9171 matches found
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.52.1 - crypto: authenc - fix parsing key with misaligned rtalen Eric Biggers Orabug: 31535530 CVE-2020-10769 - crypto: authenc - Export key parsing helper function Mathias Krause Orabug: 31535530 CVE-2020-10769...
firefox security update
78.4.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one Tue Nov 10 2020 [email protected] - 78.4.1-1 - Update to 78.4.1 - Filtering nss/nspr libs 78.4.0-3 - Fixing flatpak build, fixing firefox.sh.in to not disable langpacks loading 78.4.0-2 ...
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
...
java-1.8.0-openjdk security update
1:1.8.0.272.b10-0 - Remove the 64-bit siphash test which fails to compile on x86-32 debug builds with gcc 4.4.7 in RHEL 6 - Resolves: rhbz1876665 1:1.8.0.272.b10-0 - Update to aarch64-shenandoah-jdk8u272-b10. - Switch to GA mode for final release. - Update release notes for 8u272 release. - Add...
squid security update
7:3.5.20-17.4 - Resolves: 1872349 - CVE-2020-24606 squid: Improper Input Validation could result in a DoS - Resolves: 1872327 - CVE-2020-15810 squid: HTTP Request Smuggling could result in cache poisoning - Resolves: 1872342 - CVE-2020-15811 squid: HTTP Request Splitting could result in cache...
Unbreakable Enterprise kernel security update
5.4.17-2011.5.3uek - misc: pvpanic: add crash loaded event zhenwei pi Orabug: 31677096 - misc: pvpanic: move bit definition to uapi header file zhenwei pi Orabug: 31677096 - RDMA/netlink: Do not always generate an ACK for some netlink operations Hakon Bugge Orabug: 31666971 - bnxten: Fix statisti...
bind security update
32:9.11.4-16.P2.6 - Fix EDNS512 loops on broken servers 32:9.11.4-16.P2.5 - Add CVE tests to codebase 32:9.11.4-16.P2.4 - Limit number of queries triggered by a request CVE-2020-8616 - Fix invalid tsig request CVE-2020-8617 32:9.11.4-16.P2.3 - Disable atomic operations on ppc64, ppc64le, aarch64,...
Unbreakable Enterprise kernel security update
4.1.12-124.29.3.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 29967571 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 29967571 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1 swapgs...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-94.5.9 - dentry name snapshots Al Viro Orabug: 26630936 CVE-2017-7533 4.1.12-94.5.8 - scsi: libiscsi: use kvzalloc for iscsipoolinit Kyle Fortin Orabug: 26621191 - mm: introduce kvmzalloc helpers Kyle Fortin Orabug: 26621191 - KEYS: Disallow keyrings beginning with '.' to be...
tomcat6 security update
0:6.0.24-105 - Related: rhbz1402664 CVE-2016-6816 Adding system property from asfbz-60594 to allow use of some un-encoded characters - Related: rhbz1402664 CVE-2016-6816 Resolving a security regression 2017-6056 caused by CVE-2016-6816 0:6.0.24-104 - Related: rhbz1402664 build. reverting...
kernel security and bug fix update
3.10.0-327.28.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.28.2 - net bridge: include in6.h in ifbridge.h for struct in6addr Jiri Benc 1331285 1268057 - net inet: defines IPPROTO needed for module alias generation Jiri Benc 1331285 1268057 - net sync some IP headers with glibc Jir...
curl security, bug fix, and enhancement update
7.29.0-25.0.1 - disable check to make build pass 7.29.0-25 - fix spurious failure of test 1500 on ppc64le 1218272 7.29.0-24 - use the default min/max TLS version provided by NSS 1170339 - improve handling of timeouts and blocking direction to speed up FTP 1218272 7.29.0-23 - require credentials t...
Unbreakable Enterprise kernel security and bugfix update
2.6.39-400.250.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077389 CVE-2015-3331 2.6.39-400.250.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807440 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...
httpd security, bug fix, and enhancement update
2.4.6-31.0.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-31 - modproxyfcgi: determine if FCGICONNCLOSE should be enabled instead of hardcoding it 1168050 - modproxy: support Unix Domain Sockets 1168081 2.4.6-30 - core: fix bypassing of modheaders rules via chunked request...
glibc security update
Oracle Linux 7: 2.17-55.0.4.el70.5 - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. Jose E. Marchesi 2.17-55.5 - Rebuild and run regression testing...
webkit2gtk3 security update
2.46.6-1 - Update to 2.46.6...
kernel security and bug fix update
3.10.0-1160.114.2.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.114.2.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug:...
kernel security and bug fix update
3.10.0-1160.90.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.90.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...
