8985 matches found
dotnet8.0 security update
8.0.107-1.0.1 - Add support for Oracle Linux 8.0.107-1 - Update to .NET SDK 8.0.107 and Runtime 8.0.7 - Resolves: RHEL-45322...
perl-CPAN security update
2.18-399 - Fix tests to run in correct order 2.18-398 - Fix CVE-2023-31484 - Package tests 2.18-397 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild 2.18-396 - Rebase patches to prevent from installing back-up files 2.18-395 - Rebuilt for...
openldap security update
2.4.44-23 - Fix CVE-2020-25692 openldap: NULL pointer dereference for unauthenticated packet in slapd 1895328...
Unbreakable Enterprise kernel security update
4.1.12-124.28.3 - Add CVE numbers for CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 Chuck Anderson Orabug: 29890820 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 - tcp: fix fackcount accounting on tcpshiftskbdata Joao Martins Orabug: 29890820 - tcp:...
openssl security update
1.0.2k-22 - fix CVE-2021-23841 openssl: NULL pointer dereference in X509issuerandserialhash - fix CVE-2021-23840 openssl: integer overflow in CipherUpdate - Resolves: rhbz1932132, rhbz1932126...
glib2 security update
2.68.4-14.1 - Fix CVE-2024-34397, signal subscription vulnerabilities - Resolves: RHEL-56979...
postgresql:13 security update
pgaudit 1.5.0-1 - Update to version 1.5.0 Related: 1855776 postgresql 13.3-1 - Update to 13.3 Resolves: 1966338 Fix: CVE-2021-32027,CVE-2021-32028,CVE-2021-32029...
ghostscript security update
9.07-29.el75.2 - Fix MediaPosition, ManualFeed and MediaType with pxl devices bug 1629842 9.07-29.el75.1 - Added security fixes for: - CVE-2018-16509 bug 1621156 - CVE-2018-15910 bug 1621157 - CVE-2018-16542 bug 1621380 9.07-29 - Fix rare Segmentation fault when converting PDF to PNG bug 1473337 ...
krb5 security update
1.15.1-55.0.3 - Length check when parsing GSS token encapsulation Orabug: 36927256 - Add a simple DER support header Orabug: 36927256 - Fix vulnerabilities in GSS message token handling Orabug: 36927256 1.15.1-55.0.1 - Add recursion limit for ASN.1 indefinite lengths Orabug: 32582360 1.15.1-55 -...
pam security update
1.3.1-33 - pamnamespace: protectdir: use ODIRECTORY to prevent local DoS situations. CVE-2024-22365. Resolves: RHEL-21242 1.3.1-32 - pamaccess: handle hostnames in access.conf. Resolves: RHEL-3374 1.3.1-31 - pamfaillock: create tallydir before creating tallyfile. Resolves: RHEL-19810 1.3.1-30 -...
nodejs:20 security update
nodejs 1:20.16.0-1 - Update to 20.16.0 Fixes: CVE-2024-36137 CVE-2024-22018 CVE-2024-22020 nodejs-nodemon nodejs-packaging...
xz security update
5.2.2-2 - Fix CVE-2022-1271 Resolves: CVE-2022-1271...
virt:kvm_utils3 security update
hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 libguestfs-winsupport libiscsi libnbd 1.6.0-6.el8 - Fix CVE-2024-7383 NBD server improper certificate validation resolves: RHEL-52728 1.6.0-5.el8 - Fix CVE-2022-0485: Fail nbdcopy if NBD read or wri...
kernel security update
3.10.0-1160.119.1.0.3.el7.OL7 - net: fix dstnegativeadvice race Eric Dumazet Orabug: 36947298 3.10.0-1160.119.1.0.2.el7.OL7 - md/raid5: fix oops during stripe resizing Ritika Srivastava Orabug: 34048726 - blk-mq: Remove generation seqeunce Ritika Srivastava Orabug: 33964689 - block: init flush rq...
