506 matches found
gstreamer1-plugins-base security update
1.16.1-3.0.1 - Update origin URL Orabug: 36209826 1.16.1-3 - CVE-2023-37328 gstreamer1-plugins-base: heap overwrite in subtitle parsing - Resolves: RHEL-19472...
exempi security update
2.4.5-4 - Fix CVE-2020-18652 - Resolves: RHEL-5416 2.4.5-3 - Fix CVE-2020-18651 - Resolves: RHEL-5415...
CVE-2024-36004
In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQMEMRECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e and the i40iw driver are loaded, a warning in checkflushdependency is being triggered. This seems to be...
CVE-2023-52662
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: fix a memleak in vmwgmridmangetnode When idaallocmax fails, resources allocated before should be freed, including res allocated by kmalloc and ttmresourceinit...
buildah bug fix update
1.33.7-1.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.33.7-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/b95e962 - Resolves: RHEL-28230...
CVE-2023-38709 affecting package httpd for versions less than 2.4.59-1
CVE-2023-38709 affecting package httpd for versions less than 2.4.59-1. An upgraded version of the package is available that resolves this issue...
golang security update
1.20.12-4 - Rebuild for z-stream - Related: RHEL-28939 1.20.12-3 - Fix CVE-2023-45288 - Resolves: RHEL-28939 - Temporarily disable FIPS tests RHELBLD-14822...
java-17-openjdk security update
17.0.11.0.9-2.0.1 - Add Oracle vendor bug URL 1:17.0.11.0.9-2 - Update to jdk-17.0.11+9 GA - Add openjdk-17.0.11+9.tar.xz to .gitignore - Sync java-17-openjdk-portable.specfile from openjdk-portable-rhel-8 - Update buildver from 7 to 9 - Update portablerelease from 1 to 3 - Change isga from 0 to ...
[SECURITY] Fedora 40 Update: c-ares-1.28.1-1.fc40
c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...
[SECURITY] Fedora 39 Update: c-ares-1.28.1-1.fc39
c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...
[SECURITY] Fedora 38 Update: c-ares-1.28.1-1.fc38
c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...
CVE-2024-26699
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix array-index-out-of-bounds in dcn35clkmgr Why There is a potential memory access violation while iterating through array of dcn35 clks. How Limit iteration per array size...
expat security update
2.5.0-1.1 - CVE-2023-52425: Fix parsing of large tokens - CVE-2024-28757: Reject direct parameter entity recursion - Resolves: RHEL-29698 - Resolves: RHEL-29695...
CVE-2023-27536 affecting package cmake for versions less than 3.28.2-1
CVE-2023-27536 affecting package cmake for versions less than 3.28.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2021-47017 ath10k: Fix a use after free in ath10k_htc_send_bundle
In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix a use after free in ath10khtcsendbundle In ath10khtcsendbundle, the bundleskb could be freed by devkfreeskbanybundleskb. But the bundleskb is used later by bundleskb-len. As skblen = bundleskb-len, my patch replaces...
python-cryptography security update
36.0.1-4.0.1 - Fix CVE-2023-49083: NULL-dereference when loading PKCS7 certificates Orabug: 36119159 36.0.1-4 - Fix FTBFS caused by rsapkcs1implicitrejection OpenSSL feature, resolves rhbz2203840 36.0.1-3 - Fix CVE-2023-23931: Don't allow updateinto to mutate immutable objects, resolves rhbz21723...
gstreamer-plugins-bad-free security update
0.10.23-24 - Patch CVE-2023-44446: MXF demuxer use-after-free - Disable gtk-doc to fix the build - Resolves: RHEL-16792...
gstreamer1-plugins-bad-free security update
1.10.4-4 - Patch CVE-2023-44446: MXF demuxer use-after-free - Disable gtk-doc to fix build - Resolves: RHEL-16793...
podman security update
2:4.6.1-7.0.1 - Rebuild for following CVEs: CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 CVE-2023-29409 - Resolves: 2228743 - Resolves: 2237773 - Resolves: 2237776 - Resolves: 2237777 - Resolves: 2237778 2:4.6.1-6.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case...
runc security update
4:1.1.9-2 - Rebuild for CVEs: CVE-2023-39321 CVE-2023-39322 CVE-2023-29409 - Resolves: 2228743 - Resolves: 2237777 - Resolves: 2237778...