8998 matches found
glibc security update
2.28-225.0.4 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi...
kernel security, bug fix, and enhancement update
4.18.0-477.27.0.18.OL8 - bluetooth: Perform careful capability checks in hcisockioctl CVE-2023-2002 - ipvlan:Fix out-of-bounds caused by unclear skb-cb CVE-2023-3090 - net/sched: clsfw: Fix improper refcount update leads to use-after-free CVE-2023-3776 - netfilter: nftsetpipapo: fix improper...
libcap security update
2.48-5 - Fix integer overflow in libcapstrdup CVE-2023-2603 Resolves: rhbz2210637 - Correctly check pthreadcreate return value to avoid memory leak CVE-2023-2602 Resolves: rhbz2210644...
gcc-toolset-12-binutils security update
2.38-17 - Fix an illegal memory access parsing a corrupt ELF file. 2153220...
postgresql-jdbc security update
42.2.14-2 - Fix CVE-2022-41946...
nodejs:14 security, bug fix, and enhancement update
nodejs 1:14.21.1-2 - Apply upstream fix for CVE-2022-24999 Resolves: CVE-2022-24999 - Record CVEs fixed by current or previous upstream releases Resolves: CVE-2021-44906 1:14.21.1-1 - Rebase to version 14.21.1 Resolves: rhbz2129805 CVE-2022-43548 CVE-2022-3517...
nodejs:16 security, bug fix, and enhancement update
nodejs 1:16.18.1-3 - Update sources of undici WASM blobs Resolves: rhbz2151546 1:16.18.1-2 - Record CVE references already addressed in this or previous upstream versions Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 1:16.18.1-1 - Rebase + CVE fixes - Resolves: 2142806 -...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.314.6.2.el7 - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34883034 CVE-2022-4378 - proc: avoid integer type confusion in getproclong Linus Torvalds Orabug: 34883034 CVE-2022-4378 5.4.17-2136.314.6.1.el7 - RDMA/uverbs: Move IBEVENTDEVICEFATAL ...
grafana-pcp security update
3.2.0-2 - resolve CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header - resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working - resolve CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read -...
kernel security, bug fix, and enhancement update
4.18.0-372.26.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
cri-o security update
1.21.7-2 - Addresses CVE-2022-1708 1.21.7-1 - Added Oracle Specifile Files for cri-o...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.513.2.1.el7 - perf: Fix sysperfeventopen race against self Peter Zijlstra Orabug: 34175592 CVE-2022-1729...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.307.3.1 - Revert 'rds/ib: recover rds connection from stuck tx path' Nagappan Ramasamy Palaniappan Orabug: 34124233 5.4.17-2136.307.3 - kvm: debugfs: fix memory leak in kvmcreatevmdebugfs Pavel Skripkin Orabug: 33099019 - KVM: debugfs: Reuse binary stats descriptors Jing Zhang Orabug:...
samba security update
4.14.5-7 - related: rhbz2021171 - Fix CVE-2020-25717 - Fix running ktest selftest 4.14.5-6 - related: rhbz2021171 - Fix CVE-2020-25717 - Add missing checks for IPA DC server role...
curl security and bug fix update
7.61.1-22 - fix STARTTLS protocol injection via MITM CVE-2021-22947 - fix protocol downgrade required TLS bypass CVE-2021-22946 7.61.1-21 - fix TELNET stack contents disclosure again CVE-2021-22925 - fix TELNET stack contents disclosure CVE-2021-22898 - fix bad connection reuse due to flawed path...
unbound security, bug fix, and enhancement update
1.7.3-15 - Fix SPEC file to not check md5 mtime and size of /var/lib/unbound/root.key - Resolves: rhbz1714175 - Use system-wide crypto policy setting PROFILE=SYSTEM instead of custom setting - Resolves: rhbz1842837 - Enable additional logging in unbound - Resolves: rhbz1850460 - security hardenin...
