8998 matches found
nss security update
3.67.0-7 - Fix CVE 2021 43527...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.507.7.6.el7 - fuse: fix live lock in fuseiget Amir Goldstein Orabug: 33406810 CVE-2021-28950 - block: workaround to avoid self-deadlock in delgendisk Junxiao Bi Orabug: 33406819 - net: bonding: add new option arpallslaves for arpiptarget Venkat Venkatsubra Orabug: 33406814 - net/mlx5...
Unbreakable Enterprise kernel security update
5.4.17-2102.205.7.2 - btrfs: fix race between marking inode needs to be logged and log syncing Filipe Manana Orabug: 33349276 5.4.17-2102.205.7.1 - RDMA/cma: Revert INIT-INIT patch Mike Marciniszyn Orabug: 33306518 5.4.17-2102.205.7 - rds: ib: Set SENDSIGNALED on the last WR posted Hakon Bugge...
bind security update
32:9.11.26-4 - Possible assertion failure on DNAME processing CVE-2021-25215...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.503.1.el7 - bpf, x86: Validate computation of branch displacements for x86-64 Piotr Krysiuk Orabug: 32759961 CVE-2021-29154 - uek-rpm: Add Amazon Elastic Network Adapter module to nano rpm. Somasundaram Krishnasamy Orabug: 32781585 - ext4: handle error of ext4setupsystemzone on remou...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.501.2.el7 - scsi: iscsi: Verify lengths on passthrough PDUs Chris Leech Orabug: 32634994 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi: Ensure sysfs attributes are limited to PAGESIZE Chris Leech Orabug: 32634994 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi...
grub2 security update
2.02-0.87.0.7 - Fix CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 Orabug: 32530657 - Fix various coverity issues Orabug: 32530657 - Add SBAT metadata to grubx64.efi Orabug: 32530657 2.02-0.87.0.5 - Use similar format for menu entry in gru...
Unbreakable Enterprise kernel-container security update
4.14.35-2025.405.3.el7 - Revert 'rds: Deregister all FRWR mr with freemr' aru kolappan Orabug: 32426280 4.14.35-2025.405.2.el7 - nfs: Fix security label length not being reset Jeffrey Mitchell Orabug: 32350995 4.14.35-2025.405.1.el7 - net/rds: Fix gfpt parameter Hans Westgaard Ry Orabug: 32372162...
python3 security update
3.6.8-18.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-18 - Avoid infinite loop when reading specially crafted TAR files CVE-2019-20907 Resolves: rhbz1856481 - Resolve hash collisions for Pv4Interface and IPv6Interface CVE-2020-14422 Resolves: rhbz1854926...
python38:3.8 security, bug fix, and enhancement update
...
oniguruma security update
6.8.2-2 - Fix CVE-2019-13225 Resolves: 1771052...
webkitgtk4 security, bug fix, and enhancement update
2.28.2-2 - Resolves: rhbz1817144 Rebuild to support ppc and s390 2.28.2-1 - Resolves: rhbz1817144 Rebase to 2.28.2...
grub2 security update
2.02-82.0.2.el82.1 - Fix CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707 Orabug: 31225072 - Update signing certificate for efi binaries...
ipmitool security update
1.8.15-3 - Backport fix for CVE-2020-5208...
icu security update
4.2.1-15 - Apply icu.13634.integer.overflow.patch - Apply icu.20958.segv.mapper.patch - Resolves: rhbz1809876...
Unbreakable Enterprise kernel security update
4.1.12-124.36.4 - KVM: nVMX: Check IO instruction VM-exit conditions Oliver Upton Orabug: 30944739 CVE-2020-2732 - KVM: nVMX: Refactor IO bitmap checks into helper function Oliver Upton Orabug: 30944739 CVE-2020-2732 - KVM: nVMX: Don't emulate instructions in guest mode Paolo Bonzini Orabug:...
go-toolset:ol8 security update
go-toolset 1.12.12-1 - Update for golang package fixes 1.12.12-1 - Bump version to 1.12.12 golang 1.12.12-4.0.1 - from upstream https://github.com/golang/go/issues/2775 - move arbitrary value 10% to 15% for GC tests, hits 10.48% on our - infrastructure - Resolves failing post build tests Orabug:...
tcpdump security update
14:4.9.2-4.1 - Resolves: 1761349 - CVE-2018-19519 tcpdump: Stack-based buffer over-read in print-hncp.c...
dovecot security update
1:2.0.9-22.1 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1752708...
samba security, bug fix, and enhancement update
4.9.1-6 - related: 1703204 - Fix printing with smbspool as CUPS backend 4.9.1-5 - resolves: 1703204 - Fix smbspool krb5 authentication 4.9.1-4 - resolves: 1690222 - Fix --max-protocol documentation of smbclient - resolves: 1518353 - Fix 'net ads join -Uadmin@forestdomain' - resolves: 1696524 - Fi...
python3 security update
3.6.8-2.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-2 - Security fix for CVE-2019-9636 rhbz1693973...
