9173 matches found
Unbreakable Enterprise kernel security update
5.15.0-4.70.5.2 - Revert 'sched: Remove the limitation of WFONCPU on wakelist if wakee cpu is idle' Samasth Norway Ananda Orabug: 34783367 5.15.0-4.70.5.1 - NFSv4: Fixes for nfs4inodereturndelegation Trond Myklebust Orabug: 34751176 5.15.0-4.70.5 - uek: kabi: update kABI files for new symbols Sae...
podman security, bug fix, and enhancement update
4.2.0-7.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 2:4.2.0-7 - update to the latest content of https://github.com/containers/podman/tree/v4.2.0-rhel https://github.com/containers/podman/commit/35c0df3 - Resolves: 2120436 2:4.2.0-6 - update to the latest...
firefox security update
102.5.0-1.0.1 - Updated homepages to use https Orabug: 34648274 102.5.0-1 - Update to 102.5.0 build1 102.4.0-1 - Update to 102.4.0 build1 102.3.0-7 - Fix for expat CVE-2022-40674 and non functional webrtc...
libvirt security, bug fix, and enhancement update
8.5.0-7.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 8.5.0-7 - securityselinux: Dont ignore NVMe disks when setting image label rhbz2121441 8.5.0-6 - qemuprocess: Destroy domains namespace after killing QEMU rhbz2121141 8.5.0-5 - rpc: Pass OPENSSLCONF through to ssh invocations...
libtiff security update
4.4.0-2 - Update to version 4.4.0 - Resolves: CVE-2022-0561 CVE-2022-0562 CVE-2022-22844 CVE-2022-0865 CVE-2022-0891 CVE-2022-0924 CVE-2022-0909 CVE-2022-0908 CVE-2022-1354 CVE-2022-1355...
freetype security update
2.10.4-9 - Guard face-size - Resolves: 2079280 2.10.4-8 - Properly guard faceindex - Resolves: 2079262 2.10.4-7 - Avoid invalid face index - Resolves: 2079271...
Unbreakable Enterprise kernel security update
4.1.12-124.68.3 - Orabug: 34733462 Alok Tiwari 4.1.12-124.68.2 - ptp: fix the race between the release of ptpclock and cdev Vladis Dronov Orabug: 31350707 CVE-2020-10690 - ptp: Fix pass zero to ERRPTR in ptpclockregister YueHaibing Orabug: 31350707 - chardev: add helper function to register char...
squid security update
7:5.2-1.2 - Resolves: 2130251 - CVE-2022-41318 squid: buffer-over-read in SSPI and SMB authentication...
webkit2gtk3 security update
2.36.7-1 - Update to 2.36.7 Related: 2123429...
php:7.4 security update
php-pear 1:1.10.13-1 - update PEAR to 1.10.13 - update ArchiveTar to 1.4.14...
.NET 6.0 security and bugfix update
6.0.109-1.0.1 - Add missing Oracle RIDs - Build all packages on source-build even when in servicing 6.0.109-1 - Update to .NET SDK 6.0.109 and Runtime 6.0.9 - Resolves: RHBZ2123791...
thunderbird security update
91.13.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.13.0-1 - Update to 91.13.0 build1...
thunderbird security update
91.10.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires Orabug: 33802044 91.10.0-1 - Update to 91.10.0 build1...
aide security update
0.14-11.0.1 - precalculate buffer size in base64 functions Orabug: 33835910CVE-2021-45417...
rpm security update
4.14.3-19.2 - Address covscan issues in binding sigs validation patch 2022537 4.14.3-19.1 - Validate and require subkey binding sigs on PGP pubkeys 2022537 - Fixes CVE-2021-3521...
firefox security update
91.2.0-4.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.2.0-4 - Disable webrender on the s390x due to wrong colors: rhbz2009503 91.2.0-3 - Update to 91.2.0...
cloud-init security, bug fix, and enhancement update
19.4-7.0.3 - Add conditional restart of NetworkManager for cloud-final. Orabug: 31965645 - Correct postinstall upgrade cloud-init.service mismerge order. 19.4-7.0.1 - Add Oracle Linux variant to known distros - Add cloud-init hotplug event handling support Orabug: 30485135 - Oracle data source...
python-pillow security update
2.0.0-21gitd1c6db8 - Fix for CVE-2020-5313 Resolves: rhbz1789532 2.0.0-20gitd1c6db8 - Combined fixes for CVE-2020-5312 and CVE-2019-16865 Resolves: rhbz1789533 Resolves: rhbz1774066 2.0.0-19gitd1c6db8 - Reenabled webp support on little endian archs. 2.0.0-18gitd1c6db8 - Disabled webp support on...
