9160 matches found
Unbreakable Enterprise kernel security update
4.1.12-124.42.3 - can: peakusb: pcanusbfd: Fix info-leaks to USB devices Tomas Bortoli Orabug: 31351221 CVE-2019-19535 - media: hdpvr: Fix an error handling path in hdpvrprobe Arvind Yadav Orabug: 31352053 CVE-2017-16644 - fs/binfmtmisc.c: do not allow offset overflow Thadeu Lima de Souza Cascard...
Unbreakable Enterprise kernel security update
4.1.12-124.39.1 - qla2xxx: Update driver version to 9.00.00.00.42.0-k1-v2 Arun Easi Orabug: 30372266 - qla2xxx: Fix device discovery when FCP2 device is lost. Arun Easi Orabug: 30372266 - brcmfmac: add subtype check for event handling in data path John Donnelly Orabug: 30776354 CVE-2019-9503 -...
php security update
5.4.16-46.1 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043...
thunderbird security update
60.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.9.0-1 - Update to 60.9.0...
firefox security update
68.1.0-1.0.1 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.1.0-1 - Update to 68.1.0 ESR 68.0.1-4 - Enable system nss...
ghostscript security update
9.07-31.el76.1 - Remove as many non-standard operators as possible to make the codebase closer to upstream for later CVEs - Resolves: 1621383 - CVE-2018-16511 ghostscript: missing type check in type checker 699659 - Resolves: 1621159 - CVE-2018-15908 ghostscript: .tempfile file permission issues...
kernel security update
kernel 2.6.18-419.0.0.0.12 - x86 mm/dumppagetables: Add a checkl1tf debugfs file Chris von Recklinghausen 1593378 CVE-2018-3620 - x86 cpu: Make flushl1d visible in /proc/cpuinfo Chris von Recklinghausen 1593378 - x86 cpufeatures: Add detection of L1D cache flush support. Chris von Recklinghausen...
kernel security and bug fix update
3.10.0-693.5.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.5.2 - mm pagecgroup: Fix Kernel bug during boot with memory cgroups enabled...
Unbreakable Enterprise kernel security update
5.4.17-2136.343.5.1 - nvme: fix deadlock between reset and scan Bitao Hu Orabug: 37920457 5.4.17-2136.343.5 - sctp: sysctl: authenable: avoid using current-nsproxy Matthieu Baerts NGI0 Orabug: 37846673 - sctp: sysctl: cookiehmacalg: avoid using current-nsproxy Matthieu Baerts NGI0 Orabug: 3784666...
python-pip security update
21.2.3-7 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2207997...
java-1.8.0-openjdk security update
1:1.8.0.292.b10-1 - Add CVE numbers. - Require tzdata 2021a due to JDK-8260356 - Resolves: rhbz1938201 1:1.8.0.292.b10-0 - Update to aarch64-shenandoah-jdk8u292-b10 GA - Update release notes for 8u292-b10. - This tarball is embargoed until 2021-04-20 @ 1pm PT. - Resolves: rhbz1938201...
kernel security, bug fix, and enhancement update
4.18.0-240.22.13.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.51.2 - Revert 'kexec: Validate pe files against the systemlacklistkeyring' John Donnelly Orabug: 32171714 CVE-2020-26541 CVE-2020-26541 3.8.13-118.51.1 - usb: cdc-acm: make sure a refcount is taken early enough Oliver Neukum Orabug: 31351090 CVE-2019-19530 - kexec: Validate ...
sudo security update
1.8.25-4.0.1.el8.1 - Treat an ID of -1 as invalid since that means 'no change' Orabug: 30421281 CVE-2019-14287 - Add sudostrtoid tests for -1 and range errors. Orabug: 30421281...
Unbreakable Enterprise kernel security update
4.1.12-112.14.11 - x86/pti/efi: broken conversion from efi to kernel page table Pavel Tatashin Orabug: 27363926 Orabug: 27352353 CVE-2017-5754 - x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT redux Konrad Rzeszutek Wilk Orabug: 27369994 - x86/IBRS: Make sure we restore...
glibc security, bug fix, and enhancement update
2.17-157 - Rebuild with updated binutils 1268008 2.17-156 - malloc arena free free list management fix 1276753 2.17-155 - Basic validity check for locale-archive.tmpl 1350733 2.17-153 - Add Intel AVX-512 optimized routines 1298526. 2.17-151 - Improve malloc peformance in low-memory situations...
