570248f31312
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm
a06d92a6a07d743429a0d3944fde51fcd12f0376784f816aa061692952e274d1
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els19.noarch.rpm
c0d56808326c49ec5986bf7654c56f5d417e5b5f0371ad8a337a5e75d0e4c524
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els19.noarch.rpm
bf2c5343d2388affb77180fb2c0e44e77d788c4431de08dcd25e352bb01557ae
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm
e3f9e23ae2fb1675d7b3cb2f277f99f5b8a0585ee6ed7d456c157d7d1ee0e5e6
perf-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm
83e900ed165e832d6985cddaefb9134232c22f5716a3d011a1bba495235f8588
python-perf-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm
34b53b4a84b2cc742e3afccb4e4611b778ee471cc00c3ba5b195bc4eb5f925bd
CLSA-2024:1733421975
php: Fix of CVE-2024-11233
TuxCare License Agreement
0
- CVE-2024-11233: fix single byte overread with convert.quoted-printable-decode filter
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-11233: fix single byte overread with convert.quoted-printable-decode filter
0
tuxcare-centos6-els
php-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
ab5356daa432ff2ad37070f8871410b358a5d949a528dbee79642f2bb7883906
php-bcmath-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
9695120d93b2428efd1fa0b971c1d703c8ac5f85655074ef4032541854aacaf8
php-cli-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
20be851217162a6531b83ff99dc1fa48ffea7cb80d343074b00ac7388fc066f9
php-common-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
82f2fe76b617f922ff1a3637b730fc4aaa2598a2e896628eb7d8c2306cd96122
php-dba-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
ce7bf5542b6ef2701d4b5ec38bc70a4632b6f3dbb642a004d73c9373dae203ee
php-devel-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
e0ac432bb73345f971864260eb19846da59c648d62f907b1e05e0b028b0c10c6
php-embedded-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
cc6117936fb7511edf5f8c40fc6f2715b113286160d407e8cdf0444dd834b8fa
php-enchant-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
ffb13483934ac817e625abdf7cf38784fa23c083cc10bac382e93ed726fcecf5
php-fpm-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
2649389b0bf799746dcc6bf4a1dcb697f43167363d001c5229f2b95a3a2e5a80
php-gd-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
09b1638cc1beec3685961734535b25ce608dcf73c1024dd7467bf4aabed16df9
php-imap-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
5c0c34fc252e7a03cb1293d5a2e8b94edb572f3749073cd7fd4c48a1ebdc4a23
php-intl-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
974375e6a3a51545101ebd5185994703ac6d73877ccec02b4c899bdec3772100
php-ldap-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
f0bfc2b7757ba45020129c0ec7c57a9a5f4675c942768a687196e3f893ae73fb
php-mbstring-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
556edeebc23472e8b4b40b06626fc4e1920f2ae8a73557ef85f2ec12bfa04d57
php-mysql-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
9c4f275664c44529738ed769236d563e6eb5ade6a8ac7ee08b4e8da0179cd8ff
php-odbc-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
510c853217067a2d39c38d4e5517239f439fb5dec33ade4df40dc67fac8bfdc3
php-pdo-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
a4b3a048adb9368f280d22f293513f76c20a7f45b1d14dac3492d47455f239d6
php-pgsql-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
7a619ee5ed548dea39280dd95a38a3aa85b5415e3cb73ca39610ed3c230c124f
php-process-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
c5240013c15a8d61b2c2f85dcd9b7e9568596f1119e71dba436be5e92742886c
php-pspell-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
a0363e71215d523c1c81de85ce4dfe0e060cdff880d8b76418f1c0fdbb8013ad
php-recode-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
f420f306a3435adc0c3b081f290387ba28935b41d2426af7d94db7d271621484
php-snmp-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
b6d1f385daa25200b73f6d059eeb09f063ce1a32022872529c558a52fc124366
php-soap-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
ada8083209746e6a97ad505203006206f386f7bd1c603f7ffa47d85d158cfa47
php-tidy-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
32571b941d4cdb50309f0cd76210ff29bcd16eb2b4fa5aef6bc6a113b586ba43
php-xml-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
d1c9d5017ccf737ec4b519ba5ae7838ea569e68cc23fecd8ae10aa9ef53c6a21
php-xmlrpc-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
7ead2a0bbfbbd792aca675d4f035d14c29a902495b78a10cffa1c5d51b83748a
php-zts-5.3.3-55.el6.tuxcare.els10.x86_64.rpm
3a5e01ba6bfdd7d725b76761e60ad847e3eff0b5e13625332274e60e846dac13
CLSA-2024:1734039943
php: Fix of CVE-2024-11234
TuxCare License Agreement
0
- CVE-2024-11234: fix stream HTTP fulluri CRLF injection
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-11234: fix stream HTTP fulluri CRLF injection
0
tuxcare-centos6-els
php-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
56d56701d6337b49324e6333cf380262eea5b091879ca20662c53d33a5303be0
php-bcmath-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
42da0348b62244bacabe51d4e36394a850552a1716216391c135ecd2e1c3312e
php-cli-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
b3b4c910029a17d42b2419268830314f33c252cbb06f35320941ff95ab416694
php-common-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
f48162be3fa2ea2a65608dd5978a69231745d2bb703329acc1c8986227a9c699
php-dba-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
09fbe1d314edb7be050c8aa0bfd09569e344ef62e3088f7a84a0aa1b1d8ed93c
php-devel-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
4436f383793e1ea4fc436ce440faf37fa753b06392ab5c3edf17546d715c7cb5
php-embedded-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
df0d87866f8b376439a963ddcc51f16c387579dedbcb9f15fc8b4e1e9fc4d4fe
php-enchant-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
fd59c8fab709ef52668170554d4dbdce72bd5f801a8db5c8b9ad24e9cc3ae6bc
php-fpm-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
db9c1382b5270e8d6c0d91d4455d4523efdc7aa4f203125661bd3a10f7c0b3ca
php-gd-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
f5cbd5b1ec68a768c3d2c6dd69c86f5818938ebd3a47b24b1c24626096a52c1a
php-imap-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
f79ca3cc9c323ab8ae563613b8e64bcf04cd6326a01c5e4cfbdf90a209a86b2e
php-intl-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
6a4aa7ed493e876fb42f1e70cd59145a12e859bb7916812ed790a50bb6e40a51
php-ldap-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
b6737265df2dae05521d0c02b3b6be7b3667702bd7ca5f8e1646006884632cf6
php-mbstring-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
db1f1cc3866953462fd97763b90ac94de727e7faa5fb31f863bf88c8068b6abf
php-mysql-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
8b91ceaaf28aaa4ce09bf74a0d47ab9ab4c52c2a69b3596577a9367e85492778
php-odbc-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
2414d89be7a99f2fb854fec22dbe8b519f184d24d8d9e9f5613e0ef410c324d5
php-pdo-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
016420a00539f8802a9846a86d48bbe23a6f3e5298828e91a421e5e0217f5b7d
php-pgsql-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
46a64c7ee4e57ac640cf3522854393c49669f0a6ff1c41bb86c6c320718609ef
php-process-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
0c0cc1e109b599d8efef342ae2bb48d7360642f5db458b52311fabcff0dd6e21
php-pspell-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
e1ff9d4a0668e5b9db620e96026c27bf927dbc88ebd35a576d883950ed463967
php-recode-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
bb77ec481438ab2a9f23bf9e78280d1841268e2ea782a0903719a8dd48062a33
php-snmp-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
22b60908a62deab8de6694f0d9fcaaf21b0fe850704a01479fbbc78116d9cd65
php-soap-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
f3b883c22cc606f3c2146821095ee89eba2f0c865088bd023a5e84360f50c3ed
php-tidy-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
c2a9da662483b4183e5f0012eb7f98234adc9adb309bf82fa558f112ac6495f6
php-xml-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
c9f8940f414a2d3cab1c7063076df2da6f3dcb989044b19b0d2596b44a49f682
php-xmlrpc-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
dbd690042de6f5b73ed201f1aa704067c9c5f928d8dcd3655f3299570d84a437
php-zts-5.3.3-55.el6.tuxcare.els11.x86_64.rpm
bdbded1dc45781347228c04ead1b2e697134d3de438f93d2843f1a555ae88a66
CLSA-2024:1735122554
ntp: Fix of CVE-2020-13817
TuxCare License Agreement
0
- CVE-2020-13817: randomize transmit timestamp in client requests
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-13817: randomize transmit timestamp in client requests
0
tuxcare-centos6-els
ntp-4.2.6p5-16.el6.tuxcare.els1.x86_64.rpm
60c980bad22155cc7bbbf099ac5493963013fdcd896a09f31d126a67922c54ba
ntp-doc-4.2.6p5-16.el6.tuxcare.els1.noarch.rpm
6a55ef91926e061371670722edd7143bc2868c7412683fdf86ee02160cdca00a
ntp-perl-4.2.6p5-16.el6.tuxcare.els1.x86_64.rpm
69baffbd4a8fd924991b84de2ee642086767b68a767f97a7fa5a3fdca8f72b25
ntpdate-4.2.6p5-16.el6.tuxcare.els1.x86_64.rpm
66f1fc00c3fc01fb75589fa93987042f662c0b4a69112ad6d97fbdeaa8b6ceac
CLSA-2025:1737153996
squid34: Fix of CVE-2024-25617
TuxCare License Agreement
0
- CVE-2024-25617: Improve handling of expanding HTTP header values to prevent DoS
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-25617: Improve handling of expanding HTTP header values to prevent DoS
0
tuxcare-centos6-els
squid34-3.4.14-16.el6.tuxcare.els9.x86_64.rpm
49cff7c6293a557c6fe441a9954d0747c34e7714c91102824fcea796f58331ef
CLSA-2025:1739292069
kernel: Fix of 13 CVEs
TuxCare License Agreement
0
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format {CVE-2024-53104}
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() {CVE-2024-35849}
- net: af_can: do not leave a dangling sk pointer in can_create() {CVE-2024-56603}
- netfilter: x_tables: fix LED ID check in led_tg_check() {CVE-2024-56650}
- scsi: bfa: Fix use-after-free in bfad_im_module_exit() {CVE-2024-53227}
- ALSA: seq: Fix race of snd_seq_timer_open() {CVE-2021-47281}
- btrfs: fix use-after-free when COWing tree bock and tracing is enabled {CVE-2024-56759}
- Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() {CVE-2024-56604}
- initramfs: avoid filename buffer overrun {CVE-2024-53142}
- scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() {CVE-2021-47191}
- media: edia: dvbdev: fix a use-after-free {CVE-2024-27043}
- net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT {CVE-2024-53057}
- Input: powermate - fix use-after-free in powermate_config_complete {CVE-2023-52475}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format {CVE-2024-53104}
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() {CVE-2024-35849}
- net: af_can: do not leave a dangling sk pointer in can_create() {CVE-2024-56603}
- netfilter: x_tables: fix LED ID check in led_tg_check() {CVE-2024-56650}
- scsi: bfa: Fix use-after-free in bfad_im_module_exit() {CVE-2024-53227}
- ALSA: seq: Fix race of snd_seq_timer_open() {CVE-2021-47281}
- btrfs: fix use-after-free when COWing tree bock and tracing is enabled {CVE-2024-56759}
- Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() {CVE-2024-56604}
- initramfs: avoid filename buffer overrun {CVE-2024-53142}
- scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() {CVE-2021-47191}
- media: edia: dvbdev: fix a use-after-free {CVE-2024-27043}
- net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT {CVE-2024-53057}
- Input: powermate - fix use-after-free in powermate_config_complete {CVE-2023-52475}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm
757a8e48a0fe7f1480c7cf6679e5501f336528b3e13e86c5b80a850e3679e381
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els20.noarch.rpm
ca9636f0f3a57ce0c32a1752e14b9984b7cfa8dd65104920064cb84c0f738e8b
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm
3df92a8fb57ad7fd7fdc937b7bd2bba9b8ec8bccad639c028086ce46cb1802f9
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els20.i686.rpm
4496879351e62faa8e0fc1a5ac20d478a2c9fff31075a8642ce4b578b330fc79
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm
3674695a760c26d4298a9f67284b717a5563b8a1b9b639501e8c86281c6a5e60
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm
a6b1361ea9c73bbcf54a7e184c65571ed3b52ed40bd90464984c67865b23fc3e
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els20.noarch.rpm
dd3872e81494885e063172f6b1b122704ba01eb35d6df3c2642a73cc2a04bdad
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els20.noarch.rpm
4046a0c0612d511b1448818d3544e5870f465bd0b3ba892db88c51ee626ec65f
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm
1697426bd7c2edf50920395b88fd8d05b47f7faa5f424495f1b2b878b7991042
perf-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm
bd9f6b1af38f97f3a6dd3aa74553e7a3271110291e6749242225f3d1b723db65
python-perf-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm
d61e711c011c5e79dec97c3e101aab5f47190ae62cbf386b2eedf29054718f37
CLSA-2025:1740823970
bind: Fix of CVE-2024-11187
TuxCare License Agreement
0
- CVE-2024-11187: Limit the additional processing for large RDATA sets
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-11187: Limit the additional processing for large RDATA sets
0
tuxcare-centos6-els
bind-9.8.2-0.68.rc1.el6.11.tuxcare.els10.x86_64.rpm
e3584a3ed50d3e092f5be1852d94d9a1f382a386efd6ba7812d5b0bdebabeb68
bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els10.x86_64.rpm
e372444afb78d6649cf030c0db1d930f8e04cf7ae989e1ddfc2c7c7661c29242
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els10.i686.rpm
ac2a26b5a9e7ae66db1bdf59b5707eaca1af8d8ce891e00c5a4621379425b558
bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els10.x86_64.rpm
3d54c8779f72532e93495eb099a496ea7281025c230e0540633f50d167acaaea
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els10.i686.rpm
2510b85d6906f4b18b1793c4ab580679b6cc817261b34a2a69f13f9019c43c64
bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els10.x86_64.rpm
33a54dfa51513dcee613c196e608778b5299be55770350a31b282c5e71e497d8
bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els10.x86_64.rpm
97da67c84e9b7a799c4c4914efbd34712cd75399185820ad416bda4c5f6880bb
bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els10.x86_64.rpm
21035008ba12bf4797c285077736e62a66eee4421d40a565bed36b90af9ba899
CLSA-2025:1740656525
kernel: Fix of 3 CVEs
TuxCare License Agreement
0
- NFSv4.0: Fix a use-after-free problem in the asynchronous open() {CVE-2024-53173}
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources {CVE-2024-53150}
- misc/libmasm/module: Fix two use after free in ibmasm_init_one {CVE-2021-47334}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- NFSv4.0: Fix a use-after-free problem in the asynchronous open() {CVE-2024-53173}
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources {CVE-2024-53150}
- misc/libmasm/module: Fix two use after free in ibmasm_init_one {CVE-2021-47334}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm
c63f6b9612f5bad0f3e74f2885f18ba3db9a4c5e7dfff0cfbf6e0128ab304839
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els21.noarch.rpm
75a559c1fd8978efdcda0fa8d1039fc9c89a51a49e71c5295f4d9b5c40eb91ed
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm
40283fe178aef964ee348173af0f76da9034bbe2befde934bd66ed3201b3859f
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els21.i686.rpm
6ce90328cd16ea705a0b2ceebefa31cccc55cdd356a3b9cd9a83b056e1e582d3
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm
b77ff15041b6300611a6ba18242bdf0141b46b1d3190c68d41008d485ec58458
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm
c7436c5575af1a677d013eb7e20115a47b59279d9357eb8f9f3d02a342102999
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els21.noarch.rpm
b209858aae1b608e5bbdf8920ffba789c1447339635902ae6599e6fdb21b9b16
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els21.noarch.rpm
45402eda33d98d7cc846ee6110a60837d5bc7d1ca790a3799526dabaae628a34
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm
cb078ad36c3401edecfdc44ef203968ba6b8de3bd9d430b6a086906b732af565
perf-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm
faaaa020192b875a4cdad80740a2082201a2e1d400c03f60184d66cb389b823a
python-perf-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm
e091d138e68b6360857f7f11b76b69da5ce3b22eb967bb95863eb6f00f40b220
CLSA-2025:1742232795
binutils: Fix of CVE-2025-0840
TuxCare License Agreement
0
- CVE-2025-0840: fix stack-buffer-overflow at objdump disassemble_bytes
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-0840: fix stack-buffer-overflow at objdump disassemble_bytes
0
tuxcare-centos6-els
binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els8.x86_64.rpm
89930fde21d8503bbe9ce42d25aa02127591816b3c94cd38f78b821d3307721a
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els8.i686.rpm
7a4254b5fede7bbadbec2f12f34135b53b30f17e96deb1aed8d7684ab623f762
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els8.x86_64.rpm
0a5e0c1583806a804a9c8d8437e4caa6fbf4fb645e2ccfefe5d415d1159a70b9
CLSA-2025:1741636522
libxml2: Fix of CVE-2025-27113
TuxCare License Agreement
0
- CVE-2025-27113: fix compilation of explicit child axis
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-27113: fix compilation of explicit child axis
0
tuxcare-centos6-els
libxml2-2.7.6-21.el6_8.1.tuxcare.els6.i686.rpm
0aa67077f645cd660a409f3277be0eec4cb4d84e98085757c26dbd799f25f5df
libxml2-2.7.6-21.el6_8.1.tuxcare.els6.x86_64.rpm
0b06ff6bb14aff124d051a317081870dd38f8b291da4669e60f3517dfbb6e011
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els6.i686.rpm
21047a6eadf62993e45c49c01368f88fe16051c096af00687a846ced78cf41e1
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els6.x86_64.rpm
ccde10c6b980f642bc5eb100fa0779d45638b6b8faebdadf7c27228b3711c7ae
libxml2-python-2.7.6-21.el6_8.1.tuxcare.els6.x86_64.rpm
3bb7435ffa72ee213e593b89f8837526c4cdad8869f3bba12ea14c0d009c7266
libxml2-static-2.7.6-21.el6_8.1.tuxcare.els6.x86_64.rpm
0c56d52a1f37d7b4a1ebebe2026b1e691ae9fc596e505e99a8008e50d936f4c8
CLSA-2025:1747057793
libxml2: Fix of CVE-2025-32415
TuxCare License Agreement
0
- CVE-2025-32415: fix heap buffer overflow in xmlSchemaIDCFillNodeTables
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-32415: fix heap buffer overflow in xmlSchemaIDCFillNodeTables
0
tuxcare-centos6-els
libxml2-2.7.6-21.el6_8.1.tuxcare.els8.i686.rpm
68d5abcd366830169db44524aebf2bfb94921488c7a086b6b064c0b33e4c3dad
libxml2-2.7.6-21.el6_8.1.tuxcare.els8.x86_64.rpm
1025442ac6f28f390ab4d0370833e9d8ae53630cc6b70f783c41cf66f0468a3c
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els8.i686.rpm
2ffa42d230280a84f2cc3a6133d311b9ee0b10bb1aff4acabff288dc8098f0ce
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els8.x86_64.rpm
85979ea073785b31c1233e23639dfe2737a8deca99c69913b98a28ae42019489
libxml2-python-2.7.6-21.el6_8.1.tuxcare.els8.x86_64.rpm
c9f886340ad434a109e6d39141903735e6558b1a0870de2423f6e2b3049baf13
libxml2-static-2.7.6-21.el6_8.1.tuxcare.els8.x86_64.rpm
75024f305c6e2c4aeafb023607c87b95424cf58bd0a241342354d86a4298551a
CLSA-2025:1747738545
Update of microcode_ctl
TuxCare License Agreement
0
- Update Intel CPU microcode to 20250211:
- Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c0003e0;
- Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b000620;
- Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x38;
- Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x436;
- Addition of cpuid:A06F3/0x01 (SRF-SP C0) microcode (in microcode.dat) at
revision 0x3000330;
- Addition of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at
revision 0x12c;
- Addition of cpuid:B0674/0x32 microcode (in microcode.dat) at revision
0x12c;
- Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x4124;
- Addition of cpuid:B06E0/0x19 (ADL-N A0) microcode (in microcode.dat) at
revision 0x1c;
- Addition of cpuid:B06F6/0x07 microcode (in microcode.dat) at revision 0x38;
- Addition of cpuid:B06F7/0x07 microcode (in microcode.dat) at revision 0x38;
- Addition of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at
revision 0x21000291;
- Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision
0x2c000290;
- Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision
0x2c000390;
- Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at
revision 0x2c000290;
- Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at
revision 0x2c000390;
- Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision
0x2c000290;
- Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision
0x2c000390;
- Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000290;
- Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000390;
- Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x35;
- Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x433;
- Removal of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at
revision 0x123;
- Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x4121;
- Removal of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) at
revision 0x4121;
- Removal of cpuid:B06A8/0xe0 microcode (in microcode.dat) at revision
0x4121;
- Removal of cpuid:B06E0/0x11 (ADL-N A0) microcode (in microcode.dat) at
revision 0x17;
- Removal of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at
revision 0x21000230;
- Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from
revision 0xd0003e7 up to 0xd0003f5;
- Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from
revision 0x10002b0 up to 0x10002c0;
- Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision
0x2c000390 up to 0x2c0003e0;
- Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from
revision 0x2b0005c0 up to 0x2b000620;
- Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from
revision 0x2c000390 up to 0x2c0003e0;
- Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from
revision 0x2b0005c0 up to 0x2b000620;
- Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision
