9159 matches found
grub2 security update
2.02-0.87.0.21.el79.9 - Add CVE-2022-28736 to the list JIRA: OLDIS-16371 2.02-0.87.0.19.el79.9 - Fix: CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735 JIRA: OLDIS-16371 - Various coverity fixes JIRA: OLDIS-16371 - bump SBAT generation JIRA: OLDIS-16371...
virt:ol and virt-devel:rhel security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-50 - kvm-qcow2-Don-t-open-datafile-with-BDRVONOIO.patch RHEL-35616 - kvm-iotests-244-Don-t-store-data-file-with-protocol-in-i.patch RHEL-35616 -...
container-tools:ol8 security update
aardvark-dns buildah cockpit-podman conmon containernetworking-plugins containers-common 1-82.0.1 - Updated removed references Orabug: 33473101 Alex Burmashev - Adjust registries.conf Nikita Gerasimov - remove references to RedHat registry Nikita Gerasimov container-selinux criu crun fuse-overlay...
Unbreakable Enterprise kernel security update
2.6.39-400.315.1 - loopback: off by one in tcmloopmakenaatpg Dan Carpenter Orabug: 30254296 CVE-2011-5327 - floppy: fix out-of-bounds read in copybuffer Denis Efremov Orabug: 30318221 CVE-2019-14283...
libuv security update
1:1.42.0-2 - Backport fix for CVE-2024-24806 Resolves: RHEL-24791...
bzip2 security update
1.0.6-27.0.1 - CVE-2019-12900: Accept as many selectors as the file format allows Orabug: 37266061 1.0.6-27 - Fixes out of bounds access in BZ2decompress RHEL-64929...
python3 security update
3.9.18-3.3 - Security fix for CVE-2024-4032 Resolves: RHEL-44106 3.9.18-3.2 - Enable importing of hash-based .pyc files under FIPS mode Resolves: RHEL-40767...
Unbreakable Enterprise kernel-container security update
5.4.17-2102.200.13.el7 - bpf, selftests: Fix up some testverifier cases for unprivileged Piotr Krysiuk Orabug: 32656761 CVE-2020-27170 CVE-2020-27171 - bpf: Add sanity check for upper ptrlimit Piotr Krysiuk Orabug: 32656761 CVE-2020-27170 CVE-2020-27171 - bpf: Simplify alulimit masking for pointe...
microcode_ctl security update
20240910-1.0.1 - switch upstream to 9 Stream sources for simplicity - don't bother calling dracut if virtualized Orabug: 35710094 - ensure UEK also rebuilds initramfs Orabug: 34280058 - add support for UEK7 kernels - enable early update for 06-4f-01 - remove no longer appropriate caveats for...
openssh security update
8.7p1-38.0.2.4 - Possible remote code execution due to a race condition CVE-2024-6409 Resolves: RHEL-45741...
pam security update
1.3.1-36.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36272695 1.3.1-36 - pamaccess: rework resolving of tokens as hostname. Resolves: CVE-2024-10963 and RHEL-66242 1.3.1-35 - pamunix: always run the helper to obtain shadow password file entries. CVE-2024-10041. Resolves:...
haproxy security update
1.8.27-5.1 - Reject '' as part of URI path component CVE-2023-45539, RHEL-18168...
kernel security update
5.14.0-503.11.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
xmlrpc-c security update
1.51.0-10 - Prevent integer overflow or wraparound, CVE-2024-4549 RHEL-57519...
krb5 security update
1.18.2-30.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.18.2-30 - libkrad: implement support for Message-Authenticator CVE-2024-3596 Resolves: RHEL-50253 - Remove RSA protocol for PKINIT Resolves: RHEL-17616...
container-tools:ol8 security, bug fix, and enhancement update
buildah 1.11.6-4.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-4 - compile in FIPS mode - Related: RHELPLAN-25138 1.11.6-3 - be sure to use golang = 1.12.12-4 - Related: RHELPLAN-25138 1.11.6-2 - fix chroot: unmount with MNTDETACH instead of UnmountMountpoints - bug...
