Linux br942.hostgator.com.br 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64
Apache
: 162.241.2.188 | : 3.140.250.157
Cant Read [ /etc/named.conf ]
8.2.22
manoe678
May The Force Be With You
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
MASS DEFACE
+ Create Folder
+ Create File
/
var /
cache /
yum /
x86_64 /
7 /
centos7-els /
gen /
[ HOME SHELL ]
Name
Size
Permission
Action
filelists_db.sqlite
70.27
MB
-rw-r--r--
other_db.sqlite
32.29
MB
-rw-r--r--
primary_db.sqlite
73.44
MB
-rw-r--r--
updateinfo.xml
1013.01
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : updateinfo.xml
<?xml version='1.0' encoding='UTF-8'?> <updates> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1695326199</id> <title>lz4: Fix of CVE-2021-3520</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-3520: Fix potential memory corruption with negative memmove() size</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-3520: Fix potential memory corruption with negative memmove() size</summary> <pushcount>0</pushcount> <issued date="2023-09-21 20:57:15 UTC" /> <updated date="2023-09-21 20:57:15 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1695326199.html" id="CLSA-2023:1695326199" title="CLSA-2023:1695326199" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="lz4" release="1.el7.tuxcare.els1" src="lz4-1.8.3-1.el7.tuxcare.els1.src.rpm" version="1.8.3"> <filename>lz4-1.8.3-1.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">5335558b2177e7f2d82601c828adfa36538f69a0</sum> </package> <package arch="x86_64" epoch="0" name="lz4" release="1.el7.tuxcare.els1" src="lz4-1.8.3-1.el7.tuxcare.els1.src.rpm" version="1.8.3"> <filename>lz4-1.8.3-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">80c901d619bf31112141ebfa98d3b750a7c8929b</sum> </package> <package arch="i686" epoch="0" name="lz4-devel" release="1.el7.tuxcare.els1" src="lz4-1.8.3-1.el7.tuxcare.els1.src.rpm" version="1.8.3"> <filename>lz4-devel-1.8.3-1.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">633bbbfcbda91e3eeee225b162c2cfab8018792f</sum> </package> <package arch="x86_64" epoch="0" name="lz4-devel" release="1.el7.tuxcare.els1" src="lz4-1.8.3-1.el7.tuxcare.els1.src.rpm" version="1.8.3"> <filename>lz4-devel-1.8.3-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">c6b4e7a07f10ee9cf520a043f7f528819f5a923f</sum> </package> <package arch="i686" epoch="0" name="lz4-static" release="1.el7.tuxcare.els1" src="lz4-1.8.3-1.el7.tuxcare.els1.src.rpm" version="1.8.3"> <filename>lz4-static-1.8.3-1.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">2f62417720d611116bd363e7857c22836a589268</sum> </package> <package arch="x86_64" epoch="0" name="lz4-static" release="1.el7.tuxcare.els1" src="lz4-1.8.3-1.el7.tuxcare.els1.src.rpm" version="1.8.3"> <filename>lz4-static-1.8.3-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">588c300e0befdf3e1afa9c5d8a452933e40f8406</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1695406987</id> <title>libtasn1: Fix of CVE-2021-46848</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-46848: Fix ETYPE_OK off by one array size check.</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-46848: Fix ETYPE_OK off by one array size check.</summary> <pushcount>0</pushcount> <issued date="2023-09-22 18:23:11 UTC" /> <updated date="2023-09-22 18:23:11 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1695406987.html" id="CLSA-2023:1695406987" title="CLSA-2023:1695406987" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libtasn1" release="1.el7.tuxcare.els1" src="libtasn1-4.10-1.el7.tuxcare.els1.src.rpm" version="4.10"> <filename>libtasn1-4.10-1.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">bb4ca6284c31053611f8f5d09d087a420efcf26d</sum> </package> <package arch="x86_64" epoch="0" name="libtasn1" release="1.el7.tuxcare.els1" src="libtasn1-4.10-1.el7.tuxcare.els1.src.rpm" version="4.10"> <filename>libtasn1-4.10-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f9c3a45d9b77349b6ac215e583a4a6a49a994887</sum> </package> <package arch="i686" epoch="0" name="libtasn1-devel" release="1.el7.tuxcare.els1" src="libtasn1-4.10-1.el7.tuxcare.els1.src.rpm" version="4.10"> <filename>libtasn1-devel-4.10-1.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">cee8fc0819b8500a09b8a97c724ecf8717480cb0</sum> </package> <package arch="x86_64" epoch="0" name="libtasn1-devel" release="1.el7.tuxcare.els1" src="libtasn1-4.10-1.el7.tuxcare.els1.src.rpm" version="4.10"> <filename>libtasn1-devel-4.10-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">8f8ac6ad10d11dfa3e8a29c5c89371571fdf0dec</sum> </package> <package arch="x86_64" epoch="0" name="libtasn1-tools" release="1.el7.tuxcare.els1" src="libtasn1-4.10-1.el7.tuxcare.els1.src.rpm" version="4.10"> <filename>libtasn1-tools-4.10-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">95da1c3092b62a96a51c51ab44d7eeec65166ce1</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1695752598</id> <title>httpd: Fix of 4 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-23943: Fix out-of-bound write in mod_sed - CVE-2022-22721: Fix integer overflow which resulted in out-of-bounds write - CVE-2022-28615: Fix read beyond bounds in ap_strcmp_match() - CVE-2022-31813: Fix possible bypass of IP based authentication</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-23943: Fix out-of-bound write in mod_sed - CVE-2022-22721: Fix integer overflow which resulted in out-of-bounds write - CVE-2022-28615: Fix read beyond bounds in ap_strcmp_match() - CVE-2022-31813: Fix possible bypass of IP based authentication</summary> <pushcount>0</pushcount> <issued date="2023-09-26 18:23:22 UTC" /> <updated date="2023-09-26 18:23:22 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1695752598.html" id="CLSA-2023:1695752598" title="CLSA-2023:1695752598" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="httpd" release="99.el7.centos.1.tuxcare.els1" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els1.src.rpm" version="2.4.6"> <filename>httpd-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">abcebff4e25b456c277b446349e4f78de5adc010</sum> </package> <package arch="x86_64" epoch="0" name="httpd-devel" release="99.el7.centos.1.tuxcare.els1" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els1.src.rpm" version="2.4.6"> <filename>httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0df38b144f249b1dcbe3873a697908608a9edd21</sum> </package> <package arch="noarch" epoch="0" name="httpd-manual" release="99.el7.centos.1.tuxcare.els1" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els1.src.rpm" version="2.4.6"> <filename>httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els1.noarch.rpm</filename> <sum type="sha">7135ad62ce92a941e384ced7bdc93fb130a23ff0</sum> </package> <package arch="x86_64" epoch="0" name="httpd-tools" release="99.el7.centos.1.tuxcare.els1" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els1.src.rpm" version="2.4.6"> <filename>httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">62376f47b9f878e613a9642b8cf12e9e5ce0be2a</sum> </package> <package arch="x86_64" epoch="0" name="mod_ldap" release="99.el7.centos.1.tuxcare.els1" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els1.src.rpm" version="2.4.6"> <filename>mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">c6d070bcd6b67267cb24e98ff2d6c965e8175e0e</sum> </package> <package arch="x86_64" epoch="1" name="mod_proxy_html" release="99.el7.centos.1.tuxcare.els1" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els1.src.rpm" version="2.4.6"> <filename>mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">3698fe8eb955a70e0bd60a7e8297ea029f33c11f</sum> </package> <package arch="x86_64" epoch="0" name="mod_session" release="99.el7.centos.1.tuxcare.els1" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els1.src.rpm" version="2.4.6"> <filename>mod_session-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">d772a1b36c9387cc67b5f05a7a867d72488d6f97</sum> </package> <package arch="x86_64" epoch="1" name="mod_ssl" release="99.el7.centos.1.tuxcare.els1" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els1.src.rpm" version="2.4.6"> <filename>mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f8ba02ee9b65ea554aae13f7087bc465cc4c8008</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1695834624</id> <title>python3: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-3177: Replace snprintf to prevent buffer overflow - CVE-2022-48565: Reject XML entity declarations in plist files</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-3177: Replace snprintf to prevent buffer overflow - CVE-2022-48565: Reject XML entity declarations in plist files</summary> <pushcount>0</pushcount> <issued date="2023-09-27 17:10:28 UTC" /> <updated date="2023-09-27 17:10:28 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1695834624.html" id="CLSA-2023:1695834624" title="CLSA-2023:1695834624" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="python3" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-3.6.8-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">ff0f7c541ae160786eca75805e0d32cfbe93309e</sum> </package> <package arch="x86_64" epoch="0" name="python3" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-3.6.8-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f49c04bfcd0b453ed60812c9ea6e3787f6951d14</sum> </package> <package arch="i686" epoch="0" name="python3-debug" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">89b19ae9b52c24c1549b191055522e045b382d23</sum> </package> <package arch="x86_64" epoch="0" name="python3-debug" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f7a0a47ae24dcf550ff4f159c5379b8e757f87c9</sum> </package> <package arch="i686" epoch="0" name="python3-devel" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">e5a09a3491aee9d9b31b802133fa138a3bf1bdfe</sum> </package> <package arch="x86_64" epoch="0" name="python3-devel" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">6aa32329e057f1ea20e45232e67bdc295f875089</sum> </package> <package arch="i686" epoch="0" name="python3-idle" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">2bd15f34dc8a940f0349b267bb7da1f6ed9c0075</sum> </package> <package arch="x86_64" epoch="0" name="python3-idle" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">e36c7e71edaf38299abb42e54b2eeead1cc66883</sum> </package> <package arch="i686" epoch="0" name="python3-libs" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">593a39ac99294654bf73d2d2ca63d9e05af81bce</sum> </package> <package arch="x86_64" epoch="0" name="python3-libs" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">305fac9731bd59f4a597bf864259dfbe0a87fbd6</sum> </package> <package arch="i686" epoch="0" name="python3-test" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">f8ef0171a9095e6cf804b9d517400e300f15ba43</sum> </package> <package arch="x86_64" epoch="0" name="python3-test" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">c99d9632a768e6de14dfb849fe413594268d0aa1</sum> </package> <package arch="i686" epoch="0" name="python3-tkinter" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">d0a997577fbc3900cca37c971c45eb9e382a37a0</sum> </package> <package arch="x86_64" epoch="0" name="python3-tkinter" release="19.el7.tuxcare.els1" src="python3-3.6.8-19.el7.tuxcare.els1.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">8419a4d1a694af5f71346de8969e9b132475778b</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1695834945</id> <title>openldap: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-29155: fix a SQL injection vulnerability in the back-sql backend to slapd - CVE-2021-27212: fix denial of service (daemon exit) via a short timestamp if slapd is used</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-29155: fix a SQL injection vulnerability in the back-sql backend to slapd - CVE-2021-27212: fix denial of service (daemon exit) via a short timestamp if slapd is used</summary> <pushcount>0</pushcount> <issued date="2023-09-27 17:15:49 UTC" /> <updated date="2023-09-27 17:15:49 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1695834945.html" id="CLSA-2023:1695834945" title="CLSA-2023:1695834945" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="openldap" release="25.el7_9.tuxcare.els1" src="openldap-2.4.44-25.el7_9.tuxcare.els1.src.rpm" version="2.4.44"> <filename>openldap-2.4.44-25.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">0beede14b5e790fa644584fa5a5bd1cec5f4e8fc</sum> </package> <package arch="x86_64" epoch="0" name="openldap" release="25.el7_9.tuxcare.els1" src="openldap-2.4.44-25.el7_9.tuxcare.els1.src.rpm" version="2.4.44"> <filename>openldap-2.4.44-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">06fb1dbfdcc3a325f7a696c9d17bca97db4190b8</sum> </package> <package arch="x86_64" epoch="0" name="openldap-clients" release="25.el7_9.tuxcare.els1" src="openldap-2.4.44-25.el7_9.tuxcare.els1.src.rpm" version="2.4.44"> <filename>openldap-clients-2.4.44-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">26a14c009d0962993942268ff93f44a5a8af3bd8</sum> </package> <package arch="i686" epoch="0" name="openldap-devel" release="25.el7_9.tuxcare.els1" src="openldap-2.4.44-25.el7_9.tuxcare.els1.src.rpm" version="2.4.44"> <filename>openldap-devel-2.4.44-25.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">2dae8e81a8676d1301332623de4f1f84a5ad2cf4</sum> </package> <package arch="x86_64" epoch="0" name="openldap-devel" release="25.el7_9.tuxcare.els1" src="openldap-2.4.44-25.el7_9.tuxcare.els1.src.rpm" version="2.4.44"> <filename>openldap-devel-2.4.44-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">674b5b06c67e95972dcbb5f8acd18147555d4ece</sum> </package> <package arch="x86_64" epoch="0" name="openldap-servers" release="25.el7_9.tuxcare.els1" src="openldap-2.4.44-25.el7_9.tuxcare.els1.src.rpm" version="2.4.44"> <filename>openldap-servers-2.4.44-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">160aa15e0841c681425725ac038d7e956a737ede</sum> </package> <package arch="x86_64" epoch="0" name="openldap-servers-sql" release="25.el7_9.tuxcare.els1" src="openldap-2.4.44-25.el7_9.tuxcare.els1.src.rpm" version="2.4.44"> <filename>openldap-servers-sql-2.4.44-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9b66fff95147f17a9309700f9290481046d32efe</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1696352100</id> <title>glib2: Fix of CVE-2021-27218</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-27218: gbytearray: Do not accept too large byte arrays - Enable internal tests - Skip several failed tests from the check</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-27218: gbytearray: Do not accept too large byte arrays - Enable internal tests - Skip several failed tests from the check</summary> <pushcount>0</pushcount> <issued date="2023-10-03 16:55:05 UTC" /> <updated date="2023-10-03 16:55:05 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1696352100.html" id="CLSA-2023:1696352100" title="CLSA-2023:1696352100" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="glib2" release="9.el7_9.tuxcare.els1" src="glib2-2.56.1-9.el7_9.tuxcare.els1.src.rpm" version="2.56.1"> <filename>glib2-2.56.1-9.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">8d95b19e06810735e439444f72563df8e7d1c7cb</sum> </package> <package arch="x86_64" epoch="0" name="glib2" release="9.el7_9.tuxcare.els1" src="glib2-2.56.1-9.el7_9.tuxcare.els1.src.rpm" version="2.56.1"> <filename>glib2-2.56.1-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">32274ea04cb4bc0de9751a3d70dc52d09728c65f</sum> </package> <package arch="i686" epoch="0" name="glib2-devel" release="9.el7_9.tuxcare.els1" src="glib2-2.56.1-9.el7_9.tuxcare.els1.src.rpm" version="2.56.1"> <filename>glib2-devel-2.56.1-9.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">a53ec1271e9c78caad7bb52c4f06866ad09e453e</sum> </package> <package arch="x86_64" epoch="0" name="glib2-devel" release="9.el7_9.tuxcare.els1" src="glib2-2.56.1-9.el7_9.tuxcare.els1.src.rpm" version="2.56.1"> <filename>glib2-devel-2.56.1-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9defde80bf6e762dd4a92c343a0b606ed57c032b</sum> </package> <package arch="noarch" epoch="0" name="glib2-doc" release="9.el7_9.tuxcare.els1" src="glib2-2.56.1-9.el7_9.tuxcare.els1.src.rpm" version="2.56.1"> <filename>glib2-doc-2.56.1-9.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">391fe71cc4ca47157c0d30f6302eec945eb20df4</sum> </package> <package arch="x86_64" epoch="0" name="glib2-fam" release="9.el7_9.tuxcare.els1" src="glib2-2.56.1-9.el7_9.tuxcare.els1.src.rpm" version="2.56.1"> <filename>glib2-fam-2.56.1-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">673dc55537e03e1ea8fed1878669ab329dba1213</sum> </package> <package arch="i686" epoch="0" name="glib2-static" release="9.el7_9.tuxcare.els1" src="glib2-2.56.1-9.el7_9.tuxcare.els1.src.rpm" version="2.56.1"> <filename>glib2-static-2.56.1-9.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">c10f5ddef12ec9378bf6c0aebf0e651fedef0236</sum> </package> <package arch="x86_64" epoch="0" name="glib2-static" release="9.el7_9.tuxcare.els1" src="glib2-2.56.1-9.el7_9.tuxcare.els1.src.rpm" version="2.56.1"> <filename>glib2-static-2.56.1-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">46ff7152639eaacbde6817a2596da0d2423541c0</sum> </package> <package arch="x86_64" epoch="0" name="glib2-tests" release="9.el7_9.tuxcare.els1" src="glib2-2.56.1-9.el7_9.tuxcare.els1.src.rpm" version="2.56.1"> <filename>glib2-tests-2.56.1-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">c7c35916aed2ebd026f249a048d16221c76cdec6</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1696536930</id> <title>httpd: Fix of 4 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-26690: Fix NULL pointer dereference in mod_session - CVE-2022-22719: Fix possible process crash due to unnoticed failures in mod_lua - CVE-2022-29404: Fix possible DoS due to no default limit on possible input size in mod_lua - CVE-2022-26377: Fix possible HTTP request smuggling in mod_proxy_ajp</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-26690: Fix NULL pointer dereference in mod_session - CVE-2022-22719: Fix possible process crash due to unnoticed failures in mod_lua - CVE-2022-29404: Fix possible DoS due to no default limit on possible input size in mod_lua - CVE-2022-26377: Fix possible HTTP request smuggling in mod_proxy_ajp</summary> <pushcount>0</pushcount> <issued date="2023-10-05 20:15:34 UTC" /> <updated date="2023-10-05 20:15:34 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1696536930.html" id="CLSA-2023:1696536930" title="CLSA-2023:1696536930" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="httpd" release="99.el7.centos.1.tuxcare.els2" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els2.src.rpm" version="2.4.6"> <filename>httpd-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">8457081a779136e2455d91a593e78702d66f3142</sum> </package> <package arch="x86_64" epoch="0" name="httpd-devel" release="99.el7.centos.1.tuxcare.els2" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els2.src.rpm" version="2.4.6"> <filename>httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">5e0ff81be6bc38ff2a5e1b699b739b79a44e6407</sum> </package> <package arch="noarch" epoch="0" name="httpd-manual" release="99.el7.centos.1.tuxcare.els2" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els2.src.rpm" version="2.4.6"> <filename>httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els2.noarch.rpm</filename> <sum type="sha">78998f720701b87eb8a031ec1d767bae891d6252</sum> </package> <package arch="x86_64" epoch="0" name="httpd-tools" release="99.el7.centos.1.tuxcare.els2" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els2.src.rpm" version="2.4.6"> <filename>httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">1ac6e08d603add02654d8babeca7fec4d5d0ff3e</sum> </package> <package arch="x86_64" epoch="0" name="mod_ldap" release="99.el7.centos.1.tuxcare.els2" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els2.src.rpm" version="2.4.6"> <filename>mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">595b84b2e24b20cd18670df68cac0f627b4b3db6</sum> </package> <package arch="x86_64" epoch="1" name="mod_proxy_html" release="99.el7.centos.1.tuxcare.els2" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els2.src.rpm" version="2.4.6"> <filename>mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">cd1de0eaa2a4e846a7e6741165df05c6e9c5105f</sum> </package> <package arch="x86_64" epoch="0" name="mod_session" release="99.el7.centos.1.tuxcare.els2" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els2.src.rpm" version="2.4.6"> <filename>mod_session-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">7596090f0b5a9d6727c24fbbca840e2899ffc813</sum> </package> <package arch="x86_64" epoch="1" name="mod_ssl" release="99.el7.centos.1.tuxcare.els2" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els2.src.rpm" version="2.4.6"> <filename>mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">86c41b836ea727c7f7295bed70044c2683e8a2c8</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1696537106</id> <title>libxml2: Fix of 5 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-3517: fix flaw in the xml entity encoding - CVE-2021-3518: fix dangling pointers in entity reference nodes - CVE-2022-23308: fix use-after-free of ID and IDREF attributes - CVE-2022-40303: fix integer counters overflow when parsing a multi-gigabyte XML - CVE-2022-40304: fix double free as a result of an invalid XML entity - fix testapi.c to avoid false positive test errors - fix a parser and fix a null pointer dereference</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-3517: fix flaw in the xml entity encoding - CVE-2021-3518: fix dangling pointers in entity reference nodes - CVE-2022-23308: fix use-after-free of ID and IDREF attributes - CVE-2022-40303: fix integer counters overflow when parsing a multi-gigabyte XML - CVE-2022-40304: fix double free as a result of an invalid XML entity - fix testapi.c to avoid false positive test errors - fix a parser and fix a null pointer dereference</summary> <pushcount>0</pushcount> <issued date="2023-10-05 20:18:30 UTC" /> <updated date="2023-10-05 20:18:30 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1696537106.html" id="CLSA-2023:1696537106" title="CLSA-2023:1696537106" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libxml2" release="6.el7_9.6.tuxcare.els1" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els1.src.rpm" version="2.9.1"> <filename>libxml2-2.9.1-6.el7_9.6.tuxcare.els1.i686.rpm</filename> <sum type="sha">8b71b0db977448bbdda9dd955d0c9cde68331999</sum> </package> <package arch="x86_64" epoch="0" name="libxml2" release="6.el7_9.6.tuxcare.els1" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els1.src.rpm" version="2.9.1"> <filename>libxml2-2.9.1-6.el7_9.6.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b966212b8ff87a83e3d4516bd2b06bc2a1e374a4</sum> </package> <package arch="i686" epoch="0" name="libxml2-devel" release="6.el7_9.6.tuxcare.els1" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els1.src.rpm" version="2.9.1"> <filename>libxml2-devel-2.9.1-6.el7_9.6.tuxcare.els1.i686.rpm</filename> <sum type="sha">ef815c5e75c65301daae8033cc2541d06cec16da</sum> </package> <package arch="x86_64" epoch="0" name="libxml2-devel" release="6.el7_9.6.tuxcare.els1" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els1.src.rpm" version="2.9.1"> <filename>libxml2-devel-2.9.1-6.el7_9.6.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">ca97c5fb9e5353e51f2eb285d41d04fed94e1fd1</sum> </package> <package arch="x86_64" epoch="0" name="libxml2-python" release="6.el7_9.6.tuxcare.els1" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els1.src.rpm" version="2.9.1"> <filename>libxml2-python-2.9.1-6.el7_9.6.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f3dc45d5d820029a8bfd62b93afdeaa5c8a84d80</sum> </package> <package arch="i686" epoch="0" name="libxml2-static" release="6.el7_9.6.tuxcare.els1" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els1.src.rpm" version="2.9.1"> <filename>libxml2-static-2.9.1-6.el7_9.6.tuxcare.els1.i686.rpm</filename> <sum type="sha">ecbcc180a370e2d9a6122cb4f49e07a05bd9b5b8</sum> </package> <package arch="x86_64" epoch="0" name="libxml2-static" release="6.el7_9.6.tuxcare.els1" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els1.src.rpm" version="2.9.1"> <filename>libxml2-static-2.9.1-6.el7_9.6.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f25767e14a196f3e7e69504cb8087fb0c4b2c8bd</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1696877581</id> <title>binutils: Fix of 9 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2017-16831: Fix excessive memory allocation attempts and possible integer overflows when attempting to read a COFF binary with a corrupt symbol count - CVE-2020-19726: Fix parsing a corrupt PE format file - CVE-2021-45078: Fix out-of-bounds write in stab_xcoff_builtin_type - CVE-2021-46174: Fix buffer overflow in read_section_stabs_debugging_info - CVE-2022-44840: Fix possible heap buffer overflow in find_section_in_set() in readelf.c - CVE-2022-45703: Combine sanity checks, calculate element counts, not word counts, fix typo - CVE-2022-47695: Test symbol flags to exclude section and synthetic symbols before attempting to check flavour - CVE-2022-47696: Fix uninitialised field `the_bfd` of `asymbol` - CVE-2022-47673: Fix lack of bounds checking in vms-alpha.c</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2017-16831: Fix excessive memory allocation attempts and possible integer overflows when attempting to read a COFF binary with a corrupt symbol count - CVE-2020-19726: Fix parsing a corrupt PE format file - CVE-2021-45078: Fix out-of-bounds write in stab_xcoff_builtin_type - CVE-2021-46174: Fix buffer overflow in read_section_stabs_debugging_info - CVE-2022-44840: Fix possible heap buffer overflow in find_section_in_set() in readelf.c - CVE-2022-45703: Combine sanity checks, calculate element counts, not word counts, fix typo - CVE-2022-47695: Test symbol flags to exclude section and synthetic symbols before attempting to check flavour - CVE-2022-47696: Fix uninitialised field `the_bfd` of `asymbol` - CVE-2022-47673: Fix lack of bounds checking in vms-alpha.c</summary> <pushcount>0</pushcount> <issued date="2023-10-09 18:53:05 UTC" /> <updated date="2023-10-09 18:53:05 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1696877581.html" id="CLSA-2023:1696877581" title="CLSA-2023:1696877581" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="binutils" release="44.base.el7_9.1.tuxcare.els1" src="binutils-2.27-44.base.el7_9.1.tuxcare.els1.src.rpm" version="2.27"> <filename>binutils-2.27-44.base.el7_9.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">db3088e64f1b1e386ac79846298123538eec6c61</sum> </package> <package arch="i686" epoch="0" name="binutils-devel" release="44.base.el7_9.1.tuxcare.els1" src="binutils-2.27-44.base.el7_9.1.tuxcare.els1.src.rpm" version="2.27"> <filename>binutils-devel-2.27-44.base.el7_9.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">59bb18516a3dba44d119fd06708c2662661788a0</sum> </package> <package arch="x86_64" epoch="0" name="binutils-devel" release="44.base.el7_9.1.tuxcare.els1" src="binutils-2.27-44.base.el7_9.1.tuxcare.els1.src.rpm" version="2.27"> <filename>binutils-devel-2.27-44.base.el7_9.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">acbfd87fbe8a031e1250a8727a372923a920753e</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1696877712</id> <title>expat: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-23990: lib: prevent integer overflow in function doProlog - CVE-2022-43680: fix overeager DTD destruction in XML_ExternalEntityParserCreate</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-23990: lib: prevent integer overflow in function doProlog - CVE-2022-43680: fix overeager DTD destruction in XML_ExternalEntityParserCreate</summary> <pushcount>0</pushcount> <issued date="2023-10-09 18:55:16 UTC" /> <updated date="2023-10-09 18:55:16 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1696877712.html" id="CLSA-2023:1696877712" title="CLSA-2023:1696877712" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="expat" release="15.el7_9.tuxcare.els1" src="expat-2.1.0-15.el7_9.tuxcare.els1.src.rpm" version="2.1.0"> <filename>expat-2.1.0-15.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">f1ea6a6ec0498e7f83ddc545134d26e3c9456a1a</sum> </package> <package arch="x86_64" epoch="0" name="expat" release="15.el7_9.tuxcare.els1" src="expat-2.1.0-15.el7_9.tuxcare.els1.src.rpm" version="2.1.0"> <filename>expat-2.1.0-15.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">825fee740f53e2f518deb1dac27f0d3bc6f355d5</sum> </package> <package arch="i686" epoch="0" name="expat-devel" release="15.el7_9.tuxcare.els1" src="expat-2.1.0-15.el7_9.tuxcare.els1.src.rpm" version="2.1.0"> <filename>expat-devel-2.1.0-15.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">2fbe968a1606e65dd4cb486fda3e74cf18d2715a</sum> </package> <package arch="x86_64" epoch="0" name="expat-devel" release="15.el7_9.tuxcare.els1" src="expat-2.1.0-15.el7_9.tuxcare.els1.src.rpm" version="2.1.0"> <filename>expat-devel-2.1.0-15.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">61b1d88492df6045e8fc214d44ebf1e69c7884de</sum> </package> <package arch="i686" epoch="0" name="expat-static" release="15.el7_9.tuxcare.els1" src="expat-2.1.0-15.el7_9.tuxcare.els1.src.rpm" version="2.1.0"> <filename>expat-static-2.1.0-15.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">295167ac3c991bade45f806bcd924c1d45ac35cc</sum> </package> <package arch="x86_64" epoch="0" name="expat-static" release="15.el7_9.tuxcare.els1" src="expat-2.1.0-15.el7_9.tuxcare.els1.src.rpm" version="2.1.0"> <filename>expat-static-2.1.0-15.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">dbe964c8a3045d1e9b2b9749bfb83a44b9e8d234</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1696877835</id> <title>python: Fix of CVE-2022-48565</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-48565: Reject XML entity declarations in plist files</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-48565: Reject XML entity declarations in plist files</summary> <pushcount>0</pushcount> <issued date="2023-10-09 18:57:19 UTC" /> <updated date="2023-10-09 18:57:19 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1696877835.html" id="CLSA-2023:1696877835" title="CLSA-2023:1696877835" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="python" release="92.el7_9.tuxcare.els1" src="python-2.7.5-92.el7_9.tuxcare.els1.src.rpm" version="2.7.5"> <filename>python-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">915579284dc8e594b50d28293a38c7443dd51db4</sum> </package> <package arch="x86_64" epoch="0" name="python-debug" release="92.el7_9.tuxcare.els1" src="python-2.7.5-92.el7_9.tuxcare.els1.src.rpm" version="2.7.5"> <filename>python-debug-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">99a0dfc939bebbdeb8a7de50ff1af2f03ea14168</sum> </package> <package arch="x86_64" epoch="0" name="python-devel" release="92.el7_9.tuxcare.els1" src="python-2.7.5-92.el7_9.tuxcare.els1.src.rpm" version="2.7.5"> <filename>python-devel-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7e2c2f835a4d4cc9a57dc428026f4c4e5d2aa18a</sum> </package> <package arch="i686" epoch="0" name="python-libs" release="92.el7_9.tuxcare.els1" src="python-2.7.5-92.el7_9.tuxcare.els1.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-92.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">be64f0e26e21ac25850a628041d6e84d308fffef</sum> </package> <package arch="x86_64" epoch="0" name="python-libs" release="92.el7_9.tuxcare.els1" src="python-2.7.5-92.el7_9.tuxcare.els1.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">753bab9de02f034362ae2e059ff14e5aa90716e7</sum> </package> <package arch="x86_64" epoch="0" name="python-test" release="92.el7_9.tuxcare.els1" src="python-2.7.5-92.el7_9.tuxcare.els1.src.rpm" version="2.7.5"> <filename>python-test-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">95bf46065e05cc11c7df29ac8013595120a25940</sum> </package> <package arch="x86_64" epoch="0" name="python-tools" release="92.el7_9.tuxcare.els1" src="python-2.7.5-92.el7_9.tuxcare.els1.src.rpm" version="2.7.5"> <filename>python-tools-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">d5ac0bdb002baee41f37b05bea554ebeaa9e90d1</sum> </package> <package arch="x86_64" epoch="0" name="tkinter" release="92.el7_9.tuxcare.els1" src="python-2.7.5-92.el7_9.tuxcare.els1.src.rpm" version="2.7.5"> <filename>tkinter-2.7.5-92.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">3c386f785b4d99d959e60affbbd3096aa8345156</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1697135138</id> <title>bind: Fix of CVE-2023-3341</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Limit isccc_cc_fromwire recursion depth (CVE-2023-3341)</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Limit isccc_cc_fromwire recursion depth (CVE-2023-3341)</summary> <pushcount>0</pushcount> <issued date="2023-10-12 18:25:42 UTC" /> <updated date="2023-10-12 18:25:42 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1697135138.html" id="CLSA-2023:1697135138" title="CLSA-2023:1697135138" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="32" name="bind" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">88168d9825e7eb737b5303faf98e325734ad95bd</sum> </package> <package arch="x86_64" epoch="32" name="bind-chroot" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-chroot-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">5518f13b6099eac365f6a328f85d4a90017d9883</sum> </package> <package arch="i686" epoch="32" name="bind-devel" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm</filename> <sum type="sha">49da1fb11e70f054e8d0cc0c39810c095e430e74</sum> </package> <package arch="x86_64" epoch="32" name="bind-devel" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">87dd6f2dd1b26643c0de9712a5a64e803e5ae650</sum> </package> <package arch="i686" epoch="32" name="bind-export-devel" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm</filename> <sum type="sha">b7f24d1c432e2ead3d841ff33a73d1eca2c21e4e</sum> </package> <package arch="x86_64" epoch="32" name="bind-export-devel" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">a6e3b095201dccdf245fe4a58f106f1a7c45ecfc</sum> </package> <package arch="i686" epoch="32" name="bind-export-libs" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm</filename> <sum type="sha">59807d283471b0a66cdfb7037a58dac6c0df3f7c</sum> </package> <package arch="x86_64" epoch="32" name="bind-export-libs" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">67626712a07814766979e66c236f3417faa8eef9</sum> </package> <package arch="i686" epoch="32" name="bind-libs" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm</filename> <sum type="sha">97a8f0e296c2346f4ebbc83c631222408b49590e</sum> </package> <package arch="x86_64" epoch="32" name="bind-libs" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b0b692a5df5dd14db9351b44337e5ebdaf472d11</sum> </package> <package arch="i686" epoch="32" name="bind-libs-lite" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm</filename> <sum type="sha">0cc964857a3d36971772b1630f0888a749c940ac</sum> </package> <package arch="x86_64" epoch="32" name="bind-libs-lite" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7d4495947d780a8fed63039f9dab3577a8d94018</sum> </package> <package arch="noarch" epoch="32" name="bind-license" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-license-9.11.4-26.P2.el7.14.tuxcare.els1.noarch.rpm</filename> <sum type="sha">9feaa2ba6c0a3c5eac28014bd19946bdbfc91c50</sum> </package> <package arch="i686" epoch="32" name="bind-lite-devel" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm</filename> <sum type="sha">03fd846327d8322927066c14431598769a01c623</sum> </package> <package arch="x86_64" epoch="32" name="bind-lite-devel" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f509540aa33f2be58bc2812aee614592e0a75c37</sum> </package> <package arch="x86_64" epoch="32" name="bind-pkcs11" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">56b2fa3d579cc899daa778385f00a65dc3a9fe88</sum> </package> <package arch="i686" epoch="32" name="bind-pkcs11-devel" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm</filename> <sum type="sha">08e578b62c3bc6abe1920719209265ecc023bd33</sum> </package> <package arch="x86_64" epoch="32" name="bind-pkcs11-devel" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0417f2ef2ca675a8f4b87d1527a2a8c8c90e67ad</sum> </package> <package arch="i686" epoch="32" name="bind-pkcs11-libs" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7.14.tuxcare.els1.i686.rpm</filename> <sum type="sha">44a2d60883d94182fafec67ddcf268ef2aea6024</sum> </package> <package arch="x86_64" epoch="32" name="bind-pkcs11-libs" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">6553039b2b8338a7c8e3c83f3c0b5b444d6c76fe</sum> </package> <package arch="x86_64" epoch="32" name="bind-pkcs11-utils" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-utils-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">6289298a02892ee9147be3e1ec9f24d7e65b4595</sum> </package> <package arch="x86_64" epoch="32" name="bind-sdb" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-sdb-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">2de281186a5db360d6d5651ca5c8e3c8ccc34fbc</sum> </package> <package arch="x86_64" epoch="32" name="bind-sdb-chroot" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-sdb-chroot-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">e90ef5d99c868c9366893ee4ef92053464979797</sum> </package> <package arch="x86_64" epoch="32" name="bind-utils" release="26.P2.el7.14.tuxcare.els1" src="bind-9.11.4-26.P2.el7.14.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-utils-9.11.4-26.P2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">e813aef0405650979f393b442cfb4d28adf0fa2b</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1697135256</id> <title>glib2: Fix of 5 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-29499: Fix GVariant offset table entry size which is not checked in is_normal() - CVE-2023-32611: Fix an issue where g_variant_byteswap() can take a long time with some non-normal inputs - CVE-2023-32665: Fix GVariant deserialisation which does not match spec for non-normal data - CVE-2023-32636: Fix a wrong timeout in fuzz_variant_text() - CVE-2023-32643: Fix a heap-buffer-overflow in g_variant_serialised_get_child() - Fix g_test_bug assertion in gvariant test</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-29499: Fix GVariant offset table entry size which is not checked in is_normal() - CVE-2023-32611: Fix an issue where g_variant_byteswap() can take a long time with some non-normal inputs - CVE-2023-32665: Fix GVariant deserialisation which does not match spec for non-normal data - CVE-2023-32636: Fix a wrong timeout in fuzz_variant_text() - CVE-2023-32643: Fix a heap-buffer-overflow in g_variant_serialised_get_child() - Fix g_test_bug assertion in gvariant test</summary> <pushcount>0</pushcount> <issued date="2023-10-12 18:27:40 UTC" /> <updated date="2023-10-12 18:27:40 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1697135256.html" id="CLSA-2023:1697135256" title="CLSA-2023:1697135256" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="glib2" release="9.el7_9.tuxcare.els2" src="glib2-2.56.1-9.el7_9.tuxcare.els2.src.rpm" version="2.56.1"> <filename>glib2-2.56.1-9.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">9643a317420b78befa8e76fcffc0b123b0f04490</sum> </package> <package arch="x86_64" epoch="0" name="glib2" release="9.el7_9.tuxcare.els2" src="glib2-2.56.1-9.el7_9.tuxcare.els2.src.rpm" version="2.56.1"> <filename>glib2-2.56.1-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">8ecd35ea0bded1178ee5cfd2eda7a83430f29372</sum> </package> <package arch="i686" epoch="0" name="glib2-devel" release="9.el7_9.tuxcare.els2" src="glib2-2.56.1-9.el7_9.tuxcare.els2.src.rpm" version="2.56.1"> <filename>glib2-devel-2.56.1-9.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">99a3e920ff0d5b45a4166d3c49efc27739b4ab8b</sum> </package> <package arch="x86_64" epoch="0" name="glib2-devel" release="9.el7_9.tuxcare.els2" src="glib2-2.56.1-9.el7_9.tuxcare.els2.src.rpm" version="2.56.1"> <filename>glib2-devel-2.56.1-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">313ae814c1ce6e4893f21b5e58c7f09c7e8ecca4</sum> </package> <package arch="noarch" epoch="0" name="glib2-doc" release="9.el7_9.tuxcare.els2" src="glib2-2.56.1-9.el7_9.tuxcare.els2.src.rpm" version="2.56.1"> <filename>glib2-doc-2.56.1-9.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">90fdce49ab767693d93a0b995a62ea4a24329da8</sum> </package> <package arch="x86_64" epoch="0" name="glib2-fam" release="9.el7_9.tuxcare.els2" src="glib2-2.56.1-9.el7_9.tuxcare.els2.src.rpm" version="2.56.1"> <filename>glib2-fam-2.56.1-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">3a3e8616260fd26c252d21e524ac3ed209a20e6d</sum> </package> <package arch="i686" epoch="0" name="glib2-static" release="9.el7_9.tuxcare.els2" src="glib2-2.56.1-9.el7_9.tuxcare.els2.src.rpm" version="2.56.1"> <filename>glib2-static-2.56.1-9.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">4a3ea3934f6f46f6ef15226db7a6fed7f8f33d68</sum> </package> <package arch="x86_64" epoch="0" name="glib2-static" release="9.el7_9.tuxcare.els2" src="glib2-2.56.1-9.el7_9.tuxcare.els2.src.rpm" version="2.56.1"> <filename>glib2-static-2.56.1-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">e512fa76e33935b14171e0880bfb3de7e4e07a7a</sum> </package> <package arch="x86_64" epoch="0" name="glib2-tests" release="9.el7_9.tuxcare.els2" src="glib2-2.56.1-9.el7_9.tuxcare.els2.src.rpm" version="2.56.1"> <filename>glib2-tests-2.56.1-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">3efb02cdd3b1dd15ece27989efa933fddc3a2bc9</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1697463947</id> <title>curl: Fix of CVE-2023-38546</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-38546: cookie: remove unnecessary struct fields - Rebuild expired test certificates</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-38546: cookie: remove unnecessary struct fields - Rebuild expired test certificates</summary> <pushcount>0</pushcount> <issued date="2023-10-16 13:45:51 UTC" /> <updated date="2023-10-16 13:45:51 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1697463947.html" id="CLSA-2023:1697463947" title="CLSA-2023:1697463947" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="curl" release="59.el7_9.1.tuxcare.els1" src="curl-7.29.0-59.el7_9.1.tuxcare.els1.src.rpm" version="7.29.0"> <filename>curl-7.29.0-59.el7_9.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">5bf1afaaa96ddb3b00765b7941fd8380ed99d233</sum> </package> <package arch="i686" epoch="0" name="libcurl" release="59.el7_9.1.tuxcare.els1" src="curl-7.29.0-59.el7_9.1.tuxcare.els1.src.rpm" version="7.29.0"> <filename>libcurl-7.29.0-59.el7_9.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">0047b200928a6c2e141841317caa5ea0e8e7e9b5</sum> </package> <package arch="x86_64" epoch="0" name="libcurl" release="59.el7_9.1.tuxcare.els1" src="curl-7.29.0-59.el7_9.1.tuxcare.els1.src.rpm" version="7.29.0"> <filename>libcurl-7.29.0-59.el7_9.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">19a25bf0acee34803687097da4d59ead48a97eb4</sum> </package> <package arch="i686" epoch="0" name="libcurl-devel" release="59.el7_9.1.tuxcare.els1" src="curl-7.29.0-59.el7_9.1.tuxcare.els1.src.rpm" version="7.29.0"> <filename>libcurl-devel-7.29.0-59.el7_9.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">83199959cbdbd2ff4be735bfb1b3abf7ba9fd2d9</sum> </package> <package arch="x86_64" epoch="0" name="libcurl-devel" release="59.el7_9.1.tuxcare.els1" src="curl-7.29.0-59.el7_9.1.tuxcare.els1.src.rpm" version="7.29.0"> <filename>libcurl-devel-7.29.0-59.el7_9.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">fedbc5eb1c9f0ef1360342abdc82292a3a6dd404</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1697464069</id> <title>python: Fix of CVE-2022-48566</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-48566: Make compare_digest more constant-time</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-48566: Make compare_digest more constant-time</summary> <pushcount>0</pushcount> <issued date="2023-10-16 13:47:53 UTC" /> <updated date="2023-10-16 13:47:53 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1697464069.html" id="CLSA-2023:1697464069" title="CLSA-2023:1697464069" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="python" release="92.el7_9.tuxcare.els2" src="python-2.7.5-92.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">93e1e91e9536ad44e7caeb3cdaea00707b8a98cb</sum> </package> <package arch="x86_64" epoch="0" name="python-debug" release="92.el7_9.tuxcare.els2" src="python-2.7.5-92.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-debug-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">a48ce581e1852f5d8120b965b57747e1d8301e0a</sum> </package> <package arch="x86_64" epoch="0" name="python-devel" release="92.el7_9.tuxcare.els2" src="python-2.7.5-92.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-devel-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">398f57daa0a252080cba3067df218d9acbc0326d</sum> </package> <package arch="i686" epoch="0" name="python-libs" release="92.el7_9.tuxcare.els2" src="python-2.7.5-92.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-92.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">47d73e54648b1b16c78c62657a3aa3e107836045</sum> </package> <package arch="x86_64" epoch="0" name="python-libs" release="92.el7_9.tuxcare.els2" src="python-2.7.5-92.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">a263b5aa40ad27cb0e5dda090b71714637237a17</sum> </package> <package arch="x86_64" epoch="0" name="python-test" release="92.el7_9.tuxcare.els2" src="python-2.7.5-92.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-test-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">0b0f1378e0f7066d9cfe1086311bdd1e3780642f</sum> </package> <package arch="x86_64" epoch="0" name="python-tools" release="92.el7_9.tuxcare.els2" src="python-2.7.5-92.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-tools-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">852d85cfa2834b111718757635a9b4e8b17a76f9</sum> </package> <package arch="x86_64" epoch="0" name="tkinter" release="92.el7_9.tuxcare.els2" src="python-2.7.5-92.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>tkinter-2.7.5-92.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">15bc277e37fac2a18be809181a113a22fd8c14d2</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1697464186</id> <title>sysstat: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-39377: check an overflow and exit if it be - CVE-2023-33204: fix possible buffer overflow in an incomplete fix for CVE-2022-39377</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-39377: check an overflow and exit if it be - CVE-2023-33204: fix possible buffer overflow in an incomplete fix for CVE-2022-39377</summary> <pushcount>0</pushcount> <issued date="2023-10-16 13:49:50 UTC" /> <updated date="2023-10-16 13:49:50 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1697464186.html" id="CLSA-2023:1697464186" title="CLSA-2023:1697464186" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="sysstat" release="20.el7_9.tuxcare.els1" src="sysstat-10.1.5-20.el7_9.tuxcare.els1.src.rpm" version="10.1.5"> <filename>sysstat-10.1.5-20.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">480369f6523658531baa8f5895f4aaa1484f82b5</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1697739575</id> <title>python3: Fix of 4 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-3737: Fix http client infinite line reading (DoS) after a HTTP 100 Continue - CVE-2021-28861: Fix an open redirection vulnerability in http.server - CVE-2022-0391: Make urllib.parse sanitize urls containing ASCII newline and tabs - CVE-2022-45061: Fix quadratic time idna decoding</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-3737: Fix http client infinite line reading (DoS) after a HTTP 100 Continue - CVE-2021-28861: Fix an open redirection vulnerability in http.server - CVE-2022-0391: Make urllib.parse sanitize urls containing ASCII newline and tabs - CVE-2022-45061: Fix quadratic time idna decoding</summary> <pushcount>0</pushcount> <issued date="2023-10-19 18:19:40 UTC" /> <updated date="2023-10-19 18:19:40 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1697739575.html" id="CLSA-2023:1697739575" title="CLSA-2023:1697739575" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="python3" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-3.6.8-19.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha">3a9f843d4a1d72ef21645655e0ec2d45cb0eb168</sum> </package> <package arch="x86_64" epoch="0" name="python3" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-3.6.8-19.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">836e1f59189ef2a0965ea411bb87cec0d38ec294</sum> </package> <package arch="i686" epoch="0" name="python3-debug" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-19.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha">116f697c9b00f5e4348d30e34b661f2c861ebe97</sum> </package> <package arch="x86_64" epoch="0" name="python3-debug" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-19.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">7ca60e05e62f1a2f0de9857441ef76192eba4036</sum> </package> <package arch="i686" epoch="0" name="python3-devel" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-19.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha">638289003e5c0a4cd06e97c074cb1265eeba615f</sum> </package> <package arch="x86_64" epoch="0" name="python3-devel" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-19.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">5425fe6abed15fffea07f2490b1a82f265471b33</sum> </package> <package arch="i686" epoch="0" name="python3-idle" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-19.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha">571d17b3dc9beb1ae4ae5d7207e487c759735aaf</sum> </package> <package arch="x86_64" epoch="0" name="python3-idle" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-19.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">3ab993eb231d037e4e38a1b5ca072bb88f1d448a</sum> </package> <package arch="i686" epoch="0" name="python3-libs" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-19.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha">cbe0a1b7689d82e8264b0e60fb8e55879fc24f25</sum> </package> <package arch="x86_64" epoch="0" name="python3-libs" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-19.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">bf75827c2cc2110826cf42c8992b3c188619bf8c</sum> </package> <package arch="i686" epoch="0" name="python3-test" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-19.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha">4c6185cc86ccdc4e951f3f8376b0f07ddc6a24a3</sum> </package> <package arch="x86_64" epoch="0" name="python3-test" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-19.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">b03a13d161add2d5e54bb12f3ed5bfab46d82c6c</sum> </package> <package arch="i686" epoch="0" name="python3-tkinter" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-19.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha">38e44754b55d7280ec9246c1055f18d98076a994</sum> </package> <package arch="x86_64" epoch="0" name="python3-tkinter" release="19.el7.tuxcare.els2" src="python3-3.6.8-19.el7.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-19.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">73ce38d5a37dd46a31b7e9f76c1c6c08c8fdd87e</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1697739734</id> <title>python: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-45061: fix quadratic time idna decoding - CVE-2021-3737: fix http client infinite line reading (DoS) after a HTTP 100 Continue</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-45061: fix quadratic time idna decoding - CVE-2021-3737: fix http client infinite line reading (DoS) after a HTTP 100 Continue</summary> <pushcount>0</pushcount> <issued date="2023-10-19 18:22:18 UTC" /> <updated date="2023-10-19 18:22:18 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1697739734.html" id="CLSA-2023:1697739734" title="CLSA-2023:1697739734" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="python" release="92.el7_9.tuxcare.els3" src="python-2.7.5-92.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">a9426def5f17f926f28a68396868c56774389a10</sum> </package> <package arch="x86_64" epoch="0" name="python-debug" release="92.el7_9.tuxcare.els3" src="python-2.7.5-92.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-debug-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">5b67e92fe71cd8470f16e6fbaf634b6b4054cf22</sum> </package> <package arch="x86_64" epoch="0" name="python-devel" release="92.el7_9.tuxcare.els3" src="python-2.7.5-92.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-devel-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">bf10ca97c5b76d47c88bdfef06596d85233b1342</sum> </package> <package arch="i686" epoch="0" name="python-libs" release="92.el7_9.tuxcare.els3" src="python-2.7.5-92.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-92.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha">fbed06bcd7b232d1a51399809425e00930da9903</sum> </package> <package arch="x86_64" epoch="0" name="python-libs" release="92.el7_9.tuxcare.els3" src="python-2.7.5-92.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">d5aef9f838e8f45cbe1c420ebe72d615d77b50bc</sum> </package> <package arch="x86_64" epoch="0" name="python-test" release="92.el7_9.tuxcare.els3" src="python-2.7.5-92.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-test-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">c729c328ce22635d53e3d67ff254587b78f58e96</sum> </package> <package arch="x86_64" epoch="0" name="python-tools" release="92.el7_9.tuxcare.els3" src="python-2.7.5-92.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-tools-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">511280c2057bf8eced73b4fedb177886c1d78421</sum> </package> <package arch="x86_64" epoch="0" name="tkinter" release="92.el7_9.tuxcare.els3" src="python-2.7.5-92.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>tkinter-2.7.5-92.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">160e520dfcd88b86ef6188f739a57255e0ee4cfb</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1697741309</id> <title>python3: Fix of CVE-2022-48560</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-48560: fix posible crash in heapq with custom comparison operators</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-48560: fix posible crash in heapq with custom comparison operators</summary> <pushcount>0</pushcount> <issued date="2023-10-19 18:48:34 UTC" /> <updated date="2023-10-19 18:48:34 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1697741309.html" id="CLSA-2023:1697741309" title="CLSA-2023:1697741309" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="python3" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-3.6.8-19.el7.tuxcare.els3.i686.rpm</filename> <sum type="sha">100c44f6d5a99b08a9718fd343a9a3103a4ce110</sum> </package> <package arch="x86_64" epoch="0" name="python3" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-3.6.8-19.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">660fa8d678e05c73c8f8ebe733c4619ca7ef3033</sum> </package> <package arch="i686" epoch="0" name="python3-debug" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-19.el7.tuxcare.els3.i686.rpm</filename> <sum type="sha">e4f10dc7ca9ecd4d15203af04c4bb32d4e7a8985</sum> </package> <package arch="x86_64" epoch="0" name="python3-debug" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-19.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">3788ddf57dc6dc7100ce9ed9b8603f0ada1775a6</sum> </package> <package arch="i686" epoch="0" name="python3-devel" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-19.el7.tuxcare.els3.i686.rpm</filename> <sum type="sha">732cc2ac6c7e114a2ca239c6fbac230b87eb8d92</sum> </package> <package arch="x86_64" epoch="0" name="python3-devel" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-19.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">2e8c369467bea663f70d865771172263d56a5924</sum> </package> <package arch="i686" epoch="0" name="python3-idle" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-19.el7.tuxcare.els3.i686.rpm</filename> <sum type="sha">9d2d920dee7b4a0d1ab37a3f485a1c1000c78c86</sum> </package> <package arch="x86_64" epoch="0" name="python3-idle" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-19.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">9cef7593f0fe578d4a7feeadee80ee9bbdf05577</sum> </package> <package arch="i686" epoch="0" name="python3-libs" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-19.el7.tuxcare.els3.i686.rpm</filename> <sum type="sha">0377da7f61f1ca57ab28c5c87e7f4717f32a3d81</sum> </package> <package arch="x86_64" epoch="0" name="python3-libs" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-19.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">672da5c6d86218aea45f5228ef90ba2a1b520feb</sum> </package> <package arch="i686" epoch="0" name="python3-test" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-19.el7.tuxcare.els3.i686.rpm</filename> <sum type="sha">4e1f1690095fe24ac39c8db71bb9c6863242ec69</sum> </package> <package arch="x86_64" epoch="0" name="python3-test" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-19.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">45100434fcdaa75b17b9abb5f3e6c8152063c9ee</sum> </package> <package arch="i686" epoch="0" name="python3-tkinter" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-19.el7.tuxcare.els3.i686.rpm</filename> <sum type="sha">49b88f55c68e1d5777b4aa9c3848eaf592af91e9</sum> </package> <package arch="x86_64" epoch="0" name="python3-tkinter" release="19.el7.tuxcare.els3" src="python3-3.6.8-19.el7.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-19.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">4da70700291ed710983e4385d4875158a24a4861</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1697816385</id> <title>curl: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-27782: check additional TLS or SSH connection parameters that should have prohibited connection reuse - CVE-2023-27534: fix SFTP path '~' resolving discrepancy - fix read off end of array for SCP home directory case</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-27782: check additional TLS or SSH connection parameters that should have prohibited connection reuse - CVE-2023-27534: fix SFTP path '~' resolving discrepancy - fix read off end of array for SCP home directory case</summary> <pushcount>0</pushcount> <issued date="2023-10-20 15:39:49 UTC" /> <updated date="2023-10-20 15:39:49 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1697816385.html" id="CLSA-2023:1697816385" title="CLSA-2023:1697816385" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="curl" release="59.el7_9.1.tuxcare.els2" src="curl-7.29.0-59.el7_9.1.tuxcare.els2.src.rpm" version="7.29.0"> <filename>curl-7.29.0-59.el7_9.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">c6b8cd1d033f66ec092dd6ec364d6e1bb22b513e</sum> </package> <package arch="i686" epoch="0" name="libcurl" release="59.el7_9.1.tuxcare.els2" src="curl-7.29.0-59.el7_9.1.tuxcare.els2.src.rpm" version="7.29.0"> <filename>libcurl-7.29.0-59.el7_9.1.tuxcare.els2.i686.rpm</filename> <sum type="sha">d779dd419635c2558f2f45cbac233ca2659ff107</sum> </package> <package arch="x86_64" epoch="0" name="libcurl" release="59.el7_9.1.tuxcare.els2" src="curl-7.29.0-59.el7_9.1.tuxcare.els2.src.rpm" version="7.29.0"> <filename>libcurl-7.29.0-59.el7_9.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">7e7587538c86987f9c8a0b96915525a5e013ab09</sum> </package> <package arch="i686" epoch="0" name="libcurl-devel" release="59.el7_9.1.tuxcare.els2" src="curl-7.29.0-59.el7_9.1.tuxcare.els2.src.rpm" version="7.29.0"> <filename>libcurl-devel-7.29.0-59.el7_9.1.tuxcare.els2.i686.rpm</filename> <sum type="sha">a696267b1ffa00bc5dfa92272e487a1bdf77e189</sum> </package> <package arch="x86_64" epoch="0" name="libcurl-devel" release="59.el7_9.1.tuxcare.els2" src="curl-7.29.0-59.el7_9.1.tuxcare.els2.src.rpm" version="7.29.0"> <filename>libcurl-devel-7.29.0-59.el7_9.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">d8fe927577f34acaf86d37f68430ef4dcc3e21d3</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1697816511</id> <title>python: Fix of CVE-2022-48560</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-48560: Fix SIGSEGV in Python via heappushpop in heapq</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-48560: Fix SIGSEGV in Python via heappushpop in heapq</summary> <pushcount>0</pushcount> <issued date="2023-10-20 15:41:55 UTC" /> <updated date="2023-10-20 15:41:55 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1697816511.html" id="CLSA-2023:1697816511" title="CLSA-2023:1697816511" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="python" release="92.el7_9.tuxcare.els4" src="python-2.7.5-92.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">ebe3aaa883d646e63e233a992dec5ab7ed596bb6</sum> </package> <package arch="x86_64" epoch="0" name="python-debug" release="92.el7_9.tuxcare.els4" src="python-2.7.5-92.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-debug-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">e619f1a91f8573b6b17f5869f38f3add902cc0b6</sum> </package> <package arch="x86_64" epoch="0" name="python-devel" release="92.el7_9.tuxcare.els4" src="python-2.7.5-92.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-devel-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">0e74cf9a9587dec08d13cae522d092a266f6a9ab</sum> </package> <package arch="i686" epoch="0" name="python-libs" release="92.el7_9.tuxcare.els4" src="python-2.7.5-92.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-92.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha">4be0057856b95ad2a13905a1340ceb01600cea62</sum> </package> <package arch="x86_64" epoch="0" name="python-libs" release="92.el7_9.tuxcare.els4" src="python-2.7.5-92.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">82b9dba185b3a6d44bc741210c603f7134359217</sum> </package> <package arch="x86_64" epoch="0" name="python-test" release="92.el7_9.tuxcare.els4" src="python-2.7.5-92.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-test-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">f86f4061ed4bf7ea6ae8ef2bd2dbd36b94dde6f5</sum> </package> <package arch="x86_64" epoch="0" name="python-tools" release="92.el7_9.tuxcare.els4" src="python-2.7.5-92.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-tools-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">f6e9ca627c3467886c8765196cb0e9d6dfe8c050</sum> </package> <package arch="x86_64" epoch="0" name="tkinter" release="92.el7_9.tuxcare.els4" src="python-2.7.5-92.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>tkinter-2.7.5-92.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">744288fb35ee3dd2a824673954381aff5219e07f</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1698180296</id> <title>zlib: Fix of CVE-2023-45853</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-45853: Reject overflows of zip header fields in minizip</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-45853: Reject overflows of zip header fields in minizip</summary> <pushcount>0</pushcount> <issued date="2023-10-24 20:45:01 UTC" /> <updated date="2023-10-24 20:45:01 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1698180296.html" id="CLSA-2023:1698180296" title="CLSA-2023:1698180296" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="minizip" release="21.el7.tuxcare.els1" src="zlib-1.2.7-21.el7.tuxcare.els1.src.rpm" version="1.2.7"> <filename>minizip-1.2.7-21.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">b001a6bad36b4fd28ceb9858b89bfa6e74357c65</sum> </package> <package arch="x86_64" epoch="0" name="minizip" release="21.el7.tuxcare.els1" src="zlib-1.2.7-21.el7.tuxcare.els1.src.rpm" version="1.2.7"> <filename>minizip-1.2.7-21.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">a9f30b0fe736a6c6e19c4a085c3d6076053f2b2f</sum> </package> <package arch="i686" epoch="0" name="minizip-devel" release="21.el7.tuxcare.els1" src="zlib-1.2.7-21.el7.tuxcare.els1.src.rpm" version="1.2.7"> <filename>minizip-devel-1.2.7-21.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">e061263e340be843d2c801420730339d1cc430b1</sum> </package> <package arch="x86_64" epoch="0" name="minizip-devel" release="21.el7.tuxcare.els1" src="zlib-1.2.7-21.el7.tuxcare.els1.src.rpm" version="1.2.7"> <filename>minizip-devel-1.2.7-21.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f27d2afe6b5495815868dcbcb023b79ee6d38f65</sum> </package> <package arch="i686" epoch="0" name="zlib" release="21.el7.tuxcare.els1" src="zlib-1.2.7-21.el7.tuxcare.els1.src.rpm" version="1.2.7"> <filename>zlib-1.2.7-21.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">18668ec89b1894995751a0301f0c3f653d94a1b7</sum> </package> <package arch="x86_64" epoch="0" name="zlib" release="21.el7.tuxcare.els1" src="zlib-1.2.7-21.el7.tuxcare.els1.src.rpm" version="1.2.7"> <filename>zlib-1.2.7-21.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7cc0349a1850f2a3fcfc8f2252736347db84500e</sum> </package> <package arch="i686" epoch="0" name="zlib-devel" release="21.el7.tuxcare.els1" src="zlib-1.2.7-21.el7.tuxcare.els1.src.rpm" version="1.2.7"> <filename>zlib-devel-1.2.7-21.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">1585906c9c773738177d01b8530140383231be1b</sum> </package> <package arch="x86_64" epoch="0" name="zlib-devel" release="21.el7.tuxcare.els1" src="zlib-1.2.7-21.el7.tuxcare.els1.src.rpm" version="1.2.7"> <filename>zlib-devel-1.2.7-21.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">2716756879c36019ff4dd28274b9900de39aa4ed</sum> </package> <package arch="i686" epoch="0" name="zlib-static" release="21.el7.tuxcare.els1" src="zlib-1.2.7-21.el7.tuxcare.els1.src.rpm" version="1.2.7"> <filename>zlib-static-1.2.7-21.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">3e9f44673bb62f7fbec4cf0e10adaa5f9ce67bcf</sum> </package> <package arch="x86_64" epoch="0" name="zlib-static" release="21.el7.tuxcare.els1" src="zlib-1.2.7-21.el7.tuxcare.els1.src.rpm" version="1.2.7"> <filename>zlib-static-1.2.7-21.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">d7d52fee9377e2d94e79c533071d8b19bfa5e07f</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1698312967</id> <title>perl: Fix of CVE-2023-31484</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-31484: add verify_SSL=>1 to HTTP::Tiny to verify https server identity</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-31484: add verify_SSL=>1 to HTTP::Tiny to verify https server identity</summary> <pushcount>0</pushcount> <issued date="2023-10-26 09:36:11 UTC" /> <updated date="2023-10-26 09:36:11 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1698312967.html" id="CLSA-2023:1698312967" title="CLSA-2023:1698312967" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="4" name="perl" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="5.16.3"> <filename>perl-5.16.3-299.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">caf09945a7a3a458f2d847dcb9e6f0f6870e1201</sum> </package> <package arch="noarch" epoch="0" name="perl-CPAN" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="1.9800"> <filename>perl-CPAN-1.9800-299.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">106277248b4fff2fbb68a24811f10e498ee0e1a4</sum> </package> <package arch="noarch" epoch="1" name="perl-ExtUtils-CBuilder" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="0.28.2.6"> <filename>perl-ExtUtils-CBuilder-0.28.2.6-299.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">8dc59965712f88066d2b0e4b6b9cf6cf4c24a9e5</sum> </package> <package arch="noarch" epoch="0" name="perl-ExtUtils-Embed" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="1.30"> <filename>perl-ExtUtils-Embed-1.30-299.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">7f58a07bf0c6340d63d47233cb5fbd9667a595bf</sum> </package> <package arch="noarch" epoch="0" name="perl-ExtUtils-Install" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="1.58"> <filename>perl-ExtUtils-Install-1.58-299.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">0eabc5ab6bd28b35ab71b2973fb1e5306df9b33a</sum> </package> <package arch="noarch" epoch="1" name="perl-IO-Zlib" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="1.10"> <filename>perl-IO-Zlib-1.10-299.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">a330e86163c2100277c9a83198eb1b801be3e670</sum> </package> <package arch="noarch" epoch="1" name="perl-Locale-Maketext-Simple" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="0.21"> <filename>perl-Locale-Maketext-Simple-0.21-299.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">c52adc55e97ad656a0a443d748951e15241468eb</sum> </package> <package arch="noarch" epoch="1" name="perl-Module-CoreList" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="2.76.02"> <filename>perl-Module-CoreList-2.76.02-299.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">220a1e762557a2e60e0aca8720585160582696d6</sum> </package> <package arch="noarch" epoch="1" name="perl-Module-Loaded" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="0.08"> <filename>perl-Module-Loaded-0.08-299.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">607113ca2152e7660b365294805c1868cde5af63</sum> </package> <package arch="noarch" epoch="1" name="perl-Object-Accessor" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="0.42"> <filename>perl-Object-Accessor-0.42-299.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">75ff6e66a43b1830b68c6e98ce222d325bf75ab8</sum> </package> <package arch="noarch" epoch="1" name="perl-Package-Constants" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="0.02"> <filename>perl-Package-Constants-0.02-299.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">bd3501bb0368dfa36abbfda904c8c980fd2b30e0</sum> </package> <package arch="noarch" epoch="1" name="perl-Pod-Escapes" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="1.04"> <filename>perl-Pod-Escapes-1.04-299.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">39941d0a1a4d9fc20e089385b0eb531638ae0346</sum> </package> <package arch="x86_64" epoch="0" name="perl-Time-Piece" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="1.20.1"> <filename>perl-Time-Piece-1.20.1-299.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0f5ee2c9e5d070f377c346f85023d7ad6f760dfa</sum> </package> <package arch="x86_64" epoch="0" name="perl-core" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="5.16.3"> <filename>perl-core-5.16.3-299.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b7809b3bb4e5ee878d83b2a9e7239b57bbe08b87</sum> </package> <package arch="i686" epoch="4" name="perl-devel" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="5.16.3"> <filename>perl-devel-5.16.3-299.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">17b15007c56ad917786cdbdf8402b5f789bd3e54</sum> </package> <package arch="x86_64" epoch="4" name="perl-devel" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="5.16.3"> <filename>perl-devel-5.16.3-299.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">d4b372ff51bed03b24b43196250e33c93a328a90</sum> </package> <package arch="i686" epoch="4" name="perl-libs" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="5.16.3"> <filename>perl-libs-5.16.3-299.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">218de637bf0206ddf47bb586c86d4aa5c7156bca</sum> </package> <package arch="x86_64" epoch="4" name="perl-libs" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="5.16.3"> <filename>perl-libs-5.16.3-299.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0fe8aeccb4d6292c793c28c3cf9d5e4b51da32cb</sum> </package> <package arch="x86_64" epoch="4" name="perl-macros" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="5.16.3"> <filename>perl-macros-5.16.3-299.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">74bbbcdfb15c572056bc25e599498638c0a0fe98</sum> </package> <package arch="x86_64" epoch="4" name="perl-tests" release="299.el7_9.tuxcare.els1" src="perl-5.16.3-299.el7_9.tuxcare.els1.src.rpm" version="5.16.3"> <filename>perl-tests-5.16.3-299.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b5ad450e277959709d1d3ceb7ab3236d9cd84a35</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1698690423</id> <title>systemd: Fix of CVE-2023-26604</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-26604: use only less as a pager and restrict its functionality (e.g stop running external shell) unless environment variable SYSTEMD_PAGERSECURE is defined</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-26604: use only less as a pager and restrict its functionality (e.g stop running external shell) unless environment variable SYSTEMD_PAGERSECURE is defined</summary> <pushcount>0</pushcount> <issued date="2023-10-30 18:27:08 UTC" /> <updated date="2023-10-30 18:27:08 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1698690423.html" id="CLSA-2023:1698690423" title="CLSA-2023:1698690423" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libgudev1" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>libgudev1-219-78.el7_9.7.tuxcare.els1.i686.rpm</filename> <sum type="sha">3f733a97866dc4d51901483e086d8fc0a3fa169f</sum> </package> <package arch="x86_64" epoch="0" name="libgudev1" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>libgudev1-219-78.el7_9.7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">cc4d2489ba001aba7bd0442f33419093e481fc11</sum> </package> <package arch="i686" epoch="0" name="libgudev1-devel" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>libgudev1-devel-219-78.el7_9.7.tuxcare.els1.i686.rpm</filename> <sum type="sha">669d4ce1aec4fcef2420b8f9e3da88fd097c800b</sum> </package> <package arch="x86_64" epoch="0" name="libgudev1-devel" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>libgudev1-devel-219-78.el7_9.7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">81f97eef29880b35b821dd3d76e234e036b0a2ea</sum> </package> <package arch="x86_64" epoch="0" name="systemd" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>systemd-219-78.el7_9.7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">1cb6cf6500d83932e2eff2d835892d753a95dfe2</sum> </package> <package arch="i686" epoch="0" name="systemd-devel" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>systemd-devel-219-78.el7_9.7.tuxcare.els1.i686.rpm</filename> <sum type="sha">480c54313409aaba5a47e3cc104f54f707d26048</sum> </package> <package arch="x86_64" epoch="0" name="systemd-devel" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>systemd-devel-219-78.el7_9.7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">592f51061240820ea951d15bfd20ba778628fafb</sum> </package> <package arch="x86_64" epoch="0" name="systemd-journal-gateway" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>systemd-journal-gateway-219-78.el7_9.7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">602a84352916078f23d9878e048ec0558a4f9ecc</sum> </package> <package arch="i686" epoch="0" name="systemd-libs" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>systemd-libs-219-78.el7_9.7.tuxcare.els1.i686.rpm</filename> <sum type="sha">5b96068e0effdb9c2c17c42f64521df5f7575a2e</sum> </package> <package arch="x86_64" epoch="0" name="systemd-libs" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>systemd-libs-219-78.el7_9.7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">4cffa90aac744e0df6e46d8994b1f646d124aac6</sum> </package> <package arch="x86_64" epoch="0" name="systemd-networkd" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>systemd-networkd-219-78.el7_9.7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">923b830450f3d478561ecd934982869ee289d9fb</sum> </package> <package arch="x86_64" epoch="0" name="systemd-python" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>systemd-python-219-78.el7_9.7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">fbb2651f98afab35ac5aaaedc9e839e826356fc0</sum> </package> <package arch="i686" epoch="0" name="systemd-resolved" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>systemd-resolved-219-78.el7_9.7.tuxcare.els1.i686.rpm</filename> <sum type="sha">35631a78a8dbf506eecfe3c5038ec2c5873e23cd</sum> </package> <package arch="x86_64" epoch="0" name="systemd-resolved" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>systemd-resolved-219-78.el7_9.7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9db1ac9c5c9d4bac544508b714c74549de11e883</sum> </package> <package arch="x86_64" epoch="0" name="systemd-sysv" release="78.el7_9.7.tuxcare.els1" src="systemd-219-78.el7_9.7.tuxcare.els1.src.rpm" version="219"> <filename>systemd-sysv-219-78.el7_9.7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">20d904b6eb36be0d3ccef5ee094bf92175167fd3</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1698945053</id> <title>libgcrypt: Fix of 4 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2013-4576: Normalize the MPIs to prevent possible side-channel attacks - CVE-2014-3591: Use ciphertext blinding for Elgamal to prevent possible side-channel attacks - CVE-2021-33560: Use of smaller K for ephemeral key in ElGamal prevent generation of weak keys - CVE-2021-40528: Add exponent blinding as well to mitigate side-channel attack on mpi_powm - tests: Add a benchmark for Elgamal</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2013-4576: Normalize the MPIs to prevent possible side-channel attacks - CVE-2014-3591: Use ciphertext blinding for Elgamal to prevent possible side-channel attacks - CVE-2021-33560: Use of smaller K for ephemeral key in ElGamal prevent generation of weak keys - CVE-2021-40528: Add exponent blinding as well to mitigate side-channel attack on mpi_powm - tests: Add a benchmark for Elgamal</summary> <pushcount>0</pushcount> <issued date="2023-11-02 17:10:57 UTC" /> <updated date="2023-11-02 17:10:57 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1698945053.html" id="CLSA-2023:1698945053" title="CLSA-2023:1698945053" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libgcrypt" release="14.el7.tuxcare.els1" src="libgcrypt-1.5.3-14.el7.tuxcare.els1.src.rpm" version="1.5.3"> <filename>libgcrypt-1.5.3-14.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">f8497ed9d31f9974715a42a721e0a6877b809950</sum> </package> <package arch="x86_64" epoch="0" name="libgcrypt" release="14.el7.tuxcare.els1" src="libgcrypt-1.5.3-14.el7.tuxcare.els1.src.rpm" version="1.5.3"> <filename>libgcrypt-1.5.3-14.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0e7241b1a1b53774b334f4fe6f9f98f54213c8eb</sum> </package> <package arch="i686" epoch="0" name="libgcrypt-devel" release="14.el7.tuxcare.els1" src="libgcrypt-1.5.3-14.el7.tuxcare.els1.src.rpm" version="1.5.3"> <filename>libgcrypt-devel-1.5.3-14.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">ea176ccdf06315d8724a3a3855383149a10bf5c1</sum> </package> <package arch="x86_64" epoch="0" name="libgcrypt-devel" release="14.el7.tuxcare.els1" src="libgcrypt-1.5.3-14.el7.tuxcare.els1.src.rpm" version="1.5.3"> <filename>libgcrypt-devel-1.5.3-14.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">242b8feb95b6795d19a51de8ebe1ffb9b80ebac5</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1698945913</id> <title>python3: Fix of CVE-2020-26116</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2020-26116: prevent header injection in http methods</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2020-26116: prevent header injection in http methods</summary> <pushcount>0</pushcount> <issued date="2023-11-02 17:25:18 UTC" /> <updated date="2023-11-02 17:25:18 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1698945913.html" id="CLSA-2023:1698945913" title="CLSA-2023:1698945913" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="python3" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-3.6.8-19.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha">6ceaa21ae5b2e6b18c27dd8578e4e6741d2a7339</sum> </package> <package arch="x86_64" epoch="0" name="python3" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">c6b97d996a30ae3b8dcff12f3c552454950c4bb1</sum> </package> <package arch="i686" epoch="0" name="python3-debug" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-19.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha">dcec123dc0d050735a00c1abafec2e2d64213be6</sum> </package> <package arch="x86_64" epoch="0" name="python3-debug" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">4e41aaff50e907720f26dccc54b5600f67648e8b</sum> </package> <package arch="i686" epoch="0" name="python3-devel" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-19.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha">792b881b47f78b627f45eb1e1ebc721e242f9b95</sum> </package> <package arch="x86_64" epoch="0" name="python3-devel" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">26e81e4a4d564dad7fd1a0612992422bea8da27c</sum> </package> <package arch="i686" epoch="0" name="python3-idle" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-19.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha">a63b949a95b82c85d2af43f3ca307014a429a5ec</sum> </package> <package arch="x86_64" epoch="0" name="python3-idle" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">e869849fc3d2586d215c9985b7be212b5d7219b8</sum> </package> <package arch="i686" epoch="0" name="python3-libs" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-19.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha">b14c35d228844ea4ca467eb85364736398ec3ecb</sum> </package> <package arch="x86_64" epoch="0" name="python3-libs" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">4f79abb1a3a8f6bd33b3548d5ace06caafb071c1</sum> </package> <package arch="i686" epoch="0" name="python3-test" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-19.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha">123cd4d16c683beca0be5e1d63cd3586252827f8</sum> </package> <package arch="x86_64" epoch="0" name="python3-test" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">bc293286458e878224e70ff855e7e6b97bec07fc</sum> </package> <package arch="i686" epoch="0" name="python3-tkinter" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-19.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha">2d5443a2aff47f1bb6db29d7ba04db51bc5df1ce</sum> </package> <package arch="x86_64" epoch="0" name="python3-tkinter" release="19.el7_9.tuxcare.els4" src="python3-3.6.8-19.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-19.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">73423b4dc7473ac268028e59ea9909586b293353</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1698946014</id> <title>sqlite: Fix of CVE-2022-35737</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-35737: increase the size of loop variables in the printf() implementation</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-35737: increase the size of loop variables in the printf() implementation</summary> <pushcount>0</pushcount> <issued date="2023-11-02 17:26:59 UTC" /> <updated date="2023-11-02 17:26:59 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1698946014.html" id="CLSA-2023:1698946014" title="CLSA-2023:1698946014" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="lemon" release="8.el7_7.1.tuxcare.els1" src="sqlite-3.7.17-8.el7_7.1.tuxcare.els1.src.rpm" version="3.7.17"> <filename>lemon-3.7.17-8.el7_7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">de22a512bfe3a451f976fe9de52c3999c0c7a45c</sum> </package> <package arch="i686" epoch="0" name="sqlite" release="8.el7_7.1.tuxcare.els1" src="sqlite-3.7.17-8.el7_7.1.tuxcare.els1.src.rpm" version="3.7.17"> <filename>sqlite-3.7.17-8.el7_7.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">a938bf9e568ddfaee179564b7799a18c7e696a41</sum> </package> <package arch="x86_64" epoch="0" name="sqlite" release="8.el7_7.1.tuxcare.els1" src="sqlite-3.7.17-8.el7_7.1.tuxcare.els1.src.rpm" version="3.7.17"> <filename>sqlite-3.7.17-8.el7_7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f6717a7214ea5935dbab3aedca462c5407704e91</sum> </package> <package arch="i686" epoch="0" name="sqlite-devel" release="8.el7_7.1.tuxcare.els1" src="sqlite-3.7.17-8.el7_7.1.tuxcare.els1.src.rpm" version="3.7.17"> <filename>sqlite-devel-3.7.17-8.el7_7.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">c005f36aacfa24ae5ef2655bfa3356d50842367c</sum> </package> <package arch="x86_64" epoch="0" name="sqlite-devel" release="8.el7_7.1.tuxcare.els1" src="sqlite-3.7.17-8.el7_7.1.tuxcare.els1.src.rpm" version="3.7.17"> <filename>sqlite-devel-3.7.17-8.el7_7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">c31e8e8733ec0eb8785b6e08fdf09dd87cc3c540</sum> </package> <package arch="noarch" epoch="0" name="sqlite-doc" release="8.el7_7.1.tuxcare.els1" src="sqlite-3.7.17-8.el7_7.1.tuxcare.els1.src.rpm" version="3.7.17"> <filename>sqlite-doc-3.7.17-8.el7_7.1.tuxcare.els1.noarch.rpm</filename> <sum type="sha">806f7df903ec00725b1cc3ad22731d944f3dd7fa</sum> </package> <package arch="x86_64" epoch="0" name="sqlite-tcl" release="8.el7_7.1.tuxcare.els1" src="sqlite-3.7.17-8.el7_7.1.tuxcare.els1.src.rpm" version="3.7.17"> <filename>sqlite-tcl-3.7.17-8.el7_7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7c89a6090c54d668ff59f58ed6327e488ee8ec86</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1698949696</id> <title>httpd: Fix of CVE-2023-31122</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-31122: mod_macro: Fix out-of-bounds read vulnerability by using own strncmp function</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-31122: mod_macro: Fix out-of-bounds read vulnerability by using own strncmp function</summary> <pushcount>0</pushcount> <issued date="2023-11-02 18:28:20 UTC" /> <updated date="2023-11-02 18:28:20 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1698949696.html" id="CLSA-2023:1698949696" title="CLSA-2023:1698949696" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="httpd" release="99.el7.centos.1.tuxcare.els3" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els3.src.rpm" version="2.4.6"> <filename>httpd-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">1333c75013de20c579b423d1981433e5c86a8a4d</sum> </package> <package arch="x86_64" epoch="0" name="httpd-devel" release="99.el7.centos.1.tuxcare.els3" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els3.src.rpm" version="2.4.6"> <filename>httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">64b1815668be41f36d74c4323186d11d939dfa2e</sum> </package> <package arch="noarch" epoch="0" name="httpd-manual" release="99.el7.centos.1.tuxcare.els3" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els3.src.rpm" version="2.4.6"> <filename>httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els3.noarch.rpm</filename> <sum type="sha">104eb078949f9cb48cbd6af0ea3d4ee1aee12ba0</sum> </package> <package arch="x86_64" epoch="0" name="httpd-tools" release="99.el7.centos.1.tuxcare.els3" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els3.src.rpm" version="2.4.6"> <filename>httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">4cc954d66a5046489d83bc9c7d57da22c804bb98</sum> </package> <package arch="x86_64" epoch="0" name="mod_ldap" release="99.el7.centos.1.tuxcare.els3" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els3.src.rpm" version="2.4.6"> <filename>mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">6c7112ba70003d6c1e07f05875780fcf43e2cb7d</sum> </package> <package arch="x86_64" epoch="1" name="mod_proxy_html" release="99.el7.centos.1.tuxcare.els3" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els3.src.rpm" version="2.4.6"> <filename>mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">7f1b1c5005d3366c35e16ea02011004f299afa5a</sum> </package> <package arch="x86_64" epoch="0" name="mod_session" release="99.el7.centos.1.tuxcare.els3" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els3.src.rpm" version="2.4.6"> <filename>mod_session-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">934934367dcda00aadb42ffb6362b2f9c6dd7591</sum> </package> <package arch="x86_64" epoch="1" name="mod_ssl" release="99.el7.centos.1.tuxcare.els3" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els3.src.rpm" version="2.4.6"> <filename>mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">d5996a9241e2ac1a2b877a17296d9294c9eaa4f6</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1699379448</id> <title>libcap: Fix of CVE-2023-2603</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-2603: integer overflow if the input string is close to 4GiB.</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-2603: integer overflow if the input string is close to 4GiB.</summary> <pushcount>0</pushcount> <issued date="2023-11-07 17:50:52 UTC" /> <updated date="2023-11-07 17:50:52 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1699379448.html" id="CLSA-2023:1699379448" title="CLSA-2023:1699379448" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libcap" release="11.el7.tuxcare.els1" src="libcap-2.22-11.el7.tuxcare.els1.src.rpm" version="2.22"> <filename>libcap-2.22-11.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">dd4440e3053be743806c899672aecb38d0a0a558</sum> </package> <package arch="x86_64" epoch="0" name="libcap" release="11.el7.tuxcare.els1" src="libcap-2.22-11.el7.tuxcare.els1.src.rpm" version="2.22"> <filename>libcap-2.22-11.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">4451119880599fb308a9e298f6df87bf4deebbac</sum> </package> <package arch="i686" epoch="0" name="libcap-devel" release="11.el7.tuxcare.els1" src="libcap-2.22-11.el7.tuxcare.els1.src.rpm" version="2.22"> <filename>libcap-devel-2.22-11.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">f098c98dfcbe287532b9b4f684f6328ccda301e2</sum> </package> <package arch="x86_64" epoch="0" name="libcap-devel" release="11.el7.tuxcare.els1" src="libcap-2.22-11.el7.tuxcare.els1.src.rpm" version="2.22"> <filename>libcap-devel-2.22-11.