8998 matches found
kernel security and bug fix update
2.6.18-128.4.1.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki,Guru Anbalagane orabug 6045759 - MM shrink zone patch John Sobecki,Chris Mason orabug 6086839 - NET Add xen pv/bonding netconsole support Tina yang orabug 6993043 bz 7258 - nfs convert ENETUNREACH to ENOTCONN Guru...
nspr and nss security, bug fix, and enhancement update
nspr: 4.7.4-1.el53.1 - create z-stream version 4.7.4-1 - Update to NSPR 4.7.4 nss: 3.12.3.99.3-1.0.1.el53.2 - Update clean.gif in the nss-3.12.3.99.3-stripped.tar.bz2 tarball 3.12.3.99.3-1.el53.2 - adjust ssl cipher count constant bug 505650 3.12.3.99.3-1.el53.1 - create z-stream version...
Important: XFree86 security update
4.3.0-125.EL.0.1 - Add oracle detection to Imake. 4.3.0-125.EL - cve-2007-4568.patch: XFS Integer Overflow Vulnerability - cve-2007-5958.patch: Xorg / XFree86 file existence disclosure vulnerability - cve-2007-6427.patch: XInput Extension Memory Corruption Vulnerability - cve-2007-6428.patch:...
java-1.8.0-openjdk security update
1:1.8.0.442.b06-1.0.3 - Fixed CVE-2025-21587, CVE-2025-30691 and CVE-2025-30698 Orabug: 37840723...
kernel security update
5.14.0-503.40.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
httpd:2.4 security update
httpd 2.4.37-65.0.1.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-65.1 - Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue in modrewrite CVE-2024-38474 - Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in modproxy CVE-2024-38473 - Resolves:...
kernel security update
4.18.0-513.18.0.19.OL8 - drivers: net: slip: fix NPD bug in sltxtimeout CVE-2022-41858 - nfp: fix use-after-free in areacacheget CVE-2022-3545 - HID: check empty reportlist in hidvalidatevalues CVE-2023-1073 - Fix double fget in vhostnetsetbackend CVE-2023-1838 - can: afcan: fix NULL pointer...
go-toolset:ol8 security update
delve 1.20.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.20.2-1 - Rebase to 1.20.2 - Resolves: rhbz2186495 golang 1.20.12-1 - Update to Go 1.20.12 - Fix CVE-2023-39326 CVE-2023-45285 go-toolset 1.20.12-1 - Update to Go 1.20.12 - CVE-2023-39326 golang: net/http/internal:...
java-21-openjdk security and bug fix update
1:21.0.1.0.12-2.0.1 - Add Oracle vendor bug URL 1:21.0.1.0.12-2 - Switch to using portable binaries built on RHEL 7 - Sync the copy of the portable specfile with the RHEL 7 version - Related: RHEL-12997 1:21.0.1.0.12-1 - Update to jdk-21.0.1.0+12 GA - Update release notes to 21.0.1.0+12 - Sync th...
nginx:1.22 security update
1:1.22.1-1.0.1.1 - Resolves: RHEL-12728 - nginx:1.22/nginx: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset AttackCVE-2023-44487...
busybox security and bug fix update
1:1.15.1-21.0.1 - Backport fix for CVE-2022-48174 Orabug: 35819048...
aardvark-dns security update
runc 1:1.1.4-1.0.1 - rootless: fix /sys/fs/cgroup mounts to prevent CVE-2023-25809 - rootfs: prohibit symlinks that conflicts with readonlyPaths and/or maskedPaths to prevent CVE-2023-27561 - Prohibit /proc and /sys to be symlinks to prevent CVE-2023-28642 - JIRA: OLDIS-25589...
systemd security update
250-12.0.2.3 - Backport upstream pstore dmesg fix Orabug: 34868110 - Remove upstream references Orabug: 33995357 - Disable unprivileged BPF by default Orabug: 32870980 - udev rules: fix memory hot add and remove Orabug: 31310273 - set 'RemoveIPC=no' in logind.conf as default for OL7.2 Orabug:...
Unbreakable Enterprise kernel-container security update
5.15.0-7.86.6.1 - net/rds: Delegate fan-out to a background worker Gerd Rausch Orabug: 35051226 5.15.0-7.86.6 - runtime revert of virtionet: Stripe queue affinities across cores. Konrad Rzeszutek Wilk Orabug: 35001044 - rds: ib: Make sure messages that errors out also get unmapped Hakon Bugge...
libldb security, bug fix, and enhancement update
2.5.2-2 - resolves: rhbz2108998 - Rebuild to include python3-ldb-devel in CRB 2.5.2-1 - Rebase to version 2.5.2 - resolves: rhbz2109016 - Fix CVE-2022-32746 2.5.1-1 - related: rhbz2077484 - Rebase to version 2.5.1 2.5.0-1 - resolves: rhbz2077484 - Rebase to version 2.5.0...
