9182 matches found
Unbreakable Enterprise kernel-container security update
5.4.17-2136.302.7.2 - xfs: map unwritten blocks in XFSIOCALLOC,FREESP just like fallocate Darrick J. Wong Orabug: 33699625 CVE-2021-4155 5.4.17-2136.302.7.1 - fget: check that the fd still exists after getting a ref to it Linus Torvalds Orabug: 33691332 CVE-2021-0920 5.4.17-2136.302.7 - rds: ib:...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.510.5.2 - xfs: map unwritten blocks in XFSIOCALLOC,FREESP just like fallocate Darrick J. Wong Orabug: 33722441 CVE-2021-4155 4.14.35-2047.510.5.1 - fget: check that the fd still exists after getting a ref to it Linus Torvalds Orabug: 33679805 CVE-2021-0920 - fs: add fgetmany and...
idm:DL1 security update
ipa 4.9.6-10.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.6-10 - Bump realease version due to build issue. Related: RHBZ2021489 4.9.6-9 - Hardening for CVE-2020-25717, part 3 Related: RHBZ2021489 4.9.6-8 - Hardening for CVE-2020-25717, part 2 - Related: RHBZ2021171...
lua security update
5.3.4-12 - Fix segfault in getlocal and setlocal 1880445...
olcne security update
olcne 1.2.4-5 - Updated registry-image-helper.sh to work with olcne-utils 1.2.4-4 - Fix istio template for 1.9.6 for k8s update failure 1.2.4-3 - Fixed yaml file to stop olcne-nginx and keepalived services at uninstall Orabug: 32296282 1.2.4-2 - Fix iptables issue when running on OL7 host using O...
kernel security and bug fix update
4.18.0-305.3.14.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
spice-vdagent security and bug fix update
0.20.0-3 - Fix mouse problems in multi-monitor environments under Wayland Resolves: rhbz1790904 rhbz1824610 0.20.0-2 - Resolves: CVE-2020-25650, CVE-2020-25651, CVE-2020-25652, CVE-2020-25653...
python-lxml security update
4.2.3-2 - Security fix for CVE-2020-27783: mXSS due to the use of improper parser Resolves: rhbz1901633...
sqlite security update
3.26.0-13 - enabled fts3conf.test on s390x and ppc64 architectures 3.26.0-12 - Fixed CVE-2020-13434 1845843 - Fixed CVE-2020-15358 1855208...
systemd security, bug fix, and enhancement update
239-45.0.1 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev rules: fix memory hot add and remove Orabug: 31310273 - fix to enable systemd-pstore.service Orabug: 30951066 - journal: change support URL shown in the catalog entries Orabug: 30853009 - fix to generate...
gnutls and nettle security update
gnutls 3.6.14-8 - Port fixes for potential miscalculation in ecdsaverify 1942929 nettle 3.4.1-4 - Fix patch application 3.4.1-3 - Port fixes for potential miscalculation in ecdsaverify 1942924...
Unbreakable Enterprise kernel security update
4.1.12-124.48.3.1 - xen-blkback: fix error handling in xenblkbkmap Jan Beulich Orabug: 32492113 CVE-2021-26930 - xen-scsiback: don't 'handle' error by BUG Jan Beulich Orabug: 32492105 CVE-2021-26931 - xen-netback: don't 'handle' error by BUG Jan Beulich Orabug: 32492105 CVE-2021-26931 -...
container-tools:ol8 security, bug fix, and enhancement update
...
gd security update
Fri Mar 27 2020 [email protected] - 2.2.5-7 - Fix CVE-2018-14553 - Potential Null pointer dereference in gdImageClone Resolves: RHBZ1811788 - Fixed heap based buffer overflow in gdcolormatch.c:gdImageColorMatch in libgd as used in imagecolormatch Resolves: RHBZ1678104 CVE-2019-6977 - Fixed...
SDL security update
1.2.15-38 - fix CVEs - Resolves: rhbz1716209, rhbz1716210, rhbz1716211, rhbz1716212, rhbz1716213, rhbz1716214, rhbz1716215, rhbz1716216, rhbz1716217, rhbz1716218, rhbz1716219...
systemd security and bug fix update
219-78.0.1 - Backport upstream patches related to private-tmp Sushmita Bhattacharya Orabug: 31561883 - backport upstream pstore tmpfiles patch Eric DeVolder Orabug: 31414539 - udev rules: fix memory hot add and remove Orabug: 31309730 - enable and start the pstore service Orabug: 30950903 - fix t...
virt:ol security update
qemu-kvm 2.12.0-99.0.1.el82.4 - Added bug30251155-remove-upstream-reference Orabug: 30251155 2.12.0-99.el82.4 - kvm-usb-fix-setuplen-init-CVE-2020-14364.patch bz1869708 - Resolves: bz1869708 CVE-2020-14364 qemu-kvm: QEMU: usb: out-of-bounds r/w access issue while processing usb packets rhel-8.2.0...
