8998 matches found
java-11-openjdk security update
1:11.0.12.0.7-0 - Update to jdk-11.0.12.0+7 - Update release notes to 11.0.12.0+7 - Switch to GA mode for final release. - This tarball is embargoed until 2021-07-20 @ 1pm PT. - Resolves: rhbz1972395 1:11.0.12.0.6-0.0.ea - Update to jdk-11.0.12.0+6 - Update release notes to 11.0.12.0+6 - Switch t...
libwebp security update
1.0.0-3 - Added fixes for rhbz1956829, rhbz1956843, rhbz1956919...
thunderbird security update
78.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.8.0-1 - Update to 78.8.0 build1...
prometheus-jmx-exporter security update
0.12.0-6 - Fix CVE-2017-18640 by using updated snakeyaml...
Unbreakable Enterprise kernel security update
5.4.17-2036.100.6.1.el8uek - powercap: restrict energy meter to root access Kanth Ghatraju Orabug: 32040802 CVE-2020-8694 CVE-2020-8695 - KVM: ioapic: break infinite recursion on lazy EOI Vitaly Kuznetsov Orabug: 32066585 CVE-2020-27152 CVE-2020-27152 - x86/mitigations: Restore paranoid checks fo...
bind security, bug fix, and enhancement update
32:9.11.20-5 - Fix tsig-request verify CVE-2020-8622 - Prevent PKCS11 daemon crash on crafted packet CVE-2020-8623 - Correct update-policy type subdomain to match documentation CVE-2020-8624 - Include available test 32:9.11.20-4 - Prevent crash on dstlib initialization failure 1859454 32:9.11.20-...
python3 security and bug fix update
3.6.8-31.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-31 - Avoid infinite loop when reading specially crafted TAR files CVE-2019-20907 Resolves: rhbz1856481 - Resolve hash collisions for Pv4Interface and IPv6Interface CVE-2020-14422 Resolves: rhbz1854926 3.6.8-30 -...
php security update
5.4.16-48 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043 5.4.16-47 - fix stack-buffer-overflow while parsing HTTP response CVE-2018-7584 - fix out-of-bounds read in base64decodexmlrpc CVE-2019-9024 - fix reflected XSS in phar 404 page CVE-2018-5712 - fix reflected XSS in phar 403 and...
firefox security update
68.5.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file Fri Feb 07 2020 Jan Horak - Update to 68.5.0 build2 Wed Feb 05 2020 Jan Horak - Update to 68.5.0 build...
openssh security, bug fix, and enhancement update
8.0p1-3 + 0.10.3-7 - Fix typos in manual pages 1668325 - Use the upstream support for PKCS8 PEM files alongside with the legacy PEM files 1712436 - Unbreak ssh-keygen -A in FIPS mode 1732424 - Add missing RSA certificate types to offered hostkey types in FIPS mode 1732449 8.0p1-2 + 0.10.3-7 - All...
kernel security and bug fix update
4.18.0-80.1.20.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.1.20 - arm64 arm64/speculation: Support 'mitigations=' cmdline opti...
firefox security update
60.8.0-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one...
Unbreakable Enterprise kernel security update
2.6.39-400.304.1 - mnt: Prevent pivotroot from creating a loop in the mount tree Eric W. Biederman Orabug: 26575709 CVE-2014-7970 CVE-2014-7970 - vfs: more mntparent cleanups Al Viro Orabug: 26575709 CVE-2014-7970 - vfs: new internal helper: mnthasparentmnt Al Viro Orabug: 26575709 CVE-2014-7970 ...
openssh security, bug fix, and enhancement update
7.4p1-16 + 0.10.3-2 - Fix for CVE-2017-15906 1517226 7.4p1-15 + 0.10.3-2 - Do not hang if SSH AuthorizedKeysCommand output is too large 1496467 - Do not segfault pamsshagentauth if keyfile is missing 1494268 - Do not segfault in audit code during cleanup 1488083 - Add WinSCP 5.10+ compatibility...
