8998 matches found
git security update
1.8.3.1-24 - Fixes CVE-2022-23521 and CVE-2022-41903 - Resolves: 2162067...
go-toolset and golang security and bug fix update
golang 1.18.9-1 - Rebase to Go 1.18.9 - Enable big endian support for fips mode - Fix ppc64le linker issue - Resolves: rhbz2144547 - Resolves: rhbz2149311 go-toolset 1.18.9-1 - Rebase to Go 1.18.9 - Enable big endian support for fips mode - Fix ppc64le linker issue - Resolves: rhbz2144547 -...
sudo security update
1.8.29.8.1 RHEL 8.7.0.Z ERRATUM - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user Resolves: rhbz2161220...
java-11-openjdk security and bug fix update
11.0.18.0.10-2.0.1 - Replace upstream references Orabug: 34340155 1:11.0.18.0.10-2 - Update to jdk-11.0.18+10 GA - Update release notes to 11.0.18+10 - Switch to GA mode for release - This tarball is embargoed until 2023-01-17 @ 1pm PT. - Related: rhbz2157798 1:11.0.18.0.9-0.2.ea - Update to...
nodejs:14 security update
nodejs 1:14.20.1-2 - Record issues fixed in the current version Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 Resolves: CVE-2022-0235 1:14.20.1-1 - Rebase to version 14.20.1 Resolves: CVE-2022-35256 nodejs-packaging 23-3 - Updated - Removed pathfix.py 23-2 - Rebuilt for...
java-17-openjdk security and bug fix update
1:17.0.5.0.8-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data with Europe/Kyiv JDK-8293834 - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream - Related: rhbz2133695...
Unbreakable Enterprise kernel-container security update
5.15.0-1.43.4.2 - rds: copyfromuser only once per rdssendmsg system call Hans Westgaard Ry Orabug: 33981854 CVE-2022-21385...
Unbreakable Enterprise kernel security update
4.1.12-124.65.1.1 - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460939 CVE-2022-2588...
Unbreakable Enterprise kernel security update
5.4.17-2136.309.5.1 - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460937 CVE-2022-2588...
python-twisted-web security update
12.1.0-8 - Security fix for CVE-2022-24801: Possible http request smuggling Resolves: rhbz2073114...
olcne istio istio security update
olcne 1.4.3-1 - Update Istio to 1.13.2 istio 1.12.6-1 - Addresses CVE-2022-24726, CVE-2022-24921 istio 1.13.2-1 - Added Oracle specific files for 1.13.2-1...
thunderbird security update
91.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.8.0-1 - Update to 91.8.0...
libtpms security update
libtpms 0.8.8-1.el7 - spec: Update spec file to version 0.8.8 Fri Sep 17 2021 Stefan Berger - 0.8.7-1 - tpm2: Fixes for building and running with OpenSSL 3.0 Fri Sep 10 2021 Stefan Berger - 0.8.6-1 - tpm2: Marshal event sequence objects' hash state Wed Sep 01 2021 Stefan Berger - 0.8.5-1 - tpm2:...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.302.7.2 - xfs: map unwritten blocks in XFSIOCALLOC,FREESP just like fallocate Darrick J. Wong Orabug: 33699625 CVE-2021-4155 5.4.17-2136.302.7.1 - fget: check that the fd still exists after getting a ref to it Linus Torvalds Orabug: 33691332 CVE-2021-0920 5.4.17-2136.302.7 - rds: ib:...
krb5 security update
1.15.1-50.0.1 - Add recursion limit for ASN.1 indefinite lengths Orabug: 32582360...
python-lxml security update
4.2.3-2 - Security fix for CVE-2020-27783: mXSS due to the use of improper parser Resolves: rhbz1901633...
bash security and bug fix update
4.4.19-14 - Fix hang when limit for nproc is very high Resolves: 1890888 4.4.19-13 - Correctly drop saved UID when effective UID is not equal to its real UID Resolves: 1793943...
nodejs:12 security update
nodejs 1:12.21.0-1 - Resolves: RHBZ1932315, RHBZ1932424 - remove --debug-nghttp2 option - remove ini patch - Backport patch to use getauxval...
bluez security update
5.50-4 + bluez-5.50-4 - Fixing CVE-2020-0556...
thunderbird security update
78.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.4.0-1 - Update to 78.4.0 build1 - Disabled telemetry 78.3.1-1 - Update to 78.3.1 build1...
python27:2.7 security update
...
