9172 matches found
qemu-kvm security update
0.12.1.2-2.506.el610.3 - kvm-target-i386-define-md-clear-bit.patch bz1698996 - Resolves: bz1698996 CVE-2018-12130 qemu-kvm: hardware: MFBDS...
qemu-kvm security update
0.12.1.2-2.506.el610.1 - qemu-kvm-i386-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch bz1574074 - qemu-kvm-i386-Define-the-Virt-SSBD-MSR-and-handling-of-it-CVE.patch bz1574074 - qemu-kvm-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch bz1574074 - Resolves: bz1574074 CVE-2018-363...
qemu-kvm security update
1.5.3-141.el74.6 - Fix CVE-2017-5715 1.5.3-141.el74.5 - kvm-vfio-pci-Only-mmap-TARGETPAGESIZE-regions.patch bz1515110 - Resolves: bz1515110 Regression in QEMU handling for sub-page MMIO BARs for vfio-pci devices rhel-7.4.z...
openssl security update
0.9.8e-40.0.1 - To disable SSLv2 client connections create the file /etc/sysconfig/openssl-ssl-client-kill-sslv2 John Haxby orabug 21673934 - Backport openssl 08-Jan-2015 security fixes John Haxby orabug 20409893 - fix CVE-2014-3570 - Bignum squaring may produce incorrect results - fix...
java-1.7.0-openjdk security update
1:1.7.0.101-2.6.6.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.101-2.6.6.1 - added Patch666 fontpath.patch to fix tck regressions - Resolves: rhbz1325425 1:1.7.0.101-2.6.6.0 - Fix ztos handling in templateTableppc64.cpp to be same as others in 7. - Resolves: rhbz1325425 1:1.7.0.101-2.6.6.0 - Bum...
libxml2 security update
2.7.6-20.0.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-20.1 - Fix a series of CVEs rhbz1286495 - CVE-2015-7941 Cleanup conditional section error handling - CVE-2015-8317 Fail parsing early on if encoding conversion failed -...
Unbreakable Enterprise kernel security , bug fix and enhancement update
kernel-uek 3.8.13-98 - KVM: x86: SYSENTER emulation is broken Nadav Amit Orabug: 21502729 CVE-2015-0239 CVE-2015-0239 - fs: take imutex during preparebinprm for setugid executables Jann Horn Orabug: 21502159 CVE-2015-3339 3.8.13-97 - add ql2400, ql2500 firmware versions to prerequisites Dan Duval...
kernel security and bug fix update
kernel 2.6.18-406.0.0.0.1 - netfront fix ring buffer index go back led vif stop orabug 18272251 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add...
busybox security and bug fix update
1:1.15.1-15 - Fix btrfs support to findfs and related applets - Resolves: 751927 1:1.15.1-14 - Resolves: 790335 'busybox various flaws' Added a fix for SEGV on empty command in hush 1:1.15.1-13 - Resolves: 790335 'busybox various flaws' including: 'buffer underflow in decompression' 'udhcpc...
php security update
5.3.3-3.8 - correct detection of = in CVE-2012-1823 fix 818607 5.3.3-3.7 - add security fix for CVE-2012-1823 818607...
1
kernel - 2.6.18-308.0.0.0.1.el5 - net bonding: fix carrier detect when bond is down orabug 12377284 - mm fix hugetlb page leak Dave McCracken orabug 12375075 - fix ia64 build error due to add-support-above-32-vcpus.patchZhenzhong Duan - x86 use dynamic vcpuinfo remap to support more than 32 vcpus...
java-1.6.0-openjdk security update
1:1.6.0.0-1.22.1.9.8.0.1.el56 - Add oracle-enterprise.patch 1:1.6.0.0-1.22.1.9.8 - Resolves: rhbz668488 - Bumped to IcedTea6 1.9.8 - RH706250, S6213702, CVE-2011-0872: so non-blocking sockets with TCP urgent disabled get still selected for read ops win - RH706106, S6618658, CVE-2011-0865:...
kernel security and bug fix update
2.6.18-194.3.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina Yang orabug 69930...
Oracle Enterprise Linux 4.8 kernel security and bug fix update
2.6.9-89 -fix regression in cxgb3 driver spinlock usage Andy Gospodarek 495557 -cxgb3: fixup possible workqueue deadlocks Andy Gospodarek 495558 -e1000: network driver doesn t reset nic during shutdown and prevents pxe reloads George Beshers 465620 -cxgb3: fix msix bringup so we dont leak vectors...
java-17-openjdk security update
1:17.0.15.0.6-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.15.0.6-2 - Update to jdk-17.0.15+6 GA - Add to .gitignore openjdk-17.0.15+6.tar.xz - Set updatever to 15 - Set buildver to 6 - Set rpmrelease to 2 - Update sources to openjdk-17.0.15+6.tar.xz - Set bundled freetype provide...
bind security update
32:9.11.36-8.1 - Improve RBT overmem cache cleaning CVE-2023-2828...
container-tools:ol8 security, bug fix, and enhancement update
...
httpd and mod_http2 security update
httpd 2.4.53-7.0.1.5 - Replace index.html with Oracle's index page oracleindex.html. 2.4.53-7.5 - Resolves: 2177751 - CVE-2023-25690 httpd: HTTP request splitting with modrewrite and modproxy modhttp2 1.15.19-3.5 - Resolves: 2177751 - CVE-2023-25690 httpd: HTTP request splitting with modrewrite a...
kernel security, bug fix, and enhancement update
4.18.0-372.9.1.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
kernel security, bug fix, and enhancement update
4.18.0-348.20.15.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
httpd security update
2.4.6-97.0.5.4 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690 - replace index.html with Oracle's index page oracleindex.html 2.4.6-97.4 - Resolves: 2031072 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: 2031074 - CVE-2021-39275 httpd:...
