8967 matches found
krb5 security update
1.6.1-36.el54.1 - add candidate patch to correct KDC integer overflows which could be triggered by malformed RC4 and AES ciphertexts CVE-2009-4212, 546347...
ntp security update
4.2.2p1-9.el54.1 - fix DoS with mode 7 packets 532639, CVE-2009-3563 - compile with -fno-strict-aliasing...
bind security update
30:9.3.6-4.P1.1 - don't cache unvalidated additional sections 538744...
kdegraphics security update
3.3.1-15.2 - Add missing NULL check to CVE-2009-3608 patch 3.3.1-15.1 - CVE-2009-0791...
postgresql security update
8.1.18-2.el54.1 - Remove unnecessary .o file that confuses TPS tests Related: 525284 8.1.18-1.el54.1 - Update to PostgreSQL 8.1.18 to fix CVE-2009-0922, CVE-2009-3230, and assorted other bugs described at http://www.postgresql.org/docs/8.1/static/release.html Resolves: 525284...
firefox security update
firefox: 3.0.14-1.0.1.el54 - Update firstrun and homepage URLs in specfile - Added patch oracle-firefox-branding.patch - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones 3.0.14-1 - Update to 3.0.14 3.0.13-1 - Update to 3.0.13...
seamonkey security update
1.0.9-43.0.1.el48 - Added mozilla-oracle-default-prefs.js, and mozilla-oracle-default-bookmarks.html and removed corresponding Redhat ones 1.0.9-43.el4 - Added fixes from 1.9.0.11...
cups security update
1.1.17-13.3.56 - Applied patch to fix CVE-2008-3640 STR 2919, bug 486052, which was not fixed in previous attempt...
thunderbird security update
1.5.0.12-16.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js 1.5.0.12-16 - Update patchset to fix regression as per 1.8.1.17 1.5.0.12-15 - Rebuild with system nss and nspr 1.5.0.12-14 - Add patches for backported fixes from 1.8.1....
xorg-x11 security update
6.8.2-1.0.1.EL.33.0.4 - Add Enterprise Linux detection - Add XFree86-4.3.0-oracle-bug-report-address-update.patch 6.8.2-1.EL.33.0.4 - cve-2008-2360.patch: Render AllocateGlyph extension Integer overflows - fix 6.8.2-1.EL.33.0.3 - cve-2008-1377.patch: Record and Security Extension Input validation...
xen security and bug fix update
3.0.3-41.el51.5 - Disable QEMU image format auto-detection CVE-2008-2004 rhbz 444700 3.0.3-41.el51.4 - Fix PVFB to validate frame buffer description rhbz 443376 - Fix PVFB to cope with bogus update requests rhbz 368931 3.0.3-41.el51.3 - Fix QEMU buffer overflow CVE-2007-5730 rhbz 360381 - Fix QEM...
firefox security update
1.5.0.12-15.el51.0.1 - Add firefox-oracle-default-bookmarks.html and firefox-oracle-default-prefs.js 1.5.0.12-15 - Update patchset to fix regressions as per 1.8.1.14...
Important: poppler security update
2.3.27-8.1 Fixes for: - 345101 - CVE-2007-4352 xpdf memory corruption in DCTStream::readProgressiveDataUnit - 345111 - CVE-2007-5392 xpdf buffer overflow in DCTStream::reset - 345121 - CVE-2007-5393 xpdf buffer overflow in CCITTFaxStream::lookChar...
Critical: pcre security update
6.6-2.1 - Resolves: 315951, CVE-2007-1659, CVE-2007-1660 6.6-1.2 - Resolves: 315951, CVE-2007-1659, CVE-2007-1660...
Important: nfs-utils-lib security update
1.0.6-8.z1 - Fixed RPC library buffer overflow bz 265001...
Important: gpdf security update
2.8.2-7.7 - Add patch to fix CVE-2007-3387 248204. 2.8.2-7.6 - Apply fix for CVE-2006-0301 bug 179053...
Important: xpdf security update
3.00-12.RHEL4 - Resolves: bz248199, CVE-2007-3387 xpdf integer overflow...
