9173 matches found
libssh security update
0.9.4-3 - Fix CVE-2020-16135 NULL pointer dereference in sftpserver.c if sshbuffernew returns NULL 1862646...
httpd:2.4 security, bug fix, and enhancement update
httpd 2.4.37-41.0.1 - Add checks on the configured UDS path Orabug: 33412270CVE-2021-40438 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracles index page oracleindex.html 2.4.37-41 - Resolves: 1680111 - httpd sends reply to HTTPS GET using two TLS records -...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.300.7.el7 - KVM: SVM: Fix mismerge in svmupdatepiirte Liam Merwick Orabug: 33446526 - Revert KVM: x86: hyperv: Remove duplicate definitions of Reference TSC Page Liam Merwick Orabug: 33450675 5.4.17-2136.300.6 - Revert scsi: core: Cap scsihost cmdperlun at canqueue Jack Vogel Orabug:...
exiv2 security update
0.27.3-3 - Fix heap-based buffer overflow vulnerability in jp2image.cpp that may lead to DoS Resolves: bz1990355...
firefox security update
78.13.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.13.0-2 - Update to 78.13.0 build2 78.13.0-1 - Update to 78.13.0 build1 78.12.0-2 - Rebuild to pick...
.NET Core 3.1 security and bugfix update
3.1.118-1.0.1 - Update patch to support 8.3 [email protected] - support OL release scheme [email protected] 3.1.118-1 - Update to .NET SDK 3.1.118 and Runtime 3.1.18 - Resolves: RHBZ1990189...
olcne security update
olcne 1.3.1-5 - Updated registry-image-helper.sh to work with olcne-utils 1.3.1-4 - Fix istio template for 1.9.6 and 1.10.2 for k8s update failure 1.3.1-3 - Added ENDVERSIONBLOCK for OLM image 1.3.1-2 - Fix iptables issue when running on OL7 host using OL8 image for 1.19.8 - Fix iptables issue wh...
bind security update
32:9.8.2-0.68.rc1.0.1.8 - Backport the fix for buffer overflow CVE-2020-8625 Orabug: 32588749...
firefox security update
78.7.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.7.0-2 - Update to 78.7.0 build2 78.7.0-1 - Update to 78.7.0 build1...
nginx:1.16 security update
1:1.16.1-1.0.1.1 - Remove Red Hat references Orabug: 29498217 1:1.16.1-1.1 - Resolves: 1898952 - CVE 2019-20372 nginx:1.16/nginx: HTTP request smuggling via error pages in http/ngxhttpspecialresponse.c...
Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes kubernetes istio olcne security update
kernel-uek-container 4.14.35-1902.303.5.3.el7 - rds: Deregister all FRWR mr with freemr Hans Westgaard Ry Orabug: 31476202 - Revert 'rds: Do not cancel RDMAs that have been posted to the HCA' Gerd Rausch Orabug: 31475329 - Revert 'rds: Introduce rdsconntopath helper' Gerd Rausch Orabug: 31475329 ...
container-tools:ol8 security update
buildah 1.11.6-8.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-8 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: 1817742 1.11.6-7 - fix 'COPY command takes long time with buildah' - Resolves...
Unbreakable Enterprise kernel security update
5.4.17-2011.1.2 - ctf: discard CTF from the vDSO Nick Alcock Orabug: 31194036 5.4.17-2011.1.1 - slcan: Don't transmit uninitialized stack data in padding Richard Palethorpe Orabug: 31136750 CVE-2020-11494 - blktrace: Protect q-blktrace with RCU Jan Kara Orabug: 31123573 CVE-2019-19768 - KVM: x86:...
kubernetes kubeadm-ha-setup kubeadm-upgrade security update
kubernetes 1.12.10-1.0.11 - CVE-2019-11254 kube-apiserver Denial of Service vulnerability from malicious YAML payloads 1.12.10-1.0.10 - CVE-2019-16276 Kubernetes Vulnerabilities Allow Authentication Bypass, DoS 1.12.10-1.0.9 - Define rolling update for flannel 1.12.10-1.0.8 - Modify...
python-pip security update
9.0.3-7 - Bump Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1702473 Resolves: rhbz1643829 9.0.3-6 - Add four new patches for CVEs in bundled urllib3 and requests CVE-2018-20060, CVE-2019-11236, CVE-2019-11324, CVE-2018-18074 Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves:...
kernel security update
3.10.0-1062.4.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.4.2 - drm drm/i915: Lower RM timeout to avoid DSI hard hangs Dave Airli...
httpd:2.4 security update
httpd 2.4.37-12.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-12 - Resolves: 1744997 - CVE-2019-9511 httpd:2.4/modhttp2: HTTP/2: large amount of data request leads to denial of service - Resolves: 1745084 -...
