8984 matches found
unbound security update
1.16.2-5.11 - Fix CVE-2026-42944 RHEL-177909 - Fix CVE-2026-42959 RHEL-177809...
frr security update
7.5.1-24.0.1 - Fix POSTIN scriptlet Orabug: 34712485 7.5.1-24 - Fix off-by-one error in FlowSpec operator array bounds checking CVE-2026-37457 - Resolves: RHEL-174676...
bind security update
32:9.11.36-16.8 - Fix GSS-API resource leak CVE-2026-3039 - Invalid handling of CLASS != IN CVE-2026-5946...
kernel security update
4.18.0-553.129.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
ImageMagick security update
6.9.10.68-7.0.11 - Fix CVE-2026-32636 Orabug: 39375225 6.9.10.68-7.0.9 - Fix CVE-2026-28691 and CVE-2026-28693 Orabug: 39174244 6.9.10.68-7.0.7 - Fixes Local File Disclosure via Path Traversal CVE-2026-25965 Orabug: 39118995 - Fixes Memory allocation with excessive without limits in the internal...
vim security update
8.0.1763-23.0.1 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-23 - RHEL-170126 CVE-2026-35177 vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass 2:8.0.1763-22.3 - Relates:...
bind9.16 security update
32:9.16.23-0.22.6 - Fix GSS-API resource leak CVE-2026-3039 - Invalid handling of CLASS != IN CVE-2026-5946...
samba security update
4.19.4-16.0.1 - s3: winbindd: winbinddpam: fix leak in extractpacvrfysigs Orabug: 36518285 - s3:passdb: Do not leak memory in pdbtdb Orabug: 36371377 - Gluster volumes not accessible via Samba due to missing samba-vfs-glusterfs in OL8 Orabug: 30205755 4.19.4-16 - resolves: RHEL-156322 - Fix...
Unbreakable Enterprise kernel security update
5.4.17-2136.356.4.1 - smb: client: reject userspace cifs.spnego descriptions Asim Viladi Oglu Manizada Orabug: 39463669 5.4.17-2136.356.4 - tun: free page on buildskb failure in tunxdpone Weiming Shi Orabug: 39429147 - tap: free page on error paths in tapgetuserxdp Weiming Shi Orabug: 39429147 -...
expat security update
2.5.0-2 - Fix CVE-2026-45186 - Resolves: RHEL-177979...
php:8.2 security update
libzip php 8.2.31-1 - rebase to 8.2.31 php-pear php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip...
thunderbird security update
140.11.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.11.0 - Add OpenELA debranding 140.11.0-1 - Update to 140.11.0 ESR...
Unbreakable Enterprise kernel security update
5.15.0-321.202.5 - Revert 'ip6tunnel: Fix usage of skbvlaninetprepare' Harshit Mogalapalli Orabug: 39476647 - smb: client: reject userspace cifs.spnego descriptions Asim Viladi Oglu Manizada Orabug: 39463672 5.15.0-321.202.4 - tun: free page on buildskb failure in tunxdpone Weiming Shi Orabug:...
compat-openssl10 security update
1.1.0.2o-4.2 - Fixes CVE-2026-28390: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing Resolves: RHEL-165754...
Unbreakable Enterprise kernel security update
6.12.0-203.76.7.1 - smb: client: reject userspace cifs.spnego descriptions Asim Viladi Oglu Manizada Orabug: 39474418 6.12.0-203.76.7 - tun: free page on buildskb failure in tunxdpone Weiming Shi Orabug: 39456024 - tap: free page on error paths in tapgetuserxdp Weiming Shi Orabug: 39456024 - tun:...
go-toolset:ol8 security update
delve golang 1.25.9-1.0.1 - EXPERIMENTAL: Introduce fipsnoenforceems GODEBUG var - Backported from OL9u7 - Resolves: OLDIS-53586...
httpd:2.4 security update
httpd 2.4.37-65.0.1.7 - Replace index.html with Oracle's index page oracleindex.html modhttp2 1.15.7-10.5 - Resolves: RHEL-166277 - httpd:2.4/httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 modmd 1:2.0.8-8.2 - Resolves: RHEL-134487 - httpd:2.4/httpd: Apache HTTP Server:...
