9166 matches found
kernel security and bug fix update
4.18.0-240.10.13.OL8 - Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x6...
Unbreakable Enterprise kernel security update
5.4.17-2011.6.2 - Revert 'aarch64/BM: config failed, hub doesnt have any ports' Thomas Tai Orabug: 31838351 Orabug: 31844671 - kvm: ioapic: Restrict lazy EOI update to edge-triggered interrupts Paolo Bonzini Orabug: 31839185 Orabug: 31844556 5.4.17-2011.6.1 - nfsd: apply umask on fs without ACL...
kernel security and bug fix update
3.10.0-1127.18.2.OL7 - Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 setlease be called without ilock Jeff Layton...
qemu-kvm security update
1.5.3-167.el77.1 - kvm-qxl-check-release-info-object.patch bz1732337 - kvm-Fix-heap-overflow-in-ipreass-on-big-packet-input.patch bz1734748 - Resolves: bz1732337 CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources rhel-7 rhel-7.7.z - Resolves: bz1734748...
libvirt security update
5.0.0-4.el7 - logging: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - locking: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - admin: reject clients unless their UID matches the current UID Daniel P. Berrange Orabug: 29861433...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.30.1 - ext4: validate that metadata blocks do not overlap superblock Theodore Ts'o Orabug: 28220451 CVE-2018-1094 - ext4: always initialize the crc32c checksum driver Theodore Ts'o Orabug: 28220451 CVE-2018-1094 CVE-2018-1094 - vfs: Add sbrdonlysb to query the MSRDONLY flag ...
Unbreakable Enterprise kernel security update
4.14.35-1818.5.4 - RDS: null pointer dereference in rdsatomicfreeop Mohamed Ghannam Orabug: 28020694 CVE-2018-5333 - x86/speculation: Make enhanced IBRS the default spectre v2 mitigation Alejandro Jimenez Orabug: 28474853 - x86/speculation: Enable enhanced IBRS usage Alejandro Jimenez Orabug:...
kernel security and bug fix update
2.6.32-696.28.1.OL6 - Update genkey bug 25599697 2.6.32-696.28.1 - x86 entry/64: Don't use IST entry for BP stack Waiman Long 1567078 1567079 CVE-2018-8897 - x86 xen: do not use xeninfo on HVM, set pvinfo name to 'Xen HVM' Vitaly Kuznetsov 1569141 1568241 2.6.32-696.27.1 - mm account skipped...
openssh security update
4.3p2-82.0.2 - CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices John Haxby orabug 22985024 - CVE-2016-3115: missing sanitisation of input for X11 forwarding John Haxby orabug 22985024...
ruby security update
1.8.5-5.el52.5 - Build with -fno-strict-aliasing. 1.8.5-5.el52.4 - security fixes. 461590 - CVE-2008-3655: multiple insufficient safe mode restrictions. - CVE-2008-3656: WEBrick DoS vulnerability CPU consumption. - CVE-2008-3657: missing taintness checks in dl module. - CVE-2008-3905: use of...
python3.12 security update
3.12.5-2.3 - Security fix for CVE-2024-7592 Resolves: RHEL-85300...
.NET 8.0 security, bug fix, and enhancement update
8.0.114-1.0.1 - Add support for Oracle Linux 8.0.114-1 - Update to .NET SDK 8.0.114 and Runtime 8.0.14 - Resolves: RHEL-81639...
bind security update
32:9.11.4-26.0.3.P2.16 - Resolve CVE-2024-11187 Orabug: 37616907...
bind security update
32:9.11.36-16.4 - Change patches applying to use -P parameter 32:9.11.36-16.3 - Limit additional section records CPU processing CVE-2024-11187 - Correct ANY queries to not have additional data appended...
libcap security update
2.48-9 - Fix integer overflow in libcapstrdup CVE-2023-2603 Resolves: rhbz2210638 - Correctly check pthreadcreate return value to avoid memory leak CVE-2023-2602 Resolves: rhbz2222198...
curl security update
7.61.1-30.el88.3 - GSS delegation too eager connection re-use CVE-2023-27536 - fix host name wildcard checking CVE-2023-28321 - rebuild certs with 2048-bit RSA keys...
lua security update
5.4.4-3 - Apply upstream patch for CVE-2022-28805...
bash security update
5.1.8-6 - Add a null check in parameterbracetransform function Resolves: CVE-2022-3715...
e2fsprogs security update
1.46.5-3 - Add sanity check to extent manipulation 2073549...
