8984 matches found
redis:7 security update
7.2.6-1 - rebase to 7.2.6 RHEL-26628 7.0.12-1 - rebase to 7.0.12 2221899 7.0.11-1 - rebase to 7.0.11 for new redis:7 stream 2129826 7.0.11-1 - Upstream 7.0.11 release. 7.0.10-2 - fix modules directory ownership and permissions 2176173 - drop redis-shutdown helper and rely on systemd 2181181...
thunderbird security update
60.2.1-5.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.2.1-5 - Fixing minor issues 60.2.1-3 - Reverting deleting of key3db 60.2.1-2 - Update to 60.2.1 - Added fix for rhbz1546988 60.0-1 - Rebase to version 60...
Unbreakable Enterprise kernel security update
5.15.0-300.163.18.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37132350...
python security update
2.6.6-68.0.1 - Add Oracle Linux distribution in platform.py orabug 21288328 Keshav Sharma 2.6.6-68 - Security fix for CVE-2019-10160 Resolves: rhbz1716744 2.6.6-67 - Security fix for CVE-2019-9636 Resolves: rhbz1716744...
php:8.2 security update
php 8.2.25-1 - rebase to 8.2.25 RHEL-65837 php-pecl-apcu 5.1.23-1 - update to 5.1.23 for PHP 8.2 RHEL-14699 php-pecl-rrd php-pecl-xdebug3 3.2.2-2 - drop inetntoa usage using upstream patch 3.2.2-1 - update to 3.2.2 for PHP 8.2 RHEL-14699 php-pecl-zip 1.22.3-1 - update to 1.22.3 for PHP 8.2...
php:8.2 security update
libzip php 8.2.25-1 - rebase to 8.2.25 RHEL-66166 php-pear php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip...
dnf security and bug fix update
dnf 4.7.0-4.0.1 -Fixed python stack trace with updateinfo list cves command Orabug: 32749660 - Replaced upstream bugzilla reporting reference. Orabug: 32829849 4.7.0-4 - Update translations RhBug:1961632 4.7.0-3 - Improve signature checking using rpmkeys RhBug:1967454 4.7.0-2 - Fix covscan issue:...
krb5 security update
1.15.1-55.0.7 - libkrad: implement support for Message-Authenticator CVE-2024-3596 Orabug: 37241077...
qemu security update
15:3.0.0-1.el7 - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28763782 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug: 28763774 CVE-2018-17962 - rtl8139: fix possible out of bound access Jason Wang Orabug: 28763765 CVE-2018-17958 - ne2000: fix possible ou...
python36:3.6 security update
python36 python-distro python-docs python-docutils python-nose python-pygments python-pymongo python-PyMySQL python-sqlalchemy python-virtualenv 15.1.0-23 - Security fix for CVE-2024-53899 Resolves: RHEL-68876 python-wheel scipy...
webkit2gtk3 security update
2.44.3-2 - Add patch to fix WebAssembly Resolves: RHEL-32578 2.44.3-1 - Update to 2.44.3 Resolves: RHEL-32578 2.44.2-1 - Update to 2.44.2 Resolves: RHEL-32578 2.44.1-1 - Update to 2.44.1 Resolves: RHEL-32578 Resolves: RHEL-29637 2.42.5-1 - Update to 2.42.5 Resolves: RHEL-3960 2.42.4-1 - Update to...
Unbreakable Enterprise kernel security update
4.14.35-2047.506.8 - A/A Bonding: devhold/put the delayed GARP work handler's netdev in rdmaip Sharath Srinivasan Orabug: 33187189 - rds/ib: quarantine STALE mr before dereg Manjunath Patil Orabug: 33187192 - rds/ib: avoid dereg of mr in frwrclean Manjunath Patil Orabug: 33187195 - rds/ib: update...
Unbreakable Enterprise kernel security update
4.1.12-124.52.4 - IB/core: Only update PKEY and GID caches on respective events Hakon Bugge Orabug: 32816368 - Revert 'Allow mce to reset instead of panic on UE' William Roche Orabug: 32820278 - Bluetooth: verify AMP hcichan before ampdestroy Archie Pusaka Orabug: 32912103 CVE-2021-33034 -...
kernel security update
4.18.0-80.11.20.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.11.20 - vhost vhost: make sure lognum innum Eugenio Perez 1750881...
libsoup security update
2.62.2-2.0.1 - Fixed CVE-2024-52530 for smuggling nullbytes in header names Orabug: 37289659...
