9185 matches found
kernel security, bug fix, and enhancement update
kernel 2.6.18-371.8.1 - virt HID: memory corruption flaw drivers/usb/input/hid-core.c Jacob Tanenbaum 1032996 1032999 CVE-2013-2888 - virt HID: memory corruption flaw in drivers/hv/hid-core.c Jacob Tanenbaum 1032996 1032999 CVE-2013-2888 - scsi lpfc: Fix task management commands having a fixed...
java-1.7.0-openjdk security update
1.7.0.45-2.4.3.1.0.1.el510 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.45-2.4.3.1.el5 - Updated to icedtea 2.4.3 - Resolves: rhbz1017623 1.7.0.45-2.4.3.0.el5 - fixed and updated tapset - removed bootstrap - source 11 redeclared to 1111 - added source12:...
Unbreakable Enterprise kernel Security update
2.6.32-400.29.1 - KVM: add missing void user COPYING CREDITS Documentation Kbuild MAINTAINERS Makefile README REPORTING-BUGS arch block crypto drivers firmware fs include init ipc kernel lib mm net samples scripts security sound tools uek-rpm usr virt cast to accessok call Heiko Carstens Orabug:...
ruby security update
1.8.7.352-10 - escaping vulnerability about Exceptiontos / NameErrortos ruby-1.8.7-p371-CVE-2012-4481.patch - Related: rhbz915379 1.8.7.352-9 - Fix regression introduced by fix for entity expansion DOS vulnerability in REXML https://bugs.ruby-lang.org/issues/7961...
httpd security update
2.2.15-9.0.1.el61.2 - replace index.html with Oracle's index page - update vstring in specfile 2.2.15-9.2, - updated patch for CVE-2011-3192 from upstream 733062 2.2.15-9.1 - fix 733062 - backported CVE-2011-3192 fix from httpd trunk...
kernel security update
2.6.18-164.10.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina yang orabug...
tomcat security update
5.5.23-0jpp.7.2 - Actually add the patch files this time Resolves: rhbz427779 Resolves: rhbz504758 Resolves: rhbz503980 Resolves: rhbz504162 5.5.23-0jpp.7.2 - add patch for CVE-2007-5333 Resolves: rhbz427779 - add patch for CVE-2008-5515 Resolves: rhbz504758 - add patch for CVE-2009-0033 - add...
Important: kernel security and bug fix update
2.6.18-53.1.6.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki ORA 6045759 - NET Fix msi issue with kexec/kdump Michael Chan ORA 6219364 - MM Fix allocpagesnode static nid' race made kernel crash Joe Jin ORA 6187457 - splice Fix bad unlockpage in error case Jens Axboe ORA 6263574 ...
Important: kernel security and bug fix update
2.6.18-8.1.4.0.1.el5 -Fix bonding primary=ethX so it picks correct network Bert Barbe IT 101532 ORA 5136660 -Add entropy module option to e1000 John Sobecki ORA 6045759 -Add entropy module option to bnx2 John Sobecki ORA 6045759 2.6.18.8.1.4.el5 - ipv6 Fix routing regression. David S. Miller 2380...
openssl security update
1:1.1.1k-14 - Backport fix SSLselectnext proto from OpenSSL 3.2 Fix CVE-2024-5535 Resolves: RHEL-45654...
podman security update
4.9.4-13.0.1 - Fixes issue of podman execvp error while using podmansh Orabug: 36073625 - Improved saving remote build context to tarfile in Podman daemon Orabug: 36495655 - Add devices on container startup, not on creation - Backport fast gzip for compression Orabug: 36420418 - overlay: Put shou...
kernel security update
2.6.32-754.53.1.OL6 - net/sched: schqfq: refactor parsing of netlink parameters Orabug: 36517546 - net/sched: schqfq: account for stab overhead in qfqenqueue CVE-2023-3611 Orabug: 36517546 - net/sched: clsfw: Fix improper refcount update leads to use-after-free CVE-2023-3776 Orabug: 36517546 - ne...
