9184 matches found
ruby security, bug fix, and enhancement update
3.0.4-160 - Upgrade to Ruby 3.0.4. Resolves: rhbz2109428 - OpenSSL test suite fixes due to disabled SHA1. Related: rbhz2109428 - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739...
expat security update
2.2.5-8.0.1.2 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-8.2 - Improve fix for CVE-2022-25313 - Related: CVE-2022-25313 2.2.5-8.1 - Fix multiple CVEs - Resolves: CVE-2022-25314 - Resolves: CVE-2022-25313...
Unbreakable Enterprise kernel security update
5.4.17-2136.308.7 - uek-rpm: Update OL7/8 Secureboot certificate and shim versions Sherry Yang Orabug: 34248329 5.4.17-2136.308.6 - mac80211hwsim: call ieee80211txprepareskb under RCU protection Johannes Berg - arm: remove CONFIGARCHHASHOLESMEMORYMODEL Mike Rapoport - x86/cpu: Load microcode duri...
Unbreakable Enterprise kernel security update
5.4.17-2136.304.4.2 - netfilter: nftablesoffload: incorrect flow offload action array size Pablo Neira Ayuso Orabug: 33899500 CVE-2022-25636...
java-11-openjdk security update
1:11.0.14.0.9-1.0.1 - link atomic for ix86 build 1:11.0.14.0.9-1 - Update to jdk-11.0.14.0+9 - Update release notes to 11.0.14.0+9 - Switch to GA mode for final release. - This tarball is embargoed until 2022-01-18 @ 1pm PT. - Resolves: rhbz2039366 1:11.0.14.0.8-0.1.ea - Update to jdk-11.0.14.0+8...
Unbreakable Enterprise kernel security update
5.4.17-2136.302.7.2 - xfs: map unwritten blocks in XFSIOCALLOC,FREESP just like fallocate Darrick J. Wong Orabug: 33699625 CVE-2021-4155 5.4.17-2136.302.7.1 - fget: check that the fd still exists after getting a ref to it Linus Torvalds Orabug: 33691332 CVE-2021-0920 5.4.17-2136.302.7 - rds: ib:...
qemu security update
...
nodejs:16 security, bug fix, and enhancement update
nodejs 16.13.1-3.0.1 - Libraries must not be group-writeable. Change node-gyp permission to 0755 Orabug: 28451433 1:16.13.1-3 - Resolves: RHBZ2027610 - Add corepack to spec 1:16.13.1-2 - Resolves: RHBZ2027610 - Update npm version test 1:16.13.1-1 - Resolves: RHBZ2027644, RHBZ2027643, RHBZ2027638,...
python3 security update
3.6.8-18.0.5 - Remove the 'getfile' feature of pydoc Orabug: 33182027CVE-2021-3426...
java-17-openjdk security update
1:17.0.1.0.12-2 - Extend LTS check to exclude EPEL. - Related: rhbz2013841 1:17.0.1.0.12-2 - Set LTS designator. - Related: rhbz2013841 1:17.0.1.0.12-1 - Drop JDK-8272332/RH2004078 patch which is upstream in 17.0.1 - Resolves: rhbz2013841 1:17.0.1.0.12-1 - October CPU update to jdk 17.0.1+12 -...
cloud-init security update
20.3-10.0.1 - Added missing services in rhel/systemd/cloud-init.service Orabug: 32183938 - Added missing services in cloud-init.service.tmpl for sshd Orabug: 32183938 - Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 Orabug: 30435672 - limit permissions Orabug: 31352433 -...
microcode_ctl security, bug fix and enhancement update
2:2.1-73.11.0.1 - for Intel, do not trigger load if on-disk microcode is not an update Orabug: 30634727 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 - ensure late loading fixes are present on 4.1.12- and 4.14.35- - enable early and late load for 5.4.17...