kernel security and bug fix update
3.10.0-693.5.2.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...
kernel security and bug fix update
3.10.0-693.1.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.1.1 - fs dentry name snapshots Miklos Szeredi 1471131 1470403 CVE-2017-7533 -...
tomcat security update
0:7.0.69-11 - Resolves: rhbz1413591 CVE-2016-8745 tomcat: information disclosure due to incorrect Processor sharing - Resolves: rhbz1402662 CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests...
qemu-kvm security and bug fix update
0.12.1.2-2.503.el6 - kvm-cirrus-fix-patterncopy-checks.patch bz1420487 bz1420489 - kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch bz1420487 bz1420489 - kvm-cirrus-add-blitisunsafe-call-to-cirrusbitbltcput.patch bz1420487 bz1420489 - Resolves: bz1420487 EMBARGOED CVE-2017-2620...
Unbreakable Enterprise kernel security update
2.6.39-400.290.2 - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060055 CVE-2016-6480 CVE-2016-6480 - audit: fix a double fetch in auditlogsingleexecvearg Paul Moore Orabug: 25059962 CVE-2016-6136 - ecryptfs: don't allow mmap when the lower fs doesn't support it...
samba and samba4 security, bug fix, and enhancement update
ipa 4.2.0-15.0.1.6.1 - Drop redhat-access-plugin-ipa requires for OL7 Blank out header-logo.png product-name.png Replace login-screen-logo.png 20362818 4.2.0-15.6.1 - Rebuild against newer Samba version - Related: 1322690 libldb 1.1.25-1 - Rebase libldb to 1.1.25 - Related: rhbz1322690 libtalloc...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.2.2 - KVM: svm: unconditionally intercept DB Paolo Bonzini Orabug: 22333698 CVE-2015-8104 - KVM: x86: work around infinite loop in microcode when AC is delivered Eric Northup Orabug: 22333689 CVE-2015-5307 CVE-2015-5307 - KVM: x86: Defining missing x86 vectors Nadav Amit...
jakarta-commons-collections security update
0:3.2.1-3.5 - Fix Java object de-serialization vulnerability - Resolves: CVE-2015-7501...
java-1.7.0-openjdk security update
1:1.7.0.85-2.6.1.3.0.1 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Oracle Linux' 1:1.7.0.85-2.6.1.3 - Check return value of gioinit in gsettingsinit and return false if necessary. - Re-enable the use of system GConf. - Only ifdef gtypeinit&gfree if USESYSTEMGIO and USESYSTEMGCONF are...
kernel security and bug fix update
2.6.32-504.16.2 - infiniband core: Prevent integer overflow in ibumemget address arithmetic Doug Ledford 1181173 1179327 CVE-2014-8159 2.6.32-504.16.1 - fs gfs2: Move gfs2filesplicewrite outside of ifdef Robert S Peterson 1198329 1193559 - security keys: close race between key lookup and freeing...
kernel security and bug fix update
kernel 2.6.18-402.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...
kernel security and bug fix update
3.10.0-123.13.1 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.13.1 - powerpc mm: Make sure a localirqdisable prevent a parallel THP split Don Zickus 1151057 1083296 - powerpc Implement getuserpagesfast Don Zickus 1151057 1083296 - scsi vmwpvscsi: Some improvements in pvscsi driver Ewan...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-44.1.3.el7uek - ALSA: control: Don't access controls outside of protected regions Lars-Peter Clausen Orabug: 19817785 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 - ALSA: control: Fix replacing user controls Lars-Peter Clausen Orabug: 19817747 CVE-2014-4653 CVE-2014-4654...
java-1.7.0-openjdk security update
1.7.0.65-2.5.1.2.0.1.el510 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.65-2.5.1.2 - added and applied fix for samrtcard io patch405, pr1864smartcardIO.patch - Resolves: rhbz1115872 1.7.0.65-2.5.1.1.el5 - updated to security patched icedtea7-forest 2.5.1 - Resolves:...