httpd:2.4 security update
httpd 2.4.37-51.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracles index page oracleindex.html 2.4.37-51 - Resolves: 2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via aprwrite - Resolves: 2097031 - CVE-2022-28615 httpd:2.4/httpd:...
vim security update
8.2.2637-16.0.1.3 - Remove upstream references Orabug: 31197557 2:8.2.2637-16.3 - CVE-2022-1785 vim: Out-of-bounds Write - CVE-2022-1897 vim: out-of-bounds write in vimregsubboth in regexp.c - CVE-2022-1927 vim: buffer over-read in utfptr2char in mbyte.c...
rsync security update
3.1.3-14.2 - Related: 2074783 - Needed to bump this to rebuild correctly 3.1.3-14.1 - Resolves: 2074783 - A flaw in zlib-1.2.11 when compressing not decompressing! certain inputs...
libssh security, bug fix, and enhancement update
0.9.6-3 - Remove STI tests 0.9.6-2 - Remove bad patch causing errors - Adding BuildRequires for openssh SSHD support 0.9.6-1 - Fix CVE-2021-3634: Fix possible heap-buffer overflow when rekeying with different key exchange mechanism - Rebase to version 0.9.6 - Rename SSHDEXECUTABLE to SSHEXECUTABL...
ol-automation-manager security update
1.0.2-1.el8 - Fix multiple CVEs : CVE-2017-18342, CVE-2020-10109, CVE-2020-10108, CVE-2021-33203, CVE-2021-33571, CVE-2021-44420, CVE-2021-31542, CVE-2021-28658, CVE-2021-28957, CVE-2021-43818, CVE-2020-27783 Orabug: 34109801...
expat security update
2.1.0-14.0.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910302 2.1.0-14 - Fix multiple CVEs - CVE-2022-25236 expat: namespace-separator characters in 'xmlns:prefix' attribute values can lead to arbitrary code execution - CVE-2022-25235 expat: malformed 2- and 3-byte UTF-8...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.304.4.1 - Revert rds/ib: Kernel upgrade to rdsibconns info displayed by rds-info Rohit Nair Orabug: 33832625 - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33832582 CVE-2022-0492 5.4.17-2136.304.4 - scsi: libiscsi: Fix iscsitask use after free Mike...
curl security and bug fix update
7.61.1-18 - http: send payload when proxy authentication is done 1918692 - curl: Inferior OCSP verification CVE-2020-8286 - libcurl: FTP wildcard stack overflow CVE-2020-8285 - curl: trusting FTP PASV responses CVE-2020-8284 7.61.1-17 - validate an ssl connection using an intermediate certificate...
thunderbird security update
78.10.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.10.0-1 - Update to 78.10.0...
xterm security update
295-3.1 - Backport security fix for CVE-2021-27135 - Resolves: rhbz1927564...
kernel security and bug fix update
2.6.32-754.33.1.OL6 - Update genkey bug 25599697 2.6.32-754.33.1 - message scsi: mptscsih: Fix read sense data size Tomas Henzl 1824907 2.6.32-754.32.1 - wireless libertas: make lbsibssjoinexisting return error code on rates overflow Jarod Wilson 1776569 - wireless libertas: don't exit from...
docker-cli docker-engine security update
docker-cli 19.03.11-4 - added patch for registry list 19.03.11-3 - update to 19.03.11 for CVE-2020-13401 19.03.1-1.0.0 - update to 19.03.1 19.03-0.0.1 - update to 19.03 18.09.1-1.0.6 - disable kmem accounting for UEKR4 18.09.1-1.0.5 - apply e4931e664feac6fa8846f3f04268a0cc98822549, fixes...
container-tools:1.0 security and bug fix update
buildah 1.5-4.0.1.gite94b4f9 - Fixes troubles with oracle registry login Orabug: 29937283 1.5-4.gite94b4f9 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: 1819431 container-selinux 2:2.124.0-1.gitf958d0c - update to...
java-11-openjdk security update
1:11.0.7.10-1 - Add JDK-8228407 backport to resolve crashes during verification. - Resolves: rhbz1810557 1:11.0.7.10-1 - Amend release notes, removing issue actually fixed in 11.0.6. - Resolves: rhbz1810557 1:11.0.7.10-1 - Re-apply --with-extra-asflags as crash was not due to this. - Resolves:...
telnet security update
1:0.17-49 - Resolves: 1814775 - Arbitrary remote code execution in utility.c via short writes or urgent data...
zsh security update
4.3.11-11 - improve printing of error messages introduced by the fix of CVE-2019-20044 4.3.11-10 - drop privileges securely when unsetting PRIVILEGED option CVE-2019-20044...
