8987 matches found
kernel security update
2.6.32-754.29.1.OL6 - Update genkey bug 25599697 2.6.32-754.29.1 - wireless rtlwifi: Fix potential overflow on P2P code Jarod Wilson 1775226 CVE-2019-17666 - x86 mm: revert x8664 and arm64 ELFETDYNBASE base changes Denys Vlasenko 1485759 - powerpc powerpc: move ELFETDYNBASE to 4GB / 4MB Denys...
go-toolset:ol8 security and bug fix update
go-toolset 1.11.13-1 - Bump version to 1.11.13 - Related: rhbz1743204 - Related: rhbz1743206 golang 1.11.13-2 - Improve error message when using non-FIPS API in FIPS mode. - Fixes CVE-2019-9512. - Fixes CVE-2019-9514. - Resolves: rhbz1745711 - Resolves: rhbz1745705 1.11.6-3 - Updates to be less...
kernel security, bug fix, and enhancement update
4.18.0-513.5.19.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
zlib security update
1.2.11-32 - Fix heap-based buffer over-read or buffer overflow in inflate in inflate.c - Resolves: CVE-2022-37434...
Unbreakable Enterprise kernel security update
4.14.35-2047.511.5.5.1.el7uek - netfilter: nftables: initialize registers in nftdochain Pablo Neira Ayuso Orabug: 34018777 CVE-2022-1016...
kernel security and bug fix update
2.6.32-754.24.2.OL6 - Update genkey bug 25599697 2.6.32-754.24.2 - documentation Documentation: Add ITLBMULTIHIT documentation Paolo Bonzini 1692385 CVE-2018-12207 - kvm KVM: introduce nohugepages module parameter Paolo Bonzini 1692385 CVE-2018-12207 - x86 x86: Add ITLBMULTIHIT bug infrastructure...
kernel security and bug fix update
3.10.0-1062.1.1 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.1.1 - fs nfsv4.1: Avoid false retries when RPC calls are interrupted Benjam...
vim security update
2:7.4.629-5.2 - 1724045 - fix CVE-2019-12735 the :source! command allows arbitrary command execution via the modeline - fix spec warnings about expanding macros...
firefox security update
60.6.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.6.1-1 - Update to 60.6.1 ESR Build 1...
qemu security update
15:3.0.0-1.el7 - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28763782 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug: 28763774 CVE-2018-17962 - rtl8139: fix possible out of bound access Jason Wang Orabug: 28763765 CVE-2018-17958 - ne2000: fix possible ou...
kernel security and bug fix update
kernel - 2.6.18-417.0.0.0.1 - netfront fix ring buffer index go back led vif stop orabug 18272251 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add...
openssl security update
3.0.1-43.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-43 - CVE-2022-3602: X.509 Email Address Buffer Overflow - running tests Resolves: CVE-2022-3602 1:3.0.1-42 - CVE-2022-3602: X.509 Email Address Buffer Overflow Resolves: CVE-2022-3602...
httpd:2.4 security update
httpd 2.4.37-47.0.2.2 - modproxy: approxyhttprequest to clear hop-by-hop first and...
python39:3.9 and python39-devel:3.9 security update
modwsgi 4.7.1-4 - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz1877430 4.7.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora33MassRebuild 4.7.1-2 - Rebuilt for Python 3.9 4.7.1-1 - update to 4.7.1 1721376 python39 3.9.7-1 - Update to 3.9.7 Resolves: rhbz2003102...
redis:6 security update
6.0.9-3 - fix integer overflow via STRALGO LCS command CVE-2021-29477...
glibc security, bug fix, and enhancement update
2.28-151.0.1.el84 - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag ...
java-1.8.0-openjdk security update
1:1.8.0.232.b09-0 - Update to aarch64-shenandoah-jdk8u232-b09. - Switch to GA mode for final release. - Remove PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Resolves: rhbz1753423 1:1.8.0.232.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u232-b08. - Resolves: rhbz1753423...
patch security update
2.7.6-9 - CVE-2018-20969, invoke ed directly instead of using the shell...
kdelibs and kde-settings security and bug fix update
kdelibs 6:4.14.8-11 - KConfig: malicious .desktop files would execute code Resolves: bz1740736 kde-settings 19-23.10.0.1 - Change GreetString bug 11710280 19-23.10 - Use correct tcsh syntax for config scripts Resolves: bz1738491...
