RLBA-2022:2682 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for protobuf-c. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms protobuf-c-compiler-1.3.3-12.el9.x86_64.rpm d583d2977b6dd2da5998f265b6037f6dba901a0452f8ad8c572f4157c3de697d protobuf-c-devel-1.3.3-12.el9.x86_64.rpm 736307a187b1ac8cd6375d4a653e2f7ebac3b9c066c14f19da7df34a01c85eb8 RLBA-2022:3906 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ModemManager. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms ModemManager-devel-1.18.2-3.el9.x86_64.rpm 5765f49393a2321ad58658a7fd0604881364804555e8537002c2dbab89be4e6d ModemManager-glib-devel-1.18.2-3.el9.x86_64.rpm f22ed66869f0f1d909406cfe76751926b5b7404a1fb8003eda1fb03a013bb0f5 RLBA-2022:3916 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for fonts-rpm-macros. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms fonts-rpm-macros-2.0.5-7.el9.1.noarch.rpm 8ccbcc8437fc2e6bdb7da7e914d733ca4440d972b906d970449ccf2a09f079ad RLBA-2022:3931 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for glib2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms glib2-static-2.68.4-5.el9.x86_64.rpm d602f45c18f5fb3ce6215e1a4f6d3fb8c08f02a591a1eedad5e14c30e97d976f RLBA-2022:3935 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for fuse. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms fuse-devel-2.9.9-15.el9.x86_64.rpm 20032379a6045fd3195f5a2b22664ced44135fe8fa62eee81959f914c6919244 RLBA-2022:3938 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libxmlb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libxmlb-devel-0.3.3-1.el9.x86_64.rpm b88d42ed56835cd412373ff8986017bc53569e9bf49455b1e8fcffbbf9769108 RLBA-2022:3939 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libgusb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libgusb-devel-0.3.8-1.el9.x86_64.rpm fa720ec17bb2d7a1d78a04cd5aba20261d6e6b6532b826884116c022ece1ba77 RLBA-2022:3940 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gobject-introspection. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gobject-introspection-devel-1.68.0-10.el9.x86_64.rpm 897518f1e3093c6dfeaad7dc8507e8638337d260c3544255edc769c7f0066250 RLEA-2022:3950 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for mpitests, ucx, rdma-core, mstflint, libvma, libpsm2, fabtests, openmpi, perftest, eth-tools, mpich, libfabric. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python3-mpich-3.4.2-1.el9.x86_64.rpm 232a74230d902dcb1f34ffb857f89f5112722d3dda929de7121c3ea1e6e7bbcd python3-openmpi-4.1.1-5.el9.x86_64.rpm ebdc50bf6e7b1669d5114518ebf342f67409383c7fd55ff007edbc5a8ad304d5 RLBA-2022:3962 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libcomps. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libcomps-devel-0.1.18-1.el9.x86_64.rpm 091e229bf1d78c3cd2bcb75f91d365014341bb51cf660d3b2fc415bae609d8bf RLBA-2022:3964 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for kmod. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms kmod-devel-28-7.el9.x86_64.rpm a6091bd65a1571042775d19f922b63b9318b1b16a15ff3d97556494fbba5571e RLBA-2022:3975 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for json-c. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms json-c-devel-0.14-11.el9.x86_64.rpm 997c75f583759009dfc8fe5da3d1c9526071ac34119bf73578233feca8881bc1 json-c-doc-0.14-11.el9.noarch.rpm e3b3c4fb56fcd74820d10d0c5fca18529c7c9f0c519dc4f891813b826b7030e0 RLBA-2022:3983 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for pcsc-lite. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms pcsc-lite-devel-1.9.4-1.el9.x86_64.rpm dbf412e4262e13dceb44b70b1bdcc798257f77d3cae4e1a1a07e39cf9f1602d6 RLEA-2022:3986 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ipset. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms ipset-devel-7.11-6.el9.x86_64.rpm 1f273bae67be241794db55aa1c08c095a93e54a46a5434c7cca77108c0ee1b02 RLBA-2022:3987 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libdb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libdb-cxx-5.3.28-53.el9.x86_64.rpm 274bbcbfe911b672fdae9802f93a22996a3877401138ffa66a0f1d5b0e1ff603 libdb-cxx-devel-5.3.28-53.el9.x86_64.rpm c81a10d64283738a626a6eb86e0311ecd5518d1df2e5c3a8df53ebc4d5ee0d2d libdb-devel-doc-5.3.28-53.el9.noarch.rpm b743f2065d46a14b686c79f9d02b49d149ce3519d7921192f324a886852ca4da libdb-sql-5.3.28-53.el9.x86_64.rpm ee30d706ab85e596ae9bc6cb2ac859e2d8f16db13721afd1517697bf798ea4c5 libdb-sql-devel-5.3.28-53.el9.x86_64.rpm 80f4c9bea9c27469fa4a238fe2743cbd3ce4ef6331b316223f0b7c9075ea4e4e RLBA-2022:3990 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for trace-cmd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libtracecmd-devel-0-9.el9.x86_64.rpm 1209add789c6c55bb5ccb43b19f4cec2f05eb758be8ae2126e1fb81a9dcbc2f5 RLBA-2022:4002 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for jansson. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms jansson-devel-2.14-1.el9.x86_64.rpm 4c93c431e358767a44f6f1b64118d660a03b4bc38992ba467cb1a4349418125e RLBA-2022:4008 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for snappy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms snappy-devel-1.1.8-8.el9.x86_64.rpm 644a27fe3a73ca5b338b3a86c35355db31adcdcf145f06e1ec70430b1baa2c1f RLBA-2022:4011 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libtalloc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libtalloc-devel-2.3.3-1.el9.x86_64.rpm f7efb173db7a8e74a8e6f1c5511497bbf196193b3d8e2e56f579e2cfc23ef667 RLEA-2022:4019 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ima-evm-utils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms ima-evm-utils-devel-1.4-4.el9.x86_64.rpm d06a5cddd807c21c1c814f58b14ba06781e0a57c7cce4a92873fde456df49823 RLBA-2022:4031 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libtraceevent. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libtraceevent-devel-1.1.1-8.el9.x86_64.rpm f4c59a1f2cc30a4f3cf83aa4e5820db16aa3d71bf2baf92b8ad08f6c59964431 RLBA-2022:4034 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libtracefs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libtracefs-devel-1.0.2-7.el9.x86_64.rpm fc15e973492fd7762ba55f817bf459a03ca58af67287a4ec132c9bf0aadfbc73 RLBA-2022:4038 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for sysfsutils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsysfs-devel-2.1.1-10.el9.x86_64.rpm 1b0e6aa374d0bcaafda722432807216279b4955a1dae591a223351df090347c4 RLBA-2022:4050 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for efivar. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms efivar-devel-38-2.el9.x86_64.rpm 4548b109d611e6f7353c2c9eab0f71452d2202cd83e6a3abc7e9a655ddd741cf RLBA-2022:4066 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for pyparsing. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms pyparsing-doc-2.4.7-9.el9.noarch.rpm 138a284cf40b57d3c00e3377961f5f4eb7e3e3f033e44012f41135bb25bfc559 RLBA-2022:4068 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gpgme. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gpgme-devel-1.15.1-6.el9.x86_64.rpm 1b62d7512bc3c21b5a9dfef21e47d76506cab51040298da9cb265fddd5ec75b3 gpgmepp-devel-1.15.1-6.el9.x86_64.rpm 79ef72c2925e32944be361d40e8db0736b49cb2b6db8ad87a4e6e0c9c1d7c1b7 qgpgme-1.15.1-6.el9.x86_64.rpm ccfe2294f52611569a510e21a5f327c51c849f441bd9785c37778a71afdc7865 qgpgme-devel-1.15.1-6.el9.x86_64.rpm 93070f5a3b8a5a556669f10cf8d1148c6c76721dc009cf74c15e3d8970bd92cf RLBA-2022:4075 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for texinfo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms texinfo-6.7-15.el9.x86_64.rpm 8bc9180ec8fa7ae9b4a36615a3be571f7acc7513d0cdd6e755db38ef647e4bfb texinfo-tex-6.7-15.el9.x86_64.rpm b031545150b72acc7d8e8086744ab56982cdfe6005cf85bb43ff7e2ab87ec266 RLBA-2022:4091 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for avahi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms avahi-compat-howl-0.8-12.el9.x86_64.rpm f32d452050b8361423d888af2413e1c5ab5eaf5d0e2ee66df5c78eff403c4017 avahi-compat-howl-devel-0.8-12.el9.x86_64.rpm 7b53abe7ed8514792147393a8d2e9d57cfe6c75f1dadd0b710f83214d52113c0 avahi-compat-libdns_sd-0.8-12.el9.x86_64.rpm c5fa05faa00e1eb8c6b9d898b22214b7c5f4bebec3c7d2c2655dc390f624a07b avahi-compat-libdns_sd-devel-0.8-12.el9.x86_64.rpm 58f0bd49179881ea9cd5ba477640897ab51ed74f7adfd8647d12aa2ba019dd4b avahi-devel-0.8-12.el9.x86_64.rpm d65a60e613cb4e81bbe15c5287a528f914e44a391805dfb1b2c6094475c99523 RLBA-2022:4105 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for cracklib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms cracklib-devel-2.9.6-27.el9.x86_64.rpm acdab2dcd948d0da9c8a3064b17a1f31e414814f058d3b5b7de68a0378b58c5e RLBA-2022:4124 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gcab. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libgcab1-devel-1.4-6.el9.x86_64.rpm 683878cc82933f512cb055f3fc3eaff26e66b53a089218f4231dd76af726ea10 RLBA-2022:4125 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gdbm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gdbm-1.19-4.el9.x86_64.rpm 7653483e02d396d622bbf65dd78bf71291759101c6f2faeb3a61fb08bf8e522d gdbm-devel-1.19-4.el9.x86_64.rpm a3c56eb1304379dbdf1d42549442a578f8aa8731cef53cb2cb3b38ab361e6592 RLBA-2022:4139 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for intel-cmt-cat. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms intel-cmt-cat-devel-4.1.0-3.el9.x86_64.rpm c357683bb1a070c0fffcc37d4751dcfaade1ebb20ac5e009f70c5d24ea328c40 RLBA-2022:4151 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libassuan. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libassuan-devel-2.5.5-3.el9.x86_64.rpm f356433d0d52806d3ed5418c7ea16c117e468ce00370dfe123c27c10895eafc1 RLBA-2022:4153 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libconfig. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libconfig-devel-1.7.2-9.el9.x86_64.rpm 8e6657bd0c118ab16d290dd35378e962f1a8c347981f797e309182d8ff15b38e RLBA-2022:4154 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libdaemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libdaemon-devel-0.14-23.el9.x86_64.rpm 3983047efe16784b5c6f783d189b4b192b90d04d875bd7528372eb957c48b76d RLBA-2022:4160 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libfido2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libfido2-devel-1.6.0-7.el9.x86_64.rpm 881313eff399c4adbacdfd2c230bc36079ab31611a18e721cc129ae4deeb96f2 RLBA-2022:4161 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libgudev. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libgudev-devel-237-1.el9.x86_64.rpm 5897b32f9141d807fc82291cc502d4441229612cea825e1e180d2b8b0b2e1348 RLBA-2022:4163 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libjcat. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libjcat-devel-0.1.6-3.el9.x86_64.rpm 61f0fd2515c06d19bb517cc5dc0c26f53320d4dc3fa9c0bccb28cf738eea527c RLBA-2022:4166 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libmnl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libmnl-devel-1.0.4-15.el9.x86_64.rpm d19b8c0d0006c45a7edae02af0f9f239f7919cf89f24969bb6fc1a726253c22d RLBA-2022:4167 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libmodulemd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libmodulemd-devel-2.13.0-2.el9.x86_64.rpm ea27da83dfcc7fa620c2a21f0e5076aac225644294acab2db700cb32b000b761 RLBA-2022:4169 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libnetfilter_conntrack. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libnetfilter_conntrack-devel-1.0.8-4.el9.x86_64.rpm 5bf6fff478f3d4d9ac086dd16b4c8d5a7e4e7d4bada7af29b5c669dcc961a7d7 RLBA-2022:4170 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libnfnetlink. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libnfnetlink-devel-1.0.1-21.el9.x86_64.rpm e1192750ccd7ffe9103109568c30084a9af818c93674d5dabd0ac7c8e248c91b RLBA-2022:4173 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libpcap. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libpcap-devel-1.10.0-4.el9.x86_64.rpm f3ff4efc53774b48411d4144744cd0b2ac4fe3931ffd139c92e426537dce9222 RLBA-2022:4175 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libpeas. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libpeas-devel-1.30.0-4.el9.x86_64.rpm 89c7b01df87c484cb7abf1a96f535b5f81a569bd83c0a4d440a0f1a0581d66e0 RLBA-2022:4178 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libproxy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libproxy-devel-0.4.15-35.el9.x86_64.rpm b6cfb9417f09c36270523b4c3ba39e5d7d89e783519417e7fa1ad65a4892c7eb RLBA-2022:4180 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libpwquality. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libpwquality-devel-1.4.4-8.el9.x86_64.rpm b8c2f7778d28a300a5cfce84c22afad72ccf1386cb3bd1b1817cf9ad246536c6 RLBA-2022:4181 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for librhsm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms librhsm-devel-0.0.3-7.el9.x86_64.rpm bfb717be25f3ead58c9e38859a08c4664353f9d5a65ef98f524e07502d68a943 RLBA-2022:4182 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libsigsegv. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsigsegv-devel-2.13-4.el9.x86_64.rpm 61b9832182519eebae50d29240a4af4464cc1e08dc30812a04d0194c72e654cc RLBA-2022:4187 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libunistring. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libunistring-devel-0.9.10-15.el9.x86_64.rpm d6c30a178cbb80f71a4d1e06d748353011f1f37e5aa92cf9e786c113c08b5199 RLBA-2022:4189 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libutempter. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libutempter-devel-1.2.1-6.el9.x86_64.rpm 2b8118ca81b4895d9355603367fc354af1553af8debade4da7bf0549b0ac0aa0 RLBA-2022:4192 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libxcrypt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libxcrypt-static-4.4.18-3.el9.x86_64.rpm d619736aa4ce6a1787a900071f6d1486a6c3e3985b9ecda7621cc4ad0ace17e3 RLBA-2022:4193 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libyaml. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libyaml-devel-0.2.5-7.el9.x86_64.rpm 5d44231b8c08f4a8f20507b5fc2e59f0ea7dbffef448b7d308e704f1c733cda7 RLBA-2022:4196 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for lmdb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms lmdb-0.9.29-3.el9.x86_64.rpm 37e26b651842629d5ea0a2504f204672a5aa67cf4451ce730b425cdb7da3e4ae lmdb-devel-0.9.29-3.el9.x86_64.rpm a0d46f0ab6ac1712f7b4ec54de0ac09057fc58b3433b1a3479a4c59390f9d9fc RLBA-2022:4197 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for lockdev. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms lockdev-devel-1.0.4-0.37.20111007git.el9.x86_64.rpm 84d6a3e3dccfdaa327f3c174e063a5748511425c47e6d04f7c6878b20c41488e RLBA-2022:4225 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for nghttp2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libnghttp2-devel-1.43.0-5.el9.x86_64.rpm e05c3a8cea42e2c2d194985ec60878da8ec24d586ae45b10e44611f93b6139ec nghttp2-1.43.0-5.el9.x86_64.rpm 9959c742253c9c1b916573558caa423aad04ba5db56b6ad6b77ad0dd1a173ae7 RLBA-2022:4226 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for npth. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms npth-devel-1.6-8.el9.x86_64.rpm 6f5b9018455fbb05028979ab6410088d0757e604d53bc36aa8273f5cfbe8b7d9 RLBA-2022:4229 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for opensm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms opensm-devel-3.3.24-2.el9.x86_64.rpm fdda99179d41e7b2d5d8b3827647a920a3a1f2331e860c61020415f2c4435e70 RLBA-2022:4235 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for pcre. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms pcre-static-8.44-3.el9.3.x86_64.rpm 460d71a638a907294c1244ec3221eaafb47e2f912a783bf8940e870e7c9e43b3 RLBA-2022:4241 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ppp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms ppp-devel-2.4.9-5.el9.x86_64.rpm 4e434925d8cb6b45f3d93bcb19210804099be297a6ba15b21f20a88dc3d848d0 RLBA-2022:4247 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for python-dateutil. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python-dateutil-doc-2.8.1-6.el9.noarch.rpm 79617fa279ecb194bfcfc885e2a2eb9d6fb37066536e8685ddf9b43b0facd0f9 RLBA-2022:4258 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for quota. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms quota-devel-4.06-6.el9.x86_64.rpm 18c5e600518211877547a69bd81e37ca1456e415d0f12fac8f6b856634b7b5e3 RLBA-2022:4282 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for userspace-rcu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms userspace-rcu-devel-0.12.1-6.el9.x86_64.rpm 0be714407233e88fd692878d403bbd9bd852db315d51387f1487616ee5e1d2a1 RLEA-2022:4570 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for zaf, hyphen-uk, libpagemaker, hyphen-ca, hunspell-et, hyphen-eu, hyphen-ga, libvisio, raptor2, hunspell-ta, mythes-nl, hunspell-lt, hunspell-sk, ongres-scram, hunspell-hu, libshout, hunspell-nso, poppler, hunspell-nl, hunspell-hi, openjpeg2, libabw, hunspell-es, hunspell-sv, hyphen-sv, hyphen-te, google-carlito-fonts, hunspell-br, hunspell-ml, hyphen-pl, hunspell-pl, hyphen-el, hyphen-ru, hunspell-bg, hyphen-es, mythes-ro, hyphen-as, libloader, libmspub, dconf, mythes-en, libreoffice-voikko, hunspell-de, hunspell-id, hunspell-eu, libexttextcat, hyphen-da, pentaho-libxml, redland, hunspell-kn, libcmis, libepubgen, libodfgen, hunspell-fr, hunspell-th, hunspell-zu, xmlsec1, libnumbertext, hyphen-gu, libreoffice, hyphen-nl, hyphen-ro, libfontenc, librevenge, libwpg, hyphen-it, mythes-it, libmwaw, ttmkfdir, postgresql-jdbc, hunspell-sr, hunspell-ga, hunspell-ro, openoffice-lv, lksctp-tools, mythes-sk, mythes-cs, hyphen-cy, libformula, liblayout, clucene, hunspell-hr, mythes-ru, hunspell-gl, hyphen-ta, mythes-da, hunspell-tn, libqxp, lpsolve, hunspell-gu, mythes-pt, mythes-sl, libetonyek, hyphen-lt, google-noto-fonts, hunspell-ar, neon, librtas, hyphen-sk, hunspell-cy, boost, hunspell-ko, hunspell-si, flute, hunspell-pt, hyphen-fa, libzmf, hunspell-nr, hunspell-pa, hunspell-ve, mythes-ca, sac, hunspell-it, hyphen-bg, gstreamer1-plugins-good, openoffice.org-dict-cs_CZ, hyphen-gl, hyphen-hu, taglib, bitmap-fonts, libwps, hyphen-de, libbase, hunspell-af, hunspell-or, mythes-ga, xorg-x11-fonts, hunspell-no, hunspell-kk, libvoikko, mythes-sv, hunspell-el, hyphen-id, hunspell-da, libwpd, hunspell-ss, hunspell-ts, hyphen-bn, hyphen-sl, libeot, mythes-fr, hunspell-te, mythes-pl, pentaho-reporting-flow-engine, mythes-de, mythes-es, hunspell-as, hunspell-fa, hyphen, hunspell-uk, mythes-el, hyphen-hi, mythes-hu, hyphen-or, hyphen-mr, hunspell-xh, hyphen-pa, libserializer, poppler-data, hunspell-mr, hspell, hunspell-st, hunspell-ru, libfreehand, hunspell-ca, hyphen-fr, hunspell-bn, gstreamer1-plugins-base, twolame, libcdr, Box2D, liborcus, hyphen-ml, hunspell-sl, javapackages-tools, librepository, libstaroffice, libfonts, v4l-utils, rasqal, voikko-fi, hyphen-kn, mythes-uk, mythes-bg, hyphen-pt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms clucene-core-devel-2.3.3.4-42.20130812.e8e3d20git.el9.x86_64.rpm 24751d0f5a6f7c42a151bb5c1f0b293b7b473e58f59544054a1cbbec83d5020b dconf-devel-0.40.0-6.el9.x86_64.rpm 5c06e0309a68d5c1b660063139d74fb7eda9eeba89455a222efcb3fa611d0cb2 javapackages-generators-6.0.0-3.el9.noarch.rpm 317fc46d3cc3e33dcfe658399f568188524051eaa2e11422ebda2b054b7c0d30 javapackages-local-6.0.0-3.el9.noarch.rpm 8eabb02f23814c7dd3fcd61acef39ed52fd559d11161e6366fa3c9cce30586a8 libeot-0.01-18.el9.x86_64.rpm 8ee705db81151e939723650c4c82e87582b5260c92618c08be298a6b541a9d50 libetonyek-devel-0.1.10-2.el9.x86_64.rpm 23e41915ef731f5667859660eb839e977b53dc299d5d6dbd8aeb8c37aa3d7ad1 libfontenc-devel-1.1.3-17.el9.x86_64.rpm b7543b245f6fa321e69750fa24b5b6a16a590f9d8a02585acbd727ba83df0836 libodfgen-devel-0.1.8-4.el9.x86_64.rpm 4bce80a07e94579f23bb6f9f96e035676aeb172655b5e221485da9f1d47c0bea librevenge-devel-0.0.4-22.el9.x86_64.rpm 581414d6aeb091448e3519e5bd6564ceb4b2d37cba7e32ea3edafcc3be488573 libshout-devel-2.4.3-7.el9.x86_64.rpm 29c593601777e117590fc092be478c8b0d7d8f136d1ab23cb01b5e91c7c9d5d3 libv4l-devel-1.20.0-5.el9.x86_64.rpm bec7ef7e7d17c2b27de2e9f96861e5bd3055932fb6504b76f5092241326e6ef3 libvisio-devel-0.1.7-9.el9.x86_64.rpm 53815665f7955eef86c126f3a3283617c19247381693baf28edccd0a72d0dc32 libvoikko-devel-4.3-7.el9.x86_64.rpm 279ce1f9bc6cc9f2945fcd14275ba3ec14b772dde426266e3553bacb3bbc4e1f libwpd-devel-0.10.3-10.el9.x86_64.rpm 75bf759ba5cf87a9e1842fdf7751fa874987d8014212220ff694671bf9c62a72 libwpd-doc-0.10.3-10.el9.noarch.rpm cf1cafa034c873ca0728f3d265a585a12f2fe820388cf525b9407d7a7ff7d3b4 libwpg-devel-0.3.3-8.el9.x86_64.rpm b74c59b1f9580c7854ab074ca64bb117f6065efe9684bf59e118ec54c02da47d libwpg-doc-0.3.3-8.el9.noarch.rpm 612575a87c0c960172ba28ba334437243e5e8df6ae17b42d55d999fe31dac0a0 libwps-devel-0.4.12-4.el9.x86_64.rpm 199bf1bdb5cfc6a5e272670a2a4738b9763dfa0b8c8358545daf081d2864d4fd libwps-doc-0.4.12-4.el9.noarch.rpm a57cc3f098bec98c980281bf98395ecd53c2f63d364e03fabd653f02ca29a8cf maven-local-6.0.0-3.el9.noarch.rpm 1ba14e27ad8c7fa5b901dd6301622a414cca16776ecf2e76fd06d80c523d3878 neon-devel-0.31.2-11.el9.x86_64.rpm 424c81a3277e2721e18800dcba426006d78051dea32112fdea9cda65bcbf7b79 python3-javapackages-6.0.0-3.el9.noarch.rpm 899b9fe1a14b98ebda8c57b4624ec45ce522e8683e2a8b987932c8aadb5eb8a2 raptor2-devel-2.0.15-30.el9.x86_64.rpm ab01978787ae942c20f7adea03654605cf935eafa48ca3a50dd419cdd38cd88f rasqal-devel-0.9.33-18.el9.x86_64.rpm 1ca47cb5be5e91626dbe8f28e07dfb49979f77ccaae51a546d515d1599be7613 redland-devel-1.0.17-29.el9.x86_64.rpm 400118ca79a904e1c34586ff8528785a01783e6d511a11eb4233836275c7663a taglib-devel-1.12-6.el9.x86_64.rpm d6f09e4e9c54138406822c08b4905f9a4c726bcfdbe18531e2ed3ad8d82e1108 twolame-devel-0.3.13-19.el9.x86_64.rpm 68eeadad3ed0fe2f3e59f2846a5895b4506645b214d1917cc6893ff567070845 xmlsec1-devel-1.2.29-9.el9.x86_64.rpm 0a3c6a82d60740374791f771b38764e26a7557271db75d5526842be23650399b xmlsec1-gcrypt-1.2.29-9.el9.x86_64.rpm 56c3dba3faccf01bde42d7eabb6e2a46e52f2b93c2344a4876aed3e93248a935 xmlsec1-gnutls-1.2.29-9.el9.x86_64.rpm 982ecc43eb597049d9bce1b7f7d9e5023e5889edb521f5f01a7aa4c459cdaff6 xmlsec1-gnutls-devel-1.2.29-9.el9.x86_64.rpm 8bf2e326f311b467641938e9333b074c75a36233d967bb047b798faada591741 xmlsec1-openssl-devel-1.2.29-9.el9.x86_64.rpm 6d3c8ae576333ee1e286fbfb39f76e980fa1413b966bd05054a4a37b44650220 RLSA-2022:7090 KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Security Fix(es): * libksba: integer overflow may lead to remote code execution (CVE-2022-3515) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for libksba. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Security Fix(es): * libksba: integer overflow may lead to remote code execution (CVE-2022-3515) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms libksba-devel-1.5.1-5.el9_0.x86_64.rpm 849c23c2bd217b73f74640bf54ba7f46f3807ad3608a2db62a60c0ab64f04548 RLSA-2022:7329 The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fix(es): * lua: heap buffer overflow in luaG_errormsg() in ldebug.c due to uncontrolled recursion in error handling (CVE-2022-33099) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for lua. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fix(es): * lua: heap buffer overflow in luaG_errormsg() in ldebug.c due to uncontrolled recursion in error handling (CVE-2022-33099) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms lua-devel-5.4.2-4.el9_0.3.x86_64.rpm fa35368fce9b9264daedcf044170e31b2e37f2eccbb755ff02ed8e0c0368e943 RLBA-2022:8265 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for NetworkManager. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms NetworkManager-libnm-devel-1.40.0-1.el9.x86_64.rpm 65634904db1f4e75159627a2372e1ba0b9e635ccd768a07faeae4c262e54d39c RLBA-2022:8277 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gcc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gcc-plugin-devel-11.3.1-2.1.el9.x86_64.rpm 3bac5eb5a84dcb39912d45e06c83ca85d781cdf5dfc1294be3f5b345cd0aee30 libstdc++-static-11.3.1-2.1.el9.x86_64.rpm 23db9c32a8ab30345f59eabdefbe856bc704482d9ea0c17a5f75ae0e2f2da035 RLBA-2022:8278 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for accel-config. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms accel-config-devel-3.4.6.3-1.el9.x86_64.rpm 114fef0f2446aaeb2f9ce3bf42e339ba0a6175c3c60c3736bcaeffcc50ae10bf RLBA-2022:8280 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for trace-cmd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libtracecmd-devel-0-9.el9.x86_64.rpm 1209add789c6c55bb5ccb43b19f4cec2f05eb758be8ae2126e1fb81a9dcbc2f5 RLBA-2022:8289 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for shadow-utils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms shadow-utils-subid-devel-4.9-5.el9.x86_64.rpm 2466f31ebbe66db70933fc610f19ba15585bed8a6a2913b5a872a3117a503332 RLBA-2022:8293 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libsemanage. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsemanage-devel-3.4-2.el9.x86_64.rpm c659e6df80aa0fa212c4c4f5e01a003e2c7a9d319de9d17fd118a517de973d5a RLBA-2022:8295 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libdnf. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libdnf-devel-0.67.0-3.el9.x86_64.rpm 9220e6eedc711c4a0a73f4c155830cfd0d8c6885cc0d592d2c0c3fde21399fb4 RLBA-2022:8298 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libsolv. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsolv-devel-0.7.22-1.el9.x86_64.rpm 583bea25d60eb75332f4b0d06fbeb55032ab9a705cc1747a331ade6494faf0d7 libsolv-tools-0.7.22-1.el9.x86_64.rpm e4fa9f77137425bebcaad981b0d34a1ce28e2b2643630d30f8e74020aa7402d8 RLBA-2022:8309 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for jitterentropy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms jitterentropy-devel-3.4.0-1.el9.x86_64.rpm 63d590f43914cd29c8d71d69be99775d3d4b4918e355c77d9a6f1be3990ef47c RLBA-2022:8312 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ding-libs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libbasicobjects-devel-0.1.1-53.el9.x86_64.rpm 3436165f32aadc48ab5826a5dc80a87f90d8b45a81ccb66c6fb967480de648c8 libcollection-devel-0.7.0-53.el9.x86_64.rpm 61c518a8944ec62d4e0a01d5949997585234896120e6ffda30a91d6585462d61 libini_config-devel-1.3.1-53.el9.x86_64.rpm db7b4e160c56538efff8d7f179226bb80364d70829a11d8f40fa3b84a51a112f libpath_utils-devel-0.2.1-53.el9.x86_64.rpm 8ad6a1fdb7c7753b1d6788352f90a8ef04e11eb169c85a278b1de0e41a188556 libref_array-devel-0.1.5-53.el9.x86_64.rpm 2ef09177914ff83b78cce76af9fed90bc3225a7eb5788671f3cadfb340d7846c RLSA-2022:8317 Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version: samba (4.16.4). (BZ#2077487) Security Fix(es): * samba: server memory information leak via SMB1 (CVE-2022-32742) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for samba. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version: samba (4.16.4). (BZ#2077487) Security Fix(es): * samba: server memory information leak via SMB1 (CVE-2022-32742) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsmbclient-devel-4.16.4-101.el9.x86_64.rpm eada231419f3f4c30d64ca2747823bdd923ac2291806322ebb8a2993acd270dd libwbclient-devel-4.16.4-101.el9.x86_64.rpm 2795495c0060b9d6ea60792f7656f26c480d253bfd4eb446daf8f36004f5264a samba-devel-4.16.4-101.el9.x86_64.rpm c202374818a24e4aca2e82ee2e89bea34c1b1cf7aa973b5e3d0052e19773944d samba-pidl-4.16.4-101.el9.noarch.rpm 2a62fd23b7bc67bd4c85fd7ff2f748493c82ff8de5b0b1958238a9826188a7b4 samba-test-4.16.4-101.el9.x86_64.rpm 46813e14c344914ca9a15a0d7cf0054b84f2bf9b44e579e51570138703fa94ae samba-test-libs-4.16.4-101.el9.x86_64.rpm d88a0e048d5b24171a5cf873b8624e29aafedf1a38ce3ecc692e9bee5c3661fe RLSA-2022:8318 The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb (2.5.2). (BZ#2077490) Security Fix(es): * samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request (CVE-2022-32746) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for libldb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb (2.5.2). (BZ#2077490) Security Fix(es): * samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request (CVE-2022-32746) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libldb-devel-2.5.2-1.el9.x86_64.rpm 823e790d4fb8a1c6d2a782802e099e2c91c28af5d65678a759ca0f1525471e2d RLBA-2022:8319 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libtdb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libtdb-devel-1.4.6-1.el9.x86_64.rpm 606cd0148e6d413a3352f3cdc0b10fc0b217eef0a5a7bbace75bd3114d685129 RLBA-2022:8320 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libtevent. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libtevent-devel-0.12.0-0.el9.x86_64.rpm 07c4f303e4de353eeb238ed280b37812ce58bb760750941df0e0b5b97a5cf098 RLBA-2022:8336 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libselinux. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libselinux-static-3.4-3.el9.x86_64.rpm a4a62013cfc152c2ba65155443a5aa098b4e827f187dbb5a17928556f2db4809 RLBA-2022:8337 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libsepol. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsepol-static-3.4-1.1.el9.x86_64.rpm 532f2c081c1e1555f7d196cee0190d20f25011368f7d6b6c8c216fa082e15709 RLBA-2022:8342 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for parted. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms parted-devel-3.5-2.el9.x86_64.rpm 9c13925c224259e8fbb1eceafb11dc2b413a5354b1a37e513e5f8d5988277ffa RLBA-2022:8343 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libnftnl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libnftnl-devel-1.2.2-1.el9.x86_64.rpm cd1b797bed9c5cbc543ad5349bb864863142d530a77552967d388e3710accca7 RLBA-2022:8352 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for pygobject3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python3-gobject-devel-3.40.1-6.el9.x86_64.rpm 71b9e73539f0ebb15808eedb6af53727c9d9d76da42ee4eda4a9bc151f9210a6 RLEA-2022:8359 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for inih. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms inih-devel-49-6.el9.x86_64.rpm e21b37b270c8db1022330ef70158bef5230c5d4586d0128b7f21760dc2b2681c RLBA-2022:8358 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for lvm2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms device-mapper-devel-1.02.185-3.el9.x86_64.rpm e94e357f8ab61927435b19bbd930056d2973f397ef185d1ba8fa6a1c7cf76d41 device-mapper-event-devel-1.02.185-3.el9.x86_64.rpm 122e100ade5056d71b7d5a8ab262627f732ceda565746d33a6f241e34ff42b7b lvm2-devel-2.03.16-3.el9.x86_64.rpm 514577be2f9ef8c4af4a0ce5dc78fe69adc2626a88b4c9190faa7d0590314803 RLBA-2022:8364 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libbpf. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libbpf-devel-0.6.0-1.el9.x86_64.rpm b15a2608f025ad93f33199d77caac29432fd8962b65765cd892def743eb5ce82 libbpf-static-0.6.0-1.el9.x86_64.rpm 98613869a396c5ef520b2c3e0586731685e33fbe92786d2118cd604389e0c7bd RLBA-2022:8370 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for tss2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms tss2-devel-1.6.0-7.el9.x86_64.rpm 67b82aeb0202f31e767cafd0a05813ec5129a42e8ae8be04817c54b9be9ca127 RLBA-2022:8373 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for librepo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms librepo-devel-1.14.2-3.el9.x86_64.rpm 3a44343d483ff9d3ec9fb0dd06529ce7a8bc04ccc13c4b75fb9296acafddcf7c RLBA-2022:8372 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for iproute. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms iproute-devel-5.18.0-1.el9.x86_64.rpm 9c740ffd1756d86c223e49bf15c2506d033faae87f764355e217872c7d28ce72 RLBA-2022:8376 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for nfs-utils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libnfsidmap-devel-2.5.4-15.el9.x86_64.rpm e9c615a1e07ab2a9781d00f83664cb4a6fef79d527b906a57f99f2f51fac3d4f RLBA-2022:8377 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libarchive. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libarchive-devel-3.5.3-3.el9.x86_64.rpm 542b663d1769f04da56ff4326dc0f9ad5b7cca75011ffbf46de1c3757f1372be RLBA-2022:8381 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for nftables. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms nftables-devel-1.0.4-2.el9.x86_64.rpm 3e5dbca600e3be206f4f1cf1bf4b24910770171945fe39ccd818d57f54d388db RLBA-2022:8388 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for bluez. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms bluez-libs-devel-5.64-2.el9.x86_64.rpm d643b0ce623c69e0f7afe3439f282e3a0a73db365b3745e00d34d3141c7e3d41 RLEA-2022:8391 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ucx, rdma-core, mstflint, libvma, libpsm2, fabtests, opa-fm, opa-ff, eth-tools, libfabric. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libfabric-devel-1.15.1-1.el9.x86_64.rpm ec1acc160a5da58d90c2d198c1ee8c7b2c17bfd4719f9647d51db7ee2ae44516 libpsm2-devel-11.2.229-2.el9.x86_64.rpm 25239c4654e29e21b83bb604172906a241f786b168c6a738fec1271c7d95d87c RLBA-2022:8392 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for sg3_utils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms sg3_utils-devel-1.47-9.el9.x86_64.rpm 95ac8e915f3bcd1977c28744916915830dabc1cbc5e02fcaca52f0c24dbe2b5d RLBA-2022:8394 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libuser. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libuser-devel-0.63-11.el9.x86_64.rpm f28c52be4f9c5f6214415484d860583cd74bc12e4aa01da5da05fe0a28e4e6df RLBA-2022:8395 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for fwupd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms fwupd-devel-1.7.9-1.el9.x86_64.rpm 17e7ce2eb1b85bde15de647e0bd811c0d7c22a4cb93b9b4dfb4ac95567501f7e RLBA-2022:8396 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for tpm2-tss. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms tpm2-tss-devel-3.0.3-8.el9.x86_64.rpm be7b6f6c8f2a764e802daefbc68095e07d28efcf8fe09f474add9f26ac112548 RLBA-2022:8398 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for liblockfile. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms liblockfile-devel-1.14-10.el9.x86_64.rpm 2d7170d19de33b62085b96d4dd315fded3ac900c5e757600aa9bfb04e9e34f93 RLSA-2022:8400 The libtirpc packages contain SunLib's implementation of transport-independent remote procedure call (TI-RPC) documentation, which includes a library required by programs in the nfs-utils and rpcbind packages. Security Fix(es): * libtirpc: DoS vulnerability with lots of connections (CVE-2021-46828) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for libtirpc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libtirpc packages contain SunLib's implementation of transport-independent remote procedure call (TI-RPC) documentation, which includes a library required by programs in the nfs-utils and rpcbind packages. Security Fix(es): * libtirpc: DoS vulnerability with lots of connections (CVE-2021-46828) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libtirpc-devel-1.3.3-0.el9.x86_64.rpm 63fff8f885155c16040c70fd18dac0c147452e336000dc59481c6694c4b5d639 RLBA-2022:8404 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for util-linux. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libfdisk-devel-2.37.4-9.el9.x86_64.rpm 16688ed68b1965abbc0f78bccc76b85ab88d379c46b47f102d49b7d4fdb16759 RLBA-2022:8406 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for file. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms file-devel-5.39-10.el9.x86_64.rpm b0451864b4ef1619f24f7d3f94070dd56f847a05de4a04c166ac14f0f6f84a13 RLBA-2022:8424 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for zaf, hyphen-uk, libpagemaker, hyphen-ca, hunspell-et, hyphen-eu, hyphen-ga, libvisio, raptor2, hunspell-ta, mythes-nl, hunspell-lt, hunspell-sk, ongres-scram, hunspell-hu, libshout, hunspell-nso, poppler, hunspell-nl, hunspell-hi, openjpeg2, libabw, hunspell-es, hunspell-sv, hyphen-sv, hyphen-te, google-carlito-fonts, hunspell-br, hunspell-ml, hyphen-pl, hunspell-pl, hyphen-el, hyphen-ru, hunspell-bg, mariadb-connector-c, hyphen-es, mythes-ro, hyphen-as, libloader, libmspub, dconf, mythes-en, libreoffice-voikko, hunspell-de, hunspell-id, hunspell-eu, libexttextcat, hyphen-da, pentaho-libxml, redland, hunspell-kn, libcmis, libepubgen, libodfgen, hunspell-fr, hunspell-th, hunspell-zu, xmlsec1, libnumbertext, hyphen-gu, hyphen-nl, hyphen-ro, libfontenc, librevenge, libwpg, hyphen-it, mythes-it, libmwaw, ttmkfdir, postgresql-jdbc, hunspell-sr, hunspell-ga, hunspell-ro, openoffice-lv, lksctp-tools, mythes-sk, mythes-cs, hyphen-cy, libformula, liblayout, clucene, hunspell-hr, yajl, mythes-ru, hunspell-gl, hyphen-ta, mythes-da, hunspell-tn, libqxp, lpsolve, hunspell-gu, mythes-pt, mythes-sl, libetonyek, hyphen-lt, google-noto-fonts, hunspell-ar, neon, librtas, hyphen-sk, hunspell-cy, boost, hunspell-ko, hunspell-si, flute, hunspell-pt, hyphen-fa, libzmf, hunspell-nr, hunspell-pa, hunspell-ve, mythes-ca, sac, hunspell-it, hyphen-bg, gstreamer1-plugins-good, openoffice.org-dict-cs_CZ, hyphen-gl, hyphen-hu, taglib, bitmap-fonts, libwps, hyphen-de, libbase, hunspell-af, hunspell-or, mythes-ga, xorg-x11-fonts, hunspell-no, hunspell-kk, libvoikko, mythes-sv, hunspell-el, hyphen-id, hunspell-da, libwpd, hunspell-ss, hunspell-ts, hyphen-bn, hyphen-sl, libeot, mythes-fr, hunspell-te, mythes-pl, pentaho-reporting-flow-engine, mythes-de, mythes-es, hunspell-as, hunspell-fa, hyphen, hunspell-uk, mythes-el, hyphen-hi, mythes-hu, hyphen-or, hyphen-mr, hunspell-xh, hyphen-pa, libserializer, poppler-data, hunspell-mr, hspell, hunspell-st, hunspell-ru, libfreehand, hunspell-ca, hyphen-fr, hunspell-bn, gstreamer1-plugins-base, twolame, libcdr, Box2D, liborcus, hyphen-ml, hunspell-sl, javapackages-tools, librepository, libstaroffice, libfonts, v4l-utils, rasqal, voikko-fi, hyphen-kn, mythes-uk, mythes-bg, hyphen-pt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms boost-b2-1.75.0-8.el9.x86_64.rpm bfb215388f045f78b0a6ac601907237c2e572a17c38e9164da6757789893aecb boost-build-1.75.0-8.el9.noarch.rpm 7434dfea46f9bd571b3675bb4c303de6597ad7ba8de42b4faef7e5824e9a36e8 boost-doc-1.75.0-8.el9.noarch.rpm e5080e6bb50f4ae84b97ff3681e6d5d80b6337ca035c88b4f2f3770a1205cf0c boost-doctools-1.75.0-8.el9.x86_64.rpm 1697c81ae74993b71fc54fa04c2db12903b5edfa3e1948f019f6e158fe938172 boost-examples-1.75.0-8.el9.noarch.rpm f3904eec06577458543173a6e0b913a0baae3f378e034fa6b63eadb46b3e17f2 boost-static-1.75.0-8.el9.x86_64.rpm 87c37f29b636fe45c9a303b6ee0b11b694780561712f07e05bafaacd00862e80 clucene-core-devel-2.3.3.4-42.20130812.e8e3d20git.el9.x86_64.rpm 24751d0f5a6f7c42a151bb5c1f0b293b7b473e58f59544054a1cbbec83d5020b dconf-devel-0.40.0-6.el9.x86_64.rpm 5c06e0309a68d5c1b660063139d74fb7eda9eeba89455a222efcb3fa611d0cb2 google-noto-sans-symbols2-fonts-20201206-4.el9.noarch.rpm dd615d5f24abcfa7b0cd668e079d1cc26472634251956c335daac0e57eb4cdf7 javapackages-generators-6.0.0-3.el9.noarch.rpm 317fc46d3cc3e33dcfe658399f568188524051eaa2e11422ebda2b054b7c0d30 javapackages-local-6.0.0-3.el9.noarch.rpm 8eabb02f23814c7dd3fcd61acef39ed52fd559d11161e6366fa3c9cce30586a8 libeot-0.01-18.el9.x86_64.rpm 8ee705db81151e939723650c4c82e87582b5260c92618c08be298a6b541a9d50 libetonyek-devel-0.1.10-2.el9.x86_64.rpm 23e41915ef731f5667859660eb839e977b53dc299d5d6dbd8aeb8c37aa3d7ad1 libfontenc-devel-1.1.3-17.el9.x86_64.rpm b7543b245f6fa321e69750fa24b5b6a16a590f9d8a02585acbd727ba83df0836 libodfgen-devel-0.1.8-4.el9.x86_64.rpm 4bce80a07e94579f23bb6f9f96e035676aeb172655b5e221485da9f1d47c0bea librevenge-devel-0.0.4-22.el9.x86_64.rpm 581414d6aeb091448e3519e5bd6564ceb4b2d37cba7e32ea3edafcc3be488573 libshout-devel-2.4.3-7.el9.x86_64.rpm 29c593601777e117590fc092be478c8b0d7d8f136d1ab23cb01b5e91c7c9d5d3 libv4l-devel-1.20.0-5.el9.x86_64.rpm bec7ef7e7d17c2b27de2e9f96861e5bd3055932fb6504b76f5092241326e6ef3 libvisio-devel-0.1.7-9.el9.x86_64.rpm 53815665f7955eef86c126f3a3283617c19247381693baf28edccd0a72d0dc32 libvoikko-devel-4.3-7.el9.x86_64.rpm 279ce1f9bc6cc9f2945fcd14275ba3ec14b772dde426266e3553bacb3bbc4e1f libwpd-devel-0.10.3-10.el9.x86_64.rpm 75bf759ba5cf87a9e1842fdf7751fa874987d8014212220ff694671bf9c62a72 libwpd-doc-0.10.3-10.el9.noarch.rpm cf1cafa034c873ca0728f3d265a585a12f2fe820388cf525b9407d7a7ff7d3b4 libwpg-devel-0.3.3-8.el9.x86_64.rpm b74c59b1f9580c7854ab074ca64bb117f6065efe9684bf59e118ec54c02da47d libwpg-doc-0.3.3-8.el9.noarch.rpm 612575a87c0c960172ba28ba334437243e5e8df6ae17b42d55d999fe31dac0a0 libwps-devel-0.4.12-4.el9.x86_64.rpm 199bf1bdb5cfc6a5e272670a2a4738b9763dfa0b8c8358545daf081d2864d4fd libwps-doc-0.4.12-4.el9.noarch.rpm a57cc3f098bec98c980281bf98395ecd53c2f63d364e03fabd653f02ca29a8cf mariadb-connector-c-doc-3.2.6-1.el9_0.noarch.rpm ff5c4d6ab6afb6673d998e459849737de604fb3af694d9c9534909bfdd0a2e26 mariadb-connector-c-test-3.2.6-1.el9_0.x86_64.rpm 8374c008c92135c8b2f7a70f9ed4b0ebb92dd98869e854940aec8ac16fa1aff0 maven-local-6.0.0-3.el9.noarch.rpm 1ba14e27ad8c7fa5b901dd6301622a414cca16776ecf2e76fd06d80c523d3878 neon-devel-0.31.2-11.el9.x86_64.rpm 424c81a3277e2721e18800dcba426006d78051dea32112fdea9cda65bcbf7b79 openjpeg2-devel-2.4.0-7.el9.x86_64.rpm d53b88801d7843e5261aba4ec89ec9f296303b68172457612674407231440f05 openjpeg2-tools-2.4.0-7.el9.x86_64.rpm 8f51a50dfaba24b0e1c43029d6e9f904eddb47d45368a6cc40f8342373a60776 poppler-cpp-devel-21.01.0-13.el9.x86_64.rpm 65522612f2cbf8fc1777b212d60266419763b84b9400a6665d7f92ff72f99dc5 poppler-devel-21.01.0-13.el9.x86_64.rpm 9ef1b5772465999e111224316a2ce5c9b781f518bfcdec83be9b4841501d0ad2 poppler-glib-devel-21.01.0-13.el9.x86_64.rpm 9e53c433c9cf93bda7c052a66a9fba45ba03b636e925a689c6c6b830e2aed100 poppler-qt5-devel-21.01.0-13.el9.x86_64.rpm c5cf38c2201b79a0705157221ef23140548b29e2831d92ad0a6ca9c55f5d6edb python3-javapackages-6.0.0-3.el9.noarch.rpm 899b9fe1a14b98ebda8c57b4624ec45ce522e8683e2a8b987932c8aadb5eb8a2 raptor2-devel-2.0.15-30.el9.x86_64.rpm ab01978787ae942c20f7adea03654605cf935eafa48ca3a50dd419cdd38cd88f rasqal-devel-0.9.33-18.el9.x86_64.rpm 1ca47cb5be5e91626dbe8f28e07dfb49979f77ccaae51a546d515d1599be7613 redland-devel-1.0.17-29.el9.x86_64.rpm 400118ca79a904e1c34586ff8528785a01783e6d511a11eb4233836275c7663a taglib-devel-1.12-6.el9.x86_64.rpm d6f09e4e9c54138406822c08b4905f9a4c726bcfdbe18531e2ed3ad8d82e1108 twolame-devel-0.3.13-19.el9.x86_64.rpm 68eeadad3ed0fe2f3e59f2846a5895b4506645b214d1917cc6893ff567070845 xmlsec1-devel-1.2.29-9.el9.x86_64.rpm 0a3c6a82d60740374791f771b38764e26a7557271db75d5526842be23650399b xmlsec1-gcrypt-1.2.29-9.el9.x86_64.rpm 56c3dba3faccf01bde42d7eabb6e2a46e52f2b93c2344a4876aed3e93248a935 xmlsec1-gnutls-1.2.29-9.el9.x86_64.rpm 982ecc43eb597049d9bce1b7f7d9e5023e5889edb521f5f01a7aa4c459cdaff6 xmlsec1-gnutls-devel-1.2.29-9.el9.x86_64.rpm 8bf2e326f311b467641938e9333b074c75a36233d967bb047b798faada591741 xmlsec1-openssl-devel-1.2.29-9.el9.x86_64.rpm 6d3c8ae576333ee1e286fbfb39f76e980fa1413b966bd05054a4a37b44650220 yajl-devel-2.1.0-21.el9.x86_64.rpm 76d64d75d945c84bca3c7fe3d12b08b69da9aa810127f844c9b6f362ff0b4c7b RLSA-2022:8453 The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fix(es): * device-mapper-multipath: Regression of CVE-2022-41974 fix in Rocky Linux (CVE-2022-3787) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for device-mapper-multipath. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fix(es): * device-mapper-multipath: Regression of CVE-2022-41974 fix in Rocky Linux (CVE-2022-3787) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms device-mapper-multipath-devel-0.8.7-12.el9_1.1.x86_64.rpm 2ec993316295a547121a661ae20eef0ece0650313cd0565aeef1126594de42d5 RLSA-2022:8493 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: local privilege escalation via the multiprocessing forkserver start method (CVE-2022-42919) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for python3.9. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: local privilege escalation via the multiprocessing forkserver start method (CVE-2022-42919) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms python3-debug-3.9.14-1.el9_1.1.x86_64.rpm e840409ef049a32026f6cdcdb591340884b65da8027fdd062341863fd8a5653c python3-idle-3.9.14-1.el9_1.1.x86_64.rpm a497ed830b53e23ebe5d0ede1b44f590e1c52a25916aae4e49c12945d4569d66 python3-test-3.9.14-1.el9_1.1.x86_64.rpm 17313f288bdfd5e39d068f0233d8f424b34a6d200cf0c29910567d2603a5c429 RLBA-2023:0331 The opencryptoki packages contain version 2.11 of the PKCS#11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor (with the PKCS#11 firmware loaded), the IBM eServer Cryptographic Accelerator (FC 4960 on IBM eServer System p), the IBM Crypto Express2 (FC 0863 or FC 0870 on IBM System z), and the IBM CP Assist for cryptographic Function (FC 3863 on IBM System z). The opencryptoki packages also bring a software token implementation that can be used without any cryptographic hardware. These packages contain the Slot Daemon (pkcsslotd) and general utilities. Bug Fix: * opencryptoki C_GenerateKeyPair() fails after generating > 500 RSA keys with CEX7 and CEX8 crypto cards (BZ#2128611) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for opencryptoki. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The opencryptoki packages contain version 2.11 of the PKCS#11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor (with the PKCS#11 firmware loaded), the IBM eServer Cryptographic Accelerator (FC 4960 on IBM eServer System p), the IBM Crypto Express2 (FC 0863 or FC 0870 on IBM System z), and the IBM CP Assist for cryptographic Function (FC 3863 on IBM System z). The opencryptoki packages also bring a software token implementation that can be used without any cryptographic hardware. These packages contain the Slot Daemon (pkcsslotd) and general utilities. Bug Fix: * opencryptoki C_GenerateKeyPair() fails after generating > 500 RSA keys with CEX7 and CEX8 crypto cards (BZ#2128611) rocky-linux-9-x86-64-crb-rpms opencryptoki-devel-3.18.0-5.el9_1.x86_64.rpm e65bef8c460bd01b0139e6f0e5c8c7c6345e041f35cae4b4b216738644239253 RLBA-2023:0332 The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Bug Fix: * Rocky Linux9.0 - zlib: inflate() does not update strm.adler if DFLTCC is used (BZ#2135745) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for zlib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Bug Fix: * Rocky Linux9.0 - zlib: inflate() does not update strm.adler if DFLTCC is used (BZ#2135745) rocky-linux-9-x86-64-crb-rpms zlib-static-1.2.11-35.el9_1.x86_64.rpm bbe5e3dfb432869de79b9010f9bb11371920610e09b301cc443f57d5dcade1c7 RLSA-2023:0340 The bash packages provide Bash (Bourne-again shell), which is the default shell for Rocky Linux. Security Fix(es): * bash: a heap-buffer-overflow in valid_parameter_transform (CVE-2022-3715) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for bash. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The bash packages provide Bash (Bourne-again shell), which is the default shell for Rocky Linux. Security Fix(es): * bash: a heap-buffer-overflow in valid_parameter_transform (CVE-2022-3715) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms bash-devel-5.1.8-6.el9_1.x86_64.rpm 4b6ac24cce4c0f4964a945916b4b913686ceda42c33f1d5b4c18d62eb9d9c13e RLBA-2023:0342 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Bug Fix: * glibc: Restore IPC_64 support in sysvipc *ctl functions (BZ#2142111) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for glibc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Bug Fix: * glibc: Restore IPC_64 support in sysvipc *ctl functions (BZ#2142111) rocky-linux-9-x86-64-crb-rpms glibc-benchtests-2.34-40.el9_1.1.x86_64.rpm c98631ffd820450bed544a21b3b700e910665173765db62c4183423e376bf6d6 glibc-nss-devel-2.34-40.el9_1.1.x86_64.rpm b0ae3c8c96e0ba9d9a2bcc909c4926f0c99e0b10888d40d6d723beb81da772fa glibc-static-2.34-40.el9_1.1.x86_64.rpm 183d60e4caaf7167bbb088699fa29da831447236a7903d49500c990ef22c341f nss_db-2.34-40.el9_1.1.x86_64.rpm 094459e3e26c6b6037759b0b0c15f4dc216dffb9219601a720343568820f2821 nss_hesiod-2.34-40.el9_1.1.x86_64.rpm 2f8ddf658780f32dd7708732a75bb44947d6a25339e35e76fec5eba01cabe1bc RLBA-2023:0347 The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Bug Fix(es) and Enhancement(s): * Analyzer: Optimize and remove duplicate messages in verbose list (BZ#2139870) * SSS_CLIENT: fix thread unsafe access to get*ent structs. (BZ#2141830) * SSSD: `sssctl analyze` command shouldn't require 'root' privileged (BZ#2142960) * UPN check cannot be disabled explicitly but requires krb5_validate = false' as a work-around (BZ#2148988) * authenticating against external IdP services okta (native app) with OAuth client secret failed (BZ#2152884) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for sssd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Bug Fix(es) and Enhancement(s): * Analyzer: Optimize and remove duplicate messages in verbose list (BZ#2139870) * SSS_CLIENT: fix thread unsafe access to get*ent structs. (BZ#2141830) * SSSD: `sssctl analyze` command shouldn't require 'root' privileged (BZ#2142960) * UPN check cannot be disabled explicitly but requires krb5_validate = false' as a work-around (BZ#2148988) * authenticating against external IdP services okta (native app) with OAuth client secret failed (BZ#2152884) rocky-linux-9-x86-64-crb-rpms libsss_nss_idmap-devel-2.7.3-4.el9_1.3.x86_64.rpm fb62f49ce772300c3c25fa35d4575220505eadf6bad7ab47c15cca53f590942b RLBA-2023:0349 The cryptsetup packages provide a utility for setting up disk encryption using the dm-crypt kernel module. Bug Fix(es) and Enhancement(s): * Fix FIPS related issues in PBKDF2 (BZ#2151576) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for cryptsetup. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The cryptsetup packages provide a utility for setting up disk encryption using the dm-crypt kernel module. Bug Fix(es) and Enhancement(s): * Fix FIPS related issues in PBKDF2 (BZ#2151576) rocky-linux-9-x86-64-crb-rpms cryptsetup-devel-2.4.3-5.el9_1.1.x86_64.rpm 2c2454e44a521ec8d01b53fd6500bd00225daa9930bacfe0e705f95e3852d5d9 RLBA-2022:2309 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for python-psutil. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python3-psutil-tests-5.8.0-12.el9.x86_64.rpm dd13bcbad250ecb2f36101cf7c4d6d5e32d015a03e61bc15379c2432545c8617 RLBA-2022:2319 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for devhelp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms devhelp-devel-40.1-1.el9.x86_64.rpm ad220ed9f64353fc6425f7c5876179dc879b521f78da57bf19cbf9544b835590 RLBA-2022:2321 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for hivex. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms hivex-devel-1.3.21-3.el9.x86_64.rpm f6c1f9efce64f5eed8b80cffbed16b294b06aa544ab727d305cf41365ec501c2 ocaml-hivex-1.3.21-3.el9.x86_64.rpm 1b31ab915a2285dde53b01d16d0a4e4d3d945645e654d81f9d3530848cd65330 ocaml-hivex-devel-1.3.21-3.el9.x86_64.rpm d8294b1dbcf44022eb2ebea9088cb1cc6c36656736604fd1f62cf8f455e5bed1 python3-hivex-1.3.21-3.el9.x86_64.rpm 00a24a4e5d6039fa60475f09d1ff184e4927c6534740b7dd5112e23c4c17ae8a ruby-hivex-1.3.21-3.el9.x86_64.rpm 3e294742dc197537ef8abd79404ed9e31dadb06ae153d2733c854733bcfc2dae RLBA-2022:2332 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libuv. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libuv-devel-1.42.0-1.el9.x86_64.rpm 8d44d1faa14c25265e77de420572f80e5beb00bceb89eb3ee4459caa559e2e21 RLBA-2022:2377 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for memkind. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms memkind-devel-1.11.0-2.el9.x86_64.rpm feaa9e661fa15184eab3c4b8c79a8d04932d407c9c7a3125277a65a26b0121c3 RLBA-2022:2400 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libjpeg-turbo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms turbojpeg-2.0.90-5.el9.x86_64.rpm eb73002c2e56270895a30363ba7c64c8e682d9563cbefc902b182c2b4f0f086f turbojpeg-devel-2.0.90-5.el9.x86_64.rpm 3e12c80aba7a02dc2756dcbca4b513c7ecea2a5c6f598a8dc133c53ad2641005 RLBA-2022:2403 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for accountsservice. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms accountsservice-devel-0.6.55-10.el9.x86_64.rpm 3d541a6cf41cad65748f017f48dab39bdf7033219e129a8ab25d59c13de266b7 RLBA-2022:2413 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for udisks2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libudisks2-devel-2.9.4-3.el9.x86_64.rpm 1ae68435c7ee72725845c283628f4ec00395e984f9c1b9ba4c95720ce22bbf89 RLBA-2022:2420 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for createrepo_c. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms createrepo_c-devel-0.17.7-4.el9_0.x86_64.rpm 465d1892456e878d542c2ba4f238a57475a6b58bd7205fe27b0de1262bc009f6 RLBA-2022:2433 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for exiv2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms exiv2-devel-0.27.5-2.el9.x86_64.rpm 7e8a0e74744a6d4f0bdfc8d4d3f85177547507b642d31804b33ee2d59e7c5152 exiv2-doc-0.27.5-2.el9.noarch.rpm b04417d500d5766489e6e86a4bb99e2c0af04fe0f0cc1db519ca68984be2507b RLBA-2022:2438 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for exempi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms exempi-devel-2.6.0-0.2.20211007gite23c213.el9.x86_64.rpm c4c3fa76cad51a4a5560cabf0691c4bea1b285bef5f532fb1c592f760c19bf22 RLBA-2022:2444 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for jq. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms jq-devel-1.6-12.el9.x86_64.rpm 50fdfac8d1eddf755e22753d59776cef7462d782b94935d2d1aabea904bea859 RLBA-2022:2445 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for javapackages-tools, maven. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms javapackages-generators-6.0.0-3.el9.noarch.rpm 317fc46d3cc3e33dcfe658399f568188524051eaa2e11422ebda2b054b7c0d30 javapackages-local-6.0.0-3.el9.noarch.rpm 8eabb02f23814c7dd3fcd61acef39ed52fd559d11161e6366fa3c9cce30586a8 maven-local-6.0.0-3.el9.noarch.rpm 1ba14e27ad8c7fa5b901dd6301622a414cca16776ecf2e76fd06d80c523d3878 python3-javapackages-6.0.0-3.el9.noarch.rpm 899b9fe1a14b98ebda8c57b4624ec45ce522e8683e2a8b987932c8aadb5eb8a2 RLBA-2022:2450 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for liblangtag. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms liblangtag-devel-0.6.3-8.el9.1.x86_64.rpm 23552e97badbfb2a06fcc655eb82741decb5b8e13098c0c71fe7fd200e5a44ff liblangtag-doc-0.6.3-8.el9.1.noarch.rpm 1a0ed0c38239839fd2b7e7482cb0360a77ad6e196c981bdd6429863025417452 liblangtag-gobject-0.6.3-8.el9.1.x86_64.rpm ce64b905b84db80902a35fbde94cceb6d86f57187abe6a085d7456d83bc3c396 RLBA-2022:2456 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for adwaita-icon-theme. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms adwaita-icon-theme-devel-40.1.1-3.el9.noarch.rpm a071cd3ad8a47153b16e9224404f1117a8fc7ca47d383e446b51f65ab441f7a0 RLBA-2022:2466 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libecpg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libecpg-devel-13.5-1.el9.x86_64.rpm 026e3726e744d56af3dfac580451f036191771f940e9d16ab64d761d5fa46fd0 RLBA-2022:2480 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for texlive. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms texlive-gnu-freefont-20200406-25.el9.noarch.rpm 70371ec649772c941a33208d8932379d07d09884e01786a091e208ac62a17aae texlive-lib-devel-20200406-25.el9.x86_64.rpm 6bb8f5f4cc4229065e1a4349fdc84ac361a8feee45c0eb61809e316b71c7ce05 RLBA-2022:2516 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for brasero. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms brasero-devel-3.12.2-19.el9.x86_64.rpm 22e3c475781d76d3b7265752701dd9af413be5860eb011e14efd5d85935ee263 RLBA-2022:2521 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for LibRaw. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms LibRaw-devel-0.20.2-5.el9.x86_64.rpm 7e30c6bb4dce0568462e1277d1e51bcdcf720e9cb5351e3ed3b9c922d2bca5be RLBA-2022:2525 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libspectre. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libspectre-devel-0.2.9-6.el9.x86_64.rpm f649a733d7a79226c90196bd18078581c1e57708477caca2c17686ed8491056c RLBA-2022:2529 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for fltk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms fltk-devel-1.3.8-1.el9.x86_64.rpm cf3b34fe9f42bb3b9c3e56190e47da9f77d696754a679f37f61b65b085b0ed97 RLBA-2022:2532 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libdecor. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libdecor-devel-0.1.0-3.el9.x86_64.rpm bf03d3adec12dd2aa375524e412b33b44b7c162904348146c42f887700969c2a RLBA-2022:2547 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for SDL2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms SDL2-static-2.0.20-2.el9.x86_64.rpm 2c01b27653137633e67c172a4b009dbd2585f49aa0a05d8773c8d68035ab93e1 RLBA-2022:2549 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for wireshark. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms wireshark-devel-3.4.10-1.el9.x86_64.rpm 4e1b891f32110031bed24e8d950cf42faecf0a064ac507b4227a27279d6d0e2a RLBA-2022:2550 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for oniguruma. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms oniguruma-devel-6.9.6-1.el9.5.x86_64.rpm 24a57bcb861ea3b1904104164f7001ecd285a5ade5fe549746d548d8f74339b5 RLBA-2022:2564 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ghostscript. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libgs-devel-9.54.0-7.el9.x86_64.rpm 85a8eed55f4bc16eebaf3e21be991f414678a7356bd3667855eccecbeb5aaab8 RLBA-2022:2571 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for geoclue2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms geoclue2-demos-2.5.7-5.el9.x86_64.rpm 78785ce325289d82be4cca6625092d7ec6339f9a9c115113ec0e6552dbeb732c geoclue2-devel-2.5.7-5.el9.x86_64.rpm 5e3f435716d376c5d1bd273baa7565dd7e006e41d9c3ed6de2a85da74ca0fefc RLBA-2022:2578 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for graphviz. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms graphviz-devel-2.44.0-25.el9.x86_64.rpm 22f7fbd0c28c62e6f8db9f973e9d0abbe55956100e0397ac4c60eb85bda609f2 RLBA-2022:2579 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for slapi-nis, libnsl2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libnsl2-devel-2.0.0-1.el9.x86_64.rpm 3eb1b9d7dcde378e4fcbcbd6737ad14451c96e6b609235c9b4e24e646c058b23 RLBA-2022:2589 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libtool. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libtool-ltdl-devel-2.4.6-45.el9.x86_64.rpm 543a6d408b8437983041598c5358da9f15453beb59c9d8e79175e471bd05ee8d RLBA-2022:2594 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for flite. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms flite-devel-1.3-40.el9.x86_64.rpm 2321cc680c47fe91ae4b9d867c24983dbb545f0fd81cf09298980c21ba42d4a9 RLBA-2022:2600 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for OpenIPMI. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms OpenIPMI-devel-2.0.32-3.el9.x86_64.rpm 5dbb60bf6d8681045b47968ab2232cbd1e01a545fcff156ef51c30b59541da7e RLBA-2022:2607 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gegl04. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gegl04-devel-0.4.34-1.el9.x86_64.rpm eeeb76894bce6e50c9c8b78fa1876f564ca6df6307255aaf7ef171ee973687d5 RLBA-2022:2611 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libwacom. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libwacom-devel-1.12.1-2.el9.x86_64.rpm c3ee865ad428137546db3ad58d3de44463c170541beb5337c94f6e79382c6790 RLBA-2022:2616 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gsl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gsl-devel-2.6-7.el9.x86_64.rpm 46f551cad56dbffa6322bcd179d7fd9c49ac62b63e53cc8758830fc491da1378 RLBA-2022:2620 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for librdkafka. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms librdkafka-devel-1.6.1-102.el9.x86_64.rpm 9e39e590c9a91ce611363e4e77605b86622980f1ec2cf5b127277ed65ffd313c RLBA-2022:2624 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for freeipmi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms freeipmi-devel-1.6.9-1.el9.x86_64.rpm 3343d72cf55fda499fdd0a827d74b568a683ab8969e831ec88b68d905cdb627a RLBA-2022:2629 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xorg-x11-drv-evdev. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms xorg-x11-drv-evdev-devel-2.10.6-12.el9.x86_64.rpm f1ba893b0959901a6d3482fc8adb537270e0a07d9a209f86aa5513af597b7d02 RLBA-2022:2631 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libburn. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libburn-devel-1.5.4-4.el9.x86_64.rpm 9286ad6bfcbf5563314e78c2ded7ea140bd684415552a08a2f89b79404864509 RLBA-2022:2636 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libisoburn. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libisoburn-devel-1.5.4-4.el9.x86_64.rpm d720a5a598b63c807159227de58203f7570a2785ab65292e5a773e293bd356cb RLBA-2022:2639 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for python-packaging. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python-packaging-doc-20.9-5.el9.noarch.rpm 36ea560d9697d43d4f77cc47b6a9c87517e13b4490da4da840a7b528f103f2a0 RLBA-2022:2642 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for tinycdb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms tinycdb-devel-0.78-18.el9.x86_64.rpm 0a9446c22f697f523214857e32044661c0d7398ae13cd65b519f9401e7feb973 RLBA-2022:2644 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libisofs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libisofs-devel-1.5.4-4.el9.x86_64.rpm 9718d59c16504c9716cd7e9b855d459cad3e1e6bbef5303efa6da9868fecfe2d RLBA-2022:2649 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for tog-pegasus. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms tog-pegasus-devel-2.14.1-64.el9.x86_64.rpm 17f1473fcf01d48c0fc7b344e0fe54a424edfb525fa1c43aa2cba420db339792 RLBA-2022:2663 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for plotnetcfg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms plotnetcfg-0.4.1-18.el9.x86_64.rpm ab5c886f643c24f90077400fa5e9f8bb4c7ab0657c6fe19a09cd27efd9753359 RLBA-2022:2681 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for zziplib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms zziplib-devel-0.13.71-9.el9.x86_64.rpm da0d544fb4ade928d65b81ab86e300b4f988c5b08e448e75fd3dfef71bf6dc9d RLBA-2022:2684 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for flexiblas. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms flexiblas-devel-3.0.4-8.el9.x86_64.rpm 8615c8396dd4e1638771f0dfdd394d5ffce5f9e3dc80efa859636f578e99f527 flexiblas-netlib64-3.0.4-8.el9.x86_64.rpm ce8cf8fed7c6da40fd28b235dac3396f9ed5aeaf57602f25d0d9e677b622424f flexiblas-openblas-openmp64-3.0.4-8.el9.x86_64.rpm 86bea7bc988141cf9a92e0f1e2c5c7823d35b7b7a0f723b0e34d3818abab5c36 RLBA-2022:2685 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for suitesparse. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms suitesparse-devel-5.4.0-10.el9.x86_64.rpm 1b5e837d85ace55d5eed9b8e81e3ad0053ab28742e5ccd419660d270d16aa02d RLBA-2022:2686 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for uuid. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms uuid-devel-1.6.2-55.el9.x86_64.rpm 23bf6c343a32c285d25eb54a4e3edf959a1a2adef20e748514c405713e9143a5 RLBA-2022:2687 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xorg-x11-drv-wacom. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms xorg-x11-drv-wacom-devel-1.0.0-1.el9.x86_64.rpm 3a1b5f3a00ff674ba6bcd3d7f055f7c00c02e4448fd1492dbd8af56055e608b6 RLBA-2022:2688 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for openblas. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms openblas-devel-0.3.15-3.el9.x86_64.rpm 779bb7c6b5a9996776399693bd2a9042c529135914844f1778603bf2b06f1f1b openblas-openmp64_-0.3.15-3.el9.x86_64.rpm 4a8fb52c87992341ed4bb8498879410fea70a0a53cb22e72843b351b52617178 openblas-openmp64-0.3.15-3.el9.x86_64.rpm 8d96eec4644c6225070b6836141a2a6bae17045b3ed7640fce4fe5ea4eff8ec0 openblas-serial64_-0.3.15-3.el9.x86_64.rpm 2a11fc4e3c8e399a19cb9cb3edcc4eeb001c579fd967749d10e230f6b0ece17f openblas-serial64-0.3.15-3.el9.x86_64.rpm 4d951a6abc99a09d8608b292412cccaa64436f3c22fdff62cfc66f35f3112e43 openblas-static-0.3.15-3.el9.x86_64.rpm f51132b19396ace2190cc4b7a492e705b09dcade1caf793ae908399666f54eae openblas-threads-0.3.15-3.el9.x86_64.rpm 682f0f87db8101db61746bdc6f5470263ed6942c55c38114d2bc297aa6443ac5 openblas-threads64_-0.3.15-3.el9.x86_64.rpm bb7acaaf794d9c79791edb19d3bbda86019a17020f2da54f2b7eb67c42cb601f openblas-threads64-0.3.15-3.el9.x86_64.rpm 099ab438dc94b0d6e62aa2800a52faafc08c7cf9d512763f28494f3b15ba59f8 RLBA-2022:2695 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libsndfile. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsndfile-devel-1.0.31-7.el9.x86_64.rpm 816fb9164a662c562252cbb795d64fff1b16e520522f1df846ce127e7e15ae09 RLBA-2022:2706 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for CUnit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms CUnit-devel-2.1.3-25.el9.x86_64.rpm 1dcd2b30df44b43b9e60351b053f6003e9bd86df3a25d5649f69009576e1569c RLBA-2022:2708 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for Judy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms Judy-devel-1.0.5-28.el9.x86_64.rpm af63084c38d511f0bbadf88b624d2dc38f67f36f87d515e496437248e040b069 RLBA-2022:2710 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for PackageKit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms PackageKit-glib-devel-1.2.4-2.el9.x86_64.rpm 3504e6cdff2e7e75cfea04e2fdc8fa9e5ff0a5eace3ac33640bdbbfd8b8548d5 RLBA-2022:2712 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for Xaw3d. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms Xaw3d-devel-1.6.3-7.el9.x86_64.rpm a304ef830b03301d0d4f950c9d961155833c650257a9325d3fa10d043647e15a RLBA-2022:2713 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for a52dec. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms liba52-devel-0.7.4-42.el9.x86_64.rpm 0d78a4f9b231ab6c822aa92da717a199922b8a0217f4ce5c5ae66e12146ccf58 RLBA-2022:2724 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for antlr. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms antlr-C++-2.7.7-68.el9.x86_64.rpm 18cabe374038b2ca9e9ba482c8a7ee118f58de32b0bf1c9af2e818b19a893a0c RLBA-2022:2732 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for asciidoc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms asciidoc-doc-9.1.0-3.el9.noarch.rpm c0889b41b4001012e858083acdd264e2c780000d44b4eeeb867e3f85e2059fdb RLBA-2022:2738 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for atkmm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms atkmm-devel-2.28.2-2.el9.x86_64.rpm 11fc41c2472a010034d4346d1e55d2d57939e4881a9fb796695e9e5ca686a3da atkmm-doc-2.28.2-2.el9.noarch.rpm 56521e83bec50b0c679f98ebb9eed867a2f8733d0a2a6f161c76dcd2d5105765 RLBA-2022:2742 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for babel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms babel-doc-2.9.1-2.el9.noarch.rpm c31cd341fe2d8db018d7c51cfff8f1da00f07efd479b0fb2fefcee4b553c0510 RLBA-2022:2747 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for bison. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms bison-devel-3.7.4-5.el9.x86_64.rpm faeef6dfbad70c215d379a03e08f21e78ed4eabfcdbb994c0c5a524c299eaa42 RLBA-2022:2753 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for brltty. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms brlapi-devel-0.8.2-4.el9.x86_64.rpm 1cfb18ca523dd2c167716494edd6698c34d73628912cbe64ebab743efde2dd8e RLBA-2022:2756 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for byte-buddy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms byte-buddy-agent-1.10.20-5.el9.noarch.rpm 935078f879e607a466cc92b91d0c66cb251f49f41d00ed09bba8b1956343871d RLBA-2022:2759 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for cairomm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms cairomm-devel-1.14.2-10.el9.x86_64.rpm 544c7d7c6a9444ff79fd203d909e547c7b7765f15c895432298b329d1ba432e3 cairomm-doc-1.14.2-10.el9.noarch.rpm 383bbbc516adade85cecf9956a9810d533fc5c5acaefb80b1b23edf5bd82b58e RLBA-2022:2761 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ceph. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms librados-devel-16.2.4-5.el9.x86_64.rpm 844d112b1b084e20cef8eb5d93b3789ed5e1a88323c007835f1d955c02f482d4 libradospp-devel-16.2.4-5.el9.x86_64.rpm 0cec2e218d660f23a0cc38dc02b82ee72999e331014e1629ed22d229f0d8f1bd librbd-devel-16.2.4-5.el9.x86_64.rpm 50f0a5405a04bc7f9ce614a1f7ade3acffc6deb3f1fc82edbe8dba565eac8a38 RLBA-2022:2769 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for clucene. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms clucene-core-devel-2.3.3.4-42.20130812.e8e3d20git.el9.x86_64.rpm 24751d0f5a6f7c42a151bb5c1f0b293b7b473e58f59544054a1cbbec83d5020b RLBA-2022:2771 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xmlrpc-c. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms xmlrpc-c-c++-1.51.0-16.el9.x86_64.rpm 53c844e5c74219dd24d9243bcf00eb6d1c974d886e84cd8b257e26bc896f7193 xmlrpc-c-client++-1.51.0-16.el9.x86_64.rpm a025dd76798ad881c302a6d435097a69f8b4318909928595ae1b0b62bcf2ad8e xmlrpc-c-devel-1.51.0-16.el9.x86_64.rpm 489c4e4102423ac6df8f113d19bf8206dd6e9f0d04f979dccf7d332d16586378 RLBA-2022:2775 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for colord. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms colord-devel-1.4.5-4.el9.x86_64.rpm b21c061d96916b6e42c727f1e793ef0eb38459ea786918bbe6698e9640b10de0 colord-devel-docs-1.4.5-4.el9.noarch.rpm f0e687a0dd5bb9274d913228d27488b3871a2116ef1c38331baf315e7a3c8d95 RLBA-2022:2776 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for colord-gtk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms colord-gtk-devel-0.2.0-7.el9.x86_64.rpm 13d537f6efda59e49a86b4dd6718696c853345455d079f6be50403ead6d1894e RLBA-2022:2783 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for cups-filters. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms cups-filters-devel-1.28.7-10.el9.x86_64.rpm 226175dc4de3b0f7e7785b4e80486653aa7320ce139d15fc64abd8bb668f8358 RLBA-2022:2786 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dconf. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms dconf-devel-0.40.0-6.el9.x86_64.rpm 5c06e0309a68d5c1b660063139d74fb7eda9eeba89455a222efcb3fa611d0cb2 RLBA-2022:2796 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dotconf. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms dotconf-devel-1.3-28.el9.x86_64.rpm 1f88371ee949681e86e257b2270a8a6d63d03e1d803418d716f4f8e2338740de RLBA-2022:2799 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dtc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libfdt-devel-1.6.0-7.el9.x86_64.rpm 3e83041c8b7ee5b4354b042069b7cbefc1b3dc449ce655416e988c57cf55facb RLBA-2022:2802 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for enchant. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms enchant-devel-1.6.0-30.el9.x86_64.rpm a8abeed6f5aec319fcebb543ffd99cc60dd832019103fbaa10c0f526b3ab4549 RLBA-2022:2803 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for enchant2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms enchant2-devel-2.2.15-6.el9.x86_64.rpm 08aa10bb553702a6181d511cf0441ffb86cf8cef2b4267bf716930953cd8a3fb RLBA-2022:2810 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for fftw. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms fftw-doc-3.3.8-12.el9.noarch.rpm 93eb256ae6969eb9fb1424fcd601e19f63fcd279b6a96c8974b3808c63c75a62 RLBA-2022:2814 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for flex. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libfl-static-2.6.4-9.el9.x86_64.rpm e0489f5bb06b19d91d9c018beebdafb47bca77f82c5f0bac1af969703502271a RLBA-2022:2816 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for fontawesome-fonts. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms fontawesome-fonts-web-4.7.0-13.el9.noarch.rpm 86ae6cb7afc9e18def5b38dc94eec606f02609b3a65a0cf59c0ec8c95889e71e RLBA-2022:2822 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for fstrm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms fstrm-devel-0.6.1-3.el9.x86_64.rpm 54fb7b47d574379a0a6489b1e5a9ccf830e0e439f177f8e63fd637679544a1fe fstrm-utils-0.6.1-3.el9.x86_64.rpm bb8b45644738273277e42b2a713ce9655bf61455e110b115907a1d5db50cfad5 RLBA-2022:2825 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gc-devel-8.0.4-7.el9.x86_64.rpm 88ed3632268ae6d8e0473c6fb4d8825cb535689930a8360645e96fac36cb8b28 RLBA-2022:2834 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for giflib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms giflib-devel-5.2.1-9.el9.x86_64.rpm 04b1f38e4e75c220160c7d9c803fbbf59ec05e11f0441dbe6312f05d064fe458 RLBA-2022:2838 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for glade. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms glade-devel-3.38.2-4.el9.x86_64.rpm de70ca942e9b1d049f6f80ca8524b29835d7688606d099464a72081aad1f4e3f RLBA-2022:2839 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for glibmm24. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms glibmm24-devel-2.66.1-1.el9.x86_64.rpm d6889eaa60da6a0783370dd6302b1fbdb922cbfc78687f2eef0042b02cb8d3b3 glibmm24-doc-2.66.1-1.el9.noarch.rpm bfbcd163138501fa996ad0aa4dda44619ae3b7205390023646364b3fac404ec0 RLBA-2022:2842 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gnome-bluetooth. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gnome-bluetooth-libs-devel-3.34.5-3.el9.x86_64.rpm fa137bf2727d75111bb74945e42a81e23a108e6e90bf91832d93564236039289 RLBA-2022:2865 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gnu-efi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gnu-efi-compat-3.0.11-8.el9.x86_64.rpm 42a9231b91486457db46ac6dedd4929bd1be24658b3294f2f533d37a9c6c3a0e gnu-efi-devel-3.0.11-8.el9.noarch.rpm bf1efb6661c93b550ea8cbe4af98c6d1124c3359406ca3eef7d754ce138d695a RLBA-2022:2869 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for google-noto-cjk-fonts. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms google-noto-sans-cjk-jp-fonts-20201206-4.el9.noarch.rpm d208a953c471a259b956b6822f1e08ba589a9b141634bcc25c530d378389f4f1 RLBA-2022:2876 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for grilo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms grilo-devel-0.3.13-7.el9.x86_64.rpm e245f79d39ca03281fd8b8e89dc3e415dc40d09b6329da805eb5d57361fa8361 RLBA-2022:2878 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gsm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gsm-devel-1.0.19-6.el9.x86_64.rpm d8f23c621f3be1ed1581af43be9edf1a2d713543e5b7e28d6c2314ad87af2ffb RLBA-2022:2880 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gspell. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gspell-devel-1.9.1-3.el9.x86_64.rpm 891ef54606923f1a5c3192277b8a764c278636ceb2f158712ab23ed833df878b gspell-doc-1.9.1-3.el9.noarch.rpm 54cac486505ede6438dcd75cc31f8578dfd63773c7d3431e4514a932c7b28268 RLBA-2022:2882 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gstreamer1-plugins-bad-free-devel-1.18.4-5.el9.x86_64.rpm 6090895176733ef1ab36ad3556ae0c1ffca864bd6373b0f1f167dda193b28f0e RLBA-2022:2885 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gtkmm30. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gtkmm30-devel-3.24.5-1.el9.x86_64.rpm 75ec5630a922e98de355811d2ce1816f07e456ea674aabb9e61e51c1c663fcf7 gtkmm30-doc-3.24.5-1.el9.noarch.rpm abe9d8f8b5cc7a7d8cfa3e70e35cf283930d6cdf18dd0c8254d86cc7a06ed99c RLBA-2022:2892 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for hesiod. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms hesiod-devel-3.2.1-16.el9.x86_64.rpm 0d3f8efb17a5f2f2af3b5f22abb5c7f6fefeef264ccf160597dac5e246757f8e RLBA-2022:2899 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for http-parser. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms http-parser-devel-2.9.4-6.el9.x86_64.rpm 5d49a9d9fcac72fee41e371864d9f326bacd6eb4f683f9d7f8063299c05251b5 RLBA-2022:3071 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for imath. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms imath-devel-3.1.2-1.el9.x86_64.rpm 7dbf3aec96519cfbe40057dda15a39c6a99aee72eabb5c9695a4c628b0c949ae RLBA-2022:3076 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for irssi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms irssi-devel-1.2.2-12.el9.x86_64.rpm f29b625a91e008b108a2b1929d1a167eabd1b7577a7e58e84908c32cab49df0d RLBA-2022:3089 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for jasper. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms jasper-devel-2.0.28-3.el9.x86_64.rpm 8cf4cb6ccf25e19dbf9248a5e16ebb5e04977f02a2d5041ea750db6c0d0c1c09 RLBA-2022:3092 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for jbigkit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms jbigkit-devel-2.1-23.el9.x86_64.rpm b99b5ad84841fb0fbf3f333f65938b3e262e42935f6172aef2e6b38be7810d6c RLBA-2022:3101 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for jose. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libjose-devel-11-3.el9.x86_64.rpm dc5d8cc7ec152abaaabd25ca1bedf722e428246f77d424837c60062919f719d4 RLBA-2022:3112 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for keybinder3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms keybinder3-devel-0.3.2-13.el9.x86_64.rpm dd7191546c177f5fd6375729c6b78440ffcda685538647ff36df023314beb680 keybinder3-doc-0.3.2-13.el9.noarch.rpm f3613c5de156b4e2ce64f166f4e511b99dffae7561473111a3dbd197430ce4b1 RLBA-2022:3116 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for lame. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms lame-devel-3.100-12.el9.x86_64.rpm fbb3286477f10d1b5f80fe98ce78460a38233b2ac76982931e87818fdb778588 RLBA-2022:3119 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for lapack. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms blas64_-3.9.0-8.el9.x86_64.rpm 2530f90f98336e61bd6a02f83a041e9b2f1ad80f98a7701ca32a36772c514e34 blas-devel-3.9.0-8.el9.x86_64.rpm f113c6361d4366359df15df45e03ac61af50d105d091ae6e186c4ca1c0333bae lapack64_-3.9.0-8.el9.x86_64.rpm 8f5001ba142c8d123c8eca4ba8d638c4b4698944455e2ae23fd2d38303e4ed7d lapack-devel-3.9.0-8.el9.x86_64.rpm 272d8f5ed4db3cd67be495900c4e2631246c0de81549faf55172b3fa6556de14 lapack-static-3.9.0-8.el9.x86_64.rpm b035ba0aac10f15d8131bf8c6b398969d372c1b35a6acef905eda308c65421f9 RLBA-2022:3120 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for lasso. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms lasso-devel-2.7.0-8.el9.x86_64.rpm 7c65754666fc1d9a4a262d8517d977b5355188a905b8f87827a5a59b7be13415 RLBA-2022:3123 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for leptonica. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms leptonica-devel-1.80.0-4.el9.1.x86_64.rpm e01986597c8c29e7fd063378159edd9bf23a3ffc1d8bbc52318bf832f27ade77 RLBA-2022:3134 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libXdmcp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libXdmcp-devel-1.1.3-8.el9.x86_64.rpm f0ca32be22024a4f73460bb8ec693a1ff86a293117415fd1fd9d008f72f06316 RLBA-2022:3137 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libXfont2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libXfont2-devel-2.0.3-12.el9.x86_64.rpm 6f5bb546f094fd63e39b905de44ea419caa7a51b59752d6082d4341369c5424f RLBA-2022:3146 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libXres. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libXres-devel-1.2.0-14.el9.x86_64.rpm a4129cc61dedc9641e74c39aff9606183cc024014385912a8ab12d84943a7a67 RLBA-2022:3151 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libXxf86vm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libXxf86vm-devel-1.1.4-18.el9.x86_64.rpm 5745d5b444f9294b0bbaa42ce1409dd48be3c2512e5756d66e7c6d1e2c9c4bab RLBA-2022:3153 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libao. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libao-devel-1.2.0-22.el9.x86_64.rpm 68e206a45fc02c54306c141470edb77606a697cfcca35fec6b1eb64c822c1afc RLBA-2022:3154 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libappstream-glib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libappstream-glib-devel-0.7.18-4.el9.x86_64.rpm 24e500efaa7d6b03658d6a8f56c7b4eab71cabd508443e36813464b2e04b4cf1 RLBA-2022:3155 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libasyncns. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libasyncns-devel-0.8-22.el9.x86_64.rpm 402974ed8a701e4b0b1ff23862505850afbe46492753181eaa46cdd703f22326 RLBA-2022:3156 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libatasmart. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libatasmart-devel-0.19-22.el9.x86_64.rpm b6421b7b9cda93f718d196444a78d4b3e3dfb7164e6bc7ae8cdfd2badfcdde8a RLBA-2022:3160 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libcdio. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libcdio-devel-2.1.0-6.el9.x86_64.rpm 1784a7786905c46a6d3baf4b48c8df71cff9c78d35bd2764e90c3c845b8a4813 RLBA-2022:3161 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libcdio-paranoia. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libcdio-paranoia-devel-10.2+2.0.1-6.el9.x86_64.rpm 4fbfc6d432d5b5e3fec77d87a9faa9de7831e3ac8999dc67ef73176e75aadace RLBA-2022:3168 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libdvdread. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libdvdread-devel-6.1.1-4.el9.x86_64.rpm b040dbd8ee1e52626af8595de5858c78aad695a8b3faf1a3abb7a4e6a76428ab RLBA-2022:3176 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libetonyek. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libetonyek-devel-0.1.10-2.el9.x86_64.rpm 23e41915ef731f5667859660eb839e977b53dc299d5d6dbd8aeb8c37aa3d7ad1 RLBA-2022:3177 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libevdev. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libevdev-devel-1.11.0-3.el9.x86_64.rpm daac6af25f5a11cc14835b4e99e7a815f620eee60f9120ab8fd0b4d2e880d3dc RLBA-2022:3178 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libexif. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libexif-devel-0.6.22-6.el9.x86_64.rpm c509c2bfda36dbacfa9eeb0ecb48d84eca6bd83763aa9377f40ea1c8a5cbbeb8 RLBA-2022:3181 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libfontenc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libfontenc-devel-1.1.3-17.el9.x86_64.rpm b7543b245f6fa321e69750fa24b5b6a16a590f9d8a02585acbd727ba83df0836 RLBA-2022:3187 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libgee. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libgee-devel-0.20.4-3.el9.x86_64.rpm 65fa2f3aa28d5832c26ce6c237ff5ec34345307a3edab52f9eaee9a8e1f2af53 RLBA-2022:3188 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libgexiv2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libgexiv2-devel-0.12.3-1.el9.x86_64.rpm 7de8899de6949228efa53d04e78740b2f17c2b1af04f4cf746458e8dbc4881e6 RLBA-2022:3189 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libgnomekbd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libgnomekbd-devel-3.26.1-7.el9.x86_64.rpm 0e50237f4bc184a68d682bd795073bf5e6b0ab73e1ad2f28037012fc1de04636 RLBA-2022:3190 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libgphoto2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libgphoto2-devel-2.5.27-3.el9.x86_64.rpm 36b4c4ae43f6fdc68de824c4b35847f8155fcc9cea72130a9ca1eec1a44b04c4 RLBA-2022:3191 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libgsf. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libgsf-devel-1.14.47-5.el9.x86_64.rpm 67b0f0285c412fab1b7a042d5bc4f3eb08bf256a9ced3444d6b85a2fb50f791e RLBA-2022:3194 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libgxps. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libgxps-devel-0.3.2-3.el9.x86_64.rpm 92cc0d62cab9fa0f76984e5d66a2b14ef5def6f53c1bca457dfa204e1773e608 RLBA-2022:3201 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libiscsi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libiscsi-devel-1.19.0-5.el9.x86_64.rpm 3cb80cab14f64ab251e5d19c1a082a8a77f7beaf554233d2eab2fd2463dec11b RLBA-2022:3209 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libmad. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libmad-devel-0.15.1b-33.el9.x86_64.rpm 650da79346cc9887c042e0bc3632a751415aedf93e4afaa4cfca11cbf85fe89d RLBA-2022:3211 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libmaxminddb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libmaxminddb-devel-1.5.2-3.el9.x86_64.rpm ac2106ca4d1649c2a3417ea1a654e3b7b63490770952ac4c37d18c2938b6fe08 RLBA-2022:3213 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libmicrohttpd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libmicrohttpd-devel-0.9.72-4.el9.x86_64.rpm f7f2b161ea9cdd2bf6354f2e8e76fb08933ab938a07a4f234f4e202a37192d61 libmicrohttpd-doc-0.9.72-4.el9.noarch.rpm 5c3003cb4fc9ccd2d5f272605bfbac9a4336e1a7a86a139906ec32bc713810f6 RLBA-2022:3216 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libmspack. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libmspack-devel-0.10.1-0.7.alpha.el9.x86_64.rpm 839ead46d4750524dd5ad3eb130b174f530e377114f31d3abc52963e4c8665fc RLBA-2022:3218 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libnet. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libnet-devel-1.2-6.el9.x86_64.rpm 051a2cb02c89be45d451faec33f0951da474aae703889376505e27b412b09f1f RLBA-2022:3220 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libnetfilter_queue. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libnetfilter_queue-devel-1.0.5-1.el9.x86_64.rpm 3c600810dbff7b846ebdaccd1f039e4dd8825d15f7c87fa36ecc65c7732cd610 RLBA-2022:3224 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libodfgen. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libodfgen-devel-0.1.8-4.el9.x86_64.rpm 4bce80a07e94579f23bb6f9f96e035676aeb172655b5e221485da9f1d47c0bea RLBA-2022:3225 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libogg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libogg-devel-1.3.4-6.el9.x86_64.rpm 79c355796338c68db0db5c88dd29e522916aee4d7fdbdcff77bc8b9671398e54 libogg-devel-docs-1.3.4-6.el9.noarch.rpm ead61612a51fc20fc066192d54f3140432eb42eaf3ce28c75c50333df707a3bc RLBA-2022:3226 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libopenraw. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libopenraw-devel-0.1.3-11.el9.x86_64.rpm 8c612fbbe5bb411792a0b32b57939bb9c1c2be22c3ac91e5809bee0dd3b7b9dc libopenraw-gnome-0.1.3-11.el9.x86_64.rpm 5cb42d011fd973026897383f1ee3da7f22c093aaa5b0140a9a98aab9fee1114b libopenraw-gnome-devel-0.1.3-11.el9.x86_64.rpm 1354753cd7ad9c20f5365e1a47a728f6d68a802318767260d065a988fb8d2480 RLBA-2022:3229 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libotr. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libotr-devel-4.1.1-13.el9.x86_64.rpm 298a753a2b5a447494294c86a1a0fea9ecc03724bbb8fb7930766fa03d3632c7 RLBA-2022:3231 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libpaper. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libpaper-devel-1.1.28-4.el9.x86_64.rpm d3130d1aeace3ea37e90ec4a4e9907bd8acd462ce54ace14c0a29df7a1b2b83c RLBA-2022:3232 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libpfm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python3-libpfm-4.11.0-6.el9.x86_64.rpm 31a447d0476e9dbc1871cdb4c97c9f56be2d0ff4372b5aa0dbd450cc42ef89d5 RLBA-2022:3233 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libpinyin. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libpinyin-devel-2.6.0-4.el9.x86_64.rpm 26846ecabc83903161b1ac926ee327bb42c54ad221dd79f16fac079e7330397a RLBA-2022:3237 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for librabbitmq. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms librabbitmq-devel-0.11.0-5.el9.x86_64.rpm 94e217b278eec3610df4d888341897f254b98dd71346b58f2e8b023dc9eab292 RLBA-2022:3241 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for librevenge. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms librevenge-devel-0.0.4-22.el9.x86_64.rpm 581414d6aeb091448e3519e5bd6564ceb4b2d37cba7e32ea3edafcc3be488573 RLBA-2022:3243 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libsamplerate. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsamplerate-devel-0.1.9-10.el9.x86_64.rpm ff3da417b8c26784f05c34c27ad3a8d512b07e44a5727492c7295f2f9f89bbb3 RLBA-2022:3246 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libshout. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libshout-devel-2.4.3-7.el9.x86_64.rpm 29c593601777e117590fc092be478c8b0d7d8f136d1ab23cb01b5e91c7c9d5d3 RLBA-2022:3247 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libsigc++20. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsigc++20-devel-2.10.7-2.el9.x86_64.rpm c9b811467556f15a812b5ea1d691e7d359a2597514b9baf0d535efee0b6c96c6 libsigc++20-doc-2.10.7-2.el9.noarch.rpm 29487250f3f83163d9b2b19379dc1437e3ad90db099286cb698d375effee094b RLBA-2022:3251 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libsrtp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsrtp-devel-2.3.0-7.el9.x86_64.rpm d8a045d8ae4bea88587696bc09e81129c64648ce0c210ba1ec5242ffbdbe7e59 RLBA-2022:3253 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libstemmer. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libstemmer-devel-0-18.585svn.el9.x86_64.rpm 5fd3eb885af833ccd44dde6f652ea19f5e9448ad9020f5192276759604bed2bb RLBA-2022:3255 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libtheora. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libtheora-devel-1.1.1-31.el9.x86_64.rpm ac3535b4250aa497965dbb2b6e913854af1cfd0d152fb77ca305528408b53995 RLBA-2022:3259 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libusb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libusb-devel-0.1.7-5.el9.x86_64.rpm 50d8bda638745acbae0fbe63e0bae2890e424e16b368e09228157b5848aea0e9 RLBA-2022:3260 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libvdpau. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libvdpau-devel-1.4-6.el9.x86_64.rpm f0f395c47f1a75b9b326f3912bc012c40d6c782a858d7bfa28e9f069e62bb5c7 RLBA-2022:3263 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libvisio. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libvisio-devel-0.1.7-9.el9.x86_64.rpm 53815665f7955eef86c126f3a3283617c19247381693baf28edccd0a72d0dc32 RLBA-2022:3264 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libvisual. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libvisual-devel-0.4.0-34.el9.x86_64.rpm 055f5e9dac7fa29452d81b954a6c8d869a97fb185aa81092b0bab711d3c000ca RLBA-2022:3265 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libvoikko. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libvoikko-devel-4.3-7.el9.x86_64.rpm 279ce1f9bc6cc9f2945fcd14275ba3ec14b772dde426266e3553bacb3bbc4e1f RLBA-2022:3266 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libvorbis. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libvorbis-devel-1.3.7-5.el9.x86_64.rpm 2c43a5c0a6d730d0e343eb0df9356de91afa40b92e3c12283c789f04fcd19086 libvorbis-devel-docs-1.3.7-5.el9.noarch.rpm 88dbd56deb6298a7db65a0dc60a00554a52f7ac2cb9129ff034cdd82e71437f4 RLBA-2022:3267 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libvpx. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libvpx-devel-1.9.0-5.el9.x86_64.rpm f5b1a19bf92200161248f15cbce0789d7d0b3e43145c7143db5f31ac9a41a090 RLBA-2022:3269 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libwnck3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libwnck3-devel-40.0-2.el9.x86_64.rpm d75a223da16e1c3ee289bf8f269dede8ecd20c5e07aef3ef2444237e75f23af4 RLBA-2022:3270 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libwpd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libwpd-devel-0.10.3-10.el9.x86_64.rpm 75bf759ba5cf87a9e1842fdf7751fa874987d8014212220ff694671bf9c62a72 libwpd-doc-0.10.3-10.el9.noarch.rpm cf1cafa034c873ca0728f3d265a585a12f2fe820388cf525b9407d7a7ff7d3b4 RLBA-2022:3272 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libwpg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libwpg-devel-0.3.3-8.el9.x86_64.rpm b74c59b1f9580c7854ab074ca64bb117f6065efe9684bf59e118ec54c02da47d libwpg-doc-0.3.3-8.el9.noarch.rpm 612575a87c0c960172ba28ba334437243e5e8df6ae17b42d55d999fe31dac0a0 RLBA-2022:3273 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libwps. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libwps-devel-0.4.12-4.el9.x86_64.rpm 199bf1bdb5cfc6a5e272670a2a4738b9763dfa0b8c8358545daf081d2864d4fd libwps-doc-0.4.12-4.el9.noarch.rpm a57cc3f098bec98c980281bf98395ecd53c2f63d364e03fabd653f02ca29a8cf RLBA-2022:3275 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libxkbcommon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libxkbcommon-x11-devel-1.0.3-4.el9.x86_64.rpm 709c28c813d6d71ad8c0d7705a8dc6a94eb671ce6c3f6b68d95829105850a5f6 RLBA-2022:3276 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libxkbfile. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libxkbfile-devel-1.1.0-8.el9.x86_64.rpm 5e0e5ac6c7d4582b9cb1ae86b53d38f42a543c5685787358f53cb26b440b8967 RLBA-2022:3277 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libxklavier. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libxklavier-devel-5.4-20.el9.x86_64.rpm 4afc40bf5a6db0d9f26d65fd735e2fc0ebf16a92c9bbb9d79822f9c21195d8a7 RLBA-2022:3280 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libzip. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libzip-devel-1.7.3-7.el9.x86_64.rpm c06dbef75d8db41c821048dbf83a38e24e5ffb0bf4c54ef760d4a2cd42ed0dbf RLBA-2022:3301 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for lttng-ust. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms lttng-ust-devel-2.12.0-6.el9.x86_64.rpm 2524cd270a8ae2dda7575de3cd2883a0342f519e728362c8239b5438ce77d847 RLBA-2022:3303 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for luksmeta. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libluksmeta-devel-9-12.el9.x86_64.rpm 3bfc730cbf2d5d29e653c7b2baf233ca19a9eb2dcfadfc1c9d15b903e0c7af22 RLBA-2022:3309 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for mariadb-connector-c. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms mariadb-connector-c-doc-3.2.6-1.el9_0.noarch.rpm ff5c4d6ab6afb6673d998e459849737de604fb3af694d9c9534909bfdd0a2e26 mariadb-connector-c-test-3.2.6-1.el9_0.x86_64.rpm 8374c008c92135c8b2f7a70f9ed4b0ebb92dd98869e854940aec8ac16fa1aff0 RLBA-2022:3327 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for mobile-broadband-provider-info. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms mobile-broadband-provider-info-devel-20210805-2.el9.noarch.rpm c28d7af9a765b02a655e4cf06ecf14ac58619d96c0711a76c233ec944d11ae8c RLBA-2022:3341 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for mpg123. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms mpg123-devel-1.26.2-5.el9.x86_64.rpm b015176e2aaa726a0bca3ebee582cb3f3e75dddeb0624e5cd242c1d74c43d019 RLBA-2022:3344 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for mtdev. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms mtdev-devel-1.1.5-22.el9.x86_64.rpm 52dc5be422b75a48bb0d0ba0018514c0652938d4849fdaa03509a4ce02cb5754 RLBA-2022:3346 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for munge. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms munge-devel-0.5.13-13.el9.x86_64.rpm 0ce9d05efb54a36e79559fec153f3f5bce719e84483ddf84aa3fb5549c4b6718 RLBA-2022:3347 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for mvapich2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms mvapich2-psm2-devel-2.3.6-3.el9.x86_64.rpm b9a5ac5604f303a0a0e903fbd73f337f6c2fed3dfda38cf9c2f2182445bba94e RLBA-2022:3349 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for mythes. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms mythes-devel-1.2.4-18.el9.x86_64.rpm a752664e541d92aa371257a28f4b0b3163b19ec2f943fdc773abfbccf9c98f26 RLBA-2022:3373 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for neon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms neon-devel-0.31.2-11.el9.x86_64.rpm 424c81a3277e2721e18800dcba426006d78051dea32112fdea9cda65bcbf7b79 RLBA-2022:3374 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for netpbm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms netpbm-devel-10.95.00-2.el9.x86_64.rpm 0cc01c5ad21d0deeadd022051b07b7df3a67005e8b83d28dd84912b305fed13e netpbm-doc-10.95.00-2.el9.x86_64.rpm 27ca47ac11cb03ead33473c824947d4f2adf33aa66d7b6f56d851f5097539cad RLBA-2022:3382 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ocl-icd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms ocl-icd-devel-2.2.13-4.el9.x86_64.rpm 5adcc9141517276db374259400ed840ffb499f5ded9ebf93f110e3202853e67b RLBA-2022:3386 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for openal-soft. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms openal-soft-devel-1.19.1-16.el9.x86_64.rpm 695be34d4a20380e4e8c67b3dc2f1218b49550b2340c032de3e88a59ba761ffe RLBA-2022:3391 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for openexr. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms openexr-devel-3.1.1-2.el9.x86_64.rpm 0f618244cd97ffd670421c4038ef68e324533e7864e025a4f68dc48006fb2aab RLBA-2022:3395 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for openslp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms openslp-devel-2.0.0-30.el9.x86_64.rpm 7540efae29ddde194f451e8dd2640e509c11a910c57115bde13d02970cad8fa1 RLBA-2022:3397 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for openwsman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libwsman-devel-2.6.8-22.el9.x86_64.rpm 175f3d1c40056b1e68ac2c9e990fffca74e6338a15a07b1b8a6c9201f4046ba3 openwsman-client-2.6.8-22.el9.x86_64.rpm 0264c24f4e74830cd1733ce29f6bb44a76b064b8551c7a444661d688c8b2aaa9 RLBA-2022:3398 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for opus. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms opus-devel-1.3.1-10.el9.x86_64.rpm f1edf96f2b1fd03a37b8f804b39f646e2f322784e10637140f6215c5aa0ce30c RLBA-2022:3408 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for pangomm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms pangomm-devel-2.46.1-1.el9.x86_64.rpm 9d18ec1e909176b2b7d92b4f88217a51876f4fd4a16f36521a986b0348f4951a pangomm-doc-2.46.1-1.el9.noarch.rpm 77ecd2fc1fc2c70f00abf9262894aaa56cbb8d2a8938e862109d8873e6e47607 RLBA-2022:3588 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for perl-Tk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms perl-Tk-devel-804.035-7.el9.x86_64.rpm e51a20574bf3b2b392cca7c7e293fc78ea8c7403fdf90d535b8cb340ca8c307e RLBA-2022:3634 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for plexus-containers. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms plexus-containers-container-default-2.1.0-9.el9.noarch.rpm f62fa55d0e98d2db0874892c53483db149a758a2a3d64ae3eee23fafce561023 RLBA-2022:3638 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for plotutils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms plotutils-devel-2.6-28.el9.x86_64.rpm 1af9eac05f45cb94162be6bdbc84eefedd90e586ebb8b0b7958b3f941733a36a RLBA-2022:3640 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for pmix. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms pmix-pmi-devel-3.2.3-3.el9.x86_64.rpm effd57b4b4203daf1f85ba19a21a88777c13a51b71438463bd5e47a3a94ba134 RLBA-2022:3733 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for raptor2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms raptor2-devel-2.0.15-30.el9.x86_64.rpm ab01978787ae942c20f7adea03654605cf935eafa48ca3a50dd419cdd38cd88f RLBA-2022:3734 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for rasqal. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms rasqal-devel-0.9.33-18.el9.x86_64.rpm 1ca47cb5be5e91626dbe8f28e07dfb49979f77ccaae51a546d515d1599be7613 RLBA-2022:3737 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for redland. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms redland-devel-1.0.17-29.el9.x86_64.rpm 400118ca79a904e1c34586ff8528785a01783e6d511a11eb4233836275c7663a RLBA-2022:3741 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for rpcsvc-proto. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms rpcsvc-proto-devel-1.4-9.el9.x86_64.rpm daf26de6fd08c74ae6082f7ac10b2674a88248b3c18ce7cced4ae759c4291b05 RLBA-2022:3743 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for rrdtool. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python3-rrdtool-1.7.2-21.el9.x86_64.rpm bf9f71c2d401f6fc228587a592441c0150a53f533ce13038a7beeb41a4854859 rrdtool-devel-1.7.2-21.el9.x86_64.rpm bbf36454ccc6e3e7ba36fd041cc8349cbe051f1ca4013a146f2146e8ad3ffcdb rrdtool-doc-1.7.2-21.el9.x86_64.rpm b2e13540e45673422bbad0408d5d75dfbf062c369193fc9cf119d7fd088fb59b rrdtool-lua-1.7.2-21.el9.x86_64.rpm 5b3afe65a559891a01a4e364d2dcba22b8f1698fe863148d33319667f4117aac rrdtool-ruby-1.7.2-21.el9.x86_64.rpm 84570846cc40aca82ffec7cdcc76ad160501a2094069f75e873b458a6e5673c2 rrdtool-tcl-1.7.2-21.el9.x86_64.rpm 88774793c004d980950391c52cf97131f0e5ad5cc161326bcd8b10e0edd3e9dd RLBA-2022:3746 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for rubygem-mysql2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms rubygem-mysql2-doc-0.5.3-11.el9_0.noarch.rpm b07fd77158220c7e2c1dde123acaa399f89667ff061f4855c1331b4d28007a40 RLBA-2022:3747 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for rubygem-pg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms rubygem-pg-doc-1.2.3-7.el9.noarch.rpm 2e5c03877e34fe8154a2873a62f11071a415beb15844139c914e9053b6e78ad0 RLBA-2022:3758 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for sblim-cmpi-devel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms sblim-cmpi-devel-2.0.3-24.el9.x86_64.rpm 68b9b2d25fcfc46483c5709b299a19ae5744a381bdfb9e195d9c453992568331 RLBA-2022:3761 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for sblim-sfcc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms sblim-sfcc-devel-2.2.8-18.el9.x86_64.rpm 35c423095692f092052c3da5d9b4f40ee9ed02f253c0bffc941b3cf5ce7868be RLBA-2022:3767 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for sendmail. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms sendmail-milter-8.16.1-10.el9.x86_64.rpm 49a43d760fc48a49207aa667e539bc827ada861ebf1cda63170aeb42f77c3110 sendmail-milter-devel-8.16.1-10.el9.x86_64.rpm f3da12a19b91418767234ac4f9f924281c445dd9c78c3149fbb78ec3aeafd79c RLBA-2022:3785 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for sombok. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms sombok-devel-2.4.0-16.el9.x86_64.rpm 4572793026af47b525e569ad7d78acb7a0485d1447a7ec937e18360de501b03b RLBA-2022:3787 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for soundtouch. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms soundtouch-devel-2.1.1-8.el9.x86_64.rpm 1c548ebd34e378c35b25b0bc26b031bc3204459533b1104de22ffc8a018fee53 RLBA-2022:3789 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for speech-dispatcher. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms speech-dispatcher-devel-0.10.2-4.el9.x86_64.rpm 73ccdfc5416502d8d4a5e4134b3d366db53a402b8edfc6b19b457462f8c3ab1c RLBA-2022:3791 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for speexdsp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms speexdsp-devel-1.2.0-5.el9.x86_64.rpm b69c034b4500da67f2f6f24e4b7f71b31716397dc15b20147673e12519339232 RLBA-2022:3803 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for taglib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms taglib-devel-1.12-6.el9.x86_64.rpm d6f09e4e9c54138406822c08b4905f9a4c726bcfdbe18531e2ed3ad8d82e1108 RLBA-2022:3809 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for tesseract. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms tesseract-devel-4.1.1-7.el9.x86_64.rpm c049f1940b79eda80f590cac12764431b8f19b4c2910d53a3d01c7d3433a8e81 RLBA-2022:3816 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for tokyocabinet. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms tokyocabinet-devel-1.4.48-19.el9.x86_64.rpm 61430b0d3c466521da6c661ced5c237f11cfeff518e001e639b29ee96cabef72 RLBA-2022:3818 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for tpm2-abrmd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms tpm2-abrmd-devel-2.4.0-3.el9.x86_64.rpm 63068786cb84b96489be8c6a82084a4b164fbfd34431758dd94d5a12b77e0c91 RLBA-2022:3824 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for twolame. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms twolame-devel-0.3.13-19.el9.x86_64.rpm 68eeadad3ed0fe2f3e59f2846a5895b4506645b214d1917cc6893ff567070845 RLBA-2022:3827 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for unicode-ucd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms unicode-ucd-unihan-13.0.0-5.el9.noarch.rpm 55ccfa8dff19859c50a3a2a39b7f88ad262f218356e761df412d5a80a9d26d06 RLBA-2022:3829 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for unixODBC. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms unixODBC-devel-2.3.9-4.el9.x86_64.rpm aa7d23caaf2a4ab9af5f489d2d829817fb4aa0dddbe7dc6b40d42183633f5f49 RLBA-2022:3830 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for upower. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms upower-devel-0.99.13-2.el9.x86_64.rpm 662162cfdf1f92f70bba487bd5344c30016f73194131f1525e686cdf570f9642 upower-devel-docs-0.99.13-2.el9.noarch.rpm e52346e002217a1fac455447bc87e43ef725a24ffc529e881e29ff87f6281c32 RLBA-2022:3833 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for urw-base35-fonts. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms urw-base35-fonts-devel-20200910-6.el9.noarch.rpm e011410c2596b918208fc51d1e1c233835c4f9dcb9e0d04259fb5d9fa1e33338 RLBA-2022:3834 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for utf8proc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms utf8proc-devel-2.6.1-4.el9.x86_64.rpm e1046b9cf059d38dc528e0cdc4adb5cc3d0a607969a00aff139d3118c93a4fca RLBA-2022:3835 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for v4l-utils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libv4l-devel-1.20.0-5.el9.x86_64.rpm bec7ef7e7d17c2b27de2e9f96861e5bd3055932fb6504b76f5092241326e6ef3 RLBA-2022:3839 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for volume_key. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms volume_key-devel-0.3.12-15.el9.x86_64.rpm 7ee3937f0cffed585afc83fb77512dab30c0c16bdd26872392222cc894c7aa29 RLBA-2022:3840 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for vte291. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms vte291-devel-0.64.2-2.el9.x86_64.rpm 36ab8af1158e738b525e78afee072bed5ab7dab50c8fe25b99766daf504e01ed RLBA-2022:3853 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xapian-core. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms xapian-core-devel-1.4.18-5.el9.x86_64.rpm d6976bd6faaf161c37b01cea4ded8cb53c195eb07fa440ba6420ca36f86b6f19 RLBA-2022:3854 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xcb-util. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms xcb-util-devel-0.4.0-19.el9.x86_64.rpm ce59d71ab72d939711c64cbc31a6d0ebd4d7c42f83450730e5a7bc6bcdf86f31 RLBA-2022:3855 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xcb-util-image. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms xcb-util-image-devel-0.4.0-19.el9.x86_64.rpm 60b8ef280dacd92423d376613f2c3b14cad0394db7e2def6a26f259658fbb236 RLBA-2022:3856 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xcb-util-keysyms. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms xcb-util-keysyms-devel-0.4.0-17.el9.x86_64.rpm a897fd907d990296c21b1afd8ec3de28542942f2d683d8f02f1fb9edef9ff52e RLBA-2022:3857 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xcb-util-renderutil. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms xcb-util-renderutil-devel-0.3.9-20.el9.x86_64.rpm 97c4f2de5cb37b2f7fa79854710a75a113e7e0417ea0fba299fef10d8706247b RLBA-2022:3858 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xcb-util-wm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms xcb-util-wm-devel-0.4.1-22.el9.x86_64.rpm 9d987d1b8ba0d59e3fa473cee4b060e4d7d7fc1ccee4eec82bff773be2397e60 RLBA-2022:3869 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xmlsec1. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms xmlsec1-devel-1.2.29-9.el9.x86_64.rpm 0a3c6a82d60740374791f771b38764e26a7557271db75d5526842be23650399b xmlsec1-gcrypt-1.2.29-9.el9.x86_64.rpm 56c3dba3faccf01bde42d7eabb6e2a46e52f2b93c2344a4876aed3e93248a935 xmlsec1-gnutls-1.2.29-9.el9.x86_64.rpm 982ecc43eb597049d9bce1b7f7d9e5023e5889edb521f5f01a7aa4c459cdaff6 xmlsec1-gnutls-devel-1.2.29-9.el9.x86_64.rpm 8bf2e326f311b467641938e9333b074c75a36233d967bb047b798faada591741 xmlsec1-openssl-devel-1.2.29-9.el9.x86_64.rpm 6d3c8ae576333ee1e286fbfb39f76e980fa1413b966bd05054a4a37b44650220 RLBA-2022:3872 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xorg-x11-drv-libinput. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms xorg-x11-drv-libinput-devel-1.0.1-3.el9.x86_64.rpm cab382c91076113d35ab72b18660763fb96966d3d7a1d68648257f3c93f22533 RLBA-2022:3883 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for yelp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms yelp-devel-40.3-2.el9.x86_64.rpm 63e74a7d71a686838749cd972aa1b17ed0a022f8b3fd335aadb1e55b448921ba RLBA-2022:4571 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libsigc++20, gc, poppler, inkscape, poppler-data, python-scour, libwpd, librevenge, libwpg, pangomm, python-lxml, potrace, gtkmm30, double-conversion, gtkspell3, python-appdirs, numpy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms double-conversion-devel-3.1.5-6.el9.x86_64.rpm 53605cf5ceaf872fc7d858f2d70f1bc88569a4ee01f1dc7da946b13a7fc31069 gc-devel-8.0.4-7.el9.x86_64.rpm 88ed3632268ae6d8e0473c6fb4d8825cb535689930a8360645e96fac36cb8b28 gtkmm30-devel-3.24.5-1.el9.x86_64.rpm 75ec5630a922e98de355811d2ce1816f07e456ea674aabb9e61e51c1c663fcf7 gtkmm30-doc-3.24.5-1.el9.noarch.rpm abe9d8f8b5cc7a7d8cfa3e70e35cf283930d6cdf18dd0c8254d86cc7a06ed99c gtkspell3-3.0.10-9.el9.x86_64.rpm abcf737cc4402e390d6a133252ce84c5a57e4ae5d7cc5aa06fdeb2c4c0611bb1 gtkspell3-devel-3.0.10-9.el9.x86_64.rpm b3140739820f572476ad38c6d359f18ea201ddbaafd96d156e463a1f33b8b6fe librevenge-devel-0.0.4-22.el9.x86_64.rpm 581414d6aeb091448e3519e5bd6564ceb4b2d37cba7e32ea3edafcc3be488573 libsigc++20-devel-2.10.7-2.el9.x86_64.rpm c9b811467556f15a812b5ea1d691e7d359a2597514b9baf0d535efee0b6c96c6 libsigc++20-doc-2.10.7-2.el9.noarch.rpm 29487250f3f83163d9b2b19379dc1437e3ad90db099286cb698d375effee094b libwpd-devel-0.10.3-10.el9.x86_64.rpm 75bf759ba5cf87a9e1842fdf7751fa874987d8014212220ff694671bf9c62a72 libwpd-doc-0.10.3-10.el9.noarch.rpm cf1cafa034c873ca0728f3d265a585a12f2fe820388cf525b9407d7a7ff7d3b4 libwpg-devel-0.3.3-8.el9.x86_64.rpm b74c59b1f9580c7854ab074ca64bb117f6065efe9684bf59e118ec54c02da47d libwpg-doc-0.3.3-8.el9.noarch.rpm 612575a87c0c960172ba28ba334437243e5e8df6ae17b42d55d999fe31dac0a0 pangomm-devel-2.46.1-1.el9.x86_64.rpm 9d18ec1e909176b2b7d92b4f88217a51876f4fd4a16f36521a986b0348f4951a pangomm-doc-2.46.1-1.el9.noarch.rpm 77ecd2fc1fc2c70f00abf9262894aaa56cbb8d2a8938e862109d8873e6e47607 RLSA-2022:4771 PostgreSQL is an advanced object-relational database management system (DBMS). The following packages have been upgraded to a later upstream version: postgresql (13.7). Security Fix(es): * postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox (CVE-2022-1552) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for postgresql. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

PostgreSQL is an advanced object-relational database management system (DBMS). The following packages have been upgraded to a later upstream version: postgresql (13.7). Security Fix(es): * postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox (CVE-2022-1552) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms postgresql-private-devel-13.7-1.el9_0.x86_64.rpm 90ebc9eed3dd52a679b982bde49268098ab0901276a74510d53d9b0408ced1cb postgresql-server-devel-13.7-1.el9_0.x86_64.rpm 4bba1241808dd869144209e0d63de33541e40fd477f42f4ead80877f02a1beb8 postgresql-test-13.7-1.el9_0.x86_64.rpm a6f22018ff8807a5f2849be9e4814b98109f18bd7e30e4cb772228e92dfb8901 RLSA-2022:5257 libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. Security Fix(es): * libinput: format string vulnerability may lead to privilege escalation (CVE-2022-1215) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for libinput. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. Security Fix(es): * libinput: format string vulnerability may lead to privilege escalation (CVE-2022-1215) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms libinput-devel-1.19.3-2.el9_0.x86_64.rpm 6428e50e1fa40dc168e028c377b8a103d6369e01ad37e8ae74ef836344aefe2c RLSA-2022:5948 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: galera (26.4.11), mariadb (10.5.16), mysql-selinux (1.0.5). Security Fix(es): * mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used (CVE-2021-46669) * mariadb: lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer (CVE-2022-24048) * mariadb: lack of validating the existence of an object prior to performing operations on the object (CVE-2022-24050) * mariadb: lack of proper validation of a user-supplied string before using it as a format specifier (CVE-2022-24051) * mariadb: CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability (CVE-2022-24052) * mariadb: assertion failure in Item_args::walk_arg (CVE-2022-27376) * mariadb: use-after-poison when complex conversion is involved in blob (CVE-2022-27377) * mariadb: server crash in create_tmp_table::finalize (CVE-2022-27378) * mariadb: server crash in component arg_comparator::compare_real_fixed (CVE-2022-27379) * mariadb: server crash at my_decimal::operator= (CVE-2022-27380) * mariadb: server crash at Field::set_default via specially crafted SQL statements (CVE-2022-27381) * mariadb: assertion failure via component Item_field::used_tables/update_depend_map_for_order (CVE-2022-27382) * mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c (CVE-2022-27383) * mariadb: crash via component Item_subselect::init_expr_cache_tracker (CVE-2022-27384) * mariadb: server crashes in query_arena::set_query_arena upon SELECT from view (CVE-2022-27386) * mariadb: assertion failures in decimal_bin_size (CVE-2022-27387) * mariadb: crash when using HAVING with NOT EXIST predicate in an equality (CVE-2022-27444) * mariadb: assertion failure in compare_order_elements (CVE-2022-27445) * mariadb: crash when using HAVING with IS NULL predicate in an equality (CVE-2022-27446) * mariadb: use-after-poison in Binary_string::free_buffer (CVE-2022-27447) * mariadb: crash in multi-update and implicit grouping (CVE-2022-27448) * mariadb: assertion failure in sql/item_func.cc (CVE-2022-27449) * mariadb: crash via window function in expression in ORDER BY (CVE-2022-27451) * mariadb: assertion failure in sql/item_cmpfunc.cc (CVE-2022-27452) * mariadb: use-after-free when WHERE has subquery with an outer reference in HAVING (CVE-2022-27455) * mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc (CVE-2022-27456) * mariadb: incorrect key in "dup value" error after long unique (CVE-2022-27457) * mariadb: use-after-poison in Binary_string::free_buffer (CVE-2022-27458) * mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc (CVE-2022-31622) * mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc (CVE-2022-31623) * mariadb: Crash executing query with VIEW, aggregate and subquery (CVE-2021-46659) * mariadb: MariaDB allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE) (CVE-2021-46661) * mariadb: MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements (CVE-2021-46663) * mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr (CVE-2021-46664) * mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations (CVE-2021-46665) * mariadb: MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements (CVE-2021-46668) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for mysql-selinux, mariadb, galera. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: galera (26.4.11), mariadb (10.5.16), mysql-selinux (1.0.5). Security Fix(es): * mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used (CVE-2021-46669) * mariadb: lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer (CVE-2022-24048) * mariadb: lack of validating the existence of an object prior to performing operations on the object (CVE-2022-24050) * mariadb: lack of proper validation of a user-supplied string before using it as a format specifier (CVE-2022-24051) * mariadb: CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability (CVE-2022-24052) * mariadb: assertion failure in Item_args::walk_arg (CVE-2022-27376) * mariadb: use-after-poison when complex conversion is involved in blob (CVE-2022-27377) * mariadb: server crash in create_tmp_table::finalize (CVE-2022-27378) * mariadb: server crash in component arg_comparator::compare_real_fixed (CVE-2022-27379) * mariadb: server crash at my_decimal::operator= (CVE-2022-27380) * mariadb: server crash at Field::set_default via specially crafted SQL statements (CVE-2022-27381) * mariadb: assertion failure via component Item_field::used_tables/update_depend_map_for_order (CVE-2022-27382) * mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c (CVE-2022-27383) * mariadb: crash via component Item_subselect::init_expr_cache_tracker (CVE-2022-27384) * mariadb: server crashes in query_arena::set_query_arena upon SELECT from view (CVE-2022-27386) * mariadb: assertion failures in decimal_bin_size (CVE-2022-27387) * mariadb: crash when using HAVING with NOT EXIST predicate in an equality (CVE-2022-27444) * mariadb: assertion failure in compare_order_elements (CVE-2022-27445) * mariadb: crash when using HAVING with IS NULL predicate in an equality (CVE-2022-27446) * mariadb: use-after-poison in Binary_string::free_buffer (CVE-2022-27447) * mariadb: crash in multi-update and implicit grouping (CVE-2022-27448) * mariadb: assertion failure in sql/item_func.cc (CVE-2022-27449) * mariadb: crash via window function in expression in ORDER BY (CVE-2022-27451) * mariadb: assertion failure in sql/item_cmpfunc.cc (CVE-2022-27452) * mariadb: use-after-free when WHERE has subquery with an outer reference in HAVING (CVE-2022-27455) * mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc (CVE-2022-27456) * mariadb: incorrect key in "dup value" error after long unique (CVE-2022-27457) * mariadb: use-after-poison in Binary_string::free_buffer (CVE-2022-27458) * mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc (CVE-2022-31622) * mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc (CVE-2022-31623) * mariadb: Crash executing query with VIEW, aggregate and subquery (CVE-2021-46659) * mariadb: MariaDB allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE) (CVE-2021-46661) * mariadb: MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements (CVE-2021-46663) * mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr (CVE-2021-46664) * mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations (CVE-2021-46665) * mariadb: MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements (CVE-2021-46668) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms mariadb-devel-10.5.16-2.el9_0.x86_64.rpm 80f3ef34bdabbe8c5ac0862b4ea348765c9babb3bd7ae5a59fc5f7b0944e25c9 mariadb-embedded-devel-10.5.16-2.el9_0.x86_64.rpm 2f8a0ed7bdc21ffbc2e2046b5c9cbb5962aa3ac401822ef5ead8686dfa9a77e9 mariadb-test-10.5.16-2.el9_0.x86_64.rpm 5a4a70b33bc79842ca7c226c24e4b2a1246db44998841d27321f801d69545e3c RLBA-2022:5962 Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON generator. * Regular rebuild for 9.0.0.2 (QR) - yajl (BZ#2111628) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for yajl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON generator. * Regular rebuild for 9.0.0.2 (QR) - yajl (BZ#2111628) rocky-linux-9-x86-64-crb-rpms yajl-devel-2.1.0-21.el9.x86_64.rpm 76d64d75d945c84bca3c7fe3d12b08b69da9aa810127f844c9b6f362ff0b4c7b RLSA-2022:6585 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby (3.0.4). (BZ#2109428) Security Fix(es): * Ruby: Double free in Regexp compilation (CVE-2022-28738) * Ruby: Buffer overrun in String-to-Float conversion (CVE-2022-28739) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for ruby. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby (3.0.4). (BZ#2109428) Security Fix(es): * Ruby: Double free in Regexp compilation (CVE-2022-28738) * Ruby: Buffer overrun in String-to-Float conversion (CVE-2022-28739) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms ruby-doc-3.0.4-160.el9_0.noarch.rpm c506029c15725b138655537c19ab15429c8b24a61b919f5088ac93c5efdc1645 RLSA-2022:6590 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql (8.0.30). (BZ#2122589) Security Fix(es): * mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452, CVE-2022-21459, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479) * mysql: Server: DML unspecified vulnerability (CPU Apr 2022) (CVE-2022-21413) * mysql: Server: Replication unspecified vulnerability (CPU Apr 2022) (CVE-2022-21415) * mysql: InnoDB multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21423) * mysql: Server: DDL multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21425, CVE-2022-21444) * mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) (CVE-2022-21427) * mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2022) (CVE-2022-21454) * mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Jul 2022) (CVE-2022-21455) * mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Apr 2022) (CVE-2022-21457) * mysql: Server: Logging unspecified vulnerability (CPU Apr 2022) (CVE-2022-21460) * mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21509, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553, CVE-2022-21556, CVE-2022-21569) * mysql: Server: Options unspecified vulnerability (CPU Jul 2022) (CVE-2022-21515) * mysql: InnoDB multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21517, CVE-2022-21537, CVE-2022-21539) * mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21522, CVE-2022-21534) * mysql: Server: Federated unspecified vulnerability (CPU Jul 2022) (CVE-2022-21547) * mysql: Server: Security: Encryption unspecified vulnerability (CPU Jul 2022) (CVE-2022-21538) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Default logrotate set to wrong log file (BZ#2122592) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for mysql. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql (8.0.30). (BZ#2122589) Security Fix(es): * mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452, CVE-2022-21459, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479) * mysql: Server: DML unspecified vulnerability (CPU Apr 2022) (CVE-2022-21413) * mysql: Server: Replication unspecified vulnerability (CPU Apr 2022) (CVE-2022-21415) * mysql: InnoDB multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21423) * mysql: Server: DDL multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21425, CVE-2022-21444) * mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) (CVE-2022-21427) * mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2022) (CVE-2022-21454) * mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Jul 2022) (CVE-2022-21455) * mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Apr 2022) (CVE-2022-21457) * mysql: Server: Logging unspecified vulnerability (CPU Apr 2022) (CVE-2022-21460) * mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21509, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553, CVE-2022-21556, CVE-2022-21569) * mysql: Server: Options unspecified vulnerability (CPU Jul 2022) (CVE-2022-21515) * mysql: InnoDB multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21517, CVE-2022-21537, CVE-2022-21539) * mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21522, CVE-2022-21534) * mysql: Server: Federated unspecified vulnerability (CPU Jul 2022) (CVE-2022-21547) * mysql: Server: Security: Encryption unspecified vulnerability (CPU Jul 2022) (CVE-2022-21538) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Default logrotate set to wrong log file (BZ#2122592) rocky-linux-9-x86-64-crb-rpms mysql-devel-8.0.30-3.el9_0.x86_64.rpm 4108413e2d1f2d2b726698a68a6b18f5c18b662f39cc50106d8a77ebb269a82e mysql-libs-8.0.30-3.el9_0.x86_64.rpm 631f24635c90dc75b8e60eb3564e9758ee6d92a77c1182c7e005bd0275307956 mysql-test-8.0.30-3.el9_0.x86_64.rpm ab18f4d7faea06cb8f2e66ccf44f46affece52d79a375cbc7cd8e638d4bf2ac3 RLEA-2022:7320 OSTree is a tool for managing bootable, immutable, versioned file system trees. Bug Fix(es) and Enhancement(s): * Update ostree to latest upstream version 2022.5 (BZ#2127868) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ostree. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

OSTree is a tool for managing bootable, immutable, versioned file system trees. Bug Fix(es) and Enhancement(s): * Update ostree to latest upstream version 2022.5 (BZ#2127868) rocky-linux-9-x86-64-crb-rpms ostree-devel-2022.5-1.el9.x86_64.rpm 9301e980e32ae61d9e24131756509cf32d1b4884ff6caac1f248aacfaf66dc04 RLBA-2022:7944 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libnbd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libnbd-devel-1.12.6-1.el9.x86_64.rpm fe6c0772fd908a188ec3fe9c0d23d90192d0cfa1e86baa88d5f3573003a48026 ocaml-libnbd-1.12.6-1.el9.x86_64.rpm bb22a427150420ef39abf49df5dbb156e0142adc61155b98910a2714e37e6187 ocaml-libnbd-devel-1.12.6-1.el9.x86_64.rpm 56e5a52204255a4ce1dfeb0d7f6166ca360c45ce8ddbf9c6ec487a20a6d49f40 RLBA-2022:7948 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libwpe. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libwpe-devel-1.10.0-4.el9.x86_64.rpm 9f55cb9e13a169fa5507745ea6bd577e02e3ec072996e7532d97a61a43d85699 RLBA-2022:7947 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for wpebackend-fdo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms wpebackend-fdo-devel-1.10.0-3.el9.x86_64.rpm fd01fd0108fd2dc434be61c76fcdf1a7b1af9b51753c3dced46dfc8e14a7c5f0 RLBA-2022:7952 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for flatpak. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms flatpak-devel-1.12.7-2.el9.x86_64.rpm 881ef6c8bd909d459633a08b142fa467c90634f8ec90bb6550b2cb0769c4780a RLBA-2022:7953 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gdm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gdm-devel-40.1-17.el9_1.x86_64.rpm 74a57e2a3a893a1584f338eb07dddbf433546ff5727c8e485aafe9ca4772120b gdm-pam-extensions-devel-40.1-17.el9_1.x86_64.rpm e3e8f2bb0bc6e3062f2306bd4cd8d350888f14795dc35f51ddcdef605a562f50 RLSA-2022:7958 The libguestfs packages contain a library used for accessing and modifying virtual machine disk images. Security Fix(es): * libguestfs: Buffer overflow in get_keys leads to DoS (CVE-2022-2211) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Low

An update is available for libguestfs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libguestfs packages contain a library used for accessing and modifying virtual machine disk images. Security Fix(es): * libguestfs: Buffer overflow in get_keys leads to DoS (CVE-2022-2211) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libguestfs-devel-1.48.4-2.el9.x86_64.rpm 434750a11ebc703e3a4bf537be2ef3d865815470c3acd628523e1bc8226a9533 libguestfs-gobject-1.48.4-2.el9.x86_64.rpm d6202faa12ee395de8565d276381192f2416836db6fe0bedc612ea704a1fa089 libguestfs-gobject-devel-1.48.4-2.el9.x86_64.rpm c63a83a47a59888eb86133309f7c9c7b222b0f475e0759ea147acd590bf2f4a7 libguestfs-man-pages-ja-1.48.4-2.el9.noarch.rpm ce5bbcb3fe01b5f5e05f39666cfddeb102a532accd3cd71add956bb88cb6c3c5 libguestfs-man-pages-uk-1.48.4-2.el9.noarch.rpm 3942c50c33e5ec41deb55131b8c31e0aecefa48688ca4d5140ab542cfd6de24a lua-guestfs-1.48.4-2.el9.x86_64.rpm 7337b8c2f0f72826d321b8b78ae3a3eeeec13c33c0144444fcf95f0d8184b649 ocaml-libguestfs-1.48.4-2.el9.x86_64.rpm 09fa363ba8db5457b8d4dab00d61bfb7c4292293e795b15858c36351ae8d5b3e ocaml-libguestfs-devel-1.48.4-2.el9.x86_64.rpm ee055439537360092b6a7c5d1ed8b990ea31f9bcae6599471e665649ba1cdcf8 php-libguestfs-1.48.4-2.el9.x86_64.rpm 4c28dba49f00a014fcbbe607b8d80e46310a1fc8544e632bd76914104d33f84e ruby-libguestfs-1.48.4-2.el9.x86_64.rpm c942192e2d48cd93ee75fb677b31837a2edbf8dbac570aeddc1d82d9ffa4fa8c RLBA-2022:7964 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for babeltrace. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libbabeltrace-devel-1.5.8-10.el9.x86_64.rpm f953236a3afd5c502146d16e8175a1f10ed5c656f15cc3d709cc7e97c2fdb5ab python3-babeltrace-1.5.8-10.el9.x86_64.rpm f0442453bff5c9f3c0f7c151c48b53299ab0b6ed8c36a545011d67a163403c68 RLBA-2022:7965 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for supermin. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms supermin-devel-5.2.1-8.el9.x86_64.rpm 789686cbcf8c4e4e57792226e252b1fbe4b8d47a35489820fac89f9842033998 RLSA-2022:7968 The virt-v2v package provides a tool for converting virtual machines to use the KVM (Kernel-based Virtual Machine) hypervisor or Rocky Enterprise Software Foundation Enterprise Virtualization. The tool modifies both the virtual machine image and its associated libvirt metadata. Also, virt-v2v can configure a guest to use VirtIO drivers if possible. Security Fix(es): * libguestfs: Buffer overflow in get_keys leads to DoS (CVE-2022-2211) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Low

An update is available for virt-v2v. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The virt-v2v package provides a tool for converting virtual machines to use the KVM (Kernel-based Virtual Machine) hypervisor or Rocky Enterprise Software Foundation Enterprise Virtualization. The tool modifies both the virtual machine image and its associated libvirt metadata. Also, virt-v2v can configure a guest to use VirtIO drivers if possible. Security Fix(es): * libguestfs: Buffer overflow in get_keys leads to DoS (CVE-2022-2211) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms virt-v2v-man-pages-ja-2.0.7-6.el9.noarch.rpm c8cabd3fe3293c6aff9277d6abada47bd46e16cf70170888697ceadecb76361e virt-v2v-man-pages-uk-2.0.7-6.el9.noarch.rpm 4a6fba7b6a3d7f72000fe9a7357c43ad375b5f5bb672f475efc4b6930f71c7fc RLSA-2022:7970 The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fix(es): * protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference (CVE-2021-22570) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for protobuf. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fix(es): * protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference (CVE-2021-22570) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms protobuf-compiler-3.14.0-13.el9.x86_64.rpm 2c5b7b48af7c06a73e2a16a398df2655da0cf14613bd5a6aabbcb896dad13034 protobuf-devel-3.14.0-13.el9.x86_64.rpm afcd16961de3fa823932d53f00272ca8bf34ce1f43d9b3915f357b0fd9a293b0 protobuf-lite-devel-3.14.0-13.el9.x86_64.rpm 5dbdff81e67c1bbac6306dd7ca48c7d10e6d72a2c5935582cd1f0e33cd9dc482 RLBA-2022:7976 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libnma. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libnma-devel-1.8.40-1.el9.x86_64.rpm 6a71103038a3374d111fe0b519b6476a4cc56e4d9c155b26a3cdc56c2b353852 RLSA-2022:7979 Speex is a patent-free compression format designed especially for speech. It is specialized for voice communications at low bit-rates. Security Fix(es): * speex: divide by zero in read_samples() via crafted WAV file (CVE-2020-23903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Low

