8998 matches found
kernel security and bug fix update
2.6.18-164.11.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina yang orabug...
kernel security, bug fix, and enhancement update
4.18.0-513.24.19.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
httpd:2.4 security update
httpd 2.4.37-56.0.1.7 - Resolves: 2176723 - CVE-2023-27522 httpd:2.4/httpd: modproxyuwsgi HTTP response splitting 2.4.37-56.0.1.6 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-56.6 - Resolves: 2190133 - modrewrite...
container-tools:ol8 security, bug fix, and enhancement update
...
kernel security and bug fix update
3.10.0-1160.90.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.90.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...
kvm_utils security update
...
kernel security and bug fix update
3.10.0-1160.66.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...
python-lxml security update
4.2.3-4 - Security fix for CVE-2021-43818 Resolves: rhbz2032569...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.511.5.2.el7 - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33876756 CVE-2022-0492 - scsi: libiscsi: Hold backlock when calling iscsicompletetask Gulam Mohamed Orabug: 33876755 4.14.35-2047.511.5.1 - arm64, mm, efi: Account for GICv3 LPI tables in stat...
pcre security update
8.42-6 - Rebuild for BZ1954441 8.42-5 - Fix CVE-2019-20838 a subject buffer overread in JIT when UTF is disabled and \X or \R has a greater than 1 fixed quantifier bug 1852252 - Fix CVE-2020-14155 an integer overflow when parsing numbers after '?C' bug 1851552...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.300.7.el7 - KVM: SVM: Fix mismerge in svmupdatepiirte Liam Merwick Orabug: 33446526 - Revert KVM: x86: hyperv: Remove duplicate definitions of Reference TSC Page Liam Merwick Orabug: 33450675 5.4.17-2136.300.6 - Revert scsi: core: Cap scsihost cmdperlun at canqueue Jack Vogel Orabug:...
thunderbird security update
78.13.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.13.0-1 - Update to 78.13.0 build1 78.12.0-3 - Rebuild to pickup older nss...
libvirt security update
5.7.0-21.el7 - exadata: Fix the validation when defining domain groups Wim ten Have Orabug: 32085856 - Revert 'qemu: dont take agent and monitor job for shutdown' Menno Lageman Orabug: 32080283 - Revert 'qemu: dont hold a monitor and agent job for reboot' Menno Lageman Orabug: 32080283 - Revert...
thunderbird security update
78.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.5.0-1 - Update to 78.5.0 build3...
microcode_ctl security, bug fix, and enhancement update
2:2.1-73.2.0.1 - for Intel, do not trigger load if on-disk microcode is not an update Orabug: 30634727 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 - ensure late loading fixes are present on 4.1.12- and 4.14.35- - enable early and late load for 5.4.17-...
virt:ol and virt-devel:rhel security, bug fix, and enhancement update
...
java-1.8.0-openjdk security update
1:1.8.0.252.b09-2 - Add release notes. - Resolves: rhbz1810557 1:1.8.0.252.b09-1 - Make use of --with-extra-asflags introduced in jdk8u252-b01. - Resolves: rhbz1810557 1:1.8.0.252.b09-0 - Update to aarch64-shenandoah-jdk8u242-b09. - Switch to GA mode for final release. - Resolves: rhbz1810557...
kubernetes kubeadm-ha-setup kubeadm-upgrade security update
kubernetes 1.12.10-1.0.11 - CVE-2019-11254 kube-apiserver Denial of Service vulnerability from malicious YAML payloads 1.12.10-1.0.10 - CVE-2019-16276 Kubernetes Vulnerabilities Allow Authentication Bypass, DoS 1.12.10-1.0.9 - Define rolling update for flannel 1.12.10-1.0.8 - Modify...
python-virtualenv security update
15.1.0-4 - Bump Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1643829 15.1.0-3 - Add three new patches for CVEs in bundled urllib3 and requests CVE-2018-20060, CVE-2019-11236, CVE-2018-18074 Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1643829...
thunderbird security update
68.5.0-1.0.1.el81 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.5.0-1 - Update to 68.5.0 build1...
firefox security update
68.3.0-1.0.1 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 68.3.0-1 - Update to 68.3.0 ESR 68.2.0-4 - Added patch for TLS 1.3 support. 68.2.0-3 - Rebuild...
ghostscript security update
9.07-31.el76.11 - Resolves: 1673398 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - fix for pdf2dsc regression added...
