8987 matches found
kernel security and bug fix update
3.10.0-862.11.6.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-862.11.6 - kernel cpu/hotplug: Fix 'online' sysfs entry with 'nosmt' Josh...
tomcat security update
0:7.0.76-3 - Resolves: rhbz1498344 CVE-2017-12615 CVE-2017-12617 tomcat: various flaws - Resolves: rhbz1495654 CVE-2017-7674 tomcat: Vary header not added by CORS filter leading to cache poisoning - Resolves: rhbz1470596 CVE-2017-5647 Add follow up revision...
kernel security, bug fix, and enhancement update
2.6.32-573 - security selinux: dont waste ebitmap space when importing NetLabel categories Paul Moore 1130197 - x86 Revert Add driver auto probing for x86 features v4 Prarit Bhargava 1231280 - net bridge: netfilter: dont call iptables on vlan packets if sysctl is off Florian Westphal 1236551 - ne...
libxml2 security update
2.9.7-19 - Fix CVE-2024-56171 RHEL-80122 - Fix CVE-2025-24928 RHEL-80137 2.9.7.18.2 - Fix CVE-2022-49043 RHEL-76289 2.9.7-18.1 - Fix CVE-2024-25062 RHEL-31056...
nginx:1.16 security update
1.16.1-2.0.1.1 - Remove Red Hat references Orabug: 29498217 1:1.16.1-2.1 - Resolves: 1963174 - CVE-2021-23017 nginx:1.16/nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name...
sudo security update
1.8.6p3-29.0.1.el610.2 - Fixes OraBug: 28747380 sudo does not honor envkeep-='KRB5CCNAME' after 'sudo -k' [email protected] 1.8.6p3-29.2 - RHEL-6.10.z ERRATUM - fixed CVE-2019-14287 Resolves: rhbz1760684...
Unbreakable Enterprise kernel security update
2.6.39-400.302.2 - Revert 'Fix up non-directory creation in SGID directories' Brian Maly Orabug: 28781234 2.6.39-400.302.1 - Fix up non-directory creation in SGID directories Linus Torvalds Orabug: 28459479 CVE-2018-13405 - ALSA: seq: Make ioctls race-free Takashi Iwai Orabug: 28459730...
httpd security update
2.4.6-67.0.1.el74.2 - replace index.html with Oracle's index page oracleindex.html 2.4.6-67.2 - Resolves: 1463194 - CVE-2017-3167 httpd: apgetbasicauthpw authentication bypass - Resolves: 1463197 - CVE-2017-3169 httpd: modssl NULL pointer dereference - Resolves: 1463207 - CVE-2017-7679 httpd:...
httpd24-httpd security update
2.4.12-6.0.1.el7.1 - replace index.html with Oracles index page oracleindex.html - update vstring in specfile 2.4.12-6.1 - core: fix chunk header parsing defect CVE-2015-3183 - core: replace of apsomeauthrequired with apsomeauthnrequired and apforceauthn hook CVE-2015-3185 - core: fix pointer...
java-1.6.0-openjdk security update
1:1.6.0.0-1.36.1.11.9.0.1.el59 - Add oracle-enterprise.patch 1:1.6.0.0-1.36.1.11.9 - Updated to icedtea6 1.11.9 - Resolves: rhbz917176...
freetype security update
2.8-14.0.1.el79.1 - Fix CVE-2025-27363 Out-of-bounds Write Orabug: 37770275CVE-2025-27363...
python-urllib3 security update
1.26.5-3.0.1.1 - Security fix for CVE-2023-45803 Resolves: RHEL-16874 - Security fix for CVE-2023-43804 Resolves: RHEL-12001...
shim-signed security update
15.6-1.0.7 - Update shimx64.efi and shimia32.efi signed by Microsoft JIRA: OLDIS-16370 15.6-1.0.5 - Update to shim-unsigned v15.6.rc2 JIRA: OLDIS-16370 15.6-1.0.3 - Add all algorithms using OPENSSLaddallalgorithms JIRA: OLDIS-16370 15.6-1.0.1 - Update to 15.6.rc1 JIRA: OLDIS-16370 - update...
libgcrypt security and bug fix update
1.8.5-6 - Fix for CVE-2021-33560 1971421 - Enable HW optimizations in FIPS 1976137 - Performance enchancements for ChaCha20 and Poly1305 1855231 1.8.5-5 - Performance enchancements for AES-GCM, CRC32 and SHA2 1855231...
firefox security update
78.12.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.12.0-1 - Update to 78.12.0 build1...
Unbreakable Enterprise kernel-container security update
5.4.17-2036.103.3.el7 - Revert 'rds: Deregister all FRWR mr with freemr' aru kolappan Orabug: 32426610 5.4.17-2036.103.2.el7 - A/A Bonding: Fix a one-byte-off kmalloc Hakon Bugge Orabug: 32380824 - netfilter: add and use nfhookslowlist Florian Westphal Orabug: 32372530 CVE-2021-20177 - net/rds: F...
