8990 matches found
php security update
5.1.6-27.4 - add security fixes for CVE-2011-4885, CVE-2011-4566, CVE-2011-0708, CVE-2011-1148, CVE-2011-1466, CVE-2011-1469, CVE-2011-2202 769756...
Unbreakable Enterprise kernel security and bug fix update
2.6.32-200.19.1.el6uek - Apply new fix for CVE-2011-1576. 2.6.32-200.18.1.el6uek - Revert 'proc: fix a race in doioaccounting' 2.6.32-200.17.1.el6uek - net: Fix memory leak/corruption on VLAN GRODROP CVE-2011-1576 - iommu-api: Extension to check for interrupt remapping CVE-2011-1898 - KVM: IOMMU:...
kernel security and bug fix update
2.6.18-128.1.10.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki,Guru Anbalagane orabug 6045759 - MM shrink zone patch John Sobecki,Chris Mason orabug 6086839 - NET Add xen pv/bonding netconsole support Tina yang orabug 6993043 bz 7258 - nfs convert ENETUNREACH to ENOTCONN Guru...
Oracle Enterprise Linux 5.3 kernel security and bug fix update
2.6.18-128.el5 - cifs cifswritepages may skip unwritten pages Jeff Layton 470267 2.6.18-127.el5 - Revert: i386: check for dmidata in powernowk8 driver Prarit Bhargava 476184 - xen re-enable using xenpv in boot path for FV guests Don Dutile 473899 - xen pvhvm: guest hang on FV save/restore Don...
speex security update
1.0.5-4.el51.1 - Check for headers with invalid mode numbers 442037, CVE-2008-1686...
Moderate: freetype security update
2.1.9-6.el4 - Add freetype-2.1.9-ttf-overflow.patch - Resolves: 240574...
xmlrpc-c security update
1.51.0-11 - Restrict XML Entity Expansion Depth in libexpat CVE-2024-8176...
gcc-toolset-10-gcc security update
10.3.1-1.2.0.1 - Fix Orabug 32423691- gcc10 SEGV for every test in sregress: ORA-7445ksmplruaddbatchksm same bug as PR tree-optimization/100053: gcc11-pr100053.patch - Fix Orabug 31197798 Profile data size way too big same bug as PR gcov-profile/95348: gcc11-pr95348.patch - Introduce...
annobin security update
9.72-1.2 - Bump NVR and rebuild to use the new gcc. 2017362 9.72-1.1 - Annocheck: Add test for multibyte characters in symbol names. 2017362 9.72-1 - Rebase to 9.72. 1960299 - annocheck: Accept 0 as a valid number for gcc minor versions and release numbers. - gcc-plugin: Add support for ARM and...
java-11-openjdk security and bug fix update
1:11.0.13.0.8-1.0.1 - link atomic for ix86 build 1:11.0.13.0.8-1 - Revert addition of libharfbuzz.so after its removal by JDK-8255790 - Resolves: rhbz2012332 1:11.0.13.0.8-1 - Update to jdk-11.0.12.0+8 - Update release notes to 11.0.12.0+8 - Switch to GA mode for final release. - This tarball is...
.NET Core 2.1 security and bugfix update
2.1.525-1 - Update to .NET SDK 2.1.525 and Runtime 2.1.29 - Resolves: RHBZ1988581 2.1.524-1 - Update to .NET SDK 2.1.524 and Runtime 2.1.28 - Resolves: RHBZ1953766...
java-1.8.0-openjdk security update
1:1.8.0.302.b08-0 - Update to aarch64-shenandoah-jdk8u302-b08 EA - Update release notes for 8u302-b08. - Switch to GA mode for final release. - This tarball is embargoed until 2021-07-20 @ 1pm PT. - Resolves: rhbz1972395 1:1.8.0.302.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u302-b07 EA - Upda...
runc security update
1.0.0-1.rc95 - Addresses CVE-2021-30465...
mariadb:10.3 and mariadb-devel:10.3 security update
galera 25.3.32-1 - Rebase to 25.3.32 mariadb 3:10.3.28-1 - Rebase to 10.3.28...
sudo security update
1.8.6p3-29.0.3.el610.3 - Fix a bug on CVE-2021-3156.patch backported from ol7 Orabug: 32717065...
