8993 matches found
Unbreakable Enterprise kernel security update
4.14.35-2047.532.3 - Revert 'mmc: core: Capture correct oemid-bits for eMMC cards' Dominique Martinet - media: dvb-usb-v2: af9035: fix missing unlock Hans Verkuil - perf/core: Fix potential NULL deref Peter Zijlstra 4.14.35-2047.532.2 - x86: change default to specstorebypassdisable=prctl...
edk2 security update
20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
dotnet8.0 security update
8.0.100-2.0.1 - Update to .NET 8.0 8.0.100rc.2-0.1.0.1 - Add support for Oracle Linux 8.0.100rc.2-0.1 - Update to .NET 8 RC 2 - Resolves: RHEL-13790 8.0.100rc.1-0.4 - Disable bootstrap - Related: RHEL-4074 8.0.100rc.1-0.3 - Add backported patches for additional s390x issues - Related: RHEL-4074...
thunderbird security update
115.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 115.5.0-1 - Update to 115.5.0 build1...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.325.5.el8 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access...
python3 security update
3.6.8-56.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-56 - Security fix for CVE-2023-40217 Resolves: RHEL-3041 3.6.8-55 - Fix symlink handling in the fix for CVE-2007-4559 Resolves: rhbz263261 3.6.8-54 - Bump release fo...
python3.11 security update
3.11.5-1 - Rebase to 3.11.5 - Security fixes for CVE-2023-40217 and CVE-2023-41105 Resolves: RHEL-3045, RHEL-3269 3.11.4-3 - Fix symlink handling in the fix for CVE-2023-24329 Resolves: rhbz263261 3.11.4-2 - Security fix for CVE-2007-4559 Resolves: rhbz263261 3.11.4-1 - Update to 3.11.4 - Securit...
runc security update
4:1.1.9-1 - update to https://github.com/opencontainers/runc/releases/tag/v1.1.9 - Related: 2176063 4:1.1.8-1 - update to https://github.com/opencontainers/runc/releases/tag/v1.1.8 - Related: 2176063 4:1.1.7-2 - rebuild for following CVEs: CVE-2021-43784 CVE-2022-41724 CVE-2023-28642 - Resolves:...
python3 security update
3.6.8-51.0.1.2 - Security fix for CVE-2023-40217 Resolves: rhbz2235789...
bind9.16 security update
32:9.16.23-14.2 - stack exhaustion in control channel code may lead to DoS CVE-2023-3341...
libtiff security update
4.0.9-29 - Fix CVE-2023-0800 CVE-2023-0801 CVE-2023-0802 CVE-2023-0803 CVE-2023-0804 - Resolves: BZ2170167 BZ2170172 BZ2170178 BZ2170187 BZ2170192...
java-11-openjdk security and bug fix update
1:11.0.20.0.8-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:11.0.20.0.8-2 - Bump release number so we are newer than 9.0 - Related: rhbz2221106 1:11.0.20.0.8-1 - Update to jdk-11.0.20.0+8 GA - Update release notes to 11.0.20.0+8 - Drop local inclusion of JDK-8274864 & JDK-8305113 as they a...
bind security update
2:9.11.4-26.P2.14 - Prevent the cache going over the configured limit CVE-2023-2828...
openssl security and bug fix update
3.0.7-16.0.1 - Replace upstream references Orabug: 34340177 1:3.0.7-16 - Fix possible DoS translating ASN.1 object identifiers Resolves: CVE-2023-2650 - Release the DRBG in global default libctx early Resolves: rhbz2211396 1:3.0.7-15.1 - Re-enable DHX keys in FIPS mode, disable FIPS 186-4 paramet...
git-lfs security and bug fix update
3.2.0-2 - Rebuild with Golang-1.19.4 - Resolves: 2163744 3.2.0-1 - Update to version 3.2.0 - Resolves: 2139382 2.13.3-2 - Define %gobuild macro with proper ldflags - Related: rhbz2021549 2.13.3-1 - Update to version 2.13.3 - Fixed round brackets in Provides - Moved manpages.tgz to look-a-side cac...
