9184 matches found
firefox security update
91.9.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build 91.9.1-1 - Update to 91.9.1 build1...
olcne istio istio security update
olcne 1.3.5-1 - Update Istio to 1.12.6prometheus-2.30.1, grafana-7.5.15 istio 1.12.6-1 - Addresses CVE-2022-24726, CVE-2022-24921 istio 1.11.4-1 - Added Oracle specific files for 1.11.4-1...
Unbreakable Enterprise kernel security update
4.14.35-2047.511.5.4 - x86/speculation: Add knob for eibrsretpolineenabled Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Update link to AMD...
gcc-toolset-10-annobin security update
9.29-1.2 - Bump and rebuild for new gcc. 2017782 9.29-1.1 - Annocheck: Add test for multibyte characters in symbol names. 2009282...
python3 security update
3.6.8-41.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-41 - Security fix for CVE-2021-3733: Denial of service when identifying crafted invalid RFCs Resolves: rhbz1995234 3.6.8-40 - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz1933055...
java-11-openjdk security update
1:11.0.13.0.8-1 - Update to jdk-11.0.12.0+8 - Update release notes to 11.0.12.0+8 - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz2012333 1:11.0.13.0.7-0.1.ea - Update to jdk-11.0.13.0+7 - Update release notes to 11.0.13.0+7 - Update...
glib2 security update
2.56.4-10.1 - Fix CVE-2021-27218 Resolves: 1974888...
wpa_supplicant security, bug fix, and enhancement update
1:2.9-5 - P2P: Fix a corner case in peer addition based on PD Request CVE-2021-27803 - Fix buffer overflow when processing P2P group information CVE-2021-0326 1:2.9-4 - enable WPA-EAP-SUITE-B-192 rh 1916394 1:2.9-3 - fix p2plisten unexpectedly stopped after 5 seconds rh 1693684 - allow changing...
rust-toolset:ol8 security, bug fix, and enhancement update
rust 1.49.0-1 - Update to 1.49.0. 1.48.0-1 - Update to 1.48.0. rust-toolset 1.49.0-1 - Update to Rust and Cargo 1.49.0. 1.48.0-1 - Update to Rust and Cargo 1.48.0...
Unbreakable Enterprise kernel security update
4.1.12-124.47.3 - sysctl: handle overflow in procgetlong Christian Brauner Orabug: 31588015 4.1.12-124.47.2 - mwifiex: Fix possible buffer overflows in mwifiexcmdappendvsietlv Qing Xu Orabug: 31350932 CVE-2020-12653 - lockd: don't use interval-based rebinding over TCP Calum Mackay Orabug: 3143570...
glibc security, bug fix, and enhancement update
2.28-127.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...
tcpdump security, bug fix, and enhancement update
14:4.9.3-1 - Resolves: 1804063 - Rebase tcpdump to 4.9.3 to fix multiple CVEs...
firefox security and bug fix update
78.3.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.3.0 - Update to 78.3.0 build1 78.2.0-3 - Update to 78.2.0 build1...
nodejs:12 security update
nodejs 12.18.2-1 - Rebase to 12.18.2 1:12.18.1-1 - Rebase - Spec clean up - Provide i18n package, bundle icu - Resolves: RHBZ1845310, RHBZ1845691 1:12.18.0-1 - Security update to 12.18.0 - Resolves: RHBZ1845310, RHBZ1845691 1:12.16.1-2 - Fix CVE-2020-10531 1:12.16.1-1 - Resolves: RHBZ1800395,...
kernel security and bug fix update
3.10.0-1127.13.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1127.13.1 - x86 x86/speculation: Support old struct x86cpuid & x86matchcpu...
tomcat6 security update
0:6.0.24-115 - Resolves: CVE-2020-9484 tomcat6: tomcat: Apache Tomcat Remote Code Execution via session persistence...
python27:2.7 security, bug fix, and enhancement update
...
libxml2 security update
2.9.1-6.0.1.4 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-6.4 - Fix CVE-2015-8035 1595697 - Fix CVE-2018-14404 1602817 - Fix CVE-2017-15412 1729857 - Fix CVE-2016-5131 1714050 - Fix CVE-2017-18258 1579211 - Fix CVE-2018-1456 1622715...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.40.1 - USB: check usbgetextradescriptor for proper size Mathias Payer Orabug: 30045797 CVE-2018-20169 - scsi: sg: fixup infoleak when using SGGETREQUESTTABLE Hannes Reinecke Orabug: 30393902 CVE-2017-14991 - usb: misc: legousbtower: Fix NULL pointer deference Greg...