go-toolset:ol8 security, bug fix, and enhancement update
delve 1.5.0-2.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.5.0-2 - Add golang-1.15.4 related patch - Resolves: rhbz1901189 1.5.0-1 - Rebase to 1.5.0 - Related: rhbz1870531 golang 1.15.7-1 - Rebase to 1.15.7 - Resolves: rhbz1870531 - Resolves: rhbz1919261 1.15.5-1 - Rebase to...
python36:3.6 security update
python36 3.6.8-2.0.1 - Rebuild with python containing fix for Orabug: 32551171CVE-2021-3177...
pki-core security and bug fix update
10.5.18-12 - Change variable 'TPS' to 'tps' - - RHEL 7.9: - - Bugzilla Bug 1883639 - Add KRA Transport and Storage Certificates profiles, audit for IPA edewata - - Backported CVEs ascheel: - - Bugzilla Bug 1724697 - CVE-2019-10180 pki-core: unsanitized token parameters in TPS resulting in stored...
nss security and bug fix update
3.53.1-17 - Fix various corner cases with ike v1 app b support. 3.53.1-16 - Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC. 3.53.1-15 - Revert some policy changes the generate ABI runtime issues. 3.53.1-14 - Add...
Unbreakable Enterprise kernel-container security update
5.4.17-2036.103.3.1.el7 - xen-blkback: fix error handling in xenblkbkmap Jan Beulich Orabug: 32492109 CVE-2021-26930 - xen-scsiback: don't 'handle' error by BUG Jan Beulich Orabug: 32492101 CVE-2021-26931 - xen-netback: don't 'handle' error by BUG Jan Beulich Orabug: 32492101 CVE-2021-26931 -...
olcne security update
kubernetes 1.18.10-3 - Kata CVE-2020-28914 kata-proxy 1.11.5-1 - Added Oracle Specific Build Files for kata-proxy kata-shim 1.11.5-1 - Added Oracle Specific Build Files for kata-shim kata-ksm-throttler 1.11.5-1 - Added Oracle Specific Build Files for kata-ksm-throttler kata-runtime 1.11.5-1 - Add...
nodejs:12 security and bug fix update
nodejs 1:12.19.1-1 - Resolves: RHBZ1901044, 1901045, 1901046, 1901047 - c-ares, ajv and y18n CVEs and yarn installability issues...
thunderbird security update
78.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.5.0-1 - Update to 78.5.0 build3...
nodejs:10 security update
nodejs 1:10.21.0-3 - Resolves: RHBZ1845306 - Remove brotli-devel requires from nodejs-devel 1:10.21.0-2 - Resolves: RHBZ1845306 - Turn off debug builds 1:10.21.0-1 - Security update to 10.21.0 - Resolves: RHBZ1845306 - Fixes CVE-2020-11080, CVE-2020-8174, CVE-2020-10531 - Bundle brotli, because...
python-pip security update
9.0.3-16 - Add four new patches for CVEs in bundled urllib3 and requests CVE-2018-20060, CVE-2019-11236, CVE-2019-11324, CVE-2018-18074 Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1702473 Resolves: rhbz1643829...
olcne kubernetes security update
olcne 1.0.3-1 - updated the default Kubernetes version to 1.14.9 kubernetes 1.14.9-1.0.3 - CVE-2019-11254 kube-apiserver Denial of Service vulnerability from malicious YAML payloads 1.14.9-1.0.2 - Use bounded crio version 1.14.9-1.0.1 - Added Oracle specific build files for Kubernetes cri-o...
libreoffice security and bug fix update
1:5.3.6.1-24.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.3.6.1-24 - Resolves: rhbz1728763 bg of blocks is black 1:5.3.6.1-23 - Resolves: rhbz1601372 libreoffice fails to build with...
git security update
2.18.2-1 - Update to release 2.18.2 - Remote code execution in recursive clones with nested submodules Resolves: CVE-2019-1387 - Fixes CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353, CVE-2019-1354...