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f4fa558351fd4ea407d267618f244bb0d8523c99</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1699380056</id> <title>rsync: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2018-25032: fix a bug that can crash deflate on some input when using Z_FIXED - CVE-2022-37434: fix zlib bug with a large gzip header extra field</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2018-25032: fix a bug that can crash deflate on some input when using Z_FIXED - CVE-2022-37434: fix zlib bug with a large gzip header extra field</summary> <pushcount>0</pushcount> <issued date="2023-11-07 18:01:00 UTC" /> <updated date="2023-11-07 18:01:00 UTC" /> <references href="https://errata.cloudlinux.com/centos7-els/CLSA-2023-1699380056.html" id="CLSA-2023:1699380056" title="CLSA-2023:1699380056" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="rsync" release="12.el7_9.tuxcare.els1" src="rsync-3.1.2-12.el7_9.tuxcare.els1.src.rpm" version="3.1.2"> <filename>rsync-3.1.2-12.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">fef3b38615daaa146cab47bc09a687d1cd757380</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1699909692</id> <title>sudo: Fix of CVE-2023-23240</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-23240: Add security checks before using temp files for SELinux RBAC sudoedit</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-23240: Add security checks before using temp files for SELinux RBAC sudoedit</summary> <pushcount>0</pushcount> <issued date="2023-11-13 21:08:16 UTC" /> <updated date="2023-11-13 21:08:16 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2023-1699909692.html" id="CLSA-2023:1699909692" title="CLSA-2023:1699909692" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="sudo" release="10.el7_9.3.tuxcare.els1" src="sudo-1.8.23-10.el7_9.3.tuxcare.els1.src.rpm" version="1.8.23"> <filename>sudo-1.8.23-10.el7_9.3.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">38e5c2ea9d9c0eb9f6f063025aa34ee8b15ceabc</sum> </package> <package arch="i686" epoch="0" name="sudo-devel" release="10.el7_9.3.tuxcare.els1" src="sudo-1.8.23-10.el7_9.3.tuxcare.els1.src.rpm" version="1.8.23"> <filename>sudo-devel-1.8.23-10.el7_9.3.tuxcare.els1.i686.rpm</filename> <sum type="sha">aa5dbb9cb9954b74e59aa655f6ab606c00bac2a8</sum> </package> <package arch="x86_64" epoch="0" name="sudo-devel" release="10.el7_9.3.tuxcare.els1" src="sudo-1.8.23-10.el7_9.3.tuxcare.els1.src.rpm" version="1.8.23"> <filename>sudo-devel-1.8.23-10.el7_9.3.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">4dda7ed55d8c92e6648d70d81407085b0ea8d0e7</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1701444720</id> <title>microcode_ctl: Fix of 4 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Update Intel CPU microcode to microcode-20231114 release, addresses CVE-2022-40982 (INTEL-SA-00828), CVE-2022-41804 (INTEL-SA-00837), CVE-2023-23908 (INTEL-SA-00836), CVE-2023-23583 (INTEL-SA-00950): - Addition of 06-9a-04/0x40 microcode (in 06-9a-04) at revision 0x5; - Addition of 06-ba-02/0xe0 microcode (in 06-ba-02) at revision 0x411c; - Addition of 06-ba-02/0xe0 microcode (in 06-ba-02) at revision 0x411c; - Addition of 06-ba-03/0xe0 microcode (in 06-ba-02) at revision 0x411c; - Addition of 06-ba-02/0xe0 microcode (in 06-ba-03) at revision 0x411c; - Addition of 06-ba-02/0xe0 microcode (in 06-ba-03) at revision 0x411c; - Addition of 06-ba-03/0xe0 microcode (in 06-ba-03) at revision 0x411c; - Addition of 06-be-00/0x11 microcode (in 06-be-00) at revision 0x12; - Removal of 06-ba-02/0xc0 microcode (in 06-ba-02) at revision 0x410e; - Removal of 06-ba-02/0xc0 microcode (in 06-ba-02) at revision 0x410e; - Removal of 06-ba-03/0xc0 microcode (in 06-ba-02) at revision 0x410e; - Removal of 06-ba-02/0xc0 microcode (in 06-ba-03) at revision 0x410e; - Removal of 06-ba-02/0xc0 microcode (in 06-ba-03) at revision 0x410e; - Removal of 06-ba-03/0xc0 microcode (in 06-ba-03) at revision 0x410e; - Update of 06-55-03/0x97 (SKX-SP B1) microcode (in 06-55-03) from revision 0x1000161 up to 0x1000181; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in 06-55-04) from revision 0x2006e05 up to 0x2007006; - Update of 06-55-06/0xbf (CLX-SP B0) microcode (in 06-55-06) from revision 0x4003303 up to 0x4003604; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode (in 06-55-07) from revision 0x5003303 up to 0x5003604; - Update of 06-55-0b/0xbf (CPX-SP A1) microcode (in 06-55-0b) from revision 0x7002503 up to 0x7002703; - Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in 06-6a-06) from revision 0xd000389 up to 0xd0003b9; - Update of 06-6c-01/0x10 (ICL-D B0) microcode (in 06-6c-01) from revision 0x1000211 up to 0x1000268; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in 06-7e-05) from revision 0xb8 up to 0xc2; - Update of 06-8a-01/0x10 (LKF B2/B3) microcode (in 06-8a-01) from revision 0x32 up to 0x33; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in 06-8c-01) from revision 0xa6 up to 0xb4; - Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in 06-8c-02) from revision 0x28 up to 0x34; - Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in 06-8d-01) from revision 0x42 up to 0x4e; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in 06-8e-09) from revision 0xf0 up to 0xf4; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in 06-8e-09) from revision 0xf0 up to 0xf4; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in 06-8e-0a) from revision 0xf0 up to 0xf4; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in 06-8e-0b) from revision 0xf0 up to 0xf4; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in 06-8e-0c) from revision 0xf4 up to 0xf8; - Update of 06-8f-04/0x10 microcode (in 06-8f-04) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-04) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-04) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-04) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-04) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-04) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-04) from revision 0x2b000181 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000170; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000170; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b000181; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b000181; - Update of 06-8f-04/0x10 microcode (in 06-8f-05) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-05) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-05) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-05) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-05) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-05) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-05) from revision 0x2b000181 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000170; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000170; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b000181; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b000181; - Update of 06-8f-04/0x10 microcode (in 06-8f-06) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-06) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-06) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-06) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-06) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-06) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-06) from revision 0x2b000181 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000170; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000170; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b000181; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b000181; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-07) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-07) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-07) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-07) from revision 0x2b000181 up to 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b000181; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b000181; - Update of 06-8f-04/0x10 microcode (in 06-8f-08) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-08) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-08) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-08) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-08) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-08) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-08) from revision 0x2b000181 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000170; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000170; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b000181; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b000181; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x2c; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x2c; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-02) from revision 0x2c up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2c up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2c up to 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x2c; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x2c; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-05) from revision 0x2c up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2c up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2c up to 0x32; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x430; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x430; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x429; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x429; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-03) from revision 0x429 up to 0x430; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x430; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x430; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x429; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x429; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-04) from revision 0x429 up to 0x430; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in 06-9e-09) from revision 0xf0 up to 0xf4; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in 06-9e-0a) from revision 0xf0 up to 0xf4; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in 06-9e-0b) from revision 0xf0 up to 0xf4; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in 06-9e-0c) from revision 0xf0 up to 0xf4; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in 06-9e-0d) from revision 0xf4 up to 0xfa; - Update of 06-a5-02/0x20 (CML-H R1) microcode (in 06-a5-02) from revision 0xf4 up to 0xf8; - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode (in 06-a5-03) from revision 0xf4 up to 0xf8; - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode (in 06-a5-05) from revision 0xf4 up to 0xf8; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode (in 06-a6-00) from revision 0xf4 up to 0xf8; - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode (in 06-a6-01) from revision 0xf4 up to 0xf8; - Update of 06-a7-01/0x02 (RKL-S B0) microcode (in 06-a7-01) from revision 0x57 up to 0x5d; - Update of 06-b7-01/0x32 (RPL-S S0) microcode (in 06-b7-01) from revision 0x112 up to 0x11d; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x2c; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x2c; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-02) from revision 0x2c up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2c up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2c up to 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x2c; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x2c; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-05) from revision 0x2c up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2c up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2c up to 0x32; - gen_update2.py was updated to output strings having restricted length.</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Update Intel CPU microcode to microcode-20231114 release, addresses CVE-2022-40982 (INTEL-SA-00828), CVE-2022-41804 (INTEL-SA-00837), CVE-2023-23908 (INTEL-SA-00836), CVE-2023-23583 (INTEL-SA-00950): - Addition of 06-9a-04/0x40 microcode (in 06-9a-04) at revision 0x5; - Addition of 06-ba-02/0xe0 microcode (in 06-ba-02) at revision 0x411c; - Addition of 06-ba-02/0xe0 microcode (in 06-ba-02) at revision 0x411c; - Addition of 06-ba-03/0xe0 microcode (in 06-ba-02) at revision 0x411c; - Addition of 06-ba-02/0xe0 microcode (in 06-ba-03) at revision 0x411c; - Addition of 06-ba-02/0xe0 microcode (in 06-ba-03) at revision 0x411c; - Addition of 06-ba-03/0xe0 microcode (in 06-ba-03) at revision 0x411c; - Addition of 06-be-00/0x11 microcode (in 06-be-00) at revision 0x12; - Removal of 06-ba-02/0xc0 microcode (in 06-ba-02) at revision 0x410e; - Removal of 06-ba-02/0xc0 microcode (in 06-ba-02) at revision 0x410e; - Removal of 06-ba-03/0xc0 microcode (in 06-ba-02) at revision 0x410e; - Removal of 06-ba-02/0xc0 microcode (in 06-ba-03) at revision 0x410e; - Removal of 06-ba-02/0xc0 microcode (in 06-ba-03) at revision 0x410e; - Removal of 06-ba-03/0xc0 microcode (in 06-ba-03) at revision 0x410e; - Update of 06-55-03/0x97 (SKX-SP B1) microcode (in 06-55-03) from revision 0x1000161 up to 0x1000181; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in 06-55-04) from revision 0x2006e05 up to 0x2007006; - Update of 06-55-06/0xbf (CLX-SP B0) microcode (in 06-55-06) from revision 0x4003303 up to 0x4003604; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode (in 06-55-07) from revision 0x5003303 up to 0x5003604; - Update of 06-55-0b/0xbf (CPX-SP A1) microcode (in 06-55-0b) from revision 0x7002503 up to 0x7002703; - Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in 06-6a-06) from revision 0xd000389 up to 0xd0003b9; - Update of 06-6c-01/0x10 (ICL-D B0) microcode (in 06-6c-01) from revision 0x1000211 up to 0x1000268; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in 06-7e-05) from revision 0xb8 up to 0xc2; - Update of 06-8a-01/0x10 (LKF B2/B3) microcode (in 06-8a-01) from revision 0x32 up to 0x33; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in 06-8c-01) from revision 0xa6 up to 0xb4; - Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in 06-8c-02) from revision 0x28 up to 0x34; - Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in 06-8d-01) from revision 0x42 up to 0x4e; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in 06-8e-09) from revision 0xf0 up to 0xf4; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in 06-8e-09) from revision 0xf0 up to 0xf4; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in 06-8e-0a) from revision 0xf0 up to 0xf4; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in 06-8e-0b) from revision 0xf0 up to 0xf4; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in 06-8e-0c) from revision 0xf4 up to 0xf8; - Update of 06-8f-04/0x10 microcode (in 06-8f-04) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-04) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-04) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-04) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-04) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-04) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-04) from revision 0x2b000181 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000170; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000170; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b000181; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b000181; - Update of 06-8f-04/0x10 microcode (in 06-8f-05) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-05) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-05) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-05) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-05) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-05) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-05) from revision 0x2b000181 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000170; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000170; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b000181; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b000181; - Update of 06-8f-04/0x10 microcode (in 06-8f-06) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-06) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-06) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-06) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-06) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-06) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-06) from revision 0x2b000181 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000170; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000170; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b000181; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b000181; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-07) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-07) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-07) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-07) from revision 0x2b000181 up to 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b000181; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b000181; - Update of 06-8f-04/0x10 microcode (in 06-8f-08) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-08) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-08) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-08) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-08) from revision 0x2c000170 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-08) from revision 0x2b000181 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-08) from revision 0x2b000181 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000170; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000170; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b000181; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b000181; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x2c; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x2c; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-02) from revision 0x2c up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2c up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2c up to 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x2c; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x2c; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-05) from revision 0x2c up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2c up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2c up to 0x32; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x430; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x430; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x429; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x429; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-03) from revision 0x429 up to 0x430; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x430; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x430; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x429; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x429; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-04) from revision 0x429 up to 0x430; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in 06-9e-09) from revision 0xf0 up to 0xf4; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in 06-9e-0a) from revision 0xf0 up to 0xf4; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in 06-9e-0b) from revision 0xf0 up to 0xf4; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in 06-9e-0c) from revision 0xf0 up to 0xf4; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in 06-9e-0d) from revision 0xf4 up to 0xfa; - Update of 06-a5-02/0x20 (CML-H R1) microcode (in 06-a5-02) from revision 0xf4 up to 0xf8; - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode (in 06-a5-03) from revision 0xf4 up to 0xf8; - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode (in 06-a5-05) from revision 0xf4 up to 0xf8; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode (in 06-a6-00) from revision 0xf4 up to 0xf8; - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode (in 06-a6-01) from revision 0xf4 up to 0xf8; - Update of 06-a7-01/0x02 (RKL-S B0) microcode (in 06-a7-01) from revision 0x57 up to 0x5d; - Update of 06-b7-01/0x32 (RPL-S S0) microcode (in 06-b7-01) from revision 0x112 up to 0x11d; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x2c; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x2c; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-02) from revision 0x2c up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2c up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2c up to 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x2c; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x2c; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-05) from revision 0x2c up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2c up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2c up to 0x32; - gen_update2.py was updated to output strings having restricted length.</summary> <pushcount>0</pushcount> <issued date="2023-12-01 15:32:04 UTC" /> <updated date="2023-12-01 15:32:04 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2023-1701444720.html" id="CLSA-2023:1701444720" title="CLSA-2023:1701444720" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="2" name="microcode_ctl" release="73.16.el7_9.tuxcare.els1" src="microcode_ctl-2.1-73.16.el7_9.tuxcare.els1.src.rpm" version="2.1"> <filename>microcode_ctl-2.1-73.16.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9ed3e8ad6d115fc75d272cc8c77dd3df0e5c1adf</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2023:1703612912</id> <title>openssh: Fix of CVE-2023-51385</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-51385: ban user/hostnames with most shell metacharacters in command line</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-51385: ban user/hostnames with most shell metacharacters in command line</summary> <pushcount>0</pushcount> <issued date="2023-12-26 17:48:35 UTC" /> <updated date="2023-12-26 17:48:35 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2023-1703612912.html" id="CLSA-2023:1703612912" title="CLSA-2023:1703612912" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="openssh" release="23.el7_9.tuxcare.els1" src="openssh-7.4p1-23.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">edbed619f94ac534b814fe95630d1268b677aeca</sum> </package> <package arch="x86_64" epoch="0" name="openssh-askpass" release="23.el7_9.tuxcare.els1" src="openssh-7.4p1-23.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-askpass-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">cde687661d4b4009f2acfec7163b24dd2d8041fc</sum> </package> <package arch="x86_64" epoch="0" name="openssh-cavs" release="23.el7_9.tuxcare.els1" src="openssh-7.4p1-23.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-cavs-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">6df167f7ba307b1289b6e2c577f3167cab8ad23c</sum> </package> <package arch="x86_64" epoch="0" name="openssh-clients" release="23.el7_9.tuxcare.els1" src="openssh-7.4p1-23.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-clients-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">2cd529fcdbbe84f8d309c419fbbe22377185f7fa</sum> </package> <package arch="x86_64" epoch="0" name="openssh-keycat" release="23.el7_9.tuxcare.els1" src="openssh-7.4p1-23.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-keycat-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">27547546f0ec2402a491386921b5a24cf21d232d</sum> </package> <package arch="x86_64" epoch="0" name="openssh-ldap" release="23.el7_9.tuxcare.els1" src="openssh-7.4p1-23.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-ldap-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">756392880ad5f77d1da719693556aba7c1aebca9</sum> </package> <package arch="x86_64" epoch="0" name="openssh-server" release="23.el7_9.tuxcare.els1" src="openssh-7.4p1-23.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-server-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">39303f852903e50dec9ebaf7c3f04c8d42e57689</sum> </package> <package arch="x86_64" epoch="0" name="openssh-server-sysvinit" release="23.el7_9.tuxcare.els1" src="openssh-7.4p1-23.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-server-sysvinit-7.4p1-23.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">153362ae7bfa5623553668f66f13c8bdbb181a34</sum> </package> <package arch="i686" epoch="0" name="pam_ssh_agent_auth" release="2.23.el7_9.tuxcare.els1" src="openssh-7.4p1-23.el7_9.tuxcare.els1.src.rpm" version="0.10.3"> <filename>pam_ssh_agent_auth-0.10.3-2.23.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">bb7cfaf0e9fae5c15b3c5c7f078feeac51aa5f8d</sum> </package> <package arch="x86_64" epoch="0" name="pam_ssh_agent_auth" release="2.23.el7_9.tuxcare.els1" src="openssh-7.4p1-23.el7_9.tuxcare.els1.src.rpm" version="0.10.3"> <filename>pam_ssh_agent_auth-0.10.3-2.23.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">c0dcad557496c654cdd840b696018ff13bf3533b</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1705941805</id> <title>Update of ca-certificates</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Update to CKBI 2.64_v7.0.306 from NSS 3.95 - Removing: - # Certificate "AC1 RAIZ MTIN" - # Certificate "ACNLB" - # Certificate "Actalis Authentication CA G1" - # Certificate "AddTrust External CA Root" - # Certificate "AdminCA-CD-T01" - # Certificate "Admin-Root-CA" - # Certificate "ADOCA02" - # Certificate "ANF Server CA" - # Certificate "A-Trust-Qual-03" - # Certificate "A-Trust-Root-05" - # Certificate "Autoridade Certificadora Raiz Brasileira v1" - # Certificate "Autoridade Certificadora Raiz Brasileira v2" - # Certificate "CA Disig" - # Certificate "CCA India 2011" - # Certificate "Certipost E-Trust Primary Normalised CA" - # Certificate "Certipost E-Trust Primary Qualified CA" - # Certificate "Class 1 Primary CA" - # Certificate "Cybertrust Global Root" - # Certificate "D-TRUST Root Class 2 CA 2007" - # Certificate "D-TRUST Root Class 3 CA 2007" - # Certificate "EBG Elektronik Sertifika Hizmet Sağlayıcısı" - # Certificate "e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi" - # Certificate "Equifax" - # Certificate "Equifax Secure Global eBusiness CA-1" - # Certificate "E-Tugra Certification Authority" - # Certificate "GeoTrust Global CA" - # Certificate "GeoTrust Global CA 2" - # Certificate "GTE CyberTrust Global Root" - # Certificate "Halcom CA FO" - # Certificate "Halcom CA PO 2" - # Certificate "Hongkong Post Root CA 1" - # Certificate "I.CA - Qualified Certification Authority, 09/2009" - # Certificate "I.CA - Qualified root certificate" - # Certificate "I.CA - Standard Certification Authority, 09/2009" - # Certificate "I.CA - Standard root certificate" - # Certificate "IGC/A" - # Certificate "Japanese Government" - # Certificate "Juur-SK" - # Certificate "KEYNECTIS ROOT CA" - # Certificate "LGPKI" - # Certificate "LuxTrust Global Root" - # Certificate "Macao Post eSignTrust Root Certification Authority (G02)" - # Certificate "Microsec e-Szigno Root CA" - # Certificate "Microsoft Root Authority" - # Certificate "Microsoft Root Certificate Authority" - # Certificate "NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado" - # Certificate "QuoVadis Root Certification Authority" - # Certificate "Root CA Generalitat Valenciana" - # Certificate "SITHS CA v3" - # Certificate "Sonera Class2 CA" - # Certificate "Staat der Nederlanden Root CA" - # Certificate "Staat der Nederlanden Root CA - G2" - # Certificate "state-institutions" - # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" - # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" - # Certificate "Thawte Premium Server CA" - # Certificate "Thawte Server CA" - # Certificate "TrustCor ECA-1" - # Certificate "TrustCor RootCert CA-1" - # Certificate "TrustCor RootCert CA-2" - # Certificate "TÜBİTAK UEKAE Kök Sertifika Hizmet Sağlayıcısı - Sürüm 3" - # Certificate "UTN-USERFirst-Object" - # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" - # Certificate "Verisign Class 2 Public Primary Certification Authority - G3" - # Certificate "VeriSign, Inc." - Adding: - # Certificate "Atos TrustedRoot Root CA ECC G2 2020" - # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" - # Certificate "Atos TrustedRoot Root CA RSA G2 2020" - # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" - # Certificate "CommScope Public Trust ECC Root-01" - # Certificate "CommScope Public Trust ECC Root-02" - # Certificate "CommScope Public Trust RSA Root-01" - # Certificate "CommScope Public Trust RSA Root-02" - # Certificate "LAWtrust Root CA2 (4096)" - # Certificate "Sectigo Public Email Protection Root E46" - # Certificate "Sectigo Public Email Protection Root R46" - # Certificate "Sectigo Public Server Authentication Root E46" - # Certificate "Sectigo Public Server Authentication Root R46" - # Certificate "SSL.com Client ECC Root CA 2022" - # Certificate "SSL.com Client RSA Root CA 2022" - # Certificate "SSL.com TLS ECC Root CA 2022" - # Certificate "SSL.com TLS RSA Root CA 2022" - # Certificate "TrustAsia Global Root CA G3" - # Certificate "TrustAsia Global Root CA G4"</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Update to CKBI 2.64_v7.0.306 from NSS 3.95 - Removing: - # Certificate "AC1 RAIZ MTIN" - # Certificate "ACNLB" - # Certificate "Actalis Authentication CA G1" - # Certificate "AddTrust External CA Root" - # Certificate "AdminCA-CD-T01" - # Certificate "Admin-Root-CA" - # Certificate "ADOCA02" - # Certificate "ANF Server CA" - # Certificate "A-Trust-Qual-03" - # Certificate "A-Trust-Root-05" - # Certificate "Autoridade Certificadora Raiz Brasileira v1" - # Certificate "Autoridade Certificadora Raiz Brasileira v2" - # Certificate "CA Disig" - # Certificate "CCA India 2011" - # Certificate "Certipost E-Trust Primary Normalised CA" - # Certificate "Certipost E-Trust Primary Qualified CA" - # Certificate "Class 1 Primary CA" - # Certificate "Cybertrust Global Root" - # Certificate "D-TRUST Root Class 2 CA 2007" - # Certificate "D-TRUST Root Class 3 CA 2007" - # Certificate "EBG Elektronik Sertifika Hizmet Sağlayıcısı" - # Certificate "e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi" - # Certificate "Equifax" - # Certificate "Equifax Secure Global eBusiness CA-1" - # Certificate "E-Tugra Certification Authority" - # Certificate "GeoTrust Global CA" - # Certificate "GeoTrust Global CA 2" - # Certificate "GTE CyberTrust Global Root" - # Certificate "Halcom CA FO" - # Certificate "Halcom CA PO 2" - # Certificate "Hongkong Post Root CA 1" - # Certificate "I.CA - Qualified Certification Authority, 09/2009" - # Certificate "I.CA - Qualified root certificate" - # Certificate "I.CA - Standard Certification Authority, 09/2009" - # Certificate "I.CA - Standard root certificate" - # Certificate "IGC/A" - # Certificate "Japanese Government" - # Certificate "Juur-SK" - # Certificate "KEYNECTIS ROOT CA" - # Certificate "LGPKI" - # Certificate "LuxTrust Global Root" - # Certificate "Macao Post eSignTrust Root Certification Authority (G02)" - # Certificate "Microsec e-Szigno Root CA" - # Certificate "Microsoft Root Authority" - # Certificate "Microsoft Root Certificate Authority" - # Certificate "NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado" - # Certificate "QuoVadis Root Certification Authority" - # Certificate "Root CA Generalitat Valenciana" - # Certificate "SITHS CA v3" - # Certificate "Sonera Class2 CA" - # Certificate "Staat der Nederlanden Root CA" - # Certificate "Staat der Nederlanden Root CA - G2" - # Certificate "state-institutions" - # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" - # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" - # Certificate "Thawte Premium Server CA" - # Certificate "Thawte Server CA" - # Certificate "TrustCor ECA-1" - # Certificate "TrustCor RootCert CA-1" - # Certificate "TrustCor RootCert CA-2" - # Certificate "TÜBİTAK UEKAE Kök Sertifika Hizmet Sağlayıcısı - Sürüm 3" - # Certificate "UTN-USERFirst-Object" - # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" - # Certificate "Verisign Class 2 Public Primary Certification Authority - G3" - # Certificate "VeriSign, Inc." - Adding: - # Certificate "Atos TrustedRoot Root CA ECC G2 2020" - # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" - # Certificate "Atos TrustedRoot Root CA RSA G2 2020" - # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" - # Certificate "CommScope Public Trust ECC Root-01" - # Certificate "CommScope Public Trust ECC Root-02" - # Certificate "CommScope Public Trust RSA Root-01" - # Certificate "CommScope Public Trust RSA Root-02" - # Certificate "LAWtrust Root CA2 (4096)" - # Certificate "Sectigo Public Email Protection Root E46" - # Certificate "Sectigo Public Email Protection Root R46" - # Certificate "Sectigo Public Server Authentication Root E46" - # Certificate "Sectigo Public Server Authentication Root R46" - # Certificate "SSL.com Client ECC Root CA 2022" - # Certificate "SSL.com Client RSA Root CA 2022" - # Certificate "SSL.com TLS ECC Root CA 2022" - # Certificate "SSL.com TLS RSA Root CA 2022" - # Certificate "TrustAsia Global Root CA G3" - # Certificate "TrustAsia Global Root CA G4"</summary> <pushcount>0</pushcount> <issued date="2024-01-22 16:43:28 UTC" /> <updated date="2024-01-22 16:43:28 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1705941805.html" id="CLSA-2024:1705941805" title="CLSA-2024:1705941805" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="noarch" epoch="0" name="ca-certificates" release="72.el7_9.tuxcare.els1" src="ca-certificates-2023.2.64_v7.0.306-72.el7_9.tuxcare.els1.src.rpm" version="2023.2.64_v7.0.306"> <filename>ca-certificates-2023.2.64_v7.0.306-72.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">7feddba1b5c6e8fbfdf4863955ec120aa40bead4</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1706698462</id> <title>java-1.8.0-openjdk: Fix of 6 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Upgrade to shenandoah-jdk8u402-b06. That fixes following CVEs: - CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler - CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution - CVE-2024-20921: Range check loop optimization issue - CVE-2024-20926: Arbitrary Java code execution in Nashorn - CVE-2024-20945: Logging of digital signature private keys - CVE-2024-20952: RSA padding issue and timing side-channel attack against TLS - Remove JDK-8312489 patch which is already in the sources</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Upgrade to shenandoah-jdk8u402-b06. That fixes following CVEs: - CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler - CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution - CVE-2024-20921: Range check loop optimization issue - CVE-2024-20926: Arbitrary Java code execution in Nashorn - CVE-2024-20945: Logging of digital signature private keys - CVE-2024-20952: RSA padding issue and timing side-channel attack against TLS - Remove JDK-8312489 patch which is already in the sources</summary> <pushcount>0</pushcount> <issued date="2024-01-31 10:54:25 UTC" /> <updated date="2024-01-31 10:54:25 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1706698462.html" id="CLSA-2024:1706698462" title="CLSA-2024:1706698462" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="1" name="java-1.8.0-openjdk" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">985a45c8261c59abac4a44948037a6cc2d56e620</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">ef4381e2d45cad05764579260dc995563441e132</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-accessibility" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-accessibility-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">8160994f0cd9bad149e5a90fc0cb17d9140cf4ed</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-accessibility" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-accessibility-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0fcc4e0970849055e2282c3bc8114065c7107037</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-accessibility-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-accessibility-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">4479fe7464c92190454afd066e277023d919f6fc</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9e86d9d96f9e181378702495a2bf70164acd85c6</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-demo" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-demo-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">a0485fe0478294ff032f4c14e6c477ac3994fb8b</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-demo" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-demo-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">c04b4d849b0ea094fee35a171ba4a44c7370d725</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-demo-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-demo-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">887249dcbe96685426c54e90c41f0027c8c3e504</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-devel" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-devel-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">1261c82741d6eb32f635f4e1780c024f8089575f</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-devel" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-devel-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">52ec594951a776a02f0df7053dc5a7571b88258f</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-devel-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-devel-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b7a0efd04304fc2a8b1bcbcb0a819b6f08df4039</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-headless" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">d74e69ba4033f60f66a6c655947de5ea1504ec86</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-headless" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">ba1beebb093fff1eb59ed81ff287cfa8a6bda89e</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-headless-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-headless-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">1e7d15c7b51cf0c3a6112f1f6888a340f23a9ea5</sum> </package> <package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-javadoc-1.8.0.402.b06-1.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">00fae0753cef9a26e8b57febffe45c478c351c09</sum> </package> <package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-javadoc-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">e6d9837df19a63c42b250d29cfe55e637375df0f</sum> </package> <package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-zip" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-javadoc-zip-1.8.0.402.b06-1.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">ea34729369f2f754d4106fc50b4c3e102189ed0f</sum> </package> <package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-zip-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">5ae85d29e6f1f326df3edb4f86c9329bdd0c0125</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-src" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-src-1.8.0.402.b06-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">23a9388afe4eb4bfbe36f1ae237eb28d2fc9441c</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-src" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-src-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f840b1b5df6ba65175fedc433c404160f18e3762</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-src-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.402.b06"> <filename>java-1.8.0-openjdk-src-debug-1.8.0.402.b06-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">ab2e31664231ea3bf64774767b18ad387d490a11</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1706700142</id> <title>php: Fix of 8 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-21702: Fix null pointer crash because of malformed SOAP server response - CVE-2021-21703: Fix error in php fpm shared memory organization leading to privilage escalation - CVE-2022-31625: Fix freeing of uninitialized memory leading to RCE - CVE-2022-31626: Fix buffer overflow in mysqlnd driver leading to RCE - CVE-2023-0568: Fix array overrun when appending slash to paths in DOM and XML cases - CVE-2023-0662: Fix DOS vulnerabality by limiting number of parsed multipart body parts and printing upload limit exceed error message only once - CVE-2023-3823: Fix external entity loading in XML without enabling it, by sanitizing libxml2 globals before parsing - CVE-2023-3824: Fix buffer mismanagement in phar_dir_read()</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-21702: Fix null pointer crash because of malformed SOAP server response - CVE-2021-21703: Fix error in php fpm shared memory organization leading to privilage escalation - CVE-2022-31625: Fix freeing of uninitialized memory leading to RCE - CVE-2022-31626: Fix buffer overflow in mysqlnd driver leading to RCE - CVE-2023-0568: Fix array overrun when appending slash to paths in DOM and XML cases - CVE-2023-0662: Fix DOS vulnerabality by limiting number of parsed multipart body parts and printing upload limit exceed error message only once - CVE-2023-3823: Fix external entity loading in XML without enabling it, by sanitizing libxml2 globals before parsing - CVE-2023-3824: Fix buffer mismanagement in phar_dir_read()</summary> <pushcount>0</pushcount> <issued date="2024-01-31 11:22:25 UTC" /> <updated date="2024-01-31 11:22:25 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1706700142.html" id="CLSA-2024:1706700142" title="CLSA-2024:1706700142" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="php" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9680d4f83839998fbbc573c763e52d38eff7d7f7</sum> </package> <package arch="x86_64" epoch="0" name="php-bcmath" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-bcmath-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">5b79e924a515c8fccc3b277164ac261d01bc9604</sum> </package> <package arch="x86_64" epoch="0" name="php-cli" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-cli-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">047e34da7ee4f304bcf0d73dc2f8c111a7a2d823</sum> </package> <package arch="x86_64" epoch="0" name="php-common" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-common-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f140115eaba2dc9c9fc3e8215f7ffc3ddffaeda1</sum> </package> <package arch="x86_64" epoch="0" name="php-dba" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-dba-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">28fadfc1b2b6cd6791b1f70c9ac8fed5a32ff822</sum> </package> <package arch="x86_64" epoch="0" name="php-devel" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-devel-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">ea0cf62c95f3c80c35add18057ad13540ddaeae7</sum> </package> <package arch="x86_64" epoch="0" name="php-embedded" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-embedded-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9c54b3120ecaae74256339e947a6a5695347aec9</sum> </package> <package arch="x86_64" epoch="0" name="php-enchant" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-enchant-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f6db7357949d50b7a9915a3961c68139d341fa54</sum> </package> <package arch="x86_64" epoch="0" name="php-fpm" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-fpm-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">74aa3fabc38f8fc345db50e3885dd9fe3113f6ff</sum> </package> <package arch="x86_64" epoch="0" name="php-gd" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-gd-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">eec57ec10a4b6dcdd2dd766db7733bc8a5fedb30</sum> </package> <package arch="x86_64" epoch="0" name="php-intl" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-intl-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">6530dbd9d5ad7a095389ce988d0c221c1ee3d25d</sum> </package> <package arch="x86_64" epoch="0" name="php-ldap" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-ldap-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0501c1639360479e62744d8b02b9b86055484e79</sum> </package> <package arch="x86_64" epoch="0" name="php-mbstring" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-mbstring-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">997ad8de250710bfaa069fb35206700d6dc7303b</sum> </package> <package arch="x86_64" epoch="0" name="php-mysql" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-mysql-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">bf7ea2af2196e2a7949bdc19ceda35989d9c3e4f</sum> </package> <package arch="x86_64" epoch="0" name="php-mysqlnd" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-mysqlnd-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">752baac7ab2c13204eee3c97f1b8c7a98462da9a</sum> </package> <package arch="x86_64" epoch="0" name="php-odbc" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-odbc-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">37c3cb0c4c76c0868af9071f4cd814508973051a</sum> </package> <package arch="x86_64" epoch="0" name="php-pdo" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-pdo-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">10c245c93617a8607e45786dd487b1b809d5569f</sum> </package> <package arch="x86_64" epoch="0" name="php-pgsql" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-pgsql-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">469bb9f34d74f5e24b1d74e4cf42d058f47c9211</sum> </package> <package arch="x86_64" epoch="0" name="php-process" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-process-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b0c3602c30bd2834bdce05e266c2691e91907209</sum> </package> <package arch="x86_64" epoch="0" name="php-pspell" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-pspell-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f07dd1600ef6dcff80dd38900cab5a9dfa682ca5</sum> </package> <package arch="x86_64" epoch="0" name="php-recode" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-recode-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">fdbd10a6f94b7c15a746ee8fac4ba858e2b94cc9</sum> </package> <package arch="x86_64" epoch="0" name="php-snmp" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-snmp-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">66d81093531fa2f392fcd195b2410db476f87b19</sum> </package> <package arch="x86_64" epoch="0" name="php-soap" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-soap-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">85448bcbbe56434909d288b221a35a607867dd2b</sum> </package> <package arch="x86_64" epoch="0" name="php-xml" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-xml-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">29f0632ef163f5a2e26fb3ac023800c75fe985fd</sum> </package> <package arch="x86_64" epoch="0" name="php-xmlrpc" release="48.el7.tuxcare.els1" src="php-5.4.16-48.el7.tuxcare.els1.src.rpm" version="5.4.16"> <filename>php-xmlrpc-5.4.16-48.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">01b42a2bafbf16cfef05c64184cb9e147d6f081a</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1707919380</id> <title>openssh: Fix of CVE-2023-48795</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-48795: implement "strict key exchange" in ssh and sshd - Moved ELS patches to the top to avoid patch conflicts</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-48795: implement "strict key exchange" in ssh and sshd - Moved ELS patches to the top to avoid patch conflicts</summary> <pushcount>0</pushcount> <issued date="2024-02-14 14:03:03 UTC" /> <updated date="2024-02-14 14:03:03 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1707919380.html" id="CLSA-2024:1707919380" title="CLSA-2024:1707919380" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="openssh" release="23.el7_9.tuxcare.els2" src="openssh-7.4p1-23.el7_9.tuxcare.els2.src.rpm" version="7.4p1"> <filename>openssh-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">add92be02b6d782b2083e92ebb70bd1c076b2dd6</sum> </package> <package arch="x86_64" epoch="0" name="openssh-askpass" release="23.el7_9.tuxcare.els2" src="openssh-7.4p1-23.el7_9.tuxcare.els2.src.rpm" version="7.4p1"> <filename>openssh-askpass-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">e38a020c7bbacbe347c6031b1ea2b7d30845aee6</sum> </package> <package arch="x86_64" epoch="0" name="openssh-cavs" release="23.el7_9.tuxcare.els2" src="openssh-7.4p1-23.el7_9.tuxcare.els2.src.rpm" version="7.4p1"> <filename>openssh-cavs-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">ca03959afe114454bceae32b821ffe70a22bb628</sum> </package> <package arch="x86_64" epoch="0" name="openssh-clients" release="23.el7_9.tuxcare.els2" src="openssh-7.4p1-23.el7_9.tuxcare.els2.src.rpm" version="7.4p1"> <filename>openssh-clients-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">295e9b1a752cd00ea2bc1519bc5d2635c3c02ef7</sum> </package> <package arch="x86_64" epoch="0" name="openssh-keycat" release="23.el7_9.tuxcare.els2" src="openssh-7.4p1-23.el7_9.tuxcare.els2.src.rpm" version="7.4p1"> <filename>openssh-keycat-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">9a83b13d97f05fa85024a7620fafed5b45939c74</sum> </package> <package arch="x86_64" epoch="0" name="openssh-ldap" release="23.el7_9.tuxcare.els2" src="openssh-7.4p1-23.el7_9.tuxcare.els2.src.rpm" version="7.4p1"> <filename>openssh-ldap-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">e0f017ec7e626e008dff93577d632462e26a9662</sum> </package> <package arch="x86_64" epoch="0" name="openssh-server" release="23.el7_9.tuxcare.els2" src="openssh-7.4p1-23.el7_9.tuxcare.els2.src.rpm" version="7.4p1"> <filename>openssh-server-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">42a83385dc6a0edbcacd30f75c6aa479b11d149f</sum> </package> <package arch="x86_64" epoch="0" name="openssh-server-sysvinit" release="23.el7_9.tuxcare.els2" src="openssh-7.4p1-23.el7_9.tuxcare.els2.src.rpm" version="7.4p1"> <filename>openssh-server-sysvinit-7.4p1-23.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">19ce58d35308b933496dd2feec904feb31074402</sum> </package> <package arch="i686" epoch="0" name="pam_ssh_agent_auth" release="2.23.el7_9.tuxcare.els2" src="openssh-7.4p1-23.el7_9.tuxcare.els2.src.rpm" version="0.10.3"> <filename>pam_ssh_agent_auth-0.10.3-2.23.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">7f114bc027bd1b665b3b2265d5b6492a65313a03</sum> </package> <package arch="x86_64" epoch="0" name="pam_ssh_agent_auth" release="2.23.el7_9.tuxcare.els2" src="openssh-7.4p1-23.el7_9.tuxcare.els2.src.rpm" version="0.10.3"> <filename>pam_ssh_agent_auth-0.10.3-2.23.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">694398c494e6601ec374ac1ec07bc616eddcd9e5</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1708417192</id> <title>libxml2: Fix of 3 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2017-7375: add validation for parsed entity references - CVE-2017-7376: fix buffer overflow in URL handling - CVE-2017-8872: free input buffer in xmlHaltParser</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2017-7375: add validation for parsed entity references - CVE-2017-7376: fix buffer overflow in URL handling - CVE-2017-8872: free input buffer in xmlHaltParser</summary> <pushcount>0</pushcount> <issued date="2024-02-20 08:19:55 UTC" /> <updated date="2024-02-20 08:19:55 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1708417192.html" id="CLSA-2024:1708417192" title="CLSA-2024:1708417192" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libxml2" release="6.el7_9.6.tuxcare.els3" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els3.src.rpm" version="2.9.1"> <filename>libxml2-2.9.1-6.el7_9.6.tuxcare.els3.i686.rpm</filename> <sum type="sha">9214f528ef5a5911e6f29a2dd28c0fef59437ea4</sum> </package> <package arch="x86_64" epoch="0" name="libxml2" release="6.el7_9.6.tuxcare.els3" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els3.src.rpm" version="2.9.1"> <filename>libxml2-2.9.1-6.el7_9.6.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">a08f218df8faed30a40d4cc17202bebbb635f0ea</sum> </package> <package arch="i686" epoch="0" name="libxml2-devel" release="6.el7_9.6.tuxcare.els3" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els3.src.rpm" version="2.9.1"> <filename>libxml2-devel-2.9.1-6.el7_9.6.tuxcare.els3.i686.rpm</filename> <sum type="sha">5cde1a7605d681cb8e42c2f495f377815d479645</sum> </package> <package arch="x86_64" epoch="0" name="libxml2-devel" release="6.el7_9.6.tuxcare.els3" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els3.src.rpm" version="2.9.1"> <filename>libxml2-devel-2.9.1-6.el7_9.6.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">b01a1f3711245fe08bcf1c6ef07db38de5a0b29d</sum> </package> <package arch="x86_64" epoch="0" name="libxml2-python" release="6.el7_9.6.tuxcare.els3" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els3.src.rpm" version="2.9.1"> <filename>libxml2-python-2.9.1-6.el7_9.6.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">6625a7ca31068c5c845dd9bcb512eb24803bfee1</sum> </package> <package arch="i686" epoch="0" name="libxml2-static" release="6.el7_9.6.tuxcare.els3" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els3.src.rpm" version="2.9.1"> <filename>libxml2-static-2.9.1-6.el7_9.6.tuxcare.els3.i686.rpm</filename> <sum type="sha">135d15940ef38ecb8d6ba94821fe8671f6fd5623</sum> </package> <package arch="x86_64" epoch="0" name="libxml2-static" release="6.el7_9.6.tuxcare.els3" src="libxml2-2.9.1-6.el7_9.6.tuxcare.els3.src.rpm" version="2.9.1"> <filename>libxml2-static-2.9.1-6.el7_9.6.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">abce4ce166a9e14fa87571b897de93a2010427db</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1709550046</id> <title>bind: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed zone responses - CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed zone responses - CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3</summary> <pushcount>0</pushcount> <issued date="2024-03-04 11:00:49 UTC" /> <updated date="2024-03-04 11:00:49 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1709550046.html" id="CLSA-2024:1709550046" title="CLSA-2024:1709550046" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="32" name="bind" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">fe2a7cd869562e3ba20be19cb675e6952806c18a</sum> </package> <package arch="x86_64" epoch="32" name="bind-chroot" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-chroot-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">9eb1b11324b786544d1c4a0b38403659375eca2e</sum> </package> <package arch="i686" epoch="32" name="bind-devel" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm</filename> <sum type="sha">415b9651285c74584bdb3585904c244ef01c0cf0</sum> </package> <package arch="x86_64" epoch="32" name="bind-devel" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">0da77ee697b3c95774d36b6e1395f009a640dd0c</sum> </package> <package arch="i686" epoch="32" name="bind-export-devel" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm</filename> <sum type="sha">c0236bc639e28a954fb214d17782abf3974d435e</sum> </package> <package arch="x86_64" epoch="32" name="bind-export-devel" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">199f15094dae68c173a96859bc5c50a494ef3573</sum> </package> <package arch="i686" epoch="32" name="bind-export-libs" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm</filename> <sum type="sha">55e7f51d1b1c14edc487c3073e8258728e9e32b2</sum> </package> <package arch="x86_64" epoch="32" name="bind-export-libs" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">16736bf483fa15ab33838a3191409394c508edaf</sum> </package> <package arch="i686" epoch="32" name="bind-libs" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm</filename> <sum type="sha">66e7b5a1e480ddaf7aec614ee0e1120bb399a87a</sum> </package> <package arch="x86_64" epoch="32" name="bind-libs" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">1406ee012927425762e41fdff6b3c6f49bef9e3a</sum> </package> <package arch="i686" epoch="32" name="bind-libs-lite" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm</filename> <sum type="sha">e2c5ac52078c5eb4a61b28856cb1286920d80975</sum> </package> <package arch="x86_64" epoch="32" name="bind-libs-lite" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">fdf58adb34f0fc3358f481ad5ccd97d603694c5c</sum> </package> <package arch="noarch" epoch="32" name="bind-license" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-license-9.11.4-26.P2.el7.14.tuxcare.els2.noarch.rpm</filename> <sum type="sha">c58ede0bd8b11f22588c0b0a5a28305c925a7309</sum> </package> <package arch="i686" epoch="32" name="bind-lite-devel" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm</filename> <sum type="sha">fa0f9557aab88d20abecbfb446c4b6ef7b62bbea</sum> </package> <package arch="x86_64" epoch="32" name="bind-lite-devel" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">16950a1353e6fc53e537c27152cec7aa7fa1e834</sum> </package> <package arch="x86_64" epoch="32" name="bind-pkcs11" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-pkcs11-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">18273a8c69ebd60a7b99421d92155b181767e5e4</sum> </package> <package arch="i686" epoch="32" name="bind-pkcs11-devel" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm</filename> <sum type="sha">e3e45b5de9f5c28a17e3092d4f5b3935f4b59904</sum> </package> <package arch="x86_64" epoch="32" name="bind-pkcs11-devel" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">e8d4a7471b37bc7ab3a51ef536e61dd4df4f8a36</sum> </package> <package arch="i686" epoch="32" name="bind-pkcs11-libs" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7.14.tuxcare.els2.i686.rpm</filename> <sum type="sha">6e6aae3522f9d376e8092451a544132cfe14c5e5</sum> </package> <package arch="x86_64" epoch="32" name="bind-pkcs11-libs" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">74fee7f6c94f2da2631e2e47f64758992c003e43</sum> </package> <package arch="x86_64" epoch="32" name="bind-pkcs11-utils" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-pkcs11-utils-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">4124b0e50256105b156bbff46ac46ba6a93a6ea6</sum> </package> <package arch="x86_64" epoch="32" name="bind-sdb" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-sdb-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">008a2263f42bb4884c9e013547decfdba677ed90</sum> </package> <package arch="x86_64" epoch="32" name="bind-sdb-chroot" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-sdb-chroot-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">0a90433f20ebbe87dcfd6c511bbbb4194bddadaf</sum> </package> <package arch="x86_64" epoch="32" name="bind-utils" release="26.P2.el7.14.tuxcare.els2" src="bind-9.11.4-26.P2.el7.14.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-utils-9.11.4-26.P2.el7.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">f706efc7749d642e68b785ce825300f15974c5fa</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1709727025</id> <title>linux-firmware: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Update AMD CPU microcode to 2023-12-05: - Update AMD CPU microcode for processor family 19h: sig 0x00a10f12, sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11 - Update AMD CPU microcode for processor family 17h: sig 0x00830f10 - Fix CVE-2023-20569, CVE-2023-20593 - Use tuxcare.els suffixes for all packages</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Update AMD CPU microcode to 2023-12-05: - Update AMD CPU microcode for processor family 19h: sig 0x00a10f12, sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11 - Update AMD CPU microcode for processor family 17h: sig 0x00830f10 - Fix CVE-2023-20569, CVE-2023-20593 - Use tuxcare.els suffixes for all packages</summary> <pushcount>0</pushcount> <issued date="2024-03-06 12:10:29 UTC" /> <updated date="2024-03-06 12:10:29 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1709727025.html" id="CLSA-2024:1709727025" title="CLSA-2024:1709727025" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="noarch" epoch="0" name="iwl100-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="39.31.5.1"> <filename>iwl100-firmware-39.31.5.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">62b263a06b9eb84d7439d8de12682e33d8894e11</sum> </package> <package arch="noarch" epoch="1" name="iwl1000-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="39.31.5.1"> <filename>iwl1000-firmware-39.31.5.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">ed62d248bdbb91e618d3e6ad9880319fa571de5e</sum> </package> <package arch="noarch" epoch="0" name="iwl105-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="18.168.6.1"> <filename>iwl105-firmware-18.168.6.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">9648db3b145dc96fc2081bd1d2ccd752aeaade21</sum> </package> <package arch="noarch" epoch="0" name="iwl135-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="18.168.6.1"> <filename>iwl135-firmware-18.168.6.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">e998813e681c51779daad0a52d30314ed007984a</sum> </package> <package arch="noarch" epoch="0" name="iwl2000-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="18.168.6.1"> <filename>iwl2000-firmware-18.168.6.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">4a3bd116a1ed82e9621821a0323804b47f1ae91d</sum> </package> <package arch="noarch" epoch="0" name="iwl2030-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="18.168.6.1"> <filename>iwl2030-firmware-18.168.6.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">4d98ff8c98f33c55eea843c56eee2acdfbb429f8</sum> </package> <package arch="noarch" epoch="0" name="iwl3160-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="25.30.13.0"> <filename>iwl3160-firmware-25.30.13.0-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">7646e5088e9eb33905b145c096c1a9023f9db0ec</sum> </package> <package arch="noarch" epoch="0" name="iwl3945-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="15.32.2.9"> <filename>iwl3945-firmware-15.32.2.9-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">ca2b054760c356b7164fe87d4f83d3108da562ac</sum> </package> <package arch="noarch" epoch="0" name="iwl4965-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="228.61.2.24"> <filename>iwl4965-firmware-228.61.2.24-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">26d05fddb8c51f0b9c8caffef5b22f2481cd21db</sum> </package> <package arch="noarch" epoch="0" name="iwl5000-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="8.83.5.1_1"> <filename>iwl5000-firmware-8.83.5.1_1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">6522a2f96c1f1465ec33e1ca99942aac8db86234</sum> </package> <package arch="noarch" epoch="0" name="iwl5150-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="8.24.2.2"> <filename>iwl5150-firmware-8.24.2.2-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">2b0cb7728b14fc02660db9a8bebaab367355659e</sum> </package> <package arch="noarch" epoch="0" name="iwl6000-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="9.221.4.1"> <filename>iwl6000-firmware-9.221.4.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">e4db79c53211b0abfa72bdf7825f1fc232039412</sum> </package> <package arch="noarch" epoch="0" name="iwl6000g2a-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="18.168.6.1"> <filename>iwl6000g2a-firmware-18.168.6.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">1a204c5344437a1789c87765f8a931b6446db84c</sum> </package> <package arch="noarch" epoch="0" name="iwl6000g2b-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="18.168.6.1"> <filename>iwl6000g2b-firmware-18.168.6.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">17f0c10115ec2e7196f9eb29821b0a2333a66d50</sum> </package> <package arch="noarch" epoch="0" name="iwl6050-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="41.28.5.1"> <filename>iwl6050-firmware-41.28.5.1-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">7fe7c1c38d1aacf636191b0e710b5fdf7203bbad</sum> </package> <package arch="noarch" epoch="0" name="iwl7260-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="25.30.13.0"> <filename>iwl7260-firmware-25.30.13.0-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">846f14b5817df35dbb60fd1ef35a5239a47a640b</sum> </package> <package arch="noarch" epoch="0" name="linux-firmware" release="81.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.src.rpm" version="20200421"> <filename>linux-firmware-20200421-81.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">3725157da6a2ed9c81c7d4f6d68d47ae8bba31cb</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1709839956</id> <title>nettle: Fix of CVE-2018-16869</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Port side-channel silent functions from 3.4.1. Partially fix for CVE-2018-16869 - CVE-2018-16869: Add side-channel silent memory, math, PKCS1, RSA functions - Added tests for side-channel silent implementations</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Port side-channel silent functions from 3.4.1. Partially fix for CVE-2018-16869 - CVE-2018-16869: Add side-channel silent memory, math, PKCS1, RSA functions - Added tests for side-channel silent implementations</summary> <pushcount>0</pushcount> <issued date="2024-03-07 19:32:39 UTC" /> <updated date="2024-03-07 19:32:39 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1709839956.html" id="CLSA-2024:1709839956" title="CLSA-2024:1709839956" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="nettle" release="9.el7_9.tuxcare.els1" src="nettle-2.7.1-9.el7_9.tuxcare.els1.src.rpm" version="2.7.1"> <filename>nettle-2.7.1-9.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">30f41bf7bc176294c15b0efccbb36d21274322cf</sum> </package> <package arch="x86_64" epoch="0" name="nettle" release="9.el7_9.tuxcare.els1" src="nettle-2.7.1-9.el7_9.tuxcare.els1.src.rpm" version="2.7.1"> <filename>nettle-2.7.1-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b98ab37c581e43a03714e5c47c3aec86b358d0b2</sum> </package> <package arch="i686" epoch="0" name="nettle-devel" release="9.el7_9.tuxcare.els1" src="nettle-2.7.1-9.el7_9.tuxcare.els1.src.rpm" version="2.7.1"> <filename>nettle-devel-2.7.1-9.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">5ebbc1172282115841b35850ea6d1fe0ddb3f282</sum> </package> <package arch="x86_64" epoch="0" name="nettle-devel" release="9.el7_9.tuxcare.els1" src="nettle-2.7.1-9.el7_9.tuxcare.els1.src.rpm" version="2.7.1"> <filename>nettle-devel-2.7.1-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">12794a8f50421d6713ecadf904cd7e17ba5c1501</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1709840060</id> <title>Update of nss</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Update to CKBI 2.64 from NSS 3.95 - Removed: - # Certificate "E-Tugra Certification Authority" - # Certificate "Hongkong Post Root CA 1" - # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" - # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" - # Certificate "TrustCor ECA-1" - # Certificate "TrustCor RootCert CA-1" - # Certificate "TrustCor RootCert CA-2" - # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" - # Certificate "Verisign Class 2 Public Primary Certification Authority - G3" - Added: - # Certificate "Atos TrustedRoot Root CA ECC G2 2020" - # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" - # Certificate "Atos TrustedRoot Root CA RSA G2 2020" - # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" - # Certificate "CommScope Public Trust ECC Root-01" - # Certificate "CommScope Public Trust ECC Root-02" - # Certificate "CommScope Public Trust RSA Root-01" - # Certificate "CommScope Public Trust RSA Root-02" - # Certificate "LAWtrust Root CA2 (4096)" - # Certificate "Sectigo Public Email Protection Root E46" - # Certificate "Sectigo Public Email Protection Root R46" - # Certificate "Sectigo Public Server Authentication Root E46" - # Certificate "Sectigo Public Server Authentication Root R46" - # Certificate "SSL.com Client ECC Root CA 2022" - # Certificate "SSL.com Client RSA Root CA 2022" - # Certificate "SSL.com TLS ECC Root CA 2022" - # Certificate "SSL.com TLS RSA Root CA 2022" - # Certificate "TrustAsia Global Root CA G3" - # Certificate "TrustAsia Global Root CA G4" - Update test certificates - Tests were activated - dbtests.sh waiting time was increased to pass the test on slow VM</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Update to CKBI 2.64 from NSS 3.95 - Removed: - # Certificate "E-Tugra Certification Authority" - # Certificate "Hongkong Post Root CA 1" - # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" - # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" - # Certificate "TrustCor ECA-1" - # Certificate "TrustCor RootCert CA-1" - # Certificate "TrustCor RootCert CA-2" - # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" - # Certificate "Verisign Class 2 Public Primary Certification Authority - G3" - Added: - # Certificate "Atos TrustedRoot Root CA ECC G2 2020" - # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" - # Certificate "Atos TrustedRoot Root CA RSA G2 2020" - # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" - # Certificate "CommScope Public Trust ECC Root-01" - # Certificate "CommScope Public Trust ECC Root-02" - # Certificate "CommScope Public Trust RSA Root-01" - # Certificate "CommScope Public Trust RSA Root-02" - # Certificate "LAWtrust Root CA2 (4096)" - # Certificate "Sectigo Public Email Protection Root E46" - # Certificate "Sectigo Public Email Protection Root R46" - # Certificate "Sectigo Public Server Authentication Root E46" - # Certificate "Sectigo Public Server Authentication Root R46" - # Certificate "SSL.com Client ECC Root CA 2022" - # Certificate "SSL.com Client RSA Root CA 2022" - # Certificate "SSL.com TLS ECC Root CA 2022" - # Certificate "SSL.com TLS RSA Root CA 2022" - # Certificate "TrustAsia Global Root CA G3" - # Certificate "TrustAsia Global Root CA G4" - Update test certificates - Tests were activated - dbtests.sh waiting time was increased to pass the test on slow VM</summary> <pushcount>0</pushcount> <issued date="2024-03-07 19:34:23 UTC" /> <updated date="2024-03-07 19:34:23 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1709840060.html" id="CLSA-2024:1709840060" title="CLSA-2024:1709840060" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="nss" release="2.el7_9.tuxcare.els1" src="nss-3.90.0-2.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-3.90.0-2.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">41fdf5f6f078b578bb8712e112d05e7f03f11a9a</sum> </package> <package arch="x86_64" epoch="0" name="nss" release="2.el7_9.tuxcare.els1" src="nss-3.90.0-2.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-3.90.0-2.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">6001e08e383d7cc3a7bceb9ab2178399839e172d</sum> </package> <package arch="i686" epoch="0" name="nss-devel" release="2.el7_9.tuxcare.els1" src="nss-3.90.0-2.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-devel-3.90.0-2.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">f45016cbc6140436f636439c32d2eb951916f048</sum> </package> <package arch="x86_64" epoch="0" name="nss-devel" release="2.el7_9.tuxcare.els1" src="nss-3.90.0-2.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-devel-3.90.0-2.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">c4cb6f3dec5352bae3d129e1a26ee6b680f79c5e</sum> </package> <package arch="i686" epoch="0" name="nss-pkcs11-devel" release="2.el7_9.tuxcare.els1" src="nss-3.90.0-2.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-pkcs11-devel-3.90.0-2.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">88573377d386ec6feac2a109c13cc7bbaaccc427</sum> </package> <package arch="x86_64" epoch="0" name="nss-pkcs11-devel" release="2.el7_9.tuxcare.els1" src="nss-3.90.0-2.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-pkcs11-devel-3.90.0-2.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">97b5b56c41bcb022582065842c48fa3fe2eba0f8</sum> </package> <package arch="x86_64" epoch="0" name="nss-sysinit" release="2.el7_9.tuxcare.els1" src="nss-3.90.0-2.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-sysinit-3.90.0-2.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">cf3da6398612132fe1ee2d7ac485b2ca7e874c12</sum> </package> <package arch="x86_64" epoch="0" name="nss-tools" release="2.el7_9.tuxcare.els1" src="nss-3.90.0-2.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-tools-3.90.0-2.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">4b70ccb086b4942413216bd36c998c26eeb01b41</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1710184311</id> <title>freetype: Fix of 3 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-27404: Fix buffer overflow in sfnt_init_face - CVE-2022-27405: Fix segmentation violation via FNT_Size_Request - CVE-2022-27406: Fix segmentation violation via FT_Request_Size</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-27404: Fix buffer overflow in sfnt_init_face - CVE-2022-27405: Fix segmentation violation via FNT_Size_Request - CVE-2022-27406: Fix segmentation violation via FT_Request_Size</summary> <pushcount>0</pushcount> <issued date="2024-03-11 19:11:54 UTC" /> <updated date="2024-03-11 19:11:54 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1710184311.html" id="CLSA-2024:1710184311" title="CLSA-2024:1710184311" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="freetype" release="14.el7_9.1.tuxcare.els1" src="freetype-2.8-14.el7_9.1.tuxcare.els1.src.rpm" version="2.8"> <filename>freetype-2.8-14.el7_9.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">310bddbdc6a3a7a2bbc27b50f33efbe319c6fa51</sum> </package> <package arch="x86_64" epoch="0" name="freetype" release="14.el7_9.1.tuxcare.els1" src="freetype-2.8-14.el7_9.1.tuxcare.els1.src.rpm" version="2.8"> <filename>freetype-2.8-14.el7_9.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">ab1aad5e24796950103363de6322aaaca273b9d3</sum> </package> <package arch="x86_64" epoch="0" name="freetype-demos" release="14.el7_9.1.tuxcare.els1" src="freetype-2.8-14.el7_9.1.tuxcare.els1.src.rpm" version="2.8"> <filename>freetype-demos-2.8-14.el7_9.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">1d547f06f3a862232efbc2059faa8a6b0beea2bb</sum> </package> <package arch="i686" epoch="0" name="freetype-devel" release="14.el7_9.1.tuxcare.els1" src="freetype-2.8-14.el7_9.1.tuxcare.els1.src.rpm" version="2.8"> <filename>freetype-devel-2.8-14.el7_9.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">88cb215e9623a038016dd3d23f9ce99ba863f11c</sum> </package> <package arch="x86_64" epoch="0" name="freetype-devel" release="14.el7_9.1.tuxcare.els1" src="freetype-2.8-14.el7_9.1.tuxcare.els1.src.rpm" version="2.8"> <filename>freetype-devel-2.8-14.el7_9.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7f16fc3510d564bad5d344b059472d9827cfc82e</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1710184399</id> <title>gnutls: Fix of 3 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Keep the broken pkcs11 tests disabled. - Added CVE-2024-0567 PoC test. - CVE-2023-5981-pre1: improve level of randomness for each operations, always use _gnutls_switch_lib_state for pk wrappers. - CVE-2023-5981-pre2: add constant time/cache operations to prevent or minimaze timining or cache side channel attacks. - CVE-2023-5981: removes branching that depends on secret data to prevent potential side-channel attack. - CVE-2024-0553: minimize branching after decryption.</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Keep the broken pkcs11 tests disabled. - Added CVE-2024-0567 PoC test. - CVE-2023-5981-pre1: improve level of randomness for each operations, always use _gnutls_switch_lib_state for pk wrappers. - CVE-2023-5981-pre2: add constant time/cache operations to prevent or minimaze timining or cache side channel attacks. - CVE-2023-5981: removes branching that depends on secret data to prevent potential side-channel attack. - CVE-2024-0553: minimize branching after decryption.</summary> <pushcount>0</pushcount> <issued date="2024-03-11 19:13:22 UTC" /> <updated date="2024-03-11 19:13:22 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1710184399.html" id="CLSA-2024:1710184399" title="CLSA-2024:1710184399" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="gnutls" release="9.el7_9.tuxcare.els1" src="gnutls-3.3.29-9.el7_9.tuxcare.els1.src.rpm" version="3.3.29"> <filename>gnutls-3.3.29-9.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">df8f25dac01b6abc52b74e3e39bbbe520723d4e1</sum> </package> <package arch="x86_64" epoch="0" name="gnutls" release="9.el7_9.tuxcare.els1" src="gnutls-3.3.29-9.el7_9.tuxcare.els1.src.rpm" version="3.3.29"> <filename>gnutls-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">8461900ebaceb6425a4389b937f6c6899ab2691b</sum> </package> <package arch="i686" epoch="0" name="gnutls-c++" release="9.el7_9.tuxcare.els1" src="gnutls-3.3.29-9.el7_9.tuxcare.els1.src.rpm" version="3.3.29"> <filename>gnutls-c++-3.3.29-9.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">ba0f50308a0e95f9dedbdd4c677e4030d428e8ed</sum> </package> <package arch="x86_64" epoch="0" name="gnutls-c++" release="9.el7_9.tuxcare.els1" src="gnutls-3.3.29-9.el7_9.tuxcare.els1.src.rpm" version="3.3.29"> <filename>gnutls-c++-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">08ad1fee55b178c6b40e91204ae111f2997656b4</sum> </package> <package arch="i686" epoch="0" name="gnutls-dane" release="9.el7_9.tuxcare.els1" src="gnutls-3.3.29-9.el7_9.tuxcare.els1.src.rpm" version="3.3.29"> <filename>gnutls-dane-3.3.29-9.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">427c670552afe57210ae6cfe3628d7ecc56cc6e4</sum> </package> <package arch="x86_64" epoch="0" name="gnutls-dane" release="9.el7_9.tuxcare.els1" src="gnutls-3.3.29-9.el7_9.tuxcare.els1.src.rpm" version="3.3.29"> <filename>gnutls-dane-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0f2ab15fdd7167bca864cad0bbea64887b0d0d49</sum> </package> <package arch="i686" epoch="0" name="gnutls-devel" release="9.el7_9.tuxcare.els1" src="gnutls-3.3.29-9.el7_9.tuxcare.els1.src.rpm" version="3.3.29"> <filename>gnutls-devel-3.3.29-9.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">8b6dd527a1d651c4900fd42a78ae3ea214018d96</sum> </package> <package arch="x86_64" epoch="0" name="gnutls-devel" release="9.el7_9.tuxcare.els1" src="gnutls-3.3.29-9.el7_9.tuxcare.els1.src.rpm" version="3.3.29"> <filename>gnutls-devel-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b871cbdd4c9b4608b44a825e3a8982d0a3e7218b</sum> </package> <package arch="x86_64" epoch="0" name="gnutls-utils" release="9.el7_9.tuxcare.els1" src="gnutls-3.3.29-9.el7_9.tuxcare.els1.src.rpm" version="3.3.29"> <filename>gnutls-utils-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f5f370f97d8d007288267dec683ab8e38292c3d2</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1710437461</id> <title>python3: Fix of CVE-2022-48564</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-48564: Improve validation of Plist files that prevent DoS</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-48564: Improve validation of Plist files that prevent DoS</summary> <pushcount>0</pushcount> <issued date="2024-03-14 17:31:05 UTC" /> <updated date="2024-03-14 17:31:05 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1710437461.html" id="CLSA-2024:1710437461" title="CLSA-2024:1710437461" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="python3" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-3.6.8-21.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">462389533a561eda76b69c096f47f7fef024354c</sum> </package> <package arch="x86_64" epoch="0" name="python3" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">24cd82f7a5ade9f8b52fed04c77dcdce9abdb8cd</sum> </package> <package arch="i686" epoch="0" name="python3-debug" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-21.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">ac8db8e21d11c707cd219a4043f015d3663853f8</sum> </package> <package arch="x86_64" epoch="0" name="python3-debug" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">e5c8a445e5749adc070cf1fcb95bcefc91cc5194</sum> </package> <package arch="i686" epoch="0" name="python3-devel" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-21.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">aacf57743409b3a2e67ae4fc3438db27f4c5d0fe</sum> </package> <package arch="x86_64" epoch="0" name="python3-devel" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">6315e8a17d3742f8b40e14db2934899ca839144e</sum> </package> <package arch="i686" epoch="0" name="python3-idle" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-21.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">81502c64373ae0930558475657ee14829c1b2f78</sum> </package> <package arch="x86_64" epoch="0" name="python3-idle" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">72bee843c858cee2a980d809a1f31eefe0d1fe3d</sum> </package> <package arch="i686" epoch="0" name="python3-libs" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-21.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">52fce478ac6a7c9f3e05e8638b8b6df9eb348dbf</sum> </package> <package arch="x86_64" epoch="0" name="python3-libs" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">a0954f8d4b4b2564955cb08fb2a3c5c964f871d8</sum> </package> <package arch="i686" epoch="0" name="python3-test" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-21.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">11cb08293651733661a17562df9372f5071731bd</sum> </package> <package arch="x86_64" epoch="0" name="python3-test" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">b2658406f5148a52d70d0ac0ba0e70265e5dc219</sum> </package> <package arch="i686" epoch="0" name="python3-tkinter" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-21.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">1c4409d9fc061adeff882813adeea5e62c1184f9</sum> </package> <package arch="x86_64" epoch="0" name="python3-tkinter" release="21.el7_9.tuxcare.els2" src="python3-3.6.8-21.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-21.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">c45bbbfd95df822bcb6a95164333009fa635dc52</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1710789286</id> <title>ncurses: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-29491.patch: Mitigate vulnerability by building the packages with modified --disable-root-environ option which now limits usage of environment for setuid/setgid programs only - CVE-2021-39537.patch: Add a check for end-of-string in cvtchar to handle a malformed string in infotocap</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-29491.patch: Mitigate vulnerability by building the packages with modified --disable-root-environ option which now limits usage of environment for setuid/setgid programs only - CVE-2021-39537.patch: Add a check for end-of-string in cvtchar to handle a malformed string in infotocap</summary> <pushcount>0</pushcount> <issued date="2024-03-18 19:14:50 UTC" /> <updated date="2024-03-18 19:14:50 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1710789286.html" id="CLSA-2024:1710789286" title="CLSA-2024:1710789286" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="ncurses" release="14.20130511.el7_4.tuxcare.els1" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els1.src.rpm" version="5.9"> <filename>ncurses-5.9-14.20130511.el7_4.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7622bf4a9f245736aca91a251693ab3a04038b26</sum> </package> <package arch="noarch" epoch="0" name="ncurses-base" release="14.20130511.el7_4.tuxcare.els1" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els1.src.rpm" version="5.9"> <filename>ncurses-base-5.9-14.20130511.el7_4.tuxcare.els1.noarch.rpm</filename> <sum type="sha">183479f9b0b27856d48542de2e485d2435942b44</sum> </package> <package arch="i686" epoch="0" name="ncurses-devel" release="14.20130511.el7_4.tuxcare.els1" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els1.src.rpm" version="5.9"> <filename>ncurses-devel-5.9-14.20130511.el7_4.tuxcare.els1.i686.rpm</filename> <sum type="sha">9c0188412545af40b9057488f8cc5de913906ed7</sum> </package> <package arch="x86_64" epoch="0" name="ncurses-devel" release="14.20130511.el7_4.tuxcare.els1" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els1.src.rpm" version="5.9"> <filename>ncurses-devel-5.9-14.20130511.el7_4.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">3e46936a0dabf47c1197e8aefecd3c26523967e5</sum> </package> <package arch="i686" epoch="0" name="ncurses-libs" release="14.20130511.el7_4.tuxcare.els1" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els1.src.rpm" version="5.9"> <filename>ncurses-libs-5.9-14.20130511.el7_4.tuxcare.els1.i686.rpm</filename> <sum type="sha">56a86980b54c95d8686371cfde086c73153b4bf4</sum> </package> <package arch="x86_64" epoch="0" name="ncurses-libs" release="14.20130511.el7_4.tuxcare.els1" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els1.src.rpm" version="5.9"> <filename>ncurses-libs-5.9-14.20130511.el7_4.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f60b9a8a2ca4fed240ec3969b90dc8d92e089583</sum> </package> <package arch="i686" epoch="0" name="ncurses-static" release="14.20130511.el7_4.tuxcare.els1" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els1.src.rpm" version="5.9"> <filename>ncurses-static-5.9-14.20130511.el7_4.tuxcare.els1.i686.rpm</filename> <sum type="sha">307cbb68b416b647a92adab5760e11c79650951b</sum> </package> <package arch="x86_64" epoch="0" name="ncurses-static" release="14.20130511.el7_4.tuxcare.els1" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els1.src.rpm" version="5.9"> <filename>ncurses-static-5.9-14.20130511.el7_4.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">3dd9d204c2e8a93ff3c6d58513adcedae1749898</sum> </package> <package arch="noarch" epoch="0" name="ncurses-term" release="14.20130511.el7_4.tuxcare.els1" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els1.src.rpm" version="5.9"> <filename>ncurses-term-5.9-14.20130511.el7_4.tuxcare.els1.noarch.rpm</filename> <sum type="sha">96e7a53040dcb3ee7648cd34a0d9f8233789f960</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1711476689</id> <title>e2fsprogs: Fix of CVE-2022-1304</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-1304.patch: libext2fs: add sanity check to extent manipulation</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-1304.patch: libext2fs: add sanity check to extent manipulation</summary> <pushcount>0</pushcount> <issued date="2024-03-26 18:11:32 UTC" /> <updated date="2024-03-26 18:11:32 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1711476689.html" id="CLSA-2024:1711476689" title="CLSA-2024:1711476689" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="e2fsprogs" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>e2fsprogs-1.42.9-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7ca90ab80651cf2ea12616f3257c3440663ba649</sum> </package> <package arch="i686" epoch="0" name="e2fsprogs-devel" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>e2fsprogs-devel-1.42.9-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">cb0622cb615d65d2da5a8eefa1b8b0040a91e851</sum> </package> <package arch="x86_64" epoch="0" name="e2fsprogs-devel" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>e2fsprogs-devel-1.42.9-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b686dd8dc4a5d3cd0ca02420073cf9a16d3b18e9</sum> </package> <package arch="i686" epoch="0" name="e2fsprogs-libs" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>e2fsprogs-libs-1.42.9-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">7619362123ec54ec68c88b57fd22f4f71635eb1d</sum> </package> <package arch="x86_64" epoch="0" name="e2fsprogs-libs" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>e2fsprogs-libs-1.42.9-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">a64cc229a60dbb19864c99ba6e2818bc7984a43c</sum> </package> <package arch="i686" epoch="0" name="e2fsprogs-static" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>e2fsprogs-static-1.42.9-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">b1adb576dbb0f6297344e0d6579fcb5d775b0cbb</sum> </package> <package arch="x86_64" epoch="0" name="e2fsprogs-static" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>e2fsprogs-static-1.42.9-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">84a63b84f0fb08b25ad4191c82301089b0f7a3b0</sum> </package> <package arch="i686" epoch="0" name="libcom_err" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>libcom_err-1.42.9-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">7a11423d2c03210fd3a116a36346a9b3062bc444</sum> </package> <package arch="x86_64" epoch="0" name="libcom_err" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>libcom_err-1.42.9-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">e45e68f972493b18231b08c9bee9ccdb04c022eb</sum> </package> <package arch="i686" epoch="0" name="libcom_err-devel" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>libcom_err-devel-1.42.9-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">871a0a36a3ea4cba30081730d86883993b208699</sum> </package> <package arch="x86_64" epoch="0" name="libcom_err-devel" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>libcom_err-devel-1.42.9-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f7fd917fc6d0d085ee604f117461e1ca2fb0b47d</sum> </package> <package arch="i686" epoch="0" name="libss" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>libss-1.42.9-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">07506e9368bc24af93c4b1de0b16e61002431637</sum> </package> <package arch="x86_64" epoch="0" name="libss" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>libss-1.42.9-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9bca2ff321677ef9d8b7af31e30231f7f6d36706</sum> </package> <package arch="i686" epoch="0" name="libss-devel" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>libss-devel-1.42.9-19.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">8aa8e0d231c0db85a293d654a54e62b1ecea7e3d</sum> </package> <package arch="x86_64" epoch="0" name="libss-devel" release="19.el7.tuxcare.els1" src="e2fsprogs-1.42.9-19.el7.tuxcare.els1.src.rpm" version="1.42.9"> <filename>libss-devel-1.42.9-19.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9cf481f0b77c48f2904123fa5f226e5ee75eeee5</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1711477070</id> <title>gmp: Fix of CVE-2021-43618</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-43618: gmp security and enhancement update</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-43618: gmp security and enhancement update</summary> <pushcount>0</pushcount> <issued date="2024-03-26 18:17:53 UTC" /> <updated date="2024-03-26 18:17:53 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1711477070.html" id="CLSA-2024:1711477070" title="CLSA-2024:1711477070" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="1" name="gmp" release="15.el7.tuxcare.els1" src="gmp-6.0.0-15.el7.tuxcare.els1.src.rpm" version="6.0.0"> <filename>gmp-6.0.0-15.