8988 matches found
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.32.1 - x86/fpu: Factor out memsetxstate, 0 in fpufinit paths Oleg Nesterov Orabug: 29012034 - x86/fpu: Always allow FPU in interrupt if useeagerfpu Oleg Nesterov Orabug: 29012034 - x86/fpu: Fix 32-bit signal frame handling Dave Hansen Orabug: 29012034 - x86/fpu: Don't do...
Unbreakable Enterprise kernel security update
2.6.39-400.299.1 - ext4/jbd2: dont wait forever for stale tid caused by wraparound Theodore Tso Orabug: 26424268 - jbd2: dont wake kjournald unnecessarily Eric Sandeen Orabug: 26424268 - ext4: fix data corruption in inodes with journalled data Jan Kara Orabug: 26424268 - media: imon: Fix...
Unbreakable Enterprise kernel security update
4.1.12-112.14.10 - x86/ia32: save and clear registers on syscall. Jamie Iles Orabug: 27355759 CVE-2017-5754 - x86/IBRS: Save current status of MSRIA32SPECCTRL Boris Ostrovsky Orabug: 27355887 - pti: Rename X86FEATUREKAISER to X86FEATUREPTI Pavel Tatashin Orabug: 27352353 CVE-2017-5754 - usb/core:...
java-1.7.0-openjdk security and bug fix update
1:1.7.0.161-2.6.12.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.161-2.6.12.0 - Remove superfluous %1 from policy JAR file path. - Resolves: rhbz1499207 1:1.7.0.161-2.6.12.0 - Update location of policy JAR files following 8157561. - Resolves: rhbz1499207 1:1.7.0.161-2.6.12.0 - Bump to 2.6.12 and...
httpd security update
2.2.15-60.0.1.6 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-60.6 - Resolves: 1493061 - CVE-2017-9798 httpd: various flaws...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.34 - uek-rpm: enable CONFIGKSPLICE. Jamie Iles Orabug: 25698171 - ksplice: add sysctls for determining Ksplice features. Jamie Iles Orabug: 25698171 - signal: protect SIGNALUNKILLABLE from unintentional clearing. Jamie Iles Orabug: 25698171 - KVM: x86: fix emulation of 'MOV...
mysql security update
5.1.73-8.0.1 - fix date in the test 5.1.73-8 - Fix CVE-2016-6662 and CVE-2016-6663 Resolves: 1397309...
Oracle Linux 6 kernel security, bug fix and enhancement update
2.6.32-220.el6 - drm i915: fix unmap race condition introduced with VT-d fix Dave Airlie 750583 - scsi iscsi: revert lockless queuecommand dispatch Rob Evers 751426 2.6.32-219.el6 - kernel KEYS: Fix a NULL pointer deref in the user-defined key type David Howells 751190 CVE-2011-4110 - scsi fc...
java-1.8.0-openjdk security update
1:1.8.0.452.b09-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.452.b09-1 - Update to 8u452-b09 GA - Update release notes for 8u452-b09. - Remove long option documentation from JDK-8335912/JDK-8337499 as not present in 8u - Require tzdata 2025a due to upstream inclusion of JDK-8347965 ...
kernel security update
5.14.0-503.34.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
krb5 security update
1.18.2-31.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.18.2-31 - Prevent overflow when calculating ulog block size CVE-2025-24528 Resolves: RHEL-78248 - kdb5util: fix DB entry flags on modification Resolves: RHEL-56060...
NetworkManager security update
1.48.10-5.0.3 - Drop 777 permissions from the NetworkManager-dispatcher drop-in directory Orabug: 37581907 1.48.10-5.0.2 - Add a dropin file to make Networkmanager-dispatcher persistent Orabug: 36989910...
containernetworking-plugins security update
1:1.4.0-6 - rebuild for CVE-2024-34156 - Resolves: RHEL-57915...
ncurses security and bug fix update
6.2-10.20210508 - ignore TERMINFO and HOME only if setuid/setgid/capability 2211666 6.2-9.20210508 - fix buffer overflow on terminfo with too many capabilities CVE-2023-29491 - ignore TERMINFO and HOME environment variables if running as root 2211666...
rsync security and bug fix update
3.2.3-18 - Resolves: 2111177 - remote arbitrary files write inside the directories of connecting peers 3.2.3-17 - Resolves: 2116669 - zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field 3.2.3-16 - Related: 2081296 - Adding ci.fmf for...