httpd:2.4 security and bug fix update
...
firefox security update
68.2.0-2.0.1 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.2.0-2 - Rebuild 68.2.0-1 - Update to 68.2.0 ESR 68.1.0-6 - Enable system nss on RHEL6 68.1.0-2 - Enable building langpacks...
keepalived security and bug fix update
1.3.5-16 - Rework previous miscscript/vrrpscript patch 1667292 1.3.5-15 - Rework previous checker comparison patch 1715308 1.3.5-14 - Make checker variables non global 1715308 1.3.5-13 - Fix comparison of checkers on reload 1715308 1.3.5-12 - Fix build errors 1678480 1.3.5-11 - Fix problems with...
java-11-openjdk security update
1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 GA - Switch to GA mode for final release. - Resolves: rhbz1724452 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 EA - Resolves: rhbz1724452 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 EA - Resolves: rhbz1724452 1:11.0.4.8-0.0.e...
virt:rhel security update
4.5.0-23.2.0.1.el8 - added librbd1 as dependency Keshav Sharma 4.5.0-23.2.el8 - admin: reject clients unless their UID matches the current UID CVE-2019-10132 - locking: restrict sockets to mode 0600 CVE-2019-10132 - logging: restrict sockets to mode 0600 CVE-2019-10132 4.5.0-23.1.el8 - cpux86: Do...
java-11-openjdk security update
1:11.0.3.7-0.0.1 - link atomic for ix86 build 1:11.0.3.7-0 - Add -mstackrealign workaround to build flags to avoid SSE issues on x86 - Resolves: rhbz1693468 1:11.0.3.7-0 - Update to shenandoah-jdk-11.0.3+7 April 2019 GA - Resolves: rhbz1693468 1:11.0.3.6-0 - Update to shenandoah-jdk-11.0.3+6 Apri...
ghostscript security update
8.70-24.el610.2 - It was found that the fix for CVE-2018-16509 was not complete, the missing pieces added into ghostscript-CVE-2018-16509.patch 8.70-24.el610.1 - Resolves: 1641124 - CVE-2018-16509 ghostscript: /invalidaccess bypass after failed restore 8.70-24 - Added security fix for CVE-2017-82...
GNOME security, bug fix, and enhancement update
PackageKit 1.1.10-1.0.1 - remove PackageKit-0.3.8-Fedora-Vendor.conf.patch 1.1.10-1 - New upstream release - Resolves: 1576494 accountsservice 0.6.50-2 - Fix user switching Resolves: 1597350 0.6.50-1 - Update to 0.6.50 Related: 1576538 Related: 1596735 Related: 1602918 0.6.49-1 - Update to 0.6.49...
Unbreakable Enterprise kernel security update
4.1.12-124.16.2 - netlink: add a start callback for starting a netlink dump Tom Herbert Orabug: 27169581 CVE-2017-16939 - ipsec: Fix aborted xfrm policy dump crash Herbert Xu Orabug: 27169581 CVE-2017-16939...
microcode_ctl security update
1:1.17-25.4.0.1 - Enable early microcode load to allow updating Broadwell model 79 - Make sure 'modprobe microcode' is not executed on Broadwell model 79 - Run dracut upon microcode update - Add updated Intel 20180108 microcode for CPUIDs: CVE-2017-5715 306c3 06-3c-03 rev 0x23, Haswell; 306d4...
firefox security update
52.4.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 52.4.0-1 - Update to 52.4.0 ESR 52.3.0-3 - Update to 52.3.0 ESR b2 - Require correct nss version...
libreoffice security and bug fix update
1:5.0.6.2-5.0.1.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.0.6.2-5.1 - Resolves: rhbz1435534 CVE-2017-3157 Arbitrary file disclosure in Calc and Writer 1:5.0.6.2-5 - Resolves:...
mariadb security and bug fix update
5.5.52-1 - Rebase to 5.5.52, that also include fix for CVE-2016-6662 Resolves: 1377974 1:5.5.50-2 - Rebuild Related: 1359629...