0x2c000390 up to 0x2c0003e0;
- Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from
revision 0x2b0005c0 up to 0x2b000620;
- Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from
revision 0x2b0005c0 up to 0x2b000620;
- Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from
revision 0x35 up to 0x38;
- Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from
revision 0x7 up to 0x9;
- Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from
revision 0x433 up to 0x436;
- Update of cpuid:906EA/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat)
from revision 0xf8 up to 0xfa;
- Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat)
from revision 0x100 up to 0x102;
- Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from
revision 0x62 up to 0x63;
- Update of cpuid:A06A4/0xe6 (MTL-H/U C0) microcode (in microcode.dat) from
revision 0x1e up to 0x20;
- Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from
revision 0x4121 up to 0x4124;
- Update of cpuid:B06A8/0xe0 microcode (in microcode.dat) from revision
0x4121 up to 0x4124;
- Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x35 up to 0x38;
- Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x35 up to 0x38;
- Update of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) from
revision 0x21000230 up to 0x21000291;
- Remove old firmware versions: 06-8f-04, 06-8f-05, 06-8f-06, 06-ba-08;
- Update AMD CPU microcode to 2025-04-10:
- Addition AMD CPU microcode for processor family 0x19:
cpuid:0x00A70FC0(ver:0x0A70C005), cpuid:0x00A70F52(ver:0x0A705206),
cpuid:0x00A00F82(ver:0x0A00820C), cpuid:0x00A40F41(ver:0x0A404107),
cpuid:0x00A70F80(ver:0x0A708007), cpuid:0x00A20F10(ver:0x0A20102D),
cpuid:0x00A70F41(ver:0x0A704107), cpuid:0x00A60F12(ver:0x0A601209),
cpuid:0x00A10F81(ver:0x0A108108), cpuid:0x00A50F00(ver:0x0A500011),
cpuid:0x00A20F12(ver:0x0A201210);
- Addition AMD CPU microcode for processor family 0x17:
cpuid:0x00870F10(ver:0x08701034), cpuid:0x00860F01(ver:0x0860010D),
cpuid:0x00860F81(ver:0x08608108);
- Update AMD CPU microcode for processor family 0x17:
cpuid:0x008A0F00(ver:0x08A0000A);
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update Intel CPU microcode to 20250211:
- Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c0003e0;
- Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b000620;
- Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x38;
- Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x436;
- Addition of cpuid:A06F3/0x01 (SRF-SP C0) microcode (in microcode.dat) at
revision 0x3000330;
- Addition of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at
revision 0x12c;
- Addition of cpuid:B0674/0x32 microcode (in microcode.dat) at revision
0x12c;
- Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x4124;
- Addition of cpuid:B06E0/0x19 (ADL-N A0) microcode (in microcode.dat) at
revision 0x1c;
- Addition of cpuid:B06F6/0x07 microcode (in microcode.dat) at revision 0x38;
- Addition of cpuid:B06F7/0x07 microcode (in microcode.dat) at revision 0x38;
- Addition of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at
revision 0x21000291;
- Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision
0x2c000290;
- Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision
0x2c000390;
- Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at
revision 0x2c000290;
- Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at
revision 0x2c000390;
- Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision
0x2c000290;
- Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision
0x2c000390;
- Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000290;
- Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000390;
- Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b0004d0;
- Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b0005c0;
- Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x35;
- Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x433;
- Removal of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at
revision 0x123;
- Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x4121;
- Removal of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) at
revision 0x4121;
- Removal of cpuid:B06A8/0xe0 microcode (in microcode.dat) at revision
0x4121;
- Removal of cpuid:B06E0/0x11 (ADL-N A0) microcode (in microcode.dat) at
revision 0x17;
- Removal of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at
revision 0x21000230;
- Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from
revision 0xd0003e7 up to 0xd0003f5;
- Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from
revision 0x10002b0 up to 0x10002c0;
- Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision
0x2c000390 up to 0x2c0003e0;
- Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from
revision 0x2b0005c0 up to 0x2b000620;
- Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from
revision 0x2c000390 up to 0x2c0003e0;
- Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from
revision 0x2b0005c0 up to 0x2b000620;
- Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision
0x2c000390 up to 0x2c0003e0;
- Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from
revision 0x2b0005c0 up to 0x2b000620;
- Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from
revision 0x2b0005c0 up to 0x2b000620;
- Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from
revision 0x35 up to 0x38;
- Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from
revision 0x7 up to 0x9;
- Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from
revision 0x433 up to 0x436;
- Update of cpuid:906EA/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat)
from revision 0xf8 up to 0xfa;
- Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat)
from revision 0x100 up to 0x102;
- Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from
revision 0x62 up to 0x63;
- Update of cpuid:A06A4/0xe6 (MTL-H/U C0) microcode (in microcode.dat) from
revision 0x1e up to 0x20;
- Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from
revision 0x4121 up to 0x4124;
- Update of cpuid:B06A8/0xe0 microcode (in microcode.dat) from revision
0x4121 up to 0x4124;
- Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x35 up to 0x38;
- Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x35 up to 0x38;
- Update of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) from
revision 0x21000230 up to 0x21000291;
- Remove old firmware versions: 06-8f-04, 06-8f-05, 06-8f-06, 06-ba-08;
- Update AMD CPU microcode to 2025-04-10:
- Addition AMD CPU microcode for processor family 0x19:
cpuid:0x00A70FC0(ver:0x0A70C005), cpuid:0x00A70F52(ver:0x0A705206),
cpuid:0x00A00F82(ver:0x0A00820C), cpuid:0x00A40F41(ver:0x0A404107),
cpuid:0x00A70F80(ver:0x0A708007), cpuid:0x00A20F10(ver:0x0A20102D),
cpuid:0x00A70F41(ver:0x0A704107), cpuid:0x00A60F12(ver:0x0A601209),
cpuid:0x00A10F81(ver:0x0A108108), cpuid:0x00A50F00(ver:0x0A500011),
cpuid:0x00A20F12(ver:0x0A201210);
- Addition AMD CPU microcode for processor family 0x17:
cpuid:0x00870F10(ver:0x08701034), cpuid:0x00860F01(ver:0x0860010D),
cpuid:0x00860F81(ver:0x08608108);
- Update AMD CPU microcode for processor family 0x17:
cpuid:0x008A0F00(ver:0x08A0000A);
0
tuxcare-centos6-els
microcode_ctl-1.17-33.43.el6_10.tuxcare.els1.x86_64.rpm
c8a28e3b243831a2bf1ea7649e4a8154411a028457c931a0a067851594369070
CLSA-2025:1748366748
kernel: Fix of 12 CVEs
TuxCare License Agreement
0
- ext4: fix OOB read when checking dotdot dir {CVE-2025-37785}
- iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() {CVE-2025-21993}
- media: uvcvideo: Fix double free in error path {CVE-2024-57980}
- jffs2: Prevent rtime decompress memory corruption {CVE-2024-57850}
- wifi: iwlegacy: Clear stale interrupts before resuming device {CVE-2024-50234}
- udf: fix uninit-value use in udf_get_fileshortad {CVE-2024-50143}
- wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads {CVE-2022-49740}
- ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() {CVE-2021-47636}
- kvm: avoid speculation-based attacks from out-of-range memslot accesses {CVE-2021-47277}
- scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() {CVE-2021-47219}
- ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() {CVE-2022-48702}
- ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() {CVE-2022-48701}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- ext4: fix OOB read when checking dotdot dir {CVE-2025-37785}
- iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() {CVE-2025-21993}
- media: uvcvideo: Fix double free in error path {CVE-2024-57980}
- jffs2: Prevent rtime decompress memory corruption {CVE-2024-57850}
- wifi: iwlegacy: Clear stale interrupts before resuming device {CVE-2024-50234}
- udf: fix uninit-value use in udf_get_fileshortad {CVE-2024-50143}
- wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads {CVE-2022-49740}
- ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() {CVE-2021-47636}
- kvm: avoid speculation-based attacks from out-of-range memslot accesses {CVE-2021-47277}
- scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() {CVE-2021-47219}
- ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() {CVE-2022-48702}
- ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() {CVE-2022-48701}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm
062c7fa1ba29974d7d44f566250b229cd2aec6a57aac687cf3424b568903e9e2
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els22.noarch.rpm
81f30433be56682c5270616fb83642d01ddaa4a36439115e89295442cb424d94
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm
228cf6bc333964767b610683679776320ce37c65f180159678b6202e14fc8f4f
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els22.i686.rpm
41799aeba78564f10ff2f33d72e085c398fe091cc900721d46dc13e1a2b78a80
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm
221cd653fad0a799fc78dd3c24504843ae500c514bfac5a495b55aac637c46d5
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm
6cdd7165c618382dd020d2b55798930fdad79b558faff217eef852a512aa7394
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els22.noarch.rpm
9ac2627a4fbfc41ec0d0b12e3729dd9156dd232e306879fbdef779f7f4bc5edf
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els22.noarch.rpm
cde6165ccbdbdecba8dc1f437e7d215e4da96a92cf6d58561a16ae0ab89b5357
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm
3eed726c0e656de2871c504a2d23411968b17a4a4b35edd3ccc3375a2729ab4e
perf-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm
f12d72c059ad948a0eb33f009e5809be2ce455b0596c886286fcf04c1343beb7
python-perf-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm
a7d579a20d04596b4d9c86ca96cebc669cb0639e4c646e3ea244b8e55e60491d
CLSA-2025:1748947069
sssd: Fix of CVE-2023-3758
TuxCare License Agreement
0
- CVE-2023-3758: fix race condition in ad_gpo
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-3758: fix race condition in ad_gpo
0
tuxcare-centos6-els
libipa_hbac-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm
ff0f5293c5116905964aedb27f981761918f0c962dabebd68e22734724f140bf
libipa_hbac-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
7f792db11460e39a5c17e79793ca4e535462b64c81003cf22d9b66286361d199
libipa_hbac-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm
ed540b43da2771b64126368ae12ad7c5c9eb6cef5736ef68e326bc837e7f433a
libipa_hbac-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
56d0dea4cc975536b44381b157d45b04d2561ba28dd93524c515dc73f9642f4d
libsss_idmap-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm
7d1528188aa5a46f6890839fa29fd7d72df390f714fed94853034a2a59efd331
libsss_idmap-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
be14195bbcecb5ec04e86ce1d624cadb027348fc7db9f9fc6a41767be50357f2
libsss_idmap-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm
da645a00ed4e28c7694d33313656a65b0af9e076b1e98b412914738e871c7a01
libsss_idmap-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
2d063f88db747bdc5850178066605845f6288161e21011ef865be97b079120e1
libsss_nss_idmap-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm
0c953aace625dcb1dcdea32f07175641b310ded11644c53634b399968026522e
libsss_nss_idmap-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
d171ae76374c41387eacb45367011f91f5f13101ccbd4674e774ffa3d8e509ec
libsss_nss_idmap-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm
e01d07a189d87cc62b460e5f587b0da62c837999a07533c6ec1c2d7b043e4c2f
libsss_nss_idmap-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
2c783d0d92299865aae52e12d08b3f16827e17a1311bf4001960e7d7e9c92e5f
libsss_simpleifp-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm
238be567dfcc24a3b814346a2f27499b8663b134835f2d95de043fb2ed1b082c
libsss_simpleifp-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
549ba7a80ff5ee1269819a1836d8e697b0757f3d32f6f0712ba0f01d175d6953
libsss_simpleifp-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm
775bdbcff4ac5bc72f928066450f80011fe002fed83c5f3b7968118fe5d29aef
libsss_simpleifp-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
00bcee1519fd24cb6d320ca5a6ef6b24e22ed5c3a1ba09766264e1d4c6a2a20e
python-libipa_hbac-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
baa7c099fc5ae5cdc8130e76a56c0d3f59f80f388221222f9ab4826ae24c112a
python-libsss_nss_idmap-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
7c131a4764980ffd22e77b593fd63b80508836053119dd1121165dafa3f1a651
python-sss-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
bf5581c884878954dce49732e08382837ab2eb3b2635e1b49b25dd8fceab779c
python-sss-murmur-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
871a090e11fc5baa5382900c76f92418c63b71e041294d03e836bf2515fb52cc
python-sssdconfig-1.13.3-60.0.4.el6_10.2.tuxcare.els1.noarch.rpm
50ddab47afa1bf1564996f8fbb0187c2335d102846db0429d208b2e30be98e01
sssd-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
95299967d2e65579e0aad7869c0ef5885d6e9ee1f49307afb6a1ac50f1d978d2
sssd-ad-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
9bbc18ab42b5fd4819bb12cb80f2e6f9865c6e8032f79a8cbe03caff4258d9d7
sssd-client-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm
af6df93911cdecac08b3ff0e74d1e1d89d896572263484cb2529ee376bea4572
sssd-client-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
1295000b161dffd230b2ef68817900a7de574ce92904f0f0d82433986335a9f4
sssd-common-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm
2393a46fbb4857205d05a3d110e2559f427b2c590d34aab59fe81d8044f8f8a4
sssd-common-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
1e92c893f030bd413b2fa239a0284c3d32e4ee7f0a07a3682333c10a78226830
sssd-common-pac-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
c8ffd65b5d41d39fd820e27d59aa417db7309e9f72b79a67baa85ec0c9125c9d
sssd-dbus-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
658debad984d092f10b1ee0001f6c2ca4629b70bc5efd6df250a0c452b7b9eb9
sssd-ipa-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
34ee74705e0afdaf77369da704885f647bb6ad588cdbeb19c60da2afe24561e1
sssd-krb5-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
ec08394a9804d62b0c62d92fd82383798761da1510dcba7452392431146db181
sssd-krb5-common-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
4246208bd5dd1f29af5d0a97f40c9df97ba09f1901e8b417c9ddd41a07dc1477
sssd-ldap-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
16197b0f4f143d2007defcd4700a896ee9fca3e8eb1dcb3792da7c140db5c2be
sssd-proxy-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
bf73ef60e5198684cede2c5db314f908a96e41aee084bdf63328ecea753bd0f7
sssd-tools-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm
18e8f3d6d3b88f5fb9b0468b3764207921cdab5eb2f802ce106fb1f4ce3fdc0c
CLSA-2025:1750175787
kernel: Fix of 4 CVEs
TuxCare License Agreement
0
- media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init {CVE-2022-49478}
- x86/kvm: Disable kvmclock on all CPUs on shutdown {CVE-2021-47110}
- cifs: fix potential double free during failed mount {CVE-2022-49541}
- drm/amd/pm: fix double free in si_parse_power_table() {CVE-2022-49530}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init {CVE-2022-49478}
- x86/kvm: Disable kvmclock on all CPUs on shutdown {CVE-2021-47110}
- cifs: fix potential double free during failed mount {CVE-2022-49541}
- drm/amd/pm: fix double free in si_parse_power_table() {CVE-2022-49530}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm
e2abac2de77f347cf6e61ca2c2386048d320b0f2a21f6a9df12a1acf95a6de1d
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els23.noarch.rpm
9b3dcb709a7deb2d9c543857bc474163dd1f468541f02544b659b5db2fa51725
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm
395f6c29f51ad1aa8f290fe66f74517cbc0abaf7bf1b7c266a61a0c40d100b31
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els23.i686.rpm
ff3a7fce417ea751feb0d83bdf2ad63a363e0a7a75cefa1f808e89245f704992
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm
047358cfd153ec44c3f47425e5de284c165b9c254224dd6bc3e94dbe00df948e
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm
d093533688bd878628c022fd859099fbab8979048f946b68aa902790fb8ddbb2
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els23.noarch.rpm
9d0dbee8e1be80d24366c63466d89646946f14f7dd07a162991c7d6392ded43a
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els23.noarch.rpm
7f38f83f6bdc3792ae367d90a4bafbf1f298f7a28441e607812e716d476cd728
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm
43ce767de3f15f63e654c03a7fd7acc1fbcaf9778421141950895e6a5ac2540d
perf-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm
8824f8c350f6cc4d407089de4db68a51ac90fdf9485f86f9cba51f13ca8dea74
python-perf-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm
9a93d37bbc57b03021eefd2a0da78349ba6c930654798d0cf31ab9625c20f6cb
CLSA-2025:1751134987
rsync: Fix of CVE-2024-12088
TuxCare License Agreement
0
- CVE-2024-12088: fix improper verification of symbolic link destinations to
prevent path traversal vulnerability
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-12088: fix improper verification of symbolic link destinations to
prevent path traversal vulnerability
0
tuxcare-centos6-els
rsync-3.0.6-12.el6.tuxcare.els5.x86_64.rpm
c318c3122c28304e21ab020a3fe2ac509218ec5a5f9a350b5cfd25fe9dd5d1bf
CLSA-2025:1750879249
Update of tzdata
TuxCare License Agreement
0
- Upgrade to tzdata-2025b
- New zone for Aysén Region in Chile which moves from -04/-03 to -03.
- Paraguay adopted permanent -03 starting spring 2024.
- Improve pre-1991 data for the Philippines.
- Etc/Unknown is now reserved.
- Improve historical data for Mexico, Mongolia, and Portugal.
- System V names are now obsolescent.
- The main data form now uses %z.
- The code now conforms to RFC 8536 for early timestamps.
- Support POSIX.1-2024, which removes asctime_r and ctime_r.
- Assume POSIX.2-1992 or later for shell scripts.
- SUPPORT_C89 now defaults to 1.
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to tzdata-2025b
- New zone for Aysén Region in Chile which moves from -04/-03 to -03.
- Paraguay adopted permanent -03 starting spring 2024.
- Improve pre-1991 data for the Philippines.
- Etc/Unknown is now reserved.
- Improve historical data for Mexico, Mongolia, and Portugal.
- System V names are now obsolescent.
- The main data form now uses %z.
- The code now conforms to RFC 8536 for early timestamps.
- Support POSIX.1-2024, which removes asctime_r and ctime_r.
- Assume POSIX.2-1992 or later for shell scripts.
- SUPPORT_C89 now defaults to 1.
0
tuxcare-centos6-els
tzdata-2025b-1.el6.tuxcare.els1.noarch.rpm
fd6656b6668de3c9f7a7d357359b864c46c3a775c48fb28ebf39302e50b26fa0
tzdata-java-2025b-1.el6.tuxcare.els1.noarch.rpm
bc556fa270c7d00b1c467f7980f455241d4cc3bc068f1d6610f1177e14dd5cec
CLSA-2025:1751612441
rsync: Fix of CVE-2024-12087
TuxCare License Agreement
0
- CVE-2024-12087: fix path traversal vulnerability by adding a proper symlink
verification and deduplication checks on a per-file-list basis
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-12087: fix path traversal vulnerability by adding a proper symlink
verification and deduplication checks on a per-file-list basis
0
tuxcare-centos6-els
rsync-3.0.6-12.el6.tuxcare.els6.x86_64.rpm
04be859e390ffc0492f556e2868e24729ea09d93fa9c942a4e0bc8df5c195734
CLSA-2025:1751612332
java-1.8.0-openjdk: Fix of 2 CVEs
TuxCare License Agreement
0
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u452-b09. That fixes following CVE:
CVE-2025-21587, CVE-2025-30698.
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u452-b09. That fixes following CVE:
CVE-2025-21587, CVE-2025-30698.
0
tuxcare-centos6-els
java-1.8.0-openjdk-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm
3fb66905c41638e24f2d53692f6d2a776e183bdd3c1eed69a3eb4fd579907846
java-1.8.0-openjdk-debug-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm
7151e5996b47650126d32a1e42f630a4161201eadf17ec0c5de92272a18ea477
java-1.8.0-openjdk-demo-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm
fec5be9acdd5a46275d084a530e603ce6918405c7a22d2531bab627e3201c99a
java-1.8.0-openjdk-demo-debug-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm
be33260126e4e2353ba5546536d2bd8406562bfbe3c743903a4cd9f47c07d510
java-1.8.0-openjdk-devel-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm
37b61c3f08b168d1a70d99ebcc108ec25a1f4f44a73575da865ff78178ea6453
java-1.8.0-openjdk-devel-debug-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm
9b2f696b4c62130ee5c15b4d6100f76035a7b677a41143b2bab16c91cdfacdf2
java-1.8.0-openjdk-headless-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm
c2817a58ec037754ae44e57e92905d22dcfd327dc140cd13d4697f97633b4d0d
java-1.8.0-openjdk-headless-debug-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm
96c989eb6d14e6f581757ccffac225a302a1d15c58ebbcd1439512bb67e96d83
java-1.8.0-openjdk-javadoc-1.8.0.452.b09-1.el6.tuxcare.els1.noarch.rpm
f887f90a8ce8674e4386d1dba580e5ab6bc4da60a76d5c11f9fb0f2b8679df29
java-1.8.0-openjdk-javadoc-debug-1.8.0.452.b09-1.el6.tuxcare.els1.noarch.rpm
