9182 matches found
libpng security update
2:1.2.10-7.1.el55.3 - Back-port fixes for CVE-2009-2042, CVE-2010-0205, CVE-2010-1205, CVE-2010-2249 Resolves: 609921...
firefox security, bug fix, and enhancement update
3.6.4-8.0.1.el4 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones 3.6.4-8.el4 - Update to 3.6.4 build 7 - Disable checking for updates since they can't be applied 3.6.4-7.el4 - Update to 3.6.4 build 6 3.6.4-6.el4 - Update to...
openldap security and bug fix update
2.3.43-12 - updated spec file, so the compat-libs linking patch applies correctly 2.3.43-11 - backported patch to handle null character in TLS certificates 560912 2.3.43-10 - updated chase-referral patch to compile cleanly - updated init script 562714 2.3.43-9 - updated ldap.sysconf to include...
kvm security and bug fix update
kvm-83-105.0.1.el54.13 - Add kvm-add-oracle-workaround-for-libvirt-bug.patch kvm-83-105.el54.13 - kvm-kernel-KVM-x86-emulator-limit-instructions-to-15-bytes.patch bz541164 - Resolves: bz541164 CVE-2009-4031 kernel: KVM: x86 emulator: limit instructions to 15 bytes rhel-5.4.z kvm-83-105.el54.12 -...
kernel security and bug fix update
2.6.9-89.0.11.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race avoidan...
firefox security update
firefox: 3.0.12-1.0.1.el53 - Update firstrun and homepage URLs - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones - Added patch oracle-firefox-branding.patch 3.0.12-1 - Update to 3.0.12 xulrunner: 1.9.0.12-1.0.1.el53 - Added...
Moderate: dbus security update
1.0.0-6.3.el51 - CVE-2008-0595: D-Bus security policy circumvention - Resolves: 432437 1.0.0-6.el51 - CVE-2006-6107: D-Bus denial of service - Resolves: 219601...
Critical: firefox security update
1.5.0.12-0.3.el4.0.1 - Add firefox-oracle-default-bookmarks.html and firefox-oracle-default-prefs.js for errata rebuild 1.5.0.12-0.3.el4 - Add a patch to stick with major versions 1.5.0.12 / 1.8.0.12 1.5.0.12-0.2.el4 - Update to latest snapshot of Mozilla 1.8.0 branch - Include patches for Mozill...
Important: xen security update
3.0.3-25.0.3.el5 - fix ethernet bonding in balanced-rr mode, respin rhbz215887 3.0.3-25.0.2.el5 - fix ethernet bonding in balanced-rr mode rhbz215887 3.0.3-25.0.1.el5 - disable qemu monitor mode, for security reasons rhbz230295 - fix IA64 shadow page table mode rhbz230459, rhbz230331...
Important: kernel security update
2.6.9-55.0.2.0.1 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix for nfs open call taking longer issue Chuck Lever orabug 5580407 bz 219412 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach...
Moderate: postgresql security update
7.4.17-1.RHEL4.1 - Update to PostgreSQL 7.4.17 for CVE-2007-2138, data loss bugs Resolves: 237680...
Critical thunderbird security update
1.5.0.8-0.1.1.el4 - defaults changed to oracle... 1.5.0.8-0.1.el4 - Update to 1.5.0.8 RC 1.5.0.7-0.1.el4 - Update to 1.5.0.7 1.5.0.5-0.el4.2 - Fix the launcher and icons 1.5.0.5-0.el4.1 - Update to 1.5.0.5...
nginx:1.24 security update
1.24.0-3.0.1 - Remove Red Hat references Orabug: 29498217 1:1.24.0-3 - Resolves: RHEL-157877 CVE-2026-32647 nginx:1.24/nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files - Resolves: RHEL-159436 CVE-2026-27651 nginx:1.24/nginx: NGINX: Denial of Service via undisclose...
virt:ol and virt-devel:ol security and bug fix update
hivex libguestfs libguestfs-winsupport 8.8-2 - Rebase to ntfs-3g 2022.10.3 - Fixes: CVE-2022-40284 - resolves: rhbz2236373 libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-33 - CVE-2023-3354 QEMU: VNC: improper I/O watch removal in TLS handshak...
edk2 security update
1.7.1 - Create new 1.7.1 release for OL7 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK2: In the Linux kernel...
