8988 matches found
libxml2 security update
2.9.1-6.0.1.el71.2 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-6.2 - Fix a series of CVEs rhbz1286496 - CVE-2015-7941 Stop parsing on entities boundaries errors - CVE-2015-7941 Cleanup conditional section error handling - CVE-2015-831...
openssl security update
1.0.1e-16.7 - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension...
java-1.7.0-openjdk security update
1.7.0.9-2.3.8.0.0.1.el64 - Update DISTRONAME in specfile 1.7.0.9-2.3.8.0el6 - Revert to rhel 6.3 version of spec file - Revert to icedtea7 2.3.8 forest - Resolves: rhbz917183 1.7.0.11-2.4.0.pre5.el6 - Update to latest snapshot of icedtea7 2.4 forest - Resolves: rhbz917183 1.7.0.9-2.4.0.pre4.3.el6...
kernel security and bug fix update
2.6.18-128.7.1.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki,Guru Anbalagane orabug 6045759 - MM shrink zone patch John Sobecki,Chris Mason orabug 6086839 - NET Add xen pv/bonding netconsole support Tina yang orabug 6993043 bz 7258 - nfs convert ENETUNREACH to ENOTCONN Guru...
container-tools:ol8 security update
aardvark-dns buildah 2:1.33.12-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/58af1cd - Resolves: RHEL-67612 cockpit-podman conmon containernetworking-plugins containers-common 1-82.0.1 - Updated removed...
tcpdump security update
14:4.99.0-9 - Resolves: RHEL-21558 - tcpslice: use-after-free in extractslice 14:4.99.0-8 - Resolves: RHEL-10714 - Fix PGM option printing...
java-1.8.0-openjdk security update
1:1.8.0.412.b08-1 - Update to shenandoah-jdk8u412-b08 GA - Update release notes for shenandoah-8u412-b08. - Complete release note for Certainly roots - Switch to GA mode. - This tarball is embargoed until 2024-04-16 @ 1pm PT. - Related: RHEL-30926 1:1.8.0.412.b07-0.1.ea - Update to...
tpm2-tss security and enhancement update
3.2.2-2 - Remove misapplied license Resolves: rhbz2160307 3.2.2-1 - Rebase to 3.2.2 - Use systemd-sysusers to create user Resolves: CVE-2023-22745 Resolves: rhbz2095479 Resolves: rhbz2160307 Resolves: rhbz2162613...
curl security and bug fix update
7.61.1-30.el88.2 - sftp: do not specify OAPPEND when not in append mode 2187717 7.61.1-30.el88.1 - fix FTP too eager connection reuse CVE-2023-27535...
curl security and bug fix update
7.61.1-30 - fix HTTP multi-header compression denial of service CVE-2023-23916 7.61.1-29 - h2: lower initial window size to 32 MiB 2166254 7.61.1-28 - smb/telnet: fix use-after-free when HTTP proxy denies tunnel CVE-2022-43552 7.61.1-27 - upon HTTP11REQUIRED, retry the request with HTTP/1.1 21393...
ruby:2.5 security update
ruby 2.5.9-110 - Fix FTBFS due to an incompatible load directive. - Fix a fiddle import test on an optimized glibc on Power 9. - Fix by adding length limit option for methods that parses date strings. Resolves: CVE-2021-41817 - CGI::Cookie.parse no longer decodes cookie names to prevent spoofing...
libxml2 security update
2.9.7-12 - Fix CVE-2022-23308 2057663 2.9.7-11 - Fix CVE-2021-3541 1958783 2.9.7-10 - Fix CVE-2021-3516 1956976 - Fix CVE-2021-3517 1957001 - Fix CVE-2021-3518 1957028 - Fix CVE-2021-3537 1957284...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.304.4.4 - arm64: Use the clearbhb instruction in mitigations James Morse Orabug: 33921646 - arm64: add IDAA64ISAR2EL1 sys register Joey Gouly Orabug: 33921646 - KVM: arm64: Allow SMCCCARCHWORKAROUND3 to be discovered and migrated James Morse Orabug: 33921646 - arm64: Mitigate spectre...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.322.b06-2 - Fix FIPS issues in native code and with initialisation of java.security.Security - Related: rhbz2039366 1:1.8.0.322.b06-1 - Update to aarch64-shenandoah-jdk8u322-b06 EA - Update release notes for 8u322-b06. - Switch to GA mode for final release. - Require tzdata 2021e as of...
xstream security update
1.3.1-14 - Fix remote code execution vulnerability - Resolves: CVE-2021-29505...
qemu-kvm security update
0.12.1.2-2.506.el610.8 - kvm-qemu-kvm-QEMU-usb-check-RNDIS-message-length.patch bz1869684 - kvm-qemu-kvm-QEMU-usb-fix-setuplen-init-CVE-2020-14364.patch bz1869684 - Resolves: bz1869684 CVE-2020-14364 qemu-kvm: QEMU: usb: out-of-bounds r/w access issue while processing usb packets rhel-6.10.z...
zsh security update
4.3.11-11 - improve printing of error messages introduced by the fix of CVE-2019-20044 4.3.11-10 - drop privileges securely when unsetting PRIVILEGED option CVE-2019-20044...