Low: gdb security and bug fix update
6.3.0.0-1.138 - Fixed crash on cross-file resolving of opaque types BZ 135488. - 6.3.0.0-1.137 - Never lose any pending signal while attaching - resubmit them BZ 189607. - 6.3.0.0-1.136 - Bugfix segv on the source display by ^X 1 BZ 202345. - Support shared libraries 2GB on 64bit hosts - obstack...
Unbreakable Enterprise kernel security update
5.4.17-2136.343.5.1 - nvme: fix deadlock between reset and scan Bitao Hu Orabug: 37920457 5.4.17-2136.343.5 - sctp: sysctl: authenable: avoid using current-nsproxy Matthieu Baerts NGI0 Orabug: 37846673 - sctp: sysctl: cookiehmacalg: avoid using current-nsproxy Matthieu Baerts NGI0 Orabug: 3784666...
kernel security update
5.14.0-427.40.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.334.6.el8 - loop: Fix a race between loop detach and loop open Gulam Mohamed Orabug: 36197800 - x86/bhi: Do not enable unnecessary BHI mitigation in OCI and Exadata VMs Alexandre Chartre Orabug: 36672495 - x86/bhi: Avoid warning in DB handler due to BHI mitigation Alexandre Chartre...
libreoffice security fix update
1:5.3.6.1-26.0.1 - adjust color palette to match Redwood style. - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.3.6.1-26 - Fix CVE-2022-38745 Empty entry in Java class path - Fix CVE-2023-09...
ansible-core bug fix, enhancement, and security update
2.16.3-2 - rebuild with python 3.12 RHEL-24141 2.16.3-1 - ansible-core 2.16.3 release RHEL-23782 - Fix CVE-2024-0690 possible information leak in tasks that ignore ANSIBLENOLOG configuration RHEL-22123 2.16.2-1 - ansible-core 2.16.2 release RHEL-19297 2.16.1-1 - ansible-core 2.16.1 release...
motif security update
2.3.4-28 - Fix CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer - Fix CVE-2023-43789: out of bounds read on XPM with corrupted colormap...
less security update
530-2 - Fix CVE-2022-48624 - Resolves: RHEL-26265...
postgresql-jdbc security update
42.2.28-1 - rebase to 42.2.28 - fix for CVE-2024-1597...
opensc security update
0.20.0-8 - Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1.5 padding...
grub2 security update
2.06-70.0.2.2 - search command: add flag to only search root dev - Resolves: CVE-2023-4001...
gstreamer-plugins-bad-free security update
0.10.23-24 - Patch CVE-2023-44446: MXF demuxer use-after-free - Disable gtk-doc to fix the build - Resolves: RHEL-16792...
.NET 6.0 security update
6.0.126-1.0.1 - Add support for Oracle Linux 6.0.126-1 - Update to .NET SDK 6.0.126 and Runtime 6.0.26...
gstreamer1-plugins-bad-free security update
1.16.1-2 - Resolves MXF demuxer use-after-free vulnerability CVE-2023-44446...
avahi security update
0.7-21.1 - Fix CVE-2021-3468 1939614 - Fix CVE-2023-38469 2191687 - Fix CVE-2023-38470 2191694 - Fix CVE-2023-38471 2191690 - Fix CVE-2023-38472 2191692 - Fix CVE-2023-38473 2191691...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.325.5.el8 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access...
java-21-openjdk security and bug fix update
1:21.0.1.0.12-2.0.1 - Add Oracle vendor bug URL 1:21.0.1.0.12-2 - Switch to using portable binaries built on RHEL 7 - Sync the copy of the portable specfile with the RHEL 7 version - Related: RHEL-12997 1:21.0.1.0.12-1 - Update to jdk-21.0.1.0+12 GA - Update release notes to 21.0.1.0+12 - Sync th...
squid security update
7:3.5.20-17.0.1 - Mutiple CVE fixes for squid Orabug: 33146289 - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing 788 - Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range...
squid:4 security update
libecap squid 4.15-6.0.1 - Improve HTTP chunked encoding compliance CVE-2023-46846 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847...
