8997 matches found
git-lfs security and bug fix update
3.2.0-2 - Rebuild with Golang-1.19.4 - Resolves: 2163744 3.2.0-1 - Update to version 3.2.0 - Resolves: 2139382 2.13.3-2 - Define %gobuild macro with proper ldflags - Related: rhbz2021549 2.13.3-1 - Update to version 2.13.3 - Fixed round brackets in Provides - Moved manpages.tgz to look-a-side cac...
edk2 security, bug fix, and enhancement update
20221207gitfff6d81270b5-9 - edk2-remove-amd-sev-feature-flag-from-secure-boot-builds-.patch bz2169247 - Resolves: bz2169247 edk2 Install a sev guest with enrolled secure boot failed 20221207gitfff6d81270b5-8 - edk2-OvmfPkg-disable-dynamic-mmio-window-rhel-only.patch bz2174605 - Resolves: bz217460...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.524.5.el7 - rds/ib: Fix the softlock-up in RDS cache GC worker Arumugam Kolappan Orabug: 35079728 4.14.35-2047.524.4.el7 - xfs: add missing cmap-brstate = XFSEXTNORM update Gao Xiang Orabug: 35202792 - x86/tsc: Disable clocksource watchdog for TSC on qualified platorms Feng Tang...
kernel security, bug fix, and enhancement update
5.14.0-162.22.21.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
systemd security update
250-12.0.2.el91.1 - Backport upstream pstore dmesg fix Orabug: 34868110 - Remove upstream references Orabug: 33995357 - Disable unprivileged BPF by default Orabug: 32870980 - udev rules: fix memory hot add and remove Orabug: 31310273 - set 'RemoveIPC=no' in logind.conf as default for OL7.2 Orabug...
java-1.8.0-openjdk security and bug fix update
1.8.0.362.b09-2.0.1 - Replace upstream references Orabug: 34340145 1:1.8.0.362.b09-2 - Update cacerts patch to fix OPENJDK-1433 SecurityManager issue - Update to shenandoah-jdk8u352-b09 GA - Update release notes for shenandoah-8u352-b09. - Resolves: rhbz2163594 1:1.8.0.362.b08-2 - Update to...
qemu security update
15:4.2.1-24.el7 - Revert 'virtio-scsi: Send 'REPORTED LUNS CHANGED' sense data upon disk hotplug events' Mark Kanda Orabug: 34905939 15:4.2.1-23.el7 - hw/display/ati2d: Fix buffer overflow in ati2dblt CVE-2021-3638 Philippe Mathieu-Daude Orabug: 33930374 CVE-2021-3638 - tests/acpi: virt: update...
.NET 6.0 security, bug fix, and enhancement update
6.0.113-1.0.1 - Add missing Oracle Linux Runtime IDs 6.0.113-1 - Update to .NET SDK 6.0.113 and Runtime 6.0.13 - Resolves: RHBZ2154458...
Unbreakable Enterprise kernel security update
5.15.0-6.80.3.1 - Revert 'rds: ib: Enable FC by default' Hakon Bugge Orabug: 34964359 5.15.0-6.80.3 - net/mlx5: Suppress error logging on UCTX creation Marina Orabug: 34888471 - rds: ib: Fix leaked MRs during kexec Hakon Bugge Orabug: 34892082 - uek-rpm: Add ptpkvm.ko to core rpm Somasundaram...
virt:ol and virt-devel:ol security, bug fix, and enhancement update
libguestfs 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix CVE-2022-2211 Denial of Service in --key parameter resolves: rhbz2101280 1:1.44.0-8 - Obsolete ol...
git-lfs security and bug fix update
2.13.3-3 - Rebuild with new Golang - Resolves: rhbz2131795...
java-11-openjdk security and bug fix update
11.0.17.0.8-2.0.1 - Replace upstream references Orabug: 34340155 1:11.0.17.0.8-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data with Europe/Kyiv JDK-8293834 - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public A...
kvm_utils2 security update
...
openssl security update
3.0.1-41.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-41 - Zeroize public keys as required by FIPS 140-3 Resolves: rhbz2115861 - Add FIPS indicator for HKDF Resolves: rhbz2118388 1:3.0.1-40 - Deal with DH keys in FIPS mode according FIPS-140-3 requirements Related: rhbz2115856 - Dea...
rsync security update
3.2.3-9.2 - Resolves: 2111176 - remote arbitrary files write inside the directories of connecting peers...
httpd security update
2.2.15-69.0.5 - handle large writes in aprputs CVE-2022-28614Orabug: 34317854...
php security update
8.0.13-2 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626...
