9175 matches found
ImageMagick security and bug fix update
6.2.8.0-4.el55.2 - Fix SGI image decoding 625058 6.2.8.0-4.el55.1 - Add fix for CVE-2009-1882 504304...
seamonkey security update
1.0.9-61.0.1.el4 - Added mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and emoved corresponding RedHat ones 1.0.9-61.el4 - Include fix for mozbz575836...
seamonkey security update
1.0.9-58.0.1.el48 - Added mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and emoved corresponding RedHat ones 1.0.9-58.el4 - Added fix for mozbz555109 1.0.9-57.el4 - Added fixes from 1.9.1.10 1.0.9-55.el4 - Added fix for mozbz537356...
samba security and bug fix update
3.0.9-1.3E.16 - Security Release, fixes CVE-2009-2906 - resolves: 526657 3.0.9-X - Fix user facing cosmetic bug in patch for CVE-2007-2447 - resolves: 242754...
gfs2-utils security and bug fix update
0.1.62-1 - Fix man page references to fsck.gfs2. - Resolves: rhbz477072 0.1.61-1 - fsck.gfs2 no longer segfaults when fixing 'EA leaf block type' problems. - Resolves: rhbz510758 0.1.60-1 - When '/' is a gfs2 file system it is now properly mounted without an error. - Resolves: rhbz507893 0.1.59-1...
httpd security update
2.2.3-22.0.1.el53.2 - Replace index.html with Oracle's index page oracleindex.html - Update vstring and distro in specfile 2.2.3-22.el53.2 - add security fixes for CVE-2009-1890, CVE-2009-1891 509782...
Moderate: httpd security update
2.0.52-38.ent.2.0.1 - use oracle index page oracleindex.html - updated string and distro in specfile 2.0.52-38.ent.2 - add security fix for CVE-2007-6388 427236 - add security fix for modproxyftp UTF-7 XSS 427743 2.0.52-38.ent.1 - add security fixes for CVE-2007-4465, CVE-2007-5000 421611...
Important: xen security update
3.0.3-25.0.4.el5 - QEmu cirrus bitblit bounds check - CVE-2007-1320 rhbz 296271 - QEmu NE2000 overflow check - CVE-2007-1321 rhbz 296271 - Pygrub guest escape - CVE-2007-4993 rhbz 302821...
Important: poppler security update
0.5.4-4.1 - Add patch to fix CVE-2007-3387 248212...
Low: mod_perl security update
1.9916-4.5 - avoid backup files in install root 241643 1.9916-4.3 - fix XS generation of methodislimited 242430 1.9916-4.2 - rebuild 1.9916-4.1 - add security fix for CVE-2007-1349 241643...
libtiff security update
3.5.7-25.el3.4 - Fix several vulnerabilities CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465...
ruby:3.1 security update
ruby 3.1.7-145 - Upgrade to Ruby 3.1.7. Resolves: RHEL-55408 - Fix DoS vulnerability in REXML. CVE-2024-39908 Resolves: RHEL-57051 - Fix DoS vulnerability in REXML. CVE-2024-43398 Resolves: RHEL-56002 3.1.5-144 - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: RHEL-68520 3.1.5-143 - Upgra...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.336.5.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37138988 5.4.17-2136.336.5 - uek-rpm: Add skxedaccommon.ko to nanomodules Sherry Yang Orabug: 37030127 - EDAC, i10nm: make skxcommon.o a separate module Arnd Bergmann Orabug: 37030127 - uek-rpm:...
nodejs:20 security update
nodejs 1:20.16.0-1 - Update to 20.16.0 Fixes: CVE-2024-36137 CVE-2024-22018 CVE-2024-22020 nodejs-nodemon nodejs-packaging...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.334.6.el8 - loop: Fix a race between loop detach and loop open Gulam Mohamed Orabug: 36197800 - x86/bhi: Do not enable unnecessary BHI mitigation in OCI and Exadata VMs Alexandre Chartre Orabug: 36672495 - x86/bhi: Avoid warning in DB handler due to BHI mitigation Alexandre Chartre...
podman security update
4.9.4-5.0.1 - Fixes issue of podman execvp error while using podmansh Orabug: 36073625 - Improved saving remote build context to tarfile in Podman daemon Orabug: 36495655 - Add devices on container startup, not on creation - Backport fast gzip for compression Orabug: 36420418 - overlay: Put shoul...
