9166 matches found
Unbreakable Enterprise kernel security update
2.6.39-400.318.1 - x86/speculation: Determine swapgs before alternative instructions are set Patrick Colp Orabug: 30379640 - scsi: libsas: delete sas port if expander discover failed Jason Yan Orabug: 30580689 CVE-2019-15807...
kernel security update
4.18.0-147.0.21.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-147.0.21 - drm drm/i915: Lower RM timeout to avoid DSI hard hangs Dav...
kernel security update
3.10.0-1062.1.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.1.2 - vhost vhost: make sure lognum innum Eugenio Perez 1750879 1750880...
poppler security update
0.66.0-11.el80.12 - Ignore dict Length if it is broken - Resolves: 1741146 0.66.0-11.el80.11 - Check whether input is RGB in PSOutputDev::checkPageSlice - also when using '-optimizecolorspace' flag - Resolves: 1741145 0.66.0-11.el80.10 - Fail gracefully if not all components of JPEG2000Stream -...
polkit security and bug fix update
0.112-22.0.1 - Increase timeout to avoid defunct processes Orabug: 26930744 0.112-22 - pkttyagent: polkit-agent-helper-1 timeout leaves tty echo disabled - Resolves: rhbz1325512 0.112-21 - Mitigation of regression caused by fix of CVE-2018-19788 - Resolves: rhbz1656377 0.112-20 - Fix of...
ghostscript security and bug fix update
9.07-31.el76.6 - Resolves: 1657822 - ghostscript: Regression: Warning: Dropping incorrect smooth shading object Error: /rangecheck in --run-- 9.07-31.el76.5 - Resolves: 1654621 - CVE-2018-16541 ghostscript: incorrect free logic in pagedevice replacement 699664 - Resolves: 1650210 - CVE-2018-17183...
java-1.8.0-openjdk security update
1:1.8.0.171-8.b10 - added and applied 1566890embargoed20180521.patch - Resolves: rhbz1578545...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.17.5 - block: fix use-after-free in seq file Vegard Nossum Orabug: 25877530 CVE-2016-7910...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.23 - net: Fix use after free in the recvmmsg exit path Arnaldo Carvalho de Melo Orabug: 25298601 CVE-2016-7117...
libxml2 security update
2.9.1-6.0.1.3 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball libxml2-2.9.1-6.3 - Heap-based buffer overread in xmlNextChar CVE-2016-1762 - Bug 763071: Heap-buffer-overflow in xmlStrncat CVE-2016-1834 - Bug 757711: Heap-buffer-overflow in...
firefox security update
38.7.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 38.7.0-1 - Update to 38.7.0 ESR...
kernel security and bug fix update
3.10.0-327.10.1.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.10.1 - of return NUMANONODE from fallback ofnodetonid Thadeu Lima de Souza Cascardo 1300614 1294398 - net openvswitch: do not allocate memory from offline numa node Thadeu Lima de Souza Cascardo 1300614 1294398...
openssh security, bug fix, and enhancement update
5.3p1-104 - ignore SIGXFSZ in postauth monitor child 1133906 5.3p1-103 - don't try to generate DSA keys in the init script in FIPS mode 1118735 5.3p1-102 - ignore SIGPIPE in ssh-keyscan 1108836 5.3p1-101 - ssh-add: fix fatal exit when removing card 1042519 5.3p1-100 - fix race in backported...
glibc security update
2.28-251.0.3.16 - Forward port of Oracle patches Reviewed-by: Elena Zannoni Oracle history: March-26-2025 Cupertino Miranda - 2.28-251.0.3.14 - OraBug: 36625686 Add MTE support on string functions Reviewed-by: Jose E. Marchesi March-17-2025 Cupertino Miranda - 2.28-251.0.2.14 - Forward port of...
libxml2 security update
2.9.13-6.2 - Fix CVE-2024-56171 RHEL-80128 - Fix CVE-2025-24928 RHEL-80143...
kernel security update
4.18.0-553.44.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
libfastjson security update
0.99.9-5 - Rebuild Resolves: rhbz2227786 0.99.9-4 - Address CVE-2020-12762 Resolves: rhbz2203172...
emacs security update
1:27.2-8.1 - Fix etags local command injection vulnerability 2184369 - Fix htmlfontify.el command injection vulnerability 2184368 - Fix ruby-mode.el local command injection vulnerability 2184367 - Fix ob-latex.el command injection vulnerability 2184377 1:27.2-8 - Use a 64KB page size for pdump...