Unbreakable Enterprise kernel-container security update
5.4.17-2102.204.4.3 - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested Maxim Levitsky Orabug: 33205365 CVE-2021-3656 - KVM: nSVM: avoid picking up unsupported bits from L2 in intctl Maxim Levitsky Orabug: 33205443 CVE-2021-3653...
olcne security update
olcne 1.3.1-5 - Updated registry-image-helper.sh to work with olcne-utils 1.3.1-4 - Fix istio template for 1.9.6 and 1.10.2 for k8s update failure 1.3.1-3 - Added ENDVERSIONBLOCK for OLM image 1.3.1-2 - Fix iptables issue when running on OL7 host using OL8 image for 1.19.8 - Fix iptables issue wh...
ruby:2.7 security, bug fix, and enhancement update
ruby 2.7.3-136 - Upgrade to Ruby 2.7.3. Resolves: rhbz1951999 - Resolv::DNS: timeouts if multiple IPv6 name servers are given and address contains leading zero Resolves: rhbz1952000 2.7.2-135 - Upgrade to Ruby 2.7.2. - Avoid possible timeout errors in TestBugReportertestbugreporteradd. 2.7.1-133 ...
glib2 security and bug fix update
2.56.4-10 - Fix various problems in GMainContext Resolves: 1953553 - Fix CVE-2021-27219 Resolves: 1960600...
python-pillow security update
2.0.0-20gitd1c6db8 - Combined fixes for CVE-2020-5312 and CVE-2019-16865 Resolves: rhbz1789533 Resolves: rhbz1774066 2.0.0-19gitd1c6db8 - Reenabled webp support on little endian archs. 2.0.0-18gitd1c6db8 - Disabled webp support on ppc64le due to 962091 and 1127230. - Updated URL. 2.0.0-17gitd1c6d...
git security update
1.7.1-10 - fixes arbitrary code execution via .gitmodules Resolves: CVE-2018-17456...
microcode_ctl security update
3:1.17-33.19.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618737 3:1.17-33.19.0.1 - merge Oracle changes for early load via dracut - enable late load on install for UEK4 kernels marked safe except BDW-79 - update 06-55-04 to 0x2000065 - update 06-55-07 to...
java-1.7.0-openjdk security update
1:1.7.0.221-2.6.18.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.221-2.6.18.0 - Bump to 2.6.18 and OpenJDK 7u221-b02. - Resolves: rhbz1693468...
Unbreakable Enterprise kernel security update
2.6.39-400.297.12 - xsigo: backport Fix race in freeing aged Forwarding tables Pradeep Gopanapalli Orabug: 24823234 - ocfs2: fix deadlock issue when taking inode lock at vfs entry points Eric Ren Orabug: 25671723 - ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock Eric Ren...
glibc security update
2.17-157 - Rebuild with updated binutils 1268008 2.17-156 - malloc arena free free list management fix 1276753 2.17-155 - Basic validity check for locale-archive.tmpl 1350733 2.17-153 - Add Intel AVX-512 optimized routines 1298526. 2.17-151 - Improve malloc peformance in low-memory situations...
Unbreakable Enterprise kernel security update
2.6.39-400.283.1 - atl2: Disable unimplemented scatter/gather feature Ben Hutchings Orabug: 23703990 CVE-2016-2117 - mlx4core: add module parameter to disable background init Mukesh Kacker Orabug: 23292107 - NFSv4: Don't decode fslocations if we didn't ask for them... Trond Myklebust Orabug:...
kernel security and bug fix update
3.10.0-327.18.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.18.2 - lib keys: Fix ASN.1 indefinite length object parsing David Howells 1308814 1308815 CVE-2016-0758 3.10.0-327.18.1 - scsi bnx2fc: Fix FCP RSP residual parsing Maurizio Lombardi 1322279 1306342 - mm madvise: fix...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.15uek - ipc/sem.c: fully initialize semarray before making it visible Manfred Spraul Orabug: 22250043 CVE-2015-7613 - Initialize msg/shm IPC objects before doing ipcaddid Linus Torvalds Orabug: 22250043 CVE-2015-7613 - crypto: add missing crypto module aliases Mathias...
