9170 matches found
olcne conmon coredns cri-o cri-tools etcd flannel grafana helm istio kata kata-agent kata-image kata-ksm-throttler kata-proxy kata-runtime kata-shim kubernetes kubernetes-cni kubernetes-cni-plugins kubernetes-dashboard prometheus yq security update
olcne 1.1.5-2 - kubernetes pod subnet flag not honored in flannel configuration 1.1.5-1 - Address CVE-2020-16845 conmon 2.0.10-3 - Address CVE-2020-16845 coredns 1.6.5-1.0.3 - Address CVE-2020-16845 cri-o 1.17.0-1.0.5 - Address CVE-2020-16845 cri-tools 1.17.0-1.0.2 - Address CVE-2020-16845...
kernel security and bug fix update
2.6.32-754.3.5.OL6 - Update genkey bug 25599697 2.6.32-754.3.5 - kernel cpu/hotplug: Enable 'nosmt' as late as possible Frantisek Hrbata 1593376 CVE-2018-3620 2.6.32-754.3.4 - x86 x86/mm: Simplify pg4umdpage macros Josh Poimboeuf 1593376 CVE-2018-3620 - x86 x86/mm: Fix regression with huge pages ...
Unbreakable Enterprise kernel security update
4.14.35-1818.0.14 - tcp: add tcpoootrycoalesce helper Eric Dumazet Orabug: 28453849 CVE-2018-5390 - tcp: call tcpdrop from tcpdataqueueofo Eric Dumazet Orabug: 28453849 CVE-2018-5390 - tcp: detect malicious patterns in tcpcollapseofoqueue Eric Dumazet Orabug: 28453849 CVE-2018-5390 - tcp: avoid...
Unbreakable Enterprise kernel security update
4.1.12-124.15.1 - netfilter: nfnetlinkcthelper: Add missing permission checks Kevin Cernekee Orabug: 27260771 CVE-2017-17448 - netlink: Add netns check on taps Kevin Cernekee Orabug: 27260799 CVE-2017-17449 - KVM: Fix stack-out-of-bounds read in writemmio Wanpeng Li Orabug: 27290606 CVE-2017-1774...
Unbreakable Enterprise kernel security update
5.15.0-306.177.4 - Revert 'usb: gadget: userial: Disable ep before setting port to null to fix the crash caused by port being null' Greg Kroah-Hartman - drm/v3d: Assign job pointer to NULL before signaling the fence Maira Canal - scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sys...
kernel security update
4.18.0-513.18.1.el89.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
libtasn1 security update
4.16.0-9 - Resolves: rhbz2140602...
libreoffice security update
7.1.8.1-8.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:7.1.8.1-8 - Resolves: rhbz2134759 Untrusted Macros - Resolves: rhbz2134757 Weak Master Keys - Resolves: rhbz2134755 Static...
Unbreakable Enterprise kernel-container security update
5.15.0-3.60.5.1.el8 - fs: remove nollseek Jason A. Donenfeld Orabug: 34721465 - vfio: do not set FMODELSEEK flag Jason A. Donenfeld Orabug: 34721465 - dma-buf: remove useless FMODELSEEK flag Jason A. Donenfeld Orabug: 34721465 - fs: do not compare against -llseek Jason A. Donenfeld Orabug: 347214...
gzip security update
1.10-9 - fix an arbitrary-file-write vulnerability in zgrep Resolves: CVE-2022-1271...
Unbreakable Enterprise kernel security update
5.4.17-2136.307.3.5 - KVM: x86: avoid calling x86 emulator without a decoded instruction Sean Christopherson Orabug: 34211496 CVE-2022-1852 CVE-2022-1852...
httpd:2.4 security update
httpd 2.4.37-43.0.2.3 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-43.3 - Resolves: 2065247 - CVE-2022-22720 httpd:2.4/httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier...
python-pip security update
...
fribidi security update
1.0.2-1.1 - Security fix for CVE-2019-18397 Resolves: rhbz1781224...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.24.2 - x86/speculation/l1tf: Fix overflow in l1tfpfnlimit on 32bit Vlastimil Babka Orabug: 28505476 CVE-2018-3620 - x86/speculation/l1tf: Protect PAE swap entries against L1TF Vlastimil Babka Orabug: 28505476 CVE-2018-3620 - x86/speculation/l1tf: Extend 64bit swap file size...
emacs security update
1:27.2-11.1 - Eliminate use of obsolete patch syntax RHEL-80443 1:27.2-11 - Fix man.el shell injection vulnerability RHEL-79025...
bind security update
32:9.16.23-24.0.1.el95.3 - Fix bind: bind9: Many records in the additional section cause CPU exhaustion CVE-2024-11187...
virt:ol and virt-devel:rhel security, bug fix, and enhancement update
hivex libguestfs 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix CVE-2022-2211 Denial of Service in --key parameter resolves: rhbz2101280 1:1.44.0-8 -...