95bf9f357bf68104ae39b888e181d26064c5e733dabcf13205a456fac33fa741
java-1.8.0-openjdk-src-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm
fd14054176a99014d958b08a201437ff9780a5e0235cad3f894c4a24d37189d6
java-1.8.0-openjdk-src-debug-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm
520f25ae9158f0f56b27a20ac28fa49d784bb85c4c036117653c3316ffeb8b5f
CLSA-2025:1752091066
Update of tzdata
TuxCare License Agreement
0
- Fix incorrect tzdb.dat by harding links
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Fix incorrect tzdb.dat by harding links
0
tuxcare-centos6-els
tzdata-2025b-1.el6.tuxcare.els2.noarch.rpm
7ff5e22f9685e2af7c0635099e945f928a00ddcd71b3cb194f67c1fe02ff783d
tzdata-java-2025b-1.el6.tuxcare.els2.noarch.rpm
6c2999b18486898e3ab08823ed2369b5ef604a9353111cddb86621b63f132943
CLSA-2025:1752748974
git: Fix of CVE-2025-48384
TuxCare License Agreement
0
- CVE-2025-48384: config: quote values containing CR character
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-48384: config: quote values containing CR character
0
tuxcare-centos6-els
emacs-git-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm
40b8c673eba0e12ad4fb5f32e029c9f917446d4b54bb5ba7dccd38e123916e09
emacs-git-el-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm
23d5d40fc60e7a43fa1c9e357666ccc7779dc1f172b9e29fae581a8109e0d103
git-1.7.1-10.el6_10.tuxcare.els4.x86_64.rpm
734f58183ffacc866ef093b1df8faa92a56d3f6b950190c125fd4a583e8862a9
git-all-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm
0537318d4bce558a4384f23d216130a8a14d526ff3360e7c98350cba86df2f62
git-cvs-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm
c5944b5a07a22f929b2dddaf6dbdeb2e03fc66e7f547716ba35395e48eccdac3
git-daemon-1.7.1-10.el6_10.tuxcare.els4.x86_64.rpm
fe96cc6686aed921a55b1098e73bc972de4ebf9760016d2073af86a0438939be
git-email-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm
27e00d59383ec20d2a1f5b95b4a91be59b5e333e9c464ab086104f0b5e054827
git-gui-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm
0da5c3da796ecefe2603b14b5742fb0f61c19b8d6548eaa693e39cbdabe02672
git-svn-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm
edf48b22f9c8d4929c05c408279cb164ff23bf5a998ffc8c2dd832d47cc739a7
gitk-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm
f9c7bc4f0d948e7be2ae1abd3edd03c43a54407ad0540b3a6a69ba61b7f2bbbe
gitweb-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm
bf377e35d971e2d7417b3df1056a1027ee056592afde59c91794bd452c218bec
perl-Git-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm
10cc9005bf7a877a58a5dc51acdb26cb3a3d3ce1f5e820ac59a3b96a506bf17c
CLSA-2025:1753209595
perl: Fix of CVE-2018-18311
TuxCare License Agreement
0
- CVE-2018-18311: fix buffer overflow
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2018-18311: fix buffer overflow
0
tuxcare-centos6-els
perl-5.10.1-146.el6.tuxcare.els5.x86_64.rpm
8f86ce70ed554fa71447a46a59e3287dd5b9b58915139a86780e600c82f3c1dd
perl-Archive-Extract-0.38-146.el6.tuxcare.els5.x86_64.rpm
307c85b4786fd395baa185aa6e0764308cb82208ec0213c832b593eb7d65eb1e
perl-Archive-Tar-1.58-146.el6.tuxcare.els5.x86_64.rpm
b42c0a0438f06d4192a93697123c7bb23b52e24c1859ab1bd0abb35a19c29ac0
perl-CGI-3.51-146.el6.tuxcare.els5.x86_64.rpm
8d5c10eee1cfd943418185b3ca514d1401c65674c6688bb6e9558ccdb741d816
perl-CPAN-1.9402-146.el6.tuxcare.els5.x86_64.rpm
5b7a135a75c688f76f9fa393699ce8a88dd9281db5798b20780261d8046e0e12
perl-CPANPLUS-0.88-146.el6.tuxcare.els5.x86_64.rpm
a738e702e06f8b5322bd12c5a40f0e73a998c8b8069863946b09787596246bcb
perl-Compress-Raw-Bzip2-2.021-146.el6.tuxcare.els5.x86_64.rpm
36086d57aa94f3c12f0ff06aeee7ac01275365a7f22317076c057e573f718469
perl-Compress-Raw-Zlib-2.021-146.el6.tuxcare.els5.x86_64.rpm
e8c4dba2723ebae63665acc6e987b44e02a04f7980ec53d1d6323143679043c1
perl-Compress-Zlib-2.021-146.el6.tuxcare.els5.x86_64.rpm
376ec76f5b4d76f8bac1bfc13887c19cf6cbe340b0d9055bc051485514bef583
perl-Digest-SHA-5.47-146.el6.tuxcare.els5.x86_64.rpm
905d82523133a62444935b6a328359ed4c1e6bf4b800fff32383ed39a7538689
perl-ExtUtils-CBuilder-0.27-146.el6.tuxcare.els5.x86_64.rpm
2c09822670061c2f49a0a43ec5fddde2c154f9fd5adda802df99d47cc9282814
perl-ExtUtils-Embed-1.28-146.el6.tuxcare.els5.x86_64.rpm
bce31259e3f5c3c84f46766a4f09ba3306826d3233b8fc4225bda77be2b20c36
perl-ExtUtils-MakeMaker-6.55-146.el6.tuxcare.els5.x86_64.rpm
fefcad21cd835247907d0541883648ef57b50a8aa64473865d9df5a68e955d26
perl-ExtUtils-ParseXS-2.2003.0-146.el6.tuxcare.els5.x86_64.rpm
0bb302596439c5042bb6d9a5150329f68dc57f157e2768c905c1c9ae7e1ae119
perl-File-Fetch-0.26-146.el6.tuxcare.els5.x86_64.rpm
77ba61aebc596791837d374ee63a73f50969cbf460c1aa8bdd9eac0e9207a495
perl-IO-Compress-Base-2.021-146.el6.tuxcare.els5.x86_64.rpm
d37a3ebd6043536761f423f33fc89e999848028e34d57659dcc708b7201ace81
perl-IO-Compress-Bzip2-2.021-146.el6.tuxcare.els5.x86_64.rpm
1dcde45b915140440460acd784a7e30362a0cdc0a1706fcdd908dc8e0f6d4826
perl-IO-Compress-Zlib-2.021-146.el6.tuxcare.els5.x86_64.rpm
7079f166108daec54997bb9e01ee2cba2afe2a0542cc93ab9c095132d2d547e9
perl-IO-Zlib-1.09-146.el6.tuxcare.els5.x86_64.rpm
c7a0a097ad9c7b9fe247e8b3edf7767a01778701a43d72fb442c14c116a39cf6
perl-IPC-Cmd-0.56-146.el6.tuxcare.els5.x86_64.rpm
85bd30f48fa57fdd5340db28722af38db84497ace17c5375aed0b1a245396e2c
perl-Locale-Maketext-Simple-0.18-146.el6.tuxcare.els5.x86_64.rpm
b4a003bd1c037fd78568989d10890b2c16168107462cdc573559d08e77a0e562
perl-Log-Message-0.02-146.el6.tuxcare.els5.x86_64.rpm
6ea3b2dd7215024c42ac857994262b6d455f08c91f0f4d64bffe3398d1af8b84
perl-Log-Message-Simple-0.04-146.el6.tuxcare.els5.x86_64.rpm
e4b0dee5eb6f8e3269fc3d8ce925759ed486477bf8f2af5792261b45409f475b
perl-Module-Build-0.3500-146.el6.tuxcare.els5.x86_64.rpm
6a24179ad1a17919364857704f4c9954e1a7f810a19116786423ba1cfc6c38b3
perl-Module-CoreList-2.18-146.el6.tuxcare.els5.x86_64.rpm
76d3d438e87f9387a83bc9f3dcc7272bb1a2ab15730829cf7a834d277d9ad3ef
perl-Module-Load-0.16-146.el6.tuxcare.els5.x86_64.rpm
27e3205335bc9b128759779f7e4e6aa3585675b5399e53833538859fa675716b
perl-Module-Load-Conditional-0.30-146.el6.tuxcare.els5.x86_64.rpm
5ff640e360ccce362923bb92ce65c7635e88123c1b21102380c8832f87ad3139
perl-Module-Loaded-0.02-146.el6.tuxcare.els5.x86_64.rpm
17f822ed115624e89da906232acf6f42a04672a8ceb8d02573c881d30c2f265e
perl-Module-Pluggable-3.90-146.el6.tuxcare.els5.x86_64.rpm
ba4e00104d7853e273bbcc79eb81c2d04e0e1e3cbe69729ba943de0cff722886
perl-Object-Accessor-0.34-146.el6.tuxcare.els5.x86_64.rpm
37c3ed5eeb1f0fcc85ea5841681e67ca787336f521bc29a18b9fc5b0c87c3ce1
perl-Package-Constants-0.02-146.el6.tuxcare.els5.x86_64.rpm
3cc2d983c866fca15b60876850649c4303eabd6acf620da486d0e10aec7c375d
perl-Params-Check-0.26-146.el6.tuxcare.els5.x86_64.rpm
f693e327bc291bafc58465c204b6a8b46f9aa1c9297267d497effd9cd9805ed7
perl-Parse-CPAN-Meta-1.40-146.el6.tuxcare.els5.x86_64.rpm
c82d267567bc654490638b97ca426c2603f87320f679dc6a371f2638c29ffc32
perl-Pod-Escapes-1.04-146.el6.tuxcare.els5.x86_64.rpm
94ac7eb4627033ba81e2128ed8f30e60f3f2fef89dd0d79129f8cb21ddd1a8b0
perl-Pod-Simple-3.13-146.el6.tuxcare.els5.x86_64.rpm
42329823c8724a066f50043be3735599d4178deb4cfdbbf574aabf6304dfd8e9
perl-Term-UI-0.20-146.el6.tuxcare.els5.x86_64.rpm
43c1b297d69a654d5b8a8425433aa3800d6a9ca5438573e09836bed941c68a47
perl-Test-Harness-3.17-146.el6.tuxcare.els5.x86_64.rpm
bea46a8158961a4f355ae694452b444c2b4404cef62ea238c5efcc88b783c311
perl-Test-Simple-0.92-146.el6.tuxcare.els5.x86_64.rpm
023362cae1ae83efbb93a149834d4cf74a3841e7ca9b4bf3a070dfea74ca0296
perl-Time-HiRes-1.9721-146.el6.tuxcare.els5.x86_64.rpm
e3446dbb2bd220ff5b31150124fa30762316f376e60c77ddb269d79fc8a3080e
perl-Time-Piece-1.15-146.el6.tuxcare.els5.x86_64.rpm
aab3f8c3690882264042020599a836adbe4249d75d1d19027d6035b395a9a728
perl-core-5.10.1-146.el6.tuxcare.els5.x86_64.rpm
683490eb537107e839feda8e596c61f18b204e1c3d62c7663c138f45cb34f733
perl-devel-5.10.1-146.el6.tuxcare.els5.i686.rpm
20494f57b6814d61736a1e2f3c49073aeb3d34bd90fc0f7fce243c2fd19d418e
perl-devel-5.10.1-146.el6.tuxcare.els5.x86_64.rpm
1e99ca3ccd233b40a856091bf9d3d26a16428fbae5078072ecd9c01de268859f
perl-libs-5.10.1-146.el6.tuxcare.els5.i686.rpm
dd33afa776878e688a50748c3e80e1491b20b4026e85030c8a36100a3fc461e0
perl-libs-5.10.1-146.el6.tuxcare.els5.x86_64.rpm
ac7ea5018313002c8363ace121b1b0f843ec007f169ccfeedf9fc0f07a1a9272
perl-parent-0.221-146.el6.tuxcare.els5.x86_64.rpm
7a4b2c5c331f9667e09c6f5f1f4418b6209b909f671a3371a7e57f085e7b4a1e
perl-suidperl-5.10.1-146.el6.tuxcare.els5.x86_64.rpm
78ccec3e5740d20c1963eb55e4a314df9ff171265bae435d568b668d0d62fa64
perl-version-0.77-146.el6.tuxcare.els5.x86_64.rpm
99b7322a7a8c109f359bf224abd0b8ff11a94d655025fddb1edc12a44169fa3b
CLSA-2025:1753377886
libxml2: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2025-49794: fix memory safety issues in xmlSchematronReportOutput when parsing
XPath elements
- CVE-2025-49796: fix memory corruption issue triggered by processing sch:name
elements in input XML file
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-49794: fix memory safety issues in xmlSchematronReportOutput when parsing
XPath elements
- CVE-2025-49796: fix memory corruption issue triggered by processing sch:name
elements in input XML file
0
tuxcare-centos6-els
libxml2-2.7.6-21.el6_8.1.tuxcare.els9.i686.rpm
a56af2c8920c76637f0ce9e81d0f435eed2df8a7f920d9f5120ef6682ca0c58c
libxml2-2.7.6-21.el6_8.1.tuxcare.els9.x86_64.rpm
0f92160c66c58d0363928cffbeb69e9a43d41a22412bbb3d8000ed3347f7ee2d
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els9.i686.rpm
27bc2cf08ebc895a796aeb5736dffb9130f2318b622ccbd2d2ef559285acb5fd
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els9.x86_64.rpm
42d19eae3fb56fe17f1195fce5a060f0c3256da3f3b084f680d5ab6f82c1c854
libxml2-python-2.7.6-21.el6_8.1.tuxcare.els9.x86_64.rpm
617628646363f88791a7dc53d3614c7ce9cd9c5903aba088fba87d29a14b2db4
libxml2-static-2.7.6-21.el6_8.1.tuxcare.els9.x86_64.rpm
9d25662b090bdec3393d66ea525d0e114bf69e83574a8697517fc746306500ef
CLSA-2025:1753780501
php: Fix of CVE-2025-1220
TuxCare License Agreement
0
- CVE-2025-1220: fix null byte termination in hostnames
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-1220: fix null byte termination in hostnames
0
tuxcare-centos6-els
php-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
8f61b01f1f051c6d6206af8170d71320ba066f37b9cc751f190c20cd843c7533
php-bcmath-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
909dff94af171b2b9e7cfc86f192453238782356ed027e290b246b31d21dcbba
php-cli-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
4d4871f702137c4df07fdb890124f74282bf5ba4ea63aeceda401f3ecc56233e
php-common-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
031a209366127c90e68bb4dd815cb38e3ca611061a5ec3017dfafef2ffdefdc4
php-dba-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
7f90310bef6da584d0486ee19035bfd98294553bd04706a4424b85acb60078f2
php-devel-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
3e5ad3f25957083c870a9911b76da4188840ba7a218ce5786219b742b2864358
php-embedded-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
b802b85b4cf410d66585744a53f981da6b050c4a7cd163d9cb96ae5f6448e1af
php-enchant-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
ec9665fc98451a433d0a71065e3983b245924430cfffbddcb075d1a63dc4261b
php-fpm-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
de88a5c23951a825e1e193ef4ef6f49f5fe9292ca435a3f4de1ae97b8850d407
php-gd-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
73528c6d562c6edd700cf76653f804e3c9645ecf18096b73df78e30da85d6d2c
php-imap-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
34d2a105842aa7961d7308d662aaf2587f01d39579fe384bce39a1c4430f6ef5
php-intl-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
79fbb0e029136e5d2f4f0f110744a28f02f9abf4f8f1507d9bd06852647b6cf3
php-ldap-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
0843c9b37d6be61076e7f877f7c2fb6a617058ae1920c67f5e845bc37f24588d
php-mbstring-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
9440430f6427ed0e42dda253a0724e69fbf135d291492d87e149ec1f9b0c7050
php-mysql-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
51370d3e1b20f2efe818e646e12febc6c6f7bcc60b11540b26aa259287b3b474
php-odbc-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
a9aeb9d9b934856eeb9a5d4b0fec98431cb5c75b2a564388294ff2e0b94e2655
php-pdo-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
bc3e0bd142c3a793cd4718470f182b84b86e93aab43e7811c7d82138c13ebda2
php-pgsql-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
bd970c36b92c932330346bcbefb282ebf2c9d21987185959a4a31ee2a3a0dbd6
php-process-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
98e0ccdefd0dda5e9510da701f49f9c8c1d78d77cf0ccc035de9b42364804561
php-pspell-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
2971b774be40528e64a231347045197f7f8e5db31c835fcbf47cc1b93534385c
php-recode-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
4477e9b3fe4b9691178d199f9f0e592b2f94480a974b2d905a9aa302e3ee18c4
php-snmp-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
860903133c6335bea31366e6b9ff1ac8d04aeb88f0e6f60fc1ad5c9e4fe17961
php-soap-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
974b905b7a708a2252350d7478d35eb52f416bac4183c3a82a9dd22c2d42b9c5
php-tidy-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
78a8c62a2af8619deb57c8d88dedca21a1f262b0c271b15e0f9f545a8f0c400c
php-xml-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
9b1b80e51235d57e205bdb6ec64935fe5df89fde35ffb50219ab640a16109a27
php-xmlrpc-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
6b3a39079fd19af6bbadd164a6002cd16004e1eaf793456aa1fbcc41ac7f6647
php-zts-5.3.3-55.el6.tuxcare.els13.x86_64.rpm
7a6b04e94b7c12ffced003089d5edd8854083a4f69cf52da2b8f685d371c2558
CLSA-2025:1754342507
sqlite: Fix of CVE-2025-6965
TuxCare License Agreement
0
- CVE-2025-6965: fix a potential memory corruption if the number
of aggregate terms in a query exceeds the maximum number of columns
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-6965: fix a potential memory corruption if the number
of aggregate terms in a query exceeds the maximum number of columns
0
tuxcare-centos6-els
lemon-3.6.20-1.el6_7.2.tuxcare.els3.x86_64.rpm
c550b2775685b51892d449a11db48e08f7137c928f7242483f7df1619fbd3ded
sqlite-3.6.20-1.el6_7.2.tuxcare.els3.i686.rpm
0e468f5263a3fa576f06a047d8391fbc5f9c44aa00e6d59f42863cee7e5bcd75
sqlite-3.6.20-1.el6_7.2.tuxcare.els3.x86_64.rpm
df0da47460650c126a3541167ee8ed9a3b2c522ea2f7b1732192e7b161d9f8c8
sqlite-devel-3.6.20-1.el6_7.2.tuxcare.els3.i686.rpm
4f9e8053d0a5913581b0273e7042713ddb87fa96089eddaa0ea1ad76e9a5ad4f
sqlite-devel-3.6.20-1.el6_7.2.tuxcare.els3.x86_64.rpm
ceca6d383db336d88bf78e46fe4a169190174a73a7197394d6320264c76a31e9
sqlite-doc-3.6.20-1.el6_7.2.tuxcare.els3.x86_64.rpm
ceb1791bca62cd221fefa7a50f12d1bc4c370423a6139c66c1865b33af024f28
sqlite-tcl-3.6.20-1.el6_7.2.tuxcare.els3.x86_64.rpm
865c535499364a2ae51f02918938554b5d45d74d4273ec4ae8d2c1c2aa5b6396
CLSA-2025:1754381382
git: Fix of CVE-2025-27613
TuxCare License Agreement
0
- CVE-2025-27613: fix vulnerability where Gitk can write and truncate
arbitrary writable files
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-27613: fix vulnerability where Gitk can write and truncate
arbitrary writable files
0
tuxcare-centos6-els
emacs-git-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm
a122a7200907cca0813054f0fb6c82201f9f88b4ec19fbb3523092ced7d47449
emacs-git-el-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm
75613ef6c3cfe797f4a6bc98db5dbcd58e8d86d89c9c8f66df47e4c35abff439
git-1.7.1-10.el6_10.tuxcare.els5.x86_64.rpm
d7ded32768d8dfa22a632038841e6150a78b82131f71b2049c4a90b418d3fbf7
git-all-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm
5a65650fefe46cfbeae89a59fe62350201dabc2adbea371608c0cd411d14527a
git-cvs-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm
f970ee4984925fe6a21fdbe48bd0669f0680eb2590e9e5af2c0616ab3d0cf83f
git-daemon-1.7.1-10.el6_10.tuxcare.els5.x86_64.rpm
8a830ed5c28ee436fb013e723365ae3151892ffa6ee7b9bc7c19ccb40ed2e43b
git-email-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm
b75c3308979ae42619cd66735af61b757d8afe935fc9779b6e1a4b6bf22f86ea
git-gui-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm
6568fa584857ec0f294760de2e01d016314830f877011081f5dfb8d5d34b817b
git-svn-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm
88ebb1f89e7c63e93f67b3a3b7cee7954f8157d1b8295f54141390ffee6bbfa8
gitk-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm
e4e25d3230dfbc2c68a29ffc50a15ed40161a8f09e3aa01ad2843c6bee73053a
gitweb-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm
22105be1bbe2e0d0ac5070a78cd76d45c8983e2a9c7f08af018e332fe27b7cd6
perl-Git-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm
36e1f20e59a0008dc67fd4d88b56315d480831d095d1a5bd620ed9d47a9ccd56
CLSA-2025:1754680650
Update of nss
TuxCare License Agreement
0
- update to CKBI 2.74 from NSS 3.110
- updated certificates:
- # Certificate "certSIGN ROOT CA"
- # Certificate "ACCVRAIZ1"
- # Certificate "Entrust Root Certification Authority - G4"
- # Certificate "Security Communication ECC RootCA1"
- # Certificate "BJCA Global Root CA1"
- # Certificate "BJCA Global Root CA2"
- added certificates:
- # Certificate "TWCA CYBER Root CA"
- # Certificate "TWCA Global Root CA G2"
- # Certificate "SecureSign Root CA12"
- # Certificate "SecureSign Root CA14"
- # Certificate "SecureSign Root CA15"
- # Certificate "D-TRUST BR Root CA 2 2023"
- # Certificate "D-TRUST EV Root CA 2 2023"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- update to CKBI 2.74 from NSS 3.110
- updated certificates:
- # Certificate "certSIGN ROOT CA"
- # Certificate "ACCVRAIZ1"
- # Certificate "Entrust Root Certification Authority - G4"
- # Certificate "Security Communication ECC RootCA1"
- # Certificate "BJCA Global Root CA1"
- # Certificate "BJCA Global Root CA2"
- added certificates:
- # Certificate "TWCA CYBER Root CA"
- # Certificate "TWCA Global Root CA G2"
- # Certificate "SecureSign Root CA12"
- # Certificate "SecureSign Root CA14"
- # Certificate "SecureSign Root CA15"
- # Certificate "D-TRUST BR Root CA 2 2023"
- # Certificate "D-TRUST EV Root CA 2 2023"
0
tuxcare-centos6-els
nss-3.44.0-12.el6.tuxcare.els7.i686.rpm
c24f3cf50f9e2a6b1496763e9cc4a87b4c74bb198933e119aaae6aa8ea1a0f07
nss-3.44.0-12.el6.tuxcare.els7.x86_64.rpm
cb54cdb9f11a581280896fcbfbadb5f7cab1123880a3c1f18821055844b209ed
nss-devel-3.44.0-12.el6.tuxcare.els7.i686.rpm
fe3ac3d2db922104314e6174a3b41e282aac805062a5531b40342d8cea46789b
nss-devel-3.44.0-12.el6.tuxcare.els7.x86_64.rpm
3746e11405965216811c93d69d05b2c401d975ef712df0102e185a20437d02ac
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els7.i686.rpm
b7c5c0239f102a3cfd3cf6971f0054347838530ca1f8b3e28aa47a13328bbb4a
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els7.x86_64.rpm
0ed10d49b0af049c04e6bb8386d73ec088bfe6d81ea0743dccd36715e4d0bd82
nss-sysinit-3.44.0-12.el6.tuxcare.els7.x86_64.rpm
366db0c94658b0193c628fb0013450d37200c87285f229347e619aff6a88d6cd
nss-tools-3.44.0-12.el6.tuxcare.els7.x86_64.rpm
fe8ec81726de3e2fbada2a9026e5039d1d906b1180c24d7e1948d2c520d99302
CLSA-2025:1755074145
java-1.8.0-openjdk: Fix of 4 CVEs
TuxCare License Agreement
0
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u462-b08. That fixes following CVEs:
- CVE-2025-30749: better Glyph drawing
- CVE-2025-30754: enhance TLS protocol support
- CVE-2025-30761: improve scripting supports
- CVE-2025-50106: glyph out-of-memory access and crash
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u462-b08. That fixes following CVEs:
- CVE-2025-30749: better Glyph drawing
- CVE-2025-30754: enhance TLS protocol support
- CVE-2025-30761: improve scripting supports
- CVE-2025-50106: glyph out-of-memory access and crash
0
tuxcare-centos6-els
java-1.8.0-openjdk-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm
b55ded91672051d314ad581244dba31380974579510f108086b445fb12fa52de
java-1.8.0-openjdk-debug-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm
d92e0535a217931e76c3dae9e53325c9894bfa8d00772218ec65b8913886211f
java-1.8.0-openjdk-demo-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm
359ade8aa11e592da56e840e0af9d37d75434d10d4364376dce3396bb2b4fc19
java-1.8.0-openjdk-demo-debug-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm
54c501e2e8f2481c2b85f508436b99d1846204d7578180801c426a2e1bb120aa
java-1.8.0-openjdk-devel-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm
e6fd3f08a678af1b3afaae11a9ce8ffcd0f208b8200f182d07054cc9d4d02585
java-1.8.0-openjdk-devel-debug-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm
ce4421830225e803a650e8a3ddc0239f9981a6f88e0c57b6e53c67c9673113e1
java-1.8.0-openjdk-headless-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm
5677c655032b556c672662296535b4d1b69f757b3d09f6eab9772ac4fae96937
java-1.8.0-openjdk-headless-debug-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm
76317d68839dfae3f12195b7ebfd7d2466446d81e5e12f812026acd9b4f0022c
java-1.8.0-openjdk-javadoc-1.8.0.462.b08-1.el6.tuxcare.els1.noarch.rpm
78e0bd79a2bac9a8b3c7e210c3dc9c9ff8151018204417d73f0b0710cdad1ccf
java-1.8.0-openjdk-javadoc-debug-1.8.0.462.b08-1.el6.tuxcare.els1.noarch.rpm
4960123c1735d0df80f85bb42a4601893e23708474d08aa0bd9782d64049bfc1
java-1.8.0-openjdk-src-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm
4c52da57de86dae03cd06bcdd221e461a3f51f2fe4570cab895b12cd8b0580e4
java-1.8.0-openjdk-src-debug-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm
7de0afeed130ea1348702f307719d1835d40a69fb2dde49e4981fc3d9c1d62e5
CLSA-2025:1755074254
subversion: Fix of CVE-2024-46901
TuxCare License Agreement
0
- CVE-2024-46901: fix mod_dav_svn denial-of-service via control characters in paths
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-46901: fix mod_dav_svn denial-of-service via control characters in paths
0
tuxcare-centos6-els
mod_dav_svn-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm
2fb1bc04e8eefa4888d52b73cd3db605c7e567eac17379f25af6c031179ae48a
subversion-1.6.11-15.el6_7.tuxcare.els1.i686.rpm
1c2d83c3361f8999a010ef28b4ef51222f3d50aa5cfa663cc279a6200a06919c
subversion-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm
a7f8f5642020b244f35dab0af138b27ce12b9894a7883ea523e225ef3a8ab22e
subversion-devel-1.6.11-15.el6_7.tuxcare.els1.i686.rpm
d84e5a7e74e8dd67487e1153272ae896d425b34baee94250094ee2f096bfbb4a
subversion-devel-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm
d91615f1d631d0535d15a42808f99114b37789dd17d7dbc67402865b98d729fb
subversion-gnome-1.6.11-15.el6_7.tuxcare.els1.i686.rpm
38c4eb3cfbbc809bc67821f5f2fc3790d606e2e32504557642fdf472ea25c1a0
subversion-gnome-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm
7e9b5dd1dd487f947d645ffab10d0243b23e1725c61e563de675af902a611c14
subversion-javahl-1.6.11-15.el6_7.tuxcare.els1.i686.rpm
7c779f52bff4da350b6f20b68ff6ed68605a2a8a759dd4694c20df524ed456f4
subversion-javahl-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm
fa62f144d49a97ff63a044bea4d832f524d703ed404bc9b41c8dcbbb63552d08
subversion-kde-1.6.11-15.el6_7.tuxcare.els1.i686.rpm
58e12df83dbd4353f30856cff709ef38d9a0d2a9072e2fab0a1096625751be7f
subversion-kde-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm
351216df77d5fc7a3ef41d56e230989c2c0826a5d5a0c8c5d58232561fd70bf1
subversion-perl-1.6.11-15.el6_7.tuxcare.els1.i686.rpm
035444bec15178a5462e8727e0264b4f1d6ccf15d55f034b0e276cff5cda284f
subversion-perl-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm
552b654f37b0298dbbc0debe0ace10dbf74bd555b59751895ff87f7ecd6dd703
subversion-ruby-1.6.11-15.el6_7.tuxcare.els1.i686.rpm
e9f45732e02e1e95d61618a9a0d98e77357a961f3f3f3b209d4a238923fe6982
subversion-ruby-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm
a190515dc1ef4ed5f4c6bc36a899b9b93abeaee6a494598f0cbb820ac6e49c29
subversion-svn2cl-1.6.11-15.el6_7.tuxcare.els1.noarch.rpm
3b961bdf4b503af1dd7380468a42629d963b2f4b3a23f9e11387c80798a01b85
CLSA-2025:1755184971
git: Fix of CVE-2025-46835
TuxCare License Agreement
0
- CVE-2025-46835: fix vulnerability where Git GUI can create and overwrite
arbitrary writable files
Low
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-46835: fix vulnerability where Git GUI can create and overwrite
arbitrary writable files
0
tuxcare-centos6-els
emacs-git-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm
2f237bc14c091f071fdf15af90aa9a91f1205a242c23f7c393dcbad37361a573
emacs-git-el-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm
f7994a0eb2901c2890a30e5bc839aff638c132a4239883b07fafc20e49ecef18
git-1.7.1-10.el6_10.tuxcare.els6.x86_64.rpm
cb814f6371e1cde4a8e11a8f2cc3a378fa89ee6a3d2db0ea2938c2cb231fec95
git-all-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm
4ec5126ac1587f4aeb82eafcfbf709735ed5d27acc0596fade861a35f4cb075d
git-cvs-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm
30837bf237c57b247a5529160279ac5959c4ca571cd2fb4f66c1c607244a42cc
git-daemon-1.7.1-10.el6_10.tuxcare.els6.x86_64.rpm
f805b6a4f16002bc94d21d6f7d6adf64f3b17e3dd36d8741d960c6b1d24f5fa6
git-email-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm
3f737ab6caac5811030edbc2fddbc79353ff47b98c87751be0e5beee78aa9c1c
git-gui-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm
51e1f2ce5b2c052aab82197e0246faaa1a90c2c03729d58fb3d267d9132de421
git-svn-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm
66d8528956809b28a02c5c76136dc681bbd8aaa88bcedfa481c45fbdf180bf70
gitk-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm
a9d09797ed635fa2e4f3a03bf9f08db99d02bc6cef8927cce7086b087383b395
gitweb-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm
c67886c9b7ae9e8ec3a8e099106953e357418f79495cbfdfc4dee6a59500cf90
perl-Git-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm
c5ebf038fc640401684302ce5b9ddd79cf6450db52901b790622a11d22ea35c0
CLSA-2025:1755707175
kernel: Fix of CVE-2023-52572
TuxCare License Agreement
0
- cifs: Fix UAF in cifs_demultiplex_thread() {CVE-2023-52572}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- cifs: Fix UAF in cifs_demultiplex_thread() {CVE-2023-52572}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm
786dd4ca3ac9421baffc9dc7bbf8449edeef2ee484b80032f27ef80e33cb25fb
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els24.noarch.rpm
f0aad1841159d570d6a42575b2df66c6e0967858041c217ed49a108ca9eb53ae
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm
4bed9f5cb3789e572a469eeae843fbc7baccc11264ed2056833b039968dad18c
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els24.i686.rpm
f15de662baf05da2fb7a2b2108eea54fc274c637f8ceef6e64680b6827e9176c
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm
a1ec1ea22fad55e1416fda51f545b02f8d8c5924cad61eb2ebe373871a8246e0
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm
41f22250f5f8d889d7a9f4373b9095a46392bfc8805cc8a535b7f5fc72d2bbf5
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els24.noarch.rpm
5518542e20630ef15a433bd161e413ae3900836dd6839d86da4b512a0fbc7ba1
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els24.noarch.rpm
4c4596fe89a5c46808e235fbac5049dbb681050b8e64b11487f48d28692972d2
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm
0b025c5107296c33fc0e4974269ea17b79fbc073d9e41a2791ad6c921b768cd9
perf-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm
289845674abbe45e342847abfcd5dbd68d4e58343b617146abf1d48c2e878816
python-perf-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm
7d7ad7ebfaeb9835a2e1a840fb52b52b6b117fd81bd2194e335a113e52733a39
CLSA-2025:1755513827
tomcat6: Fix of CVE-2025-24813
TuxCare License Agreement
0
- CVE-2025-24813: enhance lifecycle of temporary files used by partial PUT
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-24813: enhance lifecycle of temporary files used by partial PUT
0
tuxcare-centos6-els
tomcat6-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm
b197ec3530ecb9acd695813ee77bfeba5bfa2d3588fbf601a01663d481a1449b
tomcat6-admin-webapps-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm
51719933a82a8cca63c877f09f9653b4b641277642e1ee58c83671adb9798453
tomcat6-docs-webapp-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm
b69c0e54def405fd3e58686d281240e704fababd8f6068d5884941e8268eac1e
tomcat6-el-2.1-api-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm
7246e3cd607239d4417db58e31144f08dfcc78fe339b183ca99da050b838a3d2
tomcat6-javadoc-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm
8ef1d6ae7922c5dbde472694824385b196471f1d47ef0cdfb23d02b83fdc94c3
tomcat6-jsp-2.1-api-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm
3d6081e25ec022c7b2e5d107ccf4c149207786f58ab11bb3593e2c0b73ee4aeb
tomcat6-lib-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm
41a164b938e92a1f90ff6cbf662c44e611f3aece54fca403b7bb478ac5432199
tomcat6-servlet-2.5-api-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm
ffc8b09fe693ca0e6620d158d3d16b61c67c776c60fa3c2cb1b0973784759c4c
tomcat6-webapps-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm
f5dd180ec0a72ac7ea21732558cece7bd72b02937318b6660923e47888e4b2ea
CLSA-2025:1755271747
dmidecode: Fix of CVE-2023-30630
TuxCare License Agreement
0
- CVE-2023-30630: prevent --dump-bin from overwriting local files to
address privilege escalation vulnerability
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-30630: prevent --dump-bin from overwriting local files to
address privilege escalation vulnerability
0
tuxcare-centos6-els
dmidecode-2.12-7.el6.tuxcare.els1.x86_64.rpm
90ceaf88dea8b738437d15da4b1c0619afb59c44aa9b3ce0d6f268af438a6dbd
CLSA-2025:1756923561
clamav: Fix of 8 CVEs
TuxCare License Agreement
0
- Update to 1.0.9 LTS version
- CVE-2025-20260: Fixed a possible buffer overflow write bug in
the PDF file parser
- CVE-2025-20128: Fixed a possible buffer overflow read bug in
the OLE2 file parser
- CVE-2024-20506: Changed the logging module to disable following
symlinks on Linux and Unix systems so as to prevent an attacker
with existing access to the 'clamd' or 'freshclam' services from
using a symlink to corrupt system files
- CVE-2024-20290: Fixed a possible heap overflow read bug in
the OLE2 file parser
- CVE-2024-20328: Fixed a possible command injection in the
'VirusEvent' feature of the clamd service
- CVE-2023-20197: Fixed a possible denial of service in the
HFS+ parser
- CVE-2023-20212: Fixed a possible DoS in the AutoIT file
parser
- CVE-2023-20052: Fixed a possible remote information leak
in the DMG file parser
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update to 1.0.9 LTS version
- CVE-2025-20260: Fixed a possible buffer overflow write bug in
the PDF file parser
- CVE-2025-20128: Fixed a possible buffer overflow read bug in
the OLE2 file parser
- CVE-2024-20506: Changed the logging module to disable following
symlinks on Linux and Unix systems so as to prevent an attacker
with existing access to the 'clamd' or 'freshclam' services from
using a symlink to corrupt system files
- CVE-2024-20290: Fixed a possible heap overflow read bug in
the OLE2 file parser
- CVE-2024-20328: Fixed a possible command injection in the
'VirusEvent' feature of the clamd service
- CVE-2023-20197: Fixed a possible denial of service in the
HFS+ parser
- CVE-2023-20212: Fixed a possible DoS in the AutoIT file
parser
- CVE-2023-20052: Fixed a possible remote information leak
in the DMG file parser
0
tuxcare-centos6-els
clamav-1.0.9-1.el6.tuxcare.els1.x86_64.rpm
6ee835b7995d016497c196d72e3135e0404a2b6058ff4d868f61d5fcec67dbd3
clamav-data-1.0.9-1.el6.tuxcare.els1.noarch.rpm
d986c3ba6b8dd7343cd630d5402a9435284a00ab9e7eaf0327b13ce96ea95514
clamav-devel-1.0.9-1.el6.tuxcare.els1.x86_64.rpm
47b97c74cde8fe69346699d135ea92155bffbe5b7973dd7d51e43a51d0cb64c5
clamav-doc-1.0.9-1.el6.tuxcare.els1.noarch.rpm
3c62d8460c9b2e6ae5a4c6787a6f65babbf113dddd308ce46c88df5f108d9d8a
clamav-filesystem-1.0.9-1.el6.tuxcare.els1.noarch.rpm
1dd4d72d0172489ed9e964d46dbd3418cea3f54fa8c6be9da27cf230cdbdc35f
clamav-freshclam-1.0.9-1.el6.tuxcare.els1.x86_64.rpm
5cf7c8054b4e4c5c78bea2750e6529072662f19fbeb17071f84e9c6c661a6dd1
clamav-lib-1.0.9-1.el6.tuxcare.els1.x86_64.rpm
429c596375ac8aab74b4722f5cffdf455237a1b545c979258a99d4361f5e9b4c
clamav-milter-1.0.9-1.el6.tuxcare.els1.x86_64.rpm
8b2ce9c6cfa5e349dfeb3f469d46bf24b6c8651ad94b88e58aee8ab3941ab368
clamd-1.0.9-1.el6.tuxcare.els1.x86_64.rpm
77aa75236b8cdcb7db23f4d91d3e3ce976aa494a01041f05f783a0c26ca6ef67
CLSA-2025:1756409922
wget: Fix of CVE-2024-38428
TuxCare License Agreement
0
- CVE-2024-38428: fix mishandle semicolons in userinfo subcomponent of URI to
prevent insecure behavior
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-38428: fix mishandle semicolons in userinfo subcomponent of URI to
prevent insecure behavior
0
tuxcare-centos6-els
wget-1.12-10.el6.tuxcare.els1.x86_64.rpm
a3d254708f4fa588cbe00381f230d337a9099bad812e3370792d75bbc0ca2cb3
CLSA-2025:1756483990
php: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2025-1217: http stream wrapper: fix handling folded headers
- CVE-2025-1734: http stream wrapper: fix handling headers with invalid name and no colon
- CVE-2025-1861: fix http redirect location truncation
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-1217: http stream wrapper: fix handling folded headers
- CVE-2025-1734: http stream wrapper: fix handling headers with invalid name and no colon
- CVE-2025-1861: fix http redirect location truncation
0
tuxcare-centos6-els
php-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
af4bb5662b23be701caed0e08e7ecdb7ded83fe4091e26365545aa3179e3fef6
php-bcmath-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
5775395ba884c949e2dd9744dbb4646671096497e50fe31293dc675804f460c5
php-cli-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
83f4e2135a7a253b588f9f3c9d5a1625028f627a80a97e5833001669704fdcac
php-common-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
459f33b396869a28111d17054be7c7e0dc8e662ac97db0b1a58f4d828e0646b6
php-dba-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
6f033aef6af1442b016a805802d6c0ef150b8aff152b04c82fd40965a54b151a
php-devel-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
2832499c80248642d261e3d43ae67213593401193f35e4ffce627201e4d0e0ba
php-embedded-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
4f0de2229490f6fdaa717ef090198499445d462e412e25f9a8b348b53756f37e
php-enchant-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
65d99847a781bdc340ac7e0c71afe4a2ea36505151dea40b84b2a3f410915512
php-fpm-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
d8a296a9af0ee3f2511db48a0554b75fb5663225f79c2736a43d0a99bf6e13e4
php-gd-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
cf8083da6c7e16400f78f98cd05ed58f4e05c4b5048c1182d9ae175e6557bcf8
php-imap-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
8fac2ce5d09ecbb6b9f515d45929528607afd936591bfd62f4f52be9600057b1
php-intl-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
18d76dea383fb34442858fe89bf3039ea076ab0c9523aecb04f7fbefbb4c4fe3
php-ldap-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
2f9f44e87fafb31447bc1ca7659ae0f657a5ee1105ec04f8b658a6859415286a
php-mbstring-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
c25c3d4ecb729fcf7bc50f801db5ce7f2a554df5957ef45b131e269546c14ed6
php-mysql-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
8721be7c33676cb6e1df615c2106907b70b9183c92b4ef86f8b59932598feca4
php-odbc-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
ec0b9d9d8667ecf46e50ab8e3e737847b6c5b4807d8646dddf281f049f5842b5
php-pdo-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
6f4481158e0d68fc9bdcef94b9cea6a1d98de643c3a6fd90ac3e78d85c47d372
php-pgsql-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
bfd9b34b66ec1ab782006a059249d95e25ad5970e1d6491454c1e26b0b10a529
php-process-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
813e22976aa1e142620f75cd81244857698097c4af0c1c2733e3c020d27bb488
php-pspell-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
eaf682d67dabe19b91f3115c2dfcbcee821b2b7a7ec7bd1c275179936d6f86ba
php-recode-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
4bc076879ddafe7c3edb1fa4cd872422329f2f67fdbfac05732e863527ecf2df
php-snmp-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
640163930e0637ba1789a55cc9a5a542574c27b128011252966ddc06f8a421fb
php-soap-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
3ab5698a10125dfc9419cdf6b2b3cabbce7ad626eb03639b70748dc86b2feab1
php-tidy-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
58d9bf9cc1cbbee8b6d446f980104a7c1735e2ced26e8ca9d0e43704d89391c1
php-xml-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
a8829e8bf25cff252e7dc4bc49a0cbc211cc79dcd4571951e70ca37f55bb623f
php-xmlrpc-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
a45a7e7a075fa79297175f1afe23ed1054ae44816809339b6908cd11d4b45498
php-zts-5.3.3-55.el6.tuxcare.els14.x86_64.rpm
a8682b3236b441fed4dd97db4edf7925e72c5e910de2f14c1ba58312897317be
CLSA-2025:1757016520
squid34: Fix of CVE-2025-54574
TuxCare License Agreement
0
- CVE-2025-54574: fix buffer overflow in URN handling
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-54574: fix buffer overflow in URN handling
0
tuxcare-centos6-els
squid34-3.4.14-16.el6.tuxcare.els10.x86_64.rpm
168ca89b5c1d09c4a96d19517b1d6832bfbeb49a0a12f280759cf5d9c8033056
CLSA-2025:1757076484
squid: Fix of CVE-2025-54574
TuxCare License Agreement
0
- CVE-2025-54574: fix buffer overflow in URN handling
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-54574: fix buffer overflow in URN handling
0
tuxcare-centos6-els
squid-3.1.23-30.el6.tuxcare.els14.x86_64.rpm
406f245cf435a2746cdf359d240eabe8efdf4fb292bead53be26167586844370
CLSA-2025:1757608775
python: Fix of CVE-2016-5636
TuxCare License Agreement
0
- CVE-2016-5636: fix heap-based buffer overflow in zipimport.c
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2016-5636: fix heap-based buffer overflow in zipimport.c
0
tuxcare-centos6-els
python-2.6.6-70.el6.tuxcare.els15.i686.rpm
bd6be35595db847e3e4216273698bd41868e2d487762d548313ac6fc0b15d6d1
python-2.6.6-70.el6.tuxcare.els15.x86_64.rpm
66144d125b53d6928f251a54cf5fd6e7f7bbdaae277633259ad5b16040cc1cea
python-devel-2.6.6-70.el6.tuxcare.els15.i686.rpm
0ff5b388bb1a60966f86736b6088257d64f7f5728d2d750cdb1204be1e00d846
python-devel-2.6.6-70.el6.tuxcare.els15.x86_64.rpm
0d006262c228d87f75ac5810cf6a461c4f83999009eac5c8d44c79581f926c04
python-libs-2.6.6-70.el6.tuxcare.els15.i686.rpm
bd7a0c86bb9c3d5fa92f62d3ab5f5655d2b2ddb8b03c85c170d7c247153711c5
python-libs-2.6.6-70.el6.tuxcare.els15.x86_64.rpm
a77ed4433f946de8d45c35a68892a42d338c49359464899073e0f929882c1837
python-test-2.6.6-70.el6.tuxcare.els15.x86_64.rpm
4ecdd02bc98041db68edc493e940b198938ecb99ac0e00ba659c1426bd1c5c7c
python-tools-2.6.6-70.el6.tuxcare.els15.x86_64.rpm
4c1a02d02b0d847b74dad0bf46bc4f66d33d586d1ac52b1276b3e111598bb754
tkinter-2.6.6-70.el6.tuxcare.els15.x86_64.rpm
6a92bed3e4d1dd8c80f7e4d3b65b285d5c7a750d7a97a8ca58aa6f0dacab9b1c
CLSA-2025:1758035415
httpd: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2024-47252: escape characters are now properly handled in mod_ssl to
prevent untrusted SSL/TLS clients from inserting escape characters into log
files
- CVE-2025-49812: remove support for TLS upgrade to mitigate HTTP
desynchronisation attack
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-47252: escape characters are now properly handled in mod_ssl to
prevent untrusted SSL/TLS clients from inserting escape characters into log
files
- CVE-2025-49812: remove support for TLS upgrade to mitigate HTTP
desynchronisation attack
0
tuxcare-centos6-els
httpd-2.2.15-72.el6.tuxcare.els10.x86_64.rpm
e8da0596686570b95cf316549c78e214969715564ed2d1667d382566e0765308
httpd-devel-2.2.15-72.el6.tuxcare.els10.i686.rpm
5854fe9962efe955e66d26854fa9f3cdd10fab881ac88ab99a68a2460547fdc1
httpd-devel-2.2.15-72.el6.tuxcare.els10.x86_64.rpm
f8719fa3a735dac87c82d0848d9e5101697fcb008cc02ff8b91867fb75526511
httpd-manual-2.2.15-72.el6.tuxcare.els10.noarch.rpm
7234c37ecde584163a7ad76319b27ab42b358aff2db0f192bec46035f8f09a6c
httpd-tools-2.2.15-72.el6.tuxcare.els10.x86_64.rpm
365d0bc269a831c504ee7a855a792ffb181e8ac59ac13d344d8dafe526aa5e74
mod_ssl-2.2.15-72.el6.tuxcare.els10.x86_64.rpm
d5de63ef9bb1096a2dd031e37cb8b2deb3e02a55c83393b58c9457571853ba7f
CLSA-2025:1757700075
glibc: Fix of CVE-2019-9169
TuxCare License Agreement
0
- CVE-2019-9169: fix heap-based buffer over-read in proceed_next_node in
posix/regexec.c
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2019-9169: fix heap-based buffer over-read in proceed_next_node in
posix/regexec.c
0
tuxcare-centos6-els
glibc-2.12-2.215.el6.tuxcare.els10.i686.rpm
e60542ac7ac9855b63f4cab3e5ff160ee7050da53f2bd98c25bdb3dbfa4906b8
glibc-2.12-2.215.el6.tuxcare.els10.x86_64.rpm
9e1951086ddd523052111d37d846d114e365e1ec58675144f8d55ece099f439f
glibc-common-2.12-2.215.el6.tuxcare.els10.x86_64.rpm
e7ed64302efac9099a27697be673958f67b244e7834f36270d0abe918fa07118
glibc-devel-2.12-2.215.el6.tuxcare.els10.i686.rpm
2a4c7df7f6346d1387fea3d20b96dec8977c154d7f56cd5c95f2129c07c4ed05
glibc-devel-2.12-2.215.el6.tuxcare.els10.x86_64.rpm
e09ac4e57accc5d72c94c83c23dbfbf1cff1da30c8278a44e2d7315d90fe6975
glibc-headers-2.12-2.215.el6.tuxcare.els10.x86_64.rpm
7fc41acbd67defeefff063833e98443304d38f828e0af212ad0a879b1a4da1de
glibc-static-2.12-2.215.el6.tuxcare.els10.i686.rpm
c6ced4fcb7d001bd8c42e1c5c953619c366a9aef86ffa02fbd42d56f3ac31cd9
glibc-static-2.12-2.215.el6.tuxcare.els10.x86_64.rpm
72e6da2dce715c117b593bf10e228571c28c243f79b226c3973277f032096fb5
glibc-utils-2.12-2.215.el6.tuxcare.els10.x86_64.rpm
ea8dc72aaad9d685200938dcbbd65af7147b488a8678bca0357fd487eb6a1b37
nscd-2.12-2.215.el6.tuxcare.els10.x86_64.rpm
f83fa7cd1a941109f369f1b82db1e68a6d56b3e23ae72fa0c8053e5311d4a0e1
CLSA-2025:1758010245
kernel: Fix of 3 CVEs
TuxCare License Agreement
0
- posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() {CVE-2025-38352}
- sch_qfq: make qfq_qlen_notify() idempotent {CVE-2025-38177}
- sch_hfsc: make hfsc_qlen_notify() idempotent {CVE-2025-38177}
- sch_drr: make drr_qlen_notify() idempotent {CVE-2025-38177}
- sch_htb: make htb_qlen_notify() idempotent {CVE-2025-38177}
- net: atm: fix /proc/net/atm/lec handling {CVE-2025-38180}
- net: atm: add lec_mutex {CVE-2025-38180}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() {CVE-2025-38352}
- sch_qfq: make qfq_qlen_notify() idempotent {CVE-2025-38177}
- sch_hfsc: make hfsc_qlen_notify() idempotent {CVE-2025-38177}
- sch_drr: make drr_qlen_notify() idempotent {CVE-2025-38177}
- sch_htb: make htb_qlen_notify() idempotent {CVE-2025-38177}
- net: atm: fix /proc/net/atm/lec handling {CVE-2025-38180}
- net: atm: add lec_mutex {CVE-2025-38180}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm
591271b72bbf90e4f2a89492b12b67161d1da9ea93c0caf89fe3e29a855e04b0
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els25.noarch.rpm
c2574b87f390421f766d5c0c543735b35fea29e09f128b9536abd6c3d90f660e
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm
82c31fa10b6679470eb84d5bda776e0ba7b92fb8442cbbc649baa41e62f462d0
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els25.i686.rpm
19b53d182a35d9cc8d7a804ee867ed92314695b712b24b45ad9e53f358cfcc61
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm
948ee6eb39cabc5c61434c5516f2b14a836aa1e3f1d3674962405b80c7b44912
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm
d72e01ab0333220a980aeb8a846b6eb5ae9fa285781e505d7caaab32cfbcfda0
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els25.noarch.rpm
38cd19ef2904fd311e8db45a443a33fa6394a7c788272144f7949a5fdddf4fce
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els25.noarch.rpm
0903555dddd2bc665047bbb86dfe8a579bdb111ab70da7fabee1d36ff9740569
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm
f1378751d50043939e7b730942b7dde5be82f35a3d593774000f187efc1debbd
