8967 matches found
java-1.8.0-openjdk security and bug fix update
1.8.0.372.b07-1.0.1 - Replace upstream references Orabug: 34340145 1:1.8.0.372.b07-1 - Update to shenandoah-jdk8u372-b07 GA - Update release notes for shenandoah-8u372-b07. - Require tzdata 2023c due to inclusion of JDK-8305113 in 8u372-b07 - Reintroduce jconsole-plugin.patch from RHEL 9 - Update...
openssl security update
1:1.0.2k-26 - Fixes CVE-2023-0286 X.400 address type confusion in X.509 GeneralName - Resolves: rhbz2176790...
firefox security update
102.8.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.8.0-2 - Update to 102.8.0 build2 102.8.0-1 - Update to 102.8.0 build1...
git security update
2.31.1-3 - Fixes CVE-2022-23521 and CVE-2022-41903 - Tests: try harder to find open ports for apache, git, and svn - Resolves: 2162063...
libXpm security update
3.5.12-9 - Fix CVE-2022-46285: infinite loop on unclosed comments 2161800 - Fix CVE-2022-44617: runaway loop with width of 0 2161808 - Fix CVE-2022-4883: compression depends on /usr/local/bin:/usr/bin 2160238...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.362.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release notes for shenandoah-8u352-b08. - Fix broken links and missing release notes in older releases. - Drop RH1163501 patch which is not upstream or in 11, 17 & 19 packages and seems obsolete - Patch was broken by inclusion of...
podman security, bug fix, and enhancement update
4.2.0-7.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 2:4.2.0-7 - update to the latest content of https://github.com/containers/podman/tree/v4.2.0-rhel https://github.com/containers/podman/commit/35c0df3 - Resolves: 2120436 2:4.2.0-6 - update to the latest...
ol8addon security update
golang 1.17.13-1.0.1 - Update tarball to 1.17.12 - Add patches between Go 1.17.12 and Go 1.17.13 - Reviewed-by: David Faust 1.17.12-1 - Update Go to version 1.17.12 - Resolves: rhbz2109182 go-toolset 1.17.13-1 - Set version to correspond to the matching build golang version...
git-lfs security and bug fix update
2.13.3-3 - Rebuild with new Golang - Resolves: rhbz2131795...
qemu-kvm security update
...
Unbreakable Enterprise kernel security update
4.14.35-2047.516.2.1 - rds: copyfromuser only once per rdssendmsg system call Hans Westgaard Ry Orabug: 33981856 CVE-2022-21385...
.NET 6.0 security, bug fix, and enhancement update
6.0.108-1.0.1 - Add missing Oracle RIDs 6.0.108-1 - Update to .NET SDK 6.0.108 and Runtime 6.0.8 - Resolves: RHBZ2112412...
pcre2 security update
10.32-3 - Resolves: CVE-2022-1586...
Unbreakable Enterprise kernel security update
5.15.0-0.30.20.1 - lockdown: Fix kexec lockdown bypass with ima policy Eric Snowberg Orabug: 34386636 CVE-2022-21505...
cups security update
1:2.3.3op2-13.1 - CVE-2022-26691 cups: authorization bypass when using 'local' authorization...
postgresql security update
13.7-1 - Resolves: CVE-2022-1552 - Update to 13.7 - Release notes: https://www.postgresql.org/docs/release/13.7/...
thunderbird security update
91.10.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.10.0-1 - Update to 91.10.0 build1...
postgresql:12 security update
postgresql 12.11-2 - Resolves: CVE-2022-1552 - Release bump due to wrongly reported CVE of libpq Build after reverted changes in libpq package 12.11-1 - Resolves: CVE-2022-1552 - Update to 12.11 - Release notes: https://www.postgresql.org/docs/release/12.11/...
