8988 matches found
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.3 - gre: fix a possible skb leak Eric Dumazet Orabug: 26403972 CVE-2017-9074 - ipv6: Fix leak in ipv6gsosegment. David S. Miller Orabug: 26403972 CVE-2017-9074 - ipv6: xfrm: Handle errors reported by xfrm6find1stfragopt Ben Hutchings Orabug: 26403972 CVE-2017-9074 - ipv6:...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.18.2 - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986990 CVE-2017-7895 3.8.13-118.18.1 - fnic: Update fnic driver version to 1.6.0.24 John Sobecki Orabug: 24448585 - xen-netfront: Rework the fix for Rx stall during OOM and network stress...
Unbreakable Enterprise kernel security update
2.6.39-400.294.6 - RHEL: complement upstream workaround for CVE-2016-10142. Quentin Casasnovas Orabug: 25765786 CVE-2016-10142 CVE-2016-10142 2.6.39-400.294.5 - net: ping: check minimum size on ICMP header length Kees Cook Orabug: 25766914 CVE-2016-8399 - ipv6: stop sending PTB packets for MTU 12...
kernel security, bug fix, and enhancement update
3.10.0-514.6.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.6.1 - net sctp: validate chunk len before actually using it Hangbin Liu...
openssl security update
1.0.1e-51.5 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when readi...
java-1.6.0-openjdk security update
1:1.6.0.0-1.57.1.11.9 - Updated to icedtea6 1.11.9 - Resolves: rhbz917179...
httpd security update
2.2.3-63.0.1.el58.1 - Fix modssl always performing full renegotiation orabug 12423387 - replace index.html with Oracle's index page oracleindex.html - update vstring and distro in specfile 2.2.3-63.1 - add security fixes for CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 787596 - remove patch for...
container-tools:ol8 security update
aardvark-dns buildah cockpit-podman conmon containernetworking-plugins containers-common 1-82.0.1 - Updated removed references Orabug: 33473101 Alex Burmashev - Adjust registries.conf Nikita Gerasimov - remove references to RedHat registry Nikita Gerasimov 2:1-82 - update vendored components -...
postgresql:16 security update
pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3636 pgrepack 1.5.1-1 - Update to 1.5.1 postgres-decoderbufs 2.4.0-1.Final - Initial import for postgresql 16 stream - Related: RHEL-3636 postgresql 16.8-1 - Update to 16.8 - Fix CVE-2025-10...
tomcat security and bug fix update
1:9.0.87-1.el94.1 - Resolves: RHEL-34815 - Rebase tomcat to version 9.0.87 - Resolves: RHEL-31048 tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 - Resolves: RHEL-31032 tomcat: : Apache Tomcat: HTTP/2 header handling DoS CVE-2024-24549 - Resolves: RHEL-35328 ...
Unbreakable Enterprise kernel security update
4.14.35-2047.523.4.1 - mm: kvmalloc does not fallback to vmalloc for incompatible gfp flags Michal Hocko Orabug: 35164196 4.14.35-2047.523.4 - rds: ib: Keep IB MRs on cleanlist unless we are tearing down the pool Hakon Bugge Orabug: 34987235 - rds: ib: Add FRWR related statistics counters Hakon...
openssl security update
3.0.1-41.0.3 - Add units tests for CVE-2022-3786, CVE-2022-3602 patches 3.0.1-41.0.2 - Fix CVE-2022-3786, CVE-2022-3602 3.0.1-41.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-41 - Zeroize public keys as required by FIPS 140-3 Resolves: rhbz2115861 - Add FIPS indicator for HKDF...
kernel security and bug fix update
4.18.0-348.23.15.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
kernel security and bug fix update
4.18.0-348.7.15.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
go-toolset:ol8 security, bug fix, and enhancement update
golang 1.15.14-1 - Rebase to go-1.15.14-1-openssl-fips - Resolves: rhbz1982287 - Addresses CVE-2021-34558 1.15.13-4 - Related: rhbz1978567 go-toolset 1.15.14-1 - Rebase to go-1.15.14-1-openssl-fips - Resolves: rhbz1982287 - Addresses CVE-2021-34558 1.15.13-2 - Related: rhbz1978567...
subversion:1.10 security update
subversion 1.10.2-4 - add security fix for CVE-2020-17525...
dnsmasq security update
2.76-16.1 - Accept responses only on correct sockets CVE-2020-25684 - Use strong verification on queries CVE-2020-25685 - Handle multiple identical DNS queries better CVE-2020-25686 - Link against nettle for sha256 hash implementation...