SDL security update
1.2.15-38 - fix CVEs - Resolves: rhbz1716209, rhbz1716210, rhbz1716211, rhbz1716212, rhbz1716213, rhbz1716214, rhbz1716215, rhbz1716216, rhbz1716217, rhbz1716218, rhbz1716219...
libwmf security and bug fix update
0.2.8.4-44 - Resolves: rhbz1840569 adapt to new urw-fonts 0.2.8.4-43 - Resolves: rhbz1679005 CVE-2019-6978 0.2.8.4-42 - Related: rhbz1239162 fix patch context...
mariadb security and bug fix update
1:5.5.68-1 - Rebase to 5.5.68 This is the last upstream release. This major version reached upstream EOL - Related to: rhbz1834835 1:5.5.67-2 - Resolves: rhbz1689827 1:5.5.67-1 - Rebase to 5.5.67 - Related to: rhbz1834835 - CVEs fixed: rhbz1821939 CVE-2020-2574 1:5.5.66-1 - Rebase to 5.5.66 -...
python security update
2.7.5-89.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-89 - Security fix for CVE-2019-16935 Resolves: rhbz1797998 2.7.5-88 - Security fix for CVE-2019-16056 Resolves: rhbz1750773 2.7.5-87 - Fix CVE-2018-20852 Resolves: rhbz1741551...
thunderbird security update
68.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.9.0-1 - Update to 68.9.0 build1...
libexif security update
0.6.21-7 - Add patch for CVE-2020-13112 - Resolves: 1840949...
.NET Core on Red Hat Enterprise Linux 8 security update
2.1.515-1 - Update to .NET Core SDK 2.1.515 and Runtime 2.1.19 - Resolves: RHBZ1843680...
thunderbird security update
68.8.0-1.0.1.el82 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.8.0-1 - Update to 68.8.0 build2...
expat security update
2.1.0-11 - add security fix for CVE-2015-2716...
firefox security update
68.4.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.4.1-1 - Update to 68.4.1esr build1 - Update to 68.4.0esr build1 - Fix for wrong intl.acceptlang whe...
kernel security and bug fix update
2.6.32-754.25.1.OL6 - Update genkey Orabug: 25599697 2.6.32-754.25.1 - kvm KVM: VMX: Set VMENTERL1DFLUSHNOTREQUIRED if !X86BUGL1TF Waiman Long 1733760 - virt KVM: coalescedmmio: add bounds checking Bandan Das 1746799 CVE-2019-14821 - virt KVM: MMIO: Lock coalesced device when checking for availab...
openssl security, bug fix, and enhancement update
1.1.1c-2 - do not try to use EC groups disallowed in FIPS mode in TLS - fix Valgrind regression with constant-time code 1.1.1c-1 - update to the 1.1.1c release 1.1.1b-6 - adjust the default cert pbe algorithm for pkcs12 -export in the FIPS mode 1.1.1b-5 - Fix small regressions related to the reba...
bind security and bug fix update
32:9.11.4-26.P2 - Permit explicit disabling of RSAMD5 in FIPS mode 1737407 32:9.11.4-25.P2 - Fix CVE-2018-5745 - Fix CVE-2019-6465 32:9.11.4-24.P2 - Do not override random numbers provider in DHCP 1668682 32:9.11.4-23.P2 - Report errors on invalid IDN 2008 names 1679307 32:9.11.4-22.P2 - Fix...
sssd security, bug fix, and enhancement update
2.2.0-19 - Resolves: rhbz1712875 - Old kerberos credentials active instead of valid new ones kcm 2.2.0-18 - Resolves: rhbz1744134 - New defect found in sssd-2.2.0-16.el8 - Also sync. kcm multihost tests with master 2.2.0-17 - Resolves: rhbz1676385 - pamsss with smartcard auth does not create gnom...
container-tools:ol8 security, bug fix, and enhancement update
...
