java-21-openjdk security update

1:21.0.11.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.11.0.10-1 - Update to jdk-21.0.11+10 GA - Update release notes to 21.0.11+10 - Update FIPS patch to feef2dc3ca7 version synced with 21.0.11+9 and adapted to JDK-8244336 - Bump freetype version to 2.14.2 following JDK-8373290...

Oracle Linux 10 : java-25-openjdk (ELSA-2025-21485)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21485 advisory. 1:25.0.1.0.8-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:25.0.1.0.8-2 - Remove superfluous backslashes that cause two alternative commands t...

java-1.8.0-openjdk security update

1:1.8.0.462.b08-1.0.1 - Update to 8u462-b08 GA Orabug: 38248370 - Update release notes for 8u462-b08. - Require tzdata 2025b due to upstream inclusion of JDK-8352716 - Add early backport of JDK-8339414 - Sync the copy of the portable specfile with the latest update - This tarball is embargoed unt...

SUSE-SU-2024:3219-1 Security update for colord

This update for colord fixes the following issues: - Fixed a potential local privilege escalation by removing the script in the specfile which changes the ownership of /var/lib/colord. bsc1208056...

PT-2024-41009 · Colord · Colord

Name of the Vulnerable Software and Affected Versions: colord affected versions not specified Description: The issue is related to a potential local privilege escalation. This could be exploited by removing the script in the specfile which changes the ownership of /var/lib/colord. Recommendations...

java-17-openjdk security update

1:17.0.12.0.7-2.0.1 - Add Oracle vendor bug URL 1:17.0.12.0.7-2 - Update to jdk-17.0.12+7 GA - Update .gitignore to ignore openjdk-17.0.12+7.tar.xz - Sync java-17-openjdk-portable.specfile - Set buildver to 7 - Set portablerelease 1 - Set isga to 1 - Update sources to openjdk-17.0.12+7.tar.xz -...

Oracle Linux 8 : libtiff (ELSA-2024-3059)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3059 advisory. - Fix CVE-2022-3599 CVE-2022-4645 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...

java-21-openjdk security update

1:21.0.3.0.9-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.3.0.9-1 - Update to jdk-21.0.3+9 GA - Update release notes to 21.0.3+9 - Switch to GA mode. - Sync the copy of the portable specfile with the latest update - This tarball is embargoed until 2024-04-16 @ 1pm PT. - Resolves:...

java-21-openjdk security and bug fix update

1:21.0.1.0.12-2.0.1 - Add Oracle vendor bug URL 1:21.0.1.0.12-2 - Switch to using portable binaries built on RHEL 7 - Sync the copy of the portable specfile with the RHEL 7 version - Related: RHEL-12997 1:21.0.1.0.12-1 - Update to jdk-21.0.1.0+12 GA - Update release notes to 21.0.1.0+12 - Sync th...

java-21-openjdk security and bug fix update

1:21.0.1.0.12-2.0.1 - Add Oracle vendor bug URL 1:21.0.1.0.12-2 - Switch to using portable binaries built on RHEL 7 - Sync the copy of the portable specfile with the RHEL 7 version - Related: RHEL-12997 1:21.0.1.0.12-1 - Update to jdk-21.0.1.0+12 GA - Update release notes to 21.0.1.0+12 - Sync th...

spacewalk-admin security update

2.10.1-1.0.1 - Fix for CVE-2021-40348 Orabug: 33531467 2.10.1-1 - copy cert file instead of linking 2.8.4-1 - remove install/clean section initial cleanup - removed Group from specfile - removed BuildRoot from specfiles 2.8.3-1 - 1524221 - ship systemd target on RHEL 7 too 2.8.2-1 - don't use...

golang security update

1.17.13-1.0.1 - golang-1.17.13 release - Update tarball and version number in specfile - Reviewed-by: Jose E. Marchesi 1.17.12-1.0.1 - golang-1.17.12-1 release - Update tarball and version number in specfile - Reviewed-by: Indu Bhagat 1.17.11-1.0.1 - golang-1.17.11-1 package initial release - Add...

vim security update

8.0.1763-16.0.1 - - Remove upstream references Orabug: 31197557 2:8.0.1763-16.12 - CVE-2022-0361 vim: Heap-based Buffer Overflow in GitHub repository 2:8.0.1763-16.11 - CVE-2022-0413 vim: use after free in src/excmds.c - Fix specfile problems - Resolves: rhbz2048525 2:8.0.1763-16.10 - CVE-2022-04...

jquery-ui security update

1.10.4.custom-4.0.1 - Backport jQuery CVE-2020-11022 and CVE-2020-11023 fixes to bundled jQuery v1.10.2 Orabug: 33869588 1.10.4.custom-4 - removed %%defattr from specfile - removed Group from specfile - removed BuildRoot from specfiles Tue May 10 2016 Grant Gainey 1.10.4.custom-3 - jquery-ui: bui...

libreoffice security and bug fix update

1:5.3.6.1-24.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.3.6.1-24 - Resolves: rhbz1728763 bg of blocks is black 1:5.3.6.1-23 - Resolves: rhbz1601372 libreoffice fails to build with...

java-1.7.0-openjdk security update

1:1.7.0.241-2.6.20.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.241-2.6.20.0 - Bump to 2.6.20 and OpenJDK 7u241-b01. - Drop PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Drop JDK-8226318/RH1738637 which is now included upstream. - Resolves: rhbz1753423...

Fedora 25 : 3:mariadb (2017-801e01d1ed)

Important change : - Most of the utilities were move to the new sub-package 'server-utils' Other enhancements: see changelog - CVE fixes, SPECfile fixes, patches revision, tests blacklist revisions - Preparation and testing of the Cracklib plugin to be added Note that Tenable Network Security has...

openSUSE Security Update : mariadb (openSUSE-2016-1068)

This update for mariadb fixes the following issues : - CVE-2016-3477: Unspecified vulnerability in subcomponent parser bsc991616 - CVE-2016-3521: Unspecified vulnerability in subcomponent types bsc991616 - CVE-2016-3615: Unspecified vulnerability in subcomponent dml bsc991616 - CVE-2016-5440:...

SUSE SLES12 Security Update : mariadb (SUSE-SU-2016:2248-1)

This update for mariadb fixes the following issues : - CVE-2016-3477: Unspecified vulnerability in subcomponent parser bsc991616 - CVE-2016-3521: Unspecified vulnerability in subcomponent types bsc991616 - CVE-2016-3615: Unspecified vulnerability in subcomponent dml bsc991616 - CVE-2016-5440:...

Oracle Linux 5 / 6 : httpd (ELSA-2016-1421)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-1421 advisory. 2.2.3-92.0.1 - Add the ability to read DH parameters from the first SSLCertificateFile John Haxby orabug 21671194 - fix modssl always performing full...