Unbreakable Enterprise kernel security update
2.6.39-400.264.13 - KEYS: Don't permit requestkey to construct a new keyring David Howells Orabug: 22373449 CVE-2015-7872 2.6.39-400.264.12 - crypto: add missing crypto module aliases Mathias Krause Orabug: 22249656 CVE-2013-7421 CVE-2014-9644 - crypto: include crypto- module prefix in template...
python security, bug fix, and enhancement update
2.6.6-64.0.1 - Add Oracle Linux distribution in platform.py orabug 21288328 Keshav Sharma 2.6.6-64 - Enable use of deepcopy with instance methods Resolves: rhbz1223037 2.6.6-63 - Since -libs now provide python-ordered dict, added ordereddict dist-info to site-packages Resolves: rhbz1199997 2.6.6-...
java-1.8.0-openjdk security update
1:1.8.0.51-1.b16 - Add md5sum for January 2015 java.security update so it gets updated this time. - Resolves: rhbz1235162 1:1.8.0.51-0.b16 - July 2015 security update to u51b16. - Add script for generating OpenJDK tarballs from a local Mercurial tree. - Add %name prefix to patches to avoid...
bash security update
4.1.2-29.0.1 - Fix segfaults from CVE-2014-6277 and CVE-2014-6278 completely. orabug 19905294...
httpd security update
2.4.6-18.0.1.el70 - replace index.html with Oracle's index page oracleindex.html 2.4.6-18 - modcgid: add security fix for CVE-2014-0231 1120607 - modproxy: add security fix for CVE-2014-0117 1120607 - moddeflate: add security fix for CVE-2014-0118 1120607 - modstatus: add security fix for...
httpd security update
2.2.15-15.0.1.el62.1 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-15.1 - add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 787598 - obviates fix for CVE-2011-3638, patch removed...
kernel security and bug fix update
2.6.18-274.18.1.0.1.el5 - net bonding: fix carrier detect when bond is down John Haxby orabug 13652598 - fix ia64 build error due to add-support-above-32-vcpus.patchZhenzhong Duan - x86 use dynamic vcpuinfo remap to support more than 32 vcpus Zhenzhong Duan - scsi add additional scsi medium error...
nss security update
nspr: 4.8.4-1 - Update to NSPR 4.8.4 nss: 3.12.6-1.0.1.el54 - Update clean.gif in the nss-3.12.6-stripped.tar.bz2 tarball 3.12.6-1 - Update to 3.12.6 3.12.5.99-1.2 - Fix an unsatified tools runtime dependency 3.12.5.99-1.1 - Preserve file attributes and include some test cleanup 3.12.5.99-1 -...
kernel security and bug fix update
2.6.18-164.11.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina yang orabug...
edk2 security update
Tue Feb 27 2024 Aaron Young - Create new 20240227 release for OL8 which includes the following fixed CVEs: CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2022-36763 CVE-2022-36764 CVE-2022-36765 - Update to OpenSSL 3.0.10 which include...
conmon security update
conmon 2.1.3-7 - Resolve CVE-2023-39325 2.1.3-6 - Add ol8baseoslatest, and ol9baseoslatest, to Jenkinsfile 2.1.3-5 - Add systemd-devel as build requirement 2.1.3-4 - Add support ARM build cri-o 1.26.3-3 - Resolve CVE-2023-39325 1.26.3-2 - Add support for ARM build cri-tools 1.26.1-3 - Resolve...
bind security update
32:9.11.4-26.P2.13 - Tighten cache protection against record from forwarders CVE-2021-25220 32:9.11.4-26.P2.12 - Include test of forwarders CVE-2021-25220 32:9.11.4-26.P2.11 - Prevent excessive resource use while processing large delegations. CVE-2022-2795...
unbound security, bug fix, and enhancement update
1.16.2-2 - Require openssl tool for unbound-keygen 2116802 1.16.2-1 - Update to 1.16.2 2087120 1.16.0-3 - Disable ED25519 and ED448 in FIPS mode 2079548 1.16.0-2 - Restart keygen service before every unbound start 2094336 1.16.0-1 - Update to 1.16.0 2087120 1.15.0-1 - Update to 1.15.0 2030608 -...
httpd security, bug fix, and enhancement update
2.4.53-7.0.1 - Replace index.html with Oracles index page oracleindex.html. 2.4.53-7 - Resolves: 2094997 - CVE-2022-26377 httpd: modproxyajp: Possible request smuggling - Resolves: 2097032 - CVE-2022-28615 httpd: out-of-bounds read in apstrcmpmatch - Resolves: 2098248 - CVE-2022-31813 httpd:...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.512.6.el7 - Revert 'rds/ib: recover rds connection from stuck rx path' Rohit Nair Orabug: 34039271 - uek-rpm: update kABI lists for new symbols Saeed Mirzamohammadi Orabug: 33993774 4.14.35-2047.512.5 - netfilter: nftables: initialize registers in nftdochain Pablo Neira Ayuso Orabug:...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.511.5.2.el7 - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33876756 CVE-2022-0492 - scsi: libiscsi: Hold backlock when calling iscsicompletetask Gulam Mohamed Orabug: 33876755 4.14.35-2047.511.5.1 - arm64, mm, efi: Account for GICv3 LPI tables in stat...