fapolicyd security, bug fix, and enhancement update
1.1-6.0.1 - Increase dbmaxsize to 100M 1.1-6 - CVE-2022-1117 fapolicyd: fapolicyd wrongly prepares ld.so path Resolves: rhbz2069120 1.1-4 RHEL 8.6.0 ERRATUM - fapolicyd denies access to /usr/lib64/ld-2.28.so Resolves: rhbz2066300 1.1-1 RHEL 8.6.0 ERRATUM - rebase to 1.1 Resolves: rhbz1939379 -...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.507.7.4.el7 - KVM: x86: Check kvmrebooting in kvmspuriousfault Sean Christopherson Orabug: 33362693 4.14.35-2047.507.7.3 - arm64: Reserve elfcorehdr before scanning reserved memory from device tree Dave Kleikamp Orabug: 33354710 4.14.35-2047.507.7.2 - net: geneve: modify IP header...
sssd security update
2.4.0-9.0.1 - Restore default debug level for ssscache Orabug: 32810448 - Restore default debug level for shadow-utils tools Orabug: 32810448 - Revert Redhat's change of disallowing duplicated incomplete gid when 'idprovider=ldap' is used, which caused regression in AD environment. Orabug: 292867...
thunderbird security update
78.10.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.10.0-1 - Update to 78.10.0...
squid security update
7:3.5.20-17.6 - Resolves: 1944256 - CVE-2020-25097 squid: improper input validation may allow a trusted client to perform HTTP Request Smuggling...
Unbreakable Enterprise kernel-container security update
5.4.17-2036.104.5.el7 - scsi: iscsi: Verify lengths on passthrough PDUs Chris Leech Orabug: 32603379 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi: Ensure sysfs attributes are limited to PAGESIZE Chris Leech Orabug: 32603379 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi:...
qemu security update
15:4.2.1-5.el7 - qemu.spec: use --tls-priority=NORMAL for OL7 Elena Ufimtseva - hostmem: fix default 'prealloc-threads' count Mark Kanda Orabug: 32472127 - hostmem: introduce 'prealloc-threads' property Igor Mammedov - qom: introduce objectregistersugarprop Paolo Bonzini - migration/multifd: Do...
Unbreakable Enterprise kernel security update
4.14.35-2025.403.3 - RDMA/umem: Move to allocate SG table from pages Maor Gottlieb Orabug: 32005117 - lib/scatterlist: Add support in dynamic allocation of SG table from pages Maor Gottlieb Orabug: 32005117 - lib/scatterlist: Add SGCHAIN and SGEND macros for LSB encodings Anshuman Khandual Orabug...
java-1.8.0-openjdk security update
1:1.8.0.262.b10-0 - Update to aarch64-shenandoah-jdk8u262-b10. - Switch to GA mode for final release. - Update release notes for 8u262 release. - Fix typo in jfrarches which leads to ppc64 being wrongly excluded. - Split JDK-8042159 patch into per-repo patches as upstream. - Update JDK-8042159 JD...
kernel security, bug fix, and enhancement update
3.10.0-1062.18.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.18.1 - x86 x86/boot/64: Round memory hole size up to next PMD page Fra...
qemu security update
12:2.9.0-21.el7 - x86: Add mds feature Karl Heubaum - e1000: Never increment the RX undersize count register Chris Kenna - i386: Add some MSR based features on Cascadelake-Server CPU model Tao Xu Orabug: 29643540 - i386: Update stepping of Cascadelake-Server Tao Xu Orabug: 29643540 - kvm: Use...
kernel security, bug fix, and enhancement update
3.10.0-957.5.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.5.1 - fs revert 'fs sunrpc: Ensure we always close the socket after a...
nss and nss-util security update
nss 3.21.3-2.0.1 - Added nss-vendor.patch to change vendor 3.21.3-2 - Mozilla 1314604 / Red Hat CVE-2016-8635 3.21.3-1.1 - rebuild 3.21.3-1 - Rebase to NSS 3.21.3 - Resolves: 1383887 nss-util 3.21.3-1.1 - rebuild 3.21.3-1 - Rebase to nss-3.21.3 - Remove patch for CVE-2016-1950, which is included ...
kernel security and bug fix update
2.6.32-642.11.1 - mm close FOLL MAPPRIVATE race Larry Woodman 1385116 1385117 CVE-2016-5195 2.6.32-642.10.1 - scsi fnic: Fix to cleanup aborted IO to avoid device being offlined by mid-layer Maurizio Lombardi 1382620 1341298 2.6.32-642.9.1 - net vlan: Fix FCOEMTU support Maurizio Lombardi 1381592...
php55-php security update
5.5.21-4 - fix more functions accept paths with NUL character 1213407 5.5.21-3 - core: fix multipart/form-data request can use excessive amount of CPU usage CVE-2015-4024 - fix various functions accept paths with NUL character CVE-2015-4025, CVE-2015-4026, 1213407 - fileinfo: fix denial of servic...
glibc security update
2.5-123.0.1.el511.3 - Switch to use malloc when the input line is too long Orabug 19951108 Jason Luan - Use a /sys/devices/system/cpu/online for SCNPROCESSORSONLN implementation Orabug 17642251 Joe Jin 2.5-123.3 - Fix invalid-free when using getaddrinfo and AIIDN CVE-2013-7424, 2.5-123.1 - Fix...
php security update
5.1.6-44 - add security fixes for CVE-2006-7243, CVE-2009-0689...
