8998 matches found
httpd security update
2.2.15-9.0.1.el61.2 - replace index.html with Oracle's index page - update vstring in specfile 2.2.15-9.2, - updated patch for CVE-2011-3192 from upstream 733062 2.2.15-9.1 - fix 733062 - backported CVE-2011-3192 fix from httpd trunk...
firefox security update
firefox: 3.6.17-1.0.1.el60 - Added firefox-oracle-default-prefs.js and removed firefox-redhat-default-prefs.js 3.6.17-1 - Update to 3.6.17 xulrunner: 1.9.2.17-4.0.1.el60 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 1.9.2.17-4 - Rebuild 1.9.2.17-3 - Update to...
krb5 security update
1.6.1-36.el55.4 - add candidate patch to correct KDC null pointer dereference which could be triggered by malformed client requests CVE-2010-1321, 583703 1.6.1-36.el55.3 - add upstream patch to fix a few use-after-free bugs, including one in kadmind CVE-2010-0629, 578185...
tomcat security update
5.5.23-0jpp.7.2 - Actually add the patch files this time Resolves: rhbz427779 Resolves: rhbz504758 Resolves: rhbz503980 Resolves: rhbz504162 5.5.23-0jpp.7.2 - add patch for CVE-2007-5333 Resolves: rhbz427779 - add patch for CVE-2008-5515 Resolves: rhbz504758 - add patch for CVE-2009-0033 - add...
php security update
5.1.6-20.el52.1 - add security fixes for CVE-2007-5898, CVE-2007-4782, CVE-2007-5899, CVE-2008-2051, CVE-2008-2107, CVE-2008-2108 445923...
Important: krb5 security update
1.5-29 - update to revised patch for CVE-2007-3999...
nginx:1.24 security update
1.24.0-5.1.0.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 1:1.24.0-5.1 - Resolves: RHEL-146526 - nginx:1.24/nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 1:1.24.0-5 - Resolves:...
kernel security update
2.6.32-754.53.1.OL6 - net/sched: schqfq: refactor parsing of netlink parameters Orabug: 36517546 - net/sched: schqfq: account for stab overhead in qfqenqueue CVE-2023-3611 Orabug: 36517546 - net/sched: clsfw: Fix improper refcount update leads to use-after-free CVE-2023-3776 Orabug: 36517546 - ne...
olcne security update
conmon 2.1.3-7 - Resolve CVE-2023-39325 2.1.3-6 - Add ol8baseoslatest, and ol9baseoslatest, to Jenkinsfile 2.1.3-5 - Add systemd-devel as build requirement 2.1.3-4 - Add support ARM build 2.1.3.3 - Add OL9 support 2.1.3.2 - Update inline with Linux team building conmon for all but OL7. cri-o...
qemu-kvm security, bug fix, and enhancement update
8.0.0-16.el93 - kvm-migration-Add-migration-prefix-to-functions-in-targe.patch bz2229868 - kvm-migration-Move-more-initializations-to-migrateinit.patch bz2229868 - kvm-migration-Add-.saveprepare-handler-to-struct-SaveVM.patch bz2229868 -...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.320.7.el7 - selftests: fibtests: mute cleanup error message Po-Hsu Lin - KVM: arm64: PMU: Align chained counter implementation with architecture pseudocode Marc Zyngier Orabug: 35449815 - KVM: arm64: Filter out v8.1+ events on v8.0 HW Marc Zyngier Orabug: 35449815 - KVM: arm64: Add...
bind security update
32:9.11.36-5 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178 32:9.11.36-4 - Tighten cache protection against record from forwarders CVE-2021-25220 - Include test of forwarders 32:9.11.36-2 - Reduce memory used per-view on...
httpd security update
2.4.51-7.0.2 - modproxy: approxyhttprequest to clear hop-by-hop first and fixup last CVE-2022-31813Orabug: 34381949...
libvirt libvirt-python security update
libvirt 5.7.0-34.el7 - qemu: blockcopy: Allow late opening of the backing chain of a shallow copy Peter Krempa Orabug: 33091019 - qemu: capabilities: Introduce QEMUCAPSBLOCKDEVSNAPSHOTALLOWWRITEONLY Peter Krempa Orabug: 33091019 - qemuDomainBlockCopyCommon: Record updated flags to block job Peter...
qemu-kvm security and bug fix update
6.2.0-11.el90.3 - kvm-RHEL-disable-seqpacket-for-vhost-vsock-device-in-rhe.patch bz2071102 - kvm-virtio-net-fix-map-leaking-on-error-during-receive.patch bz2075635 - kvm-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch bz2075640 - Resolves: bz2071102 RHEL 9.0 guest with vsock device...
olcne security update
1.4.5-1 - Address qemu CVE-2022-26353, CVE-2021-3748...