Unbreakable Enterprise kernel security update
5.4.17-2136.304.4.4 - arm64: Use the clearbhb instruction in mitigations James Morse Orabug: 33921646 - arm64: add IDAA64ISAR2EL1 sys register Joey Gouly Orabug: 33921646 - KVM: arm64: Allow SMCCCARCHWORKAROUND3 to be discovered and migrated James Morse Orabug: 33921646 - arm64: Mitigate spectre...
389-ds-base security and bug fix update
1.3.10.2-15 - Bump version to 1.3.10.2-15 - Resolves: Bug 2049812 - Fix csn generator to limit time skew drift - Resolves: Bug 2048530 - CVE-2021-4091 389-ds-base: double-free of the virtual attribute context in persistent search...
aide security update
0.14-11.0.1 - precalculate buffer size in base64 functions Orabug: 33835910CVE-2021-45417...
ruby:2.5 security update
rubygem-bundler 1.16.1-4 - Fix Bundler dependency confusion. Resolves: CVE-2020-36327...
cups security and bug fix update
1:2.2.6-40 - 1955964 - PreserveJobHistory doesnt work with seconds - 1927452 - CVE-2020-10001 cups: access to uninitialized buffer in ipp.c rhel-8 1:2.2.6-39 - 1941437 - cupsd doesnt log job ids when logging into journal - 1782216 - Print queue is paused after ipp backend ends with CUPSBACKENDSTO...
curl security update
7.61.1-18.el84.1 - fix bad connection reuse due to flawed path name checks CVE-2021-22924 - disable metalink support to fix the following vulnerabilities CVE-2021-22923 - metalink download sends credentials CVE-2021-22922 - wrong content via metalink not discarded...
libsndfile security update
1.0.28-10.1 - a crafted wav file could cause heap buffer overflow that allowed an arbitrary code execution1985027...
Unbreakable Enterprise kernel security update
...
xterm security update
331-1.2 - Fix issue found by covcan - Related: rhbz1927567 331-1.1 - Backport security fix for CVE-2021-27135 - Resolves: rhbz1927567...
thunderbird security update
78.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.6.0-1 - Update to 78.6.0...
cloud-init security, bug fix, and enhancement update
19.4-11.0.1 - Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 Orabug: 30435672 - Update OCI Datasource to support IMDSv2 - limit permissions Orabug: 31352433 - Changes to ignore all enslaved interfaces Orabug: 30092148 - Fix swap file size allocation logic to allocate...
libX11 security update
1.6.7-3 - Fix CVE-2020-14363 1873922...
samba security, bug fix, and enhancement update
4.10-16-5 - related: 1785121 - Add missing RPM Requires 4.10.16-2 - resolves: 1828354 - add additioanl hostnames to the keytab - resolves: 1836427 - add dnshostname option net-ads-join 4.10.16-1 - related: 1785121 - Rebase to version 4.10.16 4.10.15-5 - resolves: 1831986 - Fix gencache for normal...
thunderbird security update
78.3.1-1.0.1 - Update to 68.12.0 build1 78.3.1-1 - Update to 78.3.1 build1 78.3.0-3 - Update to 78.3.0 build1 - Remove librdp.so as long as we cannot ship it in RHEL 78.2.1-1 - Update to 78.2.1 build1...
firefox security update
68.6.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 68.6.1-1 - Update to 68.6.1 ESR Wed Mar 04 2020 Jan Horak - Update to 68.6.0 build1 68.5.0-3 - Added fix for rhbz1805667 - Enabled mzbz@1170092 - Firefox prefs at /etc Fri Feb 07 2020 J...
docker-engine docker-cli security update
docker-engine 19.03.11-1.0.0 - update to 19.03.11 for CVE-2020-13401 19.03.1-1.0.0 - update to 19.03.1 19.03-0.0.1 - update to 19.03 18.09.1-1.0.6 - disable kmem accounting for UEKR4 18.09.1-1.0.5 - apply e4931e664feac6fa8846f3f04268a0cc98822549, fixes CVE-2019-5736 18.09.1-1.0.4 - fix...
