9177 matches found
thunderbird security update
115.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 115.5.0-1 - Update to 115.5.0 build1...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.325.5.el8 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access...
python3 security update
3.6.8-56.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-56 - Security fix for CVE-2023-40217 Resolves: RHEL-3041 3.6.8-55 - Fix symlink handling in the fix for CVE-2007-4559 Resolves: rhbz263261 3.6.8-54 - Bump release fo...
java-21-openjdk security and bug fix update
1:21.0.1.0.12-2.0.1 - Add Oracle vendor bug URL 1:21.0.1.0.12-2 - Switch to using portable binaries built on RHEL 7 - Sync the copy of the portable specfile with the RHEL 7 version - Related: RHEL-12997 1:21.0.1.0.12-1 - Update to jdk-21.0.1.0+12 GA - Update release notes to 21.0.1.0+12 - Sync th...
tomcat security and bug fix update
1:9.0.62-37 - Resolves: RHEL-12551 - Remove JDK subpackges which are unused 1:9.0.62-16 - Related: 2184133 Declare file conflicts 1:9.0.62-15 - Resolves: 2184133 Fix bug in Obsoletes 1:9.0.62-14 - Resolves: 2210632 CVE-2023-28709 tomcat 1:9.0.62-13 - Resolves: 2189675 Missing Tomcat POM files in...
runc security update
4:1.1.9-1 - update to https://github.com/opencontainers/runc/releases/tag/v1.1.9 - Related: 2176063 4:1.1.8-1 - update to https://github.com/opencontainers/runc/releases/tag/v1.1.8 - Related: 2176063 4:1.1.7-2 - rebuild for following CVEs: CVE-2021-43784 CVE-2022-41724 CVE-2023-28642 - Resolves:...
Unbreakable Enterprise kernel security update
4.1.12-124.80.1 - Bluetooth: L2CAP: Fix use-after-free in l2capsockreadycb Sungwoo Kim Orabug: 35814478 CVE-2023-40283 - net/sched: clsu32: No longer copy tcfresult on update to avoid use-after-free valis Orabug: 35814297 CVE-2023-4208 - RDMA/core: net: fix kernel NULL error Zhu Yanjun Orabug:...
python3 security update
3.6.8-51.0.1.2 - Security fix for CVE-2023-40217 Resolves: rhbz2235789...
kernel security update
2.6.32-754.49.1.OL6 - x86/speculation: Use generic retpoline by default on AMD CVE-2021-26401 Orabug: 34986011...
dotnet7.0 security update
7.0.112-1.0.1 - Update to .NET SDK 7.0.112 and Runtime 7.0.12 - Resolves: RHEL-11698...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.324.5.3.el7 - Revert 'jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint' Sherry Yang Orabug: 35896102 5.4.17-2136.324.5.2.el7 - fix breakage in dormdir Al Viro Orabug: 35885837 5.4.17-2136.324.5.1.el7 - x86: KVM: SVM: always update the x2avic msr interception...
bind9.16 security update
32:9.16.23-14.2 - stack exhaustion in control channel code may lead to DoS CVE-2023-3341...
libtiff security update
4.0.9-29 - Fix CVE-2023-0800 CVE-2023-0801 CVE-2023-0802 CVE-2023-0803 CVE-2023-0804 - Resolves: BZ2170167 BZ2170172 BZ2170178 BZ2170187 BZ2170192...
firefox security update
102.15.1-1.0.1 - Update to 102.15.1 build2...
gcc security update
gcc el8 8.5.0-18.0.5 - CVE-2023-4039 GCC mitigation. Orabug 35751743. Includes removal of aarch64-preserve-args.patch. - CVE-2022-40982 'Intel Downfall' mitigation. Orabug 35751810. Add two patches originally from GCC upstream releases/gcc-11 branch. with major adjustment...
libxml2 security update
2.9.13-3.1 - Fix CVE-2023-28484 2186694 - Fix CVE-2023-29469 2186694...
bind security update
2:9.11.4-26.P2.14 - Prevent the cache going over the configured limit CVE-2023-2828...
go-toolset and golang security update
golang 1.19.10-1.0.1 - New Go version 1.19.10 CVE-2023-29402 CVE-2023-29403 CVE-2023-29404 CVE-2023-29405 go-toolset 1.19.10-1.0.1 - New Go version 1.19.10 CVE-2023-29402 CVE-2023-29403 CVE-2023-29404 CVE-2023-29405...
kernel security update
2.6.32-754.35.1.0.8.el6.OL6 - Fix epoll: Keep a reference on files added to the check list Julian Pidancet CVE-2020-0466 Orabug: 34625224...