libksba security update
1.5.1-5 - Fix for CVE-2022-3515 2135703...
httpd security update
2.4.6-97.0.5.5 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690 - replace index.html with Oracle's index page oracleindex.html 2.4.6-97.5 - Resolves: 2065243 - CVE-2022-22720 httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier...
openssl security update
1.0.1e-59.0.3 - Fix possible infinite loop in BNmodsqrt CVE-2022-0778Orabug: 33969800...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.312.b07-1 - Update to aarch64-shenandoah-jdk8u312-b07 EA - Update release notes for 8u312-b07. - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz2011826 1:1.8.0.312.b05-0.4.ea - Allow plain key import to be disabled with...
sssd security update
2.4.0-9.0.1 - Restore default debug level for ssscache Orabug: 32810448 - Restore default debug level for shadow-utils tools Orabug: 32810448 - Revert Redhat's change of disallowing duplicated incomplete gid when 'idprovider=ldap' is used, which caused regression in AD environment. Orabug: 292867...
openssl security update
1.1.1g-15 - version bump 1.1.1g-14 - CVE-2021-3450 openssl: CA certificate check bypass with X509VFLAGX509STRICT 1.1.1g-13 - Fix CVE-2021-3449 NULL pointer deref in signaturealgorithms processing...
Unbreakable Enterprise kernel security update
5.4.17-2011.6.2 - Revert 'aarch64/BM: config failed, hub doesnt have any ports' Thomas Tai Orabug: 31838351 Orabug: 31844671 - kvm: ioapic: Restrict lazy EOI update to edge-triggered interrupts Paolo Bonzini Orabug: 31839185 Orabug: 31844556 5.4.17-2011.6.1 - nfsd: apply umask on fs without ACL...
Unbreakable Enterprise kernel security update
4.14.35-2025.400.9 - btrfs: merge btrfsfinddevice and finddevice Anand Jain Orabug: 31867382 CVE-2019-18885 - sctp: implement memory accounting on tx path Xin Long Orabug: 31867387 CVE-2019-3874 - Revert 'zram: convert remaining CLASSATTR to CLASSATTRRO' Wade Mealing Orabug: 31867403 CVE-2020-107...
java-1.8.0-openjdk security update
1:1.8.0.262.b10-0 - Update to aarch64-shenandoah-jdk8u262-b10. - Switch to GA mode for final release. - Update release notes for 8u262 release. - Fix typo in jfrarches which leads to ppc64 being wrongly excluded. - Split JDK-8042159 patch into per-repo patches as upstream. - Update JDK-8042159 JD...
gcc security and bug fix update
8.3.1-5.0.3 - Fix Orabug 29838827 - provide an option to adjust the maximum depth of nested include This is the same bug as gcc upstream PR90581 from Gcc9: gcc9-pr90581.patch - Fix Orabug 29541051 - confusing error message when there is a problem with ASANOPTIONS 'ERROR: expected '='' This is the...
Unbreakable Enterprise kernel security update
4.14.35-1902.10.4.el7uek - kvm: Don't reference vcpu-arch.st in arch-independent code Boris Ostrovsky Orabug: 30489861 - kvm: fix compile on s390 part 2 Christian Borntraeger Orabug: 30489861 - kvm: fix compilation on s390 Paolo Bonzini Orabug: 30489861 - kvm: fix compilation on aarch64 Paolo...
thunderbird security update
60.9.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.9.0-2 - Update to 60.9.0...
libvirt security update
5.0.0-4.el7 - logging: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - locking: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - admin: reject clients unless their UID matches the current UID Daniel P. Berrange Orabug: 29861433...
kernel security update
3.10.0-862.3.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-862.3.2 - x86 specctrl: Fix late microcode problem with AMD Waiman Long 1566904...
kernel security, bug fix, and enhancement update
3.10.0-327.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327 - mm free compound page with correct order Andrea Arcangeli 1274867 - netdrv revert 'ixgbe: Refactor busy poll socket code to address multiple issues' John Greene 1261275 - powerpc dma: dmasetcoherentmask should not be GPL only...
kernel security, bug fix, and enhancement update
3.10.0-229 - Oracle Linux certificates Alexey Petrenko 3.10.0-229 - net rtnetlink: allow to register ops without ops-setup set Jiri Benc 1186492 3.10.0-228 - fs NFSv4.1: Fix an Oops in nfs41walkclientlist Steve Dickson 1185784 - misc redhat: dont suppress Revert patches from changelog Jarod Wilso...
