8987 matches found
java-1.8.0-openjdk security update
1:1.8.0.292.b10-1 - Add CVE numbers. - Require tzdata 2021a due to JDK-8260356 - Resolves: rhbz1938201 1:1.8.0.292.b10-0 - Update to aarch64-shenandoah-jdk8u292-b10 GA - Update release notes for 8u292-b10. - This tarball is embargoed until 2021-04-20 @ 1pm PT. - Resolves: rhbz1938201...
nodejs:14 security and bug fix update
nodejs 1:14.15.4-2 - Add patch for yarn crash - Resolves: RHBZ1916465 1:14.15.4-1 - Security rebase to 14.15.4 - https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/ - Resolves: RHBZ1916463, RHBZ1914788 - Resolves: RHBZ1914785, RHBZ1916387, RHBZ1916389, RHBZ1916390, RHBZ191669...
firefox security update
68.1.0-1.0.1 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.1.0-1 - Update to 68.1.0 ESR 68.0.1-4 - Enable system nss...
kernel security update
kernel 2.6.18-419.0.0.0.12 - x86 mm/dumppagetables: Add a checkl1tf debugfs file Chris von Recklinghausen 1593378 CVE-2018-3620 - x86 cpu: Make flushl1d visible in /proc/cpuinfo Chris von Recklinghausen 1593378 - x86 cpufeatures: Add detection of L1D cache flush support. Chris von Recklinghausen...
glibc security, bug fix, and enhancement update
2.17-157 - Rebuild with updated binutils 1268008 2.17-156 - malloc arena free free list management fix 1276753 2.17-155 - Basic validity check for locale-archive.tmpl 1350733 2.17-153 - Add Intel AVX-512 optimized routines 1298526. 2.17-151 - Improve malloc peformance in low-memory situations...
Unbreakable Enterprise kernel security update
4.1.12-124.39.1 - qla2xxx: Update driver version to 9.00.00.00.42.0-k1-v2 Arun Easi Orabug: 30372266 - qla2xxx: Fix device discovery when FCP2 device is lost. Arun Easi Orabug: 30372266 - brcmfmac: add subtype check for event handling in data path John Donnelly Orabug: 30776354 CVE-2019-9503 -...
Bug fix of NetworkManager
1:1.40.16-18.0.1 - disable MPTCP handling by default Orabug: 35081472 - Fix ignore-carrier logic Orabug: 34956744 - Disable regeneration of the documentation Orabug: 34712048 - add connectivity check via Oracle servers Orabug: 32051972 - Disable the build of NetworkManager-config-connectivity-...
oniguruma security update
6.8.2-2.1 - Fix CVE-2019-13224 Resolves: RHEL-6970 - Fix CVE-2019-16163 Resolves: RHEL-9506 - Fix CVE-2019-19012 Resolves: RHEL-9511 - Fix CVE-2019-19203 Resolves: RHEL-9510 - Fix CVE-2019-19204 Resolves: RHEL-9509...
python-pip security update
21.2.3-7 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2207997...
log4j security update
0:1.2.14-6.4.2 - Fix CVE-2022-23302, CVE-2022-23305, CVE-2022-23307, CVE-2017-5645 - Orabug: 33868008 0:1.2.14-6.4.1 - Fix remote code execution vulnerability - Resolves: CVE-2021-4104 Orabug: 33689748...
Unbreakable Enterprise kernel security update
4.1.12-124.53.5 - seqfile: disallow extremely large seq buffer allocations Eric Sandeen Orabug: 33143006 CVE-2021-33909 4.1.12-124.53.3 - net/mlx4: Fix EEPROM dump support Vladyslav Tarasiuk Orabug: 31895301 CVE-2020-14304 - net/mlx4en: ethtool, Remove unsupported SFP EEPROM high pages query Erez...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.51.2 - Revert 'kexec: Validate pe files against the systemlacklistkeyring' John Donnelly Orabug: 32171714 CVE-2020-26541 CVE-2020-26541 3.8.13-118.51.1 - usb: cdc-acm: make sure a refcount is taken early enough Oliver Neukum Orabug: 31351090 CVE-2019-19530 - kexec: Validate ...
