9184 matches found
virt:ol and virt-devel:ol security, bug fix, and enhancement update
libguestfs-winsupport 8.2 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release libguestfs 1.40.2-28.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to o...
openssh security update
8.0p1-10 - sshd -T requires -C when 'Match' is used in sshdconfig 1836277 8.0p1-9 - CVE-2020-14145 openssh: Observable Discrepancy leading to an information leak in the algorithm negotiation 1882252 - Hostbased ssh authentication fails if session ID contains a '/' 1944125 8.0p1-8 - ssh doesnt...
httpd security update
2.4.6-97.0.3.1 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690...
dhcp security update
12:4.2.5-83.0.1 - Direct users to Oracle Linux support site. 12:4.2.5-83.1 - Fix for CVE-2021-25217 12:4.2.5-83 - Revert fix for 1668696...
thunderbird security update
78.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.5.0-1 - Update to 78.5.0 build3...
firefox security update
78.5.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.5.0-1 - Update to 78.5.0 build1...
qt and qt5-qtbase security update
qt 1:4.8.7-9 - Fix buffer overflow in XBM parser Resolves: bz1870297 qt5-qtbase 5.9.7-5 - Fix buffer overflow in XBM parser Resolves: bz1870365...
libssh security, bug fix, and enhancement update
0.9.4-2 - Do not return error when server properly closed the channel 1849071 - Add a test for CVE-2019-14889 - Do not parse configuration file in tortureknownhosts test 0.9.4-1 - Update to version 0.9.4 https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/ - Fixed...
bind security update
32:9.8.2-0.68.rc1.8 - Fix tsig-request verify CVE-2020-8622...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.48.1 - crypto: user - fix memory leak in cryptoreport Navid Emamdoost Orabug: 31351641 CVE-2019-19062 - media: rc: prevent memory leak in cx23888irprobe Navid Emamdoost Orabug: 31351673 CVE-2019-19054...
ntp security update
4.2.6p5-29.0.1 - Bump release to avoid ULN conflict with Oracle modified errata. 4.2.6p5-29.el78.2 - don't update transmission time on invalid response CVE-2020-11868 - randomize transmit timestamp in client requests CVE-?, 1813787...
microcode_ctl security, bug fix and enhancement update
2:2.1-61.6.0.1 - update 06-2d-07 to 0x71a - update 06-55-04 to 0x2006906 - update 06-55-07 to 0x5002f01 - for Intel, do not trigger load if on-disk microcode is not an update Orabug: 30634727 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 - do not late...
openssl security and bug fix update
1.1.1c-15 - add selftest of the RANDDRBG implementation 1.1.1c-14 - fix incorrect error return value from FIPSselftestdsa - S390x: properly restore SIGILL signal handler 1.1.1c-12 - additional fix for the edk2 build 1.1.1c-9 - disallow use of SHA-1 signatures in TLS in FIPS mode 1.1.1c-8 - fix...
glibc security, bug fix, and enhancement update
2.28-101.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...
java-1.8.0-openjdk security update
1:1.8.0.252.b09-2 - Add release notes. - Resolves: rhbz1810557 1:1.8.0.252.b09-1 - Make use of --with-extra-asflags introduced in jdk8u252-b01. - Resolves: rhbz1810557 1:1.8.0.252.b09-0 - Update to aarch64-shenandoah-jdk8u252-b09. - Switch to GA mode for final release. - Resolves: rhbz1810557...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.43.1 - media: b2c2-flexcop-usb: add sanity checking Oliver Neukum Orabug: 30864534 CVE-2019-15291...
spice-gtk security update
0.26-8.2 - Fix insufficient encoding checks for LZ Resolves: rhbz1598651 0.26-8.1 - Fix flexible array buffer overflow Resolves: rhbz1596008...
openslp security update
1:2.0.0-8 - Fix a heap-based buffer overflow vulnerability leading to remote code execution, CVE-2019-5544 Resolves: 1781701...
389-ds-base security and bug fix update
1.3.9.1-12 - Bump version to 1.3.9.1-12 - Resolves: Bug 1767622 - CleanAllRUV task limit not enforced 1.3.9.1-11 - Bump version to 1.3.9.1-11 - Resolves: Bug 1748198 - EMBARGOED CVE-2019-14824 389-ds-base: Read permission check bypass via the deref plugin - Resolves: Bug 1754831 - After audit log...
ghostscript security update
9.25-5.1 - 1769342 - CVE-2019-14869 ghostscript: -dSAFER escape in .charkeys...
