8990 matches found
log4j security update
0:1.2.17-18 - Fix Unsafe deserialization flaw in Chainsaw log viewer - Fix SQL injection when application is configured to use JDBCAppender - Fix remote code execution when application is configured to use JMSSink - Resolves: CVE-2022-23307, CVE-2022-23305, CVE-2022-23302...
openssl security update
1.0.2k-23 - fixes CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings - Resolves: rhbz1996054...
Unbreakable Enterprise kernel-container security update
5.4.17-2102.203.6.el7 - seqfile: disallow extremely large seq buffer allocations Eric Sandeen Orabug: 33135632 CVE-2021-33909...
samba security, bug fix, and enhancement update
openchange 2.3-27.0.1 - Use ldconfigscriptlets 2.3-27 - Rebuild for newer samba samba 4.13.3-3 - resolves: 1924615 - Fix a memcache bug when cache is full - resolves: 1924571 - Ensure that libwbclient has been updated before restarting services 4.13.3-2 - resolves: 1909647 - Fix winbind in trust...
thunderbird security update
78.9.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.9.1-1 - Update to 78.9.1...
Unbreakable Enterprise kernel security update
4.14.35-2025.401.4 - KVM: x86: always expose VIRTSSBD to guests Paolo Bonzini Orabug: 31957046 4.14.35-2025.401.3 - iommu/amd: Restore IRTE.RemapEn bit after programming IRTE Suravee Suthikulpanit Orabug: 31931371 - oracleasm: Access dbdev before dropping inode Stephen Brennan Orabug: 31901948 -...
Unbreakable Enterprise kernel security update
4.14.35-1902.305.4 - ptp: free ptp device pin descriptors properly Vladis Dronov Orabug: 31710994 4.14.35-1902.305.3 - fs/binfmtelf.c: allocate initialized memory in fillthreadcoreinfo Alexander Potapenko Orabug: 31350638 CVE-2020-10732 - PCI: vmd: Filter resource type bits from shadow register J...
git security update
1.8.3.1-22 - Crafted URL containing new lines can cause credential leak - Resolves: CVE-2020-5260...
Unbreakable Enterprise kernel security update
4.14.35-1902.10.7 - rtlwifi: Fix potential overflow on P2P code Laura Abbott Orabug: 30807747 CVE-2019-17666 - rds: fix an infoleak in rdsincinfocopy Kangjie Lu Orabug: 30770961 CVE-2016-5244 - KVM: x86: fix out-of-bounds write in KVMGETEMULATEDCPUID CVE-2019-19332 Paolo Bonzini Orabug: 30658694...
git security update
1.7.1-10 - fixes arbitrary code execution via .gitmodules Resolves: CVE-2018-17456...
kernel security update
4.18.0-147.0.31.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-147.0.31 - drm drm/i915/cmdparser: Fix jump whitelist clearing Dave...
subversion:1.10 security update
libserf 1.3.9-9 - Resolves: 1696354 - Ensure modular RPM upgrade path subversion 1.10.2-2 - rebuild to ensure NVR ordering 1696354 1.10.2-1.1 - Resolves: 1733442 - CVE-2019-0203 subversion:1.10/subversion: remote unauthenticated denial-of-service in subversion svnserve utf8proc 2.1.1-5 - Resolves...
cloud-init security update
18.2-1.0.1 - add modified version of enable-ec2utils-to-stop-retrying-to-get-ec2-metadata.patch for 18.2: 1. Enable ec2utils.py having a way to stop retrying to get ec2 metadata 2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader Resolves: Oracle-Bug:41660 Bugzilla...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.19.12 - nvme: Drop nvmeq-qlock before dmapoolalloc, so as to prevent hard lockups Aruna Ramakrishna Orabug: 25409587 3.8.13-118.19.11 - nvme: Handle PM1725 HIL reset Martin K. Petersen Orabug: 26277600 - char: lp: fix possible integer overflow in lpsetup Willy Tarreau Orabug...
qemu-kvm security and bug fix update
1.5.3-126.el73.9 - kvm-spice-fix-spicechraddwatch-pre-condition.patch bz1452332 - Resolves: bz1452332 RHEL 7.2 based VM Virtual Machine hung for several hours apparently waiting for lock held by mainloop 1.5.3-126.el73.8 - kvm-char-change-qemuchrfeaddwatch-to-return-unsigned.patch bz1452332 -...
nss security update
3.21.3-2.0.1 - Fix out-of-bound issue in base64 encoding/decoding code CVE-2017-5461...
openssl security update
0.9.8e-40.0.1 - To disable SSLv2 client connections create the file /etc/sysconfig/openssl-ssl-client-kill-sslv2 John Haxby orabug 21673934 - Backport openssl 08-Jan-2015 security fixes John Haxby orabug 20409893 - fix CVE-2014-3570 - Bignum squaring may produce incorrect results - fix...