perf-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm
766b3be1d00842288707ea51f8c04809930a837ed433614b265ffd238ae44a87
python-perf-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm
1b37f18a0fa528906a104c68d73b43b5e04d428b4bd8ed9eb68770da4c7433f1
CLSA-2025:1758796854
cups: Fix of CVE-2023-4504
TuxCare License Agreement
0
- CVE-2023-4504: check for null terminator after a backslash
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-4504: check for null terminator after a backslash
0
tuxcare-centos6-els
cups-1.4.2-81.el6_10.tuxcare.els1.x86_64.rpm
5afb2048022465f13714e844da908a90b8bda95d80c018b5bbb2be6d56fe30a3
cups-devel-1.4.2-81.el6_10.tuxcare.els1.i686.rpm
087083f86ca7cb8cc0a0ffb3ba56fa9d08fbb1868db036bded6e218210f04e31
cups-devel-1.4.2-81.el6_10.tuxcare.els1.x86_64.rpm
25c47d7d94e158d4e3a30e81cd3599044bb6ebd29d5fad6b415392d121d762ee
cups-libs-1.4.2-81.el6_10.tuxcare.els1.i686.rpm
e7a6d4ef5419624dccaa40948d809acd45eb4ae9d9dd30aea6c1ae263ec78cdb
cups-libs-1.4.2-81.el6_10.tuxcare.els1.x86_64.rpm
9cd0f18a7397bc71bfe08177a2ab798ee8dc80466f5e6f2de802bba557d59470
cups-lpd-1.4.2-81.el6_10.tuxcare.els1.x86_64.rpm
d14cc18906f1cfe58a966f41f3b74451d06ad3ca8a842021e05b7700e1a1e0bf
cups-php-1.4.2-81.el6_10.tuxcare.els1.x86_64.rpm
d34c2be47af886c802d11117fcf8580e13f21211686f8107bf4d0749afcda8ed
CLSA-2025:1758796775
spamassassin: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2020-1930: fix command-execution vulnerability in SpamAssassin .cf parsing
- CVE-2020-1931: fix command-execution vulnerability in SpamAssassin .cf parsing
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-1930: fix command-execution vulnerability in SpamAssassin .cf parsing
- CVE-2020-1931: fix command-execution vulnerability in SpamAssassin .cf parsing
0
tuxcare-centos6-els
spamassassin-3.3.1-3.el6.tuxcare.els1.x86_64.rpm
373c8d8bec135eae53c0a2e0be465af0778f42645ac0f412731d1157977c0220
CLSA-2025:1758711950
glibc: Fix of CVE-2020-1752
TuxCare License Agreement
0
- CVE-2020-1752: fix use-after-free vulnerability in glob
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-1752: fix use-after-free vulnerability in glob
0
tuxcare-centos6-els
glibc-2.12-2.215.el6.tuxcare.els11.i686.rpm
e60cdf0d1075563fc06324a29d051e765d05dc9d0e857454a063a6c292b7965f
glibc-2.12-2.215.el6.tuxcare.els11.x86_64.rpm
f32bb92ccfe4ca49a261c99bbf267a34838f71610e2511ebae4afdcc4cf97ca6
glibc-common-2.12-2.215.el6.tuxcare.els11.x86_64.rpm
396bb6057fa12ffab3b354904579502ada1057dfe4cb54ab8661f28a20f3b519
glibc-devel-2.12-2.215.el6.tuxcare.els11.i686.rpm
83d665029c7799fc9baa0434feface8df8a62aaf2eda2bd5d031ef408af2a82e
glibc-devel-2.12-2.215.el6.tuxcare.els11.x86_64.rpm
adaf875c4f6b58473fb95a867b19c26c2903d3e293962dee98ffa96c96a19365
glibc-headers-2.12-2.215.el6.tuxcare.els11.x86_64.rpm
cf9a6a296dfc70e9f4c526506c30a51353486fb5327ad02f2bc336b0bfc97d48
glibc-static-2.12-2.215.el6.tuxcare.els11.i686.rpm
b0f2cfaae779ac0522ac7495b84b3bec8b35780d1ca110f7595e09369ad8c4b0
glibc-static-2.12-2.215.el6.tuxcare.els11.x86_64.rpm
759acc24c5d439da75d34081c4a81cfcda474d0c7944ac2e5e73e971e3815a0f
glibc-utils-2.12-2.215.el6.tuxcare.els11.x86_64.rpm
101145f55e3e6f07d617c31f91c3fe9a88db9b62faebe2f029ec3cad252697a6
nscd-2.12-2.215.el6.tuxcare.els11.x86_64.rpm
1cb1ba37495ecd8d79550fed80bfad8f28cf6b423aa0842b5bdef75e84522105
CLSA-2025:1758645818
openldap: Fix of 14 CVEs
TuxCare License Agreement
0
- Rebase to 2.4.58 to fix the following vulnerabilities:
- CVE-2020-12243: fix denial of service caused by LDAP search filters with nested
boolean expressions
- CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing
- CVE-2020-36223: fix slapd crash in the Values Return Filter control handling
- CVE-2020-36226: fix slapd crash in the saslAuthzTo processing
- CVE-2020-36228: fix slapd crash in the Certificate List Exact Assertion processing
- CVE-2020-36225: fix double free and slapd crash in the saslAuthzTo processing
- CVE-2020-36227: fix infinite loop in slapd with the cancel_extop Cancel operation
- CVE-2020-36230: fix assertion failure in slapd in the X.509 DN parsing in decode.c
- CVE-2020-25692: fix NULL pointer dereference during a request for renaming RDNs
- CVE-2020-25709: fix assertion failure caused by processing malicious packet
- CVE-2020-36224: fix invalid pointer free and slapd crash in the saslAuthzTo
processing
- CVE-2020-36229: fix slapd crash in the X.509 DN parsing in ad_keystring
- CVE-2020-25710: fix failed assertion in csnNormalize23()
- CVE-2020-36222: fix assertion failure in slapd in the saslAuthzTo validation
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Rebase to 2.4.58 to fix the following vulnerabilities:
- CVE-2020-12243: fix denial of service caused by LDAP search filters with nested
boolean expressions
- CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing
- CVE-2020-36223: fix slapd crash in the Values Return Filter control handling
- CVE-2020-36226: fix slapd crash in the saslAuthzTo processing
- CVE-2020-36228: fix slapd crash in the Certificate List Exact Assertion processing
- CVE-2020-36225: fix double free and slapd crash in the saslAuthzTo processing
- CVE-2020-36227: fix infinite loop in slapd with the cancel_extop Cancel operation
- CVE-2020-36230: fix assertion failure in slapd in the X.509 DN parsing in decode.c
- CVE-2020-25692: fix NULL pointer dereference during a request for renaming RDNs
- CVE-2020-25709: fix assertion failure caused by processing malicious packet
- CVE-2020-36224: fix invalid pointer free and slapd crash in the saslAuthzTo
processing
- CVE-2020-36229: fix slapd crash in the X.509 DN parsing in ad_keystring
- CVE-2020-25710: fix failed assertion in csnNormalize23()
- CVE-2020-36222: fix assertion failure in slapd in the saslAuthzTo validation
0
tuxcare-centos6-els
openldap-2.4.58-1.el6.tuxcare.els1.i686.rpm
711d7ebb88315bba8c9a47c25adddd30aa2dea1b79f88f3ed3ef5e2b03b4dee6
openldap-2.4.58-1.el6.tuxcare.els1.x86_64.rpm
e55ea64b3140aca829b9af805f41fba027101fb66bdba8b77fdc9611e6546b39
openldap-clients-2.4.58-1.el6.tuxcare.els1.x86_64.rpm
a3eaa69475b135027e3c87fef18a0bbd618530116193189660ccaead98fe5e7c
openldap-devel-2.4.58-1.el6.tuxcare.els1.i686.rpm
688143fc1315e84026a79c4d877b01d84a8bdd12b7bb70f835c21724d5098054
openldap-devel-2.4.58-1.el6.tuxcare.els1.x86_64.rpm
a495e7ea44b6a15db33efa89f96c03f4c0a00d0bef4461f4c009bbf5bae889dc
openldap-servers-2.4.58-1.el6.tuxcare.els1.x86_64.rpm
7f2ecf30a63a00403b8fa76bb08ab798a5574602df48e9865a12618215ced80a
openldap-servers-sql-2.4.58-1.el6.tuxcare.els1.x86_64.rpm
db534de362de6290a5c792a86869c52b95bfe6c71dbb8c0f44fdbaebb39c3aa6
CLSA-2025:1758709468
glib2: Fix of CVE-2020-35457
TuxCare License Agreement
0
- CVE-2020-35457: fix integer overflow in g_option_group_add_entries to prevent
potential out-of-bounds write
- Bug775510: avoid calling Standard C string/array functions with NULL arguments
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-35457: fix integer overflow in g_option_group_add_entries to prevent
potential out-of-bounds write
- Bug775510: avoid calling Standard C string/array functions with NULL arguments
0
tuxcare-centos6-els
glib2-2.28.8-12.el6.tuxcare.els4.i686.rpm
6eb7d2b0139690ce6eeabf63072ad63a65a648f0f9acf5d415a1e5e7b5553148
glib2-2.28.8-12.el6.tuxcare.els4.x86_64.rpm
5658fbdc7eade73d6963c83eacd8b9a790e9d7345aa57232a1fc6ebf33bb4ece
glib2-devel-2.28.8-12.el6.tuxcare.els4.i686.rpm
190ed720f2a90745a25b25ac22be79a4b28e55276d11114a4d0535011ae16d6f
glib2-devel-2.28.8-12.el6.tuxcare.els4.x86_64.rpm
803a2fabfdaf7d81cd039fbbac404ad6951b2d99f167b6730db44e1ed3277f03
glib2-doc-2.28.8-12.el6.tuxcare.els4.noarch.rpm
8d709704334054261b57b0e1473d57d0e84d3851403663c3dc4542ac763b180e
glib2-static-2.28.8-12.el6.tuxcare.els4.x86_64.rpm
087ea62abecc1fa02d63f1e46ac8c9a6eac6e8fe9e8c58fc45da221eec4a8188
CLSA-2025:1758645375
libwebp: Fix of CVE-2020-36328
TuxCare License Agreement
0
- CVE-2020-36328: fix a heap-based buffer overflow in WebPDecode*Into functions
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-36328: fix a heap-based buffer overflow in WebPDecode*Into functions
0
tuxcare-centos6-els
libwebp-0.4.3-3.el6.tuxcare.els2.i686.rpm
6183b4748ce1bad3d414730a70362ef21fd2fc267e53517ea533d42c1f951d85
libwebp-0.4.3-3.el6.tuxcare.els2.x86_64.rpm
7a06946e7bc5388f9574f968c6532dc5089c1c7bf4ca167d6338a32e848e06fa
libwebp-devel-0.4.3-3.el6.tuxcare.els2.i686.rpm
14abdba76af24b39bd1688f1d7f372cadc5e94f6aafd644fe3e87efa4457a1a0
libwebp-devel-0.4.3-3.el6.tuxcare.els2.x86_64.rpm
c890ae195c9e2fa211461bbad71ac58683906a64e1f04c95506173745655bcf7
libwebp-java-0.4.3-3.el6.tuxcare.els2.x86_64.rpm
8f222bd00d2133074517184d8b191beb7e1a845bce9cb47097e54c6c72206ce5
libwebp-tools-0.4.3-3.el6.tuxcare.els2.x86_64.rpm
8d8611abb975441b58778929509196396650eb52e4f6952d405d72c875aab9b0
CLSA-2025:1758645976
dovecot: Fix of CVE-2020-12673
TuxCare License Agreement
0
- CVE-2020-12673: fix reading past buffer
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-12673: fix reading past buffer
0
tuxcare-centos6-els
dovecot-2.0.9-23.el6.tuxcare.els1.i686.rpm
29d652d44837cf1183aba9a43db9c16779a1d1c5aaeb02b91666ed1676c3f19c
dovecot-2.0.9-23.el6.tuxcare.els1.x86_64.rpm
649d09fde3ee3169a2ffa8b977d8e2d78368cf9344981ec6aa4db5328c40def8
dovecot-devel-2.0.9-23.el6.tuxcare.els1.i686.rpm
6c37d671186b8633deb1dd6a5b8bc507f1766162df641aa4b1229ea06efdeb1c
dovecot-devel-2.0.9-23.el6.tuxcare.els1.x86_64.rpm
ff8938b57785f06bc36633a4084047cec6ec75ef572a99f8f8973f809d2bd1dc
dovecot-mysql-2.0.9-23.el6.tuxcare.els1.x86_64.rpm
b5828afc414943a69abdc8e8c9cb369ba93ed1fc4d158fd6f627223df96cd4ce
dovecot-pgsql-2.0.9-23.el6.tuxcare.els1.x86_64.rpm
4c9b5a709b1d20e438b6ceec13176a97561204919f42cb63caec2c4e00503a6a
dovecot-pigeonhole-2.0.9-23.el6.tuxcare.els1.x86_64.rpm
39883cd07974d9b0b16fab17e58986c4045922dacbc7fb2473a48b55061c2382
CLSA-2025:1758896552
dovecot: Fix of CVE-2020-12674
TuxCare License Agreement
0
- CVE-2020-12674: fix mishandling of zero length in RPA request to prevent auth
service crash
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-12674: fix mishandling of zero length in RPA request to prevent auth
service crash
0
tuxcare-centos6-els
dovecot-2.0.9-23.el6.tuxcare.els2.i686.rpm
8c2ab53bfafc07cfbe3452e84b588f04be3bcde5fe3d69c9b70dcbb7f45f4afb
dovecot-2.0.9-23.el6.tuxcare.els2.x86_64.rpm
21dd23636238fa0741b687656e91c3a0822f93f04f4b1de040f4181390095b45
dovecot-devel-2.0.9-23.el6.tuxcare.els2.i686.rpm
ee7caf5d14fd0a8121b9a97bbb7d2dec376070ad684724aec814fa8fb42e65dc
dovecot-devel-2.0.9-23.el6.tuxcare.els2.x86_64.rpm
395c3442ac0b575ddc26c21fc26499250913b82b0212240759d2394523aa7bd3
dovecot-mysql-2.0.9-23.el6.tuxcare.els2.x86_64.rpm
64f67a3ab631f996b5c65a04cf3fde2668aa270c54b763d551e9610be505fe16
dovecot-pgsql-2.0.9-23.el6.tuxcare.els2.x86_64.rpm
3d74dfbdf47d665a0ac2045c80a107c3364333086e23cde2d3aafe2a25353beb
dovecot-pigeonhole-2.0.9-23.el6.tuxcare.els2.x86_64.rpm
641c675cf7715d5fdc8c5bd1244dddddf2b743d1f1b6e9cbcebdcdafc7b458c9
CLSA-2025:1758896647
glib2: Fix of CVE-2024-52533
TuxCare License Agreement
0
- CVE-2024-52533: fix off-by-one error and resulting buffer overflow in
gsocks4aproxy.c by increasing SOCKS4_CONN_MSG_LEN
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-52533: fix off-by-one error and resulting buffer overflow in
gsocks4aproxy.c by increasing SOCKS4_CONN_MSG_LEN
0
tuxcare-centos6-els
glib2-2.28.8-12.el6.tuxcare.els5.i686.rpm
4701e4ab55345a7ed6a69e34e568accc5a73974c2e64339c08fc5ff8e069565d
glib2-2.28.8-12.el6.tuxcare.els5.x86_64.rpm
4ce2d75b0c22cd0f6678bbe0b45a4231aeb409781d83b1ad0277022513f5dbb9
glib2-devel-2.28.8-12.el6.tuxcare.els5.i686.rpm
cc6ce7c20c667fc4616b87743cacb946d8b19a36569ad270a99506d8aee327f1
glib2-devel-2.28.8-12.el6.tuxcare.els5.x86_64.rpm
8ceec2204e4adaaa3497d910f25bcbf10d90afe2c931fdfca260f6767791fe15
glib2-doc-2.28.8-12.el6.tuxcare.els5.noarch.rpm
374f60b7db7f85ed3b1470c8785f9eafc1fe4ca7cf03afe68dfb99f78b9ef37b
glib2-static-2.28.8-12.el6.tuxcare.els5.x86_64.rpm
ded1aba627f46fb1401c1fe6e81fbbbc745466c8824e38feba0cdd72f0f06542
CLSA-2025:1759154304
libwebp: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2020-36329: fix use-after-free vulnerability by delaying thread
termination
- CVE-2020-36330: fix out-of-bounds read in ChunkVerifyAndAssign function
- CVE-2020-36331: fix out-of-bounds read in ChunkAssignData function
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-36329: fix use-after-free vulnerability by delaying thread
termination
- CVE-2020-36330: fix out-of-bounds read in ChunkVerifyAndAssign function
- CVE-2020-36331: fix out-of-bounds read in ChunkAssignData function
0
tuxcare-centos6-els
libwebp-0.4.3-3.el6.tuxcare.els3.i686.rpm
12de762ff847e0a46ed5eb3aeadad5dbd8ab1fc1ecd11fa4d84aa944350366d3
libwebp-0.4.3-3.el6.tuxcare.els3.x86_64.rpm
ff69aaed87ee73fbbc9f87c7b087a41708f4f60fe82a33ca70190e5132c428bd
libwebp-devel-0.4.3-3.el6.tuxcare.els3.i686.rpm
f22d5ac7dfcbb0da61c64d4c1c7ab93a6bbf4a1cb22e2326a02fe7f79c18b1a7
libwebp-devel-0.4.3-3.el6.tuxcare.els3.x86_64.rpm
db78bfa6e1c5109bea941f41a069cf3ce5ad0cda604d423bf401d21f8fadfc11
libwebp-java-0.4.3-3.el6.tuxcare.els3.x86_64.rpm
e4041b5af842ccc3fde38fc5f2a93f737a84774847d8a28c5453b37e58cf4c27
libwebp-tools-0.4.3-3.el6.tuxcare.els3.x86_64.rpm
2ff58ad4b1e207b9b95056343871e40f9a0daa3729ae5afcf6af2b81269a3a98
CLSA-2025:1759336759
libxml2: Fix of CVE-2025-6021
TuxCare License Agreement
0
- CVE-2025-6021: fix integer overflows in buffer size calculations
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-6021: fix integer overflows in buffer size calculations
0
tuxcare-centos6-els
libxml2-2.7.6-21.el6_8.1.tuxcare.els10.i686.rpm
9c869ae6ca4a90e03772c43b76e6241f2183a7973a45814ebe07645c0faba834
libxml2-2.7.6-21.el6_8.1.tuxcare.els10.x86_64.rpm
9fa6b5577e99200a198e886a8dae00f171220f42412463f8f7363e56fa84e867
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els10.i686.rpm
143e95fa5f52ec5337519b90756f9dc1efc24b127326edb98be9b19971799c80
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els10.x86_64.rpm
6928c35780a3d684e14326545e4e85fb629b81352944facb4f86e040c399f771
libxml2-python-2.7.6-21.el6_8.1.tuxcare.els10.x86_64.rpm
e5b2eb01bc9f77d3a4d6f61347b733e49121237abcc32e96bf116408c5793a48
libxml2-static-2.7.6-21.el6_8.1.tuxcare.els10.x86_64.rpm
8b829e7025979a304d618f8f498297e5e679a132bf836e7c34945673de01f210
CLSA-2025:1759433716
samba: Fix of CVE-2020-25717
TuxCare License Agreement
0
- CVE-2020-25717: Adapt CVE's patch to Centos 6 based systems where
regular user id starts from 500, so change the default value
of the new config parameters added: "min domain uid" to 500
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-25717: Adapt CVE's patch to Centos 6 based systems where
regular user id starts from 500, so change the default value
of the new config parameters added: "min domain uid" to 500
0
tuxcare-centos6-els
libsmbclient-3.6.23-53.el6_10.tuxcare.els4.i686.rpm
25bd34cf4e04af9b6a415f61e05f7450139e697c1803444df170282b94d75f16
libsmbclient-3.6.23-53.el6_10.tuxcare.els4.x86_64.rpm
90f447c6ef5cb34e2d5dfaf248a4e409032cb61dda3b6757c41c70b757391665
libsmbclient-devel-3.6.23-53.el6_10.tuxcare.els4.i686.rpm
1ec4f70e85ef33aa2520f2a2839541a3e4395a95f20e6fdfd147f286da545ebe
libsmbclient-devel-3.6.23-53.el6_10.tuxcare.els4.x86_64.rpm
0e75594fd4c0e944e55a6776268d9121f9dd781315db7583142921d24a994063
samba-3.6.23-53.el6_10.tuxcare.els4.x86_64.rpm
db679fd150ccc1dc8d8e0e1744a3e9c2702f7a56ca80bebd8b61ba0650e29c3c
samba-client-3.6.23-53.el6_10.tuxcare.els4.x86_64.rpm
bb195559c96f9c2d4dad7763c1f53421b23670023a4ffb823bbd341e86505a45
samba-common-3.6.23-53.el6_10.tuxcare.els4.i686.rpm
8c7882ae8d1c68d6178d50fe2e605888c083263fc345fa1accdc9e255168979e
samba-common-3.6.23-53.el6_10.tuxcare.els4.x86_64.rpm
2e22c7a0b67658392543aa63fa3ac53459efd6a05d7347a601e671caf4a775f0
samba-doc-3.6.23-53.el6_10.tuxcare.els4.x86_64.rpm
f63208b503a321e3eccacb2835512bbcfff14a7a057bae8cf6a26f93381be43a
samba-domainjoin-gui-3.6.23-53.el6_10.tuxcare.els4.x86_64.rpm
10a27f011b29d24c538a9218b31dffaacc709f8364474f0dde90f82a83805863
samba-glusterfs-3.6.23-53.el6_10.tuxcare.els4.x86_64.rpm
430798be2be29b6b7da8ce1d0f6c9dcca39f2c765cd1e453d2f0e0c59d06d655
samba-swat-3.6.23-53.el6_10.tuxcare.els4.x86_64.rpm
e38c564fa8742465a853c35ae0b35a20df22f74cc582fb26795d877a4ccf9b13
samba-winbind-3.6.23-53.el6_10.tuxcare.els4.x86_64.rpm
b8d96a5e92b60941d9b8cf50c99fbed5b09c4f9f1ea7d8de8991acc22797202f
samba-winbind-clients-3.6.23-53.el6_10.tuxcare.els4.i686.rpm
aad706a397c8ec6fcf8c66089d2b20789d80e7dea51db204661a5cf70a34f829
samba-winbind-clients-3.6.23-53.el6_10.tuxcare.els4.x86_64.rpm
4d3cb9e6263cd9fa5464481beed597baa0f403c9a0e644c99a7901769294ac47
samba-winbind-devel-3.6.23-53.el6_10.tuxcare.els4.i686.rpm
85ce586097badd950cd00df8d2cbb3e3ff4d49ff360497ab50dd35acca800091
samba-winbind-devel-3.6.23-53.el6_10.tuxcare.els4.x86_64.rpm
a3690b0072d485e89414d91fcb8ec19e03b01ff6dccf325cad19e1e4ee1771a8
samba-winbind-krb5-locator-3.6.23-53.el6_10.tuxcare.els4.x86_64.rpm
b6a025ec44f0cdaa822283f735661c0b1c3510b95b7614f259f1d16e2e1535d2
CLSA-2025:1759485890
openvpn: Fix of CVE-2020-15078
TuxCare License Agreement
0
- CVE-2020-15078: fix authentication bypass and access to control channel data on
servers configured with deferred authentication
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-15078: fix authentication bypass and access to control channel data on
servers configured with deferred authentication
0
tuxcare-centos6-els
openvpn-2.4.9-1.el6.tuxcare.els2.x86_64.rpm
06c1448fd2cc8824803634f8faf9e181c3004e727bed171dbb05afdc2ff9f9d3
openvpn-devel-2.4.9-1.el6.tuxcare.els2.i686.rpm
2a524288c12f878fd14ebcba207070c7c4b7f48303fa534d01e1b6be6b60ef28
openvpn-devel-2.4.9-1.el6.tuxcare.els2.x86_64.rpm
6fe1afdc5c47e1a4b2550786b3e67532e697a3798fd5e668eca040f279ed6ff8
CLSA-2025:1760112150
nss: Fix of CVE-2020-25648
TuxCare License Agreement
0
- CVE-2020-25648: fix DoS in case of receiving multiple CCS messages
- extended tests
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2020-25648: fix DoS in case of receiving multiple CCS messages
- extended tests
0
tuxcare-centos6-els
nss-3.44.0-12.el6.tuxcare.els8.i686.rpm
56ace6eff1d493fc2e1f72b4e8c0e548007263d5e1d88787f26d5de034a0f170
nss-3.44.0-12.el6.tuxcare.els8.x86_64.rpm
a1a63b758585fbdc13ebc2b539ccb498939939c163507a354f8177c1c494685b
nss-devel-3.44.0-12.el6.tuxcare.els8.i686.rpm
b2bfd15e5e066796dc4ea7d8e1a43c699fd40f0de23c1cc035cd6904edd91664
nss-devel-3.44.0-12.el6.tuxcare.els8.x86_64.rpm
8663336c29b2013322e9394318b0a8c8fcdc69853a3479e0fc49be1b4e7357d3
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els8.i686.rpm
a25bda85af3d67a30f20b49cdce4ae01a102173d8feb532a15e6b7e140910894
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els8.x86_64.rpm
6cdc1c520b17a1ddadcd43dc5c92e4b4334d4ef1609ae0545b937ac8a74aba57
nss-sysinit-3.44.0-12.el6.tuxcare.els8.x86_64.rpm
777d74559cb7a950c931d9dec4ca6cf226de8b732d95f34470ebc3ef3a589766
nss-tools-3.44.0-12.el6.tuxcare.els8.x86_64.rpm
3088728ff61126a5e27752a5a16ebce167e3d69e91eafa76c75e41b1921e554b
CLSA-2025:1760112341
binutils: Fix of CVE-2017-9042
TuxCare License Agreement
0
- CVE-2017-9042: readelf.c fix a possible application crash known as the
"cannot be represented in type long" issue
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2017-9042: readelf.c fix a possible application crash known as the
"cannot be represented in type long" issue
0
tuxcare-centos6-els
binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els9.x86_64.rpm
2b53c70af1027d1be9b53ced22cdada51f0958011a046be522faaba8e4b749c6
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els9.i686.rpm
f0289407dbb4ab2ded0d00f0fec2520170ca1024817d23f9901a4cb29ca4c65e
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els9.x86_64.rpm
53baa653845dd4f5bebc36f1d0b20a995eabdae0b6918d540d9be9f22ff71d4e
CLSA-2025:1760559298
openssl: Fix of CVE-2018-0734
TuxCare License Agreement
0
- CVE-2018-0734: fix timing side channel attack in DSA signature algorithm
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2018-0734: fix timing side channel attack in DSA signature algorithm
0
tuxcare-centos6-els
openssl-1.0.1e-63.el6.tuxcare.els13.i686.rpm
bf6a61544e07b8493c1276ebb3d6fdb0f8de7a8be5d708944654639fe0093675
openssl-1.0.1e-63.el6.tuxcare.els13.x86_64.rpm
1beb9953913746511e51035cd9e9f6472a8d7128977180265be93d5ce89f73d3
openssl-devel-1.0.1e-63.el6.tuxcare.els13.i686.rpm
134e4c87d9ce279b981f66ef1997b639f77a53f512866bef9e8a8f49ce87636e
openssl-devel-1.0.1e-63.el6.tuxcare.els13.x86_64.rpm
411c1a18e086243337e18682670f383a56a8a1f42e1fc58939151193837f83ed
openssl-perl-1.0.1e-63.el6.tuxcare.els13.x86_64.rpm
6b834e44fec721f42f5f024f9f7f8e89a5ecaef490a0f5b56671d8ef4b982629
openssl-static-1.0.1e-63.el6.tuxcare.els13.x86_64.rpm
6b8b7046448032c8873b6f07268a6cf16db4eddd8786008ec47a1e4401b68adb
CLSA-2025:1761139574
libxml2: Fix of CVE-2022-49043
TuxCare License Agreement
0
- CVE-2022-49043: fix use-after-free in xmlXIncludeAddNode, free URI after reporting
the error to avoid use-after-free
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2022-49043: fix use-after-free in xmlXIncludeAddNode, free URI after reporting
the error to avoid use-after-free
0
tuxcare-centos6-els
libxml2-2.7.6-21.el6_8.1.tuxcare.els11.i686.rpm
78f7c7205640c79260b8371e6b8ba6871eed0171b87b3c1df12af861c6583879
libxml2-2.7.6-21.el6_8.1.tuxcare.els11.x86_64.rpm
e212824f8d2f88b9fb849256deae62255eb5127e5533d98fa4de24e99020eff8
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els11.i686.rpm
d061783ecba20419c6d53eb6cb65591d21cd294b0aa83ade2f941810332cd518
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els11.x86_64.rpm
d28b8ff3fc1384a844d5a045dce96ae369c0f08af3e8436720737194f25f953d
libxml2-python-2.7.6-21.el6_8.1.tuxcare.els11.x86_64.rpm
