8998 matches found
mysql security and bug fix update
5.0.45-7 - Adjust thread stack requests to allow for platform-specific guard page size; necessary to prevent stack overrun on PPC with RHEL5's 64K page size. Resolves: 435391 - Remove calendar-dependent queries from 'view' test; necessary to get regression tests to pass after 2007. 5.0.45-6 -...
Moderate: httpd security update
2.0.46-70.ent.0.1 - use oracle index page oracleindex.html and logo removal - add apr-configure.patch 2.0.46-70.ent - add security fix for CVE-2007-6388 427235 - add security fix for modproxyftp UTF-7 XSS 427742 2.0.46-69.ent - add security fix for CVE-2007-3847 250759 - add security fixes for...
Important: perl security update
5.8.5-36.el45.2.0.1 - Added patch perl-5.8.5-OEL-mock-build.patch to disable test lib/Net/t/hostname.t, so that mock build succeeds 5.8.5-36.el4.2 - Resolves: bug323791 - fix previous patch 5.8.5-36.el4.1 - Resolves: bug323791 - fix regular expression UTF parsing errors...
Critical firefox security update
1.5.0.8-0.1.1.el4 - Replace default-bookmarks.html and default-prefs.js 1.5.0.8-0.1.el4 - Update to 1.5.0.8 RC 1.5.0.7-0.1.el4 - Update to 1.5.0.7 1.5.0.5-0.el4.1 - Update to 1.5.0.5...
edk2:20220126gitbb1bba3d77 security update
20220126gitbb1bba3d77-13.el8.4 - edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch RHEL-60830 - Resolves: RHEL-60830 CVE-2024-38796 edk2: Integer overflows in PeCoffLoaderRelocateImage rhel-8.10.z...
edk2 security update
1.7.1 - Create new 1.7.1 release for OL7 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK2: In the Linux kernel...
httpd security update
2.4.57-11.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.57-11 - Resolves: RHEL-45792 - httpd: Encoding problem in modproxy CVE-2024-38473 2.4.57-9 - Resolves: RHEL-45766 - httpd: null pointer dereference in modproxy CVE-2024-38477 - Resolves: RHEL-45749 - httpd: Potentia...
idm:DL1 security update
bind-dyndb-ldap 11.6-4 - Modify empty zone conflicts under exclusive mode Resolves: rhbz2126877 11.6-3 - Rebuild against bind 9.11.36 - Resolves: rhbz2022762 11.6-2 - Rebuild against bind 9.11.26 - Resolves: rhbz1904612 11.6-1 - New upstream release - Resolves: rhbz1891735 11.3-1 - New upstream...
python27:2.7 security update
babel 2.5.1-10 - Fix CVE-2021-20095 Resolves: rhbz1955615 2.5.1-9 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 2.5.1-8 - Fix unversioned requires/buildrequires - Resolves: rhbz1628242 2.5.1-7 - Remove unversioned binaries - Resolves: rhbz1613343 2.5.1-6 - Make...
nodejs:18 security update
nodejs 1:18.20.2-1 - Removes .ps1 files - Rebase to 18.20.2 - Fixes: CVE-2024-27983, CVE-2024-28182, CVE-2024-27982, CVE-2024-25629 nodejs-nodemon nodejs-packaging...
bind security update
bind 9.16.23-18.0.1 - Fix warning when changing device file permissions Orabug: 36518580 32:9.16.23-18.1 - Rebuild with correct z-stream tag again 32:9.16.23-18 - Prevent crashing at masterformat system test CVE-2023-6516 32:9.16.23-17 - Import tests for large DNS messages fix - Add downstream...
mod_http2 security update
1.15.19-5.1 - Resolves: RHEL-29826 - modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316...
nodejs:20 security update
nodejs 1:20.11.1-1 - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 high - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 medium nodejs-nodemon nodejs-packaging...
nss security update
3.90.0-4 - Fix expired certs in tests - Fix CVE-2023-5388...
tigervnc security update
1.8.0-28.0.1 - Dropped xorg-CVE-2023-5367.patch, xorg-CVE-2023-6377.patch, and xorg-CVE-2023-6478.patch 1.8.0-28 - Updated fix for CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions Resolves: RHEL-18415 1.8.0-27 - Fix CVE-2023-6377 tigervnc:...