openjpeg2 security update
2.3.1-2 - Fix CVE-2020-6851 resolves: 1790586...
nss, nss-softokn, nss-util security update
nss 3.44.0-7 - Increase timeout on sslgtest so that slow platforms can complete when running on a busy system. 3.44.0-6 - back out out-of-bounds patch patch for nss-softokn. - Fix segfault on empty or malformed ecdh keys 1777712 3.44.0-5 - Fix out-of-bounds write in NSCEncryptUpdate 1775910...
python3 security and bug fix update
3.6.8-15.1.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-15.1 - Patch 329 FIPS modified: Added workaround for modssl: Skip error checking in Pyhashlibfipserror Resolves: rhbz1760106 3.6.8-15 - Patch 329 that adds support for OpenSSL FIPS mode has been improved and...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.38.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 30165288 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 30165288 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1...
openssh security, bug fix, and enhancement update
7.4p1-21 + 0.10.3-2 - Avoid double comma in the default cipher list in FIPS mode 1722446 7.4p1-20 + 0.10.3-2 - Revert the updating of cached passwd structure 1712053 7.4p1-19 + 0.10.3-2 - Update cached passwd structure after PAM authentication 1674541 7.4p1-18 + 0.10.3-2 - invalidate supplemental...
python-urllib3 security update
1.10.2-7 - Provide python2-urllib3 - Add patch for CVE-2019-11236 Resolves: rhbz1703360 1.10.2-6 - Source URL switched to HTTPS protocol - Add patch for CVE-2018-20060 Resolves: rhbz1658471...
libvirt security update
0.10.2-64.0.1 - Replace docs/et.png in tarball with blank image 0.10.2-64.el610.2 - api: disallow virDomainSaveImageGetXMLDesc on read-only connections CVE-2019-10161...
firefox security update
60.5.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.5.1-1 - Update to 60.5.1 ESR 60.5.0-3 - Added fix for rhbz1672424 - Firefox crashes on NFS drives...
firefox security update
60.5.0-2.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.5.0-2 - Updated to 60.5.0 ESR build2 60.5.0-1 - Updated to 60.5.0 ESR build1 60.4.0-3 - Fixing fontconfig warnings rhbz1601475 60.4.0-2 - Added pipewire patch from Tomas Popela rhbz1664270...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.29.1 - Copy secureboot flag in boot params across kexec reboot Dave Young Orabug: 22066352 CVE-2015-7837 - ipv6: tcp: add rcu locking in tcpv6sendsynack Eric Dumazet Orabug: 25059183 CVE-2016-3841 - ipv6: add complete rcu protection around np-opt Eric Dumazet Orabug: 2505918...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.21.1 - media: imon: Fix null-ptr-deref in imonprobe Arvind Yadav Orabug: 27208380 CVE-2017-16537 - Input: gtco - fix potential out-of-bound access Dmitry Torokhov Orabug: 27215090 CVE-2017-16643 - usb: usbtest: fix NULL pointer dereference Alan Stern Orabug: 27602324...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-94.7.8 - x86/pti/efi: broken conversion from efi to kernel page table Pavel Tatashin Orabug: 27378087 Orabug: 27352353 CVE-2017-5754 - x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT redux Konrad Rzeszutek Wilk Orabug: 27378074 - x86/IBRS: Make sure we...
kernel security and bug fix update
kernel 2.6.18-406 - fs pipe: fix pipe corruption and iovec overrun on partial copy Mateusz Guzik 1203787 CVE-2015-1805 2.6.18-405 - net tcp: zero retransstamp if all retrans were acked Marcelo Leitner 1205521 - net tcp: fix retransstamp advancing in error cases Marcelo Leitner 1205521 - net tcp:...
Unbreakable Enterprise kernel security and bugfix update
kernel-uek 3.8.13-55.1.5 - CIFS Possible null ptr deref in SMB2tcon Steve French Orabug: 20433140 CVE-2014-7145 3.8.13-55.1.4 - net: sctp: fix NULL pointer dereference in af-fromaddrparam on malformed packet Daniel Borkmann Orabug: 20425332 CVE-2014-7841 3.8.13-55.1.3 - ACPI: x2apic entry ignored...
kernel security and bug fix update
2.6.32-358.14.1 - x86 apic: Add probe for apicflat Prarit Bhargava 975086 953342 2.6.32-358.13.1 - wireless b43: stop format string leaking into error msgs John Linville 971387 971389 CVE-2013-2852 - pci make sriov work with hotplug remove Takahiro MUNEDA 973555 965002 - net rtnl: fix info leak o...
kernel security and bug fix update
2.6.18-194.8.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina Yang orabug 69930...