glibc security update
2.34-100.0.1.2 - Forward-port Oracle patches for ol9-u4 Reviewed by: Jose E. Marchesi Oracle history: April-30-2024 Cupertino Miranda - 2.34-100.0.1 - Forward-port Oracle patches for ol9-u4 Reviewed by: Indu Bhagat March-28-2024 Cupertino Miranda - 2.34-100.0.1 - Forward-port Oracle patches for...
ruby:3.3 security, bug fix, and enhancement update
ruby 3.3.1-2 - Upgrade to Ruby 3.3.1. Resolves: RHEL-37446 - Fix buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-37448 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281 Resolves: RHEL-37449 - Fix Arbitrary memory address read vulnerability with Regex searc...
nodejs:20 security update
nodejs 1:20.12.2-2 - Backport nghttp2 patch for CVE-2024-28182 1:20.12.2-1 - Rebase to version 20.12.0 Fixes: CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 node Fixes: CVE-2024-25629 c-ares nodejs-nodemon nodejs-packaging...
shim bug fix update
15.8-1.0.3 - Update shimx64.efi and shimaa64.efi v15.8 signed by Microsoft Orabug: 36072879 - Update shim fb and mm binaries to match unsigned releases Orabug: 36072879 15.8-1.0.2 - Use binaries with correct shim.ol generation Orabug: 36072879 - Set SBATAUTOMATICDATE=2021030218 Orabug: 36072879...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.330.7.1.el7 - KVM: x86: Add BHINO Daniel Sneddon Orabug: 36384803 CVE-2024-2201 - x86/bhi: Mitigate KVM by default Pawan Gupta Orabug: 36384803 CVE-2024-2201 - x86/bhi: Add BHI mitigation knob Pawan Gupta Orabug: 36384803 CVE-2024-2201 - x86/bhi: Enumerate Branch History Injection BHI...
nodejs:18 security update
nodejs 1:18.19.1-1 - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 high - Fixes: CVE-2023-46809 medium nodejs-nodemon nodejs-packaging...
squid security update
7:5.5-6.0.1.8 - Rebuild with release bump 7:5.5-6.8 - Resolves: RHEL-19555 - squid: denial of service in HTTP request parsing CVE-2023-50269 7:5.5-6.7 - Resolves: RHEL-28614 - squid: Denial of Service in HTTP Chunked Decoding CVE-2024-25111 7:5.5-6.6 - Resolves: RHEL-26091 - squid: denial of...
ruby:3.1 security, bug fix, and enhancement update
ruby 3.1.4-142 - Upgrade to Ruby 3.1.4. Resolves: RHEL-28565 - Fix HTTP response splitting in CGI. Resolves: RHEL-28564 - Fix ReDos vulnerability in URI. Resolves: RHEL-28567 Resolves: RHEL-28576 - Fix ReDos vulnerability in Time. Resolves: RHEL-28566 - Make RDoc soft dependency in IRB. Resolves:...
buildah security update
1.31.4-1.0.1 - update to https://github.com/containers/buildah/releases/tag/v1.31 - https://github.com/containers/buildah/commit/11bbf33...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.328.3.el7 - IB/cm: Cancel mad on the DREQ event when the state is MRAREPRCVD Mark Zhang Orabug: 36143228 - KSPLICE: make sure the stack is zeroed. Gregory Herrero Orabug: 36154654 - sched/fair: Fix tg-load when offlining a CPU Vincent Guittot Orabug: 36185207 - i2c: core: Fix atomic...
runc security update
1.1.12-1 - Update runc to 1.1.12 JIRA: OLDIS-30530 1.1.10-1 - Update runc to 1.1.10 JIRA: OLDIS-30530...
gnutls security update
3.6.16-8.1fips - Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length as defined in FIPS 186-4 section B.3.2 Orabug: 33200526 - Allow bigger known RSA modulus sizes when calling rsageneratefips1864keypair directly Orabug: 33200526 - Change Epoch from 1 to 10...
tomcat security update
1:9.0.62-27.3 - tomcat: HTTP request smuggling via malformed trailer headers CVE-2023-46589...
grub2 security update
2.06-70.0.2.2 - search command: add flag to only search root dev - Resolves: CVE-2023-4001...