kernel security and bug fix update
2.6.32-573.12.1 - Revert: netdrv igb: add support for 1512 PHY Stefan Assmann 1278275 1238551 2.6.32-573.11.1 - kvm svm: unconditionally intercept DB Paolo Bonzini 1279467 1279468 CVE-2015-8104 - x86 virt: guest to host DoS by triggering an infinite loop in microcode Paolo Bonzini 1277557 1277559...
libxml2 security update
2.7.6-20.0.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-20.1 - Fix a series of CVEs rhbz1286495 - CVE-2015-7941 Cleanup conditional section error handling - CVE-2015-8317 Fail parsing early on if encoding conversion failed -...
java-1.7.0-openjdk security update
1:1.7.0.75-2.5.5.1.0.1.el71 - Update DISTRONAME in specfile 1:1.7.0.75-2.5.5.1 - repacked sources - Resolves: rhbz1209072 1:1.7.0.75-2.5.5.0 - Bump to 2.5.5 using OpenJDK 7u79 b14. - Update OpenJDK tarball creation comments - Remove test case for RH1191652 now fix has been verified. - Drop AArch6...
httpd security update
2.4.6-18.0.1.el70 - replace index.html with Oracle's index page oracleindex.html 2.4.6-18 - modcgid: add security fix for CVE-2014-0231 1120607 - modproxy: add security fix for CVE-2014-0117 1120607 - moddeflate: add security fix for CVE-2014-0118 1120607 - modstatus: add security fix for...
kernel security and bug fix update
kernel 2.6.18-348.18.1 - net be2net: enable polling prior enabling interrupts globally Ivan Vecera 1005239 987539 - kernel signals: stop info leak via tkill and tgkill syscalls Oleg Nesterov 970874 970875 CVE-2013-2141 - net ipv6: do udppushpendingframes AFINET sock pending data Jiri Benc 987647...
gnutls security update
1.0.20-4.0.1.el48.7 - Bump release to resolve ULN up2date issue 1.0.20-4.7 - fix crash in the gnutls-cli tool needed for testing 1.0.20-4.5 - fix safe renegotiation in SSL3 protocol 1.0.20-4.4 - implement safe renegotiation - CVE-2009-3555 533125...
Oracle Enterprise Linux 4.8 kernel security and bug fix update
2.6.9-89 -fix regression in cxgb3 driver spinlock usage Andy Gospodarek 495557 -cxgb3: fixup possible workqueue deadlocks Andy Gospodarek 495558 -e1000: network driver doesn t reset nic during shutdown and prevents pxe reloads George Beshers 465620 -cxgb3: fix msix bringup so we dont leak vectors...
gnutls security update
3.6.16-8.3fips - Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length as defined in FIPS 186-4 section B.3.2 Orabug: 33200526 - Allow bigger known RSA modulus sizes when calling rsageneratefips1864keypair directly Orabug: 33200526 - Change Epoch from 1 to 10...
php:8.0 security update
libzip php 8.0.30-1 - rebase to 8.0.30 - Resolves: RHEL-11946 php-pear php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip...
bind security update
32:9.11.36-8.1 - Improve RBT overmem cache cleaning CVE-2023-2828...
Unbreakable Enterprise kernel-container security update
5.15.0-0.30.20 - floppy: use a statically allocated error counter Willy Tarreau Orabug: 34218638 CVE-2022-1652 - x86: Disable RET on kexec Konrad Rzeszutek Wilk Orabug: 34335631 CVE-2022-23816 CVE-2022-29901 - x86/bugs: do not enable IBPB-on-entry when IBPB is not supported Thadeu Lima de Souza...
Unbreakable Enterprise kernel security update
5.4.17-2136.305.5.3 - bpf: fix out-of-tree module build Alan Maguire Orabug: 33973548 - ACPICA: Enable sleep button on ACPI legacy wake Anchal Agarwal Orabug: 33973543 - Revert 'btrfs: inode: refactor the parameters of insertreservedfileextent' Srikanth C S Orabug: 33973491 - Revert 'btrfs: fix...
virt:kvm_utils security update
hivex 1.3.18 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release 1.3.18 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release libguestfs 1:1.40.2-25.0.1 - Replace upstream references from description tag - Config supermin to...
glibc security, bug fix, and enhancement update
2.28-164.0.1 - Merge of RH patches for ol8-u5 beta release Review-exception: Routine merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for...
thunderbird security update
78.13.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.13.0-1 - Update to 78.13.0 build1...