elfutils security, bug fix, and enhancement update
0.176-5 - Add elfutils-0.176-strip-symbols-illformed.patch 0.176-4 - Add elfutils-0.176-elf-update.patch 1717349 0.176-3 - Rebuilt for annobin change. 0.176-2 - Add elfutils-0.176-xlate-note.patch 1705138 0.176-1 - New upstream release. - backends: riscv improved core file and return value locati...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.39.1.1 - x86/tsx: Add config options to set tsx=on|off|auto Michal Hocko Orabug: 30419232 CVE-2019-11135 - x86/speculation/taa: Add documentation for TSX Async Abort Pawan Gupta Orabug: 30419232 CVE-2019-11135 - x86/tsx: Add 'auto' option to TSX cmdline parameter Pawan Gupta...
qt5 security, bug fix, and enhancement update
qt5-qt3d 5.9.7-1 - Update to 5.9.7 Resolves: bz1564024 qt5-qtbase 5.9.7-1 - Enable -doc subpkg on PPC Resolves: bz1564000 5.9.7-1 - Update to 5.9.7 Resolves: bz1564000 qt5-qtcanvas3d 5.9.7-1 - Update to 5.9.7 Resolves: bz1564001 qt5-qtconnectivity 5.9.7-1 - Update to 5.9.7 Resolves: bz1564002...
kernel security and bug fix update
4.18.0-80.4.20.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.4.20 - net tcp: enforce tcpminsndmss in tcpmtuprobing Florian...
flatpak security update
1.0.2-5 - Fix IOCSTI sandbox bypass 1700651...
java-1.8.0-openjdk security update
1:1.8.0.201.b09-0 - Update to aarch64-shenandoah-jdk8u201-b09. - Resolves: rhbz1661577 1:1.8.0.192.b12-1 - Add 8160748 for AArch64 which is missing from upstream 8u version. - Add port of 8189170 to AArch64 which is missing from upstream 8u version. - Resolves: rhbz1661577 1:1.8.0.192.b12-0 -...
sos-collector security update
1.5-3.0.1 - To recognize OL systemOraBug 28807430 - import os module to detect /etc/redhat-release OraBug 28740046 1.5-3 - Resolve race condition in cluster profile loading - Quote all options globally - RHBZ1633515 - RHBZ1647955 1.5-2 - Fix cluster option reporting 1.5-1 - Update to version 1.5 ...
kernel security and bug fix update
2.6.32-754.6.3.OL6 - Update genkey bug 25599697 2.6.32-754.6.3 - kvm VMX: fixes for vmentryl1dflush module parameter Marcelo Tosatti 1628796 - x86 speculation: Use ARCHCAPABILITIES to skip L1D flush on vmentry Marcelo Tosatti 1628796 - x86 KVM: VMX: skip L1TF flush on VM-entry if EPT is disabled...
389-ds-base security and bug fix update
1.3.7.5-28 - Bump version to 1.3.7.5-28 - Resolves: Bug 1628676 - 389-ds-base: race condition on reference counter leads to DoS using persistent search - Resolves: Bug 1628677 - Crash in deletepasswdPolicy when persistent search connections are terminated unexpectedly 1.3.7.5-27 - Bump version to...
Unbreakable Enterprise kernel security update
4.1.12-124.19.1 - x86/entry/64: Ensure %ebx handling correct in xenfailsafecallback George Kennedy Orabug: 28402927 CVE-2018-14678 - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ Andi Kleen Orabug: 28488808 CVE-2018-3620 - x86/speculation/l1tf: Suggest what to do on systems with t...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.18.3 - dccp/tcp: do not inherit mclist from parent Eric Dumazet Orabug: 26108571 CVE-2017-8890...
libreoffice security and bug fix update
1:5.0.6.2-5.0.1.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.0.6.2-5.1 - Resolves: rhbz1435534 CVE-2017-3157 Arbitrary file disclosure in Calc and Writer 1:5.0.6.2-5 - Resolves:...
Unbreakable Enterprise kernel security update
2.6.39-400.294.2 - vfs: read filehandle only once in handletopath Sasha Levin Orabug: 25388709 CVE-2015-1420 - crypto: algifhash - Only export and import on sockets with data Herbert Xu Orabug: 25417807 - USB: usbfs: fix potential infoleak in devio Kangjie Lu Orabug: 25462763 CVE-2016-4482 - net:...
Unbreakable Enterprise kernel security update
2.6.39-400.293.2 - x86/iopl/64: properly context-switch IOPL on Xen PV Andy Lutomirski Orabug: 25269184 CVE-2016-3157 - net: Fix use after free in the recvmmsg exit path Arnaldo Carvalho de Melo Orabug: 25298618 CVE-2016-7117...
Unbreakable Enterprise kernel security and bugfix update
kernel-uek 4.1.12-61.1.13 - HID: hiddev: validate numvalues for HIDIOCGUSAGES, HIDIOCSUSAGES commands Scott Bauer Orabug: 24803597 CVE-2016-5829 4.1.12-61.1.12 - ocfs2: Fix start offset to ocfs2zerorangefortruncate Ashish Samant Orabug: 24790230 4.1.12-61.1.11 - ocfs2: Fix double put of recount...
