8997 matches found
firefox security update
firefox: 3.6.23-2.0.1.el61 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 3.6.23-2 - Update to 3.6.23 xulrunner: 1.9.2.23-1.0.1.el61.1 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 1.9.2.23-1.1 - Rebuild. 1.9.2.23-1 - Update to...
fuse security update
2.8.3-3 - Bump the release since the bz was set to the wrong target 2.8.3-2 - Fix another umount race bz 673250, CVE-2010-3879...
Oracle Linux 6 Unbreakable Enterprise kernel security fix update
2.6.32-100.35.1.el6uek - net dccp: handle invalid feature options length CVE-2011-1770 - net can: add missing socket check in can/raw release CVE-2011-1748 - net can: Add missing socket check in can/bcm release CVE-2011-1598...
kernel security update
2.6.9-89.29.1.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
firefox security update
firefox: 3.6.7-2.0.1.el5 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones 3.6.7-2 - Update to 3.6.7 beta2 3.6.7-1 - Update to 3.6.7 3.6.4-9 - Fixed rhbz531159 - default browser check xulrunner: 1.9.2.7-2.0.1.el5 - Added...
kernel security and bug fix update
2.6.9-89.0.26.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
postgresql security update
7.3.21-3 - Fix CVE-2010-1169, CVE-2010-1170, CVE-2009-4136, CVE-2010-0733, CVE-2010-0442 via back-ports of upstream patches for Postgres 7.4 Resolves: 589541...
mysql security update
4.1.22-2.el4.3 - Add comment suggesting disabling symbolic links in /etc/my.cnf 4.1.22-2.el4.2 - Add fixes for CVE-2008-4098, CVE-2009-4030 two successive attempts to fix DATA/INDEX DIRECTORY vulnerabilities and CVE-2008-4456 mysql command line client XSS flaw Resolves: 512255 4.1.22-2.el4.1 - Ad...
mysql security update
5.0.77-4.2 - Add fixes for CVE-2009-4019, CVE-2009-4028, CVE-2009-4030 Resolves: 556505 - Use non-expired certificates for SSL testing upstream bug 50702 - Emit explicit error message if user tries to build RPM as root - Add comment suggesting disabling symbolic links in /etc/my.cnf...
apr-util security update
1.2.7-7.el53.1 - add security fixes for CVE-2009-0023, CVE-2009-1955, and CVE-2009-1956 504560...
firefox security update
firefox : 3.0.5-1.0.1 - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html - Removed the corresponding files of Red Hat. - Added patch oracle-firefox-branding.patch - Update firstrun URL in spec file 3.0.5-1 - Update to Firefox 3.0.5 nspr: 4.7.3-2 - Update to NSPR 4.7.3...
ruby security update
1.8.5-5.el52.6 - security fix 470262 - CVE-2008-4310: real fix for CVE-2008-3656. original patch named as fix for CVE-2008-3656 actually fixed different issue CVE-2008-1145, hence we are providing correct patch and renaming original patch to refer to proper CVE...
firefox security update
devhelp: 0.12-19 - Rebuild against xulrunner firefox: 3.0.2-3.0.1.el5 - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html - Removed the corresponding files of Red Hat. - Added patch oracle-firefox-branding.patch - Update firstrun URL 3.0.2-3 - Update to Firefox 3.0.2 bui...
firefox security update
1.5.0.12-0.19.0.1.el4 - Add firefox-oracle-default-bookmarks.html and firefox-oracle-default-prefs.js 1.5.0.12-0.19.el4 - Respun for mozilla bugs 439035,439735,440308 1.5.0.12-0.18.el4 - Update patchset to fix regression as per 1.8.1.15...
openoffice.org security update
1.1.5-10.0.5 - Resolves: rhbz450521 CVE-2008-2366 1.1.5-10.0.4 - Resolves: rhbz450521 CVE-2008-2152...
net-snmp security update
5.3.1-24.1 - fix buffer overflow in perl module CVE-2008-2292 449897 - fix SNMPv3 authentication checks unknown CVE 449897...
cups security update
cups 1.2.4-11.14:.6 - Applied patch to fix CVE-2008-0053 HP-GL/2 input processing, bug 438117. - Applied patch to fix CVE-2008-1373 GIF overflow, bug 438303. 1.2.4-11.14:.5 - Applied patch to prevent heap-based buffer overflow in CUPS helper program bug 436153, CVE-2008-0047, STR 2729...