Unbreakable Enterprise kernel security update
4.14.35-1818.0.15 - tcp: add tcpoootrycoalesce helper Eric Dumazet Orabug: 28453849 CVE-2018-5390 - tcp: call tcpdrop from tcpdataqueueofo Eric Dumazet Orabug: 28453849 CVE-2018-5390 - tcp: detect malicious patterns in tcpcollapseofoqueue Eric Dumazet Orabug: 28453849 CVE-2018-5390 - tcp: avoid...
qemu-kvm security update
0.12.1.2-2.506.el610.1 - qemu-kvm-i386-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch bz1574074 - qemu-kvm-i386-Define-the-Virt-SSBD-MSR-and-handling-of-it-CVE.patch bz1574074 - qemu-kvm-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch bz1574074 - Resolves: bz1574074 CVE-2018-363...
Unbreakable Enterprise kernel security update
4.1.12-112.14.14 - drivers/char/mem.c: deny access in open operation when securelevel is set Ethan Zhao Orabug: 27234850 Orabug: 27234850 - hugetlb: fix nrpmds accounting with shared page tables Kirill A. Shutemov Orabug: 26988581 - x86/IBRS: Drop unnecessary WRITEONCE Boris Ostrovsky Orabug:...
qemu-kvm security update
1.5.3-141.el74.6 - Fix CVE-2017-5715 1.5.3-141.el74.5 - kvm-vfio-pci-Only-mmap-TARGETPAGESIZE-regions.patch bz1515110 - Resolves: bz1515110 Regression in QEMU handling for sub-page MMIO BARs for vfio-pci devices rhel-7.4.z...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.19.4 - l2tp: fix racy SOCKZAPPED flag check in l2tpip,6bind Guillaume Nault Orabug: 26586047 CVE-2016-10200 - xfs: fix two memory leaks in xfsattrlist.c error paths Mateusz Guzik Orabug: 26586022 CVE-2016-9685 - KEYS: Disallow keyrings beginning with '.' to be joined as...
qemu-kvm security update
1.5.3-126.el73.10 - kvm-nbd-Fully-initialize-client-in-case-of-failed-negoti.patch bz1460179 - kvm-nbd-Fix-regression-on-resiliency-to-port-scan.patch bz1460179 - Resolves: bz1460179 CVE-2017-9524 qemu-kvm: Qemu: nbd: segmentation fault due to client non-negotiation rhel-7.3.z...
kernel security and bug fix update
2.6.32-642.6.1 - net tcp: make challenge acks less predictable Florian Westphal 1355606 1355607 CVE-2016-5696 - fs sunrpc: move NOCRKEYTIMEOUT to the auth-auflags Scott Mayhew 1366962 1294939 - usbhid hiddev: validate numvalues for HIDIOCGUSAGES, HIDIOCSUSAGES commands Yauheni Kaliuta 1359999...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.11.2 - Btrfs: fix truncation of compressed and inlined extents Ashish Samant Orabug: 22307285 CVE-2015-8374 - Btrfs: fix file corruption and data loss after cloning inline extents Divya Indi Orabug: 22307285 CVE-2015-8374 - netfilter: xtables: make sure e-nextoffset covers...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.16uek - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222781 CVE-2015-8767...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.4.2 - pipe: Fix buffer offset after partially failed read Ben Hutchings Orabug: 22985903 CVE-2016-0774 CVE-2015-1805 CVE-2016-0774...
java-1.7.0-openjdk security update
1:1.7.0.75-2.5.4.0.0.1.el66 - Update DISTRONAME in specfile 1:1.7.0.75-2.5.4.0 - Fix abrtfriendlyhslogjdk7.patch to apply again. 1:1.7.0.75-2.5.4.0 - Bump to 2.5.4 using OpenJDK 7u75 b13. - Remove earlier temporary patch for RH1146622 included upstream - Fix elliptic curve list as part of fsg.sh ...
Unbreakable Enterprise kernel Security update
2.6.39-400.215.12 - USB: whiteheat: Added bounds checking for bulk command response James Forshaw Orabug: 19849335 CVE-2014-3185 - HID: fix a couple of off-by-ones Jiri Kosina Orabug: 19849318 CVE-2014-3181 - KVM: x86: Improve thread safety in pit Andy Honig Orabug: 19905687 CVE-2014-3611...
java-1.7.0-openjdk security update
1.7.0.65-2.5.1.2.0.1.el65 - Update DISTRONAME in specfile 1.7.0.65-2.5.1.2 - added and applied fix for samrtcard io patch405, pr1864smartcardIO.patch - Resolves: rhbz1115874 1.7.0.65-2.5.1.1.el6 - updated to security patched icedtea7-forest 2.5.1 - Resolves: rhbz1115874 1.7.0.60-2.5.0.1.el6 -...
