9185 matches found
unbreakable enterprise kernel security update
kernel-uek 3.8.13-16.2.3.el6uek - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951080 CVE-2013-4470 - KVM: x86: fix guest-initiated crash with x2apic CVE-2013-637...
httpd security, bug fix, and enhancement update
2.2.15-26.0.1.el6 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-26 - htcacheclean: exit with code 4 also for 'restart' action 805810 2.2.15-25 - htcacheclean: exit with code 4 if nonprivileged user runs initscript 805810 - rotatelogs: omit the...
kernel security and bug fix update
kernel 2.6.18-308.16.1.el5 - Revert: fs nfsd4: Remove check for a 32-bit cookie in nfsd4readdir Eric Sandeen 847943 784191 - Revert: fs add new FMODE flags: FMODE32bithash and FMODE64bithash Eric Sandeen 847943 784191 - Revert: fs nfsd: rename int access to int mayflags in nfsdopen Eric Sandeen...
kernel security and bug fix update
2.6.18-238.12.1.0.1.el5 - scsi fix scsi hotplug and rescan race orabug 10260172 - fix filpclose race Joe Jin orabug 10335998 - fix missing aiocomplete in endio Joel Becker orabug 10365195 - make xenkbd.abspointer=1 by default orabug 67188919 - xen check to see if hypervisor supports memory...
Oracle Linux 4.9 kernel security and bug fix update
2.6.9-100 -cxgb3: prevent reading uninitialized stack memory to fix xgbextensionioctl infoleak Eugene Teo 633153 CVE-2010-3296 -mlx4: disable MSI-X by default Andy Gospodarek 530596 -ext3: call fs invalidatepage instead of blockinvalidatepage Josef Bacik 488611 -av7110: check for negative array...
php security update
5.3.2-6.1 - add security fixes for CVE-2010-3709, CVE-2010-3870, CVE-2009-5016, CVE-2010-4645 670461...
iperf3 security update
3.9-13 - Resolves: RHEL-29579 - vulnerable to marvin attack if the authentication option is used 3.9-12 - Resolves: RHEL-39975 - possible denial of service 3.9-11 - Related: 2223676 - bumping version for correct update path...
edk2 security update
20230821 - Create new 20230821 release for OL8 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
httpd:2.4 security update
httpd 2.4.37-56.0.1.7 - Resolves: 2176723 - CVE-2023-27522 httpd:2.4/httpd: modproxyuwsgi HTTP response splitting 2.4.37-56.0.1.6 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-56.6 - Resolves: 2190133 - modrewrite...
kernel security and bug fix update
5.14.0-162.18.11.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
thunderbird security update
102.7.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.7.1-1 - Update to 102.7.1 build1 102.7.0-1 - Update to 102.7.0 build1...
spacewalk-backend spacewalk-java security update
spacewalk-backend 2.10.28-1.0.13 - Fix HTTP 500 and ORA-01830 on client scap report Orabug: 34823889 2.10.28-1.0.12 - Handle remote commands that return no output. Orabug: 32530545 2.10.28-1.0.11 - Make spacewalk-debug copy symlink target instead of the symlink itself. Orabug: 32514543...
kernel security and bug fix update
4.18.0-372.19.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
vim security update
2:8.0.1763-19.0.1.2 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-19.2 - CVE-2022-1621 vim: heap buffer overflow - CVE-2022-1629 vim: buffer over-read 2:8.0.1763-19.1 - CVE-2022-1154 vim: use after free...
kvm_utils security update
...
python-lxml security update
4.2.3-4 - Security fix for CVE-2021-43818 Resolves: rhbz2032569...
Unbreakable Enterprise kernel security update
5.4.17-2136.305.5.5 - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address Paolo Bonzini Orabug: 34034594 CVE-2022-1158...
