9158 matches found
less security update
458-10 - Fix CVE-2024-32487 - Resolves: RHEL-32802...
glibc security update
2.17-326.3 - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi 2.17-326.3 - nscd: Fix timeout type in netgroup cache RHEL-34263 2.17-326.2 - nscd: Do not use sendfile for the netgroup cache - nscd: Use-after-free in netgroup cache - CVE-2024-33599: nscd: buffer overflow in...
kernel security, bug fix, and enhancement update
4.18.0-553.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x...
libssh security update
0.9.6-14 - Fix CVE-2023-48795 Prefix truncation attack on Binary Packet Protocol BPP - Fix CVE-2023-6918 Missing checks for return values for digests - Fix CVE-2023-6004 ProxyCommand/ProxyJump features allow injection of malicious code through hostname - Note: version is bumped from 12 to 14...
gnutls security update
3.6.16-8.3fips - Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length as defined in FIPS 186-4 section B.3.2 Orabug: 33200526 - Allow bigger known RSA modulus sizes when calling rsageneratefips1864keypair directly Orabug: 33200526 - Change Epoch from 1 to 10fips...
bind security update
32:9.11.36-11 - Prevent exahustion of memory from control channel CVE-2023-3341 32:9.11.36-10 - Prevent the cache going over the configured limit CVE-2023-2828 32:9.11.36-9 - Prevent flooding with UPDATE requests CVE-2022-3094 - include upstream test for that change...
krb5 security update
1.21.1-2.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-2 - CVE-2024-37370 CVE-2024-37371 Fix vulnerabilities in GSS message token handling Resolves: RHEL-45401 RHEL-45390...
idm:DL1 security update
bind-dyndb-ldap custodia ipa 4.9.13-10.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.13-10 - kdb: apply combinatorial logic for ticket flags CVE-2024-3183 Resolves: RHEL-29927 - kdb: fix vulnerability in GCD rules handling CVE-2024-2698 Resolves: RHEL-29692...
bind, bind-dyndb-ldap, and dhcp security update
bind 32:9.11.4-26.P2.16 - Prevent increased CPU consumption in DNSSEC validator CVE-2023-50387 CVE-2023-50868 - Add missing design by contract tests to dnscatz - Speed up parsing of DNS messages with many different names CVE-2023-4408 - Do not use headerprev in expirelruheaders bind-dyndb-ldap...
nss security update
3.67.0-4 - fix CVE-2021-43527...
expat security update
2.1.0-12.0.1 - lib: Prevent integer overflow on groupSize CVE-2021-46143Orabug: 33910302 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910302...
openssh security update
8.0p1-19.2 - Forbid shell metasymbols in username/hostname Resolves: CVE-2023-51385 - Fix Terrapin attack Resolves: CVE-2023-48795...
cpio security update
2.11-28 - Improper input validation when writing tar header fields 1766222...
libXpm security update
3.5.12-11 - Drop hardening patches from previous version to keep ABI compatibility 3.5.12-10 - CVE-2023-43786 libX11: stack exhaustion from infinite recursion in PutSubImage - CVE-2023-43787 libX11: integer overflow in XCreateImage leading to a heap overflow - CVE-2023-43788 libXpm: out of bounds...
sqlite security update
3.26.0-19.0.1 - Fixed CVE-2023-7104...
python security update
2.7.5-90.0.3 - Fix buffer overflow in PyCArgrepr Orabug: 32551171CVE-2021-3177...
systemd security update
219-78.0.9.el79.7 - Core: explicitly trigger changing udev systemdwants property Orabug: 31858125 - Disable unprivileged BPF by default Orabug: 32871008 - Resolve missing installation files for systemd-pstore Orabug 32497787 - Change to have file tmpfiles.d/systemd-pstore.conf installed on upon...
freetype security update
2.8-14.el79.1 - Test bitmap size earlier for PNGs - Fix memory leak in pngshim.c - Resolves: 1891635...