libjpeg-turbo security update
1.5.3-10 - Fix CVE-2018-14498 1687477 1.5.3-9 - Fix LDFLAGS 1688397 1.5.3-8 - Support running with Intel CET 1688397...
squid:4 security update
libecap 1.0.1-2 - Resolves: 1696354 - Ensure modular RPM upgrade path squid 7:4.4-5 - Resolves: 1744672 - CVE-2019-12527 squid:4/squid: heap-based buffer overflow in HttpHeader::getAuth...
libarchive security update
3.1.2-12 - fixed use after free in RAR decoder 1700749 - fixed double free in RAR decoder 1700748 3.1.2-11 - fix out-of-bounds read within lhareaddatanone CVE-2017-14503 - fix crash on crafted 7zip archives CVE-2019-1000019 - fix infinite loop in ISO9660 CVE-2019-1000020...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.37.1 - Input: gtco - bounds check collection indent level Grant Hernandez Orabug: 30074414 CVE-2019-13631...
ruby:2.5 security update
ruby 2.5.3-104 - Prohibit arbitrary code execution when installing a malicious gem. Resolves: CVE-2019-8324 rubygem-mongo 2.5.1-2 - Disable tests to fix FTBFS by dropped MongoDB module. Resolves: rhbz1710863 rubygem-pg 1.0.0-2 - Assign a random testing port...
X.org X11 security, bug fix, and enhancement update
freeglut 3.0.0-8 - HTTPS URLs - Pin soname to libglut.so.3 in the %files glob 3.0.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild 3.0.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora27BinutilsMassRebuild 3.0.0-5 - Rebuilt for...
spamassassin security update
3.4.0-4 - Add missing Requires for perlXSLoader and perlExtUtils::MakeMaker, - which are no longer auto-generated due to a expected change in rpm-build - Related: rhbz1632998 3.4.0-3 - Fix CVE-2018-11781 - Local user code injection in the meta rule syntax - Fix CVE-2017-15705 - Certain unclosed...
thunderbird security update
52.9.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.9.1-1 - Update to 52.9.1...
firefox security update
52.7.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 52.7.0-1 - Update to 52.7.0 ESR...
kernel security and bug fix update
2.6.32-696.23.1.OL6 - Update genkey bug 25599697 2.6.32-696.23.1 - scsi avoid a permanent stop of the scsi device's request queue Ewan Milne 1519857 1513455 - x86 retpoline/hyperv: Convert assembler indirect jumps Waiman Long 1543022 1535645 - x86 specctrl: Upgrade GCC retpoline warning to an err...
sssd security and bug fix update
1.15.2-50.8 - Resolves: rhbz1508972 - Accessing IdM kerberos ticket fails while id mapping is applied rhel-7.4.z - Resolves: rhbz1509177 - Race condition between refreshing the crdomain list and a request that is using the list can cause a segfault is sssdnss rhel-7.4.z 1.15.2-50.7 - Resolves:...
apr security update
1.3.9-5.1 - Resolves: 1507346 - CVE-2017-12613 apr: Out-of-bounds array deref in aprtimeexp functions...
kernel security and bug fix update
3.10.0-693.1.1.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 3.10.0-693.1.1.el7.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update...
pidgin security, bug fix, and enhancement update
2.10.11-5 - Drop MXit support in RHEL Resolves: 1439296 2.10.11-4 - Silence -Wsign-compare - Rename the previous patch for consistency Resolves: 1445921, 1446368 2.10.11-3 - Avoid a use-after-free in an error path Resolves: 1445921 2.10.11-2 - Add patch for CVE-2017-2640 Resolves: 1431022 2.10.11...
sudo security update
1.7.2p1-29.0.1 - Fix CVE-2017-1000367...
thunderbird security update
45.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 45.8.0-1 - Update to 45.8.0...
thunderbird security update
45.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 45.7.0-1 - Update to 45.7.0...
libtiff security update
3.9.4-18 - Update patch for CVE-2014-8127 - Related: 1335099 3.9.4-17 - Fix patches for CVE-2016-3990 and CVE-2016-5320 - Related: 1335099 3.9.4-16 - Add patches for CVEs: - CVE-2016-3632 CVE-2016-3945 CVE-2016-3990 - CVE-2016-3991 CVE-2016-5320 - Related: 1335099 3.9.4-15 - Update patch for...
