8998 matches found
openssl098e security update
0.9.8e-29.2 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability...
unbreakable enterprise kernel security update
2.6.39-400.215.3 - SELinux: Fix kernel BUG on empty security contexts. Stephen Smalley Orabug: 19028380 CVE-2014-1874 - floppy: don't write kernel-only members to FDRAWCMD ioctl output Matthew Daley Orabug: 19028444 CVE-2014-1738 - floppy: ignore kernel-only members in FDRAWCMD ioctl input Matthe...
struts security update
1.2.9-4jpp.7 - Resolves: rhbz1092457 - CVE-2014-0114: Fixed ClassLoader manipulation vulnerability - Added dist tag to release...
mysql55-mysql security update
5.5.36-2 - Fix CVE-2014-0001 Related: 1055875 5.5.36-1 - Update to MySQL 5.5.36, for various fixes described at http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-36.html Including fixes for CVE-2014-0412, CVE-2014-0437, CVE-2013-5908, CVE-2013-5807, CVE-2014-0420, CVE-2014-0393,...
java-1.6.0-openjdk security update
1:1.6.0.0-1.68.1.11.14 - updated to icedtea6-1.11.14.tar.gz - added and applied 1.11.14-fixes.patch, patch10 to fix build issues - adapted patch8 java-1.6.0-openjdk-timezone-id.patch - Resolves: rhbz1017618 1:1.6.0.1-1.67.1.13.0 - reverted previous update - Resolves: rhbz1017618...
unbreakable enterprise kernel security update
2.6.39-400.109.6 - block: do not pass disk names as format strings Kees Cook Orabug: 17230083 CVE-2013-2851 - libceph: Fix NULL pointer dereference in auth client code Tyler Hicks Orabug: 17230108 CVE-2013-1059 - ipv6: ip6skdstcheck must not assume ipv6 dst Eric Dumazet Orabug: 17371078...
kernel security and bug fix update
kernel 2.6.18-348.16.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
httpd security update
2.2.15-29.0.1.el64 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-29 - moddav: add security fix for CVE-2013-1896 991368...
kvm security update
kvm-83-262.0.1.el59.3 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83-262.el53 - kvm-kernel-kvm-accept-unaligned-MSRKVMSYSTEMTIME-writes.patch bz947363 - Resolves: bz947363 RHEL.5.8.32 guest hang when installing kvm-83-262.el52 -...
1
kernel 2.6.18-348.1.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
1
kernel: 2.6.18-308.8.2.0.1.el5 - net bonding: fix carrier detect when bond is down orabug 12377284 - mm fix hugetlb page leak Dave McCracken orabug 12375075 - fix ia64 build error due to add-support-above-32-vcpus.patchZhenzhong Duan - x86 use dynamic vcpuinfo remap to support more than 32 vcpus...
openssl security update
openssl: 1.0.0-20.4 - fix for CVE-2012-2110 - memory corruption in asn1d2ireadbio 814185 openssl098e: 0.9.8e-17.el62.2 - Updated the description 0.9.8e-17.2 - fix for CVE-2012-2110 - memory corruption in asn1d2ireadbio 814185...
java-1.6.0-openjdk security update
1:1.6.0.0-1.43.1.10.6 - Updated to IcedTea6 1.10.6 - Resolves: rhbz787144 - Security fixes - S7082299: Fix in AtomicReferenceArray - S7088367: Fix issues in java sound - S7110683: Issues with some KeyboardFocusManager method - S7110687: Issues with TimeZone class - S7110700: Enhance exception...
qt security update
4.6.2-20 - Resolves: rhbz737813 fix multiple flaws in Qt CVE-2011-3193, CVE-2011-3194 4.6.2-19 - Resolves: rhbz679759, missing executable bit in qt-examples binaries - Resolves: rhbz716694, move macros.qt4 to -devel - Resolves: rhbz680088, rpmdiff failure 4.6.2-18 - Resolves: rhbz562132, Malayala...
libvpx security update
0.9.0-8 - Fix CVE-2010-4203 Resolves: rhbz652440 0.9.0-7 - Import 0.9.0-6 package from Fedora - Add patch porting yasm syntax to gas Related: rhbz603113...
tetex security update
3.0-33.8.el5.5 - unify patches for CVE-2010-0739 and CVE-2010-1440 3.0-33.8.el5.4 - fix CVE-2010-1440 586819 3.0-33.8.el5.3 - initialize data in arithmetic coder elsewhere CVE-2009-0146 3.0-33.8.el5.2 - initialize dataLen to properly fix CVE-2009-0146 3.0-33.8.el5.1 - fix CVE-2010-0739...