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">c7cabf95bad64a74ec37ebea2955038355eda69d</sum> </package> <package arch="x86_64" epoch="1" name="gmp" release="15.el7.tuxcare.els1" src="gmp-6.0.0-15.el7.tuxcare.els1.src.rpm" version="6.0.0"> <filename>gmp-6.0.0-15.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">e20a31c4c4e9e992f36d04ed20285b50af78ccfa</sum> </package> <package arch="i686" epoch="1" name="gmp-devel" release="15.el7.tuxcare.els1" src="gmp-6.0.0-15.el7.tuxcare.els1.src.rpm" version="6.0.0"> <filename>gmp-devel-6.0.0-15.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">b38f3bec2d79eb18d720c7b0e0dcea30820c9f12</sum> </package> <package arch="x86_64" epoch="1" name="gmp-devel" release="15.el7.tuxcare.els1" src="gmp-6.0.0-15.el7.tuxcare.els1.src.rpm" version="6.0.0"> <filename>gmp-devel-6.0.0-15.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9c86c1d2eb72c38e6690fd19f52974160ff9f5e1</sum> </package> <package arch="i686" epoch="1" name="gmp-static" release="15.el7.tuxcare.els1" src="gmp-6.0.0-15.el7.tuxcare.els1.src.rpm" version="6.0.0"> <filename>gmp-static-6.0.0-15.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">aa3e2e0be2d906e0cb489f226d619f6618267f3d</sum> </package> <package arch="x86_64" epoch="1" name="gmp-static" release="15.el7.tuxcare.els1" src="gmp-6.0.0-15.el7.tuxcare.els1.src.rpm" version="6.0.0"> <filename>gmp-static-6.0.0-15.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">60a5ff787fa75c1473000aa1e383602cf02c142a</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1711491407</id> <title>python: Fix of CVE-2023-27043</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-27043: reject malformed addresses in email.parseaddr()</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-27043: reject malformed addresses in email.parseaddr()</summary> <pushcount>0</pushcount> <issued date="2024-03-26 22:16:50 UTC" /> <updated date="2024-03-26 22:16:50 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1711491407.html" id="CLSA-2024:1711491407" title="CLSA-2024:1711491407" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="python" release="94.el7_9.tuxcare.els2" src="python-2.7.5-94.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">9a57d86a5ec37fde5878c459e5a78a51f16d4679</sum> </package> <package arch="x86_64" epoch="0" name="python-debug" release="94.el7_9.tuxcare.els2" src="python-2.7.5-94.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-debug-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">0cc2b5dc59c694887df1efd92e83c573b0e3b4fe</sum> </package> <package arch="x86_64" epoch="0" name="python-devel" release="94.el7_9.tuxcare.els2" src="python-2.7.5-94.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-devel-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">f949b122a3ff8d11d99ca71a0883fb6b14bfdc74</sum> </package> <package arch="i686" epoch="0" name="python-libs" release="94.el7_9.tuxcare.els2" src="python-2.7.5-94.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-94.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">a9b7e0b8ef88fd35573315083dc019618d066382</sum> </package> <package arch="x86_64" epoch="0" name="python-libs" release="94.el7_9.tuxcare.els2" src="python-2.7.5-94.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">09c96ddcd72c2d0c1c2f70086ca5e95bab3a5261</sum> </package> <package arch="x86_64" epoch="0" name="python-test" release="94.el7_9.tuxcare.els2" src="python-2.7.5-94.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-test-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">9f0418bcfcd1b2551e8f813086a0d6d8db88364a</sum> </package> <package arch="x86_64" epoch="0" name="python-tools" release="94.el7_9.tuxcare.els2" src="python-2.7.5-94.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>python-tools-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">d5f8f4cc625e3c7d7ad9620fc4918e3b61af7941</sum> </package> <package arch="x86_64" epoch="0" name="tkinter" release="94.el7_9.tuxcare.els2" src="python-2.7.5-94.el7_9.tuxcare.els2.src.rpm" version="2.7.5"> <filename>tkinter-2.7.5-94.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">17773fcc3887cada40935e5dc70ed11ee66dc7f3</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1711562558</id> <title>curl: Fix of 3 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Moved tuxcare patches from 7.29.0-59.1.tuxcare.els2 - CVE-2023-38546: cookie: remove unnecessary struct fields - CVE-2022-27782: check additional TLS or SSH connection parameters that should have prohibited connection reuse - CVE-2023-27534: fix SFTP path '~' resolving discrepancy - fix read off end of array for SCP home directory case</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Moved tuxcare patches from 7.29.0-59.1.tuxcare.els2 - CVE-2023-38546: cookie: remove unnecessary struct fields - CVE-2022-27782: check additional TLS or SSH connection parameters that should have prohibited connection reuse - CVE-2023-27534: fix SFTP path '~' resolving discrepancy - fix read off end of array for SCP home directory case</summary> <pushcount>0</pushcount> <issued date="2024-03-27 18:02:41 UTC" /> <updated date="2024-03-27 18:02:41 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1711562558.html" id="CLSA-2024:1711562558" title="CLSA-2024:1711562558" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="curl" release="59.el7_9.2.tuxcare.els1" src="curl-7.29.0-59.el7_9.2.tuxcare.els1.src.rpm" version="7.29.0"> <filename>curl-7.29.0-59.el7_9.2.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">41eec66a63677954a764a4d274c2066d5d2756e5</sum> </package> <package arch="i686" epoch="0" name="libcurl" release="59.el7_9.2.tuxcare.els1" src="curl-7.29.0-59.el7_9.2.tuxcare.els1.src.rpm" version="7.29.0"> <filename>libcurl-7.29.0-59.el7_9.2.tuxcare.els1.i686.rpm</filename> <sum type="sha">7774267dd1dd8c29434016350a37450e67863ab6</sum> </package> <package arch="x86_64" epoch="0" name="libcurl" release="59.el7_9.2.tuxcare.els1" src="curl-7.29.0-59.el7_9.2.tuxcare.els1.src.rpm" version="7.29.0"> <filename>libcurl-7.29.0-59.el7_9.2.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">c3c2525f2cd0a9b884bfdf4890982918e7ce1d3b</sum> </package> <package arch="i686" epoch="0" name="libcurl-devel" release="59.el7_9.2.tuxcare.els1" src="curl-7.29.0-59.el7_9.2.tuxcare.els1.src.rpm" version="7.29.0"> <filename>libcurl-devel-7.29.0-59.el7_9.2.tuxcare.els1.i686.rpm</filename> <sum type="sha">1723e81d78c94128adde4431980cacb86778349b</sum> </package> <package arch="x86_64" epoch="0" name="libcurl-devel" release="59.el7_9.2.tuxcare.els1" src="curl-7.29.0-59.el7_9.2.tuxcare.els1.src.rpm" version="7.29.0"> <filename>libcurl-devel-7.29.0-59.el7_9.2.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">70acfc58e39dd74948fd376cd9889f6a366069c7</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1711562715</id> <title>systemd: Fix of CVE-2023-26604</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Moved tuxcare patches from 219-78.7.tuxcare.els1 - CVE-2023-26604: use only less as a pager and restrict its functionality (e.g stop running external shell) unless environment variable SYSTEMD_PAGERSECURE is defined</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Moved tuxcare patches from 219-78.7.tuxcare.els1 - CVE-2023-26604: use only less as a pager and restrict its functionality (e.g stop running external shell) unless environment variable SYSTEMD_PAGERSECURE is defined</summary> <pushcount>0</pushcount> <issued date="2024-03-27 18:05:17 UTC" /> <updated date="2024-03-27 18:05:17 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1711562715.html" id="CLSA-2024:1711562715" title="CLSA-2024:1711562715" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libgudev1" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>libgudev1-219-78.el7_9.9.tuxcare.els1.i686.rpm</filename> <sum type="sha">600ffbbc531d9525d5e6d75c82becd8cccc7624e</sum> </package> <package arch="x86_64" epoch="0" name="libgudev1" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>libgudev1-219-78.el7_9.9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">443d73f6b44a0dc735e9e80891901ac88bbc6825</sum> </package> <package arch="i686" epoch="0" name="libgudev1-devel" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>libgudev1-devel-219-78.el7_9.9.tuxcare.els1.i686.rpm</filename> <sum type="sha">6c3f5ed36773f2c9bcacfa9efb496d42b5cf29d9</sum> </package> <package arch="x86_64" epoch="0" name="libgudev1-devel" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>libgudev1-devel-219-78.el7_9.9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9fbd2eaed3fa1e2d3b85f071d8613c08851dee39</sum> </package> <package arch="x86_64" epoch="0" name="systemd" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>systemd-219-78.el7_9.9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">97fc576af15f53a2f5b80576af0e90d2dc5e43da</sum> </package> <package arch="i686" epoch="0" name="systemd-devel" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>systemd-devel-219-78.el7_9.9.tuxcare.els1.i686.rpm</filename> <sum type="sha">33f697690762a0dffb5242db914d4b4e91917483</sum> </package> <package arch="x86_64" epoch="0" name="systemd-devel" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>systemd-devel-219-78.el7_9.9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">3a19be1a47e9471e4d22e06725368164b4f4f974</sum> </package> <package arch="x86_64" epoch="0" name="systemd-journal-gateway" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>systemd-journal-gateway-219-78.el7_9.9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">8125c44e813d3eda60e2aa7516ba6d8298484eab</sum> </package> <package arch="i686" epoch="0" name="systemd-libs" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>systemd-libs-219-78.el7_9.9.tuxcare.els1.i686.rpm</filename> <sum type="sha">c72e387afd05160e0bc5e0d75d7ddc2eabcb131e</sum> </package> <package arch="x86_64" epoch="0" name="systemd-libs" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>systemd-libs-219-78.el7_9.9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9aaafca186a923a4a71a88ff84153f8e200616ea</sum> </package> <package arch="x86_64" epoch="0" name="systemd-networkd" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>systemd-networkd-219-78.el7_9.9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b5e05ef9e532d7367b42d9faab2c8f2802f4da2e</sum> </package> <package arch="x86_64" epoch="0" name="systemd-python" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>systemd-python-219-78.el7_9.9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">a487989e9e3112d3390e9f22637f230e88691ebe</sum> </package> <package arch="i686" epoch="0" name="systemd-resolved" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>systemd-resolved-219-78.el7_9.9.tuxcare.els1.i686.rpm</filename> <sum type="sha">c66136c8fb847c9450d65f836517efd52262c1c3</sum> </package> <package arch="x86_64" epoch="0" name="systemd-resolved" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>systemd-resolved-219-78.el7_9.9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">8b068f8040965dc83c1d96ab57620301d696e83f</sum> </package> <package arch="x86_64" epoch="0" name="systemd-sysv" release="78.el7_9.9.tuxcare.els1" src="systemd-219-78.el7_9.9.tuxcare.els1.src.rpm" version="219"> <filename>systemd-sysv-219-78.el7_9.9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">782dd94fdf296da689b84ae79650205cb5031f1e</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1711563079</id> <title>Update of zlib</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Rebuild with dist .el7_9</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Rebuild with dist .el7_9</summary> <pushcount>0</pushcount> <issued date="2024-03-27 18:11:22 UTC" /> <updated date="2024-03-27 18:11:22 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1711563079.html" id="CLSA-2024:1711563079" title="CLSA-2024:1711563079" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="minizip" release="21.el7_9.tuxcare.els1" src="zlib-1.2.7-21.el7_9.tuxcare.els1.src.rpm" version="1.2.7"> <filename>minizip-1.2.7-21.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">eaa78a1be0791d41b7dd18991a96e92b0db7e8ec</sum> </package> <package arch="x86_64" epoch="0" name="minizip" release="21.el7_9.tuxcare.els1" src="zlib-1.2.7-21.el7_9.tuxcare.els1.src.rpm" version="1.2.7"> <filename>minizip-1.2.7-21.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">390f396704e82eed411fe0dc52bc449c6710bed6</sum> </package> <package arch="i686" epoch="0" name="minizip-devel" release="21.el7_9.tuxcare.els1" src="zlib-1.2.7-21.el7_9.tuxcare.els1.src.rpm" version="1.2.7"> <filename>minizip-devel-1.2.7-21.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">e70ffd395a667025e25c576dbee6292bf74a883f</sum> </package> <package arch="x86_64" epoch="0" name="minizip-devel" release="21.el7_9.tuxcare.els1" src="zlib-1.2.7-21.el7_9.tuxcare.els1.src.rpm" version="1.2.7"> <filename>minizip-devel-1.2.7-21.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">90e927279e7350bf765b9a073fa1c048fff0fa7c</sum> </package> <package arch="i686" epoch="0" name="zlib" release="21.el7_9.tuxcare.els1" src="zlib-1.2.7-21.el7_9.tuxcare.els1.src.rpm" version="1.2.7"> <filename>zlib-1.2.7-21.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">8eb5031cdc17ac4ecc82648f10709d3dbb655d62</sum> </package> <package arch="x86_64" epoch="0" name="zlib" release="21.el7_9.tuxcare.els1" src="zlib-1.2.7-21.el7_9.tuxcare.els1.src.rpm" version="1.2.7"> <filename>zlib-1.2.7-21.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">8421c6c66e2ff45ad09c042bcc5a514077278842</sum> </package> <package arch="i686" epoch="0" name="zlib-devel" release="21.el7_9.tuxcare.els1" src="zlib-1.2.7-21.el7_9.tuxcare.els1.src.rpm" version="1.2.7"> <filename>zlib-devel-1.2.7-21.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">5744a3425cfe49caa4e3beea9f0acb00a8141607</sum> </package> <package arch="x86_64" epoch="0" name="zlib-devel" release="21.el7_9.tuxcare.els1" src="zlib-1.2.7-21.el7_9.tuxcare.els1.src.rpm" version="1.2.7"> <filename>zlib-devel-1.2.7-21.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7be39e7d983d70dc550a1d5efa838f267277f232</sum> </package> <package arch="i686" epoch="0" name="zlib-static" release="21.el7_9.tuxcare.els1" src="zlib-1.2.7-21.el7_9.tuxcare.els1.src.rpm" version="1.2.7"> <filename>zlib-static-1.2.7-21.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">f21e58039680ac4be0c8aec5c7ed013ba0075a86</sum> </package> <package arch="x86_64" epoch="0" name="zlib-static" release="21.el7_9.tuxcare.els1" src="zlib-1.2.7-21.el7_9.tuxcare.els1.src.rpm" version="1.2.7"> <filename>zlib-static-1.2.7-21.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">bcff118c50f887a393a600dda456325bb2e4d13c</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1712176685</id> <title>gawk: Fix of CVE-2023-4156</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Fix CVE-2023-4156: builtin.c (format_tree): When collecting positional field widths or precisions, check for wrap around to negative values.</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Fix CVE-2023-4156: builtin.c (format_tree): When collecting positional field widths or precisions, check for wrap around to negative values.</summary> <pushcount>0</pushcount> <issued date="2024-04-03 20:38:08 UTC" /> <updated date="2024-04-03 20:38:08 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1712176685.html" id="CLSA-2024:1712176685" title="CLSA-2024:1712176685" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="gawk" release="4.el7_3.1.tuxcare.els1" src="gawk-4.0.2-4.el7_3.1.tuxcare.els1.src.rpm" version="4.0.2"> <filename>gawk-4.0.2-4.el7_3.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">797101704b7700a679ee05dc3ead40a8a8738dd8</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1712176929</id> <title>Update of libxslt</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Fix use-after-free in xsltApplyTemplates</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Fix use-after-free in xsltApplyTemplates</summary> <pushcount>0</pushcount> <issued date="2024-04-03 20:42:13 UTC" /> <updated date="2024-04-03 20:42:13 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1712176929.html" id="CLSA-2024:1712176929" title="CLSA-2024:1712176929" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libxslt" release="6.el7.tuxcare.els1" src="libxslt-1.1.28-6.el7.tuxcare.els1.src.rpm" version="1.1.28"> <filename>libxslt-1.1.28-6.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">795ec0871478b6ea66933e27d0a75f7c87fe1e46</sum> </package> <package arch="x86_64" epoch="0" name="libxslt" release="6.el7.tuxcare.els1" src="libxslt-1.1.28-6.el7.tuxcare.els1.src.rpm" version="1.1.28"> <filename>libxslt-1.1.28-6.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">dd82d50ac0f2fcf5adad46492d33fdfb27ffcbe5</sum> </package> <package arch="i686" epoch="0" name="libxslt-devel" release="6.el7.tuxcare.els1" src="libxslt-1.1.28-6.el7.tuxcare.els1.src.rpm" version="1.1.28"> <filename>libxslt-devel-1.1.28-6.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">23f0e55a508f05b336325f69c8cdfc524a87ae71</sum> </package> <package arch="x86_64" epoch="0" name="libxslt-devel" release="6.el7.tuxcare.els1" src="libxslt-1.1.28-6.el7.tuxcare.els1.src.rpm" version="1.1.28"> <filename>libxslt-devel-1.1.28-6.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0cb54d5259dd02bdad58f5127307a14cc00321fe</sum> </package> <package arch="x86_64" epoch="0" name="libxslt-python" release="6.el7.tuxcare.els1" src="libxslt-1.1.28-6.el7.tuxcare.els1.src.rpm" version="1.1.28"> <filename>libxslt-python-1.1.28-6.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">6c442a5cf3c7f3ec167c1a982e4b7722625e7248</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1712672449</id> <title>Update of cpio</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Fix integer overflow in dstring.c ds_fgetstr that triggers an out-of-bounds heap write</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Fix integer overflow in dstring.c ds_fgetstr that triggers an out-of-bounds heap write</summary> <pushcount>0</pushcount> <issued date="2024-04-09 14:21:57 UTC" /> <updated date="2024-04-09 14:21:57 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1712672449.html" id="CLSA-2024:1712672449" title="CLSA-2024:1712672449" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="cpio" release="28.el7.tuxcare.els1" src="cpio-2.11-28.el7.tuxcare.els1.src.rpm" version="2.11"> <filename>cpio-2.11-28.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">020be05b53b3af73aa9530637778f00234a346fa</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1712672592</id> <title>git: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-40330: forbid newlines in host and path in git_connect() - CVE-2022-39260: shell - limit size of interactive commands</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-40330: forbid newlines in host and path in git_connect() - CVE-2022-39260: shell - limit size of interactive commands</summary> <pushcount>0</pushcount> <issued date="2024-04-09 14:23:15 UTC" /> <updated date="2024-04-09 14:23:15 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1712672592.html" id="CLSA-2024:1712672592" title="CLSA-2024:1712672592" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="noarch" epoch="0" name="emacs-git" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>emacs-git-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">0763c89032e34f99efdce908ac24dc774a74daa7</sum> </package> <package arch="noarch" epoch="0" name="emacs-git-el" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>emacs-git-el-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">2dbaea78f7d15ee16a8720e0e802694daacc2ba4</sum> </package> <package arch="x86_64" epoch="0" name="git" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>git-1.8.3.1-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">e44d20821999b2bd125d17554b490e862542da1e</sum> </package> <package arch="noarch" epoch="0" name="git-all" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>git-all-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">669b99789cdb6b6c23f5b8197dade1e15a3fd87e</sum> </package> <package arch="noarch" epoch="0" name="git-bzr" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>git-bzr-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">130ddf01d0817f8443a73f12bd6de48829affa1d</sum> </package> <package arch="noarch" epoch="0" name="git-cvs" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>git-cvs-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">b95758c854b7d104fd01c3a9978c89fa891603a1</sum> </package> <package arch="x86_64" epoch="0" name="git-daemon" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>git-daemon-1.8.3.1-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0e9c58b70cd3a0792a99d418c3d475643ad21c8d</sum> </package> <package arch="noarch" epoch="0" name="git-email" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>git-email-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">45ab0487d627d17303c750055afe173524c62ca5</sum> </package> <package arch="x86_64" epoch="0" name="git-gnome-keyring" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>git-gnome-keyring-1.8.3.1-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b854bab94f8a69a52b8fe7b9bb2d995217cdcd3c</sum> </package> <package arch="noarch" epoch="0" name="git-gui" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>git-gui-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">e50d89fb6fb6c14430264d50dd8c30f7dd8843b5</sum> </package> <package arch="noarch" epoch="0" name="git-hg" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>git-hg-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">96dbb7bdd17adc5c6cc3294c3aef6c0c48a95da7</sum> </package> <package arch="noarch" epoch="0" name="git-instaweb" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>git-instaweb-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">cecff059eaf6f3800b32f73c9fdd8718752b9c8c</sum> </package> <package arch="noarch" epoch="0" name="git-p4" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>git-p4-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">95082121668c5afa71003f6351039bbf1acb7ce2</sum> </package> <package arch="x86_64" epoch="0" name="git-svn" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>git-svn-1.8.3.1-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">fa31144300189fe35db08ff45cb242b3302c9359</sum> </package> <package arch="noarch" epoch="0" name="gitk" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>gitk-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">9346c3b747ab83261457f9f7cb3a84ae304a1e76</sum> </package> <package arch="noarch" epoch="0" name="gitweb" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>gitweb-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">6cc3330291da83c7b72d93cbdad5ba7323b3c14d</sum> </package> <package arch="noarch" epoch="0" name="perl-Git" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>perl-Git-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">11f5c9a03fbc34cb5321ec136daf8913e02d4da8</sum> </package> <package arch="noarch" epoch="0" name="perl-Git-SVN" release="25.el7_9.tuxcare.els1" src="git-1.8.3.1-25.el7_9.tuxcare.els1.src.rpm" version="1.8.3.1"> <filename>perl-Git-SVN-1.8.3.1-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">53062d06a336280300977c31d0fe72671a9f9caf</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1712837808</id> <title>postgresql: Fix of CVE-2021-23214</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-23214: Reject extraneous data after SSL or GSS encryption handshake</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-23214: Reject extraneous data after SSL or GSS encryption handshake</summary> <pushcount>0</pushcount> <issued date="2024-04-11 12:16:52 UTC" /> <updated date="2024-04-11 12:16:52 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1712837808.html" id="CLSA-2024:1712837808" title="CLSA-2024:1712837808" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="postgresql" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-9.2.24-9.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">a6b1cd3f538346f4fea68aea350c14f4a2dadf6a</sum> </package> <package arch="x86_64" epoch="0" name="postgresql" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">d56882e00cb0ecd1f213f3f7007c1bc4323312ae</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-contrib" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-contrib-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">bf22f1e52cb2a8aaacc1bb887e6758a5c73e0f56</sum> </package> <package arch="i686" epoch="0" name="postgresql-devel" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-devel-9.2.24-9.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">36fda0db50c7d743034f9685aa36c69ef26e96ac</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-devel" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-devel-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">2bb7a53367d6290520ca77b3b54059b96d73e54b</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-docs" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-docs-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">bddb74800410ea4c06bc7b5b30fde00b43fcc11f</sum> </package> <package arch="i686" epoch="0" name="postgresql-libs" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-libs-9.2.24-9.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">a3d9b40edfbdbd64aa74fbe3ecac3db996f431b4</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-libs" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-libs-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">e5af55ea2903778f50d721d93c70f5ee9c7f3560</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-plperl" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-plperl-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">61337e67a8738fafa0004325aed6f301c7ae732d</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-plpython" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-plpython-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">dc364b71d69ef21c93aa0d3e47145a205ecbcebf</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-pltcl" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-pltcl-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">6d852b9ff60abb95a8b77b59a1ff787a7cae0c4d</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-server" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-server-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">1fcce3936a27279acc29c3c4269aaf87896cabe5</sum> </package> <package arch="i686" epoch="0" name="postgresql-static" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-static-9.2.24-9.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">e2e4e378702a057da09de185da073f742d3a16c3</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-static" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-static-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">360345bdff1478b1bdf702559d2db6d1a02dc2ce</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-test" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-test-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">968753e1c0f53c5e2b835c7583e92c3850a72da2</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-upgrade" release="9.el7_9.tuxcare.els1" src="postgresql-9.2.24-9.el7_9.tuxcare.els1.src.rpm" version="9.2.24"> <filename>postgresql-upgrade-9.2.24-9.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">44d819a1f3031a0342654b8f13a51c70d1a688f7</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1712837970</id> <title>Update of microcode_ctl</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Moved tuxcare patches from 2:2.1-73.16.tuxcare.els1 - gen_update2.py was updated to output strings having restricted length - Update Intel CPU microcode to microcode-20231114 release (it's the same as microcode-20231009) - Update vendor patches</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Moved tuxcare patches from 2:2.1-73.16.tuxcare.els1 - gen_update2.py was updated to output strings having restricted length - Update Intel CPU microcode to microcode-20231114 release (it's the same as microcode-20231009) - Update vendor patches</summary> <pushcount>0</pushcount> <issued date="2024-04-11 12:19:33 UTC" /> <updated date="2024-04-11 12:19:33 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1712837970.html" id="CLSA-2024:1712837970" title="CLSA-2024:1712837970" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="2" name="microcode_ctl" release="73.20.el7_9.tuxcare.els1" src="microcode_ctl-2.1-73.20.el7_9.tuxcare.els1.src.rpm" version="2.1"> <filename>microcode_ctl-2.1-73.20.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">2968ff12bf5463499feffba75cc00765fcb19137</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1713346166</id> <title>ImageMagick: Fix of 6 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Fix CVE-2022-32546 integer overflow at at coders/pcl.c. - Fix CVE-2022-32545 outside the range of representable values at coders/psd.c. - Fix CVE-2022-32547 misaligned address at MagickCore/property.c. - Fix CVE-2021-20312 integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c - Fix CVE-2021-20313 cipher leak when the calculate signatures in TransformSignature - Fix CVE-2021-20309 division by zero in WaveImage() of MagickCore/visual-effects.c</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Fix CVE-2022-32546 integer overflow at at coders/pcl.c. - Fix CVE-2022-32545 outside the range of representable values at coders/psd.c. - Fix CVE-2022-32547 misaligned address at MagickCore/property.c. - Fix CVE-2021-20312 integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c - Fix CVE-2021-20313 cipher leak when the calculate signatures in TransformSignature - Fix CVE-2021-20309 division by zero in WaveImage() of MagickCore/visual-effects.c</summary> <pushcount>0</pushcount> <issued date="2024-04-17 09:29:35 UTC" /> <updated date="2024-04-17 09:29:35 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1713346166.html" id="CLSA-2024:1713346166" title="CLSA-2024:1713346166" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="ImageMagick" release="7.el7_9.tuxcare.els1" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.src.rpm" version="6.9.10.68"> <filename>ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">5fe3b81a5a7ee28d8472964012617a58dbee8bf0</sum> </package> <package arch="x86_64" epoch="0" name="ImageMagick" release="7.el7_9.tuxcare.els1" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.src.rpm" version="6.9.10.68"> <filename>ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9235765fa65752abf92bdbf3392a78dc971991ba</sum> </package> <package arch="i686" epoch="0" name="ImageMagick-c++" release="7.el7_9.tuxcare.els1" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.src.rpm" version="6.9.10.68"> <filename>ImageMagick-c++-6.9.10.68-7.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">96fcda33d48f4e19e5efd90edd38b2f544554d75</sum> </package> <package arch="x86_64" epoch="0" name="ImageMagick-c++" release="7.el7_9.tuxcare.els1" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.src.rpm" version="6.9.10.68"> <filename>ImageMagick-c++-6.9.10.68-7.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">e5c1b098d6895794e3e515c771429d88a5b3e5a0</sum> </package> <package arch="i686" epoch="0" name="ImageMagick-c++-devel" release="7.el7_9.tuxcare.els1" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.src.rpm" version="6.9.10.68"> <filename>ImageMagick-c++-devel-6.9.10.68-7.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">2c0ea801fe3c20eef3444ec6d24077c693d2247a</sum> </package> <package arch="x86_64" epoch="0" name="ImageMagick-c++-devel" release="7.el7_9.tuxcare.els1" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.src.rpm" version="6.9.10.68"> <filename>ImageMagick-c++-devel-6.9.10.68-7.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">991055e162ec215c750391ded96091afbbd5abc1</sum> </package> <package arch="i686" epoch="0" name="ImageMagick-devel" release="7.el7_9.tuxcare.els1" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.src.rpm" version="6.9.10.68"> <filename>ImageMagick-devel-6.9.10.68-7.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">dd64086e72c9db91c2cdf0027252e1ec41a19b69</sum> </package> <package arch="x86_64" epoch="0" name="ImageMagick-devel" release="7.el7_9.tuxcare.els1" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.src.rpm" version="6.9.10.68"> <filename>ImageMagick-devel-6.9.10.68-7.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">37edd04e2d33299e0bd518508e1fdd67d8e37cd1</sum> </package> <package arch="x86_64" epoch="0" name="ImageMagick-doc" release="7.el7_9.tuxcare.els1" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.src.rpm" version="6.9.10.68"> <filename>ImageMagick-doc-6.9.10.68-7.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">550f342a9eb1515cc21d8ccfcdc78c928555f9b6</sum> </package> <package arch="x86_64" epoch="0" name="ImageMagick-perl" release="7.el7_9.tuxcare.els1" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els1.src.rpm" version="6.9.10.68"> <filename>ImageMagick-perl-6.9.10.68-7.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9cc158239b154aeff9b4cf14fc1759d91353b419</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1713370315</id> <title>sudo: Fix of CVE-2023-42465</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-42465: Make sudo less vulnerable to ROWHAMMER attacks</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-42465: Make sudo less vulnerable to ROWHAMMER attacks</summary> <pushcount>0</pushcount> <issued date="2024-04-17 16:13:07 UTC" /> <updated date="2024-04-17 16:13:07 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1713370315.html" id="CLSA-2024:1713370315" title="CLSA-2024:1713370315" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="sudo" release="10.el7_9.3.tuxcare.els2" src="sudo-1.8.23-10.el7_9.3.tuxcare.els2.src.rpm" version="1.8.23"> <filename>sudo-1.8.23-10.el7_9.3.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">8b3e85faf7348cfa36a834edcab6283bf7e7c9ec</sum> </package> <package arch="i686" epoch="0" name="sudo-devel" release="10.el7_9.3.tuxcare.els2" src="sudo-1.8.23-10.el7_9.3.tuxcare.els2.src.rpm" version="1.8.23"> <filename>sudo-devel-1.8.23-10.el7_9.3.tuxcare.els2.i686.rpm</filename> <sum type="sha">a8d99655786b25d792adb15dc1f8e4eb43f6de26</sum> </package> <package arch="x86_64" epoch="0" name="sudo-devel" release="10.el7_9.3.tuxcare.els2" src="sudo-1.8.23-10.el7_9.3.tuxcare.els2.src.rpm" version="1.8.23"> <filename>sudo-devel-1.8.23-10.el7_9.3.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">e4f75670e7026f60c5151d099e338aef2ad3d57a</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1714065925</id> <title>less: Fix of CVE-2022-48624</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Fix CVE-2022-48624: filename.c (close_altfile): before 606 omits shell_quote calls for LESSCLOSE.</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Fix CVE-2022-48624: filename.c (close_altfile): before 606 omits shell_quote calls for LESSCLOSE.</summary> <pushcount>0</pushcount> <issued date="2024-04-25 17:25:27 UTC" /> <updated date="2024-04-25 17:25:27 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1714065925.html" id="CLSA-2024:1714065925" title="CLSA-2024:1714065925" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="less" release="9.el7.tuxcare.els1" src="less-458-9.el7.tuxcare.els1.src.rpm" version="458"> <filename>less-458-9.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">4fbff308afca970560968b956a02cf0bd2d8a335</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1714728645</id> <title>git: Fix of CVE-2023-23946</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-23946: apply - fix writing behind newly created symbolic links</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-23946: apply - fix writing behind newly created symbolic links</summary> <pushcount>0</pushcount> <issued date="2024-05-03 09:30:48 UTC" /> <updated date="2024-05-03 09:30:48 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1714728645.html" id="CLSA-2024:1714728645" title="CLSA-2024:1714728645" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="noarch" epoch="0" name="emacs-git" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>emacs-git-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">699cf41ee5ed67b61ee68d1a3c9068f6a6da6d48</sum> </package> <package arch="noarch" epoch="0" name="emacs-git-el" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>emacs-git-el-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">e0170f3cd1bd4ab2219e5d3a093f44b3c958a521</sum> </package> <package arch="x86_64" epoch="0" name="git" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>git-1.8.3.1-25.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">b3385033c7fd58d4907204536a10d441e1342b73</sum> </package> <package arch="noarch" epoch="0" name="git-all" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>git-all-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">76831172dc99f3433b39d526928006436949adf2</sum> </package> <package arch="noarch" epoch="0" name="git-bzr" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>git-bzr-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">4217a7f70c79dce080984b9e2df09f7267976288</sum> </package> <package arch="noarch" epoch="0" name="git-cvs" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>git-cvs-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">041c2178ff70ef65ee3348c7a029d0629cddc679</sum> </package> <package arch="x86_64" epoch="0" name="git-daemon" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>git-daemon-1.8.3.1-25.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">bc63824a57c53ac281c822a9e5e16cdffaddbe20</sum> </package> <package arch="noarch" epoch="0" name="git-email" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>git-email-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">a65fab1ce7a93c7258312b7c8c3e8fc07c7853a8</sum> </package> <package arch="x86_64" epoch="0" name="git-gnome-keyring" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>git-gnome-keyring-1.8.3.1-25.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">b5d07f8df2825c5d7292454168101cbe202aef5c</sum> </package> <package arch="noarch" epoch="0" name="git-gui" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>git-gui-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">83b0c8a1150951a9a568deaf4cda67df1fa26409</sum> </package> <package arch="noarch" epoch="0" name="git-hg" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>git-hg-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">a0b16ba7a555c126b69588ca53249b9f9170eb15</sum> </package> <package arch="noarch" epoch="0" name="git-instaweb" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>git-instaweb-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">959e2a527d8927c47620486d9e945679c828c91f</sum> </package> <package arch="noarch" epoch="0" name="git-p4" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>git-p4-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">b8ef854bbdb29161d5a1dda68965c179b6101367</sum> </package> <package arch="x86_64" epoch="0" name="git-svn" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>git-svn-1.8.3.1-25.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">3129a0da7305ed9ee70132163cc1c927ac0da125</sum> </package> <package arch="noarch" epoch="0" name="gitk" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>gitk-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">76dc3c8613b63df77c50cb4209147b9f66836009</sum> </package> <package arch="noarch" epoch="0" name="gitweb" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>gitweb-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">5e365c81cabb54e23af1ae59b41662b505506647</sum> </package> <package arch="noarch" epoch="0" name="perl-Git" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>perl-Git-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">73be34895c406d197c73cc1e25e97abae6822fcb</sum> </package> <package arch="noarch" epoch="0" name="perl-Git-SVN" release="25.el7_9.tuxcare.els2" src="git-1.8.3.1-25.el7_9.tuxcare.els2.src.rpm" version="1.8.3.1"> <filename>perl-Git-SVN-1.8.3.1-25.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha">d9084186acbe1bdbb9d37b2e4056a035ade8dad2</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1715280815</id> <title>nginx: Fix of CVE-2023-44487</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-44487: HTTP/2: per-iteration stream handling limit</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-44487: HTTP/2: per-iteration stream handling limit</summary> <pushcount>0</pushcount> <issued date="2024-05-09 18:53:38 UTC" /> <updated date="2024-05-09 18:53:38 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1715280815.html" id="CLSA-2024:1715280815" title="CLSA-2024:1715280815" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="1" name="nginx" release="10.el7.tuxcare.els1" src="nginx-1.20.1-10.el7.tuxcare.els1.src.rpm" version="1.20.1"> <filename>nginx-1.20.1-10.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f42bb4e3e477d8b9ede1ad34f100a0ba4bcf00d5</sum> </package> <package arch="noarch" epoch="1" name="nginx-all-modules" release="10.el7.tuxcare.els1" src="nginx-1.20.1-10.el7.tuxcare.els1.src.rpm" version="1.20.1"> <filename>nginx-all-modules-1.20.1-10.el7.tuxcare.els1.noarch.rpm</filename> <sum type="sha">926e9f1faa14ac0ec8c05e2aab693bf42707b1d1</sum> </package> <package arch="noarch" epoch="1" name="nginx-filesystem" release="10.el7.tuxcare.els1" src="nginx-1.20.1-10.el7.tuxcare.els1.src.rpm" version="1.20.1"> <filename>nginx-filesystem-1.20.1-10.el7.tuxcare.els1.noarch.rpm</filename> <sum type="sha">4a0593fc8dd4698a52848d8c8993c4bd5efa1ae9</sum> </package> <package arch="x86_64" epoch="1" name="nginx-mod-devel" release="10.el7.tuxcare.els1" src="nginx-1.20.1-10.el7.tuxcare.els1.src.rpm" version="1.20.1"> <filename>nginx-mod-devel-1.20.1-10.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">43dc00dc9376b8ce207ab6907c594b4ef42cd7e6</sum> </package> <package arch="x86_64" epoch="1" name="nginx-mod-http-image-filter" release="10.el7.tuxcare.els1" src="nginx-1.20.1-10.el7.tuxcare.els1.src.rpm" version="1.20.1"> <filename>nginx-mod-http-image-filter-1.20.1-10.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0c4a5fd6ce2f4aa97329e755140a1e77eb23b21e</sum> </package> <package arch="x86_64" epoch="1" name="nginx-mod-http-perl" release="10.el7.tuxcare.els1" src="nginx-1.20.1-10.el7.tuxcare.els1.src.rpm" version="1.20.1"> <filename>nginx-mod-http-perl-1.20.1-10.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">91d5447d418b2067e5945749a8c4db42a3b2f8d1</sum> </package> <package arch="x86_64" epoch="1" name="nginx-mod-http-xslt-filter" release="10.el7.tuxcare.els1" src="nginx-1.20.1-10.el7.tuxcare.els1.src.rpm" version="1.20.1"> <filename>nginx-mod-http-xslt-filter-1.20.1-10.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">8034ea1c40309b87305212e4398a5fd3f7f34e3e</sum> </package> <package arch="x86_64" epoch="1" name="nginx-mod-mail" release="10.el7.tuxcare.els1" src="nginx-1.20.1-10.el7.tuxcare.els1.src.rpm" version="1.20.1"> <filename>nginx-mod-mail-1.20.1-10.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">ada6be64de13a5ddbab5815327cb4b896c2bc953</sum> </package> <package arch="x86_64" epoch="1" name="nginx-mod-stream" release="10.el7.tuxcare.els1" src="nginx-1.20.1-10.el7.tuxcare.els1.src.rpm" version="1.20.1"> <filename>nginx-mod-stream-1.20.1-10.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">ae67ce5506124f82cb0ecf8dfd5148a4774c9bef</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1715672666</id> <title>less: Fix of CVE-2024-32487</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-32487: filename.c: quoting mishandling.</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-32487: filename.c: quoting mishandling.</summary> <pushcount>0</pushcount> <issued date="2024-05-14 07:44:29 UTC" /> <updated date="2024-05-14 07:44:29 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1715672666.html" id="CLSA-2024:1715672666" title="CLSA-2024:1715672666" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="less" release="9.el7.tuxcare.els2" src="less-458-9.el7.tuxcare.els2.src.rpm" version="458"> <filename>less-458-9.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">b6280046e0ec97a5bf14e0b7c6d2a18a4b939d11</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1716272110</id> <title>ncurses: Fix of CVE-2023-50495</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-50495: check return value of _nc_save_str() (from upstream patch 20230424), add validity checks in _nc_parse_entry() (from upstream patch 20170826)</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-50495: check return value of _nc_save_str() (from upstream patch 20230424), add validity checks in _nc_parse_entry() (from upstream patch 20170826)</summary> <pushcount>0</pushcount> <issued date="2024-05-21 09:53:22 UTC" /> <updated date="2024-05-21 09:53:22 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1716272110.html" id="CLSA-2024:1716272110" title="CLSA-2024:1716272110" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="ncurses" release="14.20130511.el7_4.tuxcare.els2" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els2.src.rpm" version="5.9"> <filename>ncurses-5.9-14.20130511.el7_4.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">62da4d76d3d0255f30a781e37211e347a3a6fe83</sum> </package> <package arch="noarch" epoch="0" name="ncurses-base" release="14.20130511.el7_4.tuxcare.els2" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els2.src.rpm" version="5.9"> <filename>ncurses-base-5.9-14.20130511.el7_4.tuxcare.els2.noarch.rpm</filename> <sum type="sha">f12427206b4b266c4803cccf782b94708484bafa</sum> </package> <package arch="i686" epoch="0" name="ncurses-devel" release="14.20130511.el7_4.tuxcare.els2" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els2.src.rpm" version="5.9"> <filename>ncurses-devel-5.9-14.20130511.el7_4.tuxcare.els2.i686.rpm</filename> <sum type="sha">047bf5e1b38b1d905c66332c1ccc8d73575181ed</sum> </package> <package arch="x86_64" epoch="0" name="ncurses-devel" release="14.20130511.el7_4.tuxcare.els2" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els2.src.rpm" version="5.9"> <filename>ncurses-devel-5.9-14.20130511.el7_4.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">311398d91ca74bd0125c65954109859eda5f369b</sum> </package> <package arch="i686" epoch="0" name="ncurses-libs" release="14.20130511.el7_4.tuxcare.els2" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els2.src.rpm" version="5.9"> <filename>ncurses-libs-5.9-14.20130511.el7_4.tuxcare.els2.i686.rpm</filename> <sum type="sha">0274920e98a1a5a8d60f4cf6ce96ff6b49088fd6</sum> </package> <package arch="x86_64" epoch="0" name="ncurses-libs" release="14.20130511.el7_4.tuxcare.els2" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els2.src.rpm" version="5.9"> <filename>ncurses-libs-5.9-14.20130511.el7_4.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">1fe84404373c7b74c08978a584387e55fa391ea0</sum> </package> <package arch="i686" epoch="0" name="ncurses-static" release="14.20130511.el7_4.tuxcare.els2" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els2.src.rpm" version="5.9"> <filename>ncurses-static-5.9-14.20130511.el7_4.tuxcare.els2.i686.rpm</filename> <sum type="sha">70894de7987dc6f625bd26300d5a1ebcfec962a6</sum> </package> <package arch="x86_64" epoch="0" name="ncurses-static" release="14.20130511.el7_4.tuxcare.els2" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els2.src.rpm" version="5.9"> <filename>ncurses-static-5.9-14.20130511.el7_4.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">031d03f88166dce885c2e342085aa3402ee1b162</sum> </package> <package arch="noarch" epoch="0" name="ncurses-term" release="14.20130511.el7_4.tuxcare.els2" src="ncurses-5.9-14.20130511.el7_4.tuxcare.els2.src.rpm" version="5.9"> <filename>ncurses-term-5.9-14.20130511.el7_4.tuxcare.els2.noarch.rpm</filename> <sum type="sha">48b0125355b2d8c5d69a3c8345c3295e908bf0b9</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1716915845</id> <title>java-1.8.0-openjdk: Fix of 4 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Upgrade to shenandoah-jdk8u412-b08. That fixes the following CVEs: - CVE-2024-21011: Denial of service due to long Exception message logging - CVE-2024-21085: Pack200 excessive memory allocation - CVE-2024-21068: Integer overflow in C1 compiler address generation - CVE-2024-21094: Unauthorized data modification due to C2 compilation failure with "Exceeded _node_regs array"</description> <severity>Low</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Upgrade to shenandoah-jdk8u412-b08. That fixes the following CVEs: - CVE-2024-21011: Denial of service due to long Exception message logging - CVE-2024-21085: Pack200 excessive memory allocation - CVE-2024-21068: Integer overflow in C1 compiler address generation - CVE-2024-21094: Unauthorized data modification due to C2 compilation failure with "Exceeded _node_regs array"</summary> <pushcount>0</pushcount> <issued date="2024-05-28 17:04:08 UTC" /> <updated date="2024-05-28 17:04:08 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1716915845.html" id="CLSA-2024:1716915845" title="CLSA-2024:1716915845" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="1" name="java-1.8.0-openjdk" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">01a40997ec803cfed5078c069caca1fd77846743</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">cf2c83051d60bc8c3f2cbfcb67e050b61760b5e1</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-accessibility" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">db2a5bd41f466e869352702d82136cc6c0f01942</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-accessibility" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">809bf03efacc328ca2b8e4ad1ffb8f56add94ef9</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-accessibility-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-accessibility-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">32d81a0bc78d8348d2880d0acbd8eadc0ae2b2e4</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f78ef6b81dab8db24285cacd79f402f7dd87e626</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-demo" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">149c1c6df547d3382a91f64c98be1945f9d80c4a</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-demo" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">55964626aa0983cccf5d5543b739b5cf9030b313</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-demo-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-demo-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">60583830f47e97e8c33c9b52d4861b604edf8911</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-devel" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">7d650ab1a51509ef202b3057931ef188c17c841f</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-devel" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">fba589c98ea9254c46440da41809d3d773ebcd4f</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-devel-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-devel-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7686958c6aa79ec46c85927c85f033804a2f7d72</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-headless" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">b84547052b5e4e6ab79f5ec1eae4c09b02709ae8</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-headless" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">82a40eea13104ddefa1e28d56eb42967ade10908</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-headless-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-headless-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">38f6de46e7b423a7f6aab2868976ec67c69098dc</sum> </package> <package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-javadoc-1.8.0.412.b08-1.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">f8642a3515383df2590594e025dc7fed2ab130a9</sum> </package> <package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-javadoc-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">035dbfca6805e4c942920f7e36b5edf0788c5ccd</sum> </package> <package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-zip" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-javadoc-zip-1.8.0.412.b08-1.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">24bf700f119a22e53e3fab1f30584a98cf6ec6b7</sum> </package> <package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-zip-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">3df0ba4587197f4e4e705eba95c93e4fcd233c65</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-src" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">6ad45bb2926765910190b23f969448a7744f8e91</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-src" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">4d91a7a4820ff295662f318fb4043b83d24a3e40</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-src-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.412.b08"> <filename>java-1.8.0-openjdk-src-debug-1.8.0.412.b08-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">dfe1ea054b53af7a05fea127fdf61a43935b69b4</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1716916085</id> <title>tomcat: Fix of CVE-2021-25329</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-25329: use consistent approach for sub-directory checking - Fix javadoc build</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-25329: use consistent approach for sub-directory checking - Fix javadoc build</summary> <pushcount>0</pushcount> <issued date="2024-05-28 17:08:07 UTC" /> <updated date="2024-05-28 17:08:07 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1716916085.html" id="CLSA-2024:1716916085" title="CLSA-2024:1716916085" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="noarch" epoch="0" name="tomcat" release="16.el7_9.tuxcare.els1" src="tomcat-7.0.76-16.el7_9.tuxcare.els1.src.rpm" version="7.0.76"> <filename>tomcat-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">3078c616f8d0ede897376d2a378ecebc45e20401</sum> </package> <package arch="noarch" epoch="0" name="tomcat-admin-webapps" release="16.el7_9.tuxcare.els1" src="tomcat-7.0.76-16.el7_9.tuxcare.els1.src.rpm" version="7.0.76"> <filename>tomcat-admin-webapps-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">4bf0e3cab6883186ddbb6fef3586ac3a3f0753e8</sum> </package> <package arch="noarch" epoch="0" name="tomcat-docs-webapp" release="16.el7_9.tuxcare.els1" src="tomcat-7.0.76-16.el7_9.tuxcare.els1.src.rpm" version="7.0.76"> <filename>tomcat-docs-webapp-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">04edc3114db44469b410d22b77d05cb3f3bdae2c</sum> </package> <package arch="noarch" epoch="0" name="tomcat-el-2.2-api" release="16.el7_9.tuxcare.els1" src="tomcat-7.0.76-16.el7_9.tuxcare.els1.src.rpm" version="7.0.76"> <filename>tomcat-el-2.2-api-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">9f6afc7a11e61385051ba5de1cb98f3a9457ffb0</sum> </package> <package arch="noarch" epoch="0" name="tomcat-javadoc" release="16.el7_9.tuxcare.els1" src="tomcat-7.0.76-16.el7_9.tuxcare.els1.src.rpm" version="7.0.76"> <filename>tomcat-javadoc-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">c1227d16084cc3f1363dde6ddd1af46850d07187</sum> </package> <package arch="noarch" epoch="0" name="tomcat-jsp-2.2-api" release="16.el7_9.tuxcare.els1" src="tomcat-7.0.76-16.el7_9.tuxcare.els1.src.rpm" version="7.0.76"> <filename>tomcat-jsp-2.2-api-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">816af47712dc4137b377a3c4ea96d1d5e92544fd</sum> </package> <package arch="noarch" epoch="0" name="tomcat-jsvc" release="16.el7_9.tuxcare.els1" src="tomcat-7.0.76-16.el7_9.tuxcare.els1.src.rpm" version="7.0.76"> <filename>tomcat-jsvc-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">9756f68eb34382a2b7748cbcd0ac07c906f3e582</sum> </package> <package arch="noarch" epoch="0" name="tomcat-lib" release="16.el7_9.tuxcare.els1" src="tomcat-7.0.76-16.el7_9.tuxcare.els1.src.rpm" version="7.0.76"> <filename>tomcat-lib-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">6b153b839b3a59cf2cb018329c91f0d7e47151ba</sum> </package> <package arch="noarch" epoch="0" name="tomcat-servlet-3.0-api" release="16.el7_9.tuxcare.els1" src="tomcat-7.0.76-16.el7_9.tuxcare.els1.src.rpm" version="7.0.76"> <filename>tomcat-servlet-3.0-api-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">06efec8109227d7d24a57b345ab6266a0e0db066</sum> </package> <package arch="noarch" epoch="0" name="tomcat-webapps" release="16.el7_9.tuxcare.els1" src="tomcat-7.0.76-16.el7_9.tuxcare.els1.src.rpm" version="7.0.76"> <filename>tomcat-webapps-7.0.76-16.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">f5a2bf76bb6a21eab653fa409d024b1fd4b91a49</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1716917767</id> <title>unzip: Fix of CVE-2022-0530</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-0530: possible flaw occurance during the conversion of a wide string to a local string</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-0530: possible flaw occurance during the conversion of a wide string to a local string</summary> <pushcount>0</pushcount> <issued date="2024-05-28 17:36:24 UTC" /> <updated date="2024-05-28 17:36:24 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1716917767.html" id="CLSA-2024:1716917767" title="CLSA-2024:1716917767" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="unzip" release="24.el7_9.tuxcare.els1" src="unzip-6.0-24.el7_9.tuxcare.els1.src.rpm" version="6.0"> <filename>unzip-6.0-24.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">1c09d3953d00a66e6c5246d4db4c6056f77af220</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1717139314</id> <title>bind: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Moved tuxcare patches from 32:9.11.4-26.P2.14 - CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed zone responses - CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Moved tuxcare patches from 32:9.11.4-26.P2.14 - CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed zone responses - CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3</summary> <pushcount>0</pushcount> <issued date="2024-05-31 07:08:36 UTC" /> <updated date="2024-05-31 07:08:36 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1717139314.html" id="CLSA-2024:1717139314" title="CLSA-2024:1717139314" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="33" name="bind" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">e5f1b69cc89c32ca54094de0c27f3143b1f50905</sum> </package> <package arch="x86_64" epoch="33" name="bind-chroot" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-chroot-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7e06fd45f46711feb7eb878ecb131c28cfdd69cd</sum> </package> <package arch="i686" epoch="33" name="bind-devel" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm</filename> <sum type="sha">b557fb6186f808831e0ee2b4564c56613c952289</sum> </package> <package arch="x86_64" epoch="33" name="bind-devel" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">396c413043586924d4397fb249d5fae341515721</sum> </package> <package arch="i686" epoch="33" name="bind-export-devel" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm</filename> <sum type="sha">cbdb68c4afa94cc1fa41d1f59c632892808a30c7</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-devel" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">dad8067eb8535c67b50819782ccd4629b789a66b</sum> </package> <package arch="i686" epoch="33" name="bind-export-libs" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm</filename> <sum type="sha">50d0f630fc403f45889da1b193f2e81a84bf7cca</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-libs" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">01a4a51901b54553d8822a4b01933b3f40f55be6</sum> </package> <package arch="i686" epoch="33" name="bind-libs" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm</filename> <sum type="sha">7269e90f38a4715abfba4b061f1f5e59b1d58bc2</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">5e70cc46ecb7383e5daa67b3733ed195fce84fb4</sum> </package> <package arch="i686" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm</filename> <sum type="sha">d89873efc6024da5e11035c3cb9ab2b3390fcaed</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">6949bb222e965424111b0e16f2ae8c4028596069</sum> </package> <package arch="noarch" epoch="33" name="bind-license" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-license-9.11.4-26.P2.el7_9.15.tuxcare.els1.noarch.rpm</filename> <sum type="sha">e0136c765163f7c21fcbb12274d32eb58ae4cef0</sum> </package> <package arch="i686" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm</filename> <sum type="sha">bd933c8c41d686ed592974a79a4bdc12b055a5a4</sum> </package> <package arch="x86_64" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">63d2ea0cb2ad8b584677bd198a6b4047af5f934c</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">1bae7ebd15d1c2ad9afd7329e117e28ca036e400</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm</filename> <sum type="sha">b8e08c0a555bbe9db9a0923bb8d290ec8fa92d15</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b4cef18705fefbc0c9657c5b375e59a61d5dd839</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.15.tuxcare.els1.i686.rpm</filename> <sum type="sha">f4fcfdad2c3b865e49f3699cfc98569c1b9f8944</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">a307fa4b38250aca01434cd99425dba2d1bd3abc</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-utils" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-utils-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">1dea6f31bea11f97a41ced8d7e3a9246da86ff9e</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-sdb-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">bb8ec89fff6dd321281c5ff6d33cd6eb4eb5e828</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb-chroot" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-sdb-chroot-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">a52be827e2c005104e4fb423c41e0eac9afa2a2b</sum> </package> <package arch="x86_64" epoch="33" name="bind-utils" release="26.P2.el7_9.15.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.15.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-utils-9.11.4-26.P2.el7_9.15.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">bb69275e2bce1b62d4639674037cb77a01b0c0ac</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1719925589</id> <title>openssl: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-1292: c_rehash: Do not use shell to invoke openssl to prevent command injection - CVE-2022-2068: c_rehash: Fix file operations to prevent command injection - Update expired smime certificates - Add testing using old certificates (sha1) to have both types of certificates (sha1, sha256) checked with S/MIME</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-1292: c_rehash: Do not use shell to invoke openssl to prevent command injection - CVE-2022-2068: c_rehash: Fix file operations to prevent command injection - Update expired smime certificates - Add testing using old certificates (sha1) to have both types of certificates (sha1, sha256) checked with S/MIME</summary> <pushcount>0</pushcount> <issued date="2024-07-02 13:06:32 UTC" /> <updated date="2024-07-02 13:06:32 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1719925589.html" id="CLSA-2024:1719925589" title="CLSA-2024:1719925589" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="1" name="openssl" release="26.el7_9.tuxcare.els1" src="openssl-1.0.2k-26.el7_9.tuxcare.els1.src.rpm" version="1.0.2k"> <filename>openssl-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7f66d4f4646a48cf26af75a49ba76037d780455e</sum> </package> <package arch="i686" epoch="1" name="openssl-devel" release="26.el7_9.tuxcare.els1" src="openssl-1.0.2k-26.el7_9.tuxcare.els1.src.rpm" version="1.0.2k"> <filename>openssl-devel-1.0.2k-26.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">cc9802a636d98781be9c6f33f884e5a749fbf548</sum> </package> <package arch="x86_64" epoch="1" name="openssl-devel" release="26.el7_9.tuxcare.els1" src="openssl-1.0.2k-26.el7_9.tuxcare.els1.src.rpm" version="1.0.2k"> <filename>openssl-devel-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">6c67a5c9104601eddfa402c055accc5d516c5523</sum> </package> <package arch="i686" epoch="1" name="openssl-libs" release="26.el7_9.tuxcare.els1" src="openssl-1.0.2k-26.el7_9.tuxcare.els1.src.rpm" version="1.0.2k"> <filename>openssl-libs-1.0.2k-26.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">24a4bf025c9bb221679863f1a7c663f2d2c9fe3a</sum> </package> <package arch="x86_64" epoch="1" name="openssl-libs" release="26.el7_9.tuxcare.els1" src="openssl-1.0.2k-26.el7_9.tuxcare.els1.src.rpm" version="1.0.2k"> <filename>openssl-libs-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">459882a1f8f407d3f97b4de31e623831b6a2bf3f</sum> </package> <package arch="x86_64" epoch="1" name="openssl-perl" release="26.el7_9.tuxcare.els1" src="openssl-1.0.2k-26.el7_9.tuxcare.els1.src.rpm" version="1.0.2k"> <filename>openssl-perl-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">9040a5628791e15bb864207a25650ad6adaee0ad</sum> </package> <package arch="i686" epoch="1" name="openssl-static" release="26.el7_9.tuxcare.els1" src="openssl-1.0.2k-26.el7_9.tuxcare.els1.src.rpm" version="1.0.2k"> <filename>openssl-static-1.0.2k-26.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">3bb08bb608d35424f6d7c114f99dac942d358096</sum> </package> <package arch="x86_64" epoch="1" name="openssl-static" release="26.el7_9.tuxcare.els1" src="openssl-1.0.2k-26.el7_9.tuxcare.els1.src.rpm" version="1.0.2k"> <filename>openssl-static-1.0.2k-26.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">4f5ec557e5c7c5fcada89869de9f5fab20040b94</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1720026957</id> <title>openssl: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-0215: bio_ndef: fix a UAF resulting from a bug in BIO_new_NDEF - CVE-2023-0464: x509v3: Limit X.509 certificate tree size to avoid exponential use of computational resources</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-0215: bio_ndef: fix a UAF resulting from a bug in BIO_new_NDEF - CVE-2023-0464: x509v3: Limit X.509 certificate tree size to avoid exponential use of computational resources</summary> <pushcount>0</pushcount> <issued date="2024-07-03 17:16:01 UTC" /> <updated date="2024-07-03 17:16:01 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1720026957.html" id="CLSA-2024:1720026957" title="CLSA-2024:1720026957" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="1" name="openssl" release="26.el7_9.tuxcare.els2" src="openssl-1.0.2k-26.el7_9.tuxcare.els2.src.rpm" version="1.0.2k"> <filename>openssl-1.0.2k-26.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">446066cf91732dfc6821264f5b7c7e0e83f0bf89</sum> </package> <package arch="i686" epoch="1" name="openssl-devel" release="26.el7_9.tuxcare.els2" src="openssl-1.0.2k-26.el7_9.tuxcare.els2.src.rpm" version="1.0.2k"> <filename>openssl-devel-1.0.2k-26.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">37956c84bf4a23b9f95d56504dedabd86c685fb8</sum> </package> <package arch="x86_64" epoch="1" name="openssl-devel" release="26.el7_9.tuxcare.els2" src="openssl-1.0.2k-26.el7_9.tuxcare.els2.src.rpm" version="1.0.2k"> <filename>openssl-devel-1.0.2k-26.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">50f60ebea4c27912d1ecb766a721d8d52193e9f7</sum> </package> <package arch="i686" epoch="1" name="openssl-libs" release="26.el7_9.tuxcare.els2" src="openssl-1.0.2k-26.el7_9.tuxcare.els2.src.rpm" version="1.0.2k"> <filename>openssl-libs-1.0.2k-26.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">b984173d2b139d70805899720cf45e9f1c35bf6b</sum> </package> <package arch="x86_64" epoch="1" name="openssl-libs" release="26.el7_9.tuxcare.els2" src="openssl-1.0.2k-26.el7_9.tuxcare.els2.src.rpm" version="1.0.2k"> <filename>openssl-libs-1.0.2k-26.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">7500aa434d331e1539f2e31d1a105c0a07292388</sum> </package> <package arch="x86_64" epoch="1" name="openssl-perl" release="26.el7_9.tuxcare.els2" src="openssl-1.0.2k-26.el7_9.tuxcare.els2.src.rpm" version="1.0.2k"> <filename>openssl-perl-1.0.2k-26.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">abfadc09975107ec2c1fa870e71c846d3cabd514</sum> </package> <package arch="i686" epoch="1" name="openssl-static" release="26.el7_9.tuxcare.els2" src="openssl-1.0.2k-26.el7_9.tuxcare.els2.src.rpm" version="1.0.2k"> <filename>openssl-static-1.0.2k-26.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha">9bdd05ba32da0c717ea1a113d3cbad0c4050250c</sum> </package> <package arch="x86_64" epoch="1" name="openssl-static" release="26.el7_9.tuxcare.els2" src="openssl-1.0.2k-26.el7_9.tuxcare.els2.src.rpm" version="1.0.2k"> <filename>openssl-static-1.0.2k-26.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">792e2bc28af1c68b5963c6fe6b32b0eb0496fee6</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1720027216</id> <title>glibc: Fix of 4 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-3999: getcwd - Set errno to ERANGE for size == 1 - CVE-2021-35942: wordexp - handle overflow in positional parameter number - CVE-2022-23218: Buffer overflow in sunrpc svcunix_create - CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix"</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-3999: getcwd - Set errno to ERANGE for size == 1 - CVE-2021-35942: wordexp - handle overflow in positional parameter number - CVE-2022-23218: Buffer overflow in sunrpc svcunix_create - CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix"</summary> <pushcount>0</pushcount> <issued date="2024-07-03 17:20:19 UTC" /> <updated date="2024-07-03 17:20:19 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1720027216.html" id="CLSA-2024:1720027216" title="CLSA-2024:1720027216" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="glibc" release="326.el7_9.3.tuxcare.els1" src="glibc-2.17-326.el7_9.3.tuxcare.els1.src.rpm" version="2.17"> <filename>glibc-2.17-326.el7_9.3.tuxcare.els1.i686.rpm</filename> <sum type="sha">676302747e2b8ff3f37d6abc24173666aaebf386</sum> </package> <package arch="x86_64" epoch="0" name="glibc" release="326.el7_9.3.tuxcare.els1" src="glibc-2.17-326.el7_9.3.tuxcare.els1.src.rpm" version="2.17"> <filename>glibc-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f65647df3d5736416f626a1b6b8fade0e68e601d</sum> </package> <package arch="x86_64" epoch="0" name="glibc-common" release="326.el7_9.3.tuxcare.els1" src="glibc-2.17-326.el7_9.3.tuxcare.els1.src.rpm" version="2.17"> <filename>glibc-common-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">8bb15a82e44598b7205875f6b963f0a9647fec45</sum> </package> <package arch="i686" epoch="0" name="glibc-devel" release="326.el7_9.3.tuxcare.els1" src="glibc-2.17-326.el7_9.3.tuxcare.els1.src.rpm" version="2.17"> <filename>glibc-devel-2.17-326.el7_9.3.tuxcare.els1.i686.rpm</filename> <sum type="sha">b7dd8f4954b58fef8b10832835aa0b6ffa278808</sum> </package> <package arch="x86_64" epoch="0" name="glibc-devel" release="326.el7_9.3.tuxcare.els1" src="glibc-2.17-326.el7_9.3.tuxcare.els1.src.rpm" version="2.17"> <filename>glibc-devel-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">a5a754fb4d00d94201c109a9555269108b93c0d0</sum> </package> <package arch="x86_64" epoch="0" name="glibc-headers" release="326.el7_9.3.tuxcare.els1" src="glibc-2.17-326.el7_9.3.tuxcare.els1.src.rpm" version="2.17"> <filename>glibc-headers-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">3ee0b30315148a5b8fd678908237191bfe07dbd9</sum> </package> <package arch="i686" epoch="0" name="glibc-static" release="326.el7_9.3.tuxcare.els1" src="glibc-2.17-326.el7_9.3.tuxcare.els1.src.rpm" version="2.17"> <filename>glibc-static-2.17-326.el7_9.3.tuxcare.els1.i686.rpm</filename> <sum type="sha">788348c6c5665f4e9169886e4f203afd636791b9</sum> </package> <package arch="x86_64" epoch="0" name="glibc-static" release="326.el7_9.3.tuxcare.els1" src="glibc-2.17-326.el7_9.3.tuxcare.els1.src.rpm" version="2.17"> <filename>glibc-static-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">412cd54726adb18724780ccdd64925cc32c1e9d5</sum> </package> <package arch="x86_64" epoch="0" name="glibc-utils" release="326.el7_9.3.tuxcare.els1" src="glibc-2.17-326.el7_9.3.tuxcare.els1.src.rpm" version="2.17"> <filename>glibc-utils-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7a959bb00baf8bf546897172aa352fd8ffe0905c</sum> </package> <package arch="x86_64" epoch="0" name="nscd" release="326.el7_9.3.tuxcare.els1" src="glibc-2.17-326.el7_9.3.tuxcare.els1.src.rpm" version="2.17"> <filename>nscd-2.17-326.el7_9.3.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f736d7631314fe6aaee9cc59371c3fa094051693</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1720178510</id> <title>cups: Fix of CVE-2023-4504</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-4504: scan_ps(): check for null terminator after backslash character</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-4504: scan_ps(): check for null terminator after backslash character</summary> <pushcount>0</pushcount> <issued date="2024-07-05 11:21:53 UTC" /> <updated date="2024-07-05 11:21:53 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1720178510.html" id="CLSA-2024:1720178510" title="CLSA-2024:1720178510" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="1" name="cups" release="52.el7_9.tuxcare.els1" src="cups-1.6.3-52.el7_9.tuxcare.els1.src.rpm" version="1.6.3"> <filename>cups-1.6.3-52.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b44d2acb51a76227acd6ff4c230a1c6d12ff6639</sum> </package> <package arch="x86_64" epoch="1" name="cups-client" release="52.el7_9.tuxcare.els1" src="cups-1.6.3-52.el7_9.tuxcare.els1.src.rpm" version="1.6.3"> <filename>cups-client-1.6.3-52.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">a2da278b5009d51eeaaa2f344aef3863caff1678</sum> </package> <package arch="i686" epoch="1" name="cups-devel" release="52.el7_9.tuxcare.els1" src="cups-1.6.3-52.el7_9.tuxcare.els1.src.rpm" version="1.6.3"> <filename>cups-devel-1.6.3-52.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">c496cd15a42517a3699d7fa165aee74265a35efe</sum> </package> <package arch="x86_64" epoch="1" name="cups-devel" release="52.el7_9.tuxcare.els1" src="cups-1.6.3-52.el7_9.tuxcare.els1.src.rpm" version="1.6.3"> <filename>cups-devel-1.6.3-52.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">2941c597c2d7b56dc6fd4e4b89ea490ce78658a9</sum> </package> <package arch="noarch" epoch="1" name="cups-filesystem" release="52.el7_9.tuxcare.els1" src="cups-1.6.3-52.el7_9.tuxcare.els1.src.rpm" version="1.6.3"> <filename>cups-filesystem-1.6.3-52.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">2591b106c83c4cf3060e59c5e8cc17d3a9addfd2</sum> </package> <package arch="x86_64" epoch="1" name="cups-ipptool" release="52.el7_9.tuxcare.els1" src="cups-1.6.3-52.el7_9.tuxcare.els1.src.rpm" version="1.6.3"> <filename>cups-ipptool-1.6.3-52.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">e8b406f32d8386ce757e01cf7d8945dde8627dde</sum> </package> <package arch="i686" epoch="1" name="cups-libs" release="52.el7_9.tuxcare.els1" src="cups-1.6.3-52.el7_9.tuxcare.els1.src.rpm" version="1.6.3"> <filename>cups-libs-1.6.3-52.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">160c6b4008cf92a520a8f56070aebc432cf45ae9</sum> </package> <package arch="x86_64" epoch="1" name="cups-libs" release="52.el7_9.tuxcare.els1" src="cups-1.6.3-52.el7_9.tuxcare.els1.src.rpm" version="1.6.3"> <filename>cups-libs-1.6.3-52.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0a55bbd92f7d37012d329d27f5572ba5176be533</sum> </package> <package arch="x86_64" epoch="1" name="cups-lpd" release="52.el7_9.tuxcare.els1" src="cups-1.6.3-52.el7_9.tuxcare.els1.src.rpm" version="1.6.3"> <filename>cups-lpd-1.6.3-52.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">de55c456d078e8b5a666d02264a5613f7f600822</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1720179161</id> <title>dnsmasq: Fix of CVE-2023-28450</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- change EDNS.0 UDP packet size from 4096 to 1232 - CVE-2023-28450</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- change EDNS.0 UDP packet size from 4096 to 1232 - CVE-2023-28450</summary> <pushcount>0</pushcount> <issued date="2024-07-05 11:32:44 UTC" /> <updated date="2024-07-05 11:32:44 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1720179161.html" id="CLSA-2024:1720179161" title="CLSA-2024:1720179161" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="dnsmasq" release="17.el7_9.3.tuxcare.els1" src="dnsmasq-2.76-17.el7_9.3.tuxcare.els1.src.rpm" version="2.76"> <filename>dnsmasq-2.76-17.el7_9.3.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">2096e319d77a415176a78c9f0e9cda11ddadfd32</sum> </package> <package arch="x86_64" epoch="0" name="dnsmasq-utils" release="17.el7_9.3.tuxcare.els1" src="dnsmasq-2.76-17.el7_9.3.tuxcare.els1.src.rpm" version="2.76"> <filename>dnsmasq-utils-2.76-17.el7_9.3.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">1ebad9d7e39a6cf9f2fd1fd2bd160b2cd8ac7634</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1720468480</id> <title>kernel: Fix of 89 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- kvm: initialize all of the kvm_debugregs structure before sending it to userspace {CVE-2023-1513} - wifi: mac80211: fix MBSSID parsing use-after-free {CVE-2022-42719} - mac80211: always allocate struct ieee802_11_elems {CVE-2022-42719} - netfilter: nf_tables: initialize registers in nft_do_chain() {CVE-2022-1016} - xprtrdma: fix incorrect header size calculations {CVE-2022-0812} - net: usb: fix memory leak in smsc75xx_bind {CVE-2021-47171} - i2c: i801: Don't generate an interrupt on bus reset {CVE-2021-47153} - pid: take a reference when initializing `cad_pid` {CVE-2021-47118} - Input: appletouch - initialize work before device registration {CVE-2021-46932} - HID: usbhid: fix info leak in hid_submit_ctrl {CVE-2021-46906} - quota: check block number when reading the block in quota file {CVE-2021-45868} - mwifiex: Fix skb_over_panic in mwifiex_usb_recv() {CVE-2021-43976} - atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait {CVE-2021-43975} - isdn: cpai: check ctr->cnr to avoid array index out of bound {CVE-2021-43389} - usb: hso: fix error handling code of hso_create_net_device {CVE-2021-37159} - can: bcm: fix infoleak in struct bcm_msg_head {CVE-2021-34693} - dm ioctl: fix out of bounds array access when no devices {CVE-2021-31916} - KVM: x86: hyper-v: Fix Hyper-V context null-ptr-deref {CVE-2021-30178} - perf/x86/intel: Fix a crash caused by zero PEBS status {CVE-2021-28971} - btrfs: fix race when cloning extent buffer during rewind of an old root {CVE-2021-28964} - ovl: fix missing negative dentry check in ovl_rename() {CVE-2021-20321} - drm/ttm/nouveau: don't call tt destroy callback on alloc failure. {CVE-2021-20292} - bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() {CVE-2021-4159} - btrfs: unlock newly allocated extent buffer after error {CVE-2021-4149} - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. {CVE-2021-3679} - net: mac802154: Fix general protection fault {CVE-2021-3659} - nfsd4: readdirplus shouldn't return parent of export {CVE-2021-3178} - Bluetooth: SMP: Fail if remote and local public keys are identical {CVE-2021-0129} - drm/nouveau: clean up all clients on device removal {CVE-2020-27820} - drm/nouveau: Add a dedicated mutex for the clients list {CVE-2020-27820} - drm/nouveau: use drm_dev_unplug() during device removal {CVE-2020-27820} - Bluetooth: SMP: Fail if remote and local public keys are identical {CVE-2020-26555} - vsock: Fix memory leak in vsock_connect() {CVE-2022-3629} - RDMA/core: Don't infoleak GRH fields {CVE-2021-3923} - xen/netfront: force data bouncing when backend is untrusted {CVE-2022-33741} - net: Rename and export copy_skb_header - floppy: use a statically allocated error counter {CVE-2022-1652} - fuse: fix pipe buffer lifetime for direct_io {CVE-2022-1011} - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts {CVE-2024-26898} - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() {CVE-2023-52752} - media: pvrusb2: fix use after free on context disconnection {CVE-2023-52445} - media: dm1105: Fix use after free bug in dm1105_remove due to race condition {CVE-2023-35824} - perf: Fix perf_event_validate_size() lockdep splat {CVE-2023-6931} - perf: Fix perf_event_validate_size() {CVE-2023-6931} - net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623} - relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268} - xfs: verify buffer contents when we skip log replay {CVE-2023-2124} - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition {CVE-2023-1989} - Fix double fget() in vhost_net_set_backend() {CVE-2023-1838} - net/sched: cls_tcindex: downgrade to imperfect hash {CVE-2023-1829} - xen/netfront: fix leaking data in shared pages {CVE-2022-33740} - can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path {CVE-2022-28390} - xen/blkfront: fix leaking data in shared pages {CVE-2022-26365} - mISDN: fix use-after-free bugs in l1oip timer handlers {CVE-2022-3565} - drm/vgem: Close use-after-free race in vgem_gem_create {CVE-2022-1419} - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type {CVE-2021-47194} - net: fix use-after-free in tw_timer_handler {CVE-2021-46936} - ext4: fix race writing to an inline_data file while its xattrs are changing {CVE-2021-40490} - virtio_console: Assure used length from device is limited {CVE-2021-38160} - pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() {CVE-2021-4157} - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() {CVE-2021-3640} - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl {CVE-2021-3612} - Input: joydev - prevent potential read overflow in ioctl {CVE-2021-3612} - can: bcm: delay release of struct bcm_op after synchronize_rcu() {CVE-2021-3609} - vt: keyboard: avoid signed integer overflow in k_ascii {CVE-2020-13974} - i2c: Fix a potential use after free {CVE-2019-25162} - drivers: net: slip: fix NPD bug in sl_tx_timeout() {CVE-2022-41858} - Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934} - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111} - memstick: r592: Fix UAF bug in r592_remove due to race condition {CVE-2023-3141} - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() {CVE-2023-1118} - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567} - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283} - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() {CVE-2023-1380} - tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566} - staging: rtl8712: fix use after free bugs {CVE-2022-4095} - ext4: fix kernel infoleak via ext4_extent_header {CVE-2022-0850} - af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register {CVE-2022-1353} - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os {CVE-2022-3424} - x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit {CVE-2022-25265} - x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK {CVE-2022-25265} - x86/elf: Add table to document READ_IMPLIES_EXEC {CVE-2022-25265} - ipv6: use prandom_u32() for ID generation {CVE-2021-45485} - bpf: Fix integer overflow in prealloc_elems_and_freelist() {CVE-2021-41864} - ipv4: make exception cache less predictible {CVE-2021-20322} - ipv4: use siphash instead of Jenkins in fnhe_hashfun() {CVE-2021-20322} - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() {CVE-2023-4387} - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one {CVE-2023-39197} - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932} - smb: client: fix potential OOB in smb2_dump_detail() {CVE-2023-6610} - smb: client: fix OOB in smbCalcSize() {CVE-2023-6606} - atm: Fix Use-After-Free in do_vcc_ioctl {CVE-2023-51780} - drm/amdgpu: Fix potential fence use-after-free v2 {CVE-2023-51042} - sched/rt: pick_next_rt_entity(): check list_entry {CVE-2023-1077} - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb {CVE-2022-1679} - net: prevent mss overflow in skb_segment() {CVE-2023-52435} - drm/atomic: Fix potential use-after-free in nonblocking commits {CVE-2023-42753} - debug: Lock down kgdb {CVE-2022-21499}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- kvm: initialize all of the kvm_debugregs structure before sending it to userspace {CVE-2023-1513} - wifi: mac80211: fix MBSSID parsing use-after-free {CVE-2022-42719} - mac80211: always allocate struct ieee802_11_elems {CVE-2022-42719} - netfilter: nf_tables: initialize registers in nft_do_chain() {CVE-2022-1016} - xprtrdma: fix incorrect header size calculations {CVE-2022-0812} - net: usb: fix memory leak in smsc75xx_bind {CVE-2021-47171} - i2c: i801: Don't generate an interrupt on bus reset {CVE-2021-47153} - pid: take a reference when initializing `cad_pid` {CVE-2021-47118} - Input: appletouch - initialize work before device registration {CVE-2021-46932} - HID: usbhid: fix info leak in hid_submit_ctrl {CVE-2021-46906} - quota: check block number when reading the block in quota file {CVE-2021-45868} - mwifiex: Fix skb_over_panic in mwifiex_usb_recv() {CVE-2021-43976} - atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait {CVE-2021-43975} - isdn: cpai: check ctr->cnr to avoid array index out of bound {CVE-2021-43389} - usb: hso: fix error handling code of hso_create_net_device {CVE-2021-37159} - can: bcm: fix infoleak in struct bcm_msg_head {CVE-2021-34693} - dm ioctl: fix out of bounds array access when no devices {CVE-2021-31916} - KVM: x86: hyper-v: Fix Hyper-V context null-ptr-deref {CVE-2021-30178} - perf/x86/intel: Fix a crash caused by zero PEBS status {CVE-2021-28971} - btrfs: fix race when cloning extent buffer during rewind of an old root {CVE-2021-28964} - ovl: fix missing negative dentry check in ovl_rename() {CVE-2021-20321} - drm/ttm/nouveau: don't call tt destroy callback on alloc failure. {CVE-2021-20292} - bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() {CVE-2021-4159} - btrfs: unlock newly allocated extent buffer after error {CVE-2021-4149} - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. {CVE-2021-3679} - net: mac802154: Fix general protection fault {CVE-2021-3659} - nfsd4: readdirplus shouldn't return parent of export {CVE-2021-3178} - Bluetooth: SMP: Fail if remote and local public keys are identical {CVE-2021-0129} - drm/nouveau: clean up all clients on device removal {CVE-2020-27820} - drm/nouveau: Add a dedicated mutex for the clients list {CVE-2020-27820} - drm/nouveau: use drm_dev_unplug() during device removal {CVE-2020-27820} - Bluetooth: SMP: Fail if remote and local public keys are identical {CVE-2020-26555} - vsock: Fix memory leak in vsock_connect() {CVE-2022-3629} - RDMA/core: Don't infoleak GRH fields {CVE-2021-3923} - xen/netfront: force data bouncing when backend is untrusted {CVE-2022-33741} - net: Rename and export copy_skb_header - floppy: use a statically allocated error counter {CVE-2022-1652} - fuse: fix pipe buffer lifetime for direct_io {CVE-2022-1011} - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts {CVE-2024-26898} - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() {CVE-2023-52752} - media: pvrusb2: fix use after free on context disconnection {CVE-2023-52445} - media: dm1105: Fix use after free bug in dm1105_remove due to race condition {CVE-2023-35824} - perf: Fix perf_event_validate_size() lockdep splat {CVE-2023-6931} - perf: Fix perf_event_validate_size() {CVE-2023-6931} - net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623} - relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268} - xfs: verify buffer contents when we skip log replay {CVE-2023-2124} - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition {CVE-2023-1989} - Fix double fget() in vhost_net_set_backend() {CVE-2023-1838} - net/sched: cls_tcindex: downgrade to imperfect hash {CVE-2023-1829} - xen/netfront: fix leaking data in shared pages {CVE-2022-33740} - can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path {CVE-2022-28390} - xen/blkfront: fix leaking data in shared pages {CVE-2022-26365} - mISDN: fix use-after-free bugs in l1oip timer handlers {CVE-2022-3565} - drm/vgem: Close use-after-free race in vgem_gem_create {CVE-2022-1419} - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type {CVE-2021-47194} - net: fix use-after-free in tw_timer_handler {CVE-2021-46936} - ext4: fix race writing to an inline_data file while its xattrs are changing {CVE-2021-40490} - virtio_console: Assure used length from device is limited {CVE-2021-38160} - pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() {CVE-2021-4157} - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() {CVE-2021-3640} - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl {CVE-2021-3612} - Input: joydev - prevent potential read overflow in ioctl {CVE-2021-3612} - can: bcm: delay release of struct bcm_op after synchronize_rcu() {CVE-2021-3609} - vt: keyboard: avoid signed integer overflow in k_ascii {CVE-2020-13974} - i2c: Fix a potential use after free {CVE-2019-25162} - drivers: net: slip: fix NPD bug in sl_tx_timeout() {CVE-2022-41858} - Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934} - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111} - memstick: r592: Fix UAF bug in r592_remove due to race condition {CVE-2023-3141} - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() {CVE-2023-1118} - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567} - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283} - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() {CVE-2023-1380} - tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566} - staging: rtl8712: fix use after free bugs {CVE-2022-4095} - ext4: fix kernel infoleak via ext4_extent_header {CVE-2022-0850} - af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register {CVE-2022-1353} - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os {CVE-2022-3424} - x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit {CVE-2022-25265} - x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK {CVE-2022-25265} - x86/elf: Add table to document READ_IMPLIES_EXEC {CVE-2022-25265} - ipv6: use prandom_u32() for ID generation {CVE-2021-45485} - bpf: Fix integer overflow in prealloc_elems_and_freelist() {CVE-2021-41864} - ipv4: make exception cache less predictible {CVE-2021-20322} - ipv4: use siphash instead of Jenkins in fnhe_hashfun() {CVE-2021-20322} - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() {CVE-2023-4387} - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one {CVE-2023-39197} - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932} - smb: client: fix potential OOB in smb2_dump_detail() {CVE-2023-6610} - smb: client: fix OOB in smbCalcSize() {CVE-2023-6606} - atm: Fix Use-After-Free in do_vcc_ioctl {CVE-2023-51780} - drm/amdgpu: Fix potential fence use-after-free v2 {CVE-2023-51042} - sched/rt: pick_next_rt_entity(): check list_entry {CVE-2023-1077} - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb {CVE-2022-1679} - net: prevent mss overflow in skb_segment() {CVE-2023-52435} - drm/atomic: Fix potential use-after-free in nonblocking commits {CVE-2023-42753} - debug: Lock down kgdb {CVE-2022-21499}</summary> <pushcount>0</pushcount> <issued date="2024-07-08 20:27:53 UTC" /> <updated date="2024-07-08 20:27:53 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1720468480.html" id="CLSA-2024:1720468480" title="CLSA-2024:1720468480" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els1" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els1.