kernel security update
2.6.32-754.35.1.0.7.OL6 - bluetooth: eliminate the potential race condition when removing the HCI controller Lin Ma CVE-2021-32399 Orabug: 33763116 - RDMA/ucma: Put a lock around every call to the rdmacm layer Jason Gunthorpe Orabug: 33763116 - RDMA/cma: Add missing locking to rdmaaccept Leon...
java-17-openjdk security, bug fix, and enhancement update
1:17.0.4.0.8-0.2.ea - Revert the following changes until copy-java-configs has adapted to relative symlinks: - Move cacerts replacement to install section and retain original of this and tzdb.dat - Run tests on the installed image, rather than the build image - Introduce variables to refer to the...
olcne security update
olcne 1.5.4-3 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over 1.5.4-2 - Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227 1.5.4-1 - Upgrade Kubernetes to 1.23.7 1.5.3-1 - Address qemu...
grub2, mokutil, shim, and shim-unsigned-x64 security update
2.02-123.0.4.el86.8 - enable multiboot2 Orabug: 34285558 - backport arm64: Fix EFI loader kernel image allocation Orabug: 33702462 - backport Arm: check for the PE magic for the compiled arch Orabug: 33702462 - Backport some better script logic for BTRFS support Orabug: 32448171 - Do not add shim...
java-11-openjdk security update
1:11.0.15.0.10-1 - Update to jdk-11.0.15.0+10 - Update release notes to 11.0.15.0+10 - Switch to GA mode for release - Rebase RH1996182 FIPS patch after JDK-8254410 - Resolves: rhbz2073594...
rsync security update
3.2.3-9.1 - Resolves: 2074784 - A flaw found in zlib v1.2.2.2 through zlib v1.2.11 when compressing certain inputs...
glibc security update
2.17-325.0.3.ksplice1 - Latest Ksplice-aware release. 2.17-325.0.3 - OraBug 33968985 Security Patches This release fixes CVE-2022-23219, CVE-2022-23218, and CVE-2021-3999 Reviewed-by: Jose E. Marchesi...
Unbreakable Enterprise kernel security update
4.14.35-2047.511.5.4 - x86/speculation: Add knob for eibrsretpolineenabled Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Update link to AMD...
gcc-toolset-10-annobin security update
9.29-1.2 - Bump and rebuild for new gcc. 2017782 9.29-1.1 - Annocheck: Add test for multibyte characters in symbol names. 2009282...
python3 security update
3.6.8-41.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-41 - Security fix for CVE-2021-3733: Denial of service when identifying crafted invalid RFCs Resolves: rhbz1995234 3.6.8-40 - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz1933055...
java-11-openjdk security update
1:11.0.13.0.8-1 - Update to jdk-11.0.12.0+8 - Update release notes to 11.0.12.0+8 - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz2012333 1:11.0.13.0.7-0.1.ea - Update to jdk-11.0.13.0+7 - Update release notes to 11.0.13.0+7 - Update...
glib2 security update
2.56.4-10.1 - Fix CVE-2021-27218 Resolves: 1974888...
microcode_ctl security, bug fix and enhancement update
2:2.1-73.11.0.1 - for Intel, do not trigger load if on-disk microcode is not an update Orabug: 30634727 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 - ensure late loading fixes are present on 4.1.12- and 4.14.35- - enable early and late load for 5.4.17...
dotnet security and bugfix update
2.1.522-1 - Update to .NET Core SDK 2.1.522 and Runtime 2.1.26 - Resolves: RHBZ1933844...
Unbreakable Enterprise kernel security update
4.1.12-124.47.3 - sysctl: handle overflow in procgetlong Christian Brauner Orabug: 31588015 4.1.12-124.47.2 - mwifiex: Fix possible buffer overflows in mwifiexcmdappendvsietlv Qing Xu Orabug: 31350932 CVE-2020-12653 - lockd: don't use interval-based rebinding over TCP Calum Mackay Orabug: 3143570...
tcpdump security, bug fix, and enhancement update
14:4.9.3-1 - Resolves: 1804063 - Rebase tcpdump to 4.9.3 to fix multiple CVEs...
firefox security and bug fix update
78.3.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.3.0 - Update to 78.3.0 build1 78.2.0-3 - Update to 78.2.0 build1...
postgresql:10 security and bug fix update
10.14-1 - Rebase to upstream release 10.14 Fixes RHBZ1727803 Fixes RHBZ1741489 Fixes RHBZ1709196 10.13-1 - Rebase to upstream release 10.13 Fixes RHBZ1727803 Fixes RHBZ1741489 Fixes RHBZ1709196...
