9173 matches found
Unbreakable Enterprise kernel security update
4.14.35-2047.519.2.1 - xfs: trim IO to found COW extent limit Eric Sandeen Orabug: 34765284 - xfs: don't use delalloc extents for COW on files with extsize hints Christoph Hellwig Orabug: 34765284 4.14.35-2047.519.2 - Revert 'xfs: don't use delalloc extents for COW on files with extsize hints'...
container-tools:ol8 security, bug fix, and enhancement update
aardvark-dns 2:1.1.0-4 - remove windows binaries and regenerate vendor tarball - Related: 2061390 2:1.1.0-3 - add gating.yaml - Related: 2061390 2:1.1.0-2 - bump Epoch to preserve upgrade path - Related: 2061390 1.1.0-1 - initial import - Related: 2061390 buildah 1:1.27.0-2 - fix CVE-2022-2990 -...
dnsmasq security and bug fix update
2.79-24 - Prevent endless loop in forwardquery 2120357 2.79-23 - Add IPv6 ntp-server suboptions support 2049691 2.79-22 - Prevent use after free in dhcp6norelay CVE-2022-0934...
container-tools:3.0 security update
buildah 1.19.9-6 - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 https://github.com/containers/buildah/commit/6d7f496 - Related: 2061390 1.19.9-5 - update to the latest content of https://github.com/containers/buildah/tree/release-1.19...
python27:2.7 security update
babel 2.5.1-10 - Fix CVE-2021-20095 Resolves: rhbz1955615 2.5.1-9 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 2.5.1-8 - Fix unversioned requires/buildrequires - Resolves: rhbz1628242 2.5.1-7 - Remove unversioned binaries - Resolves: rhbz1613343 2.5.1-6 - Make...
python38:3.8 and python38-devel:3.8 security update
Cython 0.29.14-4 - Exclude unsupported i686 arch 0.29.14-3 - Unversioned binaries renamed 0.29.14-2 - Adjusted for Python 3.8 module in RHEL 8 - without emacs plugin 0.29.14-1 - Update to 0.29.14 1768034 - Python 2 subpackage has been removed scipy 1.3.1-4 - Exclude unsupported i686 arch 1.3.1-3 ...
Unbreakable Enterprise kernel security update
5.4.17-2136.312.3.4 - Revert 'fs: check FMODELSEEK to control internal pipe splicing' Saeed Mirzamohammadi Orabug: 34666845 5.4.17-2136.312.3.3 cpusreadlock deadlock Tejun Heo Orabug: 34607590 - cgroup: Elide write-locking threadgrouprwsem when updating csses on an empty subtree Tejun Heo Orabug:...
qemu-kvm security update
...
expat security update
2.1.0-15.0.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910302 2.1.0-15 - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674...
bind security update
32:9.11.36-3.1 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178...
gnupg2 security update
2.2.20-3 - Fix CVE-2022-34903 2108447...
istio security update
istio 1.13.7-1 - Added Oracle specific files for 1.13.7-1 olcne 1.4.7-1 - Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045 1.4.6-2 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over - Update gen-certs-helper script to skip printin...
firefox security update
91.13.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.13.0-1 - Update to 91.13.0 build1...
thunderbird security update
91.13.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 91.13.0-1 - Update to 91.13.0 build1...
thunderbird security update
91.13.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires Orabug: 33802044 91.13.0-1 - Update to 91.13.0 build1...
Unbreakable Enterprise kernel security update
5.4.17-2136.310.7.1 - rds: copyfromuser only once per rdssendmsg system call Hans Westgaard Ry Orabug: 33981855 CVE-2022-21385...
go-toolset and golang security and bug fix update
golang 1.17.12-1 - Update Go to version 1.17.12 - Resolves: rhbz2109183 1.17.7-2 - Clean up dist-git patches - Resolves: rhbz2109174 go-toolset 1.17.12-1 - Update Go to version 1.17.12 - Resolves: rhbz2109183...
grafana security update
7.5.11-3 - resolve CVE-2022-31107 grafana: OAuth account takeover...
libxml2 security update
2.9.7-13.1 - Fix CVE-2022-29824 2082297...
nodejs:16 security update
nodejs 1:16.14.0-4 - Apply lock file validation fixes - Resolves CVE-2021-43616 - Resolves: RHBZ2070012...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.307.3.2 - perf: Fix sysperfeventopen race against self Peter Zijlstra Orabug: 34172709 CVE-2022-1729...
flatpak security and bug fix update
1.8.7-1 - Rebase to 1.8.7 2041972 1.8.6-1 - Rebase to 1.8.6 2010533 1.8.5-6 - Fix CVE-2021-41133 2012869...
cyrus-sasl security update
2.1.27-6 - Fix for CVE-2022-24407 - Resolves: rhbz2055846...
python-pillow security update
5.1.1-18 - Fixup for CVE-2022-22817 - Security fixes for CVE-2022-22815, CVE-2022-22816 Resolves: rhbz2042522 5.1.1-17 - Fix for CVE-2022-22817 Resolves: rhbz2042527...
vim security update
8.0.1763-16.0.1.4 - - Remove upstream references Orabug: 31197557 2:8.0.1763-16.4 - CVE-2021-4193 vim: vulnerable to Out-of-bounds Read - CVE-2021-4192 vim: vulnerable to Use After Free 2:8.0.1763-16.3 - 2028341 - CVE-2021-3984 vim: illegal memory access when C-indenting could lead to Heap Buffer...
thunderbird security update
91.5.0-1.0.2 - Removed aarch64 exclusion. 91.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.5.0-1 - Update to 91.5.0 build1...
