8987 matches found
openssl security update
1.0.2k-22fips - Change Epoch from 1 to 10 - Fix DH self-test to add shared secret comparison Orabug: 32467026 - Add DH support changes for SP 800-56A rev3 requirements Orabug: 32467059 - Add TLS KDF self-test Orabug: 32467193 - Add EC keys pairwise consistency test Orabug: 32467059 1.0.2k-22 - fi...
kernel security update
4.18.0-553.27.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
ruby:3.3 security update
ruby 3.3.5-3 - Upgrade to Ruby 3.3.5 Resolves: RHEL-55409 - Fix DoS vulnerability in rexml. CVE-2024-39908 CVE-2024-41946 CVE-2024-43398 Resolves: RHEL-57049 Resolves: RHEL-57054 Resolves: RHEL-57069 - Fix REXML DoS when parsing an XML having many specific characters such as whitespace character,...
bubblewrap and flatpak security update
bubblewrap 0.4.1-7 - Add support for --bind-fd and --ro-bind-fd CVE-2024-42472 flatpak 1.12.9-3 - Fix previous changelog entry 1.12.9-2 - Backport upstream patches for CVE-2024-42472 - Require bubblewrap version that has new --bind-fd option backported for addressing CVE-2024-42472...
wget security update
1.21.1-8 - Resolves: RHEL-43226 - Misinterpretation of input may lead to improper behavior...
glibc security and bug fix update
2.17-322.0.2 - merge RH el7 u9 errata patches with Oracle patches Review-exception: Simple merge - merge RH el7 u9 patches with Oracle patches Review-exception: Simple merge - Four patches to match 3rd patch bundle from Marvell - modify MIPS values in elf/elf.h - add sysdeps/aarch64/sys/ifunc.h -...
python-setuptools security update
0.9.8-7.0.1 - Fixes CVE-2024-6345 security issue Orabug: 37054994...
python3-setuptools security update
39.2.0-10.0.3 - Back port fix for CVE-2024-6345 Orabug: 37054771...
kubernetes kubeadm-upgrade kubeadm-ha-setup security update
kubernetes 1.12.7-1.1.2 - OLCNE-257 fix coredns issue and minor upgrade issue 1.12.7-1.1.1 - OLCNE-235 CVE-2019-9946 portmap inserts rules at the front of the iptables nat chains 1.12.7-1.0.1 - Add Oracle Build Files For Version v1.12.7 kubeadm-upgrade 0.0.1-1.0.22 -- Bump up 1.12.7 version for...
openssl security update
1.0.1e-57.0.6 - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737...
orc security update
0.4.31-7 - Add patch for CVE-2024-40897 - Resolves: RHEL-50701...
openssl security update
1.0.2k-16.0.1.el76.1 - Bump release for rebuild. 1.0.2k-16.1 - use SHA-256 in FIPS RSA pairwise key check - fix CVE-2018-5407 - EC signature local timing side-channel key extraction 1.0.2k-16 - fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA - fix incorrect error message on...
openssl and openssl-fips-provider security update
openssl 1:3.2.2-6.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream references Orabug: 34340177 1:3.2.2-6 - rebuilt Related: RHEL-55339 1:3.2.2-5 - Fix CVE-2024-6119: Possible denial of service i...
java-1.8.0-openjdk security update
1.8.0.432.b06-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.432.b06-1 - Update to shenandoah-jdk8u432-b06 GA - Update release notes for shenandoah-8u432-b06. - Drop JDK-8281096,7,8/PR3836 patch following integration of upstream version - Regenerate JDK-8199936/PR3533 patch following...
.NET 8.0 security update
8.0.110-1.0.1 - Add support for Oracle Linux 8.0.110-1 - Update to .NET SDK 8.0.110 and Runtime 8.0.10 - Resolves: RHEL-60794...
bind security update
32:9.11.4-26.0.1.P2.16 - Resolve CVE-2024-1975 - Resolve CVE-2024-1737 - Add ability to change runtime limits for max types and records per name...
openssl security update
1.0.2k-12.0.3 - Oracle bug 28672370: backport CVE-2018-0732 - Oracle bug 28672351: backport CVE-2018-0737...