Unbreakable Enterprise kernel security update
2.6.39-400.280.1 - Fix cpu bootup stall with large cpu count Zhenzhong Duan Orabug: 23481040 - megaraidsas : Update threshold based reply post host index register [email protected] Orabug: 23536267 2.6.39-400.279.1 - IPoIB: increase send queue size to 4 times Ajaykumar Hotchandani Orabug...
samba security update
3.0.33-3.41.el5 - Security Release 'BadLock' - resolves: CVE-2016-2110 - resolves: CVE-2016-2111...
nss, nss-util, and nspr security, bug fix, and enhancement update
nspr 4.11.0-0.1 - Rebase to NSPR 4.11 nss 3.21.0-0.3.0.1 - Added nss-vendor.patch to change vendor 3.21.0-0.3 - Ensure all ssl.sh tests are executed 3.21.0-0.2 - Ensure abi compatibility 3.21.0-0.1 - Rebase to NSS-3.21 nss-util 3.21.0-0.3 - Rebase RHEL 6.7.z to NSS-util 3.21 in preparation for...
openssh security update
6.6.1p1-25 + 0.9.3-9 - CVE-2016-1908: possible fallback from untrusted to trusted X11 forwarding 1298741 6.6.1p1-24 + 0.9.3-9 - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317818...
glibc security and bug fix update
2.17-106.0.1.4 - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. 2.17-106.4 - Revert problematic libresolv change, not needed for the CVE-2015-7547 fix...
java-1.6.0-openjdk security update
1.6.0.38-1.13.10.0.0.1 - Add oracle-enterprise.patch 1:1.6.0.38-1.13.10.0 - Add patch to replace -fno-strict-overflow with -fwrapv on older RHEL 5.11 GCC. - Resolves: rhbz1295772 1:1.6.0.38-1.13.10.0 - Update to IcedTea 1.13.10 & OpenJDK 6 b38. - Resolves: rhbz1295772...
file security and bug fix update
5.11-31 - fix 1255396 - Make the build ID output consistent with other tools 5.11-30 - fix CVE-2014-8116 - bump the acceptable ELF program headers count to 2048 5.11-29 - fix 839229 - fix detection of version of XML files 5.11-28 - fix 839229 - fix detection of version of XML files 5.11-27 - fix...
python security, bug fix, and enhancement update
2.7.5-34.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-34 - Revert fix for rhbz1117751 as it leads to regressions Resolves: rhbz1117751 2.7.5-33 - Only restore SIGPIPE when Popen called with restoresigpipe Resolves: rhbz1117751 2.7.5-32 - Backport SSLSocket.version...
kernel security, bug fix, and enhancement update
3.10.0-229.20.1.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-229.20.1 - Revert: crypto nx - Check for bogus firmware properties Phillip Lougher 1247127 1190103 - Revert: crypto nx - Moving NX-AES-CBC to be processed logic Phillip Lougher 1247127 1190103 - Revert: crypto nx - Moving...
java-1.7.0-openjdk security update
1:1.7.0.91-2.6.2.2.0.1 - Update DISTRONAME in specfile 1:1.7.0.91-2.6.2.2 - added and applied patch500 8072932or8074489.patch to fix tck failure - Resolves: rhbz1271919 1:1.7.0.91-2.6.2.1 - Bump to 2.6.2 and u91b00. - Resolves: rhbz1271919...
bind security update
30:9.3.6-25.P1.3 - Fix CVE-2015-5477 30:9.3.6-25.P1.2 - Remove files backup after patching Related: 1171971 30:9.3.6-25.P1.1 - Fix CVE-2014-8500 1171971...
cups security update
1:1.4.2-67.1 - CVE-2015-1158, CVE-2015-1159, CVE-2014-9679 bug 1229982...
java-1.7.0-openjdk security update
1:1.7.0.75-2.5.5.1.0.1.el511 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Oracle Linux' 1:1.7.0.75-2.5.5.1 - Repacked sources - Resolves: rhbz1209069 1:1.7.0.79-2.5.5.0 - Bump to 2.5.5 using OpenJDK 7u79 b14. - Resolves: rhbz1209069...
kernel security and bug fix update
kernel 2.6.18-404 - infiniband core: Prevent integer overflow in ibumemget Doug Ledford 1179353 CVE-2014-8159 2.6.18-403 - s390 zcrypt: Toleration of new crypto hardware Hendrik Brueckner 1182522 - fs cifs: Use pid from cifsFileInfo in wrt pages/setfilesize Sachin Prabhu 1169304 - xen x86: confin...
ipa security, bug fix, and enhancement update
4.1.0-18.0.1 - Replace login-screen-logo.png 20362818 - Drop subscription-manager requires for OL7 - Drop redhat-access-plugin-ipa requires for OL7 - Blank out header-logo.png product-name.png 4.1.0-18 - Fix ipa-pwd-extop global configuration caching 1187342 - group-detach does not add correct...