Unbreakable Enterprise kernel security update
4.1.12-124.26.7 - ibcore: initialize shpd field when allocating 'struct ibpd' Mukesh Kacker Orabug: 29384815 - Revert 'x86/apic: Make archsetuphwirq NUMA node aware' Brian Maly Orabug: 29542185 - qlcnic: fix Tx descriptor corruption on 82xx devices Shahed Shaikh Orabug: 27708787 - block: Fix a ra...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.31.1 - alarmtimer: Prevent overflow for relative nanosleep Thomas Gleixner Orabug: 29269167 CVE-2018-13053 - KEYS: Don't permit requestkey to construct a new keyring David Howells Orabug: 29304552 CVE-2017-17807 - KEYS: add missing permission check for requestkey destination...
glibc security update
2.17-222 - Restore internal GLIBCPRIVATE symbols for use during upgrades 1523119 2.17-221 - CVE-2018-1000001: Fix realpath buffer underflow 1534635 - i386: Fix unwinding for 32-bit C++ application 1529982 - Reduce thread and dynamic loader stack usage 1527904 - x86-64: Use XSAVE/XSAVEC more often...
mariadb security and bug fix update
1:5.5.56-2 - Do not fix context and change owner if run by root in mariadb-prepare-db-dir Related: 1458940 - Check properly that datadir includes only expected files Related: 1356897 1:5.5.56-1 - Rebase to 5.5.56 That release also fixes the following security issues: CVE-2016-5617/CVE-2016-6664...
kernel security and bug fix update
kernel 2.6.18-348.16.1 - x8664 Fix kdump failure due to 'x8664: Early segment setup' Paolo Bonzini 988251 987244 - xen skip tracing if it was disabled instead of dying Igor Mammedov 987976 967053 - ia64 fix KABI breakage on ia64 Prarit Bhargava 966878 960783 - x86 fpu: fix CONFIGPREEMPT=y...
Security and bug fixes for NetworkManager
1.48.10-5.0.1 - disable MPTCP handling by default Orabug: 34801142 - add connectivity check via Oracle servers Orabug: 32051972 1:1.48.10-5 - vpn: Support routing rules in vpn conenctions RHEL-73167 - vpn: Place gateway route to table defined in ipvx.route-table RHEL-73166 1:1.48.10-4 - Remove...
sudo security update
1.9.5p2-7.1 RHEL 9.1.0.Z ERRATUM - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user Resolves: rhbz2161224...
Unbreakable Enterprise kernel security update
4.14.35-1902.306.2 - rename kABI whitelists to lockedlists Dan Duval Orabug: 31783150 - sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices Dave Chiluk Orabug: 31350999 CVE-2019-19922 - sched/fair: Fix throttlelist starvation with low CFS quota Phil Auld...
Unbreakable Enterprise kernel security update
4.14.35-1902.8.4 - Revert 'oled: give panic handler chance to run before kexec' John Donnelly Orabug: 30594702 - Revert 'oled: export symbols' John Donnelly Orabug: 30594702 - net/rds: Recycle RDS headers to speed up connection fail over Ka-Cheong Poon Orabug: 30628735 - net/rds: Reduce RDS heade...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.39.1 - tcp: purge write queue in tcpconnectinit Eric Dumazet Orabug: 30240134 CVE-2019-15239 - cx24116: fix a buffer overflow when checking userspace params Mauro Carvalho Chehab Orabug: 30254282 CVE-2015-9289 - floppy: fix out-of-bounds read in copybuffer Denis Efremov...
edk2 security update
1:1.2-5.el7 - Update spec file to remove 'modprobe kvm-intel' and remove --enable-kvm arg to ovmfvarsgenerator so qemu will not require kvm kernel module. Aaron Young - Update spec file to modprobe kvmintel module prior to running qemu to enroll default keys. Aaron Young - Enroll Oracle cert/key...
kernel security update
4.18.0-80.7.20.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.7.20 - x86 x86/entry/64: Use JMP instead of JMPQ Josh Poimboeuf...
kernel security update
2.6.32-696.18.7.OL6 - Update genkey bug 25599697 2.6.32-696.18.7 - x86 specctrl: svm: specctrl at vmexit needs per-cpu areas functional Waiman Long 1519797 1519796 CVE-2017-5715 - x86 specctrl: Eliminate redundnat FEATURE Not Present messages Waiman Long 1519797 1519796 CVE-2017-5715 - x86...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.6 - blk-mq: avoid setting hctx-tags-cpumask before allocation Akinobu Mita Orabug: 24464170 4.1.12-61.1.3 - ocfs2: improve recovery performance Junxiao Bi Orabug: 24395729 - qed: Utilize FW 8.10.3.0 Yuval Mintz Orabug: 24442553 - blk-mq: mark request queue as mq asap Ming L...
krb5 security update
1.15.1-55.0.9 - Fixes CVE-2025-24528 , Prevent overflow when calculating ulog block size Orabug: 37587301...
