9178 matches found
Unbreakable Enterprise kernel security update
5.4.17-2136.309.5.1 - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460937 CVE-2022-2588...
firefox security update
91.12.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build 91.12.0-1 - Update to 91.12.0 build1...
python-twisted-web security update
12.1.0-8 - Security fix for CVE-2022-24801: Possible http request smuggling Resolves: rhbz2073114...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.307.3.4 - iouring: always use original task when preparing req identity Jens Axboe Orabug: 34186552 CVE-2022-1786 5.4.17-2136.307.3.3 - debug: Lock down kgdb Stephen Brennan Orabug: 34152699 CVE-2022-21499...
firefox security update
91.8.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build 91.8.0-1 - Update to 91.8.0...
thunderbird security update
91.4.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.4.0-2 - Update to 91.4.0 build2 91.4.0-1 - Update to 91.4.0 build1...
libwebp security update
1.0.0-5 - Added fixes for rhbz1956853, rhbz1956856, rhbz1956868, rhbz1956917...
mailman:2.1 security update
3:2.1.29-11 - Fixes for CVE-2020-12108 and CVE-2020-15011...
virt:ol and virt-devel:rhel security, bug fix, and enhancement update
libvirt 6.0.0-35.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma - Disable parallel builds Karl Heubaum libvirt-dbus 1.3.0 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release libvirt-python...
dotnet3.1 security and bugfix update
3.1.113-1.0.1 - Update patch to support 8.3 [email protected] - support OL release scheme [email protected] 3.1.113-1 - Update to .NET Core SDK 3.1.113 and Runtime 3.1.13 - Resolves: RHBZ1933845...
screen security update
4.1.0-0.27.2012314git3c2946 - fix CVE-2021-26937 1927063...
mod_auth_openidc:2.3 security and bug fix update
cjose 0.6.1-2 - fix concatkdf big endian architecture problem. Upstream issue 77. 0.6.1-1 - upgrade to latest upstream 0.6.1 0.5.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora29MassRebuild 0.5.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild 0.5.1-1 - Initial packagin...
thunderbird security update
68.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.5.0-1 - Update to 68.5.0 build1...
microcode_ctl security, bug fix and enhancement update
4:20191115-4.20200602.2 - Avoid temporary file creation, used for here-documents in checkcaveats. 4:20191115-4.20200602.1 - Update Intel CPU microcode to microcode-20200602 release, addresses CVE-2020-0543, CVE-2020-0548, CVE-2020-0549 1827183: - Update of 06-2d-06/0x6d SNB-E/EN/EP C1/M0 microcod...
git security update
2.18.4-2 - Update to release 2.18.4 - Resolves: CVE-2020-11008...
ksh security update
20120801-253.0.1.el81 - Disable ASTnospawnveg for taskset workaround Orabug: 26754277 Red Hat Bug: 1295563 20120801-253 - Do not evaluate arithmetic expressions from environment variables at startup Resolves: 1790546...
ruby security update
2.0.0.648-36 - Introduce 'Gem::UserInteractionverbose' method as precondition to fix CVE-2019-8321. rubygems-2.3.0-refactor-checking-reallyverbose.patch - Fix escape sequence injection vulnerability in verbose. - Fix escape sequence injection vulnerability in gem owner. Resolves: CVE-2019-8322 -...
ghostscript security, bug fix, and enhancement update
9.25-2 - obsoleted old ghostscript-devel to allow clean upgrade to libgs-devel 9.25-1 - Rebase to latest upstream version bug 1636115 - Resolves: 1673399 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - Resolves: 1678172 - CVE-2019-3835 ghostscript: superexec...
virt:rhel security update
libguestfs 1:1.38.4-10.0.1 - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.38.4-10.1 - Fix inspection of partition-less devices resolves: rhbz1714747 libssh2 1.8.0-7.el80.1 - fix integer overflow in keyboard interactive handling that...