.NET Core 3.1 security and bugfix update
3.1.107-1.0.1 - Update patch to support 8.2 [email protected] - support OL release scheme [email protected] 3.1.107-1 - Update to .NET Core Runtime 3.1.7 and SDK 3.1.107 - Resolves: RHBZ1862593 - Resolves: RHBZ1861113...
python3 security and bug fix update
3.6.8-23.0.1.el8 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-23 - Modify the test suite to better handle disabled SSL/TLS versions and FIPS mode - Use OpenSSLs DRBG and disable os.getrandom function in FIPS mode Resolves: rhbz1754028, rhbz1754027, rhbz1754026, rhbz177447...
expat security update
2.1.0-11 - add security fix for CVE-2015-2716...
firefox security update
68.5.0-2.0.1.el81 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 - Update to 68.5.0 build2...
bind security and bug fix update
32:9.11.4-26.P2 - Permit explicit disabling of RSAMD5 in FIPS mode 1737407 32:9.11.4-25.P2 - Fix CVE-2018-5745 - Fix CVE-2019-6465 32:9.11.4-24.P2 - Do not override random numbers provider in DHCP 1668682 32:9.11.4-23.P2 - Report errors on invalid IDN 2008 names 1679307 32:9.11.4-22.P2 - Fix...
container-tools:ol8 security, bug fix, and enhancement update
...
thunderbird security update
60.6.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.6.1-1 - Update to 60.6.1 60.6.0-1 - Update to 60.6.0...
thunderbird security update
60.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.4.0-1 - Update to 60.4.0 60.3.0-1 - Update to 60.3.0 60.2.1-6 - Fixed missing calendar langpacks...
firefox security update
60.1.0-4.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.1.0-4 - Disabled jemalloc on all second arches 60.1.0-3 - Updated to 60.1.0 ESR build2 60.1.0-2 - Disabled jemalloc on second arches 60.1.0-1 - Updated to 60.1.0 ESR 60.0-12 - Fixing bundled libffi...
microcode_ctl security update
2.1-22.5.0.3 - Revert Intel 20180108 microcode for CPUIDs: CVE-2017-5715 306c3 06-3c-03 rev 0x23, Haswell; 306d4 06-3d-04 rev 0x28, Broadwell; 306f2 06-3f-02 rev 0x3b, Haswell; 306f4 06-3f-04 rev 0x10, Haswell; 306e4 06-3e-04 rev 0x42a, Ivy Bridge; 40651 06-45-01 rev 0x21, Haswell; 40661 06-46-01...
libvirt security update
0.10.2-62.0.1.el69.1 - Replace docs/et.png in tarball with blank image 0.10.2-62.el69.1 - util: Implement virFileReadHeaderFD CVE-2017-5715 - util: add virFileReadHeaderQuiet wrapper around virFileReadHeaderFD CVE-2017-5715 - util: introduce virHostCPUGetMicrocodeVersion CVE-2017-5715 - conf:...
kernel security update
kernel - 2.6.18-419.0.0.0.3 - nfsd: stricter decoding of write-like NFSv2/v3 ops orabug 26586706 CVE-2017-7895...
sudo security update
1.8.6p3-28 - Fixes CVE-2017-1000367 Resolves: rhbz1455399...
thunderbird security update
52.1.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.1.0-1 - Update to 52.1.0 52.0.1-1 - Update to 52.0.1...
java-1.6.0-openjdk security update
1:1.6.0.40-1.13.12.4.0.1 - Add oracle-enterprise.patch 1:1.6.0.40-1.13.12.4 - Bump source tarballs to try and really fix TCK failures this time. - Resolves: rhbz1350043 1:1.6.0.40-1.13.12.3 - Bump source tarballs to missing -DNDEBUG on JDK native code. - Resolves: rhbz1350043 1:1.6.0.40-1.13.12.2...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.9.1 - mlx4: Increase SYNCTPT command timeout Mukesh Kacker Orabug: 22895790 - neigh: do not modify unlinked entries Julian Anastasov Orabug: 23072705 - mm/slab: Improve performance of slabinfo stats gathering Aruna Ramakrishna Orabug: 23720437 - atl2: Disable unimplemented...