Unbreakable Enterprise kernel-container security update
5.4.17-2102.204.4.3 - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested Maxim Levitsky Orabug: 33205365 CVE-2021-3656 - KVM: nSVM: avoid picking up unsupported bits from L2 in intctl Maxim Levitsky Orabug: 33205443 CVE-2021-3653...
ruby:2.7 security, bug fix, and enhancement update
ruby 2.7.3-136 - Upgrade to Ruby 2.7.3. Resolves: rhbz1951999 - Resolv::DNS: timeouts if multiple IPv6 name servers are given and address contains leading zero Resolves: rhbz1952000 2.7.2-135 - Upgrade to Ruby 2.7.2. - Avoid possible timeout errors in TestBugReportertestbugreporteradd. 2.7.1-133 ...
dhcp security update
12:4.1.1-63.P1.0.2 - Added dhcp-4.1.1-P1-CVE-2021-25217.patch Orabug: 33005948...
libpq security update
12.5-1 - Rebase to upstream release 12.5 Resolves: rhbz1898228 Resolves: rhbz1901558...
GNOME security, bug fix, and enhancement update
dleyna-renderer 0.6.0-3 - Add a manual Resolves: 1612579 frei0r-plugins 1.6.1-7 - Rebuild with newer annobin to fix rpmdiff problems - Fix the build with a newer opencv - Resolves: rhbz1703994 gdm 3.28.3-34 - Fix file descriptor leak Resolves: 1877853 3.28.3-33 - Fix problem with Xorg fallback...
libxml2 security update
2.9.7-8.0.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.7-8 - Fix CVE-2019-19956 1793001 - Fix CVE-2020-7595 1799786 - Fix CVE-2019-20388 1810058...
container-tools:ol8 security update
buildah 1.11.6-8.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-8 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: 1817742 1.11.6-7 - fix 'COPY command takes long time with buildah' - Resolves...
python-pillow security update
2.0.0-20gitd1c6db8 - Combined fixes for CVE-2020-5312 and CVE-2019-16865 Resolves: rhbz1789533 Resolves: rhbz1774066 2.0.0-19gitd1c6db8 - Reenabled webp support on little endian archs. 2.0.0-18gitd1c6db8 - Disabled webp support on ppc64le due to 962091 and 1127230. - Updated URL. 2.0.0-17gitd1c6d...
openjpeg2 security update
2.3.1-3 - Fix CVE-2020-8112 resolves: 1801030...
Unbreakable Enterprise kernel security update
4.14.35-1902.10.4.1.el7uek - IB/mlx4: Fix use after free in RDMA CM disconnect code path Manjunath Patil Orabug: 30815818 - IB/mlx4: Fix leak in idmapfinddel Hakon Bugge Orabug: 30815811 - RDMA/cma: Relax device check in cmamatchnetdev Hakon Bugge Orabug: 30815802 - KVM: x86: fix out-of-bounds...
thunderbird security update
60.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.8.0-1 - Updated to 60.8.0 60.7.2-3 - Rebuild to fix rhbz1725919 - Thunderbird fails to authenticate with gmail with ssl/tls and OAuth2...
java-1.7.0-openjdk security update
1:1.7.0.221-2.6.18.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.221-2.6.18.0 - Bump to 2.6.18 and OpenJDK 7u221-b02. - Resolves: rhbz1693468...
qemu security update
12:2.9.0-19.el7 - lsi53c895a: convert to trace-events Mark Cave-Ayland Orabug: 28205376 - lsi: Reselection needed to remove pending commands from queue George Kennedy Orabug: 28626490 - lsi53c895a: check message length value is valid Prasad J Pandit Orabug: 28873208 CVE-2018-18849 - 9p: fix QEMU...
java-1.7.0-openjdk security update
1:1.7.0.181-2.6.14.8.0.1 - Update DISTRONAME in specfile 1:1.7.0.181-2.6.14.8 - added and applied 1566890embargoed20180521.patch - Resolves: rhbz1578560...
Unbreakable Enterprise kernel security update
2.6.39-400.298.1 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 23320090 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 24337879 - xen-netfront: cast grant table reference first to type int Dongli Zhang Orabug: 25102637 - xen-netfront: do n...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.16.4 - dccp: fix freeing skb too early for IPV6RECVPKTINFO Andrey Konovalov CVE-2017-6074...
kernel security and bug fix update
3.10.0-327.18.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.18.2 - lib keys: Fix ASN.1 indefinite length object parsing David Howells 1308814 1308815 CVE-2016-0758 3.10.0-327.18.1 - scsi bnx2fc: Fix FCP RSP residual parsing Maurizio Lombardi 1322279 1306342 - mm madvise: fix...
java-1.7.0-openjdk security update
1:1.7.0.101-2.6.6.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.101-2.6.6.1 - added Patch666 fontpath.patch to fix tck regressions - Resolves: rhbz1325425 1:1.7.0.101-2.6.6.0 - Fix ztos handling in templateTableppc64.cpp to be same as others in 7. - Resolves: rhbz1325425 1:1.7.0.101-2.6.6.0 - Bum...