Unbreakable Enterprise kernel security update
5.15.0-201.135.6 - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller Johnathan Mantey - netfilter: nftables: split async and sync catchall in two functions Pablo Neira Ayuso - netfilter: nftables: remove catchall element in GC sync path Pablo Neira Ayuso - scsi: mpt3sas: Fix...
skopeo security update
2:1.13.3-1 - update to https://github.com/containers/skopeo/releases/tag/v1.13.3 - Related: 2176063 2:1.13.2-1 - update to https://github.com/containers/skopeo/releases/tag/v1.13.2 - Related: 2176063 2:1.13.1-1 - update to https://github.com/containers/skopeo/releases/tag/v1.13.1 - Related: 21760...
varnish security update
6.6.2-3.el92.1 - Add parameters h2rstallowance and h2rstallowanceperiod to mitigate CVE-2023-44487 - Resolves: RHEL-12818...
dotnet6.0 security update
6.0.123-1.0.1 - Update to .NET SDK 6.0.123 and Runtime 6.0.23 - Resolves: RHEL-11696...
.NET 7.0 security, bug fix, and enhancement update
7.0.107-1.0.1 - Set TargetRid based on os release major version, add OL arm64 RuntimeIdentifier Orabug: 34671152 7.0.107-1 - Update to .NET SDK 7.0.107 and Runtime 7.0.7 - Resolves: RHBZ2211876 7.0.106-2 - Update to .NET SDK 7.0.106 and Runtime 7.0.6 - Resolves: RHBZ2190267...
containernetworking-plugins security and bug fix update
1:1.2.0-1 - update to https://github.com/containernetworking/plugins/releases/tag/v1.2.0 - Related: 2124478...
device-mapper-multipath security and bug fix update
0.8.7-20 - Add 0083-multipath.rules-fix-smart-bug-with-failed-valid-path.patch - Add 0084-libmultipath-limit-paths-that-can-get-wwid-from-envi.patch - Change how the installation dir for kpartxid is specified - Resolves: bz 1926147 0.8.7-19 - Fix bugzilla linked to the changes was previously link...
git security update
1.8.3.1-24 - Fixes CVE-2022-23521 and CVE-2022-41903 - Resolves: 2162067...
kernel security and bug fix update
5.14.0-162.12.11.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
kernel security and bug fix update
3.10.0-1160.83.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.83.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...
go-toolset and golang security and bug fix update
golang 1.18.9-1 - Rebase to Go 1.18.9 - Enable big endian support for fips mode - Fix ppc64le linker issue - Resolves: rhbz2144547 - Resolves: rhbz2149311 go-toolset 1.18.9-1 - Rebase to Go 1.18.9 - Enable big endian support for fips mode - Fix ppc64le linker issue - Resolves: rhbz2144547 -...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.520.3.1.el7 - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34883027 CVE-2022-4378 - proc: avoid integer type confusion in getproclong Linus Torvalds Orabug: 34883027 CVE-2022-4378 - hugetlbfs: don't delete error page from pagecache James...
kubernetes security update
kubernetes 1.21.14-3 - Addresses CVE-2022-3294 & CVE-2022-3162 1.21.14-2 - Fixed kubernetes-cni version. 1.21.14-1 - Addresses CVE-2022-3172 olcne 1.4.9-2 - Fix 1.21 kubernetes version to align with last upstream release 1.4.9-1 - Resolve kubernetes CVE-2022-3294 & CVE-2022-3162 for version 1.21...
kubernetes security update
kubernetes 1.22.16-1 - Added Oracle specific build files for Kubernetes - Add preBuildOL8Commands to Jenkinsfile kubernetes 1.23.14-1 - Added Oracle specific build files for Kubernetes kubernetes 1.24.8-1 - Added Oracle specific build files for Kubernetes olcne 1.5.8-4 - Fix 1.21 kubernetes versi...
protobuf security update
3.14.0-13 - Rebuilt for test fixes 3.14.0-12 - Rebuilt for test fixes 3.14.0-11 - Applied patch for for CVE-2021-22570 2055641...
nodejs:14 security update
nodejs 1:14.20.1-2 - Record issues fixed in the current version Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 Resolves: CVE-2022-0235 1:14.20.1-1 - Rebase to version 14.20.1 Resolves: CVE-2022-35256 nodejs-packaging 23-3 - Updated - Removed pathfix.py 23-2 - Rebuilt for...
expat security update
2.0.1-13.0.2 - Ensure raw tagnames are safe exiting internalEntityParser CVE-2022-40674Orabug: 34694174...