ruby security update
2.0.0.648-36 - Introduce 'Gem::UserInteractionverbose' method as precondition to fix CVE-2019-8321. rubygems-2.3.0-refactor-checking-reallyverbose.patch - Fix escape sequence injection vulnerability in verbose. - Fix escape sequence injection vulnerability in gem owner. Resolves: CVE-2019-8322 -...
thunderbird security and bug fix update
60.8.0-1.0.1 60.8.0-1 - Updated to 60.8.0 60.7.2-3 - Rebuild to fix rhbz1725919 - Thunderbird fails to authenticate with gmail with ssl/tls and OAuth2...
firefox security update
60.5.0-2.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.5.0-2 - Updated to 60.5.0 ESR build2 60.5.0-1 - Updated to 60.5.0 ESR build1 60.4.0-3 - Fixing fontconfig warnings rhbz1601475 60.4.0-2 - Added pipewire patch from Tomas Popela...
kubernetes security update
1.9.11-2.1.1 - Fix kubeadm-registry.sh - Use golang 1.9.3 - CVE-2018-1002105 Handle error responses from backends - Bump to v1.9.11...
flatpak security update
0.8.8-4 - Add patch for CVE-2018-6560 1547376...
qemu-kvm security and bug fix update
1.5.3-156.el75.5 - kvm-multiboot-bssendaddr-can-be-zero.patch bz1549824 - kvm-multiboot-Remove-unused-variables-from-multiboot.c.patch bz1549824 - kvm-multiboot-Use-header-names-when-displaying-fields.patch bz1549824 - kvm-multiboot-fprintf-stderr.-errorreport.patch bz1549824 -...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.7 - x86/entry/64: Dont use IST entry for BP stack Andy Lutomirski CVE-2018-8897...
microcode_ctl security update
2.1-22.5.0.3 - Revert Intel 20180108 microcode for CPUIDs: CVE-2017-5715 306c3 06-3c-03 rev 0x23, Haswell; 306d4 06-3d-04 rev 0x28, Broadwell; 306f2 06-3f-02 rev 0x3b, Haswell; 306f4 06-3f-04 rev 0x10, Haswell; 306e4 06-3e-04 rev 0x42a, Ivy Bridge; 40651 06-45-01 rev 0x21, Haswell; 40661 06-46-01...
Unbreakable Enterprise kernel security update
4.1.12-103.7.3 - brcmfmac: fix possible buffer overflow in brcmfcfg80211mgmttx Tim Tianyang Chen Orabug: 26943541 CVE-2017-7541 4.1.12-103.7.2 - rebuild bumping release...
libreoffice security and bug fix update
1:5.0.6.2-14.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.0.6.2-14 - Resolves: rhbz1454693 segv on interrupting tiled rendering 1:5.0.6.2-13 - Related: rhbz1444437 remove timer if...
glibc security, bug fix, and enhancement update
2.17-196 - Avoid large allocas in the dynamic linker 1452721 2.17-195 - Rounding issues on POWER 1457177 2.17-194 - Use a built-in list of system call names 1439165 2.17-193 - Inhibit FMA while compiling sqrt, pow 1413638 2.17-192 - Exclude lock elision support for older Intel hardware with Intel...
libreoffice security update
1:4.3.7.2-2.0.1.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile [email protected] - Build with --with-vendor='Oracle America, Inc.' [email protected] 1:4.3.7.2-2.1 - Resolves: rhbz1435532 CVE-2017-3157 Arbitrary file disclosure in...
util-linux security and bug fix update
2.23.2-33.0.1.el7u3.2 - fix Oracle bug 23001516 - backport lscpu: correct the Virtualization type on Xen DomU PV guest - Reviewed-by: Joe Jin 2.23.2-33.el73.2 fix CVE-2017-2616 - Sending SIGKILL to other processes with root privileges via su 2.23.2-33.el73.1 - fix 1405238 - findmnt --target...
gnutls security, bug fix, and enhancement update
2.12.23-21 - Upgraded to 2.12.23 to incorporate multiple TLS 1.2 fixes 1326389, 1326073, 1323215, 1320982, 1328205, 1321112 - Modified gnutls-serv to accept --sni-hostname 1333521 - Modified gnutls-serv to always reply with an alert message 1327656 - Removed support for DSA2 as it causes...