An update is available for speex. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Speex is a patent-free compression format designed especially for speech. It is specialized for voice communications at low bit-rates. Security Fix(es): * speex: divide by zero in read_samples() via crafted WAV file (CVE-2020-23903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms speex-devel-1.2.0-11.el9.x86_64.rpm a170784e4d980b435c6d9aac3f13825109f9fb6c64cce98f415ce7ef5da92d55 RLEA-2022:7983 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ostree. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms ostree-devel-2022.5-1.el9.x86_64.rpm 9301e980e32ae61d9e24131756509cf32d1b4884ff6caac1f248aacfaf66dc04 RLBA-2022:7985 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for nautilus. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms nautilus-devel-40.2-9.el9_1.x86_64.rpm 1dce8143281e969c6ffd7ec3c00c978da64cd159d22fc6042288077091d72cf7 RLBA-2022:7992 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libestr. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libestr-devel-0.1.11-4.el9.x86_64.rpm 40f838f6d83ae1328502b9ddde803de6fae619484bc8a9e62425acc42656ae57 RLBA-2022:7994 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for evolution. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms evolution-devel-3.40.4-6.el9.x86_64.rpm 67fa6067fb4ab3339a1af4146ca1c5da0e4a3456ccbf45003b96585e37a0ab77 RLBA-2022:8006 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gjs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gjs-devel-1.68.6-1.el9.x86_64.rpm bc84ec9fc618cdcff02927f19e42b1fd5010cbc14fade32ea7457bc471f60375 RLBA-2022:8016 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for nss_wrapper, uid_wrapper. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms uid_wrapper-1.2.9-2.el9.x86_64.rpm 324a44bd3dcd3fb6109e817e06393835c7fb7e98eb42531d6e438325096f00df RLBA-2022:8017 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for augeas. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms augeas-devel-1.13.0-2.el9.x86_64.rpm abf3f6f1dae6877e4b75cc0be5827599c969c42148c0fe957f1db94db20d0c91 RLSA-2022:8022 The Qt5 libraries packages provide Qt 5, version 5 of the Qt cross-platform application framework. Security Fix(es): * qt: QProcess could execute a binary from the current working directory when not found in the PATH (CVE-2022-25255) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for qt5. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Qt5 libraries packages provide Qt 5, version 5 of the Qt cross-platform application framework. Security Fix(es): * qt: QProcess could execute a binary from the current working directory when not found in the PATH (CVE-2022-25255) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms qt5-devel-5.15.3-1.el9.noarch.rpm 0c7ecd814cae18753f7f6ba4f83aba303c482aab8194ccdbacb9a87d59576b5d RLBA-2022:8025 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for qt5-qtbase. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms qt5-qtbase-static-5.15.3-1.el9.x86_64.rpm d4bc47efda27984ece5f1b177dff765dc7a0ed894a92ad590e568cc5ac36d78e RLBA-2022:8026 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for qt5-qtdeclarative. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms qt5-qtdeclarative-static-5.15.3-1.el9.x86_64.rpm c4271d226b8ddcdd1054fdbe41297e7854d60c98b24c6d3e57a72a170ad1e20f RLBA-2022:8045 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for qt5-qttools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms qt5-qttools-static-5.15.3-3.el9.x86_64.rpm 72adceaa2b03cbf62abae17da6dd5960e1ed4a7f95498d5857c406fc4f4ef110 RLBA-2022:8046 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for sip. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python3-sip-devel-4.19.25-1.el9.x86_64.rpm 8265a597d4e0f4a33f005c750a0e3e5867fdc4de28f9692fcb2e0fa7eb8e0f99 sip-4.19.25-1.el9.x86_64.rpm ea1f9da8bdc74cc0351dda23eaccdd6fc2afd6e0a279fc1026f5b0c5a45e4e06 RLBA-2022:8047 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for python-qt5. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python3-qt5-devel-5.15.6-1.el9.x86_64.rpm 7efb561b834062f68772027123f31ed24487456ae4ba4f8869526b42fd918c33 RLBA-2022:8058 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dyninst. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms dyninst-devel-12.1.0-1.el9.x86_64.rpm 44ec27d3d0e7aa7ac6f4f8950d2504bff5d17e3c3913a69fef19cd04af254ef9 dyninst-doc-12.1.0-1.el9.x86_64.rpm f77f4e3317b97a69227eea97217ace1020a6cc18df68cbca339f58909f64387b dyninst-testsuite-12.1.0-1.el9.x86_64.rpm b17d82eb504aa9b227c7d0839ea90f49a24314f4d7dc00a7b2c5b082b9da2fb0 RLBA-2022:8060 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for mingw-filesystem. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms mingw64-filesystem-139-1.el9.noarch.rpm 7b6dd50fdef51fc67c21a691cf4a81162d95df496c41d946b830648bbaeb807d RLSA-2022:8062 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. The following packages have been upgraded to a later upstream version: unbound (1.16.2). (BZ#2087120) Security Fix(es): * unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names (CVE-2022-30698) * unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names (CVE-2022-30699) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for unbound. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. The following packages have been upgraded to a later upstream version: unbound (1.16.2). (BZ#2087120) Security Fix(es): * unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names (CVE-2022-30698) * unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names (CVE-2022-30699) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms unbound-devel-1.16.2-2.el9.x86_64.rpm dcdfb5f1c4b2535591fe436d2af25158490ae9211b863dc3f7e0d8f00b9de781 RLSA-2022:8068 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220) * bind: DoS from specifically crafted TCP packets (CVE-2022-0396) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for bind. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220) * bind: DoS from specifically crafted TCP packets (CVE-2022-0396) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms bind-devel-9.16.23-5.el9_1.x86_64.rpm 6911478767609b07042c35003171520d81a1ffbe992271d7dbd47a059855cb11 bind-doc-9.16.23-5.el9_1.noarch.rpm b54a5042601c2c9929ff55e7a28d9b81b336187f00c1e46440a3d48e1e222fed RLBA-2022:8069 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for anthy-unicode. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms anthy-unicode-devel-1.0.0.20201109-9.el9.x86_64.rpm 30d30ef0721b33167c6d301ffce244b5c141b121ac9f6d8f6c86151752f32a93 RLSA-2022:8078 FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Security Fix(es): * flac: out of bound write in append_to_verify_fifo_interleaved_ of stream_encoder.c (CVE-2021-0561) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for flac. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Security Fix(es): * flac: out of bound write in append_to_verify_fifo_interleaved_ of stream_encoder.c (CVE-2021-0561) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms flac-1.3.3-10.el9.x86_64.rpm a619cb85f439810a805b82d7b8cf9c8e5456cc3a0a588bb6b3455d8f6726704d flac-devel-1.3.3-10.el9.x86_64.rpm d24260fb19054b7a399957cfe696ac237925695a531d7d5b6d5baca88c61fbf9 RLBA-2022:8086 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for mingw-crt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms mingw64-crt-10.0.0-2.1.el9.noarch.rpm 94492fd12301702dace33233c5529c45cbed08d7e8e7c28ffb8fd15456fca2d8 RLBA-2022:8095 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for crash. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms crash-devel-8.0.1-2.el9.x86_64.rpm 475f9d19ef126f27bc4f9e7810b5d7f0d3eb4283c9cb51c0d96216480ce8d2db RLBA-2022:8109 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for bcc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms bcc-devel-0.24.0-4.el9.x86_64.rpm 05fe64bb38bc815c11c73265c89af8b2ac0b80e17c2f84114782b23e495b4b16 bcc-doc-0.24.0-4.el9.noarch.rpm 0c503c00b79e77cc426e76fd84713f6d3608e085db2436600f5a739cb52ee5eb RLBA-2022:8116 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for google-noto-fonts. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms google-noto-sans-symbols2-fonts-20201206-4.el9.noarch.rpm dd615d5f24abcfa7b0cd668e079d1cc26472634251956c335daac0e57eb4cdf7 RLBA-2022:8127 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for corosync. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms corosync-vqsim-3.1.5-4.el9.x86_64.rpm 5b990a328183646b8f079bfbc0e3f7bf7b8e06faaf5db160ea559ec3e42e997e RLBA-2022:8129 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for papi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms papi-6.0.0-12.el9.x86_64.rpm 5101b138e97a8481b3d4e9eb3003b6e6b960f4dbc67e22ce38f257b986ba4d8d papi-testsuite-6.0.0-12.el9.x86_64.rpm 24a23ec874267abfebb7b5a44185f1abe60b5be321d58ed1a23799fe161c2251 RLBA-2022:8130 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for criu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms criu-devel-3.17-4.el9.x86_64.rpm f0a1e40957cf80626b791a175aac71fe618b0e42d08490e1674d986eaaaba0dd RLBA-2022:8132 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libgtop2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libgtop2-devel-2.40.0-9.el9.x86_64.rpm d7d233e99fd564cf4be7cad5670d4e272e61bd8c1ed99bba0f8d7b52ad0af7e4 RLSA-2022:8139 WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Security Fix(es): * wavpack: Heap out-of-bounds read in WavpackPackSamples() (CVE-2021-44269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Low

An update is available for wavpack. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Security Fix(es): * wavpack: Heap out-of-bounds read in WavpackPackSamples() (CVE-2021-44269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms wavpack-devel-5.4.0-5.el9.x86_64.rpm 35311ca9a8a9cee423c68a8a262ac029aa7c258ada8e11cd71bb4802007a822c RLBA-2022:8142 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for yara. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms yara-devel-4.2.3-1.el9.x86_64.rpm cee4630fb16eea958d00c02b272f6ddb3b166e08d2cf2ee5a528ca37582d52b5 RLSA-2022:8151 Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): * poppler: A logic error in the Hints::Hints function can cause denial of service (CVE-2022-27337) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for poppler. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): * poppler: A logic error in the Hints::Hints function can cause denial of service (CVE-2022-27337) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms poppler-cpp-devel-21.01.0-13.el9.x86_64.rpm 65522612f2cbf8fc1777b212d60266419763b84b9400a6665d7f92ff72f99dc5 poppler-devel-21.01.0-13.el9.x86_64.rpm 9ef1b5772465999e111224316a2ce5c9b781f518bfcdec83be9b4841501d0ad2 poppler-glib-devel-21.01.0-13.el9.x86_64.rpm 9e53c433c9cf93bda7c052a66a9fba45ba03b636e925a689c6c6b830e2aed100 poppler-qt5-devel-21.01.0-13.el9.x86_64.rpm c5cf38c2201b79a0705157221ef23140548b29e2831d92ad0a6ca9c55f5d6edb RLBA-2022:8155 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for nginx. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms nginx-mod-devel-1.20.1-13.el9.x86_64.rpm 0d48e0e0047ac744699e1a46dbcc0fcfb84e27161d443ae42ce3faa8aaa61f28 RLEA-2022:8157 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libdrm, mesa. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms mesa-libgbm-devel-22.1.5-2.el9.x86_64.rpm b27251024f768a82d8e6fdcc8b750e974de6f440cbf6ce541cd77ddd98e43928 mesa-libOSMesa-22.1.5-2.el9.x86_64.rpm dad02be849138cdb6f975a8e27955fe9100cf53fcb8836c4a1689630d61522f1 mesa-libOSMesa-devel-22.1.5-2.el9.x86_64.rpm 4009414e39e4706d3fbbb61a63205275cd99cc94f2c2fc5e2ee70ac9d95edd4b RLBA-2022:8158 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for sdl12-compat. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms sdl12-compat-devel-1.2.52-1.el9.x86_64.rpm b8138fb6d9cf50adff9184cbbe3d450cfdbc64b51edfe62b7fa7e1102033ca15 RLBA-2022:8160 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for freerdp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms freerdp-devel-2.4.1-3.el9.x86_64.rpm 7df88461f070125f94d5dc13141fbf8d7bf88da5273ad374edf1f394fa136996 libwinpr-devel-2.4.1-3.el9.x86_64.rpm 4815aae60c15e2ffdd72f5243061fdb9974ebd29cfea4260d8eb55215fb7fb1f RLBA-2022:8169 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for pycairo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python3-cairo-devel-1.20.1-1.el9.x86_64.rpm 2c0a1271ada2193be3e3dc7919e0bf15f9eb5379e0d2ec8fa439dddcc1f5a5ae RLBA-2022:8170 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for nispor. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms nispor-devel-1.2.7-1.el9.x86_64.rpm 87dd25a1957b4981d70d1d1f52278d9f1071364b2091eadb28358b48f11c1a96 RLBA-2022:8176 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ldns. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms ldns-devel-1.7.1-11.el9.x86_64.rpm db5716ffbfbd277248380fdd4e385f2f0d7fbdfefd8fc402cdd38003026e0a05 ldns-doc-1.7.1-11.el9.noarch.rpm 9b10ac31884afbefbf610d8280e6e585ef3c88fd2fca8a1e4c2cb55c903e8c0d ldns-utils-1.7.1-11.el9.x86_64.rpm 7e29fc30e11fbd80468251762a09e27114fb207e8d58d25594405803cdf4ae74 perl-ldns-1.7.1-11.el9.x86_64.rpm d1c7764dc1d1e4f815189e29f66d0fa5d33a9a30a717d46dbbbcb8e14428eab4 python3-ldns-1.7.1-11.el9.x86_64.rpm d2e2832d9dae7850b05d585683fa840d973d1092ca988380a3cbe4ec4e0fbc96 RLBA-2022:8178 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xxhash. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms xxhash-devel-0.8.1-3.el9.x86_64.rpm 48915b46a25ab82a9ead1fb7a8ea560cde54c045e3a5539a47dc804b7d29d2d2 xxhash-doc-0.8.1-3.el9.noarch.rpm 1b1802afd44bd91211ca8fa5521cdcebbbf2dee0b409802774c42e5398dbe90d RLBA-2022:8184 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for woff2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms woff2-devel-1.0.2-15.el9.x86_64.rpm a55b2a86d478d4ec023c7fd6bdd26009406ea8d085888857d436df5a067244dc RLBA-2022:8201 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for i2c-tools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libi2c-devel-4.3-3.el9.x86_64.rpm fa3d546231d8b00c0ea08af9fd5ddb84bfce92339b63580b825e2f1d472bb9c9 RLBA-2022:8200 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for qpdf. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms qpdf-10.3.1-6.el9.x86_64.rpm 6e853716bd576e2ffd0dff3b687f62ed9f72edae642a64cc8fb97a6bb6c8c42a RLBA-2022:8206 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for babl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms babl-devel-0.1.86-4.el9.x86_64.rpm 00126e133d871e064a51cba8b487369295ae09f69b840ac88778ad5fdb0e8259 babl-devel-docs-0.1.86-4.el9.noarch.rpm da71bd45d0b0541bb52b1951611071ff0362ad8d856f2799adbea0bafb4a8f1e RLSA-2022:8207 OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es): * openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer (CVE-2022-1122) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Low

An update is available for openjpeg2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es): * openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer (CVE-2022-1122) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms openjpeg2-devel-2.4.0-7.el9.x86_64.rpm d53b88801d7843e5261aba4ec89ec9f296303b68172457612674407231440f05 openjpeg2-tools-2.4.0-7.el9.x86_64.rpm 8f51a50dfaba24b0e1c43029d6e9f904eddb47d45368a6cc40f8342373a60776 RLSA-2022:8208 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for dovecot. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: Privilege escalation when similar master and non-master passdbs are used (CVE-2022-30550) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms dovecot-devel-2.3.16-7.el9.x86_64.rpm 6b10305adf1e6cde979332cd81348eda8afa7e6fec600589574277bd42524a25 RLBA-2022:8209 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for boost. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms boost-b2-1.75.0-8.el9.x86_64.rpm bfb215388f045f78b0a6ac601907237c2e572a17c38e9164da6757789893aecb boost-build-1.75.0-8.el9.noarch.rpm 7434dfea46f9bd571b3675bb4c303de6597ad7ba8de42b4faef7e5824e9a36e8 boost-doc-1.75.0-8.el9.noarch.rpm e5080e6bb50f4ae84b97ff3681e6d5d80b6337ca035c88b4f2f3770a1205cf0c boost-doctools-1.75.0-8.el9.x86_64.rpm 1697c81ae74993b71fc54fa04c2db12903b5edfa3e1948f019f6e158fe938172 boost-examples-1.75.0-8.el9.noarch.rpm f3904eec06577458543173a6e0b913a0baae3f378e034fa6b63eadb46b3e17f2 boost-graph-mpich-1.75.0-8.el9.x86_64.rpm 6f221ff82913a284d6e53f63774fb13dcfb2e712fe91d068f3e6ff9d3a9fed7c boost-graph-openmpi-1.75.0-8.el9.x86_64.rpm 9d6589866096ea2c8b5cd63a3848cd563c88eb59d864b4bdab89489f47051666 boost-mpich-1.75.0-8.el9.x86_64.rpm 8a01466b534863c04dfb41385780980edf9b2458027c817bf855a9be733d87eb boost-mpich-devel-1.75.0-8.el9.x86_64.rpm 1140f2fac35951c74a3663fad6b077a529b7d12a4211a4c069289c6fda8a4e52 boost-mpich-python3-1.75.0-8.el9.x86_64.rpm 27abe0b6882c6dd62da197445a02415dfaf9ec3ebd5b06885209f681b7450cf2 boost-openmpi-1.75.0-8.el9.x86_64.rpm 1e92ce78712afa0618aa6d185fd34d1e4fc942460c6e48babce28f03fc63a8a9 boost-openmpi-devel-1.75.0-8.el9.x86_64.rpm 7ffb8fcde1d1b9dc1f529a3803d55281d1a2dc91616184b06e185027d101ec1b boost-openmpi-python3-1.75.0-8.el9.x86_64.rpm c518976827fda87ae7df7e410d4f7a19cadf645a828e906152f5ea7397ef6285 boost-static-1.75.0-8.el9.x86_64.rpm 87c37f29b636fe45c9a303b6ee0b11b694780561712f07e05bafaacd00862e80 RLBA-2022:8217 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for usbredir. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms usbredir-devel-0.12.0-3.el9.x86_64.rpm e3ceae96ef310a22028f7fe10d81835ef78fce5ad4c00312984d970989caeb43 RLSA-2022:8221 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access (CVE-2022-2319) * xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo request handler of the Xkb extension (CVE-2022-2320) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for xorg-x11-server. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access (CVE-2022-2319) * xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo request handler of the Xkb extension (CVE-2022-2320) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms xorg-x11-server-devel-1.20.11-11.el9.x86_64.rpm 3ffa8d4d57769490c429464c290cb1fde457c4266f904002ebdf175e43d8dca5 xorg-x11-server-source-1.20.11-11.el9.noarch.rpm 9b7ef85d732e8fb5a3712ea75167a3d9a4a39f443b0fe0a6dbaca49841467178 RLBA-2022:8239 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for sanlock. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms sanlock-devel-3.8.4-4.el9.x86_64.rpm 3fceaadf5de6a3713dc7a49853eb89abc2e23dba9708374fa33c1c2700a22967 RLBA-2022:8240 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libwmf. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libwmf-devel-0.2.12-10.el9.x86_64.rpm 21e61d102ef2c28e23f81e15f54e2faf2464c9d98c6b4c2745e417fb56d2fcb6 RLBA-2022:8248 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xdp-tools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libxdp-devel-1.2.6-1.el9.x86_64.rpm aa64770da9a838e9bab4de56c2bdd2d6d6d555119c461faaa16c210cf31f6ec4 libxdp-static-1.2.6-1.el9.x86_64.rpm dc56bb488826f78d0dfa87b7d33d8b984a963893983d016c2708977ac04f07cd RLBA-2022:8251 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for shaderc, glslang, spirv-tools, vulkan-loader, vulkan-headers, vulkan-validation-layers, vulkan-tools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms glslang-devel-11.9.0-3.el9.x86_64.rpm 8673679a8d57aeb46c869a097077623fc22951c2d9560fa9fa7b61ea6bdb8bd3 libshaderc-devel-2022.2-2.el9.x86_64.rpm f2d32aeeacaa88559d1b71d70f2335e348dcf0d874485e72d4196e02a92b9e56 spirv-tools-devel-2022.2-3.el9.x86_64.rpm ca7ce60985d413a6029905aec438ea59783c7c01dc24f107fd9148651b71a688 RLSA-2022:8252 Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON generator. Security Fix(es): * yajl: heap-based buffer overflow when handling large inputs due to an integer overflow (CVE-2022-24795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for yajl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON generator. Security Fix(es): * yajl: heap-based buffer overflow when handling large inputs due to an integer overflow (CVE-2022-24795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms yajl-devel-2.1.0-21.el9.x86_64.rpm 76d64d75d945c84bca3c7fe3d12b08b69da9aa810127f844c9b6f362ff0b4c7b RLBA-2022:8256 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for qatzip. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms qatzip-devel-1.0.9-1.el9.x86_64.rpm 833fba4b5a014a0ac5d764d70400a12771a9c2dac755c033df8691dee0e2eceb RLBA-2022:8258 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for qatlib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms qatlib-devel-22.07.0-1.el9.x86_64.rpm a563d5616efe0220cd545772b5dd8f9804a1d1e038faef7ee0751e674a57a86b qatlib-tests-22.07.0-1.el9.x86_64.rpm 06c0277cced3aa9e929250cd013ad6550884053446a9e5219aee7bc8ea586ce3 RLBA-2022:8423 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for enchant2, cairomm, gc, libwpd, gsl, python-lxml, boost, potrace, python-appdirs, poppler, inkscape, python-scour, librevenge, libwpg, lapack, gspell, libsigc++20, poppler-data, double-conversion, gtkmm30, openblas, pangomm, atkmm, glibmm24, numpy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms atkmm-devel-2.28.2-2.el9.x86_64.rpm 11fc41c2472a010034d4346d1e55d2d57939e4881a9fb796695e9e5ca686a3da atkmm-doc-2.28.2-2.el9.noarch.rpm 56521e83bec50b0c679f98ebb9eed867a2f8733d0a2a6f161c76dcd2d5105765 blas64_-3.9.0-8.el9.x86_64.rpm 2530f90f98336e61bd6a02f83a041e9b2f1ad80f98a7701ca32a36772c514e34 blas-devel-3.9.0-8.el9.x86_64.rpm f113c6361d4366359df15df45e03ac61af50d105d091ae6e186c4ca1c0333bae boost-b2-1.75.0-8.el9.x86_64.rpm bfb215388f045f78b0a6ac601907237c2e572a17c38e9164da6757789893aecb boost-build-1.75.0-8.el9.noarch.rpm 7434dfea46f9bd571b3675bb4c303de6597ad7ba8de42b4faef7e5824e9a36e8 boost-doc-1.75.0-8.el9.noarch.rpm e5080e6bb50f4ae84b97ff3681e6d5d80b6337ca035c88b4f2f3770a1205cf0c boost-doctools-1.75.0-8.el9.x86_64.rpm 1697c81ae74993b71fc54fa04c2db12903b5edfa3e1948f019f6e158fe938172 boost-examples-1.75.0-8.el9.noarch.rpm f3904eec06577458543173a6e0b913a0baae3f378e034fa6b63eadb46b3e17f2 boost-static-1.75.0-8.el9.x86_64.rpm 87c37f29b636fe45c9a303b6ee0b11b694780561712f07e05bafaacd00862e80 cairomm-devel-1.14.2-10.el9.x86_64.rpm 544c7d7c6a9444ff79fd203d909e547c7b7765f15c895432298b329d1ba432e3 cairomm-doc-1.14.2-10.el9.noarch.rpm 383bbbc516adade85cecf9956a9810d533fc5c5acaefb80b1b23edf5bd82b58e double-conversion-devel-3.1.5-6.el9.x86_64.rpm 53605cf5ceaf872fc7d858f2d70f1bc88569a4ee01f1dc7da946b13a7fc31069 enchant2-devel-2.2.15-6.el9.x86_64.rpm 08aa10bb553702a6181d511cf0441ffb86cf8cef2b4267bf716930953cd8a3fb gc-devel-8.0.4-7.el9.x86_64.rpm 88ed3632268ae6d8e0473c6fb4d8825cb535689930a8360645e96fac36cb8b28 glibmm24-devel-2.66.1-1.el9.x86_64.rpm d6889eaa60da6a0783370dd6302b1fbdb922cbfc78687f2eef0042b02cb8d3b3 glibmm24-doc-2.66.1-1.el9.noarch.rpm bfbcd163138501fa996ad0aa4dda44619ae3b7205390023646364b3fac404ec0 gsl-devel-2.6-7.el9.x86_64.rpm 46f551cad56dbffa6322bcd179d7fd9c49ac62b63e53cc8758830fc491da1378 gspell-devel-1.9.1-3.el9.x86_64.rpm 891ef54606923f1a5c3192277b8a764c278636ceb2f158712ab23ed833df878b gspell-doc-1.9.1-3.el9.noarch.rpm 54cac486505ede6438dcd75cc31f8578dfd63773c7d3431e4514a932c7b28268 gtkmm30-devel-3.24.5-1.el9.x86_64.rpm 75ec5630a922e98de355811d2ce1816f07e456ea674aabb9e61e51c1c663fcf7 gtkmm30-doc-3.24.5-1.el9.noarch.rpm abe9d8f8b5cc7a7d8cfa3e70e35cf283930d6cdf18dd0c8254d86cc7a06ed99c lapack64_-3.9.0-8.el9.x86_64.rpm 8f5001ba142c8d123c8eca4ba8d638c4b4698944455e2ae23fd2d38303e4ed7d lapack-devel-3.9.0-8.el9.x86_64.rpm 272d8f5ed4db3cd67be495900c4e2631246c0de81549faf55172b3fa6556de14 lapack-static-3.9.0-8.el9.x86_64.rpm b035ba0aac10f15d8131bf8c6b398969d372c1b35a6acef905eda308c65421f9 librevenge-devel-0.0.4-22.el9.x86_64.rpm 581414d6aeb091448e3519e5bd6564ceb4b2d37cba7e32ea3edafcc3be488573 libsigc++20-devel-2.10.7-2.el9.x86_64.rpm c9b811467556f15a812b5ea1d691e7d359a2597514b9baf0d535efee0b6c96c6 libsigc++20-doc-2.10.7-2.el9.noarch.rpm 29487250f3f83163d9b2b19379dc1437e3ad90db099286cb698d375effee094b libwpd-devel-0.10.3-10.el9.x86_64.rpm 75bf759ba5cf87a9e1842fdf7751fa874987d8014212220ff694671bf9c62a72 libwpd-doc-0.10.3-10.el9.noarch.rpm cf1cafa034c873ca0728f3d265a585a12f2fe820388cf525b9407d7a7ff7d3b4 libwpg-devel-0.3.3-8.el9.x86_64.rpm b74c59b1f9580c7854ab074ca64bb117f6065efe9684bf59e118ec54c02da47d libwpg-doc-0.3.3-8.el9.noarch.rpm 612575a87c0c960172ba28ba334437243e5e8df6ae17b42d55d999fe31dac0a0 openblas-devel-0.3.15-3.el9.x86_64.rpm 779bb7c6b5a9996776399693bd2a9042c529135914844f1778603bf2b06f1f1b openblas-openmp64_-0.3.15-3.el9.x86_64.rpm 4a8fb52c87992341ed4bb8498879410fea70a0a53cb22e72843b351b52617178 openblas-openmp64-0.3.15-3.el9.x86_64.rpm 8d96eec4644c6225070b6836141a2a6bae17045b3ed7640fce4fe5ea4eff8ec0 openblas-serial64_-0.3.15-3.el9.x86_64.rpm 2a11fc4e3c8e399a19cb9cb3edcc4eeb001c579fd967749d10e230f6b0ece17f openblas-serial64-0.3.15-3.el9.x86_64.rpm 4d951a6abc99a09d8608b292412cccaa64436f3c22fdff62cfc66f35f3112e43 openblas-static-0.3.15-3.el9.x86_64.rpm f51132b19396ace2190cc4b7a492e705b09dcade1caf793ae908399666f54eae openblas-threads-0.3.15-3.el9.x86_64.rpm 682f0f87db8101db61746bdc6f5470263ed6942c55c38114d2bc297aa6443ac5 openblas-threads64_-0.3.15-3.el9.x86_64.rpm bb7acaaf794d9c79791edb19d3bbda86019a17020f2da54f2b7eb67c42cb601f openblas-threads64-0.3.15-3.el9.x86_64.rpm 099ab438dc94b0d6e62aa2800a52faafc08c7cf9d512763f28494f3b15ba59f8 pangomm-devel-2.46.1-1.el9.x86_64.rpm 9d18ec1e909176b2b7d92b4f88217a51876f4fd4a16f36521a986b0348f4951a pangomm-doc-2.46.1-1.el9.noarch.rpm 77ecd2fc1fc2c70f00abf9262894aaa56cbb8d2a8938e862109d8873e6e47607 poppler-cpp-devel-21.01.0-13.el9.x86_64.rpm 65522612f2cbf8fc1777b212d60266419763b84b9400a6665d7f92ff72f99dc5 poppler-devel-21.01.0-13.el9.x86_64.rpm 9ef1b5772465999e111224316a2ce5c9b781f518bfcdec83be9b4841501d0ad2 poppler-glib-devel-21.01.0-13.el9.x86_64.rpm 9e53c433c9cf93bda7c052a66a9fba45ba03b636e925a689c6c6b830e2aed100 poppler-qt5-devel-21.01.0-13.el9.x86_64.rpm c5cf38c2201b79a0705157221ef23140548b29e2831d92ad0a6ca9c55f5d6edb RLBA-2022:8440 Mutter is a compositing window manager that displays and manages desktop through OpenGL. It combines the window-management logic inherited from the Metacity window manager with a display engine that uses the Clutter toolkit. Bug Fix(es) and Enhancement(s): * [AMDCLIENT 9.1 Bug] [Lenovo]When switch to some resolutions will be black screen [Rocky Linux-9.1.0.z] (BZ#2136747) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for mutter. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Mutter is a compositing window manager that displays and manages desktop through OpenGL. It combines the window-management logic inherited from the Metacity window manager with a display engine that uses the Clutter toolkit. Bug Fix(es) and Enhancement(s): * [AMDCLIENT 9.1 Bug] [Lenovo]When switch to some resolutions will be black screen [Rocky Linux-9.1.0.z] (BZ#2136747) rocky-linux-9-x86-64-crb-rpms mutter-devel-40.9-10.el9_1.x86_64.rpm 24646b27eb50dba42dcf377796bf663c8a1e9a7aef4c54813446664a26492c37 RLSA-2022:8643 Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): * varnish: Request Forgery Vulnerability (CVE-2022-45060) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for varnish. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): * varnish: Request Forgery Vulnerability (CVE-2022-45060) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms varnish-devel-6.6.2-2.el9_1.1.x86_64.rpm cb1428a7bd876403954ea5825db294ea92a43465a6ee344cba3a7f211e098837 RLSA-2023:0077 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.113 and .NET Runtime 6.0.13. The following packages have been upgraded to a later upstream version: dotnet6.0 (6.0.113). (BZ#2154459) Security Fix(es): * dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process (CVE-2023-21538) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for dotnet6.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.113 and .NET Runtime 6.0.13. The following packages have been upgraded to a later upstream version: dotnet6.0 (6.0.113). (BZ#2154459) Security Fix(es): * dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process (CVE-2023-21538) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.113-1.el9_1.x86_64.rpm 6162d99e68196c549b9562824adb121163f03f9310fcedfaef24095887977d09 RLBA-2023:0080 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.102 and Runtime 7.0.2 [Rocky Linux-9.1.0.z] (BZ#2154468) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.102 and Runtime 7.0.2 [Rocky Linux-9.1.0.z] (BZ#2154468) rocky-linux-9-x86-64-crb-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.102-1.el9_1.x86_64.rpm 90902997f0c1596eb34cc3e537349bd6c3669808364978cbe978d65594a06de5 RLSA-2023:0202 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 11.0.18) [Rocky Linux-9] (BZ#2157798) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for java-11-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 11.0.18) [Rocky Linux-9] (BZ#2157798) rocky-linux-9-x86-64-crb-rpms java-11-openjdk-demo-fastdebug-11.0.18.0.10-2.el9_1.x86_64.rpm 0d452bc0bf346345afd40e7e10deb682ea4b241bd7b2ff407cb0b3725f98d0e8 java-11-openjdk-demo-slowdebug-11.0.18.0.10-2.el9_1.x86_64.rpm 0b8e793f20e4fa6071dead1ecf1c5d63e489cacf326f45ff85602bdfe3b856c3 java-11-openjdk-devel-fastdebug-11.0.18.0.10-2.el9_1.x86_64.rpm fb98d357c220e7d505b390fc1d581350c9488aa2b184c51a087a27061195aee2 java-11-openjdk-devel-slowdebug-11.0.18.0.10-2.el9_1.x86_64.rpm 07764fdad716427819cb9a273165a9b87d809c00f9502e0e68e5b02870ee1d84 java-11-openjdk-fastdebug-11.0.18.0.10-2.el9_1.x86_64.rpm afadfa5e89a735598e041e57a68906214c00aed204d6f83c5274b69448de9e2f java-11-openjdk-headless-fastdebug-11.0.18.0.10-2.el9_1.x86_64.rpm bc453405df5a8ee331def725f1ec40165528e438eb9b6d59a7d110e31c87f925 java-11-openjdk-headless-slowdebug-11.0.18.0.10-2.el9_1.x86_64.rpm fdafa0b86cc7ba214a6b992fdbde4568a8094f02e9183a4007c020cfb42db63d java-11-openjdk-jmods-fastdebug-11.0.18.0.10-2.el9_1.x86_64.rpm 3148acab69679c2b13648e658e79e7300e26ebfe6b5e6c182008d62581fcd1ee java-11-openjdk-jmods-slowdebug-11.0.18.0.10-2.el9_1.x86_64.rpm 022b243a4cd53c33fa6fad0feb27462ac160ee70d1c234142d8958aa64182794 java-11-openjdk-slowdebug-11.0.18.0.10-2.el9_1.x86_64.rpm d12215d12b15143bb3286e55a6b8ee334cb05746b9f7d79c2578b54accbe6c02 java-11-openjdk-src-fastdebug-11.0.18.0.10-2.el9_1.x86_64.rpm 63f9cf3dad43a3ab4db48a41bf686f18d5b6a6fd8f9bc41b8f64e0e9ec390d48 java-11-openjdk-src-slowdebug-11.0.18.0.10-2.el9_1.x86_64.rpm 6c76ecfb260804d191bdebe9eddd3ec51d6f4b0d8664092e81aafdfeb455bfb9 java-11-openjdk-static-libs-fastdebug-11.0.18.0.10-2.el9_1.x86_64.rpm b1c2e8c346a0657b38122511b24fac7ce5df0695e5060d59c3460c337c4b13f5 java-11-openjdk-static-libs-slowdebug-11.0.18.0.10-2.el9_1.x86_64.rpm dce52f9ae03f09ca051323a90dd95ee7c5057515e22a7f4ddb599b08917a8191 RLSA-2023:0194 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * In FIPS mode, the use of a SQLite database provided by NSS was assumed, which was opened in read-only mode and with no PIN expected. This prevented the use of other databases or setting a PIN on the NSS database. This update allows more control over database use using two new properties - fips.nssdb.path and fips.nssdb.pin - which can be configured permanently in the java.security file or temporarily via command-line arguments to the Java virtual machine (RHBZ#2147476) * Prepare for the next quarterly OpenJDK upstream release (2023-01, 17.0.6) [Rocky Linux-9] (BZ#2153097) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for java-17-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * In FIPS mode, the use of a SQLite database provided by NSS was assumed, which was opened in read-only mode and with no PIN expected. This prevented the use of other databases or setting a PIN on the NSS database. This update allows more control over database use using two new properties - fips.nssdb.path and fips.nssdb.pin - which can be configured permanently in the java.security file or temporarily via command-line arguments to the Java virtual machine (RHBZ#2147476) * Prepare for the next quarterly OpenJDK upstream release (2023-01, 17.0.6) [Rocky Linux-9] (BZ#2153097) rocky-linux-9-x86-64-crb-rpms java-17-openjdk-demo-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm 12a53adc48f3a3d430064c82906a7a9de0f168183bd5a1116d32b0fcae94398b java-17-openjdk-demo-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm b6e3e1431cbc7602fe80b13eded3f9d9f48db8ea943ca44f22fc9e4900292b5e java-17-openjdk-devel-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm 8cbf389931ad984f38b308f7ef59e7e180780cdae1b6e6de4bab1241ad704860 java-17-openjdk-devel-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm 38e964645e67fcf5d79e7a198f2e73627f5a22bc3f67e5b61fa983ca065f1e61 java-17-openjdk-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm 8710d5d805a8b6ce219a962b289a07849f50fbecc031bcd8df9424445d0457da java-17-openjdk-headless-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm 5b22ff5ee1d5b99a4d89cb220861ffc6e0e9924aa4c8aa43da9b3166159cd34a java-17-openjdk-headless-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm afecbec869a36a6326747769a1d1a3faa3863d4b105341538e4f0011cec81313 java-17-openjdk-jmods-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm 2f982f03457a095b2ca6a7b91cdcc54f3ec01b4285dbd8ce55129966010661df java-17-openjdk-jmods-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm 8e90aceaeb67a37fe2fdbecf659954dbdc71f0ae9ee1c299b1b3f920b4515382 java-17-openjdk-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm 3175a44dca4399d6c44f235f4be1e8f24990c0ece2389a28e8bb07a1c298db7d java-17-openjdk-src-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm 1d7d29e0b1d7c221305a6e23f7f1756968aaea8a0f14369cbafb22e2339bbda9 java-17-openjdk-src-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm 70aa619fbca5a974ad0bc0c825f5da8fb940e0d599b9e59b6b17df421768e7e9 java-17-openjdk-static-libs-fastdebug-17.0.6.0.10-3.el9_1.x86_64.rpm d0a49b7d5167a1b7c787a90c382e671f6a03ac7a801a208a52ae3a817318e19f java-17-openjdk-static-libs-slowdebug-17.0.6.0.10-3.el9_1.x86_64.rpm edf553117440f582410d9e4a0d88338766853123dc0a84013d6823a1dd3c90f6 RLSA-2023:0302 The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * LibTiff: DoS from Divide By Zero Error (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058) * libtiff: Double free or corruption in rotateImage() function at tiffcrop.c (CVE-2022-2519) * libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c (CVE-2022-2953) * libtiff: Assertion fail in rotateImage() function at tiffcrop.c (CVE-2022-2520) * libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c (CVE-2022-2521) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for libtiff. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * LibTiff: DoS from Divide By Zero Error (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058) * libtiff: Double free or corruption in rotateImage() function at tiffcrop.c (CVE-2022-2519) * libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c (CVE-2022-2953) * libtiff: Assertion fail in rotateImage() function at tiffcrop.c (CVE-2022-2520) * libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c (CVE-2022-2521) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms libtiff-tools-4.4.0-5.el9_1.x86_64.rpm be038616c7273ba4637976ea727bdb1da8993ea055d2ed0947ef1dfc66806791 RLSA-2023:0304 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix(es): * libreoffice: Macro URL arbitrary script execution (CVE-2022-3140) * libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation (CVE-2022-26305) * libreoffice: Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password (CVE-2022-26306) * libreoffice: Weak Master Keys (CVE-2022-26307) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for libreoffice. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix(es): * libreoffice: Macro URL arbitrary script execution (CVE-2022-3140) * libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation (CVE-2022-26305) * libreoffice: Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password (CVE-2022-26306) * libreoffice: Weak Master Keys (CVE-2022-26307) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms libreoffice-sdk-7.1.8.1-8.el9_1.x86_64.rpm c57c121c86e56ace7635bc239a07dff8840dd2a2f3b8db52b21b9bd046d484b8 libreoffice-sdk-doc-7.1.8.1-8.el9_1.x86_64.rpm edf2c1066166e4dbaacea265ca283727f595a43b50237723b41443d7ae289f17 RLBA-2023:0312 Tracker is a powerful desktop-neutral first class object database, tag and metadata database, search tool, and indexer. It consists of a common object database that allows entities to have an almost infinite number of properties, metadata (both embedded and harvested, as well as user definable), a comprehensive database of keywords and tags, and links to other entities. It provides additional features for file-based objects including context linking and audit trails for a file object. It has the ability to index, store, and harvest metadata, retrieve and search all types of files and other first class objects. Bug Fix: * GTK 3 directly depends on libsoup 2 (BZ#2141023) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for tracker. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Tracker is a powerful desktop-neutral first class object database, tag and metadata database, search tool, and indexer. It consists of a common object database that allows entities to have an almost infinite number of properties, metadata (both embedded and harvested, as well as user definable), a comprehensive database of keywords and tags, and links to other entities. It provides additional features for file-based objects including context linking and audit trails for a file object. It has the ability to index, store, and harvest metadata, retrieve and search all types of files and other first class objects. Bug Fix: * GTK 3 directly depends on libsoup 2 (BZ#2141023) rocky-linux-9-x86-64-crb-rpms tracker-devel-3.1.2-3.el9_1.x86_64.rpm 8205b4ca772ffeb07e91b246768c3ad760655d07abc4a3ab71f5b03cca9b63d5 RLBA-2023:0311 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Bug Fixes: * libvirt doesn't catch mdevs created thru sysfs (BZ#2141364) * libvirt kills virtual machine on restart when 2M and 1G hugepages are mounted (BZ#2152083) * qemuAgentGetDisks cannot parse response from a guest agent running in Windows VM (BZ#2154410) Enhancement: * Backport the qemuDomainGetStatsCpu fallback Implementation (BZ#2157094) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libvirt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Bug Fixes: * libvirt doesn't catch mdevs created thru sysfs (BZ#2141364) * libvirt kills virtual machine on restart when 2M and 1G hugepages are mounted (BZ#2152083) * qemuAgentGetDisks cannot parse response from a guest agent running in Windows VM (BZ#2154410) Enhancement: * Backport the qemuDomainGetStatsCpu fallback Implementation (BZ#2157094) rocky-linux-9-x86-64-crb-rpms libvirt-lock-sanlock-8.5.0-7.3.el9_1.x86_64.rpm 13ac11c59b325c8b1330ea02ee6ef156c47baf0de5d1fb595a1ffc6a747b55cf libvirt-devel-8.5.0-7.3.el9_1.x86_64.rpm 450b155820759e838333a77eeed9a86d4a13a2701e52228a25a20915556a2d62 libvirt-docs-8.5.0-7.3.el9_1.x86_64.rpm 349013be6bf59f882358ea5020d7b192d238febd53533e66ea90cb805b528eec RLBA-2023:0313 Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Bug Fix: * Cannot move bridge port to bond (BZ#2148394) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for nmstate. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Bug Fix: * Cannot move bridge port to bond (BZ#2148394) rocky-linux-9-x86-64-crb-rpms nmstate-devel-2.1.4-2.el9_1.x86_64.rpm 8d3a7455484f188b8f8023d3b027461119052659b3b5f058abe9f6f7ffdece03 nmstate-static-2.1.4-2.el9_1.x86_64.rpm 527c268f161c27237c92e64529539ba1d8de46cfbf5f5b35c7a30b3eda6e0b64 RLBA-2023:0316 Network Block Device (NBD) is a protocol for accessing hard disks and other disk-like devices over the network. The nbdkit toolkit utilizes NBD to create servers with minimal dependencies. The package contains plug-in support for the C and Python programming languages. Bug Fix: * nbdkit: error: /home/vddk8.0.0/lib64/libvixDiskLib.so.7: cannot open shared object file: No such file or directory (BZ#2148498) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for nbdkit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Network Block Device (NBD) is a protocol for accessing hard disks and other disk-like devices over the network. The nbdkit toolkit utilizes NBD to create servers with minimal dependencies. The package contains plug-in support for the C and Python programming languages. Bug Fix: * nbdkit: error: /home/vddk8.0.0/lib64/libvixDiskLib.so.7: cannot open shared object file: No such file or directory (BZ#2148498) rocky-linux-9-x86-64-crb-rpms nbdkit-devel-1.30.8-2.el9_1.x86_64.rpm 23a84e401bfa4a24a902b30e16c99c0819a5e34a76932991fdf674c55ace456c nbdkit-example-plugins-1.30.8-2.el9_1.x86_64.rpm ef2a00c53f2e4649e41b9d9c704325cddfb0805d2dff4194f6e0980643810c95 nbdkit-srpm-macros-1.30.8-2.el9_1.noarch.rpm 341e29ed559ac990037aaa739d3148e8b7efbacb71528ef4706444f24ab24f69 RLBA-2023:0320 Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fix(es) and Enhancement(s): * vault interoperability with older Rocky Linux systems is broken (BZ#2149274) * ipa-client-install does not maintain server affinity during installation (BZ#2150270) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ipa. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fix(es) and Enhancement(s): * vault interoperability with older Rocky Linux systems is broken (BZ#2149274) * ipa-client-install does not maintain server affinity during installation (BZ#2150270) rocky-linux-9-x86-64-crb-rpms python3-ipatests-4.10.0-8.el9_1.noarch.rpm 2f5153a5fdb52d80da4c1461d827ee67ff894532d0c85d9fcf44be5e9901a719 RLBA-2023:0319 The fontconfig packages contain the font configuration and customization library, which is designed to locate fonts within the system and select them according to the requirements specified by the applications. Bug fix: * need to fix remap-dir behavior (BZ#2150227) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for fontconfig. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The fontconfig packages contain the font configuration and customization library, which is designed to locate fonts within the system and select them according to the requirements specified by the applications. Bug fix: * need to fix remap-dir behavior (BZ#2150227) rocky-linux-9-x86-64-crb-rpms fontconfig-devel-doc-2.14.0-2.el9_1.noarch.rpm d030938eeb9fff0af88752dc9d6dd4a23a2a9feffc69caca469f25d12ebb2429 RLSA-2023:0210 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [Rocky Linux-9] (BZ#2159912) * solr broken due to access denied ("java.io.FilePermission" "/etc/pki/java/cacerts" "read") [Rocky Linux-9, openjdk-8] (BZ#2163594) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [Rocky Linux-9] (BZ#2159912) * solr broken due to access denied ("java.io.FilePermission" "/etc/pki/java/cacerts" "read") [Rocky Linux-9, openjdk-8] (BZ#2163594) rocky-linux-9-x86-64-crb-rpms java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm 6d4b40146b672f2f1a06989a8918f5b0bd27c65190e45a66ae541d7d874ded7a java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm 72d7094bb96f12bf21b0730d62872689fd74bb5c31e8763cb6054acc79ca4fb4 java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm d7f864c28e479f499deee5a715101eafd4c826a38193e6086b008851d1f6af36 java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm e417021e58c4355000685b2f13ba86de08f2b3cd5de1ae644ff59334182fd432 java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm 3ef0ea5c855ed5860cca625db79e51a46b536c16163261cc992d9e56ce3afe26 java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm 7de863c2b061939378d0880138c7c4bb0b7a34ca9b5b88953b76583a7758254e java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm ed090157e9661fdbc71ea8e584ea1a4173aefcfeeee13e25947a35196a5e570d java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm d6c5779a792b865129b76a57c6ae564270ea090fed73bc5bd1f7d7bc51bd7a95 java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm bef2a8fb299830b487d8eff2fe14c8f34646170e4e5d3d74deda16fd9a63c676 java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm 954c481d9a7d48351bf091828522b4114b835e941e83447d036b2aea0a6a932a RLBA-2022:8419 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for kronosnet. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libknet1-1.24-2.el9.x86_64.rpm 10470c893389ee5e893d8ebc77f92ec78b49b2dd77dc7802b7d506352398fb87 libknet1-devel-1.24-2.el9.x86_64.rpm 6788a977150708672b956b306a1515d23a47ab7ae61f0121d7561fbb6012a170 RLBA-2022:2343 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for mutter. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms mutter-devel-40.9-10.el9_1.x86_64.rpm 24646b27eb50dba42dcf377796bf663c8a1e9a7aef4c54813446664a26492c37 RLBA-2022:2672 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for varnish. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms varnish-devel-6.6.2-2.el9_1.1.x86_64.rpm cb1428a7bd876403954ea5825db294ea92a43465a6ee344cba3a7f211e098837 RLBA-2022:4203 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for lua. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms lua-devel-5.4.2-4.el9_0.3.x86_64.rpm fa35368fce9b9264daedcf044170e31b2e37f2eccbb755ff02ed8e0c0368e943 RLBA-2022:8272 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for glibc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms glibc-benchtests-2.34-40.el9_1.1.x86_64.rpm c98631ffd820450bed544a21b3b700e910665173765db62c4183423e376bf6d6 glibc-nss-devel-2.34-40.el9_1.1.x86_64.rpm b0ae3c8c96e0ba9d9a2bcc909c4926f0c99e0b10888d40d6d723beb81da772fa glibc-static-2.34-40.el9_1.1.x86_64.rpm 183d60e4caaf7167bbb088699fa29da831447236a7903d49500c990ef22c341f nss_db-2.34-40.el9_1.1.x86_64.rpm 094459e3e26c6b6037759b0b0c15f4dc216dffb9219601a720343568820f2821 nss_hesiod-2.34-40.el9_1.1.x86_64.rpm 2f8ddf658780f32dd7708732a75bb44947d6a25339e35e76fec5eba01cabe1bc RLBA-2022:8313 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for device-mapper-multipath. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms device-mapper-multipath-devel-0.8.7-12.el9_1.1.x86_64.rpm 2ec993316295a547121a661ae20eef0ece0650313cd0565aeef1126594de42d5 RLBA-2022:8325 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for sssd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsss_nss_idmap-devel-2.7.3-4.el9_1.3.x86_64.rpm fb62f49ce772300c3c25fa35d4575220505eadf6bad7ab47c15cca53f590942b RLSA-2022:8353 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following packages have been upgraded to a later upstream version: python3.9 (3.9.14). (BZ#2128249) Security Fix(es): * python: mailcap: findmatch() function does not sanitize the second argument (CVE-2015-20107) * python: open redirection vulnerability in lib/http/server.py may lead to information disclosure (CVE-2021-28861) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for python3.9. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following packages have been upgraded to a later upstream version: python3.9 (3.9.14). (BZ#2128249) Security Fix(es): * python: mailcap: findmatch() function does not sanitize the second argument (CVE-2015-20107) * python: open redirection vulnerability in lib/http/server.py may lead to information disclosure (CVE-2021-28861) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python3-debug-3.9.14-1.el9_1.1.x86_64.rpm e840409ef049a32026f6cdcdb591340884b65da8027fdd062341863fd8a5653c python3-idle-3.9.14-1.el9_1.1.x86_64.rpm a497ed830b53e23ebe5d0ede1b44f590e1c52a25916aae4e49c12945d4569d66 python3-test-3.9.14-1.el9_1.1.x86_64.rpm 17313f288bdfd5e39d068f0233d8f424b34a6d200cf0c29910567d2603a5c429 RLBA-2022:8399 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for cryptsetup. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms cryptsetup-devel-2.4.3-5.el9_1.1.x86_64.rpm 2c2454e44a521ec8d01b53fd6500bd00225daa9930bacfe0e705f95e3852d5d9 RLSA-2023:0334 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: watch queue race condition can lead to privilege escalation (CVE-2022-2959) * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964) * kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139) * kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945) * kernel: i2c: unbounded length leads to buffer overflow in ismt_access() (CVE-2022-3077) * kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Intel 9.2: Important iavf bug fixes (BZ#2127884) * vfio zero page mappings fail after 2M instances (BZ#2128514) * nvme-tcp automatic reconnect fails intermittently during EMC powerstore NDU operation (BZ#2131359) * ice: Driver Update to 5.19 (BZ#2132070) * WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134588) * drm: duplicated call of drm_privacy_screen_register_notifier() in drm_connector_register() (BZ#2134619) * updating the appid field through sysfs is returning an -EINVAL error (BZ#2136914) * DELL EMC: System is not booting into RT Kernel with perc12. (BZ#2139213) * No signal showed in the VGA monitor when installing Rocky Linux9 in the legacy bios mode (BZ#2140153) * Practically limit "Dummy wait" workaround to old Intel systems (BZ#2142168) * ppc64le: unexpected oom panic when there's enough memory left in zswap test (BZ#2143976) * fatal error: error in backend: Branch target out of insn range (BZ#2144902) * AMdCLIENT: The kernel command line parameter "nomodeset" not working properly (BZ#2145217) * Azure: PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (BZ#2150910) * Azure z-stream: Sometimes newly deployed VMs are not getting accelerated network during provisioning (BZ#2151605) * DELL 9.0 RT - On PE R760 system, call traces are observed dmesg when system is running stress (BZ#2154407) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: watch queue race condition can lead to privilege escalation (CVE-2022-2959) * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964) * kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139) * kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945) * kernel: i2c: unbounded length leads to buffer overflow in ismt_access() (CVE-2022-3077) * kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Intel 9.2: Important iavf bug fixes (BZ#2127884) * vfio zero page mappings fail after 2M instances (BZ#2128514) * nvme-tcp automatic reconnect fails intermittently during EMC powerstore NDU operation (BZ#2131359) * ice: Driver Update to 5.19 (BZ#2132070) * WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134588) * drm: duplicated call of drm_privacy_screen_register_notifier() in drm_connector_register() (BZ#2134619) * updating the appid field through sysfs is returning an -EINVAL error (BZ#2136914) * DELL EMC: System is not booting into RT Kernel with perc12. (BZ#2139213) * No signal showed in the VGA monitor when installing Rocky Linux9 in the legacy bios mode (BZ#2140153) * Practically limit "Dummy wait" workaround to old Intel systems (BZ#2142168) * ppc64le: unexpected oom panic when there's enough memory left in zswap test (BZ#2143976) * fatal error: error in backend: Branch target out of insn range (BZ#2144902) * AMdCLIENT: The kernel command line parameter "nomodeset" not working properly (BZ#2145217) * Azure: PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (BZ#2150910) * Azure z-stream: Sometimes newly deployed VMs are not getting accelerated network during provisioning (BZ#2151605) * DELL 9.0 RT - On PE R760 system, call traces are observed dmesg when system is running stress (BZ#2154407) rocky-linux-9-x86-64-crb-rpms kernel-cross-headers-5.14.0-162.12.1.el9_1.0.2.x86_64.rpm 8702b992d6c0e4d42901e000bb8c77052e4eb5f60a18bdb85b85daf908c78f84 kernel-tools-libs-devel-5.14.0-162.12.1.el9_1.0.2.x86_64.rpm 6b925adf3c079986daa1efaf40d266e21366ec55e3e69a9ae7d220b8b552ef77 RLBA-2022:2402 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ibus. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms ibus-devel-1.5.25-2.el9.rocky.0.1.x86_64.rpm ed24cb2ef1c065893e429ebc661003f9df274a4ec7c83781a9eb160ecf1daca4 ibus-devel-docs-1.5.25-2.el9.rocky.0.1.noarch.rpm c0d02d296b1aa2728924a81b223bb37aa249d57101648b9dc3d2b47c518b9ce2 RLBA-2022:2856 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gnome-menus. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gnome-menus-devel-3.36.0-8.el9.0.1.x86_64.rpm 72a8c68344f032bcd3920b8b1b109d125c53f55a09bcd88e462c2cc54ff99a56 RLBA-2022:7977 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for anaconda. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms anaconda-widgets-devel-34.25.1.14-1.el9.rocky.0.3.x86_64.rpm ed5e8557584c51446cc6435a4fbdb55e45afa284e716cc13456782c3cb094756 RLSA-2022:8003 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. The following packages have been upgraded to a later upstream version: libvirt (8.5.0). (BZ#2060313) Security Fix(es): * libvirt: missing locking in nwfilterConnectNumOfNWFilters can lead to denial of service (CVE-2022-0897) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Low