kernel security and bug fix update
2.6.32-642.3.1 - infiniband security: Restrict use of the write interface Don Dutile 1332547 1332548 CVE-2016-4565 2.6.32-642.2.1 - sched Revert 'kernel: sched: Cure load average vs NOHZ woes' Rafael Aquini 1343015 1326373 - sched Revert 'kernel: sched: Cure more NOHZ load average woes' Rafael...
pcre security update
8.32-15.1 - Fix CVE-2015-2328 infinite recursion compiling pattern with recursive reference in a group with indefinite repeat bug 1330508 - Fix CVE-2015-8385 buffer overflow caused by named forward reference to duplicate group number bug 1330508 - Fix CVE-2015-8386 buffer overflow caused by...
java-1.7.0-openjdk security update
1:1.7.0.99-2.6.5.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.99-2.6.5.0 - Bump to 2.6.5 and u99b00. - Correct check for fsg.sh in tarball creation script - Resolves: rhbz1320656...
firefox security update
38.5.0-2.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.5.0-2 - Update to 38.5.0 ESR...
nss, nss-util, and nspr security update
nspr 4.10.8-2 - Resolves: Bug 1269360 - CVE-2015-7183 - nspr: heap-buffer overflow in PLARENAALLOCATE can lead to crash under ASAN, potential memory corruption nss 3.19.1-5.0.1 - Added nss-vendor.patch to change vendor 3.19.1-5 - Rebuild against updated NSPR 3.19.1-4 - Sync up with the rhel-6.6...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-98.2.2 - sctp: fix ASCONF list handling Marcelo Ricardo Leitner Orabug: 21842668 CVE-2015-3212 - KEYS: ensure we free the assoc array edit if edit is valid Colin Ian King Orabug: 21842655 CVE-2015-1333...
gdk-pixbuf2 security update
2.24.1-6 - Fix CVE 2015-4491 - Resolves 1253210...
firefox security update
38.1.1-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.1.1-1 - Update to 38.1.1 ESR...
thunderbird security update
31.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 31.8.0-1 - Update to 31.8.0...
abrt security update
abrt 2.1.11-22.0.1 - Drop libreport-rhel and libreport-plugin-rhtsupport requires 2.1.11-22 - do not open the buildids file as the user abrt - do not unlink failed and big user core files - Related: 1212819, 1216973 2.1.11-21 - validate all D-Bus method arguments - Related: 1214610 2.1.11-20 -...
qemu-kvm security update
1.5.3-86.el71.2 - kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch bz1219269 - Resolves: bz1219269 EMBARGOED CVE-2015-3456 qemu-kvm: qemu: floppy disk controller flaw rhel-7.1.z...
firefox security update
38.0-3.0.1.el71 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 38.0-3 - Enabled system nss - Removed unused patches 38.0-2 - Update to 38.0 ESR 38.0b8-0.11 - Update to 38.0 Beta 8 38.0b6-0.10 - Added patch for mozbz1152515 38.0b6-0.9 - Update to 38.0 Beta 6...
libxml2 security update
2.9.1-5.0.1.el71.2 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-5.2 - Fix missing entities after CVE-2014-3660 fix - CVE-2014-0191 Do not fetch external parameter entities rhbz1195649 - Fix regressions introduced by CVE-2014-0191 patch...
ipa and slapi-nis security and bug fix update
ipa 4.1.0-18.0.1.el71.3 - Replace login-screen-logo.png 20362818 - Drop subscription-manager requires for OL7 - Drop redhat-access-plugin-ipa requires for OL7 - Blank out header-logo.png product-name.png 4.1.0-18.3 - ipa-python ipalib.errors.LDAPError: failed to decode certificate:...
389-ds-base security, bug fix, and enhancement update
1.2.11.15-50 - Release 1.2.11.15-50 - Resolves: 1179099 - Problem with single value attribute MMR replication DS 47915, DS 569 1.2.11.15-49 - Release 1.2.11.15-49 - Resolves: 1180629 - CVE-2014-8105: information disclosure through 'cn=changelog' subtree - Resolves: 1179099 - Problem with single...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.36.12 - HID: fix a couple of off-by-ones Jiri Kosina Orabug: 19849320 CVE-2014-3184 - ALSA: control: Protect user controls against concurrent access Lars-Peter Clausen Orabug: 20192545 CVE-2014-4652 - udf: Avoid infinite loop when processing indirect ICBs Jan Kara Orabug:...
ruby security update
1.8.7.374-3 - Fix REXML billion laughs attack via parameter entity expansion CVE-2014-8080. Resolves: rhbz1163993 - REXML incomplete fix for CVE-2014-8080 CVE-2014-8090. Resolves: rhbz1163993...