Unbreakable Enterprise kernel security update
4.14.35-2047.523.4.1 - mm: kvmalloc does not fallback to vmalloc for incompatible gfp flags Michal Hocko Orabug: 35164196 4.14.35-2047.523.4 - rds: ib: Keep IB MRs on cleanlist unless we are tearing down the pool Hakon Bugge Orabug: 34987235 - rds: ib: Add FRWR related statistics counters Hakon...
openssl security update
3.0.1-41.0.3 - Add units tests for CVE-2022-3786, CVE-2022-3602 patches 3.0.1-41.0.2 - Fix CVE-2022-3786, CVE-2022-3602 3.0.1-41.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-41 - Zeroize public keys as required by FIPS 140-3 Resolves: rhbz2115861 - Add FIPS indicator for HKDF...
virt:ol and virt-devel:ol security, bug fix, and enhancement update
hivex 1.3.18-23 - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976194 1.3.18-22.el8 - Resolves: bz2000225 Rebase virt:rhel module:stream based on AV-8.6 libguestfs 1.44.0-5.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug:...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.304.4.5 - lib/ioviter: initialize 'flags' in new pipebuffer Max Kellermann Orabug: 33942329 CVE-2022-0847 - bpf: Disallow unprivileged bpf by default Pawan Gupta Orabug: 33942374...
Unbreakable Enterprise kernel security update
5.4.17-2102.203.6.el8uek - seqfile: disallow extremely large seq buffer allocations Eric Sandeen Orabug: 33135632 CVE-2021-33909...
nettle security update
2.7.1-9 - Port fixes for potential miscalculation in ecdsaverify 1943156...
Unbreakable Enterprise kernel-container security update
4.14.35-2025.402.2.1.el7 - powercap: restrict energy meter to root access Kanth Ghatraju Orabug: 32040805 CVE-2020-8694 CVE-2020-8695 4.14.35-2025.402.2.el7 - ocfs2: fix remounting needed after setfacl command Gang He - Fix multiple variable definition with syzkaller Hans Westgaard Ry Orabug:...
nodejs:12 security update
nodejs 1:12.16.1-2 - Fix CVE-2020-10531 1:12.16.1-1 - Resolves: RHBZ1800393, RHBZ1800394, RHBZ1800380 - Rebase to 12.16.1 1:12.14.1-1 - Rebase to 12.14.1 1:12.13.1-1 - Resolves: RHBZ 1773503, update to 12.13.1 - minor clean up and sync with Fedora spec - turn off debug builds 1:12.4.0-2 -...
libssh2 security, bug fix, and enhancement update
1.8.0-3 - sanitize public header file detected by rpmdiff 1.8.0-2 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix out-of-bounds memory comparison with specially crafted message channel request CVE-2019-3862 - fix out-of-bounds reads wit...
kernel security update
3.10.0-957.12.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.12.2 - x86 x86/speculation/mds: Add SMT warning message Waiman Long 1692597...
Unbreakable Enterprise kernel security update
2.6.39-400.298.3 - ext4: limit group search loop for non-extent files Lachlan McIlroy Orabug: 17488415 - ext4: fixup 64-bit divides in 3.0-stable backport of upstream fix Todd Poynor Orabug: 17488415 - ext4: use atomic64t for the per-flexbg freeclusters count Theodore Ts'o Orabug: 17488415 - ext4...
ntp security update
4.2.6p5-25.0.1.el73.1 - Bump release to avoid ULN conflict with Oracle modified errata. 4.2.6p5-25.el73.1 - don't limit rate of packets from sources CVE-2016-7426 - don't change interface from received packets CVE-2016-7429 - fix calculation of root distance again CVE-2016-7433 - require...
php54-php security update
5.4.40-3 - fix more functions accept paths with NUL character 1213407 5.4.40-2 - core: fix multipart/form-data request can use excessive amount of CPU usage CVE-2015-4024 - fix various functions accept paths with NUL character CVE-2015-4025, CVE-2015-4026 - ftp: fix integer overflow leading to he...
runc security update
4:1.1.13-4 - rebuild against new golang - Resolves: RHEL-46380 4:1.1.13-3 - rebuild against golang-1.22.4 - Resolves: RHEL-46380 4:1.1.13-2 - rebuild - Resolves: RHEL-46380 4:1.1.13-1 - update to https://github.com/opencontainers/runc/releases/tag/v1.1.13 - Related: RHEL-27608 4:1.1.12-2 - Switch...
squashfs-tools security update
4.4-10.git1 - CVE-2021-41072 squashfs-tools: additional write outside destination directory exploit fix CVE-2021-40153 squashfs-tools: unvalidated filepaths allow writing outside of destination rhbz2007304 RHEL-7763 4.4-9.git1 - CVE-2021-40153 squashfs-tools: unvalidated filepaths allow writing...
nss security update
3.90.0-6 - Fix ecc DER wrapping. 3.90.0-5 - Pick up validated constant time implementations of p256, p384, and p521 from upsream - More Fips indicator changes...