An update is available for libvirt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. The following packages have been upgraded to a later upstream version: libvirt (8.5.0). (BZ#2060313) Security Fix(es): * libvirt: missing locking in nwfilterConnectNumOfNWFilters can lead to denial of service (CVE-2022-0897) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libvirt-devel-8.5.0-7.3.el9_1.x86_64.rpm 450b155820759e838333a77eeed9a86d4a13a2701e52228a25a20915556a2d62 libvirt-docs-8.5.0-7.3.el9_1.x86_64.rpm 349013be6bf59f882358ea5020d7b192d238febd53533e66ea90cb805b528eec libvirt-lock-sanlock-8.5.0-7.3.el9_1.x86_64.rpm 13ac11c59b325c8b1330ea02ee6ef156c47baf0de5d1fb595a1ffc6a747b55cf RLBA-2022:8216 For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for openscap. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms openscap-engine-sce-devel-1.3.6-4.el9.rocky.0.2.x86_64.rpm bb3a7de19111528a79cf17ea78c85177a98fad55a15ae5a3008561166bda578d RLBA-2022:4289 For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for shim-unsigned-x64. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.0 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms shim-unsigned-x64-15.5-1.el9.rocky.2.x86_64.rpm e4f8c5287a28226ee35abce14e6cb4981be893178995c7404097433204ab3595 RLSA-2023:0626 KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Security Fix(es): * libksba: integer overflow to code executiona (CVE-2022-47629) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for libksba. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

KSBA (pronounced Kasbah) is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Security Fix(es): * libksba: integer overflow to code executiona (CVE-2022-47629) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms libksba-devel-1.5.1-6.el9_1.x86_64.rpm 0bda41310c731437a2d35dc112fc904bf3bd4f3c7c95e2dbd1997d1fdf0498b5 RLBA-2023:0781 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address bugs are now available. The updated versions are .NET SDK 7.0.103 and .NET Runtime 7.0.3. Bug Fix(es) and Enhancement(s): * 2166776 - Update .NET 7.0 to SDK 7.0.103 and Runtime 7.0.3 [rhel-9.1.0.z] Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address bugs are now available. The updated versions are .NET SDK 7.0.103 and .NET Runtime 7.0.3. Bug Fix(es) and Enhancement(s): * 2166776 - Update .NET 7.0 to SDK 7.0.103 and Runtime 7.0.3 [rhel-9.1.0.z] rocky-linux-9-x86-64-crb-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.103-1.el9_1.x86_64.rpm c0eedcc16f7103b660e445061d2263f3dd9536d9eafdbbf395155a19a6bd4f62 RLBA-2023:0782 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address bugs are now available. The updated versions are .NET SDK 6.0.114 and .NET Runtime 6.0.14. Bug Fix(es) and Enhancements : * 2166770 - Update .NET 6.0 to SDK 6.0.114 and Runtime 6.0.14 [rhel-9.1.0.z] Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dotnet6.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address bugs are now available. The updated versions are .NET SDK 6.0.114 and .NET Runtime 6.0.14. Bug Fix(es) and Enhancements : * 2166770 - Update .NET 6.0 to SDK 6.0.114 and Runtime 6.0.14 [rhel-9.1.0.z] rocky-linux-9-x86-64-crb-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.114-1.el9_1.x86_64.rpm 8e949fccef4c5f12b6a7c5f2cff683624f6918e91f76233ce91e22eb197b755d RLSA-2023:1068 The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fix(es): * libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c (CVE-2021-46822) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for libjpeg-turbo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fix(es): * libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c (CVE-2021-46822) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms turbojpeg-2.0.90-6.el9_1.x86_64.rpm e71de329d7d14dc983420d03be9edbcb7ffe868178a74b78185fc2742f15d2a9 turbojpeg-devel-2.0.90-6.el9_1.x86_64.rpm f455ca181d0ee508349cbe66a15797be525703b6cf9619fbce49217b5978492c RLBA-2023:1244 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.104 and Runtime 7.0.4 [rhel-9.1.0.z] (BZ#2175027) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.104 and Runtime 7.0.4 [rhel-9.1.0.z] (BZ#2175027) rocky-linux-9-x86-64-crb-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.104-1.el9_1.x86_64.rpm da3c4e5fbeaa844de0346439b7f1202c136c8d7d426a69078b56841e28e79f15 RLBA-2023:1246 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.115 and Runtime 6.0.15 [rhel-9.1.0.z] (BZ#2174986) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dotnet6.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.115 and Runtime 6.0.15 [rhel-9.1.0.z] (BZ#2174986) rocky-linux-9-x86-64-crb-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.115-1.el9_1.x86_64.rpm fba41e0f407d98e6c0cdefd8ce6650b02f0f18c7fa9491ab147a22356e3ad433 RLBA-2023:0947 The ipset packages provide the ipset utility and the ipset service to manage IP sets in the Linux kernel. Depending on the type, an IP set may store IP addresses, networks, (TCP/UDP) port numbers, MAC addresses, interface names or combinations of them in a way that ensures high speed when matching an entry against a set. Bug Fix(es) and Enhancement(s): * systemctl restart ipset extremely slow restoring large saved set (BZ#2043008) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ipset. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The ipset packages provide the ipset utility and the ipset service to manage IP sets in the Linux kernel. Depending on the type, an IP set may store IP addresses, networks, (TCP/UDP) port numbers, MAC addresses, interface names or combinations of them in a way that ensures high speed when matching an entry against a set. Bug Fix(es) and Enhancement(s): * systemctl restart ipset extremely slow restoring large saved set (BZ#2043008) rocky-linux-9-x86-64-crb-rpms ipset-devel-7.11-7.el9_1.x86_64.rpm 8589bebf3ca0dafb4e63b43257dd4dd4c2bf3f4c0f0bd34944a81590abc98b33 RLBA-2023:0948 libnetfilter_conntrack is a userspace library providing a programming interface (API) to the in-kernel connection tracking state table. Bug Fix(es) and Enhancement(s): * conntrack -D with filters sometimes ignores the filters and deletes all connection state (BZ#2122641) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libnetfilter_conntrack. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libnetfilter_conntrack is a userspace library providing a programming interface (API) to the in-kernel connection tracking state table. Bug Fix(es) and Enhancement(s): * conntrack -D with filters sometimes ignores the filters and deletes all connection state (BZ#2122641) rocky-linux-9-x86-64-crb-rpms libnetfilter_conntrack-devel-1.0.8-5.el9_1.x86_64.rpm fa15c1d7c8c7ddc81655563b66bd747604001b854a2fc81025a0d39887d0e65a RLBA-2023:0950 nftables provides a packet-filtering tool, with numerous improvements in convenience, features, and performance. It is the designated successor to iptables, ip6tables, arptables and ebtables. Bug Fix(es) and Enhancement(s): * RFE: Document why nft ipsec out ip daddr fail to match with xfrmi topo (BZ#1806431) * Make upstream test suite pass (BZ#1973687) * Prevent port-shadow attacks in sample nat config (BZ#2061940) * nftables set concatenation match (ether saddr . vlan id) displays wrong (BZ#2094887) * nftables denies rule with explicit ether type match and VLAN ID in set concatenation (BZ#2094890) * nft asserts if set concatenation contains a constant (BZ#2094894) * nftables add ipsec rule fail (BZ#2113874) * NFT delete element rule return false value. (BZ#2115627) * nft: netlink_delinearize.c:2695: netlink_delinearize_rule: Assertion `pctx->table != NULL' failed. (BZ#2130721) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for nftables. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

nftables provides a packet-filtering tool, with numerous improvements in convenience, features, and performance. It is the designated successor to iptables, ip6tables, arptables and ebtables. Bug Fix(es) and Enhancement(s): * RFE: Document why nft ipsec out ip daddr fail to match with xfrmi topo (BZ#1806431) * Make upstream test suite pass (BZ#1973687) * Prevent port-shadow attacks in sample nat config (BZ#2061940) * nftables set concatenation match (ether saddr . vlan id) displays wrong (BZ#2094887) * nftables denies rule with explicit ether type match and VLAN ID in set concatenation (BZ#2094890) * nft asserts if set concatenation contains a constant (BZ#2094894) * nftables add ipsec rule fail (BZ#2113874) * NFT delete element rule return false value. (BZ#2115627) * nft: netlink_delinearize.c:2695: netlink_delinearize_rule: Assertion `pctx->table != NULL' failed. (BZ#2130721) rocky-linux-9-x86-64-crb-rpms nftables-devel-1.0.4-9.el9_1.x86_64.rpm 63e57870abd17702eacfa187e42690e1b94fc7c6f9f15e1900bbe6716e2fdfec RLSA-2023:0953 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * Python: CPU denial of service via inefficient IDNA decoder (CVE-2022-45061) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for python3.9. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * Python: CPU denial of service via inefficient IDNA decoder (CVE-2022-45061) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms python3-debug-3.9.14-1.el9_1.2.x86_64.rpm f3081fcc0b0554d26475b20e01a90ef6027900a861cb6fdf31aaec609aa7689a python3-idle-3.9.14-1.el9_1.2.x86_64.rpm e256c6f50db18f53ddcd6fd9f03038cc22251c220cdfb25fc6e350d77f8a3bf7 python3-test-3.9.14-1.el9_1.2.x86_64.rpm 262fbe571f5ba91004ee76144353c1bbad78086b03963d3b3b1f500b652abf8b RLSA-2023:0957 The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fix(es): * lua: use after free allows Sandbox Escape (CVE-2021-44964) * lua: stack overflow in lua_resume of ldo.c allows a DoS via a crafted script file (CVE-2021-43519) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for lua. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fix(es): * lua: use after free allows Sandbox Escape (CVE-2021-44964) * lua: stack overflow in lua_resume of ldo.c allows a DoS via a crafted script file (CVE-2021-43519) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms lua-devel-5.4.4-2.el9_1.x86_64.rpm 6f94b39ab334658fe1d5f5802f3063b0057e7bd1daf2125e07fa94f747fa177b RLBA-2023:0964 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Bug Fixes: * libvirt doesn't catch mdevs created thru sysfs (BZ#2141364) * libvirt kills virtual machine on restart when 2M and 1G hugepages are mounted (BZ#2152083) * qemuAgentGetDisks cannot parse response from a guest agent running in Windows VM (BZ#2154410) Enhancement: * Backport the qemuDomainGetStatsCpu fallback Implementation (BZ#2157094) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libvirt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Bug Fixes: * libvirt doesn't catch mdevs created thru sysfs (BZ#2141364) * libvirt kills virtual machine on restart when 2M and 1G hugepages are mounted (BZ#2152083) * qemuAgentGetDisks cannot parse response from a guest agent running in Windows VM (BZ#2154410) Enhancement: * Backport the qemuDomainGetStatsCpu fallback Implementation (BZ#2157094) rocky-linux-9-x86-64-crb-rpms libvirt-devel-8.5.0-7.4.el9_1.x86_64.rpm c15fcde5b1ff02fdedd9075aa3c3e7f82cfb6b924c7c9f9a43cecc7828d82895 libvirt-docs-8.5.0-7.4.el9_1.x86_64.rpm e98905401bd103a52d23ee29057dbbe9c22338ba47d02338a338c17f859dd11a libvirt-lock-sanlock-8.5.0-7.4.el9_1.x86_64.rpm 8d41a353bafc31755d8ec9a00b2d885286518d0d4d024ce3fd77199d4942e852 RLBA-2023:1756 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es): * Update .NET 7.0 to SDK 7.0.105 and Runtime 7.0.5 [rhel-9.1.0.z] (BZ#2183592) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es): * Update .NET 7.0 to SDK 7.0.105 and Runtime 7.0.5 [rhel-9.1.0.z] (BZ#2183592) rocky-linux-9-x86-64-crb-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.105-1.el9_1.x86_64.rpm df796366b8479ef581d9a223199e8c4391f97721a1be4608b331f54fafc3e7e9 RLBA-2023:1758 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es): * Update .NET 6.0 to SDK 6.0.116 and Runtime 6.0.16 [rhel-9.1.0.z] (BZ#2183583) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dotnet6.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es): * Update .NET 6.0 to SDK 6.0.116 and Runtime 6.0.16 [rhel-9.1.0.z] (BZ#2183583) rocky-linux-9-x86-64-crb-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.116-1.el9_1.x86_64.rpm 562c305e94b04fcf1a8153828437d52d59c4e7e1bdf44e2ef57941e9536af9ed RLSA-2023:1879 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * In FIPS mode, the list of cryptographic services and algorithms available is limited to those that are FIPS compliant. It was found that this filtering was too strict and was also excluding service attributes. These attributes are now made available in FIPS mode, as they are in non-FIPS mode. (RHBZ#2186804) * Previously, the XML signature provider was unable to operate in FIPS mode. Following recent enhancements to FIPS mode support, the XML signature provider can now be supported. It is now enabled in FIPS mode. (RHBZ#2186811) * The PKCS#11 provider used by FIPS mode can be supported by different PKCS#11 tokens. It was found that some PKCS#11 tokens may not be initialised fully before use, leading to an exception being thrown by the provider. With this release, this exception is now expected and handled by the FIPS support code. (RHBZ#2186807) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for java-17-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * In FIPS mode, the list of cryptographic services and algorithms available is limited to those that are FIPS compliant. It was found that this filtering was too strict and was also excluding service attributes. These attributes are now made available in FIPS mode, as they are in non-FIPS mode. (RHBZ#2186804) * Previously, the XML signature provider was unable to operate in FIPS mode. Following recent enhancements to FIPS mode support, the XML signature provider can now be supported. It is now enabled in FIPS mode. (RHBZ#2186811) * The PKCS#11 provider used by FIPS mode can be supported by different PKCS#11 tokens. It was found that some PKCS#11 tokens may not be initialised fully before use, leading to an exception being thrown by the provider. With this release, this exception is now expected and handled by the FIPS support code. (RHBZ#2186807) rocky-linux-9-x86-64-crb-rpms java-17-openjdk-demo-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm 8140f6d867bc5357cc0369087ba139afed18054e21d68d72305fb79c612392cd java-17-openjdk-demo-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm c3c67318504b941a6423d347daae88b3a9ccb7eb03f867a04737e9f5235d6734 java-17-openjdk-devel-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm 10b82242c46dcf364bed56c8824a030db9c88858b35e7367841ceb12fcdf9f7e java-17-openjdk-devel-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm 24a542f450f65f6becd6362b40a4e8b066bc7c4c3b2d02668424500ac5356576 java-17-openjdk-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm 45b583ed7e105d84f59aae7b8bbe632bdf9a169985bc40a65923e1774ad7b9f1 java-17-openjdk-headless-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm 5a86c5668c985ed08713ae8fbefc52c4bdb4c9b317c1b910f946ec64853fd874 java-17-openjdk-headless-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm 30976d4af656eaf1dac058135503b3bcc5c0c714105d64c4f7af01bb0693d1e9 java-17-openjdk-jmods-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm f7bae04deb8fb91a13e0ddde83a9de018b5b8e543372d24d28b4e509ea818d4d java-17-openjdk-jmods-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm 5cf2b2b2f145ffef37623f6f861570c75c92e0c6a81f9ad0c37d66cc9349b714 java-17-openjdk-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm b480fc2f419850b424c4fd3269fa8876a72d9153913c9d79fc8fdfd6ecd7c2ca java-17-openjdk-src-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm b1cd23408a4a5953e96559bd474ae6e6e978a1a2cc262054f321dc7f7251f9ca java-17-openjdk-src-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm 7bc41bb0eb8446e3efa700ec4464042425174fdfd9824b33aee870c098e7f877 java-17-openjdk-static-libs-fastdebug-17.0.7.0.7-1.el9_1.x86_64.rpm e7bfb8fcf18917362788b1ec65fa301c0969e498e80aecbdcf1891f017370a36 java-17-openjdk-static-libs-slowdebug-17.0.7.0.7-1.el9_1.x86_64.rpm b55ea478d2c0909088e2bfe8bbc2a1bd1d25252eb78ce0249ff32abd069e7e30 RLSA-2023:1880 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for java-11-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms java-11-openjdk-demo-fastdebug-11.0.19.0.7-1.el9_1.x86_64.rpm 5ee72f72637d1a7a8fda192fa35b79e6e5538ba645dbc3925ddfb6018c6e18bb java-11-openjdk-demo-slowdebug-11.0.19.0.7-1.el9_1.x86_64.rpm 4e7469cbe0dbf3385a3202637556add6127062a3f01322fa208eba1b4181789d java-11-openjdk-devel-fastdebug-11.0.19.0.7-1.el9_1.x86_64.rpm 5935406d16d2039d8b0ace5d93f23ba504e864aa7a66d9594180cf70e579bbee java-11-openjdk-devel-slowdebug-11.0.19.0.7-1.el9_1.x86_64.rpm 8b8c443a5a999f59336be18ad7c1ee508279bf3143829c1c5929bf03d19b5f3e java-11-openjdk-fastdebug-11.0.19.0.7-1.el9_1.x86_64.rpm 75993254661678bec75c7200422f43e4859952d0b9951dbe0327680e6680ed34 java-11-openjdk-headless-fastdebug-11.0.19.0.7-1.el9_1.x86_64.rpm 037f3ec2a2ca8f2398b8548540723058f7534d0338f70cb578ae46b7a79c7f10 java-11-openjdk-headless-slowdebug-11.0.19.0.7-1.el9_1.x86_64.rpm 3e84b09247e369bf5480aa8058fe8ff06b20a87a7d6735c304ecd259aeda9391 java-11-openjdk-jmods-fastdebug-11.0.19.0.7-1.el9_1.x86_64.rpm b0316598e8212c7846583f010966180122013c557c0a8f41b879fd6a3c3f444a java-11-openjdk-jmods-slowdebug-11.0.19.0.7-1.el9_1.x86_64.rpm 007e2134bd4d83f4f0e0376df0a2cb554cbdbe0c93cc9365c1e6de288eacef76 java-11-openjdk-slowdebug-11.0.19.0.7-1.el9_1.x86_64.rpm 8e5b0f970b1e423e2e7b38f06b01de9b3eea2945f90d7eb367cbad86470f302d java-11-openjdk-src-fastdebug-11.0.19.0.7-1.el9_1.x86_64.rpm b4ac94b292930daed1b10c84776d96ca1ae0cb8a345c54e7096bd10e278a0ab7 java-11-openjdk-src-slowdebug-11.0.19.0.7-1.el9_1.x86_64.rpm 8dba9a0bc108de5bdb0571d4ee14de9c9be2645288e63cdd41534833b877c171 java-11-openjdk-static-libs-fastdebug-11.0.19.0.7-1.el9_1.x86_64.rpm baa5d6e2b1bdaf93542de1d43449ce04c309f74da8062f3cbb34fd1d12bb30a7 java-11-openjdk-static-libs-slowdebug-11.0.19.0.7-1.el9_1.x86_64.rpm 9e6a50d7c6eb1496d5f0ed104075eadd2b4408733e834eda7f3f2b24df5fc362 RLSA-2023:1909 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * The RSAPSSSignature implementation works with RSA keys via the SunRSASign provider. However, it did not fully check that the RSA key could be used by the provider before attempting to do so, leading to the possibility of errors being returned with custom security providers. The implementation now validates RSA keys and will allow other providers to handle such keys where it cannot. (RHBZ#2188024) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * The RSAPSSSignature implementation works with RSA keys via the SunRSASign provider. However, it did not fully check that the RSA key could be used by the provider before attempting to do so, leading to the possibility of errors being returned with custom security providers. The implementation now validates RSA keys and will allow other providers to handle such keys where it cannot. (RHBZ#2188024) rocky-linux-9-x86-64-crb-rpms java-1.8.0-openjdk-demo-fastdebug-1.8.0.372.b07-1.el9_1.x86_64.rpm 65357caa6245a70d51793efdb8e688592dd4287d849d716a6aceaad65c748509 java-1.8.0-openjdk-demo-slowdebug-1.8.0.372.b07-1.el9_1.x86_64.rpm c57347b74ba3c6237231485862a3ec6ae27cfc23014f976c071c37f173e8fbaf java-1.8.0-openjdk-devel-fastdebug-1.8.0.372.b07-1.el9_1.x86_64.rpm e91cdaa83077dda976d89967a822428a1e978beb5297fae1e2ee5b32e576e079 java-1.8.0-openjdk-devel-slowdebug-1.8.0.372.b07-1.el9_1.x86_64.rpm 342cbfd54cd5f8b375a18f4199049ee11bf1caddc75d9c3316991d4db418e121 java-1.8.0-openjdk-fastdebug-1.8.0.372.b07-1.el9_1.x86_64.rpm 279d62d04864a3e6e600d440861e095bbe0f3411a00a9d6642ceca9f47f7a8f5 java-1.8.0-openjdk-headless-fastdebug-1.8.0.372.b07-1.el9_1.x86_64.rpm 7fd5c397628caac1f1bbc196d9b81e35914433594ea7f0db7bd6961ee8381293 java-1.8.0-openjdk-headless-slowdebug-1.8.0.372.b07-1.el9_1.x86_64.rpm 63ffe842cfeef8e5ffeaf6f7ee0a54db322ddeb1e4c1889bc5e00f75ceaa91c4 java-1.8.0-openjdk-slowdebug-1.8.0.372.b07-1.el9_1.x86_64.rpm fb61e0008b021fc5ea01ccae7071e0244cfa8ff1cacd8d31a1b35ed6ca0a0e66 java-1.8.0-openjdk-src-fastdebug-1.8.0.372.b07-1.el9_1.x86_64.rpm 8026d4c4e0088f17be0e32602b110f0b7bcb021c9637b867c51e2e5333d21bbc java-1.8.0-openjdk-src-slowdebug-1.8.0.372.b07-1.el9_1.x86_64.rpm e513dbafabd8a76624996a43eb3a53e6e7456d472c218b802c72607383d3a5b9 RLBA-2023:2480 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libsepol. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsepol-static-3.5-1.el9.x86_64.rpm a7e07dde6f6a89fbfb11f2e8196cc74e043b762986e1cbb75d44be2788a97725 RLBA-2023:2489 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for librepo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms librepo-devel-1.14.5-1.el9.x86_64.rpm 09a15b0785f7b97c2705f0f75f37a839c9a9674f940035708fa8b9f2133fb69c RLBA-2023:2501 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gobject-introspection. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gobject-introspection-devel-1.68.0-11.el9.x86_64.rpm fd5fa1bfac571b761f120dec61f1b0f72281bcbf76efc7c02d873533ef2d8821 RLBA-2023:2514 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for sssd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsss_nss_idmap-devel-2.8.2-2.el9.x86_64.rpm 20214221209feef9007f91e0cf072c5d1674bd42d25298149ec82a1b3ec4c137 RLBA-2023:2549 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libbpf. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libbpf-devel-1.0.0-2.el9.x86_64.rpm f0be1b1e64895095c06b73ba3f0795925316bbfadca2844c5ed487d8e4de5fd5 libbpf-static-1.0.0-2.el9.x86_64.rpm 3fd75bbaccfbd120a600e7338f9f833ccf3aad467777794cb699286f4dd152b8 RLBA-2023:2558 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libselinux. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libselinux-static-3.5-1.el9.x86_64.rpm 0508bbb031ee68acf5cecbcddcd42de8d4820e092b3e368413f7818be1acb369 RLBA-2023:2586 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ipset. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms ipset-devel-7.11-8.el9.x86_64.rpm 3716dbbfb9f542427c61c60d8a28c5201cd3430bdc5900db55dd1065a0a4e8eb RLBA-2023:2223 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for anaconda. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms anaconda-widgets-devel-34.25.2.10-1.el9_2.rocky.0.3.x86_64.rpm db555da1fe043cd61627f40e0426be862bbfd0d0e3d9235abb90a3f957f1574b RLBA-2023:2388 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for python3.11-wheel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python3.11-wheel-wheel-0.38.4-3.el9.noarch.rpm 6afa76447518ad48a5e66097bdd791983b63bac806c73949c8d75d1b77b3eed1 RLBA-2023:2160 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for capstone. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms capstone-devel-4.0.2-10.el9.x86_64.rpm 99d9efc111c4794937450a77f78faf7da252d8ad4218f2a5e54d8c9926ef2cbc capstone-java-4.0.2-10.el9.noarch.rpm e9da5f1c2ebce2390774a72927ab09d1d88f19f630a2afa6f682ac71d5d48841 python3-capstone-4.0.2-10.el9.x86_64.rpm 6bfcac4bf29cd48c396ad6cb5e5722bb71f16326871c21afb8a2a0fc77a73bab RLBA-2023:2186 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for augeas. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms augeas-devel-1.13.0-3.el9.x86_64.rpm 780793559596fe4425d3bf24cf828b5332e31f20b154c104786f90bb2880c24b RLBA-2023:2390 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for varnish. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms varnish-devel-6.6.2-3.el9.x86_64.rpm 7a2faecd80be53f5a1af2f333887f09ae18d00190eb9814473a6c8490cc04086 RLBA-2023:2402 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for plexus-interpolation, httpcomponents-core, maven-wagon, maven, google-guice, jsoup, jansi, apache-commons-io, apache-commons-lang3, maven-shared-utils, plexus-utils, plexus-classworlds, jakarta-annotations, httpcomponents-client, apache-commons-codec, plexus-cipher, atinject, javapackages-tools, maven-resolver, plexus-containers, jsr-305, cdi-api, apache-commons-cli, slf4j, guava, plexus-sec-dispatcher, sisu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms javapackages-generators-6.0.0-4.el9.noarch.rpm 658d14adcf1518041ff90ee238d485193ab92f5601fd24e2767d1531c6503d4f javapackages-local-6.0.0-4.el9.noarch.rpm 4677a41640859d83cc0b2a102a60e3eb34dd4c3d6bfef0d14cc9d5e28dc7eabd maven-local-6.0.0-4.el9.noarch.rpm acf5acd8478e2aadedf45db80699b349b03b9605b5f7eaed790572b7683dc65b plexus-containers-container-default-2.1.0-10.el9.noarch.rpm f95f3671e7d93035d083cbfdbb4b14ebc3bfe295a1bbe738036da6f103f5c54a python3-javapackages-6.0.0-4.el9.noarch.rpm 02090a36a022def69bb135f2d30b92f1f322719adc0a3c0993038500d74dfb5e RLBA-2023:2430 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for python3.11-psycopg2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python3.11-psycopg2-debug-2.9.3-1.el9.x86_64.rpm 7dcdb3cfb4b22a9164f5c5d0381365dd6917bc03ba8d79dcd72f6cc70b08ef16 python3.11-psycopg2-tests-2.9.3-1.el9.x86_64.rpm dd217c61f7d7b4e74f53641f848e6730e8a5a1465231da2ec39462dbd7b330c5 RLBA-2023:2608 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for kronosnet. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libknet1-1.25-2.el9.x86_64.rpm 805c1d33c31757d02e7f82dbc5d360c3c8a9e38583683e6fab7d41ae76823630 libknet1-devel-1.25-2.el9.x86_64.rpm 0f73d7f8aaaafcfac8f1ff16ec011f38274643ab259421b85ac6d9ae31eda02f RLBA-2023:2635 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.105 and Runtime 7.0.5 [rhel-9.2.0.z] (BZ#2183591) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.105 and Runtime 7.0.5 [rhel-9.2.0.z] (BZ#2183591) rocky-linux-9-x86-64-crb-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.105-2.el9_2.x86_64.rpm 3c92e6b3c966d013f2f52d292279c28d918d0642388b3f9a168463fe458a43e9 RLBA-2023:2639 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Bug Fix(es): * All Rocky Linux versions now share a single OpenJDK build (RHBZ#2189326) * In FIPS mode, the list of cryptographic services and algorithms available is limited to those that are FIPS compliant. It was found that this filtering was too strict and was also excluding service attributes. These attributes are now made available in FIPS mode, as they are in non-FIPS mode. (RHBZ#2186803) * Previously, the XML signature provider was unable to operate in FIPS mode. Following recent enhancements to FIPS mode support, the XML signature provider can now be supported. It is now enabled in FIPS mode. (RHBZ#2186810) * The PKCS#11 provider used by FIPS mode can be supported by different PKCS#11 tokens. It was found that some PKCS#11 tokens may not be initialised fully before use, leading to an exception being thrown by the provider. With this release, this exception is now expected and handled by the FIPS support code. (RHBZ#2186806) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for java-17-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Bug Fix(es): * All Rocky Linux versions now share a single OpenJDK build (RHBZ#2189326) * In FIPS mode, the list of cryptographic services and algorithms available is limited to those that are FIPS compliant. It was found that this filtering was too strict and was also excluding service attributes. These attributes are now made available in FIPS mode, as they are in non-FIPS mode. (RHBZ#2186803) * Previously, the XML signature provider was unable to operate in FIPS mode. Following recent enhancements to FIPS mode support, the XML signature provider can now be supported. It is now enabled in FIPS mode. (RHBZ#2186810) * The PKCS#11 provider used by FIPS mode can be supported by different PKCS#11 tokens. It was found that some PKCS#11 tokens may not be initialised fully before use, leading to an exception being thrown by the provider. With this release, this exception is now expected and handled by the FIPS support code. (RHBZ#2186806) rocky-linux-9-x86-64-crb-rpms java-17-openjdk-demo-fastdebug-17.0.7.0.7-3.el9.x86_64.rpm c489d9604f8c023296ea0a1cf50278d80ac9ee25203c3d2f38feb4a78bcfe438 java-17-openjdk-demo-slowdebug-17.0.7.0.7-3.el9.x86_64.rpm 6c0c1185fce99abdcc3e1731d85ae1a63518ff47f195873fa8f38cc4478c76b7 java-17-openjdk-devel-fastdebug-17.0.7.0.7-3.el9.x86_64.rpm 34eb9ff70cf29693598893ebea49f762a09c84cb41ce5536468696c6c4cf0a8e java-17-openjdk-devel-slowdebug-17.0.7.0.7-3.el9.x86_64.rpm 3654a033acb8be72732a4a2e7d95a5a0f2f35833837d650358811c5c3162d53d java-17-openjdk-fastdebug-17.0.7.0.7-3.el9.x86_64.rpm a89d2500cb3fc425307439379e4b6c438f9755446365dbfb31d803d66bac5d2e java-17-openjdk-headless-fastdebug-17.0.7.0.7-3.el9.x86_64.rpm 9e7c4bc23a103607684e8451c60e5e3cfab142c9799e40ec85b8c74f1b8a8b95 java-17-openjdk-headless-slowdebug-17.0.7.0.7-3.el9.x86_64.rpm 5c5d5d1d420ba7f751aa223551bd75f1ed9ba0c9cae50a9632c1eb26379617bc java-17-openjdk-jmods-fastdebug-17.0.7.0.7-3.el9.x86_64.rpm c30dc34dd55aa5666b925eb2f58460c551d58bb21e97ec5623f50101b4a0709a java-17-openjdk-jmods-slowdebug-17.0.7.0.7-3.el9.x86_64.rpm ba75af77ad2ba647f1c4d08909365510c38a0cae947a6586ec63e3ccb3ac73db java-17-openjdk-slowdebug-17.0.7.0.7-3.el9.x86_64.rpm 08b7f597259605fb3d8aed507e1731a0fd54b8cd85a608ef9e1e499165fe2011 java-17-openjdk-src-fastdebug-17.0.7.0.7-3.el9.x86_64.rpm 21733cbde639efb704221dfa854d033f45a990fbbf0d318eb230f7cbba45ef57 java-17-openjdk-src-slowdebug-17.0.7.0.7-3.el9.x86_64.rpm 4d6dd07655cf0d744b20efdfebde399cf0054d7cd2305c83e58e8d15a97ecbfa java-17-openjdk-static-libs-fastdebug-17.0.7.0.7-3.el9.x86_64.rpm 7eeb1ed3910f0a5b2d6de0b442522bd9430beefbe0ad7a58c26e0a1a583678da java-17-openjdk-static-libs-slowdebug-17.0.7.0.7-3.el9.x86_64.rpm 76516963627b90cb40d16299501b9599fda3eec83318fd46e8c0e2e3157766da RLBA-2023:2640 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fix(es): * All Rocky Linux versions now share a single OpenJDK build (RHBZ#2189325) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for java-11-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fix(es): * All Rocky Linux versions now share a single OpenJDK build (RHBZ#2189325) rocky-linux-9-x86-64-crb-rpms java-11-openjdk-demo-fastdebug-11.0.19.0.7-4.el9.x86_64.rpm c3c3036dfefeb197a4b1b069d3ccbe5d066206ec75b302817fef47cf26abb71e java-11-openjdk-demo-slowdebug-11.0.19.0.7-4.el9.x86_64.rpm 2f8c5798d56385977386babf75cc1d0c7086466b05882c2d5b2c419d1144b7b2 java-11-openjdk-devel-fastdebug-11.0.19.0.7-4.el9.x86_64.rpm 498048b136389faedb37befc964526520381a55e5b44e99d5eb6198f0ca65de2 java-11-openjdk-devel-slowdebug-11.0.19.0.7-4.el9.x86_64.rpm c8a75605b6f25e8bd02803ff9bb6dc75d7f7c2b878041909dfb91ca878ec7e41 java-11-openjdk-fastdebug-11.0.19.0.7-4.el9.x86_64.rpm 919822643e8feb1bfe7199f34bbf8b902485652181fc309b95dd4e911803d655 java-11-openjdk-headless-fastdebug-11.0.19.0.7-4.el9.x86_64.rpm 93f41ea78207391942e96b1db3a1b94c582d6b18ba09033931e4b673419ebf77 java-11-openjdk-headless-slowdebug-11.0.19.0.7-4.el9.x86_64.rpm 1683efebb9398be50e474d30546fcf83ad6307191e20f4231397043439a94f00 java-11-openjdk-jmods-fastdebug-11.0.19.0.7-4.el9.x86_64.rpm 811ddcdec0136d8ff4c68a320255cb24c3d5fac05813e8e160b183df5ccd213c java-11-openjdk-jmods-slowdebug-11.0.19.0.7-4.el9.x86_64.rpm e46b73f8fe31c5ca8faa81336af95857e3a73d3420f85c39804765690e975ccd java-11-openjdk-slowdebug-11.0.19.0.7-4.el9.x86_64.rpm 45b549df8ac88764180ea502d93526b7f88be4436879abde4b3aa584aaf21d60 java-11-openjdk-src-fastdebug-11.0.19.0.7-4.el9.x86_64.rpm 5997f8957af00c1e3e85ecb1d4c5a6c2d71c1761e053ee5e8e98d4adfe3c5f96 java-11-openjdk-src-slowdebug-11.0.19.0.7-4.el9.x86_64.rpm bcdf2d29f44a376bd080491218a945ee49d6d31ab33346b7822b57f611995089 java-11-openjdk-static-libs-fastdebug-11.0.19.0.7-4.el9.x86_64.rpm 214c7222c393c624351ceadf01ff1c49061a44c54c3aa719c124ec7edf37418d java-11-openjdk-static-libs-slowdebug-11.0.19.0.7-4.el9.x86_64.rpm 53bfa3b142245f66ea253c504f290ed69b38a2e3e3b3f898a6ce21ff607e4595 RLBA-2023:2643 The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Bug Fix(es): * Backport hint about systemd daemon-reload (BZ#2180441) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for util-linux. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Bug Fix(es): * Backport hint about systemd daemon-reload (BZ#2180441) rocky-linux-9-x86-64-crb-rpms libfdisk-devel-2.37.4-11.el9_2.x86_64.rpm 44e1f6c66e7cc2f08d53a50fa86e02ee1a53811c7e957868eacb70e1b8002ffd libsmartcols-devel-2.37.4-11.el9_2.x86_64.rpm 77487bd0522ec7a38ce4d35ff4fde01d2cd71c5c15b8a3dd1173bd24c17f99f7 RLBA-2023:2578 For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for file. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms file-devel-5.39-12.el9.x86_64.rpm a50b3314f22c11fa89ab3091100b4a3276826192a6ee34e0265f5105f39f949b RLSA-2023:3661 The texlive packages contain TeXLive, an implementation of TeX for Linux or UNIX systems. Security Fix(es): * texlive: arbitrary code execution allows document complied with older version (CVE-2023-32700) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for texlive. This update affects Rocky Linux 9, Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The texlive packages contain TeXLive, an implementation of TeX for Linux or UNIX systems. Security Fix(es): * texlive: arbitrary code execution allows document complied with older version (CVE-2023-32700) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms texlive-gnu-freefont-20200406-26.el9_2.noarch.rpm e0b8de039e1774fb08334bad37b894f4408a40a857939705a3fddaead6fa6032 texlive-lib-devel-20200406-26.el9_2.x86_64.rpm 12e354029cb59aef158138742a653785910340c7233300276d2889814cb417bc RLSA-2023:4099 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: named's configured cache size limit can be significantly exceeded (CVE-2023-2828) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for bind. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: named's configured cache size limit can be significantly exceeded (CVE-2023-2828) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms bind-devel-9.16.23-11.el9_2.1.x86_64.rpm ce00b2b730f323c6e406f243392cc1fe0b2c1d99022e80933678f43c6d36cf3e bind-doc-9.16.23-11.el9_2.1.noarch.rpm 20ee083d8fb6047b1e6e360485045d533a07dccc725f7edbccf65103c6854c09 RLSA-2023:4178 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049) * OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-07, 8u382) [rhel-9] (BZ#2220662) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049) * OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-07, 8u382) [rhel-9] (BZ#2220662) rocky-linux-9-x86-64-crb-rpms java-1.8.0-openjdk-demo-fastdebug-1.8.0.382.b05-2.el9.x86_64.rpm 31f15006928ddcb3c36601f1de164790a1323dff4d63397fb11371c557792d47 java-1.8.0-openjdk-demo-slowdebug-1.8.0.382.b05-2.el9.x86_64.rpm a5e7b740f03b19e0021638fb1474116e4715bcd120cb15aa25721486f5c02015 java-1.8.0-openjdk-devel-fastdebug-1.8.0.382.b05-2.el9.x86_64.rpm b2ba3e69866ec850ab190983fa21c039ac3990492f0d973a26aa5d8abdec3867 java-1.8.0-openjdk-devel-slowdebug-1.8.0.382.b05-2.el9.x86_64.rpm 0b084baec7d17e58ce30664893005b372680dbaee4f7d39a6b5c6822b33d4bac java-1.8.0-openjdk-fastdebug-1.8.0.382.b05-2.el9.x86_64.rpm 8df99c972faf34fa801742f1e57dc65dfb914dfff7fb8f0cf4b12cdbeef210a8 java-1.8.0-openjdk-headless-fastdebug-1.8.0.382.b05-2.el9.x86_64.rpm 3dcce9d0920f514023a77cd08bece4b63b13f7afffc0621b283516214fb1ce0c java-1.8.0-openjdk-headless-slowdebug-1.8.0.382.b05-2.el9.x86_64.rpm 22d35da985330c85c8e9b41bed043fe42c056fdd826de8cea506f4cb496c99d8 java-1.8.0-openjdk-slowdebug-1.8.0.382.b05-2.el9.x86_64.rpm b1fe1f055254adfc197c3cd13078b84b72710decb8bd7ad9d90a1219e1a93a4a java-1.8.0-openjdk-src-fastdebug-1.8.0.382.b05-2.el9.x86_64.rpm 38f3c57f1858ddbb9331b9fadba1d2a6bef6ad6a78130c8da6278c8fcb361b80 java-1.8.0-openjdk-src-slowdebug-1.8.0.382.b05-2.el9.x86_64.rpm 3709abcbf5bc948808475f1f4f4aea860f3e06ffc478af9ecb9d031d2d908009 RLBA-2023:4374 Bug Fix(es): * The recent OpenJDK 11.0.20 security update accidentally removed a runtime dependency on the tzdata-java package. Installations of the package on systems that did not already have tzdata-java installed were left with missing timezone data. This mistake is rectified in this build. (RHBZ#2224428) For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for java-11-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Bug Fix(es): * The recent OpenJDK 11.0.20 security update accidentally removed a runtime dependency on the tzdata-java package. Installations of the package on systems that did not already have tzdata-java installed were left with missing timezone data. This mistake is rectified in this build. (RHBZ#2224428) For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms java-11-openjdk-demo-fastdebug-11.0.20.0.8-3.el9.x86_64.rpm 35d7ee18de7a3cc12ae7f641b0f58403fd25d56932cae41fc8bf926f157b9f7e java-11-openjdk-demo-slowdebug-11.0.20.0.8-3.el9.x86_64.rpm fe1c78368160a394f1c7c3b00c4a92b579decd59cec075583620d0926b863d3f java-11-openjdk-devel-fastdebug-11.0.20.0.8-3.el9.x86_64.rpm a14fa58614594b60dae7cdd36212c376efe3a991cc865b917e99088382ea42ba java-11-openjdk-devel-slowdebug-11.0.20.0.8-3.el9.x86_64.rpm f133e3ad285a928774bb7848bf4bb33d20036f0c8a14fa82169adf0bab2e7267 java-11-openjdk-fastdebug-11.0.20.0.8-3.el9.x86_64.rpm a30d1ee837a055f582250c2feb091b83dc8876f903b6d816e412f79e1d0d0f68 java-11-openjdk-headless-fastdebug-11.0.20.0.8-3.el9.x86_64.rpm 9834aadbc31dff9bfc7e7d9b45b8ea33eae2edbdd4021207fd084965f00294e2 java-11-openjdk-headless-slowdebug-11.0.20.0.8-3.el9.x86_64.rpm 3b1c6d58a9676d76c0df4774171d25766fa6f75904c110b61fba67451d30c2f1 java-11-openjdk-jmods-fastdebug-11.0.20.0.8-3.el9.x86_64.rpm b815791baae72a5bdfd95fdb317c4371c4eb62df5c4fd338fdbba545bc81701f java-11-openjdk-jmods-slowdebug-11.0.20.0.8-3.el9.x86_64.rpm 4807b50194640aee6cae1f1e77eca7a00dd784b3361cb579ae6844e027caee85 java-11-openjdk-slowdebug-11.0.20.0.8-3.el9.x86_64.rpm 101e87649269c3d2f31878b8342a3a514424bcacfa824b5f202600f933c17edb java-11-openjdk-src-fastdebug-11.0.20.0.8-3.el9.x86_64.rpm f35c33a68bd79ef686a0c76cc29b61091c0869caaf824a1e7fd0aad5a5a2fb19 java-11-openjdk-src-slowdebug-11.0.20.0.8-3.el9.x86_64.rpm 10750568eeddfbea6b1932ee2e816437d03fa684f475cacd9873b9c3e63aca66 java-11-openjdk-static-libs-fastdebug-11.0.20.0.8-3.el9.x86_64.rpm d4c69abee85ab8aa9de7edf1092e9cf2cc4338796beae5106b9d0909baa52f62 java-11-openjdk-static-libs-slowdebug-11.0.20.0.8-3.el9.x86_64.rpm 552473b87d9075896a741117d1017b684af317b1781883199e536ec14e3e8055 RLBA-2023:4375 OSTree is a tool for managing bootable, immutable, versioned file system trees. Bug Fix(es): * backport https://github.com/ostreedev/ostree/pull/2874/commits/de6fddc6adee09a93901243dc7074090828a1912 (BZ#2224105) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ostree. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