grub2 security update
2.02-0.87.0.27.el7.14 - Fix OOB write in grubnetsearchconfigfile CVE-2025-0624 Orabug: 37770226 - Also adds implementation of grubstrlcpy for clean backport...
tomcat security update
1:9.0.87-2.el95.1 - Resolves: RHEL-82946 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT CVE-2025-24813 - Resolves: RHEL-71719 tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379...
python3.11 security update
3.11.9-7.3 - Security fix for CVE-2024-7592 Resolves: RHEL-85299...
bind security update
32:9.11.4-26.0.3.P2.16 - Resolve CVE-2024-11187 Orabug: 37616907...
lua security update
5.4.4-3 - Apply upstream patch for CVE-2022-28805...
httpd security update
2.4.6-98.0.3 - modproxy: approxyhttprequest to clear hop-by-hop first and fixup last CVE-2022-31813Orabug: 34381850 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690 2.4.6-98.0.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-97.7 - Resolves: 2177742 -...
bash security update
5.1.8-6 - Add a null check in parameterbracetransform function Resolves: CVE-2022-3715...
container-tools:3.0 security and bug fix update
buildah 1.19.9-2 - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 https://github.com/containers/buildah/commit/7c6701d - fixes CVE-2022-27651 - Resolves: 2067539 podman 3.0.1-8 - update to the latest content of...
rpm security, bug fix, and enhancement update
4.14.3-19 - Unbreak in-tree kmod strip by reverting brp-strip fix 1967291 4.14.3-18 - Address important covscan issues 1996665, vol. 2 4.14.3-17 - Address important covscan issues 1996665 4.14.3-16 - Add support for read-only sqlite rpmdb 1938928 - Drop compat .decode method from returned Py3...
firefox security update
78.11.0-3.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.11.0-3 - Update to 78.11.0 build2 release 78.11.0-2 - Fix rhelminorversion for dist .el84 and .el8 78.11.0-1 - Update to 78.11.0 build1...
kernel security and bug fix update
4.18.0-240.10.13.OL8 - Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x6...
kernel security and bug fix update
3.10.0-1127.18.2.OL7 - Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 setlease be called without ilock Jeff Layton...
qemu-kvm security update
1.5.3-167.el77.1 - kvm-qxl-check-release-info-object.patch bz1732337 - kvm-Fix-heap-overflow-in-ipreass-on-big-packet-input.patch bz1734748 - Resolves: bz1732337 CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources rhel-7 rhel-7.7.z - Resolves: bz1734748...
qemu security update
12:2.9.0-21.el7 - x86: Add mds feature Karl Heubaum - e1000: Never increment the RX undersize count register Chris Kenna - i386: Add some MSR based features on Cascadelake-Server CPU model Tao Xu Orabug: 29643540 - i386: Update stepping of Cascadelake-Server Tao Xu Orabug: 29643540 - kvm: Use...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.30.1 - ext4: validate that metadata blocks do not overlap superblock Theodore Ts'o Orabug: 28220451 CVE-2018-1094 - ext4: always initialize the crc32c checksum driver Theodore Ts'o Orabug: 28220451 CVE-2018-1094 CVE-2018-1094 - vfs: Add sbrdonlysb to query the MSRDONLY flag ...
java-1.8.0-openjdk security update
1:1.8.0.171-8.b10 - added and applied 1566890embargoed20180521.patch - Resolves: rhbz1578545...
kernel security and bug fix update
2.6.32-696.28.1.OL6 - Update genkey bug 25599697 2.6.32-696.28.1 - x86 entry/64: Don't use IST entry for BP stack Waiman Long 1567078 1567079 CVE-2018-8897 - x86 xen: do not use xeninfo on HVM, set pvinfo name to 'Xen HVM' Vitaly Kuznetsov 1569141 1568241 2.6.32-696.27.1 - mm account skipped...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.23 - net: Fix use after free in the recvmmsg exit path Arnaldo Carvalho de Melo Orabug: 25298601 CVE-2016-7117...
kernel security and bug fix update
2.6.32-642.11.1 - mm close FOLL MAPPRIVATE race Larry Woodman 1385116 1385117 CVE-2016-5195 2.6.32-642.10.1 - scsi fnic: Fix to cleanup aborted IO to avoid device being offlined by mid-layer Maurizio Lombardi 1382620 1341298 2.6.32-642.9.1 - net vlan: Fix FCOEMTU support Maurizio Lombardi 1381592...