Unbreakable Enterprise kernel security update
4.1.12-124.60.1 - xfs: map unwritten blocks in XFSIOCALLOC,FREESP just like fallocate Darrick J. Wong Orabug: 33699627 Orabug: 33762471 CVE-2021-4155 - fix regression in 'epoll: Keep a reference on files added to the check list' Al Viro Orabug: 33679854 Orabug: 33762505 CVE-2021-1048 CVE-2021-104...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.508.3.el7 - fuse: fix live lock in fuseiget Amir Goldstein Orabug: 33396682 CVE-2021-28950 - block: workaround to avoid self-deadlock in delgendisk Junxiao Bi Orabug: 33392821 - net: bonding: add new option arpallslaves for arpiptarget Venkat Venkatsubra Orabug: 33352735...
kernel security update
2.6.32-754.35.1.0.5.OL6 - kernel futex: Use pistateupdateowner in putpistate Thomas Gleixner 1922249 CVE-2021-3347 Orabug: 33150734 - kernel futex: Handle faults correctly for PI futexes Thomas Gleixner 1922249 CVE-2021-3347 Orabug: 33150734 - kernel futex: Provide and use pistateupdateowner Thom...
thunderbird security update
78.13.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.13.0-1 - Update to 78.13.0 build1 78.12.0-3 - Rebuild to pickup older nss...
.NET Core on OL 8 security and bugfix update
5.0.104-1.0.1 - Add support for new Oracle release 5.0.104-1 - Update to .NET SDK 5.0.104 and Runtime 5.0.4 - Resolves: RHBZ1934247...
libvirt security update
5.7.0-21.el7 - exadata: Fix the validation when defining domain groups Wim ten Have Orabug: 32085856 - Revert 'qemu: dont take agent and monitor job for shutdown' Menno Lageman Orabug: 32080283 - Revert 'qemu: dont hold a monitor and agent job for reboot' Menno Lageman Orabug: 32080283 - Revert...
thunderbird security update
78.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.5.0-1 - Update to 78.5.0 build3...
virt:ol and virt-devel:rhel security, bug fix, and enhancement update
...
sqlite security update
3.26.0-11 - Fixed bug in CVE-2019-20218 1791592 3.26.0-10 - Fixed CVE-2020-13632 1845572 - Fixed CVE-2020-13631 1845474 - Fixed CVE-2020-13630 1845153 3.26.0-9 - Fixed CVE-2019-5018 1721509 3.26.0-8 - Fixed CVE-2019-16168 1826897 3.26.0-7 - Fixed CVE-2019-20218 1791592 - Fixed CVE-2020-6405 18048...
squid security update
7:3.5.20-15.1 - Resolves: 1828359 - CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution - Resolves: 1828360 - CVE-2019-12519 squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow -...
java-1.8.0-openjdk security update
1:1.8.0.252.b09-2 - Add release notes. - Resolves: rhbz1810557 1:1.8.0.252.b09-1 - Make use of --with-extra-asflags introduced in jdk8u252-b01. - Resolves: rhbz1810557 1:1.8.0.252.b09-0 - Update to aarch64-shenandoah-jdk8u242-b09. - Switch to GA mode for final release. - Resolves: rhbz1810557...
git security update
2.18.2-2 - Crafted URL containing new lines can cause credential leak - Resolves: CVE-2020-5260...
virt:ol security and bug fix update
qemu-kvm 2.12.0-88.0.1.el810.3 - Added bug30251155-remove-upstream-reference Orabug: 30251155 2.12.0-88.el810.3 - kvm-tcpemu-Fix-oob-access.patch bz1791565 - kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch bz1791565 - kvm-slirp-use-correct-size-while-emulating-commands.patch bz17915...
git security update
1.8.3.1-21 - Fix CVE-2019-1387...
python security update
...
thunderbird security update
68.3.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.3.0-1 - Update to 68.3.0 build2 68.2.0-2 - Added patch for TLS 1.3 support...
firefox security update
68.3.0-1.0.1 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 68.3.0-1 - Update to 68.3.0 ESR 68.2.0-4 - Added patch for TLS 1.3 support. 68.2.0-3 - Rebuild...
thunderbird security update
60.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.7.0-1 - Update to 60.7.0...
python security update
2.7.5-77.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-77 - Security fix for CVE-2019-9636 Resolves: rhbz1689316...
mariadb security and bug fix update
1:5.5.60-1 - Rebase to 5.5.60 - CVE's fixed: 1558256, 1558260, 1559060 CVE-2017-3636 CVE-2017-3641 CVE-2017-3653 CVE-2017-10379 CVE-2017-10384 CVE-2017-10378 CVE-2017-10268 CVE-2018-2562 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 CVE-2018-2755 CVE-2018-2819 CVE-2018-2817 CVE-2018-276...