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">4d2a94ac1691a4d0416227ab227c31ebf6e96630</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els1" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els1.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">025e7d2dfd1ac9c8f360830992f7eb2f7dcc9827</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els1" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els1.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">310a4b45a13d497b36e400fc92fabadef08e1b83</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els1" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els1.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">89153b8660dbe10f1986857007c63ca0edb3172e</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els1" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els1.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">36f4e4e9d29a7cb69d3ef04a461df8db6a89f321</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els1" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els1.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0d79108bec672e19fdc48e43f48ac29fde010963</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els1" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els1.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">257b107db14e73272fba29860411762948687279</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els1" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els1.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b0a49c8f8fffc8317443bd0a82ae5b9db0128475</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els1" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els1.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">bf6ec6573c44e19fc03cc5725e8d3583a316c748</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els1" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els1.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">349fdd85419932104a67057f01e63cc2a39606d6</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els1" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els1.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">c14a58e001e33bfb0edd6de9a29ee2452ba3ce51</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1720548714</id> <title>python3: Fix of CVE-2023-6597</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-6597: prevent tempfile.TemporaryDirectory class dereference symlinks</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-6597: prevent tempfile.TemporaryDirectory class dereference symlinks</summary> <pushcount>0</pushcount> <issued date="2024-07-09 18:11:57 UTC" /> <updated date="2024-07-09 18:11:57 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1720548714.html" id="CLSA-2024:1720548714" title="CLSA-2024:1720548714" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="python3" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-3.6.8-21.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha">a029f8f6dc561cf032f43d5ba6fa1e7222f35681</sum> </package> <package arch="x86_64" epoch="0" name="python3" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">027eda47b0b6a6eb381622aff005a4b533a619e8</sum> </package> <package arch="i686" epoch="0" name="python3-debug" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-21.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha">a0735979cd020c6bb67dee06126a9c9bb03c83dd</sum> </package> <package arch="x86_64" epoch="0" name="python3-debug" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">a0ab4edc3862a54c3dbf3cbdc6cc79918072d6d8</sum> </package> <package arch="i686" epoch="0" name="python3-devel" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-21.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha">5da5585510238dad651864ed56292442bb54a919</sum> </package> <package arch="x86_64" epoch="0" name="python3-devel" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">dda9df186b0ea1bf18d886c38088ac7c1351465e</sum> </package> <package arch="i686" epoch="0" name="python3-idle" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-21.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha">714e99af9aca8fb6ebf14264dbffa3ea0a1808c6</sum> </package> <package arch="x86_64" epoch="0" name="python3-idle" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">9f186b6ad2f6dbf76060221a4710f2e3c436b8a2</sum> </package> <package arch="i686" epoch="0" name="python3-libs" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-21.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha">185c57154f840161d4075a28aef4275e5bb74bf6</sum> </package> <package arch="x86_64" epoch="0" name="python3-libs" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">02a4aec4b5a96df6ddd593ef63b44cfcbe7a88ec</sum> </package> <package arch="i686" epoch="0" name="python3-test" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-21.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha">af74a638b229a87682f982e6ac1b44bde9962a72</sum> </package> <package arch="x86_64" epoch="0" name="python3-test" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">85310390b7c5865a57bd5f0f2a10efaca393b828</sum> </package> <package arch="i686" epoch="0" name="python3-tkinter" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-21.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha">e79eeb5d8260c8d3a8fbe5c2baf1ad1e09ef02b8</sum> </package> <package arch="x86_64" epoch="0" name="python3-tkinter" release="21.el7_9.tuxcare.els3" src="python3-3.6.8-21.el7_9.tuxcare.els3.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-21.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">e13bccf6b0a4214aeef3016215fca10f0fb6a86f</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1720776957</id> <title>vim: Fix of 10 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-0054: check the return value of vim_regsub() - CVE-2023-0049: avoid going over the NUL at the end - CVE-2023-0288: prevent the cursor from moving to line zero - CVE-2023-0433: check for not going over the end of the line - CVE-2023-2610: limit the text length to MAXCOL - CVE-2023-4750: check buffer is valid before accessing it - CVE-2023-4733: verify oldwin pointer after reset_VIsual() - CVE-2023-4751: stop Visual mode when using :ball - CVE-2023-5344: add NULL at end of buffer - CVE-2024-22667: pass size of errbuf down the call stack, use snprintf()</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-0054: check the return value of vim_regsub() - CVE-2023-0049: avoid going over the NUL at the end - CVE-2023-0288: prevent the cursor from moving to line zero - CVE-2023-0433: check for not going over the end of the line - CVE-2023-2610: limit the text length to MAXCOL - CVE-2023-4750: check buffer is valid before accessing it - CVE-2023-4733: verify oldwin pointer after reset_VIsual() - CVE-2023-4751: stop Visual mode when using :ball - CVE-2023-5344: add NULL at end of buffer - CVE-2024-22667: pass size of errbuf down the call stack, use snprintf()</summary> <pushcount>0</pushcount> <issued date="2024-07-12 09:36:00 UTC" /> <updated date="2024-07-12 09:36:00 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1720776957.html" id="CLSA-2024:1720776957" title="CLSA-2024:1720776957" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="2" name="vim-X11" release="8.el7_9.tuxcare.els1" src="vim-7.4.629-8.el7_9.tuxcare.els1.src.rpm" version="7.4.629"> <filename>vim-X11-7.4.629-8.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f3642e8f9d7253a2b8e2c71993c36d9ec21ff84f</sum> </package> <package arch="x86_64" epoch="2" name="vim-common" release="8.el7_9.tuxcare.els1" src="vim-7.4.629-8.el7_9.tuxcare.els1.src.rpm" version="7.4.629"> <filename>vim-common-7.4.629-8.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">fc069a7999ace03cd677554130f9b9df62573ecd</sum> </package> <package arch="x86_64" epoch="2" name="vim-enhanced" release="8.el7_9.tuxcare.els1" src="vim-7.4.629-8.el7_9.tuxcare.els1.src.rpm" version="7.4.629"> <filename>vim-enhanced-7.4.629-8.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">ddb6866a85468cfdda27fa12c1e193fb21228162</sum> </package> <package arch="x86_64" epoch="2" name="vim-filesystem" release="8.el7_9.tuxcare.els1" src="vim-7.4.629-8.el7_9.tuxcare.els1.src.rpm" version="7.4.629"> <filename>vim-filesystem-7.4.629-8.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">5965b9af2a9c899137ce747dd4bf9462bc9502a3</sum> </package> <package arch="x86_64" epoch="2" name="vim-minimal" release="8.el7_9.tuxcare.els1" src="vim-7.4.629-8.el7_9.tuxcare.els1.src.rpm" version="7.4.629"> <filename>vim-minimal-7.4.629-8.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">abb84fc18498c7336c52bd4828546c6f55ae8422</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1720777265</id> <title>Update of linux-firmware</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Repack the linux-firmware to keep tuxcare updates</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Repack the linux-firmware to keep tuxcare updates</summary> <pushcount>0</pushcount> <issued date="2024-07-12 09:41:08 UTC" /> <updated date="2024-07-12 09:41:08 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1720777265.html" id="CLSA-2024:1720777265" title="CLSA-2024:1720777265" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="noarch" epoch="0" name="iwl100-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="39.31.5.1"> <filename>iwl100-firmware-39.31.5.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">c39a5a6d92b8eaf2e3fc9f920b408a71aa7487f1</sum> </package> <package arch="noarch" epoch="1" name="iwl1000-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="39.31.5.1"> <filename>iwl1000-firmware-39.31.5.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">bb99821f38d64c185555b322b5c32de616cabba6</sum> </package> <package arch="noarch" epoch="0" name="iwl105-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="18.168.6.1"> <filename>iwl105-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">7ec589cee2f160d71efc785e319e48ca5477d4f8</sum> </package> <package arch="noarch" epoch="0" name="iwl135-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="18.168.6.1"> <filename>iwl135-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">8f4257918cd4b76892facc846e08e2498cd8aba2</sum> </package> <package arch="noarch" epoch="0" name="iwl2000-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="18.168.6.1"> <filename>iwl2000-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">a24191af0d814e70d85856a3fa52949d1035ac16</sum> </package> <package arch="noarch" epoch="0" name="iwl2030-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="18.168.6.1"> <filename>iwl2030-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">5d93a5abe1c954e3313b500125962013b8e65eea</sum> </package> <package arch="noarch" epoch="0" name="iwl3160-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="25.30.13.0"> <filename>iwl3160-firmware-25.30.13.0-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">671bf087e156a73df537cb6207dd33197efdc7e7</sum> </package> <package arch="noarch" epoch="0" name="iwl3945-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="15.32.2.9"> <filename>iwl3945-firmware-15.32.2.9-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">c00926d2aa0d0a918f42a67447f89003c8ba49c9</sum> </package> <package arch="noarch" epoch="0" name="iwl4965-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="228.61.2.24"> <filename>iwl4965-firmware-228.61.2.24-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">daf3a107a2ed2c25f45920da7c0cbc5b0ee0da91</sum> </package> <package arch="noarch" epoch="0" name="iwl5000-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="8.83.5.1_1"> <filename>iwl5000-firmware-8.83.5.1_1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">5611066da63387974a4c48a777bffa6300bc9bf7</sum> </package> <package arch="noarch" epoch="0" name="iwl5150-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="8.24.2.2"> <filename>iwl5150-firmware-8.24.2.2-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">0f8f12d7ef424209d5d088532b649510b7d4cab2</sum> </package> <package arch="noarch" epoch="0" name="iwl6000-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="9.221.4.1"> <filename>iwl6000-firmware-9.221.4.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">731c8729abb203b2cf47db1f8f4257f5f44e6596</sum> </package> <package arch="noarch" epoch="0" name="iwl6000g2a-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="18.168.6.1"> <filename>iwl6000g2a-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">5b14755475f6130dca5860182a4d67990c38a8a2</sum> </package> <package arch="noarch" epoch="0" name="iwl6000g2b-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="18.168.6.1"> <filename>iwl6000g2b-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">2125a76c9bfae660527ce2c9cfdb9569f2608bdb</sum> </package> <package arch="noarch" epoch="0" name="iwl6050-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="41.28.5.1"> <filename>iwl6050-firmware-41.28.5.1-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">7559fe2fdbc620db667fb3c8b149faebc01bf3c4</sum> </package> <package arch="noarch" epoch="0" name="iwl7260-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="25.30.13.0"> <filename>iwl7260-firmware-25.30.13.0-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">114b5de647e4f355c67881b8b45d52db7cfb829b</sum> </package> <package arch="noarch" epoch="0" name="linux-firmware" release="83.git78c0348.el7_9.tuxcare.els1" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.src.rpm" version="20200421"> <filename>linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha">17e1772d3bfff265888efb841b625d398a33f29f</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1720777628</id> <title>Update of bind</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Bump the epoch to fix package upgrade</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Bump the epoch to fix package upgrade</summary> <pushcount>0</pushcount> <issued date="2024-07-12 09:47:11 UTC" /> <updated date="2024-07-12 09:47:11 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1720777628.html" id="CLSA-2024:1720777628" title="CLSA-2024:1720777628" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="33" name="bind" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">620086843e26f2f1d4c10c2b1c110caa775b6d81</sum> </package> <package arch="x86_64" epoch="33" name="bind-chroot" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">4aec6dcba6ca07df1a069b6a047cf0c616fd6187</sum> </package> <package arch="i686" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm</filename> <sum type="sha">da1700dc80d1e22985b0f6f46bb68408c8a9e9d6</sum> </package> <package arch="x86_64" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">294df42e8ebfab80f494f80f3ad6bfc90b7cf8c4</sum> </package> <package arch="i686" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm</filename> <sum type="sha">eac02df11e01a71d6baaf4b60720a58c181051c4</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">047bfa000528b78605f1d8b131fd1cc2b944e3e3</sum> </package> <package arch="i686" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm</filename> <sum type="sha">746fbb92c10ce946725ed079425ddc7bb35d00c0</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">848c21b43b55996007d30d6b2b335bc48be9d488</sum> </package> <package arch="i686" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm</filename> <sum type="sha">0ef2cf5bdfc64b9c2efefa2291a8342040608480</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">90f499c66c411c7fc48eac0b41d0319c436779b5</sum> </package> <package arch="i686" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm</filename> <sum type="sha">23dfc29df8b6a178e2714d7abc013bb3f1172219</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">3bfed6e743081f480024e631fea76d38b4116f51</sum> </package> <package arch="noarch" epoch="33" name="bind-license" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els1.noarch.rpm</filename> <sum type="sha">1ccca31c19f476cc9db350dd7a77c3f1a3e871f1</sum> </package> <package arch="i686" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm</filename> <sum type="sha">630a862adb192d0406895f04fc46916b8931fdac</sum> </package> <package arch="x86_64" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">3ac9c556cc4b5c66ca05a06a4722fbcefaa608ef</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">f66ee7e7fc5c9a8ee2d62698373c705cfabdaee9</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm</filename> <sum type="sha">6947c16f154c242dcd8be011c6c594db16d523c7</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">c521d66794e34a90ebd705563d1d8e97c7f256bd</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els1.i686.rpm</filename> <sum type="sha">212fbb39a7e81f84bc59f4d8bd4b5b1862de2958</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">cf32e9ec0e87d538ee7dfd7c34dfb6dba7a7a598</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-utils" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b6a3a1437a01b5b9c6a33bff8cee568ad7fd6779</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b763eff720cbc3ff7b47b42667f64d3bfc65c4fe</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb-chroot" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">6977fb6175c8e50ee6e97181579c963d5a1943db</sum> </package> <package arch="x86_64" epoch="33" name="bind-utils" release="26.P2.el7_9.16.tuxcare.els1" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els1.src.rpm" version="9.11.4"> <filename>bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">a61d23d1a9f931e2aabb433277b86c075cd0b200</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1721204317</id> <title>grub2: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-4692: ntfs: checks to ensure that NTFS drive's sector numbers are never written beyond the boundary - CVE-2023-4693: ntfs: fix an out-of-bounds read flaw on NTFS filesystem driver</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-4692: ntfs: checks to ensure that NTFS drive's sector numbers are never written beyond the boundary - CVE-2023-4693: ntfs: fix an out-of-bounds read flaw on NTFS filesystem driver</summary> <pushcount>0</pushcount> <issued date="2024-07-17 08:20:41 UTC" /> <updated date="2024-07-17 08:20:41 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1721204317.html" id="CLSA-2024:1721204317" title="CLSA-2024:1721204317" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="1" name="grub2" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">ecf6e75c8ab00ef2d859c5198e8fb80d84ce7b21</sum> </package> <package arch="noarch" epoch="1" name="grub2-common" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-common-2.02-0.87.0.2.el7.14.tuxcare.els1.noarch.rpm</filename> <sum type="sha">512c6cb3ca68d2926dd532c6df16be67fc961edc</sum> </package> <package arch="x86_64" epoch="1" name="grub2-efi-ia32" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-efi-ia32-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">a7e6e19511ba0f307f556355113ccc3a841e8eeb</sum> </package> <package arch="x86_64" epoch="1" name="grub2-efi-ia32-cdboot" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-efi-ia32-cdboot-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">6620c612835e54728bcf9212bfe9c05a90a3f4a9</sum> </package> <package arch="noarch" epoch="1" name="grub2-efi-ia32-modules" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-efi-ia32-modules-2.02-0.87.0.2.el7.14.tuxcare.els1.noarch.rpm</filename> <sum type="sha">05a9eb7d9c0f43034b1821eff6698392ede57d20</sum> </package> <package arch="x86_64" epoch="1" name="grub2-efi-x64" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-efi-x64-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">4a20371ed68d3108f9f0d893859926cd1f5e5461</sum> </package> <package arch="x86_64" epoch="1" name="grub2-efi-x64-cdboot" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-efi-x64-cdboot-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">2b573e057f7fb590ef5969a681153e338d933c55</sum> </package> <package arch="noarch" epoch="1" name="grub2-efi-x64-modules" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-efi-x64-modules-2.02-0.87.0.2.el7.14.tuxcare.els1.noarch.rpm</filename> <sum type="sha">0bc0e9346b95c31a8e1204a9faff18cb2566c378</sum> </package> <package arch="noarch" epoch="1" name="grub2-i386-modules" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-i386-modules-2.02-0.87.0.2.el7.14.tuxcare.els1.noarch.rpm</filename> <sum type="sha">d31b7cc00730ac1063a40670205a50e6a7436ee6</sum> </package> <package arch="x86_64" epoch="1" name="grub2-pc" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-pc-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">8bfdd277ae1f880502a38dc1a993338e42654604</sum> </package> <package arch="noarch" epoch="1" name="grub2-pc-modules" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-pc-modules-2.02-0.87.0.2.el7.14.tuxcare.els1.noarch.rpm</filename> <sum type="sha">8e49f37fdef1102e7a2331177d2ae382804af7c3</sum> </package> <package arch="x86_64" epoch="1" name="grub2-tools" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-tools-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">8bc13b7156d4e1be215fa6c6dc946dc89ed5b526</sum> </package> <package arch="x86_64" epoch="1" name="grub2-tools-extra" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-tools-extra-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">20df08eaa11bdf5ad1c45d5f3a044a5aa7c5f83d</sum> </package> <package arch="x86_64" epoch="1" name="grub2-tools-minimal" release="0.87.0.2.el7.14.tuxcare.els1" src="grub2-2.02-0.87.0.2.el7.14.tuxcare.els1.src.rpm" version="2.02"> <filename>grub2-tools-minimal-2.02-0.87.0.2.el7.14.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">635e692dc74aede7aea8900532b59858856a73e9</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1721204645</id> <title>shim-signed: Fix of 4 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Make this package installable on a system having a either Centos or Cloudlinux signed kernel - Update to shim-15.8 and fix the following CVEs: Resolves: CVE-2023-40546 Resolves: CVE-2023-40547 Resolves: СVE-2023-40548 Resolves: СVE-2023-40549 Resolves: CVE-2023-40550 Resolves: CVE-2023-40551</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Make this package installable on a system having a either Centos or Cloudlinux signed kernel - Update to shim-15.8 and fix the following CVEs: Resolves: CVE-2023-40546 Resolves: CVE-2023-40547 Resolves: СVE-2023-40548 Resolves: СVE-2023-40549 Resolves: CVE-2023-40550 Resolves: CVE-2023-40551</summary> <pushcount>0</pushcount> <issued date="2024-07-17 08:26:34 UTC" /> <updated date="2024-07-17 08:26:34 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1721204645.html" id="CLSA-2024:1721204645" title="CLSA-2024:1721204645" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="mokutil" release="1.el7.tuxcare.els1" src="shim-signed-15.8-1.el7.tuxcare.els1.src.rpm" version="15.8"> <filename>mokutil-15.8-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">34d8645c529bdabd967cebb4b041b24a8dc79b16</sum> </package> <package arch="x86_64" epoch="0" name="shim-ia32" release="1.el7.tuxcare.els1" src="shim-signed-15.8-1.el7.tuxcare.els1.src.rpm" version="15.8"> <filename>shim-ia32-15.8-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">52271fb57431abc94ea7846576985a51bf84700d</sum> </package> <package arch="x86_64" epoch="0" name="shim-x64" release="1.el7.tuxcare.els1" src="shim-signed-15.8-1.el7.tuxcare.els1.src.rpm" version="15.8"> <filename>shim-x64-15.8-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">899a10faeb82c46d8bb37b94e10080ded9df9660</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1721204990</id> <title>Update of kernel</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Add dependency for updated shim and grub2 with new signing key</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Add dependency for updated shim and grub2 with new signing key</summary> <pushcount>0</pushcount> <issued date="2024-07-17 08:29:53 UTC" /> <updated date="2024-07-17 08:29:53 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1721204990.html" id="CLSA-2024:1721204990" title="CLSA-2024:1721204990" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els2" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els2.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">71b821b79a0f81577fe351c5d7c236ca1b53d72c</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els2" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els2.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">e673aa748df3328b2a34c460acf639bab5477e6b</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els2" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els2.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">8677515a15fc1999b107e96a46f5479a2592fddc</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els2" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els2.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">8c59ec973e021c6fc76881ee7d1a951f084033a0</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els2" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els2.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">e2545e48f535f7a0dcdb229db8c71374b99b8d87</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els2" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els2.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">96496eda6d494e3ca74f77b8437a0194207ce584</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els2" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els2.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">3268142e07dab034fd18ee2678d7e3bc2ec74197</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els2" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els2.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">b4308fcaa024781c86b1ac971c24b9fa67eb4c89</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els2" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els2.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">a9f9e0f3e9acf6835d04f9f4e62145a5c98978e4</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els2" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els2.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">c759d73748bc940bc389a16e497e44356fe95e09</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els2" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els2.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha">66bdfe463a40dce715bf482722dd7e4e601a701d</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1721206783</id> <title>freerdp: Fix of 12 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-39352: add bound check in gdi_SolidFill - CVE-2023-39353: check indices are within range - CVE-2023-39356: fix checks for multi opaque rect - CVE-2023-40181: fix cBitsRemaining calculation - CVE-2023-40186: fix integer multiplications - CVE-2023-40188: fix input length validation - CVE-2023-40567: fix missing bounds checks - CVE-2023-40569: fix missing destination checks - CVE-2024-22211: check resolution for overflow - CVE-2023-39351: free content of currentMessage on fail - CVE-2023-39350: fix possible out of bound read - CVE-2023-40589: properly verify all offsets while decoding data</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-39352: add bound check in gdi_SolidFill - CVE-2023-39353: check indices are within range - CVE-2023-39356: fix checks for multi opaque rect - CVE-2023-40181: fix cBitsRemaining calculation - CVE-2023-40186: fix integer multiplications - CVE-2023-40188: fix input length validation - CVE-2023-40567: fix missing bounds checks - CVE-2023-40569: fix missing destination checks - CVE-2024-22211: check resolution for overflow - CVE-2023-39351: free content of currentMessage on fail - CVE-2023-39350: fix possible out of bound read - CVE-2023-40589: properly verify all offsets while decoding data</summary> <pushcount>0</pushcount> <issued date="2024-07-17 08:59:46 UTC" /> <updated date="2024-07-17 08:59:46 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1721206783.html" id="CLSA-2024:1721206783" title="CLSA-2024:1721206783" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="freerdp" release="5.el7_9.tuxcare.els1" src="freerdp-2.1.1-5.el7_9.tuxcare.els1.src.rpm" version="2.1.1"> <filename>freerdp-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">afb557972eb7b4d33d25c3ad64248245c195b643</sum> </package> <package arch="i686" epoch="0" name="freerdp-devel" release="5.el7_9.tuxcare.els1" src="freerdp-2.1.1-5.el7_9.tuxcare.els1.src.rpm" version="2.1.1"> <filename>freerdp-devel-2.1.1-5.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">d4f03624edc9817a1dc308bd8fd2f7a4a336d361</sum> </package> <package arch="x86_64" epoch="0" name="freerdp-devel" release="5.el7_9.tuxcare.els1" src="freerdp-2.1.1-5.el7_9.tuxcare.els1.src.rpm" version="2.1.1"> <filename>freerdp-devel-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7e80cb7d8691f95eeed56971d7f79906c5232781</sum> </package> <package arch="i686" epoch="0" name="freerdp-libs" release="5.el7_9.tuxcare.els1" src="freerdp-2.1.1-5.el7_9.tuxcare.els1.src.rpm" version="2.1.1"> <filename>freerdp-libs-2.1.1-5.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">72137a781fbf6e2bb1d9543d2d1f28efed9fefff</sum> </package> <package arch="x86_64" epoch="0" name="freerdp-libs" release="5.el7_9.tuxcare.els1" src="freerdp-2.1.1-5.el7_9.tuxcare.els1.src.rpm" version="2.1.1"> <filename>freerdp-libs-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">59448f80144dab0b1c31332dd212f26d9f73db29</sum> </package> <package arch="i686" epoch="0" name="libwinpr" release="5.el7_9.tuxcare.els1" src="freerdp-2.1.1-5.el7_9.tuxcare.els1.src.rpm" version="2.1.1"> <filename>libwinpr-2.1.1-5.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">4cd1b3f85ccd56326d09812efe9e97452bf05510</sum> </package> <package arch="x86_64" epoch="0" name="libwinpr" release="5.el7_9.tuxcare.els1" src="freerdp-2.1.1-5.el7_9.tuxcare.els1.src.rpm" version="2.1.1"> <filename>libwinpr-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">20a4180ee750a670d5a7f9a61d7462b6b13777a9</sum> </package> <package arch="i686" epoch="0" name="libwinpr-devel" release="5.el7_9.tuxcare.els1" src="freerdp-2.1.1-5.el7_9.tuxcare.els1.src.rpm" version="2.1.1"> <filename>libwinpr-devel-2.1.1-5.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha">94f59674ab24dbdd9a6d3daea4cc1552e89dd847</sum> </package> <package arch="x86_64" epoch="0" name="libwinpr-devel" release="5.el7_9.tuxcare.els1" src="freerdp-2.1.1-5.el7_9.tuxcare.els1.src.rpm" version="2.1.1"> <filename>libwinpr-devel-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">ca7d779ee67169aabea9510c2f6b481580051247</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1721206996</id> <title>poppler: Fix of CVE-2022-38784</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-38784: fix integer overflow in JBIG2 decoder</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-38784: fix integer overflow in JBIG2 decoder</summary> <pushcount>0</pushcount> <issued date="2024-07-17 09:03:19 UTC" /> <updated date="2024-07-17 09:03:19 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1721206996.html" id="CLSA-2024:1721206996" title="CLSA-2024:1721206996" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="poppler" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-0.26.5-43.el7.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">cb625182dbffadcf5fea4134cb4d65139139ca83</sum> </package> <package arch="x86_64" epoch="0" name="poppler" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">ba28c974caddb05374904c5b8b76458e66864f06</sum> </package> <package arch="i686" epoch="0" name="poppler-cpp" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-cpp-0.26.5-43.el7.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">cbde18d66b33ec1799aa94a059316966e01b8192</sum> </package> <package arch="x86_64" epoch="0" name="poppler-cpp" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-cpp-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">486d3217eea2f527e0f993562a8db05b5bbaaa7d</sum> </package> <package arch="i686" epoch="0" name="poppler-cpp-devel" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-cpp-devel-0.26.5-43.el7.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">8a1ea5621f686cb72d37302d5c556607dc405213</sum> </package> <package arch="x86_64" epoch="0" name="poppler-cpp-devel" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-cpp-devel-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">b8e5b064fabb24a967846b1c501298ea21bf8590</sum> </package> <package arch="x86_64" epoch="0" name="poppler-demos" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-demos-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">19405ec13cead08c1ab27b343aeed12ec1fb9689</sum> </package> <package arch="i686" epoch="0" name="poppler-devel" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-devel-0.26.5-43.el7.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">7ac84430e9d178ce4be775a2e4d252b9f026a4e3</sum> </package> <package arch="x86_64" epoch="0" name="poppler-devel" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-devel-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">ae25fccbb5a548b99709a9aa4a0c464b86ba673b</sum> </package> <package arch="i686" epoch="0" name="poppler-glib" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-glib-0.26.5-43.el7.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">4af5581b436efbda436c8c0679606c4037c7da4f</sum> </package> <package arch="x86_64" epoch="0" name="poppler-glib" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-glib-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">8fa6c2c2c58fffe4ecd2bef117e8911ef502c4ed</sum> </package> <package arch="i686" epoch="0" name="poppler-glib-devel" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-glib-devel-0.26.5-43.el7.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">194790c3c1f3e64cc137b9b090ef1c752a2d65b0</sum> </package> <package arch="x86_64" epoch="0" name="poppler-glib-devel" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-glib-devel-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">e885a2117d2ce4807deb3eef2eb3a24305f1a368</sum> </package> <package arch="i686" epoch="0" name="poppler-qt" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-qt-0.26.5-43.el7.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">6f12e23cc0eedde9c8632efad6c8e0a41da2eb88</sum> </package> <package arch="x86_64" epoch="0" name="poppler-qt" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-qt-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">6c7ae4cfde394ea8981bc90db5906751358d4cd3</sum> </package> <package arch="i686" epoch="0" name="poppler-qt-devel" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-qt-devel-0.26.5-43.el7.1.tuxcare.els1.i686.rpm</filename> <sum type="sha">3bbab414595fadbc23a5fb20d08d055b4d8b2f3b</sum> </package> <package arch="x86_64" epoch="0" name="poppler-qt-devel" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-qt-devel-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">79d4728ab8833a4dee3ec95f1f20350294a3daac</sum> </package> <package arch="x86_64" epoch="0" name="poppler-utils" release="43.el7.1.tuxcare.els1" src="poppler-0.26.5-43.el7.1.tuxcare.els1.src.rpm" version="0.26.5"> <filename>poppler-utils-0.26.5-43.el7.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">7bc12e40d3721f1c9d14599ae4932f8c723cd3ad</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1722003981</id> <title>httpd: Fix of 5 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-38474: mod_rewrite: server weakness with encoded question marks in backreferences - CVE-2024-38475: mod_rewrite: server weakness in mod_rewrite when first segment of substitution matches filesystem path - CVE-2024-38477: mod_proxy: crash resulting in Denial of Service in mod_proxy via a malicious request - CVE-2024-38476: http: server use exploitable/malicious backend application output to run local handlers via internal redirect - CVE-2024-39573: mod_rewrite: proxy handler substitution</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-38474: mod_rewrite: server weakness with encoded question marks in backreferences - CVE-2024-38475: mod_rewrite: server weakness in mod_rewrite when first segment of substitution matches filesystem path - CVE-2024-38477: mod_proxy: crash resulting in Denial of Service in mod_proxy via a malicious request - CVE-2024-38476: http: server use exploitable/malicious backend application output to run local handlers via internal redirect - CVE-2024-39573: mod_rewrite: proxy handler substitution</summary> <pushcount>0</pushcount> <issued date="2024-07-26 14:26:24 UTC" /> <updated date="2024-07-26 14:26:24 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1722003981.html" id="CLSA-2024:1722003981" title="CLSA-2024:1722003981" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="httpd" release="99.el7.centos.1.tuxcare.els4" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els4.src.rpm" version="2.4.6"> <filename>httpd-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">7d961f78651cc718c36dbc66fce19c9c2b3cc0ad</sum> </package> <package arch="x86_64" epoch="0" name="httpd-devel" release="99.el7.centos.1.tuxcare.els4" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els4.src.rpm" version="2.4.6"> <filename>httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">0d8452290197a67530c5b398ac37275d7dbc7399</sum> </package> <package arch="noarch" epoch="0" name="httpd-manual" release="99.el7.centos.1.tuxcare.els4" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els4.src.rpm" version="2.4.6"> <filename>httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els4.noarch.rpm</filename> <sum type="sha">dbf08f48e41f44c9d286240251f67c6dfbc3427e</sum> </package> <package arch="x86_64" epoch="0" name="httpd-tools" release="99.el7.centos.1.tuxcare.els4" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els4.src.rpm" version="2.4.6"> <filename>httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">7f3f3a418be39ff57a332d8265427f8b2b11a3d4</sum> </package> <package arch="x86_64" epoch="0" name="mod_ldap" release="99.el7.centos.1.tuxcare.els4" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els4.src.rpm" version="2.4.6"> <filename>mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">2aeb0c3f7b98cee7f0e7830c400b653b7a7e8d91</sum> </package> <package arch="x86_64" epoch="1" name="mod_proxy_html" release="99.el7.centos.1.tuxcare.els4" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els4.src.rpm" version="2.4.6"> <filename>mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">195b4b9f9177c384497680e78845df96ca53c109</sum> </package> <package arch="x86_64" epoch="0" name="mod_session" release="99.el7.centos.1.tuxcare.els4" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els4.src.rpm" version="2.4.6"> <filename>mod_session-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">a9f442976d4523d6650215c53b83fcad2d8ef17f</sum> </package> <package arch="x86_64" epoch="1" name="mod_ssl" release="99.el7.centos.1.tuxcare.els4" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els4.src.rpm" version="2.4.6"> <filename>mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els4.x86_64.rpm</filename> <sum type="sha">1f5cc7ae9affe8e1b307dfa8d76cf603e40d7d55</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1722529344</id> <title>git: Fix of CVE-2024-32004</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-32004: detect dubious ownership of local repositories, backport the necessary functions</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-32004: detect dubious ownership of local repositories, backport the necessary functions</summary> <pushcount>0</pushcount> <issued date="2024-08-01 16:22:28 UTC" /> <updated date="2024-08-01 16:22:28 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1722529344.html" id="CLSA-2024:1722529344" title="CLSA-2024:1722529344" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="noarch" epoch="0" name="emacs-git" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>emacs-git-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">b0deeff09ddf25c0b06e99a573702096a1eb97d1</sum> </package> <package arch="noarch" epoch="0" name="emacs-git-el" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>emacs-git-el-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">70ff2407d30f97ce1d71dc67889ee27abc800fe1</sum> </package> <package arch="x86_64" epoch="0" name="git" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>git-1.8.3.1-25.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">b0c1700d9774718991d53c10e3da2d04234dd9a9</sum> </package> <package arch="noarch" epoch="0" name="git-all" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>git-all-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">a416044a33d7d765532a7c099ba1d7f8aa181203</sum> </package> <package arch="noarch" epoch="0" name="git-bzr" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>git-bzr-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">8af88eeadb225d442482c6c624ef2a0c04758810</sum> </package> <package arch="noarch" epoch="0" name="git-cvs" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>git-cvs-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">433602e5220f46973c0dcdf7f9ff70a94b6c2b6b</sum> </package> <package arch="x86_64" epoch="0" name="git-daemon" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>git-daemon-1.8.3.1-25.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">3a43d6f9913773cfc82e1c32f98ef03f1148007a</sum> </package> <package arch="noarch" epoch="0" name="git-email" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>git-email-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">08c18b56fb12a7bd5ccb9bd596f5c6a228bf8fd3</sum> </package> <package arch="x86_64" epoch="0" name="git-gnome-keyring" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>git-gnome-keyring-1.8.3.1-25.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">11d3a0932993f44aaef938d433071ff767fce338</sum> </package> <package arch="noarch" epoch="0" name="git-gui" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>git-gui-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">fd90a8aa5a89f9499ac3ff8f77e41eac44e6787e</sum> </package> <package arch="noarch" epoch="0" name="git-hg" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>git-hg-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">339f0c3962ccb0c27cd0a4aad535076c717f1a2e</sum> </package> <package arch="noarch" epoch="0" name="git-instaweb" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>git-instaweb-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">17520f98050e093d6ab4d24d346ca3a85aec1be4</sum> </package> <package arch="noarch" epoch="0" name="git-p4" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>git-p4-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">7b9e9c81aa6b97d01280b8d4f5319cd4e897a1f7</sum> </package> <package arch="x86_64" epoch="0" name="git-svn" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>git-svn-1.8.3.1-25.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha">07be89392ad2ec5b582d170d52ad28f71ed76b9d</sum> </package> <package arch="noarch" epoch="0" name="gitk" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>gitk-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">9fd22481e62ad333631c3b6009ca7bca449350c9</sum> </package> <package arch="noarch" epoch="0" name="gitweb" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>gitweb-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">e1401c833bbbecb49b29da8dfb12972ceda98574</sum> </package> <package arch="noarch" epoch="0" name="perl-Git" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>perl-Git-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">55f04ebb4c769dbcd1d26b9dfdc447aa5a13798d</sum> </package> <package arch="noarch" epoch="0" name="perl-Git-SVN" release="25.el7_9.tuxcare.els3" src="git-1.8.3.1-25.el7_9.tuxcare.els3.src.rpm" version="1.8.3.1"> <filename>perl-Git-SVN-1.8.3.1-25.el7_9.tuxcare.els3.noarch.rpm</filename> <sum type="sha">8f520fe3eac148fd8dc284365efd2a8ff66e960d</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1722529534</id> <title>libtiff: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-52356: added proper validation and boundary checks to prevent the SEGV and potential heap-buffer overflow - CVE-2023-52355: added functionality to set a maximum possible allocation size in bytes in order to prevent out-of-memory issues when opening a TIFF file and added memory limit option in tools</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-52356: added proper validation and boundary checks to prevent the SEGV and potential heap-buffer overflow - CVE-2023-52355: added functionality to set a maximum possible allocation size in bytes in order to prevent out-of-memory issues when opening a TIFF file and added memory limit option in tools</summary> <pushcount>0</pushcount> <issued date="2024-08-01 16:25:37 UTC" /> <updated date="2024-08-01 16:25:37 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1722529534.html" id="CLSA-2024:1722529534" title="CLSA-2024:1722529534" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libtiff" release="35.el7.tuxcare.els1" src="libtiff-4.0.3-35.el7.tuxcare.els1.src.rpm" version="4.0.3"> <filename>libtiff-4.0.3-35.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">46f0e0d5c8b8bc6e8242c60d18254ae94455af10</sum> </package> <package arch="x86_64" epoch="0" name="libtiff" release="35.el7.tuxcare.els1" src="libtiff-4.0.3-35.el7.tuxcare.els1.src.rpm" version="4.0.3"> <filename>libtiff-4.0.3-35.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">dff88e98858aaea1f05150e6b8121f8c77e9e5c7</sum> </package> <package arch="i686" epoch="0" name="libtiff-devel" release="35.el7.tuxcare.els1" src="libtiff-4.0.3-35.el7.tuxcare.els1.src.rpm" version="4.0.3"> <filename>libtiff-devel-4.0.3-35.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">f9bd531c683b195d59b6bfaff68c5b24f98b0bf6</sum> </package> <package arch="x86_64" epoch="0" name="libtiff-devel" release="35.el7.tuxcare.els1" src="libtiff-4.0.3-35.el7.tuxcare.els1.src.rpm" version="4.0.3"> <filename>libtiff-devel-4.0.3-35.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">0f01f6ad70f8f3017de0c19b7d1993266ff03c2c</sum> </package> <package arch="i686" epoch="0" name="libtiff-static" release="35.el7.tuxcare.els1" src="libtiff-4.0.3-35.el7.tuxcare.els1.src.rpm" version="4.0.3"> <filename>libtiff-static-4.0.3-35.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha">becc9eed46f880cd553dd4bc1ae2767735f23f89</sum> </package> <package arch="x86_64" epoch="0" name="libtiff-static" release="35.el7.tuxcare.els1" src="libtiff-4.0.3-35.el7.tuxcare.els1.src.rpm" version="4.0.3"> <filename>libtiff-static-4.0.3-35.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">afb9b292dfa41e9368581502d8d426d7fa410ea9</sum> </package> <package arch="x86_64" epoch="0" name="libtiff-tools" release="35.el7.tuxcare.els1" src="libtiff-4.0.3-35.el7.tuxcare.els1.src.rpm" version="4.0.3"> <filename>libtiff-tools-4.0.3-35.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">8f32820e11e71434ef80dfe2b647d371439571be</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1722529717</id> <title>unbound: Fix of CVE-2023-50387</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-50387: enhanced DNS resolver performance and stability by optimizing the handling of DNSSEC responses, reducing the potential for resource exhaustion</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-50387: enhanced DNS resolver performance and stability by optimizing the handling of DNSSEC responses, reducing the potential for resource exhaustion</summary> <pushcount>0</pushcount> <issued date="2024-08-01 16:28:40 UTC" /> <updated date="2024-08-01 16:28:40 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1722529717.html" id="CLSA-2024:1722529717" title="CLSA-2024:1722529717" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="unbound" release="5.el7_8.tuxcare.els1" src="unbound-1.6.6-5.el7_8.tuxcare.els1.src.rpm" version="1.6.6"> <filename>unbound-1.6.6-5.el7_8.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">32b7279d9548893fb0563b7f343ad71f27b1ad0b</sum> </package> <package arch="i686" epoch="0" name="unbound-devel" release="5.el7_8.tuxcare.els1" src="unbound-1.6.6-5.el7_8.tuxcare.els1.src.rpm" version="1.6.6"> <filename>unbound-devel-1.6.6-5.el7_8.tuxcare.els1.i686.rpm</filename> <sum type="sha">240c0aa7d895f4b3eab672598d5ade3ebdf594e6</sum> </package> <package arch="x86_64" epoch="0" name="unbound-devel" release="5.el7_8.tuxcare.els1" src="unbound-1.6.6-5.el7_8.tuxcare.els1.src.rpm" version="1.6.6"> <filename>unbound-devel-1.6.6-5.el7_8.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">4b9ff36403e3e34362f1cc39638f74bae335d0db</sum> </package> <package arch="i686" epoch="0" name="unbound-libs" release="5.el7_8.tuxcare.els1" src="unbound-1.6.6-5.el7_8.tuxcare.els1.src.rpm" version="1.6.6"> <filename>unbound-libs-1.6.6-5.el7_8.tuxcare.els1.i686.rpm</filename> <sum type="sha">31b07558d5c5129a5a49eacc875c9a745903150d</sum> </package> <package arch="x86_64" epoch="0" name="unbound-libs" release="5.el7_8.tuxcare.els1" src="unbound-1.6.6-5.el7_8.tuxcare.els1.src.rpm" version="1.6.6"> <filename>unbound-libs-1.6.6-5.el7_8.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">10bfdc30c93c44ee615f1cd7b11daec925c93efc</sum> </package> <package arch="x86_64" epoch="0" name="unbound-python" release="5.el7_8.tuxcare.els1" src="unbound-1.6.6-5.el7_8.tuxcare.els1.src.rpm" version="1.6.6"> <filename>unbound-python-1.6.6-5.el7_8.tuxcare.els1.x86_64.rpm</filename> <sum type="sha">049755022fa23ee9a4e611c99949bbbb0a39153e</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1723059198</id> <title>httpd: Fix of 3 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-39884: modules: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-38476 fix. - CVE-2024-40725: modules: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-39884 fix.</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-39884: modules: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-38476 fix. - CVE-2024-40725: modules: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-39884 fix.</summary> <pushcount>0</pushcount> <issued date="2024-08-07 19:33:21 UTC" /> <updated date="2024-08-07 19:33:21 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1723059198.html" id="CLSA-2024:1723059198" title="CLSA-2024:1723059198" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="httpd" release="99.el7.centos.1.tuxcare.els5" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els5.src.rpm" version="2.4.6"> <filename>httpd-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">cf08ca63a37e4f86e3a0a5a9f177455317517c462ee1a7c488241013b4e04f39</sum> </package> <package arch="x86_64" epoch="0" name="httpd-devel" release="99.el7.centos.1.tuxcare.els5" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els5.src.rpm" version="2.4.6"> <filename>httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">b398a8d950c33a30e48cfb04af3f16649c43b0090398df6f8be819f6d85683fd</sum> </package> <package arch="noarch" epoch="0" name="httpd-manual" release="99.el7.centos.1.tuxcare.els5" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els5.src.rpm" version="2.4.6"> <filename>httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els5.noarch.rpm</filename> <sum type="sha256">4d80233c6fb9fb8ff9ec9be1cac6ff066ca65a67190f75f32a18047ac53ed025</sum> </package> <package arch="x86_64" epoch="0" name="httpd-tools" release="99.el7.centos.1.tuxcare.els5" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els5.src.rpm" version="2.4.6"> <filename>httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">9876767cf61fc2d6b605b25f13c01473799f16a01ad6d1cd69961765fc3f7ab3</sum> </package> <package arch="x86_64" epoch="0" name="mod_ldap" release="99.el7.centos.1.tuxcare.els5" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els5.src.rpm" version="2.4.6"> <filename>mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">09671dbb670122ce6c2af731fbfbf7590d40c1620cefe49161874a223036bc2d</sum> </package> <package arch="x86_64" epoch="1" name="mod_proxy_html" release="99.el7.centos.1.tuxcare.els5" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els5.src.rpm" version="2.4.6"> <filename>mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">0f7c214839e6c51bdf2b0bc3d4aeec2c4d8c9a0e2893f39972f15579ed10f7a6</sum> </package> <package arch="x86_64" epoch="0" name="mod_session" release="99.el7.centos.1.tuxcare.els5" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els5.src.rpm" version="2.4.6"> <filename>mod_session-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">c642bc6f03f6d0a34b7a51189df3812e693b82ca7887d4bda7a056f0d4707271</sum> </package> <package arch="x86_64" epoch="1" name="mod_ssl" release="99.el7.centos.1.tuxcare.els5" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els5.src.rpm" version="2.4.6"> <filename>mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">17dbfe78b2971bfed25bd9592bda849e863a8d5ee97b7f68ab014c7e23c6145e</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1723060343</id> <title>Update of grub2</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Update version and epoch</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Update version and epoch</summary> <pushcount>0</pushcount> <issued date="2024-08-07 19:54:36 UTC" /> <updated date="2024-08-07 19:54:36 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1723060343.html" id="CLSA-2024:1723060343" title="CLSA-2024:1723060343" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="2" name="grub2" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">21e9fa45ecd1d364aa50dc54565a1432a98d720eecddc6723ae518ed0774b681</sum> </package> <package arch="noarch" epoch="2" name="grub2-common" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-common-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">dcb84b66986d4ccecebaa43234ef071a68cd28c3f623acb0451b8f0a57f27b0b</sum> </package> <package arch="x86_64" epoch="2" name="grub2-efi-ia32" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-efi-ia32-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">dc464731f0f4a0014db0703a4f675bf9cf637dfe0f857f25857a4a52086d382b</sum> </package> <package arch="x86_64" epoch="2" name="grub2-efi-ia32-cdboot" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-efi-ia32-cdboot-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">1a8c90764ec9aa73c7420b2ae6bddaa8e280d28f784b6c5612e2de4771cec5ce</sum> </package> <package arch="noarch" epoch="2" name="grub2-efi-ia32-modules" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-efi-ia32-modules-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">35d12f83a601cf933a1988ab445ed075f6c9195bc88037d46e39b608a2799ef5</sum> </package> <package arch="x86_64" epoch="2" name="grub2-efi-x64" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-efi-x64-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">246ee2e88c08cf655a71e7ee0cbf3c062fb8ce4e0e948788471a0e614b2ca579</sum> </package> <package arch="x86_64" epoch="2" name="grub2-efi-x64-cdboot" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-efi-x64-cdboot-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">b72171c084a5150c91061a6fa7802467d56a62d95dc3823124d1d56337a5296d</sum> </package> <package arch="noarch" epoch="2" name="grub2-efi-x64-modules" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-efi-x64-modules-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">c71863429a827700607ce7bc950cc5a68c2b2f4f88cbdc83afd9a267b92e0d3a</sum> </package> <package arch="noarch" epoch="2" name="grub2-i386-modules" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-i386-modules-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">f823f79eba1c9e68da8e308911f1022caec4c807f4a7047fab1617e65e95796a</sum> </package> <package arch="x86_64" epoch="2" name="grub2-pc" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-pc-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">898f391d896a3fab47de5b23ac352bfc0d26f60d8a43c18593db422ed6bccf5d</sum> </package> <package arch="noarch" epoch="2" name="grub2-pc-modules" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-pc-modules-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">c8471d4a20e445652272ff583a046d64b628c16944e9759559673756ae02bdb7</sum> </package> <package arch="x86_64" epoch="2" name="grub2-tools" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-tools-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">f920e3d5bf434f3e231930eb0614be2bbeb5512a88a5fbaedebdb657c03ab736</sum> </package> <package arch="x86_64" epoch="2" name="grub2-tools-extra" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-tools-extra-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">ea233dec970276927b90976451019572974390f7eab160da867ca1f7fae77b7e</sum> </package> <package arch="x86_64" epoch="2" name="grub2-tools-minimal" release="0.87.0.2.el7.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-tools-minimal-2.02-0.87.0.2.el7.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">ce82fceb77c9eb7df36fa3fd4fccbf91aad8ee1a44883ec32ea84fe0811805ee</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1723060627</id> <title>tomcat: Fix of CVE-2021-25329</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Fix file path bug introduced by the CVE-2021-25329 fix</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Fix file path bug introduced by the CVE-2021-25329 fix</summary> <pushcount>0</pushcount> <issued date="2024-08-07 19:57:48 UTC" /> <updated date="2024-08-07 19:57:48 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1723060627.html" id="CLSA-2024:1723060627" title="CLSA-2024:1723060627" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="noarch" epoch="0" name="tomcat" release="16.el7_9.tuxcare.els2" src="tomcat-7.0.76-16.el7_9.tuxcare.els2.src.rpm" version="7.0.76"> <filename>tomcat-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">9d983a9f636921f0e58538824a3211060477177a8fced24dbfb560abdede02bb</sum> </package> <package arch="noarch" epoch="0" name="tomcat-admin-webapps" release="16.el7_9.tuxcare.els2" src="tomcat-7.0.76-16.el7_9.tuxcare.els2.src.rpm" version="7.0.76"> <filename>tomcat-admin-webapps-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">bcc45b1a29d8b26561d6c5fec9a12fe2a93a577b44a7560b510cbdb8e472112c</sum> </package> <package arch="noarch" epoch="0" name="tomcat-docs-webapp" release="16.el7_9.tuxcare.els2" src="tomcat-7.0.76-16.el7_9.tuxcare.els2.src.rpm" version="7.0.76"> <filename>tomcat-docs-webapp-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">084a9b7059103c827bf43af9cf7b2789fcec723ba9136754c70e6b63207903eb</sum> </package> <package arch="noarch" epoch="0" name="tomcat-el-2.2-api" release="16.el7_9.tuxcare.els2" src="tomcat-7.0.76-16.el7_9.tuxcare.els2.src.rpm" version="7.0.76"> <filename>tomcat-el-2.2-api-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">3af1d932791b0605102ceb92271c040a19d187a76af089492532a2bcf6624ea2</sum> </package> <package arch="noarch" epoch="0" name="tomcat-javadoc" release="16.el7_9.tuxcare.els2" src="tomcat-7.0.76-16.el7_9.tuxcare.els2.src.rpm" version="7.0.76"> <filename>tomcat-javadoc-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">44344eb8440c09b7cfa5aa61d99a1cb94c7be244363d3f313593c9b25f89e870</sum> </package> <package arch="noarch" epoch="0" name="tomcat-jsp-2.2-api" release="16.el7_9.tuxcare.els2" src="tomcat-7.0.76-16.el7_9.tuxcare.els2.src.rpm" version="7.0.76"> <filename>tomcat-jsp-2.2-api-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">06cc7eac7814651426d53fd3ef1fe0460cac04d0ba0c32fa04237e45298ac8b3</sum> </package> <package arch="noarch" epoch="0" name="tomcat-jsvc" release="16.el7_9.tuxcare.els2" src="tomcat-7.0.76-16.el7_9.tuxcare.els2.src.rpm" version="7.0.76"> <filename>tomcat-jsvc-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">0cf73f0f3efb72476d3b20c82cf8c517fca5276f85b4596f76749bf6716feabd</sum> </package> <package arch="noarch" epoch="0" name="tomcat-lib" release="16.el7_9.tuxcare.els2" src="tomcat-7.0.76-16.el7_9.tuxcare.els2.src.rpm" version="7.0.76"> <filename>tomcat-lib-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">b60195aceef1da2206943432a0af7812f8a5e15dee05ed20ca5e50c56d5d164d</sum> </package> <package arch="noarch" epoch="0" name="tomcat-servlet-3.0-api" release="16.el7_9.tuxcare.els2" src="tomcat-7.0.76-16.el7_9.tuxcare.els2.src.rpm" version="7.0.76"> <filename>tomcat-servlet-3.0-api-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">55c710446f24b3655869d49cd1f0baee2b5ca2dfd91b9f9b587a10942976ee8d</sum> </package> <package arch="noarch" epoch="0" name="tomcat-webapps" release="16.el7_9.tuxcare.els2" src="tomcat-7.0.76-16.el7_9.tuxcare.els2.src.rpm" version="7.0.76"> <filename>tomcat-webapps-7.0.76-16.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">7587d8d6b229fc6ca1b41d753733e3d8abb7d444cb1576d72e436ef6fe083b6b</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1723146304</id> <title>jasper: Fix of CVE-2023-51257</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-51257: fix an integer-overflow bug in the ICC profile parsing code</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-51257: fix an integer-overflow bug in the ICC profile parsing code</summary> <pushcount>0</pushcount> <issued date="2024-08-08 19:45:07 UTC" /> <updated date="2024-08-08 19:45:07 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1723146304.html" id="CLSA-2024:1723146304" title="CLSA-2024:1723146304" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="jasper" release="33.el7.tuxcare.els1" src="jasper-1.900.1-33.el7.tuxcare.els1.src.rpm" version="1.900.1"> <filename>jasper-1.900.1-33.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">638fc8bb9909908e62bc3eb80961482638a5312540ad810352ca2188efdddd34</sum> </package> <package arch="i686" epoch="0" name="jasper-devel" release="33.el7.tuxcare.els1" src="jasper-1.900.1-33.el7.tuxcare.els1.src.rpm" version="1.900.1"> <filename>jasper-devel-1.900.1-33.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">1ae0aed9821871475b4ad62557315184118d67b15fa83bcbe955630e4862d6fb</sum> </package> <package arch="x86_64" epoch="0" name="jasper-devel" release="33.el7.tuxcare.els1" src="jasper-1.900.1-33.el7.tuxcare.els1.src.rpm" version="1.900.1"> <filename>jasper-devel-1.900.1-33.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">d67ae955cd3d959149c4e332ee6d18772a1c8731ffe867d3c29217d1c28f64ce</sum> </package> <package arch="i686" epoch="0" name="jasper-libs" release="33.el7.tuxcare.els1" src="jasper-1.900.1-33.el7.tuxcare.els1.src.rpm" version="1.900.1"> <filename>jasper-libs-1.900.1-33.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">e43dd891ba810f449f76998478458fe5465e12095b58893d8d2c53e58afc2dcc</sum> </package> <package arch="x86_64" epoch="0" name="jasper-libs" release="33.el7.tuxcare.els1" src="jasper-1.900.1-33.el7.tuxcare.els1.src.rpm" version="1.900.1"> <filename>jasper-libs-1.900.1-33.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">d71c698422aad6430412ea5ad2331289bae1a89835c12d572ffd3f716a7cdecf</sum> </package> <package arch="x86_64" epoch="0" name="jasper-utils" release="33.el7.tuxcare.els1" src="jasper-1.900.1-33.el7.tuxcare.els1.src.rpm" version="1.900.1"> <filename>jasper-utils-1.900.1-33.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">635b17d506cf981bb5da115d91ee0fba8bd52d64409035ee3fd6ca093de57de3</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1723224273</id> <title>freerdp: Fix of CVE-2021-41159</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-41159: fix client out of memory</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-41159: fix client out of memory</summary> <pushcount>0</pushcount> <issued date="2024-08-09 17:24:36 UTC" /> <updated date="2024-08-09 17:24:36 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1723224273.html" id="CLSA-2024:1723224273" title="CLSA-2024:1723224273" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="freerdp" release="5.el7_9.tuxcare.els2" src="freerdp-2.1.1-5.el7_9.tuxcare.els2.src.rpm" version="2.1.1"> <filename>freerdp-2.1.1-5.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">d85cc7533204c8eb59ed962561248ab008a65650bfe3b63b1a2c30fee09dd4b7</sum> </package> <package arch="i686" epoch="0" name="freerdp-devel" release="5.el7_9.tuxcare.els2" src="freerdp-2.1.1-5.el7_9.tuxcare.els2.src.rpm" version="2.1.1"> <filename>freerdp-devel-2.1.1-5.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">1e22be779604d8d97e78990628a10fe47dfa990f7cf3708fc57eb574d0f5d310</sum> </package> <package arch="x86_64" epoch="0" name="freerdp-devel" release="5.el7_9.tuxcare.els2" src="freerdp-2.1.1-5.el7_9.tuxcare.els2.src.rpm" version="2.1.1"> <filename>freerdp-devel-2.1.1-5.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">091892b6d377f31fac4c4cb9bd6f6bbe6ec6c8e9807ad94db7153f1673127933</sum> </package> <package arch="i686" epoch="0" name="freerdp-libs" release="5.el7_9.tuxcare.els2" src="freerdp-2.1.1-5.el7_9.tuxcare.els2.src.rpm" version="2.1.1"> <filename>freerdp-libs-2.1.1-5.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">3eb1637413a5906970754e580d409313c672ab42fdadb6f0222b5af902fc0370</sum> </package> <package arch="x86_64" epoch="0" name="freerdp-libs" release="5.el7_9.tuxcare.els2" src="freerdp-2.1.1-5.el7_9.tuxcare.els2.src.rpm" version="2.1.1"> <filename>freerdp-libs-2.1.1-5.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">f74c72ec2d3ec78eb4355492d7ab090d1c38f35f7ec4d5893c6e9b8424858523</sum> </package> <package arch="i686" epoch="0" name="libwinpr" release="5.el7_9.tuxcare.els2" src="freerdp-2.1.1-5.el7_9.tuxcare.els2.src.rpm" version="2.1.1"> <filename>libwinpr-2.1.1-5.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">7a4462cd84563bfb5904c579f7d50c67357244d00415fc162d3b3985758881bb</sum> </package> <package arch="x86_64" epoch="0" name="libwinpr" release="5.el7_9.tuxcare.els2" src="freerdp-2.1.1-5.el7_9.tuxcare.els2.src.rpm" version="2.1.1"> <filename>libwinpr-2.1.1-5.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">0701dbf23ab52fa03df906b73c205a6cd31c4dd391372c1c03e5a3c14dfb42de</sum> </package> <package arch="i686" epoch="0" name="libwinpr-devel" release="5.el7_9.tuxcare.els2" src="freerdp-2.1.1-5.el7_9.tuxcare.els2.src.rpm" version="2.1.1"> <filename>libwinpr-devel-2.1.1-5.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">8adc73b5220e6f4c7d5cacc927799e63d7d903a2440fca69973bb6d084a7759e</sum> </package> <package arch="x86_64" epoch="0" name="libwinpr-devel" release="5.el7_9.tuxcare.els2" src="freerdp-2.1.1-5.el7_9.tuxcare.els2.src.rpm" version="2.1.1"> <filename>libwinpr-devel-2.1.1-5.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">ba3cdd98ac2d2f3c730624515f5427d0a55dbdef371b07d4e6d3452660cbd47e</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1723623068</id> <title>java-1.8.0-openjdk: Fix of 6 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u422-b05. That fixes following CVEs: - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: Infinite loop vunlerability in SymbolTable - CVE-2024-21140: Int overflow/underflow in Range Check Elimination (RCE) - CVE-2024-21144: Invalid header validation leads to Pack200 excessive loading time - CVE-2024-21145: Out-of-bounds access in MaskFill - CVE-2024-21147: Out-of-bounds array index in Range Check Elimination (RCE)</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u422-b05. That fixes following CVEs: - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: Infinite loop vunlerability in SymbolTable - CVE-2024-21140: Int overflow/underflow in Range Check Elimination (RCE) - CVE-2024-21144: Invalid header validation leads to Pack200 excessive loading time - CVE-2024-21145: Out-of-bounds access in MaskFill - CVE-2024-21147: Out-of-bounds array index in Range Check Elimination (RCE)</summary> <pushcount>0</pushcount> <issued date="2024-08-14 08:11:11 UTC" /> <updated date="2024-08-14 08:11:11 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1723623068.html" id="CLSA-2024:1723623068" title="CLSA-2024:1723623068" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="1" name="java-1.8.0-openjdk" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">1b39ec6d025f842d8d6625e7dabd16b9c099d274901785bbd4a44b4688c78555</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">d097d5c4f6fa0a8b388c724399a8b5778dec0692f403eb70442110d15fe9cb96</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-accessibility" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-accessibility-1.8.0.422.b05-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">6984c32519be294f3972d6867cb3f79b5a9fd8b0c4d39c382c2b90a908cf1edb</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-accessibility" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-accessibility-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">2d6cbd2b6c933682ae36f407d90ce54ebb13fa926b6254a299dfb8ed5e3ab50d</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-accessibility-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-accessibility-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">6bd26d8f55e734a44a49c0d567e75fd2e01fb0416dc41657e6706a0cc536dcf9</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">a9b57094feb64ccd6954d34a9eae41b1ce7251eb0e383460154e29c591f9edbb</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-demo" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-demo-1.8.0.422.b05-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">35d356d55ebafa903003b49aeb13b35edc67264a8476fb922e09a49c3a4c3d11</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-demo" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-demo-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">34c423711d5bee58bc6d461bda15e8ea62dd49e4446449df46cd00915faf8d18</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-demo-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-demo-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">93a3631a28f68a86adb1c19fe0ceefaae727e985eec8474f46182cd6af733c8c</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-devel" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-devel-1.8.0.422.b05-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">5b8167f35fdc1ff39631784679e750e8dafc1780380977ce3fe92f79af43f3e8</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-devel" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-devel-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">a32b5fd312b4fe4649041a24fdf255d02dc717d071a8b62de95ec09dde116879</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-devel-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-devel-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">42413079f7cd06d53ba675f73d0c0095e58f9c8c044843cc4ccc1a9f5f53d495</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-headless" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-headless-1.8.0.422.b05-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">9f1c1ba57c731b712aae95f4456e2865598f8b54c2e7ad33a22957af621b3c71</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-headless" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-headless-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">69436469403b5ac352b6f5c434f7ce7b1290052737a6a8c0229982cd39712bee</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-headless-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-headless-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">3708e13629069659370b124fcee084db9b2054072301ad005062cb83b9dfeda1</sum> </package> <package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-javadoc-1.8.0.422.b05-1.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">09c52832c473d846ea6a844e9c1f5f38fcb06862ad2c6fec9457842caf99ba91</sum> </package> <package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-javadoc-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">ca19d258b3f5ab0e27068ead8ae575b50ec9c93d55c696a240131e9181481a35</sum> </package> <package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-zip" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-javadoc-zip-1.8.0.422.b05-1.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">147f14088d606716c90c76b25c658dfeb6853d6a5bd13eeef974c505a7d477dc</sum> </package> <package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-zip-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">c97f7cf6eda8451cddcf195158139eaaec32b73acfe54413caf67d47862eac78</sum> </package> <package arch="i686" epoch="1" name="java-1.8.0-openjdk-src" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-src-1.8.0.422.b05-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">8b8e8c7e5de88a2ed0b4bd953037508ac5edd71c1359352c129945b15c7464aa</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-src" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-src-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">5a5c1ad8aaf5daaeaef6ca70433779fc42762ea8df9a9e0fc881360813d60663</sum> </package> <package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-src-debug" release="1.el7_9.tuxcare.els1" src="java-1.8.0-openjdk-1.8.0.422.b05-1.el7_9.tuxcare.els1.src.rpm" version="1.8.0.422.b05"> <filename>java-1.8.0-openjdk-src-debug-1.8.0.422.b05-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">90241f42a09c9ee5a3ddc4b36fd1a61331cd9877560123eca711f4a49da027dd</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1723795896</id> <title>harfbuzz: Fix of CVE-2023-25193</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-25193: optimize looking back for base glyphs in hb-ot-layout-gsubgpos-private.hh</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-25193: optimize looking back for base glyphs in hb-ot-layout-gsubgpos-private.hh</summary> <pushcount>0</pushcount> <issued date="2024-08-16 08:11:39 UTC" /> <updated date="2024-08-16 08:11:39 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1723795896.html" id="CLSA-2024:1723795896" title="CLSA-2024:1723795896" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="harfbuzz" release="2.el7.tuxcare.els1" src="harfbuzz-1.7.5-2.el7.tuxcare.els1.src.rpm" version="1.7.5"> <filename>harfbuzz-1.7.5-2.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">e0ddb3eb6feb7f396b78992a3341af3f0ea66b65343a0a5dcdda14872917e8d8</sum> </package> <package arch="x86_64" epoch="0" name="harfbuzz" release="2.el7.tuxcare.els1" src="harfbuzz-1.7.5-2.el7.tuxcare.els1.src.rpm" version="1.7.5"> <filename>harfbuzz-1.7.5-2.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">466c8f2b8dbabe7714eee330eb5bb0636a3f0756a909e4b66079019bcb215f89</sum> </package> <package arch="i686" epoch="0" name="harfbuzz-devel" release="2.el7.tuxcare.els1" src="harfbuzz-1.7.5-2.el7.tuxcare.els1.src.rpm" version="1.7.5"> <filename>harfbuzz-devel-1.7.5-2.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">e37ac411ac510789c5e441e5676e08193974c19ebaa9e36e37cfa49d3190cdfe</sum> </package> <package arch="x86_64" epoch="0" name="harfbuzz-devel" release="2.el7.tuxcare.els1" src="harfbuzz-1.7.5-2.el7.tuxcare.els1.src.rpm" version="1.7.5"> <filename>harfbuzz-devel-1.7.5-2.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">91d7f962f5771a99e0c9bb34a85f8892c7626f4b12384c464568f32d3ce30791</sum> </package> <package arch="i686" epoch="0" name="harfbuzz-icu" release="2.el7.tuxcare.els1" src="harfbuzz-1.7.5-2.el7.tuxcare.els1.src.rpm" version="1.7.5"> <filename>harfbuzz-icu-1.7.5-2.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">240ce416f0603f8e070f0b34e9a46ccc1ccd77f4351c21f621ee64c2294e1a21</sum> </package> <package arch="x86_64" epoch="0" name="harfbuzz-icu" release="2.el7.tuxcare.els1" src="harfbuzz-1.7.5-2.el7.tuxcare.els1.src.rpm" version="1.7.5"> <filename>harfbuzz-icu-1.7.5-2.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">c94b26bdd56a7851afc54eb8e9780e20abfb07aabb383d7c949f5acc70f40076</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1723796201</id> <title>wget: Fix of CVE-2024-38428</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-38428: properly re-implement userinfo parsing (rfc2396)</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-38428: properly re-implement userinfo parsing (rfc2396)</summary> <pushcount>0</pushcount> <issued date="2024-08-16 08:16:44 UTC" /> <updated date="2024-08-16 08:16:44 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1723796201.html" id="CLSA-2024:1723796201" title="CLSA-2024:1723796201" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="wget" release="18.el7_6.1.tuxcare.els1" src="wget-1.14-18.el7_6.1.tuxcare.els1.src.rpm" version="1.14"> <filename>wget-1.14-18.el7_6.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">4a7ffb990b832ad34255b0c1c418a31dcc8cd13f302186bc38f183714273fa28</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1724259497</id> <title>libndp: Fix of CVE-2024-5564</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-5564: validate route information option length</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-5564: validate route information option length</summary> <pushcount>0</pushcount> <issued date="2024-08-21 16:58:20 UTC" /> <updated date="2024-08-21 16:58:20 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1724259497.html" id="CLSA-2024:1724259497" title="CLSA-2024:1724259497" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libndp" release="9.el7.tuxcare.els1" src="libndp-1.2-9.el7.tuxcare.els1.src.rpm" version="1.2"> <filename>libndp-1.2-9.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">0d21c313d967caa248b531bbb559e0100854390cca0e9094db3cfb6396de89c2</sum> </package> <package arch="x86_64" epoch="0" name="libndp" release="9.el7.tuxcare.els1" src="libndp-1.2-9.el7.tuxcare.els1.src.rpm" version="1.2"> <filename>libndp-1.2-9.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">f73b26c9f7e8fa32e55e33da5a38d496dfcbfa5911899b8aca0e3fdcc16c0789</sum> </package> <package arch="i686" epoch="0" name="libndp-devel" release="9.el7.tuxcare.els1" src="libndp-1.2-9.el7.tuxcare.els1.src.rpm" version="1.2"> <filename>libndp-devel-1.2-9.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">a3d135a877889ed4e79aa512e6586facced48af9b7e3b9e6a14efa1cd49609b0</sum> </package> <package arch="x86_64" epoch="0" name="libndp-devel" release="9.el7.tuxcare.els1" src="libndp-1.2-9.el7.tuxcare.els1.src.rpm" version="1.2"> <filename>libndp-devel-1.2-9.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">207d9afa0c14f04a956e5846d39fb82c05ebe06183c3004dbc20e148f54f80ed</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1724260558</id> <title>libcdio: Fix of CVE-2024-36600</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-36600: Allocate more space for buffer, prevent overflow, add input validation</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-36600: Allocate more space for buffer, prevent overflow, add input validation</summary> <pushcount>0</pushcount> <issued date="2024-08-21 17:16:01 UTC" /> <updated date="2024-08-21 17:16:01 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1724260558.html" id="CLSA-2024:1724260558" title="CLSA-2024:1724260558" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libcdio" release="3.el7.tuxcare.els1" src="libcdio-0.92-3.el7.tuxcare.els1.src.rpm" version="0.92"> <filename>libcdio-0.92-3.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">8361c915389938588af187c03a6ae45382d37c39949c5249006bdd59b84360e8</sum> </package> <package arch="x86_64" epoch="0" name="libcdio" release="3.el7.tuxcare.els1" src="libcdio-0.92-3.el7.tuxcare.els1.src.rpm" version="0.92"> <filename>libcdio-0.92-3.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">2d3077c0f4e17adc7a39f4522b5ddd0ea47af06a2a725173e59238d623ca3d36</sum> </package> <package arch="i686" epoch="0" name="libcdio-devel" release="3.el7.tuxcare.els1" src="libcdio-0.92-3.el7.tuxcare.els1.src.rpm" version="0.92"> <filename>libcdio-devel-0.92-3.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">f27a180ff92a908aa19bb806165983414d74b0f5a503072960ac1e0b029f893f</sum> </package> <package arch="x86_64" epoch="0" name="libcdio-devel" release="3.el7.tuxcare.els1" src="libcdio-0.92-3.el7.tuxcare.els1.src.rpm" version="0.92"> <filename>libcdio-devel-0.92-3.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">b9dcf604e79fb2c4d9561cf7c2d276020341c78d126d410ff4879db75baccc58</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1724260726</id> <title>samba: Fix of CVE-2023-34966</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-34966: fix infinite loop vulnerability in mdssvc RPC service - some tests were added as skipped</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-34966: fix infinite loop vulnerability in mdssvc RPC service - some tests were added as skipped</summary> <pushcount>0</pushcount> <issued date="2024-08-21 17:18:49 UTC" /> <updated date="2024-08-21 17:18:49 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1724260726.html" id="CLSA-2024:1724260726" title="CLSA-2024:1724260726" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="ctdb" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>ctdb-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">2c2f5896bf18752a8bac136ad573717701c68f8f35b4746aa32c96c20a453253</sum> </package> <package arch="x86_64" epoch="0" name="ctdb-tests" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>ctdb-tests-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">6ab400dbc65d940afcf820a655a1ae0ce9e15bb360d6a5013fbdcf141881a9f3</sum> </package> <package arch="i686" epoch="0" name="libsmbclient" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>libsmbclient-4.10.16-25.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">72031a1e26b9b1c8ed971fd9b3b1328ed29a4b628f6e2faf52b110f1aa223f31</sum> </package> <package arch="x86_64" epoch="0" name="libsmbclient" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>libsmbclient-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">30644b483abc30a0cb20f2ae51b4b9734aae1c0e0e6e2e3cdf6ecd944e186e72</sum> </package> <package arch="i686" epoch="0" name="libsmbclient-devel" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>libsmbclient-devel-4.10.16-25.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">83fdfa734674d7075b24bdcfbde0114245f992ff7c066e6b6cf3bcf1a05ba453</sum> </package> <package arch="x86_64" epoch="0" name="libsmbclient-devel" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>libsmbclient-devel-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">e696b04dded703d87e63e2eb46e7e9decbaf8d1e47eac5181f9e6533af347c3a</sum> </package> <package arch="i686" epoch="0" name="libwbclient" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>libwbclient-4.10.16-25.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">d262ef98937aac153df21cf109ec16912b636c872282b207aa4526e31e1b145f</sum> </package> <package arch="x86_64" epoch="0" name="libwbclient" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>libwbclient-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">781381062920d4d1dae3be52dced3be78c2ffdb58dc0bcc3de571f8ff3df8079</sum> </package> <package arch="i686" epoch="0" name="libwbclient-devel" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>libwbclient-devel-4.10.16-25.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">fb78561b45951b2310ff3500c6ce12fa8f50298cda698ae825d08c28f7e54803</sum> </package> <package arch="x86_64" epoch="0" name="libwbclient-devel" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>libwbclient-devel-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">598d72c98aae3700cc0a39dad32968b78221f9ba28272d0e0253542410d7e4ed</sum> </package> <package arch="x86_64" epoch="0" name="samba" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">33140fe984c9fadd078c5cd2bac9e8bdd0ebabca7f750e5c751c365aa21175f9</sum> </package> <package arch="x86_64" epoch="0" name="samba-client" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-client-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">2ea3b93949de5a785d82c6b22a8c8bc00aba54412b0a9d306a9e8cd752b3f6e7</sum> </package> <package arch="i686" epoch="0" name="samba-client-libs" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-client-libs-4.10.16-25.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">e59a3df2f6d6a7921318fc26150ec57ed9463a03c8ce40a7580fd0c5df0efad4</sum> </package> <package arch="x86_64" epoch="0" name="samba-client-libs" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-client-libs-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">defd9ed8c9307b03e39b82386989c81b9583166d08059b16859ca5df3219e89b</sum> </package> <package arch="noarch" epoch="0" name="samba-common" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-common-4.10.16-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">9febe3e6fb3f3a7f2b16287f10a072ea9d716ac99e757ff886b564fcbcf2a1b2</sum> </package> <package arch="i686" epoch="0" name="samba-common-libs" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-common-libs-4.10.16-25.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">abd7a4cf3392d41ea5b03d74c7aa02aedea938014cdc3f2366a3097069f052ea</sum> </package> <package arch="x86_64" epoch="0" name="samba-common-libs" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-common-libs-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">3e4f6ae943f79926d86c2a8b314af3922263d4c4e6884ce5272f58e11439005b</sum> </package> <package arch="x86_64" epoch="0" name="samba-common-tools" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-common-tools-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">d865f03f71b2de7a72da8614a385ace3013665138c3a22f8db18823e7e069c5a</sum> </package> <package arch="x86_64" epoch="0" name="samba-dc" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-dc-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">233e99a882e5d6873e5603262c1d12e069df450cdc050cc7210902d4e0392598</sum> </package> <package arch="x86_64" epoch="0" name="samba-dc-libs" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-dc-libs-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">c15cec6bffe8476f677276b563b0df1d9502cefccef81a186edb524b79245c71</sum> </package> <package arch="i686" epoch="0" name="samba-devel" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-devel-4.10.16-25.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">c6e8d7931da35004ba13ca41b622110f970e2ceec954a4e0b543ced7adb4584c</sum> </package> <package arch="x86_64" epoch="0" name="samba-devel" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-devel-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">38d06b836c10c5bd66d3ebaba98ba12b660dc8e73cfa5d951ee1c09b82c95351</sum> </package> <package arch="x86_64" epoch="0" name="samba-krb5-printing" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-krb5-printing-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">25008ac83b805d7ce934817be646c836e3496fff2c7b48578248b5c8c84b56bc</sum> </package> <package arch="i686" epoch="0" name="samba-libs" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-libs-4.10.16-25.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">57615d9d76f6925fed28a8d198ed725b0c95722a88fcd330431cf9b016bf07fc</sum> </package> <package arch="x86_64" epoch="0" name="samba-libs" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-libs-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">ed671c64637bb258cc1445a5250ee192c6c37811295d99addabc7706f355f2d2</sum> </package> <package arch="noarch" epoch="0" name="samba-pidl" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-pidl-4.10.16-25.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">6a79efc6e034ecb4b9ae748617e5d38a7543b8259e29f3888c7ae40dc27e00ae</sum> </package> <package arch="i686" epoch="0" name="samba-python" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-python-4.10.16-25.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">c1b11a7789652dd4a5082bb9b4036f0f75c140e517884e5d176caefae7ab4665</sum> </package> <package arch="x86_64" epoch="0" name="samba-python" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-python-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">0b89f0ef572c65488cbddb7cec5b2ac13e71a709893b124047753a48c9c41de8</sum> </package> <package arch="x86_64" epoch="0" name="samba-python-test" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-python-test-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">ed72028d6430a66a79333951f9a08a85517377e622d3f031a1b0a954c9e12d8b</sum> </package> <package arch="x86_64" epoch="0" name="samba-test" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-test-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">991017d15727ba7538589118c5f2d286c23c0bea404a627a9166d250243ae2a2</sum> </package> <package arch="i686" epoch="0" name="samba-test-libs" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-test-libs-4.10.16-25.