Unbreakable Enterprise kernel security update
4.1.12-124.33.4 - ocfs2: protect extent tree in ocfs2prepareinodeforwrite Shuning Zhang Orabug: 30036349 - ocfs2: direct-IO: protect getblocks Junxiao Bi Orabug: 30036349 - SUNRPC: Remove xprtconnectstatus Trond Myklebust Orabug: 30165838 - SUNRPC: Handle ENETDOWN errors Trond Myklebust Orabug:...
dovecot security update
1:2.2.36-3.1 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1751383...
Unbreakable Enterprise kernel security update
4.1.12-124.29.3.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 29967571 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 29967571 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1 swapgs...
libvirt security update
0.10.2-64.0.1 - Replace docs/et.png in tarball with blank image 0.10.2-64.el610.2 - api: disallow virDomainSaveImageGetXMLDesc on read-only connections CVE-2019-10161...
java-1.7.0-openjdk security update
1:1.7.0.191-2.6.15.4.0.1 - Update DISTRONAME in specfile 1:1.7.0.191-2.6.15.4 - Bump to revised 2.6.15 tarball with PR3616 -notimestamp javadoc fix - Resolves: rhbz1594249 1:1.7.0.191-2.6.15.3 - Bump to revised 2.6.15 tarball with jdk7u191-b01 - Resolves: rhbz1594249 1:1.7.0.191-2.6.15.2 - Fix ho...
nss and nss-util security update
nss 3.28.4-1.0.1 - Added nss-vendor.patch to change vendor - Temporarily disable some tests until expired PayPalEE.cert is renewed 3.28.4-1 - Rebase to 3.28.4 nss-util 3.28.4-1 - Rebase to NSS 3.28.4 to accommodate base64 encoding fix...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.14.2 - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060050 CVE-2016-6480 CVE-2016-6480 - IB/srpt: Simplify srpthandletskmgmt Bart Van Assche Orabug: 25060011 CVE-2016-6327 - audit: fix a double fetch in auditlogsingleexecvearg Paul Moore...
kernel security and bug fix update
3.10.0-327.28.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.28.2 - net bridge: include in6.h in ifbridge.h for struct in6addr Jiri Benc 1331285 1268057 - net inet: defines IPPROTO needed for module alias generation Jiri Benc 1331285 1268057 - net sync some IP headers with glibc Jir...
Unbreakable Enterprise kernel security update
2.6.39-400.250.5 - x8664, vdso: Fix the vdso address randomization algorithm Andy Lutomirski Orabug: 21226730 CVE-2014-9585 - isofs: Fix infinite looping over CE entries Jan Kara Orabug: 21225976 CVE-2014-9420 - x8664, switchto: Load TLS descriptors before switching DS and ES Andy Lutomirski...
kernel security update
2.6.32-431.20.5 - netdrv pppol2tp: fail when socket option level is not SOLPPPOL2TP 1119461 1119462 CVE-2014-4943 2.6.32-431.20.4 - kernel utrace: force IRET path after utracefinishvfork Oleg Nesterov 1115932 1115933 CVE-2014-4699...
Oracle Linux 6 kernel security, bug fix and enhancement update
2.6.32-279.el6 - netdrv mlx4: ignore old module parameters Jay Fenlason 830553 2.6.32-278.el6 - kernel sysctl: silence warning about missing strategy for file-max at boot time Jeff Layton 803431 - net sunrpc: make new tcpmaxslottableentries sysctl use CTLUNNUMBERED Jeff Layton 803431 - drm i915:...
kernel security and bug fix update
2.6.18-194.17.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina Yang orabug...
kernel security update
4.18.0-553.46.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
python-dns security update
1.15.0-12 - Security fix for CVE-2023-29483 Resolves: RHEL-32630...
httpd security and bug fix update
2.4.53-7.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.53-7.1 - Resolves: 2165975 - prevent sscg creating /dhparams.pem - Resolves: 2165970 - CVE-2006-20001 httpd: moddav: out-of-bounds read/write of zero byte - Resolves: 2165973 - CVE-2022-37436 httpd: modproxy: HTTP...
kernel security update
4.18.0-372.9.1.0.2.el8.OL8 - debug: lockdown kgdb Orabug: 34270802 CVE-2022-21499 4.18.0-372.9.1.0.1.el8.OL8 - mei: me: disable driver on the ign firmware Alexander Usyskin Orabug: 34176425...