Unbreakable Enterprise kernel security update
4.1.12-124.76.2 - firewire: fix potential uaf in outboundphypacketcallback Chengfeng Ye Orabug: 35493606 CVE-2023-3159 - ath9k: fix use-after-free in ath9khifusbrxcb Pavel Skripkin Orabug: 35448003 CVE-2022-1679 - dm ioctl: fix nested locking in tableclear to remove deadlock concern Mike Snitzer...
curl security and bug fix update
7.61.1-30.el88.2 - sftp: do not specify OAPPEND when not in append mode 2187717 7.61.1-30.el88.1 - fix FTP too eager connection reuse CVE-2023-27535...
libtirpc security update
1.3.3 - Rebased to libtirpc-1.3.3 bz 2118157...
python-lxml security update
4.6.5-3 - Security fix for CVE-2022-2309 - Resolves: rhbz2107571...
nginx:1.20 security update
1.20.1-1.0.1 - Remove Red Hat references Orabug: 29498217 1:1.20.1-1 - rebase to 1.20.1 addressing CVE-2021-23017...
kernel security, bug fix, and enhancement update
4.18.0-305.19.14.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
Unbreakable Enterprise kernel security update
5.4.17-2102.204.4.3 - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested Maxim Levitsky Orabug: 33205365 CVE-2021-3656 CVE-2021-3656 - KVM: nSVM: avoid picking up unsupported bits from L2 in intctl Maxim Levitsky Orabug: 33205443 CVE-2021-3653 CVE-2021-3653...
ruby:2.6 security, bug fix, and enhancement update
ruby 2.6.7-107 - Upgrade to Ruby 2.6.7. Resolves: rhbz1952627 - Resolv::DNS: timeouts if multiple IPv6 name servers are given an address containing leading zero Resolves: rhbz1954968 - Fix: Rubygem-bundler: Don't use insecure tmp directory as home allows for execution of malicious code. Resolves:...
dhcp security update
12:4.3.6-44.1 - Fix for CVE-2021-25217...
kernel security and bug fix update
4.18.0-240.8.13.OL8 - Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64...
php:7.3 security, bug fix, and enhancement update
php 7.3.20-1 - update to 7.3.20 1856655 php-pear 1:1.10.9-1 - update PEAR to 1.10.9 - update ArchiveTar to 1.4.7 - update ConsoleGetopt to 1.4.2...
Unbreakable Enterprise kernel security update
4.14.35-1902.303.4.1 - x86/speculation: Add SRBDS vulnerability and mitigation documentation Mark Gross Orabug: 31422209 CVE-2020-0543 - x86/speculation: Add Special Register Buffer Data Sampling SRBDS mitigation Mark Gross Orabug: 31422209 CVE-2020-0543 - x86/cpu: Add 'table' argument to...
firefox security update
68.3.0-1.0.1 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.3.0-1 - Update to 68.3.0 ESR 68.2.0-4 - Added patch for TLS 1.3 support. 68.2.0-3 - Rebuild 68.2.0-2 - Rebuild...
mysql:8.0 security update
mecab 0.996-1.9 - Release bump for rebuilding on new arches Related: 1518842 0.996-1.8 - skip %verify of /etc/opt/rh/rh-mysql57/mecabrc Resolves: 1382315 0.996-1.7 - Prefix library major number with SCL name in soname 0.996-1.6 - Require runtime package from the scl 0.996-1.5 - Convert to SCL...
qemu security update
15:3.1.0-5.el7 - Only enable the halt poll control MSR if it is supported by the host Mark Kanda Orabug: 29946722 15:3.1.0-4.el7 - kvm: i386: halt poll control MSR support Marcelo Tosatti Orabug: 29933278 - Document CVEs as fixed: CVE-2017-9524, CVE-2017-6058, CVE-2017-5931 Mark Kanda Orabug:...
Unbreakable Enterprise kernel security update
4.1.12-124.19.2 - tcp: add tcpoootrycoalesce helper Eric Dumazet Orabug: 28639707 CVE-2018-5390 - tcp: call tcpdrop from tcpdataqueueofo Eric Dumazet Orabug: 28639707 CVE-2018-5390 - tcp: detect malicious patterns in tcpcollapseofoqueue Eric Dumazet Orabug: 28639707 CVE-2018-5390 - tcp: avoid...