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">6e27f0e4efeb91ba25cde0aeb5e2dc6383aade3e6646955447a9ccbd25382f77</sum> </package> <package arch="x86_64" epoch="0" name="samba-test-libs" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-test-libs-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">290c5c55f2ba982d4ac8d705ea0cbc47aa50b0f542e307f15727f340a9486199</sum> </package> <package arch="x86_64" epoch="0" name="samba-vfs-glusterfs" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-vfs-glusterfs-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">1b9fcfef9ea2de4e3cdb7b01bcad4646e99b3314f569a5c719dbfa7f05f12046</sum> </package> <package arch="x86_64" epoch="0" name="samba-winbind" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-winbind-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">997c9acf340de001e47047fdd72571ebde932c6ed9f0e25bc79ebf41ff0636ac</sum> </package> <package arch="x86_64" epoch="0" name="samba-winbind-clients" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-winbind-clients-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">8ee997c47c49aa7ef26027d266ffe578545d2d8bbab1fdf9b381965f340084c2</sum> </package> <package arch="x86_64" epoch="0" name="samba-winbind-krb5-locator" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-winbind-krb5-locator-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">4df185760c28a888140007bdac4e595b99659e765b902ba32546c7bfb1c8974b</sum> </package> <package arch="i686" epoch="0" name="samba-winbind-modules" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-winbind-modules-4.10.16-25.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">e54cbaa71ff09c8584a4ef856330cdce58aa68385d5a1f6be9a57138e5e73971</sum> </package> <package arch="x86_64" epoch="0" name="samba-winbind-modules" release="25.el7_9.tuxcare.els1" src="samba-4.10.16-25.el7_9.tuxcare.els1.src.rpm" version="4.10.16"> <filename>samba-winbind-modules-4.10.16-25.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">03ae74fe4089f8d561f96c88123198d20570e32487c1f863c88c74d96b207b56</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1724348053</id> <title>bind: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-1737: add a limit to the number of RRs in RRSets and RR types for single name - CVE-2024-1975: remove support for SIG(0) message verification - Fix the SYSTEMTEST section in the spec file</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-1737: add a limit to the number of RRs in RRSets and RR types for single name - CVE-2024-1975: remove support for SIG(0) message verification - Fix the SYSTEMTEST section in the spec file</summary> <pushcount>0</pushcount> <issued date="2024-08-22 17:34:16 UTC" /> <updated date="2024-08-22 17:34:16 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1724348053.html" id="CLSA-2024:1724348053" title="CLSA-2024:1724348053" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="33" name="bind" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">4f4e8784dde132353df54e5634f8a9a7020a67e7e66d981440792522da6ec3a3</sum> </package> <package arch="x86_64" epoch="33" name="bind-chroot" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">16cab55a3b7098986583e8321a1ff8c159cdd39b15f1197348c02920b4a22015</sum> </package> <package arch="i686" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm</filename> <sum type="sha256">a1341189b02fdf7787eadfe85b14cfe80d276053e35b70cc79398e8b33123107</sum> </package> <package arch="x86_64" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">47c7bda9200dbbc2f49f9d1f59d961772608144bb7387bfb84f154079859555e</sum> </package> <package arch="i686" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm</filename> <sum type="sha256">593f5ee550a57fac722fffebccbc8f099b32a8d400481513fb0ed1585a231f38</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">179e305e0fe5bb8bfdc3e13a44f96bdd9fb9748274dfa74908061ada148d70e4</sum> </package> <package arch="i686" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm</filename> <sum type="sha256">1fdf049bcc6efb1472f8ae9e2d508270aed9abac5c1f350ab7d6e988f30e64c0</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">e4efa678124bb971d20f39bb465cc30827409707aeeebae9a239c3ec8beb1ab8</sum> </package> <package arch="i686" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm</filename> <sum type="sha256">a49b6456c86c4e67f4ff63fce9cfa66d8db547832cf11df93f69e9693f5975ca</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">7b073ae98adfd5e146b33594350921d292540b2bb9a3ec33cd498b0682c313fa</sum> </package> <package arch="i686" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm</filename> <sum type="sha256">47709daeab05b7587f9a551a9ff9dd9f9221192881970a97c16b8b8c89d2caa0</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">6ad122145575a9fd835026dc010b55d52c8bccbccf3d134f417c874edafc282c</sum> </package> <package arch="noarch" epoch="33" name="bind-license" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">351cf531bd668ba6332235ec61fa646f381f45a44a9339a1661c618191183327</sum> </package> <package arch="i686" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm</filename> <sum type="sha256">ae1ee3353d3fa0b4d35031020513ce040c19a372400e6664267ccecd4bb439c1</sum> </package> <package arch="x86_64" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">369e33bfdaee594de283ddb7bd2c181507441bdd702e24fa743da5db080ee688</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">8109a2ed957f482d5b90d25cc2b6d48268aa58f795ad7e4d161db9e861aeacd4</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm</filename> <sum type="sha256">1a4fffc0db4ef7212f5a363429be857d6390dd12c9d1dc68ea0dcd68cf6348b0</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">472ff77d3d17eaa3188db5912bede509c1b22606a112a52caf9cedf8c11fdf1c</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els2.i686.rpm</filename> <sum type="sha256">a16d85096941a82e85f478cfcfe8e30889be844af8bfc8a90dae0f7c6b793f96</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">5ace25618ddc1512277f9ca5e73b4b89208baa7f7a64ad9b46545b1741ea55f1</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-utils" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">ee5629be925c7172b5d0e4e46bce831a842fdd54028e6ba4302471bf752d0e3c</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">dcbe28914d7c5d64b4e2aa0b18dfb63e762af8a24aaafefe3da63c8d4dc2670c</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb-chroot" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">aa31f5223092430c1132b53f7baf02473dec9989e1571dc8972dc1c6a7e126e0</sum> </package> <package arch="x86_64" epoch="33" name="bind-utils" release="26.P2.el7_9.16.tuxcare.els2" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els2.src.rpm" version="9.11.4"> <filename>bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">a43d7a085c0e3e8ee2442c551e1cf26cd9d4ae654eece40ed0c0131a1486a83a</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1724693366</id> <title>kernel: Fix of 15 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() {CVE-2024-26855} - tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383} - drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960} - Revert: GFS2: Skip dlm_unlock calls during unmount {CVE-2024-38570} - Revert: GFS2: ignore unlock failures after withdraw {CVE-2024-38570} - Revert: GFS2: fix skip unlock condition {CVE-2024-38570} - ima: Fix use-after-free on a dentry's dname.name {CVE-2024-39494} - netfilter: nft_limit: reject configurations that cause integer overflow {CVE-2024-26668} - ipv6: remove max_size check inline with ipv4 {CVE-2023-52340} - USB: core: Fix deadlock in usb_deauthorize_interface() {CVE-2024-26934} - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() {CVE-2024-26882} - ip: validate header length on virtual device xmit - ext4: improve error recovery code paths in __ext4_remount() {CVE-2024-0775} - drivers/amd/pm: fix a use-after-free in kv_parse_power_table {CVE-2023-52469} - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc {CVE-2024-42228} - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() {CVE-2024-27020} - af_unix: Fix garbage collector racing against connect() {CVE-2024-26923} - md/raid5: fix atomicity violation in raid5_cache_count {CVE-2024-23307}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() {CVE-2024-26855} - tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383} - drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960} - Revert: GFS2: Skip dlm_unlock calls during unmount {CVE-2024-38570} - Revert: GFS2: ignore unlock failures after withdraw {CVE-2024-38570} - Revert: GFS2: fix skip unlock condition {CVE-2024-38570} - ima: Fix use-after-free on a dentry's dname.name {CVE-2024-39494} - netfilter: nft_limit: reject configurations that cause integer overflow {CVE-2024-26668} - ipv6: remove max_size check inline with ipv4 {CVE-2023-52340} - USB: core: Fix deadlock in usb_deauthorize_interface() {CVE-2024-26934} - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() {CVE-2024-26882} - ip: validate header length on virtual device xmit - ext4: improve error recovery code paths in __ext4_remount() {CVE-2024-0775} - drivers/amd/pm: fix a use-after-free in kv_parse_power_table {CVE-2023-52469} - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc {CVE-2024-42228} - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() {CVE-2024-27020} - af_unix: Fix garbage collector racing against connect() {CVE-2024-26923} - md/raid5: fix atomicity violation in raid5_cache_count {CVE-2024-23307}</summary> <pushcount>0</pushcount> <issued date="2024-08-26 17:29:30 UTC" /> <updated date="2024-08-26 17:29:30 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1724693366.html" id="CLSA-2024:1724693366" title="CLSA-2024:1724693366" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els3" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els3.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">f5788de6b933519739beaf9dd076b85cbd486b1cad4dd223e01f76737a5b6f55</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els3" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els3.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">8b6485df872df90f48b535531a12df5c9adef720c226880a58fd7eff68c25fc2</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els3" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els3.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">712f1ae44e958ac03e1c1b44e392d76054ff951760cd34619bf838656bdaba8e</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els3" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els3.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">befb295526a8acdb47f1d26b33ac6ce0dc21f3d5411791b845ca211cee3188c3</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els3" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els3.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">ee3ead168211e5ab1d83f8ae590ba9be52e651955d02ce26dc08630df59d42b1</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els3" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els3.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">c4a1c3392c8a0875868a7798153f8b6c17c54945954509c9e5c5e04d13d79699</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els3" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els3.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">7258aa97ff778ae1af2211e87e177e787e8027585d8ce039374438044d63863b</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els3" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els3.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">30512e28c7c5b65a3bc8f9ab14bd4b260805c6c06ab6abb6e9f580863927d147</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els3" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els3.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">5dca7f0bd25b6fb88f63cfdde5243ba04c2436c97a4a72b43c5500d1b5a44763</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els3" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els3.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">8b3e9a8a2ed9621456ba4b3b71f299650f4d69ba2b3c90977cc857a87bec02e6</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els3" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els3.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">a2359c448f8e5b23988c4afe9ed3c6353d187aad3ff60a56478b36de6783e18a</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1725382183</id> <title>httpd: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-38709: faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses - CVE-2024-24795: HTTP response splitting in multiple modules allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-38709: faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses - CVE-2024-24795: HTTP response splitting in multiple modules allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack</summary> <pushcount>0</pushcount> <issued date="2024-09-03 16:49:46 UTC" /> <updated date="2024-09-03 16:49:46 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1725382183.html" id="CLSA-2024:1725382183" title="CLSA-2024:1725382183" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="httpd" release="99.el7.centos.1.tuxcare.els6" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els6.src.rpm" version="2.4.6"> <filename>httpd-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">fdb737448bce0d46aa8659b000293c1945dedfb27d2f2ee540c3e1230e2652f7</sum> </package> <package arch="x86_64" epoch="0" name="httpd-devel" release="99.el7.centos.1.tuxcare.els6" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els6.src.rpm" version="2.4.6"> <filename>httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">1c9196bba5d2f3ef0cceab961a60fdbc5e505269cb1790cbe82303e6c507db5a</sum> </package> <package arch="noarch" epoch="0" name="httpd-manual" release="99.el7.centos.1.tuxcare.els6" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els6.src.rpm" version="2.4.6"> <filename>httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els6.noarch.rpm</filename> <sum type="sha256">9b46055e5a4516de55a05d9e3944593172aac762349c27c6a79ff4abd2846780</sum> </package> <package arch="x86_64" epoch="0" name="httpd-tools" release="99.el7.centos.1.tuxcare.els6" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els6.src.rpm" version="2.4.6"> <filename>httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">11bec23f36a45ea26437c1042ae97c1aafb05eefeb7ac733ba2b4a628a295ea6</sum> </package> <package arch="x86_64" epoch="0" name="mod_ldap" release="99.el7.centos.1.tuxcare.els6" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els6.src.rpm" version="2.4.6"> <filename>mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">2ba75ddcce763889db7da85f5ba003b62ce119662b91a00e7121acff3ef0d298</sum> </package> <package arch="x86_64" epoch="1" name="mod_proxy_html" release="99.el7.centos.1.tuxcare.els6" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els6.src.rpm" version="2.4.6"> <filename>mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">f5e91f31141db1452fd0f6cda7b9db1cf68e63fcf32ac514b93480d7b070354a</sum> </package> <package arch="x86_64" epoch="0" name="mod_session" release="99.el7.centos.1.tuxcare.els6" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els6.src.rpm" version="2.4.6"> <filename>mod_session-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">594c9fac228ad238203a1b3c5e82fe07e2faa08445ef73f73e40334092d6fcfe</sum> </package> <package arch="x86_64" epoch="1" name="mod_ssl" release="99.el7.centos.1.tuxcare.els6" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els6.src.rpm" version="2.4.6"> <filename>mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">3593e8b91cee88920c8f6bda1c27a762cdd2b8a55286970c8d4bdb8e4fa6622d</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1725382525</id> <title>python: Fix of CVE-2023-27043</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Bugfix for CVE-2023-27043, use str instead of unicode, adjust tests according to python2 specification.</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Bugfix for CVE-2023-27043, use str instead of unicode, adjust tests according to python2 specification.</summary> <pushcount>0</pushcount> <issued date="2024-09-03 16:55:28 UTC" /> <updated date="2024-09-03 16:55:28 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1725382525.html" id="CLSA-2024:1725382525" title="CLSA-2024:1725382525" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="python" release="94.el7_9.tuxcare.els3" src="python-2.7.5-94.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">8e8d356b99a7b14b0cbdbaddd3f971e519fcaba535f0e15d9171a22ab4ec6191</sum> </package> <package arch="x86_64" epoch="0" name="python-debug" release="94.el7_9.tuxcare.els3" src="python-2.7.5-94.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-debug-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">079de43bde2cb5976b61abd90724486c3e0b291526ae9a8e319c203f4456e02a</sum> </package> <package arch="x86_64" epoch="0" name="python-devel" release="94.el7_9.tuxcare.els3" src="python-2.7.5-94.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-devel-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">5b0f5c2d585f5612de195720928bef4ac6e00ec33c29dc61674727d1b6c838d8</sum> </package> <package arch="i686" epoch="0" name="python-libs" release="94.el7_9.tuxcare.els3" src="python-2.7.5-94.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-94.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha256">4c81b822a491b9a0c37b259fbab65dc5542bd6425ca34cfd0c1b8cfa81a24d74</sum> </package> <package arch="x86_64" epoch="0" name="python-libs" release="94.el7_9.tuxcare.els3" src="python-2.7.5-94.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">4711718536ba74562dad2895dc2c4cbe75782a9a5dc730c8d4fe4905b8ce1524</sum> </package> <package arch="x86_64" epoch="0" name="python-test" release="94.el7_9.tuxcare.els3" src="python-2.7.5-94.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-test-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">cf535135696dc23dd466d54887796c879f198df45c1b4b2549f40e58dfc32376</sum> </package> <package arch="x86_64" epoch="0" name="python-tools" release="94.el7_9.tuxcare.els3" src="python-2.7.5-94.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>python-tools-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">69fa59ed0e6913d8ad747d3745be47e0038c79580de0b480aa0f84ba9f98bfdd</sum> </package> <package arch="x86_64" epoch="0" name="tkinter" release="94.el7_9.tuxcare.els3" src="python-2.7.5-94.el7_9.tuxcare.els3.src.rpm" version="2.7.5"> <filename>tkinter-2.7.5-94.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">4f2342ca04ff7e6455e4604b817b17575676d30016a69c2cff1c77f7d86b1a08</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1725389829</id> <title>kernel: Fix of 3 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- xen/blkfront: force data bouncing when backend is untrusted {CVE-2022-33742} - ALSA: Fix deadlocks with kctl removals at disconnection {CVE-2024-38600} - net: fix out-of-bounds access in ops_init {CVE-2024-36883}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- xen/blkfront: force data bouncing when backend is untrusted {CVE-2022-33742} - ALSA: Fix deadlocks with kctl removals at disconnection {CVE-2024-38600} - net: fix out-of-bounds access in ops_init {CVE-2024-36883}</summary> <pushcount>0</pushcount> <issued date="2024-09-03 18:57:17 UTC" /> <updated date="2024-09-03 18:57:17 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1725389829.html" id="CLSA-2024:1725389829" title="CLSA-2024:1725389829" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els4" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els4.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">d648aedf085223df5e8f7ed905d8f9b72da0de0ad1f31d8843b81e194e50082a</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els4" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els4.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">d93e258f5c1434d85e1fb1f752b5086fb292585b85d0b935ca6583d3e8491c83</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els4" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els4.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">a59baf51a64d4b7d0fe6f0e8934f86952e78158aff75311fd45fc58e0a5132de</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els4" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els4.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">c44c35f84b1f769aeedf87fa3bcd9db6d26d446ee6ca2b0d53c44da3a5ee6341</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els4" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els4.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">d02fda27ccc0d98aa1beb1989b5df1c7b78df249dcbb8dc58a63a8e6bbd6da3b</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els4" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els4.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">0721cafe08e14fcdce6c859bad0952c82113812d7cc815d50627fa9db0911d2b</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els4" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els4.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">91fb0e6abe8a80165b37d17796030c798407b3721dc744261b88ab1767f0f55e</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els4" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els4.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">ffb88e1279216c70a8a12614bc4144500b01e939ec29b05b02ae48c760f11b3c</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els4" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els4.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">9c8e1bcd4a944ce809d089e3aefbf05f417a0537fcc6eaaf0856a2fa75f027a5</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els4" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els4.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">c36ecdc9d02252d8046bc1617dd7cc17604afa376dadaeaf99bafdb01abc7865</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els4" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els4.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">5efaef24333126f976a8182c0dbd2ea54872962c2efe59685fc43b8e7c1b7587</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1725443754</id> <title>bind: Fix of CVE-2024-1737</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-1737: add environment variable DNS_RDATASET_MAX_RECORDS, DNS_RBTDB_MAX_RTYPES to override hardcoded limits DDNS_RDATASET_MAX_RECORDS and DDNS_RBTDB_MAX_RTYPES - Fix man8 pages for dnssec utils</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-1737: add environment variable DNS_RDATASET_MAX_RECORDS, DNS_RBTDB_MAX_RTYPES to override hardcoded limits DDNS_RDATASET_MAX_RECORDS and DDNS_RBTDB_MAX_RTYPES - Fix man8 pages for dnssec utils</summary> <pushcount>0</pushcount> <issued date="2024-09-04 09:55:57 UTC" /> <updated date="2024-09-04 09:55:57 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1725443754.html" id="CLSA-2024:1725443754" title="CLSA-2024:1725443754" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="33" name="bind" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">8c51c8189d9c266c0506247ed03fdb607b66b2786ae665b48aa1c03a92cb771f</sum> </package> <package arch="x86_64" epoch="33" name="bind-chroot" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">15046bbf6ecd39f68f24241e798d4b02eac20fc859c853e6442121b47a443e2e</sum> </package> <package arch="i686" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm</filename> <sum type="sha256">bc9d91d3e496b3ca3400ea4406521cf565b885351fcc9202dc9eb86ffd879cdf</sum> </package> <package arch="x86_64" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">da81224834ce74b674e5d32e584c4a257c3d2e7714994869aedcceca86756066</sum> </package> <package arch="i686" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm</filename> <sum type="sha256">dfc1bc92ca857e21713d13ddeb4bc769c14adcbdd81860b75d6fce7b192fdeb1</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">0af23600c981874d0f906c74c1c816631ea4faa5bcca3a9aa75f78877100fd07</sum> </package> <package arch="i686" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm</filename> <sum type="sha256">ef3c658605841d7c95ed9aeef621b9486018a99efe0ed55058b71478f6d8b985</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">c136f59c1309fd696a5ad94a885f2e929a97e702f645037004f8ead4c1bfdb42</sum> </package> <package arch="i686" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm</filename> <sum type="sha256">d67f6a751d0616f2ba6d4f311040d92b105ce26c9bb24ef3b9799c78dcfff1de</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">1f3ad381db736d5e9d35ad465b1e950a54465048184d183e1cfde190f0c19fdc</sum> </package> <package arch="i686" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm</filename> <sum type="sha256">96881e319004b44a6f14a0ef724c63cae9a4ad5d7cf6915b390fda0a0d1480eb</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">ff9656fb3b745c208a3c18d3c57b9bd5b59226dfdd166f3066e2449541268bc7</sum> </package> <package arch="noarch" epoch="33" name="bind-license" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els4.noarch.rpm</filename> <sum type="sha256">f6a29cea4d334d05badfb1150aded3d03667df3be95274ea6d292ff244a4ff63</sum> </package> <package arch="i686" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm</filename> <sum type="sha256">d8de6710e0b89984b5b88a29863d2b4fa29213a8d22b4b7320c9c80c5eb64150</sum> </package> <package arch="x86_64" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">c8fed04c28c7c78555001a3f4e2e5b2e8a75112732bdd48ef028bf14b3a54103</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">f6730d282414aef1abd6a0a5b9b46ba451fb872016c372651ed1fb2c9462cfb0</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm</filename> <sum type="sha256">ea4e20d3f2fad73a1ee791e46480c798fb2af82bdd4ff05e269fbe869f1de4fd</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">8f61d4ac9334ad928c603e212f6945a96aa90d4493d71372fed1a8de2ef60c83</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els4.i686.rpm</filename> <sum type="sha256">dcf426708aa1f9ad17cb977b232e12f151c806b82342df9e58241904547f119b</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">89611d7cbb1ca71abd0364126f6eed1beb6f18ee387483a67dc84dbb8e4f45c8</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-utils" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">eb4a283bb766e28a41cf2b31cb6ff9561db134996893eda8de6c36aab7fcaea9</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">0fc646ee5735a239ee8ec303cdf781d0f6b9da9b666d7402448bdf80fd94c24d</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb-chroot" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">0bb915ee445cd3c06c157aa729d91f2a04786913599ab60062373f698e008f8a</sum> </package> <package arch="x86_64" epoch="33" name="bind-utils" release="26.P2.el7_9.16.tuxcare.els4" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els4.src.rpm" version="9.11.4"> <filename>bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">051e23e5bc315681e9add0d601e71896b1b2e7d523b44f23c17d07737ff90230</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1725550629</id> <title>exim: Fix of CVE-2024-39929</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-39929: fix incorrectly parsing MIME parses filenames that are specified using multiple parameters</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-39929: fix incorrectly parsing MIME parses filenames that are specified using multiple parameters</summary> <pushcount>0</pushcount> <issued date="2024-09-05 15:37:13 UTC" /> <updated date="2024-09-05 15:37:13 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1725550629.html" id="CLSA-2024:1725550629" title="CLSA-2024:1725550629" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="exim" release="1.el7.tuxcare.els1" src="exim-4.97.1-1.el7.tuxcare.els1.src.rpm" version="4.97.1"> <filename>exim-4.97.1-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">7d999c53fc1ac80a013150574673b6475113c038f8f81e470c863e9b9dcd955e</sum> </package> <package arch="x86_64" epoch="0" name="exim-greylist" release="1.el7.tuxcare.els1" src="exim-4.97.1-1.el7.tuxcare.els1.src.rpm" version="4.97.1"> <filename>exim-greylist-4.97.1-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">23a978e1612ac6bc139e17123b8aa0d257185098c844101a6401957dc561969f</sum> </package> <package arch="x86_64" epoch="0" name="exim-mon" release="1.el7.tuxcare.els1" src="exim-4.97.1-1.el7.tuxcare.els1.src.rpm" version="4.97.1"> <filename>exim-mon-4.97.1-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">0f9a6a34c7419f0cb635aecfce16aacd0b2fa7b501b0fef36a3503475b886252</sum> </package> <package arch="x86_64" epoch="0" name="exim-mysql" release="1.el7.tuxcare.els1" src="exim-4.97.1-1.el7.tuxcare.els1.src.rpm" version="4.97.1"> <filename>exim-mysql-4.97.1-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">edf9d83dc3fefb9f588461dedb28b7b9e07af06302a8848020796e3dcf3f2d9a</sum> </package> <package arch="x86_64" epoch="0" name="exim-pgsql" release="1.el7.tuxcare.els1" src="exim-4.97.1-1.el7.tuxcare.els1.src.rpm" version="4.97.1"> <filename>exim-pgsql-4.97.1-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">c2ac02ead999312f7f542bdd177a272fe95c3c61647f967c203bcafe2b244efd</sum> </package> <package arch="noarch" epoch="0" name="exim-sysvinit" release="1.el7.tuxcare.els1" src="exim-4.97.1-1.el7.tuxcare.els1.src.rpm" version="4.97.1"> <filename>exim-sysvinit-4.97.1-1.el7.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">860c20e6b241b7c76584aa6fe1e78f8cacd0616428f2cd08798b06b4d2db6fda</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1725554505</id> <title>unbound: Fix of CVE-2022-3204</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-3204: add max number of lookups in the cache for target nameserver names</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-3204: add max number of lookups in the cache for target nameserver names</summary> <pushcount>0</pushcount> <issued date="2024-09-05 16:52:45 UTC" /> <updated date="2024-09-05 16:52:45 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1725554505.html" id="CLSA-2024:1725554505" title="CLSA-2024:1725554505" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="unbound" release="5.el7_8.tuxcare.els2" src="unbound-1.6.6-5.el7_8.tuxcare.els2.src.rpm" version="1.6.6"> <filename>unbound-1.6.6-5.el7_8.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">17b6e8792ef9e78ea91ecae0b62144afe83ed32eb12e65d55f318cde4298720a</sum> </package> <package arch="i686" epoch="0" name="unbound-devel" release="5.el7_8.tuxcare.els2" src="unbound-1.6.6-5.el7_8.tuxcare.els2.src.rpm" version="1.6.6"> <filename>unbound-devel-1.6.6-5.el7_8.tuxcare.els2.i686.rpm</filename> <sum type="sha256">f33f48c6f9f759e30d5aa1c6a55a40f4c57fd80bd450b0b3aac00e63a5cf14e5</sum> </package> <package arch="x86_64" epoch="0" name="unbound-devel" release="5.el7_8.tuxcare.els2" src="unbound-1.6.6-5.el7_8.tuxcare.els2.src.rpm" version="1.6.6"> <filename>unbound-devel-1.6.6-5.el7_8.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">9e462338d39540ef1f00b19321ea705ab65f27a186df27cf7b1de2b9856bebb6</sum> </package> <package arch="i686" epoch="0" name="unbound-libs" release="5.el7_8.tuxcare.els2" src="unbound-1.6.6-5.el7_8.tuxcare.els2.src.rpm" version="1.6.6"> <filename>unbound-libs-1.6.6-5.el7_8.tuxcare.els2.i686.rpm</filename> <sum type="sha256">5eda194435c34536009e6957a7b89d118e3bf8d4093be83b0b6e12ef27eb0ed9</sum> </package> <package arch="x86_64" epoch="0" name="unbound-libs" release="5.el7_8.tuxcare.els2" src="unbound-1.6.6-5.el7_8.tuxcare.els2.src.rpm" version="1.6.6"> <filename>unbound-libs-1.6.6-5.el7_8.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">715f4f5fd1f4a251c176076966af1e5b993a2d3cc2b4e6062343e9408c98bd31</sum> </package> <package arch="x86_64" epoch="0" name="unbound-python" release="5.el7_8.tuxcare.els2" src="unbound-1.6.6-5.el7_8.tuxcare.els2.src.rpm" version="1.6.6"> <filename>unbound-python-1.6.6-5.el7_8.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">ffe2e769446a70f38c0948a6f144dc28ec05395cee4a089833c5ce8e78eeffa3</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1725650489</id> <title>orc: Fix of CVE-2024-40897</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-40897: fix stack buffer overflow while construct error messages - Disable gtk-doc building due lack of gtkdoc-mktmpl command in gtk-doc-1.28-2.el7</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-40897: fix stack buffer overflow while construct error messages - Disable gtk-doc building due lack of gtkdoc-mktmpl command in gtk-doc-1.28-2.el7</summary> <pushcount>0</pushcount> <issued date="2024-09-06 19:21:33 UTC" /> <updated date="2024-09-06 19:21:33 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1725650489.html" id="CLSA-2024:1725650489" title="CLSA-2024:1725650489" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="orc" release="1.el7.tuxcare.els1" src="orc-0.4.26-1.el7.tuxcare.els1.src.rpm" version="0.4.26"> <filename>orc-0.4.26-1.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">689f84599045d82b95324c08279ccf04f72611a0e268eb7a5cd97de824787ad4</sum> </package> <package arch="x86_64" epoch="0" name="orc" release="1.el7.tuxcare.els1" src="orc-0.4.26-1.el7.tuxcare.els1.src.rpm" version="0.4.26"> <filename>orc-0.4.26-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">1f24ff18c0fb37ac4bb6165f047950840bcb948c66eca755f820e840a974fbed</sum> </package> <package arch="x86_64" epoch="0" name="orc-compiler" release="1.el7.tuxcare.els1" src="orc-0.4.26-1.el7.tuxcare.els1.src.rpm" version="0.4.26"> <filename>orc-compiler-0.4.26-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">48176814d2ed4d31de4aacadccdba628343fec4c9839db5703d03b9278fdc220</sum> </package> <package arch="i686" epoch="0" name="orc-devel" release="1.el7.tuxcare.els1" src="orc-0.4.26-1.el7.tuxcare.els1.src.rpm" version="0.4.26"> <filename>orc-devel-0.4.26-1.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">924bc0dd84a3b4005655d227fbea0c4a8d2cbbbfa63fddd178b546413ada3e2f</sum> </package> <package arch="x86_64" epoch="0" name="orc-devel" release="1.el7.tuxcare.els1" src="orc-0.4.26-1.el7.tuxcare.els1.src.rpm" version="0.4.26"> <filename>orc-devel-0.4.26-1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">520b12295e1090506e46bd4b85a25fce69625188a3ea1a4b1a51579d3992fdad</sum> </package> <package arch="noarch" epoch="0" name="orc-doc" release="1.el7.tuxcare.els1" src="orc-0.4.26-1.el7.tuxcare.els1.src.rpm" version="0.4.26"> <filename>orc-doc-0.4.26-1.el7.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">d07d172f4d11e25662a00d5aca7c26a213e9bd487eef9a3e65f875be8de8c588</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1725882897</id> <title>kernel: Fix of 4 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- media: dvb-core: Fix use-after-free due on race condition at dvb_net {CVE-2022-45886} - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 {CVE-2022-45919} - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() {CVE-2024-39487} - net: fix __dst_negative_advice() race {CVE-2024-36971}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- media: dvb-core: Fix use-after-free due on race condition at dvb_net {CVE-2022-45886} - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 {CVE-2022-45919} - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() {CVE-2024-39487} - net: fix __dst_negative_advice() race {CVE-2024-36971}</summary> <pushcount>0</pushcount> <issued date="2024-09-09 11:55:01 UTC" /> <updated date="2024-09-09 11:55:01 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1725882897.html" id="CLSA-2024:1725882897" title="CLSA-2024:1725882897" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els5" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els5.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">e9bb01ba9418370734f98d1e613eedec9f6b696bec2336c1491fead7bfccd5e5</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els5" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els5.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">ae8ee1b6b4c54ba86778097e7bea0dc801ee85dd2122d6863f201aad05a79fe6</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els5" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els5.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">cff165a3237b06d31735cc5bd6006e920e01a3290f5147e279d1897e293aed44</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els5" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els5.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">71c1d4bfc46da248be31c3e3e5fb47d8b67f2db4149d0a2d0d9acb2c4b55d8b7</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els5" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els5.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">9352ac9acd91131641a734acbed4fe2a6f8f2aadf8c6be5efc2b80eb8c21a7ec</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els5" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els5.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">7ba1a12fcd72fcc4a9909bbef13ebecadf4fbb77db204bd4939f35004abe9f8c</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els5" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els5.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">a66a9860e7abcad4cb6ac8a4cc0212d4b90c8371b1b2b56b9d782550eb4cef0c</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els5" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els5.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">ae3daec61dc3b151e222a78bea326ab0c54ef961bc87c7aa4fc695c52e0b9e18</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els5" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els5.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">5b5e2d732f5712e633af5dbcccc5ff614bf0b0dae88b4cb07473fcd6fa9653c8</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els5" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els5.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">1d6a0704db8d8a7db91d432b5a4ec532f3f57cf1e51da8376ec387b746fa1e5d</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els5" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els5.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">d18068da76bf525f87c24645f6fdddcd3a8e24d6b189da2958ed5ef20f5ccf4b</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1726313380</id> <title>flatpak: Fix of CVE-2024-42472</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-42472: access to files outside sandbox for apps using persistent directories</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-42472: access to files outside sandbox for apps using persistent directories</summary> <pushcount>0</pushcount> <issued date="2024-09-14 11:29:44 UTC" /> <updated date="2024-09-14 11:29:44 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1726313380.html" id="CLSA-2024:1726313380" title="CLSA-2024:1726313380" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="flatpak" release="13.el7_9.tuxcare.els1" src="flatpak-1.0.9-13.el7_9.tuxcare.els1.src.rpm" version="1.0.9"> <filename>flatpak-1.0.9-13.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">6ca0b442b555dbb5da201eb80c8d04f3307ce38a6af78fdd8d97f464696963cd</sum> </package> <package arch="x86_64" epoch="0" name="flatpak-builder" release="13.el7_9.tuxcare.els1" src="flatpak-1.0.9-13.el7_9.tuxcare.els1.src.rpm" version="1.0.0"> <filename>flatpak-builder-1.0.0-13.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">0364689a1542360681cfc4887ae4b5a9cd6b6dd0429658e3f43ed3cb3bcbe39c</sum> </package> <package arch="x86_64" epoch="0" name="flatpak-devel" release="13.el7_9.tuxcare.els1" src="flatpak-1.0.9-13.el7_9.tuxcare.els1.src.rpm" version="1.0.9"> <filename>flatpak-devel-1.0.9-13.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">ad19d31dffb2c4de4c595356b1e4bbdeab7771bbcac5fd8892fdec206ebf9e19</sum> </package> <package arch="x86_64" epoch="0" name="flatpak-libs" release="13.el7_9.tuxcare.els1" src="flatpak-1.0.9-13.el7_9.tuxcare.els1.src.rpm" version="1.0.9"> <filename>flatpak-libs-1.0.9-13.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">e8cce63b47c7ab72c2b1e35d01936a1ef5492a2df743b28307618d0088b7a254</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1726314403</id> <title>Update of httpd</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- mod_proxy: Fix ProxySourceAddress binding failure with AH00938</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- mod_proxy: Fix ProxySourceAddress binding failure with AH00938</summary> <pushcount>0</pushcount> <issued date="2024-09-14 11:46:46 UTC" /> <updated date="2024-09-14 11:46:46 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1726314403.html" id="CLSA-2024:1726314403" title="CLSA-2024:1726314403" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="httpd" release="99.el7.centos.1.tuxcare.els7" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els7.src.rpm" version="2.4.6"> <filename>httpd-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">4fec53163dbdda346b75ec6aec34300ab7d6f4c6472e9ce3b0e9fa71fd79d3b2</sum> </package> <package arch="x86_64" epoch="0" name="httpd-devel" release="99.el7.centos.1.tuxcare.els7" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els7.src.rpm" version="2.4.6"> <filename>httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">8b0c8bea40562dab0ea6600a9da434fbb6f8ef449bc2b09ff5bc751ed650b060</sum> </package> <package arch="noarch" epoch="0" name="httpd-manual" release="99.el7.centos.1.tuxcare.els7" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els7.src.rpm" version="2.4.6"> <filename>httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els7.noarch.rpm</filename> <sum type="sha256">d8131b32ed21266b832a3bb218f417101124481b377623475d43e7647926ad16</sum> </package> <package arch="x86_64" epoch="0" name="httpd-tools" release="99.el7.centos.1.tuxcare.els7" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els7.src.rpm" version="2.4.6"> <filename>httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">2223c7f4454e34edf5d86e43a9b05da8914a3f0ce8e7ec048747ffb5139ce4de</sum> </package> <package arch="x86_64" epoch="0" name="mod_ldap" release="99.el7.centos.1.tuxcare.els7" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els7.src.rpm" version="2.4.6"> <filename>mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">4a2d8b6111a3b427b442081cf95708de9812576395ce3933d9aac3d38c9490c0</sum> </package> <package arch="x86_64" epoch="1" name="mod_proxy_html" release="99.el7.centos.1.tuxcare.els7" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els7.src.rpm" version="2.4.6"> <filename>mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">6760f799f866f6299bd7f5037b0bb3d479b7b4e4a94fd00a1dbeb407b3c74faa</sum> </package> <package arch="x86_64" epoch="0" name="mod_session" release="99.el7.centos.1.tuxcare.els7" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els7.src.rpm" version="2.4.6"> <filename>mod_session-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">326ab803a44690612e6c409bbd43117393cced60157a10d5cc2e2c0e2e8e69f9</sum> </package> <package arch="x86_64" epoch="1" name="mod_ssl" release="99.el7.centos.1.tuxcare.els7" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els7.src.rpm" version="2.4.6"> <filename>mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">a8535ef2ed8e875077dd55a220c2088c8dd7137319902adab4a6b93a72bdd757</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1726608591</id> <title>expat: Fix of 3 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-45490: Reject negative length for XML_ParseBuffer in xmlparse.c - CVE-2024-45491: Detect integer overflow in dtdCopy on 32-bit platforms - CVE-2024-45492: Detect integer overflow in nextScaffoldPart on 32-bit platforms</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-45490: Reject negative length for XML_ParseBuffer in xmlparse.c - CVE-2024-45491: Detect integer overflow in dtdCopy on 32-bit platforms - CVE-2024-45492: Detect integer overflow in nextScaffoldPart on 32-bit platforms</summary> <pushcount>0</pushcount> <issued date="2024-09-17 21:29:54 UTC" /> <updated date="2024-09-17 21:29:54 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1726608591.html" id="CLSA-2024:1726608591" title="CLSA-2024:1726608591" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="expat" release="15.el7_9.tuxcare.els2" src="expat-2.1.0-15.el7_9.tuxcare.els2.src.rpm" version="2.1.0"> <filename>expat-2.1.0-15.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">ae2d96373978a1429bddd5b33be8f1b92e35000aec2f17743bb9fc5e4971ea2c</sum> </package> <package arch="x86_64" epoch="0" name="expat" release="15.el7_9.tuxcare.els2" src="expat-2.1.0-15.el7_9.tuxcare.els2.src.rpm" version="2.1.0"> <filename>expat-2.1.0-15.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">b713302cfc1bcc7b4800361bdda6d2db4a35bd54986f68c5efbf395876d877f8</sum> </package> <package arch="i686" epoch="0" name="expat-devel" release="15.el7_9.tuxcare.els2" src="expat-2.1.0-15.el7_9.tuxcare.els2.src.rpm" version="2.1.0"> <filename>expat-devel-2.1.0-15.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">877f7999b4e86f581798823d5c6276ccbb86f162afe66f81b88a6bba08be172e</sum> </package> <package arch="x86_64" epoch="0" name="expat-devel" release="15.el7_9.tuxcare.els2" src="expat-2.1.0-15.el7_9.tuxcare.els2.src.rpm" version="2.1.0"> <filename>expat-devel-2.1.0-15.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">7bf9cd00f13fe37ac283a4431ac701b27ab574564e46a72517301a19f72583d4</sum> </package> <package arch="i686" epoch="0" name="expat-static" release="15.el7_9.tuxcare.els2" src="expat-2.1.0-15.el7_9.tuxcare.els2.src.rpm" version="2.1.0"> <filename>expat-static-2.1.0-15.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">83ccf7c2f94d61895b718b5fe40c3ac3b58eb86335fe4278201b749a4755e584</sum> </package> <package arch="x86_64" epoch="0" name="expat-static" release="15.el7_9.tuxcare.els2" src="expat-2.1.0-15.el7_9.tuxcare.els2.src.rpm" version="2.1.0"> <filename>expat-static-2.1.0-15.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">fac642c8af9dca8faebaf780b3a5c06222ff8cd63faa0f83197106293766033f</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1726651745</id> <title>kernel: Fix of 4 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- drm/vmwgfx: Validate the box size for the snooped cursor {CVE-2022-36280} - USB: ene_usb6250: Allocate enough memory for full object {CVE-2023-45862} - Bluetooth: L2CAP: Fix attempting to access uninitialized memory {CVE-2022-42895} - stm class: Fix a double free in stm_register_device() {CVE-2024-38627}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- drm/vmwgfx: Validate the box size for the snooped cursor {CVE-2022-36280} - USB: ene_usb6250: Allocate enough memory for full object {CVE-2023-45862} - Bluetooth: L2CAP: Fix attempting to access uninitialized memory {CVE-2022-42895} - stm class: Fix a double free in stm_register_device() {CVE-2024-38627}</summary> <pushcount>0</pushcount> <issued date="2024-09-18 09:29:08 UTC" /> <updated date="2024-09-18 09:29:08 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1726651745.html" id="CLSA-2024:1726651745" title="CLSA-2024:1726651745" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els6" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els6.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">5a704460e51250eed4c9cb125466f628e54566e8cf1948eeb6e16e2b1097f011</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els6" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els6.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">df8b18201545f4c20232a3f0f2087f59392818cc9436704ed843c40b31a9f4e9</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els6" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els6.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">944d415e1a02d55fe3d81256680012875e1c4814eeeb123e5e62916994092604</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els6" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els6.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">20fc73a0c82a4e98d8ca79876680abaeb38f4ceaf13cec4e6039728819ac0420</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els6" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els6.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">271828abf3017914fb573863e28b52c3dbbf7ec09df5163dc7c0ad088776351b</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els6" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els6.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">2f75bd903e9b1404ee7d437799ee9d4a795e83f6cccd427f27487b4ad247c629</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els6" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els6.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">c02d70bc10d0ae1700513873f5c12a0dad621a27320afada1f14b746a61698ba</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els6" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els6.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">c3a6cf753d929ff41205e8e34412737ea56a6f251339d2a9bd09fdb17e1fdb72</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els6" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els6.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">86a6f5b3edc1dc132d2c78b179385feeed551921b0dc6221e14443249d5f0516</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els6" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els6.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">705bef00253a1f2660ff758d9586f9b27b775add9f0b6c0e72233b0be7633bcf</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els6" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els6.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">9d5004e29effa928f3a714957752c46c38e5ea0cafbdf9dfa33ba15552be8385</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1726840907</id> <title>krb5: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-37370: prevent modification of Extra Count field in GSS krb5 wrap token to avoid appearing truncated to application - CVE-2024-37371: fix invalid memory reads during GSS message token handling</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-37370: prevent modification of Extra Count field in GSS krb5 wrap token to avoid appearing truncated to application - CVE-2024-37371: fix invalid memory reads during GSS message token handling</summary> <pushcount>0</pushcount> <issued date="2024-09-20 14:05:33 UTC" /> <updated date="2024-09-20 14:05:33 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1726840907.html" id="CLSA-2024:1726840907" title="CLSA-2024:1726840907" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="krb5-devel" release="55.el7_9.tuxcare.els1" src="krb5-1.15.1-55.el7_9.tuxcare.els1.src.rpm" version="1.15.1"> <filename>krb5-devel-1.15.1-55.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">63e772536988063d2b45ea00a0b9f0c525e84d3f5a34418ffaebcfdb14c9e8f3</sum> </package> <package arch="x86_64" epoch="0" name="krb5-devel" release="55.el7_9.tuxcare.els1" src="krb5-1.15.1-55.el7_9.tuxcare.els1.src.rpm" version="1.15.1"> <filename>krb5-devel-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">5f8fe636de3de015de357b1cc053e6b1ca1b7910751bb0d09a70dbec95f8f2ba</sum> </package> <package arch="i686" epoch="0" name="krb5-libs" release="55.el7_9.tuxcare.els1" src="krb5-1.15.1-55.el7_9.tuxcare.els1.src.rpm" version="1.15.1"> <filename>krb5-libs-1.15.1-55.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">4587eda79d19a6a91378a3a45df616f7e3c94c554d28c1f03fb8b4728fcf4251</sum> </package> <package arch="x86_64" epoch="0" name="krb5-libs" release="55.el7_9.tuxcare.els1" src="krb5-1.15.1-55.el7_9.tuxcare.els1.src.rpm" version="1.15.1"> <filename>krb5-libs-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">db466ad7a32237ae7d651a9f99c441956e9b52d14f83ae28e38435b65fb8d5ff</sum> </package> <package arch="x86_64" epoch="0" name="krb5-pkinit" release="55.el7_9.tuxcare.els1" src="krb5-1.15.1-55.el7_9.tuxcare.els1.src.rpm" version="1.15.1"> <filename>krb5-pkinit-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">70b69adc25fffd68ace6a7852bd6d78ac18518143d7a1a80554b82d07132b015</sum> </package> <package arch="x86_64" epoch="0" name="krb5-server" release="55.el7_9.tuxcare.els1" src="krb5-1.15.1-55.el7_9.tuxcare.els1.src.rpm" version="1.15.1"> <filename>krb5-server-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">e53c1c78f3d4f9f0d59da8f3277d9ceac3270680567c313c4b423ca247c63b4c</sum> </package> <package arch="x86_64" epoch="0" name="krb5-server-ldap" release="55.el7_9.tuxcare.els1" src="krb5-1.15.1-55.el7_9.tuxcare.els1.src.rpm" version="1.15.1"> <filename>krb5-server-ldap-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">e0c199eb6c77026b5adc28e09dd5d9d726a2ec84855f8c6bcedc7570802f2095</sum> </package> <package arch="x86_64" epoch="0" name="krb5-workstation" release="55.el7_9.tuxcare.els1" src="krb5-1.15.1-55.el7_9.tuxcare.els1.src.rpm" version="1.15.1"> <filename>krb5-workstation-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">c1777177b43028ac82bae70f65f69a3c3b60485be94cb5e7f977d214c6a785ba</sum> </package> <package arch="i686" epoch="0" name="libkadm5" release="55.el7_9.tuxcare.els1" src="krb5-1.15.1-55.el7_9.tuxcare.els1.src.rpm" version="1.15.1"> <filename>libkadm5-1.15.1-55.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">039244923ab4e5cf5cac98e6cba5fc45b12d78535643959fd1e71b1e0b9e8fba</sum> </package> <package arch="x86_64" epoch="0" name="libkadm5" release="55.el7_9.tuxcare.els1" src="krb5-1.15.1-55.el7_9.tuxcare.els1.src.rpm" version="1.15.1"> <filename>libkadm5-1.15.1-55.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">c2f7b6d8c77abf8e8ac1e7fb8581f15f8a02e2e7c0c4f3aa32808738a5f05cb1</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1727115733</id> <title>ruby: Fix of CVE-2021-41819</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-41819: when parsing cookies, only decode the values</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-41819: when parsing cookies, only decode the values</summary> <pushcount>0</pushcount> <issued date="2024-09-23 18:22:16 UTC" /> <updated date="2024-09-23 18:22:16 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1727115733.html" id="CLSA-2024:1727115733" title="CLSA-2024:1727115733" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="ruby" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="2.0.0.648"> <filename>ruby-2.0.0.648-39.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">5c5be6d491830bb1d1156e5552c1296bdacf706995d2e314a628690fa7a99daf</sum> </package> <package arch="x86_64" epoch="0" name="ruby-devel" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="2.0.0.648"> <filename>ruby-devel-2.0.0.648-39.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">ce55cd1e524e64c8853879e707c990eaaaedf512e93972c714e78640767995b4</sum> </package> <package arch="noarch" epoch="0" name="ruby-doc" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="2.0.0.648"> <filename>ruby-doc-2.0.0.648-39.el7_9.tuxcare.els5.noarch.rpm</filename> <sum type="sha256">05dfa268b4124f4740b61e3a6f5a7426328b1600b9b6055855167f0f344de8a4</sum> </package> <package arch="noarch" epoch="0" name="ruby-irb" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="2.0.0.648"> <filename>ruby-irb-2.0.0.648-39.el7_9.tuxcare.els5.noarch.rpm</filename> <sum type="sha256">16aa3828a6bc093de2548dac79aa70e4edbd346b401c488d3c60b126727ab6b2</sum> </package> <package arch="i686" epoch="0" name="ruby-libs" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="2.0.0.648"> <filename>ruby-libs-2.0.0.648-39.el7_9.tuxcare.els5.i686.rpm</filename> <sum type="sha256">deccc265640c08f9eb8092702f7d95af06f657e7a80f0652430c2c1621154a69</sum> </package> <package arch="x86_64" epoch="0" name="ruby-libs" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="2.0.0.648"> <filename>ruby-libs-2.0.0.648-39.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">ea2c04febe601f2ec70a00b3afe7504ae68d49621dafcdeb411df8ff3e6dff1b</sum> </package> <package arch="x86_64" epoch="0" name="ruby-tcltk" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="2.0.0.648"> <filename>ruby-tcltk-2.0.0.648-39.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">a0dc76f78dc2c95e1af2924f0e37810865f012c20f353ac24e3f6b9cecd881b7</sum> </package> <package arch="x86_64" epoch="0" name="rubygem-bigdecimal" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="1.2.0"> <filename>rubygem-bigdecimal-1.2.0-39.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">05ff0e106108c34035439618d1c9f5b5cd44c92f7d0c9ed6c025d64d0b151eca</sum> </package> <package arch="x86_64" epoch="0" name="rubygem-io-console" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="0.4.2"> <filename>rubygem-io-console-0.4.2-39.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">aa59cff917d931e58f3da620f2a2c2b0833b24ff953aacd5e258fd81f0d604de</sum> </package> <package arch="x86_64" epoch="0" name="rubygem-json" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="1.7.7"> <filename>rubygem-json-1.7.7-39.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">6048f1f40838ab944004ee1885326f2192cd0d90b72e90b78202f13007c1bd7e</sum> </package> <package arch="noarch" epoch="0" name="rubygem-minitest" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="4.3.2"> <filename>rubygem-minitest-4.3.2-39.el7_9.tuxcare.els5.noarch.rpm</filename> <sum type="sha256">a9b647f05c3ac23635a51a3bd891b59fc45f7f6063c45c57b7fbfa5756185f73</sum> </package> <package arch="x86_64" epoch="0" name="rubygem-psych" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="2.0.0"> <filename>rubygem-psych-2.0.0-39.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">09ec84ae7682f3b7833bdff218e75ebdf7fffff188812646c078f03577bca3a2</sum> </package> <package arch="noarch" epoch="0" name="rubygem-rake" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="0.9.6"> <filename>rubygem-rake-0.9.6-39.el7_9.tuxcare.els5.noarch.rpm</filename> <sum type="sha256">7b5dd1a1e599b9a76bf55139c5721f99e120c4265b814194a88336e296cbd2a1</sum> </package> <package arch="noarch" epoch="0" name="rubygem-rdoc" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="4.0.0"> <filename>rubygem-rdoc-4.0.0-39.el7_9.tuxcare.els5.noarch.rpm</filename> <sum type="sha256">bbc40475b08db0d6c22fa96177d0bc8c88b2f41dad120c6e94f8095498df3e2d</sum> </package> <package arch="noarch" epoch="0" name="rubygems" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="2.0.14.1"> <filename>rubygems-2.0.14.1-39.el7_9.tuxcare.els5.noarch.rpm</filename> <sum type="sha256">b2a92d4928071ef1f25a294c08b8f5442679d053471a6ba3f19e048ec49eb73a</sum> </package> <package arch="noarch" epoch="0" name="rubygems-devel" release="39.el7_9.tuxcare.els5" src="ruby-2.0.0.648-39.el7_9.tuxcare.els5.src.rpm" version="2.0.14.1"> <filename>rubygems-devel-2.0.14.1-39.el7_9.tuxcare.els5.noarch.rpm</filename> <sum type="sha256">31ab7bed3850080a4540e11e404b650ca34c239eac33dc34b8a961b45ba4f86c</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1727167500</id> <title>kernel: Fix of 11 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071} - bnx2x: Fix multiple UBSAN array-index-out-of-bounds {CVE-2024-42148} - exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882} - scsi: aacraid: Fix double-free on probe failure {CVE-2024-46673} - ipv6: prevent UAF in ip6_send_skb() {CVE-2024-44987} - fou: remove warn in gue_gro_receive on unsupported protocol {CVE-2024-44940} - media: xc2028: avoid use-after-free in load_firmware_cb() {CVE-2024-43900} - dev/parport: fix the array out-of-bounds risk {CVE-2024-42301} - mISDN: Fix a use after free in hfcmulti_tx() {CVE-2024-42280} - netfilter: nftables: exthdr: fix 4-byte stack OOB write {CVE-2023-52628} - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg {CVE-2023-51779}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071} - bnx2x: Fix multiple UBSAN array-index-out-of-bounds {CVE-2024-42148} - exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882} - scsi: aacraid: Fix double-free on probe failure {CVE-2024-46673} - ipv6: prevent UAF in ip6_send_skb() {CVE-2024-44987} - fou: remove warn in gue_gro_receive on unsupported protocol {CVE-2024-44940} - media: xc2028: avoid use-after-free in load_firmware_cb() {CVE-2024-43900} - dev/parport: fix the array out-of-bounds risk {CVE-2024-42301} - mISDN: Fix a use after free in hfcmulti_tx() {CVE-2024-42280} - netfilter: nftables: exthdr: fix 4-byte stack OOB write {CVE-2023-52628} - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg {CVE-2023-51779}</summary> <pushcount>0</pushcount> <issued date="2024-09-24 08:49:55 UTC" /> <updated date="2024-09-24 08:49:55 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1727167500.html" id="CLSA-2024:1727167500" title="CLSA-2024:1727167500" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els7" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els7.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">b30ce17e019314a558643fe0f0567739cec7b5cb32965f050ff978b49915d1ac</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els7" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els7.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">8a36c9a229dc9fa3de95139d343860cfae85dcf71fd9bc8b51dc742d2ea2b7e1</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els7" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els7.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">a9ae4472c9132b5424e4a32486d342b27864119bd9fa8fc2dfd2721a1ca9767f</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els7" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els7.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">f5ddec77b77dea557d2ecbf29d042ff1d5496ec33de7e8bea867f7801397e7d6</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els7" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els7.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">3be7a16207c71204f06a841be5ef29d87801b55f2726f4873aeca7bd956621b9</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els7" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els7.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">b07f37818d84332cae6c6d83f3230bc9e9f2c02178847fd477bec2068d3ad5c8</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els7" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els7.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">fd7c4fb774421190b7cd4c0274c1e4e8ab08caa16ac2dbc9599c5cddcf045c32</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els7" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els7.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">34b96af261184fd3114e25dd62c1690a34a9d18f46693bc308739f0047598f09</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els7" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els7.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">51968d99b3ff38fa3e9fce6ec3b13cbae32931885b73a47ad4e8c1d5f71e934f</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els7" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els7.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">3315c6f82e9df63de078cff7775dcf3b5855bf972b6d938898a57bd10c53b861</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els7" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els7.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">5537ea7013f0f10c4b90987b244f01573719d5cfb806e87c4eaa110764773791</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1727287647</id> <title>emacs: Fix of CVE-2024-48337</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-48337: fix etags local command injection vulnerability</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-48337: fix etags local command injection vulnerability</summary> <pushcount>0</pushcount> <issued date="2024-09-25 18:12:44 UTC" /> <updated date="2024-09-25 18:12:44 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1727287647.html" id="CLSA-2024:1727287647" title="CLSA-2024:1727287647" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="1" name="emacs" release="23.el7_9.1.tuxcare.els1" src="emacs-24.3-23.el7_9.1.tuxcare.els1.src.rpm" version="24.3"> <filename>emacs-24.3-23.el7_9.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">f1d74034e1fd85a29ddbce0b44671475ae22c5e85ea9a079fed974be58e47ecd</sum> </package> <package arch="x86_64" epoch="1" name="emacs-common" release="23.el7_9.1.tuxcare.els1" src="emacs-24.3-23.el7_9.1.tuxcare.els1.src.rpm" version="24.3"> <filename>emacs-common-24.3-23.el7_9.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">cc46e7d81c6b448149df304ce09a36de92dfc3decf5ed4effba96d428bbc3893</sum> </package> <package arch="noarch" epoch="1" name="emacs-el" release="23.el7_9.1.tuxcare.els1" src="emacs-24.3-23.el7_9.1.tuxcare.els1.src.rpm" version="24.3"> <filename>emacs-el-24.3-23.el7_9.1.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">d70f1bd2e4ab91549b4ecbddc67dba8b1c6665e7e46227460217ee3b569adcb2</sum> </package> <package arch="noarch" epoch="1" name="emacs-filesystem" release="23.el7_9.1.tuxcare.els1" src="emacs-24.3-23.el7_9.1.tuxcare.els1.src.rpm" version="24.3"> <filename>emacs-filesystem-24.3-23.el7_9.1.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">08405240700bf4a5a66bcf91a2a713ec13a02dca44b04f950373b650d478f7b5</sum> </package> <package arch="x86_64" epoch="1" name="emacs-nox" release="23.el7_9.1.tuxcare.els1" src="emacs-24.3-23.el7_9.1.tuxcare.els1.src.rpm" version="24.3"> <filename>emacs-nox-24.3-23.el7_9.1.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">16b36f2e8e18f802e5c0caa3deff37f148f14371bf0029b184ab26dd544f77a1</sum> </package> <package arch="noarch" epoch="1" name="emacs-terminal" release="23.el7_9.1.tuxcare.els1" src="emacs-24.3-23.el7_9.1.tuxcare.els1.src.rpm" version="24.3"> <filename>emacs-terminal-24.3-23.el7_9.1.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">646e80f307b097b69b4bd656a791a8ef3fa0627532d99d443a9ac2290a38bcda</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1727288321</id> <title>linux-firmware: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A10F12(ver:0x0A101248), cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00A00F12(ver:0x0A001238), cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A00F11(ver:0x0A0011D5); - Update AMD CPU microcode for processor family 0x17: cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00830F10(ver:0x0830107C); - Fix CVE-2023-31315 (AMD-SB-7014), CVE-2023-20592 (AMD-SB-3005) - Update AMD CPU microcode to 2024-08-11</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A10F12(ver:0x0A101248), cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00A00F12(ver:0x0A001238), cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A00F11(ver:0x0A0011D5); - Update AMD CPU microcode for processor family 0x17: cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00830F10(ver:0x0830107C); - Fix CVE-2023-31315 (AMD-SB-7014), CVE-2023-20592 (AMD-SB-3005) - Update AMD CPU microcode to 2024-08-11</summary> <pushcount>0</pushcount> <issued date="2024-09-25 18:18:46 UTC" /> <updated date="2024-09-25 18:18:46 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1727288321.html" id="CLSA-2024:1727288321" title="CLSA-2024:1727288321" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="noarch" epoch="0" name="iwl100-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="39.31.5.1"> <filename>iwl100-firmware-39.31.5.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">972a45746c118820f9580a0dc2fa8350e754741f6ffbb9817ea1abb95482dd1b</sum> </package> <package arch="noarch" epoch="1" name="iwl1000-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="39.31.5.1"> <filename>iwl1000-firmware-39.31.5.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">4eeb982a0880e099445e605041075973b839905bf3bad37778ad73ea48ec1447</sum> </package> <package arch="noarch" epoch="0" name="iwl105-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="18.168.6.1"> <filename>iwl105-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">80197e7824b424222f1019b69d5bf9700189d23e4385ed7f37694988e2f63ac3</sum> </package> <package arch="noarch" epoch="0" name="iwl135-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="18.168.6.1"> <filename>iwl135-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">3c3d118822d3c059ace345d308f3945ecd8cf2d723492a252a9e39344cab1ce0</sum> </package> <package arch="noarch" epoch="0" name="iwl2000-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="18.168.6.1"> <filename>iwl2000-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">dba7c2091bdac96b2abb6fd90bdcad5bfa9580726ae059255afe20b14968c0bd</sum> </package> <package arch="noarch" epoch="0" name="iwl2030-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="18.168.6.1"> <filename>iwl2030-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">77f72940a00eee64df66dbf3b2e484deeb6b31f44e5573750fb932b7269e6a2e</sum> </package> <package arch="noarch" epoch="0" name="iwl3160-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="25.30.13.0"> <filename>iwl3160-firmware-25.30.13.0-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">8249c7a3cec20f4fc7f48faa1aa5a6de8c462a2ab84e68361befbae6dfb0f0e9</sum> </package> <package arch="noarch" epoch="0" name="iwl3945-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="15.32.2.9"> <filename>iwl3945-firmware-15.32.2.9-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">8a49153c461480cf55bbda858f76c639d82f551b4c9e5babec8f8ca633826c02</sum> </package> <package arch="noarch" epoch="0" name="iwl4965-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="228.61.2.24"> <filename>iwl4965-firmware-228.61.2.24-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">279ca7f090e4097ac32590b4d4d3294605aec2973f95970bc5a10ea0028b8863</sum> </package> <package arch="noarch" epoch="0" name="iwl5000-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="8.83.5.1_1"> <filename>iwl5000-firmware-8.83.5.1_1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">66bdcd352dbf0dad246b6427f4b268349416615b9de642042f444773128044f3</sum> </package> <package arch="noarch" epoch="0" name="iwl5150-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="8.24.2.2"> <filename>iwl5150-firmware-8.24.2.2-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">f9f3aa6691aa76433268554100f833ba115de8dd4c04d5c3c6e45df266f8fc0b</sum> </package> <package arch="noarch" epoch="0" name="iwl6000-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="9.221.4.1"> <filename>iwl6000-firmware-9.221.4.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">75e3a39cb350f1cb3b86e12ee249188f9abeebe3dc8928f271035782026bf083</sum> </package> <package arch="noarch" epoch="0" name="iwl6000g2a-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="18.168.6.1"> <filename>iwl6000g2a-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">0138971c7f404ac5eacf3199a22a9b6f56bba8e4d9b1a0a0770fbba0c35cd8c1</sum> </package> <package arch="noarch" epoch="0" name="iwl6000g2b-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="18.168.6.1"> <filename>iwl6000g2b-firmware-18.168.6.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">32d670fd74bb0ad74086b25ce1884cd060700a72b558a70ea1bb987f9a766a5c</sum> </package> <package arch="noarch" epoch="0" name="iwl6050-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="41.28.5.1"> <filename>iwl6050-firmware-41.28.5.1-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">d4dfd922dc7b34dff910293b473957c59385f83da3b2d7300ab5b10b9c9625c1</sum> </package> <package arch="noarch" epoch="0" name="iwl7260-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="25.30.13.0"> <filename>iwl7260-firmware-25.30.13.0-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">94b4f82646e76d7d03c6774eaa862270d21493fd99c08a4d8cfdab17f215e227</sum> </package> <package arch="noarch" epoch="0" name="linux-firmware" release="83.git78c0348.el7_9.tuxcare.els2" src="linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.src.rpm" version="20200421"> <filename>linux-firmware-20200421-83.git78c0348.el7_9.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">ac05923d38bc42ea87323ee40dd8d8387986d3ee6b9027ad872065fc966fb4bf</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1727288730</id> <title>php: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2020-7071: fix URL validation with functions like filter_var($url, FILTER_VALIDATE_URL) - CVE-2021-21705: fix URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter when an URL with invalid password field can be accepted as valid</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2020-7071: fix URL validation with functions like filter_var($url, FILTER_VALIDATE_URL) - CVE-2021-21705: fix URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter when an URL with invalid password field can be accepted as valid</summary> <pushcount>0</pushcount> <issued date="2024-09-25 18:25:35 UTC" /> <updated date="2024-09-25 18:25:35 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1727288730.html" id="CLSA-2024:1727288730" title="CLSA-2024:1727288730" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="php" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">91b96e592deef81589c491e475181ebdf470f512f68525e335e9777583a1fb45</sum> </package> <package arch="x86_64" epoch="0" name="php-bcmath" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-bcmath-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">82125b8f28d81b53fd393e0bcb4d2aad0d4af1e7fc447342731e06e052a986f4</sum> </package> <package arch="x86_64" epoch="0" name="php-cli" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-cli-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">616ea1249ee17763608b47ce06c46009b95e2fe81caef69e68e18531f6188165</sum> </package> <package arch="x86_64" epoch="0" name="php-common" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-common-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">237d09043ceb63c0603dae79843f06cf0ef7982a47a9f2e325f6da17f79ba87c</sum> </package> <package arch="x86_64" epoch="0" name="php-dba" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-dba-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">c9ab93628bfafa0b11e84a5eac1c501b1631f91719fe5e9b31dd9a12522de5dd</sum> </package> <package arch="x86_64" epoch="0" name="php-devel" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-devel-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">e7c609ce08d0864957842a5acc49fd271c28477a73c6096ff63d1fda16ac9431</sum> </package> <package arch="x86_64" epoch="0" name="php-embedded" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-embedded-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">3dfc5399761cce7afe98bd6ff5026e1af0bd305af6377302a871f66ef8a86d9e</sum> </package> <package arch="x86_64" epoch="0" name="php-enchant" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-enchant-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">24f3a9509415ef9acd5fdacc494d460034177b084c813dd4993da4dbc8d6c7db</sum> </package> <package arch="x86_64" epoch="0" name="php-fpm" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-fpm-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">face77e0d662e27366f4e7566355e0b251390531d9653ab84f1aae880b197d97</sum> </package> <package arch="x86_64" epoch="0" name="php-gd" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-gd-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">ac1969c02eac9bda199a14d8d555a3e89f6d34c64dc0c64e84874d2e232b1622</sum> </package> <package arch="x86_64" epoch="0" name="php-intl" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-intl-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">74f82f7a8a7b1ae2ac63e7d0884b71aacb2573d67733e70fe29be5b0fe039938</sum> </package> <package arch="x86_64" epoch="0" name="php-ldap" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-ldap-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">a8e417d65265bfdf16c50948ec976a098bc49b4c88a21263c64677cc1562602a</sum> </package> <package arch="x86_64" epoch="0" name="php-mbstring" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-mbstring-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">9a146dc91ccb8ba33e275c989a0fa2ec2dd051a55cb5e25938ed28881407e168</sum> </package> <package arch="x86_64" epoch="0" name="php-mysql" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-mysql-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">fc73a4edd4148fcf91f45a07485e836b320260f3ff207e721b14706b808fe896</sum> </package> <package arch="x86_64" epoch="0" name="php-mysqlnd" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-mysqlnd-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">57dbf9c80e9f3ef9c0861bd3ada198170fc5a9d668b1480d4d31fcd1daf88c03</sum> </package> <package arch="x86_64" epoch="0" name="php-odbc" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-odbc-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">4df45113ac6c13950983986e0d595f37e4855b31938be597c150450adf5e35b7</sum> </package> <package arch="x86_64" epoch="0" name="php-pdo" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-pdo-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">1c0eba16e0ea248cb6deceb15f8596c350102e32518f28455acc668a984fa40c</sum> </package> <package arch="x86_64" epoch="0" name="php-pgsql" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-pgsql-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">da6e3b289cf8e9dccb9f39e893afd3dd5acad95224896e2477859ea57d3f68cd</sum> </package> <package arch="x86_64" epoch="0" name="php-process" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-process-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">13e9361bc7b713f32de3fe3c155fd9a074c936dd271dbef9ae6136bc25b812db</sum> </package> <package arch="x86_64" epoch="0" name="php-pspell" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-pspell-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">87273b7ed8fd579a4ff42883dc4d4bf5bececff2c8c4e5330debe7c1f5c1b950</sum> </package> <package arch="x86_64" epoch="0" name="php-recode" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-recode-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">bb14bb347d2915c3b44f5fdf77d9b4fcd66990046edc33e84bf61f2616e08641</sum> </package> <package arch="x86_64" epoch="0" name="php-snmp" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-snmp-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">b6805a8e9780203c53d4c71859aa6e25215198b3e1195b9c327ef8c946387aa4</sum> </package> <package arch="x86_64" epoch="0" name="php-soap" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-soap-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">49ea299924b52de5a18d0227cafb6169fbff57ecdb02542825ee0c6eca1d2a90</sum> </package> <package arch="x86_64" epoch="0" name="php-xml" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-xml-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">a461739866d642872691e721f5c1450b1497ac7fe3e3d7043b3fbfceca99c458</sum> </package> <package arch="x86_64" epoch="0" name="php-xmlrpc" release="48.el7.tuxcare.els2" src="php-5.4.16-48.el7.tuxcare.els2.src.rpm" version="5.4.16"> <filename>php-xmlrpc-5.4.16-48.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">cee2281d806b0314e73c262fe4caf971152e2d6ff16e26f2698dd1601ee7fa7a</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1727289133</id> <title>python3: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-6232: remove backtracking when parsing tarfile headers - CVE-2024-7592: fix quadratic complexity in parsing "-quoted cookie values with backslashes</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-6232: remove backtracking when parsing tarfile headers - CVE-2024-7592: fix quadratic complexity in parsing "-quoted cookie values with backslashes</summary> <pushcount>0</pushcount> <issued date="2024-09-25 18:32:18 UTC" /> <updated date="2024-09-25 18:32:18 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1727289133.html" id="CLSA-2024:1727289133" title="CLSA-2024:1727289133" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="python3" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-3.6.8-21.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha256">bc2e4502e1fabf66232ff0f43f1151788d90e14c448d6c1ca284a7d0db11203b</sum> </package> <package arch="x86_64" epoch="0" name="python3" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">018928f7ecf11b7758489cf664b022dd2b8261c9bd48560d332b8743cdee54d4</sum> </package> <package arch="i686" epoch="0" name="python3-debug" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-21.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha256">4359722a03158295398fed6b755812ca88507a034003c895c3ad2bf90c0b1070</sum> </package> <package arch="x86_64" epoch="0" name="python3-debug" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">10bbd5639e9bb81b98f10c36039f9ad1d3e96f939ebe53b6eaaa738d396a5bb3</sum> </package> <package arch="i686" epoch="0" name="python3-devel" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-21.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha256">5a2032eac3c5367015c63a6017245cdb0cf43ba00a726ce2cbc1cc049ea5b8d2</sum> </package> <package arch="x86_64" epoch="0" name="python3-devel" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">5fdef25a3109a005fa60e4e8e34d1e1fc7838b68b53934445eabb57d74616f71</sum> </package> <package arch="i686" epoch="0" name="python3-idle" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-21.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha256">b8b082040eda32e39efe352458ef6f375429ebc533d78a3a7f835d1d3371be71</sum> </package> <package arch="x86_64" epoch="0" name="python3-idle" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">eacf88a4509dd5c65be6f9b54746b3e8f6d22557d9b80cdb78c521d207d11145</sum> </package> <package arch="i686" epoch="0" name="python3-libs" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-21.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha256">bd6d0fd326e16db6145fcfa8abd73c9d2183b90506a230c929e85668236fd354</sum> </package> <package arch="x86_64" epoch="0" name="python3-libs" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">3bfb8d3df2d5b13a921cd102f614a0c5fc540a57c133d58bbaa20557c8e4c0ac</sum> </package> <package arch="i686" epoch="0" name="python3-test" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-21.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha256">f801d80020c7a340a27c943822ec341ea65a0b65c15b3c6267dbe2dea8b36965</sum> </package> <package arch="x86_64" epoch="0" name="python3-test" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">7cfb03fc4ee2b473f1d5d01aed96122ce247938d9ed6141c35686bd3e69b30f2</sum> </package> <package arch="i686" epoch="0" name="python3-tkinter" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-21.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha256">9ad11a66ba70d403360cbee149f2128290581761d2529cd030d9b762eb061283</sum> </package> <package arch="x86_64" epoch="0" name="python3-tkinter" release="21.el7_9.tuxcare.els4" src="python3-3.6.8-21.el7_9.tuxcare.els4.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">294e8ea7c05e97e60c59f0dbf4cf35a3e349d91da787db72cfb24fc72621d903</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1727289456</id> <title>python: Fix of CVE-2024-6232</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-6232: fixed regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-6232: fixed regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.</summary> <pushcount>0</pushcount> <issued date="2024-09-25 18:37:41 UTC" /> <updated date="2024-09-25 18:37:41 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1727289456.html" id="CLSA-2024:1727289456" title="CLSA-2024:1727289456" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="python" release="94.el7_9.tuxcare.els4" src="python-2.7.5-94.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">84ddd876f26a6a87440641144dd8358445e414d0b491f54bd995bf8a4dceecac</sum> </package> <package arch="x86_64" epoch="0" name="python-debug" release="94.el7_9.tuxcare.els4" src="python-2.7.5-94.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-debug-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">f1aaeb71dc3f410e7c1dfa89fd877a8e727356c885378fbc3732c1f9f4622238</sum> </package> <package arch="x86_64" epoch="0" name="python-devel" release="94.el7_9.tuxcare.els4" src="python-2.7.5-94.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-devel-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">c62ef0c759a86b15187c9547802f3694954e36520563f5b618c4d0ca347f98d1</sum> </package> <package arch="i686" epoch="0" name="python-libs" release="94.el7_9.tuxcare.els4" src="python-2.7.5-94.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-94.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha256">59a0bbb309c161a5082e8142fbb15f1589f32c45d6a23ef3e0a3010a8c0b345d</sum> </package> <package arch="x86_64" epoch="0" name="python-libs" release="94.el7_9.tuxcare.els4" src="python-2.7.5-94.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">b46c246b21227c46c617bb933f2d6acfb0945c5df60739cf1fdf3e94c2106870</sum> </package> <package arch="x86_64" epoch="0" name="python-test" release="94.el7_9.tuxcare.els4" src="python-2.7.5-94.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-test-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">ee2c8d8e72326779f61f003bb5a151050ba8ed903429d23b91dfc187bafb56a1</sum> </package> <package arch="x86_64" epoch="0" name="python-tools" release="94.el7_9.tuxcare.els4" src="python-2.7.5-94.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>python-tools-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">532fdf0290bfed042fc0e808c9ec5d05b0d5829ee5f88a9feb165124d1f0bee0</sum> </package> <package arch="x86_64" epoch="0" name="tkinter" release="94.el7_9.tuxcare.els4" src="python-2.7.5-94.el7_9.tuxcare.els4.src.rpm" version="2.7.5"> <filename>tkinter-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">a3cf13aa9f33939c214389f5e646327285e7b18d469c5cf7e75e61a75063b6b2</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1727692412</id> <title>kernel: Fix of 5 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- sch/netem: fix use after free in netem_dequeue {CVE-2024-46800} - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() {CVE-2024-46738} - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number {CVE-2024-46724} - drm/amdgpu: fix ucode out-of-bounds read warning {CVE-2024-46723} - drm/amdgpu: fix mc_data out-of-bounds read warning {CVE-2024-46722}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- sch/netem: fix use after free in netem_dequeue {CVE-2024-46800} - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() {CVE-2024-46738} - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number {CVE-2024-46724} - drm/amdgpu: fix ucode out-of-bounds read warning {CVE-2024-46723} - drm/amdgpu: fix mc_data out-of-bounds read warning {CVE-2024-46722}</summary> <pushcount>0</pushcount> <issued date="2024-09-30 10:33:35 UTC" /> <updated date="2024-09-30 10:33:35 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1727692412.html" id="CLSA-2024:1727692412" title="CLSA-2024:1727692412" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els8" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els8.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">97df0e85d02dc921e402d7cac7a8225949b5b0a0245bc6126fab143edf7b377e</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els8" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els8.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">35202408c77d7b5e927c35a067fbfea716607e8e8176709feebc4069788daa5a</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els8" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els8.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">6ac9d7ce91df0264b9890dfc4dc0e046bbbb01b69cee4d3582a6659aae60d55d</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els8" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els8.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">38c751776590bd4f6695a86b157b9f9e9540bfd4cdb1ed25fd3eace03c7809d1</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els8" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els8.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">4bee98ef7aa42e117610fc61489b17d99e6d2dc6469030e29a2f92a7b96bec38</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els8" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els8.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">25346b7ba17d9aab0ab1e87fac5c793ad0704acea7f85ea29edee4f84a761d49</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els8" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els8.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">149c1b71327a7596004725dd9682e10d1211091f19ec0b3fb5689f2097bed1bd</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els8" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els8.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">a0afe2252411bd8a2b80d7c8770653502af55bd5e36df784b35b9c65c2e1e682</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els8" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els8.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">ab38a0b23c7c2952d48ae78790012b2b48053c9e7462a9d90cbe238b7da28b99</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els8" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els8.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">9f57debf1af47dcb0217a9d473e267b89bd1561f1e800e07b93dbb32e8ac9798</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els8" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els8.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">9c198c6778caf1c2791521085f5aadeaa403ae3f7ae7213eef64896087838ba4</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1727980155</id> <title>python: Fix of CVE-2024-7592</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess CPU resources while parsing the cookie value.</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess CPU resources while parsing the cookie value.