bind security update
30:9.3.6-25.P1.10 - Fix CVE-2016-2848 30:9.3.6-25.P1.9 - Fix CVE-2016-2776 30:9.3.6-25.P1.8 - Fix issue with patch for CVE-2016-1285 and CVE-2016-1286 found by test suite 30:9.3.6-25.P1.7 - Fix CVE-2016-1285 and CVE-2016-1286 30:9.3.6-25.P1.6 - Fix CVE-2015-8704 30:9.3.6-25.P1.5 - Fix CVE-2015-80...
openssl security update
1.0.1e-48.3 - fix CVE-2016-2177 - possible integer overflow - fix CVE-2016-2178 - non-constant time DSA operations - fix CVE-2016-2179 - further DoS issues in DTLS - fix CVE-2016-2180 - OOB read in TSOBJprintbio - fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue - fix...
kernel security and bug fix update
3.10.0-327.28.3.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.28.3 - net tcp: enable per-socket rate limiting of all 'challenge acks' Florian Westphal 1355603 1355605 CVE-2016-5696 - net tcp: uninline tcpoowratelimited Florian Westphal 1355603 1355605 CVE-2016-5696 - net tcp: make...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-37.6.3 - tcp: make challenge acks less predictable Eric Dumazet Orabug: 24010103 Orabug: 2401010 CVE-2016-5696...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.9.2 - KEYS: potential uninitialized variable Dan Carpenter Orabug: 24393864 CVE-2016-4470...
java-1.8.0-openjdk security update
1:1.8.0.71-1.b15 - Add patch to turn off strict overflow on IndicRearrangementProcessor,2.cpp - Resolves: rhbz1295751 1:1.8.0.71-0.b15 - January 2016 security update to u71b15. - Improve verbosity and helpfulness of tarball generation script. - Update patch documentation using version originally...
krb5 security, bug fix, and enhancement update
1.13.2-9 - Add patch and test case for 'KDC does not return proper client principal for client referrals' - Resolves: 1259846 1.13.2-9 - Ammend patch for RedHat bug 1252454 'testsuite complains 'Lifetime has increased by 32436 sec while 0 sec passed!', while rhel5-libkrb5 passes' to handle the...
kernel security and bug fix update
3.10.0-229.14.1.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-229.14.1 - s390 zcrypt: Fixed reset and interrupt handling of AP queues Hendrik Brueckner 1248381 1238230 3.10.0-229.13.1 - dma ioat: fix tasklet tear down Herton R. Krzesinski 1251523 1210093 - drm radeon: Fix VGA switcheroo...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.11uek - udp: fix behavior of wrong checksums Eric Dumazet Orabug: 21628852 CVE-2015-5364 CVE-2015-5366...
Unbreakable Enterprise kernel security and bugfix update
kernel-uek 3.8.13-68.2.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077385 CVE-2015-3331 3.8.13-68.2.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807438 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-55.1.8 - kvm: fix excessive pages un-pinning in kvmiommumap error path. Quentin Casasnovas Orabug: 20687313 CVE-2014-3601 CVE-2014-8369 CVE-2014-3601 3.8.13-55.1.7 - ttusb-dec: buffer overflow in ioctl Dan Carpenter Orabug: 20673376 CVE-2014-8884 - mm: Fix NULL pointer dereferen...
qemu-kvm security, bug fix, and enhancement update
1.5.3-86.el7 - kvm-vfio-pci-Fix-interrupt-disabling.patch bz1180942 - kvm-cirrus-fix-blit-region-check.patch bz1169456 - kvm-cirrus-don-t-overflow-CirrusVGAState-cirrusbltbuf.patch bz1169456 - Resolves: bz1169456 CVE-2014-8106 qemu-kvm: qemu: cirrus: insufficient blit region checks rhel-7.1 -...