ea3044f3fa87faffeeb8a2de3867331b5717928bd5197d32353ed9abd00080ef
libxml2-static-2.7.6-21.el6_8.1.tuxcare.els11.x86_64.rpm
8e548f2101506a8a6b2b74385a30606fc5cba13a4b253775c7fd3cc86ea2eb8b
CLSA-2025:1762454401
kernel: Fix of 6 CVEs
TuxCare License Agreement
0
- fix: virtio-net: Add validation for used length {CVE-2021-47352}
- xen/netfront: don't use gnttab_query_foreign_access() for mapped status {CVE-2022-23037}
- net/sched: sch_qfq: Fix race condition on qfq_aggregate {CVE-2025-38477}
- net: fix information leakage in /proc/net/ptype {CVE-2022-48757}
- net: atm: fix use after free in lec_send() {CVE-2025-22004}
- ALSA: oss: Fix PCM OSS buffer allocation overflow {CVE-2022-49292}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- fix: virtio-net: Add validation for used length {CVE-2021-47352}
- xen/netfront: don't use gnttab_query_foreign_access() for mapped status {CVE-2022-23037}
- net/sched: sch_qfq: Fix race condition on qfq_aggregate {CVE-2025-38477}
- net: fix information leakage in /proc/net/ptype {CVE-2022-48757}
- net: atm: fix use after free in lec_send() {CVE-2025-22004}
- ALSA: oss: Fix PCM OSS buffer allocation overflow {CVE-2022-49292}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
029fef0810a35978cb74db31a6aa40161d8662cefa849b7405191fe1e86ade56
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els27.noarch.rpm
0f2b75396c6bfa7d8e2199da816834f7f4942b7c23cb129d0c75c029eca65bfe
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
080d686badba80fd790bde7ec0338f6a236d536e4cca279b5ee8675475b5b34f
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els27.i686.rpm
1d2e56736ea9f4f60eb111e3645b12bfc4d73dbd866faf802a94536fb478ac3f
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
d998e72227a921ae48164edb4eec16120fe4e9d909be2add68c182a26ecb8354
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
077dd9719d4b9e901920b906d1cfedee327617fa124b868160eb3b3a012eba56
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els27.noarch.rpm
557cea261ec84f320467527789bc38a9cd88e1f330c8e71635849cdb0127f452
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els27.noarch.rpm
ed24d57518f270d3e80e9dc50ef2b49439e0fa1e16b21d6c4bcef97264cffdc2
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
28782347a435c008b6f32237450d75a468f23c6bcfa9976703eaadc6119c8ff5
perf-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
54c610c6e79f5c8716d4330dee779c4991e3d819df77733b418e8156f2990b29
python-perf-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
e59ad70016151421b8797e2512661d9aa6dca95b07026099036431ab33030fa2
CLSA-2025:1761139764
kernel: Fix of 39 CVEs
TuxCare License Agreement
0
- nfs: fix UAF in direct writes {CVE-2024-26958}
- NFSD: Fix the behavior of READ near OFFSET_MAX {CVE-2022-48827}
- thermal: core: prevent potential string overflow {CVE-2023-52868}
- ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 {CVE-2021-47633}
- RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests {CVE-2021-47391}
- drm/dp_mst: Fix MST sideband message body length check {CVE-2024-56616}
- Squashfs: check the inode number is not the invalid value of zero {CVE-2024-26982}
- wifi: mac80211: fix potential key use-after-free {CVE-2023-52530}
- crypto: qat - resolve race condition during AER recovery {CVE-2024-26974}
- netfilter: validate user input for expected length {CVE-2024-35896}
- wifi: cfg80211: check A-MSDU format more carefully {CVE-2024-35937}
- net: bridge: xmit: make sure we have at least eth header len bytes {CVE-2024-38538}
- bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() {CVE-2024-39487}
- SUNRPC: Fix UAF in svc_tcp_listen_data_ready() {CVE-2023-52885}
- tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383}
- watchdog: Fix possible use-after-free by calling del_timer_sync() {CVE-2021-47321}
- virtio-net: Add validation for used length {CVE-2021-47352}
- USB: core: Fix hang in usb_kill_urb by adding memory barriers {CVE-2022-48760}
- scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901}
- xfs: add bounds checking to xlog_recover_process_data {CVE-2024-41014}
- scsi: mpt3sas: Fix use-after-free warning {CVE-2022-48695}
- jffs2: prevent xattr node from overflowing the eraseblock {CVE-2024-38599}
- ecryptfs: Fix buffer size for tag 66 packet {CVE-2024-38578}
- dlm: fix plock invalid read {CVE-2022-49407}
- media: gspca: cpia1: shift-out-of-bounds in set_flicker {CVE-2023-52764}
- igb: Fix potential invalid memory access in igb_init_module() {CVE-2024-52332}
- jfs: fix shift-out-of-bounds in dbSplit {CVE-2024-56597}
- wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() {CVE-2023-52594}
- pid: take a reference when initializing `cad_pid` {CVE-2021-47118}
- Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg {CVE-2023-51779}
- sched/rt: pick_next_rt_entity(): check list_entry {CVE-2023-1077}
- media: dm1105: Fix use after free bug in dm1105_remove due to race condition {CVE-2023-35824}
- xen/grant-table: add gnttab_try_end_foreign_access() {CVE-2022-23038}
- media: dvb-core: Fix use-after-free due to race at dvb_register_device() {CVE-2022-45884}
- media: dvb-core: Fix use-after-free due on race condition at dvb_net {CVE-2022-45886}
- media: dvb-core: Fix use-after-free on race condition at dvb_frontend {CVE-2022-45885}
- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 {CVE-2022-45919}
- x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit {CVE-2022-25265}
- x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK {CVE-2022-25265}
- x86/elf: Add table to document READ_IMPLIES_EXEC {CVE-2022-25265}
- i2c: i801: Don't generate an interrupt on bus reset {CVE-2021-47153}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- nfs: fix UAF in direct writes {CVE-2024-26958}
- NFSD: Fix the behavior of READ near OFFSET_MAX {CVE-2022-48827}
- thermal: core: prevent potential string overflow {CVE-2023-52868}
- ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 {CVE-2021-47633}
- RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests {CVE-2021-47391}
- drm/dp_mst: Fix MST sideband message body length check {CVE-2024-56616}
- Squashfs: check the inode number is not the invalid value of zero {CVE-2024-26982}
- wifi: mac80211: fix potential key use-after-free {CVE-2023-52530}
- crypto: qat - resolve race condition during AER recovery {CVE-2024-26974}
- netfilter: validate user input for expected length {CVE-2024-35896}
- wifi: cfg80211: check A-MSDU format more carefully {CVE-2024-35937}
- net: bridge: xmit: make sure we have at least eth header len bytes {CVE-2024-38538}
- bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() {CVE-2024-39487}
- SUNRPC: Fix UAF in svc_tcp_listen_data_ready() {CVE-2023-52885}
- tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383}
- watchdog: Fix possible use-after-free by calling del_timer_sync() {CVE-2021-47321}
- virtio-net: Add validation for used length {CVE-2021-47352}
- USB: core: Fix hang in usb_kill_urb by adding memory barriers {CVE-2022-48760}
- scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901}
- xfs: add bounds checking to xlog_recover_process_data {CVE-2024-41014}
- scsi: mpt3sas: Fix use-after-free warning {CVE-2022-48695}
- jffs2: prevent xattr node from overflowing the eraseblock {CVE-2024-38599}
- ecryptfs: Fix buffer size for tag 66 packet {CVE-2024-38578}
- dlm: fix plock invalid read {CVE-2022-49407}
- media: gspca: cpia1: shift-out-of-bounds in set_flicker {CVE-2023-52764}
- igb: Fix potential invalid memory access in igb_init_module() {CVE-2024-52332}
- jfs: fix shift-out-of-bounds in dbSplit {CVE-2024-56597}
- wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() {CVE-2023-52594}
- pid: take a reference when initializing `cad_pid` {CVE-2021-47118}
- Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg {CVE-2023-51779}
- sched/rt: pick_next_rt_entity(): check list_entry {CVE-2023-1077}
- media: dm1105: Fix use after free bug in dm1105_remove due to race condition {CVE-2023-35824}
- xen/grant-table: add gnttab_try_end_foreign_access() {CVE-2022-23038}
- media: dvb-core: Fix use-after-free due to race at dvb_register_device() {CVE-2022-45884}
- media: dvb-core: Fix use-after-free due on race condition at dvb_net {CVE-2022-45886}
- media: dvb-core: Fix use-after-free on race condition at dvb_frontend {CVE-2022-45885}
- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 {CVE-2022-45919}
- x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit {CVE-2022-25265}
- x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK {CVE-2022-25265}
- x86/elf: Add table to document READ_IMPLIES_EXEC {CVE-2022-25265}
- i2c: i801: Don't generate an interrupt on bus reset {CVE-2021-47153}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm
caff98b94b300e263642a08ec80793014af5f7e4f2c0be51fd83c276c0f20c32
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els26.noarch.rpm
2ca39027b1740d473f2ca96cea7447f975e1635d5d9d1123201560548804d176
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm
909e37ccd0f03647aeaadba3966746b8e8bf83909b77407b6e8ecdb8a395c904
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els26.i686.rpm
747d7cd7957580515759edf3eb7f242e2542f52309a51e1a0a9fc2daebb0b18b
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm
db927d8da002643827d020066db23f9b76d7f237f775609f2a9e027f0e4f557d
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm
5b5b3e4e646f7765492e2d7384af9b780618769b39498b7cfa2251bf1a7fb49f
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els26.noarch.rpm
b8cdc7b63a0e31a8b5e499056e4abdc688498b136c05cff0679f43bf5a50869d
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els26.noarch.rpm
6ca63cabbd57967afb8567484305e24526100de200326edd33807784072555bb
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm
637162a6719d88c29a7fcc03abe2a833fcbacc8a0d1d4e5dfd76c0890ac31252
perf-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm
c469007009c0f504feca9dbb66e00474795abb8d57c6f9caf457472f86a3b182
python-perf-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm
f97d1faf877cb52258414042e05e2e7208493ba4ce8cc46fc648e12bdfdc40b5
CLSA-2025:1761859779
libxml2: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2024-56171: fix use-after-free in xmlSchemaIDCFillNodeTables and
xmlSchemaBubbleIDCNodeTables in xmlschemas.c
- CVE-2025-24928: fix stack-based buffer overflow in xmlSnprintfElements in valid.c
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2024-56171: fix use-after-free in xmlSchemaIDCFillNodeTables and
xmlSchemaBubbleIDCNodeTables in xmlschemas.c
- CVE-2025-24928: fix stack-based buffer overflow in xmlSnprintfElements in valid.c
0
tuxcare-centos6-els
libxml2-2.7.6-21.el6_8.1.tuxcare.els12.i686.rpm
60493ad627ada5cf88b487f19b5a5d8db7dca126c1ae0eb46f4810944334d0f8
libxml2-2.7.6-21.el6_8.1.tuxcare.els12.x86_64.rpm
d054165693010392a0e3bda12dc95e672121678329b6b78544ec49f1497f5dcd
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els12.i686.rpm
78b5d309fd930ea34abe8496c4a30ad36667432b69c7f4d147e5fd3d1511c35c
libxml2-devel-2.7.6-21.el6_8.1.tuxcare.els12.x86_64.rpm
b8952c5b215edf85c6dd11f69a94c10ef5e1116694deeb3688e2553ed9806c60
libxml2-python-2.7.6-21.el6_8.1.tuxcare.els12.x86_64.rpm
1e502a8cee92fc4e87367696796b5d31404427a004aa35a6db4cdee56fca3e77
libxml2-static-2.7.6-21.el6_8.1.tuxcare.els12.x86_64.rpm
0e9c97d0864a0f4aeebe065d2558b6265d0ef6bcfb01852ea7c844a06fd2c65c
CLSA-2025:1763543346
squid: Fix of CVE-2025-62168
TuxCare License Agreement
0
- CVE-2025-62168: Fix failure to redact HTTP authentication credentials in error
handling to prevent information disclosure
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-62168: Fix failure to redact HTTP authentication credentials in error
handling to prevent information disclosure
0
tuxcare-centos6-els
squid-3.1.23-30.el6.tuxcare.els15.x86_64.rpm
ab5a1e9efbf56fe162c7fde508c43b4897c90882d803163f96ebeaa9ae6e32d3
CLSA-2025:1763397982
squid34: Fix of CVE-2025-62168
TuxCare License Agreement
0
- CVE-2025-62168: Redact HTTP authentication credentials in error handling to
prevent information disclosure
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-62168: Redact HTTP authentication credentials in error handling to
prevent information disclosure
0
tuxcare-centos6-els
squid34-3.4.14-16.el6.tuxcare.els11.x86_64.rpm
b85e1eda3af78e070fe95fd5b9b5d8f4a810fbcffc2c9836a25881f622413f13
CLSA-2026:1768669128
kernel: Fix of 39 CVEs
TuxCare License Agreement
0
- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times {CVE-2022-50419}
- firewire: net: fix use after free in fwnet_finish_incoming_packet() {CVE-2023-53432}
- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() {CVE-2022-50408}
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() {CVE-2023-1380}
- wifi: mac80211_hwsim: drop short frames {CVE-2023-53321}
- wifi: cfg80211: Fix use after free for wext {CVE-2023-53153}
- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() {CVE-2022-50422}
- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work {CVE-2025-39863}
- NFSD: Protect against send buffer overflow in NFSv2 READ {CVE-2022-43945}
- can: bcm: add locking for bcm_op runtime updates {CVE-2025-38004}
- Squashfs: check return result of sb_min_blocksize {CVE-2025-38415}
- scsi: qla2xxx: Wait for io return on terminate rport {CVE-2023-53322}
- fs: fix UAF/GPF bug in nilfs_mdt_destroy {CVE-2022-2978}
- ipv6: Fix infinite recursion in fib6_dump_done(). {CVE-2024-35886}
- wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157}
- atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). {CVE-2025-38245}
- atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459}
- smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051}
- spec: merge oraclelinux6els changes
- ip6mr: Fix skb_under_panic in ip6mr_cache_report() {CVE-2023-53365}
- ipvs: fix WARNING in ip_vs_app_net_cleanup() {CVE-2022-49917}
- ipvs: fix WARNING in __ip_vs_cleanup_batch() {CVE-2022-49918}
- ipvs: use explicitly signed chars
- HID: core: Harden s32ton() against conversion to 0 bits {CVE-2025-38556}
- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too {CVE-2025-37823}
- xen/netfront: react properly to failing gnttab_end_foreign_access_ref() {CVE-2022-48900}
- netlink: prevent potential spectre v1 gadgets {CVE-2023-53000}
- mtd: inftlcore: Add error check for inftl_read_oob() {CVE-2025-37892}
- igb: Do not free q_vector unless new one was allocated {CVE-2022-50252}
- scsi: target: Fix WRITE_SAME No Data Buffer crash {CVE-2022-21546}
- net: mdio: fix undefined behavior in bit shift for __mdiobus_register {CVE-2022-49907}
- capabilities: fix undefined behavior in bit shift for CAP_TO_MASK {CVE-2022-49870}
- wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() {CVE-2022-50258}
- md-raid10: fix KASAN warning {CVE-2022-50211}
- usb: xhci: Fix isochronous Ring Underrun/Overrun event handling {CVE-2025-37882}
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control {CVE-2025-39751}
- crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373}
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() {CVE-2024-58014}
- isofs: Prevent the use of too small fid {CVE-2025-37780}
- net: openvswitch: fix nested key length validation in the set() action {CVE-2025-37789}
- partitions: mac: fix handling of bogus partition table {CVE-2025-21772}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times {CVE-2022-50419}
- firewire: net: fix use after free in fwnet_finish_incoming_packet() {CVE-2023-53432}
- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() {CVE-2022-50408}
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() {CVE-2023-1380}
- wifi: mac80211_hwsim: drop short frames {CVE-2023-53321}
- wifi: cfg80211: Fix use after free for wext {CVE-2023-53153}
- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() {CVE-2022-50422}
- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work {CVE-2025-39863}
- NFSD: Protect against send buffer overflow in NFSv2 READ {CVE-2022-43945}
- can: bcm: add locking for bcm_op runtime updates {CVE-2025-38004}
- Squashfs: check return result of sb_min_blocksize {CVE-2025-38415}
- scsi: qla2xxx: Wait for io return on terminate rport {CVE-2023-53322}
- fs: fix UAF/GPF bug in nilfs_mdt_destroy {CVE-2022-2978}
- ipv6: Fix infinite recursion in fib6_dump_done(). {CVE-2024-35886}
- wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157}
- atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). {CVE-2025-38245}
- atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459}
- smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051}
- spec: merge oraclelinux6els changes
- ip6mr: Fix skb_under_panic in ip6mr_cache_report() {CVE-2023-53365}
- ipvs: fix WARNING in ip_vs_app_net_cleanup() {CVE-2022-49917}
- ipvs: fix WARNING in __ip_vs_cleanup_batch() {CVE-2022-49918}
- ipvs: use explicitly signed chars
- HID: core: Harden s32ton() against conversion to 0 bits {CVE-2025-38556}
- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too {CVE-2025-37823}
- xen/netfront: react properly to failing gnttab_end_foreign_access_ref() {CVE-2022-48900}
- netlink: prevent potential spectre v1 gadgets {CVE-2023-53000}
- mtd: inftlcore: Add error check for inftl_read_oob() {CVE-2025-37892}
- igb: Do not free q_vector unless new one was allocated {CVE-2022-50252}
- scsi: target: Fix WRITE_SAME No Data Buffer crash {CVE-2022-21546}
- net: mdio: fix undefined behavior in bit shift for __mdiobus_register {CVE-2022-49907}
- capabilities: fix undefined behavior in bit shift for CAP_TO_MASK {CVE-2022-49870}
- wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() {CVE-2022-50258}
- md-raid10: fix KASAN warning {CVE-2022-50211}
- usb: xhci: Fix isochronous Ring Underrun/Overrun event handling {CVE-2025-37882}
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control {CVE-2025-39751}
- crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373}
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() {CVE-2024-58014}
- isofs: Prevent the use of too small fid {CVE-2025-37780}
- net: openvswitch: fix nested key length validation in the set() action {CVE-2025-37789}
- partitions: mac: fix handling of bogus partition table {CVE-2025-21772}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm
4870f69ea1b9b4cb23214e4a7a94a0fb0b16f3a2ebb2756db16b817ef6dfe273
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els28.noarch.rpm
3da6d4f2956285ba53147d117b71d6ffc71cc8ab3ccbd83d9ab1fd9da14d1fc7
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm
b6cfa29e267bfa7cb813eb20b9999c0932dfbc3fa963d8761c471a8238adbcdd
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els28.i686.rpm
b8de522149869040af06fe49601615ec6931f080c1e063958ac0ca4dfdc24d6d
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm
571da072ecd6ff5a6b69643591d7d53e9550fbae41f58656602e5231c4936567
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm
1f8b36fc7a29acba0d937829328a1045fcaedee83e821401aa3a5d0feff85e65
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els28.noarch.rpm
bc021ae5d75c96c87415f30244fd66fa42d071a6f5e981ab7f2862ccb741a653
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els28.noarch.rpm
ba03effba9388bcf6d926b5ef02c6c95d7e09d0e459a63292205226d856d2694
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm
a49bb52c9f2f45cc67fec874ed870933991209e6b1836fc4abd4a34f5ad2fb21
perf-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm
b88ed876c1fb7d715a199aa9e10b29db8b3f259d74c8b5e2fa4951ebcedd3c77
python-perf-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm
093a5b004844a95c2c0dea743c42dcc4a81fa4f8603f2324d5b229e2a18d9f9c
CLSA-2026:1770312389
Update of microcode_ctl
TuxCare License Agreement
0
- Update Intel CPU microcode to 20251111:
- Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000410;
- Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b000650;
- Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x3d;
- Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x43a;
- Addition of cpuid:A06D1/0x20 (GNR-AP/SP H0) microcode (in microcode.dat) at
revision 0xa000124;
- Addition of cpuid:A06D1/0x95 (GNR-AP/SP B0) microcode (in microcode.dat) at
revision 0x10003f0;
- Addition of cpuid:A06E1/0x97 microcode (in microcode.dat) at revision
0x1000273;
- Addition of cpuid:B0650/0x80 (ARL-U A1) microcode (in microcode.dat) at
revision 0xa;
- Addition of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at
revision 0x132;
- Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x6133;
- Addition of cpuid:B06D1/0x80 (LNL B0) microcode (in microcode.dat) at
revision 0x125;
- Addition of cpuid:C0652/0x82 (ARL-H A1) microcode (in microcode.dat) at
revision 0x11a;
- Addition of cpuid:C0662/0x82 (ARL-HX 8P/S B0) microcode (in microcode.dat)
at revision 0x11a;
- Addition of cpuid:C0664/0x82 microcode (in microcode.dat) at revision
0x11a;
- Addition of cpuid:C06A2/0x82 microcode (in microcode.dat) at revision
0x11a;
- Addition of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at
revision 0x210002c0;
- Removal of cpuid:50656/0xbf (CLX-SP B0) microcode (in microcode.dat) at
revision 0x4003605;
- Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c0003e0;
- Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b000620;
- Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x38;
- Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x436;
- Removal of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at
revision 0x12c;
- Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x4124;
- Removal of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) at
revision 0x21000291;
- Removal of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at
revision 0x21000291;
- Update of cpuid:50657/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat)
from revision 0x5003707 up to 0x5003901;
- Update of cpuid:5065B/0xbf (CPX-SP A1) microcode (in microcode.dat) from