</summary> <pushcount>0</pushcount> <issued date="2024-10-03 18:29:19 UTC" /> <updated date="2024-10-03 18:29:19 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1727980155.html" id="CLSA-2024:1727980155" title="CLSA-2024:1727980155" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="python" release="94.el7_9.tuxcare.els5" src="python-2.7.5-94.el7_9.tuxcare.els5.src.rpm" version="2.7.5"> <filename>python-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">458f1959ee24a74c42bc7a44abf96f3b6a0571b0eb014c9eda9035e7219d4b53</sum> </package> <package arch="x86_64" epoch="0" name="python-debug" release="94.el7_9.tuxcare.els5" src="python-2.7.5-94.el7_9.tuxcare.els5.src.rpm" version="2.7.5"> <filename>python-debug-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">1b221a91c6d5f3144118b239f9d2320da0e2f2296718cf2002b26da6bca7c02b</sum> </package> <package arch="x86_64" epoch="0" name="python-devel" release="94.el7_9.tuxcare.els5" src="python-2.7.5-94.el7_9.tuxcare.els5.src.rpm" version="2.7.5"> <filename>python-devel-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">3a7528aa0cfe5c7326b17494f64d4be314778707fbac2b7f5170e6c83ed73f3c</sum> </package> <package arch="i686" epoch="0" name="python-libs" release="94.el7_9.tuxcare.els5" src="python-2.7.5-94.el7_9.tuxcare.els5.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-94.el7_9.tuxcare.els5.i686.rpm</filename> <sum type="sha256">a436b91e7b21e9df5ce1ff1de8add8cbf25b4305d95f3390afefedf41fe42b35</sum> </package> <package arch="x86_64" epoch="0" name="python-libs" release="94.el7_9.tuxcare.els5" src="python-2.7.5-94.el7_9.tuxcare.els5.src.rpm" version="2.7.5"> <filename>python-libs-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">beb13236051ba6f39129b4b670eec1b54d1a52db49ffde6ac84fc912a52fcf72</sum> </package> <package arch="x86_64" epoch="0" name="python-test" release="94.el7_9.tuxcare.els5" src="python-2.7.5-94.el7_9.tuxcare.els5.src.rpm" version="2.7.5"> <filename>python-test-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">74228514a2c3edd15a1231f27ccefcc708d0b90f738d164e4c169a8fadb2b608</sum> </package> <package arch="x86_64" epoch="0" name="python-tools" release="94.el7_9.tuxcare.els5" src="python-2.7.5-94.el7_9.tuxcare.els5.src.rpm" version="2.7.5"> <filename>python-tools-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">a1094755449666c47622bf641abd122939112a9534897ae6dcf46ed05db0ddc6</sum> </package> <package arch="x86_64" epoch="0" name="tkinter" release="94.el7_9.tuxcare.els5" src="python-2.7.5-94.el7_9.tuxcare.els5.src.rpm" version="2.7.5"> <filename>tkinter-2.7.5-94.el7_9.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">908e0e7e0478b565fbf087decb5795bcc917e9b3a9871439b78dc569aa6d004c</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1728055873</id> <title>emacs: Fix of CVE-2022-45939</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-45939: fix ctags local command injection vulnerability</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-45939: fix ctags local command injection vulnerability</summary> <pushcount>0</pushcount> <issued date="2024-10-04 15:31:16 UTC" /> <updated date="2024-10-04 15:31:16 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1728055873.html" id="CLSA-2024:1728055873" title="CLSA-2024:1728055873" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="1" name="emacs" release="23.el7_9.1.tuxcare.els2" src="emacs-24.3-23.el7_9.1.tuxcare.els2.src.rpm" version="24.3"> <filename>emacs-24.3-23.el7_9.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">3fac01b08a9b2b36f021f78146e11a9ba1d752f4d08752de079618b7926474c2</sum> </package> <package arch="x86_64" epoch="1" name="emacs-common" release="23.el7_9.1.tuxcare.els2" src="emacs-24.3-23.el7_9.1.tuxcare.els2.src.rpm" version="24.3"> <filename>emacs-common-24.3-23.el7_9.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">d36aebaa43b36d88dc3e8748f784a0bb7b99405cb440b7a719f9822361474c72</sum> </package> <package arch="noarch" epoch="1" name="emacs-el" release="23.el7_9.1.tuxcare.els2" src="emacs-24.3-23.el7_9.1.tuxcare.els2.src.rpm" version="24.3"> <filename>emacs-el-24.3-23.el7_9.1.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">05656bc05f85c73f3d8232d05da9250ae2533748de686d3bd7276fc0b69c3ea7</sum> </package> <package arch="noarch" epoch="1" name="emacs-filesystem" release="23.el7_9.1.tuxcare.els2" src="emacs-24.3-23.el7_9.1.tuxcare.els2.src.rpm" version="24.3"> <filename>emacs-filesystem-24.3-23.el7_9.1.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">fba14e9a91e33c96686bb035bf45b4c749fbf0ce70abba6c16eac466d4e800c4</sum> </package> <package arch="x86_64" epoch="1" name="emacs-nox" release="23.el7_9.1.tuxcare.els2" src="emacs-24.3-23.el7_9.1.tuxcare.els2.src.rpm" version="24.3"> <filename>emacs-nox-24.3-23.el7_9.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">3c0b011e6e2242d432815ed55665c737ba84524773a7ab47988cb4c5607cf961</sum> </package> <package arch="noarch" epoch="1" name="emacs-terminal" release="23.el7_9.1.tuxcare.els2" src="emacs-24.3-23.el7_9.1.tuxcare.els2.src.rpm" version="24.3"> <filename>emacs-terminal-24.3-23.el7_9.1.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">041a4137cb48c9af12b978935f7a240d30cab630f9fe788bdd54bdd0ae770043</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1728056039</id> <title>gtk3: Fix of CVE-2024-6655</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-6655: fix loading library from unstrusted search path</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-6655: fix loading library from unstrusted search path</summary> <pushcount>0</pushcount> <issued date="2024-10-04 15:34:03 UTC" /> <updated date="2024-10-04 15:34:03 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1728056039.html" id="CLSA-2024:1728056039" title="CLSA-2024:1728056039" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="gtk-update-icon-cache" release="8.el7_9.tuxcare.els1" src="gtk3-3.22.30-8.el7_9.tuxcare.els1.src.rpm" version="3.22.30"> <filename>gtk-update-icon-cache-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">fa425078b1643b37210e3e00de791c6545c982b490fffd29e7392c8af4bf27fb</sum> </package> <package arch="i686" epoch="0" name="gtk3" release="8.el7_9.tuxcare.els1" src="gtk3-3.22.30-8.el7_9.tuxcare.els1.src.rpm" version="3.22.30"> <filename>gtk3-3.22.30-8.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">5f4032175927765b7a928a908310b4c219316c4a09024076ea68cd8fbfb2945e</sum> </package> <package arch="x86_64" epoch="0" name="gtk3" release="8.el7_9.tuxcare.els1" src="gtk3-3.22.30-8.el7_9.tuxcare.els1.src.rpm" version="3.22.30"> <filename>gtk3-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">44f7174e33ad124134ae0e42ad2ab8167f4df1f90d83f2ae71909fdae7a7f1e7</sum> </package> <package arch="i686" epoch="0" name="gtk3-devel" release="8.el7_9.tuxcare.els1" src="gtk3-3.22.30-8.el7_9.tuxcare.els1.src.rpm" version="3.22.30"> <filename>gtk3-devel-3.22.30-8.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">cc6daf73983c6753432e49453349b7bef4512a1f852c60989b383ce8681ec0b0</sum> </package> <package arch="x86_64" epoch="0" name="gtk3-devel" release="8.el7_9.tuxcare.els1" src="gtk3-3.22.30-8.el7_9.tuxcare.els1.src.rpm" version="3.22.30"> <filename>gtk3-devel-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">817ec1382680bef91f8a451295583703b04841f9867be259af9f37e642979277</sum> </package> <package arch="x86_64" epoch="0" name="gtk3-devel-docs" release="8.el7_9.tuxcare.els1" src="gtk3-3.22.30-8.el7_9.tuxcare.els1.src.rpm" version="3.22.30"> <filename>gtk3-devel-docs-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">6de049e9ee3b32dbc7a4ffa0910607875a6b365dce52f8ed6af5c767833220ea</sum> </package> <package arch="x86_64" epoch="0" name="gtk3-immodule-xim" release="8.el7_9.tuxcare.els1" src="gtk3-3.22.30-8.el7_9.tuxcare.els1.src.rpm" version="3.22.30"> <filename>gtk3-immodule-xim-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">cc016935577144145587f50a92e4c82f2f3833f6e04b5bf854ea6051776e28b0</sum> </package> <package arch="x86_64" epoch="0" name="gtk3-immodules" release="8.el7_9.tuxcare.els1" src="gtk3-3.22.30-8.el7_9.tuxcare.els1.src.rpm" version="3.22.30"> <filename>gtk3-immodules-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">bc0ca6a028ed811e8dc163857782bd5b275eca27de1df10a02a419cce3b3efd4</sum> </package> <package arch="x86_64" epoch="0" name="gtk3-tests" release="8.el7_9.tuxcare.els1" src="gtk3-3.22.30-8.el7_9.tuxcare.els1.src.rpm" version="3.22.30"> <filename>gtk3-tests-3.22.30-8.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">f59fda2b94beaa556dc9206bad91b47cd2a41d65350b26098b378445618c4183</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1728297353</id> <title>kernel: Fix of 5 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- drm/amd/pm: fix the Out-of-bounds read warning {CVE-2024-46731} - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes {CVE-2024-46756} - hwmon: (lm95234) Fix underflows seen when writing limit attributes {CVE-2024-46758} - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes {CVE-2024-46757} - kernel/exit.c: avoid undefined behaviour when calling wait4() {CVE-2018-10087}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- drm/amd/pm: fix the Out-of-bounds read warning {CVE-2024-46731} - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes {CVE-2024-46756} - hwmon: (lm95234) Fix underflows seen when writing limit attributes {CVE-2024-46758} - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes {CVE-2024-46757} - kernel/exit.c: avoid undefined behaviour when calling wait4() {CVE-2018-10087}</summary> <pushcount>0</pushcount> <issued date="2024-10-07 10:35:57 UTC" /> <updated date="2024-10-07 10:35:57 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1728297353.html" id="CLSA-2024:1728297353" title="CLSA-2024:1728297353" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els9" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els9.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">5cd1482096bec2293a219efa7b5e4818c88188dc2c23a29d66349f76886a2c07</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els9" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els9.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">b90f672950d3784cce0f87ab79acaee264f7dfc80e4f2d87273bff1ec596d380</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els9" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els9.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">12abfe328eb10c044869c8300ed8a0c9438af9f7ac2f23e7a9dd70ffabca18bf</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els9" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els9.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">df722cd5c50d2b0dced5c57c668f2d45be3b118fd1464687f939da5d85265a2e</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els9" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els9.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">d0daf8004ace74cd77a19127847f4d1b731aa4359160e068b5ff8500d6bb0aea</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els9" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els9.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">1fcd66051e5791fe5ef150a4a8ad51c6d4da06e8b0b37ff202a0af288eff4075</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els9" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els9.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">086bb96816ca37b5788b3c370f0711ac8c776d23eea78c378b704a0b57a240cc</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els9" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els9.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">61daaae06407041abd869fe88afea08094430bb4a434752552540bbddc03ae09</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els9" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els9.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">573269f54a8015a92a626d1af2b3058233f3fd1c462e644247e38a95df73e8a3</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els9" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els9.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">92022c1b3d694bea05c7f6385a0e9f5082a76a44ed9afc87319b976daeab1066</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els9" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els9.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">1c998fe49c371eee228025a6ac191dfbf937c95f3a49781dba2591d69db2a8df</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1728934930</id> <title>emacs: Fix of CVE-2024-39331</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-39331: do not expand link abbrevs that contain unsafe function</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-39331: do not expand link abbrevs that contain unsafe function</summary> <pushcount>0</pushcount> <issued date="2024-10-14 19:42:13 UTC" /> <updated date="2024-10-14 19:42:13 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1728934930.html" id="CLSA-2024:1728934930" title="CLSA-2024:1728934930" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="1" name="emacs" release="23.el7_9.1.tuxcare.els3" src="emacs-24.3-23.el7_9.1.tuxcare.els3.src.rpm" version="24.3"> <filename>emacs-24.3-23.el7_9.1.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">a51710636afbf87ea07b5ac6fd47a862faf6e5f38d68d91930c9c0e2ed88ab83</sum> </package> <package arch="x86_64" epoch="1" name="emacs-common" release="23.el7_9.1.tuxcare.els3" src="emacs-24.3-23.el7_9.1.tuxcare.els3.src.rpm" version="24.3"> <filename>emacs-common-24.3-23.el7_9.1.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">e2aa5131cb96d61e2d39f9791259c76813581b55333bd2afbd5fbe137b847a14</sum> </package> <package arch="noarch" epoch="1" name="emacs-el" release="23.el7_9.1.tuxcare.els3" src="emacs-24.3-23.el7_9.1.tuxcare.els3.src.rpm" version="24.3"> <filename>emacs-el-24.3-23.el7_9.1.tuxcare.els3.noarch.rpm</filename> <sum type="sha256">45cfd5d1ed8f02274423bd2cea54b287eaec6e7838d28f02a10993aafdc998c1</sum> </package> <package arch="noarch" epoch="1" name="emacs-filesystem" release="23.el7_9.1.tuxcare.els3" src="emacs-24.3-23.el7_9.1.tuxcare.els3.src.rpm" version="24.3"> <filename>emacs-filesystem-24.3-23.el7_9.1.tuxcare.els3.noarch.rpm</filename> <sum type="sha256">2c99f8ac8e50bf32ba123593cd0cbbb6796b224f2a9739224d0a3314fb9460e2</sum> </package> <package arch="x86_64" epoch="1" name="emacs-nox" release="23.el7_9.1.tuxcare.els3" src="emacs-24.3-23.el7_9.1.tuxcare.els3.src.rpm" version="24.3"> <filename>emacs-nox-24.3-23.el7_9.1.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">48cb7344cdc7877c963a17bc9c8d19469aa7fe50f9bb0a7c16d1a05c1924be35</sum> </package> <package arch="noarch" epoch="1" name="emacs-terminal" release="23.el7_9.1.tuxcare.els3" src="emacs-24.3-23.el7_9.1.tuxcare.els3.src.rpm" version="24.3"> <filename>emacs-terminal-24.3-23.el7_9.1.tuxcare.els3.noarch.rpm</filename> <sum type="sha256">cdc74a32f6e6bb4b8d35c81adeac6d0575331e688b1d7a346fd55d4721a79b0d</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1728935304</id> <title>kernel: Fix of 12 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- xfs: don't walk off the end of a directory data block {CVE-2024-41013} - net/sched: cls_u32: fix netns refcount changes in u32_change() {CVE-2022-29581} - net/packet: fix slab-out-of-bounds access in packet_recvmsg() {CVE-2022-20368} - openvswitch: fix OOB access in reserve_sfa_size() {CVE-2022-2639} - net: sched: fix use-after-free in tc_new_tfilter() {CVE-2022-1055} - wifi: cfg80211: fix BSS refcounting bugs {CVE-2022-42720} - wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans() {CVE-2022-41674} - igmp: Add ip_mc_list lock in ip_check_mc_rcu {CVE-2022-20141} - af_key: Do not call xfrm_probe_algs in parallel {CVE-2022-3028} - drm/amd/display: Check gpio_id before used as array index {CVE-2024-46818} - drm/amd/display: Check link_index before accessing dc->links[] {CVE-2024-46813} - Squashfs: sanity check symbolic link size {CVE-2024-46744}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- xfs: don't walk off the end of a directory data block {CVE-2024-41013} - net/sched: cls_u32: fix netns refcount changes in u32_change() {CVE-2022-29581} - net/packet: fix slab-out-of-bounds access in packet_recvmsg() {CVE-2022-20368} - openvswitch: fix OOB access in reserve_sfa_size() {CVE-2022-2639} - net: sched: fix use-after-free in tc_new_tfilter() {CVE-2022-1055} - wifi: cfg80211: fix BSS refcounting bugs {CVE-2022-42720} - wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans() {CVE-2022-41674} - igmp: Add ip_mc_list lock in ip_check_mc_rcu {CVE-2022-20141} - af_key: Do not call xfrm_probe_algs in parallel {CVE-2022-3028} - drm/amd/display: Check gpio_id before used as array index {CVE-2024-46818} - drm/amd/display: Check link_index before accessing dc->links[] {CVE-2024-46813} - Squashfs: sanity check symbolic link size {CVE-2024-46744}</summary> <pushcount>0</pushcount> <issued date="2024-10-14 19:53:58 UTC" /> <updated date="2024-10-14 19:53:58 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1728935304.html" id="CLSA-2024:1728935304" title="CLSA-2024:1728935304" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els10" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els10.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm</filename> <sum type="sha256">53b989659b024c32af63b247bd3af9cfd5854df49df28f064b436fea7c7f40ad</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els10" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els10.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm</filename> <sum type="sha256">89bc4cac8b8efac970d5f00dcef004410fd25f4ed234ea32ce540782069ad972</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els10" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els10.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm</filename> <sum type="sha256">a16f430b40fa68a5e462589ea1bd6f2d3bdf69f10a574ebce1bb275bffe733dc</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els10" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els10.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm</filename> <sum type="sha256">89dea9017746e030e5630d133a52547cc0504e85a2229644ef74c42c273c8e99</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els10" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els10.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm</filename> <sum type="sha256">8a9e78584e9df243b57f97fe0fd7c0af317b0e74b0d2afcba61643b67247a4c5</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els10" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els10.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm</filename> <sum type="sha256">f15defb7a720a57b534471f19ff7348b8d71682b5d92aada816f306fe15bbb9e</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els10" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els10.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm</filename> <sum type="sha256">64e93d500ff631069d3728d9dd99c5c473a40b826ac1f39f37258de88253c28f</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els10" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els10.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm</filename> <sum type="sha256">b7e6ddb8bf73dc2dc029b5aaca56b745d8a1b9f94b7bb83b9f6e0c677a4076cc</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els10" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els10.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm</filename> <sum type="sha256">4fa9af4436e6c1e627af5383440eb0b8aaeddd01639bf896166c4668e8f7ba8c</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els10" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els10.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm</filename> <sum type="sha256">9e5077685ed8fe3bf3535d27ed33b3dea8abcb4bfeef28173204650cfc2b399d</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els10" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els10.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els10.x86_64.rpm</filename> <sum type="sha256">45454fc2e41dc9e8bb13fc202f36eee19f04cac6c41c22fe055ba4fd3a39db4c</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1729512774</id> <title>python-pip: Fix of CVE-2024-37891</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-37891: strip Proxy-Authorization header on redirects</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-37891: strip Proxy-Authorization header on redirects</summary> <pushcount>0</pushcount> <issued date="2024-10-21 12:12:58 UTC" /> <updated date="2024-10-21 12:12:58 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1729512774.html" id="CLSA-2024:1729512774" title="CLSA-2024:1729512774" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="noarch" epoch="0" name="python3-pip" release="8.el7.tuxcare.els1" src="python-pip-9.0.3-8.el7.tuxcare.els1.src.rpm" version="9.0.3"> <filename>python3-pip-9.0.3-8.el7.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">a9d2d61394c21551134d18ef051e068887f828135ea9c6631f0b96d632ed3e5d</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1729513208</id> <title>unbound: Fix of CVE-2023-50868</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-50868: avoid availabiluty of the remote attackers to cause a denial of service using DNSSEC</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-50868: avoid availabiluty of the remote attackers to cause a denial of service using DNSSEC</summary> <pushcount>0</pushcount> <issued date="2024-10-21 12:20:12 UTC" /> <updated date="2024-10-21 12:20:12 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1729513208.html" id="CLSA-2024:1729513208" title="CLSA-2024:1729513208" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="unbound" release="5.el7_8.tuxcare.els3" src="unbound-1.6.6-5.el7_8.tuxcare.els3.src.rpm" version="1.6.6"> <filename>unbound-1.6.6-5.el7_8.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">a132545f34cf0706b21f527fa5bd2742128080e0135f829ed783d8a1d88cd22a</sum> </package> <package arch="i686" epoch="0" name="unbound-devel" release="5.el7_8.tuxcare.els3" src="unbound-1.6.6-5.el7_8.tuxcare.els3.src.rpm" version="1.6.6"> <filename>unbound-devel-1.6.6-5.el7_8.tuxcare.els3.i686.rpm</filename> <sum type="sha256">15f60a115d85f869a0aa90c3ef1e2d55863de5b097d3a39543294273dd8cfbf5</sum> </package> <package arch="x86_64" epoch="0" name="unbound-devel" release="5.el7_8.tuxcare.els3" src="unbound-1.6.6-5.el7_8.tuxcare.els3.src.rpm" version="1.6.6"> <filename>unbound-devel-1.6.6-5.el7_8.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">7ac1f09f7c88bdd78241ced4b4f514d75f79e3166afe9f9c7ad0a15c7f9a2e5e</sum> </package> <package arch="i686" epoch="0" name="unbound-libs" release="5.el7_8.tuxcare.els3" src="unbound-1.6.6-5.el7_8.tuxcare.els3.src.rpm" version="1.6.6"> <filename>unbound-libs-1.6.6-5.el7_8.tuxcare.els3.i686.rpm</filename> <sum type="sha256">68529e2e355673f3c5670b69252eec62e3bbf4f2b31d2ff60d72efe4890f202a</sum> </package> <package arch="x86_64" epoch="0" name="unbound-libs" release="5.el7_8.tuxcare.els3" src="unbound-1.6.6-5.el7_8.tuxcare.els3.src.rpm" version="1.6.6"> <filename>unbound-libs-1.6.6-5.el7_8.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">7ed3d7d86af5e7d2ed238601e8e397aa0756db054e4fe490b50b7a35354a7ec6</sum> </package> <package arch="x86_64" epoch="0" name="unbound-python" release="5.el7_8.tuxcare.els3" src="unbound-1.6.6-5.el7_8.tuxcare.els3.src.rpm" version="1.6.6"> <filename>unbound-python-1.6.6-5.el7_8.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">7de7987a2cf44ac9932a3e25696a05a8865a8436c48d40a4872d099dc959f092</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1729546973</id> <title>libtiff: Fix of CVE-2024-7006</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-7006: check return value of _TIFFCreateAnonField()</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-7006: check return value of _TIFFCreateAnonField()</summary> <pushcount>0</pushcount> <issued date="2024-10-21 21:42:56 UTC" /> <updated date="2024-10-21 21:42:56 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1729546973.html" id="CLSA-2024:1729546973" title="CLSA-2024:1729546973" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libtiff" release="35.el7.tuxcare.els2" src="libtiff-4.0.3-35.el7.tuxcare.els2.src.rpm" version="4.0.3"> <filename>libtiff-4.0.3-35.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha256">2cd77bde84147349654353887e19f26b76641db0a0b082a42e528629f06df9a6</sum> </package> <package arch="x86_64" epoch="0" name="libtiff" release="35.el7.tuxcare.els2" src="libtiff-4.0.3-35.el7.tuxcare.els2.src.rpm" version="4.0.3"> <filename>libtiff-4.0.3-35.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">91738eefb26a1df5267d49b100edc60f676f5a6a8d80b768deadf016fef88a20</sum> </package> <package arch="i686" epoch="0" name="libtiff-devel" release="35.el7.tuxcare.els2" src="libtiff-4.0.3-35.el7.tuxcare.els2.src.rpm" version="4.0.3"> <filename>libtiff-devel-4.0.3-35.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha256">3e27671824faa9e89a28a782efe97b5e287e577c7ed530acd5785ba5dd96504e</sum> </package> <package arch="x86_64" epoch="0" name="libtiff-devel" release="35.el7.tuxcare.els2" src="libtiff-4.0.3-35.el7.tuxcare.els2.src.rpm" version="4.0.3"> <filename>libtiff-devel-4.0.3-35.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">6a31876e08323eab9a6ab850183648befdcb74a88ab304a86ed0593a61de3cf2</sum> </package> <package arch="i686" epoch="0" name="libtiff-static" release="35.el7.tuxcare.els2" src="libtiff-4.0.3-35.el7.tuxcare.els2.src.rpm" version="4.0.3"> <filename>libtiff-static-4.0.3-35.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha256">63cf40eb0e24f3edb45b6b8d263502bec9134fe1e6378d27e840498caeff47d1</sum> </package> <package arch="x86_64" epoch="0" name="libtiff-static" release="35.el7.tuxcare.els2" src="libtiff-4.0.3-35.el7.tuxcare.els2.src.rpm" version="4.0.3"> <filename>libtiff-static-4.0.3-35.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">873d0c4a9c83a7626a1f4933825a14abc7a81f9fe68a7f53c8df4eddb816994d</sum> </package> <package arch="x86_64" epoch="0" name="libtiff-tools" release="35.el7.tuxcare.els2" src="libtiff-4.0.3-35.el7.tuxcare.els2.src.rpm" version="4.0.3"> <filename>libtiff-tools-4.0.3-35.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">422fb8fb9189919e8b8ba4e516a960a1639ea48a229d22b3e7f1857a01874a2f</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1729628764</id> <title>php: Fix of CVE-2024-8927</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-8927: Fix bypass of cgi.force_redirect configuration</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-8927: Fix bypass of cgi.force_redirect configuration</summary> <pushcount>0</pushcount> <issued date="2024-10-22 20:26:08 UTC" /> <updated date="2024-10-22 20:26:08 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1729628764.html" id="CLSA-2024:1729628764" title="CLSA-2024:1729628764" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="php" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">387a2c4f23e7837cc611f3de4d4ecb1670766a91fa3dd3f2e8c7a4a2a8a5c6d9</sum> </package> <package arch="x86_64" epoch="0" name="php-bcmath" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-bcmath-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">dc5ff40b54c3a100a6b63b12e9793386324f5a78f9f83d09a74456b87dc2b32c</sum> </package> <package arch="x86_64" epoch="0" name="php-cli" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-cli-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">2e1bfae07bdc63164b39e2809e1db16cff07130468db9b3b058ece0b185b81d9</sum> </package> <package arch="x86_64" epoch="0" name="php-common" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-common-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">862e023bbf8551a8c8bf38ff1b24160886b55d7bc003b79ea5df86464b95def1</sum> </package> <package arch="x86_64" epoch="0" name="php-dba" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-dba-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">9fc3c69d8ccf8eceb41d5729f39a50b5e34487eb25ec5ddf8f324e31ea2c817b</sum> </package> <package arch="x86_64" epoch="0" name="php-devel" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-devel-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">4d521228f84916f1eef125be10316068c291fd3896ca656e91bb504c87456378</sum> </package> <package arch="x86_64" epoch="0" name="php-embedded" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-embedded-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">68bf0ac0ae3dc216e477f7321262ee76a949b66bc6380c062f3c6823aab5e838</sum> </package> <package arch="x86_64" epoch="0" name="php-enchant" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-enchant-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">0f843c964ddf8a062cb6b45a645d1cad12d804908660b2b9990228f601842dbe</sum> </package> <package arch="x86_64" epoch="0" name="php-fpm" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-fpm-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">6f454b18e1470b046aeafec19f8c6bc61bef93099915155d85acad3ec9cd1fec</sum> </package> <package arch="x86_64" epoch="0" name="php-gd" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-gd-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">face26db9412d007ecc6bb14f4755f69decd949915455458cf74a9e78db53e8e</sum> </package> <package arch="x86_64" epoch="0" name="php-intl" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-intl-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">229bcbf128ace2df44dbe8b3c1d0e2b15cd8a7226a019c73865bfe3082b66caa</sum> </package> <package arch="x86_64" epoch="0" name="php-ldap" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-ldap-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">b16f9afdd49d8a9ae884c3297de4ee7964da7bc8d860487e6e7f0d704e04f991</sum> </package> <package arch="x86_64" epoch="0" name="php-mbstring" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-mbstring-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">b335f1eb78b0878d2f7f62148e7e9d15f5b3b53bc6d51c832bc85b806fe37b9b</sum> </package> <package arch="x86_64" epoch="0" name="php-mysql" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-mysql-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">8d678660e26bc09c000ede32cab8bd51acf7653b3e5c69fdc344883720bdce7d</sum> </package> <package arch="x86_64" epoch="0" name="php-mysqlnd" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-mysqlnd-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">fb5c18c77cd9744de411b4aec34804822aed195b37e22f9e04bd277f99a9bdc3</sum> </package> <package arch="x86_64" epoch="0" name="php-odbc" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-odbc-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">681766ea467b5fdffa274354f5a790be359e32b53dba58ca23172f068c5b9e5c</sum> </package> <package arch="x86_64" epoch="0" name="php-pdo" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-pdo-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">cfe2b879af44b643e20db054e54394c16573b097e990a41639bb52b3303c6b0d</sum> </package> <package arch="x86_64" epoch="0" name="php-pgsql" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-pgsql-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">d826aa733952d7ee856d2c55e3adebf2fb794de2191d7a97e8ab673238126d79</sum> </package> <package arch="x86_64" epoch="0" name="php-process" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-process-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">350dda2244bf7bf58ef19e988c044b84060116860e322155c8ed1737883279e9</sum> </package> <package arch="x86_64" epoch="0" name="php-pspell" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-pspell-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">0b00ee0ceea0a3769fd7ad213776858f9950467450dfed2a9d2a99b38ea10f47</sum> </package> <package arch="x86_64" epoch="0" name="php-recode" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-recode-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">501e7b821cc90fa0e276c9fb7881e2a35d8d6b7271ce3430eb57b5b35914e96c</sum> </package> <package arch="x86_64" epoch="0" name="php-snmp" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-snmp-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">c396e0d2b4a4bba2a817af287208d715a97b1943a12f6e10e6bee210c8115bd3</sum> </package> <package arch="x86_64" epoch="0" name="php-soap" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-soap-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">0bfdd76ca5e418423ad3de93de788ae8c7e95761ca3ced9df68da7398c875e05</sum> </package> <package arch="x86_64" epoch="0" name="php-xml" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-xml-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">6b184d42e4861103f63616c6cd03e543bda4b9d5e9e5454cd4d85026dcbaea43</sum> </package> <package arch="x86_64" epoch="0" name="php-xmlrpc" release="48.el7.tuxcare.els3" src="php-5.4.16-48.el7.tuxcare.els3.src.rpm" version="5.4.16"> <filename>php-xmlrpc-5.4.16-48.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">1d27f3a830bb24bfad6491f1811e11caca4700808a53fc3dd4ac675c6b834cea</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1729629058</id> <title>python-lxml: Fix of CVE-2021-43818</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2021-43818: prevent certain crafted script content passing through in HTML Cleaner</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2021-43818: prevent certain crafted script content passing through in HTML Cleaner</summary> <pushcount>0</pushcount> <issued date="2024-10-22 20:31:05 UTC" /> <updated date="2024-10-22 20:31:05 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1729629058.html" id="CLSA-2024:1729629058" title="CLSA-2024:1729629058" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="python-lxml" release="4.el7.tuxcare.els1" src="python-lxml-3.2.1-4.el7.tuxcare.els1.src.rpm" version="3.2.1"> <filename>python-lxml-3.2.1-4.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">92a16c452c1cce219ac9204ab7e461762a0b186efac71a6545cb64bd278e3d06</sum> </package> <package arch="noarch" epoch="0" name="python-lxml-docs" release="4.el7.tuxcare.els1" src="python-lxml-3.2.1-4.el7.tuxcare.els1.src.rpm" version="3.2.1"> <filename>python-lxml-docs-3.2.1-4.el7.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">02b09bda667ef686d25a6dee1a16a32589ab5bcd04bede9d386447d802b4c35c</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1730141462</id> <title>php: Fix of CVE-2024-8925</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data boundaries larger than the read buffer</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data boundaries larger than the read buffer</summary> <pushcount>0</pushcount> <issued date="2024-10-28 18:51:05 UTC" /> <updated date="2024-10-28 18:51:05 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1730141462.html" id="CLSA-2024:1730141462" title="CLSA-2024:1730141462" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="php" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">dc9004a41866e50744ac343ea5172ca9d8d1ba5c02b48c3827a6cc2c8f844644</sum> </package> <package arch="x86_64" epoch="0" name="php-bcmath" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-bcmath-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">20a352b742b4de41455830bfb572d7806dd25f2672e900899d15b452b6bf8d08</sum> </package> <package arch="x86_64" epoch="0" name="php-cli" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-cli-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">a167f2b88f836809bed2a26275a952646879c92b3084f4a1b493ffd722574cf6</sum> </package> <package arch="x86_64" epoch="0" name="php-common" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-common-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">a5ec1a406eaac9ed19969c9d198a9a05386bf724647aa65dcd50f21e606cd82e</sum> </package> <package arch="x86_64" epoch="0" name="php-dba" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-dba-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">9f2299fc775b2b1dc7dd188483e928a358ac1db51b9fce6cad43c1efa601deae</sum> </package> <package arch="x86_64" epoch="0" name="php-devel" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-devel-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">990b6b1c1411fd54d1b9cdce6df08d41f2ec5018f255f5502e56079680ba5f27</sum> </package> <package arch="x86_64" epoch="0" name="php-embedded" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-embedded-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">6575f90cc605fc58dd4cf5fefd149c7451952f05ebe3c194a5f81b78d65e432a</sum> </package> <package arch="x86_64" epoch="0" name="php-enchant" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-enchant-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">f4d8c754f2ae7ad679956584cf14d9c43645d949b82346c3e065d5dcafa1023f</sum> </package> <package arch="x86_64" epoch="0" name="php-fpm" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-fpm-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">4f035ccedd3717b5d775980c88965547f7831fc451516bb010620a8ffb429510</sum> </package> <package arch="x86_64" epoch="0" name="php-gd" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-gd-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">f151d842bf7b9c18cc21ce99890ce2383066814cc1e6dd86941ae5b1c61cfd95</sum> </package> <package arch="x86_64" epoch="0" name="php-intl" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-intl-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">72d9f6d425f4b102aaa5c9078cbfcdc5e7ac3ef208d954feea15f07a40868481</sum> </package> <package arch="x86_64" epoch="0" name="php-ldap" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-ldap-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">831e5b2605a9de18e6f6a5ee1471e783fb2fbb87e72018aeabc4dfdeabac9d84</sum> </package> <package arch="x86_64" epoch="0" name="php-mbstring" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-mbstring-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">a133d22c28fe7343f01c087ff8feb1616483767fb5cd4d648b10283dd5494680</sum> </package> <package arch="x86_64" epoch="0" name="php-mysql" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-mysql-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">3a0fa6882e2df47075c580d8c1ad0f5e06150aaad4fe9e51682a642da9868caa</sum> </package> <package arch="x86_64" epoch="0" name="php-mysqlnd" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-mysqlnd-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">4bfeafd4d3c19cd4dd6cbfb943213f97facb9c7169daa3420a1dd7702857aeff</sum> </package> <package arch="x86_64" epoch="0" name="php-odbc" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-odbc-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">fb66c9eda0d8156f481c0da980e5b8a60bcdfceb488f59903e6e68e0ab4d012f</sum> </package> <package arch="x86_64" epoch="0" name="php-pdo" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-pdo-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">6f28898c9b331dc291cdbf51ba36ea7a895009d7e95840994b5ea51d6b180615</sum> </package> <package arch="x86_64" epoch="0" name="php-pgsql" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-pgsql-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">1a8f00f727a16ec9b7201353c6303d3d2b5e3759f48998cae94eccf267410bc1</sum> </package> <package arch="x86_64" epoch="0" name="php-process" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-process-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">19d87749f0c7a8dff26f3bcaa88bedebf6b6ebfcd64196342fc4dec98f6564eb</sum> </package> <package arch="x86_64" epoch="0" name="php-pspell" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-pspell-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">339db7c4909891a6577ef0956959e0df1a2520c25b4ee74f63c77fbbca720068</sum> </package> <package arch="x86_64" epoch="0" name="php-recode" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-recode-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">96d8249667a288f1f1f528448c56f508a339dc9b8214a773d8a0746bd940d0ad</sum> </package> <package arch="x86_64" epoch="0" name="php-snmp" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-snmp-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">766c848d33c151b0e6c94f5976b4fe0409c9231d93990c450835f1e479d106ab</sum> </package> <package arch="x86_64" epoch="0" name="php-soap" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-soap-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">67b04d40821052acad65dd1e966291c7a3b2b23465c14bce70208ce88448c5c1</sum> </package> <package arch="x86_64" epoch="0" name="php-xml" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-xml-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">1101980d7ccc6fcfdf5abdbc4d233f6c4437bcc8c676bbda5ada9ceb136a237a</sum> </package> <package arch="x86_64" epoch="0" name="php-xmlrpc" release="48.el7.tuxcare.els4" src="php-5.4.16-48.el7.tuxcare.els4.src.rpm" version="5.4.16"> <filename>php-xmlrpc-5.4.16-48.el7.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">e7cad3360f95d5f9b54e5f357134021f15c20cf55e3c144578d8dc83c3a506d8</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1730142448</id> <title>python-setuptools: Fix of CVE-2024-6345</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-6345: modernize package_index VCS handling</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-6345: modernize package_index VCS handling</summary> <pushcount>0</pushcount> <issued date="2024-10-28 19:07:31 UTC" /> <updated date="2024-10-28 19:07:31 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1730142448.html" id="CLSA-2024:1730142448" title="CLSA-2024:1730142448" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="noarch" epoch="0" name="python-setuptools" release="7.el7.tuxcare.els1" src="python-setuptools-0.9.8-7.el7.tuxcare.els1.src.rpm" version="0.9.8"> <filename>python-setuptools-0.9.8-7.el7.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">2d65a9578ff7341068662edfbbf01af000fa40acc47043307fd4a93b5d809d9a</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1730142536</id> <title>python-urllib3: Fix of CVE-2024-37891</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-37891: strip Proxy-Authorization header on redirects</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-37891: strip Proxy-Authorization header on redirects</summary> <pushcount>0</pushcount> <issued date="2024-10-28 19:09:00 UTC" /> <updated date="2024-10-28 19:09:00 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1730142536.html" id="CLSA-2024:1730142536" title="CLSA-2024:1730142536" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="noarch" epoch="0" name="python-urllib3" release="7.el7.tuxcare.els1" src="python-urllib3-1.10.2-7.el7.tuxcare.els1.src.rpm" version="1.10.2"> <filename>python-urllib3-1.10.2-7.el7.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">746ccf29a96cf40f83d12e8e51be8acf8b621138de70d14dd4f7a77232cedf2b</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1730298688</id> <title>Update of microcode_ctl</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Update Intel CPU microcode to 20240813: - Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000390; - Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b0005c0; - Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x35; - Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x433; - Addition of cpuid:A06A4/0xe6 microcode (in microcode.dat) at revision 0x1e; - Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x4121; - Addition of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) at revision 0x4121; - Addition of cpuid:B06A8/0xe0 microcode (in microcode.dat) at revision 0x4121; - Addition of cpuid:C06F1/0x87 microcode (in microcode.dat) at revision 0x21000230; - Addition of cpuid:C06F2/0x87 microcode (in microcode.dat) at revision 0x21000230; - Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x32; - Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x430; - Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x411c; - Update of cpuid:50653/0x97 (SKX-SP B1) microcode (in microcode.dat) from revision 0x1000181 up to 0x1000191; - Update of cpuid:50656/0xbf (CLX-SP B0) microcode (in microcode.dat) from revision 0x4003604 up to 0x4003605; - Update of cpuid:50657/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat) from revision 0x5003604 up to 0x5003707; - Update of cpuid:5065B/0xbf (CPX-SP A1) microcode (in microcode.dat) from revision 0x7002703 up to 0x7002904; - Update of cpuid:50665/0x10 (BDX-NS A0/A1, HWL A1) microcode (in microcode.dat) from revision 0xe000014 up to 0xe000015; - Update of cpuid:506F1/0x01 (DNV B0) microcode (in microcode.dat) from revision 0x38 up to 0x3e; - Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from revision 0xd0003b9 up to 0xd0003e7; - Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from revision 0x1000268 up to 0x10002b0; - Update of cpuid:706A1/0x01 (GLK B0) microcode (in microcode.dat) from revision 0x3e up to 0x42; - Update of cpuid:706A8/0x01 (GLK-R R0) microcode (in microcode.dat) from revision 0x22 up to 0x24; - Update of cpuid:706E5/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from revision 0xc2 up to 0xc6; - Update of cpuid:806C1/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from revision 0xb4 up to 0xb8; - Update of cpuid:806C2/0xc2 (TGL-R C0) microcode (in microcode.dat) from revision 0x34 up to 0x38; - Update of cpuid:806D1/0xc2 (TGL-H R0) microcode (in microcode.dat) from revision 0x4e up to 0x52; - Update of cpuid:806E9/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806E9/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806EA/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806EB/0xd0 (WHL-U W0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806EC/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision 0x2c000290 up to 0x2c000390; - Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from revision 0x2c000290 up to 0x2c000390; - Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision 0x2c000290 up to 0x2c000390; - Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:90661/0x01 (EHL B1) microcode (in microcode.dat) from revision 0x17 up to 0x1a; - Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from revision 0x32 up to 0x35; - Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from revision 0x5 up to 0x7; - Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from revision 0x430 up to 0x433; - Update of cpuid:906C0/0x01 (JSL A0/A1) microcode (in microcode.dat) from revision 0x24000024 up to 0x24000026; - Update of cpuid:906E9/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in microcode.dat) from revision 0xf4 up to 0xf8; - Update of cpuid:906EA/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat) from revision 0xf4 up to 0xf8; - Update of cpuid:906EB/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:906EC/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat) from revision 0xf4 up to 0xf8; - Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat) from revision 0xfa up to 0x100; - Update of cpuid:A0652/0x20 (CML-H R1) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0653/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0655/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0660/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from revision 0xf8 up to 0xfe; - Update of cpuid:A0661/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from revision 0x5d up to 0x62; - Update of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) from revision 0x11d up to 0x123; - Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from revision 0x411c up to 0x4121; - Update of cpuid:B06E0/0x11 (ADL-N A0) microcode (in microcode.dat) from revision 0x12 up to 0x17; - Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x32 up to 0x35; - Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x32 up to 0x35;</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Update Intel CPU microcode to 20240813: - Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000390; - Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b0005c0; - Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x35; - Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x433; - Addition of cpuid:A06A4/0xe6 microcode (in microcode.dat) at revision 0x1e; - Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x4121; - Addition of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) at revision 0x4121; - Addition of cpuid:B06A8/0xe0 microcode (in microcode.dat) at revision 0x4121; - Addition of cpuid:C06F1/0x87 microcode (in microcode.dat) at revision 0x21000230; - Addition of cpuid:C06F2/0x87 microcode (in microcode.dat) at revision 0x21000230; - Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x32; - Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x430; - Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x411c; - Update of cpuid:50653/0x97 (SKX-SP B1) microcode (in microcode.dat) from revision 0x1000181 up to 0x1000191; - Update of cpuid:50656/0xbf (CLX-SP B0) microcode (in microcode.dat) from revision 0x4003604 up to 0x4003605; - Update of cpuid:50657/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat) from revision 0x5003604 up to 0x5003707; - Update of cpuid:5065B/0xbf (CPX-SP A1) microcode (in microcode.dat) from revision 0x7002703 up to 0x7002904; - Update of cpuid:50665/0x10 (BDX-NS A0/A1, HWL A1) microcode (in microcode.dat) from revision 0xe000014 up to 0xe000015; - Update of cpuid:506F1/0x01 (DNV B0) microcode (in microcode.dat) from revision 0x38 up to 0x3e; - Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from revision 0xd0003b9 up to 0xd0003e7; - Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from revision 0x1000268 up to 0x10002b0; - Update of cpuid:706A1/0x01 (GLK B0) microcode (in microcode.dat) from revision 0x3e up to 0x42; - Update of cpuid:706A8/0x01 (GLK-R R0) microcode (in microcode.dat) from revision 0x22 up to 0x24; - Update of cpuid:706E5/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from revision 0xc2 up to 0xc6; - Update of cpuid:806C1/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from revision 0xb4 up to 0xb8; - Update of cpuid:806C2/0xc2 (TGL-R C0) microcode (in microcode.dat) from revision 0x34 up to 0x38; - Update of cpuid:806D1/0xc2 (TGL-H R0) microcode (in microcode.dat) from revision 0x4e up to 0x52; - Update of cpuid:806E9/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806E9/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806EA/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806EB/0xd0 (WHL-U W0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806EC/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision 0x2c000290 up to 0x2c000390; - Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from revision 0x2c000290 up to 0x2c000390; - Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision 0x2c000290 up to 0x2c000390; - Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:90661/0x01 (EHL B1) microcode (in microcode.dat) from revision 0x17 up to 0x1a; - Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from revision 0x32 up to 0x35; - Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from revision 0x5 up to 0x7; - Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from revision 0x430 up to 0x433; - Update of cpuid:906C0/0x01 (JSL A0/A1) microcode (in microcode.dat) from revision 0x24000024 up to 0x24000026; - Update of cpuid:906E9/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in microcode.dat) from revision 0xf4 up to 0xf8; - Update of cpuid:906EA/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat) from revision 0xf4 up to 0xf8; - Update of cpuid:906EB/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:906EC/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat) from revision 0xf4 up to 0xf8; - Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat) from revision 0xfa up to 0x100; - Update of cpuid:A0652/0x20 (CML-H R1) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0653/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0655/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0660/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from revision 0xf8 up to 0xfe; - Update of cpuid:A0661/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from revision 0x5d up to 0x62; - Update of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) from revision 0x11d up to 0x123; - Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from revision 0x411c up to 0x4121; - Update of cpuid:B06E0/0x11 (ADL-N A0) microcode (in microcode.dat) from revision 0x12 up to 0x17; - Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x32 up to 0x35; - Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x32 up to 0x35;</summary> <pushcount>0</pushcount> <issued date="2024-10-30 14:31:31 UTC" /> <updated date="2024-10-30 14:31:31 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1730298688.html" id="CLSA-2024:1730298688" title="CLSA-2024:1730298688" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="2" name="microcode_ctl" release="73.21.el7_9.tuxcare.els1" src="microcode_ctl-2.1-73.21.el7_9.tuxcare.els1.src.rpm" version="2.1"> <filename>microcode_ctl-2.1-73.21.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">b10c96237c12335d91399b98cc2e69695b8e84cf8fede3a77444b8e7ba4ede7d</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1730374841</id> <title>Update of orc</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Backport orc_malloc() and orc_realloc()</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Backport orc_malloc() and orc_realloc()</summary> <pushcount>0</pushcount> <issued date="2024-10-31 11:40:45 UTC" /> <updated date="2024-10-31 11:40:45 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1730374841.html" id="CLSA-2024:1730374841" title="CLSA-2024:1730374841" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="orc" release="1.el7.tuxcare.els2" src="orc-0.4.26-1.el7.tuxcare.els2.src.rpm" version="0.4.26"> <filename>orc-0.4.26-1.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha256">9f192d9cb02863ea50299181721a1ed0c46508ef63a03a013ed3c70d0425130d</sum> </package> <package arch="x86_64" epoch="0" name="orc" release="1.el7.tuxcare.els2" src="orc-0.4.26-1.el7.tuxcare.els2.src.rpm" version="0.4.26"> <filename>orc-0.4.26-1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">e5bace760fca4283d43002d3888c0ccf6906248650283078540783a808e10a77</sum> </package> <package arch="x86_64" epoch="0" name="orc-compiler" release="1.el7.tuxcare.els2" src="orc-0.4.26-1.el7.tuxcare.els2.src.rpm" version="0.4.26"> <filename>orc-compiler-0.4.26-1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">b505ee5c33037c3763ede5506ca66a8a18fcfae2d2bce21c51e0126f19e2e82b</sum> </package> <package arch="i686" epoch="0" name="orc-devel" release="1.el7.tuxcare.els2" src="orc-0.4.26-1.el7.tuxcare.els2.src.rpm" version="0.4.26"> <filename>orc-devel-0.4.26-1.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha256">b357a9329a8f5528db69eaeab0d7ee027f61c9aa0a1a3db6d6fd78634c4544ee</sum> </package> <package arch="x86_64" epoch="0" name="orc-devel" release="1.el7.tuxcare.els2" src="orc-0.4.26-1.el7.tuxcare.els2.src.rpm" version="0.4.26"> <filename>orc-devel-0.4.26-1.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">eca1d156cd7d09670031ff00a1b1c44af6763ed3cd4c161067f486e3b0c6eb7a</sum> </package> <package arch="noarch" epoch="0" name="orc-doc" release="1.el7.tuxcare.els2" src="orc-0.4.26-1.el7.tuxcare.els2.src.rpm" version="0.4.26"> <filename>orc-doc-0.4.26-1.el7.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">07e814046c277b059790d1eb17d17e58fcab81867d5d40114ef94e997e3d1d69</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1730912568</id> <title>Update of nss</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- update to CKBI 2.70 from NSS 3.104 - updated certificates: - # Certificate "GLOBALTRUST 2020" - # Certificate "certSIGN ROOT CA" - # Certificate "ACCVRAIZ1" - # Certificate "OISTE WISeKey Global Root GC CA" - removed certificates: - # Certificate "Security Communication Root CA" - # Certificate "Camerfirma Chambers of Commerce Root" - # Certificate "Chambers of Commerce Root - 2008" - # Certificate "Global Chambersign Root - 2008" - # Certificate "E-Tugra Global Root CA RSA v3" - # Certificate "E-Tugra Global Root CA ECC v3" - added certificates: - # Certificate "D-Trust SBR Root CA 1 2022" - # Certificate "D-Trust SBR Root CA 2 2022" - # Certificate "Telekom Security SMIME ECC Root 2021" - # Certificate "Telekom Security TLS ECC Root 2020" - # Certificate "Telekom Security SMIME RSA Root 2023" - # Certificate "Telekom Security TLS RSA Root 2023" - # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" - # Certificate "TWCA CYBER Root CA" - # Certificate "TWCA Global Root CA G2" - # Certificate "SecureSign Root CA12" - # Certificate "SecureSign Root CA14" - # Certificate "SecureSign Root CA15"</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- update to CKBI 2.70 from NSS 3.104 - updated certificates: - # Certificate "GLOBALTRUST 2020" - # Certificate "certSIGN ROOT CA" - # Certificate "ACCVRAIZ1" - # Certificate "OISTE WISeKey Global Root GC CA" - removed certificates: - # Certificate "Security Communication Root CA" - # Certificate "Camerfirma Chambers of Commerce Root" - # Certificate "Chambers of Commerce Root - 2008" - # Certificate "Global Chambersign Root - 2008" - # Certificate "E-Tugra Global Root CA RSA v3" - # Certificate "E-Tugra Global Root CA ECC v3" - added certificates: - # Certificate "D-Trust SBR Root CA 1 2022" - # Certificate "D-Trust SBR Root CA 2 2022" - # Certificate "Telekom Security SMIME ECC Root 2021" - # Certificate "Telekom Security TLS ECC Root 2020" - # Certificate "Telekom Security SMIME RSA Root 2023" - # Certificate "Telekom Security TLS RSA Root 2023" - # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" - # Certificate "TWCA CYBER Root CA" - # Certificate "TWCA Global Root CA G2" - # Certificate "SecureSign Root CA12" - # Certificate "SecureSign Root CA14" - # Certificate "SecureSign Root CA15"</summary> <pushcount>0</pushcount> <issued date="2024-11-06 17:02:54 UTC" /> <updated date="2024-11-06 17:02:54 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1730912568.html" id="CLSA-2024:1730912568" title="CLSA-2024:1730912568" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="nss" release="2.el7_9.tuxcare.els2" src="nss-3.90.0-2.el7_9.tuxcare.els2.src.rpm" version="3.90.0"> <filename>nss-3.90.0-2.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">56b17c0403e655389fd9f668568438a373a6006185a2cdc1ee64bcac1bf915fd</sum> </package> <package arch="x86_64" epoch="0" name="nss" release="2.el7_9.tuxcare.els2" src="nss-3.90.0-2.el7_9.tuxcare.els2.src.rpm" version="3.90.0"> <filename>nss-3.90.0-2.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">e0883bf93500b651662d9154e6338c3e1fe12d0cbf942f1b92b27a348616eddf</sum> </package> <package arch="i686" epoch="0" name="nss-devel" release="2.el7_9.tuxcare.els2" src="nss-3.90.0-2.el7_9.tuxcare.els2.src.rpm" version="3.90.0"> <filename>nss-devel-3.90.0-2.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">76014741810c6fe4bf5a059d7f941242c9858f37443385417f46792b49157991</sum> </package> <package arch="x86_64" epoch="0" name="nss-devel" release="2.el7_9.tuxcare.els2" src="nss-3.90.0-2.el7_9.tuxcare.els2.src.rpm" version="3.90.0"> <filename>nss-devel-3.90.0-2.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">f5f94f63cc52aec155f31be3dfa87ee79ecc5da0c0cb1e9059efdb157fe89cbc</sum> </package> <package arch="i686" epoch="0" name="nss-pkcs11-devel" release="2.el7_9.tuxcare.els2" src="nss-3.90.0-2.el7_9.tuxcare.els2.src.rpm" version="3.90.0"> <filename>nss-pkcs11-devel-3.90.0-2.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">898f87456585a2f231844e20c96e30dd652338d1e11c524a528f91b287f21bef</sum> </package> <package arch="x86_64" epoch="0" name="nss-pkcs11-devel" release="2.el7_9.tuxcare.els2" src="nss-3.90.0-2.el7_9.tuxcare.els2.src.rpm" version="3.90.0"> <filename>nss-pkcs11-devel-3.90.0-2.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">6124bfef08f6996471aa5685640740c76bfdf4e8d73df67130d62bee44d3f9fe</sum> </package> <package arch="x86_64" epoch="0" name="nss-sysinit" release="2.el7_9.tuxcare.els2" src="nss-3.90.0-2.el7_9.tuxcare.els2.src.rpm" version="3.90.0"> <filename>nss-sysinit-3.90.0-2.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">b7a5017362890400c229ac30c16ec7fcdba33165f8f761217aa2286ae369739f</sum> </package> <package arch="x86_64" epoch="0" name="nss-tools" release="2.el7_9.tuxcare.els2" src="nss-3.90.0-2.el7_9.tuxcare.els2.src.rpm" version="3.90.0"> <filename>nss-tools-3.90.0-2.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">6477f1f45bda964e1ea5794e06b00f8690722336342bd1f0cdd5a2e53a4c87ea</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1731432106</id> <title>ImageMagick: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2020-27751: fix undefined behavior due to an overly large shift exponent in quantum-export.c - CVE-2020-27768: fix NaN being outside the range of representable values issue in quantum-private.h</description> <severity>Low</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2020-27751: fix undefined behavior due to an overly large shift exponent in quantum-export.c - CVE-2020-27768: fix NaN being outside the range of representable values issue in quantum-private.h</summary> <pushcount>0</pushcount> <issued date="2024-11-12 17:21:52 UTC" /> <updated date="2024-11-12 17:21:52 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1731432106.html" id="CLSA-2024:1731432106" title="CLSA-2024:1731432106" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="ImageMagick" release="7.el7_9.tuxcare.els2" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.src.rpm" version="6.9.10.68"> <filename>ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">030ce594206ffd929b9808837e274a1681233c54c5c0cc91b21a0f22ce7b4de2</sum> </package> <package arch="x86_64" epoch="0" name="ImageMagick" release="7.el7_9.tuxcare.els2" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.src.rpm" version="6.9.10.68"> <filename>ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">d6c69f7d7560c807821e48b8b030d1510319694f2cc6f7bdd9ce63151da78c28</sum> </package> <package arch="i686" epoch="0" name="ImageMagick-c++" release="7.el7_9.tuxcare.els2" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.src.rpm" version="6.9.10.68"> <filename>ImageMagick-c++-6.9.10.68-7.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">e0082ae55a93464dcef73ff3b7e2bff64949ef1770e8529c0b827c04b117a44f</sum> </package> <package arch="x86_64" epoch="0" name="ImageMagick-c++" release="7.el7_9.tuxcare.els2" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.src.rpm" version="6.9.10.68"> <filename>ImageMagick-c++-6.9.10.68-7.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">9921eddf542aa58f43da58af9d2991f023c3ac12b552068c887c9ab0dc47c25b</sum> </package> <package arch="i686" epoch="0" name="ImageMagick-c++-devel" release="7.el7_9.tuxcare.els2" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.src.rpm" version="6.9.10.68"> <filename>ImageMagick-c++-devel-6.9.10.68-7.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">f61bfd2393323757b4b495cac05b580549b3c172262c1e6f0931a806a0a5f1be</sum> </package> <package arch="x86_64" epoch="0" name="ImageMagick-c++-devel" release="7.el7_9.tuxcare.els2" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.src.rpm" version="6.9.10.68"> <filename>ImageMagick-c++-devel-6.9.10.68-7.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">143b1d3d8a9416eb2705b933d453593c1c6d48ca7ffeac08e53000f819f29941</sum> </package> <package arch="i686" epoch="0" name="ImageMagick-devel" release="7.el7_9.tuxcare.els2" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.src.rpm" version="6.9.10.68"> <filename>ImageMagick-devel-6.9.10.68-7.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">fdc06ce4639d7c2be8af6b9e8e11be2e86b5ecce1185d5a17c17d55114e379c7</sum> </package> <package arch="x86_64" epoch="0" name="ImageMagick-devel" release="7.el7_9.tuxcare.els2" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.src.rpm" version="6.9.10.68"> <filename>ImageMagick-devel-6.9.10.68-7.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">1de1414e6c71466f2d8ae4d0332449c744331666b41a3ef530c31def7f337d16</sum> </package> <package arch="x86_64" epoch="0" name="ImageMagick-doc" release="7.el7_9.tuxcare.els2" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.src.rpm" version="6.9.10.68"> <filename>ImageMagick-doc-6.9.10.68-7.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">cb27e3568d6ecb011ad5aa4179094d8086decd908e15e9735096f7774c07c718</sum> </package> <package arch="x86_64" epoch="0" name="ImageMagick-perl" release="7.el7_9.tuxcare.els2" src="ImageMagick-6.9.10.68-7.el7_9.tuxcare.els2.src.rpm" version="6.9.10.68"> <filename>ImageMagick-perl-6.9.10.68-7.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">1104da9270ec716eed0dd68c3f38712ec14d2d6d0c556cb0c8e4ea4a2a3972b9</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1731348593</id> <title>kernel: Fix of 18 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- mm: call the security_mmap_file() LSM hook in remap_file_pages() {CVE-2024-47745} - slip: make slhc_remember() more robust against malicious packets {CVE-2024-50033} - drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer {CVE-2024-49991} - firmware_loader: Block path traversal {CVE-2024-47742} - ext4: avoid OOB when system.data xattr changes underneath the filesystem {CVE-2024-47701} - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux {CVE-2024-50073} - Bluetooth: L2CAP: Fix uaf in l2cap_connect {CVE-2024-49950} - ext4: avoid use-after-free in ext4_ext_show_leaf() {CVE-2024-49889} - driver core: bus: Fix double free in driver API bus_register() {CVE-2024-50055} - ext4: fix timer use-after-free on failed mount {CVE-2024-49960} - smack: tcp: ipv4, fix incorrect labeling {CVE-2024-47659} - ppp: fix ppp_async_encode() illegal access {CVE-2024-50035} - ALSA: asihpi: Fix potential OOB array access {CVE-2024-50007} - ext4: no need to continue when the number of entries is 1 {CVE-2024-49967} - drm/amd/display: Fix index out of bounds in degamma hardware format translation {CVE-2024-49894} - ext4: fix double brelse() the buffer of the extents path {CVE-2024-49882} - ACPI: sysfs: validate return type of _STR method {CVE-2024-49860} - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures {CVE-2024-43839}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- mm: call the security_mmap_file() LSM hook in remap_file_pages() {CVE-2024-47745} - slip: make slhc_remember() more robust against malicious packets {CVE-2024-50033} - drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer {CVE-2024-49991} - firmware_loader: Block path traversal {CVE-2024-47742} - ext4: avoid OOB when system.data xattr changes underneath the filesystem {CVE-2024-47701} - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux {CVE-2024-50073} - Bluetooth: L2CAP: Fix uaf in l2cap_connect {CVE-2024-49950} - ext4: avoid use-after-free in ext4_ext_show_leaf() {CVE-2024-49889} - driver core: bus: Fix double free in driver API bus_register() {CVE-2024-50055} - ext4: fix timer use-after-free on failed mount {CVE-2024-49960} - smack: tcp: ipv4, fix incorrect labeling {CVE-2024-47659} - ppp: fix ppp_async_encode() illegal access {CVE-2024-50035} - ALSA: asihpi: Fix potential OOB array access {CVE-2024-50007} - ext4: no need to continue when the number of entries is 1 {CVE-2024-49967} - drm/amd/display: Fix index out of bounds in degamma hardware format translation {CVE-2024-49894} - ext4: fix double brelse() the buffer of the extents path {CVE-2024-49882} - ACPI: sysfs: validate return type of _STR method {CVE-2024-49860} - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures {CVE-2024-43839}</summary> <pushcount>0</pushcount> <issued date="2024-11-11 18:09:59 UTC" /> <updated date="2024-11-11 18:09:59 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1731348593.html" id="CLSA-2024:1731348593" title="CLSA-2024:1731348593" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els12" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els12.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm</filename> <sum type="sha256">a943e60ddd6c00b395f9ab38bfb1bca63dfb1073ea7346f8ff699a3978e066be</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els12" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els12.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm</filename> <sum type="sha256">5b128ee8dfdc4113cb5cda50dbc86e571b966cd65675e2ba141ece0297deeb91</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els12" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els12.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm</filename> <sum type="sha256">c695b67990e067c955ade5cbfbc3ea8f2c335dcf8e008d263a81c7e41a09bfc5</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els12" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els12.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm</filename> <sum type="sha256">246711799dc8faad648fe9b7a39865bab5dc21464be9eaf25c067423070afc6a</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els12" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els12.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm</filename> <sum type="sha256">74c3e1de9779329e4c0e400021cea0cad4ff882cfd9933291c5716769afd55b7</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els12" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els12.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm</filename> <sum type="sha256">ad0c4aae0b9429b2bd236579668222c60f163e07857091133a1e1ec958d0bf96</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els12" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els12.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm</filename> <sum type="sha256">f3e4b311df7984242b40aafd823c512ea6d82a267f990c0e81907fe2ccd9b15c</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els12" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els12.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm</filename> <sum type="sha256">212acf284903015740cb34d923a6818b17b3bb7378ae8a0649331569a97e9246</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els12" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els12.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm</filename> <sum type="sha256">42b03cc2e8bfccf3ee3a0b3a67419c1fd3477081674af473be51706d5d4fdeb5</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els12" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els12.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm</filename> <sum type="sha256">d470c706442cbcb3861b9815988faa12b405e732fdfb6482834d248326c0a632</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els12" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els12.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els12.x86_64.rpm</filename> <sum type="sha256">9640ef3e1fa9c8b7e6d99fdb606a981d7568cca2cac68a096207c1ca9ff9d92c</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1730910767</id> <title>Update of ca-certificates</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- update to CKBI 2.69 from NSS 3.103 - updated certificates: - # Certificate "GLOBALTRUST 2020" - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - # Certificate "Entrust.net Premium 2048 Secure Server CA" - # Certificate "Baltimore CyberTrust Root" - # Certificate "Entrust Root Certification Authority" - # Certificate "Certum Root CA" - # Certificate "Comodo AAA Services root" - # Certificate "QuoVadis Root CA 2" - # Certificate "QuoVadis Root CA 3" - # Certificate "XRamp Global CA Root" - # Certificate "Go Daddy Class 2 CA" - # Certificate "Starfield Class 2 CA" - # Certificate "DigiCert Assured ID Root CA" - # Certificate "DigiCert Global Root CA" - # Certificate "DigiCert High Assurance EV Root CA" - # Certificate "SwissSign Gold CA - G2" - # Certificate "SwissSign Silver CA - G2" - # Certificate "SecureTrust CA" - # Certificate "Secure Global CA" - # Certificate "COMODO ECC Certification Authority" - # Certificate "OISTE WISeKey Global Root GA CA" - # Certificate "Certigna" - # Certificate "ePKI Root Certification Authority" - # Certificate "certSIGN ROOT CA" - # Certificate "SecureSign RootCA11" - # Certificate "Microsec e-Szigno Root CA 2009" - # Certificate "GlobalSign Root CA - R3" - # Certificate "Go Daddy Root Certificate Authority - G2" - # Certificate "Starfield Root Certificate Authority - G2" - # Certificate "Starfield Services Root Certificate Authority - G2" - # Certificate "AffirmTrust Commercial" - # Certificate "AffirmTrust Networking" - # Certificate "AffirmTrust Premium" - # Certificate "AffirmTrust Premium ECC" - # Certificate "Certum Trusted Network CA" - # Certificate "TWCA Root Certification Authority" - # Certificate "Security Communication RootCA2" - # Certificate "Actalis Authentication Root CA" - # Certificate "D-TRUST Root Class 3 CA 2 2009" - # Certificate "D-TRUST Root Class 3 CA 2 EV 2009" - # Certificate "CA Disig Root R2" - # Certificate "ACCVRAIZ1" - # Certificate "TWCA Global Root CA" - # Certificate "Atos TrustedRoot 2011" - # Certificate "QuoVadis Root CA 1 G3" - # Certificate "QuoVadis Root CA 2 G3" - # Certificate "QuoVadis Root CA 3 G3" - # Certificate "DigiCert Assured ID Root G2" - # Certificate "DigiCert Assured ID Root G3" - # Certificate "DigiCert Global Root G2" - # Certificate "DigiCert Global Root G3" - # Certificate "DigiCert Trusted Root G4" - # Certificate "COMODO RSA Certification Authority" - # Certificate "USERTrust RSA Certification Authority" - # Certificate "USERTrust ECC Certification Authority" - # Certificate "GlobalSign ECC Root CA - R5" - # Certificate "IdenTrust Commercial Root CA 1" - # Certificate "Entrust Root Certification Authority - G2" - # Certificate "Entrust Root Certification Authority - EC1" - # Certificate "CFCA EV ROOT" - # Certificate "OISTE WISeKey Global Root GB CA" - # Certificate "Certum Trusted Network CA 2" - # Certificate "Hellenic Academic and Research Institutions RootCA 2015" - # Certificate "Hellenic Academic and Research Institutions ECC RootCA 2015" - # Certificate "AC RAIZ FNMT-RCM" - # Certificate "Amazon Root CA 2" - # Certificate "SSL.com Root Certification Authority RSA" - # Certificate "SSL.com Root Certification Authority ECC" - # Certificate "SSL.com EV Root Certification Authority RSA R2" - # Certificate "SSL.com EV Root Certification Authority ECC" - # Certificate "GlobalSign Root CA - R6" - # Certificate "OISTE WISeKey Global Root GC CA" - # Certificate "UCA Global G2 Root" - # Certificate "UCA Extended Validation Root" - # Certificate "Certigna Root CA" - # Certificate "emSign ECC Root CA - G3" - # Certificate "emSign ECC Root CA - C3" - # Certificate "Entrust Root Certification Authority - G4" - # Certificate "e-Szigno Root CA 2017" - # Certificate "Trustwave Global Certification Authority" - # Certificate "Trustwave Global ECC P256 Certification Authority" - # Certificate "Trustwave Global ECC P384 Certification Authority" - # Certificate "Certum EC-384 CA" - # Certificate "Certum Trusted Root CA" - # Certificate "GlobalSign ECC Root CA - R4" - # Certificate "Security Communication RootCA3" - # Certificate "Security Communication ECC RootCA1" - removed certificates: - # Certificate "Security Communication Root CA" - # Certificate "Camerfirma Chambers of Commerce Root" - # Certificate "Chambers of Commerce Root - 2008" - # Certificate "Global Chambersign Root - 2008" - # Certificate "Certification Authority of WoSign G2" - # Certificate "CA WoSign ECC Root" - # Certificate "A-Trust-Qual-02" - # Certificate "Certification Authority of WoSign" - # Certificate "CA 沃通根证书" - # Certificate "StartCom Certification Authority G2" - # Certificate "China Internet Network Information Center EV Certificates Root" - # Certificate "VI Registru Centras RCSC (RootCA)" - # Certificate "StartCom Certification Authority" - # Certificate "CNNIC ROOT" - # Certificate "ANCERT Certificados CGN" - # Certificate "ANCERT Certificados Notariales" - # Certificate "ANCERT Corporaciones de Derecho Publico" - # Certificate "Global Chambersign Root" - # Certificate "CHAMBERS OF COMMERCE ROOT - 2016" - # Certificate "E-Tugra Global Root CA RSA v3" - # Certificate "E-Tugra Global Root CA ECC v3" - # Certificate "Tunisian Root Certificate Authority - TunRootCA2" - added certificates: - # Certificate "D-Trust SBR Root CA 1 2022" - # Certificate "D-Trust SBR Root CA 2 2022" - # Certificate "Telekom Security SMIME ECC Root 2021" - # Certificate "Telekom Security TLS ECC Root 2020" - # Certificate "Telekom Security SMIME RSA Root 2023" - # Certificate "Telekom Security TLS RSA Root 2023" - # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" - remove duplicated certificate record: - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- update to CKBI 2.69 from NSS 3.103 - updated certificates: - # Certificate "GLOBALTRUST 2020" - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - # Certificate "Entrust.net Premium 2048 Secure Server CA" - # Certificate "Baltimore CyberTrust Root" - # Certificate "Entrust Root Certification Authority" - # Certificate "Certum Root CA" - # Certificate "Comodo AAA Services root" - # Certificate "QuoVadis Root CA 2" - # Certificate "QuoVadis Root CA 3" - # Certificate "XRamp Global CA Root" - # Certificate "Go Daddy Class 2 CA" - # Certificate "Starfield Class 2 CA" - # Certificate "DigiCert Assured ID Root CA" - # Certificate "DigiCert Global Root CA" - # Certificate "DigiCert High Assurance EV Root CA" - # Certificate "SwissSign Gold CA - G2" - # Certificate "SwissSign Silver CA - G2" - # Certificate "SecureTrust CA" - # Certificate "Secure Global CA" - # Certificate "COMODO ECC Certification Authority" - # Certificate "OISTE WISeKey Global Root GA CA" - # Certificate "Certigna" - # Certificate "ePKI Root Certification Authority" - # Certificate "certSIGN ROOT CA" - # Certificate "SecureSign RootCA11" - # Certificate "Microsec e-Szigno Root CA 2009" - # Certificate "GlobalSign Root CA - R3" - # Certificate "Go Daddy Root Certificate Authority - G2" - # Certificate "Starfield Root Certificate Authority - G2" - # Certificate "Starfield Services Root Certificate Authority - G2" - # Certificate "AffirmTrust Commercial" - # Certificate "AffirmTrust Networking" - # Certificate "AffirmTrust Premium" - # Certificate "AffirmTrust Premium ECC" - # Certificate "Certum Trusted Network CA" - # Certificate "TWCA Root Certification Authority" - # Certificate "Security Communication RootCA2" - # Certificate "Actalis Authentication Root CA" - # Certificate "D-TRUST Root Class 3 CA 2 2009" - # Certificate "D-TRUST Root Class 3 CA 2 EV 2009" - # Certificate "CA Disig Root R2" - # Certificate "ACCVRAIZ1" - # Certificate "TWCA Global Root CA" - # Certificate "Atos TrustedRoot 2011" - # Certificate "QuoVadis Root CA 1 G3" - # Certificate "QuoVadis Root CA 2 G3" - # Certificate "QuoVadis Root CA 3 G3" - # Certificate "DigiCert Assured ID Root G2" - # Certificate "DigiCert Assured ID Root G3" - # Certificate "DigiCert Global Root G2" - # Certificate "DigiCert Global Root G3" - # Certificate "DigiCert Trusted Root G4" - # Certificate "COMODO RSA Certification Authority" - # Certificate "USERTrust RSA Certification Authority" - # Certificate "USERTrust ECC Certification Authority" - # Certificate "GlobalSign ECC Root CA - R5" - # Certificate "IdenTrust Commercial Root CA 1" - # Certificate "Entrust Root Certification Authority - G2" - # Certificate "Entrust Root Certification Authority - EC1" - # Certificate "CFCA EV ROOT" - # Certificate "OISTE WISeKey Global Root GB CA" - # Certificate "Certum Trusted Network CA 2" - # Certificate "Hellenic Academic and Research Institutions RootCA 2015" - # Certificate "Hellenic Academic and Research Institutions ECC RootCA 2015" - # Certificate "AC RAIZ FNMT-RCM" - # Certificate "Amazon Root CA 2" - # Certificate "SSL.com Root Certification Authority RSA" - # Certificate "SSL.com Root Certification Authority ECC" - # Certificate "SSL.com EV Root Certification Authority RSA R2" - # Certificate "SSL.com EV Root Certification Authority ECC" - # Certificate "GlobalSign Root CA - R6" - # Certificate "OISTE WISeKey Global Root GC CA" - # Certificate "UCA Global G2 Root" - # Certificate "UCA Extended Validation Root" - # Certificate "Certigna Root CA" - # Certificate "emSign ECC Root CA - G3" - # Certificate "emSign ECC Root CA - C3" - # Certificate "Entrust Root Certification Authority - G4" - # Certificate "e-Szigno Root CA 2017" - # Certificate "Trustwave Global Certification Authority" - # Certificate "Trustwave Global ECC P256 Certification Authority" - # Certificate "Trustwave Global ECC P384 Certification Authority" - # Certificate "Certum EC-384 CA" - # Certificate "Certum Trusted Root CA" - # Certificate "GlobalSign ECC Root CA - R4" - # Certificate "Security Communication RootCA3" - # Certificate "Security Communication ECC RootCA1" - removed certificates: - # Certificate "Security Communication Root CA" - # Certificate "Camerfirma Chambers of Commerce Root" - # Certificate "Chambers of Commerce Root - 2008" - # Certificate "Global Chambersign Root - 2008" - # Certificate "Certification Authority of WoSign G2" - # Certificate "CA WoSign ECC Root" - # Certificate "A-Trust-Qual-02" - # Certificate "Certification Authority of WoSign" - # Certificate "CA 沃通根证书" - # Certificate "StartCom Certification Authority G2" - # Certificate "China Internet Network Information Center EV Certificates Root" - # Certificate "VI Registru Centras RCSC (RootCA)" - # Certificate "StartCom Certification Authority" - # Certificate "CNNIC ROOT" - # Certificate "ANCERT Certificados CGN" - # Certificate "ANCERT Certificados Notariales" - # Certificate "ANCERT Corporaciones de Derecho Publico" - # Certificate "Global Chambersign Root" - # Certificate "CHAMBERS OF COMMERCE ROOT - 2016" - # Certificate "E-Tugra Global Root CA RSA v3" - # Certificate "E-Tugra Global Root CA ECC v3" - # Certificate "Tunisian Root Certificate Authority - TunRootCA2" - added certificates: - # Certificate "D-Trust SBR Root CA 1 2022" - # Certificate "D-Trust SBR Root CA 2 2022" - # Certificate "Telekom Security SMIME ECC Root 2021" - # Certificate "Telekom Security TLS ECC Root 2020" - # Certificate "Telekom Security SMIME RSA Root 2023" - # Certificate "Telekom Security TLS RSA Root 2023" - # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" - remove duplicated certificate record: - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"</summary> <pushcount>0</pushcount> <issued date="2024-11-06 16:32:53 UTC" /> <updated date="2024-11-06 16:32:53 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1730910767.html" id="CLSA-2024:1730910767" title="CLSA-2024:1730910767" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="noarch" epoch="0" name="ca-certificates" release="72.el7_9.tuxcare.els1" src="ca-certificates-2024.2.69_v7.0.306-72.el7_9.tuxcare.els1.src.rpm" version="2024.2.69_v7.0.306"> <filename>ca-certificates-2024.2.69_v7.0.306-72.el7_9.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">5922e538c8077e4683e23042810fefdeaaa0958784e22b2689244df4f30be2c3</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1732267577</id> <title>kernel: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- net: bridge: xmit: make sure we have at least eth header len bytes {CVE-2024-38538} - SUNRPC: Fix UAF in svc_tcp_listen_data_ready() {CVE-2023-52885} - Fix: Revert "smb: client: fix use-after-free bug in cifs_debug_data_proc_show()" double lock</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- net: bridge: xmit: make sure we have at least eth header len bytes {CVE-2024-38538} - SUNRPC: Fix UAF in svc_tcp_listen_data_ready() {CVE-2023-52885} - Fix: Revert "smb: client: fix use-after-free bug in cifs_debug_data_proc_show()" double lock</summary> <pushcount>0</pushcount> <issued date="2024-11-22 09:26:22 UTC" /> <updated date="2024-11-22 09:26:22 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1732267577.html" id="CLSA-2024:1732267577" title="CLSA-2024:1732267577" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els13" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els13.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm</filename> <sum type="sha256">e5da24135cb9c0508f34ae58cb899683c328bb2476432c78a06894c1a97a35e3</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els13" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els13.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm</filename> <sum type="sha256">282195fb69c35732b8e67267e1f2b5099777ded4aadf430ac853124d379d8c38</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els13" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els13.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm</filename> <sum type="sha256">bd528059fd94b90498db92bd1a12a804acda183b29871c915c78516f9a9ce96d</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els13" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els13.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm</filename> <sum type="sha256">7b70ea72c5bdd152897d3b3f87bc9c87ced3ef77f6a16e05b6c10a10bffca5ee</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els13" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els13.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm</filename> <sum type="sha256">a622b0610750e15e7d709bd30731e0b598b9094d5c01fb026355c8f1770d68df</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els13" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els13.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm</filename> <sum type="sha256">20c0c65664e97202b08ff4e166a843440f75c6b49c46e7d613f89098a55d8c31</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els13" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els13.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm</filename> <sum type="sha256">0e939d4322c2e98251628ae7ce16b1bbf1dfd235a59fdc8eea620436d14a8d15</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els13" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els13.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm</filename> <sum type="sha256">c9ba32c7e1ff5af24439b2e8c52d14ad75926832ddd63cfd0b02b7272c8b72ea</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els13" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els13.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm</filename> <sum type="sha256">52658efc9551aa0c4216a23a8991be7df3825f7fa794196359cfe01dac7bd4e1</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els13" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els13.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm</filename> <sum type="sha256">362bde16799495fd5818bb9687ec99be9ca54d154bcd5473aae0e5952eb9e574</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els13" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els13.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els13.x86_64.rpm</filename> <sum type="sha256">009bd7a770728f040ce850cc7d3812b49113542e5d3a35bc2bdb44b8cff97fde</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1733158948</id> <title>php: Fix of CVE-2024-11234</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-11234: fix HTTP fulluri CRLF injection</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-11234: fix HTTP fulluri CRLF injection</summary> <pushcount>0</pushcount> <issued date="2024-12-02 17:02:35 UTC" /> <updated date="2024-12-02 17:02:35 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1733158948.html" id="CLSA-2024:1733158948" title="CLSA-2024:1733158948" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="php" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">06d6d925eff794def3b096ade202b28e9d9fe3c32ee13419346d1d7503a405e6</sum> </package> <package arch="x86_64" epoch="0" name="php-bcmath" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-bcmath-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">59bb500a7cdb2a25cdf20ad1930a9bfa3295c1dcd7f1581e69211f4536bc354a</sum> </package> <package arch="x86_64" epoch="0" name="php-cli" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-cli-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">f8425ad6043cc35b1e22d1f7de103088135db314da5efdf06cdc0125b0cdae05</sum> </package> <package arch="x86_64" epoch="0" name="php-common" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-common-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">b7fe19ac2377a7af1d4fbc7f59835095f3cd8e71b2159292dc9b213dd649b739</sum> </package> <package arch="x86_64" epoch="0" name="php-dba" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-dba-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">8b38100e5abd947c2cbc0bde5cc3a830e34ff8f1baac2548fb753c80096ae6b4</sum> </package> <package arch="x86_64" epoch="0" name="php-devel" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-devel-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">c6f05216edbd420806fd30ab4f00c323ba6395b8449a6b6b8dbe5e262debe57a</sum> </package> <package arch="x86_64" epoch="0" name="php-embedded" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-embedded-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">6297ddcd15ae68dddbd13cdf119fbfe02c6ebe6688109435f9818096caf231e3</sum> </package> <package arch="x86_64" epoch="0" name="php-enchant" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-enchant-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">782638b5572eab8c13b95a27369befb8c4466b6a383673ba870e37cf5c3f243d</sum> </package> <package arch="x86_64" epoch="0" name="php-fpm" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-fpm-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">e4d4f77b534aa6cab4dba85a15313be07fd788e9b3b40377f6a6f75bdfe9af36</sum> </package> <package arch="x86_64" epoch="0" name="php-gd" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-gd-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">2b77a84be5d90622ca8739e7b2e155682eb821e50da52cea3236e1546472847d</sum> </package> <package arch="x86_64" epoch="0" name="php-intl" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-intl-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">2b517d45d2f5a75fa9dffed14cacbf459057d0f98b72ab43b2325c990196892e</sum> </package> <package arch="x86_64" epoch="0" name="php-ldap" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-ldap-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">e37c3cb2aced769842fda440c59d35ae4330087f22a820d93fbb9e6af3578e51</sum> </package> <package arch="x86_64" epoch="0" name="php-mbstring" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-mbstring-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">07f00197f57c40bd339dc720b1829a54a4cf58d92d9717347b8c2d8acfb2fb13</sum> </package> <package arch="x86_64" epoch="0" name="php-mysql" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-mysql-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">b28ad75436a1ad2e7c4fd4cc9eb95895349938647db06dab3ac70a74fa953258</sum> </package> <package arch="x86_64" epoch="0" name="php-mysqlnd" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-mysqlnd-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">d13926651ab484ca496513c65060b69aa44e4cb68264ff3ec2f1c386d24e14f7</sum> </package> <package arch="x86_64" epoch="0" name="php-odbc" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-odbc-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">af05264c4fb0bdbd2e76f9a9c8e096d5e8ca5096d92546f3207b939241f5d4e2</sum> </package> <package arch="x86_64" epoch="0" name="php-pdo" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-pdo-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">4cf17961ceea9ebca84d8737f02d4918c4ad69d8db27320547160125f9b4829c</sum> </package> <package arch="x86_64" epoch="0" name="php-pgsql" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-pgsql-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">66a9621ed33a897482c230b808141feba60c25c582ef4b48dd5ce6b59033cfbb</sum> </package> <package arch="x86_64" epoch="0" name="php-process" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-process-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">f42e6716fd08264cc4702e25054dd38d374c564056677f6170e99c3513ceaf4e</sum> </package> <package arch="x86_64" epoch="0" name="php-pspell" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-pspell-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">1755974720455e13d6b98b7fa8126c6b055bf87a6827e8179c979b52ac6c16b5</sum> </package> <package arch="x86_64" epoch="0" name="php-recode" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-recode-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">b2b307e2f213135fcebbe798fcc5e90c5bc4dd7de8cee3a247855ed6c44a686d</sum> </package> <package arch="x86_64" epoch="0" name="php-snmp" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-snmp-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">428234f0b3ed1ffe77b8c5ae4f5f60f261f6a4e4037855c2fa9045d72f104627</sum> </package> <package arch="x86_64" epoch="0" name="php-soap" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-soap-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">bca008758db4fb924de866ec50d32e14884bb1f21cb8bf147e004cfc0ffb8c16</sum> </package> <package arch="x86_64" epoch="0" name="php-xml" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-xml-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">65b025e476b9008bdfa372c89ea6e3735756bbcd2666620356e7167bfd6ddc0a</sum> </package> <package arch="x86_64" epoch="0" name="php-xmlrpc" release="48.el7.tuxcare.els5" src="php-5.4.16-48.el7.tuxcare.els5.src.rpm" version="5.4.16"> <filename>php-xmlrpc-5.4.16-48.el7.