8993 matches found
kernel security, bug fix, and enhancement update
5.14.0-362.8.13.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
tomcat security and bug fix update
1:9.0.62-37 - Resolves: RHEL-12551 - Remove JDK subpackges which are unused 1:9.0.62-16 - Related: 2184133 Declare file conflicts 1:9.0.62-15 - Resolves: 2184133 Fix bug in Obsoletes 1:9.0.62-14 - Resolves: 2210632 CVE-2023-28709 tomcat 1:9.0.62-13 - Resolves: 2189675 Missing Tomcat POM files in...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.324.5.3.el7 - Revert 'jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint' Sherry Yang Orabug: 35896102 5.4.17-2136.324.5.2.el7 - fix breakage in dormdir Al Viro Orabug: 35885837 5.4.17-2136.324.5.1.el7 - x86: KVM: SVM: always update the x2avic msr interception...
libtiff security update
4.0.9-29 - Fix CVE-2023-0800 CVE-2023-0801 CVE-2023-0802 CVE-2023-0803 CVE-2023-0804 - Resolves: BZ2170167 BZ2170172 BZ2170178 BZ2170187 BZ2170192...
Unbreakable Enterprise kernel security update
5.4.17-2136.323.8.2 - netfilter: nfnetlinkosf: avoid OOB read Wander Lairson Costa Orabug: 35824307 - netfilter: xtsctp: validate the flaginfo count Wander Lairson Costa Orabug: 35824307 - netfilter: xtu32: validate user space input Wander Lairson Costa Orabug: 35824307 - netfilter: ipset: add th...
linux-firmware security update
20230516-999.25.git6c9e0ed5.el7 - Add missing amd-ucode/ files to nano rpm Orabug: 35642190 - Add posttrans scriptlet to reload microcode on AMD Orabug: 35636951 - Recreate initramfs for AMD systems Orabug: 35636951 20230516-999.24.git6c9e0ed5.el7 - 8a07fa49 linux-firmware: Update AMD fam19h cpu...
kernel security update
2.6.32-754.35.1.0.8.el6.OL6 - Fix epoll: Keep a reference on files added to the check list Julian Pidancet CVE-2020-0466 Orabug: 34625224...
qemu-kvm security update
6.1.1-6.el9 - Update changelog Karl Heubaum Orabug: 35343538 - ebpf: fix compatibility with libbpf 1.0+ Shreesh Adiga Orabug: 35268538 - ebpf: replace deprecated bpfprogramsetsocketfilter Haochen Tong Orabug: 35268538 - CVE-2023-1544 is not applicable to Oracle QEMU 6.1.1 Karl Heubaum Orabug:...
tigervnc security and bug fix update
1.12.0-13 - xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability Resolves: bz2180309 1.12.0-12 - SELinux: allow vncsession create .vnc directory Resolves: bz2164703 1.12.0-11 - Add sanity check when cleaning up keymap changes Resolves: bz2169965...
kernel security, bug fix, and enhancement update
...
unbound security update
1.16.2-3 - Fix NRDelegation attack leading to uncontrolled resource consumption CVE-2022-3204...
openssl security update
1:1.0.2k-26 - Fixes CVE-2023-0286 X.400 address type confusion in X.509 GeneralName - Resolves: rhbz2176790...
sudo security update
1.8.6p3-29.0.4.el610.3 - Fixed Privilege escalation CVE-2023-22809 for sudoedit Orabug: 35037922...
libksba security update
1.5.1-6 - Fix for CVE-2022-47629 2161571...
python3.9 security update
3.9.14-1.1 - Fix for CVE-2022-42919 Resolves: rhbz2138705...
python39:3.9 and python39-devel:3.9 security update
Cython 0.29.21-5 - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz1877430 0.29.21-4 - Drop build dependency on coverage 0.29.21-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora33MassRebuild 0.29.21-2 - Re-enable tests. 0.29.21-1 - 0.29.21 scipy 1.5.4-3 - Specify LDFLAGS...
container-tools:4.0 security and bug fix update
buildah 1:1.24.5-2 - update to the latest content of https://github.com/containers/buildah/tree/release-1.24 https://github.com/containers/buildah/commit/8cc4586 - Related: 2061390 1:1.24.5-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.24...
php:7.4 security, bug fix, and enhancement update
libzip 1.6.1-1 - update to 1.6.1 - enable lzma support php 7.4.30-1 - rebase to 7.4.30 2099615 7.4.19-3 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 7.4.19-2 - fix SSRF bypass in FILTERVALIDATEURL CVE-2021-21705 - fix Local privilege escalation via...
kernel security, bug fix, and enhancement update
4.18.0-372.32.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
java-1.8.0-openjdk security update
1.8.0.352.b08-2.0.1 - Replace upstream references Orabug: 34340145 1:1.8.0.352.b08-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Add test to ensure timezones can be translated - Related: rhbz2133695 1:1.8.0.352.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release...
java-1.8.0-openjdk security update
1:1.8.0.352.b08-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Add test to ensure timezones can be translated - Related: rhbz2133695 1:1.8.0.352.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release notes for shenandoah-8u352-b08. - Rebase FIPS patch against 8u352-b07...
