8967 matches found
openssl security update
1.0.1e-59.0.4 - Backport fixes for CVE-2023-0286 Orabug: 35212597...
curl security update
7.76.1-19.el91.2 - fix HTTP multi-header compression denial of service CVE-2023-23916...
nodejs:16 security, bug fix, and enhancement update
nodejs 1:16.19.1-1 - Rebase to 16.19.1 Resolves: rhbz2153713 Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920 Resolves: CVE-2022-25881 CVE-2022-4904 nodejs-nodemon 2.0.20-3 - Patch bundled glob-parent Resolves: CVE-2021-35065...
Unbreakable Enterprise kernel security update
4.1.12-124.71.3 - USB: core: Prevent nested device-reset calls Alan Stern Orabug: 34951641 CVE-2022-4662 - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM Luiz Augusto von Dentz Orabug: 34833307 CVE-2022-42896 CVE-2022-42896 - Bluetooth: L2CAP: Introduce proper defines for PSM...
libtiff security update
4.0.9-26 - Fix various CVEs - Resolves: CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 CVE-2022-2953 4.0.9-25 - Fix CVE-2022-2867 2118857 - Fix CVE-2022-2868 2118882 - Fix CVE-2022-2869 2118878 4.0.9-24 - Fix CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 - Resolves: 2103222...
istio security update
istio 1.13.9-1 - Added Oracle specific files for 1.13.9-1 olcne 1.4.10-1 - Upgraded istio-1.13.7 to istio-1.13.9 to resolve Istio CVE-2022-39278...
bcel security update
0:5.2-19 - Fix arbitrary bytecode produced via out-of-bounds writing - Resolves: CVE-2022-42920...
Unbreakable Enterprise kernel security update
4.14.35-2047.520.3.1 - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34883027 CVE-2022-4378 - proc: avoid integer type confusion in getproclong Linus Torvalds Orabug: 34883027 CVE-2022-4378 - hugetlbfs: don't delete error page from pagecache James Houghton...
libtiff security update
4.4.0-2 - Update to version 4.4.0 - Resolves: CVE-2022-0561 CVE-2022-0562 CVE-2022-22844 CVE-2022-0865 CVE-2022-0891 CVE-2022-0924 CVE-2022-0909 CVE-2022-0908 CVE-2022-1354 CVE-2022-1355...
freetype security update
2.10.4-9 - Guard face-size - Resolves: 2079280 2.10.4-8 - Properly guard faceindex - Resolves: 2079262 2.10.4-7 - Avoid invalid face index - Resolves: 2079271...
python38:3.8 and python38-devel:3.8 security update
Cython 0.29.14-4 - Exclude unsupported i686 arch 0.29.14-3 - Unversioned binaries renamed 0.29.14-2 - Adjusted for Python 3.8 module in RHEL 8 - without emacs plugin 0.29.14-1 - Update to 0.29.14 1768034 - Python 2 subpackage has been removed scipy 1.3.1-4 - Exclude unsupported i686 arch 1.3.1-3 ...
container-tools:3.0 security update
buildah 1.19.9-6 - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 https://github.com/containers/buildah/commit/6d7f496 - Related: 2061390 1.19.9-5 - update to the latest content of https://github.com/containers/buildah/tree/release-1.19...
container-tools:ol8 security, bug fix, and enhancement update
aardvark-dns 2:1.1.0-4 - remove windows binaries and regenerate vendor tarball - Related: 2061390 2:1.1.0-3 - add gating.yaml - Related: 2061390 2:1.1.0-2 - bump Epoch to preserve upgrade path - Related: 2061390 1.1.0-1 - initial import - Related: 2061390 buildah 1:1.27.0-2 - fix CVE-2022-2990 -...
postgresql:12 security update
postgresql 12.12-1 - Resolves: 2131177 - Update to version 12.12...
samba security and bug fix update
4.15.5-10.0.1 - Gluster volumes not accessible via Samba due to missing samba-vfs-glusterfs in OL8 Orabug: 30205755 4.15.5-10 - resolves: rhbz2126041 - Do not require samba package in python3-samba 4.15.5-9 - Fix CVE-2022-32742 - resolves: rhbz2125552...
firefox security update
102.4.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.4.0-1 - Update to 102.4.0 build1...
thunderbird security update
102.3.0-4.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.3.0-4 - Fix for expat CVE-2022-40674...
webkit2gtk3 security update
2.36.7-1 - Update to 2.36.7 Related: 2123429...