Unbreakable Enterprise kernel security update
...
openssl security update
1.0.2k-24.0.3 - fix CVE-2022-0778 - possible infinite loop in BNmodsqrt...
samba security and bug fix update
4.10.16-18 - resolves: 2034800 - Fix usermap script regression caused by CVE-2020-25717 - resolves: 2036595 - Fix MIT realm regression caused by CVE-2020-25717 - resolves: 2046148 - Fix CVE-2021-44142...
kernel security and bug fix update
3.10.0-1160.53.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...
gcc-toolset-11-gcc security update
11.2.1-1.2.0.1 - Add -ftrivial-auto-var-init support from GCC12 Reviewed-by: Jose E. Marchesi - Add CTF/BTF support Reviewed-by: Qing Zhao 11.2.1-1.2 - add -Wbidirectional patch 2017819...
nodejs:14 security and bug fix update
nodejs 1:14.17.5-1 - Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, - CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672 - Resolves RHBZ1847529 make FIPS always available - Resolves: RHBZ1988599, RHBZ1994000, RHBZ1993998, RHBZ1993095 - Resolves: RHBZ1994028,...
kernel security and bug fix update
3.10.0-1160.36.2.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...
nss security and bug fix update
3.53.1-7 - Fix HSM load failure because of CKOProfile - Allow builds with strict-proto 3.53.1-6 - Update to CVE 2020-256423 TLS flood DOS attack patch. 3.53.1-5 - Fix CVE 2020-256423 TLS flood DOS Attack. 3.53.1-4 - Fix deadlock issue - Fix 3 FTBS issues, 2 expired certs, one semantic change in...
firefox security update
78.8.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.8.0-1 - Update to 78.8.0 build2 78.7.1-1 - Update to 78.7.1 78.7.0-3 - Fixing install prefix for th...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.53.1 - Fonts: Support FONTEXTRAWORDS macros for built-in fonts Peilin Ye Orabug: 32176267 - fbdev, newportcon: Move FONTEXTRAWORDS macros into linux/font.h Peilin Ye Orabug: 32176267 CVE-2020-28915 - vt: Disable KDFONTOPCOPY Daniel Vetter Orabug: 32187751 CVE-2020-28974...
firefox security update
78.5.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.5.0-1 - Update to 78.5.0 build1...
firefox security update
78.4.1-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.4.1-1 - Update to 78.4.1 78.4.0-3 - Fixing flatpak build, fixing firefox.sh.in to not disable langpacks loading 78.4.0-2 - Enable addon sideloading 78.4.0-1 - Update to...
qt and qt5-qtbase security update
qt 1:4.8.7-9 - Fix buffer overflow in XBM parser Resolves: bz1870297 qt5-qtbase 5.9.7-5 - Fix buffer overflow in XBM parser Resolves: bz1870365...
libssh security, bug fix, and enhancement update
0.9.4-2 - Do not return error when server properly closed the channel 1849071 - Add a test for CVE-2019-14889 - Do not parse configuration file in tortureknownhosts test 0.9.4-1 - Update to version 0.9.4 https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/ - Fixed...
microcode_ctl security, bug fix and enhancement update
2:2.1-61.6.0.1 - update 06-2d-07 to 0x71a - update 06-55-04 to 0x2006906 - update 06-55-07 to 0x5002f01 - for Intel, do not trigger load if on-disk microcode is not an update Orabug: 30634727 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 - do not late...
java-1.8.0-openjdk security update
1:1.8.0.252.b09-2 - Add release notes. - Resolves: rhbz1810557 1:1.8.0.252.b09-1 - Make use of --with-extra-asflags introduced in jdk8u252-b01. - Resolves: rhbz1810557 1:1.8.0.252.b09-0 - Update to aarch64-shenandoah-jdk8u252-b09. - Switch to GA mode for final release. - Resolves: rhbz1810557...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.43.1 - media: b2c2-flexcop-usb: add sanity checking Oliver Neukum Orabug: 30864534 CVE-2019-15291...
sudo security update
1.8.6p3-29.0.1.el610.3 - Fixes OraBug: 28747380 sudo does not honor envkeep-='KRB5CCNAME' after 'sudo -k' [email protected] 1.8.6p3-29.3 - RHEL-6.10.z ERRATUM - fixed CVE-2019-18634 Resolves: rhbz1799018 1.8.6p3-29.2 - RHEL-6.10.z ERRATUM - fixed CVE-2019-14287 Resolves: rhbz1760684...