dnsmasq security, bug fix, and enhancement update
2.79-11 - Support multiple static leases for single mac on IPv6 1779187 2.79-10 - Fix memory leak in helper.c 1795370 2.79-9 - Fix replies to non-recursive queries 1700916 2.79-8 - Fix dhcpleasetime 1746411 2.79-7 - Fix TCP queries after interface recreation 1728698...
sqlite security update
3.26.0-4 - Fixed CVE-2019-13734 1786508...
libjpeg-turbo security update
1.5.3-10 - Fix CVE-2018-14498 1687477 1.5.3-9 - Fix LDFLAGS 1688397 1.5.3-8 - Support running with Intel CET 1688397...
Unbreakable Enterprise kernel security update
4.14.35-1902.7.3 - rds: Rename rdssendping to rdssendhsping Hakon Bugge Orabug: 30418043 - rds: Use READ,WRITEONCE for heartbeat start and state Hakon Bugge Orabug: 30418043 - rds: Change heartbeat params from module params to sysctl Hakon Bugge Orabug: 30418043 - rds: Fix and augment probe...
squid:4 security update
libecap 1.0.1-2 - Resolves: 1696354 - Ensure modular RPM upgrade path squid 7:4.4-5 - Resolves: 1744672 - CVE-2019-12527 squid:4/squid: heap-based buffer overflow in HttpHeader::getAuth...
uriparser security update
0.7.5-10 - Fix CVE-2018-19198, CVE-2018-19199 Fix unescaped % in a comment Resolves: 1652002, 1652001...
spamassassin security update
3.4.0-4 - Add missing Requires for perlXSLoader and perlExtUtils::MakeMaker, - which are no longer auto-generated due to a expected change in rpm-build - Related: rhbz1632998 3.4.0-3 - Fix CVE-2018-11781 - Local user code injection in the meta rule syntax - Fix CVE-2017-15705 - Certain unclosed...
gnupg2 security update
2.0.14-9 - fix CVE-2018-12020 - missing sanitization of original filename...
firefox security update
52.7.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.7.0-1 - Update to 52.7.0 ESR...
kernel security and bug fix update
3.10.0-693.1.1.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 3.10.0-693.1.1.el7.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update...
qemu-kvm security update
1.5.3-141.el74.1 - kvm-qemu-nbd-Ignore-SIGPIPE.patch bz1468107 - Resolves: bz1468107 CVE-2017-10664 qemu-kvm: Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort rhel-7.4.z...
tcpdump security, bug fix, and enhancement update
14:4.9.0-5 - Resolves: 1441597; use bigger capture buffer than in upstream 14:4.9.0-4 - Drop downstream patch drop root privileges - Add libcap-ng as a new build dependency - Related: 1262283 14:4.9.0-3 - Fix tests according to our patches and libpcap version 14:4.9.0-2 - Use getnameinfo instead ...
thunderbird security update
52.2.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.2.0-1 - Update to 52.2.0...
firefox security update
45.2.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.2.0-1 - Update to 45.2.0 ESR 45.1.1-2 - Added fix for mozbz1270046 - new Samba auth response...
java-1.8.0-openjdk security update
1:1.8.0.77-0.b03 - Remove what remains of the SunEC sources in the remove-intree-libraries script. - Resolves: rhbz1320664 1:1.8.0.77-0.b03 - Update to u77b03. - Drop 8146566 which is applied upstream. - Replace s390 Java options patch with general version from IcedTea. - Apply s390 patches...
qemu-kvm security and bug fix update
1.5.3-105.el72.3 - kvm-fwcfg-add-check-to-validate-current-entry-value-CVE.patch bz1298047 - Resolves: bz1298047 CVE-2016-1714 qemu-kvm: Qemu: nvram: OOB r/w access in processing firmware configurations rhel-7.2.z 1.5.3-105.el72.2 - kvm-raw-posix-Fix-.bdrvcogetblockstatus-for-unaligne.patch...