9185 matches found
Unbreakable Enterprise kernel security update
5.15.0-308.179.6 - net: bridge: IP defragmentation failing for jumboframes Venkat Venkatsubra Orabug: 37847171 - uek-rpm: remove .el9 from shim version Samasth Norway Ananda Orabug: 37834731 - RDS: avoid using offlined CPU during reconnect Arumugam Kolappan Orabug: 37783021 - net/mlx5e: Rely on...
go-toolset:ol8 security update
delve 1.9.1-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.9.1-1 - Rebase to 1.9.1 - Related: rhbz2131026 golang 1.19.10-1.0.1 - New Go version 1.19.10 CVE-2023-29402 CVE-2023-29403 CVE-2023-29404 CVE-2023-29405 go-toolset 1.19.10-1.0.1 - Update for Go 1.19.10 CVE-2023-29402...
httpd:2.4 security and bug fix update
httpd 2.4.37-51.0.1.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-51.1 - Resolves: 2165967 - prevent sscg creating /dhparams.pem - Resolves: 2165976 - CVE-2006-20001 httpd: moddav: out-of-bounds read/write of zero...
java-1.8.0-openjdk security, bug fix, and enhancement update
1:1.8.0.342.b07-1 - Update to shenandoah-jdk8u342-b07 - Update release notes for shenandoah-8u342-b07. - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update tarball script with IcedTea GitHub URL and .src-rev generation - Use 'git apply' with...
Unbreakable Enterprise kernel security update
5.15.0-0.30.19 - net/mlx4: Increase numsrq in lowmemprofile Dave Kleikamp Orabug: 34052160 5.15.0-0.30.18 - Revert ocfs2: mount shared volume without ha stack Junxiao Bi Orabug: 33701900 - KVM: x86/speculation: Disable Fill buffer clear within guests Pawan Gupta Orabug: 34202258 CVE-2022-21123...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.514.5.el7 - x86/speculation/mmio: Fix late microcode loading Patrick Colp Orabug: 34275786 4.14.35-2047.514.4.el7 - Add debugfs for controlling MMIO state data Kanth Ghatraju Orabug: 34202260 CVE-2022-21123 CVE-2022-21125 CVE-2022-21127 CVE-2022-21166 - KVM: x86/speculation: Disable...
Unbreakable Enterprise kernel security update
4.14.35-2047.511.5.8.el7uek - netfilter: nftables: initialize registers in nftdochain Pablo Neira Ayuso Orabug: 34048826 CVE-2022-1016...
llvm-toolset:ol8 security update
clang 12.0.1-4.0.1 - Use all available CPU cores for build - Recognize Oracle Linux distros OraBug: 29422714 12.0.1-4 - Trojan source clang-tidy patchset fix 12.0.1-3 - Trojan source clang-tidy patchset...
redis:6 security update
6.0.9-5 - fix denial of service via Redis Standard Protocol RESP request CVE-2021-32675 6.0.9-4 - fix lua scripts can overflow the heap-based Lua stack CVE-2021-32626 - fix integer overflow issue with Streams CVE-2021-32627 - fix integer overflow bug in the ziplist data structure CVE-2021-32628 -...
Unbreakable Enterprise kernel security update
4.14.35-2047.507.7.5 - Bluetooth: defer cleanup of resources in hciunregisterdev Tetsuo Handa Orabug: 33369947 CVE-2021-3573 - Bluetooth: use correct lock to prevent UAF of hdev object Lin Ma Orabug: 33369947 - Bluetooth: fix the erroneous flushwork order Lin Ma Orabug: 33369947 CVE-2021-3564 -...
kernel security update
2.6.32-754.35.1.0.4.OL6 - seqfile: disallow extremely large seq buffer allocations CVE-2021-33909 Eric Sandeen Orabug: 33137331...
containerd security update
containerd 1.4.8-1 - Address CVE-2021-32760 docker-cli 19.03.11-13 - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. docker-engine 19.03.11-13 - updated containerd minimum version to 1.4.8 to address CVE-2021-32760...
python-cryptography security, bug fix, and enhancement update
3.2.1-4 - CVE-2020-36242: Fixed a bug where certain sequences of update calls when symmetrically encrypting very large payloads 2GB could result in an integer overflow, leading to buffer overflows. - Resolves: rhbz1926528 3.2.1-3 - Conflict with non-matching vector package 3.2.1-2 - Re-add remove...
thunderbird security update
78.9.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.9.1-1 - Update to 78.9.1...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.272.b10-1 - Add backport of JDK-8215727: 'Restore JFR thread sampler loop to old / previous behaviour' - Resolves: rhbz1876665 1:1.8.0.272.b10-0 - Update to aarch64-shenandoah-jdk8u272-b10. - Switch to GA mode for final release. - Update release notes for 8u272 release. - Add backport of...
libssh2 security update
1.8.0-4 - fix integer overflow in SSHMSGDISCONNECT logic CVE-2019-17498 1.8.0-3 - sanitize public header file detected by rpmdiff 1.8.0-2 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix out-of-bounds memory comparison with specially...