freerdp security update
2.1.1-5.0.5 - Fixed CVE-2026-26955 CVE-2026-26956 Orabug: 39189643 2:2.2.0-5.0.3 - Fixed CVE-2026-22855 CVE-2026-22858 CVE-2026-22859 Orabug: 39075086 2:2.2.0-5.0.1 - fixed CVE-2026-23530 CVE-2026-23531 CVE-2026-23532 CVE-2026-23533 CVE-2026-23884 Orabug: 38971897 2:2.2.0-5 - Update: Refactored R...
.NET 8.0 security update
8.0.127-1.0.1 - Add support for Oracle Linux 8.0.127-1 - Update to .NET SDK 8.0.127 and Runtime 8.0.27 - Resolves: RHEL-173920...
firefox security update
140.11.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 - diable wasisdk to prevent build failure with newer llvm 140.11.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.11.0-1 - Update to 140.11.0 ESR...
cockpit security update
310.8-1.0.1 - Fixed cockpitwst selinux issue for tmpfs Orabug: 36013589 - Move update-motd out of cockpitwst context Orabug: 36013589 - Update documentation links Orabug: 34706402 - Drop subscription-manager-cockpit requirement for ol Orabug: 34681110 - Remove duplicate reference to server in...
glibc security update
2.28-251.0.4.37 - Forward port of Oracle patches Reviewed-by: David Faust Oracle history: May-7-2026 Cupertino Miranda - 2.28-251.0.4.34 - Forward port of Oracle patches Reviewed-by: Jose E. Marchesi March-18-2026 Cupertino Miranda - 2.28-251.0.4.31 - Forward port of Oracle patches Reviewed-by:...
flatpak security update
1.12.9-4 - Fix arbitrary code execution via crafted symlinks in sandbox-expose options Resolves: RHEL-165633 - Fix arbitrary file deletion on host via improper cache file path validation Resolves: RHEL-170160...
kernel security update
4.18.0-553.126.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
.NET 9.0 security update
9.0.117-1.0.1 - Add support for Oracle Linux 9.0.117-1 - Update to .NET SDK 9.0.117 and Runtime 9.0.16 - Resolves: RHEL-173915...
.NET 10.0 security update
10.0.108-1.0.1 - Add support for Oracle Linux 10.0.108-1 - Update to .NET SDK 10.0.108 and Runtime 10.0.8 - Resolves: RHEL-173906...
thunderbird security update
140.10.1-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.10.1 - Add OpenELA debranding 140.10.1-1 - Update to 140.10.1 ESR...
libexif security update
0.6.22-6 - Fix integer underflow in MakerNote decoding CVE-2026-40386 - Fix integer overflow in Nikon MakerNote handling CVE-2026-40385 Resolves: RHEL-170243, RHEL-170220...
ruby:3.3 security update
ruby 3.3.10-6 - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171247 rubygem-abrt 0.4.0-1 - Update to abrt 0.4.0. Resolves: rhbz1842476 rubygem-mysql2 0.5.5-1 - Upgrade to mysql2 0.5.5. Related: RHEL-17090 rubygem-pg 1.5.4-1 - Upgrade to pg 1.5.4...
dnsmasq security update
2.79-36 - Prevent overflow in extractname function CVE-2026-2291 - Prevent DoS in DNSSEC validation CVE-2026-4890 - Prevent out-of-bounds read in DNSSEC validation CVE-2026-4891 - Prevent out-of-bounds write in DHCPv6 server CVE-2026-4892 - Prevent source check avoidance by RFC 7871 client-subnet...
freeipmi security update
1.6.17-1 - Update to 1.6.17, fixes CVE-2026-33554...
compat-libtiff3 security update
3.9.4-15 - fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile RHEL-159315...
glibc security update
2.28-251.0.4.37 - Forward port of Oracle patches Reviewed-by: David Faust Oracle history: May-7-2026 Cupertino Miranda - 2.28-251.0.4.34 - Forward port of Oracle patches Reviewed-by: Jose E. Marchesi March-18-2026 Cupertino Miranda - 2.28-251.0.4.31 - Forward port of Oracle patches Reviewed-by:...
firefox security update
140.10.2-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 - diable wasisdk to prevent build failure with newer llvm 140.10.2 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.10.2-1 - Update to 140.10.2 ESR...