java-11-openjdk security and bug fix update
1:11.0.21.0.9-2.0.1 - Update to jdk-11.0.21+9 GA - Update release notes to 11.0.21+9 - OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 - OpenJDK: Additional zip64 files validation 8313765 RHBZ2237170 - OpenJDK: Print an exception when encountering nu...
glibc security update
2.34-60.0.3.7 - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode 2234716. - CVE-2203-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaihinet. Reviewed by: Jose E. Marchesi...
postgresql:15 security update
pgaudit pgrepack postgres-decoderbufs postgresql 15.3-1 - Update to upstream version 15.3 - Fixes: CVE-2023-2454 CVE-2023-2455 - Resolves: 2207934...
microcode_ctl security update
2:2.1-73.15.0.6 - also rebuild initramfs for kernel-ueknano Orabug: 35698043 2:2.1-73.15.0.5 - update 06-55-04 to 0x2007006 - update 06-55-06 to 0x4003604 - update 06-55-07 to 0x5003604 - update 06-6a-06 to 0xd0003a5 - Resolves for Oracle hardware: CVE-2022-40982 Orabug: 35692745 2:2.1-73.15.0.2 ...
linux-firmware security update
20230516-999.25.git6c9e0ed5.el8 - Add missing amd-ucode/ files to nano and core rpm Orabug: 35642190 - Add posttrans scriptlet to reload microcode on AMD Orabug: 35636951 - Recreate initramfs for AMD systems Orabug: 35636951 20230516-999.24.git6c9e0ed5.el7 - 8a07fa49 linux-firmware: Update AMD...
linux-firmware security update
20230516-999.25.git6c9e0ed5.el9 - Add missing amd-ucode/ files to nano and core rpm Orabug: 35642190 - Add posttrans scriptlet to reload microcode on AMD Orabug: 35636951 - Recreate initramfs for AMD systems Orabug: 35636951 20230516-999.24.git6c9e0ed5.el7 - 8a07fa49 linux-firmware: Update AMD...
nodejs security, bug fix, and enhancement update
1:16.20.1-1 - Rebase to 16.20.1 Resolves: rhbz2188291 Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 - Replace /usr/etc/npmrc symlink with builtin configuration Resolves: rhbz2177781...
kernel security, bug fix, and enhancement update
4.18.0-477.15.18.OL8 - net: tls: fix possible race condition between dotlsgetsockoptconf and dotlssetsockoptconf Hangyu Hua CVE-2023-28466...
python39:3.9 and python39-devel:3.9 security update
python39 3.9.16-1.1 - Security fix for CVE-2023-24329...
buildah security update
runc 1:1.1.4-1.0.1 - rootless: fix /sys/fs/cgroup mounts to prevent CVE-2023-25809 - rootfs: prohibit symlinks that conflicts with readonlyPaths and/or maskedPaths to prevent CVE-2023-27561 - Prohibit /proc and /sys to be symlinks to prevent CVE-2023-28642 - JIRA: OLDIS-25589...
firefox security update
102.13.0-2.0.1 - Updated homepages to use https Orabug: 34648274 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.13.0-2 - Update to 102.13.0 build2 102.13.0-1 - Update to 102.13.0 build1...
go-toolset and golang security update
golang 1.19.9-2 - Fix TestEncryptOAEP and TLS failures in FIPS mode - Resolves: rhbz2204476 1.19.9-1 - Rebase to Go 1.19.9 - Resolves: rhbz2204476 go-toolset 1.19.9-1 - Update to Go 1.19.9 - Related: rhbz2204476...
emacs security and bug fix update
1:26.1-9 - Fix MH-E mail composition with GNU Mailutils 1991156 1:26.1-8 - Fix ctags local command execute vulnerability 2149386...
skopeo security and bug fix update
2:1.11.2-0.1 - update to the latest content of https://github.com/containers/skopeo/tree/release-1.11 https://github.com/containers/skopeo/commit/3f98753 - Related: 2124478 2:1.11.1-1 - update to https://github.com/containers/skopeo/releases/tag/v1.11.1 - Related: 2124478 2:1.11.0-1 - update to...