Unbreakable Enterprise kernel security update
4.14.35-2025.405.3 - Revert 'rds: Deregister all FRWR mr with freemr' aru kolappan Orabug: 32426280 4.14.35-2025.405.2 - nfs: Fix security label length not being reset Jeffrey Mitchell Orabug: 32350995 4.14.35-2025.405.1 - net/rds: Fix gfpt parameter Hans Westgaard Ry Orabug: 32372162 - uek-rpm:...
java-1.8.0-openjdk security update
1:1.8.0.252.b09-2 - Add release notes. - Mark license files with appropriate macro. - Resolves: rhbz1810557 1:1.8.0.252.b09-1 - Make use of --with-extra-asflags introduced in jdk8u252-b01. - Resolves: rhbz1810557 1:1.8.0.252.b09-0 - Update to aarch64-shenandoah-jdk8u242-b09. - Switch to GA mode f...
kubernetes security update
kubernetes 1.9.11-2.2.1 - CVE-2019-6486 1.9.11-2.1.1 - Fix kubeadm-registry.sh - Use golang 1.9.3 - CVE-2018-1002105 Handle error responses from backends - Bump to v1.9.11 1.9.1-2.1.7 - Orabug 27803001 1.9.1-2.1.5 - Production built 1.9.1-2.1.5 - Fix the upgrade version check - Remove w/a from...
perl security update
4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow bug 1661064...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.24.1 - mm/mempolicy: fix use after free when calling getmempolicy zhong jiang Orabug: 28022108 CVE-2018-10675 - Fix up non-directory creation in SGID directories Linus Torvalds Orabug: 28459478 CVE-2018-13405 - ALSA: seq: Make ioctls race-free Takashi Iwai Orabug: 28459729...
kernel security, bug fix, and enhancement update
3.10.0-514.6.10.0.1.el7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...
php security and bug fix update
5.4.16-42 - bz2: fix improper error handling in bzread CVE-2016-5399 5.4.16-41 - gd: fix integer overflow in gd2GetHeader resulting in heap overflow CVE-2016-5766 - gd: fix integer overflow in gdImagePaletteToTrueColor resulting in heap overflow CVE-2016-5767 - mbstring: fix double free in...
docker-cli docker-engine security update
docker-cli 19.03.11-7 - Fix for CVE-2020-15257 19.03.11-6 - Fix for CVE-2020-15157 19.03.11-5 - Bugfix for 'docker images name' not working on docker 19.03.11-ol - Address CVE-2020-16845 19.03.11-4 - added patch for registry list 19.03.11-3 - update to 19.03.11 for CVE-2020-13401 19.03.1-1.0.0 -...
java-1.8.0-openjdk security update
1:1.8.0.242.b08-0 - Update to aarch64-shenandoah-jdk8u242-b08. - Remove local copies of JDK-8031111 & JDK-8132111 as replaced by upstream versions. - Resolves: rhbz1785753 1:1.8.0.242.b07-1 - Add backports of JDK-8031111 & JDK-8132111 to fix TCK issue. - Resolves: rhbz1785753 1:1.8.0.242.b07-0 -...
Unbreakable Enterprise kernel security update
4.1.12-124.31.1.1 - KVM: coalescedmmio: add bounds checking Matt Delco Orabug: 30318042 CVE-2019-14821 CVE-2019-14821...
kernel security, bug fix, and enhancement update
3.10.0-514.16.1.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...
kernel security and bug fix update
kernel 2.6.18-417 - virt hv: do not lose pending heartbeat vmbus packets Vitaly Kuznetsov 1391167 - net Fix use after free in the recvmmsg exit path Davide Caratti 1390044 CVE-2016-7117...
libxml2 security update
2.9.1-6.0.5 - Fix CVE-2024-56171 Orabug: 37694105 - Fix CVE-2025-24928 Orabug: 37694105 2.9.1-6.0.3 - Rebuild to include attribution logo Orabug: 33024216 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-6.6 - Fix CVE-2016-4658 1966916...
container-tools:ol8 security, bug fix, and enhancement update
buildah 1.16.7-4.0.1 - Handling redirect from the docker registry Orabug: 29874238 Nikita Gerasimov 1.16.7-4 - update to the latest content of https://github.com/containers/buildah/tree/release-1.16 https://github.com/containers/buildah/commit/aaed66b - Related: 1888571 1.16.7-3 - revert back to...
kernel security and bug fix update
3.10.0-1127.8.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1127.8.2 - net netlabel: cope with NULL catmap Paolo Abeni 1827239 1827240...