Unbreakable Enterprise kernel security update
5.4.17-2136.335.4 caches for x8664. Imran Khan Orabug: 36951041 - printk: add kthread for long-running print Stephen Brennan Orabug: 36456582 - kdb: Use the passed prompt in kdbpositioncursor Douglas Anderson - driver core: Fix ueventshow vs driver detach race Dan Williams - pinctrl: ti:...
kernel security update
5.14.0-427.28.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
python3.11 security update
3.11.9-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.9-1 - Rebase to 3.11.9 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix expat tests for the latest expat security release Resolves: RHEL-33672, RHEL-33684...
edk2 security update
Tue Feb 27 2024 Aaron Young - Create new 20240227 release for OL9 which includes the following fixed CVEs: CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2022-36763 CVE-2022-36764 CVE-2022-36765 - Update to OpenSSL 3.0.10 which include...
nodejs:20 security update
nodejs 1:20.12.2-2 - Backport nghttp2 patch for CVE-2024-28182 1:20.12.2-1 - Rebase to version 20.12.0 Fixes: CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 node Fixes: CVE-2024-25629 c-ares nodejs-nodemon nodejs-packaging...
grafana security and bug fix update
9.2.10-8 - Rebuild with latest version of golang - resolves CVE-2024-1394...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.329.3.2.el8 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36465920 CVE-2024-1086...
tigervnc security update
1.13.1-3.3 - xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367 - xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions CVE-2023-6377 - xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and...
Unbreakable Enterprise kernel security update
4.1.12-124.81.2 - rebuild bumping release 4.1.12-124.81.1 - netfilter: xtsctp: validate the flaginfo count Wander Lairson Costa Orabug: 35923500 CVE-2023-39193 - USB: eneusb6250: Allocate enough memory for full object Kees Cook Orabug: 35924058 CVE-2023-45862 - netfilter: xtu32: validate user spa...
libpq security update
13.11-1 - Rebase to 13.11 Resolves: 2171369...
curl security update
7.76.1-26.el93.2 - fix cookie injection with none file CVE-2023-38546 7.76.1-26.el93.1 - socks: return error if hostname too long for remote resolve CVE-2023-38545...
python3 security update
3.6.8-21.0.1 - Remove the 'getfile' feature of pydoc Orabug: 33182027CVE-2021-3426 - Fix buffer overflow in PyCArgrepr Orabug: 32551171CVE-2021-3177 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-21 - Test fixups for CVE-2023-40217 Resolves: RHEL-3139 3.6.8-20 - Security fi...
mariadb:10.5 security update
galera 26.4.14-1 - Rebase to 26.4.14 26.4.13-1 - Rebase to 26.4.13 26.4.12-1 - Rebase to 26.4.12 Judy mariadb 3:10.5.22-1 - Rebase to 10.5.22 3:10.5.21-1 - Rebase to version 10.5.21 3:10.5.20-2 - Use fortifylevel to disable fortification in debug builds 3:10.5.20-1 - Rebase to version 10.5.20...
postgresql:10 security update
10.23-2.0.1 - Fixed postgresql port binding issue during bootup Orabug: 35103668 10.23-2 - Backport fixes for CVE-2023-2454 and CVE-2023-2455 - Update postgresql-setup to 8.7 https://github.com/devexp-db/postgresql-setup/pull/35 - Resolves: 2207931 10.23-1 - Resolves: CVE-2022-2625 - Rebase to...