.NET 6.0 security and bugfix update
6.0.109-1.0.1 - Add missing Oracle RIDs - Build all packages on source-build even when in servicing 6.0.109-1 - Update to .NET SDK 6.0.109 and Runtime 6.0.9 - Resolves: RHBZ2123791...
open-vm-tools security update
11.3.5-1.0.1.el90.1 - Fix spaces in vmware udev rule for scsi devices Orabug: 24461968 - Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. Orabug: 22815019 - Increase timeout for scsi devices on VMWare guests by adding a udev rule. Orabug: 21819156 11.3.5-1.el90.1 -...
thunderbird security update
91.13.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 91.13.0-1 - Update to 91.13.0 build1...
firefox security update
91.13.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.13.0-1 - Update to 91.13.0 build1...
Unbreakable Enterprise kernel security update
5.4.17-2136.310.7.1 - rds: copyfromuser only once per rdssendmsg system call Hans Westgaard Ry Orabug: 33981855 CVE-2022-21385...
firefox security update
91.11.0-2.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Removed Upstream references 91.11.0-2 - Update to 91.11.0 build2...
thunderbird security update
91.10.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires Orabug: 33802044 91.10.0-1 - Update to 91.10.0 build1...
flatpak security and bug fix update
1.8.7-1 - Rebase to 1.8.7 2041972 1.8.6-1 - Rebase to 1.8.6 2010533 1.8.5-6 - Fix CVE-2021-41133 2012869...
openssl security update
1.0.2k-25fips - Change Epoch from 1 to 10 - Fix DH self-test to add shared secret comparison Orabug: 32467026 - Add DH support changes for SP 800-56A rev3 requirements Orabug: 32467059 - Add TLS KDF self-test Orabug: 32467193 - Add EC keys pairwise consistency test Orabug: 32467059 1:1.0.2k-25 -...
cyrus-sasl security update
2.1.23-15.0.1.2 - Escape password for SQL insert/update commands CVE-2022-24407Orabug: 33936121...
.NET 5.0 security and bugfix update
5.0.211-1.0.1 - Support AArch64 on Oracle Linux Orabug: 32738620 - Include new Oracle Linux runtime IDs Add 1000-Add-missing-OL-RIDs.patch 5.0.211-1 - Update to .NET SDK 5.0.211 and Runtime 5.0.14 - Resolves: RHBZ2047767...
rpm security update
4.14.3-19.2 - Address covscan issues in binding sigs validation patch 2022537 4.14.3-19.1 - Validate and require subkey binding sigs on PGP pubkeys 2022537 - Fixes CVE-2021-3521...
grafana security update
7.5.9-5 - resolve CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache...
freerdp security update
2:2.2.0-7 - Updated: Refactored RPC gateway parser rhbz2017948 + fixed issues discovered by Covscan 2:2.2.0-6 - Refactored RPC gateway parser rhbz2017948 2:2.2.0-5 - Revert: Refactored RPC gateway parser rhbz2017948 2:2.2.0-4 - Refactored RPC gateway parser rhbz2017948 2:2.2.0-3 - Add checks for...
libtiff security and bug fix update
4.0.9-20 - Rebuild for fixed binutils 1954437 4.0.9-19 - Fix CVE-2020-35521 1945539 - Fix CVE-2020-35522 1945555 - Fix CVE-2020-35523 1945542 - Fix CVE-2020-35524 1945546...
jasper security update
2.0.14-5 - Fix CVE-2021-26927 1933860 - Fix CVE-2021-26926 1922316 - Fix CVE-2021-3272 1922283 - Fix CVE-2020-27828 1905692...
libsepol security update
2.9-3 - cil: Fix out-of-bound read of file context pattern ending with '' - cil: Destroy classperms list when resetting classpermission 1983517 - cil: Destroy classperm list when resetting map perms 1983521 - cil: cilresetclasspermsset should not reset classpermission 1983525 - cil: Set class...
webkit2gtk3 security and bug fix update
2.30.4-3 - Fix crashing on aarch64 - Resolves: 2010825 2.30.4-2 - Fix CVE-2021-30858 - Resolves: 2006427...