.NET 6.0 security update
6.0.135-1.0.1 - Add support for Oracle Linux 6.0.135-1 - Update to .NET SDK 6.0.135 and Runtime 6.0.35 - Resolves: RHEL-60792...
dovecot security update
1:2.3.16-11.1 - fix CVE-2024-23184: using a large number of address headers may trigger a denial of service RHEL-55211 - fix CVE-2024-23185: very large headers can cause resource exhaustion when parsing message RHEL-55225...
python security update
2.7.5-93.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-93 - Fix for CVE-2023-24329 Resolves: rhbz2173917...
Unbreakable Enterprise kernel security update
5.4.17-2102.203.5 - rds/ib: move rdsibclearirqmiss to .h file Manjunath Patil Orabug: 33044344 5.4.17-2102.203.4 - rds/ib: recover rds connection from interrupt loss scenario Manjunath Patil Orabug: 32974199 - Revert Allow mce to reset instead of panic on UE William Roche Orabug: 32820275 - bpf:...
php security, bug fix, and enhancement update
8.0.20-3 - snmp3 calls using authPriv or authNoPriv immediately return false 2104630 8.0.20-2 - fix patch41 not applied use system nikic/php-parser when available 8.0.20-1 - rebase to 8.0.20 2095752 - clean unneeded dependency on useradd command 2095447 - add upstream patch to initialize pcre...
container-tools:ol8 security update
aardvark-dns buildah cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp netavark oci-seccomp-bpf-hook podman 4.9.4-13.0.1 - Fixes issue of container created in cgroupv2 not start in cgroupv1 Orabug: 36136813 - Fixes container...
krb5 security update
1.15.1-55.0.1 - Add recursion limit for ASN.1 indefinite lengths Orabug: 32582360 1.15.1-55 - Fix integer overflows in PAC parsing CVE-2022-42898 - Resolves: rhbz2140961...
kernel security and bug fix update
2.6.32-696.13.2.OL6 - Update genkey bug 25599697 2.6.32-696.13.2 - net l2cap: prevent stack overflow on incoming bluetooth packet Neil Horman 1490060 1490062 CVE-2017-1000251 - fs binfmtelf.c:loadelfbinary: return -EINVAL on zero-length mappings Petr Matousek 1492959 1492961 CVE-2017-1000253 - fs...
openssl security update
1.0.1e-48.3 - fix CVE-2016-2177 - possible integer overflow - fix CVE-2016-2178 - non-constant time DSA operations - fix CVE-2016-2179 - further DoS issues in DTLS - fix CVE-2016-2180 - OOB read in TSOBJprintbio - fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue - fix...
python3.12 security update
3.12.5-2 - Security fix for CVE-2024-8088 Resolves: RHEL-55939 3.12.5-1 - Update to 3.12.5 - Security fix for CVE-2024-6923 Resolves: RHEL-53075 3.12.4-3 - Properly propagate the optimization flags to C extensions 3.12.4-2 - Build Python with -O3 -...
openssl security update
3.0.7-28.0.1fips - Replace upstream references in fips man pages Orabug: 35824276 - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35824276 - Update FIPS module name and remove upstream references from fipsmoduleindicators manpage Orabug: 35824276 3.0.7-28.0.1 -...
kernel security and bug fix update
3.10.0-1160.45.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...
python3.9 security update
3.9.18-3.5 - Security fix for CVE-2024-8088 Resolves: RHEL-55968 3.9.18-3.4 - Security fix for CVE-2024-6923 Resolves: RHEL-53044...
git security update
2.43.5-1 - Update to 2.43.5 - Related: RHEL-36399, RHEL-36411 2.43.4-1 - Update to 2.43.4 - Resolves: RHEL-36399, RHEL-36411...