Unbreakable Enterprise kernel-container security update
4.14.35-2025.402.2.1.el7 - powercap: restrict energy meter to root access Kanth Ghatraju Orabug: 32040805 CVE-2020-8694 CVE-2020-8695 4.14.35-2025.402.2.el7 - ocfs2: fix remounting needed after setfacl command Gang He - Fix multiple variable definition with syzkaller Hans Westgaard Ry Orabug:...
Unbreakable Enterprise kernel security update
5.4.17-2011.7.4 - iommu/amd: Restore IRTE.RemapEn bit for amdiommuactivateguestmode Suravee Suthikulpanit Orabug: 31931369 - iommu/amd: Fix potential @entry null deref Joao Martins Orabug: 31931369 - iommu/amd: Restore IRTE.RemapEn bit after programming IRTE Suravee Suthikulpanit Orabug: 31931369...
java-1.7.0-openjdk security update
1:1.7.0.261-2.6.22.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.261-2.6.22.1 - Add release notes from IcedTea. - Resolves: rhbz1810557 1:1.7.0.261-2.6.22.0 - Bump to 2.6.22 and OpenJDK 7u261-b02. - Resolves: rhbz1810557...
sudo security update
1.8.23-4.0.2.2 - Bump release to avoid conflict with previous Orace Linux errata 1.8.23-4.2 - RHEL 7.7.z - fixed CVE-2019-18634 Resolves: rhbz1798094 1.8.23-4.1 - RHEL-7.7.z - fixed CVE-2019-14287 Resolves: rhbz1760694...
java-1.7.0-openjdk security update
1:1.7.0.241-2.6.20.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.241-2.6.20.0 - Bump to 2.6.20 and OpenJDK 7u241-b01. - Drop PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Resolves: rhbz1753423...
kernel security, bug fix, and enhancement update
3.10.0-514.16.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.16.1 - tty nhdlc: get rid of racy nhdlc.tbuf 'Herton R. Krzesinski' 1429919...
apache-commons-collections security update
3.2.1-22 - Fix Java object de-serialization vulnerability - Resolves: CVE-2015-7501...
openssh security, bug fix and enhancement update
6.6.1p1-11 + 0.9.3-9 - fix direction in CRYPTOSESSION audit message 1171248 6.6.1p1-10 + 0.9.3-9 - add new option GSSAPIEnablek5users and disable using /.k5users by default CVE-2014-9278 1169843 6.6.1p1-9 + 0.9.3-9 - log via monitor in chroots without /dev/log 1083482 6.6.1p1-8 + 0.9.3-9 - increa...
kernel security and bug fix update
2.6.18-164.6.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina yang orabug 69930...
tbb security update
2018.2-10.1 - Remove jQuery from Doxygen files RHEL-77669 2018.2-10 - Apply patches from BZ 1907561 - Bump release...
libjpeg-turbo security update
2.0.90.7 - Fix CVE-2021-29390 - Resolves: RHEL-5413...
file security update
5.39-16 - Fix stack-based buffer over-read in filecopystr CVE-2022-48554 5.39-15 - Fix segfault in python3-file-magic concurrent method calls...
Unbreakable Enterprise kernel security update
5.4.17-2136.320.7 - selftests: fibtests: mute cleanup error message Po-Hsu Lin - KVM: arm64: PMU: Align chained counter implementation with architecture pseudocode Marc Zyngier Orabug: 35449815 - KVM: arm64: Filter out v8.1+ events on v8.0 HW Marc Zyngier Orabug: 35449815 - KVM: arm64: Add...
python3 security update
3.6.8-19.0.1 - Remove the 'getfile' feature of pydoc Orabug: 33182027CVE-2021-3426 - Fix buffer overflow in PyCArgrepr Orabug: 32551171CVE-2021-3177 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-19 - Security fix for CVE-2023-24329 - Fix the test suite support for Expat =...
gdk-pixbuf2 security update
2.42.6-3 - Backport fixes for CVE-2021-46829 and CVE-2021-44648 - Resolves: rhbz2115213 - Resolves: rhbz2044346...
java-11-openjdk security update
1:11.0.19.0.7-1 - Update to jdk-11.0.19.0+7 - Update release notes to 11.0.19.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 & JDK-8305113 - Update generatetarball.sh to add support for passing a boot JDK to the configure run - Add POSIX-friendly error codes to generatetarball.s...