Unbreakable Enterprise kernel security update
5.15.0-102.110.5 - RISC-V: Fix up a cherry-pick warning in setupvmfinal Alexandre Ghiti - Revert 'Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work' Liu Jian - riscv: mm: remove redundant parameter of createfdtearlypagetable Song Shuai - kernfs: change...
kernel security and bug fix update
4.18.0-477.13.18.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
poppler security update
20.11.0-6 - Check for overflow when computing number of symbols - in JBIG2 text region - Resolves: 2126361...
libguestfs-winsupport security update
9.2-1 - Rebase to ntfs-3g 2022.5.17 - Fixes: CVE-2021-46790, CVE-2022-30783, CVE-2022-30784, CVE-2022-30785, CVE-2022-30786, CVE-2022-30787, CVE-2022-30788, CVE-2022-30789 resolves: rhbz2127235 rhbz2127242 also 2127264 2127250 2127257...
freerdp security update
2:2.4.1-5 - Fix 'implicit declaration of function' errors 2136155, 2145140 - 2:2.4.1-4 - CVE-2022-39282: Fix length checks in parallel driver 2136152 - CVE-2022-39283: Add missing length check in video channel 2136154 - CVE-2022-39316, CVE-2022-39317: Add missing length checks in zgfx 2145140 -...
Unbreakable Enterprise kernel security update
5.15.0-7.86.6.1 - net/rds: Delegate fan-out to a background worker Gerd Rausch Orabug: 35051226 5.15.0-7.86.6 - runtime revert of virtionet: Stripe queue affinities across cores. Konrad Rzeszutek Wilk Orabug: 35001044 - rds: ib: Make sure messages that errors out also get unmapped Hakon Bugge...
kernel security and bug fix update
4.18.0-425.10.1.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
podman security and bug fix update
2:4.2.0-3.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 2:4.2.0-3 - fix dependency in test subpackage - Related: 2061316 2:4.2.0-2 - readd catatonit - Related: 2061316 2:4.2.0-1 - update to latest content of...
bind security update
32:9.16.23-5 - Fix possible serve-stale related crash CVE-2022-3080 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178 32:9.16.23-4 - Export bind-doc package 2104863 32:9.16.23-3 - Tighten cache protection against record from...
git-lfs security and bug fix update
2.13.3-3 - Rebuild with new Golang - Resolves: rhbz2131795...
squid security update
7:3.5.20-17.0.1 - Mutiple CVE fixes for squid Orabug: 33146289 - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing 788 - Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range...
Unbreakable Enterprise kernel security update
5.15.0-2.52.3 - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Thadeu Lima de Souza Cascardo Orabug: 34495548 CVE-2022-2585 - fix race between exititimers and /proc/pid/timers Oleg Nesterov Orabug: 34495548 - rds: ib: Add preemption control when using per-cpu variables Hakon...
.NET 6.0 security, bug fix, and enhancement update
6.0.108-1.0.1 - Add missing Oracle RIDs - Build all packages on source-build even when in servicing 6.0.108-1 - Update to .NET SDK 6.0.108 and Runtime 6.0.8 - Resolves: RHBZ2112413...
Unbreakable Enterprise kernel security update
5.4.17-2136.309.5.1 - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460937 CVE-2022-2588...
expat security update
2.2.10-12.2 - Improve fix for CVE-2022-25313 - Related: CVE-2022-25313 2.2.10-12.1 - Fix multiple CVEs - Resolves: CVE-2022-25314 - Resolves: CVE-2022-25313...
subversion:1.14 security update
subversion 1.14.1-2 - add fix for CVE-2022-24070...
maven:3.6 security and enhancement update
httpcomponents-client 4.5.10-4 - Fix incorrect handling of malformed authority component in request URIs - Resolves: CVE-2020-13956 maven 1:3.6.2-7 - Add maven-openjdk17 - Resolves: rhbz1991521...
cpio security update
2.12-11 - Fixed CVE-2021-38185 1992511...
olcne istio istio security update
olcne 1.4.3-1 - Update Istio to 1.13.2 istio 1.12.6-1 - Addresses CVE-2022-24726, CVE-2022-24921 istio 1.13.2-1 - Added Oracle specific files for 1.13.2-1...
thunderbird security update
91.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.8.0-1 - Update to 91.8.0...
aide security update
0.16.14.1 - backported fix for CVE-2021-45417 resolves: rhbz2041956...