seamonkey security update
1.0.9-48.0.1.el48 - Added mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and removed corresponding Redhat ones 1.0.9-48.el4 - More 1.9.0.14 fixes 1.0.9-47.el4 - Added fixes from 1.9.0.14 1.0.9-46.el4 - Added fixes from 1.9.0.13...
thunderbird security update
1.5.0.12-23.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js - Replaced clean.gif in tarball 1.5.0.12-23 - Added fix for mozbz495057 1.5.0.12-22 - Added build fix 1.5.0.12-21 - Update patchset to fix regression as per 1.9.0.11...
cups security update
1:1.3.7-8:.4 - Applied additional patches by Tim Waugh for batch3892.pdf, batch4781.pdf, batch5486.pdf, batch19856.pdf, batch19869.pdf testing files from CERT bug 491864. - Resolves: rhbz492386. 1:1.3.7-8:.3 - Applied patches to fix CVE-2009-0163 bug 490596, CVE-2009-0146 bug 490612, CVE-2009-014...
seamonkey security update
devhelp: 0.10-0.10.el4 - Rebuild against newer gecko seamonkey: 1.0.9-26.0.1.el4 - Added mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html. - Removed corresponding ones of Red Hat. 1.0.9-26.el4 - Add missing patches from 1.8.1.17 1.0.9-25.el4 - Add patches for backported...
Important: kernel security and bug fix update
2.6.18-53.1.14.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki orabug 6045759 - NET Fix msi issue with kexec/kdump Michael Chan orabug 6219364 - MM Fix allocpagesnode static nid' race made kernel crash Joe Jin orabug 6187457 - splice Fix bad unlockpage in error case Jens Axboe...
Important: cups security and bug fix update
1.2.4-11.14.el51.1 - Applied patch to fix CVE-2007-4351 STR 2561, bug 353981. 1.2.4-11.14 - Applied patch to fix cupsd crash when failing to open a file: URI STR 2351, bug 250415. 1.2.4-11.13 - Moved LSPP security attributes check before job creation bug 231522. 1.2.4-11.12 - Moved LSPP access...
Moderate: httpd security update
2.2.3-7.el5.0.1 - Marks removal + index page cleanup 2.2.3-7.el5 - add security fixes for CVE-2007-1863, CVE-2007-3304, and CVE-2006-5752 244665...
Important: krb5 security update
1.3.4-49 - add patch to fix buffer overflow in kadmind 239073, CVE-2007-2798 1.3.4-48 - add patch to fix buffer overflow and double-free in rpc library 239073, CVE-2007-2442/CVE-2007-2443...
Moderate: mutt security update
5:1.4.1-12.0.3.el4 - fix overflow in gecos field handling 240176, CVE-2007-2683 5:1.4.1-12.0.2.el4 - buildrequire aspell 5:1.4.1-12.0.1.el4 - validate msgid in APOP authentication 241201, CVE-2007-1558 - fix insecure temp file creation on NFS 211085, CVE-2006-5297...
.NET 8.0 security update
8.0.116-1.0.1 - Add support for Oracle Linux 8.0.116-1 - Update to .NET SDK 8.0.116 and Runtime 8.0.16 - Resolves: RHEL-89446...
libxslt security update
1.1.28-6.0.3 - Fix CVE-2024-55549 issue due to memory leak Orabug: 37795485 - Fix CVE-2025-24855 issue due to use after free...
iperf3 security update
3.1.7-3.0.1 - Fixes Improper JSON Handling CVE-2024-53580 Orabug: 37495333...
Unbreakable Enterprise kernel security update
5.4.17-2136.338.4.1 - Revert 'ocfs2: fix the la space leak when unmounting an ocfs2 volume' Sherry Yang Orabug: 37383196 5.4.17-2136.338.4 - devlink: fix possible use-after-free and memory leaks in devlinkinit Vasiliy Kovalev Orabug: 37284641 CVE-2024-26734 - mm: avoid leaving partial pfn mapping...