virt:ol and virt-devel:rhel security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-40.el89.2 - Resolves: RHEL-7309 CVE-2023-3019 virt:rhel/qemu-kvm: QEMU: e1000e: heap use-after-free in e1000ewritepackettoguest rhel-8 seabios sgabios...
fence-agents security update
4.2.1-121.2 - bundled urllib3: fix CVE-2023-43804 Resolves: RHEL-11988 - bundled certifi: fix CVE-2023-37920 Resolves: RHEL-6972...
ipa security update
4.10.2-5.0.1 - Resolves: 2242828 Invalid CSRF protection CVE-2023-5455...
ipa security update
4.6.8-5.0.1 - Blank out header-logo.png product-name.png - Replace login-screen-logo.png Orabug: 20362818 4.6.8-5.el79.16 - Resolves: RHEL-12570 ipa: Invalid CSRF protection...
gstreamer1-plugins-bad-free security update
1.22.1-2 - Patch CVE-2023-44429: AV1 codec parser heap-based buffer overflow - Patch CVE-2023-44446: MXF demuxer use-after-free - Resolves: RHEL-17030, RHEL-17039...
avahi security update
0.7-21.1 - Fix CVE-2021-3468 1939614 - Fix CVE-2023-38469 2191687 - Fix CVE-2023-38470 2191694 - Fix CVE-2023-38471 2191690 - Fix CVE-2023-38472 2191692 - Fix CVE-2023-38473 2191691...
postgresql:15 security update
pgaudit pgrepack postgres-decoderbufs postgresql 15.5-1 - update to 15.5 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-39418 Resolves: RHEL-16100, RHEL-16124, RHEL-16139...
thunderbird security update
115.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 115.5.0-1 - Update to 115.5.0 build1...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.325.5.el7 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access...
squid:4 security update
libecap squid 4.15-6.0.1 - Improve HTTP chunked encoding compliance CVE-2023-46846 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847...
python3 security update
3.6.8-51.0.1.2 - Security fix for CVE-2023-40217 Resolves: rhbz2235789...
glibc security update
2.34-60.0.3.7 - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode 2234716. - CVE-2203-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaihinet. Reviewed by: Jose E. Marchesi...
Unbreakable Enterprise kernel security update
5.15.0-106.131.4 - jbd2: check 'jh-btransaction' before removing it from checkpoint Zhihao Cheng - jbd2: fix checkpoint cleanup performance regression Zhang Yi - scsi: qla2xxx: Fix TMF leak through Quinn Tran - scsi: qla2xxx: Fix command flush during TMF Quinn Tran - scsi: qla2xxx: Limit TMF to 8...
Unbreakable Enterprise kernel security update
5.4.17-2136.323.8.2 - netfilter: nfnetlinkosf: avoid OOB read Wander Lairson Costa Orabug: 35824307 - netfilter: xtsctp: validate the flaginfo count Wander Lairson Costa Orabug: 35824307 - netfilter: xtu32: validate user space input Wander Lairson Costa Orabug: 35824307 - netfilter: ipset: add th...
nodejs:18 security, bug fix, and enhancement update
nodejs 1:18.16.1-1 - Rebase to 18.16.1 Resolves: rhbz2188290 rhbz2166926 Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 - Replace /usr/etc/npmrc symlink with builtin configuration Resolves: rhbz2222287 nodejs-nodemon nodejs-packaging 2021.06-4 - NPM bundler: also find...
linux-firmware security update
20230516-999.25.git6c9e0ed5.el7 - Add missing amd-ucode/ files to nano rpm Orabug: 35642190 - Add posttrans scriptlet to reload microcode on AMD Orabug: 35636951 - Recreate initramfs for AMD systems Orabug: 35636951 20230516-999.24.git6c9e0ed5.el7 - 8a07fa49 linux-firmware: Update AMD fam19h cpu...
python-flask security update
0.12.2-4.0.1 - Fix for CVE-2023-30861 Orabug: 35662469 - Add test for CVE-2023-30861 Orabug: 35662469...
kernel security update
2.6.32-754.35.1.0.8.el6.OL6 - Fix epoll: Keep a reference on files added to the check list Julian Pidancet CVE-2020-0466 Orabug: 34625224...
python-mako security update
1.0.6-14 - Fix CVE-2022-40023 2128977...
git security and bug fix update
...