Unbreakable Enterprise kernel security update
4.1.12-124.42.3 - can: peakusb: pcanusbfd: Fix info-leaks to USB devices Tomas Bortoli Orabug: 31351221 CVE-2019-19535 - media: hdpvr: Fix an error handling path in hdpvrprobe Arvind Yadav Orabug: 31352053 CVE-2017-16644 - fs/binfmtmisc.c: do not allow offset overflow Thadeu Lima de Souza Cascard...
java-1.8.0-openjdk security update
1:1.8.0.242.b07-1 - Add backports of JDK-8031111 & JDK-8132111 to fix TCK issue. - Resolves: rhbz1785753 1:1.8.0.242.b07-0 - Update to aarch64-shenandoah-jdk8u242-b07. - Switch to GA mode for final release. - Remove Shenandoah S390 patch which is now included upstream as JDK-8236829. - Resolves:...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.352.b08-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Add test to ensure timezones can be translated - Related: rhbz2133695 1:1.8.0.352.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release notes for shenandoah-8u352-b08. - This tarball is embargoed until...
httpd:2.4 security update
httpd 2.4.37-43.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html. 2.4.37-43 - Related: 2007235 - CVE-2021-40438 httpd:2.4/httpd: modproxy: SSRF via a crafted request uri-path 2.4.37-42 - Resolves: 2007235 - CVE-2021-40438...
Unbreakable Enterprise kernel security update
2.6.39-400.320.1 - rds: Avoid flushing MRs in rdsrdmadropkeys aru kolappan Orabug: 30650888 - media: b2c2-flexcop-usb: add sanity checking Oliver Neukum Orabug: 30864535 CVE-2019-15291...
ntp security update
4.2.6p5-22.0.1.el72.2 - add disable monitor to default ntp.conf CVE-2013-5211...
openssh security, bug fix, and enhancement update
5.3p1-94 - use dracut-fips package to determine if a FIPS module is installed 1001565 5.3p1-93 - use dist tag in suffixes for hmac checksum files 1001565 5.3p1-92 - use hmacsuffix for ssh,d hmac checksums 1001565 5.3p1-91 - fix NSS keys support 1004763 5.3p1-90 - change default value of MaxStartu...
emacs security update
1:26.1-13 - Fix man.el shell injection vulnerability RHEL-79016...
Unbreakable Enterprise kernel security update
5.15.0-205.149.5.1 - KVM: x86: Add BHINO Daniel Sneddon Orabug: 36384802 CVE-2024-2201 - x86/bhi: Mitigate KVM by default Pawan Gupta Orabug: 36384802 CVE-2024-2201 - x86/bhi: Add BHI mitigation knob Pawan Gupta Orabug: 36384802 CVE-2024-2201 - x86/bhi: Enumerate Branch History Injection BHI bug...
libtiff security update
4.4.0-7 - Fix CVE-2022-3970 - Resolves: CVE-2022-3970 4.4.0-6 - Fix CVE-2022-3597 CVE-2022-3626 CVE-2022-3599 CVE-2022-3570 CVE-2022-3598 CVE-2022-3627 - Resolves: CVE-2022-3597 CVE-2022-3626 CVE-2022-3599 CVE-2022-3570 CVE-2022-3598 CVE-2022-3627...
libreoffice security update
6.4.7.2-11.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor=Oracle America, Inc. - Added the --with-hamcrest option to configure. 1:6.4.7.2-11 - Resolves: rhbz2060559 CVE-2021-25636...
bind security update
32:9.16.23-1.1 - Fix possible serve-stale related crash CVE-2022-3080 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178...