389-ds:1.4 security update
1.4.3.39-8 - Bump version to 1.4.3.39-8 - Resolves: RHEL-40943 - CVE-2024-5953 389-ds:1.4/389-ds-base: Malformed userPassword hash may cause Denial of Service rhel-8.10.z - Resolves: RHEL-58069 - perf search result investigation for many large static groups and members rhel-8.10.0.z...
patch security update
2.7.1-12 - Fixed CVE-2018-20969, invoke ed directly instead of using the shell...
emacs security update
1:27.2-10 - Disable xwidgets RHEL-14551 - org-file-contents: Consider all remote files unsafe CVE-2024-30205 - Make Gnus treats inline MIME contents as untrusted CVE-2024-30203 - Add protection for LaTeX preview CVE-2024-30204 - org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code...
tuned security update
2.24.0-2.0.1 - Fix RPS/XPS and busy polling optimization not getting applied Orabug: 32153315 - Fix error in uninstalling tuned Orabug: 351528377 - Updated patch with the more recent version Orabug: 30730976 - Set AMD CPU freq governor to ondemand when unapplying cpu tunings Orabug: 30033199 -...
openssl security update
0.9.8e-40.0.3 - fix CVE-2016-2177 - possible integer overflow - fix CVE-2016-2178 - non-constant time DSA operations - fix CVE-2016-2182 - possible buffer overflow in BNbn2dec - fix CVE-2016-6306 - certificate message OOB reads - mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to...
python3.11 security update
3.11.11-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.11-1 - Update to 3.11.11 Resolves: RHEL-64879...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.382.b05-1 - Update to shenandoah-jdk8u372-b05 GA - Update release notes for shenandoah-8u372-b05. - This tarball is embargoed until 2023-07-18 @ 1pm PT. - Resolves: rhbz2221106 1:1.8.0.382.b04-0.1.ea - Update to shenandoah-jdk8u382-b04 EA - Update release notes for shenandoah-8u382-b04. -...
glibc security update
2.28-151.0.1.el84 - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag ...
kernel security, bug fix, and enhancement update
4.18.0-305.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x...
kernel security and bug fix update
3.10.0-1160.24.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...
thunderbird security update
60.7.2-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.7.2-2 - Update to 60.7.2 build2 60.7.2-1 - Update to 60.7.2 60.7.1-1 - Update to 60.7.1...
qemu-kvm security, bug fix, and enhancement update
7.2.0-14 - Rebuild for 9.2 release - Resolves: bz2173590 bugs in emulation of BMI instructions for libguestfs without KVM - Resolves: bz2156876 virtual networkrhel7.9guest qemu-kvm: vhost vring error in virtqueue 1: Invalid argument 22 7.2.0-13 -...
bind security update
32:9.9.4-74.1 - Remove again broken test CVE-2018-5743 32:9.9.4-74 - Fix CVE-2018-5743...
Unbreakable Enterprise kernel-container security update
5.4.17-2102.201.3.el8 - locking/qrwlock: Fix ordering in queuedwritelockslowpath Ali Saidi Orabug: 32805544 5.4.17-2102.201.2.el8 - md/bitmap: wait for external bitmap writes to complete during tear down Sudhakar Panneerselvam Orabug: 32764237 - ocfs2: fix deadlock between setattr and dioendiowri...
thunderbird security update
60.3.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.3.0-1 - Update to 60.3.0 60.2.1-6 - Fixed missing calendar langpacks...
webkit2gtk3 security update
2.46.3-1 - Update to 2.46.3 2.46.2-1 - Update to 2.46.2 - Add patch to disable Evolution sandbox warning 2.46.1-2 - Add patch to keep GSocketMonitor callback alive Resolves: RHEL-59185 2.46.1-1 - Update to 2.46.1 Resolves: RHEL-59185...
container-tools:2.0 security update
buildah 1.11.6-8.0.1 - Reduce unnecessary writable mounts in NaiveDiffDriver Orabug: 31025483 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-8 - exclude i686 arch - Related: 1821193 1.11.6-7 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file...
Unbreakable Enterprise kernel security update
5.4.17-2136.307.3.4 - iouring: always use original task when preparing req identity Jens Axboe Orabug: 34186552 CVE-2022-1786 5.4.17-2136.307.3.3 - debug: Lock down kgdb Stephen Brennan Orabug: 34152699 CVE-2022-21499...
bind security update
32:9.11.4-26.P2.4 - Fix off-by-one bug in ISC SPNEGO implementation CVE-2020-8625 32:9.11.4-26.P2.3 - Fix inline re-signing rh1889902 32:9.11.4-26.P2.2 - Fix unsupported algorithms validation rh1769876 32:9.11.4-26.P2.1 - Fix tsig-request verify CVE-2020-8622 - Prevent PKCS11 daemon crash on...