Unbreakable Enterprise kernel security update
2.6.39-400.305.1 - ipv6: tcp: add rcu locking in tcpv6sendsynack Eric Dumazet Orabug: 25059185 CVE-2016-3841 - ipv6: add complete rcu protection around np-opt Eric Dumazet Orabug: 25059185 CVE-2016-3841 - scsi: qla2xxx: Fix an integer overflow in sysfs code Dan Carpenter Orabug: 28220492...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.28.1 - udf: Check component length before reading it Jan Kara Orabug: 21193696 CVE-2014-9728 - udf: Verify isize when loading inode Shan Hai Orabug: 21193696 CVE-2014-9728 - intelpstate: Fix overflow in busyscaled due to long delay mridula shastry Orabug: 28005134 - scsi:...
qemu-kvm security update
0.12.1.2-2.503.el69.4 - Fix CVE-2017-5715...
kernel security and bug fix update
3.10.0-693.5.2.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...
samba4 security update
4.2.10-10 - resolves: 1450779 - Security fix for CVE-2017-7494...
qemu-kvm security update
0.12.1.2-2.503.el69.3 - kvm-cirrus-avoid-write-only-variables.patch bz1444377 bz1444379 - kvm-cirrus-stop-passing-around-dst-pointers-in-the-blitt.patch bz1444377 bz1444379 - kvm-cirrus-stop-passing-around-src-pointers-in-the-blitt.patch bz1444377 bz1444379 -...
bind security update
32:9.9.4-38 - Fix CVE-2016-8864 32:9.9.4-37 - Fix CVE-2016-2776 32:9.9.4-36 - Added automatic interface scan functionality 1294506 - Removed NetworkManager dispatcher script since it is not needed any more 1294506 32:9.9.4-35 - Added GeoIP support 1220594 32:9.9.4-34 - Added support for CAA recor...
java-1.8.0-openjdk security update
1:1.8.0.111-0.b15 - added nss restricting requires - Resolves: rhbz1381990 1:1.8.0.111-0.b15 - Turn debug builds on for all JIT architectures. Always AssumeMP on RHEL. - Resolves: rhbz1381990 1:1.8.0.111-0.b15 - Update to aarch64-jdk8u111-b15, with AArch64 fix for S8160591. - Resolves: rhbz138199...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.10 - netfilter: xtables: make sure e-nextoffset covers remaining blob size Florian Westphal Orabug: 24682076 CVE-2016-4997 CVE-2016-4998 - netfilter: xtables: validate e-targetoffset early Florian Westphal Orabug: 24682076 CVE-2016-4997 CVE-2016-4998 4.1.12-61.1.9 -...
kernel security, bug fix, and enhancement update
3.10.0-327.36.1.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.36.1 - x86 Use ptenone to test for empty PTE Larry Woodman 1363860 1347159 - x86 Disallow running with 32-bit PTEs to work around erratum Larry Woodman 1363860 1347159 - x86 Ignore A/D bits in pte/pmd/pudnone Alexander...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.10.2 - tcp: make challenge acks less predictable Eric Dumazet Orabug: 24010012 Orabug: 2401010 CVE-2016-5696 3.8.13-118.10.1 - ocfs2: call ocfs2journalaccessdi before ocfs2journaldirty in ocfs2writeendnolock yangwenfang Orabug: 19601200 - ocfs2: improve recovery performance...
Unbreakable Enterprise kernel security update
2.6.39-400.283.2 - KEYS: potential uninitialized variable Dan Carpenter Orabug: 24393863 CVE-2016-4470...
openssl security update
1.0.1e-51.4 - fix CVE-2016-0702 - side channel attack on modular exponentiation - fix CVE-2016-0705 - double-free in DSA private key parsing - fix CVE-2016-0797 - heap corruption in BNhex2bn and BNdec2bn 1.0.1e-51.3 - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement - disable SSLv2 in the generi...
libldb security update
1.1.13-3.1 - Resolves: rhbz1290712 - CVE-2015-5330 libldb: samba: Remote memory read in Samba LDAP server rhel-7.2.z - Remove the patch from the previous commit, it doesn't fix a remotely eploitable issue. Add patches from upstream 11636 instead...
kernel security and bug fix update
3.10.0-327.3.1.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.3.1 - rebuild 3.10.0-327.2.1 - netdrv macvtap: unbreak receiving of gro skb with frag list Jason Wang 1279794 1273737 - net ipv6: drop frames with attached skb-sk in forwarding Hannes Frederic Sowa 1281701 1243966 - net ipv...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-68.3.2 - x8664, vdso: Fix the vdso address randomization algorithm Andy Lutomirski Orabug: 21226729 CVE-2014-9585 - isofs: Fix infinite looping over CE entries Jan Kara Orabug: 21225975 CVE-2014-9420 - x8664, switchto: Load TLS descriptors before switching DS and ES Andy...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.5 - x8664, vdso: Fix the vdso address randomization algorithm Andy Lutomirski Orabug: 21226731 CVE-2014-9585 - isofs: Fix infinite looping over CE entries Jan Kara Orabug: 21225977 CVE-2014-9420 - x8664, switchto: Load TLS descriptors before switching DS and ES Andy...