qemu-kvm security, bug fix, and enhancement update
1.5.3-156.el7 - kvm-vnc-Fix-qemu-crashed-when-vnc-client-disconnect-sudd.patch bz1527405 - kvm-fix-full-frame-updates-for-VNC-clients.patch bz1527405 - kvm-vnc-update-fix.patch bz1527405 - kvm-vnc-return-directly-if-no-vnc-client-connected.patch bz1527405 - kvm-buffer-add-buffermoveempty.patch...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.19.4 - l2tp: fix racy SOCKZAPPED flag check in l2tpip,6bind Guillaume Nault Orabug: 26586047 CVE-2016-10200 - xfs: fix two memory leaks in xfsattrlist.c error paths Mateusz Guzik Orabug: 26586022 CVE-2016-9685 - KEYS: Disallow keyrings beginning with '.' to be joined as...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-94.3.8 - macsec: dynamically allocate space for sglist Jason A. Donenfeld Orabug: 26368162 CVE-2017-7477 - macsec: avoid heap overflow in skbtosgvec Jason A. Donenfeld Orabug: 26368162 CVE-2017-7477 - nfsd: check for oversized NFSv2/v3 arguments J. Bruce Fields Orabug: 26366988...
kernel security and bug fix update
3.10.0-514.26.1.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-94.3.5 - dccp/tcp: do not inherit mclist from parent Eric Dumazet Orabug: 26132091 CVE-2017-8890...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.15.2 - x86/iopl/64: properly context-switch IOPL on Xen PV Andy Lutomirski Orabug: 25269176 CVE-2016-3157 CVE-2016-3157 - net: Fix use after free in the recvmmsg exit path Arnaldo Carvalho de Melo Orabug: 25298611 CVE-2016-7117...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.11.2 - Btrfs: fix truncation of compressed and inlined extents Ashish Samant Orabug: 22307285 CVE-2015-8374 - Btrfs: fix file corruption and data loss after cloning inline extents Divya Indi Orabug: 22307285 CVE-2015-8374 - netfilter: xtables: make sure e-nextoffset covers...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-37.6.2 - KEYS: potential uninitialized variable Dan Carpenter Orabug: 24393865 CVE-2016-4470 - ovl: fix permission checking for setattr Miklos Szeredi Orabug: 24393742 CVE-2015-8660...
php54 security and bug fix update
php54 2.0-1 - fix incorrect selinux contexts 1194332 php54-php 5.4.40-1 - rebase to PHP 5.4.40 for various security fix 1209887 5.4.37-1 - rebase to PHP 5.4.37 5.4.36-1 - rebase to PHP 5.4.36 1168193 - fix package name in description - php-fpm own session dir php54-php-pecl-zendopcache 7.0.4-3 -...
java-1.7.0-openjdk security update
1.7.0.95-2.6.4.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.95-2.6.4.0 - Remove reference to jre/lib/audio. - Resolves: rhbz1295765 1:1.7.0.95-2.6.4.0 - Bump to 2.6.4 and u95b00. - Backport tarball creation script from OpenJDK 8 RPMs and update fsg.sh to work with it. - Drop 8072932or8074489 pat...
java-1.7.0-openjdk security update
1:1.7.0.91-2.6.2.1.0.1 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Oracle Linux' 1:1.7.0.91-2.6.2.1 - added and applied patch500 8072932or8074489.patch to fix tck failure - Resolves: rhbz1271918 1:1.7.0.91-2.6.2.0 - Drop patch for PR2521/RH1242587 now resolved upstream. - Resolves:...
sqlite security update
3.7.17-6.1 - Fixes for CVE-2015-3415 CVE-2015-3414 CVE-2015-3416 Resolves: rhbz1244731 3.7.17-6 - Release bump for ppc64le 3.7.17-5 - Release bump 3.7.17-4.1 - Backport 64k page fix from latest upstream 1118151...
java-1.7.0-openjdk security update
1:1.7.0.75-2.5.4.0.0.1.el66 - Update DISTRONAME in specfile 1:1.7.0.75-2.5.4.0 - Fix abrtfriendlyhslogjdk7.patch to apply again. 1:1.7.0.75-2.5.4.0 - Bump to 2.5.4 using OpenJDK 7u75 b13. - Remove earlier temporary patch for RH1146622 included upstream - Fix elliptic curve list as part of fsg.sh ...