java-11-openjdk security update
1:11.0.3.7-2.0.1 - link atomic for ix86 build Livy Ge 1:11.0.3.7-2 - Do not generate lib-style requires for -slowdebug subpackages. - Resolves: rhbz1693468 1:11.0.3.7-2 - Fix requires/provides for the non-system JDK case. JDK 11 is not a system JDK at this point. - Resolves: rhbz1693468...
flatpak security update
0.8.8-4 - Add patch for CVE-2018-6560 1547376...
pki-core security, bug fix, and enhancement update
10.5.1-13.1 - Rebuild due to build system database problem 10.5.1-13 - - RHEL 7.5: - - Bugzilla Bug 1553068 - Using a Netmask produces an odd entry in a certifcate rhel-7.5.z ftweedal - Bugzilla Bug 1585945 - CMC CRMF requests result in InvalidKeyFormatException when signing algorithm is ECC...
qemu-kvm security update
0.12.1.2-2.503.el69.6 - qemu-kvm-i386-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch bz1574067 - Resolves: bz1574067 EMBARGOED CVE-2018-3639 qemu-kvm: Kernel: omega-4 rhel-6.9.z...
qemu-kvm security update
1.5.3-156.el75.2 - kvm-i386-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch bz1574075 - Resolves: bz1574075 EMBARGOED CVE-2018-3639 qemu-kvm: Kernel: omega-4 rhel-7.5.z...
qemu-kvm security update
1.5.3-156.el75.1 - kvm-vga-add-ramaddrt-cast.patch bz1567913 - kvm-vga-fix-region-calculation.patch bz1567913 - Resolves: bz1567913 CVE-2018-7858 qemu-kvm: Qemu: cirrus: OOB access when updating vga display rhel-7 rhel-7.5.z...
qemu-kvm security update
1.5.3-141.el74.4 - kvm-multiboot-validate-multiboot-header-address-values.patch bz1501120 - Resolves: bz1501120 CVE-2017-14167 qemu-kvm: Qemu: i386: multiboot OOB access while loading kernel image rhel-7.4.z 1.5.3-141.el74.3 - kvm-bswap.h-Remove-cputo32wu.patch bz1501294 -...
curl security, bug fix, and enhancement update
7.29.0-42 - fix use of uninitialized variable detected by Covscan 7.29.0-41 - make FTPS work with --proxytunnel 1420327 7.29.0-40 - make FTPS work with --proxytunnel 1420327 7.29.0-39 - work around race condition in PK11FindSlotByName in NSS 1404815 7.29.0-38 - make FTPS work with --proxytunnel...
jasper security update
1.900.1-21 - Bump release 1.900.1-20 - Multiple security fixes fixed by thoger: CVE-2015-5203 CVE-2015-5221 CVE-2016-1577 CVE-2016-1867 CVE-2016-2089 CVE-2016-2116 CVE-2016-8654 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692 CVE-2016-8693 CVE-2016-8883 CVE-2016-8884 CVE-2016-8885 CVE-2016-9262...
bind security update
32:9.8.2-0.62.rc1.1 - Fix CVE-2017-3136 ISC change 4575 - Fix CVE-2017-3137 ISC change 4578...
ImageMagick security update
6.7.2.7-5 - Add fix for CVE-2016-3714, CVE-2016-3715, CVE-2016-3716 and CVE-2016-3717...
graphite2 security, bug fix, and enhancement update
1.3.6-1 - Related: rhbz1309052 CVE-2016-1521 CVE-2016-1522 CVE-2016-1523 CVE-2016-1526 1.3.5-1 - Resolves: rhbz1309052 CVE-2016-1521 CVE-2016-1522 CVE-2016-1523 CVE-2016-1526 1.2.4-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora24MassRebuild 1.2.4-5 - Rebuilt for...
postgresql security update
8.4.20-5 - fix for CVE-2016-0773 rhbz1308598 - fix tests for new libxml2 rhbz1303972...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.2.5 - KEYS: Fix keyring ref leak in joinsessionkeyring Yevgeny Pats Orabug: 22563965 CVE-2016-0728...
