8967 matches found
Unbreakable Enterprise kernel security update
4.14.35-2047.507.7.4 - KVM: x86: Check kvmrebooting in kvmspuriousfault Sean Christopherson Orabug: 33362693 4.14.35-2047.507.7.3 - arm64: Reserve elfcorehdr before scanning reserved memory from device tree Dave Kleikamp Orabug: 33354710 4.14.35-2047.507.7.2 - net: geneve: modify IP header check ...
dnsmasq security update
2.79-13.1 - Fix various issues in dnssec validation CVE-2020-25681 - Accept responses only on correct sockets CVE-2020-25684 - Use strong verification on queries CVE-2020-25685...
container-tools:ol8 security, bug fix, and enhancement update
buildah 1.14.9-1.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.14.9-1 - update to https://github.com/containers/buildah/releases/tag/v1.14.9 - Related: RHELPLAN-39206 1.14.8-2 - make container-selinux a soft dependency - Related: 1806044 1.14.8-1 - update to...
java-11-openjdk security update
1:11.0.6.10-1 - Update to shenandoah-jdk-11.0.6+10 GA - Switch to GA mode for final release. - Add JDK-8236039 backport to resolve OpenShift blocker - Resolves: rhbz1785753 1:11.0.6.1-0.0.ea - Update to shenandoah-jdk-11.0.6+1 EA - Switch to EA mode for 11.0.6 pre-release builds. - Add support fo...
microcode_ctl security update
2:2.1-53.3.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 2:2.1-53.3.0.1 - do not late load prior to 3.10.0 - ensure late loading fixes are present on 4.1.12- and 4.14.35- - enable early loading on 06-4f-01 - update 06-55-04 to 0x2000065 - update...
kernel security, bug fix, and enhancement update
4.18.0-80.7.10.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.7.10 - x86 Update stepping values for Whiskey Lake U/Y David Arcari...
Unbreakable Enterprise kernel security update
2.6.39-400.308.1 - x86/fpu: Fix 32-bit signal frame handling Dave Hansen Orabug: 28874707 - x86/fpu: Factor out memsetxstate, 0 in fpufinit paths Oleg Nesterov Orabug: 28874707 - x86/fpu: Always allow FPU in interrupt if useeagerfpu Oleg Nesterov Orabug: 28874707 - x86/fpu: Don't do threadfpuend ...
Unbreakable Enterprise kernel security update
2.6.39-400.307.1 - proc: restrict kernel stack dumps to root John Donnelly Orabug: 29114880 CVE-2018-17972 - alarmtimer: Prevent overflow for relative nanosleep Thomas Gleixner Orabug: 29269182 CVE-2018-13053 - ext4: only look at the bgflags field if it is valid Theodore Ts'o Orabug: 29409428...
Unbreakable Enterprise kernel security update
4.1.12-124.23.1 - xfs: don't call xfsdashrinkinode with NULL bp Eric Sandeen Orabug: 28898616 CVE-2018-13094 - ALSA: rawmidi: Change resized buffers atomically Takashi Iwai Orabug: 28898636 CVE-2018-10902 - md/raid5: fix a race condition in stripe batch Shaohua Li Orabug: 28917012 - xfs: don't fa...
kernel security and bug fix update
2.6.32-71.24.1.el6 - fs Revert 'fs inotify: stop kernel memory leak on file creation failure' Eric Paris 656831 656832 CVE-2010-4250 2.6.32-71.23.1.el6 - x86 Revert 'x86 mtrr: Assume SYSCFGTom2ForceMemTypeWB exists on all future AMD CPUs' Frank Arnold 683813 652208 2.6.32-71.22.1.el6 - rebuild...
Unbreakable Enterprise kernel security update
5.15.0-307.178.5 - net/mlx5: DR, prevent potential error pointer dereference Dan Carpenter Orabug: 37434242 CVE-2024-56660 - uek-rpm: Set CONFIGIP6NFIPTABLES for ol9/ol8 container kernels Jonah Palmer Orabug: 37703179 - net: hsr: fix fillframeinfo regression vs VLAN packets Eric Dumazet - f2fs:...
.NET 9.0 security, bug fix, and enhancement update
9.0.104-1.0.1 - Add support for Oracle Linux 9.0.104-1 - Update to .NET SDK 9.0.104 and Runtime 9.0.3 - Resolves: RHEL-81649...
.NET 9.0 security, bug fix, and enhancement update
9.0.104-1.0.1 - Add support for Oracle Linux 9.0.104-1 - Update to .NET SDK 9.0.104 and Runtime 9.0.3 - Resolves: RHEL-81645...
libxml2 security update
2.9.13-6.1 - Fix CVE-2022-49043 RHEL-76298...
rpm security update
4.16.1.3-27 - TOCTOU race in checks for unsafe symlinks CVE-2021-35937 - races with chown/chmod/capabilities calls during installation CVE-2021-35938 - checks for unsafe symlinks are not performed for intermediary directories CVE-2021-35939...
gmp security and enhancement update
1:6.2.0-13 - Fix: previous commit removed one function from the library and thus broke the ABI - function gmpnpreinvdivrem1 should now not be removed Related: rhbz2044216 1:6.2.0-12 - Add SIMD optimization patches for s390x provided by the IBM Resolves: rhbz2044216 1:6.2.0-11 Fix: Integer overflo...
device-mapper-multipath security update
0.8.7-7.1 - Add 0044-multipathd-ignore-duplicated-multipathd-command-keys.patch - Resolves: bz 2133997...