dbus security update
1.12.20-7.0.1 - fix netlink poll: error 4 Zhenzhong Duan 1:1.12.20-7 - Fix CVE-2022-42010 2133647 - Fix CVE-2022-42011 2133641 - Fix CVE-2022-42012 2133635...
openssl security update
1:1.1.1k-7 - Fix CVE-2022-2097: AES OCB fails to encrypt some bytes on 32-bit x86 Resolves: CVE-2022-2097 - Update expired certificates used in the testsuite Resolves: rhbz2100554 - Fix CVE-2022-1292: openssl: crehash script allows command injection Resolves: rhbz2090371 - Fix CVE-2022-2068: the...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.309.5 - lockdown: Fix kexec lockdown bypass with ima policy Eric Snowberg Orabug: 34386637 CVE-2022-21505...
gnutls and nettle security, bug fix, and enhancement update
gnutls 3.6.16-4 - p11tool: Document ID reuse behavior when importing certs 1776250 3.6.16-3 - Treat SHA-1 signed CA in the trusted set differently 1965445 3.6.16-2 - Filter certificatetypes in TLS 1.2 CR based on signature algorithms 1942216 3.6.16-1 - Update to upstream 3.6.16 release 1956783 -...
grafana security update
7.3.6-3 - resolve CVE-2021-39226 - resolve CVE-2021-27358...
Unbreakable Enterprise kernel security update
4.14.35-2047.507.7.4 - KVM: x86: Check kvmrebooting in kvmspuriousfault Sean Christopherson Orabug: 33362693 4.14.35-2047.507.7.3 - arm64: Reserve elfcorehdr before scanning reserved memory from device tree Dave Kleikamp Orabug: 33354710 4.14.35-2047.507.7.2 - net: geneve: modify IP header check ...
httpd:2.4 security, bug fix, and enhancement update
httpd 2.4.37-39.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracles index page oracleindex.html 2.4.37-39 - prevent htcacheclean from while break when first file processed 2.4.37-38 - Resolves: 1918741 - Thousands of /tmp/modproxy.tmp. files created by...
java-11-openjdk security and bug fix update
1:11.0.9.11-0 - Update to jdk-11.0.9+11 - Update release notes for 11.0.9 release. - Add backport of JDK-8254177 to update to tzdata 2020b - Require tzdata 2020b due to resource changes in JDK-8254177 - Delay tzdata 2020b dependency until tzdata update has shipped. - This tarball is embargoed unt...
kernel security and bug fix update
2.6.32-754.28.1.OL6 - Update genkey bug 25599697 2.6.32-754.28.1 - netdrv ixgbevf: Use cached link state instead of re-reading the value for ethtool Ken Cox 1795404 - isdn mISDN: enforce CAPNETRAW for raw sockets Andrea Claudi 1779473 CVE-2019-17055 - net cfg80211: wext: avoid copying malformed...
virt:ol security update
hivex libguestfs 1:1.38.4-14.0.1 - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.38.4-14 - v2v: use -T as argument of scp when copying vmx files via ssh resolves: rhbz1738886 Fri Jun 28 2019 Danilo de Paula - Rebuild all virt package...
microcode_ctl security update
2:2.1-53.3.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 2:2.1-53.3.0.1 - do not late load prior to 3.10.0 - ensure late loading fixes are present on 4.1.12- and 4.14.35- - enable early loading on 06-4f-01 - update 06-55-04 to 0x2000065 - update...
Unbreakable Enterprise kernel security update
4.1.12-112.14.5 - x86/ibrs: Remove 'ibrsdump' and remove the prdebug Konrad Rzeszutek Wilk Orabug: 27350825 4.1.12-112.14.4 - kABI: Revert kABI: Make the bootcpudata look normal Konrad Rzeszutek Wilk CVE-2017-5715 4.1.12-112.14.3 - userns: prevent speculative execution Elena Reshetova Orabug:...
glibc security update
2.5-123.0.2.el511.3 - Mitigation for CVE-2017-1000366 glibc: heap/stack gap jumping via unbounded stack allocations...
kernel security and bug fix update
kernel 2.6.18-416 - mm Fix Privilege escalation via MAPPRIVATE Larry Woodman 1385112 CVE-2016-5195 2.6.18-415 - fs gfs2: Initialize atime of INEW inodes Andreas Grunbacher 1374861 - fs gfs2: Update file times after grabbing glock Andreas Grunbacher 1374861 - Revert: fs gfs2: Only refresh newer...