java-11-openjdk security and bug fix update
1:11.0.17.0.8-2.0.1 - link atomic for ix86 build 1:11.0.17.0.8-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data with Europe/Kyiv JDK-8293834 - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on...
nodejs security update
16.17.1-1 - Rebase to version 16.17.1 Resolves: CVE-2022-35255 CVE-2022-35256...
squid security update
7:3.5.20-17.0.1 - Mutiple CVE fixes for squid Orabug: 33146289 - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing 788 - Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range...
expat security update
2.1.0-15.0.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910302 2.1.0-15 - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674...
bind security update
32:9.11.36-3.1 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178...
mariadb:10.3 security and bug fix update
galera 25.3.35-1 - Rebase to 25.3.35 mariadb 3:10.3.35-1 - Rebase to 10.3.35 3:10.3.34-1 - Rebase to 10.3.34...
gnupg2 security update
2.2.20-3 - Fix CVE-2022-34903 2108447...
istio security update
istio 1.13.7-1 - Added Oracle specific files for 1.13.7-1 olcne 1.5.5-1 - Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045 1.5.4-3 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over 1.5.4-2 - Istio CVE-2022-31045, CVE-2022-29225,...
open-vm-tools security update
11.3.5-1.0.1.el90.1 - Fix spaces in vmware udev rule for scsi devices Orabug: 24461968 - Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. Orabug: 22815019 - Increase timeout for scsi devices on VMWare guests by adding a udev rule. Orabug: 21819156 11.3.5-1.el90.1 -...
rsync security update
3.1.3-14.3 - Resolves: 2111174 - remote arbitrary files write inside the directories of connecting peers...
firefox security update
91.13.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.13.0-1 - Update to 91.13.0 build1...
go-toolset:ol8 security and bug fix update
delve 1.7.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.7.2-1 - Rebase to 1.7.2 - Related: rhbz2014088 golang 1.17.12-1 - Update Go to version 1.17.12 - Resolves: rhbz2109182 1.17.10-2 - Clean up dist-git patches - Resolves: rhbz2109173 go-toolset 1.17.12-1 - Update Go to...
firefox security update
91.11.0-2.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Removed Upstream references 91.11.0-2 - Update to 91.11.0 build2...
go-toolset:ol8 security and bug fix update
delve 1.7.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.7.2-1 - Rebase to 1.7.2 - Related: rhbz2014088 golang 1.17.10-1 - Rebase to Go 1.17.10 - Resolves: rhbz2091077 go-toolset 1.17.10-1 - Rebase to Go 1.17.10 - Resolves: rhbz2091077...
expat security update
2.2.10-12.2 - Improve fix for CVE-2022-25313 - Related: CVE-2022-25313 2.2.10-12.1 - Fix multiple CVEs - Resolves: CVE-2022-25314 - Resolves: CVE-2022-25313...
zlib security update
1.2.11-31.1 - Fix CVE-2018-25032 Resolves: CVE-2018-25032...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.307.3.2 - perf: Fix sysperfeventopen race against self Peter Zijlstra Orabug: 34172709 CVE-2022-1729...
.NET 5.0 security, bug fix, and enhancement update
5.0.214-1.0.1 - Support AArch64 on Oracle Linux Orabug: 32738620 - Include new Oracle Linux runtime IDs Add 1000-Add-missing-OL-RIDs.patch 5.0.214-1 - Update to .NET SDK 5.0.214 and Runtime 5.0.17 - Resolves: RHBZ2082258 5.0.213-2 - Update to .NET SDK 5.0.213 and Runtime 5.0.16 - Resolves:...
subversion:1.10 security update
subversion 1.10.2-5 - add security fix for CVE-2022-24070...
qt5-qtbase security update
5.15.2-4 - Fix out-of-bounds write in QOutlineMapper::convertPath Resolves: bz1996877...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.305.5.5 - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address Paolo Bonzini Orabug: 34034594 CVE-2022-1158...
cyrus-sasl security update
2.1.27-6 - Fix for CVE-2022-24407 - Resolves: rhbz2055846...
firefox security update
91.6.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build 91.6.0-1 - Update to 91.6.0 build1 91.5.0-2 - Use default update channel to fi...
cryptsetup security update
2.3.3-4.1 - patch: fix CVE-2021-4122. - Resolves: 2036906...
thunderbird security update
91.5.0-1.0.2 - Removed aarch64 exclusion. 91.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.5.0-1 - Update to 91.5.0 build1...
libX11 security update
1.6.8-5 - Fix CVE-2021-31535 1962439...
thunderbird security update
91.3.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.3.0-2 - Update to 19.3.0 build2 91.3.0-1 - Update to 91.3.0 build1...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.507.7.5.el7 - Bluetooth: defer cleanup of resources in hciunregisterdev Tetsuo Handa Orabug: 33369947 CVE-2021-3573 - Bluetooth: use correct lock to prevent UAF of hdev object Lin Ma Orabug: 33369947 - Bluetooth: fix the erroneous flushwork order Lin Ma Orabug: 33369947 CVE-2021-3564...
kernel security and bug fix update
3.10.0-1160.42.2.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...