java-1.6.0-openjdk security update
1:1.6.0.1-3.1.13.0 - updated to icedtea 1.13.1 - http://blog.fuseyism.com/index.php/2014/01/23/security-icedtea-1-12-8-1-13-1-for-openjdk-6-released/ - updated to jdk6, b30, 21jan2014 - https://openjdk6.java.net/OpenJDK6-B30-Changes.html - adapted patch7 1.13fixes.patch - pre 2011 changelog moved...
php53 and php security update
5.3.3-27 - add security fix for CVE-2013-6420...
kernel security and bug fix update
2.6.32-358.6.1 - virt kvm: accept unaligned MSRKVMSYSTEMTIME writes Petr Matousek 917020 917021 CVE-2013-1796 - char tty: hold lock across tty buffer finding and buffer filling Prarit Bhargava 928686 901780 - net tcp: fix for zero packetsinflight was too broad Thomas Graf 927309 920794 - net tcp:...
kernel security and bug fix update
2.6.32-358.2.1 - kernel utrace: ensure archptrace/ptracerequest can never race with SIGKILL Oleg Nesterov 912073 912074 CVE-2013-0871 2.6.32-358.1.1 - netdrv mlx4: Set number of msix vectors under SRIOV mode to firmware defaults Michal Schmidt 911663 904726 - netdrv mlx4: Fix bridged vSwitch...
Oracle Linux 6 kernel security and bugfix update
2.6.32-358.el6 - fs Fix sget race with failing mount Eric Sandeen 883276 2.6.32-357.el6 - virt xen: Fix stack corruption in xenfailsafecallback for 32bit PVOPS guests Andrew Jones 896050 CVE-2013-0190 - block sgio: use different default filters for each device class Paolo Bonzini 875361...
kernel security and bug fix update
2.6.18-308.11.1.el5 - net ixgbe: remove flow director stats Andy Gospodarek 832169 830226 - net ixgbe: fix default return value for ixgbecacheringfdir Andy Gospodarek 832169 830226 - net ixgbe: reverting setup redirection table for multiple packet buffers Andy Gospodarek 832169 830226...
php security update
5.3.3-14 - add security fix for CVE-2010-2950 5.3.3-13 - fix tests for CVE-2012-2143, CVE-2012-0789 5.3.3-12 - add fix for CVE-2012-2336 5.3.3-11 - add security fixes for CVE-2012-0781, CVE-2011-4153, CVE-2012-0057, CVE-2012-0789, CVE-2012-1172, CVE-2012-2143, CVE-2012-2386 5.3.3-9 - correct...
php53 security update
5.3.3-13 - add security fix for CVE-2010-2950 5.3.3-11 - fix tests for CVE-2012-2143, CVE-2012-0789 5.3.3-10 - add security fix for CVE-2012-2336 5.3.3-9 - add security fixes for CVE-2011-4153, CVE-2012-0057, CVE-2012-0789, CVE-2012-1172, CVE-2012-2143, CVE-2012-2386...
kernel security and bug fix update
2.6.18-238.9.1.0.1.el5 - scsi fix scsi hotplug and rescan race orabug 10260172 - fix filpclose race Joe Jin orabug 10335998 - fix missing aiocomplete in endio Joel Becker orabug 10365195 - make xenkbd.abspointer=1 by default orabug 67188919 - xen check to see if hypervisor supports memory...
mailman security update
3:2.1.12-14.2 - fix 677848 - fixed build problem without brew 3:2.1.12-14.1 - fix 677848 - fixed CVE-2010-3089 and CVE-2011-0707...
freetype security update
2.3.11-6.el60.2 - Add freetype-2.3.11-CVE-2010-3855.patch Protect against invalid runcnt values. - Resolves: 651761 2.3.11-6.el60.1 - Add freetype-2.3.11-CVE-2010-2805.patch Fix comparison. - Add freetype-2.3.11-CVE-2010-2806.patch Protect against negative stringsize. Fix comparison. - Add...