Moderate: postgresql security update
7.4.19-1.el46.1 - Update to PostgreSQL 7.4.19 to fix CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601 Resolves: 427135...
Important: kernel security update
2.6.9-55.0.9.0.1 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix for nfs open call taking longer issue Chuck Lever orabug 5580407 bz 219412 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach...
virt:ol and virt-devel:ol security update
qemu-kvm 4.2.0-59.el85.2 - kvm-virtiofsd-Drop-membership-of-all-supplementary-group.patch bz2048627 - Resolves: bz2048627 CVE-2022-0358 virt:rhel/qemu-kvm: QEMU: virtiofsd: potential privilege escalation via CVE-2018-13405 rhel-8.5.0.z...
httpd security update
2.4.6-99.0.3.1 - Opt-ins for unsafe prefixstat and %3f Orabug: 36904263CVE-2024-38474CVE-2024-38475 - modproxy: validate hostname Orabug: 36904263CVE-2024-38477...
Unbreakable Enterprise kernel security update
5.4.17-2136.335.4 caches for x8664. Imran Khan Orabug: 36951041 - printk: add kthread for long-running print Stephen Brennan Orabug: 36456582 - kdb: Use the passed prompt in kdbpositioncursor Douglas Anderson - driver core: Fix ueventshow vs driver detach race Dan Williams - pinctrl: ti:...
edk2 security update
20231122-6.0.1.el94.2 - Replace upstream references Orabug:36569119 20231122-6.el94.2 - edk2-NetworkPkg-SECURITY-PATCH-CVE-2023-45237.patch RHEL-40270 RHEL-40272 - edk2-NetworkPkg-TcpDxe-SECURITY-PATCH-CVE-2023-45236.patch RHEL-40270 RHEL-40272 -...
python3.11 security update
3.11.9-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.9-1 - Rebase to 3.11.9 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix expat tests for the latest expat security release Resolves: RHEL-33672, RHEL-33684...
virt:kvm_utils1 security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libvirt 5.7.0-42 - Document CVEs as fixed Karl Heubaum CVE-2023-2700 - Fix off-by-one error in udevListInterfacesByStatus Martin Kletzander Orabug: 36364474 CVE-2024-1441 - libvirt- : Check caller-provided buffers to be NULL with size 0 Erik...
pcs security update
0.10.18-2.0.1 - Replace HAM-logo.png with a generic one 0.10.18-2 - Fixed CVE-2024-25126, CVE-2024-26141, CVE-2024-26146 in bundled dependency rack Resolves: RHEL-26445, RHEL-26447, RHEL-26449 0.10.18-1 - Rebased to the latest sources see CHANGELOG.md Resolves: RHEL-7741 0.10.17-6 - Rebased to th...
edk2 security update
20220126gitbb1bba3d77-13 - edk2-EmbeddedPkg-Hob-Integer-Overflow-in-CreateHob.patch RHEL-21158 - edk2-StandaloneMmPkg-Hob-Integer-Overflow-in-CreateHob.patch RHEL-21158 - Resolves: RHEL-21158 CVE-2022-36765 edk2: integer overflow in CreateHob could lead to HOB OOB R/W rhel-8...
Unbreakable Enterprise kernel security update
5.15.0-206.153.7 - mmc: core: Initialize mmcblkiocdata Mikko Rapeli - ahci: asm1064: asm1166: don't limit reported ports Conrad Kostecki - mmc: core: Fix switch on gp3 partition Dominique Martinet - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory Michael Kelley -...
Unbreakable Enterprise kernel security update
4.14.35-2047.536.5 - mmc: core: Fix switch on gp3 partition Dominique Martinet - Revert 'Revert 'md/raid5: Wait for MDSBCHANGEPENDING in raid5d'' Song Liu - mm/memory-failure: fix an incorrect use of tail pages Liu Shixin - Revert 'x86/mm/identmap: Use gbpages only where full GB page should be...
mod_http2 security update
2.0.26-2 - Resolves: RHEL-31855 - modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 2.0.26-1 - Resolves: RHEL-14691 - modhttp2 rebase to 2.0.26...
gnutls security update
3.7.6-23.4 - Fix timing side-channel in deterministic ECDSA RHEL-28958 - Fix potential crash during chain building/verification RHEL-28953...
nodejs:18 security update
nodejs 1:18.19.1-1 - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 high - Fixes: CVE-2023-46809 medium nodejs-nodemon nodejs-packaging...
postgresql:13 security update
pgaudit pgrepack postgres-decoderbufs postgresql 13.14-1.0.1 - update to 13.14 - Fixes CVE-2024-0985...