Unbreakable Enterprise kernel security update
5.15.0-204.147.6.3 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36464807 CVE-2024-1086...
container-tools:ol8 security update
aardvark-dns buildah 1:1.31.3-3.0.1 - Rebuild with newer dependencies cockpit-podman conmon containernetworking-plugins 1:1.3.0-8.0.1 - Rebuild with newer dependencies containers-common 2:1-70.0.2 - Rebuild with newer dependencies container-selinux criu crun fuse-overlayfs libslirp netavark...
httpd and mod_http2 security, bug fix, and enhancement update
httpd 2.4.57-5.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.57-5 - Fix issue found by covscan - Related: 2222001 2.4.57-4 - Resolves: 2217726 - Make PROPFIND tolerant of deletion race 2.4.57-3 - Resolves: 2222001 - modstatus lists BusyWorkers IdleWorkers keys twice...
grafana security and enhancement update
9.2.10-7 - bump release number for rebuild with fixed gating.yaml file 9.2.10-6 - resolve RHEL-12665 - resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work - testing is turned off due to test failures caused by testing date mismatch 9.2.10-5 - resolve CVE-2023-3128...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.320.7.el7 - selftests: fibtests: mute cleanup error message Po-Hsu Lin - KVM: arm64: PMU: Align chained counter implementation with architecture pseudocode Marc Zyngier Orabug: 35449815 - KVM: arm64: Filter out v8.1+ events on v8.0 HW Marc Zyngier Orabug: 35449815 - KVM: arm64: Add...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.316.7 - runtime revert of virtionet: Stripe queue affinities across cores. Konrad Rzeszutek Wilk Orabug: 35001045 5.4.17-2136.316.6 - block: Change the granularity of io ticks from ms to ns Gulam Mohamed Orabug: 34780807 - powercap: intelrapl: support new layout of Psys PowerLimit...
kernel security, bug fix, and enhancement update
5.14.0-70.22.1.0.10.OL9 lockdown: also lock down previous kgdb use Daniel Thompson Orabug: 34290418 CVE-2022-21499 5.14.0-70.22.10.OL9 Update Oracle Linux certificates Kevin Lyons Disable signing for aarch64 Ilya Okomin Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...
libvirt libvirt-python security update
libvirt 5.7.0-34.el7 - qemu: blockcopy: Allow late opening of the backing chain of a shallow copy Peter Krempa Orabug: 33091019 - qemu: capabilities: Introduce QEMUCAPSBLOCKDEVSNAPSHOTALLOWWRITEONLY Peter Krempa Orabug: 33091019 - qemuDomainBlockCopyCommon: Record updated flags to block job Peter...
java-1.8.0-openjdk security, bug fix, and enhancement update
1:1.8.0.342.b07-1 - Update to shenandoah-jdk8u342-b07 - Update release notes for shenandoah-8u342-b07. - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update tarball script with IcedTea GitHub URL and .src-rev generation - Use 'git apply' with...
Unbreakable Enterprise kernel security update
5.15.0-0.30.20 - floppy: use a statically allocated error counter Willy Tarreau Orabug: 34218638 CVE-2022-1652 - x86: Disable RET on kexec Konrad Rzeszutek Wilk Orabug: 34335631 CVE-2022-29901 CVE-2022-23816 - x86/bugs: do not enable IBPB-on-entry when IBPB is not supported Thadeu Lima de Souza...
squid security update
7:3.5.20-17.0.1 - Mutiple CVE fixes for squid Orabug: 33146289 - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing 788 - Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range...
httpd:2.4 security update
httpd 2.4.37-47.0.1.2 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-47.2 - Resolves: 2097247 - CVE-2020-13950 httpd:2.4/httpd: modproxy NULL pointer dereference...
Unbreakable Enterprise kernel security update
...
httpd:2.4 security update
2.4.37-43.0.3.3 - Resolves: CVE-2021-33193 a crafted method sent through HTTP/2 will bypass validation Orabug: 33942809...
Unbreakable Enterprise kernel security update
4.1.12-124.61.2 - exec, elf: ignore invalid note data Anthony Yznaga Orabug: 34023956 4.1.12-124.61.1 - drm/i915: Flush TLBs before releasing backing store Tvrtko Ursulin Orabug: 33835812 CVE-2022-0330 - drm/i915: Reduce locking in execlist command submission Chris Wilson Orabug: 33835812...
openssl security update
1.0.2k-24.0.3 - fix CVE-2022-0778 - possible infinite loop in BNmodsqrt...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.302.7.2.3 - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33832574 CVE-2022-0492...
grafana security, bug fix, and enhancement update
7.5.9-4 - resolve CVE-2021-39226 7.5.9-3 - rebuild to resolve CVE-2021-34558 7.5.9-2 - remove unused dependency property-information - always include FIPS patch in SRPM 7.5.9-1 - update to 7.5.9 tagged upstream community sources, see CHANGELOG 7.5.8-1 - update to 7.5.8 tagged upstream community...
