8987 matches found
Unbreakable Enterprise kernel security update
2.6.39-400.322.1 - ipvs: reset ipvs pointer in netns Julian Anastasov Orabug: 31027196 - ipvs: prefer NETDEVDOWN event to free cached dsts Julian Anastasov Orabug: 31027196 - HID: hiddev: do cleanup in failure of opening a device Hillf Danton Orabug: 31206362 CVE-2019-19527 - HID: hiddev: avoid...
java-1.8.0-openjdk security update
1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz1724452 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz1724452 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Resolves:...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.19.2 - nfsd: check for oversized NFSv2/v3 arguments J. Bruce Fields Orabug: 26366022 CVE-2017-7645 3.8.13-118.19.1 - selinux: quiet the filesystem labeling behavior message Paul Moore Orabug: 25290650 - HID: hid-cypress: validate length of report Greg Kroah-Hartman Orabug:...
kernel security and bug fix update
2.6.32-696.1.1 - block fix use-after-free in seq file Denys Vlasenko 1418548 1418549 CVE-2016-7910 - firmware Replacing the chelsio firmware t4,t5fw-1.15.37.0 Sai Vemuri 1433865 1425749 - kernel genirq: Avoid taking sparseirqlock for non-existent irqs Dave Wysochanski 1428106 1360930 - tty nhdlc:...
NetworkManager security update
1:1.40.16-18.0.3 - Drop 777 permissions from Networkmanager-dispatcher drop-in directory Orabug: 37581862 1:1.40.16-18.0.2 - Add a dropin file to make Networkmanager-dispatcher persistent Orabug: 36989910 1:1.40.16-18.0.1 - disable MPTCP handling by default Orabug: 35081472 - Fix ignore-carrier...
Unbreakable Enterprise kernel security update
4.1.12-124.67.3 - media: imon: Fix null-ptr-deref in imonprobe Arvind Yadav Orabug: 31225377 CVE-2017-16537 - fbcon: remove soft scrollback code Linus Torvalds Orabug: 31914703 CVE-2020-14390 - inet: use bigger hash table for IP ID generation Eric Dumazet Orabug: 33778986 CVE-2021-45486 - ipv4:...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.305.5.3 - bpf: fix out-of-tree module build Alan Maguire Orabug: 33973548 - ACPICA: Enable sleep button on ACPI legacy wake Anchal Agarwal Orabug: 33973543 - Revert 'btrfs: inode: refactor the parameters of insertreservedfileextent' Srikanth C S Orabug: 33973491 - Revert 'btrfs: fix...
net-snmp security update
1:5.5-60.0.1 - Add Oracle ACFS to hrStorage John Haxby orabug 18510373 1:5.5-60.el6.2 - fix CVE-2020-15862 1875960...
Unbreakable Enterprise kernel security update
4.14.35-1902.4.8 - x86/boot: Clear RSDP address in bootparams for broken loaders Juergen Gross Orabug: 30111373 4.14.35-1902.4.7 - rds: ib: Qualify CM REQ duplicate detection with connection being up Hakon Bugge Orabug: 30062149 - rds: Further prioritize local loop-back connections Hakon Bugge...
kernel security, bug fix, and enhancement update
2.6.32-573.26.1 - kernel revert 'sched: core: Use hrtimerstartexpires' Jiri Olsa 1326043 1324318 - kernel Revert 'Cleanup bandwidth timers' Jiri Olsa 1326043 1324318 - kernel revert 'fair: Test list head instead of list entry in throttlecfsrq' Jiri Olsa 1326043 1324318 - kernel revert 'sched, per...
python3 security update
3.6.8-45.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-45 - Security fix for CVE-2021-4189: ftplib should not use the host from the PASV response Resolves: rhbz2036020 3.6.8-44 - Use the monotonic clock for theading.Condition - Use the monotonic clock for the global...
openssl security update
1.0.2k-24.0.3 - fix CVE-2022-0778 openssl: Fix possible infinite loop in BNmodsqrt - Change Epoch from 1 to 10 - Fix DH self-test to add shared secret comparison Orabug: 32467026 - Add DH support changes for SP 800-56A rev3 requirements Orabug: 32467059 - Add TLS KDF self-test Orabug: 32467193 -...
httpd:2.4 security update
httpd 2.4.37-43.1.0.1 - scoreboard: fix null pointer deference Orabug: 33690670CVE-2021-34798 - fix apescapequote logic Orabug: 33690686CVE-2021-39275 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html. 2.4.37-43.1 - Resolves:...
kernel security, bug fix, and enhancement update
4.18.0-305.12.14.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
bootstrap security update
3.0.0-7.0.1 - Backport jQuery CVE-2020-11023 fixes from jQuery v3.5.0 to bundled v1.10.2 Orabug: 33181852...
container-tools:1.0 security update
buildah 1.5-8.gite94b4f9.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.5-8.gite94b4f9 - bump release to preserve upgrade path - Related: 1821193 1.5-4.gite94b4f9 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build proces...