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">d864c0b041ffa17ccbf45511ed599e36db5994e2ad135048080b6c542845fe08</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1733246329</id> <title>php: Fix of CVE-2024-11233</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-11233: fix buffer overflow vulnerability in convert.quoted-printable-decode filter</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-11233: fix buffer overflow vulnerability in convert.quoted-printable-decode filter</summary> <pushcount>0</pushcount> <issued date="2024-12-03 17:18:54 UTC" /> <updated date="2024-12-03 17:18:54 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1733246329.html" id="CLSA-2024:1733246329" title="CLSA-2024:1733246329" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="php" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">201d0b30ffe86871a6d4eea341b4971c14f551ca6499eeba08b44c25ca075944</sum> </package> <package arch="x86_64" epoch="0" name="php-bcmath" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-bcmath-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">5527bb3adac14981e969c2c10cbdbba80678c29c48b5bbcc5d8792190f0d60eb</sum> </package> <package arch="x86_64" epoch="0" name="php-cli" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-cli-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">ce7738e3d2bef702a412f3296e139494a535cfb7c1250524cf5185096efafa6e</sum> </package> <package arch="x86_64" epoch="0" name="php-common" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-common-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">e35933efca262c97685b57cbada64457691b7c9bcd3091ae8c3bee70b2c5466f</sum> </package> <package arch="x86_64" epoch="0" name="php-dba" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-dba-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">09f6cc9b14cb87d280997d1c7f15f1fd6266998ca0cacd022fcc52778b7d2c34</sum> </package> <package arch="x86_64" epoch="0" name="php-devel" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-devel-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">e1b9bd81bad7cc914b90336fa8f06f7ee1eecff704e1892aa92c4021e3e0cdce</sum> </package> <package arch="x86_64" epoch="0" name="php-embedded" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-embedded-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">15911f5d7727a571754c211af69e5511e975f53dea4857f61dd65df650540ee5</sum> </package> <package arch="x86_64" epoch="0" name="php-enchant" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-enchant-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">c2aed1e8e1d6e16fb370bc923c2d99839367b7602355485fb4086af92bf58192</sum> </package> <package arch="x86_64" epoch="0" name="php-fpm" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-fpm-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">5253792691b8150f2b95de6e7276eb664d66641bfad6e683ffe85c46c36f096b</sum> </package> <package arch="x86_64" epoch="0" name="php-gd" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-gd-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">c231796787c167cf44160c0ef2e38633cbc5151a8c63c12b32509ba9adbfff50</sum> </package> <package arch="x86_64" epoch="0" name="php-intl" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-intl-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">b60966935050716a73a2e74cc0bf18ae2c10e2af39580f8627864bf2dd524d7c</sum> </package> <package arch="x86_64" epoch="0" name="php-ldap" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-ldap-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">b35b3eaa48e6cfc1ddd67476b1436c90fe671ea7b844bbf8b7545ac25c0226b3</sum> </package> <package arch="x86_64" epoch="0" name="php-mbstring" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-mbstring-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">839b7b8c1f9a49c32b2524f6a7cd02d80303c4b06852cc0b788292ef1bc1e68f</sum> </package> <package arch="x86_64" epoch="0" name="php-mysql" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-mysql-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">834ee96f6b0b18f42b8b680615e67d1da87c3b562034cf8b2f8de03ba1c4139f</sum> </package> <package arch="x86_64" epoch="0" name="php-mysqlnd" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-mysqlnd-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">a52681bbbfd941ddd63cb02d2939c7d5fd1d163874218badbe5fa3ca4c8425f0</sum> </package> <package arch="x86_64" epoch="0" name="php-odbc" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-odbc-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">1e87d329f66b9e4ae208aecaa6e867fdd33efa8bc86dba798ffb6f46acde4c17</sum> </package> <package arch="x86_64" epoch="0" name="php-pdo" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-pdo-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">b13a0f8fe1283100d3f71ed5119cc056802b6732ae2b50154a8ed32c679c9401</sum> </package> <package arch="x86_64" epoch="0" name="php-pgsql" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-pgsql-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">dc1ecbb6498029e8250969aae057e26d274be09ae746b4aa24b701a05e5610b3</sum> </package> <package arch="x86_64" epoch="0" name="php-process" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-process-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">c403d696760cfdf2ed390a870e1493f917e184d135c3649213093a9b3fd03c70</sum> </package> <package arch="x86_64" epoch="0" name="php-pspell" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-pspell-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">463e245d93bd50cfea1d70a75e4276a8cd8b78c42b5c689dd1f81a9811300485</sum> </package> <package arch="x86_64" epoch="0" name="php-recode" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-recode-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">f7e9ef91942cb40d2cc4e49032660effb88342c3eb31344cac55c12523e4d316</sum> </package> <package arch="x86_64" epoch="0" name="php-snmp" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-snmp-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">f5eb57cffb9bc946ccdfc5893f037bed2fb70f97b27b41e2b894562afba3d4b0</sum> </package> <package arch="x86_64" epoch="0" name="php-soap" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-soap-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">c03728b98957ae3325a6d00e8f8de6dd33a91a0cefb212507cc3f458705b891c</sum> </package> <package arch="x86_64" epoch="0" name="php-xml" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-xml-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">f4af1a3ec0138571726f61777068a262b132c10cc46ae6ecba95e162a946cef3</sum> </package> <package arch="x86_64" epoch="0" name="php-xmlrpc" release="48.el7.tuxcare.els6" src="php-5.4.16-48.el7.tuxcare.els6.src.rpm" version="5.4.16"> <filename>php-xmlrpc-5.4.16-48.el7.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">1e8747bdce2e9d1ba4c1c0d4bfaa765a8b37c3b834a1dde16141848a998d8ff0</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1734041590</id> <title>Update of grub2</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Update version and epoch</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Update version and epoch</summary> <pushcount>0</pushcount> <issued date="2024-12-12 22:13:16 UTC" /> <updated date="2024-12-12 22:13:16 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1734041590.html" id="CLSA-2024:1734041590" title="CLSA-2024:1734041590" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="3" name="grub2" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">4537271ee6ca2fb395db75b005636443eba93cfac8c840463745c149352b63e5</sum> </package> <package arch="noarch" epoch="3" name="grub2-common" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-common-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">aa5b6f21c1c116356f240d976a64dc21f6b8245137bf77f662c9084800a1207a</sum> </package> <package arch="x86_64" epoch="3" name="grub2-efi-ia32" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-efi-ia32-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">da6282b8d1bf08c228ae8e6e4ed99ef622a58cf26b67aaf4b0a3d790acf79073</sum> </package> <package arch="x86_64" epoch="3" name="grub2-efi-ia32-cdboot" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-efi-ia32-cdboot-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">3b446b4d552e9d079eb480ce483a9e11ad6f68e72325eb45a2522e4defa02f93</sum> </package> <package arch="noarch" epoch="3" name="grub2-efi-ia32-modules" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-efi-ia32-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">4863c82ad5f6d3c05e63e92a8b7d4d5d996d7d31bf0c5d6b508b5d1ed2b1ea82</sum> </package> <package arch="x86_64" epoch="3" name="grub2-efi-x64" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-efi-x64-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">3af31e1dd9aee93f3d0069aae9ba1a79dc6dec5fc0dd2be97490eb7b403f2600</sum> </package> <package arch="x86_64" epoch="3" name="grub2-efi-x64-cdboot" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-efi-x64-cdboot-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">2a5991f0cad3c38ce20522bb90b31b3d00143f53f9b87bd9b0a55e1dd9c8ef81</sum> </package> <package arch="noarch" epoch="3" name="grub2-efi-x64-modules" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-efi-x64-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">f750a3fbfa92ed9f1fd9d7cb0c02cb9586cedd4c8aeecbd31ed31011d023470f</sum> </package> <package arch="noarch" epoch="3" name="grub2-i386-modules" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-i386-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">543d0e1eb6a919496494d773cbdcd8301171f7b5acb559a7bb0ddb8103518896</sum> </package> <package arch="x86_64" epoch="3" name="grub2-pc" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-pc-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">ed8c58ae36804d18f4a743484473c54934b486728bf56b5143ce64200425e89f</sum> </package> <package arch="noarch" epoch="3" name="grub2-pc-modules" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-pc-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.noarch.rpm</filename> <sum type="sha256">cc71f54abb31b3c41d5b071c415346dbffa5d0b2dec021ab4231dbe68a7bcddb</sum> </package> <package arch="x86_64" epoch="3" name="grub2-tools" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-tools-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">2b1f98b8b5c851993980c07f18ca7d97419b22fdab9c616a135b3f8db1810ac4</sum> </package> <package arch="x86_64" epoch="3" name="grub2-tools-extra" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-tools-extra-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">c93a1a41b9b7d5a3720aa6b45475fe4e572245708bb2f279988ee975471c59c1</sum> </package> <package arch="x86_64" epoch="3" name="grub2-tools-minimal" release="0.87.0.2.el7.centos.14.tuxcare.els2" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.src.rpm" version="2.02"> <filename>grub2-tools-minimal-2.02-0.87.0.2.el7.centos.14.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">88329cb9eb346be6d398df07e280e31bb05e56fb811924cb0e2c08afec73740f</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1734372021</id> <title>postgresql: Fix of CVE-2024-10979</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-10979: Prevent trusted PL/Perl code from changing environment variables</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-10979: Prevent trusted PL/Perl code from changing environment variables</summary> <pushcount>0</pushcount> <issued date="2024-12-16 18:00:27 UTC" /> <updated date="2024-12-16 18:00:27 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1734372021.html" id="CLSA-2024:1734372021" title="CLSA-2024:1734372021" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="postgresql" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-9.2.24-9.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">aa0b29db924af77397fb69f9dad0051586a6de2c5bd1f54afa2fe616b1247477</sum> </package> <package arch="x86_64" epoch="0" name="postgresql" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">281ff12ec665cb04da51d7f911f4dd180d3bfb6fc398c2e03b5d9a5e5c8c2c86</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-contrib" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-contrib-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">bd73f5baf3ad94aa0a50fe9b03c5567e907e78723fbf1ba9626fbc42f82dae81</sum> </package> <package arch="i686" epoch="0" name="postgresql-devel" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-devel-9.2.24-9.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">08c850a043815001cb35b6507be93cebb47e6d0aaa14409515543656e7f9f922</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-devel" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-devel-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">93d581accb5087064e4fa48b6f5fa7b373534a6bc619eb2a0c3907b114b7b47e</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-docs" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-docs-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">2969e14fc3517dbc838839fa31726b3b503b66094e132f99f2d99e2f08105204</sum> </package> <package arch="i686" epoch="0" name="postgresql-libs" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-libs-9.2.24-9.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">883594fe1e280b5c504c81591cb238cc4e735c795006b0f4a1f774e4b8606999</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-libs" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-libs-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">34b94aeca3a62ea273f43c38f60aed7ca0f286bce043295b1cf871d777faba21</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-plperl" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-plperl-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">37c4fecea75e6ede1f288e0edbfc6ee7e1ad3f2ad77957f858d36e4fb25e3b08</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-plpython" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-plpython-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">3b4a406e79f758b9580bcf192b531bae85594386411c21a721b1cc4d31e7d27a</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-pltcl" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-pltcl-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">5ec1b6ac042f5996627bf1a51b67550111e8edd1e73e31f9ed89afef16df0509</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-server" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-server-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">25874aa2f4e229005286bc8df9a26b0316c5a831e959ce7e9d26844a55d152a7</sum> </package> <package arch="i686" epoch="0" name="postgresql-static" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-static-9.2.24-9.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">7669bd2f8c733dc203e8b996937fb06721fea8eb6bda6cb30870f1cc394e3827</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-static" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-static-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">b3f1e568ab554f46feebfc4f4aa0e68b9bbb6354043e8467d3067e3fd2ee86ba</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-test" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-test-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">3aefc716d1377ad805f0833dfc4001b6d654dc289efbc714c5f71b8176b3fa37</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-upgrade" release="9.el7_9.tuxcare.els2" src="postgresql-9.2.24-9.el7_9.tuxcare.els2.src.rpm" version="9.2.24"> <filename>postgresql-upgrade-9.2.24-9.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">6ff32f38a6919bfaefcd6483801dbda4a6459c66ad1a7608ca1318c651e65498</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1735300286</id> <title>gnome-shell: Fix of CVE-2024-36472</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-36472: fix portal helper from launching automatically based on network responses to prevent loading untrusted JavaScript code</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-36472: fix portal helper from launching automatically based on network responses to prevent loading untrusted JavaScript code</summary> <pushcount>0</pushcount> <issued date="2024-12-27 11:51:32 UTC" /> <updated date="2024-12-27 11:51:32 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1735300286.html" id="CLSA-2024:1735300286" title="CLSA-2024:1735300286" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="gnome-shell" release="34.el7_9.tuxcare.els1" src="gnome-shell-3.28.3-34.el7_9.tuxcare.els1.src.rpm" version="3.28.3"> <filename>gnome-shell-3.28.3-34.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">8fa37c166f2c541669e5d6326309c4114a29eee50b6512468b3408cf7840c7d8</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2024:1735311722</id> <title>bind: Fix of CVE-2023-2828</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Removed the bind-9.11.4-CVE-2023-2828-fixup.patch which caused problems with named-pkcs11</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Removed the bind-9.11.4-CVE-2023-2828-fixup.patch which caused problems with named-pkcs11</summary> <pushcount>0</pushcount> <issued date="2024-12-27 15:02:08 UTC" /> <updated date="2024-12-27 15:02:08 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1735311722.html" id="CLSA-2024:1735311722" title="CLSA-2024:1735311722" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="33" name="bind" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">c8b7a61e5db91c19cddfde900da28703e23be6a6d0e18a5e2fb20f39a8c65d1c</sum> </package> <package arch="x86_64" epoch="33" name="bind-chroot" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">a60e13ef7afb9f4f717efe5b18dedd0b831a0ef2948d6eab1ebd077221a4ab69</sum> </package> <package arch="i686" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm</filename> <sum type="sha256">2069466d1065184aaae071edfd04861a5467f6acfd198066839824f92d8a4b91</sum> </package> <package arch="x86_64" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">60a934f8153f3ee3a3758f3701c29897ae96e2551d0371d108d5e5531dae042e</sum> </package> <package arch="i686" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm</filename> <sum type="sha256">7489f06b8b96b597b8b7c3d295e71ed2ee56928af8950fa43339f5cfdbbbea1f</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">f6c8fd8a49aa6d4b51eebdb55d28ec86369f84742a6593185880e599e44344b0</sum> </package> <package arch="i686" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm</filename> <sum type="sha256">3010a9080c1fdb5bc996b872d75b54fd1f1f11c6bd3cf7e3cd9a636af284269b</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">d8cdebfdf9a07b17f5cb47bca017e634ab65db721874ccbfaeaadbd3df57cb7e</sum> </package> <package arch="i686" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm</filename> <sum type="sha256">643e02ccf532ae6809f7c22cf53ff9fd5f6a9f22c64105c58bb24cafd9fc902b</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">392aa757974874b91b79fb35036d8de9d7842eec8df55a9b4b2979e69a6f3725</sum> </package> <package arch="i686" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm</filename> <sum type="sha256">3f89b7f3ba23547e39e61a368767ddcc474bf603796f9545551a5aa562fabfbe</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">177c1d1c7c152ec20fd59865bf875ecde7b8eb732340c6691d85aba5f4dcc169</sum> </package> <package arch="noarch" epoch="33" name="bind-license" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els5.noarch.rpm</filename> <sum type="sha256">de9447d3a012f29b113285fa7fa93486e05b4110eef20619b0c617fecd98bd8f</sum> </package> <package arch="i686" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm</filename> <sum type="sha256">0ae74cc8011cd898358afdbc2f4ed3d4b4e9744c2a025bd5bdd2b28a25d9d6fd</sum> </package> <package arch="x86_64" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">3dcc1d447a828a78fb343747a65631fb357eb8dd86b054cf55984d615f241c75</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">05e4f7041b921c4813786fb827ef30e5c7a28501a5f34261d8a4a76642292e41</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm</filename> <sum type="sha256">eced85db9b6011733d574a9fc509803f1e3f92c6e2c90a92b16bd19245c09405</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">b140d5f83a4d2f0fd3a8b87829a826dc6242576d5fa12e11b60856042560f5bb</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els5.i686.rpm</filename> <sum type="sha256">88dfe9070a7c02fe25928089d0534fe00ea7aa5ed0a6b660495a57415c782433</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">7e13451a38aed1b6c887a578e6c8f2ffc2ed44ea86bd20e38251fe93709f4e69</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-utils" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">5b17a53b9d56d90142c813157cb706d4dd4f8b2b7193939300d32ddf7e5f8985</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">9c7831987686ac20a70e1f31dbb1ba2d63109998648f3e48ba56ab050877d12e</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb-chroot" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">72b8493bdac5033b74a76fc8c95d2a588852519fb6ec0f00d4fdaca2111c8ef3</sum> </package> <package arch="x86_64" epoch="33" name="bind-utils" release="26.P2.el7_9.16.tuxcare.els5" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els5.src.rpm" version="9.11.4"> <filename>bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els5.x86_64.rpm</filename> <sum type="sha256">778235647936091712cf298a226751841707b2e3ccb0fcfe0c12091a064f8218</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2024:1735125596</id> <title>Update of httpd</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- mod_session: Fix separator parsing</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- mod_session: Fix separator parsing</summary> <pushcount>0</pushcount> <issued date="2024-12-25 11:20:01 UTC" /> <updated date="2024-12-25 11:20:01 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2024-1735125596.html" id="CLSA-2024:1735125596" title="CLSA-2024:1735125596" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="httpd" release="99.el7.centos.1.tuxcare.els8" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els8.src.rpm" version="2.4.6"> <filename>httpd-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">b17a842900953d7ec2e5982b160fc149ffc6e6f66210f4fd1ea2fc68802bb9a2</sum> </package> <package arch="x86_64" epoch="0" name="httpd-devel" release="99.el7.centos.1.tuxcare.els8" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els8.src.rpm" version="2.4.6"> <filename>httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">ac1c0b3e8d902e366a9150a727ff70925010009733e9d72bb96caeb49b8d532e</sum> </package> <package arch="noarch" epoch="0" name="httpd-manual" release="99.el7.centos.1.tuxcare.els8" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els8.src.rpm" version="2.4.6"> <filename>httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els8.noarch.rpm</filename> <sum type="sha256">2aa58aa31454d5b60530522eb3e339cd93cb95a74be837e146cdf1509f2a0f6f</sum> </package> <package arch="x86_64" epoch="0" name="httpd-tools" release="99.el7.centos.1.tuxcare.els8" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els8.src.rpm" version="2.4.6"> <filename>httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">223cfda2ccb972d5630e7e9f32a3e55deb6bee7376cdb9894863b8ef3eee2b0e</sum> </package> <package arch="x86_64" epoch="0" name="mod_ldap" release="99.el7.centos.1.tuxcare.els8" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els8.src.rpm" version="2.4.6"> <filename>mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">48decd7c6cfdb1b4ca8411a6a658876640f1cb1457240f12f02c77760f90afed</sum> </package> <package arch="x86_64" epoch="1" name="mod_proxy_html" release="99.el7.centos.1.tuxcare.els8" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els8.src.rpm" version="2.4.6"> <filename>mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">1034142e47778822fffb07c07e7ccb6d83b3dedc13cad826b2dd121f35d6a2b3</sum> </package> <package arch="x86_64" epoch="0" name="mod_session" release="99.el7.centos.1.tuxcare.els8" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els8.src.rpm" version="2.4.6"> <filename>mod_session-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">dd047cb2390b43dfd09d6bc80f84e33bf953f5ebf326dcf3087ce0c4491f5ddc</sum> </package> <package arch="x86_64" epoch="1" name="mod_ssl" release="99.el7.centos.1.tuxcare.els8" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els8.src.rpm" version="2.4.6"> <filename>mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">920bdf8fc3c6865abcbffa56ee8931ec2d5d9c39eff4234982dc9b2144ff3e57</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1737468474</id> <title>kernel: Fix of 4 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- media: edia: dvbdev: fix a use-after-free {CVE-2024-27043} - btrfs: dev-replace: properly validate device names {CVE-2024-26791} - KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory {CVE-2024-50115} - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT {CVE-2024-53057} - ipc/sem.c: bugfix for semctl(,,GETZCNT) - Increase KEXEC_AUTO_RESERVED_SIZE to 256M - x86/apic/x2apic: set affinity of a single interrupt to one cpu - bonding:avoid repeated display of same link status change - xen/netfront: stop tx queues during live migration - xen/balloon: Support xend-based toolstack - md/raid5: fix oops during stripe resizing - block: fix null pointer dereference in blk_mq_rq_timed_out() - block: init flush rq ref count to 1 - blk-mq: Remove generation seqeunce - Revert "driver core: bus: Fix double free in driver API bus_register()"</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- media: edia: dvbdev: fix a use-after-free {CVE-2024-27043} - btrfs: dev-replace: properly validate device names {CVE-2024-26791} - KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory {CVE-2024-50115} - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT {CVE-2024-53057} - ipc/sem.c: bugfix for semctl(,,GETZCNT) - Increase KEXEC_AUTO_RESERVED_SIZE to 256M - x86/apic/x2apic: set affinity of a single interrupt to one cpu - bonding:avoid repeated display of same link status change - xen/netfront: stop tx queues during live migration - xen/balloon: Support xend-based toolstack - md/raid5: fix oops during stripe resizing - block: fix null pointer dereference in blk_mq_rq_timed_out() - block: init flush rq ref count to 1 - blk-mq: Remove generation seqeunce - Revert "driver core: bus: Fix double free in driver API bus_register()"</summary> <pushcount>0</pushcount> <issued date="2025-01-21 14:08:00 UTC" /> <updated date="2025-01-21 14:08:00 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1737468474.html" id="CLSA-2025:1737468474" title="CLSA-2025:1737468474" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els14" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els14.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm</filename> <sum type="sha256">25c8d179523cceaca58f4e759c6d6a876d1a8687c12cdb6cd32ff85d57eb6d1c</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els14" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els14.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm</filename> <sum type="sha256">0b24225b81eceaecb5e15ea92acfa4b315f920cbe0170bc68f1597084efd4222</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els14" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els14.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm</filename> <sum type="sha256">5dc5d6ff59419b8ecb76b53695ec0ba2f84f59393c90235b1eb5ef854766dc68</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els14" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els14.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm</filename> <sum type="sha256">bc52da38d9d459b71d378ac7eec9f9e85145b0ff7c701b31e2cdd5e40cb1b1e5</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els14" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els14.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm</filename> <sum type="sha256">d8052d4ee01ae1bafa0250b47526c45cbb1a58957f28dea92ecbe8b8a2682526</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els14" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els14.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm</filename> <sum type="sha256">a48567eafde5846a6d3bf44b19718367cb7a3a69556a5bad9ffb153b87612a74</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els14" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els14.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm</filename> <sum type="sha256">c82ff4a1b895d318039202640e6c4ba66145e12aa4c2587e695816c2d72aff29</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els14" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els14.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm</filename> <sum type="sha256">0ba63876a2fbb322503d3bc6e341994897fa96fbf3b927cd1504de6d8e33aa4b</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els14" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els14.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm</filename> <sum type="sha256">6f9b6c7b24341b99f26a78a1b4604aa20f5ff80f732fa92a29d82b90451fe93c</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els14" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els14.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm</filename> <sum type="sha256">21b5e8e0cc26001b60d45c0292055eaa54c29d87b56e145790fac08e89a03753</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els14" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els14.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els14.x86_64.rpm</filename> <sum type="sha256">ba09ffcde39c08cbbf234f67a1132193be406e4cca1a27fc2380c821d1efa2c4</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1737569565</id> <title>rsync: Fix of CVE-2024-12085</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-12085: fix to prevent information leak off the stack</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-12085: fix to prevent information leak off the stack</summary> <pushcount>0</pushcount> <issued date="2025-01-22 18:12:51 UTC" /> <updated date="2025-01-22 18:12:51 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1737569565.html" id="CLSA-2025:1737569565" title="CLSA-2025:1737569565" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="rsync" release="12.el7_9.tuxcare.els2" src="rsync-3.1.2-12.el7_9.tuxcare.els2.src.rpm" version="3.1.2"> <filename>rsync-3.1.2-12.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">679fb3334c8ec1c2bd3caafa73adcace6410c4a8fd114efada89b9688835d4a3</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1737993791</id> <title>postgresql: Fix of CVE-2024-7348</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-7348: Fix TOCTOU race condition in pg_dump</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-7348: Fix TOCTOU race condition in pg_dump</summary> <pushcount>0</pushcount> <issued date="2025-01-27 16:03:18 UTC" /> <updated date="2025-01-27 16:03:18 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1737993791.html" id="CLSA-2025:1737993791" title="CLSA-2025:1737993791" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="postgresql" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-9.2.24-9.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha256">0b426c19356ba042d2e62bae4d39bf33cead3d2fdd67b5a9d1a17f3453f2d5fd</sum> </package> <package arch="x86_64" epoch="0" name="postgresql" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">6d1a441fb28232493360f4ef467fb5688001e8b1248d661496159dd96a2c8b0b</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-contrib" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-contrib-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">73659d77fa59789f3138230a5e3cc868f6590935ebc56002ac00646405c95750</sum> </package> <package arch="i686" epoch="0" name="postgresql-devel" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-devel-9.2.24-9.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha256">8e7245aaafae7fd3ac3d31d16cc11b3acb02c8ad00be9d165d13c37358019970</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-devel" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-devel-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">698c3ed1edeb78f1e2fa5d58139f39a8fc993872f4b2db29403973a0251231e6</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-docs" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-docs-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">812c105aa767b6575bf616fec5d6487f3195eb0ed545ed54932932c17082c880</sum> </package> <package arch="i686" epoch="0" name="postgresql-libs" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-libs-9.2.24-9.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha256">59b3066e669fb3c7100cec74652142734dbc85f875cdbb430ed997dee42fc488</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-libs" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-libs-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">4e060b18daf4f50b93cbd322b016c9362195f614afe69253ab3927e20d496bfd</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-plperl" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-plperl-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">cc96c980663dff4b4e73a6f6d0b8891cd24cd4e6eaa6f56deb46d2abb272a6f3</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-plpython" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-plpython-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">1ba66f0e958cec34ec00725e7edef529e1f8707981bee370bdabc744bcedd62e</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-pltcl" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-pltcl-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">cd9fdb36339774d4735317daeb1c624b96a5a1d816e3323b7d6baa287aa7633d</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-server" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-server-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">0beca8e39132953b3706d08c88fc49c3766f2b7b25d9edc571e54e70277d22b2</sum> </package> <package arch="i686" epoch="0" name="postgresql-static" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-static-9.2.24-9.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha256">04498ef71077e48979e9a1e0ba251c0e79203c2eaf840aac49f5004f473eacfb</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-static" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-static-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">110696a2383762bcca7babd12d25b00c4e8abc0d6a61091adec8284bb66a7877</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-test" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-test-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">eed5eb1b946fbe715a6fe397adeb2a70b97fde75dcdd0e977bc99731c0074ecc</sum> </package> <package arch="x86_64" epoch="0" name="postgresql-upgrade" release="9.el7_9.tuxcare.els3" src="postgresql-9.2.24-9.el7_9.tuxcare.els3.src.rpm" version="9.2.24"> <filename>postgresql-upgrade-9.2.24-9.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">6a4f76f3dfd812245148192df2f08b56b80bd3f4abfcf465c00411b3aab3bd44</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1738672047</id> <title>kernel: Fix of 15 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() {CVE-2024-50282} - drm/amdgpu: fix usage slab after free {CVE-2024-56551} - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() {CVE-2022-3640} - netfilter: ipset: add missing range check in bitmap_ip_uadt {CVE-2024-53141} - ceph: prevent use-after-free in encode_cap_msg() {CVE-2024-26689} - net: af_can: do not leave a dangling sk pointer in can_create() {CVE-2024-56603} - NFSv4.0: Fix a use-after-free problem in the asynchronous open() {CVE-2024-53173} - netfilter: x_tables: fix LED ID check in led_tg_check() {CVE-2024-56650} - scsi: bfa: Fix use-after-free in bfad_im_module_exit() {CVE-2024-53227} - af_packet: avoid erroring out after sock_init_data() in packet_create() {CVE-2024-56606} - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() {CVE-2024-56605} - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() {CVE-2024-53156} - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() {CVE-2024-56604} - initramfs: avoid filename buffer overrun {CVE-2024-53142} - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer {CVE-2024-53103}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() {CVE-2024-50282} - drm/amdgpu: fix usage slab after free {CVE-2024-56551} - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() {CVE-2022-3640} - netfilter: ipset: add missing range check in bitmap_ip_uadt {CVE-2024-53141} - ceph: prevent use-after-free in encode_cap_msg() {CVE-2024-26689} - net: af_can: do not leave a dangling sk pointer in can_create() {CVE-2024-56603} - NFSv4.0: Fix a use-after-free problem in the asynchronous open() {CVE-2024-53173} - netfilter: x_tables: fix LED ID check in led_tg_check() {CVE-2024-56650} - scsi: bfa: Fix use-after-free in bfad_im_module_exit() {CVE-2024-53227} - af_packet: avoid erroring out after sock_init_data() in packet_create() {CVE-2024-56606} - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() {CVE-2024-56605} - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() {CVE-2024-53156} - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() {CVE-2024-56604} - initramfs: avoid filename buffer overrun {CVE-2024-53142} - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer {CVE-2024-53103}</summary> <pushcount>0</pushcount> <issued date="2025-02-04 12:27:33 UTC" /> <updated date="2025-02-04 12:27:33 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1738672047.html" id="CLSA-2025:1738672047" title="CLSA-2025:1738672047" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els15" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els15.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm</filename> <sum type="sha256">f6f5fc3c40f2f8642b37ec69c27b48a20928442ff59677f6099f8c9afb937fd5</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els15" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els15.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm</filename> <sum type="sha256">ede3dd7bc1882f29fb9b5125283808b4d261793b055647097019a1de2496c4d2</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els15" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els15.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm</filename> <sum type="sha256">ad1a2509c348d59e591f9e3c4913b124ede5debe80f955e577952ca0b6177c28</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els15" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els15.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm</filename> <sum type="sha256">3d6452d3de2f86e1e66eeded4555728665eefeeb82bef4b546aeb3676bba5f9a</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els15" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els15.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm</filename> <sum type="sha256">e5cc03ceeed9b3075cc95adf407949f956b951523dee61ece7d8fb9712f46c0a</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els15" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els15.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm</filename> <sum type="sha256">b46d6c8febf598f57f01105c715c29226a61c72528b68ecc7a76e8be69f4c871</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els15" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els15.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm</filename> <sum type="sha256">758f15b5af9233335262ec604d287c9431c7fa8e97edd87c4dc2ad0ec247c60b</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els15" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els15.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm</filename> <sum type="sha256">fe74af4e92bbdf203f9b983c3402bda97f4531f5083b056d1151d4857075bdad</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els15" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els15.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm</filename> <sum type="sha256">fd396242bc943fa2cc97d8dc0f6cb9ec8cce5e317144aeaa12c3ced42e61ddcd</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els15" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els15.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm</filename> <sum type="sha256">b33b21036b0d5735e9af1e0b9b9bdd99047cdb6d170eb9a62291ce2153831e99</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els15" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els15.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm</filename> <sum type="sha256">51ccd300b4dbd935580b63acead1418b39775f96310b300a6666ba8a8156ca78</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1738852614</id> <title>rsync: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-12087: fix path traversal vulnerability in rsync enabled by the '--inc-recursive' option - CVE-2024-12088: make --safe-links stricter</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-12087: fix path traversal vulnerability in rsync enabled by the '--inc-recursive' option - CVE-2024-12088: make --safe-links stricter</summary> <pushcount>0</pushcount> <issued date="2025-02-06 14:37:00 UTC" /> <updated date="2025-02-06 14:37:00 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1738852614.html" id="CLSA-2025:1738852614" title="CLSA-2025:1738852614" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="rsync" release="12.el7_9.tuxcare.els3" src="rsync-3.1.2-12.el7_9.tuxcare.els3.src.rpm" version="3.1.2"> <filename>rsync-3.1.2-12.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">b298ea8b5dab0c23ab57977bd047b0e7ae6d23af2607ce11b4612ca3cecdcb01</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1738695324</id> <title>php: Fix of CVE-2024-8929</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-8929: fix various heap buffer over-reads</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-8929: fix various heap buffer over-reads</summary> <pushcount>0</pushcount> <issued date="2025-02-04 18:55:30 UTC" /> <updated date="2025-02-04 18:55:30 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1738695324.html" id="CLSA-2025:1738695324" title="CLSA-2025:1738695324" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="php" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">e4d060420008fc644819bbe5b2bc27a9e06cc29d13fdaee3f52b69a25837cf94</sum> </package> <package arch="x86_64" epoch="0" name="php-bcmath" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-bcmath-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">0b6f320761635602d071930690b25213c77832ae746101aedaefdf71860e98c8</sum> </package> <package arch="x86_64" epoch="0" name="php-cli" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-cli-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">61476f4f09735304f0bc7a5bb4daa2e52be9f6208b8ec42ba81dcd7b4c917ee6</sum> </package> <package arch="x86_64" epoch="0" name="php-common" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-common-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">d41c01e62d8cbcecfca0b3c9945160ec0386b9f0203ca35cc9d2c8ab06efff08</sum> </package> <package arch="x86_64" epoch="0" name="php-dba" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-dba-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">b55faccaef37d3ff538ea85a5a9f84bdb237cb50303325c06fef3aad0a1d534b</sum> </package> <package arch="x86_64" epoch="0" name="php-devel" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-devel-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">9e89a92524589406375d2501d325b0bb6bf5830e0aa4c466555fff33daa343be</sum> </package> <package arch="x86_64" epoch="0" name="php-embedded" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-embedded-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">b3be03891eb0dbc54a7e69ba1cf74dcbdb90453dbe7ddcfb2953f4e55b87ac84</sum> </package> <package arch="x86_64" epoch="0" name="php-enchant" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-enchant-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">f6fd63c5500e0f8611394ccca21d6014f76e34a9e9f0392baf1ad5871971a42f</sum> </package> <package arch="x86_64" epoch="0" name="php-fpm" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-fpm-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">8bfe56bfc47a0363e7c4e31c68ea515bb2d65101a0cc8ea635e248dfd4776e6b</sum> </package> <package arch="x86_64" epoch="0" name="php-gd" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-gd-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">b2f78208169a7f6f88d7f6eab336d80be666022c7550ac525d968664ec9e7aa1</sum> </package> <package arch="x86_64" epoch="0" name="php-intl" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-intl-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">c3187cc3897774ceba656ddc1156ab3c9c2e782cfab2efbe6ccd29091e6f35bd</sum> </package> <package arch="x86_64" epoch="0" name="php-ldap" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-ldap-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">dcfbe150e09473a29ab3d554527e7e95aae86f2ec49f5615c2c4bb3a66af036a</sum> </package> <package arch="x86_64" epoch="0" name="php-mbstring" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-mbstring-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">0e7cf5ec20ef155488dd51d74741a7d0a84ff575cda47d2f8efd1bf329e6458d</sum> </package> <package arch="x86_64" epoch="0" name="php-mysql" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-mysql-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">4d52159d54ffca911f88ca59ef6a3a189fb84719b60c4f2319b4a9b0c9ec04e3</sum> </package> <package arch="x86_64" epoch="0" name="php-mysqlnd" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-mysqlnd-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">97b9f069eb74a9616389427d4dfea71bd80fb6a9cc71c36fe3932b56bab8b9c1</sum> </package> <package arch="x86_64" epoch="0" name="php-odbc" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-odbc-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">33dbd95092a028dd09284c487b47d3238cf7c558b34fcd74840e0952b4d35d5d</sum> </package> <package arch="x86_64" epoch="0" name="php-pdo" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-pdo-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">b73e22952d79fe052cb0843f29e75ff356dcb74976fb5bd0f5d636d6b43cf9d3</sum> </package> <package arch="x86_64" epoch="0" name="php-pgsql" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-pgsql-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">1190ccbec666fde6e0dfa3024ccf608aa3c864b3c9a0c8b54e998d982cccd21f</sum> </package> <package arch="x86_64" epoch="0" name="php-process" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-process-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">eb1ec288b5cfe888421d7bd468832ac44c87ad849485fa0f23374745fa8fd663</sum> </package> <package arch="x86_64" epoch="0" name="php-pspell" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-pspell-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">03817e9790d459eb3e81c7324a3af92f8ff5300c4dadf10cf4174171a3b00dc8</sum> </package> <package arch="x86_64" epoch="0" name="php-recode" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-recode-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">65d8529951684564fde15ebed55dc629738b49f7781904bdbe275c466a6319c4</sum> </package> <package arch="x86_64" epoch="0" name="php-snmp" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-snmp-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">8cea4fc6f2292a39d19e6171ca68cb4ce26736e24530f80d55085bd8b499c3de</sum> </package> <package arch="x86_64" epoch="0" name="php-soap" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-soap-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">91fa98e870dc8201674d2c8fc3ae2c2f968b8393718a5c5ea7ae0a73ea628ea0</sum> </package> <package arch="x86_64" epoch="0" name="php-xml" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-xml-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">93697000ab1c0236f4f2bcddbd306f429cfbe8bcaee7bddd9e91fd9e1ca425f3</sum> </package> <package arch="x86_64" epoch="0" name="php-xmlrpc" release="48.el7.tuxcare.els7" src="php-5.4.16-48.el7.tuxcare.els7.src.rpm" version="5.4.16"> <filename>php-xmlrpc-5.4.16-48.el7.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">534af8e0f2d44916849274286e9ea0b822e78883b26719d84e71e381387f6ed4</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1739387995</id> <title>krb5: Fix of CVE-2024-3596</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-3596: implement support for Message-Authenticator in libkrad</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-3596: implement support for Message-Authenticator in libkrad</summary> <pushcount>0</pushcount> <issued date="2025-02-12 19:20:00 UTC" /> <updated date="2025-02-12 19:20:00 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1739387995.html" id="CLSA-2025:1739387995" title="CLSA-2025:1739387995" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="krb5-devel" release="55.el7_9.tuxcare.els2" src="krb5-1.15.1-55.el7_9.tuxcare.els2.src.rpm" version="1.15.1"> <filename>krb5-devel-1.15.1-55.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">8505963082efbfe88cdefb8021ae0f2ef9385c338ef142a7534398874a8a04f2</sum> </package> <package arch="x86_64" epoch="0" name="krb5-devel" release="55.el7_9.tuxcare.els2" src="krb5-1.15.1-55.el7_9.tuxcare.els2.src.rpm" version="1.15.1"> <filename>krb5-devel-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">87ce6fe40c83b3f6400217f7289da8bf4dfd0944596e998efe587b2545f01087</sum> </package> <package arch="i686" epoch="0" name="krb5-libs" release="55.el7_9.tuxcare.els2" src="krb5-1.15.1-55.el7_9.tuxcare.els2.src.rpm" version="1.15.1"> <filename>krb5-libs-1.15.1-55.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">0c9d982cb5207e4cc44af0c56250b02c5b229b28229c20cdaa125e045072a349</sum> </package> <package arch="x86_64" epoch="0" name="krb5-libs" release="55.el7_9.tuxcare.els2" src="krb5-1.15.1-55.el7_9.tuxcare.els2.src.rpm" version="1.15.1"> <filename>krb5-libs-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">ca9a20517fa351cc4649d49a98b612c7a48dbda8abcf6c107c2ba27d7bb00720</sum> </package> <package arch="x86_64" epoch="0" name="krb5-pkinit" release="55.el7_9.tuxcare.els2" src="krb5-1.15.1-55.el7_9.tuxcare.els2.src.rpm" version="1.15.1"> <filename>krb5-pkinit-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">089d5eecdbce72e0135abb68aac1a343b3a7204cdc0f2653461f5c07c00e1752</sum> </package> <package arch="x86_64" epoch="0" name="krb5-server" release="55.el7_9.tuxcare.els2" src="krb5-1.15.1-55.el7_9.tuxcare.els2.src.rpm" version="1.15.1"> <filename>krb5-server-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">1436f4ecd0578016772ec475b8a50581e42a43b293303adbc28027f0d9100d93</sum> </package> <package arch="x86_64" epoch="0" name="krb5-server-ldap" release="55.el7_9.tuxcare.els2" src="krb5-1.15.1-55.el7_9.tuxcare.els2.src.rpm" version="1.15.1"> <filename>krb5-server-ldap-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">dcd9da37680d275429e2129ba042206b4402abc3a0c8fd2963e2520701562ffa</sum> </package> <package arch="x86_64" epoch="0" name="krb5-workstation" release="55.el7_9.tuxcare.els2" src="krb5-1.15.1-55.el7_9.tuxcare.els2.src.rpm" version="1.15.1"> <filename>krb5-workstation-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">1d19aa1d37ceb7972ab61035d1d24f73a6d80a7a2f73dece39811c791d01cb27</sum> </package> <package arch="i686" epoch="0" name="libkadm5" release="55.el7_9.tuxcare.els2" src="krb5-1.15.1-55.el7_9.tuxcare.els2.src.rpm" version="1.15.1"> <filename>libkadm5-1.15.1-55.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">4c70d19e603d11387131a475beb5b91f57642da4eaa5c171b00c6d4b1a71d68f</sum> </package> <package arch="x86_64" epoch="0" name="libkadm5" release="55.el7_9.tuxcare.els2" src="krb5-1.15.1-55.el7_9.tuxcare.els2.src.rpm" version="1.15.1"> <filename>libkadm5-1.15.1-55.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">5616e0c2856cc7380b8f9b49f52df6b8b78006ae14a45b0db8ea40c2bfca626d</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1739388106</id> <title>libevent: Fix of 3 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2016-10195: fix an out-of-bounds stack read in the name_parse function - CVE-2016-10196: fix a stack-based buffer overflow in the evutil_parse_sockaddr_port function - CVE-2016-10197: fix DoS via an empty hostname in the search_make_new function</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2016-10195: fix an out-of-bounds stack read in the name_parse function - CVE-2016-10196: fix a stack-based buffer overflow in the evutil_parse_sockaddr_port function - CVE-2016-10197: fix DoS via an empty hostname in the search_make_new function</summary> <pushcount>0</pushcount> <issued date="2025-02-12 19:21:52 UTC" /> <updated date="2025-02-12 19:21:52 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1739388106.html" id="CLSA-2025:1739388106" title="CLSA-2025:1739388106" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libevent" release="4.el7.tuxcare.els1" src="libevent-2.0.21-4.el7.tuxcare.els1.src.rpm" version="2.0.21"> <filename>libevent-2.0.21-4.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">e5d1749887d34ce121444f147b1ed17f0d7a32ad1275eb34404f3f5c3aa7b626</sum> </package> <package arch="x86_64" epoch="0" name="libevent" release="4.el7.tuxcare.els1" src="libevent-2.0.21-4.el7.tuxcare.els1.src.rpm" version="2.0.21"> <filename>libevent-2.0.21-4.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">ee3624af3ed6d4d10034c014b7ca3c801924b36ef8ccc59de235f4cef245acb0</sum> </package> <package arch="i686" epoch="0" name="libevent-devel" release="4.el7.tuxcare.els1" src="libevent-2.0.21-4.el7.tuxcare.els1.src.rpm" version="2.0.21"> <filename>libevent-devel-2.0.21-4.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">f88efe2761ed6b97882f2df15d262afaedfb8ca083ad683bedfed76a548ff697</sum> </package> <package arch="x86_64" epoch="0" name="libevent-devel" release="4.el7.tuxcare.els1" src="libevent-2.0.21-4.el7.tuxcare.els1.src.rpm" version="2.0.21"> <filename>libevent-devel-2.0.21-4.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">a84e0d1331c3a865f38a86723c60221d459af5bfde913f554d28230f144ef4f9</sum> </package> <package arch="noarch" epoch="0" name="libevent-doc" release="4.el7.tuxcare.els1" src="libevent-2.0.21-4.el7.tuxcare.els1.src.rpm" version="2.0.21"> <filename>libevent-doc-2.0.21-4.el7.tuxcare.els1.noarch.rpm</filename> <sum type="sha256">a95871e43a3f56c50615decd0d0d95869d5c42c0584fd6ccc91f4b8b9bf65b90</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1739388237</id> <title>rsync: Fix of CVE-2024-12747</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-12747: fix symlink race condition in sender</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-12747: fix symlink race condition in sender</summary> <pushcount>0</pushcount> <issued date="2025-02-12 19:24:04 UTC" /> <updated date="2025-02-12 19:24:04 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1739388237.html" id="CLSA-2025:1739388237" title="CLSA-2025:1739388237" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="rsync" release="12.el7_9.tuxcare.els4" src="rsync-3.1.2-12.el7_9.tuxcare.els4.src.rpm" version="3.1.2"> <filename>rsync-3.1.2-12.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">67afbc36e8a8238a1a37f576369443908f510f5414e68b64985176e3e0ef441d</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1739825397</id> <title>freerdp: Fix of 6 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-32458: fix missing input length checks - CVE-2024-32459: fix missing input length check - CVE-2024-32460: fix out-of-bound read in interleaved_decompress - CVE-2024-32039: fix integer overflow - CVE-2024-32040: fix missing check - CVE-2024-32041: fix integer overflow</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-32458: fix missing input length checks - CVE-2024-32459: fix missing input length check - CVE-2024-32460: fix out-of-bound read in interleaved_decompress - CVE-2024-32039: fix integer overflow - CVE-2024-32040: fix missing check - CVE-2024-32041: fix integer overflow</summary> <pushcount>0</pushcount> <issued date="2025-02-17 20:50:02 UTC" /> <updated date="2025-02-17 20:50:02 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1739825397.html" id="CLSA-2025:1739825397" title="CLSA-2025:1739825397" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="freerdp" release="5.el7_9.tuxcare.els4" src="freerdp-2.1.1-5.el7_9.tuxcare.els4.src.rpm" version="2.1.1"> <filename>freerdp-2.1.1-5.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">cfd7ff75fe86733fed32c6763207c1bfa4cc207be59882926fd112194da6ca32</sum> </package> <package arch="i686" epoch="0" name="freerdp-devel" release="5.el7_9.tuxcare.els4" src="freerdp-2.1.1-5.el7_9.tuxcare.els4.src.rpm" version="2.1.1"> <filename>freerdp-devel-2.1.1-5.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha256">7c163ee8f771a6ca4ed1b8da57a4f1ed6e78236f016a99783acb749579ca60e0</sum> </package> <package arch="x86_64" epoch="0" name="freerdp-devel" release="5.el7_9.tuxcare.els4" src="freerdp-2.1.1-5.el7_9.tuxcare.els4.src.rpm" version="2.1.1"> <filename>freerdp-devel-2.1.1-5.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">b4bfbc0a2a9a72ce6b69fa74ec12e0a9586a35ff43eb7fda58812d98cb80f09d</sum> </package> <package arch="i686" epoch="0" name="freerdp-libs" release="5.el7_9.tuxcare.els4" src="freerdp-2.1.1-5.el7_9.tuxcare.els4.src.rpm" version="2.1.1"> <filename>freerdp-libs-2.1.1-5.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha256">7832afad3da5fd9b7f2c5ee0bd6ac85518617d93104d143f47e7712f1673286f</sum> </package> <package arch="x86_64" epoch="0" name="freerdp-libs" release="5.el7_9.tuxcare.els4" src="freerdp-2.1.1-5.el7_9.tuxcare.els4.src.rpm" version="2.1.1"> <filename>freerdp-libs-2.1.1-5.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">4e5622754463086809570ab3049edb18e27210b3a5ee81f41eff8d4dc07fb6c0</sum> </package> <package arch="i686" epoch="0" name="libwinpr" release="5.el7_9.tuxcare.els4" src="freerdp-2.1.1-5.el7_9.tuxcare.els4.src.rpm" version="2.1.1"> <filename>libwinpr-2.1.1-5.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha256">b6814a45bc20e82718180fe0fe50baa18ef1e48b73318022265af2cbf179183e</sum> </package> <package arch="x86_64" epoch="0" name="libwinpr" release="5.el7_9.tuxcare.els4" src="freerdp-2.1.1-5.el7_9.tuxcare.els4.src.rpm" version="2.1.1"> <filename>libwinpr-2.1.1-5.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">0865e0287cda7ef73119d291a29d69f5b0447f29c2a2982d7fdee633491a95cb</sum> </package> <package arch="i686" epoch="0" name="libwinpr-devel" release="5.el7_9.tuxcare.els4" src="freerdp-2.1.1-5.el7_9.tuxcare.els4.src.rpm" version="2.1.1"> <filename>libwinpr-devel-2.1.1-5.el7_9.tuxcare.els4.i686.rpm</filename> <sum type="sha256">a2234e3f7cbf1ff9460c56699f856ac5a161bf2d36e57c27a25e71eb2ad6db19</sum> </package> <package arch="x86_64" epoch="0" name="libwinpr-devel" release="5.el7_9.tuxcare.els4" src="freerdp-2.1.1-5.el7_9.tuxcare.els4.src.rpm" version="2.1.1"> <filename>libwinpr-devel-2.1.1-5.el7_9.tuxcare.els4.x86_64.rpm</filename> <sum type="sha256">3d003130f20a7c09184dca94c8de0010c286026380fe1a87e4e6224f12446fea</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1739823342</id> <title>httpd: Fix of CVE-2022-30522</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-30522: fix possible DoS</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-30522: fix possible DoS</summary> <pushcount>0</pushcount> <issued date="2025-02-17 20:15:49 UTC" /> <updated date="2025-02-17 20:15:49 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1739823342.html" id="CLSA-2025:1739823342" title="CLSA-2025:1739823342" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="httpd" release="99.el7.centos.1.tuxcare.els9" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els9.src.rpm" version="2.4.6"> <filename>httpd-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">cd6fbd0bdacaf27c96951d9b2ee020e40aa76141bae95cf3f645aeba7b6d54a1</sum> </package> <package arch="x86_64" epoch="0" name="httpd-devel" release="99.el7.centos.1.tuxcare.els9" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els9.src.rpm" version="2.4.6"> <filename>httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">23d70d183ab199f060f878671a194c4bbcf2b002fd4ffd243cb299b6d7c0249e</sum> </package> <package arch="noarch" epoch="0" name="httpd-manual" release="99.el7.centos.1.tuxcare.els9" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els9.src.rpm" version="2.4.6"> <filename>httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els9.noarch.rpm</filename> <sum type="sha256">5edb33c5c92cb889c27866cc95694b89618d2ae4b66d5529ab880844b2e65880</sum> </package> <package arch="x86_64" epoch="0" name="httpd-tools" release="99.el7.centos.1.tuxcare.els9" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els9.src.rpm" version="2.4.6"> <filename>httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">0fc46b003e087f60e997772f257e07641c53b96b73381ce28fc93738ba804f0c</sum> </package> <package arch="x86_64" epoch="0" name="mod_ldap" release="99.el7.centos.1.tuxcare.els9" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els9.src.rpm" version="2.4.6"> <filename>mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">ffc1a8f9368ad8402b902306a08470c366c5a234c3d6b232e2ef2f801db64a81</sum> </package> <package arch="x86_64" epoch="1" name="mod_proxy_html" release="99.el7.centos.1.tuxcare.els9" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els9.src.rpm" version="2.4.6"> <filename>mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">b7de9cd111ce1512e22eb2b9ce685f92ccc31e7cbbb75651a8cba6617c9c4f2e</sum> </package> <package arch="x86_64" epoch="0" name="mod_session" release="99.el7.centos.1.tuxcare.els9" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els9.src.rpm" version="2.4.6"> <filename>mod_session-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">0532ae2e897773d127d0ab8a4c9e7e2ba5a26af4192ba6d8ffc20c986a36b66d</sum> </package> <package arch="x86_64" epoch="1" name="mod_ssl" release="99.el7.centos.1.tuxcare.els9" src="httpd-2.4.6-99.el7.centos.1.tuxcare.els9.src.rpm" version="2.4.6"> <filename>mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els9.x86_64.rpm</filename> <sum type="sha256">24044537c6d17d194ad6228e76475c1e105ab6acae5e6ff5ead80305bc6bddc4</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1739975489</id> <title>nss-softokn: Fix of CVE-2023-5388</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2023-5388: fix timing attack against RSA decryption - Bug 1784253: avoid processing unexpected inputs by checking for m_exptmod base sign - Bug 1911912: avoid misuse of ctype(3) functions</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2023-5388: fix timing attack against RSA decryption - Bug 1784253: avoid processing unexpected inputs by checking for m_exptmod base sign - Bug 1911912: avoid misuse of ctype(3) functions</summary> <pushcount>0</pushcount> <issued date="2025-02-19 14:31:35 UTC" /> <updated date="2025-02-19 14:31:35 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1739975489.html" id="CLSA-2025:1739975489" title="CLSA-2025:1739975489" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="nss-softokn" release="6.el7_9.tuxcare.els1" src="nss-softokn-3.90.0-6.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-softokn-3.90.0-6.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">f9f43968a5f9eed26c68205ffef19d5cc8f55e3cc0571442b3b3a55e9000778b</sum> </package> <package arch="x86_64" epoch="0" name="nss-softokn" release="6.el7_9.tuxcare.els1" src="nss-softokn-3.90.0-6.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-softokn-3.90.0-6.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">65c2267134dadc54faf595e089306fea0e042fe861f31928d3a5c6d2adeba95f</sum> </package> <package arch="i686" epoch="0" name="nss-softokn-devel" release="6.el7_9.tuxcare.els1" src="nss-softokn-3.90.0-6.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-softokn-devel-3.90.0-6.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">9bf32ce73ab4031cfde0aef8d7606b1554c84b67291aa25f54cfa32147dc78ef</sum> </package> <package arch="x86_64" epoch="0" name="nss-softokn-devel" release="6.el7_9.tuxcare.els1" src="nss-softokn-3.90.0-6.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-softokn-devel-3.90.0-6.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">7ce0abae7cda0903c20cc6a72bbcf37a1fe9c0517c7b37ee727322bd5c3bf1c7</sum> </package> <package arch="i686" epoch="0" name="nss-softokn-freebl" release="6.el7_9.tuxcare.els1" src="nss-softokn-3.90.0-6.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-softokn-freebl-3.90.0-6.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">fbcf9e1009f406220b93f4d75b8bcf2cef47cf62bd67c0da2ebc406686d5c921</sum> </package> <package arch="x86_64" epoch="0" name="nss-softokn-freebl" release="6.el7_9.tuxcare.els1" src="nss-softokn-3.90.0-6.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-softokn-freebl-3.90.0-6.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">ba7bd413e289d0ecd937075f534d963f732e1df7c20fba45f1ff49ce98927618</sum> </package> <package arch="i686" epoch="0" name="nss-softokn-freebl-devel" release="6.el7_9.tuxcare.els1" src="nss-softokn-3.90.0-6.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-softokn-freebl-devel-3.90.0-6.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">67c48ef6c4f8ac114037b73efba1a1ad29403d02e014cbb09b0c3738224e1882</sum> </package> <package arch="x86_64" epoch="0" name="nss-softokn-freebl-devel" release="6.el7_9.tuxcare.els1" src="nss-softokn-3.90.0-6.el7_9.tuxcare.els1.src.rpm" version="3.90.0"> <filename>nss-softokn-freebl-devel-3.90.0-6.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">cb7a29dc357f6d3d5e69d5652e154edd1d1a3a73f415d693416a39dda09c1efa</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1740075135</id> <title>kernel: Fix of 4 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format {CVE-2024-53104} - ALSA: 6fire: Release resources at card release {CVE-2024-53239} - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() {CVE-2024-35849} - btrfs: fix use-after-free when COWing tree bock and tracing is enabled {CVE-2024-56759}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format {CVE-2024-53104} - ALSA: 6fire: Release resources at card release {CVE-2024-53239} - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() {CVE-2024-35849} - btrfs: fix use-after-free when COWing tree bock and tracing is enabled {CVE-2024-56759}</summary> <pushcount>0</pushcount> <issued date="2025-02-20 18:12:22 UTC" /> <updated date="2025-02-20 18:12:22 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1740075135.html" id="CLSA-2025:1740075135" title="CLSA-2025:1740075135" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els16" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els16.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm</filename> <sum type="sha256">c7d5e6635b927c8a5233d3695c4e88ed06407de9deba15cd3dd37ed8cb0d9e68</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els16" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els16.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm</filename> <sum type="sha256">4fb8da3b2d9ffa5c8027011a9f43abca386fad93ec13bbdc3bb6ba1026f7836b</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els16" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els16.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm</filename> <sum type="sha256">8a0baef9649bcb6b30fceb160bf28bf423f142037eef4ca19ceccd6c4a3b5f9b</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els16" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els16.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm</filename> <sum type="sha256">fcf6cb1841b6d77ae7bb44d5c5ec9fa19362a6a388127cfcb48ae8a630b7a8bb</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els16" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els16.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm</filename> <sum type="sha256">9839891592e213eaef385a82d5e432051723b029bcbeefcbd9fa859483a4a7b2</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els16" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els16.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm</filename> <sum type="sha256">be821a09624a163ec8ca2fd573468e9f130e6d22afbee59a76f132735eadb433</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els16" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els16.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm</filename> <sum type="sha256">02abdfb6580a740939a289e35166d1ab5c2a3dad9000ba4e2f48c8e98765509b</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els16" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els16.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm</filename> <sum type="sha256">19905f7f44d801e46a1be4bdd810a00c924745b4d85326939683a66bcb5aaea2</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els16" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els16.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm</filename> <sum type="sha256">41d53dbaaaae72f33822388533bdc6ce0a5e15c9484442dc9c79874c718ba882</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els16" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els16.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm</filename> <sum type="sha256">af7dc2343b9e1816f26164ef50da061806c7e33bc745181375272ebd895d970a</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els16" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els16.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els16.x86_64.rpm</filename> <sum type="sha256">f0bd9e2f5c85e0af3cbc2c3cdad8e6e4eb9f18b15ff734e57c90782e037aaaca</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1740133056</id> <title>python3: Fix of CVE-2024-9287</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-9287: fix path names quoting to prevent command injection in virtual environment activation scripts</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-9287: fix path names quoting to prevent command injection in virtual environment activation scripts</summary> <pushcount>0</pushcount> <issued date="2025-02-21 10:17:42 UTC" /> <updated date="2025-02-21 10:17:42 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1740133056.html" id="CLSA-2025:1740133056" title="CLSA-2025:1740133056" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="python3" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">b1beeb989c36fce188a6da430f5a524db460d8628996eaf09af466a68744d989</sum> </package> <package arch="x86_64" epoch="0" name="python3" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">22d3a480635c86833f145175272fdbcaa781118d55b48048ad6bdf754cb429f6</sum> </package> <package arch="i686" epoch="0" name="python3-debug" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">6e0dcd1dfec8b1995fcdc7f0d598baf071bca5004b06bee6ebcaef1a50be5d39</sum> </package> <package arch="x86_64" epoch="0" name="python3-debug" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-debug-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">2c9f9af238452ecc1dac27268ae2411efcddff33f2e170b3a625caca4f017214</sum> </package> <package arch="i686" epoch="0" name="python3-devel" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">b226fb6a00bd1d0b8288fbbaf3b54ff78cc3eb023af9cb23e5bf6019a41f77df</sum> </package> <package arch="x86_64" epoch="0" name="python3-devel" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-devel-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">fe7f12e56b829b3abd471ac626626a2e4fe58669929af90cfcf0a0acba961774</sum> </package> <package arch="i686" epoch="0" name="python3-idle" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">94c2464dd8623962e3082615375ce46abf78ec7eca886952638674b950780a0e</sum> </package> <package arch="x86_64" epoch="0" name="python3-idle" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-idle-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">dd71ef2d80555d38a78041356c73f1ba7e7ded3b794ddc1eb08ff2ca1b196b36</sum> </package> <package arch="i686" epoch="0" name="python3-libs" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">7e28503264d95111a9ee1ec512d0a3efd2407aa23ff7a280c1d2233dc160700f</sum> </package> <package arch="x86_64" epoch="0" name="python3-libs" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-libs-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">1b454a6a422f62cfbfbc896be8753404d4a494b843e799f3f143f9b8fd44e84f</sum> </package> <package arch="i686" epoch="0" name="python3-test" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">09922f50b079b39b31abcb1ecd4f84da14f5260673789650e5c646d64815858e</sum> </package> <package arch="x86_64" epoch="0" name="python3-test" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-test-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">ac99c6d0607bd3a44f67257b1b3b781a2ff782d68b8fe794b01b1e4e57d3a707</sum> </package> <package arch="i686" epoch="0" name="python3-tkinter" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-21.0.1.el7_9.tuxcare.els2.i686.rpm</filename> <sum type="sha256">eaaada2bcb5014f3d47959276c4e0b10b958f1476ba6a4adb63d24d0cfecb9c2</sum> </package> <package arch="x86_64" epoch="0" name="python3-tkinter" release="21.0.1.el7_9.tuxcare.els2" src="python3-3.6.8-21.0.1.el7_9.tuxcare.els2.src.rpm" version="3.6.8"> <filename>python3-tkinter-3.6.8-21.0.1.el7_9.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">47329830c97adc638f129c55aa7c3b260bbe4a82c2c23dc08f116f85ca7364b1</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1740242864</id> <title>php: Fix of CVE-2024-8929</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Fixup for CVE-2024-8929: support COM_FIELD_LIST</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Fixup for CVE-2024-8929: support COM_FIELD_LIST</summary> <pushcount>0</pushcount> <issued date="2025-02-22 16:47:50 UTC" /> <updated date="2025-02-22 16:47:50 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1740242864.html" id="CLSA-2025:1740242864" title="CLSA-2025:1740242864" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="php" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">6420505192c433c0cd16c2e253e63c5992de665bc0b6ffb27177433637746a28</sum> </package> <package arch="x86_64" epoch="0" name="php-bcmath" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-bcmath-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">c78c1136a5f6bced5349dc72e2f33494383c7cf378dbe61a46adfc52f630efc2</sum> </package> <package arch="x86_64" epoch="0" name="php-cli" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-cli-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">559b31ce5bf5d962448eb6747ab9badbdacaa05b909aacf93831b800cf9e2f49</sum> </package> <package arch="x86_64" epoch="0" name="php-common" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-common-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">229213af2dab910d46793f90e393cb8014a8778e2777e4695aba75ded76fb16e</sum> </package> <package arch="x86_64" epoch="0" name="php-dba" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-dba-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">2e6e7c945ca8a50fdf7ec9ae8ca417b9918fa22b81f24c4cd0499ffe51c0de78</sum> </package> <package arch="x86_64" epoch="0" name="php-devel" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-devel-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">5cc4754a2b3e25edd315b539fc20889ec987d56f37297949174e7321d2061118</sum> </package> <package arch="x86_64" epoch="0" name="php-embedded" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-embedded-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">fb73f15465fe6cb8bcc59eda6d566dde356dc6d062c32625b0c69771df425cdd</sum> </package> <package arch="x86_64" epoch="0" name="php-enchant" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-enchant-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">9ca851dd268fab85e55ab7eb6d90dd1d2b48696f8ceb336d8749c1f6568957f3</sum> </package> <package arch="x86_64" epoch="0" name="php-fpm" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-fpm-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">3aa0aa8d9768fe314812b6c8f30362a185c558562af830d7ac1a9330502ad404</sum> </package> <package arch="x86_64" epoch="0" name="php-gd" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-gd-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">59bc4871aa57871fc732dee58a8efb53af3f5ddbe5df7c555755e5cc016886bc</sum> </package> <package arch="x86_64" epoch="0" name="php-intl" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-intl-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">193c1ced6cdb3f535399945e4f1ea5aee46d0907dac3b00748a84f000320e1bc</sum> </package> <package arch="x86_64" epoch="0" name="php-ldap" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-ldap-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">4c1a8e5a61b8b7d2f5fb43cc57723db5fcbb27c451e864b02ccd687d71bc026c</sum> </package> <package arch="x86_64" epoch="0" name="php-mbstring" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-mbstring-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">f2ee71b57579f6732a64c471e94063ecf1303e4c213b5074b0694f4f47ca97ea</sum> </package> <package arch="x86_64" epoch="0" name="php-mysql" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-mysql-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">34259f6229fff4f321eb19f6690d4dcb9aed3b6db2f26313ea6be1c25ece2ae9</sum> </package> <package arch="x86_64" epoch="0" name="php-mysqlnd" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-mysqlnd-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">820cf7241890b9dfcc91a3c3f0090d686c9093c0340a583ef5e4a8d5f33e7c2a</sum> </package> <package arch="x86_64" epoch="0" name="php-odbc" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-odbc-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">6b254cea4f9e9328ad6bc54da80447ba400b05daa9e0ee44f13f88f5019e3abd</sum> </package> <package arch="x86_64" epoch="0" name="php-pdo" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-pdo-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">d0e4e01b530287fc6ca4f1fc665a31b82b2b47ac53e73b912bdb2d5956cbf208</sum> </package> <package arch="x86_64" epoch="0" name="php-pgsql" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-pgsql-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">a9b42f18c25f975fed13576f380fed183cf58d5ef3c92cfef2e01a4754957d66</sum> </package> <package arch="x86_64" epoch="0" name="php-process" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-process-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">08d0cc2907eed274c38e17d3aad230a2a150ee155360e09d7ecb287ac045281d</sum> </package> <package arch="x86_64" epoch="0" name="php-pspell" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-pspell-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">f6562ac8532fd92cd7214cde16f162e62e5023aafed597f8fa39879e447e9197</sum> </package> <package arch="x86_64" epoch="0" name="php-recode" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-recode-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">57e925980b7d75912793b8792dc203ef79e8a7cbda3a3bc5520be0cb10cc94fd</sum> </package> <package arch="x86_64" epoch="0" name="php-snmp" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-snmp-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">551208955862572fe60bb10fe97fae9bdb774360b0026609f5f2fced9390a6dc</sum> </package> <package arch="x86_64" epoch="0" name="php-soap" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-soap-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">3b4533482dfef43268aafc93a2debece3c14d0a418d2786cc6270ec8e33eb4c8</sum> </package> <package arch="x86_64" epoch="0" name="php-xml" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-xml-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">3b14393905f3d52d403ab850778f8df3394e3be94ff6920fecf97352850f8a0d</sum> </package> <package arch="x86_64" epoch="0" name="php-xmlrpc" release="48.el7.tuxcare.els8" src="php-5.4.16-48.el7.tuxcare.els8.src.rpm" version="5.4.16"> <filename>php-xmlrpc-5.4.16-48.el7.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">ebca101d631072d589dc41972cc07dbba3ce990b543b11db63511f07efcb6e8a</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1740649075</id> <title>kernel: Fix of 3 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- ALSA: usb-audio: Fix out of bounds reads when finding clock sources {CVE-2024-53150} - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() {CVE-2024-57798} - els15 crashes accessing CephFS storage from a cluster {CVE-2024-26689}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- ALSA: usb-audio: Fix out of bounds reads when finding clock sources {CVE-2024-53150} - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() {CVE-2024-57798} - els15 crashes accessing CephFS storage from a cluster {CVE-2024-26689}</summary> <pushcount>0</pushcount> <issued date="2025-02-27 09:38:00 UTC" /> <updated date="2025-02-27 09:38:00 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1740649075.html" id="CLSA-2025:1740649075" title="CLSA-2025:1740649075" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els17" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els17.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm</filename> <sum type="sha256">9eae48fa65ad5f649afa394e146043e4a5fbc4e7430d153428f46733a2fa2dcf</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els17" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els17.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm</filename> <sum type="sha256">afd8a59a62c7d8abb3f546bf30262ffb1d48e7d512ebfd326e68fe04f6a00813</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els17" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els17.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm</filename> <sum type="sha256">8064f819cf41a32eed0b9d0163cc446aaade28532f1caf8ab4658e2339215fed</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els17" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els17.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm</filename> <sum type="sha256">8b23cec1845ad41d8f6e71790336051c51bd18c6d4fb89500d1d3f4fdbf393cd</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els17" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els17.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm</filename> <sum type="sha256">e402cb82f8da84a75cbc11bfc69091877603d670b1f990dd94901acc6b51f64a</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els17" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els17.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm</filename> <sum type="sha256">d43cef2b1da48741ce2ef20c3f32b16a79dac4b8b7ab7342f0b7558e2e6c0fb7</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els17" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els17.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm</filename> <sum type="sha256">409368636cee97f3caaa9f2d080707a7f9f8efe371e03aceafe0329ded7256fa</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els17" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els17.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm</filename> <sum type="sha256">6038ab0717605f225e9e7d592e93b8bf9610c6c4084d50e16d2dc23b37bb47de</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els17" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els17.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm</filename> <sum type="sha256">af2241510ae2350cf736a579ae2021657be5dad3a4f7c1b819ddf8f68adc439a</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els17" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els17.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm</filename> <sum type="sha256">370061d2b15f91382bb4a3ad1247e0be69e73e64a2ed43ce3f699b86bdcac535</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els17" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els17.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els17.x86_64.rpm</filename> <sum type="sha256">773b3b3eabfd621a6417c6d12f41e812b581d65ce459178011bdec37ca75c321</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1741291888</id> <title>libxml2: Fix of CVE-2025-27113</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2025-27113: fix compilation of explicit child axis</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2025-27113: fix compilation of explicit child axis</summary> <pushcount>0</pushcount> <issued date="2025-03-06 20:11:33 UTC" /> <updated date="2025-03-06 20:11:33 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1741291888.html" id="CLSA-2025:1741291888" title="CLSA-2025:1741291888" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libxml2" release="6.0.3.el7_9.6.tuxcare.els2" src="libxml2-2.9.1-6.0.3.el7_9.6.tuxcare.els2.src.rpm" version="2.9.1"> <filename>libxml2-2.9.1-6.0.3.el7_9.6.tuxcare.els2.i686.rpm</filename> <sum type="sha256">9230357b5ac13fe0c7f4e0d470369c8e50a7e89073f8112186d7b6267fe53b70</sum> </package> <package arch="x86_64" epoch="0" name="libxml2" release="6.0.3.el7_9.6.tuxcare.els2" src="libxml2-2.9.1-6.0.3.el7_9.6.tuxcare.els2.src.rpm" version="2.9.1"> <filename>libxml2-2.9.1-6.0.3.el7_9.6.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">ce28af90b457006ffdbab419724d30f1c5c19b28d4cf3565aea9a26314c5483e</sum> </package> <package arch="i686" epoch="0" name="libxml2-devel" release="6.0.3.el7_9.6.tuxcare.els2" src="libxml2-2.9.1-6.0.3.el7_9.6.tuxcare.els2.src.rpm" version="2.9.1"> <filename>libxml2-devel-2.9.1-6.0.3.el7_9.6.tuxcare.els2.i686.rpm</filename> <sum type="sha256">84b7c93dc2a868a9c0ad1738d5d06b4ce0b40e94a19318d4b2b899b0b0a89b5c</sum> </package> <package arch="x86_64" epoch="0" name="libxml2-devel" release="6.0.3.el7_9.6.tuxcare.els2" src="libxml2-2.9.1-6.0.3.el7_9.6.tuxcare.els2.src.rpm" version="2.9.1"> <filename>libxml2-devel-2.9.1-6.0.3.el7_9.6.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">baf4e61270c8e30df6dfa49dfd5cd11f968973df156788f4ea90ac557dca41e5</sum> </package> <package arch="x86_64" epoch="0" name="libxml2-python" release="6.0.3.el7_9.6.tuxcare.els2" src="libxml2-2.9.1-6.0.3.el7_9.6.tuxcare.els2.src.rpm" version="2.9.1"> <filename>libxml2-python-2.9.1-6.0.3.el7_9.6.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">ce1aa86919b24d16bd37f37c2ca2f60ef48ec717ec24398403bc60c34467f036</sum> </package> <package arch="i686" epoch="0" name="libxml2-static" release="6.0.3.el7_9.6.tuxcare.els2" src="libxml2-2.9.1-6.0.3.el7_9.6.tuxcare.els2.src.rpm" version="2.9.1"> <filename>libxml2-static-2.9.1-6.0.3.el7_9.6.tuxcare.els2.i686.rpm</filename> <sum type="sha256">63ded894c575efc78999241b74a0999ccc76bbb2d0a9e487eee94a6e20d3fd34</sum> </package> <package arch="x86_64" epoch="0" name="libxml2-static" release="6.0.3.el7_9.6.tuxcare.els2" src="libxml2-2.9.1-6.0.3.el7_9.6.tuxcare.els2.src.rpm" version="2.9.1"> <filename>libxml2-static-2.9.1-6.0.3.el7_9.6.