wpa_supplicant security, bug fix, and enhancement update
1:2.9-5 - P2P: Fix a corner case in peer addition based on PD Request CVE-2021-27803 - Fix buffer overflow when processing P2P group information CVE-2021-0326 1:2.9-4 - enable WPA-EAP-SUITE-B-192 rh 1916394 1:2.9-3 - fix p2plisten unexpectedly stopped after 5 seconds rh 1693684 - allow changing...
python3 security update
3.6.8-31.0.3 - Fix buffer overflow in PyCArgrepr Orabug: 32551171CVE-2021-3177...
thunderbird security update
78.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.7.0-1 - Update to 78.7.0...
firefox security update
78.6.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.6.0-1 - Update to 78.6.0 build1...
gd security update
2.0.35-27 - Fix CVE-2016-5766 - Resolves: 1356813 - Upstream patch: https://github.com/libgd/libgd/commit/aba3db8...
xorg-x11-server security update
1.20.4-15 - CVE fix for: CVE-2020-25712 1904937, CVE-2020-14360 1904934 1.20.4-14 - CVE fix for: CVE-2020-14347 1862319...
net-snmp security update
1:5.7.2-49.1 - fix CVE-2020-15862 1875496...
python-pip security update
9.0.3-18 - Patch for pip install allow directory traversal, leading to arbitrary file write Resolves: rhbz1868016 9.0.3-17 - Remove unused CA bundle from the bundled requests library Resolves: rhbz1775200...
thunderbird security update
78.3.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.3.1-1 - Update to 78.3.1 build1 78.3.0-3 - Update to 78.3.0 build1 - Remove librdp.so as long as we cannot ship it in RHEL 78.2.1-1 - Update to 78.2.1 build1...
qemu-kvm security, bug fix, and enhancement update
1.5.3-175.el7 - kvm-vnc-fix-memory-leak-when-vnc-disconnect.patch bz1810408 - Resolves: bz1810408 CVE-2019-20382 qemu-kvm: QEMU: vnc: memory leakage upon disconnect rhel-7 1.5.3-174.el7 - kvm-util-add-slirpfmt-helpers2.patch bz1800515 - kvm-tcpemu-fix-unsafe-snprintf-usages2.patch bz1800515 -...
libvirt security and bug fix update
4.5.0-36 - virDevMapperGetTargetsImpl: Be tolerant to kernels without DM support rhbz1823976 - virDevMapperGetTargetsImpl: quit early if device is not a devmapper target rhbz1823976 4.5.0-35 - qemu: dont take agent and monitor job for shutdown CVE-2019-20485 - qemu: dont hold a monitor and agent...
librepo security update
1.11.0-3 - Validate paths read from repomd.xml RhBug:1866498...
nss and nspr security, bug fix, and enhancement update
nspr 4.25.0-2 - Rebuild 4.25.0-1 - Update to NSPR 4.25 nss 3.53.1-11 - Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases default in RHEL8 3.53.1-10 - Disable dh timing test because it's unreliable on s390 3.53.1-9 - Explicitly enable...
thunderbird security update
68.3.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.3.0-3 - Update to 68.3.0 build2...
firefox security update
68.4.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one Wed Jan 08 2020 Jan Horak - Update to 68.4.1esr build1 Fri Jan 03 2020 Jan Horak - Update to 68.4.0esr build1 Wed Dec 18 2019 Jan Horak - Fix for wrong intl.acceptlang when using non...
firefox security update
68.8.0-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one Wed Apr 29 2020 Jan Horak - Update to 68.8.0 build1 68.7.0-3 - Added fix for rhbz1821418 68.7.0-2 - Update to 68.7.0 build3 68.6.1-1 - Update to 68.6.1 ESR Wed Mar 04 2020 Jan Horak -...
kernel security, bug fix, and enhancement update
4.18.0-193.el8.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-193.el8 - kvm KVM: PPC: Book3S HV: Use gfntopfnmemslot in HPT page fau...