OSTree is a tool for managing bootable, immutable, versioned file system trees. Bug Fix(es): * backport https://github.com/ostreedev/ostree/pull/2874/commits/de6fddc6adee09a93901243dc7074090828a1912 (BZ#2224105) rocky-linux-9-x86-64-crb-rpms ostree-devel-2023.1-6.el9_2.x86_64.rpm f99ef838a88dbae624c175cb9f077f3842ad9cdb01509412a36d15b80b6d3fe6 RLSA-2023:3595 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: urllib.parse url blocklisting bypass (CVE-2023-24329) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for python3.9. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: urllib.parse url blocklisting bypass (CVE-2023-24329) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms python3-debug-3.9.16-1.el9_2.1.x86_64.rpm c2586806802cc246efb23c76a7e83e7d0754b9caebe954bd229b3af6bd767f3f python3-idle-3.9.16-1.el9_2.1.x86_64.rpm 874afad6a9618c3f5952e1a0b0511b42e777c5386b58c76232c2843c26e01f2b python3-test-3.9.16-1.el9_2.1.x86_64.rpm 01525930fa369973c3d6840e2e2f63ce237605a9911747f2bb9a41d47ef366cc RLBA-2023:3730 Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers. Bug Fix(es): * [Rocky Linux-9] Avahi-tools package built but not shipped. (BZ#2204487) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for avahi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers. Bug Fix(es): * [Rocky Linux-9] Avahi-tools package built but not shipped. (BZ#2204487) rocky-linux-9-x86-64-crb-rpms avahi-compat-howl-0.8-12.el9_2.1.x86_64.rpm ac0fad39693bbe96d344d562a2d4d5ec16155f096e532302a8fd0c722b23bc24 avahi-compat-howl-devel-0.8-12.el9_2.1.x86_64.rpm 0991c55ae83b42eff3bae74dd51989bc10fd8b7265b391c428316cb787736e2e avahi-compat-libdns_sd-0.8-12.el9_2.1.x86_64.rpm 1bed353623a7f8ea2d29ff8bd152576ae5a7b8d7cac60d1c8809a441c8721dc0 avahi-compat-libdns_sd-devel-0.8-12.el9_2.1.x86_64.rpm 2744536b00081309e2b10c1e9612e2936fe87f459a6e190c2c20e17618af7aa5 avahi-devel-0.8-12.el9_2.1.x86_64.rpm 918e8e4c3525a44961d115c9cd25199dff8f2388305a51b484c2ce6e8a76e490 RLSA-2023:3423 The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System (CUPS) distribution but is now maintained independently. Security Fix(es): * cups-filters: remote code execution in cups-filters, beh CUPS backend (CVE-2023-24805) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for cups-filters. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System (CUPS) distribution but is now maintained independently. Security Fix(es): * cups-filters: remote code execution in cups-filters, beh CUPS backend (CVE-2023-24805) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms cups-filters-devel-1.28.7-11.el9_2.1.x86_64.rpm c781a15923498cf0f93d653c4d7b289eac726c16c879dccbb931f9d4218b42f5 RLSA-2023:3585 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fix(es): * python: urllib.parse url blocklisting bypass (CVE-2023-24329) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for python3.11. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fix(es): * python: urllib.parse url blocklisting bypass (CVE-2023-24329) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms python3.11-debug-3.11.2-2.el9_2.1.x86_64.rpm a8ed5ee65475871a11b03e849df8ba5e980d1a5bb2d8c86647561b90d1817c83 python3.11-idle-3.11.2-2.el9_2.1.x86_64.rpm 1c40512562f09fdc485f573862f61f1d2646ed8f1489a595c33bb773d9ec93cf python3.11-test-3.11.2-2.el9_2.1.x86_64.rpm 87691e28cd747721d885e096f772643ec165eaf7926f2e2bc82c497a4f466a03 RLSA-2023:3711 The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c (CVE-2022-48281) * libtiff: out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0795) * libtiff: out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c (CVE-2023-0796) * libtiff: out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c (CVE-2023-0797) * libtiff: out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c (CVE-2023-0798) * libtiff: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c (CVE-2023-0799) * libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0800) * libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c (CVE-2023-0801) * libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c (CVE-2023-0802) * libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0803) * libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c (CVE-2023-0804) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for libtiff. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c (CVE-2022-48281) * libtiff: out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0795) * libtiff: out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c (CVE-2023-0796) * libtiff: out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c (CVE-2023-0797) * libtiff: out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c (CVE-2023-0798) * libtiff: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c (CVE-2023-0799) * libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0800) * libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c (CVE-2023-0801) * libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c (CVE-2023-0802) * libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0803) * libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c (CVE-2023-0804) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms libtiff-tools-4.4.0-8.el9_2.x86_64.rpm 2a5ad936cdf9a2b7dc54a73b1521f46bbc4ce504994ea475e477f5650d89f1ed RLSA-2023:3715 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es): * libvirt: Memory leak in virPCIVirtualFunctionList cleanup (CVE-2023-2700) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for libvirt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es): * libvirt: Memory leak in virPCIVirtualFunctionList cleanup (CVE-2023-2700) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms libvirt-client-qemu-9.0.0-10.2.el9_2.x86_64.rpm 73b3f01f12da872fb198a7d2e9b76299c5cf71f5a20c56fe24d0b906be5a41bf libvirt-devel-9.0.0-10.2.el9_2.x86_64.rpm 4f971a46adb323660f2334964bbf922a668260d57ce2616297a6028831733f00 libvirt-docs-9.0.0-10.2.el9_2.x86_64.rpm f82313749bd81e2cfd002ea94286d9935f720f71c59b03aa65064435300201dd libvirt-lock-sanlock-9.0.0-10.2.el9_2.x86_64.rpm 5ac44c359f8172962cf86d9dd4f6ce28c709da73c35bcb88311ff14062ce59b6 RLSA-2023:3714 PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es): * postgresql: schema_element defeats protective search_path changes (CVE-2023-2454) * postgresql: row security policies disregard user ID changes after inlining. (CVE-2023-2455) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for postgresql. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es): * postgresql: schema_element defeats protective search_path changes (CVE-2023-2454) * postgresql: row security policies disregard user ID changes after inlining. (CVE-2023-2455) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms postgresql-docs-13.11-1.el9_2.x86_64.rpm 0fed286ea87503f1307259c2f5d0d45bf2f6571b36f5a3cbb5f0e56c0dcd12e6 postgresql-private-devel-13.11-1.el9_2.x86_64.rpm 5c48823fb551047538ca955368974f5b3f20bb63e039c5c46c07f2aa967b87a4 postgresql-server-devel-13.11-1.el9_2.x86_64.rpm 8641e220fbf7ca7cbea4961f44f960bb04f8d189e88c590fa815d5023d4885c8 postgresql-static-13.11-1.el9_2.x86_64.rpm 67d962ee589141159cbcf05bb4e8079e968d82e29822273659672baae8456071 postgresql-test-13.11-1.el9_2.x86_64.rpm 562504d3b71141c2915836113c523e92223c199a8f4a95014c940538d8db2436 postgresql-upgrade-devel-13.11-1.el9_2.x86_64.rpm a4c52c8b1bf8c0136dfa2910acd853347a14eeb2b57c5754550923e915604ee3 RLBA-2023:3720 The criu packages provide the Checkpoint/Restore in User Space (CRIU) function, which provides the possibility to checkpoint and restore processes or groups of processes. This in turn allows improved fault tolerance or high availability (HA) of a system by restoring a failed process to its state in an earlier point in time. Bug Fix(es) and Enhancement(s): * Containers migration "podman container checkpoint" doesn't work on Sapphire Rapids CPU. (BZ#2203235) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for criu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The criu packages provide the Checkpoint/Restore in User Space (CRIU) function, which provides the possibility to checkpoint and restore processes or groups of processes. This in turn allows improved fault tolerance or high availability (HA) of a system by restoring a failed process to its state in an earlier point in time. Bug Fix(es) and Enhancement(s): * Containers migration "podman container checkpoint" doesn't work on Sapphire Rapids CPU. (BZ#2203235) rocky-linux-9-x86-64-crb-rpms criu-devel-3.17-5.el9_2.x86_64.rpm 3a562b7b248db991076b96916a6c7f65c0f7bfc15b2605c6728617c9452d9554 RLSA-2023:5214 The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format (RIFF). Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Security Fix(es): * libwebp: Heap buffer overflow in WebP Codec (CVE-2023-4863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for libwebp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format (RIFF). Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Security Fix(es): * libwebp: Heap buffer overflow in WebP Codec (CVE-2023-4863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms libwebp-tools-1.2.0-7.el9_2.x86_64.rpm 12331dee31a3da8de9a36be7176ffb447390bdab4dc8ef9033a1707c08dc22b7 RLSA-2023:5924 Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): * HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for varnish. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): * HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms varnish-devel-6.6.2-3.el9_2.1.x86_64.rpm 853ba82678b583c1057cfbd039ac6d882cf8e26f7108a5afbc79dc0bb53105ca RLSA-2024:1818 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: long Exception message leading to crash (8319851) (CVE-2024-21011) * OpenJDK: integer overflow in C1 compiler address generation (8322122) (CVE-2024-21068) * OpenJDK: Pack200 excessive memory allocation (8322114) (CVE-2024-21085) * OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507) (CVE-2024-21094) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: long Exception message leading to crash (8319851) (CVE-2024-21011) * OpenJDK: integer overflow in C1 compiler address generation (8322122) (CVE-2024-21068) * OpenJDK: Pack200 excessive memory allocation (8322114) (CVE-2024-21085) * OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507) (CVE-2024-21094) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms java-1.8.0-openjdk-demo-fastdebug-1.8.0.412.b08-2.el9.x86_64.rpm b9947d9908f16339c27ad6794bfc9dec4c7d1c15531c85ce333db2ae92584ae7 java-1.8.0-openjdk-demo-slowdebug-1.8.0.412.b08-2.el9.x86_64.rpm 0c87989ce79c23cca95930ea4bd592f311f020084bbff42995dd6cce37ff3a9b java-1.8.0-openjdk-devel-fastdebug-1.8.0.412.b08-2.el9.x86_64.rpm 51e07cd961d312e2159bec754a7c90a8006d2b5948ef43297d37c658b41b61e5 java-1.8.0-openjdk-devel-slowdebug-1.8.0.412.b08-2.el9.x86_64.rpm 810b980b1858dd719a472e33c632df6697dcf4fa690cc77c8a8543160f3fa8b0 java-1.8.0-openjdk-fastdebug-1.8.0.412.b08-2.el9.x86_64.rpm c95eb67734b5114e00ed6ea679931c998c421f7dd132d0597c568456c2c27db7 java-1.8.0-openjdk-headless-fastdebug-1.8.0.412.b08-2.el9.x86_64.rpm e1e415408598b5d201465def68544f1fa88c905a234a274bc0f98fbad4b23f0d java-1.8.0-openjdk-headless-slowdebug-1.8.0.412.b08-2.el9.x86_64.rpm e0a4817497ecf940feae3cc93087672e98b0b3c37c54349ae3e8c6bbfc295ae2 java-1.8.0-openjdk-slowdebug-1.8.0.412.b08-2.el9.x86_64.rpm 049000361b5bce7ed7eff7bbaeeac52b2aa86fb25dc2d2d545aa6235d0330936 java-1.8.0-openjdk-src-fastdebug-1.8.0.412.b08-2.el9.x86_64.rpm 4610b94a0a1c5a51c23916db1fadabac542d1b0d71c62e2bc22bbf60141ecb5f java-1.8.0-openjdk-src-slowdebug-1.8.0.412.b08-2.el9.x86_64.rpm b78be130b13f4b1345946755d34118c130c7b5913aa1b8ffb4bbb0ed0cfaa61f RLSA-2024:1828 The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fix(es): * OpenJDK: long Exception message leading to crash (8319851) (CVE-2024-21011) * OpenJDK: integer overflow in C1 compiler address generation (8322122) (CVE-2024-21068) * OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708) (CVE-2024-21012) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for java-21-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fix(es): * OpenJDK: long Exception message leading to crash (8319851) (CVE-2024-21011) * OpenJDK: integer overflow in C1 compiler address generation (8322122) (CVE-2024-21068) * OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708) (CVE-2024-21012) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms java-21-openjdk-demo-fastdebug-21.0.3.0.9-1.el9.x86_64.rpm 46a8f6a7f6c1f92c07aaaf12c0d08db49e6c3dd16979d6f96e7ce76d96f8843c java-21-openjdk-demo-slowdebug-21.0.3.0.9-1.el9.x86_64.rpm cc34166fe745bebbf405c455be7da1fc148cc71994b63ba5803637e4bad6a246 java-21-openjdk-devel-fastdebug-21.0.3.0.9-1.el9.x86_64.rpm 207c5e61b03881916f0d9ae4f096bcfac7b6621ab4ba2d447e7b40611cb3ed96 java-21-openjdk-devel-slowdebug-21.0.3.0.9-1.el9.x86_64.rpm 0e89cdf103640e79feec6d74423592cf3e9e8862146f2de1a36856204c97b51e java-21-openjdk-fastdebug-21.0.3.0.9-1.el9.x86_64.rpm 141aaf315e9271b3d81edf85d10d9df21cac567a2058a67f5020a849f3d03473 java-21-openjdk-headless-fastdebug-21.0.3.0.9-1.el9.x86_64.rpm 3f1e2a6c0d692398e2a27b341616dddeacaf115fb807b1bc9f892dac23c7e5bc java-21-openjdk-headless-slowdebug-21.0.3.0.9-1.el9.x86_64.rpm ca567d88d05fbd94c76c4ae8855f2a15bfb3252ed4e92d57e8501c849ba61647 java-21-openjdk-jmods-fastdebug-21.0.3.0.9-1.el9.x86_64.rpm d04ff02d5f4647721860860bbfbf00d8420debba2c1c30948c6d7f68acadf366 java-21-openjdk-jmods-slowdebug-21.0.3.0.9-1.el9.x86_64.rpm e6d035a3c16ddd9f0d6c2811cd71fb61a37ef54cecb83652dfb858a83910219b java-21-openjdk-slowdebug-21.0.3.0.9-1.el9.x86_64.rpm 7582f102f1b491707d6791877f1b1311669f597a9e0eaa32712bc0a853d5630f java-21-openjdk-src-fastdebug-21.0.3.0.9-1.el9.x86_64.rpm c921963e71ac1c9466a7f5aa83561bda68166bb260f5822d9d5e44094790a93f java-21-openjdk-src-slowdebug-21.0.3.0.9-1.el9.x86_64.rpm b6bf974fb27f582bc28c38fd42b19bdcfee51ea7fce839c0e53b9bb8cd523688 java-21-openjdk-static-libs-fastdebug-21.0.3.0.9-1.el9.x86_64.rpm a330a7d57cfe68f53bc48a2462db01aa4bd9fabc1b2aec03db9efacd0b41ae67 java-21-openjdk-static-libs-slowdebug-21.0.3.0.9-1.el9.x86_64.rpm 0a73510d76ac4e773d8213e3edda93a6590fccaadc851b46840a9d46a750d4b1 RLSA-2024:1822 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: long Exception message leading to crash (8319851) (CVE-2024-21011) * OpenJDK: integer overflow in C1 compiler address generation (8322122) (CVE-2024-21068) * OpenJDK: Pack200 excessive memory allocation (8322114) (CVE-2024-21085) * OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507) (CVE-2024-21094) * OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708) (CVE-2024-21012) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: long Exception message leading to crash (8319851) (CVE-2024-21011) * OpenJDK: integer overflow in C1 compiler address generation (8322122) (CVE-2024-21068) * OpenJDK: Pack200 excessive memory allocation (8322114) (CVE-2024-21085) * OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507) (CVE-2024-21094) * OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708) (CVE-2024-21012) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms java-11-openjdk-demo-fastdebug-11.0.23.0.9-3.el9.x86_64.rpm 33a32e571944aa0a289bc5ef4fe1bd6df746ac5109f87adac84cea5bf28738ca java-11-openjdk-demo-slowdebug-11.0.23.0.9-3.el9.x86_64.rpm c0526558fbeccb3b206669bf11f457ec4bab2b88d0c0e7f1a3404bd5d325c3f8 java-11-openjdk-devel-fastdebug-11.0.23.0.9-3.el9.x86_64.rpm 32358ce072d61b80e55d153aa22b7c4923f6114b526b41be7cb5f9cc63edffbb java-11-openjdk-devel-slowdebug-11.0.23.0.9-3.el9.x86_64.rpm 3890db910a211def2285884dab0427382b262f139c404b04d18698bb3842b087 java-11-openjdk-fastdebug-11.0.23.0.9-3.el9.x86_64.rpm 962016ea2a73bab459f7997021c1218dd23c6eaa3ba6e3c826b4a0b2d7a6f8a3 java-11-openjdk-headless-fastdebug-11.0.23.0.9-3.el9.x86_64.rpm 032676e514b7d6c5a6fe4cff3a1c9f194547bfef92f2fc248501d3edf831da71 java-11-openjdk-headless-slowdebug-11.0.23.0.9-3.el9.x86_64.rpm 29e9aa6da2c1a715905112dd469c37c3123b9415d7b9be645206858724deec6c java-11-openjdk-jmods-fastdebug-11.0.23.0.9-3.el9.x86_64.rpm 972d777f315262a42d7add0be493859ce3ed1bae86218ed0e72b927325852851 java-11-openjdk-jmods-slowdebug-11.0.23.0.9-3.el9.x86_64.rpm f576af1fa0d972c53fe59623400d513c4df0d1b381666e2bdd5ecd9224cbe85b java-11-openjdk-slowdebug-11.0.23.0.9-3.el9.x86_64.rpm a539bf661852b7ca665bab012686f8f78c3284bd12d410a6c871169a2c48ddc9 java-11-openjdk-src-fastdebug-11.0.23.0.9-3.el9.x86_64.rpm 95bcbdf4fa4a8ff0969617095b0a9c3c0f300680e5f322b3129d6493fd34fe9f java-11-openjdk-src-slowdebug-11.0.23.0.9-3.el9.x86_64.rpm c08568dac0127fc73ec60cc6c84b0947527f81ca1deace0947f8fa052a4fad2b java-11-openjdk-static-libs-fastdebug-11.0.23.0.9-3.el9.x86_64.rpm 3820d6e01fbee9d183146f6698dcf373dbec77be752815fad8dcd5cf61971e0a java-11-openjdk-static-libs-slowdebug-11.0.23.0.9-3.el9.x86_64.rpm fda2f0042c0a9e81ef679884fad43201d28a6a63b70549fab5c4959fdbb7141d RLSA-2024:2758 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) * CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit (AMD-SN-3008,CVE-2024-25742,CVE-2024-25743) Bug Fix(es): * ffdhe* algortihms introduced in 0a2e5b909023 as .fips_allowed=1 lack pairwise consistency tests (JIRA:Rocky Linux-27009) * mm/mglru: fix underprotected page cache (JIRA:Rocky Linux-29235) * [EMR] [TBOOT OS] SUT could not go to S3 state with Rocky Linux 9.2 Tboot OS One CPU return -16 running BUSY (JIRA:Rocky Linux-29673) * system hangs completely - NMI not possible (JIRA:Rocky Linux-30678) * ice 0000:6f:00.0: PTP failed to get time (JIRA:Rocky Linux-30110) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) * CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit (AMD-SN-3008,CVE-2024-25742,CVE-2024-25743) Bug Fix(es): * ffdhe* algortihms introduced in 0a2e5b909023 as .fips_allowed=1 lack pairwise consistency tests (JIRA:Rocky Linux-27009) * mm/mglru: fix underprotected page cache (JIRA:Rocky Linux-29235) * [EMR] [TBOOT OS] SUT could not go to S3 state with Rocky Linux 9.2 Tboot OS One CPU return -16 running BUSY (JIRA:Rocky Linux-29673) * system hangs completely - NMI not possible (JIRA:Rocky Linux-30678) * ice 0000:6f:00.0: PTP failed to get time (JIRA:Rocky Linux-30110) rocky-linux-9-x86-64-crb-rpms kernel-cross-headers-5.14.0-427.16.1.el9_4.x86_64.rpm c06ef0436ce0990621859e798984667c44d656c3a5242c6ee5d422412b3b0633 kernel-tools-libs-devel-5.14.0-427.16.1.el9_4.x86_64.rpm 1774b8eb26f26febeedcd8b9511cdcf796d7408eb9d92461723707406357f738 libperf-5.14.0-427.16.1.el9_4.x86_64.rpm 076c3ae1a575389cff9d96e225e5abc5039187f9b2c51729fec367791fe9daea RLBA-2023:6611 For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for lua. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms lua-devel-5.4.4-4.el9.x86_64.rpm 133824fb1576f38a90a412bf610b872b05bf4b660712cd27a8218a0eaecb5160 RLBA-2023:6691 For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for python-dateutil. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms python-dateutil-doc-2.8.1-7.el9.noarch.rpm af9856126e3747800d1c7b15d61a07b0fea3f05728e8fbbb7f39c02ffd2343c3 RLBA-2024:2403 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gcc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gcc-plugin-devel-11.4.1-3.el9.x86_64.rpm fa804f984c3c7f278ba4c5ccd465fa6b63d868ff4c1912b76ca91f1bf1d104c7 libstdc++-static-11.4.1-3.el9.x86_64.rpm 53e3dd56147d20ef68b589aff2bea73eccf420b1e301488d804518695cd7624a RLBA-2024:2411 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for e2fsprogs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libss-devel-1.46.5-5.el9.x86_64.rpm c06d0e51347395b104d66ab06d5c742bf6aff35775bdb53bc3a600e6c8126f37 RLEA-2024:2424 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libnvme. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libnvme-devel-1.6-1.el9.x86_64.rpm c7b41137bbeccd52c28bf4c1e57ad1b99a795fd7357cbe717df7cb0e761f6763 RLBA-2024:2428 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for glib2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms glib2-static-2.68.4-14.el9.x86_64.rpm 090043f7175de9c4ab4a3eca9750d1898733959e6c4f5c97d3c774d35f22dfcb RLBA-2024:2439 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libsemanage. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsemanage-devel-3.6-1.el9.x86_64.rpm fa0a49e3d18856af7e111371eb475b0cac5477ff6c7556116ee4737f09004c21 RLBA-2024:2440 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libsepol. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libsepol-static-3.6-1.el9.x86_64.rpm abc736ba55f11d38147cb1c64a1173ce3541092431ff03c38b2a0b764b6e62aa RLSA-2024:2463 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes (CVE-2023-7008) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for systemd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes (CVE-2023-7008) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms systemd-boot-unsigned-252-32.el9_4.x86_64.rpm 0e4a56e7bb1e6c482aeb969a785debf8f77e5e569fdfa59ddc094cd9e08f24a6 RLBA-2024:2468 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libtalloc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libtalloc-devel-2.4.1-1.el9.x86_64.rpm d29906cf12a4536aca63e9102f293e33bd76bd85be2e87707e16e239a0ad8058 RLBA-2024:2467 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for hwdata. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms hwdata-devel-0.348-9.13.el9.noarch.rpm 58c4eaf9977c6f04c1eedc31774ca3ed6426326b913654fb73d5ba1d51944c92 RLBA-2024:2472 For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libtdb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Enterprise Software Foundation Enterprise Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libtdb-devel-1.4.9-1.el9.x86_64.rpm 85abba67007114de7aecce539eac1fb6e5cb02473908438575d84f4e28ae50cb RLBA-2024:2493 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for nftables. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms nftables-devel-1.0.9-1.el9.x86_64.rpm 30b11cefb84e32a79c60be870ddb5dddbb42a9d94a8a578dc675a33e90ecd210 RLBA-2024:2489 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libbpf. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libbpf-devel-1.3.0-2.el9.x86_64.rpm 48b69319cbc0540a4765be6f6f2089436eabdab6bf658320ae2938fb76b98956 libbpf-static-1.3.0-2.el9.x86_64.rpm ae3188eb8a57a5aeb6e5c1d59271aa83bfd272cc09dda6471858fbedcdfe8e83 RLBA-2024:2497 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for lvm2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms device-mapper-devel-1.02.197-2.el9.x86_64.rpm 770d67e4906fc8300c044aaf620cc688b213727f8602e60da974d67d7d40a3c0 device-mapper-event-devel-1.02.197-2.el9.x86_64.rpm f2b777ec3bfd88ca10eb035f3f8f40fd45fa82a2ae292515160eec3c4138a620 lvm2-devel-2.03.23-2.el9.x86_64.rpm 4e31826b6389150fae34048eab53e9fb1c0339fdeda9dfba77b471b2f3f8d624 RLBA-2024:2510 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libtirpc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libtirpc-devel-1.3.3-8.el9_4.x86_64.rpm 1295020a981cac57820846a1793bd9ab51afbeb1ef1cf17a6ad98ac0003d82ff RLSA-2024:2512 The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. Security Fix(es): * file: stack-based buffer over-read in file_copystr in funcs.c (CVE-2022-48554) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Low

An update is available for file. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. Security Fix(es): * file: stack-based buffer over-read in file_copystr in funcs.c (CVE-2022-48554) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms file-devel-5.39-16.el9.x86_64.rpm 0e754c549cb67f118dc8a6fa8a5566c5dfab33fdcf4e40821a81a513531791a5 RLBA-2024:2515 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for iproute. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms iproute-devel-6.2.0-6.el9_4.x86_64.rpm 8a8cdd1ba5126c2e74fa41baa21cf2983d3ac67da9c27a4fe7b4deef7500f3ec RLSA-2024:2571 The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Security Fix(es): * sssd: Race condition during authorization leads to GPO policies functioning inconsistently (CVE-2023-3758) Bug Fix(es): * socket leak (JIRA:Rocky Linux-22340) * Passkey cannot fall back to password (JIRA:Rocky Linux-28161) * sssd: Race condition during authorization leads to GPO policies functioning inconsistently (JIRA:Rocky Linux-27209) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for sssd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Security Fix(es): * sssd: Race condition during authorization leads to GPO policies functioning inconsistently (CVE-2023-3758) Bug Fix(es): * socket leak (JIRA:Rocky Linux-22340) * Passkey cannot fall back to password (JIRA:Rocky Linux-28161) * sssd: Race condition during authorization leads to GPO policies functioning inconsistently (JIRA:Rocky Linux-27209) rocky-linux-9-x86-64-crb-rpms libsss_nss_idmap-devel-2.9.4-6.el9_4.x86_64.rpm 26e52638192147191608a59d71eb4b3a48514e8bc4673829b0fce4e049157b84 RLBA-2023:6326 For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libstoragemgmt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libstoragemgmt-devel-1.9.7-2.el9.x86_64.rpm 1e4294c46a3993dce2ab5294c8fd8c106c370df1480129772ead1e11b706df04 RLBA-2023:6381 For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libwebp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libwebp-tools-1.2.0-8.el9.x86_64.rpm 5f1256d2ece55d92e5d6cf15d421d36b9ccaeb215b8391bcfec0fe67a8dd0b10 RLEA-2023:6416 For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libblkio. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libblkio-devel-1.3.0-1.el9.x86_64.rpm 6f927750d1d0257a489b85ff3dd0aa3ff0dc994bab4549bfeebf7407f8ce95d4 RLSA-2023:6518 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. The following packages have been upgraded to a later upstream version: flatpak (1.12.8). (BZ#2221792) Security Fix(es): * flatpak: TIOCLINUX can send commands outside sandbox if running on a virtual console (CVE-2023-28100) * flatpak: Metadata with ANSI control codes can cause misleading terminal output (CVE-2023-28101) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for flatpak. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. The following packages have been upgraded to a later upstream version: flatpak (1.12.8). (BZ#2221792) Security Fix(es): * flatpak: TIOCLINUX can send commands outside sandbox if running on a virtual console (CVE-2023-28100) * flatpak: Metadata with ANSI control codes can cause misleading terminal output (CVE-2023-28101) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms flatpak-devel-1.12.8-1.el9.x86_64.rpm 39c8776044a76e0c29aa9a858b2dc162353c729740e217bd7439386f9addde83 RLBA-2023:6537 For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for librelp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms librelp-devel-1.10.0-5.el9.x86_64.rpm 16a2a59f11477e47687ec9590c7fd1960052f013665c6e2c76bd41a38b2e2c24 RLSA-2023:6551 Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON generator. Security Fix(es): * yajl: Memory leak in yajl_tree_parse function (CVE-2023-33460) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for yajl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON generator. Security Fix(es): * yajl: Memory leak in yajl_tree_parse function (CVE-2023-33460) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms yajl-devel-2.1.0-22.el9.x86_64.rpm 52ad336f91b6e1e400de3da037ef78b9db787d804d59fc0199167afc278ff2cc RLSA-2024:0951 PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es): * postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL (CVE-2024-0985) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for postgresql. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es): * postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL (CVE-2024-0985) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms postgresql-docs-13.14-1.el9_3.x86_64.rpm 2dc74b030182b45c74508f53228a9e6f7a39023d54fe5b3ae46c088777a97baf postgresql-private-devel-13.14-1.el9_3.x86_64.rpm b378bcd119b8bf4d3dc6daaa36e69535d8b70ba07cd6d51708cbaa4c199a84d2 postgresql-server-devel-13.14-1.el9_3.x86_64.rpm 2c08de01b8e8cbfb28af9fcdd299fa9087e30d9a276206144e34d3874531bf82 postgresql-static-13.14-1.el9_3.x86_64.rpm bd51c7985f1805e22ad0a6ad6a156a2a8664b5227b6a257323dd4250b71af2e4 postgresql-test-13.14-1.el9_3.x86_64.rpm 4b57763f075f4ba8d463a30bfb8f8afca8a58ff1fc18ada895608cbdbc39ce01 postgresql-upgrade-devel-13.14-1.el9_3.x86_64.rpm e342b411b18595ee5c7d1b1f61bfc3e27725be3530ddfb4de031fec2b8716273 RLSA-2024:1691 Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): * varnish: HTTP/2 Broken Window Attack may result in denial of service (CVE-2024-30156) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for varnish. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): * varnish: HTTP/2 Broken Window Attack may result in denial of service (CVE-2024-30156) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms varnish-devel-6.6.2-4.el9_3.1.x86_64.rpm d9512a7f119d26417425df636eb30acc775d0b89b477681640de4e5e3c4a518d RLBA-2024:1736 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.118 and Runtime 7.0.18 [rhel-9.3.0.z] (Rocky Linux-31202) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dotnet7.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 7.0 to SDK 7.0.118 and Runtime 7.0.18 [rhel-9.3.0.z] (Rocky Linux-31202) rocky-linux-9-x86-64-crb-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.118-1.el9_3.x86_64.rpm 4ceb1c38606c26ae7f3c47edb7ae334bd9fde2bbd2b6b2763974f6371d0ecd29 RLSA-2024:1750 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. The default combination of the "control-use-cert: no" option with either explicit or implicit use of an IP address in the "control-interface" option could allow improper access. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged local process to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether. To mitigate the vulnerability, a new file "/etc/unbound/conf.d/remote-control.conf" has been added and included in the main unbound configuration file, "unbound.conf". The file contains two directives that should limit access to unbound.conf: control-interface: "/run/unbound/control" control-use-cert: "yes" For details about these directives, run "man unbound.conf". Updating to the version of unbound provided by this advisory should, in most cases, address the vulnerability. To verify that your configuration is not vulnerable, use the "unbound-control status | grep control" command. If the output contains "control(ssl)" or "control(namedpipe)", your configuration is not vulnerable. If the command output returns only "control", the configuration is vulnerable because it does not enforce access only to the unbound group members. To fix your configuration, add the line "include: /etc/unbound/conf.d/remote-control.conf" to the end of the file "/etc/unbound/unbound.conf". If you use a custom "/etc/unbound/conf.d/remote-control.conf" file, add the new directives to this file. (CVE-2024-1488) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for unbound. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. The default combination of the "control-use-cert: no" option with either explicit or implicit use of an IP address in the "control-interface" option could allow improper access. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged local process to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether. To mitigate the vulnerability, a new file "/etc/unbound/conf.d/remote-control.conf" has been added and included in the main unbound configuration file, "unbound.conf". The file contains two directives that should limit access to unbound.conf: control-interface: "/run/unbound/control" control-use-cert: "yes" For details about these directives, run "man unbound.conf". Updating to the version of unbound provided by this advisory should, in most cases, address the vulnerability. To verify that your configuration is not vulnerable, use the "unbound-control status | grep control" command. If the output contains "control(ssl)" or "control(namedpipe)", your configuration is not vulnerable. If the command output returns only "control", the configuration is vulnerable because it does not enforce access only to the unbound group members. To fix your configuration, add the line "include: /etc/unbound/conf.d/remote-control.conf" to the end of the file "/etc/unbound/unbound.conf". If you use a custom "/etc/unbound/conf.d/remote-control.conf" file, add the new directives to this file. (CVE-2024-1488) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms unbound-devel-1.16.2-3.el9_3.5.x86_64.rpm c5f966ea135d673d837821e13cb0fc22e178039753082833c3ba002881b5bacb RLBA-2024:2152 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for poppler. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms poppler-cpp-devel-21.01.0-19.el9.x86_64.rpm ef808bd8b963e6614059fb6fe7c328ac8b66bf0ad034601281b8b4dff1fec94b poppler-devel-21.01.0-19.el9.x86_64.rpm 2ac838be6645747caf0e9f93c13fa4206aa3aacc09e7027d82b5c9edbc9ec454 poppler-glib-devel-21.01.0-19.el9.x86_64.rpm 63aca6bb34dd5dbc35350713a609d42fff2cfaea34ac2bc453bd135dd9b2e8f7 poppler-glib-doc-21.01.0-19.el9.noarch.rpm b98f8763e4028928b011007b9d32f354d13a37a5235f0a62892a4e70c62f66de poppler-qt5-devel-21.01.0-19.el9.x86_64.rpm acd229c87d02c1cb8151caf2edd156bb651e98c3dcba162cfeec8a305520328a RLBA-2024:2166 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for xdp-tools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libxdp-devel-1.4.2-1.el9.x86_64.rpm 8045d490485f92ccbe7d0eaf70160ac3bc5692d66d351760cbcf7877a71ec5c3 libxdp-static-1.4.2-1.el9.x86_64.rpm bfe2c6a9c440d3144c0264bdec747d0f4a8f1208f7238240ddcea2d7121e1d80 RLBA-2024:2200 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for virt-v2v. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms virt-v2v-man-pages-ja-2.4.0-2.el9.noarch.rpm c611f261b24417152734c826f63e45aaba0f8127042db0c81a860c2808022242 virt-v2v-man-pages-uk-2.4.0-2.el9.noarch.rpm 6116a2a1c74fb70c6939036f7059bb62395eae7c99af0abccf840f8f1531a41b RLBA-2024:2196 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ibus-hangul, ibus. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms ibus-devel-1.5.25-5.el9.x86_64.rpm 034db73bebaf97ee3e0bae28bc33f0d83c2aeba805ad035941302573be4eee4c ibus-devel-docs-1.5.25-5.el9.noarch.rpm 75cdb52a15b383071b1ff43187db29235b49d62f378a897344191a69d0d3b602 RLBA-2024:2235 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ostree. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms ostree-devel-2024.4-3.el9_4.x86_64.rpm cd1f3d6eb35d598cfc8c2fe5ec54950371a7a320ef7e537f0a29e980aee1c525 RLBA-2024:2256 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for criu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms criu-devel-3.19-1.el9.x86_64.rpm 762dfbcc1dd1550d7b41eb03cd7e76506eee04681503a6821f70b68b58a41660 RLSA-2024:2264 EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message (CVE-2023-45235) * EDK2: heap buffer overflow in Tcg2MeasureGptTable() (CVE-2022-36763) * EDK2: heap buffer overflow in Tcg2MeasurePeImage() (CVE-2022-36764) * edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message (CVE-2023-45229) * edk2: Out of Bounds read when handling a ND Redirect message with truncated options (CVE-2023-45231) * edk2: Infinite loop when parsing unknown options in the Destination Options header (CVE-2023-45232) * edk2: Infinite loop when parsing a PadN option in the Destination Options header (CVE-2023-45233) * openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for edk2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message (CVE-2023-45235) * EDK2: heap buffer overflow in Tcg2MeasureGptTable() (CVE-2022-36763) * EDK2: heap buffer overflow in Tcg2MeasurePeImage() (CVE-2022-36764) * edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message (CVE-2023-45229) * edk2: Out of Bounds read when handling a ND Redirect message with truncated options (CVE-2023-45231) * edk2: Infinite loop when parsing unknown options in the Destination Options header (CVE-2023-45232) * edk2: Infinite loop when parsing a PadN option in the Destination Options header (CVE-2023-45233) * openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms edk2-aarch64-20231122-6.el9.noarch.rpm 0a445bdca139371c3ad501c3f35ea2a64e58a9b6b18c734c70e441b838408b8a edk2-tools-20231122-6.el9.x86_64.rpm cb085c08d4c6e7a128e1bcaa2a8fdfde759ad4b586457cbbf37b837c85735496 edk2-tools-doc-20231122-6.el9.noarch.rpm 1106801a16134dcc67ff1c42cba9285d342482a0738571f69f6754e6c4fef1bb RLBA-2024:2263 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for mesa. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms mesa-libOSMesa-23.3.3-1.el9.x86_64.rpm d96763b3a00c30855abd683e92593637c854893f8b70e3fb853b3e54bd1cafa5 mesa-libOSMesa-devel-23.3.3-1.el9.x86_64.rpm 47b0f5c3c6871934db753b14c16074f79f226fe28498d5361205db28ea6a3df9 RLBA-2024:2268 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for anaconda. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms anaconda-widgets-devel-34.25.4.9-1.el9_4.rocky.0.3.x86_64.rpm 6621fcfe13d3398d626456e32a91671a4e0b2d06e8b0f394ad93e202cfdc7fa4 RLEA-2024:2269 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for nbdkit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms nbdkit-devel-1.36.2-1.el9.0.1.x86_64.rpm 8dfd4fa6b07f94672aaa1a60d695a0a23fab7e8c7c8bcbea1719efb76fdee608 nbdkit-example-plugins-1.36.2-1.el9.0.1.x86_64.rpm 6461f2c58247036de569f516346d05d386ff59995ec4a0639d61dccff4d6f11e nbdkit-srpm-macros-1.36.2-1.el9.0.1.noarch.rpm e1342ca81938949694ea20a66d9e26068f058c2ca03b6b19320ffd076c71e0f7 RLSA-2024:2287 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): * gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video (CVE-2023-40474) * gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with AES3 audio (CVE-2023-40475) * gstreamer-plugins-bad: Integer overflow in H.265 video parser leading to stack overwrite (CVE-2023-40476) * gstreamer-plugins-bad-free: buffer overflow vulnerability (CVE-2023-50186) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): * gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video (CVE-2023-40474) * gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with AES3 audio (CVE-2023-40475) * gstreamer-plugins-bad: Integer overflow in H.265 video parser leading to stack overwrite (CVE-2023-40476) * gstreamer-plugins-bad-free: buffer overflow vulnerability (CVE-2023-50186) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms gstreamer1-plugins-bad-free-devel-1.22.1-4.el9.x86_64.rpm 52d5152d997897baf8e49764c7d9d563302f1d2c23cdc049013bab57b89ad36e RLSA-2024:2295 The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fix(es): * libjpeg-turbo: heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c (CVE-2021-29390) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for libjpeg-turbo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fix(es): * libjpeg-turbo: heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c (CVE-2021-29390) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms turbojpeg-2.0.90-7.el9.x86_64.rpm 79990967fe823d66d768dea2c7f4741993567130903f31967caf47c43ac16959 turbojpeg-devel-2.0.90-7.el9.x86_64.rpm f0c9903c896d7038862874c4b2922394edd74aa7ec42606c44367a2709a5348a RLBA-2024:2305 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for graphviz. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms graphviz-devel-2.44.0-26.el9.x86_64.rpm 1c48cd518a01e8fda8a20017424b35978de19761ecaf08a74f7a25582904b230 RLBA-2024:2327 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for PackageKit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms PackageKit-glib-devel-1.2.6-1.el9.x86_64.rpm 6bee5a9b2359dbd42c101d7624cf302516d0e7bfdd9b192f3389663946fc6a55 RLBA-2024:2371 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dovecot. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms dovecot-devel-2.3.16-11.el9.x86_64.rpm 73fdeadf9e8e0bd96014b18fc457545f4046e558c59ae0c894cea769113352b7 RLBA-2024:2383 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for freeipmi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms freeipmi-devel-1.6.14-2.el9.x86_64.rpm 88b9aece1e5ad97796fd4788de527dfcc1d79599b124f625b372f3cd5393025c RLBA-2024:2527 For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for kronosnet. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libknet1-1.28-1.el9.x86_64.rpm 5301ab5a59fcb99751d1744921ca723282b36773506c0ba72777f2a3b766a05d libknet1-devel-1.28-1.el9.x86_64.rpm 7a78a91222695c012c1c9d96323a0e2bd390e1698470845e991e7b5ed5959534 RLEA-2024:2546 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Enhancement * [RFE] allows plugins to log multi-factor authentication notification (JIRA:Rocky Linux-30588) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for 389-ds-base. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Enhancement * [RFE] allows plugins to log multi-factor authentication notification (JIRA:Rocky Linux-30588) rocky-linux-9-x86-64-crb-rpms 389-ds-base-devel-2.4.5-6.el9_4.x86_64.rpm 043ce70db8be957aa7e45c41cb8a00034b3aa10b0c4e35f8b81333c23526c189 RLSA-2024:2551 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: Preparing an NSEC3 closest encloser proof can exhaust CPU resources (CVE-2023-50868) * bind: KeyTrap - Extreme CPU consumption in DNSSEC validator (CVE-2023-50387) * bind: Specific recursive query patterns may lead to an out-of-memory condition (CVE-2023-6516) * bind: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution (CVE-2023-5679) * bind: Querying RFC 1918 reverse zones may cause an assertion failure when “nxdomain-redirect” is enabled (CVE-2023-5517) * bind: Parsing large DNS messages may cause excessive CPU load (CVE-2023-4408) Bug Fix(es): * bind-dyndb-ldap: rebuilt to adapt ABI changes in bind For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for bind-dyndb-ldap, bind. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: Preparing an NSEC3 closest encloser proof can exhaust CPU resources (CVE-2023-50868) * bind: KeyTrap - Extreme CPU consumption in DNSSEC validator (CVE-2023-50387) * bind: Specific recursive query patterns may lead to an out-of-memory condition (CVE-2023-6516) * bind: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution (CVE-2023-5679) * bind: Querying RFC 1918 reverse zones may cause an assertion failure when “nxdomain-redirect” is enabled (CVE-2023-5517) * bind: Parsing large DNS messages may cause excessive CPU load (CVE-2023-4408) Bug Fix(es): * bind-dyndb-ldap: rebuilt to adapt ABI changes in bind For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms bind-devel-9.16.23-18.el9_4.1.x86_64.rpm 6a0f53bbdebbb5f69566e7d88dbe3a129edade0b900b93d9359f76d04556dbd8 bind-doc-9.16.23-18.el9_4.1.noarch.rpm 8b6ceb2cff4a31dbfd4549385ffa41f8832ea282433d2f6a2cd9c436da71218f RLBA-2024:2554 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 8 to RC2 (JIRA:Rocky Linux-13785) * Update .NET 8 to 8.0.0 GA (JIRA:Rocky Linux-15860) * Update .NET 8.0 to SDK 8.0.101 and Runtime 8.0.1 (JIRA:Rocky Linux-19803) * RFE: add -dbg packages to ship complete symbol files (JIRA:Rocky Linux-23070) * Update .NET 8.0 to SDK 8.0.102 and Runtime 8.0.2 (JIRA:Rocky Linux-23804) * Don't set a locale when running msbuild Exec on Unix (JIRA:Rocky Linux-23936) * Update .NET 8.0 to SDK 8.0.103 and Runtime 8.0.3 [rhel-9] (JIRA:Rocky Linux-27553) * Follow-up for Rocky Linux-22734: CheckCertificateRevocationList flag for SHA1 CAs [rhel-9.4.0.z] (JIRA:Rocky Linux-28344) * Update .NET 8.0 to SDK 8.0.104 and Runtime 8.0.4 [rhel-9.4.0.z] (JIRA:Rocky Linux-31208) * Update .NET 8 to RC1 (JIRA:Rocky Linux-4073) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dotnet8.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 8 to RC2 (JIRA:Rocky Linux-13785) * Update .NET 8 to 8.0.0 GA (JIRA:Rocky Linux-15860) * Update .NET 8.0 to SDK 8.0.101 and Runtime 8.0.1 (JIRA:Rocky Linux-19803) * RFE: add -dbg packages to ship complete symbol files (JIRA:Rocky Linux-23070) * Update .NET 8.0 to SDK 8.0.102 and Runtime 8.0.2 (JIRA:Rocky Linux-23804) * Don't set a locale when running msbuild Exec on Unix (JIRA:Rocky Linux-23936) * Update .NET 8.0 to SDK 8.0.103 and Runtime 8.0.3 [rhel-9] (JIRA:Rocky Linux-27553) * Follow-up for Rocky Linux-22734: CheckCertificateRevocationList flag for SHA1 CAs [rhel-9.4.0.z] (JIRA:Rocky Linux-28344) * Update .NET 8.0 to SDK 8.0.104 and Runtime 8.0.4 [rhel-9.4.0.z] (JIRA:Rocky Linux-31208) * Update .NET 8 to RC1 (JIRA:Rocky Linux-4073) rocky-linux-9-x86-64-crb-rpms dotnet-sdk-8.0-source-built-artifacts-8.0.104-2.el9_4.x86_64.rpm 032780913fadb4d46052b5db45f5b9b13bdfa821f8732b99ca1edc85f6d73a75 RLBA-2024:2552 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23 (JIRA:Rocky Linux-11675) * Update .NET 6.0 to SDK 6.0.124 and Runtime 6.0.24 (JIRA:Rocky Linux-14451) * Update .NET 6.0 to SDK 6.0.125 and Runtime 6.0.25 (JIRA:Rocky Linux-15349) * Update .NET 6.0 to SDK 6.0.126 and Runtime 6.0.26 (JIRA:Rocky Linux-19801) * Update .NET 6.0 to SDK 6.0.122 and Runtime 6.0.22 (JIRA:Rocky Linux-1995) * Update .NET 6.0 to SDK 6.0.127 and Runtime 6.0.27 (JIRA:Rocky Linux-23785) * Update .NET 6.0 to SDK 6.0.128 and Runtime 6.0.28 [rhel-9] (JIRA:Rocky Linux-27541) * Update .NET 6.0 to SDK 6.0.129 and Runtime 6.0.29 [rhel-9.4.0.z] (JIRA:Rocky Linux-31198) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dotnet6.