revision 0x7002904 up to 0x7002b01;
- Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from
revision 0xd0003f5 up to 0xd000410;
- Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from
revision 0x10002c0 up to 0x10002e0;
- Update of cpuid:706A8/0x01 (GLK-R R0) microcode (in microcode.dat) from
revision 0x24 up to 0x26;
- Update of cpuid:706E5/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from
revision 0xc6 up to 0xca;
- Update of cpuid:806C1/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat)
from revision 0xb8 up to 0xbc;
- Update of cpuid:806C2/0xc2 (TGL-R C0) microcode (in microcode.dat) from
revision 0x38 up to 0x3c;
- Update of cpuid:806D1/0xc2 (TGL-H R0) microcode (in microcode.dat) from
revision 0x52 up to 0x56;
- Update of cpuid:806EC/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode
(in microcode.dat) from revision 0xfc up to 0x100;
- Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision
0x2c0003e0 up to 0x2c000410;
- Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from
revision 0x2b000620 up to 0x2b000650;
- Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from
revision 0x2c0003e0 up to 0x2c000410;
- Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from
revision 0x2b000620 up to 0x2b000650;
- Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision
0x2c0003e0 up to 0x2c000410;
- Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from
revision 0x2b000620 up to 0x2b000650;
- Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from
revision 0x2b000620 up to 0x2b000650;
- Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from
revision 0x38 up to 0x3d;
- Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from
revision 0x9 up to 0xb;
- Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from
revision 0x436 up to 0x43a;
- Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat)
from revision 0x102 up to 0x104;
- Update of cpuid:A0652/0x20 (CML-H R1) microcode (in microcode.dat) from
revision 0xfc up to 0x100;
- Update of cpuid:A0653/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from
revision 0xfc up to 0x100;
- Update of cpuid:A0655/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat)
from revision 0xfc up to 0x100;
- Update of cpuid:A0660/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from
revision 0xfe up to 0x102;
- Update of cpuid:A0661/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat)
from revision 0xfc up to 0x100;
- Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from
revision 0x63 up to 0x64;
- Update of cpuid:A06A4/0xe6 (MTL-H/U C0) microcode (in microcode.dat) from
revision 0x20 up to 0x25;
- Update of cpuid:A06F3/0x01 (SRF-SP C0) microcode (in microcode.dat) from
revision 0x3000330 up to 0x3000382;
- Update of cpuid:B0674/0x32 microcode (in microcode.dat) from revision 0x12c
up to 0x132;
- Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from
revision 0x4124 up to 0x6133;
- Update of cpuid:B06A8/0xe0 microcode (in microcode.dat) from revision
0x4124 up to 0x6133;
- Update of cpuid:B06E0/0x19 (ADL-N A0) microcode (in microcode.dat) from
revision 0x1c up to 0x1e;
- Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x38 up to 0x3d;
- Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x38 up to 0x3d;
- Update of cpuid:B06F6/0x07 microcode (in microcode.dat) from revision 0x38
up to 0x3d;
- Update of cpuid:B06F7/0x07 microcode (in microcode.dat) from revision 0x38
up to 0x3d;
- Update of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) from
revision 0x21000291 up to 0x210002c0;
- Update AMD CPU microcode to 2026-01-10:
- Addition AMD CPU microcode for processor family 0x1a:
cpuid:0x00B00F21(ver:0x0B002161), cpuid:0x00B00F81(ver:0x0B008121),
cpuid:0x00B10F10(ver:0x0B101058), cpuid:0x00B20F40(ver:0x0B204037),
cpuid:0x00B40F40(ver:0x0B404035), cpuid:0x00B40F41(ver:0x0B404108),
cpuid:0x00B60F00(ver:0x0B600037), cpuid:0x00B60F80(ver:0x0B608038),
cpuid:0x00B70F00(ver:0x0B700037);
- Update AMD CPU microcode for processor family 0x19:
cpuid:0x00A00F11(ver:0x0A0011DE), cpuid:0x00A00F12(ver:0x0A001247),
cpuid:0x00A00F82(ver:0x0A00820D), cpuid:0x00A10F11(ver:0x0A101158),
cpuid:0x00A10F12(ver:0x0A101253), cpuid:0x00A10F81(ver:0x0A108109),
cpuid:0x00A20F10(ver:0x0A20102E), cpuid:0x00A20F12(ver:0x0A201211),
cpuid:0x00A40F41(ver:0x0A404108), cpuid:0x00A50F00(ver:0x0A500012),
cpuid:0x00A60F12(ver:0x0A60120A), cpuid:0x00A70F41(ver:0x0A704108),
cpuid:0x00A70F52(ver:0x0A705208), cpuid:0x00A70F80(ver:0x0A708008),
cpuid:0x00A70FC0(ver:0x0A70C008), cpuid:0x00AA0F02(ver:0x0AA0021C);
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Update Intel CPU microcode to 20251111:
- Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c000410;
- Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b000650;
- Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x3d;
- Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x43a;
- Addition of cpuid:A06D1/0x20 (GNR-AP/SP H0) microcode (in microcode.dat) at
revision 0xa000124;
- Addition of cpuid:A06D1/0x95 (GNR-AP/SP B0) microcode (in microcode.dat) at
revision 0x10003f0;
- Addition of cpuid:A06E1/0x97 microcode (in microcode.dat) at revision
0x1000273;
- Addition of cpuid:B0650/0x80 (ARL-U A1) microcode (in microcode.dat) at
revision 0xa;
- Addition of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at
revision 0x132;
- Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x6133;
- Addition of cpuid:B06D1/0x80 (LNL B0) microcode (in microcode.dat) at
revision 0x125;
- Addition of cpuid:C0652/0x82 (ARL-H A1) microcode (in microcode.dat) at
revision 0x11a;
- Addition of cpuid:C0662/0x82 (ARL-HX 8P/S B0) microcode (in microcode.dat)
at revision 0x11a;
- Addition of cpuid:C0664/0x82 microcode (in microcode.dat) at revision
0x11a;
- Addition of cpuid:C06A2/0x82 microcode (in microcode.dat) at revision
0x11a;
- Addition of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at
revision 0x210002c0;
- Removal of cpuid:50656/0xbf (CLX-SP B0) microcode (in microcode.dat) at
revision 0x4003605;
- Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at
revision 0x2c0003e0;
- Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at
revision 0x2b000620;
- Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat)
at revision 0x38;
- Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
microcode.dat) at revision 0x436;
- Removal of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at
revision 0x12c;
- Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
microcode.dat) at revision 0x4124;
- Removal of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) at
revision 0x21000291;
- Removal of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at
revision 0x21000291;
- Update of cpuid:50657/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat)
from revision 0x5003707 up to 0x5003901;
- Update of cpuid:5065B/0xbf (CPX-SP A1) microcode (in microcode.dat) from
revision 0x7002904 up to 0x7002b01;
- Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from
revision 0xd0003f5 up to 0xd000410;
- Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from
revision 0x10002c0 up to 0x10002e0;
- Update of cpuid:706A8/0x01 (GLK-R R0) microcode (in microcode.dat) from
revision 0x24 up to 0x26;
- Update of cpuid:706E5/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from
revision 0xc6 up to 0xca;
- Update of cpuid:806C1/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat)
from revision 0xb8 up to 0xbc;
- Update of cpuid:806C2/0xc2 (TGL-R C0) microcode (in microcode.dat) from
revision 0x38 up to 0x3c;
- Update of cpuid:806D1/0xc2 (TGL-H R0) microcode (in microcode.dat) from
revision 0x52 up to 0x56;
- Update of cpuid:806EC/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode
(in microcode.dat) from revision 0xfc up to 0x100;
- Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision
0x2c0003e0 up to 0x2c000410;
- Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from
revision 0x2b000620 up to 0x2b000650;
- Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from
revision 0x2c0003e0 up to 0x2c000410;
- Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from
revision 0x2b000620 up to 0x2b000650;
- Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision
0x2c0003e0 up to 0x2c000410;
- Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from
revision 0x2b000620 up to 0x2b000650;
- Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from
revision 0x2b000620 up to 0x2b000650;
- Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from
revision 0x38 up to 0x3d;
- Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from
revision 0x9 up to 0xb;
- Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from
revision 0x436 up to 0x43a;
- Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat)
from revision 0x102 up to 0x104;
- Update of cpuid:A0652/0x20 (CML-H R1) microcode (in microcode.dat) from
revision 0xfc up to 0x100;
- Update of cpuid:A0653/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from
revision 0xfc up to 0x100;
- Update of cpuid:A0655/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat)
from revision 0xfc up to 0x100;
- Update of cpuid:A0660/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from
revision 0xfe up to 0x102;
- Update of cpuid:A0661/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat)
from revision 0xfc up to 0x100;
- Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from
revision 0x63 up to 0x64;
- Update of cpuid:A06A4/0xe6 (MTL-H/U C0) microcode (in microcode.dat) from
revision 0x20 up to 0x25;
- Update of cpuid:A06F3/0x01 (SRF-SP C0) microcode (in microcode.dat) from
revision 0x3000330 up to 0x3000382;
- Update of cpuid:B0674/0x32 microcode (in microcode.dat) from revision 0x12c
up to 0x132;
- Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from
revision 0x4124 up to 0x6133;
- Update of cpuid:B06A8/0xe0 microcode (in microcode.dat) from revision
0x4124 up to 0x6133;
- Update of cpuid:B06E0/0x19 (ADL-N A0) microcode (in microcode.dat) from
revision 0x1c up to 0x1e;
- Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x38 up to 0x3d;
- Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from
revision 0x38 up to 0x3d;
- Update of cpuid:B06F6/0x07 microcode (in microcode.dat) from revision 0x38
up to 0x3d;
- Update of cpuid:B06F7/0x07 microcode (in microcode.dat) from revision 0x38
up to 0x3d;
- Update of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) from
revision 0x21000291 up to 0x210002c0;
- Update AMD CPU microcode to 2026-01-10:
- Addition AMD CPU microcode for processor family 0x1a:
cpuid:0x00B00F21(ver:0x0B002161), cpuid:0x00B00F81(ver:0x0B008121),
cpuid:0x00B10F10(ver:0x0B101058), cpuid:0x00B20F40(ver:0x0B204037),
cpuid:0x00B40F40(ver:0x0B404035), cpuid:0x00B40F41(ver:0x0B404108),
cpuid:0x00B60F00(ver:0x0B600037), cpuid:0x00B60F80(ver:0x0B608038),
cpuid:0x00B70F00(ver:0x0B700037);
- Update AMD CPU microcode for processor family 0x19:
cpuid:0x00A00F11(ver:0x0A0011DE), cpuid:0x00A00F12(ver:0x0A001247),
cpuid:0x00A00F82(ver:0x0A00820D), cpuid:0x00A10F11(ver:0x0A101158),
cpuid:0x00A10F12(ver:0x0A101253), cpuid:0x00A10F81(ver:0x0A108109),
cpuid:0x00A20F10(ver:0x0A20102E), cpuid:0x00A20F12(ver:0x0A201211),
cpuid:0x00A40F41(ver:0x0A404108), cpuid:0x00A50F00(ver:0x0A500012),
cpuid:0x00A60F12(ver:0x0A60120A), cpuid:0x00A70F41(ver:0x0A704108),
cpuid:0x00A70F52(ver:0x0A705208), cpuid:0x00A70F80(ver:0x0A708008),
cpuid:0x00A70FC0(ver:0x0A70C008), cpuid:0x00AA0F02(ver:0x0AA0021C);
0
tuxcare-centos6-els
microcode_ctl-1.17-33.44.el6_10.tuxcare.els1.x86_64.rpm
0398efd4c5723fda10fb564c2ebbd771948d82f9fb27be19fba5efbd9f3a2b66
CLSA-2026:1770734656
expat: Fix of CVE-2026-24515
TuxCare License Agreement
0
- CVE-2026-24515: Fix a null pointer dereference in the XML parser caused by the
failure to copy user data for unknown encoding handlers
Low
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2026-24515: Fix a null pointer dereference in the XML parser caused by the
failure to copy user data for unknown encoding handlers
0
tuxcare-centos6-els
expat-2.0.1-13.el6_8.tuxcare.els6.i686.rpm
cfc433acfb26823a0f45579f65348c9f9313c81fc3966b7af0c840186cf561f7
expat-2.0.1-13.el6_8.tuxcare.els6.x86_64.rpm
654b8f4760db9b9c653982fcf8d8e1131f940d6701ff6fd887883ed7d45e95c2
expat-devel-2.0.1-13.el6_8.tuxcare.els6.i686.rpm
d453cee4bfb4882c71dbf964cf851dda2d64ce0f794059f390ac416c4de4e0da
expat-devel-2.0.1-13.el6_8.tuxcare.els6.x86_64.rpm
921a2d3237d0fa286c9d8b57f3b90864dd8fc5a3227048ea565ba0d51fea7454
CLSA-2026:1771238245
kernel: Fix of 13 CVEs
TuxCare License Agreement
0
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit {CVE-2025-38685}
- cnic: Fix use-after-free bugs in cnic_delete_task {CVE-2025-39945}
- scsi: bfa: Double-free fix {CVE-2025-38699}
- fbdev: fix potential buffer overflow in do_register_framebuffer() {CVE-2025-38702}
- scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521}
- scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675}
- usb: core: config: Prevent OOB read in SS endpoint companion parsing {CVE-2025-39760}
- media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() {CVE-2025-38680}
- fs/buffer: fix use-after-free when call bh_read() helper {CVE-2025-39691}
- mmc: core: replace sprintf() with scnprintf() for sysfs output {CVE-2022-49267}
- ubi: ensure that VID header offset + VID header size <= alloc, size {CVE-2023-53265}
- scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write {CVE-2023-53282}
- Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" {CVE-2023-53063}
- Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition {CVE-2023-53063}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit {CVE-2025-38685}
- cnic: Fix use-after-free bugs in cnic_delete_task {CVE-2025-39945}
- scsi: bfa: Double-free fix {CVE-2025-38699}
- fbdev: fix potential buffer overflow in do_register_framebuffer() {CVE-2025-38702}
- scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521}
- scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675}
- usb: core: config: Prevent OOB read in SS endpoint companion parsing {CVE-2025-39760}
- media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() {CVE-2025-38680}
- fs/buffer: fix use-after-free when call bh_read() helper {CVE-2025-39691}
- mmc: core: replace sprintf() with scnprintf() for sysfs output {CVE-2022-49267}
- ubi: ensure that VID header offset + VID header size <= alloc, size {CVE-2023-53265}
- scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write {CVE-2023-53282}
- Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" {CVE-2023-53063}
- Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition {CVE-2023-53063}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm
5aa5e350382e4517d72aad417ccb9b91582badc2520b38666299ef4b919307cd
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els29.noarch.rpm
ead3f06067ea3d550bc84440b22602f67de456a114442223492096a3e28a204a
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm
77fc30c462935f5215ebfe72756f7eebe03e83c9fa2f20fe43ab524e3da084a7
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els29.i686.rpm
2504c71c576b5701e5cbbc23073313296fd349a2f8316fb62ff5a7820b7cb074
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm
fd88ace1b9ada859ee71bf4544a0db1c66f6a1bcfe4076b7b0a5349fd4980c3e
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm
4a2942e3b3d6af965eba3970ca0ab4e1c200a8cbbe266d76c8ff3efde2da91d1
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els29.noarch.rpm
83f0b7cd362425900f9f598116030eec5e7d96d62e38fad305defd041f73d173
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els29.noarch.rpm
e93b365cb7c182805d4dcc54a508b92018ee2829adec646a714767d3b20a33ef
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm
1dc019ae368e1ab3e673ac36fe8ac7416fbc02bb71d446818f551b8425d6510c
perf-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm
8c5fb4c4d7dec7bca8d7b5cbc698631bcf349723872f90aa18a6b502857d135d
python-perf-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm
7614dc8238aec3962d1fcac8f39c94f0e6410ac8e5a7702e076e50c4c1be9ff5
CLSA-2026:1771411317
Update of ca-certificates
TuxCare License Agreement
0
- update to CKBI 2.82 from NSS 3.120
- updated certificates:
- # Certificate "GlobalSign Root CA"
- # Certificate "Entrust.net Premium 2048 Secure Server CA"
- # Certificate "Comodo AAA Services root"
- # Certificate "XRamp Global CA Root"
- # Certificate "Go Daddy Class 2 CA"
- # Certificate "Starfield Class 2 CA"
- removed certificates:
- # Certificate "Baltimore CyberTrust Root"
- added certificates:
- # Certificate "TrustAsia SMIME ECC Root CA"
- # Certificate "TrustAsia SMIME RSA Root CA"
- # Certificate "TrustAsia TLS ECC Root CA"
- # Certificate "TrustAsia TLS RSA Root CA"
- # Certificate "SwissSign RSA SMIME Root CA 2022 - 1"
- # Certificate "SwissSign RSA TLS Root CA 2022 - 1"
- # Certificate "OISTE Client Root ECC G1"
- # Certificate "OISTE Client Root RSA G1"
- # Certificate "OISTE Server Root ECC G1"
- # Certificate " OISTE Server Root RSA G1"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- update to CKBI 2.82 from NSS 3.120
- updated certificates:
- # Certificate "GlobalSign Root CA"
- # Certificate "Entrust.net Premium 2048 Secure Server CA"
- # Certificate "Comodo AAA Services root"
- # Certificate "XRamp Global CA Root"
- # Certificate "Go Daddy Class 2 CA"
- # Certificate "Starfield Class 2 CA"
- removed certificates:
- # Certificate "Baltimore CyberTrust Root"
- added certificates:
- # Certificate "TrustAsia SMIME ECC Root CA"
- # Certificate "TrustAsia SMIME RSA Root CA"
- # Certificate "TrustAsia TLS ECC Root CA"
- # Certificate "TrustAsia TLS RSA Root CA"
- # Certificate "SwissSign RSA SMIME Root CA 2022 - 1"
- # Certificate "SwissSign RSA TLS Root CA 2022 - 1"
- # Certificate "OISTE Client Root ECC G1"
- # Certificate "OISTE Client Root RSA G1"
- # Certificate "OISTE Server Root ECC G1"
- # Certificate " OISTE Server Root RSA G1"
0
tuxcare-centos6-els
ca-certificates-2026.2.82-60.1.el6.tuxcare.els1.noarch.rpm
fb7d8b80890ac550fa2584b0fc9d3ef86d3de0228d9480dfe3aec6bb74e323a3
CLSA-2026:1771410337
Update of nss
TuxCare License Agreement
0
- update to CKBI 2.82 from NSS 3.120
- updated certificates:
- # Certificate "GlobalSign Root CA"
- # Certificate "Entrust.net Premium 2048 Secure Server CA"
- # Certificate "Comodo AAA Services root"
- # Certificate "XRamp Global CA Root"
- # Certificate "Go Daddy Class 2 CA"
- # Certificate "Starfield Class 2 CA"
- removed certificates:
- # Certificate "Baltimore CyberTrust Root"
- added certificates:
- # Certificate "TrustAsia SMIME ECC Root CA"
- # Certificate "TrustAsia SMIME RSA Root CA"
- # Certificate "TrustAsia TLS ECC Root CA"
- # Certificate "TrustAsia TLS RSA Root CA"
- # Certificate "SwissSign RSA SMIME Root CA 2022 - 1"
- # Certificate "SwissSign RSA TLS Root CA 2022 - 1"
- # Certificate "OISTE Client Root ECC G1"
- # Certificate "OISTE Client Root RSA G1"
- # Certificate "OISTE Server Root ECC G1"
- # Certificate "OISTE Server Root RSA G1"
None
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- update to CKBI 2.82 from NSS 3.120
- updated certificates:
- # Certificate "GlobalSign Root CA"
- # Certificate "Entrust.net Premium 2048 Secure Server CA"
- # Certificate "Comodo AAA Services root"
- # Certificate "XRamp Global CA Root"
- # Certificate "Go Daddy Class 2 CA"
- # Certificate "Starfield Class 2 CA"
- removed certificates:
- # Certificate "Baltimore CyberTrust Root"
- added certificates:
- # Certificate "TrustAsia SMIME ECC Root CA"
- # Certificate "TrustAsia SMIME RSA Root CA"
- # Certificate "TrustAsia TLS ECC Root CA"
- # Certificate "TrustAsia TLS RSA Root CA"
- # Certificate "SwissSign RSA SMIME Root CA 2022 - 1"
- # Certificate "SwissSign RSA TLS Root CA 2022 - 1"
- # Certificate "OISTE Client Root ECC G1"
- # Certificate "OISTE Client Root RSA G1"
- # Certificate "OISTE Server Root ECC G1"
- # Certificate "OISTE Server Root RSA G1"
0
tuxcare-centos6-els
nss-3.44.0-12.el6.tuxcare.els9.i686.rpm
2602c0c8c84eaddeea78438168693b50d61bdeec9e9355b9904d9804ccc93b35
nss-3.44.0-12.el6.tuxcare.els9.x86_64.rpm
7b236b16e65bbf169432c1a9f511cf588e30b67cd627d97dae556aca47ce5e76
nss-devel-3.44.0-12.el6.tuxcare.els9.i686.rpm
2c852d686b3735add3a28c4286db457e714c178ce5a76f589276f920f336352f
nss-devel-3.44.0-12.el6.tuxcare.els9.x86_64.rpm
65c32ca6c1d4653f25a156142abaad45f196bfd2f9dcc89aee930e0c6a18825b
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els9.i686.rpm
a1926fa7115626e901b7adfe56ced39389da121bc530f71bfd7438b39ab06214
nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els9.x86_64.rpm
671d66c279095bd1266993f41d96c32567ad1e4df48f64d83342def3f2b2aac8
nss-sysinit-3.44.0-12.el6.tuxcare.els9.x86_64.rpm
2bfdee78ca82a02791665ed2fc5943f9a9acbd7ac67211d37e181740a91ac149
nss-tools-3.44.0-12.el6.tuxcare.els9.x86_64.rpm
2370c2107d5c8d9e7fcba2d830f02563cc01ebff237a47cf6423162f5bd17bd5
CLSA-2026:1771580716
glib2: Fix of CVE-2025-14087
TuxCare License Agreement
0
- CVE-2025-14087: Fix integer overflow in GVariant parser leading to heap
corruption via buffer underflow when processing malicious input strings
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-14087: Fix integer overflow in GVariant parser leading to heap
corruption via buffer underflow when processing malicious input strings
0
tuxcare-centos6-els
glib2-2.28.8-12.el6.tuxcare.els6.i686.rpm
f74898b45cb5fdeb21d6c6cfd772b7d811c1cec974a2e7cf31489df1f5a44907
glib2-2.28.8-12.el6.tuxcare.els6.x86_64.rpm
20fbe8960ef3a59fdb41d0ef1fc5b837dea534d338048d329736bd570b4749d2
glib2-devel-2.28.8-12.el6.tuxcare.els6.i686.rpm
a2cb0595ebedcd0ae07c71dfad03c2ff179331dc3343a5ec27abe0918c4a72f7
glib2-devel-2.28.8-12.el6.tuxcare.els6.x86_64.rpm
bb6b2e9b905f039acbde52cd6da38bb74fad5e71c3f92b6c4f583ecac4d19bb3