Unbreakable Enterprise kernel security update
4.14.35-1902.304.6.3 - Revert 'uek-rpm: Move grub boot menu update to posttrans stage.' Somasundaram Krishnasamy Orabug: 31358100 4.14.35-1902.304.6.2 - certs: Remove Oracle cert compiled into the kernel Eric Snowberg Orabug: 31668611 - efi: Restrict efivarssdtload when the kernel is locked down...
.NET Core security and bugfix update
2.1.516-1 - Update to .NET Core SDK 2.1.516 and Runtime 2.1.20 - Resolves: RHBZ1851983...
python27:2.7 security, bug fix, and enhancement update
...
poppler and evince security update
evince 3.28.2-9 - Handle failure from TIFFReadRGBAImageOriented - Resolves: 1717352 poppler 0.26.5-42 - Fix potential integer overflow and check length for negative values - Resolves: 1757283 0.26.5-41 - Ignore dict Length if it is broken - Resolves: 1733026 0.26.5-40 - Fail gracefully if not all...
httpd:2.4 security and bug fix update
...
Unbreakable Enterprise kernel security update
2.6.39-400.315.1.1 - x86/tsx: Add config options to set tsx=on|off|auto Michal Hocko Orabug: 30419231 CVE-2019-11135 - x86/speculation/taa: Add documentation for TSX Async Abort Pawan Gupta Orabug: 30419231 CVE-2019-11135 - x86/tsx: Add 'auto' option to TSX cmdline parameter Pawan Gupta Orabug:...
icedtea-web security update
1.7.2-16 - added patch1, patch4 and patch11 to fix CVE-2019-10182 - added patch2 to fix CVE-2019-10181 - added patch3 and patch33 to fix CVE-2019-10185 - Resolves: rhbz1724958 - Resolves: rhbz1725928 - Resolves: rhbz1724989...
libssh2 security update
1.4.3-12.0.1.el76.2 - Orabug: 29909723 Added patch CVE-2019-3862 added length checks to prevent out-of-bounds reads and writes in libssh2packetaddCVE-2019-3862...
java-1.7.0-openjdk security update
1:1.7.0.211-2.6.17.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set ITCFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debuginfo in...
Unbreakable Enterprise kernel security update
2.6.39-400.300.2 - Revert 'RDS: don't commit to queue till transport connection is up' Santosh Shilimkar Orabug: 27619034 - KVM: Fix stack-out-of-bounds read in writemmio Wanpeng Li Orabug: 27951293 CVE-2017-17741 CVE-2017-17741 - kernel/exit.c: avoid undefined behaviour when calling wait4...
Unbreakable Enterprise kernel security update
4.1.12-124.16.2 - netlink: add a start callback for starting a netlink dump Tom Herbert Orabug: 27169581 CVE-2017-16939 - ipsec: Fix aborted xfrm policy dump crash Herbert Xu Orabug: 27169581 CVE-2017-16939...
bash security and bug fix update
4.2.46-28 - CVE-2016-9401 - Fix crash when '-' is passed as second sign to popd Resolves: 1429838 4.2.46-27 - CVE-2016-7543: Fix for arbitrary code execution via SHELLOPTS+PS4 variables Resolves: 1426026 4.2.46-26 - CVE-2016-0634: Fix for arbitrary code execution via malicious hostname Resolves:...
tomcat security update
0:7.0.69-12 - Resolves: rhbz1441487 CVE-2017-5648 tomcat: Calls to application listeners did not use the appropriate facade object - Resolves: rhbz1441480 CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used - Resolves: rhbz1459746 CVE-2017-5664 tomcat: Security...
ghostscript security update
8.70-23.el69.2 - Security fix for CVE-2017-8291 updated to address SIGSEGV 8.70-23.el69.1 - Added security fix for CVE-2017-8291 bug 1446063...
qemu-kvm security update
1.5.3-126.el73.6 - kvm-fix-cirrusvga-fix-OOB-read-case-qemu-Segmentation-f.patch bz1430059 - kvm-cirrus-vnc-zap-bitblit-support-from-console-code.patch bz1430059 - kvm-cirrus-add-option-to-disable-blitter.patch bz1430059 - kvm-cirrus-fix-cirrusinvalidateregion.patch bz1430059 -...
kernel security and bug fix update
3.10.0-327.28.3.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.28.3 - net tcp: enable per-socket rate limiting of all 'challenge acks' Florian Westphal 1355603 1355605 CVE-2016-5696 - net tcp: uninline tcpoowratelimited Florian Westphal 1355603 1355605 CVE-2016-5696 - net tcp: make...
openssl-fips security update
1.0.1t-2.0.1 - update to upstream 1.0.1t - Original 1.0.1 test certificates has expired on May 10, 2016. Updated certificatea were copied from 1.0.2h tree [email protected]...