java-1.6.0-openjdk security update
1:1.6.0.41-1.13.13.1.0.1 - Add oracle-enterprise.patch 1:1.6.0.41-1.13.13.1 - Update to new 1.13.13 and b41 tarballs to correct TCK failure. - Resolves: rhbz1381990 1:1.6.0.41-1.13.13.0 - Remove --htmldir option which is not supported by older autotools. - Resolves: rhbz1381990 1:1.6.0.41-1.13.13...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.504.2.el7 - md/raid1: properly indicate failure when ending a failed write request Paul Clements Orabug: 32887159 - video: hypervfb: Add ratelimit on error message Michael Kelley Orabug: 32856879 - Drivers: hv: vmbus: Initialize unloadevent statically Andrea Parri Microsoft Orabug:...
libvirt security and bug fix update
4.5.0-10.0.1 - added librbd1 as dependency Keshav Sharma 4.5.0-10.el76.12 - api: disallow virDomainSaveImageGetXMLDesc on read-only connections CVE-2019-10161 - api: disallow virDomainManagedSaveDefineXML on read-only connections CVE-2019-10166 - api: disallow virConnectGetDomainCapabilities on...
curl security update
7.29.0-59.0.1 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug: 30568724 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitiv...
java-11-openjdk security update
1:11.0.2.7-0.0.1 - link atomic for ix86 build 1:11.0.2.7-0 - Update to shenandoah-jdk-11.0.2+7 January 2019 CPU - Make tagsuffix optional and comment it out while unused. - Drop JDK-8211105/RH1628612/RH1630996 applied upstream. - Drop JDK-8209639/RH1640127 applied upstream. - Re-generate...
Unbreakable Enterprise kernel security update
4.1.12-124.48.6 - scsi: iscsi: Verify lengths on passthrough PDUs Chris Leech Orabug: 32603382 - scsi: iscsi: Ensure sysfs attributes are limited to PAGESIZE Chris Leech Orabug: 32603382 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi: Report connection state in sysfs Gabriel Krisman...
Unbreakable Enterprise kernel security update
4.1.12-124.36.3 - Fix KABI error by keeping the struct field being removed by the below patch Ritika Srivastava Orabug: 30902926 - Revert 'PCI: Check pref compatible bit for mem64 resource of PCIe device' Ritika Srivastava Orabug: 30902926 4.1.12-124.36.2 - rds: Use bitmap to designate dropped...
kernel security, bug fix, and enhancement update
4.18.0-240.15.13.OL8 - Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x6...
Unbreakable Enterprise kernel security update
5.4.17-2102.202.5 - sctp: delay autoasconf init until binding the first addr Xin Long Orabug: 32907967 CVE-2021-23133 CVE-2021-23133 - dm ioctl: fix out of bounds array access when no devices Mikulas Patocka Orabug: 32860491 CVE-2021-31916 - uek-rpm: update kABI lists for the new symbols Saeed...
kernel security and bug fix update
2.6.32-754.18.2.OL6 - Update genkey bug 25599697 2.6.32-754.18.2 - x86 x86/speculation: Enable Spectre v1 swapgs mitigations Waiman Long 1724512 CVE-2019-1125 - x86 x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations Waiman Long 1724512 CVE-2019-1125 2.6.32-754.18.1 - virt xenbu...
httpd security update
2.4.6-89.0.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-89.1 - Resolves: 1719722 - CVE-2018-1312 httpd: Weak Digest auth nonce generation in modauthdigest...
Unbreakable Enterprise kernel security update
4.1.12-124.28.1 - hugetlbfs: don't retry when pool page allocations start to fail Mike Kravetz Orabug: 29324267 - x86/speculation: RSB stuffing with retpoline on Skylake+ cpus William Roche Orabug: 29660924 - x86/speculation: reformatting RSB overwrite macro William Roche Orabug: 29660924 -...
vim security update
8.0.1763-19.0.1.4 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-19.4 - fix issue reported by covscan 2:8.0.1763-19.3 - CVE-2022-1785 vim: Out-of-bounds Write - CVE-2022-1897 vim: out-of-bounds write in...
libssh2 security update
1.4.3-12.0.1.el76.3 - Bump and rebuild. 1.4.3-12.el76.3 - fix out-of-bounds memory comparison with specially crafted message channel request CVE-2019-3862...
qemu security update
15:3.1.0-1.el7 - vfio-pci: emit FAILOVERPRIMARYCHANGED event on guest behalf when unrealized - vfio-pci: emit FAILOVERPRIMARYCHANGED event on guest behalf when unrealized Si-Wei Liu Orabug: 29216696 - vfio-pci: add FAILOVERPRIMARYCHANGED event to shorten downtime during failover Si-Wei Liu Orabug...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.131-2.b13 - Backport 'S8153711: REDO JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command' - Resolves: rhbz1442162 1:1.8.0.131-1.b11 - Update to aarch64-jdk8u131-b11. - Drop upstreamed patches for 8147910, 8161993, 8170888 and 8173783. - Update...