mysql:8.0 security update
mysql 8.0.21-1 - Rebase to 8.0.21 - Use bundled libzstd and libevent for RHSCL and RHEL-8.0.0 - Check that we have correct versions in bundled Provides - Remove re2 bundled dependency 8.0.20-1 - Rebase to 8.0.20 8.0.19-2 - Specify all perl dependencies 8.0.19-1 - Rebase to 8.0.19 8.0.18-1 - Rebas...
postgresql-jdbc security update
9.2.1002-8 - require explicitly jdk-1.7 due to ABI bytecode compatibility 9.2.1002-7 - fixed XXE vulnerability CVE-2020-13692...
kernel security, bug fix, and enhancement update
4.18.0-193.13.22.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-193.13.22 - Rebuild to get kernel image properly signed Bruno...
tomcat security update
0:7.0.76-12 - Resolves: CVE-2020-9484 tomcat: Apache Tomcat Remote Code Execution via session persistence...
firefox security update
68.9.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file Fri May 29 2020 Jan Horak - Update to 68.9.0 build1 - Added patch for pipewire 0.3 Mon May 11 2020 Jan...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.45.1 - HID: hiddev: do cleanup in failure of opening a device Hillf Danton Orabug: 31206361 CVE-2019-19527 - HID: hiddev: avoid opening a disconnected device Hillf Danton Orabug: 31206361 CVE-2019-19527 - HID: Fix assumption that devices have inputs Alan Stern Orabug: 312086...
httpd security, bug fix, and enhancement update
2.4.6-93.0.1 - replace index.html with Oracles index page oracleindex.html 2.4.6-93 - Resolves: 1677496 - CVE-2018-17199 httpd: modsessioncookie does not respect expiry time 2.4.6-92 - htpasswd: add SHA-2 crypt support 1486889 2.4.6-91 - Resolves: 1630886 - scriptlet can fail if hostname is not...
Unbreakable Enterprise kernel security update
4.14.35-1902.10.8 - KVM: nVMX: Check IO instruction VM-exit conditions Oliver Upton Orabug: 30847136 CVE-2020-2732 - KVM: nVMX: Refactor IO bitmap checks into helper function Oliver Upton Orabug: 30847136 CVE-2020-2732 - KVM: nVMX: Dont emulate instructions in guest mode Paolo Bonzini Orabug:...
java-11-openjdk security update
1:11.0.5.10-0.0.1 - link atomic for ix86 build Livy Ge 1:11.0.5.10-0 - Update to shenandoah-jdk-11.0.5+10 GA - Switch to GA mode for final release. - Remove PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Resolves: rhbz1753423 1:11.0.5.9-0.0.ea - Update to shenandoah-jdk-11.0.5+9...
java-11-openjdk security update
1:11.0.5.10-0.0.1 - link atomic for ix86 build 1:11.0.5.10-0 - Update to shenandoah-jdk-11.0.5+10 GA - Switch to GA mode for final release. - Remove PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Resolves: rhbz1753423 1:11.0.5.9-0.0.ea - Update to shenandoah-jdk-11.0.5+9 EA -...
rsyslog security and bug fix update
8.24.0-38.0.2 - Newer gcc complains about implicit declaration of prctl. Added header file to quiesce the compiler 8.24.0-38 RHEL 7.7 ERRATUM - added patch increasing max path size preventing buffer overflow with too long paths resolves: rhbz1656860 8.24.0-37 RHEL 7.7 ERRATUM - edited patch fixin...
qemu-kvm security, bug fix, and enhancement update
1.5.3-167.el7 - Reverting kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch bz1618503 - Resolves: bz1618503 qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads rhel-7 1.5.3-166.el7 - kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch bz1618503 - Resolves: bz1618503 qemu-kv...
bind security update
32:9.9.4-73 - Fixes debug level comments 1647539...
Unbreakable Enterprise kernel security update
2.6.39-400.302.1 - Fix up non-directory creation in SGID directories Linus Torvalds Orabug: 28459479 CVE-2018-13405 - ALSA: seq: Make ioctls race-free Takashi Iwai Orabug: 28459730 CVE-2018-7566 - rds: CVE-2018-7492: Fix NULL pointer dereference in rdsrdmamap Hakon Bugge Orabug: 28539910...
firefox security update
60.2.0-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.2.0-1 - Update to 60.2.0 ESR 60.1.0-9 - Do not set user agent rhbz1608065 - GTK dialogs are localized now rhbz1619373 - JNLP association works again rhbz1607457 60.1.0-8 - Fixed...
kernel security, bug fix, and enhancement update
3.10.0-862.2.3.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-862.2.3 - x86 kvm: fix icebp instruction handling Paolo Bonzini 1566849 1566845...
kernel security update
2.6.18-419.0.0.0.8 - Backport CVEs to RHCK/OL5 orabug 27547712 CVE-2017-5753 CVE-2017-5754 - 2.6.18-419.0.0.0.5 - fs fix kernel panic on boot on ia64 guests Honglei Wang orabug 26934100...