Unbreakable Enterprise kernel security update
4.14.35-2047.515.3 - uek-rpm: Enable Pensando EMMC reset controller Thomas Tai Orabug: 34325721 - mfd: pensandoelbasr: Add Pensando Elba System Resource Chip Brad Larson Orabug: 34325721 - dsc-drivers: update drivers for 1.15.9-C-65 Shannon Nelson Orabug: 34325721 4.14.35-2047.515.2 - net/rds:...
olcne security update
helm 3.3.4-2 - Address CVE-2021-27918 coredns 1.7.0-1 - Added Oracle specific build files cri-o 1.18.4-2 - Fix for CVE-2021-27918 1.18.4-1 - Added Oracle Specifile Files for cri-o cri-tools 1.18.0-2 - Address CVE-2021-27918 etcd 3.4.3-1.0.5 - Address CVE-2021-27918 flannel 0.12.0-2 - Address...
openssl security update
1.0.1e-59.0.1 - Backport fixes for CVE-2020-1971 Orabug: 32654738 1.0.1e-58.0.1 - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix CVE-2018-0739 - Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz - sha256 is used fo...
NetworkManager security update
1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin CVE-2018-15688...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.6 - perf/hwbp: Simplify the perf-hwbp code, fix documentation Linus Torvalds Orabug: 27947608 CVE-2018-100199 3.8.13-118.20.5 - x86/microcode: probe CPU features on microcode update Ankur Arora Orabug: 27806667 - x86/microcode: microcodewrite should not reference...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.33 - Revert 'x86/mm: Expand the exception table logic to allow new handling options' Brian Maly Orabug: 25790387 CVE-2016-9644 - Revert 'fix minor infoleak in getuserex' Brian Maly Orabug: 25790387 CVE-2016-9644 4.1.12-61.1.32 - x86/mm: Expand the exception table logic to...
ruby:3.3 security update
ruby 3.3.5-3 - Upgrade to Ruby 3.3.5 Resolves: RHEL-57576 - Fix DoS vulnerability in rexml. CVE-2024-39908 CVE-2024-41946 CVE-2024-43398 Resolves: RHEL-57573 Resolves: RHEL-57570 Resolves: RHEL-57578 - Fix REXML DoS when parsing an XML having many specific characters such as whitespace character,...
java-17-openjdk security and bug fix update
1:17.0.3.0.6-2 - Add JDK-8284920 fix for XPath regression - Related: rhbz2073575 1:17.0.3.0.6-2 - JDK-8275082 should be listed as also resolving JDK-8278008 & CVE-2022-21476 - Related: rhbz2073575 1:17.0.3.0.6-1 - JDK-8283911 patch no longer needed now we're GA... - Resolves: rhbz2073575...
GNOME security, bug fix, and enhancement update
accountsservice 0.6.55-2 - Add support for user templates so user can specify default session Resolves: 1812788 gdm 40.0-14 - Fix XDMCP Resolves: 2004170 - Fix crash at shutdown Related: 2004170 40.0-13 - Disable Wayland on HyperV - Fix Xorg fallback Related: 1998989 40.0-12 - Redisable on server...
libdb security update
5.3.28-40 - Resolves: CVE-2019-2708 - Resolves: 1856237...
Unbreakable Enterprise kernel security update
4.1.12-124.35.1 - ixgbe: protect TX timestamping from API misuse Manjunath Patil Orabug: 30275491 - block: init flush rq ref count to 1 Josef Bacik Orabug: 30360559 - block: fix null pointer dereference in blkmqrqtimedout Yufen Yu Orabug: 30360559 - blk-mq: Remove generation seqeunce Keith Busch...
docker-engine docker-cli security update
docker-engine 19.03.1-1.0.0 - update to 19.03.1 19.03-0.0.1 - update to 19.03...
java-1.8.0-openjdk security update
1:1.8.0.232.b09-0 - Update to aarch64-shenandoah-jdk8u232-b09. - Switch to GA mode for final release. - Remove PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Resolves: rhbz1753423 1:1.8.0.232.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u232-b08. - Resolves: rhbz1753423...
Unbreakable Enterprise kernel security update
4.1.12-124.27.1 - scsi: libfc: sanitize EDTOV and RATOV setting Hannes Reinecke Orabug: 25933179 - scsi: libfc: use configured rport EDTOV Hannes Reinecke Orabug: 25933179 - scsi: libfc: additional debugging messages Hannes Reinecke Orabug: 25933179 - scsi: libfc: don't advance state machine for...