python security and bug fix update
2.7.5-86.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-86 - Security fix for CVE-2019-10160 Resolves: rhbz1718388 2.7.5-85 - Security fix for CVE-2019-9948 Resolves: rhbz1704174 2.7.5-84 - Disallow control chars in http URLs - Fixes CVE-2019-9740 and CVE-2019-9947...
nss, nss-softokn, nss-util, and nspr security, bug fix, and enhancement update
nspr 4.21.0-1 - Rebase to NSPR 4.21 nss 3.44.0-4 - Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa 3.44.0-3 - Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v15 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSLENABLESESSIONTICKET...
libvirt security and bug fix update
4.5.0-10.0.1 - added librbd1 as dependency Keshav Sharma 4.5.0-10.el76.10 - virnwfilterbindingobj: Introduce and use virNWFilterBindingObjStealDef rhbz1702173 - admin: reject clients unless their UID matches the current UID CVE-2019-10132 - locking: restrict sockets to mode 0600 CVE-2019-10132 -...
firefox security update
60.6.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.6.1-1 - Update to 60.6.1 ESR Build 1...
Unbreakable Enterprise kernel security update
4.1.12-124.24.1 - pinctrl: amd: Use devmpinctrlregister for pinctrl registration Laxman Dewangan Orabug: 27539246 CVE-2017-18174 - mlock: fix mlock count can not decrease in race condition Yisheng Xie Orabug: 27677611 CVE-2017-18221 - perf/core: Fix the perfcputimemaxpercent check Tan Xiaojun...
dnsmasq security update
2.48-18 - Fix CVE-2017-14491...
kernel security update
3.10.0-693.2.2.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel olkmodsigningkey.x509alexey.petre [email protected] - Update x509.genkey bug 24817676...
qemu-kvm security update
1.5.3-126.el73.10 - kvm-nbd-Fully-initialize-client-in-case-of-failed-negoti.patch bz1460179 - kvm-nbd-Fix-regression-on-resiliency-to-port-scan.patch bz1460179 - Resolves: bz1460179 CVE-2017-9524 qemu-kvm: Qemu: nbd: segmentation fault due to client non-negotiation rhel-7.3.z...
openssl security update
1.0.1e-60.1 - fix CVE-2017-3731 - DoS via truncated packets with RC4-MD5 cipher - fix CVE-2016-8610 - DoS of single-threaded servers via excessive alerts...
kernel security, bug fix, and enhancement update
2.6.32-504.23.4 - crypto drbg: fix maximum value checks on 32 bit systems Herbert Xu 1225950 1219907 - crypto drbg: remove configuration of fixed values Herbert Xu 1225950 1219907 2.6.32-504.23.3 - netdrv bonding: fix locking in enslave failure path Nikolay Aleksandrov 1222483 1221856 - netdrv...
java-1.8.0-openjdk security update
1:1.8.0.45-30.b13 - repacked sources - Resolves: RHBZ1209076 1:1.8.0.45-7.b13 - Re-add %name prefix to patches to avoid conflicts with OpenJDK 7 versions. - Remove ppc64le test case now fix has been verified. - Resolves: rhbz1194378 1:1.8.0.45-27.b13 - updated to security u45 - minor sync with 7....
unbreakable enterprise kernel security update
kernel-uek 3.8.13-16.2.3.el6uek - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951080 CVE-2013-4470 - KVM: x86: fix guest-initiated crash with x2apic CVE-2013-637...
httpd security, bug fix, and enhancement update
2.2.15-26.0.1.el6 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-26 - htcacheclean: exit with code 4 also for 'restart' action 805810 2.2.15-25 - htcacheclean: exit with code 4 if nonprivileged user runs initscript 805810 - rotatelogs: omit the...
kernel security and bug fix update
2.6.18-238.12.1.0.1.el5 - scsi fix scsi hotplug and rescan race orabug 10260172 - fix filpclose race Joe Jin orabug 10335998 - fix missing aiocomplete in endio Joel Becker orabug 10365195 - make xenkbd.abspointer=1 by default orabug 67188919 - xen check to see if hypervisor supports memory...
Oracle Linux 4.9 kernel security and bug fix update
2.6.9-100 -cxgb3: prevent reading uninitialized stack memory to fix xgbextensionioctl infoleak Eugene Teo 633153 CVE-2010-3296 -mlx4: disable MSI-X by default Andy Gospodarek 530596 -ext3: call fs invalidatepage instead of blockinvalidatepage Josef Bacik 488611 -av7110: check for negative array...
php security update
5.3.2-6.1 - add security fixes for CVE-2010-3709, CVE-2010-3870, CVE-2009-5016, CVE-2010-4645 670461...