Unbreakable Enterprise kernel security update
4.1.12-124.32.3.2 - x86/tsx: Add config options to set tsx=on|off|auto Michal Hocko Orabug: 30419233 CVE-2019-11135 - x86/speculation/taa: Add documentation for TSX Async Abort Pawan Gupta Orabug: 30419233 CVE-2019-11135 - x86/tsx: Add 'auto' option to the tsx= cmdline parameter Pawan Gupta Orabu...
firefox security update
60.9.0-1.0.1 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.9.0-1 - Update to 60.9.0 ESR...
icedtea-web security update
1.7.2-16 - added patch1, patch4 and patch11 to fix CVE-2019-10182 - added patch2 to fix CVE-2019-10181 - added patch3 and patch33 to fix CVE-2019-10185 - Resolves: rhbz1724958 - Resolves: rhbz1725928 - Resolves: rhbz1724989...
java-1.8.0-openjdk security update
1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz1724452 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz1724452 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust...
libssh2 security update
1.4.3-12.0.1.el76.2 - Orabug: 29909723 Added patch CVE-2019-3862 added length checks to prevent out-of-bounds reads and writes in libssh2packetaddCVE-2019-3862...
mod_auth_mellon security and bug fix update
0.14.0-2.4 - Actually apply the patch in the previous build - Resolves: rhbz1697488 - CVE-2019-3877 modauthmellon: open redirect in logout url when using URLs with backslashes 0.14.0-2.3 - Resolves: rhbz1697488 - CVE-2019-3877 modauthmellon: open redirect in logout url when using URLs with...
freerdp security update
1.0.2-15.1 - Fix CVE-2018-8786 1684152 - Fix CVE-2018-8787 1684156 - Fix CVE-2018-8788 1684163...
ghostscript security and bug fix update
9.07-31.el76.9 - Related: 1667442 - CVE-2019-6116 - added missing parts of patch 9.07-31.el76.8 - Resolves: 1667442 - CVE-2019-6116 ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators 9.07-31.el76.7 - Resolves: 1665919 pdf2ps reports an error when reading from std...
java-1.7.0-openjdk security update
1:1.7.0.181-2.6.14.8.0.1 - Update DISTRONAME in specfile 1:1.7.0.181-2.6.14.8 - added and applied 1566890embargoed20180521.patch - Resolves: rhbz1578550...
ruby security update
2.0.0.648-33 - Fix always passing WEBrick test. 2.0.0.648-32 - Add Psych.safeload ruby-2.1.0-there-should-be-only-one-exception.patch ruby-2.1.0-Adding-Psych.safeload.patch Related: CVE-2017-0903 - Disable Tokyo TZ tests broken by recen tzdata update. ruby-2.5.0-Disable-Tokyo-TZ-tests.patch...
microcode_ctl security update
2.1-22.2 - Update Intel CPU microde for 06-3f-02, 06-4f-01, and 06-55-04 - Resolves: 1527358 2.1-22.1 - Update to upstream 2.1-13. Intel CPU microcode update to 20170707. - Resolves: 1474844...
bash security and bug fix update
4.2.46-28 - CVE-2016-9401 - Fix crash when '-' is passed as second sign to popd Resolves: 1429838 4.2.46-27 - CVE-2016-7543: Fix for arbitrary code execution via SHELLOPTS+PS4 variables Resolves: 1426026 4.2.46-26 - CVE-2016-0634: Fix for arbitrary code execution via malicious hostname Resolves:...
glibc security update
2.17-157.4 - Avoid large allocas in the dynamic linker 1452720 2.17-157.2 - Fix use of uninitialized data in getaddrinfo with nscd 1436312 2.17-157.1 - Do not set initgroups in default nsswitch.conf 1388638 - nssdb: Request larger buffers for long group entries 1388637 - nssdb: Fix getent crash...
samba3x security update
3.6.23-13.0.2 - Fix CVE-2017-7494...
ghostscript security update
8.70-23.el69.2 - Security fix for CVE-2017-8291 updated to address SIGSEGV 8.70-23.el69.1 - Added security fix for CVE-2017-8291 bug 1446063...
qemu-kvm security update
1.5.3-126.el73.6 - kvm-fix-cirrusvga-fix-OOB-read-case-qemu-Segmentation-f.patch bz1430059 - kvm-cirrus-vnc-zap-bitblit-support-from-console-code.patch bz1430059 - kvm-cirrus-add-option-to-disable-blitter.patch bz1430059 - kvm-cirrus-fix-cirrusinvalidateregion.patch bz1430059 -...