qemu-kvm security and bug fix update
0.12.1.2-2.506.el610.7 - kvm-slirp-disable-tcpemu.patch bz1791680 - kvm-slirp-add-slirpfmt-helpers.patch bz1798966 - kvm-tcpemu-fix-unsafe-snprintf-usages.patch bz1798966 - Resolves: bz1791680 QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. rhel-6 - Resolves: bz1798966...
ipmitool security update
0:1.8.18-9 - Disable -fstrict-aliasing RPMDiff issue 0:1.8.18-8 - Backport fix for CVE-2020-5208...
libvncserver security update
0.9.9-14 - Fix CVE-2019-15690 an integer overflow in HandleCursorShape in a client bug 1814339...
httpd:2.4 security update
httpd 2.4.37-11.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-11 - Resolves: 1695431 - CVE-2019-0211 httpd: privilege escalation from modules scripts - Resolves: 1696090 - CVE-2019-0215 httpd:2.4/httpd: modssl:...
virt:rhel security update
4.5.0-23.2.0.1.el8 - added librbd1 as dependency Keshav Sharma 4.5.0-23.2.el8 - admin: reject clients unless their UID matches the current UID CVE-2019-10132 - locking: restrict sockets to mode 0600 CVE-2019-10132 - logging: restrict sockets to mode 0600 CVE-2019-10132 4.5.0-23.1.el8 - cpux86: Do...
tomcat security update
0:7.0.76-9 - Resolves: rhbz1641873 CVE-2018-11784 tomcat: Open redirect in default servlet...
thunderbird security update
60.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.4.0-1 - Update to 60.4.0...
nss security update
3.36.0-7 - Backport upstream fix for CVE-2018-12384 - Remove nss-lockcert-api-change.patch, which turned out to be a mistake the symbol was not exported from libnss 3.36.0-6 - Exercise SSL tests which only run under non-FIPS setting...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.21.4 - x86/fpu: Make eager FPU default Mihai Carabas Orabug: 28156176 CVE-2018-3665 3.8.13-118.21.3 - KVM: Fix stack-out-of-bounds read in writemmio Wanpeng Li Orabug: 27951287 CVE-2017-17741 CVE-2017-17741 - xfs: set format back to extents if xfsbmapextentstobtree Eric...
libvirt security update
3.9.0-14.el75.5 - cpu: define the 'ssbd' CPUID feature bit CVE-2018-3639...
java-1.8.0-openjdk security update
1:1.8.0.171-8.b10 - added and applied 1566890embargoed20180521.patch - Resolves: rhbz1578555...
dhcp security update
12:4.2.5-68.0.1.1 - Direct users to Oracle Linux support site. 12:4.2.5-68.1 - Resolves: 1570898 - Fix CVE-2018-1111: Do not parse backslash as escape character...
thunderbird security update
52.4.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.4.0-2 - Update to 52.4.0 b2...
ghostscript security and bug fix update
9.07-28 - Security fix for CVE-2017-8291 updated to address SIGSEGV 9.07-27 - Added security fix for CVE-2017-8291 bug 1446063 9.07-26 - Updated requirements for lcms2 to avoid possible issues in the future 9.07-25 - Added security fix for CVE-2017-7207 bug 1434353 - Added explicit requirement fo...
samba4 security and bug fix update
4.2.10-9 - resolves: 1405358 - CVE-2016-2125 CVE-2016-2126 4.2.10-8 - Synchronize patches for Samba 4.2.10 with RHEL 7.2.z - Resolves: 1383685 - Update samba4 to be on par with RHEL 7.2.z...
httpd security update
2.2.3-92.0.1 - Add the ability to read DH parameters from the first SSLCertificateFile John Haxby orabug 21671194 - fix modssl always performing full renegotiation Joe Jin orabug 12423387 - replace index.html with Oracle's index page oracleindex.html - update vstring and distro in specfile 2.2.3-...
firefox security update
38.6.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 38.6.1-1 - Update to 38.6.1 ESR...