8997 matches found
Moderate: thunderbird security update
1.5.0.12-0.3.el4.0.1 - Add thunderbird-oracle-default-prefs.js for errata rebuild 1.5.0.12-0.3.el4 - Add a patch to stick with major versions 1.5.0.12 / 1.8.0.12 1.5.0.12-0.2.el4 - Update to latest snapshot of Mozilla 1.8.0 branch - Include patches for Mozilla bugs 379245, 384925, 178993, 381300...
Moderate: tomcat security update
5.5.23-0jpp.1.0.4.el5 - Remove erroneous rebuild-gcj-db for javadoc subpackage - Add fixes for CVE-2007-2449 and CVE-2007-2450 - resolves: bug 244846, bug 244816...
Moderate: postgresql security update
7.4.17-1.RHEL4.1 - Update to PostgreSQL 7.4.17 for CVE-2007-2138, data loss bugs Resolves: 237680...
Important: kernel security update
2.6.0-42.0.8.0.1 -Fix bonding primary=ethX so it picks correct network IT 101532 ORA 5136660 2.6.0-42.0.8 -fix ext2 readdir fpos revalidation logic David Milburn 193877 2.6.9-42.0.7 -re-spin 2.6.9-42.0.6 -x8664: increase nmi watchdog timeout from 5 to 30 seconds Larry Woodman 205 722 2.6.9-42.0.5...
virt:ol and virt-devel:ol security and bug fix update
hivex libguestfs libguestfs-winsupport 8.8-2 - Rebase to ntfs-3g 2022.10.3 - Fixes: CVE-2022-40284 - resolves: rhbz2236373 libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-33 - CVE-2023-3354 QEMU: VNC: improper I/O watch removal in TLS handshak...
firefox security update
128.7.0-1.0.1 - Update to 128.7.0 build1 Orabug: 37564202CVE-2025-1009CVE-2025-1010 CVE-2025-1011CVE-2025-1012CVE-2025-1013CVE-2025-1014CVE-2025-1016 CVE-2025-1017...
python39:3.9 and python39-devel:3.9 security update
modwsgi numpy python39 3.9.19-1 - Update to 3.9.19 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix tests for XMLPullParser with Expat with fixed CVE Resolves: RHEL-33676, RHEL-33688 python3x-pip python3x-setuptools python3x-six python-cffi python-chardet python-cryptography python-idna...
nodejs:20 security update
nodejs 1:20.12.2-2 - Backport nghttp2 patch for CVE-2024-28182 1:20.12.2-1 - Rebase to version 20.12.0 Fixes: CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 node Fixes: CVE-2024-25629 c-ares nodejs-nodemon nodejs-packaging...
java-11-openjdk security update
1:11.0.23.0.9-3.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:11.0.23.0.9-2 - Fix 11.0.22 release date in NEWS 1:11.0.23.0.9-1 - Update to jdk-11.0.23+9 GA - Update release notes to 11.0.23+9 - Switch to GA mode for release - Require tzdata 2024a due to upstream inclusion of JDK-8322725 - On...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.329.3.2.el8 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36465920 CVE-2024-1086...
kernel security update
5.14.0-362.18.0.13.OL9 - nfp: fix use-after-free in areacacheget Jialiang Wang CVE-2022-3545 - drivers: net: slip: fix NPD bug in sltxtimeout Duoming Zhou CVE-2022-41858 - can: afcan: fix NULL pointer dereference in canrcvfilter Oliver Hartkopp CVE-2023-2166 - RDMA/core: Fix resolvepreparesrc...
php:8.1 security update
php 8.1.27-1 - rebase to 8.1.27 RHEL-19093 8.1.14-1 - rebase to 8.1.14 8.1.8-1 - update to 8.1.8 2070040 8.1.7-2 - clean unneeded dependency on useradd command 8.1.7-1 - update to 8.1.7 2070040 8.1.6-2 - add upstream patch to initialize pcre before mbstring - add upstream patch to use more sha256...
go-toolset and golang security and bug fix update
golang 1.19.13-1 - Update to go 1.19.13 CVE-2023-44487 CVE-2023-39325 CVE-2023-29409 go-toolset 1.19.13-1 - Update to Go version 1.19.13...
nodejs:18 security, bug fix, and enhancement update
nodejs 1:18.17.1-1 - Rebase to version 18.17.1 Resolves: rhbz2228940 Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 - Specify proper OpenSSL configuration section build Related: rhbz2226726 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 nodejs-packaging...
cross-gcc security update
12.1.1-2.0.4 - CVE-2023-4039 mitigation. Orabug 35752028. - Reviewed-by: Jose E. Marchesi...
postgresql:12 security update
pgaudit pgrepack postgres-decoderbufs postgresql 12.15-1.0.1 - Fixed postgresql port binding issue during bootup Orabug: 35103668 12.15-1 - Update postgresql-setup to 8.7 https://github.com/devexp-db/postgresql-setup/pull/35 - Resolves: 2207932 - Update to version 12.15...