kernel security update
4.18.0-513.11.1.0.19.OL8 - scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2162 - afunix: Fix null-ptr-deref in unixstreamsendpage CVE-2023-4622 - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet CVE-2023-42753...
squid security update
7:5.5-6.0.1.el93.5 - squid: Denial of Service in SSL Certificate validation CVE-2023-46724 - squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728 - squid: Buffer over-read in the HTTP Message processing feature CVE-2023-49285 - squid: Incorrect Check of Function Return Value...
tomcat security and bug fix update
1:9.0.62-27 - Related: RHEL-12543 - Bump release number 1:9.0.62-16 - Resolves: RHEL-12543 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack - Remove JDK subpackges which are unused 1:9.0.62-14 - Related: RHEL-2330 Bump release number 1:9.0.62-13 -...
python3 security update
3.6.8-56.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-56 - Security fix for CVE-2023-40217 Resolves: RHEL-3041 3.6.8-55 - Fix symlink handling in the fix for CVE-2007-4559 Resolves: rhbz263261 3.6.8-54 - Bump release fo...
tomcat security update
1:9.0.62-11.3 - HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487...
18 security update
nodejs 1:18.18.2-2 - Rebase to version 18.18.2 Resolves: CVE-2023-44487 CVE-2023-45143 CVE-2023-38552 CVE-2023-39333 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 nodejs-packaging 2021.06-4 - NPM bundler: also find namespaced bundled dependencies 2021.06-3 - Rebuilt for...
bind security update
32:9.16.23-11.2 - stack exhaustion in control channel code may lead to DoS CVE-2023-3341...
mariadb:10.5 security update
galera 26.4.14-1 - Rebase to 26.4.14 26.4.13-1 - Rebase to 26.4.13 26.4.12-1 - Rebase to 26.4.12 Judy mariadb 3:10.5.22-1 - Rebase to 10.5.22 3:10.5.21-1 - Rebase to version 10.5.21 3:10.5.20-2 - Use fortifylevel to disable fortification in debug builds 3:10.5.20-1 - Rebase to version 10.5.20...
bind9.16 security update
32:9.16.23-14.2 - stack exhaustion in control channel code may lead to DoS CVE-2023-3341...
18 security, bug fix, and enhancement update
nodejs 1:18.16.1-1 - Rebase to 18.16.1 Resolves: rhbz2188292 rhbz2187683 Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 - Replace /usr/etc/npmrc symlink with builtin configuration Resolves: rhbz2222285 nodejs-nodemon nodejs-packaging...
bind security update
2:9.11.4-26.P2.14 - Prevent the cache going over the configured limit CVE-2023-2828...
openssl security and bug fix update
3.0.7-16.0.1 - Replace upstream references Orabug: 34340177 1:3.0.7-16 - Fix possible DoS translating ASN.1 object identifiers Resolves: CVE-2023-2650 - Release the DRBG in global default libctx early Resolves: rhbz2211396 1:3.0.7-15.1 - Re-enable DHX keys in FIPS mode, disable FIPS 186-4 paramet...
git-lfs security and bug fix update
3.2.0-2 - Rebuild with Golang-1.19.4 - Resolves: 2163744 3.2.0-1 - Update to version 3.2.0 - Resolves: 2139382 2.13.3-2 - Define %gobuild macro with proper ldflags - Related: rhbz2021549 2.13.3-1 - Update to version 2.13.3 - Fixed round brackets in Provides - Moved manpages.tgz to look-a-side cac...
kernel security, bug fix, and enhancement update
...
edk2 security, bug fix, and enhancement update
20221207gitfff6d81270b5-9 - edk2-remove-amd-sev-feature-flag-from-secure-boot-builds-.patch bz2169247 - Resolves: bz2169247 edk2 Install a sev guest with enrolled secure boot failed 20221207gitfff6d81270b5-8 - edk2-OvmfPkg-disable-dynamic-mmio-window-rhel-only.patch bz2174605 - Resolves: bz217460...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.524.5.el7 - rds/ib: Fix the softlock-up in RDS cache GC worker Arumugam Kolappan Orabug: 35079728 4.14.35-2047.524.4.el7 - xfs: add missing cmap-brstate = XFSEXTNORM update Gao Xiang Orabug: 35202792 - x86/tsc: Disable clocksource watchdog for TSC on qualified platorms Feng Tang...
kernel security, bug fix, and enhancement update
5.14.0-162.22.21.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...