sudo security update
1.8.23-10.3 RHEL 7.9.Z ERRATUM - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user Resolves: rhbz2161222 1.8.23-10.2 - RHEL 7.9.Z ERRATUM - defaults usepty plus SELinux ROLE in user specification breaks terminal Resolves: rhbz1972820 1.8.23-10.1 - RHEL 7.9.Z ERRATUM -...
libX11 security update
1.6.7-4 - Fix CVE-2021-31535 1962438...
glibc security update
2.17-292.0.1.7 - Remove glibc-ora28641867.patch as duplicate of glibc-rh1705899-4.patch - Make IOfunlockfile match funlockfile and IOflockfile match flockfile Both should test if stream-flags & IOUSERLOCK == 0 IOlocklock stream-lock; OraBug 28481550. Reviewed-by: Jose E. Marchesi - Modify...
bind security update
32:9.11.4-26.P2.10 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178...
emacs security update
1:27.2-10 - org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code CVE-2024-39331 - Disable xwidgets RHEL-33447...
openssl security update
3.0.7-28.0.1 - Drop OpenELA branding, apply Oracle branding patches - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream references Orabug: 34340177 1:3.0.7-28 - Patch for CVE-2024-6119 Resolves:...
expat security update
2.5.0-2.1 - Fix multiple CVEs - Fix CVE-2024-45492 integer overflow - Fix CVE-2024-45491 Integer Overflow or Wraparound - Fix CVE-2024-45490 Negative Length Parsing Vulnerability - Resolves: RHEL-57510 - Resolves: RHEL-57497 - Resolves: RHEL-56763...
Unbreakable Enterprise kernel security update
5.15.0-204.147.6.2 - smb3: Replace smb2pdu 1-element arrays with flex-arrays Kees Cook Orabug: 36353543 - hvnetvsc: Register VF in netvscprobe if NETDEVICEREGISTER missed Shradha Gupta Orabug: 36358874 - hvnetvsc: Fix race condition between netvscprobe and netvscremove Souradeep Chakrabarti -...
ruby:3.0 security, bug fix, and enhancement update
ruby 3.0.4-141 - Upgrade to Ruby 3.0.4. Resolves: rhbz2109431 Resolves: rhbz2110981 - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739...
openssl security update
1:1.1.1k-14 - Backport fix SSLselectnext proto from OpenSSL 3.2 Fix CVE-2024-5535 Resolves: RHEL-45654...
kernel security update
5.14.0-427.31.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
python3.11 security update
3.11.9-7.0.1 - Update rpm-macros description Orabug: 36024572 3.11.9-7 - Security fix for CVE-2024-8088 Resolves: RHEL-55934 3.11.9-6 - Security fix for CVE-2024-6923 Resolves: RHEL-53089 3.11.9-5 - Properly propagate the optimization flags to C extensions 3.11.9-4 - Build Python with -O3 -...
python3 security update
3.6.8-67.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-67 - Security fix for CVE-2024-6232 Resolves: RHEL-57399 3.6.8-66 - Security fix for CVE-2024-6923 Resolves: RHEL-53065 3.6.8-65 - Build Python with -O3 - https://fedoraproject.org/wiki/Changes/PythonbuiltwithgccO3...
Unbreakable Enterprise kernel security update
5.15.0-300.163.18 - crypto: qat - specify firmware files for 402xx Giovanni Cabiddu Orabug: 37044631 5.15.0-300.163.17 - KVM/x86: Do not clear SIPI while in SMM Boris Ostrovsky Orabug: 36955051 - Revert 'Fix userfaultfdapi to return EINVAL as expected' Vijayendra Suman Orabug: 36992217...
fence-agents security update
4.2.1-129.4 - bundled setuptools: fix CVE-2024-6345 Resolves: RHEL-50223 4.2.1-129.3 - bundled urllib3: fix CVE-2024-37891 Resolves: RHEL-43568 4.2.1-129.2 - fenceeps: add fenceepsr2 for ePowerSwitch R2 and newer Resolves: RHEL-7734 - bundled jinja2: fix CVE-2024-34064 Resolves: RHEL-35655...