Unbreakable Enterprise kernel security update
5.4.17-2136.334.6 - loop: Fix a race between loop detach and loop open Gulam Mohamed Orabug: 36197800 - x86/bhi: Do not enable unnecessary BHI mitigation in OCI and Exadata VMs Alexandre Chartre Orabug: 36672495 - x86/bhi: Avoid warning in DB handler due to BHI mitigation Alexandre Chartre Orabug...
libxml2 security update
2.9.13-6 - Fix CVE-2024-25062 RHEL-29196...
Unbreakable Enterprise kernel security update
4.14.35-2047.534.3.1 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36251145 CVE-2024-1086...
dnsmasq security update
2.85-14.1 - Fix CVE 2023-50387 and CVE 2023-50868 - Resolves: RHEL-25674 - Resolves: RHEL-25638...
openssh security update
8.7p1-34.3 - Fix Terrapin attack CVE-2023-48795 Resolves: RHEL-19764 - Forbid shell metasymbols in username/hostname CVE-2023-51385 Resolves: RHEL-19822...
kernel security update
4.18.0-513.18.0.2.el89 - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: schhfsc: upgrade 'rt' to 'sc' when it becomes a inner curve CVE-2023-4623 - x86/sev: Check for user-space IOIO pointing to kernel space CVE-2023-46813 - x86/sev: Check IOBM for IOIO...
openssl security update
1:1.1.1k-12 - Backport implicit rejection mechanism for RSA PKCS1 v1.5 to RHEL-8 series a proper fix for CVE-2020-25659 Resolves: RHEL-17696 1:1.1.1k-11 - Fix CVE-2023-5678: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow Resolve...
gstreamer1-plugins-bad-free security update
1.10.4-4 - Patch CVE-2023-44446: MXF demuxer use-after-free - Disable gtk-doc to fix build - Resolves: RHEL-16793...
edk2 security update
20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
python3.11-pip security update
22.3.1-4 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2218247 22.3.1-3 - Fix changelog to contain Fedora contributors Resolves: RHEL-232...
containernetworking-plugins security and bug fix update
1:1.3.0-4 - add Epoch in Provides - Related: 2176063 1:1.3.0-3 - remove noopenssl for FIPS compliance - Related: 2176063 1:1.3.0-2 - rebuild for following CVEs: CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400 -...
postgresql-jdbc security update
42.2.14-2 - Fix CVE-2022-41946...
libtpms security update
0.9.1-3.20211126git1ff6fe1f43 - Backport 'tpm2: Check size of buffer before accessing it' CVE-2023-1017 & CVE-2023-1018 Resolves: rhbz2173960 Resolves: rhbz2173967...
Unbreakable Enterprise kernel security update
5.4.17-2136.316.7 - runtime revert of virtionet: Stripe queue affinities across cores. Konrad Rzeszutek Wilk Orabug: 35001045 5.4.17-2136.316.6 - block: Change the granularity of io ticks from ms to ns Gulam Mohamed Orabug: 34780807 - powercap: intelrapl: support new layout of Psys PowerLimit...
dbus security update
1.12.8-23.0.1 - fix netlink poll: error 4 Zhenzhong Duan 1:1.12.8-23.1 - Fix CVE-2022-42010 2133644 - Fix CVE-2022-42011 2133638 - Fix CVE-2022-42012 2133632...
Unbreakable Enterprise kernel security update
5.15.0-5.76.5.1 - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34883037 CVE-2022-4378 - proc: avoid integer type confusion in getproclong Linus Torvalds Orabug: 34883037 CVE-2022-4378 5.15.0-5.76.5 - KVM: x86: Use SRCU to protect zap in...
sqlite security update
3.26.0-16 - Fixed CVE-2020-35527 - Fixed CVE-2020-35525...
libksba security update
1.3.5-8 - Fix for CVE-2022-3515 2135702...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.517.3.el7 - KVM: x86: use raw clock values consistently Paolo Bonzini Orabug: 34575637 - KVM: x86: reorganize pvclockgtoddata members Paolo Bonzini Orabug: 34575637 - KVM: x86: switch KVMCLOCK base to monotonic raw clock Marcelo Tosatti Orabug: 34575637 4.14.35-2047.517.2.el7 - kernf...
open-vm-tools security update
11.0.5-3.0.1 - fix spaces in vmware udev rule for scsi devices Orabug: 24461968 - Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. Orabug: 22815019 - Increase timeout for scsi devices on VMWare guests by adding a udev rule. - Created a new file 99-vmware-scsi-timeout.rules - Modified sp...
cri-o security update
1.22.5-1 - Addresses CVE-2022-1708...