389-ds:1.4 security update
1.4.3.28-7 - Bump version to 1.4.3.28-7 - Resolves: Bug 2081008 - CVE-2022-0996 389-ds:1.4/389-ds-base: expired password was still allowed to access the database - Resolves: Bug 2081014 - CVE-2022-0918 389-ds:1.4/389-ds-base: sending crafted message could result in DoS...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.308.7.el7 - uek-rpm: Update OL7/8 Secureboot certificate and shim versions Sherry Yang Orabug: 34248329 5.4.17-2136.308.6 - mac80211hwsim: call ieee80211txprepareskb under RCU protection Johannes Berg - arm: remove CONFIGARCHHASHOLESMEMORYMODEL Mike Rapoport - x86/cpu: Load microcode...
postgresql:10 security update
10.19-2 - Add missing files into file section of server package postgresql-setup v8.6 newly provides postgresql-upgrade...
mariadb:10.5 security, bug fix, and enhancement update
galera 26.4.9-4 - Use downstream garbd-wrapper and garbd.service to ensure compatibility - Add upstream versions of garbd-wrapper called garbd-systemd and garbd.service in case user want's to use them 26.4.9-3 - Explicitly require the 'procps-ng' package - Otherwise it will not require it in the...
xmlrpc-c security update
1.51.0-5.1 - Add missing validation of encoding CVE-2022-25235 2058114...
postgresql:12 security update
postgresql 12.9-1 - Update to 12.9 - Resolves: 2024677...
libjpeg-turbo security and bug fix update
1.5.3-12 - Add missing license file 1982572 1.5.3-11 - Fix CVE-2020-17541 1972289...
babel security and bug fix update
2.5.1-7 - Include the /usr/bin/pybabel binary that runs on Python 3.6 in the python3-babel package Resolves: rhbz1967173 2.5.1-6 - Fix CVE-2021-20095 Resolves: rhbz1955615...
python-psutil security update
5.4.3-11 - Security fix for CVE-2019-18874: double free because of refcount mishandling Resolves: rhbz1772014...
thunderbird security update
91.2.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.2.0-1 - Update to 91.2.0 build1 91.1.2-1 - Update to 91.1.2 build1 91.1.0-1 - Update to 91.1.0 build2...
389-ds-base security and bug fix update
1.3.10.2-13 - Bump version to 1.3.10.2-13 - Resolves: Bug 2005399 - Internal unindexed searches in syncrepl - Resolves: Bug 2005432 - CVE-2021-3652 389-ds:1.4/389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed - Resolves: Bug 2005434 - ACIs are being evaluated again...
krb5 security update
1.18.2-8 - Add recursion limit for ASN.1 indefinite lengths CVE-2020-28196 - Resolves: 1906492 1.18.2-7 - Document -k option in kvno1 synopsis - Resolves: 1869055 1.18.2-6 - Enable MD5 override for FIPS RADIUS - Resolves: 1872689 1.18.2-5.2 - Unify kvno option documentation - Resolves: 1869055...
mailman:2.1 security update
3:2.1.29-11 - Fixes for CVE-2020-12108 and CVE-2020-15011...
virt:ol and virt-devel:rhel security, bug fix, and enhancement update
libvirt 6.0.0-35.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma - Disable parallel builds Karl Heubaum libvirt-dbus 1.3.0 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release libvirt-python...
firefox security update
78.5.0-1.0.1 - Fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 78.5.0-1 - Update to 78.5.0 build1...
librsvg2 security update
2.42.7-4 - Resolves: rhbz1804519 Add patch for CVE-2019-20446...
squid:4 security update
libecap squid 7:4.4-8.2 - Resolves: 1872345 - CVE-2020-15811 squid:4/squid: HTTP Request Splitting could result in cache poisoning - Resolves: 1872330 - CVE-2020-15810 squid:4/squid: HTTP Request Smuggling could result in cache poisoning 7:4.4-8.1 - Resolves: 1828368 - CVE-2019-12519 squid:...