kernel security, bug fix, and enhancement update
5.14.0-284.25.1.0.12 - Fix KVM: x86/mmu: Fix race condition in directpagefault Orabug: 35673032 CVE-2022-45869 5.14.0-284.25.12 - KVM: x86/mmu: Fix race condition in directpagefault - prlimit: doprlimit needs to have a speculation check CVE-2023-0458 - x86/speculation: Allow enabling STIBP with...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.382.b05-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.382.b05-2 - CVE-2023-22045 and CVE-2023-22049 fixed - Release bump for Oracle rebuild 1:1.8.0.382.b05-1 - Update to shenandoah-jdk8u372-b05 GA - Update release notes for shenandoah-8u372-b05. - This tarball is embargoed...
Unbreakable Enterprise kernel security update
5.15.0-102.110.5 - RISC-V: Fix up a cherry-pick warning in setupvmfinal Alexandre Ghiti - Revert 'Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work' Liu Jian - riscv: mm: remove redundant parameter of createfdtearlypagetable Song Shuai - kernfs: change...
grafana security and enhancement update
9.0.9-2 - resolve CVE-2022-39229 grafana: Using email as a username can prevent other users from signing in - resolve CVE-2022-2880 CVE-2022-41715 grafana: various flaws 9.0.9-1 - update to 9.0.9 tagged upstream community sources, see CHANGELOG - resolve CVE-2022-35957 grafana: Escalation from...
vim security update
8.2.2637-20.0.1 - Remove upstream references Orabug: 31197557 2:8.2.2637-20 - CVE-2022-47024 vim: no check if the return value of XChangeGC is NULL 2:8.2.2637-19 - CVE-2022-1785 vim: Out-of-bounds Write - CVE-2022-1897 vim: out-of-bounds write in vimregsubboth in regexp.c - CVE-2022-1927 vim:...
Unbreakable Enterprise kernel security update
5.15.0-7.86.6.1 - net/rds: Delegate fan-out to a background worker Gerd Rausch Orabug: 35051226 5.15.0-7.86.6 - runtime revert of virtionet: Stripe queue affinities across cores. Konrad Rzeszutek Wilk Orabug: 35001044 - rds: ib: Make sure messages that errors out also get unmapped Hakon Bugge...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.362.b09-2 - Update cacerts patch to fix OPENJDK-1433 SecurityManager issue - Update to shenandoah-jdk8u352-b09 GA - Update release notes for shenandoah-8u352-b09. - Resolves: rhbz2163595 1:1.8.0.362.b08-2 - Update to shenandoah-jdk8u352-b08 GA - Update release notes for...
libxml2 security update
2.9.13-3 - Fix CVE-2022-40303 2136564 - Fix CVE-2022-40304 2136569...
podman security and bug fix update
2:4.2.0-3.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 2:4.2.0-3 - fix dependency in test subpackage - Related: 2061316 2:4.2.0-2 - readd catatonit - Related: 2061316 2:4.2.0-1 - update to latest content of...
grafana security, bug fix, and enhancement update
7.5.15-3 - resolve CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse functions - resolve CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header - resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working ...
container-tools:ol8 security, bug fix, and enhancement update
aardvark-dns 2:1.1.0-5 - fix 'Two aardvark-dns instances trying to use the same port on the same interface' - Resolves: 2130234 buildah 1:1.27.2-2 - update to the latest content of https://github.com/containers/buildah/tree/release-1.27 https://github.com/containers/buildah/commit/c43a389 -...
xmlrpc-c security update
1.51.0-8 - Address some Coverity issues in the patch set 1.51.0-7 - lib: Prevent more integer overflows CVE-2022-22822 to CVE-2022-22827 2058567, 2058576, 2058582, 2058589, 2058595, 2058602 - Prevent integer overflow on mgroupSize in doProlog CVE-2021-46143 2058560...
bind9.16 security update
32:9.16.23-0.9.1 - Fix possible serve-stale related crash CVE-2022-3080 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178 32:9.16.23-0.9 - Tighten cache protection against record from forwarders CVE-2021-25220 - Include test of...
mysql:8.0 security, bug fix, and enhancement update
mecab 0.996-2 - Rebuild to fix the issue described in 2000986 - Resolves: 2000986 mysql 8.0.30-1 - Update to MySQL 8.0.30 - Remove patches now upstream: chain certs, s390 and robin hood - Add a new plugin 'conflictingvariables.so' 8.0.29-1 - Update to MySQL 8.0.29 8.0.28-1 - Update to MySQL 8.0.2...
Unbreakable Enterprise kernel security update
5.15.0-1.43.4.2 - rds: copyfromuser only once per rdssendmsg system call Hans Westgaard Ry Orabug: 33981854 CVE-2022-21385...