Unbreakable Enterprise kernel security update
2.6.39-400.249.4 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930552 CVE-2014-9584 - selinux: Permit bounded transitions under NONEWPRIVS or NOSUID. Stephen Smalley Orabug: 20930502 CVE-2014-3215 - Add PRGET,SETNONEWPRIVS to prevent execve from granting privs Andy Lutomirski...
Unbreakable Enterprise kernel security and bugfix update
2.6.39-400.246.2 - net: sctp: fix NULL pointer dereference in af-fromaddrparam on malformed packet Daniel Borkmann Orabug: 20425333 CVE-2014-7841 2.6.39-400.246.1 - sched: Fix possible divide by zero in avgatom calculation Mateusz Guzik Orabug: 20148169 - include/linux/math64.h: add div64ul Alex...
kernel security and bug fix update
3.10.0-123.13.1 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.13.1 - powerpc mm: Make sure a localirqdisable prevent a parallel THP split Don Zickus 1151057 1083296 - powerpc Implement getuserpagesfast Don Zickus 1151057 1083296 - scsi vmwpvscsi: Some improvements in pvscsi driver Ewan...
php53 and php security update
5.3.3-27.1 - core: type confusion issue in phpinfo. CVE-2014-4721 - date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712 - core: fix heap-based buffer overflow in DNS TXT record parsing. CVE-2014-4049 - core: unserialize SPL ArrayObject / SPLObjectStorage type confusion flaw...
httpd security update
2.2.15-31.0.1.el65 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-31 - modcgid: add security fix for CVE-2014-0231 - moddeflate: add security fix for CVE-2014-0118 - modstatus: add security fix for CVE-2014-0226...
kernel security update
3.10.0-123.1.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.1.2 - tty ntty: Fix nttywrite crash when echoing in raw mode Aristeu Rozanski 1094241 1094242 CVE-2014-0196...
kernel security and bug fix update
2.6.32-431.20.3 - kernel futex: Make lookuppistate more robust Jerome Marchand 1104516 1104517 CVE-2014-3153 - kernel futex: Always cleanup owner tid in unlockpi Jerome Marchand 1104516 1104517 CVE-2014-3153 - kernel futex: Validate atomic acquisition in futexlockpiatomic Jerome Marchand 1104516...
sssd security and bug fix update
1.5.1-70 - Fix IPA provider performance issue when storing large host groups - Resolves: rhbz979047 - sssdbe goes to 99% CPU and causes significant login delays when client is under load 1.5.1-69 - Fix startup with a broken configuration - Resolves: rhbz974036 - sssd core process keeps running...
Unbreakable Enterprise kernel security update
2.6.39-300.28.1 - kmod: make requestmodule killable Oleg Nesterov Orabug: 16286305 CVE-2012-4398 - kmod: introduce callmodprobe helper Oleg Nesterov Orabug: 16286305 CVE-2012-4398 - usermodehelper: implement UMHKILLABLE Oleg Nesterov Orabug: 16286305 CVE-2012-4398 - usermodehelper: introduce...
java-1.6.0-openjdk security update
1:1.6.0.0-1.28.1.10.10.0.1.el58 - Add oracle-enterprise.patch 1:1.6.0.0-1.28.1.10.10 - Updated to IcedTea6 1.10.10 - Resolves rhbzs 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 865519, 865531, 865541, 865568...
Unbreakable Enterprise kernel security and bug fix update
2.6.32-300.21.1.el6uek - regset: Return -EFAULT, not -EIO, on host-side memory fault H. Peter Anvin CVE-2012-1097 - regset: Prevent null pointer reference on readonly regsets H. Peter Anvin CVE-2012-1097 - cifs: fix dentry refcount leak when opening a FIFO on lookup Jeff Layton CVE-2012-1090 -...
kernel security, bug fix, and enhancement update
2.6.32-220.13.1.el6 - Revert: fs NFSv4: include bitmap in nfsv4 get acl data Sachin Prabhu 753231 753232 CVE-2011-4131 2.6.32-220.12.1.el6 - net netsched: qdiscallochandle can be too slow Jiri Pirko 805458 785891 - fs procfs: add hidepid= and gid= mount options Jerome Marchand 770651 770652 - fs...