Unbreakable Enterprise kernel security update
4.1.12-124.75.3 - net: sched: schqfq: prevent slab-out-of-bounds in qfqactivateagg Gwangun Jung Orabug: 35354791 CVE-2023-2248 4.1.12-124.75.2 - prlimit: doprlimit needs to have a speculation check Greg Kroah-Hartman Orabug: 35354303 CVE-2023-0458 - kernel/sys.c: fix potential Spectre v1 issue...
python-mako security update
1.0.6-14 - Fix CVE-2022-40023 2128977...
tigervnc security and bug fix update
1.12.0-13 - xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability Resolves: bz2180309 1.12.0-12 - SELinux: allow vncsession create .vnc directory Resolves: bz2164703 1.12.0-11 - Add sanity check when cleaning up keymap changes Resolves: bz2169965...
edk2 security, bug fix, and enhancement update
20221207gitfff6d81270b5-9 - edk2-remove-amd-sev-feature-flag-from-secure-boot-builds-.patch bz2169247 - Resolves: bz2169247 edk2 Install a sev guest with enrolled secure boot failed 20221207gitfff6d81270b5-8 - edk2-OvmfPkg-disable-dynamic-mmio-window-rhel-only.patch bz2174605 - Resolves: bz217460...
unbound security update
1.16.2-3 - Fix NRDelegation attack leading to uncontrolled resource consumption CVE-2022-3204...
nodejs:18 security, bug fix, and enhancement update
nodejs 1:18.14.2-2 - Provide simduft 1:18.14.2-1 - Rebase to 18.14.2 - Resolves: 2178087 - Resolves: CVE-2022-25881, CVE-2022-4904, CVE-2023-23936, CVE-2023-24807 - Resolves: CVE-2023-23918, CVE-2023-23919, CVE-2023-23920...
openssl security update
1:1.0.2k-26 - Fixes CVE-2023-0286 X.400 address type confusion in X.509 GeneralName - Resolves: rhbz2176790...
sudo security update
1.8.6p3-29.0.4.el610.3 - Fixed Privilege escalation CVE-2023-22809 for sudoedit Orabug: 35037922...
libksba security update
1.5.1-6 - Fix for CVE-2022-47629 2161571...
prometheus-jmx-exporter security update
0.12.0-9 - Fix CVE-2022-1471 by using SafeConstructor...
python3.9 security update
3.9.14-1.1 - Fix for CVE-2022-42919 Resolves: rhbz2138705...
container-tools:4.0 security and bug fix update
buildah 1:1.24.5-2 - update to the latest content of https://github.com/containers/buildah/tree/release-1.24 https://github.com/containers/buildah/commit/8cc4586 - Related: 2061390 1:1.24.5-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.24...
java-11-openjdk security and bug fix update
1:11.0.17.0.8-2.0.1 - link atomic for ix86 build 1:11.0.17.0.8-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data with Europe/Kyiv JDK-8293834 - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on...
nodejs security update
16.17.1-1 - Rebase to version 16.17.1 Resolves: CVE-2022-35255 CVE-2022-35256...
kubernetes security update
kubernetes 1.21.14-2 - Fixed kubernetes-cni version. 1.21.14-1 - Addresses CVE-2022-3172 olcne 1.4.8-2 - Updated Kubernetes package release version to 1.21.6-2 1.4.8-1 - Upgraded kubernetes-1.21.6 to 1.21.14 - Resolve Kubernetes CVE-2022-3172 for version 1.21 1.4.7-1 - Upgrade Istio from 1.13.5 t...