.NET Core 3.1 security, bug fix, and enhancement update
3.1.419-1.0.1 - Add missing Oracle Linux Runtime IDs - Update to .NET SDK 3.1.417 and Runtime 3.1.23 - Resolves: RHBZ2060566 3.1.419-1 - Update to .NET SDK 3.1.419 and Runtime 3.1.25 - Resolves: RHBZ2081443 3.1.418-1 - Update to .NET SDK 3.1.418 and Runtime 3.1.24 - Resolves: RHBZ2074654...
java-11-openjdk security update
1:11.0.12.0.7-0.0.1 - link atomic for ix86 build 1:11.0.12.0.7-0 - Update to jdk-11.0.12.0+7 - Update release notes to 11.0.12.0+7 - Switch to GA mode for final release. - This tarball is embargoed until 2021-07-20 @ 1pm PT. - Resolves: rhbz1972395 1:11.0.12.0.6-0.0.ea - Update to jdk-11.0.12.0+6...
microcode_ctl security, bug fix and enhancement update
2:2.1-73.9.0.1 - for Intel, do not trigger load if on-disk microcode is not an update Orabug: 30634727 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 - ensure late loading fixes are present on 4.1.12- and 4.14.35- - enable early and late load for 5.4.17-...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.49.1 - sunrpc: use SVCNET in svcauthgss functions Vasily Averin Orabug: 31351996 CVE-2018-16884 - sunrpc: use-after-free in svcprocesscommon Vasily Averin Orabug: 31351996 CVE-2018-16884 - afpacket: set defaule value for tmo Mao Wenan Orabug: 31439108 CVE-2019-20812 - vgacon...
tomcat security update
0:7.0.76-11 - Resolves: rhbz1806801 CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability...
qemu-kvm security, bug fix, and enhancement update
1.5.3-167.el77.4 - kvm-target-i386-add-MDS-NO-feature.patch bz1755333 - Resolves: bz1755333 Intel 7.8 FEAT MDSNO exposure to guest - qemu-kvm rhel-7.7.z 1.5.3-167.el77.3 - kvm-target-i386-Export-TAANO-bit-to-guests.patch bz1771960 - kvm-target-i386-add-support-for-MSRIA32TSXCTRL.patch bz1771960 -...
java-1.7.0-openjdk security update
1:1.7.0.241-2.6.20.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.241-2.6.20.0 - Bump to 2.6.20 and OpenJDK 7u241-b01. - Drop PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Drop JDK-8226318/RH1738637 which is now included upstream. - Resolves: rhbz1753423...
kernel security and bug fix update
4.18.0-80.11.10.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.11.10 - wireless mwifiex: Don't abort on small, spec-compliant...
thunderbird security update
60.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.8.0-1 - Updated to 60.8.0 60.7.2-3 - Rebuild to fix rhbz1725919 - Thunderbird fails to authenticate with gmail with ssl/tls and OAuth2...
Unbreakable Enterprise kernel security update
4.1.12-124.26.12 - x86/mds: Add empty commit for CVE-2019-11091 Konrad Rzeszutek Wilk Orabug: 29721935 CVE-2019-11091 - x86/microcode: Add loader version file in debugfs Boris Ostrovsky Orabug: 29754165 - x86/microcode: Fix CPU synchronization routine Borislav Petkov Orabug: 29754165 -...
java-1.7.0-openjdk security update
1:1.7.0.221-2.6.18.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.221-2.6.18.0 - Bump to 2.6.18 and OpenJDK 7u221-b02. - Resolves: rhbz1693468...
glibc security and bug fix update
2.12-1.212.0.1 - backport rh patch 1047983 from OL7, Orabug 25407655 2.12-1.212 - CVE-2017-15670: glob: Fix one-byte overflow with GLOBTILDE 1504810 - CVE-2017-15804: glob: Fix buffer overflow in GLOBTILDE unescaping 1504810 2.12-1.211 - Avoid large allocas in the dynamic linker 1452717 2.12-1.21...
Unbreakable Enterprise kernel security update
2.6.39-400.299.1 - ext4/jbd2: dont wait forever for stale tid caused by wraparound Theodore Tso Orabug: 26424268 - jbd2: dont wake kjournald unnecessarily Eric Sandeen Orabug: 26424268 - ext4: fix data corruption in inodes with journalled data Jan Kara Orabug: 26424268 - media: imon: Fix...