Unbreakable Enterprise Kernel security update
kernel-uek 2.6.32-400.33.3uek - afkey: fix info leaks in notify messages Mathias Krause Orabug: 17837974 CVE-2013-2234 - drivers/cdrom/cdrom.c: use kzalloc for failing hardware Jonathan Salwan Orabug: 17837971 CVE-2013-2164 - fs/compatioctl.c: VIDEOSETSPUPALETTE missing error check Kees Cook...
kernel security, bug fix, and enhancement update
2.6.32-131.17.1.el6 - Revert: net ipv6: make fragment identifications less predictable Jiri Pirko 723432 723433 CVE-2011-2699 2.6.32-131.16.1.el6 - net brmulticast: Ensure to initialize BRINPUTSKBCBskb-mroutersonly. Frantisek Hrbata 739477 738110 2.6.32-131.15.1.el6 - rebuild 2.6.32-131.14.1.el6 ...
Oracle Linux 6.1 kernel security, bug fix and enhancement update
2.6.32-131.0.15.el6 - build disable Werr for external modules Aristeu Rozanski 703504 2.6.32-131.0.14.el6 - scsi hpsa: fix reading a write only register causes a hang Rob Evers 703262 - scsi mpt2sas: remove the use of writeq, since writeq is not atomic Tomas Henzl 701947 2.6.32-131.0.13.el6 - scs...
kernel security and bug fix update
2.6.18-92.1.10.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki orabug 6045759 - splice Fix bad unlockpage in error case Jens Axboe orabug 6263574 - dio fix error-path crashes Linus Torvalds orabug 6242289 - NET fix netpoll race Tina Yang orabugz 5791 2.6.18-92.1.10.el5 - ia64...
kernel security and bug fix update
2.6.18-53.1.21.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki ORA 6045759 - NET Fix msi issue with kexec/kdump Michael Chan ORA 6219364 - MM Fix allocpagesnode static 'nid' race made kernel crash Joe Jin ORA 6187457 - splice Fix bad unlockpage in error case Jens Axboe ORA 626357...
cups security update
1:1.6.3-52 - CVE-2023-32360 cups: Information leak through Cups-Get-Document operation...
kernel security and bug fix update
5.14.0-162.18.11.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
python-setuptools security update
53.0.0-10.1 - Security fix for CVE-2022-40897 Resolves: rhbz2158559...
curl security update
7.76.1-19.el91.1 - fix POST following PUT confusion CVE-2022-32221...
spacewalk-backend spacewalk-java security update
spacewalk-backend 2.10.28-1.0.13 - Fix HTTP 500 and ORA-01830 on client scap report Orabug: 34823889 2.10.28-1.0.12 - Handle remote commands that return no output. Orabug: 32530545 2.10.28-1.0.11 - Make spacewalk-debug copy symlink target instead of the symlink itself. Orabug: 32514543...
unbound security, bug fix, and enhancement update
1.16.2-2 - Require openssl tool for unbound-keygen 2116802 1.16.2-1 - Update to 1.16.2 2087120 1.16.0-3 - Disable ED25519 and ED448 in FIPS mode 2079548 1.16.0-2 - Restart keygen service before every unbound start 2094336 1.16.0-1 - Update to 1.16.0 2087120 1.15.0-1 - Update to 1.15.0 2030608 -...
openssl security update
3.0.1-43.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-43 - CVE-2022-3602: X.509 Email Address Buffer Overflow - running tests Resolves: CVE-2022-3602 1:3.0.1-42 - CVE-2022-3602: X.509 Email Address Buffer Overflow Resolves: CVE-2022-3602...
kernel security and bug fix update
4.18.0-372.19.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
microcode_ctl security update
3:1.17-33.31.0.3 - update 06-55-04 to 0x2006d05 - update 06-55-07 to 0x5003302 - update 06-6a-04 to 0xb000280 - update 06-6a-06 to 0xd000375 3:1.17-33.31.0.2 - update Intel microcode bundle to 20210608 3:1.17-33.31.0.1 - recognize the 'force-intel' file path available on EL7+ orabug 31655792 -...
vim security update
2:8.0.1763-19.0.1.2 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-19.2 - CVE-2022-1621 vim: heap buffer overflow - CVE-2022-1629 vim: buffer over-read 2:8.0.1763-19.1 - CVE-2022-1154 vim: use after free...