nss and nspr security, bug fix, and enhancement update
nspr 4.25.0-2 - Rebuild to fix wrong dist tag 4.25.0-1 - Rebase to NSPR 4.25 nss 3.53.1-3 - Disable dh timing test because it's unreliable on s390 from Bob Relyea - Explicitly enable upgradedb/sharedb test cycles 3.53.1-2 - Disable TLS 1.3 by default 3.53.1-1 - Rebase to NSS 3.53.1 3.44.0-8 -...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.41.1 - x86/speculation: Determine swapgs before alternative instructions are set Patrick Colp Orabug: 30379626 - ieee802154: enforce CAPNETRAW for raw sockets Allen Pais Orabug: 30444947 CVE-2019-17053 - mISDN: enforce CAPNETRAW for raw sockets Ori Nimron Orabug: 30445159...
kernel security and bug fix update
2.6.32-754.15.3.OL6 - Update genkey bug 25599697 2.6.32-754.15.3 - net tcp: enforce tcpminsndmss in tcpmtuprobing Florian Westphal 1719614 CVE-2019-11479 - net tcp: add tcpminsndmss sysctl Florian Westphal 1719614 CVE-2019-11479 - net tcp: tcpfragment should apply sane memory limits Florian...
grub2 security update
2.02-123.0.3 - Add CVE-2022-28736 to the list JIRA: OLDIS-16371 2.02-123.0.2 - Fix: CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735 JIRA: OLDIS-16371 - Various coverity fixes JIRA: OLDIS-16371 - bump SBAT generation...
zlib security update
1.2.11-18 - Resolves: CVE-2018-25032 1.2.11-17 - Fixed DFLTCC compression level switching issues 1875492 - Enabled HW compression for compression levels 1 through 6 1847438 - Fixed inflateSyncPoint bad return value on z15 1888930...
kernel security and bug fix update
2.6.32-754.35.1.OL6 - Update genkey bug 25599697 2.6.32-754.35.1 - ata libata: fix NULL sdev dereference race in atapiqccomplete Kenneth Yin 1876296 2.6.32-754.34.1 - mm mm: prevent getuserpages from overflowing page refcount Aristeu Rozanski 1705003 - mm mm/hugetlb.c: getuserpages ignores certai...
kernel security update
kernel - 2.6.18-419.0.0.0.13 - x86/speculation/mds: Conditionally clear CPU buffers on idle entry Thomas Gleixner orabug 29821515 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 - x86/speculation/mds: Call VERW on NMI path when returning to user Patrick Colp orabug 29821515...
qemu security update
15:3.1.0-3.el7 - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed Mark Kanda Orabug: 29744956 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 15:3.1.0-2.el7 - x86: Add mds feature Karl Heubaum - e1000: Never increment the RX undersize count register...
tomcat security, bug fix, and enhancement update
0:7.0.76-2 - Resolves: rhbz1459747 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism - Resolves: rhbz1441481 CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used 0:7.0.76-1 - Resolves: rhbz1414895 Rebase tomcat to the current release...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.311.6 - Revert 'KVM: x86: Print error code in exception injection tracepoint iff valid' Sherry Yang Orabug: 34535896 5.4.17-2136.311.5 - netfilter: nftables: do not allow RULEID to refer to another chain Thadeu Lima de Souza Cascardo Orabug: 34495567 CVE-2022-2586 - netfilter: nftable...
bind security update
32:9.8.2-0.68.rc1.0.2.8 - Backport possible assertion failure on DNAME processing CVE-2021-25215...
nss-softokn security update
3.44.0-6.0.1 - Add fips140-2 DSA Known Answer Test fix Orabug 26696773 - Add fips140-2 ECDSA/RSA/DSA Pairwise Consistency Test fix Orabug 26617866, Orabug 26617833, Orabug 26617780 3.44.0-6 - Fix out-of-bounds write in NSCEncryptUpdate 1775909...
Unbreakable Enterprise kernel security update
4.14.35-1902.6.6 - RDMA/restrack: Protect from reentry to resource return path Leon Romanovsky Orabug: 30388717 4.14.35-1902.6.5 - hvnetvsc: fix vf serial matching with pci slot info Haiyang Zhang Orabug: 30373111 - rds: Use correct conn when dropping connections due to cancel Hakon Bugge Orabug:...
qemu-kvm security update
8.2.0-11 - kvm-coroutine-cap-per-thread-local-pool-size.patch RHEL-28947 - kvm-coroutine-reserve-5-000-mappings.patch RHEL-28947 - Resolves: RHEL-28947 Qemu crashing with 'failed to set up stack guard page: Cannot allocate memory' 8.2.0-10 -...
openssl security and bug fix update
3.0.1-47.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-47 - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEMreadbioex Resolves: CVE-2022-4450 - Fixed...
python3 security update
3.6.8-47.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-47 - Security fix for CVE-2015-20107 Resolves: rhbz2075390 3.6.8-46 - Security fix for CVE-2022-0391: urlparse does not sanitize URLs containing ASCII newline and tabs - Fix the test suite support for Expat = 2.4.5...
kubernetes security update
1.11.3-2.7.2 - OLCNE-494 CVE-2019-11244 fix CVE-2019-11244: 'kubectl --http-cache= ' - creates world-writeable cached schema files 1.11.3.2.6.2 - OLCNE-384 CVE-2019-11243 rest.AnonymousClientConfig does not remove the serviceaccount credentials from config created by rest.InClusterConfig...