Unbreakable Enterprise kernel security update
4.1.12-112.14.10 - x86/ia32: save and clear registers on syscall. Jamie Iles Orabug: 27355759 CVE-2017-5754 - x86/IBRS: Save current status of MSRIA32SPECCTRL Boris Ostrovsky Orabug: 27355887 - pti: Rename X86FEATUREKAISER to X86FEATUREPTI Pavel Tatashin Orabug: 27352353 CVE-2017-5754 - usb/core:...
httpd security update
2.2.15-60.0.1.6 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-60.6 - Resolves: 1493061 - CVE-2017-9798 httpd: various flaws...
kernel security and bug fix update
2.6.32-642.13.1 - net Fix use after free in the recvmmsg exit path Davide Caratti 1390805 1390046 CVE-2016-7117 - net vlan: Propagate MAC address to VLANs Jarod Wilson 1396479 1381585 - net tcp: fix use after free in tcpxmitretransmitqueue Mateusz Guzik 1379527 1379529 CVE-2016-6828 - net...
grub2 security update
2.02-164.0.2 - fs/ext2: Rework out-of-bounds read for inline and external extents Orabug: 37829911 2.02-164.0.1 - Update grub2 dependencies to match new Secure Boot certificate chain of trust Orabug: 37766761 - Fix typo in SBAT metadata Orabug: 37693946 - Allow installation of grub2 only with...
gcc security update
8.5.0-23.0.1 - Merge Oracle patches to 8.5.0-23. Oracle history: May-22-2024 Qing Zhao 8.5.0-22.0.1 - Merge Oracle patches to 8.5.0-22. Reviewed-by: Jose E. Marchesi March-27-2024 Qing Zhao 8.5.0-21.0.1 - Merge Oracle patches to 8.5.0-21. January-19-2024 Qing Zhao 8.5.0-20.0.3 - Fix Orabug...
ncurses security and bug fix update
6.2-10.20210508 - ignore TERMINFO and HOME only if setuid/setgid/capability 2211666 6.2-9.20210508 - fix buffer overflow on terminfo with too many capabilities CVE-2023-29491 - ignore TERMINFO and HOME environment variables if running as root 2211666...
rsync security and bug fix update
3.2.3-18 - Resolves: 2111177 - remote arbitrary files write inside the directories of connecting peers 3.2.3-17 - Resolves: 2116669 - zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field 3.2.3-16 - Related: 2081296 - Adding ci.fmf for...
libksba security update
1.5.1-5 - Fix for CVE-2022-3515 2135703...
httpd security update
2.2.15-69.0.3 - core: Simpler connection close logic CVE-2022-22720Orabug: 33991577...
firefox security update
78.10.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.10.0-1 - Update to 78.10.0...
openssl security update
1.1.1g-15 - version bump 1.1.1g-14 - CVE-2021-3450 openssl: CA certificate check bypass with X509VFLAGX509STRICT 1.1.1g-13 - Fix CVE-2021-3449 NULL pointer deref in signaturealgorithms processing...
python3 security update
3.6.8-18.0.3 - Fix buffer overflow in PyCArgrepr Orabug: 32551171CVE-2021-3177...
Unbreakable Enterprise kernel security update
4.14.35-2025.402.2.1 - powercap: restrict energy meter to root access Kanth Ghatraju Orabug: 32040805 CVE-2020-8694 CVE-2020-8695 4.14.35-2025.402.2 - ocfs2: fix remounting needed after setfacl command Gang He - Fix multiple variable definition with syzkaller Hans Westgaard Ry Orabug: 32008770 -...
kernel security, bug fix, and enhancement update
3.10.0-1160.OL7 - Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.3 3.10.0-1160 - kernel modsign: Add...
Unbreakable Enterprise kernel security update
5.4.17-2011.6.2 - Revert 'aarch64/BM: config failed, hub doesnt have any ports' Thomas Tai Orabug: 31838351 Orabug: 31844671 - kvm: ioapic: Restrict lazy EOI update to edge-triggered interrupts Paolo Bonzini Orabug: 31839185 Orabug: 31844556 5.4.17-2011.6.1 - nfsd: apply umask on fs without ACL...
thunderbird security update
60.9.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.9.0-2 - Update to 60.9.0...
virt:rhel security update
libguestfs 1:1.38.4-10.1.0.1 - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.38.4-10.1 - Fix inspection of partition-less devices resolves: rhbz1714747 libssh2 1.8.0-7.el80.1 - fix integer overflow in keyboard interactive handling th...
libvirt security update
5.0.0-4.el7 - logging: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - locking: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - admin: reject clients unless their UID matches the current UID Daniel P. Berrange Orabug: 29861433...
qemu-kvm security update
1.5.3-160.el76.2 - kvm-target-i386-define-md-clear-bit-rhel.patch - Resolves: bz1693216 qemu-kvm: hardware: Microarchitectural Store Buffer Data Sampling...
Unbreakable Enterprise kernel security update
4.1.12-124.14.1 - ctf: drop the run-as-root error Nick Alcock Orabug: 27852654 - rds: Node crashes when trace buffer is opened Ka-Cheong Poon Orabug: 27846191 - xfs: fix accidental reversion of aa6a6227435cb Darrick J. Wong Orabug: 27845869 4.1.12-124.13.1 - net: cdcether: fix divide by 0 on bad...