.NET 6.0 security, bug fix, and enhancement update
6.0.108-1.0.1 - Add missing Oracle RIDs - Build all packages on source-build even when in servicing 6.0.108-1 - Update to .NET SDK 6.0.108 and Runtime 6.0.8 - Resolves: RHBZ2112413...
subversion:1.14 security update
subversion 1.14.1-2 - add fix for CVE-2022-24070...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.307.3.4 - iouring: always use original task when preparing req identity Jens Axboe Orabug: 34186552 CVE-2022-1786 5.4.17-2136.307.3.3 - debug: Lock down kgdb Stephen Brennan Orabug: 34152699 CVE-2022-21499...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.513.2.2.el7 - debug: Lock down kgdb Stephen Brennan Orabug: 34152700 CVE-2022-21499...
firefox security update
91.8.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build 91.8.0-1 - Update to 91.8.0...
thunderbird security update
91.4.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.4.0-2 - Update to 91.4.0 build2 91.4.0-1 - Update to 91.4.0 build1...
container-tools:ol8 security, bug fix, and enhancement update
...
vim security update
8.0.1763-16.0.1 - - Remove upstream references Orabug: 31197557 2:8.0.1763-16 - 2004974 - CVE-2021-3796 vim: use-after-free in nvreplace in normal.c rhel-8.5.0 - 2004891 - CVE-2021-3778 vim: heap-based buffer overflow in utfptr2char in mbyte.c rhel-8.5.0...
thunderbird security update
91.3.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.3.0-2 - Update to 19.3.0 build2 91.3.0-1 - Update to 91.3.0 build1...
sssd security and bug fix update
1.16.5-10.0.1 - Revert Redhat's change of disallowing duplicated incomplete gid when 'idprovider=ldap' is used, which caused regression in AD environment. Orabug: 29286774 Doc ID 2605732.1 1.16.5-10.10 - Resolves: rhbz1973796 - SSSD is NOT able to contact the Global Catalog when local site is dow...
389-ds:1.4 security and bug fix update
1.4.3.16-16 - Bump version to 1.4.3.16-16 - Resolves: Bug 1972738 - Changelog cache can upload updates from a wrong starting point CSN - Resolves: Bug 1972721 - Large updates can reset the CLcache to the beginning of the changelog 1.4.3.16-15 - Bump version to 1.4.3.16-15 - Resolves: Bug 1970791 ...
.NET Core 3.1 security and bugfix update
3.1.116-1.0.1 - Update patch to support 8.3 [email protected] - support OL release scheme [email protected] 3.1.116-1 - Update to .NET SDK 3.1.116 and Runtime 3.1.16 - Resolves: RHBZ1965505 3.1.115-1 - Update to .NET SDK 3.1.115 and Runtime 3.1.15 - Resolves: RHBZ1954333...
runc bug fix update
1.0.0-92.rc92 - Add epoch value of 2 to allow upgrade to 1.0.0-92.rc92 from 1.0.0-93.rc93. 1.0.0-92.rc92 - Build for https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc92...
dotnet3.1 security and bugfix update
3.1.113-1.0.1 - Update patch to support 8.3 [email protected] - support OL release scheme [email protected] 3.1.113-1 - Update to .NET Core SDK 3.1.113 and Runtime 3.1.13 - Resolves: RHBZ1933845...
olcne security update
kata-runtime 1.7.3-1.0.7 - Address CVE-2020-28914 kata 1.7.3-1.0.12 - UEKR6 guest kernel support 1.7.3-1.0.11 - Address CVE-2020-28914 kubernetes 1.17.9-1.0.6 - Kata CVE-2020-28914 olcne 1.1.10-1 - Address CVE-2020-28914: An improper file permissions vulnerability affects Kata Containers prior to...
Unbreakable Enterprise kernel-container security update
4.14.35-2025.404.1.2.el7 - Revert 'rds: Deregister all FRWR mr with freemr' aru kolappan Orabug: 32426280...
qt5-qtbase security update
5.9.7-4 - Fix: Files placed by attacker can influence the working directory and lead to malicious code execution Resolves: bz1814740 Resolves: bz1814685 5.9.7-3 - Fix multilib issue with qtcore-config.h header file Resolves: bz1534528 - Move libQt5EglFSDeviceIntegration lib into correct subpackag...
evince and poppler security and bug fix update
evince 3.28.2-10 - Do not try to use iconview widget when in tree view mode - Resolves: 1610436 poppler 0.26.5-43 - Fix crash on broken file in tilingPatternFill - Resolves: 1801340...
postgresql-jdbc security update
8.4.704-4 - require explicitly jdk-1.6 due to ABI bytecode compatibility 8.4.704-3 - fixed XXE vulnerability CVE-2020-13692...