.NET Core 3.1 security and bugfix update
3.1.423-1.0.1 - Add missing Oracle Linux Runtime IDs 3.1.423-1 - Update to .NET SDK 3.1.423 and Runtime 3.1.29 - Resolves: RHBZ2123785...
ol8addon security update
...
Unbreakable Enterprise kernel security update
4.14.35-2047.511.5.6 - lib/ioviter: initialize 'flags' in new pipebuffer Max Kellermann Orabug: 33942242 CVE-2022-0847...
firefox security update
78.12.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.12.0-1 - Update to 78.12.0 build1...
nodejs:12 security update
nodejs 1:12.20.1-1 - Security rebase for January security release - https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/ - Resolves: RHBZ1916460, RHBZ1914786 - Resolves: RHBZ1914784, RHBZ1916396 nodejs-nodemon 2.0.3-1 - Resolves: RHBZ1921841, RHBZ1921843, RHBZ1921842 - Rebase ...
Unbreakable Enterprise kernel security update
4.1.12-124.17.1 - block: update integrity interval after queue limits change Ritika Srivastava Orabug: 27586756 - dccp: check sk for closed state in dccpsendmsg Alexey Kodanev Orabug: 28001529 CVE-2017-8824 CVE-2018-1130 - net/rds: Implement ARP flushing correctly Hakon Bugge Orabug: 28219857 -...
Unbreakable Enterprise kernel security update
4.1.12-124.16.4 - x86/fpu: Make eager FPU default Mihai Carabas Orabug: 28135099 CVE-2018-3665...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.18uek - IB/security: Restrict use of the write interface Jason Gunthorpe Orabug: 23641666 CVE-2016-4565...
xorg-x11-server security update
1.20.4-29.0.1 - Fixed CVE-2025-26594 CVE-2025-26595 CVE-2025-26596 - CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600 - CVE-2025-26601 Orabug: 37712847...
kernel security update
4.18.0-553.45.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
pcre2 security update
10.37-5 - Explicitly require uft subpackages in tools subpackage 10.37-4 - Resolves: CVE-2022-1586 CVE-2022-1587...
mariadb:10.3 security and bug fix update
galera 25.3.34-4 - Explicitly require the 'procps-ng' package - Otherwise it will not require it in the lightweight systems e.g. containers - and Galera won't work properly 25.3.34-3 - Use downstream garbd-wrapper and garbd.service to ensure compatibility - Add upstream versions of garbd-wrapper...
glibc security update
2.28-164.0.1 - Merge of RH patches for ol8-u5 beta release Review-exception: Routine merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for...
Unbreakable Enterprise kernel security update
5.4.17-2036.104.5 - scsi: iscsi: Verify lengths on passthrough PDUs Chris Leech Orabug: 32603379 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi: Ensure sysfs attributes are limited to PAGESIZE Chris Leech Orabug: 32603379 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi:...
Unbreakable Enterprise kernel security update
4.1.12-124.45.6 - qla2xxx: disable target reset during link reset and update version Quinn Tran Orabug: 32095664 - scsi: qla2xxx: Fix early srb free on abort Quinn Tran Orabug: 32095664 - scsi: qla2xxx: Fix comment in MODULEPARMDESC in qla2xxx Masanari Iida Orabug: 32095664 - scsi: qla2xxx: Enabl...
freerdp and vinagre security, bug fix, and enhancement update
freerdp 2:2.1.1-1 - Update to 2.1.1 rhbz1834287. 2:2.0.0-47.rc4 - Fix SCARDINSUFFICIENTBUFFER error rhbz1803054 - Do not advertise /usb in help output rhbz1761144 vinagre 3.22.0-23 - Remove unused variable CovScan - Related: 1839744 3.22.0-22 - Rebuild due to new version of FreeRDP - Fix an issue...