expat security update
2.2.5-8.0.1.3 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-8.3 - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674...
squid security update
7:4.11-3.0.1...
mysql security, bug fix, and enhancement update
8.0.30-3 - Release bump for rebuild 8.0.30-1 - Update to MySQL 8.0.30 - Remove patches now upstream: chain certs, OpenSSL 3, s390 and robin hood - Add a new plugin 8.0.29-1 - Update to MySQL 8.0.29...
istio security update
istio 1.13.7-1 - Added Oracle specific files for 1.13.7-1 olcne 1.4.7-1 - Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045 1.4.6-2 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over - Update gen-certs-helper script to skip printin...
open-vm-tools security update
11.3.5-1.0.1.el86.1 - Fix spaces in vmware udev rule for scsi devices Orabug: 24461968 - Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. Orabug: 22815019 - Increase timeout for scsi devices on VMWare guests by adding a udev rule. Orabug: 21819156 11.3.5-1.el86.1 -...
rsync security update
3.1.2-11 - Resolves: 2111170 - remote arbitrary files write inside the directories of connecting peers...
Unbreakable Enterprise kernel-container security update
5.15.0-0.30.20.1 - lockdown: Fix kexec lockdown bypass with ima policy Eric Snowberg Orabug: 34386636 CVE-2022-21505...
compat-openssl11 security and bug fix update
1:1.1.1k-4.0.1 - Backport upstream PRs 18446 and 18481 which update certificates used for the self-tests Orabug: 34326055 1:1.1.1k-4 - Fixes CVE-2022-0778 openssl: Infinite loop in BNmodsqrt reachable when parsing certificates Resolves: rhbz2063147 - Disable FIPS mode; it does not work and will n...
olcne security update
1.4.5-1 - Address qemu CVE-2022-26353, CVE-2021-3748...
xorg-x11-server and xorg-x11-server-Xwayland security update
xorg-x11-server 1.20.11-5 - Fix crash with NVIDIA proprietary driver with Present 2046329 1.20.11-4 - CVE fix for: CVE-2021-4008 2030162, CVE-2021-4009 2030172, CVE-2021-4010 2030175, CVE-2021-4011 2030181 1.20.11-3 - xf86/logind Fix drmdropmaster before vtreldis Resolves: 1771863...
vim security update
8.0.1763-16.0.1 - - Remove upstream references Orabug: 31197557 2:8.0.1763-16.13 - CVE-2022-1154 vim: use after free in utfptr2char...
libarchive security update
3.3.3-3 - Do not follow symlinks when processing the fixup list CVE-2021-31566 3.3.3-2 - Fix handling of symbolic link ACLs CVE-2021-23177...
qemu security update
15:4.2.1-15.el7 - Document CVE-2021-4158 and CVE-2021-3947 as fixed Mark Kanda Orabug: 33719302 Orabug: 33754145 CVE-2021-3947 CVE-2021-4158 - hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196 Philippe Mathieu-Daude Orabug: 32439466 CVE-2021-20196 - hw/block/fdc: Extract...
libreswan security update
4.4-4.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.4-4 - Resolves: rhbz2036902 rebuild to enable rpminspect 4.4-3 - Resolves: rhbz2036902: fix patch application 4.4-2 - Resolves: rhbz2036902 ikev1: disable diagnostics logging on receiving malformed packets...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.510.5.2 - xfs: map unwritten blocks in XFSIOCALLOC,FREESP just like fallocate Darrick J. Wong Orabug: 33722441 CVE-2021-4155 4.14.35-2047.510.5.1 - fget: check that the fd still exists after getting a ref to it Linus Torvalds Orabug: 33679805 CVE-2021-0920 - fs: add fgetmany and...
idm:DL1 security update
ipa 4.9.6-10.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.6-10 - Bump realease version due to build issue. Related: RHBZ2021489 4.9.6-9 - Hardening for CVE-2020-25717, part 3 Related: RHBZ2021489 4.9.6-8 - Hardening for CVE-2020-25717, part 2 - Related: RHBZ2021171...
mailman security update
3:2.1.15-30.2 - Fix for CVE-2021-44227 - Resolves: 2026866 3:2.1.15-30.1 - Fix for CVE-2016-6893 - Fix for CVE-2021-42097 - Resolves: 2024884, 2020688...
python38:3.8 and python38-devel:3.8 security update
...