8998 matches found
mysql:8.0 security update
mecab mecab-ipadic mysql 8.0.36-1 - Update to MySQL 8.0.36 8.0.35-2 - Fix int-conversion type error in memcached 8.0.35-1 - Update to MySQL 8.0.35 - Remove patches now upstream 8.0.34-1 - Update to MySQL 8.0.34 - Add patch from upstream bug110569 - Add patch to fix binlog format issue - Use...
container-tools:ol8 security update
aardvark-dns buildah 1:1.31.3-3.0.1 - Rebuild with newer dependencies cockpit-podman conmon containernetworking-plugins 1:1.3.0-8.0.1 - Rebuild with newer dependencies containers-common 2:1-70.0.2 - Rebuild with newer dependencies container-selinux criu crun fuse-overlayfs libslirp netavark...
openssl security update
1:3.0.7-25.0.1 - Replace upstream references Orabug: 34340177 1:3.0.7-25 - Provide relevant diagnostics when FIPS checksum is corrupted Resolves: RHEL-5317 - Don't limit using SHA1 in KDFs in non-FIPS mode. Resolves: RHEL-5295 - Provide empty evpproperties section in main OpenSSL configuration fi...
python3 security update
3.6.8-56.0.1.2 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-56.2 - Security fix for CVE-2022-48560 Resolves: rhbz2249755 - Security fix for CVE-2022-48564 Resolves: rhbz2249750...
nss security update
3.90.0-4 - Fix expired certs in tests - Fix CVE-2023-5388...
Unbreakable Enterprise kernel security update
5.15.0-201.135.6 - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller Johnathan Mantey - netfilter: nftables: split async and sync catchall in two functions Pablo Neira Ayuso - netfilter: nftables: remove catchall element in GC sync path Pablo Neira Ayuso - scsi: mpt3sas: Fix...
skopeo security update
2:1.13.3-1 - update to https://github.com/containers/skopeo/releases/tag/v1.13.3 - Related: 2176063 2:1.13.2-1 - update to https://github.com/containers/skopeo/releases/tag/v1.13.2 - Related: 2176063 2:1.13.1-1 - update to https://github.com/containers/skopeo/releases/tag/v1.13.1 - Related: 21760...
java-11-openjdk security and bug fix update
1:11.0.21.0.9-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 - Update to jdk-11.0.21+9 GA - Update release notes to 11.0.21+9 - OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 - OpenJDK: Additional zip64 files validation 8313765 RHBZ2237170 -...
grafana security update
9.0.9-4 - Resolve CVE-2023-44487 Rapid Reset Attack - Resolve CVE-2023-39325 rapid stream resets can cause excessive work...
nghttp2 security update
1.33.0-5 - fix HTTP/2 Rapid Reset CVE-2023-44487 1.33.0-4 - prevent DoS caused by overly large SETTINGS frames CVE-2020-11080...
kernel security update
4.18.0-477.27.1.el88.OL8 - x86/microcode/intel: Expose collectcpuinfoearly for IFS - x86/cpu: Load microcode during restoreprocessorstate - x86/microcode: Deprecate MICROCODEOLDINTERFACE - x86/microcode: Rip out the OLDINTERFACE - x86/microcode: Default-disable late loading - x86/microcode: Taint...
.NET 6.0 security, bug fix, and enhancement update
6.0.121-1.0.1 - Update to .NET SDK 6.0.121 and Runtime 6.0.21 - Resolves: RHBZ2228567...
iperf3 security update
3.5-7 - Fixes CVE-2023-38403 Resolves: rhbz2223729...
linux-firmware security update
20230516-999.22.git6c9e0ed5.el7 - remove amd-ucode/README Orabug: 35645306 - Resolves 'Zenbleed' Orabug: 35650345 CVE-2023-20593...
linux-firmware security update
20230516-999.20.git6c9e0ed5.el7 - cd72938cb480 linux-firmware: Update AMD fam17h cpu microcode - 92624e57af69 linux-firmware: Update AMD cpu microcode 20230516-999.19.git6c9e0ed5.el7 - Rebase to upstream - Revert removal of old iwlwifi firmwares Orabug: 35260375...