firefox security update
devhelp: 0.12-17 - Rebuild against xulrunner firefox: 3.0-2.0.1.el5 - Replaced the RedHat prefs and bookmarks with Oracle prefs and bookmarks - Add patch oracle-firefox-branding.patch 3.0-2 - Fixed firstrun homepage issue 3.0-1 - Update to Firefox 3 Final xulrunner: 1.9-1.0.1.el5 - Added...
kernel security and bug fix update
2.6.18-53.1.19.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki ORA 6045759 - NET Fix msi issue with kexec/kdump Michael Chan ORA 6219364 - MM Fix allocpagesnode static nid' race made kernel crash Joe Jin ORA 6187457 - splice Fix bad unlockpage in error case Jens Axboe ORA 6263574...
ruby:3.3 security update
ruby 3.3.8-4 - Upgrade to Ruby 3.3.8. Resolves: RHEL-86933 - Fix Net::IMAP vulnerable to possible DoS by memory exhaustion. CVE-2025-25186 - Fix Denial of Service in CGI::Cookie.parse. CVE-2025-27219 Resolves: RHEL-87182 - Fix userinfo leakage in URIjoin, URImerge and URI+. CVE-2025-27221...
edk2 security update
1.7.1 - Create new 1.7.1 release for OL7 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK2: In the Linux kernel...
httpd:2.4 security update
httpd 2.4.37-65.2.0.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-65.2 - Resolves: RHEL-46040 - httpd:2.4/httpd: Security issues via backend applications whose response headers are malicious or exploitable CVE-2024-38476 - Resolves: RHEL-53022 - Regression introduced by...
bind9.16 security update
32:9.16.23-0.16.2 - Prevent crashing at masterformat system test CVE-2023-6516 32:9.16.23-0.16.1 - Prevent increased CPU load on large DNS messages CVE-2023-4408 - Prevent assertion failure when nxdomain-redirect is used with RFC 1918 reverse zones CVE-2023-5517 - Prevent assertion failure if DNS...
nodejs:20 security update
nodejs 1:20.11.1-1 - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 high - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 medium nodejs-nodemon nodejs-packaging...
conmon security update
conmon 2.1.3-8 - address CVE-2023-39326 cri-o 1.26.4-1 - Added Oracle Specific Files for cri-o - Cherry-picked upstream commits for OCPBUGS-17150: oci: simplify stopping code https://github.com/cri-o/cri-o/pull/7185 - Fixed CVE-2023-39325: bump golang.org/x/net to v0.17.0 cri-tools 1.26.1-4 -...
python3.9 security update
3.9.18-1 - Update to 3.9.18 - Security fix for CVE-2023-40217 Resolves: RHEL-3043 3.9.17-2 - Fix symlink handling in the fix for CVE-2023-24329 Resolves: rhbz263261 3.9.17-1 - Update to 3.9.17 - Security fix for CVE-2023-24329 Resolves: rhbz2173917 3.9.16-2 - Add filters for tarfile extraction...
sssd security and bug fix update
1.16.5-10.0.3 - Revert Redhat's change of disallowing duplicated incomplete gid when 'idprovider=ldap' is used, which caused regression in AD environment. Orabug: 29286774 Doc ID 2605732.1 1.16.5-10.15 - Resolves: rhbz2149703 - smartcards: special characters must be escaped when building search...
java-17-openjdk security, bug fix, and enhancement update
1:17.0.4.0.8-0.2.ea - Add rpminspect.yaml to turn off Java bytecode inspections - java-17-openjdk deliberately produces Java 17 bytecode, not the default Java 11 bytecode - Resolves: rhbz2109106 1:17.0.4.0.8-0.2.ea - Revert the following changes until copy-java-configs has adapted to relative...