Bug fix of NetworkManager
1:1.40.16-18.0.1 - disable MPTCP handling by default Orabug: 35081472 - Fix ignore-carrier logic Orabug: 34956744 - Disable regeneration of the documentation Orabug: 34712048 - add connectivity check via Oracle servers Orabug: 32051972 - Disable the build of NetworkManager-config-connectivity-...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.402.b06-0.1.ea - Update to shenandoah-jdk8u402-b06 GA - Update release notes for shenandoah-8u402-b06. - Drop local copy of JDK-8312489 which is now included upstream - Switch to GA mode. - This tarball is embargoed until 2024-01-16 @ 1pm PT. - Resolves: RHEL-17914 - Resolves: RHEL-20965...
bind security update
32:9.16.23-1.1 - Fix possible serve-stale related crash CVE-2022-3080 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178...
nodejs:14 security and bug fix update
nodejs 1:14.15.4-2 - Add patch for yarn crash - Resolves: RHBZ1916465 1:14.15.4-1 - Security rebase to 14.15.4 - https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/ - Resolves: RHBZ1916463, RHBZ1914788 - Resolves: RHBZ1914785, RHBZ1916387, RHBZ1916389, RHBZ1916390, RHBZ191669...
openssh security, bug fix, and enhancement update
5.3p1-94 - use dracut-fips package to determine if a FIPS module is installed 1001565 5.3p1-93 - use dist tag in suffixes for hmac checksum files 1001565 5.3p1-92 - use hmacsuffix for ssh,d hmac checksums 1001565 5.3p1-91 - fix NSS keys support 1004763 5.3p1-90 - change default value of MaxStartu...
emacs security update
1:26.1-13 - Fix man.el shell injection vulnerability RHEL-79016...
Unbreakable Enterprise kernel security update
5.15.0-205.149.5.1 - KVM: x86: Add BHINO Daniel Sneddon Orabug: 36384802 CVE-2024-2201 - x86/bhi: Mitigate KVM by default Pawan Gupta Orabug: 36384802 CVE-2024-2201 - x86/bhi: Add BHI mitigation knob Pawan Gupta Orabug: 36384802 CVE-2024-2201 - x86/bhi: Enumerate Branch History Injection BHI bug...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.352.b08-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Add test to ensure timezones can be translated - Related: rhbz2133695 1:1.8.0.352.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release notes for shenandoah-8u352-b08. - This tarball is embargoed until...
httpd:2.4 security update
httpd 2.4.37-43.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html. 2.4.37-43 - Related: 2007235 - CVE-2021-40438 httpd:2.4/httpd: modproxy: SSRF via a crafted request uri-path 2.4.37-42 - Resolves: 2007235 - CVE-2021-40438...
libdb security update
5.3.28-40 - Resolves: CVE-2019-2708 - Resolves: 1856237...
java-1.8.0-openjdk security update
1:1.8.0.242.b07-1 - Add backports of JDK-8031111 & JDK-8132111 to fix TCK issue. - Resolves: rhbz1785753 1:1.8.0.242.b07-0 - Update to aarch64-shenandoah-jdk8u242-b07. - Switch to GA mode for final release. - Remove Shenandoah S390 patch which is now included upstream as JDK-8236829. - Resolves:...
qemu security update
15:3.0.0-1.el7 - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28763782 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug: 28763774 CVE-2018-17962 - rtl8139: fix possible out of bound access Jason Wang Orabug: 28763765 CVE-2018-17958 - ne2000: fix possible ou...
kernel security update
3.10.0-693.11.6.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.11.6 - x86 specctrl: Eliminate redundant FEATURE Not Present messages Andrea...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.33 - Revert 'x86/mm: Expand the exception table logic to allow new handling options' Brian Maly Orabug: 25790387 CVE-2016-9644 - Revert 'fix minor infoleak in getuserex' Brian Maly Orabug: 25790387 CVE-2016-9644 4.1.12-61.1.32 - x86/mm: Expand the exception table logic to...
virt:ol and virt-devel:ol security update
libvirt 6.0.0-28.1.0.1 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma qemu-kvm 4.2.0-34.el83.5 - kvm-Drop-bogus-IPv6-messages.patch bz1939493 - Resolves: bz1939493 CVE-2020-10756 virt:rhel/qemu-kvm: QEMU: slirp: networking out-of-bounds read information disclosure vulnerability...
ruby:3.3 security update
ruby 3.3.5-3 - Upgrade to Ruby 3.3.5 Resolves: RHEL-57576 - Fix DoS vulnerability in rexml. CVE-2024-39908 CVE-2024-41946 CVE-2024-43398 Resolves: RHEL-57573 Resolves: RHEL-57570 Resolves: RHEL-57578 - Fix REXML DoS when parsing an XML having many specific characters such as whitespace character,...
libtiff security update
4.4.0-7 - Fix CVE-2022-3970 - Resolves: CVE-2022-3970 4.4.0-6 - Fix CVE-2022-3597 CVE-2022-3626 CVE-2022-3599 CVE-2022-3570 CVE-2022-3598 CVE-2022-3627 - Resolves: CVE-2022-3597 CVE-2022-3626 CVE-2022-3599 CVE-2022-3570 CVE-2022-3598 CVE-2022-3627...