Unbreakable Enterprise kernel security update
4.14.35-1844.2.5 - x86/apic: Switch all APICs to Fixed delivery mode Thomas Gleixner Orabug: 29262403 4.14.35-1844.2.4 - x86/platform/UV: Add check of TSC state set by UV BIOS [email protected] Orabug: 29205471 - x86/tsc: Provide a means to disable TSC ART [email protected] Orabug: 29205471 -...
Unbreakable Enterprise kernel security update
4.14.35-1818.1.6 - ipv4: frags: handle possible skb truesize change Eric Dumazet Orabug: 28481663 CVE-2018-5391 4.14.35-1818.1.5 - inet: frag: enforce memory limits earlier Eric Dumazet Orabug: 28481663 CVE-2018-5391 - init/main.c: reorder bootcpustateinit/smppreparebootcpu Mihai Carabas Orabug:...
kernel security update
3.10.0-693.11.6.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.11.6 - x86 specctrl: Eliminate redundant FEATURE Not Present messages Andrea...
ntp security update
4.2.6p5-12.0.1.el69.1 - add disable monitor to default ntp.conf CVE-2013-5211 4.2.6p5-12.el69.1 - fix buffer overflow in datum refclock driver CVE-2017-6462 - fix crash with invalid unpeer command CVE-2017-6463 - fix potential crash with invalid server command CVE-2017-6464 4.2.6p5-12 - don't lim...
virt:ol and virt-devel:ol security update
libvirt 6.0.0-28.1.0.1 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma qemu-kvm 4.2.0-34.el83.5 - kvm-Drop-bogus-IPv6-messages.patch bz1939493 - Resolves: bz1939493 CVE-2020-10756 virt:rhel/qemu-kvm: QEMU: slirp: networking out-of-bounds read information disclosure vulnerability...
sssd security and bug fix update
2.9.4-6.0.1 - Restore default debug level for ssscache Orabug: 32810448 2.9.4-6 - Resolves: RHEL-27209 - Race condition during authorization leads to GPO policies functioning inconsistently rhel-9.4.0 2.9.4-5 - Resolves: RHEL-28161 - Passkey cannot fall back to password 2.9.4-4 - Resolves:...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.402.b06-0.1.ea - Update to shenandoah-jdk8u402-b06 GA - Update release notes for shenandoah-8u402-b06. - Drop local copy of JDK-8312489 which is now included upstream - Switch to GA mode. - This tarball is embargoed until 2024-01-16 @ 1pm PT. - Resolves: RHEL-17914 - Resolves: RHEL-20965...
php:7.4 security update
libzip 1.6.1-1 - update to 1.6.1 - enable lzma support 1.5.2-1 - update to 1.5.2 - add all explicit cmake options to ensure openssl is used even in local build with other lilbraries available 1.5.1-1 - update to 1.5.1 - drop dependency on zlib-devel and bzip2-devel no more referenced in libzip.pc...
glibc security update
2.28-164.0.5.3 - Merge external errata patches. - Siddhesh Poyarekar - 2.28-164.3 - CVE-2021-3999: getcwd: align stack on clone in aarch64 and fix a memory leak 2032280 - Siddhesh Poyarekar - 2.28-164.2 - CVE-2022-23218, CVE-2022-23219: Fix buffer overflows in sunrpc clntcreate for 'unix' and...
kernel security, bug fix, and enhancement update
4.18.0-240.22.13.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
wpa_supplicant security update
1:2.6-12.1.0.2 - Added undefine-bitwise-in-common-header.patch bug 27677154 1:2.6-12.1 - P2P: Fix a corner case in peer addition based on PD Request CVE-2021-27803...
nodejs:10 security update
nodejs 1:10.23.1-1 - January Security release - https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/ - Rebase to 10.23.1 - Resolves: RHBZ1916461, RHBZ1914789 - Resolves: RHBZ1914783, RHBZ1916462, RHBZ1916395, RHBZ1916459 - Resolves: RHBZ1916691, RHBZ1916689, RHBZ1916388 - Remo...