Unbreakable Enterprise kernel security update
4.14.35-1902.301.1 - vhost: Check docket skfamily instead of call getname Eugenio Perez Orabug: 31085991 CVE-2020-10942 - uek-rpm: config-mips64-embedded misc pruning Eric Saint-Etienne Orabug: 31079017 - ubifs: Check for name being NULL while mounting Richard Weinberger Orabug: 29410897 - team:...
Unbreakable Enterprise kernel security update
4.14.35-2047.513.2 - Revert 'rds/ib: recover rds connection from stuck tx path' Nagappan Ramasamy Palaniappan Orabug: 34124234 4.14.35-2047.513.1 - mm/page-writeback: Fix performance when BDI's share of ratio is 0. Chi Wu Orabug: 34050050 - esp: Fix possible buffer overflow in ESP transformation...
firefox security update
78.10.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.10.0-1 - Update to 78.10.0...
Unbreakable Enterprise kernel security update
4.14.35-1902.3.2 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 29967570 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 29967570 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1 swapgs...
openssh security update
5.3p1-114 - CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices 1245969 5.3p1-113 - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317816...
nghttp2 security update
1.43.0-5.1 - fix HTTP/2 Rapid Reset CVE-2023-44487...
kernel security and bug fix update
3.10.0-1160.95.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.95.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...
ghostscript security update
9.25-2.3 - Resolves: 1744010 - CVE-2019-14811 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdfhookDSCCreator 701445 - Resolves: 1744014 - CVE-2019-14812 ghostscript: Safer Mode Bypass by .forceput Exposure in setuserparams 701444 - Resolves: 1744005 - CVE-2019-14813 ghostscript: Safer...
firefox security update
60.6.0-3.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.6.0-3 - Added Google API keys mozbz1531176 60.6.0-2 - Update to 60.6.0 ESR Build 2 60.6.0-1 - Update to 60.6.0 ESR Build 1...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-94.5.7 - Revert 'net/rds: Revert 'RDS: add reconnect retry scheme for stalled connections'' Ajaykumar Hotchandani Orabug: 26444722 - Revert 'net/rds: use different workqueue for baseconn' Ajaykumar Hotchandani Orabug: 26444722 - Revert 'net/rds: determine active/passive connecti...
httpd security and bug fix update
2.4.6-45.0.1.4 - replace index.html with Oracle's index page oracleindex.html 2.4.6-45.4 - Resolves: 1396197 - Backport: modproxywstunnel - AH02447: err/hup on backconn 2.4.6-45.3 - prefork: fix delay completing graceful restart 1327624 - modldap: fix authz regression, failing to rebind 1415257...
glibc security and bug fix update
2.12-1.166.7 - Update fix for CVE-2015-7547 1296028. 2.12-1.166.6 - Create helper threads with enough stack for POSIX AIO and timers 1301625. 2.12-1.166.5 - Fix CVE-2015-7547: getaddrinfo stack-based buffer overflow 1296028. 2.12-1.166.4 - Support loading more libraries with static TLS 1291270...
grub2 security update
2.02-0.87.0.8.e7.2 - Enable common subpackage for aarch64 - Disable RHEL patch 0183-efinet-retransmit-if-our-device-is-busy.patch to comply with UEFI spec - add SBAT metadata for Oracle Linux grub2 - Use similar format for menu entry in grub environment block - config file. Orabug: 32172943 - Fix...
Unbreakable Enterprise kernel security update
2.6.39-400.316.1 - ipv4: ipmr: various fixes and cleanups Eric Dumazet Orabug: 30183226 CVE-2017-18509 - scsi: sg: fixup infoleak when using SGGETREQUESTTABLE Hannes Reinecke Orabug: 30393903 CVE-2017-14991 - usb: misc: legousbtower: Fix NULL pointer deference Greg Kroah-Hartman Orabug: 30412152...
php security update
5.4.16-46.1 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043...
thunderbird security update
60.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.9.0-1 - Update to 60.9.0...
ghostscript security update
9.07-31.el76.1 - Remove as many non-standard operators as possible to make the codebase closer to upstream for later CVEs - Resolves: 1621383 - CVE-2018-16511 ghostscript: missing type check in type checker 699659 - Resolves: 1621159 - CVE-2018-15908 ghostscript: .tempfile file permission issues...
Unbreakable Enterprise kernel security update
4.1.12-112.14.11 - x86/pti/efi: broken conversion from efi to kernel page table Pavel Tatashin Orabug: 27363926 Orabug: 27352353 CVE-2017-5754 - x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT redux Konrad Rzeszutek Wilk Orabug: 27369994 - x86/IBRS: Make sure we restore...
kernel security and bug fix update
3.10.0-693.5.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.5.2 - mm pagecgroup: Fix Kernel bug during boot with memory cgroups enabled...