kubernetes security update
1.11.3-2.5.2 - OLCNE-235 CVE-2019-9946 portmap inserts rules at the front of the iptables nat chains 1.11.3-2.4.2 - CVE-2019-1002101 kubectl fix potential directory traversal 1.11.3-2.3.2 - CVE-2019-1002100 Limit the number of operations in a single json patch to be 10,000...
postfix security update
2:3.5.25-1 - New version Resolves: RHEL-20023 - Dropped upstreamed patches...
xmlrpc-c security and bug fix update
1.51.0-9 - Address segfault found in CVE-2023-52425 RHEL-24226...
bind and dhcp security update
bind 32:9.11.36-14 - Speed up parsing of DNS messages with many different names CVE-2023-4408 - Prevent increased CPU consumption in DNSSEC validator CVE-2023-50387 CVE-2023-50868 - Do not use headerprev in expirelruheaders dhcp 4.3.6 - Change bug tracker path 12:4.3.6-50 - Rebuild because of bin...
libtiff security update
4.0.9-33 - fix CVE-2024-7006 a null pointer dereference in tifdirinfo RHEL-52927...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.212.b04-1 - Update to aarch64-shenandoah-jdk8u212-b04. - Resolves: rhbz1693468 1:1.8.0.212.b03-0 - Update to aarch64-shenandoah-jdk8u212-b03. - Resolves: rhbz1693468 1:1.8.0.212.b02-0 - Update to aarch64-shenandoah-jdk8u212-b02. - Remove patches included upstream -...
python-idna security update
2.4-1.0.1 - Fixed CVE 2024-3651 Orabug: 37206964...
nginx:1.14 security update
1:1.14.1-9.0.1 - Remove Red Hat references Orabug: 29498217 1:1.14.1-9 - Resolves: 1744811 - CVE-2019-9511 nginx:1.14/nginx: HTTP/2: large amount of data request leads to denial of service - Resolves: 1744325 - CVE-2019-9513 nginx:1.14/nginx: HTTP/2: flood using PRIORITY frames resulting in...
libsoup security update
2.62.3-6 - Backport upstream patch for CVE-2024-52530 - HTTP request smuggling via stripping null bytes from the ends of header names - Backport upstream patch for CVE-2024-52530 - infinite loop while reading websocket data - Resolves: RHEL-67076 - Resolves: RHEL-67067...
expat security update
2.2.5-16.0.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-16 - Fix CVE-2024-50602 - Resolves: RHEL-65062...
python3.11 security update
3.11.10-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.10-1 - Update to 3.11.10 Resolves: RHEL-57400...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.502.4.el7 - Revert 'rds: ib: Remove two ibmodifyqp calls' Sharath Srinivasan Orabug: 32715567 - uek-rpm: Update SecureBoot Digicert 2021 certificates Somasundaram Krishnasamy Orabug: 32532514 4.14.35-2047.502.3.el7 - video: hypervfb: Fix the mmap regression for v5.4.y and older Dexua...
container-tools:ol8 security update
aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 buildah cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp netavark oci-seccomp-bpf-hook podman python-podman runc 1:1.1.12-5 - bump golang...
.NET 8.0 security update
8.0.108-1.0.1 - Add support for Oracle Linux 8.0.108-1 - Update to .NET SDK 8.0.108 and Runtime 8.0.8 - Resolves: RHEL-52388...
kernel security and bug fix update
3.10.0-1160.88.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.88.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...
kubernetes security update
1.9.11-2.5.1 - OLCNE-235 CVE-2019-9946 portmap inserts rules at the front of the iptables nat chains 1.9.11-2.4.1 - CVE-2019-1002101 kubectl fix potential directory traversal 1.9.11-2.3.1 - CVE-2019-1002100 Limit the number of operations in a single json patch to be 10,000 - Fixup kubeadm-setup.s...
bluez security update
5.72-2 - Bump release to rebuild for RHEL-9.5 5.72-1 - Update to 5.72...
kernel security and bug fix update
3.10.0-1160.99.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.99.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...
xmlsec1 security update
1.2.9-8.1.1 - Fix a security issue on short hmac lenght CVE-2009-0217 - Resolves: rhbz516724...
binutils security update
2.30-125.0.1 - Forward port Oracle patches from 2.30-125 Reviewed-by: Jose E. Marchesi Oracle history:...
openexr security update
3.1.1-2.1 - fix CVE-2023-5481 RHEL-64162...
java-17-openjdk security update
17.0.13.0.11-3.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.13.0.11-3 - Correct version suffix in 'Update to jdk-17.0.13+11 GA' changelog entry - Related: RHEL-58781 1:17.0.13.0.11-2 - Update to jdk-17.0.13+11 GA - Update .gitignore to ignore openjdk-17.0.13+11.tar.xz - Sync...