php security update
8.0.27-1 - rebase to 8.0.27...
virt:kvm_utils security update
libvirt 5.7.0-38.el8 - qemu: Don't report spurious errors from vCPU tid validation on hotunplug timeout Shaleen Bathla Orabug: 34826758 - security: fix SELinux label generation logic Daniel P. Berrange Orabug: 34773029 CVE-2021-3631 - qemu: Set default qdisc before setting bandwidth Michal...
java-11-openjdk security, bug fix, and enhancement update
1:11.0.16.0.8-1 - Update to jdk-11.0.16+8 - Update release notes to 11.0.16+8 - Use same tarball naming style as java-17-openjdk and java-latest-openjdk - Drop JDK-8257794 patch now upstreamed - Print release file during build, which should now include a correct SOURCE value from .src-rev - Updat...
openssl security update
1.0.1e-59.0.3 - Fix possible infinite loop in BNmodsqrt CVE-2022-0778Orabug: 33969800 1.0.1e-59.0.1 - Backport fixes for CVE-2020-1971 Orabug: 32654738 1.0.1e-58.0.1 - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix...
Unbreakable Enterprise kernel security update
5.4.17-2136.304.4.5 - lib/ioviter: initialize 'flags' in new pipebuffer Max Kellermann Orabug: 33942329 CVE-2022-0847 - bpf: Disallow unprivileged bpf by default Pawan Gupta Orabug: 33942374...
kernel security and bug fix update
4.18.0-305.17.14.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.505.4.3.el7 - seqfile: disallow extremely large seq buffer allocations Eric Sandeen Orabug: 33142065 CVE-2021-33909...
pki-core:10.6 security update
pki-core 10.9.4-3.0.1 - Remove redhat reference. 10.9.4-3 - Bug 1933146 - PKI instance creation failed with new 389-ds-base build 10.9.4-2 - CVE-2021-20179: Fix unprivileged users can renew any certificate...
thunderbird security update
68.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.7.0-1 - Update to 68.7.0 build1...
kubernetes security update
1.12.7-1.2.3 - OLCNE-494 CVE-2019-11244 fix CVE-2019-11244: 'kubectl --http-cache= ' - creates world-writeable cached schema files 1.12.7-1.1.3 - OCNE-372 kubeadm: properly umount dirs in /var/lib/kubelet...
firefox security update
60.7.0-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.7.0-1 - Updated to 60.7.0 ESR 60.6.3-1 - Updated to 60.6.3 ESR 60.6.2-1 - Updated to 60.6.2 ESR 60.6.1-2 - Added fix for mozbz526293 - show remote locations on file chooser dialog...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.33.2 - x86/speculation/mds: Make cpumatches cpuinit Patrick Colp Orabug: 29751729 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 - x86/speculation/mds: Only worry about firmware loaded microcode Patrick Colp Orabug: 29641784 CVE-2018-12126 CVE-2018-12130...
Unbreakable Enterprise kernel security update
4.1.12-124.14.5 - vhost/scsi: fix reuse of &vq-iovout in response Benjamin Coddington Orabug: 27928330 4.1.12-124.14.4 - kernel.spec: add requires system-release for OL7 Brian Maly Orabug: 27955380 - x86/kernel/traps.c: fix tracedienotifier return value Kris Van Hees CVE-2018-8897 - x86/entry/64:...
kernel security, bug fix, and enhancement update
3.10.0-514.21.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.21.1 - kernel sched/core: Fix an SMP ordering race in trytowakeup vs...
Unbreakable Enterprise kernel security update
2.6.39-400.296.2 - dccp/tcp: do not inherit mclist from parent Eric Dumazet Orabug: 26108573 CVE-2017-8890 2.6.39-400.296.1 - cifs: adjust sequence number downward after signing NTCANCEL request Albert Barbe - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986995...
kernel security update
2.6.32-642.13.2 - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic Sowa 1424626 1424628 CVE-2017-6074...
Unbreakable Enterprise kernel security update
2.6.39-400.294.1 - nvme: Limit command retries Ashok Vairavan Orabug: 25342947 - tcp: fix use after free in tcpxmitretransmitqueue Eric Dumazet Orabug: 25374376 CVE-2016-6828 - ALSA: pcm : Call killfasync in stream lock Takashi Iwai Orabug: 25231728 CVE-2016-9794 - net: avoid signed overflows for...