kubernetes kubeadm-ha-setup kubernetes-cni kubernetes-cni-plugins security update
kubernetes 1.12.10-1.0.15 - Address CVE-2020-16845 kubeadm-ha-setup 0.0.2-1.0.73 - Fix update to coredns image tag 0.0.2-1.0.72 - Address CVE-2020-16845 kubernetes-cni 0.7.1-1.0.3 - Pin min version of cni-plugins kubernetes-cni-plugins 0.8.6-1.0.3 - Address CVE-2020-16845...
firefox security update
68.9.0-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one Fri May 29 2020 Jan Horak - Update to 68.9.0 build1 - Added patch for pipewire 0.3 Mon May 11 2020 Jan Horak - Added s390x specific patches Wed Apr 29 2020 Jan Horak - Update to 68.8.0...
thunderbird security update
68.9.0-1.0.1.el82 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.9.0-1 - Update to 68.9.0 build1...
microcode_ctl security, bug fix and enhancement update
4:20191115-4.20200602.2 - Avoid temporary file creation, used for here-documents in checkcaveats. 4:20191115-4.20200602.1 - Update Intel CPU microcode to microcode-20200602 release, addresses CVE-2020-0543, CVE-2020-0548, CVE-2020-0549 1827183: - Update of 06-2d-06/0x6d SNB-E/EN/EP C1/M0 microcod...
systemd security, bug fix, and enhancement update
239-29.0.1.el8 - fix to enable systemd-pstore.service Orabug: 30951066 - journal: change support URL shown in the catalog entries Orabug: 30853009 - fix to generate systemd-pstore.service file Orabug: 30230056 - fix netdev is missing for iscsi entry in /etc/fstab [email protected] Orabug:...
dovecot security and bug fix update
1:2.2.36-6 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741787 1:2.2.36-5 - fix CVE-2019-3814: improper certificate validation 1674369 - fix CVE-2019-7524: buffer overflow in...
ppp security update
2.4.7-26 - Fixed buffer overflow in the eaprequest and eapresponse functions Resolves: CVE-2020-8597...
grub2 security update
2.02-78.0.3.el81.1 - honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS Orabug: 30643497 - set EFIDIR as redhat for additional grub2 tools Orabug: 29875597 - Update upstream references Orabug: 26388226 - Copy symvers.gz to /boot during kernel install Orabug: 29773086 - Insert Unbreakable...
openslp security update
2.0.0-4 - Fix a heap-based buffer overflow vulnerability leading to remote code execution, CVE-2019-5544 Resolves: 1788447...
virt:ol security, bug fix, and enhancement update
...
ghostscript security, bug fix, and enhancement update
9.25-2 - obsoleted old ghostscript-devel to allow clean upgrade to libgs-devel 9.25-1 - Rebase to latest upstream version bug 1636115 - Resolves: 1673399 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - Resolves: 1678172 - CVE-2019-3835 ghostscript: superexec...
libguestfs-winsupport security update
7.2-3 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root privilege escalation resolves: rhbz1698502...
systemd security and bug fix update
239-13.0.1.3 - fix netdev is missing for iscsi entry in /etc/fstab [email protected] Orabug: 25897792 - set RemoveIPC=no in logind.conf as default for OL7.2 Orabug: 22224874 - allow dm remove ioctl to co-operate with UEK3 Vaughan Cao Orabug: 18467469 - add hv dynamic memory support Jerry...
firefox security update
60.8.0-1.0.2 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 60.8.0-1.0.1 Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file...
qemu security update
12:2.9.0-11.1.el7 - i386: Define the Virt SSBD MSR and handling of it CVE-2018-3639 Konrad Rzeszutek Wilk Orabug: 28110449 CVE-2018-3639 - i386: define the AMD 'virt-ssbd' CPUID feature bit CVE-2018-3639 Konrad Rzeszutek Wilk Orabug: 28110449 CVE-2018-3639 - i386: define the 'ssbd' CPUID feature...
yum-utils security update
1.1.31-46.0.1 - needs-restarting not checking kernel-uek for reboot message Orabug 27189714 - add bug27596617.patch to remove upstream URL reference 1.1.31-46 - reposync: prevent path traversal. - Resolves: bug1600617...