.NET Core on Red Hat Enterprise Linux security and bug fix update
102-2.0.1.el81 - support OL release scheme 3.0.102-2 - Fix prebuilts leaking into the final build - Fix regressions in binary hardering - Resolves: RHBZ1788171 3.0.102-1 - Update to .NET Core Runtime 3.0.2 and SDK 3.0.102 - Resolves: RHBZ1788171...
ghostscript security update
9.25-5.1 - 1769342 - CVE-2019-14869 ghostscript: -dSAFER escape in .charkeys...
qt5 security, bug fix, and enhancement update
qt5-qt3d 5.9.7-1 - Update to 5.9.7 Resolves: bz1564024 qt5-qtbase 5.9.7-1 - Enable -doc subpkg on PPC Resolves: bz1564000 5.9.7-1 - Update to 5.9.7 Resolves: bz1564000 qt5-qtcanvas3d 5.9.7-1 - Update to 5.9.7 Resolves: bz1564001 qt5-qtconnectivity 5.9.7-1 - Update to 5.9.7 Resolves: bz1564002...
python security update
2.7.5-80.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-80 - Security fix for CVE-2019-10160 Resolves: rhbz1718401...
flatpak security update
1.0.2-5 - Fix IOCSTI sandbox bypass 1700651...
389-ds-base security and bug fix update
1.3.7.5-28 - Bump version to 1.3.7.5-28 - Resolves: Bug 1628676 - 389-ds-base: race condition on reference counter leads to DoS using persistent search - Resolves: Bug 1628677 - Crash in deletepasswdPolicy when persistent search connections are terminated unexpectedly 1.3.7.5-27 - Bump version to...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.2 - x86: Add another set of MSR accessor functions Borislav Petkov Orabug: 27444923 CVE-2017-5753 - userns: prevent speculative execution Elena Reshetova Orabug: 27444923 CVE-2017-5753 - udf: prevent speculative execution Elena Reshetova Orabug: 27444923 CVE-2017-5753 - f...
thunderbird security update
52.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.5.0-1 - Update to 52.5.0...
kernel security update
kernel - 2.6.18-419.0.0.0.2 - mm support large stack guard gap between vmas orabug 26366330...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.18.3 - dccp/tcp: do not inherit mclist from parent Eric Dumazet Orabug: 26108571 CVE-2017-8890...
openssl security update
1.0.1e-48.4 - fix CVE-2017-3731 - DoS via truncated packets with RC4-MD5 cipher - fix CVE-2016-8610 - DoS of single-threaded servers via excessive alerts...
Unbreakable Enterprise kernel security update
2.6.39-400.294.2 - vfs: read filehandle only once in handletopath Sasha Levin Orabug: 25388709 CVE-2015-1420 - crypto: algifhash - Only export and import on sockets with data Herbert Xu Orabug: 25417807 - USB: usbfs: fix potential infoleak in devio Kangjie Lu Orabug: 25462763 CVE-2016-4482 - net:...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.16.3 - crypto: algifhash - Only export and import on sockets with data Herbert Xu Orabug: 25417805 CVE-2016-8646 - USB: usbfs: fix potential infoleak in devio Kangjie Lu Orabug: 25462760 CVE-2016-4482 - net: fix infoleak in llc Kangjie Lu Orabug: 25462807 CVE-2016-4485 -...
389-ds-base security, bug fix, and enhancement update
1.3.5.10-11 - Release 1.3.5.10-11 - Resolves: bug 1321124 - Replication changelog can incorrectly skip over updates 1.3.5.10-10 - Release 1.3.5.10-10 - Resolves: bug 1370300 - set proper update status to replication agreement in case of failure DS 48957 - Resolves: bug 1209094 - Allow logging of...
qemu-kvm security update
1.5.3-105.el72.7 - kvm-block-iscsi-avoid-potential-overflow-of-acb-task-cdb.patch bz1358996 - Resolves: bz1358996 CVE-2016-5126 qemu-kvm: Qemu: block: iscsi: buffer overflow in iscsiaioioctl rhel-7.2.z 1.5.3-105.el72.6 - kvm-virtio-error-out-if-guest-exceeds-virtqueue-size.patch bz1359728 -...
python security, bug fix, and enhancement update
2.7.5-34.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-34 - Revert fix for rhbz1117751 as it leads to regressions Resolves: rhbz1117751 2.7.5-33 - Only restore SIGPIPE when Popen called with restoresigpipe Resolves: rhbz1117751 2.7.5-32 - Backport SSLSocket.version...