nghttp2 security update
1.33.0-6.1 - fix CONTINUATION frames DoS CVE-2024-27316 1.33.0-6 - fix CONTINUATION frames DoS CVE-2024-28182...
grub2 security update
2.02-0.87.0.26.el7.14 - Replace bugzilla.oracle.com reference Orabug: 35477723 - Backport kernel EFI allocation pacthes Orabug: 34301086 - Add to the list CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 JIRA: OLDIS-16371 - bump SBAT generation JIRA:...
libXpm security update
3.5.12-2 - Fix CVE-2022-4883: compression commands depends on /usr/local/bin:/usr/bin 2161715...
libtiff security update
4.0.9-32 - Fix CVE-2023-6228 CVE-2023-52356 CVE-2023-25433 CVE-2018-15209 - Resolves: RHEL-30682 RHEL-30520 RHEL-30474 RHEL-5406...
rpm security update
4.14.3-28.0.2 - Import additional patches to fix regressions with CVE-2021-35937, CVE-2021-35938 and CVE-2021-35939 patchset Orabug: 36256318 4.14.3-28.0.1 - Fixed infinte loop for dbcreate with error check Orabug: 36202920 4.14.3-28 - Backport file handling code from rpm-4.19 to fix...
python3 security update
3.6.8-62.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-62 - Security fix for CVE-2024-0450 Resolves: RHEL-33683 3.6.8-61 - Security fix for CVE-2023-6597 Resolves: RHEL-33671 3.6.8-60 - Fix build with expat with fixed CVE-2023-52425 Related: RHEL-33671...
curl security update
7.29.0-59.0.3.el79.2 - load CA certificates even with --insecure Orabug: 32836997 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug: 30568724 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers...
c-ares security update
1.13.0-8 - Resolves: rhbz2209517 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service rhel-8.9.0 1.13.0-7 - Resolves: rhbz2170867 - c-ares: buffer overflow in configsortlist due to missing string length check rhel-8...
microcode_ctl security update
4:20230808-2.0.2 - update 06-6a-06 to 0xd0003b9 CVE-2023-23583...
libpng security update
2:1.5.13-8 - Fix CVE-2017-12652 - Resolves: 1744870...
linux-firmware security update
20240715-999.34.git4c8fb21e.el8 - Rebase to latest upstream Orabug: 36826157...
glibc security update
2.28-251.0.2.2 - Forward port of Oracle patches over 2.28-251.2 Reviewed-by: Jose E. Marchesi Oracle history: May-23-2024 Cupertino Miranda - 2.28-251.0.2.1 - Forward port of Oracle patches over 2.28-251.1 Reviewed-by: Jose E. Marchesi...
dotnet6.0 security update
6.0.125-1.0.2 - Add strict BuildRequires on 6.0.125-1.0.1 6.0.125-1.0.1 - Update to .NET SDK 6.0.125 and Runtime 6.0.25...
container-tools:ol8 security and bug fix update
aardvark-dns buildah 1:1.31.5-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.31 https://github.com/containers/buildah/commit/5fd539c - Resolves: RHEL-26772 1:1.31.3-3 - Make the module buildable again - Resolves: RHEL-16299 1:1.31.3-2 - Rebuild with golan...
unbound security update
1.16.2-5.6 - Rebuilt again with z-stream target 1.16.2-5.5 - Correct typo in new config file 1.16.2-5.4 - Ensure group access correction reaches also updated configs CVE-2024-1488 1.16.2-5.3 - Ensure only unbound group can change configuration CVE-2024-1488...
xorg-x11-server security update
1.20.4-27 - Fix use after free related to CVE-2024-21886 1.20.4-26 - CVE fix for: CVE-2023-6816, CVE-2024-0229, CVE-2024-21885, CVE-2024-21886, CVE-2024-0408 and CVE-2024-0409 Resolves: https://issues.redhat.com/browse/RHEL-21205 Resolves: https://issues.redhat.com/browse/RHEL-20578 Resolves:...