bind security and bug fix update
32:9.9.4-50.1 - Bump again above RHEL-7.4 32:9.9.4-38.5 - Fix CVE-2017-3142 and CVE-2017-3143 32:9.9.4-38.4 - Update root servers and trust anchor 1459649...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.16 - mm: remove gupflags FOLLWRITE games from getuserpages Linus Torvalds Orabug: 24927306 CVE-2016-5195 4.1.12-61.1.15 - drivers/nvme: provide a module parameter for setting number of I/O queues Shan Hai Orabug: 24914956 - blk-mq: improve warning for running a queue on the...
php security and bug fix update
5.4.16-36.3 - don't set environmental variable based on user supplied Proxy request header CVE-2016-5385 5.4.16-36.2 - fix segmentation fault in headerregistercallback 1346758...
kernel security and bug fix update
3.10.0-327.22.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.22.2 - infiniband security: Restrict use of the write interface Don Dutile 1332553 1316685 CVE-2016-4565 3.10.0-327.22.1 - mm mmunotifier: fix memory corruption Jerome Glisse 1335727 1307042 - misc cxl: Increase timeout...
openssl security update
1.0.1e-42.4 - fix CVE-2016-0702 - side channel attack on modular exponentiation - fix CVE-2016-0705 - double-free in DSA private key parsing - fix CVE-2016-0797 - heap corruption in BNhex2bn and BNdec2bn 1.0.1e-42.3 - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement - disable SSLv2 in the generi...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-68.3.5 - KVM: x86: SYSENTER emulation is broken Nadav Amit Orabug: 21502739 CVE-2015-0239 CVE-2015-0239 - fs: take imutex during preparebinprm for setugid executables Jann Horn Orabug: 21502254 CVE-2015-3339 - eCryptfs: Remove buggy and unnecessary write in file name decode...
kernel security and bug fix update
2.6.32-504.3.3 - x86 traps: stop using IST for SS Petr Matousek 1172810 1172811 CVE-2014-9322 2.6.32-504.3.2 - md dm-thin: fix pooliohints to avoid looking at maxhwsectors Mike Snitzer 1161420 1161421 1142773 1145230 2.6.32-504.3.1 - s390 zcrypt: toleration of new crypto adapter hardware Hendrik...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-300.4.1.el6uek - pci intel-iommu: Default to non-coherent for domains unattached to iommus Joe Jin - dm do not forward ioctls from logical volumes to the underlying device Joe Jin CVE-2011-4127 - block fail SCSI passthrough ioctls on partition devices Joe Jin CVE-2011-4127 - blo...
httpd security and bug fix update
2.2.15-9.0.1.el61.3 - replace index.html with Oracle's index page - update vstring in specfile 2.2.15-9.3 - add security fixes for CVE-2011-3347, CVE-2011-3368 743901 - fix regressions in CVE-2011-3192 patch 736592...
kernel security and bug fix update
2.6.32-71.14.1.0.1.el6 - replace Red Hat with Oracle in files genkey and kernel.spec 2.6.32-71.14.1.el6 - kvm x86: zero kvmvcpuevents-interrupt.pad Marcelo Tosatti 665471 665409 CVE-2010-4525 2.6.32-71.13.1.el6 email6.RHSA-2011-0007 178L, 11970C written - scsi lpfc: Fixed crashes for NULL pnode...
kernel security update
2.6.18-194.11.4.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina Yang orabug...
firefox security update
firefox: 3.0.19-1.0.1.el55 - Update firstrun and homepage URLs in specfile - Added patch oracle-firefox-branding.patch - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding RedHat ones 3.0.19-1 - Update to 3.0.19 xulrunner: 1.9.0.19-1.0.1.el55...
kernel security and bug fix update
2.6.9-89.0.23.0.1 - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
libtasn1 security update
4.13.0-5 - Backport the fix for CVE-2024-12133...
openssh security update
7.4p1-23.0.3fips - Change Epoch from 1 to 10 - Enable fips KDF POST Orabug: 32461750 - Disable diffie-hellman-group-exchange-sha256 KEX FIPS method Orabug: 32461739 7.4p1-23.0.3 - add KEXINITIAL flag Orabug: 36160445 - implement 'strict key exchange' CVE-2023-48795Orabug: 36160445...
virt:kvm_utils1 security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libvirt 5.7.0-41 - qemumonitor: Add defensive protection on mon-msg Wim ten Have Orabug: 35699260 - vircpi: Add PCIe 5.0 and 6.0 link speeds Michal Privoznik Orabug: 35496776 - qemuProcessSetupVcpusVnuma: add NULL check for def-cpu Shaleen...
libreoffice security update
6.4.7.2-12.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:6.4.7.2-12 - Resolves: rhbz2134752 CVE-2022-26305 Untrusted Macros - Resolves: rhbz2134751 CVE-2022-26307 Weak Master Keys -...