freerdp security update
2:2.2.0-7 - Updated: Refactored RPC gateway parser rhbz2017948 + fixed issues discovered by Covscan 2:2.2.0-6 - Refactored RPC gateway parser rhbz2017948 2:2.2.0-5 - Revert: Refactored RPC gateway parser rhbz2017948 2:2.2.0-4 - Refactored RPC gateway parser rhbz2017948 2:2.2.0-3 - Add checks for...
libsepol security update
2.9-3 - cil: Fix out-of-bound read of file context pattern ending with '' - cil: Destroy classperms list when resetting classpermission 1983517 - cil: Destroy classperm list when resetting map perms 1983521 - cil: cilresetclasspermsset should not reset classpermission 1983525 - cil: Set class...
thunderbird security update
91.3.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.3.0-2 - Update to 19.3.0 build2 91.3.0-1 - Update to 91.3.0 build1...
firefox security update
91.3.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.3.0-1 - Update to 91.3.0 build1...
webkit2gtk3 security and bug fix update
2.30.4-3 - Fix crashing on aarch64 - Resolves: 2010825 2.30.4-2 - Fix CVE-2021-30858 - Resolves: 2006427...
Unbreakable Enterprise kernel security update
5.4.17-2102.206.1 - Revert 'scsi: core: Cap scsihost cmdperlun at canqueue' Jack Vogel Orabug: 33403144 5.4.17-2102.206.0 - Revert 'uek-rpm: Don't recompute build-ids for kernel-uek-debuginfo' Jack Vogel Orabug: 33245043 - integrity: Load mokx variables into the blacklist keyring Eric Snowberg...
go-toolset:ol8 security update
go-toolset 1.15.14-2 - Revert to Go 1.15.14 - Related: rhbz1995126 - Reverts: rhbz1994087 1.15.15-1 - Rebase to Go 1.15.15 - Resolves: rhbz1994087 - Add reject leading zeros patch - Resolves: rhbz1994010...
curl security update
7.61.1-18.el84.1 - fix bad connection reuse due to flawed path name checks CVE-2021-22924 - disable metalink support to fix the following vulnerabilities CVE-2021-22923 - metalink download sends credentials CVE-2021-22922 - wrong content via metalink not discarded...
libuv security update
1:1.41.1-1 - Rebase to 1.41.1 - Change description to reflect upstream - Resolves: RHBZ1980033...
gupnp security update
1.0.2-6 + gupnp-1.0.3-3 - Fix DNS rebind issue - Resolves: 1964706...
qt5-qtimageformats security update
5.9.7-2 - libwebp security fixes: Resolves: bz1961742 Resolves: bz1961743 Resolves: bz1961744 Resolves: bz1961745...
freerdp security, bug fix, and enhancement update
2:2.2.0-1 - Update to 2.2.0 rhbz1881971...
opensc security, bug fix, and enhancement update
0.20.0-4 - Use file cache by default 1892810 - Avoid calloc with 0 argument 1895401 0.20.0-3 - Support PIN change for HID Alt tokens 1830901 - Fix CVE-2020-26570, CVE-2020-26571 and CVE-2020-26572 - Fix right padding of token labels of some cards 1877973...
thunderbird security update
78.6.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.6.1-1 - Update to 78.6.1...
openssl security, bug fix, and enhancement update
1.1.1g-11 - Further changes for SP 800-56A rev3 requirements 1.1.1g-9 - Rewire FIPSdrbg API to use the RANDDRBG - Use the well known DH groups in TLS even for 2048 and 1024 bit parameters 1.1.1g-7 - Disallow dropping Extended Master Secret extension on renegotiation - Return alert from sserver if...
edk2 security, bug fix, and enhancement update
20200602gitca407c7246bf-3.el8 - edk2-UefiCpuPkg-PiSmmCpuDxeSmm-pause-in-WaitForSemaphore-.patch bz1861718 - Resolves: bz1861718 Very slow boot when overcommitting CPU 20200602gitca407c7246bf-2.el8 - edk2-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch bz1844682 -...
libxslt security update
1.1.32-5.0.1 - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball 1.1.32-5 - Fix CVE-2019-18197 1775517 - Fix CVE-2019-11068 1715732...
squid:4 security, bug fix, and enhancement update
...
cups security and bug fix update
1:1.6.3-51 - 1823758 - CVE-2017-18190 cups: DNS rebinding attacks via incorrect whitelist rhel-7 1:1.6.3-50 - 1813413 - RHEL 7.7 segfault in cupsdSaveJob caused by no space in /var 1:1.6.3-49 - more covscan issues raised from the fix 1672212 1:1.6.3-48 - fixing covscan issue from 1672212 1:1.6.3-...
libmspack security update
0.5-0.8.alpha - Fix for CVE-2019-1010305 resolves: rhbz1736744...
freeradius security and bug fix update
3.0.13-15 - Fixes EAP-PWD: DoS issues due to multithreaded BNCTX access Resolves: bz1818808 3.0.13-14 - Fixes receiving of multiple RADIUS packets under load Resolves: bz1630684 3.0.13-13 - Fixes logging of cleartext pap password Resolves: bz1677435 3.0.13-12 - Fixes paircompare with attribute...
glib2 and ibus security and bug fix update
glib2 2.56.1-7 - Backport patch to limit access to files when copying CVE-2019-12450 Resolves: 1722099 2.56.1-6 - Backport patches for GDBus auth Resolves: 1777221 ibus 1.5.17-11 - Resolves: 1750835 - Fix CVE-2019-14822 missing authorization allows...
subversion security update
1.7.14-16 - add security fix for CVE-2018-11782...
freerdp security, bug fix, and enhancement update
2.1.1-2 - Update to 2.1.1 1834286...