olcne security update
helm 3.3.4-2 - Address CVE-2021-27918 coredns 1.7.0-1 - Added Oracle specific build files cri-o 1.18.4-2 - Fix for CVE-2021-27918 1.18.4-1 - Added Oracle Specifile Files for cri-o cri-tools 1.18.0-2 - Address CVE-2021-27918 etcd 3.4.3-1.0.5 - Address CVE-2021-27918 flannel 0.12.0-2 - Address...
openssl security update
1.0.1e-59.0.1 - Backport fixes for CVE-2020-1971 Orabug: 32654738 1.0.1e-58.0.1 - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix CVE-2018-0739 - Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz - sha256 is used fo...
Unbreakable Enterprise kernel security update
2.6.39-400.320.1 - rds: Avoid flushing MRs in rdsrdmadropkeys aru kolappan Orabug: 30650888 - media: b2c2-flexcop-usb: add sanity checking Oliver Neukum Orabug: 30864535 CVE-2019-15291...
Unbreakable Enterprise kernel security update
4.14.35-1818.1.6 - ipv4: frags: handle possible skb truesize change Eric Dumazet Orabug: 28481663 CVE-2018-5391 4.14.35-1818.1.5 - inet: frag: enforce memory limits earlier Eric Dumazet Orabug: 28481663 CVE-2018-5391 - init/main.c: reorder bootcpustateinit/smppreparebootcpu Mihai Carabas Orabug:...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.6 - perf/hwbp: Simplify the perf-hwbp code, fix documentation Linus Torvalds Orabug: 27947608 CVE-2018-100199 3.8.13-118.20.5 - x86/microcode: probe CPU features on microcode update Ankur Arora Orabug: 27806667 - x86/microcode: microcodewrite should not reference...
ntp security update
4.2.6p5-22.0.1.el72.2 - add disable monitor to default ntp.conf CVE-2013-5211...
kernel security, bug fix, and enhancement update
4.18.0-513.5.19.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
php:7.4 security update
libzip 1.6.1-1 - update to 1.6.1 - enable lzma support 1.5.2-1 - update to 1.5.2 - add all explicit cmake options to ensure openssl is used even in local build with other lilbraries available 1.5.1-1 - update to 1.5.1 - drop dependency on zlib-devel and bzip2-devel no more referenced in libzip.pc...
libreoffice security update
6.4.7.2-11.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor=Oracle America, Inc. - Added the --with-hamcrest option to configure. 1:6.4.7.2-11 - Resolves: rhbz2060559 CVE-2021-25636...
openssl security update
3.0.1-43.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-43 - CVE-2022-3602: X.509 Email Address Buffer Overflow - running tests Resolves: CVE-2022-3602 1:3.0.1-42 - CVE-2022-3602: X.509 Email Address Buffer Overflow Resolves: CVE-2022-3602...
ol8addon security update
...
java-17-openjdk security and bug fix update
1:17.0.3.0.6-2 - Add JDK-8284920 fix for XPath regression - Related: rhbz2073575 1:17.0.3.0.6-2 - JDK-8275082 should be listed as also resolving JDK-8278008 & CVE-2022-21476 - Related: rhbz2073575 1:17.0.3.0.6-1 - JDK-8283911 patch no longer needed now we're GA... - Resolves: rhbz2073575...
Unbreakable Enterprise kernel security update
4.14.35-1844.2.5 - x86/apic: Switch all APICs to Fixed delivery mode Thomas Gleixner Orabug: 29262403 4.14.35-1844.2.4 - x86/platform/UV: Add check of TSC state set by UV BIOS [email protected] Orabug: 29205471 - x86/tsc: Provide a means to disable TSC ART [email protected] Orabug: 29205471 -...
NetworkManager security update
1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin CVE-2018-15688...
go-toolset:ol8 security and bug fix update
go-toolset 1.11.13-1 - Bump version to 1.11.13 - Related: rhbz1743204 - Related: rhbz1743206 golang 1.11.13-2 - Improve error message when using non-FIPS API in FIPS mode. - Fixes CVE-2019-9512. - Fixes CVE-2019-9514. - Resolves: rhbz1745711 - Resolves: rhbz1745705 1.11.6-3 - Updates to be less...
sssd security and bug fix update
2.9.4-6.0.1 - Restore default debug level for ssscache Orabug: 32810448 2.9.4-6 - Resolves: RHEL-27209 - Race condition during authorization leads to GPO policies functioning inconsistently rhel-9.4.0 2.9.4-5 - Resolves: RHEL-28161 - Passkey cannot fall back to password 2.9.4-4 - Resolves:...
zlib security update
1.2.11-32 - Fix heap-based buffer over-read or buffer overflow in inflate in inflate.c - Resolves: CVE-2022-37434...