python-urllib3 security update
1.24.2-5.0.1.2 - set RECENTDATE to 01/30/2019 to make checks happy Orabug: 30228991 1.24.2-5.2 - Security fix for CVE-2023-45803 Resolves: rhbz2246840 - Security fix for CVE-2023-43804 Resolves: rhbz2242493...
python security update
2.7.5-94.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-94 - Security fix for CVE-2023-40217 Resolves: RHEL-9615...
python-jinja2 security update
2.10.1-4 - Security fix for CVE-2024-22195 Resolves: RHEL-21347 2.10.1-3 - Fix CVE-2020-28493: ReDOS vulnerability due to the sub-pattern Resolves: rhbz1928707 2.10.1-2 - Rebuild of package to go through gating - Resolves: rhbz1701301 2.10.1-1 - Rebase to 2.10.1 security update to fix...
gmp security update
1:6.1.2-11 - Fix: CVE-2021-43618 Resolves: RHEL-23055...
sudo security update
RHEL 9.3.0.Z ERRATUM 1.9.5p2-10 - CVE-2023-28487 sudo: Sudo does not escape control characters in sudoreplay output Resolves: RHEL-21834 - CVE-2023-28486 sudo: Sudo does not escape control characters in log messages Resolves: RHEL-21828 - CVE-2023-42465 sudo: Targeted Corruption of Register and...
systemd security update
239-82.0.1 - Fixed deletion issue for symlink when device is opened Orabug: 36228608 - Fix local-fs and remote-fs targets during system boot replaces old Orabug: 25897792 Orabug: 35871376 - 1A Add 'systemd-fstab-generator-reload-targets.service' file Orabug: 35871376 - 1B Add required rpms for...
pixman security update
0.38.4-3 - Security fix for CVE-2022-44638...
krb5 security update
1.18.2-29.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.18.2-29 - CVE-2024-37370 CVE-2024-37371 Fix vulnerabilities in GSS message token handling Resolves: RHEL-45398 RHEL-45386...
Unbreakable Enterprise kernel security update
5.15.0-210.163.7 - crypto: qat - specify firmware files for 402xx Giovanni Cabiddu Orabug: 37030280 5.15.0-210.163.6 - Revert 'Fix userfaultfdapi to return EINVAL as expected' Vijayendra Suman Orabug: 37004422 5.15.0-210.163.5 - Revert 'bpf: Allow reads from uninit stack' Vijayendra Suman Orabug:...
gnutls security update
3.6.16-8.1 - auth/rsa-psk: minimize branching after decryption RHEL-21550...
cyrus-sasl security update
2.1.26-24.0.1 - Check against gssapi null pointer Orabug: 33270138 2.1.26-24 - Fix for CVE-2022-24407 - Resolves: rhbz2055842...
rpm security update
4.11.3-48 - Fix double-free in previously added patch 2004228 4.11.3-47 - Improve range checks on signature and main header tags 2004228 - Fixes CVE-2021-20271...
mariadb security and bug fix update
1:5.5.65-1 - Rebase to 5.5.65 Also fixes: CVE-2019-2737 CVE-2019-2739 CVE-2019-2740 CVE-2019-2805 Resolves: 1741357 - Revert upstream changes that make the mysqlinstalldb relocatable because it broke mysqlinstalldb when run without --rpm arg Resolves: 1731062 - Add openssl BR that was missing for...
jose security update
10-2.3 - Backport fix for CVE-2024-28176 Resolves: RHEL-28719 10-2.2 - Fix tests on s390x Related: RHEL-29857 10-2.1 - Fixes CVE-2023-50967...
container-tools:ol8 security update
aardvark-dns buildah 2:1.33.7-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/b95e962 - Resolves: RHEL-28224 cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu 3.18-5 -...
container-tools:4.0 security update
buildah 1.24.7-1 - bump to v1.24.7 - Resolves: RHEL-26767 cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp oci-seccomp-bpf-hook podman python-podman runc 1.1.12-1.0.1 - rebuild with golang 1.20.12 for CVE-2023-39326 skopeo...