.NET 7.0 security, bug fix, and enhancement update
7.0.107-1.0.1 - Set TargetRid based on os release major version, add OL arm64 RuntimeIdentifier Orabug: 34671152 7.0.107-1 - Update to .NET SDK 7.0.107 and Runtime 7.0.7 - Resolves: RHBZ2211877 7.0.106-1 - Update to .NET SDK 7.0.106 and Runtime 7.0.6 - Resolves: RHBZ2190269...
container-tools:4.0 security and bug fix update
...
php:8.0 security update
php 8.0.27-1 - rebase to 8.0.27...
kernel security and bug fix update
3.10.0-1160.83.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.83.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...
Unbreakable Enterprise kernel security update
4.14.35-2047.521.4 - tcp: Tunables for TCP delayed ack min and max timers Venkat Venkatsubra Orabug: 34883100 4.14.35-2047.521.3 - Revert 'random: use expired timer rather than wq for mixing fast pool' Saeed Mirzamohammadi Orabug: 34918228 4.14.35-2047.521.2 - RDS/IB: Fix the misplaced counter...
protobuf security update
3.14.0-13 - Rebuilt for test fixes 3.14.0-12 - Rebuilt for test fixes 3.14.0-11 - Applied patch for for CVE-2021-22570 2055641...
nodejs:14 security update
nodejs 1:14.20.1-2 - Record issues fixed in the current version Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 Resolves: CVE-2022-0235 1:14.20.1-1 - Rebase to version 14.20.1 Resolves: CVE-2022-35256 nodejs-packaging 23-3 - Updated - Removed pathfix.py 23-2 - Rebuilt for...
expat security update
2.2.5-8.0.1.3 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-8.3 - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674...
mysql security, bug fix, and enhancement update
8.0.30-3 - Release bump for rebuild 8.0.30-1 - Update to MySQL 8.0.30 - Remove patches now upstream: chain certs, OpenSSL 3, s390 and robin hood - Add a new plugin 8.0.29-1 - Update to MySQL 8.0.29...
.NET Core 3.1 security, bug fix, and enhancement update
3.1.422-1.0.1 - Add missing Oracle Linux Runtime IDs 3.1.422-1 - Update to .NET SDK 3.1.422 and Runtime 3.1.28 - Resolves: RHBZ2115351...
java-11-openjdk security, bug fix, and enhancement update
1:11.0.16.0.8-1.0.1 - Replace upstream references Orabug: 34340155 1:11.0.16.0.8-1 - Update to jdk-11.0.16+8 - Update release notes to 11.0.16+8 - Use same tarball naming style as java-17-openjdk and java-latest-openjdk - Drop JDK-8257794 patch now upstreamed - Print release file during build,...
zlib security update
1.2.3-29.0.1 - Fix a bug that can crash deflate when using ZFIXED CVE-2018-25032Orabug: 34161396...
php:8.0 security update
php 8.0.13-3 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626...
xz security update
5.2.4-4 - Fix arbitrary file write vulnerability Resolves: CVE-2022-1271...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.511.5.4.el7 - x86/speculation: Add knob for eibrsretpolineenabled Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Update link to AMD...
ruby:2.5 security update
ruby 2.5.9-109 - Properly fix command injection vulnerability in Rdoc. Related: CVE-2021-31799 2.5.9-108 - Fix command injection vulnerability in RDoc. Resolves: CVE-2021-31799 - Fix StartTLS stripping vulnerability in Net::IMAP Resolves: CVE-2021-32066 - Fix FTP PASV command response can cause...
python-pillow security update
2.0.0-23gitd1c6db8 - Fixup for CVE-2022-22817 - Security fixes for CVE-2022-22815, CVE-2022-22816 Resolves: rhbz2042522 2.0.0-22gitd1c6db8 - Fix for CVE-2022-22817 Resolves: rhbz2042527...
gegl04 security update
0.4.4-6.2 - spec bump because of build pipeline issues 0.4.4-6.1 - Fix CVE-2021-45463 2035423...
lua security update
5.3.4-12 - Fix segfault in getlocal and setlocal 1880445...