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23 (JIRA:Rocky Linux-11675) * Update .NET 6.0 to SDK 6.0.124 and Runtime 6.0.24 (JIRA:Rocky Linux-14451) * Update .NET 6.0 to SDK 6.0.125 and Runtime 6.0.25 (JIRA:Rocky Linux-15349) * Update .NET 6.0 to SDK 6.0.126 and Runtime 6.0.26 (JIRA:Rocky Linux-19801) * Update .NET 6.0 to SDK 6.0.122 and Runtime 6.0.22 (JIRA:Rocky Linux-1995) * Update .NET 6.0 to SDK 6.0.127 and Runtime 6.0.27 (JIRA:Rocky Linux-23785) * Update .NET 6.0 to SDK 6.0.128 and Runtime 6.0.28 [rhel-9] (JIRA:Rocky Linux-27541) * Update .NET 6.0 to SDK 6.0.129 and Runtime 6.0.29 [rhel-9.4.0.z] (JIRA:Rocky Linux-31198) rocky-linux-9-x86-64-crb-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.129-2.el9_4.x86_64.rpm 6e0718c3d8c4f1d89bbac347b1b5f908ebcc2a56e8c959cd8ad8b040bb6bc774 RLBA-2024:2556 Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Bug Fix(es): * Support checkpoint on rollback when using global DNS of NetworkManager (JIRA:Rocky Linux-31190) * Include driver information in systemd network link file created by `nmstatectl persist-nic-names` (JIRA:Rocky Linux-32330) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for nmstate. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. Bug Fix(es): * Support checkpoint on rollback when using global DNS of NetworkManager (JIRA:Rocky Linux-31190) * Include driver information in systemd network link file created by `nmstatectl persist-nic-names` (JIRA:Rocky Linux-32330) rocky-linux-9-x86-64-crb-rpms nmstate-devel-2.2.27-2.el9_4.x86_64.rpm bbc6d4d222531a4ced28f6eccc7113d2d202903f3aeb94acde4341657c2026e5 nmstate-static-2.2.27-2.el9_4.x86_64.rpm 5320f1094b7ef4135487f4d925967427088379641d9b558f70d37c6b4a71b7a4 RLBA-2024:2558 Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fix(es): * Enforce OTP for ldap bind (in some scenarios) (JIRA:Rocky Linux-23377) * Unable to re-add broken AD trust - NT_STATUS_INVALID_PARAMETER (JIRA:Rocky Linux-29745) * Backport latest test fixes in ipa (JIRA: Rocky Linux-30905) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ipa. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fix(es): * Enforce OTP for ldap bind (in some scenarios) (JIRA:Rocky Linux-23377) * Unable to re-add broken AD trust - NT_STATUS_INVALID_PARAMETER (JIRA:Rocky Linux-29745) * Backport latest test fixes in ipa (JIRA: Rocky Linux-30905) rocky-linux-9-x86-64-crb-rpms python3-ipatests-4.11.0-10.el9_4.noarch.rpm 7725dac69c697105c653ca1561a9db64fc77128278183b1b7c5cb1efd9c3d65c RLBA-2024:2561 GNOME Shell acts as a compositing manager for the desktop, and displays both application windows and other objects. It provides core interface functions like switching windows, launching applications, and notifications. It takes advantage of the capabilities of modern graphics hardware and introduces innovative user interface concepts. GNOME Shell extensions allow for modifying the default GNOME Shell interface and its parts, such as window management and application launching. Bug Fix(es): * Qt5 custom window icons are not displayed in Activities overview or window list (JIRA:Rocky Linux-29659) * [RFE] Group GNOME Settings, Tweaks, Extensions in the same categories J (JIRA:Rocky Linux-32792) * [RFE] Prevent workspaces from collapsing when more than six are present (JIRA:Rocky Linux-31885) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for gnome-menus, gnome-shell, gnome-shell-extensions. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GNOME Shell acts as a compositing manager for the desktop, and displays both application windows and other objects. It provides core interface functions like switching windows, launching applications, and notifications. It takes advantage of the capabilities of modern graphics hardware and introduces innovative user interface concepts. GNOME Shell extensions allow for modifying the default GNOME Shell interface and its parts, such as window management and application launching. Bug Fix(es): * Qt5 custom window icons are not displayed in Activities overview or window list (JIRA:Rocky Linux-29659) * [RFE] Group GNOME Settings, Tweaks, Extensions in the same categories J (JIRA:Rocky Linux-32792) * [RFE] Prevent workspaces from collapsing when more than six are present (JIRA:Rocky Linux-31885) rocky-linux-9-x86-64-crb-rpms gnome-menus-devel-3.36.0-9.el9_4.x86_64.rpm 70f3a2cc787c739cd2b47d587bffd16605275ddd60740f80da019e34d6236657 RLSA-2024:2560 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fixes: * libvirt: off-by-one error in udevListInterfacesByStatus() (CVE-2024-1441) * libvirt: negative g_new0 length can lead to unbounded memory allocation (CVE-2024-2494) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fixes: * libvirt: off-by-one error in udevListInterfacesByStatus() [rhel-9] (JIRA:Rocky Linux-25081) * libvirt: negative g_new0 length can lead to unbounded memory allocation [rhel-9] (JIRA:Rocky Linux-29515) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for libvirt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fixes: * libvirt: off-by-one error in udevListInterfacesByStatus() (CVE-2024-1441) * libvirt: negative g_new0 length can lead to unbounded memory allocation (CVE-2024-2494) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fixes: * libvirt: off-by-one error in udevListInterfacesByStatus() [rhel-9] (JIRA:Rocky Linux-25081) * libvirt: negative g_new0 length can lead to unbounded memory allocation [rhel-9] (JIRA:Rocky Linux-29515) rocky-linux-9-x86-64-crb-rpms libvirt-daemon-plugin-sanlock-10.0.0-6.2.el9_4.x86_64.rpm 59c844b6de451b548053bd5ab33df74e7912470f60991b7074a22a5dc06f0a44 libvirt-devel-10.0.0-6.2.el9_4.x86_64.rpm 81bf7f76b0482cfbcaff3684808b59fe8fcfecf746dd45bcc427129c26dd8304 libvirt-docs-10.0.0-6.2.el9_4.x86_64.rpm 1042f788dc2054a49512d5e061094040e29073f718b351c6b3a9fa81913aa894 RLSA-2024:3619 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref (CVE-2024-26735) * kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref (CVE-2024-26735) * kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms kernel-cross-headers-5.14.0-427.20.1.el9_4.x86_64.rpm 1b7043cf0bb41353aa4783d267f288a891f8fc28529d71c8e371bf273d2bb438 kernel-tools-libs-devel-5.14.0-427.20.1.el9_4.x86_64.rpm 05e6e8a0394daa112c10c7908e5c578973394424f740d07cdadbfea6019841d7 libperf-5.14.0-427.20.1.el9_4.x86_64.rpm 82e2975b3c54d85620070eec9f05cc56c4a8e2644b46214b648dc44e9f00107d RLSA-2024:3339 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: Out of bounds write in iconv conversion to ISO-2022-CN-EXT (CVE-2024-2961) * glibc: stack-based buffer overflow in netgroup cache (CVE-2024-33599) * glibc: null pointer dereferences after failed netgroup cache insertion (CVE-2024-33600) * glibc: netgroup cache may terminate daemon on memory allocation failure (CVE-2024-33601) * glibc: netgroup cache assumes NSS callback uses in-buffer strings (CVE-2024-33602) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for glibc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: Out of bounds write in iconv conversion to ISO-2022-CN-EXT (CVE-2024-2961) * glibc: stack-based buffer overflow in netgroup cache (CVE-2024-33599) * glibc: null pointer dereferences after failed netgroup cache insertion (CVE-2024-33600) * glibc: netgroup cache may terminate daemon on memory allocation failure (CVE-2024-33601) * glibc: netgroup cache assumes NSS callback uses in-buffer strings (CVE-2024-33602) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms glibc-benchtests-2.34-100.el9_4.2.x86_64.rpm c7b884a82c5a621abd2eccd081a867e7afea0c17837d8ed7633b5d324b9c8a0c glibc-nss-devel-2.34-100.el9_4.2.x86_64.rpm 97764de7cfc58c7f5dd78b75c68abd00859d660d357a6c6abf35642c69d24cc2 glibc-static-2.34-100.el9_4.2.x86_64.rpm 2e8514cdb0cfeb5e67f91a8a1c287c4d584bf911016f16d52679aace2eb0990f nss_db-2.34-100.el9_4.2.x86_64.rpm 72f31bdfff81b84bb6eed18b25ae7e586f5bea807b5f89970e4a9bab6bf9901e nss_hesiod-2.34-100.el9_4.2.x86_64.rpm 9cc2626a393aaf5c9ef1422ded3ac56bc1975a9b1472ed64b44b16051cc5a80a RLSA-2024:3501 libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): * nghttp2: CONTINUATION frames DoS (CVE-2024-28182) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for nghttp2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): * nghttp2: CONTINUATION frames DoS (CVE-2024-28182) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms libnghttp2-devel-1.43.0-5.el9_4.3.x86_64.rpm 94b5e93b0c9b2a6ee1805514186b04aadfd0bee1663d18f698a2ed5736568fd7 nghttp2-1.43.0-5.el9_4.3.x86_64.rpm 85828ec9fa1efd9f9c79afcea90934c7ed67a3a34ff45de523c07a2e83271720 RLBA-2024:2841 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.130 and Runtime 6.0.30 [rhel-9.4.z] (Rocky Linux-35310) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for dotnet6.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fix(es) and Enhancement(s): * Update .NET 6.0 to SDK 6.0.130 and Runtime 6.0.30 [rhel-9.4.z] (Rocky Linux-35310) rocky-linux-9-x86-64-crb-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.130-1.el9_4.x86_64.rpm a25b5df9d95ad0b86de3d3f84302cd60ccd73daff3811836cb113426f16fcd7a RLSA-2024:2842 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.105 and .NET Runtime 8.0.5. Security Fix(es): * dotnet: stack buffer overrun in Double Parse (CVE-2024-30045) * dotnet: denial of service in ASP.NET Core due to deadlock in Http2OutputProducer.Stop() (CVE-2024-30046) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for dotnet8.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.105 and .NET Runtime 8.0.5. Security Fix(es): * dotnet: stack buffer overrun in Double Parse (CVE-2024-30045) * dotnet: denial of service in ASP.NET Core due to deadlock in Http2OutputProducer.Stop() (CVE-2024-30046) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms dotnet-sdk-8.0-source-built-artifacts-8.0.105-1.el9_4.x86_64.rpm cd615671e236aec81ea4a1136796ee437621f5a9d31156fc3615baa357f0d380 RLSA-2024:2843 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.119 and .NET Runtime 7.0.19. Security Fix(es): * dotnet: stack buffer overrun in Double Parse (CVE-2024-30045) * dotnet: denial of service in ASP.NET Core due to deadlock in Http2OutputProducer.Stop() (CVE-2024-30046) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for dotnet7.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.119 and .NET Runtime 7.0.19. Security Fix(es): * dotnet: stack buffer overrun in Double Parse (CVE-2024-30045) * dotnet: denial of service in ASP.NET Core due to deadlock in Http2OutputProducer.Stop() (CVE-2024-30046) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms dotnet-sdk-7.0-source-built-artifacts-7.0.119-1.el9_4.x86_64.rpm 08251daeba6683b1ee28b35dc142e190f510efbf6f78169729053d2e5787d6fa RLSA-2024:3754 Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * freeipa: delegation rules allow a proxy service to impersonate any user to access another target service (CVE-2024-2698) * freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force (CVE-2024-3183) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for ipa. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * freeipa: delegation rules allow a proxy service to impersonate any user to access another target service (CVE-2024-2698) * freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force (CVE-2024-3183) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms python3-ipatests-4.11.0-15.el9_4.noarch.rpm 67e90e53fc46b5e151c183e4c5e16b75ca51e2d40f6c35b3ca4e54605abafc2e RLBA-2024:3828 The libappstream-glib package provides GObjects and helper methods for easy manipulation of AppStream metadata. It also provides a simple DOM (Document Object Model) implementation that simplifies editing nodes and converting to and from the standardized XML representation. Bug Fix(es): * flatpak / appstream compat issues [rhel-9.4.z] (JIRA:Rocky Linux-34564) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libappstream-glib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libappstream-glib package provides GObjects and helper methods for easy manipulation of AppStream metadata. It also provides a simple DOM (Document Object Model) implementation that simplifies editing nodes and converting to and from the standardized XML representation. Bug Fix(es): * flatpak / appstream compat issues [rhel-9.4.z] (JIRA:Rocky Linux-34564) rocky-linux-9-x86-64-crb-rpms libappstream-glib-devel-0.7.18-5.el9_4.x86_64.rpm 9ed67d40ee3ee09aa29f519e5e383709ff1827a1f116dfcf5b81e8b10349c4ab RLBA-2024:3832 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Bug Fix(es): * live-migration with NBD TLS fails with "Certificate does not match the hostname " [rhel-9.4.z] (JIRA:Rocky Linux-33781) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libvirt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Bug Fix(es): * live-migration with NBD TLS fails with "Certificate does not match the hostname " [rhel-9.4.z] (JIRA:Rocky Linux-33781) rocky-linux-9-x86-64-crb-rpms libvirt-daemon-plugin-sanlock-10.0.0-6.3.el9_4.x86_64.rpm 53e7cb8cefb94a951f1f01f082e2c23fc8d6c141b85aa94cae24a1f9c4f6816e libvirt-devel-10.0.0-6.3.el9_4.x86_64.rpm abf1eec8bc3500442babac708bcef1b2ff91569a11654b8bb0206151718adda1 libvirt-docs-10.0.0-6.3.el9_4.x86_64.rpm 3690bb9ced86992d7cc5d4788949ff664f83bf2e20e4609a43bb8a32c60d6851 RLSA-2024:3835 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix(es): * libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185) * libreoffice: Insufficient macro permission validation leading to macro execution (CVE-2023-6186) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for libreoffice. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix(es): * libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185) * libreoffice: Insufficient macro permission validation leading to macro execution (CVE-2023-6186) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms libreoffice-sdk-7.1.8.1-12.el9_3.x86_64.rpm 96ed77293661b80214d0af8ffbb3cfda98a9b1b0b040ee911f0843f62a20cc8b libreoffice-sdk-doc-7.1.8.1-12.el9_3.x86_64.rpm 8f41af1bcbe59c5ebacd55e4a18710ad12dea0d9b9590d1b8ded76eb850aa644 RLSA-2024:3837 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) * 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for 389-ds-base. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) * 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms 389-ds-base-devel-2.4.5-8.el9_4.x86_64.rpm 01fbd16abdc738632b3a4bfe749c2d02a53fb48e3b33d09dc5488a767084422c RLBA-2024:3839 OSTree is a tool for managing bootable, immutable, versioned file system trees. Bug Fix(es): * [9.4.z] Update ostree to 2024.6 (JIRA:Rocky Linux-36770) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for ostree. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

OSTree is a tool for managing bootable, immutable, versioned file system trees. Bug Fix(es): * [9.4.z] Update ostree to 2024.6 (JIRA:Rocky Linux-36770) rocky-linux-9-x86-64-crb-rpms ostree-devel-2024.6-1.el9_4.x86_64.rpm 667546a54cd31f61332a7a824e13c17d933059c9e3dfd2f13d658e9d03870009 RLBA-2024:3983 The kernel packages contain the Linux kernel, the core of any Linux operating system. Bug Fix(es): * [DELL 9.4 BUG] - Screen shows garbage sometimes [rhel-9.4.z] (JIRA:Rocky Linux-36534) * cifs - Unable to mount CIFS shares after upgrading to Rocky Linux9.4 (JIRA:Rocky Linux-36743) * [Azure][Rocky Linux-9][MANA]System crash at skbuff when set mtu=100 [rhel-9.4.z] (JIRA:Rocky Linux-37622) * selective backport from perf upstream v6.8 to fix AmpereOne and Nvidia support [rhel-9.4.z] (JIRA:Rocky Linux-34991) * [Intel 9.5 FEAT] [SRF] performance: hwmon: (coretemp) Fix core count limitation [rhel-9.4.z] (JIRA:Rocky Linux-35447) * CNB95: dpll: rebase DPLL to upstream v6.8 [rhel-9.4.z] (JIRA:Rocky Linux-36572) * ice: IRQs being moved to isolated CPUs and causing latency issues [rhel-9.4.z] (JIRA:Rocky Linux-38512) * Bluetooth device disappears from the device list after a few minutes with AX211 [rhel-9.4.z] (JIRA:Rocky Linux-38524) * deadlock on dfs_cache_refresh [rhel-9.4.z] (JIRA:Rocky Linux-38904) * [DELL 9.3 BUG]Unexpected message "integrity: Problem loading X.509 certificate -126" occurred on boot screen. [rhel-9.4.z] (JIRA:Rocky Linux-39933) * [rhel9-rt-debug] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46 ( clocksource_mark_unstable) (JIRA:Rocky Linux-9296) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Bug Fix(es): * [DELL 9.4 BUG] - Screen shows garbage sometimes [rhel-9.4.z] (JIRA:Rocky Linux-36534) * cifs - Unable to mount CIFS shares after upgrading to Rocky Linux9.4 (JIRA:Rocky Linux-36743) * [Azure][Rocky Linux-9][MANA]System crash at skbuff when set mtu=100 [rhel-9.4.z] (JIRA:Rocky Linux-37622) * selective backport from perf upstream v6.8 to fix AmpereOne and Nvidia support [rhel-9.4.z] (JIRA:Rocky Linux-34991) * [Intel 9.5 FEAT] [SRF] performance: hwmon: (coretemp) Fix core count limitation [rhel-9.4.z] (JIRA:Rocky Linux-35447) * CNB95: dpll: rebase DPLL to upstream v6.8 [rhel-9.4.z] (JIRA:Rocky Linux-36572) * ice: IRQs being moved to isolated CPUs and causing latency issues [rhel-9.4.z] (JIRA:Rocky Linux-38512) * Bluetooth device disappears from the device list after a few minutes with AX211 [rhel-9.4.z] (JIRA:Rocky Linux-38524) * deadlock on dfs_cache_refresh [rhel-9.4.z] (JIRA:Rocky Linux-38904) * [DELL 9.3 BUG]Unexpected message "integrity: Problem loading X.509 certificate -126" occurred on boot screen. [rhel-9.4.z] (JIRA:Rocky Linux-39933) * [rhel9-rt-debug] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46 ( clocksource_mark_unstable) (JIRA:Rocky Linux-9296) rocky-linux-9-x86-64-crb-rpms kernel-cross-headers-5.14.0-427.22.1.el9_4.x86_64.rpm 22dabdf58935b433de16dddf806641d843b09db3adc524ef6616a30aa54968fd kernel-tools-libs-devel-5.14.0-427.22.1.el9_4.x86_64.rpm 4c7dd731949c0fc8d3a8f07b1abd9c25673fc23b71d3e465114a4f35641a111b libperf-5.14.0-427.22.1.el9_4.x86_64.rpm f992c63016d22d94a508a300c2aaf9fd9c4d7fcf466903637332ce12bc77ccb3 RLSA-2024:4078 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Path traversal on tempfile.TemporaryDirectory (CVE-2023-6597) * python: The zipfile module is vulnerable to zip-bombs leading to denial of service (CVE-2024-0450) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for python3.9. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Path traversal on tempfile.TemporaryDirectory (CVE-2023-6597) * python: The zipfile module is vulnerable to zip-bombs leading to denial of service (CVE-2024-0450) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms python3-debug-3.9.18-3.el9_4.1.x86_64.rpm f6e83de762d5ac3201ebc442cbd0fb987f3e04e04a028b114076d0d9d77db72d python3-idle-3.9.18-3.el9_4.1.x86_64.rpm 72e375447f19ad5c8e6dbf7d62ea73539cb1d168d1c3b17dc8627d212a91fd76 python3-test-3.9.18-3.el9_4.1.x86_64.rpm e91572454e2716cdcdba66a1cf8a79ffcd5214c7b1a3346ee9512d33ac9af783 RLSA-2024:3959 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: sandbox escape via RequestBackground portal (CVE-2024-32462) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for flatpak. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: sandbox escape via RequestBackground portal (CVE-2024-32462) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms flatpak-devel-1.12.9-1.el9_4.x86_64.rpm 77d9be8a4758c333b8108db3937ad2238a6e9c09f36f128191238a7ee0ef93db RLSA-2024:3999 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix(es): * ghostscript: OPVP device arbitrary code execution via custom Driver library (CVE-2024-33871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for ghostscript. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix(es): * ghostscript: OPVP device arbitrary code execution via custom Driver library (CVE-2024-33871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms libgs-devel-9.54.0-16.el9_4.x86_64.rpm 2e0f3c85bc362dc53f7cc75856a0751d6328bd2509630fda91507242e58d3ad3 RLSA-2024:4077 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Path traversal on tempfile.TemporaryDirectory (CVE-2023-6597) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for python3.11. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Path traversal on tempfile.TemporaryDirectory (CVE-2023-6597) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms python3.11-debug-3.11.7-1.el9_4.1.x86_64.rpm 73b143ebb18442d8c03a137162bac60e94179a0ebba9cf77ab12a5d7ed803e9f python3.11-idle-3.11.7-1.el9_4.1.x86_64.rpm 81e7f32be54f1d84e99150ffcf450310d4e57b27efa27a18a52bc4e6a25392a6 python3.11-test-3.11.7-1.el9_4.1.x86_64.rpm 552730ea8903cb4dbb2b6ad473c68b00f0458e779e00d8fc5f9d4bfb76528c8b RLSA-2024:4349 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (CVE-2023-52626) * kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset (CVE-2024-26801) * kernel: crypto: qat - resolve race condition during AER recovery (CVE-2024-26974) * kernel: xen-netfront: Add missing skb_mark_for_recycle (CVE-2024-27393) * kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667) * kernel: smb: client: fix UAF in smb2_reconnect_server() (CVE-2024-35870) * kernel: net/mlx5: Properly link new fs rules into the tree (CVE-2024-35960) * kernel: net: hns3: do not allow call hns3_nic_net_open repeatedly (CVE-2021-47400) Bug Fix(es): * cifs - kernel panic with cifs_put_smb_ses (JIRA:Rocky Linux-28943) * BUG: unable to handle page fault for address: ff16bf752f593ff8 [rhel-9.4.z] (JIRA:Rocky Linux-35672) * [HPE 9.4 Bug] Request merge of AMD address translation library patch series [rhel-9.4.z] (JIRA:Rocky Linux-36220) * [Rocky Linux9] kernel BUG at lib/list_debug.c:51! [rhel-9.4.z] (JIRA:Rocky Linux-36687) * ice: DPLL-related fixes [rhel-9.4.z] (JIRA:Rocky Linux-36716) * CNB95: net/sched: update TC core to upstream v6.8 [rhel-9.4.z] (JIRA:Rocky Linux-37641) * IPv6: SR: backport fixes from upstream [rhel-9.4.z] (JIRA:Rocky Linux-37669) * [RFE] Backport tmpfs noswap mount option [rhel-9.4.z] (JIRA:Rocky Linux-38252) * Isolated cores causing issues on latest Rocky Linux9.4 kernel and not functioning as desired. [rhel-9.4.z] (JIRA:Rocky Linux-38595) * [ice] Add automatic VF reset on Tx MDD events [rhel-9.4.z] (JIRA:Rocky Linux-39083) * [HPEMC Rocky Linux 9.4 REGRESSION] turbostat: turbostat broken on 10+ sockets. [rhel-9.4.z] (JIRA:Rocky Linux-34953) * bnx2x: fix crashes in PCI error handling, resource leaks [rhel-9.4.z] (JIRA:Rocky Linux-43272) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (CVE-2023-52626) * kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset (CVE-2024-26801) * kernel: crypto: qat - resolve race condition during AER recovery (CVE-2024-26974) * kernel: xen-netfront: Add missing skb_mark_for_recycle (CVE-2024-27393) * kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667) * kernel: smb: client: fix UAF in smb2_reconnect_server() (CVE-2024-35870) * kernel: net/mlx5: Properly link new fs rules into the tree (CVE-2024-35960) * kernel: net: hns3: do not allow call hns3_nic_net_open repeatedly (CVE-2021-47400) Bug Fix(es): * cifs - kernel panic with cifs_put_smb_ses (JIRA:Rocky Linux-28943) * BUG: unable to handle page fault for address: ff16bf752f593ff8 [rhel-9.4.z] (JIRA:Rocky Linux-35672) * [HPE 9.4 Bug] Request merge of AMD address translation library patch series [rhel-9.4.z] (JIRA:Rocky Linux-36220) * [Rocky Linux9] kernel BUG at lib/list_debug.c:51! [rhel-9.4.z] (JIRA:Rocky Linux-36687) * ice: DPLL-related fixes [rhel-9.4.z] (JIRA:Rocky Linux-36716) * CNB95: net/sched: update TC core to upstream v6.8 [rhel-9.4.z] (JIRA:Rocky Linux-37641) * IPv6: SR: backport fixes from upstream [rhel-9.4.z] (JIRA:Rocky Linux-37669) * [RFE] Backport tmpfs noswap mount option [rhel-9.4.z] (JIRA:Rocky Linux-38252) * Isolated cores causing issues on latest Rocky Linux9.4 kernel and not functioning as desired. [rhel-9.4.z] (JIRA:Rocky Linux-38595) * [ice] Add automatic VF reset on Tx MDD events [rhel-9.4.z] (JIRA:Rocky Linux-39083) * [HPEMC Rocky Linux 9.4 REGRESSION] turbostat: turbostat broken on 10+ sockets. [rhel-9.4.z] (JIRA:Rocky Linux-34953) * bnx2x: fix crashes in PCI error handling, resource leaks [rhel-9.4.z] (JIRA:Rocky Linux-43272) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms kernel-cross-headers-5.14.0-427.24.1.el9_4.x86_64.rpm b807d16648a8bcc68ff2317ae782a30d1c1b0e031beeb8e4e0d236af2e452a66 kernel-tools-libs-devel-5.14.0-427.24.1.el9_4.x86_64.rpm 5bc6ed4f2c7b983654c431753bae41aa8579cd0565fdefc31f4d3ad346b5c9c1 libperf-5.14.0-427.24.1.el9_4.x86_64.rpm ac7d44f0099ad879976d26d1e4f62ecd60eed4261874149c164d2e0140223c3e RLSA-2024:4450 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.107 and Runtime 8.0.7. Security Fix(es): * dotnet: DoS in System.Text.Json (CVE-2024-30105) * dotnet: DoS in ASP.NET Core 8 (CVE-2024-35264) * dotnet: DoS when parsing X.509 Content and ObjectIdentifiers (CVE-2024-38095) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for dotnet8.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.107 and Runtime 8.0.7. Security Fix(es): * dotnet: DoS in System.Text.Json (CVE-2024-30105) * dotnet: DoS in ASP.NET Core 8 (CVE-2024-35264) * dotnet: DoS when parsing X.509 Content and ObjectIdentifiers (CVE-2024-38095) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms dotnet-sdk-8.0-source-built-artifacts-8.0.107-1.el9_4.x86_64.rpm 9035fed4909ad2e05d8a09d48cb29e76fc756fd6314bfe826ce08712b76cf7b4 RLSA-2024:4573 The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fix(es): * OpenJDK: RangeCheckElimination array index overflow (8323231) (CVE-2024-21147) * OpenJDK: potential UTF8 size overflow (8314794) (CVE-2024-21131) * OpenJDK: Excessive symbol length can lead to infinite loop (8319859) (CVE-2024-21138) * OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548) (CVE-2024-21140) * OpenJDK: Out-of-bounds access in 2D image handling (8324559) (CVE-2024-21145) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for java-21-openjdk. This update affects Rocky Linux 8, Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fix(es): * OpenJDK: RangeCheckElimination array index overflow (8323231) (CVE-2024-21147) * OpenJDK: potential UTF8 size overflow (8314794) (CVE-2024-21131) * OpenJDK: Excessive symbol length can lead to infinite loop (8319859) (CVE-2024-21138) * OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548) (CVE-2024-21140) * OpenJDK: Out-of-bounds access in 2D image handling (8324559) (CVE-2024-21145) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms java-21-openjdk-demo-fastdebug-21.0.4.0.7-1.el9.x86_64.rpm 1a858aae0f9a12913a36ef5bd31bc0dcf8594886da391b0d381b483c95f0d63c java-21-openjdk-demo-slowdebug-21.0.4.0.7-1.el9.x86_64.rpm eb9cf0541972030a83b217cb5f04d0b5feda1dd12b9d307ae2f1abcb125803fe java-21-openjdk-devel-fastdebug-21.0.4.0.7-1.el9.x86_64.rpm 3fae786225304eb8d5e3b91ad220747207d0a93377a7266eda2b5773a7cc3431 java-21-openjdk-devel-slowdebug-21.0.4.0.7-1.el9.x86_64.rpm 645a0ec25f0dcd7ff162115545909cb34c13757f7993ff8de4ea010505459071 java-21-openjdk-fastdebug-21.0.4.0.7-1.el9.x86_64.rpm 9b1fc17051b12875a9a5b3edde048bc69bd456cfef229c3a25883dfd6afd4485 java-21-openjdk-headless-fastdebug-21.0.4.0.7-1.el9.x86_64.rpm fa77e92c7df028a2d25d16c8bae9443ef9611cc226f8d876666575eb5bbc6948 java-21-openjdk-headless-slowdebug-21.0.4.0.7-1.el9.x86_64.rpm 5d184a4ee12a10487b7dcb3d4ba6188ea5bf456a42c0ffb174ed0e971409ca7b java-21-openjdk-jmods-fastdebug-21.0.4.0.7-1.el9.x86_64.rpm b27fbf261e29302e49880675fc7d55c4fc7b2d74877b5c99ec32a24474481b02 java-21-openjdk-jmods-slowdebug-21.0.4.0.7-1.el9.x86_64.rpm 117ad0d7fd872960430a18d0bf57c200167c3c7fe4d8761d56e684c4e1d11185 java-21-openjdk-slowdebug-21.0.4.0.7-1.el9.x86_64.rpm 436cca2e9251b3b2382037ec4cd54b8441972fa3ce2aca0575ccecb71e7bd547 java-21-openjdk-src-fastdebug-21.0.4.0.7-1.el9.x86_64.rpm 8596a12855de733df9bf3fd8a7cc1fb2cad8ab82bdafea150fcc59f3394cf74a java-21-openjdk-src-slowdebug-21.0.4.0.7-1.el9.x86_64.rpm feea455d9dc3d6cc0757949492b285dc86950a91c6e93c33a4ca1d3f56119f4f java-21-openjdk-static-libs-fastdebug-21.0.4.0.7-1.el9.x86_64.rpm 8fa3cf878d3a26670f7276b0ee46f1c438f9075256dd2af88b5d712d496faa84 java-21-openjdk-static-libs-slowdebug-21.0.4.0.7-1.el9.x86_64.rpm 3bb99f76adaf055178417ccfe19bdf98f16aea13385cfc18f472cb3903eb2508 RLSA-2024:4583 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886) * kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (CVE-2021-47548) * kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (CVE-2021-47596) * kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627) * kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (CVE-2023-52638) * kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (CVE-2024-26783) * kernel: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (CVE-2024-26858) * kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397) * kernel: nvme: fix reconnection fail due to reserved tag allocation (CVE-2024-27435) * kernel: net: ena: Fix incorrect descriptor free behavior (CVE-2024-35958) * kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904) * kernel: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (CVE-2024-38543) * kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586) * kernel: net: micrel: Fix receiving the timestamp in the frame for lan8841 (CVE-2024-38593) * kernel: netfilter: tproxy: bail out if IP has been disabled on the device (CVE-2024-36270) * kernel: octeontx2-af: avoid off-by-one read from userspace (CVE-2024-36957) * kernel: blk-cgroup: fix list corruption from resetting io stat (CVE-2024-38663) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886) * kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (CVE-2021-47548) * kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (CVE-2021-47596) * kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627) * kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (CVE-2023-52638) * kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (CVE-2024-26783) * kernel: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (CVE-2024-26858) * kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397) * kernel: nvme: fix reconnection fail due to reserved tag allocation (CVE-2024-27435) * kernel: net: ena: Fix incorrect descriptor free behavior (CVE-2024-35958) * kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904) * kernel: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (CVE-2024-38543) * kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586) * kernel: net: micrel: Fix receiving the timestamp in the frame for lan8841 (CVE-2024-38593) * kernel: netfilter: tproxy: bail out if IP has been disabled on the device (CVE-2024-36270) * kernel: octeontx2-af: avoid off-by-one read from userspace (CVE-2024-36957) * kernel: blk-cgroup: fix list corruption from resetting io stat (CVE-2024-38663) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms kernel-cross-headers-5.14.0-427.26.1.el9_4.x86_64.rpm 359f27735131434a3173acfc212924e9b6e09789f1cb385fa43c77eff0e5d884 kernel-tools-libs-devel-5.14.0-427.26.1.el9_4.x86_64.rpm 67a34144ee080026436d6064b94e03d600f5ceb04d89cf5ee5cf3246d6eae520 libperf-5.14.0-427.26.1.el9_4.x86_64.rpm 05d3e9e42303a29459fd3e1f69799828316e784b6d8498037aa6f0beba598d24 RLSA-2024:4623 Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fix(es): * qtbase: qtbase: Delay any communication until encrypted() can be responded to (CVE-2024-39936) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for qt5-qtbase. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fix(es): * qtbase: qtbase: Delay any communication until encrypted() can be responded to (CVE-2024-39936) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms qt5-qtbase-static-5.15.9-10.el9_4.x86_64.rpm 1353a6fc473272052f6dda5b0527ce8b52fafb8c7aad3245e042f568a015918f RLSA-2024:4928 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned (CVE-2023-52458) * kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (CVE-2024-26773) * kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel (CVE-2024-26737) * kernel: dm: call the resume method on internal suspend (CVE-2024-26880) * kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852) * kernel: Squashfs: check the inode number is not the invalid value of zero (CVE-2024-26982) * kernel: nfp: flower: handle acti_netdevs allocation failure (CVE-2024-27046) * kernel: octeontx2-af: Use separate handlers for interrupts (CVE-2024-27030) * kernel: icmp: prevent possible NULL dereferences from icmp_build_probe() (CVE-2024-35857) * kernel: mlxbf_gige: call request_irq() after NAPI initialized (CVE-2024-35907) * kernel: mlxbf_gige: stop interface during shutdown (CVE-2024-35885) * kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (CVE-2023-52809) * kernel: can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (CVE-2021-47459) * kernel: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (CVE-2024-36924) * kernel: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (CVE-2024-36952) * kernel: net: amd-xgbe: Fix skb data length underflow (CVE-2022-48743) * kernel: epoll: be better about file lifetimes (CVE-2024-38580) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned (CVE-2023-52458) * kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (CVE-2024-26773) * kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel (CVE-2024-26737) * kernel: dm: call the resume method on internal suspend (CVE-2024-26880) * kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852) * kernel: Squashfs: check the inode number is not the invalid value of zero (CVE-2024-26982) * kernel: nfp: flower: handle acti_netdevs allocation failure (CVE-2024-27046) * kernel: octeontx2-af: Use separate handlers for interrupts (CVE-2024-27030) * kernel: icmp: prevent possible NULL dereferences from icmp_build_probe() (CVE-2024-35857) * kernel: mlxbf_gige: call request_irq() after NAPI initialized (CVE-2024-35907) * kernel: mlxbf_gige: stop interface during shutdown (CVE-2024-35885) * kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (CVE-2023-52809) * kernel: can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (CVE-2021-47459) * kernel: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (CVE-2024-36924) * kernel: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (CVE-2024-36952) * kernel: net: amd-xgbe: Fix skb data length underflow (CVE-2022-48743) * kernel: epoll: be better about file lifetimes (CVE-2024-38580) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms kernel-cross-headers-5.14.0-427.28.1.el9_4.x86_64.rpm b6d7d290c427b7d93fb67233f2d62bb2875216136300b1cba8505058cc9e8963 kernel-tools-libs-devel-5.14.0-427.28.1.el9_4.x86_64.rpm 3694c7f4fea590c2e24c4caa797bfe6f1b6af462f941c465d2667f69394d2181 libperf-5.14.0-427.28.1.el9_4.x86_64.rpm d48f6905b698f6637d17bc07956cb6d3b889a2ae60322cc6041b830bbbd81052 RLSA-2024:4935 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network. Security Fix(es): * freeradius: forgery attack (CVE-2024-3596) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for freeradius. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network. Security Fix(es): * freeradius: forgery attack (CVE-2024-3596) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms freeradius-mysql-3.0.21-40.el9_4.x86_64.rpm 86c7c0cd5333ba43e1413742825ac519098483d5962d35e4cd096b050a91cc38 freeradius-perl-3.0.21-40.el9_4.x86_64.rpm 60085c60224d6b0e4504b6d18627b7628b09ac1fc6437c76acbeda9edbee0b7b freeradius-postgresql-3.0.21-40.el9_4.x86_64.rpm e0f2634e6b31c17b4663775664f85a39604625f5a5f1ee7acf51bfaa5db85c81 freeradius-rest-3.0.21-40.el9_4.x86_64.rpm bda98dfae7aba92620512fc322a0a3a4d4a7c19b535645f7323be9d87caec6d5 freeradius-sqlite-3.0.21-40.el9_4.x86_64.rpm 8daeabf88ca10d99e69182ac2879a05515aa5c63fea731de7f82b68ffb46042d freeradius-unixODBC-3.0.21-40.el9_4.x86_64.rpm 7b597b63109c2d8c3ec03d3124dafa97bb6c125e675a0a71abd79d214f87f7b2 RLSA-2024:5363 Errata Tool Automation could not update the description because it is longer (4803) than ET limit of 4000 characters. (OSCI-6058) Please update the description manually. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Errata Tool Automation could not update the description because it is longer (4803) than ET limit of 4000 characters. (OSCI-6058) Please update the description manually. rocky-linux-9-x86-64-crb-rpms kernel-cross-headers-5.14.0-427.31.1.el9_4.x86_64.rpm a6abb0bb88526c272f84d7207b22ed172c9c411abf6472c28b9399687bffe34e kernel-tools-libs-devel-5.14.0-427.31.1.el9_4.x86_64.rpm 2c664066c6ab5490b65190f27262d40232cd316e7937792541f5dc710b86a40c libperf-5.14.0-427.31.1.el9_4.x86_64.rpm 9c5442085306b0eb2368a84db2605e8dffcf6c7b3206ce26e0142ae2dc534c83 RLSA-2024:5192 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: Malformed userPassword hash may cause Denial of Service (CVE-2024-5953) * 389-ds-base: unauthenticated user can trigger a DoS by sending a specific extended search request (CVE-2024-6237) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for 389-ds-base. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: Malformed userPassword hash may cause Denial of Service (CVE-2024-5953) * 389-ds-base: unauthenticated user can trigger a DoS by sending a specific extended search request (CVE-2024-6237) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms 389-ds-base-devel-2.4.5-9.el9_4.x86_64.rpm 7d8ac26c55bfecc28f3671df85187d6fb3e5cfc7c61d9214fbbb1c301748880b RLSA-2024:5231 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam (CVE-2024-1737) * bind9: bind: SIG(0) can be used to exhaust CPU resources (CVE-2024-1975) * bind: bind9: Assertion failure when serving both stale cache data and authoritative zone content (CVE-2024-4076) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for bind-dyndb-ldap, bind. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam (CVE-2024-1737) * bind9: bind: SIG(0) can be used to exhaust CPU resources (CVE-2024-1975) * bind: bind9: Assertion failure when serving both stale cache data and authoritative zone content (CVE-2024-4076) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms bind-devel-9.16.23-18.el9_4.6.x86_64.rpm a4f3f46d50ead53d615248b47c8da1fefe76f8021d1a1fbb0bf3a190add868b6 bind-doc-9.16.23-18.el9_4.6.noarch.rpm daeca2e33af99da35b03d30bf7ffd4190c0e147b87eda5f11bb716856d5a44fc RLBA-2024:5463 The virt-v2v package provides a tool for converting virtual machines to use the KVM (Kernel-based Virtual Machine) hypervisor or Rocky Enterprise Software Foundation Enterprise Virtualization. The tool modifies both the virtual machine image and its associated libvirt metadata. Also, virt-v2v can configure a guest to use VirtIO drivers if possible. Bug fixes: * qemu-guest-agent not being installed at first boot in Windows Server 2022 (Rocky Linux-54150) * Uninstalling vmware-tools from windows guest sometimes fails with exit code 1618 or exit code 1603 (Rocky Linux-54151) * Allow --mac gw and len fields to be optional (Rocky Linux-54152) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for virt-v2v. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The virt-v2v package provides a tool for converting virtual machines to use the KVM (Kernel-based Virtual Machine) hypervisor or Rocky Enterprise Software Foundation Enterprise Virtualization. The tool modifies both the virtual machine image and its associated libvirt metadata. Also, virt-v2v can configure a guest to use VirtIO drivers if possible. Bug fixes: * qemu-guest-agent not being installed at first boot in Windows Server 2022 (Rocky Linux-54150) * Uninstalling vmware-tools from windows guest sometimes fails with exit code 1618 or exit code 1603 (Rocky Linux-54151) * Allow --mac gw and len fields to be optional (Rocky Linux-54152) rocky-linux-9-x86-64-crb-rpms virt-v2v-man-pages-ja-2.4.0-3.el9_4.noarch.rpm c8fce6244743443de3993c6c63cd1135608ad4c487c81945f4f297d0b396463d virt-v2v-man-pages-uk-2.4.0-3.el9_4.noarch.rpm cd4b93ce147cbe2b282c0c5957fb109d31e7fbb015e5cb7f5225f0a8400995fc RLSA-2024:5533 Setuptools is a collection of enhancements to the Python 3 distutils that allow you to more easily build and distribute Python 3 packages, especially ones that have dependencies on other packages. This package also contains the runtime components of setuptools, necessary to execute the software that requires pkg_resources. Security Fix(es): * pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools (CVE-2024-6345) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for python3.12-setuptools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Setuptools is a collection of enhancements to the Python 3 distutils that allow you to more easily build and distribute Python 3 packages, especially ones that have dependencies on other packages. This package also contains the runtime components of setuptools, necessary to execute the software that requires pkg_resources. Security Fix(es): * pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools (CVE-2024-6345) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms python3.12-setuptools-wheel-68.2.2-3.el9_4.1.noarch.rpm 88392789f4736337f4f20525fb6a4654fa678b1f4697392906fcce12108172aa RLSA-2024:6567 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463) * kernel: nfsd: fix RELEASE_LOCKOWNER (CVE-2024-26629) * kernel: mm: cachestat: fix folio read-after-free in cache walk (CVE-2024-26630) * kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (CVE-2024-26720) * kernel: Bluetooth: af_bluetooth: Fix deadlock (CVE-2024-26886) * kernel: kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (CVE-2024-26946) * kernel: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (CVE-2024-35791) * kernel: mm: cachestat: fix two shmem bugs (CVE-2024-35797) * kernel: x86/coco: Require seeding RNG with RDRAND on CoCo systems (CVE-2024-35875) * kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000) * kernel: iommufd: Fix missing update of domains_itree after splitting iopt_area (CVE-2023-52801) * kernel: net: fix out-of-bounds access in ops_init (CVE-2024-36883) * kernel: regmap: maple: Fix cache corruption in regcache_maple_drop() (CVE-2024-36019) * kernel: usb-storage: alauda: Check whether the media is initialized (CVE-2024-38619) * kernel: net: bridge: mst: fix vlan use-after-free (CVE-2024-36979) * kernel: scsi: qedf: Ensure the copied buf is NUL terminated (CVE-2024-38559) * kernel: xhci: Handle TD clearing for multiple streams case (CVE-2024-40927) * kernel: cxl/region: Fix memregion leaks in devm_cxl_add_region() (CVE-2024-40936) * kernel: net/sched: Fix UAF when resolving a clash (CVE-2024-41040) * kernel: ppp: reject claimed-as-LCP but actually malformed packets (CVE-2024-41044) * kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055) * kernel: PCI/MSI: Fix UAF in msi_capability_init (CVE-2024-41096) * kernel: xdp: Remove WARN() from __xdp_reg_mem_model() (CVE-2024-42082) * kernel: x86: stop playing stack games in profile_pc() (CVE-2024-42096) * kernel: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (CVE-2024-42102) * kernel: mm: avoid overflows in dirty throttling logic (CVE-2024-42131) * kernel: nvme: avoid double free special payload (CVE-2024-41073) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463) * kernel: nfsd: fix RELEASE_LOCKOWNER (CVE-2024-26629) * kernel: mm: cachestat: fix folio read-after-free in cache walk (CVE-2024-26630) * kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (CVE-2024-26720) * kernel: Bluetooth: af_bluetooth: Fix deadlock (CVE-2024-26886) * kernel: kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (CVE-2024-26946) * kernel: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (CVE-2024-35791) * kernel: mm: cachestat: fix two shmem bugs (CVE-2024-35797) * kernel: x86/coco: Require seeding RNG with RDRAND on CoCo systems (CVE-2024-35875) * kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000) * kernel: iommufd: Fix missing update of domains_itree after splitting iopt_area (CVE-2023-52801) * kernel: net: fix out-of-bounds access in ops_init (CVE-2024-36883) * kernel: regmap: maple: Fix cache corruption in regcache_maple_drop() (CVE-2024-36019) * kernel: usb-storage: alauda: Check whether the media is initialized (CVE-2024-38619) * kernel: net: bridge: mst: fix vlan use-after-free (CVE-2024-36979) * kernel: scsi: qedf: Ensure the copied buf is NUL terminated (CVE-2024-38559) * kernel: xhci: Handle TD clearing for multiple streams case (CVE-2024-40927) * kernel: cxl/region: Fix memregion leaks in devm_cxl_add_region() (CVE-2024-40936) * kernel: net/sched: Fix UAF when resolving a clash (CVE-2024-41040) * kernel: ppp: reject claimed-as-LCP but actually malformed packets (CVE-2024-41044) * kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055) * kernel: PCI/MSI: Fix UAF in msi_capability_init (CVE-2024-41096) * kernel: xdp: Remove WARN() from __xdp_reg_mem_model() (CVE-2024-42082) * kernel: x86: stop playing stack games in profile_pc() (CVE-2024-42096) * kernel: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (CVE-2024-42102) * kernel: mm: avoid overflows in dirty throttling logic (CVE-2024-42131) * kernel: nvme: avoid double free special payload (CVE-2024-41073) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms kernel-cross-headers-5.14.0-427.35.1.el9_4.x86_64.rpm 5842b167e38a3a961754c9136685b2800665f7c89a42d8eaa762328ae6f28a58 kernel-tools-libs-devel-5.14.0-427.35.1.el9_4.x86_64.rpm cc45fe4c4e04a778b67d6f12d595a8dcd37e72f0cc376539475299d6adf4ef5f libperf-5.14.0-427.35.1.el9_4.x86_64.rpm d6372919c925667b4af4ae06ce1e52e090992d735ae29167fb039b3165f5a396 RLSA-2024:6464 GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fix(es): * glib2: Signal subscription vulnerabilities (CVE-2024-34397) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for glib2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fix(es): * glib2: Signal subscription vulnerabilities (CVE-2024-34397) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms glib2-static-2.68.4-14.el9_4.1.x86_64.rpm c0ed16673033720ea85fe2079a577cd45e14d139178ca809252accb27cf9d7cf RLSA-2024:5999 PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es): * postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL (CVE-2024-7348) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for postgresql. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es): * postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL (CVE-2024-7348) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms postgresql-docs-13.16-1.el9_4.x86_64.rpm 0f2bc95d3eb8dbca088ed8bd2c3092a05ae8868fff924c43d0b7b5d1d7f4ef87 postgresql-private-devel-13.16-1.el9_4.x86_64.rpm 42847abe3355664279449c35303b490a66520bc695c1612250fa43fa9e02cba8 postgresql-server-devel-13.16-1.el9_4.x86_64.rpm e3a65ee6624c34811fa2f20ce1c12d9d380fd35d1fa6b44e082a2079088caf2c postgresql-static-13.16-1.el9_4.x86_64.rpm a5e2696bd389b8efccbd3db6295774576edcf0b0f19431ee19ce1961ef1785e3 postgresql-test-13.16-1.el9_4.x86_64.rpm ef40f555db606623affdd2bd00bcdbe4ff4a0ee55ccd99996f5c3404bee8e970 postgresql-upgrade-devel-13.16-1.el9_4.x86_64.rpm a00382e5d8d10f5abcbd569012a9cf0bbbc00ec70eb40992e872481c357404cc RLBA-2024:6143 Kernel-based Virtual Machine (KVM) offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the virtualized systems. Bug Fix(es) and Enhancement(s): * [RFE] Bundle and support virt-v2v-in-place for MTV warm migrations scenarios [rhel-9.4.z] (JIRA:Rocky Linux-55823) * Re-enable Windows disks post-live migration [rhel-9.4.z] (JIRA:Rocky Linux-55837) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for virt-v2v. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Kernel-based Virtual Machine (KVM) offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the virtualized systems. Bug Fix(es) and Enhancement(s): * [RFE] Bundle and support virt-v2v-in-place for MTV warm migrations scenarios [rhel-9.4.z] (JIRA:Rocky Linux-55823) * Re-enable Windows disks post-live migration [rhel-9.4.z] (JIRA:Rocky Linux-55837) rocky-linux-9-x86-64-crb-rpms virt-v2v-man-pages-ja-2.4.0-4.el9_4.noarch.rpm 52268a445579b8fb668730cbb9deab263a54f65aca1c3d03fc813a1b1804e8b6 virt-v2v-man-pages-uk-2.4.0-4.el9_4.noarch.rpm e024fcf2207ab73571dccf9699ccad918baf79ee26c758568cfa7720f16deb8c RLSA-2024:6146 Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3.12-libs package, which should be installed automatically along with python3.12. The remaining parts of the Python standard library are broken out into the python3.12-tkinter and python3.12-test packages, which may need to be installed separately. Documentation for Python is provided in the python3.12-docs package. Packages containing additional libraries for Python are generally named with the "python3.12-" prefix. Security Fix(es): * cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection (CVE-2024-6923) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for python3.12. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3.12-libs package, which should be installed automatically along with python3.12. The remaining parts of the Python standard library are broken out into the python3.12-tkinter and python3.12-test packages, which may need to be installed separately. Documentation for Python is provided in the python3.12-docs package. Packages containing additional libraries for Python are generally named with the "python3.12-" prefix. Security Fix(es): * cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection (CVE-2024-6923) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms python3.12-debug-3.12.1-4.el9_4.3.x86_64.rpm 57868b239511ec3657904daf4f4b556e7596b83318c74d49d9396b5e1f775ba1 python3.12-idle-3.12.1-4.el9_4.3.x86_64.rpm 281361b4039b0e04cba1d35373cb6dcdab32947de737414bf397554351c46d3c python3.12-test-3.12.1-4.el9_4.3.x86_64.rpm cd11bdeec61f72d365860f9a7dbbd593a6a03406a8f4285f7f8126d93be14150 RLBA-2024:6287 The libguestfs packages contain a library used for accessing and modifying virtual machine disk images. Bug Fix(es) and Enhancement(s): * sgdisk fails with "Invalid partition data!" for win2019, win2022, win2025 guests with three additional online disks [rhel-9.4.z] (JIRA:Rocky Linux-56697) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libguestfs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libguestfs packages contain a library used for accessing and modifying virtual machine disk images. Bug Fix(es) and Enhancement(s): * sgdisk fails with "Invalid partition data!" for win2019, win2022, win2025 guests with three additional online disks [rhel-9.4.z] (JIRA:Rocky Linux-56697) rocky-linux-9-x86-64-crb-rpms libguestfs-devel-1.50.1-8.el9_4.x86_64.rpm e3e66504103bd71f4febca3e4ce97de3447493385652c979d55073fdb1a194bb libguestfs-gobject-1.50.1-8.el9_4.x86_64.rpm 6656afaf223c005edb211d2e46197be5e8da1e411754f33b12e9d5b8632aa443 libguestfs-gobject-devel-1.50.1-8.el9_4.x86_64.rpm 534f1b9cf547122af8137a9f6ebfb79722ae2dedbf4539b0f7676a54ac722d56 libguestfs-man-pages-ja-1.50.1-8.el9_4.noarch.rpm e4c9e9a41c1cd9d1ef0c9ec76a679ce2f017793fb4e2595f0acada92a479fa1c libguestfs-man-pages-uk-1.50.1-8.el9_4.noarch.rpm 28b763d121ae802142ecb91ecc4860f1c504c4aac15c284f9e5df6101bf6a504 lua-guestfs-1.50.1-8.el9_4.x86_64.rpm 20d75564bf07825964134501d881f362b1610aa4d7045d9165f8aff4d433c68c ocaml-libguestfs-1.50.1-8.el9_4.x86_64.rpm 4729ee0a55d2fd436de6bf953e2d1eae6d254cbca88b2a0f18df3e82b873452d ocaml-libguestfs-devel-1.50.1-8.el9_4.x86_64.rpm 43e43606df7e72ef5313e38b8f75867dd1504ec71b84a5a667c65bd57b2be553 php-libguestfs-1.50.1-8.el9_4.x86_64.rpm c6ac03356ec92c76e804a72b43bc7a16306e128313f28086ca3ab4638e4ea6ba ruby-libguestfs-1.50.1-8.el9_4.x86_64.rpm 8832d055441f3dd80c65d175bfc476d96a6b4ffa7a5f7f2e494c5a42835b1003 RLBA-2024:6416 Augeas is a configuration editing tool. It parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native config files. Bug Fix(es) and Enhancement(s): * libguestfs pops up error when ?there is a trailing comma after character like nosuid in guest /etc/fstab [rhel-9.4.z] (JIRA:Rocky Linux-56992) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for augeas. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Augeas is a configuration editing tool. It parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native config files. Bug Fix(es) and Enhancement(s): * libguestfs pops up error when ?there is a trailing comma after character like nosuid in guest /etc/fstab [rhel-9.4.z] (JIRA:Rocky Linux-56992) rocky-linux-9-x86-64-crb-rpms augeas-devel-1.13.0-6.el9_4.x86_64.rpm 1f1b04bc98f153d2316816d5f95ba14ad8369bf2bf678de0ae3235d635f31b87 RLSA-2024:6529 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: using a large number of address headers may trigger a denial of service (CVE-2024-23184) * dovecot: very large headers can cause resource exhaustion when parsing message (CVE-2024-23185) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for dovecot. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: using a large number of address headers may trigger a denial of service (CVE-2024-23184) * dovecot: very large headers can cause resource exhaustion when parsing message (CVE-2024-23185) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms dovecot-devel-2.3.16-11.el9_4.1.x86_64.rpm 031146097133855d4f6fce75893dbd78aa7fd2fd19bac485c41995e5f767a134 RLBA-2024:6669 Kernel-based Virtual Machine (KVM) offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the virtualized systems. Bug Fix(es) and Enhancement(s): * Opening a vpx:// URL fails if the backing VMX file has a "*" character in any key [rhel-9.4.z] (JIRA:Rocky Linux-58676) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libvirt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Kernel-based Virtual Machine (KVM) offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the virtualized systems. Bug Fix(es) and Enhancement(s): * Opening a vpx:// URL fails if the backing VMX file has a "*" character in any key [rhel-9.4.z] (JIRA:Rocky Linux-58676) rocky-linux-9-x86-64-crb-rpms libvirt-daemon-plugin-sanlock-10.0.0-6.7.el9_4.x86_64.rpm 36771a95138ef095b910994e3f76e4a3cd10004a228184ffaeaca12510a7c4d7 libvirt-devel-10.0.0-6.7.el9_4.x86_64.rpm 33db56d47b0d41ff6893f53e653ede9fb452b1fa64159f491f201645f9bc7033 libvirt-docs-10.0.0-6.7.el9_4.x86_64.rpm 587dd5a41be4fa8d9830e13bc9de4c03488a8f06bf4c016722b8229f925a9e23 RLSA-2024:6757 Network Block Device (NBD) is a protocol for accessing Block Devices (hard disks and disk-like devices) over a Network. The libnbd is a userspace client library for writing NBD clients. Security Fix(es): * libnbd: NBD server improper certificate validation (CVE-2024-7383) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for libnbd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Network Block Device (NBD) is a protocol for accessing Block Devices (hard disks and disk-like devices) over a Network. The libnbd is a userspace client library for writing NBD clients. Security Fix(es): * libnbd: NBD server improper certificate validation (CVE-2024-7383) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms libnbd-devel-1.18.1-4.el9_4.x86_64.rpm d1d72d03d0a0f4983b1a47f7c6092a1c06dcd033242198e67f4b145e506b2836 ocaml-libnbd-1.18.1-4.el9_4.x86_64.rpm 16d86ef3daec0661f8bfbb59db8193ec96cb546e14cf0a77c713dad5df8515fc ocaml-libnbd-devel-1.18.1-4.el9_4.x86_64.rpm aa0e135e5d418ec082ab80ecf7caa650796cfdad55c6dfa2e56d44735f3b083a RLSA-2024:7346 The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System (CUPS) distribution but is now maintained independently. Security Fix(es): * cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source () * cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes (CVE-2024-47076) * cups: libppd: remote command injection via attacker controlled data in PPD file () For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for cups-filters. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System (CUPS) distribution but is now maintained independently. Security Fix(es): * cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source () * cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes (CVE-2024-47076) * cups: libppd: remote command injection via attacker controlled data in PPD file () For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms cups-filters-devel-1.28.7-17.el9_4.x86_64.rpm 5c3a06068a9c10978d1a86c6fa7cd407b3a64c63f74adfa2e0992269bc783d65 RLSA-2024:8121 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function (CVE-2023-48161) * JDK: Array indexing integer overflow (8328544) (CVE-2024-21210) * JDK: HTTP client improper handling of maxHeaderSize (8328286) (CVE-2024-21208) * JDK: Unbounded allocation leads to out-of-memory error (8331446) (CVE-2024-21217) * JDK: Integer conversion error leads to incorrect range check (8332644) (CVE-2024-21235) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for java-11-openjdk. This update affects Rocky Linux 8, Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function (CVE-2023-48161) * JDK: Array indexing integer overflow (8328544) (CVE-2024-21210) * JDK: HTTP client improper handling of maxHeaderSize (8328286) (CVE-2024-21208) * JDK: Unbounded allocation leads to out-of-memory error (8331446) (CVE-2024-21217) * JDK: Integer conversion error leads to incorrect range check (8332644) (CVE-2024-21235) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms java-11-openjdk-demo-fastdebug-11.0.25.0.9-2.el9.x86_64.rpm 785eb97b0a9586ffb561b0e2d3d06cc0a8ad98fcbe06c690d02975bad63c890a java-11-openjdk-demo-slowdebug-11.0.25.0.9-2.el9.x86_64.rpm 9c1184b6bc02cd29bf327e28616b3181db20f7dca2ffa4ab9f913256d17251e5 java-11-openjdk-devel-fastdebug-11.0.25.0.9-2.el9.x86_64.rpm 3d735c221810cae99705cb58e6d49a3780aceaffe03d47b858e75e0d452b933a java-11-openjdk-devel-slowdebug-11.0.25.0.9-2.el9.x86_64.rpm 7b18a5661e866906d026eb65ab754b90b1ec77b0aed8b6ecc1773828934dae87 java-11-openjdk-fastdebug-11.0.25.0.9-2.el9.x86_64.rpm 16fe05233cb34fd4fb3b4e919c79ed610d77ea9928cf97e66f76e6f7f34bb201 java-11-openjdk-headless-fastdebug-11.0.25.0.9-2.el9.x86_64.rpm 0c803a4bdcfc1f1a76f4b8ac765fa6d7bddfbde3715c5fbed9469c6088e239d7 java-11-openjdk-headless-slowdebug-11.0.25.0.9-2.el9.x86_64.rpm 1230f841741588b85c3ed9a2647854d1a6814aea5edac141a8c0cdb0c109d450 java-11-openjdk-jmods-fastdebug-11.0.25.0.9-2.el9.x86_64.rpm ab29cc19c4c1a9cbb1b2e0ff8dfb31c12ccc4fd2b401e06e86b585f17262956e java-11-openjdk-jmods-slowdebug-11.0.25.0.9-2.el9.x86_64.rpm dee404ad22b50766e2f1e1f86d9eb6ea94da2fc690da0743b9febd30eb94e89f java-11-openjdk-slowdebug-11.0.25.0.9-2.el9.x86_64.rpm d1622794ebaa21c7af4c207d2c1a234c9cf5f6b2f93439cc3ad2a2a62f1aaaf0 java-11-openjdk-src-fastdebug-11.0.25.0.9-2.el9.x86_64.rpm a0e44e53d387d1d74931c5c5b9f782d36740e03050c9d984d9481bded2d4f3ce java-11-openjdk-src-slowdebug-11.0.25.0.9-2.el9.x86_64.rpm b4252487aee03940b7a631e32f632f76f92c6078d659f547a4bd6765b3a273c4 java-11-openjdk-static-libs-fastdebug-11.0.25.0.9-2.el9.x86_64.rpm 56f5c2fe24fac5f68d024e586d63d4f5720133575a365d1d46742d4fb819122d java-11-openjdk-static-libs-slowdebug-11.0.25.0.9-2.el9.x86_64.rpm cbbd301d14342a3020715108f5a47ec4641bb80b24a765b846cfef1f9a37a66b RLSA-2024:8127 The OpenJDK 21 runtime environment. Security Fix(es): * giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function (CVE-2023-48161) * JDK: Array indexing integer overflow (8328544) (CVE-2024-21210) * JDK: HTTP client improper handling of maxHeaderSize (8328286) (CVE-2024-21208) * JDK: Unbounded allocation leads to out-of-memory error (8331446) (CVE-2024-21217) * JDK: Integer conversion error leads to incorrect range check (8332644) (CVE-2024-21235) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for java-21-openjdk. This update affects Rocky Linux 8, Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The OpenJDK 21 runtime environment. Security Fix(es): * giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function (CVE-2023-48161) * JDK: Array indexing integer overflow (8328544) (CVE-2024-21210) * JDK: HTTP client improper handling of maxHeaderSize (8328286) (CVE-2024-21208) * JDK: Unbounded allocation leads to out-of-memory error (8331446) (CVE-2024-21217) * JDK: Integer conversion error leads to incorrect range check (8332644) (CVE-2024-21235) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms java-21-openjdk-demo-fastdebug-21.0.5.0.10-3.el9.x86_64.rpm 20f42b676cb09cb35564de7604d0b6d21e59ddf57fb504a32f56406fec35056e java-21-openjdk-demo-slowdebug-21.0.5.0.10-3.el9.x86_64.rpm 6a44c5f2f629f4c987bc23932e7ab403a92969dd82db3a1247a57985d8c5af5b java-21-openjdk-devel-fastdebug-21.0.5.0.10-3.el9.x86_64.rpm b2ff7a761c9d9ea26d73d344de4925be6281d84492f2ecd7b86c85540e67a67f java-21-openjdk-devel-slowdebug-21.0.5.0.10-3.el9.x86_64.rpm 668578dbcbbc15a742e7c566537d1d945efc2bff104a684191d671ff69d39e35 java-21-openjdk-fastdebug-21.0.5.0.10-3.el9.x86_64.rpm 1f576b5e8e5aa581ea89d5542d4549a0e35d432ff9bac15a0335e64f87fcf343 java-21-openjdk-headless-fastdebug-21.0.5.0.10-3.el9.x86_64.rpm 77094d429e2b7a8bcfe8a9463039ddc452a86c4913c61a381cab3dab23c1af26 java-21-openjdk-headless-slowdebug-21.0.5.0.10-3.el9.x86_64.rpm 24a8c841c64737c30b4e4cfb0947e62f259310dea3f54bb73b226b0345589341 java-21-openjdk-jmods-fastdebug-21.0.5.0.10-3.el9.x86_64.rpm 2b59c45b553283b76114b9ea1fee936878592b94f3dd28f2a7372bbd6b4bb142 java-21-openjdk-jmods-slowdebug-21.0.5.0.10-3.el9.x86_64.rpm 41a7a0cbbae9a4b4ab671002beafee55ccf4ecdace4debe16b0399c265c0fc3d java-21-openjdk-slowdebug-21.0.5.0.10-3.el9.x86_64.rpm 5de00bd8a6f72471738bee597ef14c9a4cbcd6de78280a6466200ed0fa3fff56 java-21-openjdk-src-fastdebug-21.0.5.0.10-3.el9.x86_64.rpm 1d8527c85be98f3525459552e15ecb62f564f7d34118b28bea7367e28e414cc5 java-21-openjdk-src-slowdebug-21.0.5.0.10-3.el9.x86_64.rpm a9c964d28dfa1ed3f38d0b5bb63e00bf6999b841e57861ec38a68550ecc38057 java-21-openjdk-static-libs-fastdebug-21.0.5.0.10-3.el9.x86_64.rpm 9a95c74a4b7416234cd825eabd22f18e1a94da111271e1590b8c3207d3a5cf49 java-21-openjdk-static-libs-slowdebug-21.0.5.0.10-3.el9.x86_64.rpm 0922d1360f97b5d9e927950ea6d5cffdea37b481a3dd7892782a36d3505908b2 RLSA-2024:8124 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function (CVE-2023-48161) * JDK: Array indexing integer overflow (8328544) (CVE-2024-21210) * JDK: HTTP client improper handling of maxHeaderSize (8328286) (CVE-2024-21208) * JDK: Unbounded allocation leads to out-of-memory error (8331446) (CVE-2024-21217) * JDK: Integer conversion error leads to incorrect range check (8332644) (CVE-2024-21235) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for java-17-openjdk. This update affects Rocky Linux 8, Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function (CVE-2023-48161) * JDK: Array indexing integer overflow (8328544) (CVE-2024-21210) * JDK: HTTP client improper handling of maxHeaderSize (8328286) (CVE-2024-21208) * JDK: Unbounded allocation leads to out-of-memory error (8331446) (CVE-2024-21217) * JDK: Integer conversion error leads to incorrect range check (8332644) (CVE-2024-21235) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms java-17-openjdk-demo-fastdebug-17.0.13.0.11-3.el9.x86_64.rpm a83606614452c411351a4f71978ed4b01d09623cf77060a57268fb1f29dce887 java-17-openjdk-demo-slowdebug-17.0.13.0.11-3.el9.x86_64.rpm 2a2d596895667f4eb5d5d9c1070bb64b830b63251c2119c1ce6277bb9c13cf07 java-17-openjdk-devel-fastdebug-17.0.13.0.11-3.el9.x86_64.rpm 7f7c20d3f1980e62a376650f0e3d8fcccefbc9d50002f446640d27d9da7a514a java-17-openjdk-devel-slowdebug-17.0.13.0.11-3.el9.x86_64.rpm 1d1fc9e4defc907325d90d934f8aab87169ee786867f3106557a66885c139cbc java-17-openjdk-fastdebug-17.0.13.0.11-3.el9.x86_64.rpm ac6b7d6ba40603b62f36a4e92b0e78a16ad559be7db1656ddaccd0ddd82e1e6b java-17-openjdk-headless-fastdebug-17.0.13.0.11-3.el9.x86_64.rpm a0084fad4f25b017349761aa6d81467ddbd10897c6e7dc38b708496b96a28548 java-17-openjdk-headless-slowdebug-17.0.13.0.11-3.el9.x86_64.rpm 62e40a11aba8e79f03029b27dfd9fd8b86e51e3c43a4fed3dbd89410fb45d7fd java-17-openjdk-jmods-fastdebug-17.0.13.0.11-3.el9.x86_64.rpm dc1e42e8392b4b0d81d51df97860646db8cf21aad31f537a8bfd4e0867c3a21d java-17-openjdk-jmods-slowdebug-17.0.13.0.11-3.el9.x86_64.rpm 6b0b773bdb6d183fe6494605e37e1743904922528accab03a2a6caf340724475 java-17-openjdk-slowdebug-17.0.13.0.11-3.el9.x86_64.rpm 9f2bf0c0193ad10f31a0a99e819e7b965fe54c94dcfcbdc31a7b8adb35941044 java-17-openjdk-src-fastdebug-17.0.13.0.11-3.el9.x86_64.rpm 2c129c11f46bd26cb12631ceae8c4d012a35bcc2a97de2b5d9abeb2b64737b02 java-17-openjdk-src-slowdebug-17.0.13.0.11-3.el9.x86_64.rpm e46799f591ae66d66226764c3da8b9cd7814498eabdad905e141fff497f577a4 java-17-openjdk-static-libs-fastdebug-17.0.13.0.11-3.el9.x86_64.rpm 76ddfa957d38c49a773de39f6a55bd47b6c9febb0e253be01937bc2702dcc3cd java-17-openjdk-static-libs-slowdebug-17.0.13.0.11-3.el9.x86_64.rpm 0164625565977a4673d600f40f4abbfc123714720aa1f2395969db17ab7aa246 RLSA-2024:8117 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function (CVE-2023-48161) * JDK: Array indexing integer overflow (8328544) (CVE-2024-21210) * JDK: HTTP client improper handling of maxHeaderSize (8328286) (CVE-2024-21208) * JDK: Unbounded allocation leads to out-of-memory error (8331446) (CVE-2024-21217) * JDK: Integer conversion error leads to incorrect range check (8332644) (CVE-2024-21235) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8, Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function (CVE-2023-48161) * JDK: Array indexing integer overflow (8328544) (CVE-2024-21210) * JDK: HTTP client improper handling of maxHeaderSize (8328286) (CVE-2024-21208) * JDK: Unbounded allocation leads to out-of-memory error (8331446) (CVE-2024-21217) * JDK: Integer conversion error leads to incorrect range check (8332644) (CVE-2024-21235) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms java-1.8.0-openjdk-demo-fastdebug-1.8.0.432.b06-2.el9.x86_64.rpm 0ba096f2a6965295630ebfe7959d83a6a4e878e012ee13698bfe65b6397748a4 java-1.8.0-openjdk-demo-slowdebug-1.8.0.432.b06-2.el9.x86_64.rpm 7922e8ebb0677868fabc9e79c742af8294ef1a89ec1fe11477b9737c1891599c java-1.8.0-openjdk-devel-fastdebug-1.8.0.432.b06-2.el9.x86_64.rpm 9d61d82816064213056de9de914b2f807e20e43d05b5baa74558054ce54cf9d1 java-1.8.0-openjdk-devel-slowdebug-1.8.0.432.b06-2.el9.x86_64.rpm 3aa6dacb51d11c4d52cf4e61f079b07f2348255f8c77756e527e6861fc40b4c3 java-1.8.0-openjdk-fastdebug-1.8.0.432.b06-2.el9.x86_64.rpm a682f7f5772c8d1da026014da6161f6a28c833accfcb52e87505bd5a6cab8624 java-1.8.0-openjdk-headless-fastdebug-1.8.0.432.b06-2.el9.x86_64.rpm ec3fa98b9f08e6f0850116e36b976bf87770c71dab6c8256d9f74835f31b0739 java-1.8.0-openjdk-headless-slowdebug-1.8.0.432.b06-2.el9.x86_64.rpm c665673f5515fc31c1c6b8684528819fded241e96d2168ec6abd35640102dc36 java-1.8.0-openjdk-slowdebug-1.8.0.432.b06-2.el9.x86_64.rpm 87b6f06e51215b3becfb2b87cb1790e13d1a405acabfe85e317528ae3ecde4ef java-1.8.0-openjdk-src-fastdebug-1.8.0.432.b06-2.el9.x86_64.rpm b199ae359009dff4eceb73824983cefc398afa5adf52493dbc3b1beb376debb4 java-1.8.0-openjdk-src-slowdebug-1.8.0.432.b06-2.el9.x86_64.rpm 2dc25eba277a8c24dda463665f931241a8849d350a0f7796434b4e26ca0810c3 RLSA-2024:8162 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746) * kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow (CVE-2024-27403) * kernel: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (CVE-2023-52658) * kernel: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (CVE-2024-35989) * kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385) * kernel: mptcp: ensure snd_nxt is properly initialized on connect (CVE-2024-36889) * kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (CVE-2024-36978) * kernel: net/mlx5: Add a timeout to acquire the command queue semaphore (CVE-2024-38556) * kernel: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (CVE-2024-39483) * kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502) * kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (CVE-2024-40959) * kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079) * kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272) * kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746) * kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow (CVE-2024-27403) * kernel: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (CVE-2023-52658) * kernel: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (CVE-2024-35989) * kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385) * kernel: mptcp: ensure snd_nxt is properly initialized on connect (CVE-2024-36889) * kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (CVE-2024-36978) * kernel: net/mlx5: Add a timeout to acquire the command queue semaphore (CVE-2024-38556) * kernel: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (CVE-2024-39483) * kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502) * kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (CVE-2024-40959) * kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079) * kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272) * kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms kernel-cross-headers-5.14.0-427.40.1.el9_4.x86_64.rpm cb817fc9d86d4a76f667017b3df13d629a2ab6c56e0dbfc9b194dad03eb70962 kernel-tools-libs-devel-5.14.0-427.40.1.el9_4.x86_64.rpm fc0bb6dc822744bdd7b47a6c9163e6d55d1d67892404f94431fc18b0f8fc72de libperf-5.14.0-427.40.1.el9_4.x86_64.rpm 1fee6e4c4bb811b36bdfdc7d10873a4e407b5a1eef218c4f01dded300d1e27d9 RLBA-2024:7448 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Bug Fix(es) and Enhancement(s): * glibc: Previously used TLS sometimes incorrectly reverted to initial state after dlopen [rhel-9.4.z] (JIRA:Rocky Linux-46763) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for glibc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Bug Fix(es) and Enhancement(s): * glibc: Previously used TLS sometimes incorrectly reverted to initial state after dlopen [rhel-9.4.z] (JIRA:Rocky Linux-46763) rocky-linux-9-x86-64-crb-rpms glibc-benchtests-2.34-100.el9_4.4.x86_64.rpm fdf16f684abbcea8e6250303885a990c031fc02ed69762265b8f088369f48c02 glibc-nss-devel-2.34-100.el9_4.4.x86_64.rpm c3ef2d77cb88b4451699110d9e86cf351223f42fe09261ead4f3f2d54cb065d2 glibc-static-2.34-100.el9_4.4.x86_64.rpm 147ee87a329bc9c4405724f6222f289cd119fb168e4429f7f154d652403bb2b3 nss_db-2.34-100.el9_4.4.x86_64.rpm 655ff9166cf95986f30f1438ad71bba6d730e8292c8eeccf31c2bdf471b0b51a nss_hesiod-2.34-100.el9_4.4.x86_64.rpm 1451ac94a981a4dede2437b9f623b2d200e8b867c56a3da90420ce744dabf88e RLSA-2024:8446 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: cpython: tarfile: ReDos via excessive backtracking while parsing header values (CVE-2024-6232) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for python3.9. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: cpython: tarfile: ReDos via excessive backtracking while parsing header values (CVE-2024-6232) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms python3-debug-3.9.18-3.el9_4.6.x86_64.rpm c99a474d33cc6b67c761b3f59196c65dd654306a18e1c7a8660d03c142794013 python3-idle-3.9.18-3.el9_4.6.x86_64.rpm 93633d29da07b6798d8e089917c38fc2c41f94f148f2277cd387bb4d86602b95 python3-test-3.9.18-3.el9_4.6.x86_64.rpm d6882f4ea400c4073040d102825d97b9d8a627f4d75b783aa10ad3463b9ae4c8 RLSA-2024:7867 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.135 and .NET Runtime 6.0.35. Security Fix(es): * dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList (CVE-2024-43484) * dotnet: Denial of Service in System.Text.Json (CVE-2024-43485) * dotnet: Multiple .NET components susceptible to hash flooding (CVE-2024-43483) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Security Fix(es): * dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList (CVE-2024-43484) * dotnet: Multiple .NET components susceptible to hash flooding (CVE-2024-43483) * dotnet: Denial of Service in System.Text.Json (CVE-2024-43485) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for dotnet6.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.135 and .NET Runtime 6.0.35. Security Fix(es): * dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList (CVE-2024-43484) * dotnet: Denial of Service in System.Text.Json (CVE-2024-43485) * dotnet: Multiple .NET components susceptible to hash flooding (CVE-2024-43483) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Security Fix(es): * dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList (CVE-2024-43484) * dotnet: Multiple .NET components susceptible to hash flooding (CVE-2024-43483) * dotnet: Denial of Service in System.Text.Json (CVE-2024-43485) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms dotnet-sdk-6.0-source-built-artifacts-6.0.135-1.el9_4.x86_64.rpm c6bcd82e2614d197229ff5d973f7d38943875be00e671ac556dbc655f0c06b23 RLSA-2024:7869 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.110 and .NET Runtime 8.0.10. Security Fix(es): * dotnet: kestrel: closing an HTTP/3 stream can cause a race condition and lead to remote code execution (CVE-2024-38229) * dotnet: Multiple .NET components susceptible to hash flooding (CVE-2024-43483) * dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList (CVE-2024-43484) * dotnet: Denial of Service in System.Text.Json (CVE-2024-43485) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Security Fix(es): * dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList (CVE-2024-43484) * dotnet: Multiple .NET components susceptible to hash flooding (CVE-2024-43483) * dotnet: Denial of Service in System.Text.Json (CVE-2024-43485) * dotnet: kestrel: closing an HTTP/3 stream can cause a race condition and lead to remote code execution (CVE-2024-38229) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for dotnet8.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.110 and .NET Runtime 8.0.10. Security Fix(es): * dotnet: kestrel: closing an HTTP/3 stream can cause a race condition and lead to remote code execution (CVE-2024-38229) * dotnet: Multiple .NET components susceptible to hash flooding (CVE-2024-43483) * dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList (CVE-2024-43484) * dotnet: Denial of Service in System.Text.Json (CVE-2024-43485) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Security Fix(es): * dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList (CVE-2024-43484) * dotnet: Multiple .NET components susceptible to hash flooding (CVE-2024-43483) * dotnet: Denial of Service in System.Text.Json (CVE-2024-43485) * dotnet: kestrel: closing an HTTP/3 stream can cause a race condition and lead to remote code execution (CVE-2024-38229) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms dotnet-sdk-8.0-source-built-artifacts-8.0.110-1.el9_4.x86_64.rpm c0eeb53b6f8f95ee57ac60ddcbc58817eefa2dcac1858a12161f89c0fde39da4 RLSA-2024:8037 The OpenIPMI packages provide command-line tools and utilities to access platform information using Intelligent Platform Management Interface (IPMI). System administrators can use OpenIPMI to manage systems and to perform system health monitoring. Security Fix(es): * openipmi: missing check on the authorization type on incoming LAN messages in IPMI simulator (CVE-2024-42934) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for OpenIPMI. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The OpenIPMI packages provide command-line tools and utilities to access platform information using Intelligent Platform Management Interface (IPMI). System administrators can use OpenIPMI to manage systems and to perform system health monitoring. Security Fix(es): * openipmi: missing check on the authorization type on incoming LAN messages in IPMI simulator (CVE-2024-42934) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms OpenIPMI-devel-2.0.32-5.el9_4.x86_64.rpm 04adb2a93b02b19cb96ba72451d849589e0f96188fc94bc2135ad62793cfbf3b RLSA-2024:8374 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: cpython: tarfile: ReDos via excessive backtracking while parsing header values (CVE-2024-6232) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for python3.11. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: cpython: tarfile: ReDos via excessive backtracking while parsing header values (CVE-2024-6232) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms python3.11-debug-3.11.7-1.el9_4.6.x86_64.rpm e5eb79437ec641deeb00501fb5f40de9dc1701b0382cb9922c1d31e605dd5e4c python3.11-idle-3.11.7-1.el9_4.6.x86_64.rpm 2afb8ef582fa32fbf491f6292ec03ac79097df834dd6170d81deb7eb51ff3a91 python3.11-test-3.11.7-1.el9_4.6.x86_64.rpm b2f1f154f3aef363f41d2e2eb4a9879a1cd60c49c2e8795207439b0a0f796306 RLSA-2024:8447 Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3.12-libs package, which should be installed automatically along with python3.12. The remaining parts of the Python standard library are broken out into the python3.12-tkinter and python3.12-test packages, which may need to be installed separately. Documentation for Python is provided in the python3.12-docs package. Packages containing additional libraries for Python are generally named with the "python3.12-" prefix. Security Fix(es): * python: cpython: tarfile: ReDos via excessive backtracking while parsing header values (CVE-2024-6232) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for python3.12. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3.12-libs package, which should be installed automatically along with python3.12. The remaining parts of the Python standard library are broken out into the python3.12-tkinter and python3.12-test packages, which may need to be installed separately. Documentation for Python is provided in the python3.12-docs package. Packages containing additional libraries for Python are generally named with the "python3.12-" prefix. Security Fix(es): * python: cpython: tarfile: ReDos via excessive backtracking while parsing header values (CVE-2024-6232) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms python3.12-debug-3.12.1-4.el9_4.4.x86_64.rpm b463f06f49b01d53aa6880f441aab6663949cbcc7744c359fc367a4d6f30f8cf python3.12-idle-3.12.1-4.el9_4.4.x86_64.rpm 351d13b57341dccd1fcf525f68cfb65501a6fbdea5ae59f6f5facf5910008e49 python3.12-test-3.12.1-4.el9_4.4.x86_64.rpm 0933077853f4c5c33abd999c56c77ea4c9fda9f3d4764c61fef7946ec63452db RLSA-2024:8617 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * hw: cpu: intel: Native Branch History Injection (BHI) (CVE-2024-2201) * kernel: tcp: add sanity checks to rx zerocopy (CVE-2024-26640) * kernel: mptcp: fix data re-injection from stale subflow (CVE-2024-26826) * kernel: af_unix: Fix garbage collector racing against connect() (CVE-2024-26923) * kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del (CVE-2024-26961) * kernel: scsi: core: Fix unremoved procfs host directory regression (CVE-2024-26935) * kernel: tty: Fix out-of-bound vmalloc access in imageblit (CVE-2021-47383) * kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244) * kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472) * kernel: netfilter: nft_inner: validate mandatory meta and payload (CVE-2024-39504) * kernel: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (CVE-2024-40904) * kernel: mptcp: ensure snd_una is properly initialized on connect (CVE-2024-40931) * kernel: ipv6: prevent possible NULL dereference in rt6_probe() (CVE-2024-40960) * kernel: ext4: do not create EA inode under buffer lock (CVE-2024-40972) * kernel: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (CVE-2024-40977) * kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995) * kernel: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (CVE-2024-40998) * kernel: netpoll: Fix race condition in netpoll_owner_active (CVE-2024-41005) * kernel: xfs: don't walk off the end of a directory data block (CVE-2024-41013) * kernel: xfs: add bounds checking to xlog_recover_process_data (CVE-2024-41014) * kernel: block: initialize integrity buffer to zero before writing it to media (CVE-2024-43854) * kernel: netfilter: flowtable: initialise extack before use (CVE-2024-45018) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * hw: cpu: intel: Native Branch History Injection (BHI) (CVE-2024-2201) * kernel: tcp: add sanity checks to rx zerocopy (CVE-2024-26640) * kernel: mptcp: fix data re-injection from stale subflow (CVE-2024-26826) * kernel: af_unix: Fix garbage collector racing against connect() (CVE-2024-26923) * kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del (CVE-2024-26961) * kernel: scsi: core: Fix unremoved procfs host directory regression (CVE-2024-26935) * kernel: tty: Fix out-of-bound vmalloc access in imageblit (CVE-2021-47383) * kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244) * kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472) * kernel: netfilter: nft_inner: validate mandatory meta and payload (CVE-2024-39504) * kernel: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (CVE-2024-40904) * kernel: mptcp: ensure snd_una is properly initialized on connect (CVE-2024-40931) * kernel: ipv6: prevent possible NULL dereference in rt6_probe() (CVE-2024-40960) * kernel: ext4: do not create EA inode under buffer lock (CVE-2024-40972) * kernel: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (CVE-2024-40977) * kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995) * kernel: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (CVE-2024-40998) * kernel: netpoll: Fix race condition in netpoll_owner_active (CVE-2024-41005) * kernel: xfs: don't walk off the end of a directory data block (CVE-2024-41013) * kernel: xfs: add bounds checking to xlog_recover_process_data (CVE-2024-41014) * kernel: block: initialize integrity buffer to zero before writing it to media (CVE-2024-43854) * kernel: netfilter: flowtable: initialise extack before use (CVE-2024-45018) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms kernel-cross-headers-5.14.0-427.42.1.el9_4.x86_64.rpm 0ed5f3b179fe269936132ea67583718fa49a975844c4ebb07c8b8ec1abf37584 kernel-tools-libs-devel-5.14.0-427.42.1.el9_4.x86_64.rpm e18a5dab5f51570729d33685002b917a22da341e8997a9a2507af8c927a6c4bd libperf-5.14.0-427.42.1.el9_4.x86_64.rpm 59ad61fdcada14b303b5c0f053646b6d7e7cd46215e8941ecb023584e24b0a0a RLSA-2024:8800 OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fix(es): * OpenEXR: Heap Overflow in Scanline Deep Data Parsing (CVE-2023-5841) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for openexr. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fix(es): * OpenEXR: Heap Overflow in Scanline Deep Data Parsing (CVE-2023-5841) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms openexr-devel-3.1.1-2.el9_4.1.x86_64.rpm 24df63cdf8cb4eed08f4f4fe0e7f2877152e078a9be46d635ff45511b30edfe0 RLSA-2024:8914 The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: NULL pointer dereference in tif_dirinfo.c (CVE-2024-7006) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for libtiff. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: NULL pointer dereference in tif_dirinfo.c (CVE-2024-7006) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms libtiff-tools-4.4.0-12.el9_4.1.x86_64.rpm 9c523640fda05a95b8bb86e34dc7da3d95b553a40da519e5e41b43053831accd RLSA-2024:8935 EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * openssl: Possible denial of service in X.509 name checks (CVE-2024-6119) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for edk2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * openssl: Possible denial of service in X.509 name checks (CVE-2024-6119) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms edk2-aarch64-20231122-6.el9_4.4.noarch.rpm 5716082e60f11bdb5afb834aa9e7a69545546758a50e3f5de497ff21124083c9 edk2-tools-20231122-6.el9_4.4.x86_64.rpm a98cb73f191386758c8ea7b677a1f6a98f4d24ee219d2f6940baa6e6b7317432 edk2-tools-doc-20231122-6.el9_4.4.noarch.rpm 4f0b359eaaec46670c1e9cdfe3d831a1027e7d0e14290fe07e49339de2ee9a91 RLBA-2024:9106 QATzip is a user space library which builds on top of the Intel QuickAssist Technology user space library, to provide extended accelerated compression and decompression services by offloading the actual compression and decompression request(s) to the Intel Chipset Series. QATzip produces data using the standard gzip* format (RFC1952) with extended headers. The data can be decompressed with a compliant gzip* implementation. QATzip is designed to take full advantage of the performance provided by Intel QuickAssist Technology. Bug Fix(es) and Enhancement(s): * [Intel 9.5 FEAT] [SPR][EMR][SRF][GNR] Update QATzip (JIRA:Rocky Linux-20180) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for qatzip. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

QATzip is a user space library which builds on top of the Intel QuickAssist Technology user space library, to provide extended accelerated compression and decompression services by offloading the actual compression and decompression request(s) to the Intel Chipset Series. QATzip produces data using the standard gzip* format (RFC1952) with extended headers. The data can be decompressed with a compliant gzip* implementation. QATzip is designed to take full advantage of the performance provided by Intel QuickAssist Technology. Bug Fix(es) and Enhancement(s): * [Intel 9.5 FEAT] [SPR][EMR][SRF][GNR] Update QATzip (JIRA:Rocky Linux-20180) rocky-linux-9-x86-64-crb-rpms qatzip-devel-1.2.0-1.el9_4.x86_64.rpm 069359fa34180ae4d0b11cb93201173b11d05c0f394515eef8832d45c65191a1 RLBA-2024:9107 Intel QuickAssist Technology (Intel QAT) provides hardware acceleration for offloading security, authentication and compression services from the CPU, thus significantly increasing the performance and efficiency of standard platform solutions. Its services include symmetric encryption and authentication, asymmetric encryption, digital signatures, RSA, DH and ECC, and lossless data compression. This package provides user space libraries that allow access to Intel QuickAssist devices and expose the Intel QuickAssist APIs. Bug Fix(es) and Enhancement(s): * [Intel 9.5 FEAT] [SPR][EMR] qatlib: Add RAS/HB/VFF features (JIRA:Rocky Linux-20174) Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for qatlib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Intel QuickAssist Technology (Intel QAT) provides hardware acceleration for offloading security, authentication and compression services from the CPU, thus significantly increasing the performance and efficiency of standard platform solutions. Its services include symmetric encryption and authentication, asymmetric encryption, digital signatures, RSA, DH and ECC, and lossless data compression. This package provides user space libraries that allow access to Intel QuickAssist devices and expose the Intel QuickAssist APIs. Bug Fix(es) and Enhancement(s): * [Intel 9.5 FEAT] [SPR][EMR] qatlib: Add RAS/HB/VFF features (JIRA:Rocky Linux-20174) rocky-linux-9-x86-64-crb-rpms qatlib-devel-24.02.0-1.el9_4.x86_64.rpm 3085c58f7dd34364b24fc2b4ef8c4a9431903b20e7314d150faf9ce3cc33ccb8 qatlib-tests-24.02.0-1.el9_4.x86_64.rpm 654b6dbca5163c3f8f2747dee73463a8edf1b8de2c8b6c2cb2ab84a4ae7dd30b RLBA-2024:9138 For detailed information on changes in this release, see the Rocky Linux 9.5 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libappstream-glib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.5 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libappstream-glib-devel-0.7.18-5.el9_4.x86_64.rpm 9ed67d40ee3ee09aa29f519e5e383709ff1827a1f116dfcf5b81e8b10349c4ab RLBA-2024:9230 For detailed information on changes in this release, see the Rocky Linux 9.5 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for qt5-qtbase. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.5 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms qt5-qtbase-static-5.15.9-10.el9_4.x86_64.rpm 1353a6fc473272052f6dda5b0527ce8b52fafb8c7aad3245e042f568a015918f RLBA-2024:9270 For detailed information on changes in this release, see the Rocky Linux 9.5 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for libblkio. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.5 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms libblkio-devel-1.5.0-1.el9_4.x86_64.rpm 9ae10835341e19fa5b3a3cfcfa5ea2cb3afd7d40f2dc528757ab1f0d383b494f RLBA-2024:9279 For detailed information on changes in this release, see the Rocky Linux 9.5 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for augeas. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.5 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms augeas-devel-1.13.0-6.el9_4.x86_64.rpm 1f1b04bc98f153d2316816d5f95ba14ad8369bf2bf678de0ae3235d635f31b87 RLBA-2024:9284 For detailed information on changes in this release, see the Rocky Linux 9.5 Release Notes linked from the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for postgresql. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.5 Release Notes linked from the References section. rocky-linux-9-x86-64-crb-rpms postgresql-docs-13.16-1.el9_4.x86_64.rpm 0f2bc95d3eb8dbca088ed8bd2c3092a05ae8868fff924c43d0b7b5d1d7f4ef87 postgresql-private-devel-13.16-1.el9_4.x86_64.rpm 42847abe3355664279449c35303b490a66520bc695c1612250fa43fa9e02cba8 postgresql-server-devel-13.16-1.el9_4.x86_64.rpm e3a65ee6624c34811fa2f20ce1c12d9d380fd35d1fa6b44e082a2079088caf2c postgresql-static-13.16-1.el9_4.x86_64.rpm a5e2696bd389b8efccbd3db6295774576edcf0b0f19431ee19ce1961ef1785e3 postgresql-test-13.16-1.el9_4.x86_64.rpm ef40f555db606623affdd2bd00bcdbe4ff4a0ee55ccd99996f5c3404bee8e970 postgresql-upgrade-devel-13.16-1.el9_4.x86_64.rpm a00382e5d8d10f5abcbd569012a9cf0bbbc00ec70eb40992e872481c357404cc RLSA-2024:9449 Bubblewrap (/usr/bin/bwrap) is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces. Security Fix(es): * flatpak: Access to files outside sandbox for apps using persistent= (--persist) (CVE-2024-42472) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for flatpak. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Bubblewrap (/usr/bin/bwrap) is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces. Security Fix(es): * flatpak: Access to files outside sandbox for apps using persistent= (--persist) (CVE-2024-42472) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms flatpak-devel-1.12.9-3.el9_4.x86_64.rpm f7277a901eed1c49e5c71f7bdc71ddd68dbd8be553e809f8ce58a3edc3ea4447 RLSA-2024:9548 OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fix(es): * OpenEXR: Heap Overflow in Scanline Deep Data Parsing (CVE-2023-5841) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2025 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for openexr. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fix(es): * OpenEXR: Heap Overflow in Scanline Deep Data Parsing (CVE-2023-5841) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-crb-rpms openexr-devel-3.1.1-2.el9_4.1.x86_64.rpm 24df63cdf8cb4eed08f4f4fe0e7f2877152e078a9be46d635ff45511b30edfe0