glib2-doc-2.28.8-12.el6.tuxcare.els6.noarch.rpm
da6f0dc44cc7a45778831d357dbf8224f2a1cce38104f03716e45306b5b8df4c
glib2-static-2.28.8-12.el6.tuxcare.els6.x86_64.rpm
c18f429b434787c3d98ab977fcc91dbd75a99ff29b8bcc691808d26e8472c877
CLSA-2026:1771926895
python: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2018-1060: fix catastrophic backtracking in APOP method, prevent denial of
service, add input validation and enforce backtracking limits
- CVE-2018-1061: fix catastrophic backtracking in the difflib.IS_LINE_JUNK method
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2018-1060: fix catastrophic backtracking in APOP method, prevent denial of
service, add input validation and enforce backtracking limits
- CVE-2018-1061: fix catastrophic backtracking in the difflib.IS_LINE_JUNK method
0
tuxcare-centos6-els
python-2.6.6-70.el6.tuxcare.els16.i686.rpm
b0673e2308adf0d09d3d0de6f57f0a60b819dc8c73bd4e125d43fcc1342a5928
python-2.6.6-70.el6.tuxcare.els16.x86_64.rpm
619912d118424a03f39861991153af7d91dd6432b87844cdfeb30f0b13025a9d
python-devel-2.6.6-70.el6.tuxcare.els16.i686.rpm
66f980244d93ea4b87095a189043172b2881bab378760332cf1ff56595a218bd
python-devel-2.6.6-70.el6.tuxcare.els16.x86_64.rpm
6dad29d92cc7586c1c617dc7046aa3df75fa621de32c4b333134263985f5bd23
python-libs-2.6.6-70.el6.tuxcare.els16.i686.rpm
61724d439a515f6d5688164dab8601aa1c23c51e484bd2410bbcb57edecd7c8c
python-libs-2.6.6-70.el6.tuxcare.els16.x86_64.rpm
4857304a752a40c42f15c03b85b26a717b9ff254dbda038ebf130acfc65cbf5d
python-test-2.6.6-70.el6.tuxcare.els16.x86_64.rpm
5c3c99fe3f420db94d0743138b5e875e15357c9524db9b2e4e4cbfed55c55e5e
python-tools-2.6.6-70.el6.tuxcare.els16.x86_64.rpm
66172faf2ad06e444c2013efd9701124cd924911cec24020dc4fd10c0c2ce0c7
tkinter-2.6.6-70.el6.tuxcare.els16.x86_64.rpm
a708808b5a687aa82f67dd7af70dff12bb3ba795ef6572346170e29befafbc91
CLSA-2026:1772454796
zlib: Fix of CVE-2016-9843
TuxCare License Agreement
0
- CVE-2016-9843: avoid pre-decrement of pointer in big-endian CRC calculation
Critical
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2016-9843: avoid pre-decrement of pointer in big-endian CRC calculation
0
tuxcare-centos6-els
minizip-1.2.3-29.el6.tuxcare.els4.i686.rpm
b32b6c9b004a03eab27a19d2837a829870f76ab7aeac85db0d2a434085bd7eb8
minizip-1.2.3-29.el6.tuxcare.els4.x86_64.rpm
9812f2aa4aa21b1a42b446166888303a70b0ed889e156ef71e30b74c5c68bcb0
minizip-devel-1.2.3-29.el6.tuxcare.els4.i686.rpm
cf026476ef93571eb8447dbffb4ccd5ec7750e94023dfad92d755351d0499651
minizip-devel-1.2.3-29.el6.tuxcare.els4.x86_64.rpm
dca6b1e740b0bbca76719e21952f7d9c210a0d14df0672e85b2456be67197858
zlib-1.2.3-29.el6.tuxcare.els4.i686.rpm
3468bf9191b51977c58504bd9870218eabd669344053e53d948c0e861e39a235
zlib-1.2.3-29.el6.tuxcare.els4.x86_64.rpm
767c7f5b18731774f67b2a9caa1c764a4f6a5bb5fdaecf235be42145df7cea1e
zlib-devel-1.2.3-29.el6.tuxcare.els4.i686.rpm
2f21b8ec642dc158a99fff71bb48b56c8b70058d7b5b9fcc4e591fafd0ae2055
zlib-devel-1.2.3-29.el6.tuxcare.els4.x86_64.rpm
dda70c30c9a72eb9c179c41555b8a6c52a0230c0c32fb43ec483ab8a6846c146
zlib-static-1.2.3-29.el6.tuxcare.els4.x86_64.rpm
ae544b991f02c0b8a1b50da957e3c65772d1c1889d3557ff7c5937a7745d1d29
CLSA-2026:1772577130
python: Fix of CVE-2025-8194
TuxCare License Agreement
0
- CVE-2025-8194: tarfile now validates archives to ensure member offsets are
non-negative
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-8194: tarfile now validates archives to ensure member offsets are
non-negative
0
tuxcare-centos6-els
python-2.6.6-70.el6.tuxcare.els17.i686.rpm
6ce026893d10823c15067c64ee3f24da4e400dfed8f764e1803db19c13425e07
python-2.6.6-70.el6.tuxcare.els17.x86_64.rpm
ba14cd3242e83c6f756edbedc7405acc8c545ece4fd076fe206ff6ad87ed6926
python-devel-2.6.6-70.el6.tuxcare.els17.i686.rpm
8cb27dfbe93bb11e7f99a030cbce7451a3b72f24deb273a0bef8a923d999a45a
python-devel-2.6.6-70.el6.tuxcare.els17.x86_64.rpm
94877db7933b28c59114695a5466e89391bcbe15069facc7cd781c1f1e6ae252
python-libs-2.6.6-70.el6.tuxcare.els17.i686.rpm
b8517be5a03f0f7e77f842c320a9fff5358e0ab56b486c0bce4913d2751ee6f3
python-libs-2.6.6-70.el6.tuxcare.els17.x86_64.rpm
545c287509dcd15aa6b09e9ce75c51c56f902b07cfb505671db985f29b2e92cb
python-test-2.6.6-70.el6.tuxcare.els17.x86_64.rpm
9f53a596e7cb9f1893f253c2aec0571fb3d2d37c954e5e13057c25234a42d4b2
python-tools-2.6.6-70.el6.tuxcare.els17.x86_64.rpm
bc5a07800bbbee46dae3c6a5d3b4cc0b62f79e835ecfc0850cb1f30dcd903c63
tkinter-2.6.6-70.el6.tuxcare.els17.x86_64.rpm
f56d97d41bf47751a744f0e42773fd131cf838611f655afa3ad5087a5142d828
CLSA-2026:1773043650
kernel: Fix of 10 CVEs
TuxCare License Agreement
0
- ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer {CVE-2023-53395}
- net: ppp: Add bound checking for skb data on ppp_sync_txmung {CVE-2025-37749}
- ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS {CVE-2022-50315}
- ext2: Check block size validity during mount {CVE-2023-53569}
- gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622}
- netfilter: allow exp not to be removed in nf_ct_find_expectation {CVE-2023-52927}
- bna: ensure the copied buf is NUL terminated {CVE-2024-36934}
- new helper: memdup_user_nul() {CVE-2024-36934}
- udf: Do not bother merging very long extents {CVE-2023-53506}
- ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network {CVE-2022-49865}
- binfmt_misc: fix shift-out-of-bounds in check_special_flags {CVE-2022-50497}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer {CVE-2023-53395}
- net: ppp: Add bound checking for skb data on ppp_sync_txmung {CVE-2025-37749}
- ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS {CVE-2022-50315}
- ext2: Check block size validity during mount {CVE-2023-53569}
- gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622}
- netfilter: allow exp not to be removed in nf_ct_find_expectation {CVE-2023-52927}
- bna: ensure the copied buf is NUL terminated {CVE-2024-36934}
- new helper: memdup_user_nul() {CVE-2024-36934}
- udf: Do not bother merging very long extents {CVE-2023-53506}
- ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network {CVE-2022-49865}
- binfmt_misc: fix shift-out-of-bounds in check_special_flags {CVE-2022-50497}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm
37f28fe68b5b79017cd128e4cc6c386a4bd20ce98ea41cccb6324bcff9e5ee9d
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els30.noarch.rpm
8f1075bf7454dea52d19514390cc2949a068e164ed8a2872bc231fa8cdd4d9ce
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm
3efb54f4022bc6d44ecd8a25b9c4dbe0ae91b505b343b41cb0b6d4d009e53f77
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els30.i686.rpm
61020a93850c278997024ad56d53eb61c7980199480464e4996ce30ccb289464
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm
0ac1b98f613f289b3f007f8049d21047ac4ad23218110f4cc23f841edad3b540
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm
145803f8d51c83afac53e88d34e33533af3fc22ccb7e45f8d5ca91daf0ea3ce1
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els30.noarch.rpm
02d49bd33c9575be81cc71762cb3d9627ade13ec9de7a1d69137da94f536b383
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els30.noarch.rpm
60ed57de5ff2d90b6d0a79cfe76f21759e3615528ec3f45473388bed93604837
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm
361078a2561055078db308c8b3421e50e3e11a6474028e1d73f65f43fb6709f9
perf-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm
f18a96e3d0eb784b5f670b5937ea4c7b08501aced52f0a256d663cd68b9c5d25
python-perf-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm
31ef297c7f94f78aa2c4712040e5df9556843db4da53bb39360ba170422e9e86
CLSA-2026:1773506968
java-1.8.0-openjdk: Fix of 5 CVEs
TuxCare License Agreement
0
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u482-b08. That fixes following CVEs:
- CVE-2025-53057: Security: enforce proper access control in certificate
handling to prevent data tampering
- CVE-2025-53066: JAXP: restrict data access in Path Factory processing to
prevent information disclosure
- CVE-2026-21925: RMI: tighten access controls on JMX connections
- CVE-2026-21933: Networking: harden HttpServer request parsing to prevent
cross-context data manipulation
- CVE-2026-21945: Security: add resource consumption limits in certificate
parsing to prevent DoS
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u482-b08. That fixes following CVEs:
- CVE-2025-53057: Security: enforce proper access control in certificate
handling to prevent data tampering
- CVE-2025-53066: JAXP: restrict data access in Path Factory processing to
prevent information disclosure
- CVE-2026-21925: RMI: tighten access controls on JMX connections
- CVE-2026-21933: Networking: harden HttpServer request parsing to prevent
cross-context data manipulation
- CVE-2026-21945: Security: add resource consumption limits in certificate
parsing to prevent DoS
0
tuxcare-centos6-els
java-1.8.0-openjdk-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm
d7552f292b57cd55a806a431cd497ba5d96f3170e6319d47563f2e1407f0e6dc
java-1.8.0-openjdk-debug-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm
99a5dbda7cbb1684c2e5c81496532043aa83b8a1af1447a99b2258c7b29faea3
java-1.8.0-openjdk-demo-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm
7911e8fa1561aa15eef09c6841f8290265b0c17ee36bf1ab0e0af0a160e965b1
java-1.8.0-openjdk-demo-debug-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm
cf7cc06b1b5916b2779803d2ff798a023f682cfc6489bc876334d530632ece91
java-1.8.0-openjdk-devel-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm
863deda0fee03d0fa5c0616439ec9ca2f151767620d96c1d7931509a6b2a21c3
java-1.8.0-openjdk-devel-debug-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm
28d27feeda36ab91aedac61342793c9bafda3179f60064b5a475e592ef90aab1
java-1.8.0-openjdk-headless-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm
466beabb4ec4629b9c044563b1dcfd4e29207d7451e17cd35fee7f745d3dac28
java-1.8.0-openjdk-headless-debug-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm
b0289a2e1ef78ced21a7b1b2c8848dce9aa53ce86458d6daf2612e3f42b790ae
java-1.8.0-openjdk-javadoc-1.8.0.482.b08-1.el6.tuxcare.els1.noarch.rpm
584ec1f4b1dc30b2dbe17d66b0d320a3ffa71bd3f7dd8ffea5ee7f213917d1e7
java-1.8.0-openjdk-javadoc-debug-1.8.0.482.b08-1.el6.tuxcare.els1.noarch.rpm
3289f48c1882638ad4a73b61349c985d28f0e3b10902610920dd4c7b6d1760e8
java-1.8.0-openjdk-src-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm
2ba361ad5777ee51602cbec03d7a00bfe09dc70689289559355acd40357e456c
java-1.8.0-openjdk-src-debug-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm
f52ee0f1763ff43a2b6fb7362034c45844c03c6def54feadb5d0f062a886e0e5
CLSA-2026:1773506143
vim: Fix of CVE-2026-26269
TuxCare License Agreement
0
- CVE-2026-26269: fix stack-based buffer overflow in NetBeans integration that
could lead to a crash or arbitrary code execution via a malicious server
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2026-26269: fix stack-based buffer overflow in NetBeans integration that
could lead to a crash or arbitrary code execution via a malicious server
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els47.x86_64.rpm
2dbba5dcc9efa85ddc2f2a63c75a846c2e37a9d1306283b0c7527be89c9583c0
vim-common-7.4.629-5.2.el6.tuxcare.els47.x86_64.rpm
6ef4fa709e8794056aa56249b983cdc58fcb19d60d0d24c617a9183d55e27bba
vim-enhanced-7.4.629-5.2.el6.tuxcare.els47.x86_64.rpm
8e75cc816e21a4587bf158ece562137bc0b45b539c6620e247edd4a4a4287633
vim-filesystem-7.4.629-5.2.el6.tuxcare.els47.x86_64.rpm
cb9dd2c0ef6ef75416eb1e64792fd5f177034f8c8ef7a42cb51ea7930c1307e5
vim-minimal-7.4.629-5.2.el6.tuxcare.els47.x86_64.rpm
b70fb348cbbeed78a52fafa4ded6171d9779fb95100b2b5010d4bdc5689f2b07
CLSA-2026:1774021165
expat: Fix of CVE-2026-25210
TuxCare License Agreement
0
- CVE-2026-25210: fix memory corruption via integer overflow in doContent
function during tag buffer reallocation
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2026-25210: fix memory corruption via integer overflow in doContent
function during tag buffer reallocation
0
tuxcare-centos6-els
expat-2.0.1-13.el6_8.tuxcare.els7.i686.rpm
ff9cfc3cc62367ca3cfe5b93c64801ee79249659c10bc37e2cecf41efb3ccc48
expat-2.0.1-13.el6_8.tuxcare.els7.x86_64.rpm
22a106edde9c2528570e5f0d9be78cf708724a598f65e2a5eddea1c2781aac58
expat-devel-2.0.1-13.el6_8.tuxcare.els7.i686.rpm
b6aff472e77efa90233f3f38510945dc0a868038c4aa0774fba58094540a1aa8
expat-devel-2.0.1-13.el6_8.tuxcare.els7.x86_64.rpm
a33ccfb46b4d9d5b8ff9fd6693c9c90d9d0311341348369b4c113c97957487d7
CLSA-2026:1774276586
curl: Fix of CVE-2026-3784
TuxCare License Agreement
0
- CVE-2026-3784: fix proxy connection reuse with different credentials
- update outdated timestamps in test 046
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2026-3784: fix proxy connection reuse with different credentials
- update outdated timestamps in test 046
0
tuxcare-centos6-els
curl-7.19.7-59.el6.tuxcare.els11.x86_64.rpm
a61e719cb3bc8b8189dcb8f12b6979c3b7e6e35ab950256e3d6b803cdde30f8d
libcurl-7.19.7-59.el6.tuxcare.els11.i686.rpm
4e4fb42cfb1e2d687c9822f814d7f5530fa233d5077d4a452751836001000f1a
libcurl-7.19.7-59.el6.tuxcare.els11.x86_64.rpm
4edb5e308156e8017fa0b77b3923b3f0c8a3c50c9a2d9c4b243a6d06a01061aa
libcurl-devel-7.19.7-59.el6.tuxcare.els11.i686.rpm
59180d2b79dcdd6c1184a0b7b6b6e5ea1361099454164788bdd915c967e3bdee
libcurl-devel-7.19.7-59.el6.tuxcare.els11.x86_64.rpm
9ab40b87687fbfeb6749a15a3b0b80b7b829ae4200e792c08a99ae5797d4d2e6
CLSA-2026:1774432816
vim: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2026-28417: fix OS command injection in netrw plugin when handling
specially crafted URLs such as scp://
- CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a
maliciously crafted Vim swap file
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2026-28417: fix OS command injection in netrw plugin when handling
specially crafted URLs such as scp://
- CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a
maliciously crafted Vim swap file
0
tuxcare-centos6-els
vim-X11-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
9b661e345ebae1548be4d61d8f2c782de8eec5e260c9f5438adff306324cc9a0
vim-common-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
14b287625755f7c9cec86ec991e87ed68eed525075ed3b3e4b9ddf826e1aedcd
vim-enhanced-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
f0b4acfff7b1a9dffb997857f76c13c091c4144a3bf07f3928261bbb9bf789ab
vim-filesystem-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
edb8ab48d2ec720659d3efe5b4b038c7aadeaafff1a24313b15f052151e8386a
vim-minimal-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
0b1dd61613042c8486b9436affde6ec5f120cc61477f67d37536fced73f06a12
CLSA-2026:1774946829
squid: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS
- CVE-2026-33515: fix out-of-bounds read in ICP message handling leaking
sensitive information
- CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing
Use-After-Free DoS
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS
- CVE-2026-33515: fix out-of-bounds read in ICP message handling leaking
sensitive information
- CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing
Use-After-Free DoS
0
tuxcare-centos6-els
squid-3.1.23-30.el6.tuxcare.els16.x86_64.rpm
35fda092d36eb8408bddef74160a6947a1f6332151a132b85cdfc9e36deeed44
CLSA-2026:1775148022
binutils: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2025-66862: fix heap-buffer-overflow in gnu_special in cplus-dem.c
- CVE-2025-66863: fix SEGV in d_discriminator in cp-demangle.c
- CVE-2025-66865: fix stack overflow in d_print_comp in cp-demangle.c
Low
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-66862: fix heap-buffer-overflow in gnu_special in cplus-dem.c
- CVE-2025-66863: fix SEGV in d_discriminator in cp-demangle.c
- CVE-2025-66865: fix stack overflow in d_print_comp in cp-demangle.c
0
tuxcare-centos6-els
binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els10.x86_64.rpm
1e0be84be56bbddd8d36857d77627578d1d8b9acf8d8bae10ce54d4f6e7965b1
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els10.i686.rpm
681ed9ca43463afc4a8b98f2ffe062eb714c12d7948c435984a24313f9e5a326
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els10.x86_64.rpm
af6d1fd91cd031ea363a12c59ed62f856eed973db943496a92871ef49b721674
CLSA-2026:1775062580
squid34: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS
- CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing
Use-After-Free DoS
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS
- CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing
Use-After-Free DoS
0
tuxcare-centos6-els
squid34-3.4.14-16.el6.tuxcare.els12.x86_64.rpm
e0abb3b3d83a2bfc7d0fdd6076ebbdfa6a08014ee9f2c51a17be3646ff51292a
CLSA-2026:1775725743
ImageMagick: Fix of 3 CVEs
TuxCare License Agreement
0
- CVE-2025-66628: fix integer overflow in TIM parser
- CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing
- CVE-2026-28693: fix integer overflow in DIB coder
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-66628: fix integer overflow in TIM parser
- CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing
- CVE-2026-28693: fix integer overflow in DIB coder
0
tuxcare-centos6-els
ImageMagick-6.7.2.7-7.el6.tuxcare.els2.i686.rpm
4a3e1311f0f8475914635632cf8c2edb9e1c78a7839a68f151ef1efea4866ac1
ImageMagick-6.7.2.7-7.el6.tuxcare.els2.x86_64.rpm
f3b7a5648817a035bbcf03bccf29006e14a9e208fc0b5962ad7de140039efa8e
ImageMagick-c++-6.7.2.7-7.el6.tuxcare.els2.i686.rpm
662c2592717291cd4f3a9a7332ad465e1d6fe9d66d2e87bcf441d6544e2031f2
ImageMagick-c++-6.7.2.7-7.el6.tuxcare.els2.x86_64.rpm
cfce454b37f51fb5aaaa3871fa58a6f9db513ffbef74e28b5ff28fc84615a77f
ImageMagick-c++-devel-6.7.2.7-7.el6.tuxcare.els2.i686.rpm
8481dbfa013db8a80deb01f5d903d890fa117447c68506fa0ab7a95b21e70bf0
ImageMagick-c++-devel-6.7.2.7-7.el6.tuxcare.els2.x86_64.rpm
0b7ce970b56f76d06e52ad96cb9c1a96b7ae8322fd3b5b2408578380727488f2
ImageMagick-devel-6.7.2.7-7.el6.tuxcare.els2.i686.rpm
2c5b1acf09d82d254e4b140d4bc9dda36ea6dbfd0a6ac055a0c70f13652399f2
ImageMagick-devel-6.7.2.7-7.el6.tuxcare.els2.x86_64.rpm
3c693ae00d2e6c0fabdb53d8ece172b98d4e015a9884d73128068c429952429f
ImageMagick-doc-6.7.2.7-7.el6.tuxcare.els2.x86_64.rpm
119289cbaba09ecfeb08b54fb85ce27d68f22efdfde1ff6e0ab861eb4eeed421
ImageMagick-perl-6.7.2.7-7.el6.tuxcare.els2.x86_64.rpm
ad3db95ae61b1707800f7dbeb10486e6e1f4f0b6269b82f768788ce1525b7f80
CLSA-2026:1775722568
binutils: Fix of 4 CVEs
TuxCare License Agreement
0
- CVE-2025-5244: fix NULL pointer dereference in elf_gc_sweep for empty section groups
- CVE-2025-5245: fix memory corruption in debug_type_samep incorrect NULL check
- CVE-2026-3441: fix out-of-bounds read in xcoff_link_add_symbols x_scnlen bounds check
- CVE-2026-3442: fix out-of-bounds read in xcoff_link_add_symbols missing r_symndx bounds check
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2025-5244: fix NULL pointer dereference in elf_gc_sweep for empty section groups
- CVE-2025-5245: fix memory corruption in debug_type_samep incorrect NULL check
- CVE-2026-3441: fix out-of-bounds read in xcoff_link_add_symbols x_scnlen bounds check
- CVE-2026-3442: fix out-of-bounds read in xcoff_link_add_symbols missing r_symndx bounds check
0
tuxcare-centos6-els
binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els11.x86_64.rpm
7ec1b5bc44b65a58f60bf814fef150e0398aefe219e6889fba680dfd8f577e42
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els11.i686.rpm
e6388961e63046dd259889bc7061578dce9acad4d0f129f82ec1f027c85741e4
binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els11.x86_64.rpm
7a20f1d6b26df4b75461e881fdcd21045255a826be88c46a42aeffa8e89ce1d1
CLSA-2026:1775745943
kernel: Fix of 5 CVEs
TuxCare License Agreement
0
- net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve {CVE-2023-4623}
- net/sched: Enforce that teql can only be used as root qdisc {CVE-2026-23074}
- ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() {CVE-2026-23089}
- atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control(). {CVE-2025-39828}
- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() {CVE-2025-38348}
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve {CVE-2023-4623}
- net/sched: Enforce that teql can only be used as root qdisc {CVE-2026-23074}
- ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() {CVE-2026-23089}
- atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control(). {CVE-2025-39828}
- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() {CVE-2025-38348}
0
tuxcare-centos6-els
kernel-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm
64a87e4f94661439fd6b679dd2dd0079093e6e6418661bb52f9707497bce7b15
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els31.noarch.rpm
eecc82eef7420c64d00514becab885b0e382b4e0b49ad195c543a139176121cf
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm
a7f4a720384d804647e3db30a93a2b5a3b5382f13f64c5a23a863e4a2a78d5b6
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els31.i686.rpm
22437be1a7b0564e4962cf555871019b1fbae6ea67bcd183aacf7a00502c0b9a
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm
8d91474b400535e8a38a99c820d8f8a9cf5defed84b7e10d63a1fb003b376e5d
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm
6d842d8bfb5d9b2638d94703793a5bd5c0472cb940e9d8cf6f496d8d2f2767ee
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els31.noarch.rpm
3fed9bbcec770d03e9c5916b95790f58753f61cf2cdbf93d3913c1a51840d48d
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els31.noarch.rpm
4be96a72094143dab0eee5e94717d1eef83f1bcbea02a698b680c5a0b7aa5191
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm
8604fc3c6fe8c0865172bd8c0bc8a3e373e483b5c448403ebd08f914bd21ef8f
perf-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm
f57d2e8b13f0a585be99680ca71d783828f736742120884f925f19f2fdd9470b
python-perf-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm
3c235231bb508acaef4767ba2c806541ab179c344b5ef6942d527f3babfee74b