Unbreakable Enterprise kernel security update
2.6.39-400.298.2 - x86: Use PREDCMD MSR when ibpb is enabled Konrad Rzeszutek Wilk Orabug: 27369777 CVE-2017-5715 CVE-2017-5753 - x86/spec: Dont print the Missing arguments for option spectrev2 Konrad Rzeszutek Wilk Orabug: 27369777 CVE-2017-5715 CVE-2017-5753 - x86: Move ENABLEIBRS in the...
python security update
2.6.6-66.0.1 - Add Oracle Linux distribution in platform.py orabug 21288328 Keshav Sharma 2.6.6-66 - Fix for CVE-2016-1000110 HTTPoxy attack Resolves: rhbz1359161 2.6.6-65 - Fix for CVE-2016-0772 python: smtplib StartTLS stripping attack rhbz1303647 Raise an error when STARTTLS fails upstream pat...
openssl security update
1.0.1e-51.1 - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint 1.0.1e-51 - fix the CVE-2015-1791 fix broken server side renegotiation 1.0.1e-50 - improved fi...
emacs security update
1:24.3-23.0.1.1 - Fix CVE-2025-1244 man.el shell injection vulnerability Orabug: 37658579...
Unbreakable Enterprise kernel security update
4.1.12-124.62.3.1 - debug: Lock down kgdb Stephen Brennan Orabug: 34152701 CVE-2022-21499...
Unbreakable Enterprise kernel security update
4.1.12-124.18.5 - inet: frag: enforce memory limits earlier Eric Dumazet Orabug: 28450977 - x86/mm/pageattr.c: fix page prot mask Mihai Carabas Orabug: 28492122 - x86/pgtable.h: fix PMD/PUD mask Mihai Carabas Orabug: 28492122 - x86/asm: Add pud/pmd mask interfaces to handle large PAT bit Toshi Ka...
Unbreakable Enterprise kernel security and bugfix update
2.6.39-200.24.1.el5uek - Revert 'Add Oracle VM guest messaging driver' Guru Anbalagane Orabug: 14233627 2.6.39-200.23.1.el5uek - SPEC: add block/net modules to list used by installer Guru Anbalagane Orabug: 14224837 2.6.39-200.22.1.el5uek - NFSv4: include bitmap in nfsv4 get acl data Andy Adamson...
python-requests security update
2.25.1-7 - Security fix for CVE-2023-32681 Resolves: rhbz2209469...
openssh security update
8.0p1-19 - Release bump 8.0p1-18 - Avoid remote code execution in ssh-agent PKCS11 support Resolves: CVE-2023-38408...
kernel security and bug fix update
3.10.0-1160.59.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...
polkit security update
0.96-11.0.1.el610.1 - pkexec: local privilege escalation Orabug: 33789506CVE-2021-4034...
Unbreakable Enterprise kernel security update
4.1.12-124.41.4 - uek-rpm: Add OL6 shim conflict for new signing key Eric Snowberg Orabug: 31688239 - Revert 'certs: Add Oracle's new X509 cert into the kernel keyring' Eric Snowberg Orabug: 31688223 - blk-mq: don't overwrite rq-mqctx Jens Axboe Orabug: 31457304 - blk-mq: mark ctx as pending at...
Unbreakable Enterprise kernel security update
4.1.12-124.38.1 - rds: transport module should be auto loaded when transport is set Rao Shoaib Orabug: 31031928 - KVM: X86: Fix NULL deref in vcpuscanioapic Wanpeng Li Orabug: 31078882 - vhost: Check docket skfamily instead of call getname Eugenio Perez Orabug: 31085993 CVE-2020-10942 - Revert...
php security update
5.3.3-50 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043...
kubernetes security update
1.9.11-2.7.1 - OLCNE-494 CVE-2019-11244 fix CVE-2019-11244: 'kubectl --http-cache= ' - creates world-writeable cached schema files 1.9.11-2.6.1 - OLCNE-382 CVE-2019-11243 rest.AnonymousClientConfig does not remove the sa credentials...
kernel security and bug fix update
3.10.0-862.6.3.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-862.6.3 - x86 always enable eager FPU by default on non-AMD processors Paolo...
httpd security and bug fix update
2.2.15-60.0.1.4 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-60.4 - Related: 1427675 - CVE-2016-8743 httpd: Apache HTTP Request Parsing Whitespace Defects 2.2.15-60.3 - Resolves: 1463205 - CVE-2017-7668 httpd: apfindtoken buffer overread...