libtiff security update
4.0.3-25 - Add patches for CVEs: CVE-2015-7554, CVE-2015-8683, CVE-2015-8665, CVE-2015-8781, CVE-2015-8782, CVE-2015-8783, CVE-2015-8784 - Related: 1299920 4.0.3-24 - Update patches for CVEs: CVE-2014-8127, CVE-2014-8130 - Related: 1299920 4.0.3-23 - Update patches: CVE-2014-9330, CVE-2014-8127,...
java-1.8.0-openjdk security update
1:1.8.0.77-0.b03 - Remove what remains of the SunEC sources in the remove-intree-libraries script. - Resolves: rhbz1320664 1:1.8.0.77-0.b03 - Update to u77b03. - Drop 8146566 which is applied upstream. - Replace s390 Java options patch with general version from IcedTea. - Apply s390 patches...
sos security and bug fix update
3.2-28.0.1.2 - Add vendor, vendor URL info for Oracle Linux orabug 17656507 [email protected] - Direct traceroute to linux.oracle.com John Haxby orabug 11713272 [email protected] - Check oraclelinux-release instead of redhat-release to get OS version John Haxby bug 11681869 [email protected] -...
openssl security update
1.0.1e-42.2 - fix CVE-2015-7575 - disallow use of MD5 in TLS1.2...
abrt and libreport security update
abrt 2.1.11-35.0.1 - Drop libreport-rhel and libreport-plugin-rhtsupport requires 2.1.11-35 - make /var/spool/abrt owned by root - remove 'r' from /var/spool/abrt for other users - abrt-action-install-debug-info: use secure temporary directory - stop saving abrt's core files to /var/spool/abrt if...
autofs security, bug fix and enhancement update
5.0.7-54.0.1 - add autofs-5.0.5-lookup-mounts.patch Orabug:12658280 Bert Barbe 1:5.0.7-54 - bz1263508 - Heavy program map usage can lead to a hang - fix out of order call in program map lookup. - Resolves: rhbz1263508 1:5.0.7-53 - bz1238573 - RFE: autofs MAPHASHTABLESIZE description - update...
Unbreakable Enterprise kernel security update
2.6.39-400.264.5 - virtio-net: drop NETIFFFRAGLIST Jason Wang Orabug: 22145599 CVE-2015-5156...
subversion security update
1.7.14-7.1 - add security fixes for CVE-2015-0248, CVE-2015-0251, CVE-2015-3184, CVE-2015-3187...
bind security update
32:9.8.2-0.37.rc1.4 - Apply previously not applied patch for CVE-2015-5722 32:9.8.2-0.37.rc1.3 - Fix CVE-2015-5722...
thunderbird security update
38.2.0-4.0.1.el67 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 38.2.0-4 - Update to 38.2.0 38.1.0-4 - Update to 38.1.0...
libuser security update
0.56.13-8 - Update CVE-2015-3246 patch based on review comments Resolves: 1235518 0.56.13-7 - Dont use 512-bit RSA private keys in tests Related: 1235518 - Fix testsuite failures if more than one architecture is building concurrently Related: 1235518 0.56.13-6 - Fix CVE-2015-3246 Resolves: 123551...
qemu-kvm security and bug fix update
0.12.1.2-2.448.el66.2 - kvm-cirrus-fix-blit-region-check.patch bz1170571 - kvm-cirrus-don-t-overflow-CirrusVGAState-cirrusbltbuf.patch bz1170571 - Resolves: bz1170571 CVE-2014-8106 qemu-kvm: qemu: cirrus: insufficient blit region checks rhel-6.6.z 0.12.1.2-2.448.el66.1 -...
mariadb security update
1:5.5.41-2 - Include new certificate for tests Resolves: 1186109 1:5.5.41-1 - Rebase to 5.5.41 Also fix: CVE-2014-6568 CVE-2015-0374 CVE-2015-0381 CVE-2015-0382 CVE-2015-0391 CVE-2015-0411 CVE-2015-0432 Resolves: 1186109 1:5.5.40-2 - Fix header to let dependencies to build fine Resolves: 1177836...
jasper security update
1.900.1-16.2 - CVE-2014-8137 - double-free in in jasiccattrvaldestroy 1173566 - CVE-2014-8138 - heap overflow in jp2decode 1173566 1.900.1-16.1 - CVE-2014-9029 - incorrect component number check in COC, RGN and QCC marker segment decoders 1171208 1.900.1-16 - CERT VU887409: heap buffer overflow...