Unbreakable Enterprise kernel security update
5.15.0-307.178.5 - net/mlx5: DR, prevent potential error pointer dereference Dan Carpenter Orabug: 37434242 CVE-2024-56660 - uek-rpm: Set CONFIGIP6NFIPTABLES for ol9/ol8 container kernels Jonah Palmer Orabug: 37703179 - net: hsr: fix fillframeinfo regression vs VLAN packets Eric Dumazet - f2fs:...
webkit2gtk3 security update
2.48.1-1 - Update to 2.48.1 2.48.0-1 - Update to 2.48.0...
libxslt security update
1.1.32-6.1.0.1 - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball 1.1.32-6.1 - Fix CVE-2024-55549 RHEL-83506 - Fix CVE-2025-24855 RHEL-83492...
tomcat security update
1:9.0.87-2.el95.1 - Resolves: RHEL-82946 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT CVE-2025-24813 - Resolves: RHEL-71719 tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379...
.NET 9.0 security, bug fix, and enhancement update
9.0.104-1.0.1 - Add support for Oracle Linux 9.0.104-1 - Update to .NET SDK 9.0.104 and Runtime 9.0.3 - Resolves: RHEL-81649...
libsoup security update
2.62.2-2.0.3 - Fixed CVE-2024-52531 buffer overflow via UTF-8 conversion in - soupheaderparseparamliststrict Orabug: 37557504...
qemu security update
15:4.2.1-11.el7 - pvrdma: Fix the ring init error flow CVE-2021-3608 Marcel Apfelbaum Orabug: 33120142 CVE-2021-3608 - pvrdma: Ensure correct input on ring init CVE-2021-3607 Marcel Apfelbaum Orabug: 33120146 CVE-2021-3607 - hw/rdma: Fix possible mremap overflow in the pvrdma device CVE-2021-3582...
thunderbird security update
78.12.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.12.0-2 - Update to 78.12.0 build2 78.12.0-1 - Update to 78.12.0 build1...
thunderbird security update
78.12.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.12.0-3 - Rebuild to pickup older nss 78.12.0-2 - Update to 78.12.0 build2 78.12.0-1 - Update to 78.12.0 build1...
docker-engine docker-cli security update
docker-engine 19.03.11-11 - Addresses CVE-2021-30465 - updated runc minimum version to runc = 3:1.0.0-1.rc95. 19.03.11-10 - Addresses runc CVE-2021-30465 - updated runc versions in cli/vendor.conf and docker-engine/vendor.conf to 1.0.0-rc95...
microcode_ctl security, bug fix and enhancement update
2:2.1-73.9.0.1 - for Intel, do not trigger load if on-disk microcode is not an update Orabug: 30634727 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 - ensure late loading fixes are present on 4.1.12- and 4.14.35- - enable early and late load for 5.4.17-...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.49.1 - sunrpc: use SVCNET in svcauthgss functions Vasily Averin Orabug: 31351996 CVE-2018-16884 - sunrpc: use-after-free in svcprocesscommon Vasily Averin Orabug: 31351996 CVE-2018-16884 - afpacket: set defaule value for tmo Mao Wenan Orabug: 31439108 CVE-2019-20812 - vgacon...
qemu-kvm security, bug fix, and enhancement update
1.5.3-167.el77.4 - kvm-target-i386-add-MDS-NO-feature.patch bz1755333 - Resolves: bz1755333 Intel 7.8 FEAT MDSNO exposure to guest - qemu-kvm rhel-7.7.z 1.5.3-167.el77.3 - kvm-target-i386-Export-TAANO-bit-to-guests.patch bz1771960 - kvm-target-i386-add-support-for-MSRIA32TSXCTRL.patch bz1771960 -...
java-1.7.0-openjdk security update
1:1.7.0.241-2.6.20.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.241-2.6.20.0 - Bump to 2.6.20 and OpenJDK 7u241-b01. - Drop PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Drop JDK-8226318/RH1738637 which is now included upstream. - Resolves: rhbz1753423...
kernel security and bug fix update
4.18.0-80.11.10.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.11.10 - wireless mwifiex: Don't abort on small, spec-compliant...
Xorg security and bug fix update
gdm 3.28.2-16 - Dont bring up login screen if background session gets killed Related: 1680120 3.28.2-15 - sync AllowMultipleSessionsPerUser patch from 7.6 branch Resolves: 1664353 - Create dconf dirs by default Resolves: 1664284 3.28.2-14 - Fix unlock on XDMCP sessions Resolves: 1693060 3.28.2-13...
Unbreakable Enterprise kernel security update
4.1.12-124.14.1 - ctf: drop the run-as-root error Nick Alcock Orabug: 27852654 - rds: Node crashes when trace buffer is opened Ka-Cheong Poon Orabug: 27846191 - xfs: fix accidental reversion of aa6a6227435cb Darrick J. Wong Orabug: 27845869 4.1.12-124.13.1 - net: cdcether: fix divide by 0 on bad...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.6.2 - KEYS: Fix ASN.1 indefinite length object parsing This fixes CVE-2016-0758. David Howells Orabug: 23279020 CVE-2016-0758 - net: add validation for the socket syscall protocol argument Hannes Frederic Sowa Orabug: 23267997 CVE-2015-8543 CVE-2015-8543 - ipv6: addrconf:...