Unbreakable Enterprise kernel security update: Fragnesia
5.15.0-320.202.8.5 - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420565 CVE-2026-46300 - net: skbuff: preserve shared-frag marker during coalescing William Bowling Orabug: 39420565...
Unbreakable Enterprise kernel security update: Fragnesia
5.4.17-2136.355.3.4 - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420568 CVE-2026-46300 - net: skbuff: preserve shared-frag marker during coalescing William Bowling Orabug: 39420568...
Unbreakable Enterprise kernel security update: Fragnesia
6.12.0-202.76.4.4 - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420559 CVE-2026-46300 - net: skbuff: preserve shared-frag marker during coalescing William Bowling Orabug: 39420559...
firefox security update
140.10.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 - diable wasisdk to prevent build failure with newer llvm 140.10.1 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.10.1-1 - Update to 140.10.1 ESR...
gdk-pixbuf2 security update
2.36.12-3.0.3 - Backport fixes for CVE-2026-5201 Orabug: 39288631 2.36.12-3.0.1 - jpeg: Be more careful with chunked icc data Orabug: 38359772CVE-2025-7345...
kernel security update
4.18.0-553.125.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
libsndfile security update
1.0.28-17 - apply patch for CVE-2026-37555 Resolves: ?RHEL-174533...
oci-utils security update
-- 0.14.0-22 - Rework systemd service file creation. Orabug: 39316494...
Unbreakable Enterprise kernel security update
5.15.0-320.202.8.4 - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391447 CVE-2026-46333 5.15.0-320.202.8.3 - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache Jeff Layton Orabug: 39362036 CVE-2026-31402 - net/sched: Only allow actct to bind to clsact/ingress qdiscs and...
Unbreakable Enterprise kernel security update
6.12.0-202.76.4.3 - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391434 CVE-2026-46333...
Unbreakable Enterprise kernel security update
5.4.17-2136.355.3.3 - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391459 CVE-2026-46333 5.4.17-2136.355.3.2 - scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount Maurizio Lombardi Orabug: 39368774 CVE-2026-23193 - scsi: target: iscsi: Fix use-after-free i...
nginx:1.24 security update
1.24.0-3.0.1.1 - Remove Red Hat references Orabug: 29498217 1:1.24.0-3.1 - Resolves: RHEL-176224 - nginx:1.24/nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 1:1.24.0-3 - Resolves: RHEL-157877 CVE-2026-32647 nginx:1.24/nginx: NGINX: Denial of Service or Code Execution via...
nginx security update
2:1.26.3-2.0.1.el101.2 - Reference oracle-indexhtml within Requires Orabug: 33802044 2:1.26.3-8 - Fix release number 2:1.26.3-7 - Resolves: RHEL-176217 - nginx: NGINX: Arbitrary Code 2:1.26.3-6 - Resolves: RHEL-157874 CVE-2026-32647 nginx: NGINX: Denial of Service or Code Execution via specially...
squid security update
7:3.5.20-17.0.11.13 - Security update for CVE-2026-32748 CVE-2026-33526 Orabug: 39230173 7:3.5.20-17.0.9.13 - Fixes CVE-2025-62168, squid: Squid vulnerable to information disclosure via - authentication credential leakage in error handling Orabug: 38587551 7:3.5.20-17.0.7.13 - Fixes CVE-2025-5457...
nginx security update
2:1.20.1-24.0.1.el97.3 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 - Update upstream references Orabug: 36579090 2:1.20.1-24.3 - Resolves: RHEL-176230 - nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 2:1.20.1-24.2...
ruby security update
3.0.7-166 - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171254...