Oracle Linux 6 Unbreakable Enterprise kernel security and bug fix update
2.6.32-200.16.1.el6uek - Revert change to restore DEFAULTKERNEL 2.6.32-200.15.1.el6uek - Add -u parameter to kernelvariantpost to make it work properly for uek orabug 12819958 2.6.32-200.14.1.el6uek - Restore DEFAULTKERNEL value to kernel-uek orabug 12819958 2.6.32-200.13.1.el6uek - make default...
python3.11 security update
3.11.9-7.3 - Security fix for CVE-2024-7592 Resolves: RHEL-85299...
gcc security update
4.8.5-45.0.1 - Orabug: 37603707 ELSA-2025-1601 Moderate: gcc security update CVE-2020-11023 rebuild for CVE-2020-11023 - Reviewed-by: Jose E. Marchesi 4.8.5-44.0.5 - fix arm cross building inline issue. gcc48-cfns-fix-protos.patch - Reviewed-by: Jose E. Marchesi 4.8.5-44.0.3 - Orabug: 31505739...
mysql:8.0 security update
mecab 0.996-2.12 - Bump version for 'mysql' module rebuild We are moving the 'mecab-devel' RPM from the 'buildroot' repo to the 'AppStream' repo - Resolves: 2180411 mecab-ipadic 2.7.0.20070801-17.0.1 - Rename the LICENSE.Fedora to LICENSE.oracle 2.7.0.20070801-17 - Bump the release - Resolves:...
gcc-toolset-13-gcc security update
13.3.1-2.2.0.1 - Merge Oracle patches to 13.3.1-2.2. gfortran needs install-info at installation time. Orabug: 36472775 13.3.1-2.2 - disable jQuery use, don't ship jquery.js CVE-2020-11023, RHEL-78279...
kernel security update
4.18.0-553.40.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
tomcat security and bug fix update
1:9.0.87-1.el94.1 - Resolves: RHEL-34815 - Rebase tomcat to version 9.0.87 - Resolves: RHEL-31048 tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 - Resolves: RHEL-31032 tomcat: : Apache Tomcat: HTTP/2 header handling DoS CVE-2024-24549 - Resolves: RHEL-35328 ...
c-ares security, bug fix, and enhancement update
1.19.1-1 - Resolves: rhbz2209564 - CVE-2023-31124 c-ares: AutoTools does not set CARESRANDOMFILE during cross compilation rhel-9 - Resolves: rhbz2209556 - CVE-2023-31130 c-ares: Buffer Underwrite in aresinetnetpton rhel-9 - Resolves: rhbz2209550 - CVE-2023-31147 c-ares: Insufficient randomness in...
device-mapper-multipath security and bug fix update
0.8.4-37 - Fix bugzilla linked to the changes was previously linked to the wrong bug, 2162537 - Resolves: bz 2166468 0.8.4-36 - Add 0129-libmultipath-select-resize-action-even-if-reload-is-.patch - Add 0130-libmultipath-cleanup-ACTCREATE-code-in-selectactio.patch - Add...
Unbreakable Enterprise kernel security update
4.14.35-2047.524.5 - rds/ib: Fix the softlock-up in RDS cache GC worker Arumugam Kolappan Orabug: 35079728 4.14.35-2047.524.4 - xfs: add missing cmap-brstate = XFSEXTNORM update Gao Xiang Orabug: 35202792 - x86/tsc: Disable clocksource watchdog for TSC on qualified platorms Feng Tang Orabug:...
gnupg2 security update
2.3.3-2 - Fix CVE-2022-34903 2108449...
cairo and pixman security and bug fix update
cairo 1.15.12-6 - Fix CVE reference test 1908113 1.15.12-5 - Add reference test to CVE fix 1908113 1.15.12-4 - Fix CVE-2020-35492 1908113 pixman 0.38.4-2 - Backport the pixman part of cairo CVE-2020-35492...
Unbreakable Enterprise kernel security update
4.14.35-2047.512.6 - Revert 'rds/ib: recover rds connection from stuck rx path' Rohit Nair Orabug: 34039271 - uek-rpm: update kABI lists for new symbols Saeed Mirzamohammadi Orabug: 33993774 4.14.35-2047.512.5 - netfilter: nftables: initialize registers in nftdochain Pablo Neira Ayuso Orabug:...
log4j security update
0:1.2.14-6.4.1 - Fix remote code execution vulnerability - Resolves: CVE-2021-4104 Orabug: 33689748...