Unbreakable Enterprise kernel security update
5.4.17-2102.206.1 - Revert 'scsi: core: Cap scsihost cmdperlun at canqueue' Jack Vogel Orabug: 33403144 5.4.17-2102.206.0 - Revert 'uek-rpm: Don't recompute build-ids for kernel-uek-debuginfo' Jack Vogel Orabug: 33245043 - integrity: Load mokx variables into the blacklist keyring Eric Snowberg...
Unbreakable Enterprise kernel-container security update
5.4.17-2102.205.7.3.el7 - btrfs: fix NULL pointer dereference when deleting device by invalid id Qu Wenruo Orabug: 33281078 CVE-2021-3739...
opensc security, bug fix, and enhancement update
0.20.0-4 - Use file cache by default 1892810 - Avoid calloc with 0 argument 1895401 0.20.0-3 - Support PIN change for HID Alt tokens 1830901 - Fix CVE-2020-26570, CVE-2020-26571 and CVE-2020-26572 - Fix right padding of token labels of some cards 1877973...
virt:ol and virt-devel:rhel security, bug fix, and enhancement update
libvirt 6.0.0-35.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma - Disable parallel builds Karl Heubaum libvirt-dbus 1.3.0 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release libvirt-python...
openssl security, bug fix, and enhancement update
1.1.1g-11 - Further changes for SP 800-56A rev3 requirements 1.1.1g-9 - Rewire FIPSdrbg API to use the RANDDRBG - Use the well known DH groups in TLS even for 2048 and 1024 bit parameters 1.1.1g-7 - Disallow dropping Extended Master Secret extension on renegotiation - Return alert from sserver if...
dovecot security update
1:2.3.8-4 - fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts 1866756 - fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation 1866761 - fix CVE-2020-12674 crash due to assert in RPA implementation 1866768 1:2.3.8-3 - fix CVE-2020-10957 dovecot: malformed NOOP...
libxslt security update
1.1.32-5.0.1 - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball 1.1.32-5 - Fix CVE-2019-18197 1775517 - Fix CVE-2019-11068 1715732...
cryptsetup security, bug fix, and enhancement update
2.3.3-2 - patch: Fix possible memory corruption in LUKS2 validation code in 32bit library. - Resolves: 1872294 2.3.3-1 - Update to cryptsetup 2.3.3 - Resolves: 1796826 1743891 1785748 2.3.1-1 - Update to cryptsetup 2.3.1 - Resolves: 1796826 1743891 1785748...
xorg-x11-server security update
1.17.4-18.0.1 - Fix regression from the patch for Orabug 27204421 which crashes Xvfb Orabug: 28485058 - Fix X consumes 100% CPU if messagebus restarted Orabug: 27204421 - Fix X server failure in FIPS mode Orabug: 22866111 1.17.4-18 - CVE fixes for: CVE-2020-14345 1872388, CVE-2020-14346 1872392,...
cloud-init security, bug fix, and enhancement update
19.4-7.0.3 - Add conditional restart of NetworkManager for cloud-final. Orabug: 31965645 - Correct postinstall upgrade cloud-init.service mismerge order. 19.4-7.0.1 - Add Oracle Linux variant to known distros - Add cloud-init hotplug event handling support Orabug: 30485135 - Oracle data source...
spamassassin security update
3.4.0-6 - Fix CVE-2019-12420 - Resolves: rhbz1812976...
audiofile security update
1:0.3.6-9 - Apply security patches. CVE-2018-17095, CVE-2018-13440 - Resolves: rhbz1600369, rhbz1601014, rhbz1637128 1:0.3.6-8 - Escape macros in %changelog 1:0.3.6-7 - Merge upstream pull requests 42,43,44 from Agostino Sarubbo to fix security issues. CVE-2017-6827, CVE-2017-6828, CVE-2017-6829,...
firefox security update
68.12.0-1.0.3 - Build with rust-toolset 1.43 68.12.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Improve bindgen configuration wrt clang bmo1526857 -...
libvncserver security update
0.9.9-14.1 - Fix CVE-2017-18922 Resolves: 1852509...