python-mako security update
1.0.6-14 - Fix CVE-2022-40023 2128977...
virt:kvm_utils security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libvirt 5.7.0-40 - build: change dependency to allow post install erasing of /usr/bin/nc Wim ten Have Orabug: 35289777 - util: Make virFileClose quiet on success Andrea Bolognani Orabug: 35090886 5.7.0-39 - exadata: update maxvcpus for vNUMA...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.372.b07-1 - Update to shenandoah-jdk8u372-b07 GA - Update release notes for shenandoah-8u372-b07. - Require tzdata 2023c due to inclusion of JDK-8305113 in 8u372-b07 - Update generatetarball.sh to add support for passing a boot JDK to the configure run - Add POSIX-friendly error codes to...
nodejs:18 security, bug fix, and enhancement update
nodejs 1:18.14.2-2 - Provide simduft 1:18.14.2-1 - Rebase to 18.14.2 - Resolves: 2178087 - Resolves: CVE-2022-25881, CVE-2022-4904, CVE-2023-23936, CVE-2023-24807 - Resolves: CVE-2023-23918, CVE-2023-23919, CVE-2023-23920...
kernel security and bug fix update
4.18.0-425.13.17.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
qemu security update
15:4.2.1-24.el7 - Revert 'virtio-scsi: Send 'REPORTED LUNS CHANGED' sense data upon disk hotplug events' Mark Kanda Orabug: 34905939 15:4.2.1-23.el7 - hw/display/ati2d: Fix buffer overflow in ati2dblt CVE-2021-3638 Philippe Mathieu-Daude Orabug: 33930374 CVE-2021-3638 - tests/acpi: virt: update...
kernel security and bug fix update
4.18.0-425.10.1.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
prometheus-jmx-exporter security update
0.12.0-9 - Fix CVE-2022-1471 by using SafeConstructor...
php:7.4 security, bug fix, and enhancement update
libzip 1.6.1-1 - update to 1.6.1 - enable lzma support php 7.4.30-1 - rebase to 7.4.30 2099615 7.4.19-3 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 7.4.19-2 - fix SSRF bypass in FILTERVALIDATEURL CVE-2021-21705 - fix Local privilege escalation via...
Unbreakable Enterprise kernel security update
5.15.0-3.60.5.1 - fs: remove nollseek Jason A. Donenfeld Orabug: 34721465 - vfio: do not set FMODELSEEK flag Jason A. Donenfeld Orabug: 34721465 - dma-buf: remove useless FMODELSEEK flag Jason A. Donenfeld Orabug: 34721465 - fs: do not compare against -llseek Jason A. Donenfeld Orabug: 34721465 -...
java-1.8.0-openjdk security update
1.8.0.352.b08-2.0.1 - Replace upstream references Orabug: 34340145 1:1.8.0.352.b08-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Add test to ensure timezones can be translated - Related: rhbz2133695 1:1.8.0.352.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release...
java-1.8.0-openjdk security update
1:1.8.0.352.b08-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Add test to ensure timezones can be translated - Related: rhbz2133695 1:1.8.0.352.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release notes for shenandoah-8u352-b08. - Rebase FIPS patch against 8u352-b07...
java-11-openjdk security and bug fix update
1:11.0.17.0.8-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data with Europe/Kyiv JDK-8293834 - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream - Related: rhbz2133695...
nodejs and nodejs-nodemon security and bug fix update
nodejs 16.16.0-1 - Rebase to version 16.16.0 Resolves: RHBZ2106290 Resolves: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 16.14.0-5 - Decouple dependency bundling from bootstrapping nodejs-nodemon...
mariadb:10.3 security and bug fix update
galera 25.3.35-1 - Rebase to 25.3.35 mariadb 3:10.3.35-1 - Rebase to 10.3.35 3:10.3.34-1 - Rebase to 10.3.34...