qemu-kvm security fix update
1.5.3-86.el71.6 - kvm-rtl8139-avoid-nested-ifs-in-IP-header-parsing-CVE-20.patch bz1248764 - kvm-rtl8139-drop-tautologous-if-ip-.-statement-CVE-2015-.patch bz1248764 - kvm-rtl8139-skip-offload-on-short-Ethernet-IP-header-CVE.patch bz1248764 -...
httpd security update
2.4.6-31.0.1.el71.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-31.1 - core: fix chunk header parsing defect CVE-2015-3183 - core: replace of apsomeauthrequired with apsomeauthnrequired and apforceauthn hook CVE-2015-3185...
hivex security and bug fix update
1.3.3-4.3 - Add missing checks for small/truncated files resolves: rhbz1158993 - Fix typo in man page Win::Hivex.3.pm resolves: rhbz1164693...
wireshark security, bug fix, and enhancement update
1.8.10-17.0.2 - Fix ocfs2 dissector John Haxby orabug 21505640 1.8.10-17.0.1.el6 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.8.10-17 - security patches - Resolves: CVE-2015-2189 CVE-2015-2191 1.8.10-16 - security patches - Resolves: CVE-2014-8710 CVE-2014-8711...
tomcat security update
0:7.0.54-2 - Resovles: CVE-2014-0227...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.4 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930553 CVE-2014-9584 - selinux: Permit bounded transitions under NONEWPRIVS or NOSUID. Stephen Smalley Orabug: 20930502 CVE-2014-3215 - Add PRGET,SETNONEWPRIVS to prevent execve from granting privs Andy...
unzip security update
6.0-2 - Fix CVE-2014-9636 CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 Resolves: 1196132 1196120 1196124 1196128...
kernel security update
kernel 2.6.18-400.1.1 - x86 traps: stop using IST for SS Petr Matousek 1172809 CVE-2014-9322...
libvirt security and bug fix update
0.10.2-46.0.1.el66.2 - Replace docs/et.png in tarball with blank image 0.10.2-46.el66.2 - qemu: allow restore with non-migratable XML input rhbz1155564 - qemu: Introduce qemuDomainDefCheckABIStability rhbz1155564 - Make ABI stability issue easier to debug rhbz1155564 - CVE-2014-3633: qemu:...
kernel security and bug fix update
3.10.0-123.9.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.9.2 - virt kvm: fix PIT timer race condition Petr Matousek 1144879 1144880 CVE-2014-3611 - virt kvm/vmx: handle invept and invvpid vm exits gracefully Petr Matousek 1145449 1116936 1144828 1144829 CVE-2014-3645 CVE-2014-3646...
tomcat6 security update
0:6.0.24-78 - Related: CVE-2013-4590 - remove xml schema names javaee5, - javaeewebservices12, and javaeewebservices12client - from descriptor.DigesterFactory initialization. These - schema definitions are not relevant to 6.0.24 as the version - of their spec did not exist at the time. 0:6.0.24-7...
firefox security update
24.7.0-1.0.1.el65 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 24.7.0-1 - Update to 24.7.0 ESR...
httpd security update
2.2.3-85.0.1.el510 - fix modssl always performing full renegotiation Joe Jin orabug 12423387 - replace index.html with Oracle's index page oracleindex.html - update vstring and distro in specfile 2.2.3-85 - modlogconfig: add security fix for CVE-2014-0098 1078176 2.2.3-84 - moddav: add security f...
thunderbird security update
24.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.4.0-1 - Update to 24.4.0...
thunderbird security update
17.0.7-1.0.1.el64 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 17.0.7-1 - Update to 17.0.7 ESR...
1
kernel 2.6.18-348.4.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
firefox security update
firefox 17.0.5-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 17.0.5-1 - Update to 17.0.5 ESR xulrunner 17.0.5-1.0.1.el64 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNERVERSION from SOURCE21 17.0.5-1 -...