Unbreakable Enterprise kernel security update
5.4.17-2136.338.4.1 - Revert 'ocfs2: fix the la space leak when unmounting an ocfs2 volume' Sherry Yang Orabug: 37383196 5.4.17-2136.338.4 - devlink: fix possible use-after-free and memory leaks in devlinkinit Vasiliy Kovalev Orabug: 37284641 CVE-2024-26734 - mm: avoid leaving partial pfn mapping...
edk2 security update
20230821 - Create new 20230821 release for OL8 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
httpd:2.4 security update
httpd 2.4.37-56.0.1.7 - Resolves: 2176723 - CVE-2023-27522 httpd:2.4/httpd: modproxyuwsgi HTTP response splitting 2.4.37-56.0.1.6 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-56.6 - Resolves: 2190133 - modrewrite...
cups security update
1:1.6.3-52 - CVE-2023-32360 cups: Information leak through Cups-Get-Document operation...
kernel security and bug fix update
5.14.0-162.18.11.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
spacewalk-backend spacewalk-java security update
spacewalk-backend 2.10.28-1.0.13 - Fix HTTP 500 and ORA-01830 on client scap report Orabug: 34823889 2.10.28-1.0.12 - Handle remote commands that return no output. Orabug: 32530545 2.10.28-1.0.11 - Make spacewalk-debug copy symlink target instead of the symlink itself. Orabug: 32514543...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.515.3.el7 - uek-rpm: Enable Pensando EMMC reset controller Thomas Tai Orabug: 34325721 - mfd: pensandoelbasr: Add Pensando Elba System Resource Chip Brad Larson Orabug: 34325721 - dsc-drivers: update drivers for 1.15.9-C-65 Shannon Nelson Orabug: 34325721 4.14.35-2047.515.2.el7 -...
vim security update
2:8.0.1763-19.0.1.2 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-19.2 - CVE-2022-1621 vim: heap buffer overflow - CVE-2022-1629 vim: buffer over-read 2:8.0.1763-19.1 - CVE-2022-1154 vim: use after free...
python-pip security update
9.0.3-8.0.1 - CVE-2019-20916 Orabug: 33861505...
Unbreakable Enterprise kernel security update
4.1.12-124.60.1 - xfs: map unwritten blocks in XFSIOCALLOC,FREESP just like fallocate Darrick J. Wong Orabug: 33699627 Orabug: 33762471 CVE-2021-4155 - fix regression in 'epoll: Keep a reference on files added to the check list' Al Viro Orabug: 33679854 Orabug: 33762505 CVE-2021-1048 CVE-2021-104...
openssh security update
7.4p1-22.0.1 - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation openssh bz3012 Orabug: 30448895 7.4p1-22 + 0.10.3-2 - avoid segfault in Kerberos cache cleanup 1999263 - fix CVE-2021-41617 2008884...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.508.3.el7 - fuse: fix live lock in fuseiget Amir Goldstein Orabug: 33396682 CVE-2021-28950 - block: workaround to avoid self-deadlock in delgendisk Junxiao Bi Orabug: 33392821 - net: bonding: add new option arpallslaves for arpiptarget Venkat Venkatsubra Orabug: 33352735...
rh-postgresql10-postgresql security update
10.15-1 - Rebase to upstream release 10.15 Resolves: CVE-2020-25695 Resolves: CVE-2020-25694 Resolves: CVE-2020-25696 10.14-1 - Rebase to upstream release 10.14 https://www.postgresql.org/docs/10/release-10-14.html 10.12-2 - Filter provides RHBZ1719549 10.12-1 - Rebase to upstream version 10.12 -...
Unbreakable Enterprise kernel security update
5.4.17-2102.201.3uek - locking/qrwlock: Fix ordering in queuedwritelockslowpath Ali Saidi Orabug: 32805544 5.4.17-2102.201.2uek - md/bitmap: wait for external bitmap writes to complete during tear down Sudhakar Panneerselvam Orabug: 32764237 - ocfs2: fix deadlock between setattr and dioendiowrite...
nodejs:10 security update
nodejs 1:10.24.0-1 - Resolves: RHBZ1932373, RHBZ1932426 - Resolves CVE-2021-22883 and CVE-2021-22884 - remove -debug-nghttp2 flag 1930775 - remove ini patch merged upstream...
dotnet3.1 security and bugfix update
3.1.111-1.0.1 - Update patch to support 8.3 [email protected] - support OL release scheme [email protected] 3.1.111-1 - Update to .NET Core SDK 3.1.111 and Runtime 3.1.11 - Resolves: RHBZ1907633...
go-toolset:ol8 security update
delve 1.4.1-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.4.1-1 - Rebase to 1.4.1 - Resolves: rhbz1821281 - Related: rhbz1820596 1.4.0-2 - Change i686 to a better macro - Related: rhbz1820596 1.4.0-1 - Rebase to 1.4.0 - Remove Patch1781 - Related: rhbz1820596 1.3.2-3 -...