Unbreakable Enterprise kernel security update
5.4.17-2011.4.4uek - KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit RSB path Sean Christopherson Orabug: 31536904 5.4.17-2011.4.3uek - NFS: replace cross device check in copyfilerange Olga Kornievskaia Orabug: 31507615 - rds: Fix potential use after free in rdsibincfree Hans...
libsoup security update
2.72.0-8.el95.2 - Backport upstream patch for CVE-2024-52532 - infinite loop while reading websocket data - Resolves: RHEL-67068 2.72.0-8.el95.1 - Backport upstream patch for CVE-2024-52530 - HTTP request smuggling via stripping null bytes from the ends of header names - Resolves: RHEL-67080...
mod_http2 security update
2.0.26-2.1 - Resolves: RHEL-45803 - modhttp2: DoS by null pointer in websocket over HTTP/2 CVE-2024-36387...
kernel security update
5.14.0-427.42.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
emacs security update
1:26.1-12 - org-file-contents: Consider all remote files unsafe CVE-2024-30205 - org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code CVE-2024-39331 - Make Gnus treats inline MIME contents as untrusted CVE-2024-30203 - Disable xwidgets RHEL-14549...
iperf3 security update
3.5-10 - Resolves: RHEL-29578 - vulnerable to marvin attack if the authentication option is used 3.5-9 - Resolves: RHEL-17069 - possible denial of service 3.5-8 - Related: 2222205 - bumping nvr for correct update path...
grub2 security update
2.02-0.87.0.26.el79.9 - Enable common subpackage for aarch64 - Do not sign aarch64 efi binaries Orabug: 32670043 - Remove aarch64 deps on shim Orabug: 32670043 - Restore versioned certificate provide for aarch64 package to satisfy shim Orabug: 32670043 2.02-0.87.0.24.el79.9 - Replace...
glibc security, bug fix, and enhancement update
2.17-317.0.1 - Merge RH el7 u8 patches with Oracle patches Review-exception: Simple merge - Adding Mike Fabians C.utf-8 patch C.utf-8 is a unicode-aware version of the C locale Orabug 29784239. Reviewed-by: Jose E. Marchesi - Remove glibc-ora28641867.patch as duplicate of glibc-rh1705899-4.patch ...
pam:1.5.1 security update
1.5.1-22.0.1 - pamaccess: clean up the remote host matching code Orabug: 36771903 - pamlimits: fix use after free in pamsmopensession Orabug: 36406534 1.5.1-22 - pamaccess: rework resolving of tokens as hostname. Resolves: CVE-2024-10963 and RHEL-66245 1.5.1-21 - pamunix: always run the helper to...
libtiff security update
4.4.0-12.1 - fix CVE-2024-7006 a null pointer dereference in tifdirinfo RHEL-52931...
Unbreakable Enterprise kernel security update
5.15.0-207.156.6 - uek-container: Add advanced routing options Boris Ostrovsky Orabug: 36691279 - slub: use countpartialfreeapprox in slaboutofmemory Jianfeng Wang Orabug: 36655468 - slub: introduce countpartialfreeapprox Jianfeng Wang Orabug: 36655468 - Revert 'lockd: introduce safe async lock o...
python-dns security update
2.6.1-3 - Ensure dns.rdtypes subpackages are available Related: RHEL-32663 2.6.1-2 - Add missing files due to build change from hatchling to setuptools Related: RHEL-32663 2.6.1-1 - Rebase to 2.6.1 Resolves: RHEL-32628, RHEL-32663...