mariadb:10.3 security and bug fix update
galera 25.3.35-1 - Rebase to 25.3.35 mariadb 3:10.3.35-1 - Rebase to 10.3.35 3:10.3.34-1 - Rebase to 10.3.34...
istio security update
istio 1.13.7-1 - Added Oracle specific files for 1.13.7-1 olcne 1.5.5-1 - Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045 1.5.4-3 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over 1.5.4-2 - Istio CVE-2022-31045, CVE-2022-29225,...
rsync security update
3.1.3-14.3 - Resolves: 2111174 - remote arbitrary files write inside the directories of connecting peers...
go-toolset:ol8 security and bug fix update
delve 1.7.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.7.2-1 - Rebase to 1.7.2 - Related: rhbz2014088 golang 1.17.12-1 - Update Go to version 1.17.12 - Resolves: rhbz2109182 1.17.10-2 - Clean up dist-git patches - Resolves: rhbz2109173 go-toolset 1.17.12-1 - Update Go to...
firefox security update
91.11.0-2.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Removed Upstream references 91.11.0-2 - Update to 91.11.0 build2...
libarchive security update
3.5.3-2 - Resolves: CVE-2022-26280...
postgresql:12 security update
postgresql 12.11-2 - Resolves: CVE-2022-1552 - Release bump due to wrongly reported CVE of libpq Build after reverted changes in libpq package 12.11-1 - Resolves: CVE-2022-1552 - Update to 12.11 - Release notes: https://www.postgresql.org/docs/release/12.11/...
vim security update
8.0.1763-16.0.1.4 - - Remove upstream references Orabug: 31197557 2:8.0.1763-16.4 - CVE-2021-4193 vim: vulnerable to Out-of-bounds Read - CVE-2021-4192 vim: vulnerable to Use After Free 2:8.0.1763-16.3 - 2028341 - CVE-2021-3984 vim: illegal memory access when C-indenting could lead to Heap Buffer...
go-toolset:ol8 security and bug fix update
golang 1.16.12-1 - Rebase to Go 1.16.12 - Resolves: rhbz2031125 go-toolset 1.16.12-1 - Rebase to Go 1.16.12 - Resolves: rhbz2031125...
xstream security update
1.3.1-16 - Fix workaround - Resolves: CVE-2021-39148 1.3.1-15 - Fix remote code execution vulnerabilities - Resolves: CVE-2021-39139 - Resolves: CVE-2021-39140 - Resolves: CVE-2021-39141 - Resolves: CVE-2021-39144 - Resolves: CVE-2021-39145 - Resolves: CVE-2021-39146 - Resolves: CVE-2021-39147 -...
openssl security update
1.0.2k-22 - fix CVE-2021-23841 openssl: NULL pointer dereference in X509issuerandserialhash - fix CVE-2021-23840 openssl: integer overflow in CipherUpdate - Resolves: rhbz1932132, rhbz1932126...
libtirpc security update
1.1.4-4.0.1 - Backport fix for CVE-2018-14621 in libtirpc Orabug: 33017925...
Unbreakable Enterprise kernel security update
4.1.12-124.54.6 - xen-netback: do not kfreeskb when irq is disabled Dongli Zhang Orabug: 33282046 4.1.12-124.54.5 - l2tp: fix race between l2tpsessiondelete and l2tptunnelcloseall Guillaume Nault Orabug: 33113975 CVE-2020-0429 - l2tp: ensure sessions are freed after their PPPOL2TP socket Guillaum...
libuv security update
1:1.41.1-1 - Rebase to 1.41.1 - Change description to reflect upstream - Resolves: RHBZ1980033...
idm:DL1 security update
slapi-nis 0.56.6-2 - CVE 2021-3480: idm:DL1/slapi-nis: NULL dereference DoS with specially crafted Binding DN - Resolves: rhbz1944713...
dovecot security and bug fix update
1:2.3.8-9 - fix CVE-2020-24386 IMAP hibernation function allows mail access 1913534 1:2.3.8-8 - fix CVE-2020-25275 denial of service via mail MIME parsing 1914019 1:2.3.8-7 - change run directory from /var/run to /run 1805947 1:2.3.8-6 - fix mail storage block count parsing 1894418 - MIME parser...