python3 security update
3.6.8-39.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-39 - Security fix for CVE-2021-3733: Denial of service when identifying crafted invalid RFCs Resolves: rhbz1995234...
postgresql:10 security update
10.17-1 - Update to 10.17 Resolves: 1964520 Fix: CVE-2021-32027, CVE-2021-32028...
nss security and bug fix update
3.53.1-7 - Fix HSM load failure because of CKOProfile - Allow builds with strict-proto 3.53.1-6 - Update to CVE 2020-256423 TLS flood DOS attack patch. 3.53.1-5 - Fix CVE 2020-256423 TLS flood DOS Attack. 3.53.1-4 - Fix deadlock issue - Fix 3 FTBS issues, 2 expired certs, one semantic change in...
flatpak security update
1.6.2-6 - Fix CVE-2021-21381 1938062...
thunderbird security update
78.9.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.9.0-3 - Update to 78.9.0 build2, updated langpacks 78.9.0-2 - Update to 78.9.0 build2 78.9.0-1 - Update to 78.9.0 build1...
expat security update
2.1.0-12 - add security fixes for CVE-2018-20843, CVE-2019-15903...
tomcat security and bug fix update
0:7.0.76-15 - Resolves: CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS 0:7.0.76-14 - Revert rhbz1814315 because it caused other issues with ipa-server, see rhbz1831127 - Resolves: CVE-2020-9484 tomcat: Apache Tomcat Remote Code Executio...
thunderbird security update
68.11.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.11.0-1 - Update to 68.11.0 build1...
sudo security update
1.8.6p3-29.0.1.el610.3 - Fixes OraBug: 28747380 sudo does not honor envkeep-='KRB5CCNAME' after 'sudo -k' [email protected] 1.8.6p3-29.3 - RHEL-6.10.z ERRATUM - fixed CVE-2019-18634 Resolves: rhbz1799018 1.8.6p3-29.2 - RHEL-6.10.z ERRATUM - fixed CVE-2019-14287 Resolves: rhbz1760684...
libarchive security update
3.3.2-8 - Fix CVE-2019-18408: RAR use-after-free...
openjpeg2 security update
2.3.1-2 - Fix CVE-2020-6851 1790589...
mariadb security and bug fix update
1:5.5.64-1 - Rebase to 5.5.64 - Resolves: 1490398 - CVEs fixed: 1610986 CVE-2018-3058 CVE-2018-3063 CVE-2018-3066 CVE-2018-3081 - CVEs fixed: 1664043 CVE-2018-3282 CVE-2019-2503 - CVEs fixed: 1701686 CVE-2019-2529...
python security update
2.7.5-80.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-80 - Security fix for CVE-2019-10160 Resolves: rhbz1718401...
firefox security update
60.5.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.5.1-1 - Update to 60.5.1 ESR 60.5.0-3 - Added fix for rhbz1672424 - Firefox crashes on NFS drives...
Unbreakable Enterprise kernel security update
2.6.39-400.298.7 - net/rds: Fix endless RNR situation Hakon Bugge Orabug: 27645402 - x86/entry/64: Dont use IST entry for BP stack Andy Lutomirski CVE-2018-8897...
glibc security, bug fix, and enhancement update
2.17-222 - Restore internal GLIBCPRIVATE symbols for use during upgrades 1523119 2.17-221 - CVE-2018-1000001: Fix realpath buffer underflow 1534635 - i386: Fix unwinding for 32-bit C++ application 1529982 - Reduce thread and dynamic loader stack usage 1527904 - x86-64: Use XSAVE/XSAVEC more often...
thunderbird security update
52.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.5.0-1 - Update to 52.5.0...
java-1.8.0-openjdk security update
1:1.8.0.141-2.b16 - Update to aarch64-jdk8u141-b16. - Revert change to remove-intree-libraries.sh following backout of 8173207 - Resolves: rhbz1466509 1:1.8.0.141-2.b15 - Revert previous commit so we can revise the security update. - Resolves: rhbz1468473 1:1.8.0.141-1.b15 - Backport '8180048:...
kernel security update
kernel - 2.6.18-419.0.0.0.2 - mm support large stack guard gap between vmas orabug 26366330...
glibc security update
2.12-1.209.0.3.2 - backport rh patch 1047983 from OL7, Orabug 25407655 2.12-1.209.2 - Avoid large allocas in the dynamic linker 1452711 2.12-1.209.1 - Fix thread cancellation issues for setmntent and others 1437618...