istio security update
istio 1.13.7-1 - Added Oracle specific files for 1.13.7-1 olcne 1.5.5-1 - Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045 1.5.4-3 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over 1.5.4-2 - Istio CVE-2022-31045, CVE-2022-29225,...
openssl security update
3.0.1-41.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-41 - Zeroize public keys as required by FIPS 140-3 Resolves: rhbz2115861 - Add FIPS indicator for HKDF Resolves: rhbz2118388 1:3.0.1-40 - Deal with DH keys in FIPS mode according FIPS-140-3 requirements Related: rhbz2115856 - Dea...
php security update
8.0.13-2 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626...
zlib security update
1.2.11-31.1 - Fix CVE-2018-25032 Resolves: CVE-2018-25032...
.NET 5.0 security, bug fix, and enhancement update
5.0.214-1.0.1 - Support AArch64 on Oracle Linux Orabug: 32738620 - Include new Oracle Linux runtime IDs Add 1000-Add-missing-OL-RIDs.patch 5.0.214-1 - Update to .NET SDK 5.0.214 and Runtime 5.0.17 - Resolves: RHBZ2082258 5.0.213-2 - Update to .NET SDK 5.0.213 and Runtime 5.0.16 - Resolves:...
xmlrpc-c security update
1.51.0-5.1 - Add missing validation of encoding CVE-2022-25235 2058114...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.305.5.5 - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address Paolo Bonzini Orabug: 34034594 CVE-2022-1158...
go-toolset:ol8 security and bug fix update
golang 1.16.12-1 - Rebase to Go 1.16.12 - Resolves: rhbz2031125 go-toolset 1.16.12-1 - Rebase to Go 1.16.12 - Resolves: rhbz2031125...
firefox security update
91.4.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.4.0-1 - Update to 91.4.0 build1...
openssl security update
1.0.2k-22 - fix CVE-2021-23841 openssl: NULL pointer dereference in X509issuerandserialhash - fix CVE-2021-23840 openssl: integer overflow in CipherUpdate - Resolves: rhbz1932132, rhbz1932126...
kernel security and bug fix update
3.10.0-1160.42.2.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...
idm:DL1 security update
slapi-nis 0.56.6-2 - CVE 2021-3480: idm:DL1/slapi-nis: NULL dereference DoS with specially crafted Binding DN - Resolves: rhbz1944713...
sane-backends security update
1.0.27-22 - related 1852663 - needed to rebuild due infrastructure error 1.0.27-21 - 1852663, 1848097 - NULL pointer dereference in saneiepsonnetread function 1.0.27-20 - 1852468, 1852467, 1852466, 1852465 - prevent buffer overflow in esci2img - 1852668, 1852667, 1852666, 1852665 - disable...
firefox security update
78.9.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.9.0-1 - Update to 78.9.0 build1...
xstream security update
1.3.1-12 - Rebuild with OpenJDK 7 1.3.1-11 - Fix remote code execution vulnerability - Resolves: CVE-2020-26217...
Unbreakable Enterprise kernel security update
4.1.12-124.46.4.1 - target: fix XCOPY NAA identifier lookup Mike Christie Orabug: 32248041 CVE-2020-28374 4.1.12-124.46.4 - xen/events: block rogue events for some time Juergen Gross Orabug: 31984335 CVE-2020-27673 - xen/events: defer eoi in case of excessive number of events Juergen Gross Orabug...
thunderbird security update
78.5.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.5.1-1 - Update to 78.5.1 build1...
dovecot security update
1:2.3.8-4 - fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts 1866756 - fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation 1866761 - fix CVE-2020-12674 crash due to assert in RPA implementation 1866768 1:2.3.8-3 - fix CVE-2020-10957 dovecot: malformed NOOP...
thunderbird security update
78.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.4.0-1 - Update to 78.4.0 build1 - Disabled telemetry...
thunderbird security update
68.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.12.0-1 - Update to 68.12.0 build1...