gnutls security, bug fix, and enhancement update
2.12.23-21 - Upgraded to 2.12.23 to incorporate multiple TLS 1.2 fixes 1326389, 1326073, 1323215, 1320982, 1328205, 1321112 - Modified gnutls-serv to accept --sni-hostname 1333521 - Modified gnutls-serv to always reply with an alert message 1327656 - Removed support for DSA2 as it causes...
kvm security update
83-276.0.1.el511 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch 83-275.el511 - kvm-virtio-error-out-if-guest-exceeds-virtqueue-size.patch bz1359723 - Resolves: bz1359723 CVE-2016-5403 kvm: Qemu: virtio: unbounded memory allocation on host via...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.7.1 - megaraidsas : Update threshold based reply post host index register [email protected] Orabug: 23562756 - xen/events: Don't move disabled irqs Ross Lagerwall Orabug: 23055234 - xen/events: Mask a moving irq Boris Ostrovsky Orabug: 23055234 - xen/pciback: Save t...
nss, nspr, nss-softokn, and nss-util security, bug fix, and enhancement update
nspr 4.11.0-1 - Rebase to NSPR 4.11 nss 3.21.0-9.0.1 - Added nss-vendor.patch to change vendor 3.21.0-9 - Rebuild to require the latest nss-util build and nss-softokn build. 3.21.0-8 - Update the minimum nss-softokn build required at runtime. 3.21.0-7 - Delete duplicates from one table 3.21.0-6 -...
thunderbird security update
38.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 38.7.0-1 - Update to 38.7.0...
nss security update
3.19.1-4 - Actually apply the fix for CVE-2016-1950 from NSS 3.19.2.3 ... 3.19.1-3 - Include the fix for CVE-2016-1950 from NSS 3.19.2.3...
kernel security update
kernel 2.6.18-408.0.0.0.1 - netfront fix ring buffer index go back led vif stop orabug 18272251 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add...
kernel security update
kernel 2.6.18-408 - net udp: fix behavior of wrong checksums Denys Vlasenko 1240757 CVE-2015-5364 CVE-2015-5366 - net ipv6/udp: Use correct var to determine non-blocking cond Denys Vlasenko 1240757 CVE-2015-5364 CVE-2015-5366 - net SNMP: Restore Udp6InErrors incrementation Denys Vlasenko 1240757...
java-1.6.0-openjdk security update
1:1.6.0.35-1.13.7.1 - Repackaged source files - Resolves: rhbz1209067 1:1.6.0.35-1.13.7.0 - Update to IcedTea 1.13.7 - Regenerate add-final-location-rpaths patch so as to be less disruptive. - Resolves: rhbz1209067...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-68.1.2 - IB/core: Prevent integer overflow in ibumemget address arithmetic Shachar Raindel Orabug: 20799875 CVE-2014-8159 CVE-2014-8159 3.8.13-68.1.1 - xen-pciback: limit guest control of command register Jan Beulich Orabug: 20697017 CVE-2015-2150 CVE-2015-2150 - net: sctp: fix...
samba security update
3.6.23-14.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 18253258 3.6.23-14 - related: 1191338 - Update patchset for CVE-2015-0240. 3.6.23-13 - resolves: 1191338 - CVE-2015-0240: RCE in netlogon...
firefox security and bug fix update
31.4.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 31.4.0-1 - Update to 31.4.0 ESR 31.3.0-9 - Fixed problems with dictionaries mozbz1097550 - Fixed rhbz1164855 - firefox.desktop is missing x-scheme-handler MimeTy...
Unbreakable Enterprise kernel security update
2.6.39-400.215.14 - HID: magicmouse: sanity check report size in rawevent callback Jiri Kosina Orabug: 19849355 CVE-2014-3181 - ALSA: control: Protect user controls against concurrent access Lars-Peter Clausen Orabug: 20192542 CVE-2014-4652 - target/rd: Refactor rdbuilddevicespace +...
Unbreakable Enterprise kernel Security update
kernel-uek 2.6.32-400.36.9uek - ALSA: control: Don't access controls outside of protected regions Lars-Peter Clausen Orabug: 19817787 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 - ALSA: control: Fix replacing user controls Lars-Peter Clausen Orabug: 19817749 CVE-2014-4653 CVE-2014-4654 CVE-2014-465...
glibc security update
2.12-1.132.4 - Remove gconv transliteration loadable modules support CVE-2014-5119, - nlfindlocale: Improve handling of crafted locale names CVE-2014-0475,...