Unbreakable Enterprise kernel-container security update
...
sudo security update
1.8.29-6.1 - RHEL 8.3.Z ERRATUM - CVE-2021-3156 Resolves: rhbz1917732...
libvirt security update
5.7.0-13.el7 - domain groups: Fix multiple Domain Group vCPU administration flaws Wim ten Have Orabug: 31145304 - qemu: fix missing if definedENABLEEXADATA Menno Lageman - build: Fix qemu-submodule-init syntax-check issue Wim ten Have - libvirt: Fix various introduced Fedora/RHEL build violations...
qemu security update
15:3.1.0-7.el7 - qemu-img: Add --target-is-zero to convert David Edmondson 15:3.1.0-6.el7 - qemu.spec: Remove 'BuildRequires: kernel' Karl Heubaum Orabug: 30858754 - target/i386: add support for MSRIA32TSXCTRL Paolo Bonzini Orabug: 30652327 - iscsi: Cap block count from GET LBA STATUS CVE-2020-17...
nghttp2 security update
1.33.0-1.el800.1 - backport security fixes from nghttp2-1.39.2 CVE-2019-9511 and CVE-2019-9513...
redis:5 security update
5.0.3-2 - fix Heap buffer overflow in HyperLogLog triggered by malicious client CVE-2019-10192 - fix Stack buffer overflow in HyperLogLog triggered by malicious client CVE-2019-10193...
tomcat security, bug fix, and enhancement update
0:7.0.76-9 - Resolves: rhbz1641873 CVE-2018-11784 tomcat: Open redirect in default servlet - Resolves: rhbz1552375 CVE-2018-1304 tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended expo sure of resources - Resolves: rhbz1552374 CVE-2018-1305 tomcat: Late...
thunderbird security update
60.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.7.0-1 - Update to 60.7.0...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.29.1 - Copy secureboot flag in boot params across kexec reboot Dave Young Orabug: 22066352 CVE-2015-7837 - ipv6: tcp: add rcu locking in tcpv6sendsynack Eric Dumazet Orabug: 25059183 CVE-2016-3841 - ipv6: add complete rcu protection around np-opt Eric Dumazet Orabug: 2505918...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.23.1 - xen/blkback: free requests on disconnection Dongli Zhang Orabug: 22111941 - RDS: null pointer dereference in rdsatomicfreeop Mohamed Ghannam Orabug: 27986376 CVE-2018-5333 - ACPI: sbshc: remove raw pointer from printk message Greg Kroah-Hartman Orabug: 27986392...
Unbreakable Enterprise kernel security update
4.1.12-124.15.4 - x86/bugs/IBRS: Keep SSBD mitigation in effect if spectrev2=ibrs is selected Mihai Carabas - fs/pstore: update the backend parameter in pstore module Wang Long Orabug: 27994372 - kvm: vmx: Reinstate support for CPUs without virtual NMI Paolo Bonzini Orabug: 28041210 - dm crypt: a...
Unbreakable Enterprise kernel security update
4.1.12-112.14.2 - fuse: Call endqueuedrequests after releasing fc-lock in fusedevrelease Ashish Samant Orabug: 26431550 - rds: Fix inaccurate accounting of unsignaled wrs in rdsibxmitrdma Hakon Bugge Orabug: 27097105 - rds: Fix inaccurate accounting of unsignaled wrs Hakon Bugge Orabug: 27097105 ...
Unbreakable Enterprise kernel security update
4.1.12-103.10.1 - mm, thp: Do not make page table dirty unconditionally in followtranshugepmd Kirill A. Shutemov Orabug: 27200879 CVE-2017-1000405 - NFS: Add static NFS I/O tracepoints Chuck Lever - storvsc: dont assume SG list is contiguous Aruna Ramakrishna Orabug: 27044692 - fix unbalanced pag...
Unbreakable Enterprise kernel security update
2.6.39-400.294.7 - udp: properly support MSGPEEK with truncated buffers Eric Dumazet Orabug: 25874741 CVE-2016-10229 - block: fix use-after-free in seq file Vegard Nossum Orabug: 25877531 CVE-2016-7910...
kernel security and bug fix update
2.6.32-642.15.1 - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic Sowa 1424626 1424628 CVE-2017-6074 2.6.32-642.14.1 - net sctp: validate chunk len before actually using it Hangbin Liu 1399456 1399457 CVE-2016-9555 - netdrv qlcnic: add wmb call in transmit data path Harish...
kernel security update
3.10.0-514.6.2.0.1.el7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-37.3.1 - KEYS: Fix ASN.1 indefinite length object parsing This fixes CVE-2016-0758. David Howells Orabug: 23279022 CVE-2016-0758 - uek-rpm: ol6: revert DRM for experimental or OL6-incompatible drivers Todd Vierling Orabug: 23270829 - unix: properly account for FDs passed over un...
kernel security and bug fix update
2.6.32-504.12.2 - infiniband core: Prevent integer overflow in ibumemget address arithmetic Doug Ledford 1181173 1179327 CVE-2014-8159 2.6.32-504.12.1 - fs splice: perform generic write checks Eric Sandeen 1163798 1155900 CVE-2014-7822 2.6.32-504.11.1 - virt kvm: excessive pages un-pinning in...