nodejs:12 security and bug fix update
nodejs 1:12.22.5-1 - Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, - CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672 - Resolves RHBZ1951621 make FIPS always available - Resolves: RHBZ1988595, RHBZ1993992, RHBZ1993989, RHBZ1993093 - Resolves: RHBZ1994025,...
firefox security update
78.13.0-2.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.13.0-2 - Update to 78.13.0 build2 78.13.0-1 - Update to 78.13.0 build1...
xterm security update
295-3.1 - Backport security fix for CVE-2021-27135 - Resolves: rhbz1927564...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.52.1 - crypto: authenc - fix parsing key with misaligned rtalen Eric Biggers Orabug: 31535530 CVE-2020-10769 - crypto: authenc - Export key parsing helper function Mathias Krause Orabug: 31535530 CVE-2020-10769...
firefox security update
78.4.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one Tue Nov 10 2020 [email protected] - 78.4.1-1 - Update to 78.4.1 - Filtering nss/nspr libs 78.4.0-3 - Fixing flatpak build, fixing firefox.sh.in to not disable langpacks loading 78.4.0-2 ...
java-1.8.0-openjdk security update
1:1.8.0.272.b10-0 - Remove the 64-bit siphash test which fails to compile on x86-32 debug builds with gcc 4.4.7 in RHEL 6 - Resolves: rhbz1876665 1:1.8.0.272.b10-0 - Update to aarch64-shenandoah-jdk8u272-b10. - Switch to GA mode for final release. - Update release notes for 8u272 release. - Add...
docker-cli docker-engine security update
docker-cli 19.03.11-4 - added patch for registry list 19.03.11-3 - update to 19.03.11 for CVE-2020-13401 19.03.1-1.0.0 - update to 19.03.1 19.03-0.0.1 - update to 19.03 18.09.1-1.0.6 - disable kmem accounting for UEKR4 18.09.1-1.0.5 - apply e4931e664feac6fa8846f3f04268a0cc98822549, fixes...
bind security update
32:9.11.4-16.P2.6 - Fix EDNS512 loops on broken servers 32:9.11.4-16.P2.5 - Add CVE tests to codebase 32:9.11.4-16.P2.4 - Limit number of queries triggered by a request CVE-2020-8616 - Fix invalid tsig request CVE-2020-8617 32:9.11.4-16.P2.3 - Disable atomic operations on ppc64, ppc64le, aarch64,...
telnet security update
1:0.17-49 - Resolves: 1814775 - Arbitrary remote code execution in utility.c via short writes or urgent data...
java-1.7.0-openjdk security update
1:1.7.0.251-2.6.21.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.251-2.6.21.0 - Bump to 2.6.21 and OpenJDK 7u251-b02. - Resolves: rhbz1785753...
openjpeg2 security update
2.3.1-2 - Fix CVE-2020-6851 resolves: 1790586...
yum security, bug fix, and enhancement update
createrepoc 0.11.0-3 - Backport patch to switch off timestamps on documentation in order to remove file conflicts RhBug:1738788 0.11.0-2 - Consistently produce valid URLs by prepending protocol. RhBug:1632121 - modifyrepoc: Prevent doubling of compression test.gz.gz RhBug:1639287 - Correct pkg...
firefox security update
60.5.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.5.1-1 - Update to 60.5.1 ESR 60.5.0-3 - Added fix for rhbz1672424 - Firefox crashes on NFS drives...
firefox security update
60.5.0-2.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.5.0-2 - Updated to 60.5.0 ESR build2 60.5.0-1 - Updated to 60.5.0 ESR build1 60.4.0-3 - Fixing fontconfig warnings rhbz1601475 60.4.0-2 - Added pipewire patch from Tomas Popela rhbz1664270...
libvirt security update
3.2.0-14.0.1.el74.7 - bump release and rebuild 3.2.0-14.el74.7 - qemu: Properly store microcode version in QEMU caps cache CVE-2017-5715 3.2.0-14.el74.6 - util: add virFileReadHeaderQuiet wrapper around virFileReadHeaderFD CVE-2017-5715 - util: introduce virHostCPUGetMicrocodeVersion CVE-2017-571...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.1 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 25392692 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 26479780 - KEYS: fix dereferencing NULL payload with nonzero length Eric Biggers Orabug: 26592025 - oracleasm:...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-94.5.9 - dentry name snapshots Al Viro Orabug: 26630936 CVE-2017-7533 4.1.12-94.5.8 - scsi: libiscsi: use kvzalloc for iscsipoolinit Kyle Fortin Orabug: 26621191 - mm: introduce kvmzalloc helpers Kyle Fortin Orabug: 26621191 - KEYS: Disallow keyrings beginning with '.' to be...