samba security and bug fix update
3.6.23-51.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 18253258 3.6.24-51 - resolves: 1513877 - Fix memory leak in winbind 3.6.24-50 - resolves: 1553018 - Fix CVE-2018-1050 3.6.24-49 - resolves: 1536053 - Fix regression with non-wide symlinks to directories...
httpd security update
2.4.62-1.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.62-1 - new version 2.4.62 - Resolves: RHEL-52724 - Regression introduced by CVE-2024-38474 fix 2.4.59-7 - Resolves: RHEL-49856: htcacheclean.service missing Install section 2.4.59-6 - modssl: restore SSLOPNORENEGOTIA...
java-1.8.0-openjdk security update
1.8.0.422.b05-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.422.b05-1.1 - Update to shenandoah-jdk8u422-b05 GA - Update release notes for shenandoah-8u422-b05. - Rebase PR2462 patch following patched hunk being removed by JDK-8322106 - Switch to GA mode. - Sync the copy of the portab...
expat security update
2.2.5-11.0.1.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-11.1 - CVE-2023-52425 expat: parsing large tokens can trigger a denial of service - Resolves: RHEL-29321...
webkit2gtk3 security update
2.46.1-1 - Update to 2.46.1...
openldap security update
2.4.46-19 - Bump version to 2.4.46-19 - Resolves: RHEL-34283 - openldap: null pointer dereference in bermemallocx function...
linux-firmware security update
20241003-999.35.git95bfe086.el8 - Rebase to latest upstream Orabug: 37132142 - Fix build error in ol7 due to linking in copy-firmware.sh Orabug: 37132515 - Bring back drirectory structure qcom/sc8280xp Orabug: 37132142...
python3.11-setuptools security update
65.5.1-3 - Security fix for CVE-2024-6345 Resolves: RHEL-50484...
virt:ol and virt-devel:rhel security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd 1.6.0-6 - Fix CVE-2024-7383 NBD server improper certificate validation resolves: RHEL-52728 libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-53 - kvm-nbd-server-Favor-qemuaiocontext-over-iohandler-con.patc...
qemu-kvm security update
8.2.0-11.el94.4 - Fixing CVE-2024-4467 - Resolves: RHEL-35610...
python39:3.9 and python39-devel:3.9 security update
modwsgi numpy python39 3.9.20-1 - Update to 3.9.20 Resolves: RHEL-60007 python3x-pip python3x-setuptools python3x-six python-cffi python-chardet python-cryptography python-idna python-lxml python-ply python-psutil python-psycopg2 python-pycparser python-PyMySQL python-pysocks python-requests...
nghttp2 security update
1.43.0-5.2 - fix CONTINUATION frames DoS CVE-2024-28182, CVE-2024-27316...
bind security update
32:9.8.2-0.68.rc1.3 - Use only selected documentation files 32:9.8.2-0.68.rc1.2 - Fix CVE-2018-5743...
kernel:4.18.0 security update
4.18.0-553.30.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
Unbreakable Enterprise kernel security update
5.15.0-302.167.6 - ice: Add a per-VF limit on number of FDIR filters Ahmed Zaki Orabug: 36964088 CVE-2024-42291 - scsi: lpfc: Fix a possible null pointer dereference Huai-Yuan Liu Orabug: 36964437 CVE-2024-43821 - power: reset: pwr-mlxbf: support graceful shutdown Asmaa Mnebhi Orabug: 37208029 -...
libndp security update
1.8-6 - Validate route information option length 1.8-5 - Convert the license tag to SPDX format Related: RHELMISC-1363...
python3.9 security update
3.9.18-3.1 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix tests for XMLPullParser with Expat with fixed CVE Resolves: RHEL-33887, RHEL-34287...
Unbreakable Enterprise kernel security update
2.6.39-400.315.1 - loopback: off by one in tcmloopmakenaatpg Dan Carpenter Orabug: 30254296 CVE-2011-5327 - floppy: fix out-of-bounds read in copybuffer Denis Efremov Orabug: 30318221 CVE-2019-14283...
orc security update
0.4.28-4 - Add patch for CVE-2024-40897 - Resolves: RHEL-50710...