kernel security, bug fix, and enhancement update
kernel 2.6.18-371.6.1 - net be2net: don't use skbgetqueuemapping Ivan Vecera 1066302 1063955 - ipc change refcount to atomict Phillip Lougher 1024866 1024868 CVE-2013-4483 - s390 qeth: buffer overflow in snmp ioctl Jacob Tanenbaum 1034402 1034404 CVE-2013-6381 - scsi AACRAID Driver compat IOCTL...
php security, bug fix, and enhancement update
5.3.3-26 - add security fix for CVE-2013-4248 5.3.3-25 - rename patch to math CVE-2010-3709 name - add security fixes for CVE-2006-7243, CVE-2013-1643 5.3.3-24 - fix buffer overflow in pdopgsqlerror 969110 - fix double free when destroyzendclass fails 910466 - fix segfault in errorhandler with...
php security update
5.3.3-3.8 - correct detection of = in CVE-2012-1823 fix 818607 5.3.3-3.7 - add security fix for CVE-2012-1823 818607...
ImageMagick security and bug fix update
6.2.8.0-12.el5 - Add fix for CVE-2010-4167 767142 6.2.8.0-11.el5 Fix assertion failed when using 'identify -verbose' when theres no image information available 502626 6.2.8.0-10.el5 Fix memory allocation failure when using color option 616538 Fix hang when converting broken GIF 693989 Fix...
java-1.6.0-openjdk security update
1:1.6.0.0-1.11.b16.0.1.el5 - Add oracle-enterprise.patch 1:1.6.0.0-1.11.b16.el5 - Remove javaws alternative due to conflict with java-1.6.0-sun's alternatives 1:1.6.0-1.10.b16 - Update to openjdk build b16 - Update to icedtea6-1.6 - Added tzdata-java requirement - Added autoconf and automake buil...
httpd security update
2.0.52-41.ent.6.0.1 - use oracle index page oracleindex.html - update vstring and distro in specfile 2.0.52-41.ent.6 - add security fixes for CVE-2009-3555, CVE-2009-1891, CVE-2009-3094, and CVE-2009-3095 534039...
buildah security update
1.37.6-1.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.37.6-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.37 https://github.com/containers/buildah/commit/fd39521 - Resolves: RHEL-67617...
python-werkzeug security update
0.12.2-4.0.1 - Fix CVE-2023-23934 Orabug: 35662419 - Fix CVE-2023-25577 Orabug: 35662419 - enable tests Orabug: 35662419...
httpd and mod_http2 security update
httpd 2.4.53-7.0.1.5 - Replace index.html with Oracle's index page oracleindex.html. 2.4.53-7.5 - Resolves: 2177751 - CVE-2023-25690 httpd: HTTP request splitting with modrewrite and modproxy modhttp2 1.15.19-3.5 - Resolves: 2177751 - CVE-2023-25690 httpd: HTTP request splitting with modrewrite a...
Unbreakable Enterprise kernel security update
4.14.35-2047.514.5 - x86/speculation/mmio: Fix late microcode loading Patrick Colp Orabug: 34275786 4.14.35-2047.514.4 - Add debugfs for controlling MMIO state data Kanth Ghatraju Orabug: 34202260 CVE-2022-21123 CVE-2022-21127 CVE-2022-21125 CVE-2022-21166 - KVM: x86/speculation: Disable Fill...
rsyslog security update
8.2102.0-7.1 - Address CVE-2022-24903, Heap-based overflow in TCP syslog server resolves: rhbz2081400...
python27:2.7 security update
babel 9.0.3-19 - Remove bundled windows executables - Resolves: rhbz2006792 python2 2.7.18-10.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 2.7.18-10 - Security fix for CVE-2022-0391: urlparse does not sanitize URLs containing ASCII newline and tabs Resolves: rhbz2047376...
polkit security update
0.115-13.0.1.el85.2 - Increase timeout to avoid defunct processes Orabug: 26930744 0.115-13.el85.2 - necessary version bump due to build versioning - Resolves: CVE-2021-4115...
java-11-openjdk security update
1:11.0.15.0.9-2 - Add JDK-8284920 fix for XPath regression - Related: rhbz2073422 1:11.0.15.0.9-2 - Remove security items from release notes that were only in 17u and N/A for 11u - Related: rhbz2073422 1:11.0.15.0.9-1 - Update to jdk-11.0.15.0+9 - Update release notes to 11.0.15.0+9 - Switch to G...
glibc security update
...
virt:kvm_utils security update
hivex 1.3.18-21 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 libguestfs 1.40.2-28.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.40.2-28 -...
log4j security update
0:1.2.17-18 - Fix Unsafe deserialization flaw in Chainsaw log viewer - Fix SQL injection when application is configured to use JDBCAppender - Fix remote code execution when application is configured to use JMSSink - Resolves: CVE-2022-23307, CVE-2022-23305, CVE-2022-23302...