openjpeg2 security update
2.4.0-4 - Fix Covscan defect 2.4.0-3 - Fix CVE-2021-3575 1969279 - Fix resource leak identified by Covscan 2.4.0-2 - Fix CVE-2021-29338 1951332 2.4.0-1 - Rebase to 2.4.0 - Resolves: CVE-2018-5727 1538467 - Resolves: CVE-2018-5785 1538556 - Resolves: CVE-2018-20845 1730679 - Resolves: CVE-2018-208...
sqlite security update
3.26.0-15 - Removing fix for CVE-2019-19645 unaffected - Removing fix for CVE-2019-19880 unaffected 3.26.0-14 - Fixed CVE-2019-5827 1710184 - Fixed CVE-2019-13750 1786510 - Fixed CVE-2019-13751 1786522 - Fixed CVE-2019-19603 1792013 - Fixed CVE-2020-13435 1841233...
kernel security, bug fix, and enhancement update
4.18.0-348.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x...
binutils security update
2.30-108.0.2 - Forward-port the following update: 2.30-93.0.4 - Backport fix for fencepost bug in CTF pptrtab usage causing coredumps - Backport test result fixes for new GCC-based CTF generation Orabug: 33344570 - Reviewed-by: David Faust - Reviewed-by: Jose E. Marchesi 2.30-108.0.1 - Forward-po...
olcne security update
olcne 1.3.2-2 - Turn off default PodDisruptionBudget in istio template to unblock kubernetes module upgrade - Update Kubernetes version to 1.20.11 to address CVE-2021-25741 - Update Istio to 1.9.8, 1.10.4 to address CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781 -...
edk2 security update
20200602gitca407c7246bf-4.el84.1 - edk2-MdeModulePkg-LzmaCustomDecompressLib-catch-4GB-uncom.patch bz1952953 - Resolves: bz1952953 edk2: possible heap corruption with LzmaUefiDecompressGetInfo rhel-8 rhel-8.4.0.z...
libxml2 security update
2.9.7-9.0.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.7-9 - Fix CVE-2020-24977 1878252...
systemd security, bug fix, and enhancement update
239-45.0.1 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev rules: fix memory hot add and remove Orabug: 31310273 - fix to enable systemd-pstore.service Orabug: 30951066 - journal: change support URL shown in the catalog entries Orabug: 30853009 - fix to generate...
libvncserver security update
0.9.11-17 - Fix CVE-2020-25708 Resolves: 1898078 0.9.11-16 - Fix CVE-2019-20839 Resolves: 1851032 - Fix CVE-2018-21247 Resolves: 1852516 - Fix CVE-2020-14405 Resolves: 1860527 - Fix CVE-2020-14397 Resolves: 1861152...
gnutls and nettle security update
gnutls 3.6.14-8 - Port fixes for potential miscalculation in ecdsaverify 1942929 nettle 3.4.1-4 - Fix patch application 3.4.1-3 - Port fixes for potential miscalculation in ecdsaverify 1942924...
Unbreakable Enterprise kernel security update
4.1.12-124.48.3.1 - xen-blkback: fix error handling in xenblkbkmap Jan Beulich Orabug: 32492113 CVE-2021-26930 - xen-scsiback: don't 'handle' error by BUG Jan Beulich Orabug: 32492105 CVE-2021-26931 - xen-netback: don't 'handle' error by BUG Jan Beulich Orabug: 32492105 CVE-2021-26931 -...
firefox security update
78.6.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.6.1-1 - Update to 78.6.1 build1...
libexif security update
0.6.22-5 - Fix CVE-2020-0452 - Resolves: 1902593...
Unbreakable Enterprise kernel security update
2.6.39-400.328.1 - crypto: authenc - fix parsing key with misaligned rtalen Eric Biggers Orabug: 31535531 CVE-2020-10769 - crypto: authenc - Export key parsing helper function Mathias Krause Orabug: 31535531 CVE-2020-10769...
gd security update
Fri Mar 27 2020 [email protected] - 2.2.5-7 - Fix CVE-2018-14553 - Potential Null pointer dereference in gdImageClone Resolves: RHBZ1811788 - Fixed heap based buffer overflow in gdcolormatch.c:gdImageColorMatch in libgd as used in imagecolormatch Resolves: RHBZ1678104 CVE-2019-6977 - Fixed...
container-tools:ol8 security, bug fix, and enhancement update
...