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">3ea572ca03ccc6b4b36c088b323b7a41d9a4e19e6957b882173dbffc9bee8116</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1741216880</id> <title>bind: Fix of CVE-2024-11187</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-11187: fix Denial of Service via Additional Section Resource Exhaustion in BIND 9</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-11187: fix Denial of Service via Additional Section Resource Exhaustion in BIND 9</summary> <pushcount>0</pushcount> <issued date="2025-03-05 23:21:25 UTC" /> <updated date="2025-03-05 23:21:25 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1741216880.html" id="CLSA-2025:1741216880" title="CLSA-2025:1741216880" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="33" name="bind" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">f027f8961b4eb2e2d52e89f3c4e1bd8bba97923fda68ebab2b24974773c0d2ac</sum> </package> <package arch="x86_64" epoch="33" name="bind-chroot" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">2de3c9c428e153280ef7382f976ff0cf52a769cd1bc5343b0f8a96883a0ddc70</sum> </package> <package arch="i686" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm</filename> <sum type="sha256">a709e657ebb7d23dd2180b523075f878793c71209814220690ef010e8ec31568</sum> </package> <package arch="x86_64" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">85858c0f6fb05e3f92e73c82b1777add44920fe24aa63f4d68eb3c7fc9aec8b6</sum> </package> <package arch="i686" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm</filename> <sum type="sha256">9d5d91ecef579b7803f9d4225dd0430df4959e7ce7b2da4629c03234e892aaad</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">fcc9d047542ab5fd4698d9587234ff0376bfd54e2edaf810533f57a9903a1d1a</sum> </package> <package arch="i686" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm</filename> <sum type="sha256">5b9d03730c184b362e6014b607cd739f552c51e46bfcc31e02869fd9c98f80d2</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">455c66ccb39f06ef7b0dbff61babd937aa34b1d77c50921c5ee7c974b736970c</sum> </package> <package arch="i686" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm</filename> <sum type="sha256">2b46d38241b146f2c0a50befaf43bfc7e6b47632f927b38c9c2e2260660376cf</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">983adb2dc742512e04b45ef1682fe310d44862ad702a7012e339c6df61241086</sum> </package> <package arch="i686" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm</filename> <sum type="sha256">5048299a908b9836602e3dd77535d653318ad1f6a49266324872a74b92bc3c04</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">38e077744a18a46bfbbf5e96c50d3bdef4d3e79a92e84c1ff1403c7baeecf213</sum> </package> <package arch="noarch" epoch="33" name="bind-license" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els6.noarch.rpm</filename> <sum type="sha256">7402583f5a9f3a20514401e152d3c3404ffa3c0e615b4af06de94a833540bf02</sum> </package> <package arch="i686" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm</filename> <sum type="sha256">0e33ca09ec586dd5ae2d38cea8390fd1fb97771699930466fb41aaf36bb3fd8d</sum> </package> <package arch="x86_64" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">f5e4bf3bd1d726faba9d336175fef074a90e929db88c74b6ea53d8d6293c8ca7</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">3a428ea3231d8b69f81c436c838feb7c789f95481a1d00da7a567313824a9c8a</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm</filename> <sum type="sha256">42d8c0b57e7313b982b728f61ed65834546bfce17aef10d22129fd214c3a1767</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">54c068b1c015962c0d55edb5ec183d8fc038aecd0c31bc1116dfa1e10b962946</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els6.i686.rpm</filename> <sum type="sha256">3a232460ef44fa06e1619e6f8f1aacaf661b9aee9b04d3d2a1fa17189aede0d1</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">d0a33079ce2e2dd6e1dd1f6db0851cc13078089089a991b1d179258edd91bba4</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-utils" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">00701123da326ca385e60d7c782ddc71a7d240db5efb3d97e59ea096cb5ef3fb</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">a24cc176133774f5163ceb81a733442baa4bf70ea390f4bf45d6b752252316e9</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb-chroot" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">920685fab412d1acc74c6c8576ca8015cf73e545ea0acb1d1ebad8105eab53c2</sum> </package> <package arch="x86_64" epoch="33" name="bind-utils" release="26.P2.el7_9.16.tuxcare.els6" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els6.src.rpm" version="9.11.4"> <filename>bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">7efa291f7a0c2d6830f5e46932235533d57cdcd5aafc4bf3525b294c8c4abdde</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1741787747</id> <title>binutils: Fix of CVE-2025-0840</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2025-0840: fix stack-buffer-overflow at objdump disassemble_bytes</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2025-0840: fix stack-buffer-overflow at objdump disassemble_bytes</summary> <pushcount>0</pushcount> <issued date="2025-03-12 13:55:54 UTC" /> <updated date="2025-03-12 13:55:54 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1741787747.html" id="CLSA-2025:1741787747" title="CLSA-2025:1741787747" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="binutils" release="44.base.el7_9.1.tuxcare.els2" src="binutils-2.27-44.base.el7_9.1.tuxcare.els2.src.rpm" version="2.27"> <filename>binutils-2.27-44.base.el7_9.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">58400707ccae548994e214d05559f9821483781e4b4db36124425691ebefa91a</sum> </package> <package arch="i686" epoch="0" name="binutils-devel" release="44.base.el7_9.1.tuxcare.els2" src="binutils-2.27-44.base.el7_9.1.tuxcare.els2.src.rpm" version="2.27"> <filename>binutils-devel-2.27-44.base.el7_9.1.tuxcare.els2.i686.rpm</filename> <sum type="sha256">8b6e296f098544ea750cdc5cf2c6ee17cbdc6a16b12454805cbc2498991ae0a8</sum> </package> <package arch="x86_64" epoch="0" name="binutils-devel" release="44.base.el7_9.1.tuxcare.els2" src="binutils-2.27-44.base.el7_9.1.tuxcare.els2.src.rpm" version="2.27"> <filename>binutils-devel-2.27-44.base.el7_9.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">da02687d581a2cb907d94ef3f3e921f9880e84a0fd6bc9f1b76444420db8dbaf</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1741624133</id> <title>kernel: Fix of 5 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- HID: core: zero-initialize the report buffer {CVE-2024-50302} - Revert "drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()" - drm/amd/amdgpu: Fix GPR read from debugfs (v2) {CVE-2024-50282} - USB: serial: io_edgeport: fix use after free in debug printk {CVE-2024-50267} - wifi: iwlegacy: Clear stale interrupts before resuming device {CVE-2024-50234} - udf: fix uninit-value use in udf_get_fileshortad {CVE-2024-50143} - Update dependency for shim and signing key</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- HID: core: zero-initialize the report buffer {CVE-2024-50302} - Revert "drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()" - drm/amd/amdgpu: Fix GPR read from debugfs (v2) {CVE-2024-50282} - USB: serial: io_edgeport: fix use after free in debug printk {CVE-2024-50267} - wifi: iwlegacy: Clear stale interrupts before resuming device {CVE-2024-50234} - udf: fix uninit-value use in udf_get_fileshortad {CVE-2024-50143} - Update dependency for shim and signing key</summary> <pushcount>0</pushcount> <issued date="2025-03-10 16:28:58 UTC" /> <updated date="2025-03-10 16:28:58 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1741624133.html" id="CLSA-2025:1741624133" title="CLSA-2025:1741624133" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els18" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els18.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm</filename> <sum type="sha256">623e119df8eaf24ae0d44d5096fe0d52cb0759aaca604caf12c83e5f265991c0</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els18" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els18.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm</filename> <sum type="sha256">10f0bd5570e354e9a46eed639714822de499375cf491a2972bcb6d4c278128a5</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els18" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els18.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm</filename> <sum type="sha256">9462f60bf2ab0a318c3f85414044ec31ae71ada1cfc77e2d8da843cced139bd7</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els18" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els18.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm</filename> <sum type="sha256">7a839203e811e40d32b12f0df344898c3b2feb0d9892469279699e2d6338595e</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els18" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els18.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm</filename> <sum type="sha256">42289c73b1ae8afefd64bb78ae4058619988bf1799fc9b1dd63fc55003f89dc7</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els18" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els18.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm</filename> <sum type="sha256">d25797fd681ae45f237662574c1138c7d0b49947f9ec55c93acb3408706a3ede</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els18" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els18.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm</filename> <sum type="sha256">c9f0f3d4af5833afd2f270862d9b8e9877bddd404f8a1b1d2ab49b47873c263f</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els18" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els18.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm</filename> <sum type="sha256">a52186413ff4a529d857eb29abf9762f7b379ae6035821bf937182f9cde8e273</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els18" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els18.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm</filename> <sum type="sha256">1cea210c3aeb6f044fe3c17bc57ea00f6f9da00b5969e0cbfcd5ee3474e91c2f</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els18" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els18.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm</filename> <sum type="sha256">85604647c27391d98b374a9b308c0c1dfc75080ba504095287b7b08bb396e21a</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els18" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els18.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els18.x86_64.rpm</filename> <sum type="sha256">3ef41d1378cffdcc7850c0ddef42d648d6fbd34cd6478000c79e6e3175291861</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1742474086</id> <title>bind: Fix of CVE-2022-3094</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2022-3094: fix resources exhaustion issue caused by flood of dynamic DNS updates</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2022-3094: fix resources exhaustion issue caused by flood of dynamic DNS updates</summary> <pushcount>0</pushcount> <issued date="2025-03-20 12:34:52 UTC" /> <updated date="2025-03-20 12:34:52 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1742474086.html" id="CLSA-2025:1742474086" title="CLSA-2025:1742474086" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="33" name="bind" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">a0e9c7745dc5565347119be0b00cf028ed59123319cb248430a8939c33c6b718</sum> </package> <package arch="x86_64" epoch="33" name="bind-chroot" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">134d713721425c4e78ef30f1da287e32b7042bb51a31bfba2f203d7c1cd659d5</sum> </package> <package arch="i686" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm</filename> <sum type="sha256">2a53a4bfdef920826b0db400319d1e4d4a36aea639ba114fbaa99034313e857d</sum> </package> <package arch="x86_64" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">6201c63791da528e3ccf7efbdb213c386fee175f68707018f6b78c1dbb4561ee</sum> </package> <package arch="i686" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm</filename> <sum type="sha256">1cd7e57a0fb314f8623130e81ffbff4048aa6830a37cab23a3a5368b5157d376</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">ced3886aed415e225389860bdbaa5b077e106b6a1ac397a422b8ff0b980656c5</sum> </package> <package arch="i686" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm</filename> <sum type="sha256">d678a7c4fd888493eb852a85633a62e0a09bd5914169d690bc1491cbc2cde14e</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">7693a1f8775125c965a2d203533deddd4d3640d3393bb8ad7d36f730776b248d</sum> </package> <package arch="i686" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm</filename> <sum type="sha256">4bd238cd0644f30a5b828aa6a1ff8c644ffe05d4f6ff6cf6e8425e89081912e9</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">15ba0ebd94f54e22a5d660fb60107c77430605ef2fb30de93cf9592bea56539c</sum> </package> <package arch="i686" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm</filename> <sum type="sha256">76f9ddf46fa8819af8ac21458426b018baf0116e9673f0c1ae9999b439d0b1d9</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">572c9623afdb026606c7eaf142df46f394403e1ff7f6b85841606b100716ceb5</sum> </package> <package arch="noarch" epoch="33" name="bind-license" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els7.noarch.rpm</filename> <sum type="sha256">27163cb80827660c120d4b3d5f12fb44cbd470ef7a6ca3c41127c67a42306128</sum> </package> <package arch="i686" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm</filename> <sum type="sha256">72525855a157ed94478934cca319d071509680d025a2bd484cd1e94032dab46b</sum> </package> <package arch="x86_64" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">9e3da8c246e93da3869444a1e978500ee6161df3cb4cefefffd15c832462e4e9</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">3093b8be19fe726a99f75de21f2de320c5c08bbaa948c81a3c927c58d969566d</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm</filename> <sum type="sha256">7265cb1734cceb2f2ad71b9196a56f552ddbd8fa4f44421e715e02db20444504</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">b2c6292d77659b65909f8b9a4b15cfc9ab1d2666a63cece2f247b7745d57c04e</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els7.i686.rpm</filename> <sum type="sha256">b3bc760a1d620f0d69a57442d19f3ad75c3207d49fb48e4530778c641e62af35</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">23ffe440cea772a8b2fb843d8f8af3fde6f2c2893ad8c8324b4dd34f6f871ab0</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-utils" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">a265ccb471736dbfae3bab33920c35da4db019c00df40a6b68943b40af0b39fd</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">038b953863c6bd7eaa841a4188440828d9c38bf2231b968dd9850fba93d84474</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb-chroot" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">cad5eee4faf86643cc29d0d0b6da3bdb5e2703f61c91d0eef3ed7ce33b58a7d9</sum> </package> <package arch="x86_64" epoch="33" name="bind-utils" release="26.P2.el7_9.16.tuxcare.els7" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els7.src.rpm" version="9.11.4"> <filename>bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">b161d20f2b4355653fa9862c4355c2b224f31232a2ffe0c652c8eb276fc3e348</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1742319123</id> <title>java-11-openjdk: Fix of 11 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Upgrade to openjdk-11.0.26+4. The following CVEs were fixed: - CVE-2024-21131: potential UTF8 size overflow - CVE-2024-21138: excessive symbol length can lead to infinite loop - CVE-2024-21140: range Check Elimination (RCE) pre-loop limit overflow - CVE-2024-21144: Pack200 increase loading time due to improper header validation - CVE-2024-21145: out-of-bounds access in 2D image handling - CVE-2024-21147: RangeCheckElimination array index overflow - CVE-2024-21208: HTTP client improper handling of maxHeaderSize - CVE-2024-21210: array indexing integer overflow - CVE-2024-21217: unbounded allocation leads to out-of-memory error - CVE-2024-21235: integer conversion error leads to incorrect range check - CVE-2025-21502: enhance array handling</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Upgrade to openjdk-11.0.26+4. The following CVEs were fixed: - CVE-2024-21131: potential UTF8 size overflow - CVE-2024-21138: excessive symbol length can lead to infinite loop - CVE-2024-21140: range Check Elimination (RCE) pre-loop limit overflow - CVE-2024-21144: Pack200 increase loading time due to improper header validation - CVE-2024-21145: out-of-bounds access in 2D image handling - CVE-2024-21147: RangeCheckElimination array index overflow - CVE-2024-21208: HTTP client improper handling of maxHeaderSize - CVE-2024-21210: array indexing integer overflow - CVE-2024-21217: unbounded allocation leads to out-of-memory error - CVE-2024-21235: integer conversion error leads to incorrect range check - CVE-2025-21502: enhance array handling</summary> <pushcount>0</pushcount> <issued date="2025-03-18 17:32:09 UTC" /> <updated date="2025-03-18 17:32:09 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1742319123.html" id="CLSA-2025:1742319123" title="CLSA-2025:1742319123" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="1" name="java-11-openjdk" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">70c9436fd498fcf052a80ca576ad83767fb605a4c68e63e63802f0f0df0856d9</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">6f660300cd92728106efe436170d1477c74493b25c6ff4e254c40a3067bed5dc</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-debug" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">95083dd5b8bf8d8ae09eca79112bbb537349c9b99715b74453060c5601c33303</sum> </package> <package arch="i686" epoch="1" name="java-11-openjdk-demo" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-demo-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">d1a45c3d5c08d049c56331844dac550176f74eee52d85229f909321774f65c9f</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-demo" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-demo-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">0842c3ad42e8b17c22551ce907a0a81a7c7275567a1306752749acaf0562bb5a</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-demo-debug" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-demo-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">5d5d57ece5942ce47bdb76b0a63f552e553144750e4243bc1e41ebf54030643d</sum> </package> <package arch="i686" epoch="1" name="java-11-openjdk-devel" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-devel-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">ea5b300d7e511701c8ea64b5be92426b1d02b3f22dd625ce9edfe067533ca2c0</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-devel" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-devel-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">ef30e01b15b4913e085549d4fe24791f45d1be91bcecccdb487b7582f811a2b7</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-devel-debug" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-devel-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">e19f41cde3a218934c529d18b13e64f5d1a0ed614d996179aff8b9d32ec65b87</sum> </package> <package arch="i686" epoch="1" name="java-11-openjdk-headless" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-headless-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">5144f75b41a024ef1fc241af2c3f7f62d687b8f0900936ca3d05c027b0e2c089</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-headless" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-headless-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">b5066b5019b9a20b65af5e8e7ec86496312928271e884a55c22887e5aa36d06c</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-headless-debug" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-headless-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">ab10df9343a06a85971db2d216e3bd4bbd947ab2a26f65dc9e0c655a20b044c3</sum> </package> <package arch="i686" epoch="1" name="java-11-openjdk-javadoc" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-javadoc-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">bc1985234438dff69904314504cce84bf31dcb1fd0125717a5054ffa35e931da</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-javadoc" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-javadoc-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">21c3ff4f82fac8b6507f415855cab060f0adfb9d7fcea456eb55476cd57c5a17</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-javadoc-debug" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-javadoc-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">1da9abb75f31531f7e557f8d05e58cc1e7cb7da61fcf229de9cbc3bd0fc3a59c</sum> </package> <package arch="i686" epoch="1" name="java-11-openjdk-javadoc-zip" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-javadoc-zip-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">f1d037529130ae269690112b900b13a80eb73d49fbb6573cd070b143b007a131</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-javadoc-zip" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-javadoc-zip-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">bcd08917cd8c625eac529350051530c5e4a244a1bfb4c1167d3fd0a8c5474811</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-javadoc-zip-debug" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-javadoc-zip-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">81606c032f49d43f848b54339eda08e14f6f6992c0d1e11d50eb4eab432f0fc9</sum> </package> <package arch="i686" epoch="1" name="java-11-openjdk-jmods" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-jmods-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">c73e8d531b763730b7ea32c4a0e16cf88fa7c274f3806062fa5a5ab50bac842b</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-jmods" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-jmods-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">59595e94b3cf49e5e5d709fb97e206aa9f1d478982f625dd973970ce1f356941</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-jmods-debug" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-jmods-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">cb745337182bddd32822997f3d842fc39db32428eef2211234b43ee4b166652b</sum> </package> <package arch="i686" epoch="1" name="java-11-openjdk-src" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-src-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">dc8d49011b9627003c414752402c75054a9480144e6a2473f9f151dd742bd30b</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-src" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-src-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">123a49c3956581119b3c345d11952d23906e84b4e2c0e4a9b0b0930d76973640</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-src-debug" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-src-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">1b723d6287909e5fd75318343418701de42097c9f82be2210cdddca4bca3914b</sum> </package> <package arch="i686" epoch="1" name="java-11-openjdk-static-libs" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-static-libs-11.0.26.0.4-1.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">e83ec788800cef322a773d6c5236352dcad117ff5a668157ce040a138027b373</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-static-libs" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-static-libs-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">8eb28e0af3b4a3bb36394ad95dd03f90d28d65ded51e7743b8d8edeeaf9673b5</sum> </package> <package arch="x86_64" epoch="1" name="java-11-openjdk-static-libs-debug" release="1.el7_9.tuxcare.els1" src="java-11-openjdk-11.0.26.0.4-1.el7_9.tuxcare.els1.src.rpm" version="11.0.26.0.4"> <filename>java-11-openjdk-static-libs-debug-11.0.26.0.4-1.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">fa78cdc869397d2e99675f872f13de3d13f0e993dc4c3e27d878d8fe1a7336af</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1742926277</id> <title>openssh: Fix of CVE-2025-26465</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option is enabled - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation (openssh bz#3012) [Orabug: 30448895]</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option is enabled - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation (openssh bz#3012) [Orabug: 30448895]</summary> <pushcount>0</pushcount> <issued date="2025-03-25 18:11:22 UTC" /> <updated date="2025-03-25 18:11:22 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1742926277.html" id="CLSA-2025:1742926277" title="CLSA-2025:1742926277" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="openssh" release="23.0.3.el7_9.tuxcare.els1" src="openssh-7.4p1-23.0.3.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">35f70cd9f34f270ebf42d65765b2e31e0d9dfba48da68d93eece8c9778806260</sum> </package> <package arch="x86_64" epoch="0" name="openssh-askpass" release="23.0.3.el7_9.tuxcare.els1" src="openssh-7.4p1-23.0.3.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-askpass-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">a01770dc68367c22714a8a35b153fe162857fc08d256780a1ac85ce2cfbd3e1e</sum> </package> <package arch="x86_64" epoch="0" name="openssh-cavs" release="23.0.3.el7_9.tuxcare.els1" src="openssh-7.4p1-23.0.3.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-cavs-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">ddc28a0724579b812fd1530f6aff1ced95f1a8fda797c6ff21e6c3aab946b46a</sum> </package> <package arch="x86_64" epoch="0" name="openssh-clients" release="23.0.3.el7_9.tuxcare.els1" src="openssh-7.4p1-23.0.3.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-clients-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">9712fe8a255f2d982d15234a96735f7328fc71d5cc4e1d214460431d1b44bb31</sum> </package> <package arch="x86_64" epoch="0" name="openssh-keycat" release="23.0.3.el7_9.tuxcare.els1" src="openssh-7.4p1-23.0.3.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-keycat-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">6bcefbf2c687d8a8d3d324e10b6a5af8880118f5cdc6e78a89f83827e2a243ec</sum> </package> <package arch="x86_64" epoch="0" name="openssh-ldap" release="23.0.3.el7_9.tuxcare.els1" src="openssh-7.4p1-23.0.3.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-ldap-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">ab4b72e218a0c19154ba0b769e91cb746e8ac789e6a550d5a66fe8cbe73e5cda</sum> </package> <package arch="x86_64" epoch="0" name="openssh-server" release="23.0.3.el7_9.tuxcare.els1" src="openssh-7.4p1-23.0.3.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-server-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">b43183b99f1c4a21a1bfb0bd2305397659d25e9b41a16d27579a40d010e7c2d4</sum> </package> <package arch="x86_64" epoch="0" name="openssh-server-sysvinit" release="23.0.3.el7_9.tuxcare.els1" src="openssh-7.4p1-23.0.3.el7_9.tuxcare.els1.src.rpm" version="7.4p1"> <filename>openssh-server-sysvinit-7.4p1-23.0.3.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">94550772325cbbc0bacfeb2b1228b4c29c8ebd8d7fc96ed23c51e0ebeb5e15a7</sum> </package> <package arch="i686" epoch="0" name="pam_ssh_agent_auth" release="2.23.0.3.el7_9.tuxcare.els1" src="openssh-7.4p1-23.0.3.el7_9.tuxcare.els1.src.rpm" version="0.10.3"> <filename>pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els1.i686.rpm</filename> <sum type="sha256">f8b7b15f0e10fa6935ac91127a2e7951dad00e32cddca0987e178eafa86b1405</sum> </package> <package arch="x86_64" epoch="0" name="pam_ssh_agent_auth" release="2.23.0.3.el7_9.tuxcare.els1" src="openssh-7.4p1-23.0.3.el7_9.tuxcare.els1.src.rpm" version="0.10.3"> <filename>pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">21af54382dcb1c29ba96d7303391ef423528b0e50550c60c2dc707be98d3d67e</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1742926404</id> <title>freetype: Fix of CVE-2025-27363</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2025-27363: fix OOB write when parsing font subglyph structures</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2025-27363: fix OOB write when parsing font subglyph structures</summary> <pushcount>0</pushcount> <issued date="2025-03-25 18:13:29 UTC" /> <updated date="2025-03-25 18:13:29 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1742926404.html" id="CLSA-2025:1742926404" title="CLSA-2025:1742926404" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="freetype" release="14.el7_9.1.tuxcare.els2" src="freetype-2.8-14.el7_9.1.tuxcare.els2.src.rpm" version="2.8"> <filename>freetype-2.8-14.el7_9.1.tuxcare.els2.i686.rpm</filename> <sum type="sha256">fb20746eabbcafe0887dacc29b5ff99dbe25880e1e77e63e6e7cb0406d1ad07b</sum> </package> <package arch="x86_64" epoch="0" name="freetype" release="14.el7_9.1.tuxcare.els2" src="freetype-2.8-14.el7_9.1.tuxcare.els2.src.rpm" version="2.8"> <filename>freetype-2.8-14.el7_9.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">f28053c045e9d48579e804fb9891820cd6722281130e4d53cb42f16b1d6eff3d</sum> </package> <package arch="x86_64" epoch="0" name="freetype-demos" release="14.el7_9.1.tuxcare.els2" src="freetype-2.8-14.el7_9.1.tuxcare.els2.src.rpm" version="2.8"> <filename>freetype-demos-2.8-14.el7_9.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">0985513a4a735d0e16663c4b42cc7cc5870f3b6979ec938ce56119631391415e</sum> </package> <package arch="i686" epoch="0" name="freetype-devel" release="14.el7_9.1.tuxcare.els2" src="freetype-2.8-14.el7_9.1.tuxcare.els2.src.rpm" version="2.8"> <filename>freetype-devel-2.8-14.el7_9.1.tuxcare.els2.i686.rpm</filename> <sum type="sha256">e051fd807c6c5990716bb055151c40584e3e20ef6263e0a8de91ee41a4aa5abf</sum> </package> <package arch="x86_64" epoch="0" name="freetype-devel" release="14.el7_9.1.tuxcare.els2" src="freetype-2.8-14.el7_9.1.tuxcare.els2.src.rpm" version="2.8"> <filename>freetype-devel-2.8-14.el7_9.1.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">b5ae1b2c2bb0caf6d1e43939a9e689f1782bea518edfc7a66c45e0cd0344e573</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2025:1742929277</id> <title>Update of shim-signed</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Add support for oraclelinux7</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Add support for oraclelinux7</summary> <pushcount>0</pushcount> <issued date="2025-03-25 19:01:42 UTC" /> <updated date="2025-03-25 19:01:42 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1742929277.html" id="CLSA-2025:1742929277" title="CLSA-2025:1742929277" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="mokutil" release="2.el7.tuxcare.els1" src="shim-signed-15.8-2.el7.tuxcare.els1.src.rpm" version="15.8"> <filename>mokutil-15.8-2.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">432d79a39b8587471d47e5ae701722710563fb6a70ef5627bb29ed5c877f45b9</sum> </package> <package arch="x86_64" epoch="0" name="shim-ia32" release="2.el7.tuxcare.els1" src="shim-signed-15.8-2.el7.tuxcare.els1.src.rpm" version="15.8"> <filename>shim-ia32-15.8-2.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">4ecc1e860df79cb567cab36d4cce3c66d32f19cd2124c9198aeb76953184b050</sum> </package> <package arch="x86_64" epoch="0" name="shim-x64" release="2.el7.tuxcare.els1" src="shim-signed-15.8-2.el7.tuxcare.els1.src.rpm" version="15.8"> <filename>shim-x64-15.8-2.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">f75d5f0514923546115b4e8bb72cefde2e40381b57aa1a0bfa770c1aac0fa9ee</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1743184619</id> <title>bind: Fix of CVE-2023-4408</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Remove bind-9.11.4-CVE-2023-4408.patch which introduces an ABI change that breaks bind-dyndb-ldap - Enforce that bind-dyndb-ldap is updated after ABI changes introduced in 9.11.4-26.P2.15 update</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Remove bind-9.11.4-CVE-2023-4408.patch which introduces an ABI change that breaks bind-dyndb-ldap - Enforce that bind-dyndb-ldap is updated after ABI changes introduced in 9.11.4-26.P2.15 update</summary> <pushcount>0</pushcount> <issued date="2025-03-28 17:57:04 UTC" /> <updated date="2025-03-28 17:57:04 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1743184619.html" id="CLSA-2025:1743184619" title="CLSA-2025:1743184619" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="33" name="bind" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">c9b145e620308495576d7fc2977264eea0725bd5a7829422680fcbf2a8371fd5</sum> </package> <package arch="x86_64" epoch="33" name="bind-chroot" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">00bb2054c1a5a92199b177c7c09fd3e3e97105a12e478cd2ae5328ad4c8e2e3d</sum> </package> <package arch="i686" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm</filename> <sum type="sha256">07670e2efe5a90a41907c0ae146e23969b2b63a7df589fc4abec492036090dc4</sum> </package> <package arch="x86_64" epoch="33" name="bind-devel" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">f8bc0f5be0e6c7369cc456f5718b23bfdc280405a3e3788d568c4731e63eba36</sum> </package> <package arch="i686" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm</filename> <sum type="sha256">76543c5f2ab47496a2666ab64bfa8fd66da7f2645d67bf87b701750e0a9d408d</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-devel" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-export-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">b965fd09fbe006836022e9dcb6c6c1dbe524f5dfa56c6e46e2322b75af43dc5e</sum> </package> <package arch="i686" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm</filename> <sum type="sha256">9d10ae4b0371e6b125b204480377bb115ed00086913aa55925bfd1a6f53789b5</sum> </package> <package arch="x86_64" epoch="33" name="bind-export-libs" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-export-libs-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">21055280250a5a6ec47670fef45098dabac9b487f2bc98da6f04363ea9753a58</sum> </package> <package arch="i686" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm</filename> <sum type="sha256">3f8239ed6fbdb8ba3c766c0f0e963101c50ded8b15927d57ec51303aec534e1f</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-libs-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">b67edee4717448a7de7e4c5193dbac9ec0a3cd9f2ad9bd87ea461ea93a3313fa</sum> </package> <package arch="i686" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm</filename> <sum type="sha256">3d59b4ba38cdd3a396b56bbfab82883183181749d1c01be0836f86804415ffbe</sum> </package> <package arch="x86_64" epoch="33" name="bind-libs-lite" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-libs-lite-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">eec0f60b2c0e4820e5ed2b2a003ed4b951ea67da3cef3ecf1536e72fe46eb944</sum> </package> <package arch="noarch" epoch="33" name="bind-license" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-license-9.11.4-26.P2.el7_9.16.tuxcare.els8.noarch.rpm</filename> <sum type="sha256">096306b06c3eb80b1b8582484ccbb03d71c23f9d876e09f4b7d9e6a79e5ec547</sum> </package> <package arch="i686" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm</filename> <sum type="sha256">23bb0e83e9df1e735b4d59dadf5e1f3ffb5d9787a725560dc10c8900d4a606ed</sum> </package> <package arch="x86_64" epoch="33" name="bind-lite-devel" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-lite-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">8a621fce09e02c20b5a5ac295421dba807ca8910ec8c03607af89a7a36fb053b</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-pkcs11-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">9e976427b5a4630b7d185e784d918ed356bc65cd724227ef5afb01a6c1bbe69b</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm</filename> <sum type="sha256">8c616092cb5b6e6a78fa3f0b4b2a01ed4d55403ce371dacc1ea3453abe6fe2a5</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-devel" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">d8b59dbb82dfa62cc44a78e28d2f716c57cb108c5876089e348c48ae2b2d77e1</sum> </package> <package arch="i686" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els8.i686.rpm</filename> <sum type="sha256">0b45119677459aad66b41b964f9fb5ea71016e3aa8208ee115b8c6260b56212b</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-libs" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">65629b83ab33e7a3aa3a6149d5e4af0b6422d86a0b65f024ce684175bfa446d1</sum> </package> <package arch="x86_64" epoch="33" name="bind-pkcs11-utils" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">ff68a9b89f98d1c2562efbebc392b66e023909e0be1200453e0691930d609975</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-sdb-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">85a65c14ed0e96ca4efa3a1b1baa1275400e5e1e749a3d4a82dfbce47c9d85e7</sum> </package> <package arch="x86_64" epoch="33" name="bind-sdb-chroot" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-sdb-chroot-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">3aaecd68916db5b5eca0d39c4dad16f1f3950bc3670c4c237e8a5d332d637ba5</sum> </package> <package arch="x86_64" epoch="33" name="bind-utils" release="26.P2.el7_9.16.tuxcare.els8" src="bind-9.11.4-26.P2.el7_9.16.tuxcare.els8.src.rpm" version="9.11.4"> <filename>bind-utils-9.11.4-26.P2.el7_9.16.tuxcare.els8.x86_64.rpm</filename> <sum type="sha256">b32347d16d9699a8b62ce129893db23bda0f5a3aaece403dce1d1b56719dd029</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1743676155</id> <title>kernel: Fix of 2 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- drm: nv04: Fix out of bounds access {CVE-2024-27008} - media: uvcvideo: Fix double free in error path {CVE-2024-57980}</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- drm: nv04: Fix out of bounds access {CVE-2024-27008} - media: uvcvideo: Fix double free in error path {CVE-2024-57980}</summary> <pushcount>0</pushcount> <issued date="2025-04-03 10:29:20 UTC" /> <updated date="2025-04-03 10:29:20 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1743676155.html" id="CLSA-2025:1743676155" title="CLSA-2025:1743676155" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="bpftool" release="1160.119.1.el7.tuxcare.els19" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els19.src.rpm" version="3.10.0"> <filename>bpftool-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm</filename> <sum type="sha256">c4d9a7247eb151f1e71810c9442a72c646b33c7e35c21fa59ad7267389da3509</sum> </package> <package arch="x86_64" epoch="0" name="kernel" release="1160.119.1.el7.tuxcare.els19" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els19.src.rpm" version="3.10.0"> <filename>kernel-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm</filename> <sum type="sha256">7cb85dc9dd035886de7bcc83acd53e98c6500f46be7e6ee481c83b846089e51a</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug" release="1160.119.1.el7.tuxcare.els19" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els19.src.rpm" version="3.10.0"> <filename>kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm</filename> <sum type="sha256">eebed0943d00b73fd75f4a28537f17a7a7b92f628067a3f6b3dd184fe9595cee</sum> </package> <package arch="x86_64" epoch="0" name="kernel-debug-devel" release="1160.119.1.el7.tuxcare.els19" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els19.src.rpm" version="3.10.0"> <filename>kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm</filename> <sum type="sha256">dfac976f278aab87012c4d1c92dff6b016a0664158c994fd44ccb92ff7389903</sum> </package> <package arch="x86_64" epoch="0" name="kernel-devel" release="1160.119.1.el7.tuxcare.els19" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els19.src.rpm" version="3.10.0"> <filename>kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm</filename> <sum type="sha256">d2ff39fb2a223c0f1ef4e4410f8b5dfd62902cf05a731827bcc5ccc2cf17ed30</sum> </package> <package arch="x86_64" epoch="0" name="kernel-headers" release="1160.119.1.el7.tuxcare.els19" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els19.src.rpm" version="3.10.0"> <filename>kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm</filename> <sum type="sha256">06ae52f61ccbd903739e058cac84793ad1df58c084559459f23c2adbfe2b857b</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools" release="1160.119.1.el7.tuxcare.els19" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els19.src.rpm" version="3.10.0"> <filename>kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm</filename> <sum type="sha256">3120e0660d5282e12323892981cb12a137bd7bdd514c2a65bfa0d620990d69ee</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs" release="1160.119.1.el7.tuxcare.els19" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els19.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm</filename> <sum type="sha256">29a8ed6ef5134b137de910686b41561435785f179ebf16e4fa2fc3a6f4fa56e3</sum> </package> <package arch="x86_64" epoch="0" name="kernel-tools-libs-devel" release="1160.119.1.el7.tuxcare.els19" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els19.src.rpm" version="3.10.0"> <filename>kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm</filename> <sum type="sha256">3c7b1b8cfd03bf00067e9bdbcf6b6b6411126a8f33e276b13222ce7885fb1059</sum> </package> <package arch="x86_64" epoch="0" name="perf" release="1160.119.1.el7.tuxcare.els19" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els19.src.rpm" version="3.10.0"> <filename>perf-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm</filename> <sum type="sha256">fcb490111fe66e90dc336ad722297154dacb4d4dda881354613e1e108f8d8f2a</sum> </package> <package arch="x86_64" epoch="0" name="python-perf" release="1160.119.1.el7.tuxcare.els19" src="kernel-3.10.0-1160.119.1.el7.tuxcare.els19.src.rpm" version="3.10.0"> <filename>python-perf-3.10.0-1160.119.1.el7.tuxcare.els19.x86_64.rpm</filename> <sum type="sha256">3deeaf5357439fe901c290399db84aaec361fb7fc0db8e1cd288f08bede12f78</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1743763948</id> <title>libxslt: Fix of CVE-2025-24855</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2025-24855: fix use-after-free issue in numbers.c by restoring XPath context node in nested XPath evaluations</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2025-24855: fix use-after-free issue in numbers.c by restoring XPath context node in nested XPath evaluations</summary> <pushcount>0</pushcount> <issued date="2025-04-04 10:52:33 UTC" /> <updated date="2025-04-04 10:52:33 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1743763948.html" id="CLSA-2025:1743763948" title="CLSA-2025:1743763948" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libxslt" release="6.el7.tuxcare.els2" src="libxslt-1.1.28-6.el7.tuxcare.els2.src.rpm" version="1.1.28"> <filename>libxslt-1.1.28-6.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha256">e1b37adcd960f1480fd8ca901343132105f892a92220666b09d4c3dc8ac43a9d</sum> </package> <package arch="x86_64" epoch="0" name="libxslt" release="6.el7.tuxcare.els2" src="libxslt-1.1.28-6.el7.tuxcare.els2.src.rpm" version="1.1.28"> <filename>libxslt-1.1.28-6.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">095c36492365a6c40d7f34a7edd25464b5419d43abfea26b049661291941d3d4</sum> </package> <package arch="i686" epoch="0" name="libxslt-devel" release="6.el7.tuxcare.els2" src="libxslt-1.1.28-6.el7.tuxcare.els2.src.rpm" version="1.1.28"> <filename>libxslt-devel-1.1.28-6.el7.tuxcare.els2.i686.rpm</filename> <sum type="sha256">4f965b026cf128d33b24a123c7dbcc98a4dac856185c5d98f1e22a7cb83ad939</sum> </package> <package arch="x86_64" epoch="0" name="libxslt-devel" release="6.el7.tuxcare.els2" src="libxslt-1.1.28-6.el7.tuxcare.els2.src.rpm" version="1.1.28"> <filename>libxslt-devel-1.1.28-6.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">78cbf5d391d50004d7c7cda284a825e24492c79400c98b81f6a1a41fd8632110</sum> </package> <package arch="x86_64" epoch="0" name="libxslt-python" release="6.el7.tuxcare.els2" src="libxslt-1.1.28-6.el7.tuxcare.els2.src.rpm" version="1.1.28"> <filename>libxslt-python-1.1.28-6.el7.tuxcare.els2.x86_64.rpm</filename> <sum type="sha256">ba2fe0f3531233dae7857527fe75d2b1179dd76f1533324165b2027fde3a9ca0</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1744623757</id> <title>libxslt: Fix of CVE-2024-55549</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-55549: fix use-after-free issue related to exclusion of result prefixes</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-55549: fix use-after-free issue related to exclusion of result prefixes</summary> <pushcount>0</pushcount> <issued date="2025-04-14 09:42:43 UTC" /> <updated date="2025-04-14 09:42:43 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1744623757.html" id="CLSA-2025:1744623757" title="CLSA-2025:1744623757" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libxslt" release="6.el7.tuxcare.els3" src="libxslt-1.1.28-6.el7.tuxcare.els3.src.rpm" version="1.1.28"> <filename>libxslt-1.1.28-6.el7.tuxcare.els3.i686.rpm</filename> <sum type="sha256">2996432bcc07e56a879c2502992f22947175c62c5045f17c97c4ba8d613fcb24</sum> </package> <package arch="x86_64" epoch="0" name="libxslt" release="6.el7.tuxcare.els3" src="libxslt-1.1.28-6.el7.tuxcare.els3.src.rpm" version="1.1.28"> <filename>libxslt-1.1.28-6.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">a264315ab3565910b95abac9b0ae099336040f693bfe02962d529a275e2d6a8a</sum> </package> <package arch="i686" epoch="0" name="libxslt-devel" release="6.el7.tuxcare.els3" src="libxslt-1.1.28-6.el7.tuxcare.els3.src.rpm" version="1.1.28"> <filename>libxslt-devel-1.1.28-6.el7.tuxcare.els3.i686.rpm</filename> <sum type="sha256">16e44ecbc781f312f723d71889215d0e9382465d851e5b9967e5f11c3acb098b</sum> </package> <package arch="x86_64" epoch="0" name="libxslt-devel" release="6.el7.tuxcare.els3" src="libxslt-1.1.28-6.el7.tuxcare.els3.src.rpm" version="1.1.28"> <filename>libxslt-devel-1.1.28-6.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">3f67f538e56af38d7be6c1464c5e395c138b4f92ba082964f2b0fe31aa941cd8</sum> </package> <package arch="x86_64" epoch="0" name="libxslt-python" release="6.el7.tuxcare.els3" src="libxslt-1.1.28-6.el7.tuxcare.els3.src.rpm" version="1.1.28"> <filename>libxslt-python-1.1.28-6.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">e7901ec7dbac871b7386b8c8a33bc9807dbb7a2a3dca4809228f5b637b754b00</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1744724536</id> <title>grub2: Fix of 5 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2025-0624: net: Out-of-bounds write in grub_net_search_configfile() - CVE-2025-0690: read: Integer overflow may lead to out-of-bounds write - CVE-2025-1118: commands/dump: The dump command is not in lockdown when secure boot is enabled - CVE-2025-0678: squash4: Integer overflow may lead to heap based out-of-bounds write when reading data - CVE-2025-1125: fs/hfs: Integer overflow may lead to heap based out-of-bounds write</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2025-0624: net: Out-of-bounds write in grub_net_search_configfile() - CVE-2025-0690: read: Integer overflow may lead to out-of-bounds write - CVE-2025-1118: commands/dump: The dump command is not in lockdown when secure boot is enabled - CVE-2025-0678: squash4: Integer overflow may lead to heap based out-of-bounds write when reading data - CVE-2025-1125: fs/hfs: Integer overflow may lead to heap based out-of-bounds write</summary> <pushcount>0</pushcount> <issued date="2025-04-15 13:42:21 UTC" /> <updated date="2025-04-15 13:42:21 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1744724536.html" id="CLSA-2025:1744724536" title="CLSA-2025:1744724536" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="3" name="grub2" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">d5b2454d89c894f7728227ae72399632b48e72905f239034283f4cc5e87f6250</sum> </package> <package arch="noarch" epoch="3" name="grub2-common" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-common-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.noarch.rpm</filename> <sum type="sha256">e8660fc02747ba305700b3ecc58df1e1cc7202f836e39679b54411ed06c25426</sum> </package> <package arch="x86_64" epoch="3" name="grub2-efi-ia32" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-efi-ia32-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">5c729bb4a5679ea349b73c12a7eceaeee1aa107ee330928c12501ef00a66b962</sum> </package> <package arch="x86_64" epoch="3" name="grub2-efi-ia32-cdboot" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-efi-ia32-cdboot-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">2e085f568d9db8dee28478a5408f8be9461c05f16fe8f31a9f07775598a64953</sum> </package> <package arch="noarch" epoch="3" name="grub2-efi-ia32-modules" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-efi-ia32-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.noarch.rpm</filename> <sum type="sha256">72d9602ddc8a2ca5b6192473a25aac6a282f1ac3dce11f55a4ad37d2fb9be7ef</sum> </package> <package arch="x86_64" epoch="3" name="grub2-efi-x64" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-efi-x64-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">679856d7b8802e9d74176be20aec95130bd312f21d23261df50d901f300bd5e7</sum> </package> <package arch="x86_64" epoch="3" name="grub2-efi-x64-cdboot" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-efi-x64-cdboot-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">257a28a7963ee69b969c8f407e533df5371712e1ba0f2d1f8092fd4101b4e51b</sum> </package> <package arch="noarch" epoch="3" name="grub2-efi-x64-modules" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-efi-x64-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.noarch.rpm</filename> <sum type="sha256">60aee0fe3c832396ea805d83abef626b5209370823404efcf8cd5dba9df32a6d</sum> </package> <package arch="noarch" epoch="3" name="grub2-i386-modules" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-i386-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.noarch.rpm</filename> <sum type="sha256">09fbdfb24a5b5ac399d7bbccf6fa0ff774db699870d4090da3cc7adbd1040a57</sum> </package> <package arch="x86_64" epoch="3" name="grub2-pc" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-pc-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">c7e6e8211fb541f2fc807fa3d0c0ac60e8caed283c16afeaa14a3a75084440c7</sum> </package> <package arch="noarch" epoch="3" name="grub2-pc-modules" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-pc-modules-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.noarch.rpm</filename> <sum type="sha256">bbd972e0ce809ff4657024d32dc7f2a86dc48a11eefb233184a320dc6827e230</sum> </package> <package arch="x86_64" epoch="3" name="grub2-tools" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-tools-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">850c0f75e5afdee787ace6e241f37f4dcb5a7ca7ff0616a0cecb313cb20b464a</sum> </package> <package arch="x86_64" epoch="3" name="grub2-tools-extra" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-tools-extra-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">6549d428d213de14f2630faefd8ef4f57e9848b1307e19a9d2f6e1c6e2c5d4a4</sum> </package> <package arch="x86_64" epoch="3" name="grub2-tools-minimal" release="0.87.0.2.el7.centos.14.tuxcare.els6" src="grub2-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.src.rpm" version="2.02"> <filename>grub2-tools-minimal-2.02-0.87.0.2.el7.centos.14.tuxcare.els6.x86_64.rpm</filename> <sum type="sha256">e4e2bd29af37c9f1e353b9edb81065570807ce8e763e7b1a041e065827f0367c</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1744926275</id> <title>libsoup: Fix of CVE-2024-52531</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-52531: fix buffer overflow caused by conversion to UTF-8</description> <severity>Critical</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-52531: fix buffer overflow caused by conversion to UTF-8</summary> <pushcount>0</pushcount> <issued date="2025-04-17 21:44:41 UTC" /> <updated date="2025-04-17 21:44:41 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1744926275.html" id="CLSA-2025:1744926275" title="CLSA-2025:1744926275" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libsoup" release="2.0.1.el7.tuxcare.els3" src="libsoup-2.62.2-2.0.1.el7.tuxcare.els3.src.rpm" version="2.62.2"> <filename>libsoup-2.62.2-2.0.1.el7.tuxcare.els3.i686.rpm</filename> <sum type="sha256">6a2d8a65c594f93cf712be3af754fb42b4f1027085340ea1c3729adbe98481ef</sum> </package> <package arch="x86_64" epoch="0" name="libsoup" release="2.0.1.el7.tuxcare.els3" src="libsoup-2.62.2-2.0.1.el7.tuxcare.els3.src.rpm" version="2.62.2"> <filename>libsoup-2.62.2-2.0.1.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">a35dd4bf7dfd6636eb0c46a1ff006c8b432e7444c9e247bb125c1d12bf3856ba</sum> </package> <package arch="i686" epoch="0" name="libsoup-devel" release="2.0.1.el7.tuxcare.els3" src="libsoup-2.62.2-2.0.1.el7.tuxcare.els3.src.rpm" version="2.62.2"> <filename>libsoup-devel-2.62.2-2.0.1.el7.tuxcare.els3.i686.rpm</filename> <sum type="sha256">136b38c38302be0461f916ab98b25e05f36c09c2116e467b7498432413f17fc6</sum> </package> <package arch="x86_64" epoch="0" name="libsoup-devel" release="2.0.1.el7.tuxcare.els3" src="libsoup-2.62.2-2.0.1.el7.tuxcare.els3.src.rpm" version="2.62.2"> <filename>libsoup-devel-2.62.2-2.0.1.el7.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">df618e0a7a5a7516eea92426b43db3dfe1cd79d6f4168bd88b9fcd499469db24</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2025:1744926159</id> <title>Update of openssl</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Backport the implicit rejection mechanism for RSA PKCS#1 v1.5 to prevent Bleichenbacher attacks; add an option to disable the mechanism</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Backport the implicit rejection mechanism for RSA PKCS#1 v1.5 to prevent Bleichenbacher attacks; add an option to disable the mechanism</summary> <pushcount>0</pushcount> <issued date="2025-04-17 21:42:45 UTC" /> <updated date="2025-04-17 21:42:45 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1744926159.html" id="CLSA-2025:1744926159" title="CLSA-2025:1744926159" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="1" name="openssl" release="26.el7_9.tuxcare.els3" src="openssl-1.0.2k-26.el7_9.tuxcare.els3.src.rpm" version="1.0.2k"> <filename>openssl-1.0.2k-26.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">e22876a7469cbd962a3423933c22929c4307a500bba28c2f524747240399d6fa</sum> </package> <package arch="i686" epoch="1" name="openssl-devel" release="26.el7_9.tuxcare.els3" src="openssl-1.0.2k-26.el7_9.tuxcare.els3.src.rpm" version="1.0.2k"> <filename>openssl-devel-1.0.2k-26.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha256">018b5f4786af97c0c8b51f3a79e8a351993ef6661fbabb6b50f7bbb4dd1e8b7c</sum> </package> <package arch="x86_64" epoch="1" name="openssl-devel" release="26.el7_9.tuxcare.els3" src="openssl-1.0.2k-26.el7_9.tuxcare.els3.src.rpm" version="1.0.2k"> <filename>openssl-devel-1.0.2k-26.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">c0019bf9e5a34f82314521463f338fab7dc2514a951edd314ba7600f4f999c71</sum> </package> <package arch="i686" epoch="1" name="openssl-libs" release="26.el7_9.tuxcare.els3" src="openssl-1.0.2k-26.el7_9.tuxcare.els3.src.rpm" version="1.0.2k"> <filename>openssl-libs-1.0.2k-26.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha256">391603e41c6004fe7542144578b268ef79f57b155b007bfcfb9af73df62f8300</sum> </package> <package arch="x86_64" epoch="1" name="openssl-libs" release="26.el7_9.tuxcare.els3" src="openssl-1.0.2k-26.el7_9.tuxcare.els3.src.rpm" version="1.0.2k"> <filename>openssl-libs-1.0.2k-26.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">4aebd206e2163c3e9bea5ef30359e58b22ae07e4e35e337ca4898a5756eec20a</sum> </package> <package arch="x86_64" epoch="1" name="openssl-perl" release="26.el7_9.tuxcare.els3" src="openssl-1.0.2k-26.el7_9.tuxcare.els3.src.rpm" version="1.0.2k"> <filename>openssl-perl-1.0.2k-26.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">c5605dc05449a886c60a33f784f77056d57445716775b7a5ec4406588c04405e</sum> </package> <package arch="i686" epoch="1" name="openssl-static" release="26.el7_9.tuxcare.els3" src="openssl-1.0.2k-26.el7_9.tuxcare.els3.src.rpm" version="1.0.2k"> <filename>openssl-static-1.0.2k-26.el7_9.tuxcare.els3.i686.rpm</filename> <sum type="sha256">5b4b4905f1265e701e3dc9ffdc2b20b212f199a99fe57347b27a529a23a06f50</sum> </package> <package arch="x86_64" epoch="1" name="openssl-static" release="26.el7_9.tuxcare.els3" src="openssl-1.0.2k-26.el7_9.tuxcare.els3.src.rpm" version="1.0.2k"> <filename>openssl-static-1.0.2k-26.el7_9.tuxcare.els3.x86_64.rpm</filename> <sum type="sha256">c7c5aa19050bea75d312afe76b15d7bd5e4756dedf31e949c4a7b13c219a5a6b</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2025:1744892440</id> <title>Update of libsoup</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Bump up version</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Bump up version</summary> <pushcount>0</pushcount> <issued date="2025-04-17 12:20:46 UTC" /> <updated date="2025-04-17 12:20:46 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1744892440.html" id="CLSA-2025:1744892440" title="CLSA-2025:1744892440" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="i686" epoch="0" name="libsoup" release="2.0.1.el7.tuxcare.els1" src="libsoup-2.62.2-2.0.1.el7.tuxcare.els1.src.rpm" version="2.62.2"> <filename>libsoup-2.62.2-2.0.1.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">7409eda1d2845d653b6162b630c75f6ec06e16608de5f675638f729783b657b4</sum> </package> <package arch="x86_64" epoch="0" name="libsoup" release="2.0.1.el7.tuxcare.els1" src="libsoup-2.62.2-2.0.1.el7.tuxcare.els1.src.rpm" version="2.62.2"> <filename>libsoup-2.62.2-2.0.1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">89a370de42d91971709bf72e02fb68ff586e098f995e7afe65cfb280394593e6</sum> </package> <package arch="i686" epoch="0" name="libsoup-devel" release="2.0.1.el7.tuxcare.els1" src="libsoup-2.62.2-2.0.1.el7.tuxcare.els1.src.rpm" version="2.62.2"> <filename>libsoup-devel-2.62.2-2.0.1.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">6959218a95656e3593c2bd0c27e2bc9f7290bc7a4b67b32efea0c46c5b597214</sum> </package> <package arch="x86_64" epoch="0" name="libsoup-devel" release="2.0.1.el7.tuxcare.els1" src="libsoup-2.62.2-2.0.1.el7.tuxcare.els1.src.rpm" version="2.62.2"> <filename>libsoup-devel-2.62.2-2.0.1.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">0deb6f44e696317314359d7060ba9b3cd557f0c23292525cd88a67e391cce1ba</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1744892170</id> <title>gcc: Fix of CVE-2020-11023</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2020-11023: sanitize HTML content passed to DOM manipulation methods to prevent execution of untrusted code</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2020-11023: sanitize HTML content passed to DOM manipulation methods to prevent execution of untrusted code</summary> <pushcount>0</pushcount> <issued date="2025-04-17 12:16:16 UTC" /> <updated date="2025-04-17 12:16:16 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1744892170.html" id="CLSA-2025:1744892170" title="CLSA-2025:1744892170" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="cpp" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>cpp-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">012a033c7ae83af919fa4e0bceffbbdfb7fae937d80fa6ae83fb110d5e2522b4</sum> </package> <package arch="x86_64" epoch="0" name="gcc" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>gcc-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">a427354981de8351c4894b413617e7e11f886de0f6264bc17c16e5bbdd193fcc</sum> </package> <package arch="x86_64" epoch="0" name="gcc-c++" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>gcc-c++-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">15f6bd25d4f62aa3b6715bfa0790f9df32623d97c0a18cc54a6ead300e1eab00</sum> </package> <package arch="x86_64" epoch="0" name="gcc-gfortran" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>gcc-gfortran-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">b451ea4eda75c1724ebc8f13186d7ddfb4bb7d79263c8c942b0444f3bd5b6f3c</sum> </package> <package arch="x86_64" epoch="0" name="gcc-gnat" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>gcc-gnat-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">0111609a02be5f8a4079167fdf446d775f0924ad355cc64fdab553c27beee286</sum> </package> <package arch="x86_64" epoch="0" name="gcc-go" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>gcc-go-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">79eca6b01a66a4f2774408fbb0d6a14e490ccd0bfc70da34632edff4370bf7b1</sum> </package> <package arch="x86_64" epoch="0" name="gcc-objc++" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>gcc-objc++-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">84caebda2ca4fec4b991af6310fd29d85eb0bb4704236c1af8dfc2d871096d5c</sum> </package> <package arch="x86_64" epoch="0" name="gcc-objc" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>gcc-objc-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">269942ce3a6b1b2e727a9eca3e15514c0112c1daa07fd2c50f0ef3bae10eb53c</sum> </package> <package arch="x86_64" epoch="0" name="gcc-plugin-devel" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>gcc-plugin-devel-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">731764bcb017d4611fa507607efeeb1fb3612f07bbc273b3eae9bd5374a7a855</sum> </package> <package arch="i686" epoch="0" name="libasan" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libasan-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">6f13581ce9a8575c19a7ae2ee1568daf7d483d995d05f183a425787749719ab0</sum> </package> <package arch="x86_64" epoch="0" name="libasan" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libasan-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">0268d33cd3585326c1b1a162436ecfe8e03fb1fcb0109dee8ef18d296db0191f</sum> </package> <package arch="i686" epoch="0" name="libasan-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libasan-static-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">bcd3bba7f5d8b9af1778dfe8a8f30012a4530a8fae8277440c26cc9db9b79fcc</sum> </package> <package arch="x86_64" epoch="0" name="libasan-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libasan-static-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">32eec8d0e882a6252c3d88eeaace6260cf6a8a8553a5a89411e1463404f4ad9f</sum> </package> <package arch="i686" epoch="0" name="libatomic" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libatomic-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">e3d2c5e0b6db11d69cdeb5361112ffa852986a6849f96fc83ec6eef47f60bbad</sum> </package> <package arch="x86_64" epoch="0" name="libatomic" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libatomic-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">da8b9da64dc4898261e37e781689668ea68cfd549b1dd826b29989090b6016d1</sum> </package> <package arch="i686" epoch="0" name="libatomic-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libatomic-static-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">40f37d0c125c8d1f9207c683d4ff6669daeaf128247aa1c4b35680b97de1ae0e</sum> </package> <package arch="x86_64" epoch="0" name="libatomic-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libatomic-static-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">818f355c4d296c69227f85cdc8945bd308fd34d9f3743463025c6c3d3362733c</sum> </package> <package arch="i686" epoch="0" name="libgcc" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgcc-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">570649ff0be27a6f2fb6210b0ceb1791eab53a26f7d4cdf42567420ced67bbae</sum> </package> <package arch="x86_64" epoch="0" name="libgcc" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgcc-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">cfc5c90258788fc6509f1e815d630887773083d883b5401f76b6991c3319321a</sum> </package> <package arch="i686" epoch="0" name="libgfortran" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgfortran-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">c11536319c97344e277bfd2c06567c2267045a984f9fc6d6b5a5f792d1abe71c</sum> </package> <package arch="x86_64" epoch="0" name="libgfortran" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgfortran-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">609140910f01cd1ae32476b0764c413fa5a6612344a301927f1a9c416bce0cf9</sum> </package> <package arch="i686" epoch="0" name="libgfortran-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgfortran-static-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">a8fa69133af93382cc87ff74cc73b4100f8301eafebbc191348891aeb2966fad</sum> </package> <package arch="x86_64" epoch="0" name="libgfortran-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgfortran-static-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">549a4049a8a9ab0c55a592640d422e45f4813a675c52524eb0a6f2cce9f63543</sum> </package> <package arch="i686" epoch="0" name="libgnat" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgnat-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">9a6857a8090b5adb9c827592285bc394d08d1c9aac5f8c7f03ddd6b54042e1aa</sum> </package> <package arch="x86_64" epoch="0" name="libgnat" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgnat-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">4469fa0fedc0340f1399a040473592c20d730defa56ac9ce4912e759b7fc3cbf</sum> </package> <package arch="i686" epoch="0" name="libgnat-devel" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgnat-devel-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">1f874dc3d6bb06d37c0f2eecc2798227241a6f3e21c48ed8f0520d1d825e8580</sum> </package> <package arch="x86_64" epoch="0" name="libgnat-devel" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgnat-devel-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">c7bbe5642921756fb9ae703bb08b8cf7155a88fef96da4051a4e4356c08fca5f</sum> </package> <package arch="i686" epoch="0" name="libgnat-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgnat-static-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">99c6c22836f334b9fedefa9be3c6cfa50b6775c26e76c0af96481b83b0331f15</sum> </package> <package arch="x86_64" epoch="0" name="libgnat-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgnat-static-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">3c8c24b36689be5d137bd93441c72e2a39d839bb6f72af35bf25ce747ab12f52</sum> </package> <package arch="i686" epoch="0" name="libgo" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgo-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">c568e867fef59790b753fe2d3f0adb5668be16e5933499d542ebe31c3337c7da</sum> </package> <package arch="x86_64" epoch="0" name="libgo" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgo-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">838fd1adcee4973bef4d9e5b4b1535f2d35fe5027554343e1ad39825d4592c45</sum> </package> <package arch="i686" epoch="0" name="libgo-devel" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgo-devel-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">f2286f51f83e95f84b80e1c3eb5ed0d813fee6d1902bb1fda8b75f51361764c2</sum> </package> <package arch="x86_64" epoch="0" name="libgo-devel" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgo-devel-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">641f9a9564ac9d37ded032ed0afa32187c8e5da8b55668aa35fedc67086a8210</sum> </package> <package arch="i686" epoch="0" name="libgo-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgo-static-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">efd4d5ce8db725ed4954ab0a066e3a28777ff231cce710f875d5711c0aed9243</sum> </package> <package arch="x86_64" epoch="0" name="libgo-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgo-static-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">61fff0cd5f011f53c5f09c38ff3afd54044efa35ea86ca27ec349fe3377234b9</sum> </package> <package arch="i686" epoch="0" name="libgomp" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgomp-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">e6082b927e4298f152d650d9a64a6aaa6a0a7f1e066f0409688ad2b58ccc4941</sum> </package> <package arch="x86_64" epoch="0" name="libgomp" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libgomp-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">de585430ab2b5616ef5c75a8f40dea674719c2e40bd7fa842e7eab67266497d7</sum> </package> <package arch="i686" epoch="0" name="libitm" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libitm-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">e3c2b0cc90c2976029b884699be7d8e60d51e3ecf7a0708a7148895988364ec0</sum> </package> <package arch="x86_64" epoch="0" name="libitm" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libitm-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">3f5a866e9b8304424ce349c579f623d6be516b273d7a15bf2bba27003d8fb7f7</sum> </package> <package arch="i686" epoch="0" name="libitm-devel" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libitm-devel-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">412111aa8cf4eab4810948cc68fb20847b8b0dc585de0af7fd10fd1ca9bf7ade</sum> </package> <package arch="x86_64" epoch="0" name="libitm-devel" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libitm-devel-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">99816020d14e6956e1e2cdcb012ec1fef1dc5fec78b133c75f967b4fe68c7e46</sum> </package> <package arch="i686" epoch="0" name="libitm-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libitm-static-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">a0c8e9d9f06d561d0fb22618b6ddd527ee8afffac072fad3bdee74f634e1aed4</sum> </package> <package arch="x86_64" epoch="0" name="libitm-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libitm-static-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">1d88371430abd17008ddaf3713af91cead1d4016f3d827e0f835eb83ecd4c6e8</sum> </package> <package arch="i686" epoch="0" name="libmudflap" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libmudflap-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">02c060adb89922ff8193098210459242d2add4512d27e4fc358b6e40b23df78c</sum> </package> <package arch="x86_64" epoch="0" name="libmudflap" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libmudflap-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">737acbd877b6d0b6073d5f64239f88c085c8bf6031202fe09e944a38109b4159</sum> </package> <package arch="i686" epoch="0" name="libmudflap-devel" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libmudflap-devel-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">5a74df66f707fef3f3a6f06120732384c4e062bb90a207a0f72579346a7ffc17</sum> </package> <package arch="x86_64" epoch="0" name="libmudflap-devel" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libmudflap-devel-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">bc2e92b4894710f55f8879676004582e79dd0ff27aee78bf020b47334f951e88</sum> </package> <package arch="i686" epoch="0" name="libmudflap-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libmudflap-static-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">e7f169f2a8b1a94c3169027ccd0c7ad2b341cda60e88bd55c6907cecd21291f9</sum> </package> <package arch="x86_64" epoch="0" name="libmudflap-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libmudflap-static-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">b59c2792f300643e9de4faf6d1a2f7accadec13c58052241ab45111a8ba912af</sum> </package> <package arch="i686" epoch="0" name="libobjc" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libobjc-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">e26ddb9200de011214fdc9ff531bfe29d179c79eb2c7ed015be100999a4a3dda</sum> </package> <package arch="x86_64" epoch="0" name="libobjc" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libobjc-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">5a4c9790448e27d3366d759a135b57ae89f309348e56045ecd0be0cfa23b0a90</sum> </package> <package arch="i686" epoch="0" name="libquadmath" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libquadmath-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">b0cca91b8da15fee0e93ceea6fb9ec4e23132d123b83f9dd71622bef1ba28c52</sum> </package> <package arch="x86_64" epoch="0" name="libquadmath" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libquadmath-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">c49822eab42690e0d5143f2fdff83bd6d9fecf96314e075becd610994716066c</sum> </package> <package arch="i686" epoch="0" name="libquadmath-devel" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libquadmath-devel-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">92f370679a412d0ca844fedad86f0c36b9cd0f58bacf2074fcbb7f1577a47672</sum> </package> <package arch="x86_64" epoch="0" name="libquadmath-devel" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libquadmath-devel-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">e938c15f8c715eacc001f35431dde8d4b4ccb99268050075adabf1041033083d</sum> </package> <package arch="i686" epoch="0" name="libquadmath-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libquadmath-static-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">d2c12aaed77ee95081621c71f36b6c5bff3129c201bccebcfe3f366e3af78bda</sum> </package> <package arch="x86_64" epoch="0" name="libquadmath-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libquadmath-static-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">0cf1d83afc1763b77c41f6bb335e1cbf767cabf717ab2afca9444f2cb0d06de5</sum> </package> <package arch="i686" epoch="0" name="libstdc++" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libstdc++-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">2bc751cdfdb56aae3f19097fe446c64d967c35b3fa4182d4fcf102d49897c738</sum> </package> <package arch="x86_64" epoch="0" name="libstdc++" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libstdc++-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">65eec590dbc55d2814b4cccf6713334180c66e39ccdd8d5c6139c73fbce18b7d</sum> </package> <package arch="i686" epoch="0" name="libstdc++-devel" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libstdc++-devel-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">3d0208b62a0789b268f1b288544dfa57b81c5363edfedad7d512d34e925f8ba0</sum> </package> <package arch="x86_64" epoch="0" name="libstdc++-devel" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libstdc++-devel-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">7431f217fe45aeaf20c6ffb3a385b9b8700ff4699cc6e8dd896b097c1192d021</sum> </package> <package arch="x86_64" epoch="0" name="libstdc++-docs" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libstdc++-docs-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">a97b0342c11132a1ab502e73ae344ae5f033fc8a22467827493ee7ed35e38f93</sum> </package> <package arch="i686" epoch="0" name="libstdc++-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libstdc++-static-4.8.5-44.el7.tuxcare.els1.i686.rpm</filename> <sum type="sha256">18c55a9383b696c1a324889496a6fc0e1ee86415f9b1dc9fab74e0b7354d422b</sum> </package> <package arch="x86_64" epoch="0" name="libstdc++-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libstdc++-static-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">081c8d6c376e1df539f1d94cfeea9c619cea7744ebe2782febe2c107d6f2cafd</sum> </package> <package arch="x86_64" epoch="0" name="libtsan" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libtsan-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">93c203222f3a628f04c14711decc004a9b63125fe350e663adc8a95ff4cb4b9e</sum> </package> <package arch="x86_64" epoch="0" name="libtsan-static" release="44.el7.tuxcare.els1" src="gcc-4.8.5-44.el7.tuxcare.els1.src.rpm" version="4.8.5"> <filename>libtsan-static-4.8.5-44.el7.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">5d99c6564601371e26c16e3f2dde3d617856a7f6617a530f8ca6d70ce46e6aaf</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="bugfix" version="1"> <id>CLSA-2025:1745836038</id> <title>Update of els-os-release</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- Initial package</description> <severity>None</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- Initial package</summary> <pushcount>0</pushcount> <issued date="2025-04-28 10:27:23 UTC" /> <updated date="2025-04-28 10:27:23 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1745836038.html" id="CLSA-2025:1745836038" title="CLSA-2025:1745836038" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="els-os-release" release="0.el7" src="els-os-release-1.0.0-0.el7.src.rpm" version="1.0.0"> <filename>els-os-release-1.0.0-0.el7.x86_64.rpm</filename> <sum type="sha256">f667bfa167dcbd13ba4e40fff07a75c941f6776073726e10a8f8e56fa83860c8</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1745585192</id> <title>ruby: Fix of 3 CVEs</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2025-27219: fix a potential Denial of Service (DoS) vulnerability in cookie parsing - CVE-2025-27220: fix ReDoS vulnerability exists in the escapeElement method - CVE-2025-27221: fix he URI handling methods (URI.join, URI#merge, URI#+)</description> <severity>Important</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2025-27219: fix a potential Denial of Service (DoS) vulnerability in cookie parsing - CVE-2025-27220: fix ReDoS vulnerability exists in the escapeElement method - CVE-2025-27221: fix he URI handling methods (URI.join, URI#merge, URI#+)</summary> <pushcount>0</pushcount> <issued date="2025-04-25 12:46:37 UTC" /> <updated date="2025-04-25 12:46:37 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1745585192.html" id="CLSA-2025:1745585192" title="CLSA-2025:1745585192" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="ruby" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="2.0.0.648"> <filename>ruby-2.0.0.648-39.el7_9.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">19ec9a4d9af22a44801074cb49d04835d90689c8e4d030a665f002e027444344</sum> </package> <package arch="x86_64" epoch="0" name="ruby-devel" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="2.0.0.648"> <filename>ruby-devel-2.0.0.648-39.el7_9.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">3a820a0f62620c11f7efa4699f476379357c6f02a46340e863937d50f1c69451</sum> </package> <package arch="noarch" epoch="0" name="ruby-doc" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="2.0.0.648"> <filename>ruby-doc-2.0.0.648-39.el7_9.tuxcare.els7.noarch.rpm</filename> <sum type="sha256">0afca55feb516e8c26ba82692c0a37fa00014821a4037f3700a310f9348d4af6</sum> </package> <package arch="noarch" epoch="0" name="ruby-irb" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="2.0.0.648"> <filename>ruby-irb-2.0.0.648-39.el7_9.tuxcare.els7.noarch.rpm</filename> <sum type="sha256">2b8d7e88442d72937b65af2d92205aaebd9a89532b9cae0004a37ade96cbc49c</sum> </package> <package arch="i686" epoch="0" name="ruby-libs" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="2.0.0.648"> <filename>ruby-libs-2.0.0.648-39.el7_9.tuxcare.els7.i686.rpm</filename> <sum type="sha256">4cb377c0799d7069bf8097bad06df3002344afe6c4332944c1015f8da98979fe</sum> </package> <package arch="x86_64" epoch="0" name="ruby-libs" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="2.0.0.648"> <filename>ruby-libs-2.0.0.648-39.el7_9.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">4bb473e7a0b6efc062935ee9f007e157c25554dad8aecc1b90afcb7a0bdbb325</sum> </package> <package arch="x86_64" epoch="0" name="ruby-tcltk" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="2.0.0.648"> <filename>ruby-tcltk-2.0.0.648-39.el7_9.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">459c8e0bd3f275afe53577b1d02c96bb80f0ff23969d360965a657aaa556006c</sum> </package> <package arch="x86_64" epoch="0" name="rubygem-bigdecimal" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="1.2.0"> <filename>rubygem-bigdecimal-1.2.0-39.el7_9.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">b55895302b43321d25a6fcb6182f2f66c07a4d71de3c0c0306bb9105b775c959</sum> </package> <package arch="x86_64" epoch="0" name="rubygem-io-console" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="0.4.2"> <filename>rubygem-io-console-0.4.2-39.el7_9.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">3b32b071f427fe370cb145ad922a86698dbd49fb9a71a6654bc565b2fe8e6de0</sum> </package> <package arch="x86_64" epoch="0" name="rubygem-json" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="1.7.7"> <filename>rubygem-json-1.7.7-39.el7_9.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">37c9e1a8a3e52b298db8ea87c5a97dda299ca9c60f50f290c23f5d953e3ea9f4</sum> </package> <package arch="noarch" epoch="0" name="rubygem-minitest" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="4.3.2"> <filename>rubygem-minitest-4.3.2-39.el7_9.tuxcare.els7.noarch.rpm</filename> <sum type="sha256">ba2edf4607a3a556278c2cec53bab782482acffcb4c78e382e1aa8fca502c60b</sum> </package> <package arch="x86_64" epoch="0" name="rubygem-psych" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="2.0.0"> <filename>rubygem-psych-2.0.0-39.el7_9.tuxcare.els7.x86_64.rpm</filename> <sum type="sha256">41f13f29d33caf002a0709e47083ed423f4c89b8efe8c9e3af942ce3e29f5c13</sum> </package> <package arch="noarch" epoch="0" name="rubygem-rake" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="0.9.6"> <filename>rubygem-rake-0.9.6-39.el7_9.tuxcare.els7.noarch.rpm</filename> <sum type="sha256">ec94930985f7e52cff0e345bfa27439c44dc160dfe50b22a3855e182050707f2</sum> </package> <package arch="noarch" epoch="0" name="rubygem-rdoc" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="4.0.0"> <filename>rubygem-rdoc-4.0.0-39.el7_9.tuxcare.els7.noarch.rpm</filename> <sum type="sha256">8c1b904560e0c0e676a520df940a5cc3cfe73054b5647b72b8d2ed4f57657f6c</sum> </package> <package arch="noarch" epoch="0" name="rubygems" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="2.0.14.1"> <filename>rubygems-2.0.14.1-39.el7_9.tuxcare.els7.noarch.rpm</filename> <sum type="sha256">9b8f9856dcf17acb4e48b8f3cbaab44c2015c0a68617dc366dad244d8552c5d0</sum> </package> <package arch="noarch" epoch="0" name="rubygems-devel" release="39.el7_9.tuxcare.els7" src="ruby-2.0.0.648-39.el7_9.tuxcare.els7.src.rpm" version="2.0.14.1"> <filename>rubygems-devel-2.0.14.1-39.el7_9.tuxcare.els7.noarch.rpm</filename> <sum type="sha256">d458eb210d5a37111b874ed8dc44335cdfba4bba932539026ea39fedc16a3afe</sum> </package> </collection> </pkglist> </update> <update from="packager@tuxcare.com" status="final" type="security" version="1"> <id>CLSA-2025:1745585902</id> <title>libvirt: Fix of CVE-2024-2496</title> <rights>TuxCare License Agreement</rights> <release>0</release> <description>- CVE-2024-2496: Fix NULL pointer dereference in udevConnectListAllInterfaces() function</description> <severity>Moderate</severity> <solution>Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.</solution> <summary>- CVE-2024-2496: Fix NULL pointer dereference in udevConnectListAllInterfaces() function</summary> <pushcount>0</pushcount> <issued date="2025-04-25 12:58:27 UTC" /> <updated date="2025-04-25 12:58:27 UTC" /> <references href="https://errata.tuxcare.com/centos7-els/CLSA-2025-1745585902.html" id="CLSA-2025:1745585902" title="CLSA-2025:1745585902" type="self" /> <pkglist> <collection> <name>tuxcare-centos7-els</name> <package arch="x86_64" epoch="0" name="libvirt" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">6278946f1bf584a1d98518f7f1903d1b9424041ae91b2f1dc0e3227d75bef855</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-admin" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-admin-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">0a2f28b2f0c88742540a70055a42cf2f280e487ce44e580ce7650c6536e9c929</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-bash-completion" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-bash-completion-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">1df46e989ee297964a8fb9844e67809614e5a8f3c2aa467381d2cbd4758e0bec</sum> </package> <package arch="i686" epoch="0" name="libvirt-client" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-client-4.5.0-36.el7_9.5.tuxcare.els1.i686.rpm</filename> <sum type="sha256">527b6a8b0e011f87e52b21e55e8ea359d1a8004a0eae7ed2c036522a82767c7e</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-client" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-client-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">04688bb771794b9d1e61a5dec6a5ed4468f1f33c4b5b681cbed73e0422fbc887</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">172c580da56ae4602467f2e9b95e689f9ebdf8a11a155345d235be3c8ec1af21</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-config-network" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-config-network-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">0cfcb8cd31fd9eded8f7a2c52ce52b8ecbb39c75c930ee591f9b5a7338865d2f</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-config-nwfilter" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-config-nwfilter-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">eedd3c5d1df664eabed4d5d0dc39bcce39f945962c2f6baaf3c9b0c082edb6df</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-interface" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-interface-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">f88428922690f460f6fabf83f18a907525dce48cc2fa6cc2caf5fef3c6bf94dd</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-lxc" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-lxc-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">792c73907ae33b721c326538cb8222c0b4a522dc06fe21b20b0124fe64fec0aa</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-network" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-network-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">f3b99dded6d5d7f07b8002b75b21cec550023e9172258b55848a23a4ba3e33cc</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-nodedev" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-nodedev-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">ea4304aab5a2fd1602611a768e54f23b77494c6799be3f04f3d273339e981f79</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-nwfilter" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-nwfilter-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">8e53bc0c82f5efa4d732b600be5aae19ef3ea773565198c42d18f3c80352ef21</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-qemu" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-qemu-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">cd0ac30905cee3fd4fd926291ca0cb0d2125f402945ba833c41ecafc8df17683</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-secret" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-secret-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">5047acfa3ea79776b54738ad3b187ba8f4f29d5f8c061c442f074572d584d8fe</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-storage" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-storage-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">73f2062b55575b7b0d360e03811bff3454cf6c1971a824ebef6c4b14994d11b3</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-storage-core" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-storage-core-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">94361cede0ce0f32b867680293bc7cca760cb78eb8742b22b38faa34bdcccf91</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-storage-disk" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-storage-disk-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">a83d46813da9b8ec6a9ef49d4441c97e68eaf028fdb4e10b67c70482d241ec92</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-storage-gluster" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-storage-gluster-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">cb8ad952d3bba172f884f42ffb43760c1b24751a8ebc02f2350aeaa64b54a91f</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-storage-iscsi" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">35c162266e85c9b3b0c9add9d568befb43dc48584d0c21767fbd5e8ee45bf6a0</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-storage-logical" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-storage-logical-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">26e00f0b1f3e5dc6869871763647b937b370bbe9cec851732b84bf7f30764e15</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-storage-mpath" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-storage-mpath-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">aa5eb79cb198469917983a9069c261f71a200362f738bd678ce198e2cc5a957b</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-storage-rbd" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-storage-rbd-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">7a311a4601febd299d37e782f23efe3503c7e2f640074bf9b63d86af563f0cb5</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-driver-storage-scsi" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-driver-storage-scsi-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">3ecc798f5d5e7e587b0b890aba07e859c80706f535ae2e6d08d4f2b4b365265b</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-kvm" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-kvm-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">096871814c3e4ad112700978cbf26ac081310941791030198224467328858166</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-daemon-lxc" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-daemon-lxc-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">73293c16a99302940a4485470b0539c12affe03988992a700135cc46e61cb71b</sum> </package> <package arch="i686" epoch="0" name="libvirt-devel" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-devel-4.5.0-36.el7_9.5.tuxcare.els1.i686.rpm</filename> <sum type="sha256">412b8925d9157b058979b5bfe091737dd279d903b97bb78a77d19822ddc492af</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-devel" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-devel-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">cc6c7870ef025298382fe4865af0c771fb5765e010aad235626cfd750d651348</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-docs" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-docs-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">0e7600bd6fcccd13473663cbd544300d17861b61210ca0d96a8ca4d4a74065aa</sum> </package> <package arch="i686" epoch="0" name="libvirt-libs" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-libs-4.5.0-36.el7_9.5.tuxcare.els1.i686.rpm</filename> <sum type="sha256">22b33d6d74bc880c70e310b7c2798d22a4c07781282d6eca35babb01230b1285</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-libs" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-libs-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">e054a2330e6bd2b3e5f4777ae6fac5af104911ded4c36ec6465f44205b1cb468</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-lock-sanlock" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-lock-sanlock-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">ca985616c3e20edd587a6d0ae5aaace3224058101dedf17d84e6380b4c224cd8</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-login-shell" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-login-shell-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">f3408e35b81603d0e5f6e855ab1834590be6272220fc53cec74fa682cc6b6a70</sum> </package> <package arch="i686" epoch="0" name="libvirt-nss" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-nss-4.5.0-36.el7_9.5.tuxcare.els1.i686.rpm</filename> <sum type="sha256">635569da713c8300a8b27066b77ab75142b638d03cfe476fd0184ca55800ac86</sum> </package> <package arch="x86_64" epoch="0" name="libvirt-nss" release="36.el7_9.5.tuxcare.els1" src="libvirt-4.5.0-36.el7_9.5.tuxcare.els1.src.rpm" version="4.5.0"> <filename>libvirt-nss-4.5.0-36.el7_9.5.tuxcare.els1.x86_64.rpm</filename> <sum type="sha256">26ecdd1aa39a4b2b3ac115571489aa7f088c6953550eb352f94fa088a3e0b88a</sum> </package> </collection> </pkglist> </update> </updates>
Close