Unbreakable Enterprise kernel security update
5.4.17-2102.200.13 - bpf, selftests: Fix up some testverifier cases for unprivileged Piotr Krysiuk Orabug: 32656761 CVE-2020-27170 CVE-2020-27171 - bpf: Add sanity check for upper ptrlimit Piotr Krysiuk Orabug: 32656761 CVE-2020-27170 CVE-2020-27171 - bpf: Simplify alulimit masking for pointer...
kernel security update
3.10.0-1160.119.1.0.5.el7.OL7 - wifi: mac80211: Avoid address calculations via out of bounds array indexing Kees Cook Orabug: 37092983...
ghostscript security update
9.25-5.0.1 - Fixes CVE-2024-33871 OPVP device arbitrary code execution via custom Driver library...
git-lfs security update
3.4.1-3 - Rebuild with new Golang - Resolves: RHEL-57900...
curl security update
7.76.1-29.el94.1 - provide common cleanup method for push headers CVE-2024-2398...
Unbreakable Enterprise kernel security update
5.15.0-301.163.5.2 - mm: avoid leaving partial pfn mappings around in error case Linus Torvalds Orabug: 37174198 CVE-2024-47674 - Revert 'Documentation/admin-guide/acpi: Move information out of shell script comments' Dave Kleikamp Orabug: 37144820 - Revert 'irqchip/gic-v3: Move partitioncreatedes...
gtk3 security update
3.22.30-12 - Stop loading modules from cwd CVE-2024-6655 - Resolves: RHEL-46988...
libgcrypt security update
1.10.0-11 - Fix CVE-2024-2236 RHEL-34579...
systemd security update
219-78.0.17 - Backport secure pager invocation for CVE-2023-26604 Orabug: 37139943...
kernel security update
4.18.0-553.22.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
net-snmp security update
5.9.1-13.0.1 - fix error index value when snmpget is used a proxy pass Orabug: 35010262 1:5.9.1-13.3 - fix CVE-2022-24805, CVE-2022-24806, CVE-2022-24807, CVE-2022-24808, CVE-2022-24809 and CVE-2022-24810 RHEL-32062...
python-setuptools security update
53.0.0-12.1 - Security fix for CVE-2024-6345 Resolves: RHEL-50466...
less security update
530-3 - Fix CVE-2024-32487 - Resolves: RHEL-32738...
gzip security update
1.5-11 - fix an arbitrary-file-write vulnerability in zgrep Resolves: CVE-2022-1271...
e2fsprogs security update
1.45.4-3.0.7 - libext2fs: add sanity check to extent manipulation Srivathsa Dara Orabug: 37095032 CVE-2022-1304...
linux-firmware security update
20240715-999.34.git4c8fb21e.el9 - Rebase to latest upstream Orabug: 36826157...
kernel security and bug fix update
4.18.0-553.8.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
samba security update
4.18.6-2.0.1 - resolves: RHEL-11937 Fix CVE-2023-3961 - smbd must check the pipename - resolves: RHEL-11937 Fix CVE-2023-4091 - SMB clients can truncate files - resolves: RHEL-11937 Fix CVE-2023-42669 - Remove rpcecho server...
python-urllib3 security update
1.10.2-7.0.1 - CVE-2024-37891 fix Orabug: 37085188...
java-21-openjdk security update
1:21.0.5.0.10-3.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.5.0.10-3 - Sync the copy of the portable specfile with the latest update - This tarball is embargoed until 2024-10-15 @ 1pm PT. - Related: RHEL-61346 1:21.0.5.0.10-2 - Update to jdk-21.0.5+10 GA - Update release notes to...
openssl security update
1.0.2k-22fips - Change Epoch from 1 to 10 - Fix DH self-test to add shared secret comparison Orabug: 32467026 - Add DH support changes for SP 800-56A rev3 requirements Orabug: 32467059 - Add TLS KDF self-test Orabug: 32467193 - Add EC keys pairwise consistency test Orabug: 32467059 1.0.2k-22 - fi...