8984 matches found
firefox security update
140.8.0-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.8.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.8.0-2 - Update to 140.8.0 ESR...
firefox security update
140.8.0-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.8.0-2 - Update to 140.8.0 ESR...
libpng security update
2:1.6.37-12.2 - fix CVE-2026-25646: heap buffer overflow in pngsetquantize RHEL-148970 - fix CVE-2026-22695: heap buffer over-read in pngimagefinishread RHEL-148403 - fix CVE-2026-22801: heap buffer over-read in pngimagewritebit RHEL-147343...
firefox security update
140.8.0-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.8.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.8.0-2 - Update to 140.8.0 ESR...
openssl security update
1:1.1.1k-15 - Fix CVE-2025-69419: Arbitrary code execution due to out-of-bounds write in PKCS12 processing ticketlifetimehint exceed 1 week in TLSv1.3 and breaks compliant clients Resolves: RHEL-149165 Resolves: RHEL-142715 1:1.1.1k-14.1 - Backport fix for openssl: Out-of-bounds read & write in R...
skopeo security update
1:1.20.0-3 - Rebuild for new golang to address CVE-2025-61726 - Resolves: RHEL-146730...
buildah security update
1.41.8-2.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.41.8-2 - Rebuild with golang 1.25.7 to fix CVE-2025-68121 - Resolves: RHEL-149617...
containernetworking-plugins security update
1:1.7.1-3 - Rebuild for new golang to address CVE-2025-61726 - Resolves: RHEL-146859 1:1.7.1-2 - rebuild for CVE-2025-22871 - Resolves: RHEL-90030...
freerdp security update
2:2.11.7-3 - Backport several CVE fixes Resolves: RHEL-148825, RHEL-148865, RHEL-148982...
runc security update
4:1.4.0-2 - Rebuild for new golang to address CVE-2025-68121 - Resolves: RHEL-149630...
python-pyasn1 security update
0.4.8-7 - Resolves: RHEL-148154...
buildah security update
1.41.8-2.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.41.8-2 - Rebuild for new golang to address CVE-2025-61726 - Resolves: RHEL-146715...
podman security update
5.6.0-14.0.1 - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 6:5.6.0-14 - Rebuild for new golang to address CVE-2025-61726 - Resolves: RHEL-146869...
kernel security update
6.12.0-124.39.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
skopeo security update
1:1.20.0-3 - Rebuild for new golang to address CVE-2025-61726 - Resolves: RHEL-146872...
python-pyasn1 security update
0.6.2-1 - Update to 0.6.2 - Update modules to 0.4.2 Resolves: RHEL-148142...
podman security update
5.6.0-12.0.1 - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 7:5.6.0-12 - Rebuild for new golang to address CVE-2025-61726 - Resolves: RHEL-146727...
389-ds-base security update
3.1.3-7 - Bump version to 3.1.3-7 - Resolves: RHEL-117764 - Replication online reinitialization of a large database gets stalled. rhel-10.1.z - Resolves: RHEL-123274 - LDAP high CPU usage while handling indexes with IDL scan limit at INTMAX rhel-10.1.z - Resolves: RHEL-123281 - The new...
kernel security update
4.18.0-553.107.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
kernel security update
5.14.0-611.35.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
grafana-pcp security update
5.1.1-12 - Resolves RHEL-146096: CVE-2025-61726 - Resolves RHEL-149272: CVE-2025-68121...
389-ds-base security update
2.7.0-10 - Resolves: RHEL-123243 - Attribute uniqueness is not enforced upon modrdn operation rhel-9.7.z - Resolves: RHEL-123765 - 389-ds-base OpenScanHub Leaks Detected rhel-9.7.z - Resolves: RHEL-137083 - CVE-2025-14905 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via...
grafana security update
9.2.10-28.0.1 - Fixes CVE-2024-1442 Add email verification when updating user email Orabug: 38550520 9.2.10-28 - Resolves RHEL-145418: CVE-2025-61728 - Resolves RHEL-146095: CVE-2025-61726 - Resolves RHEL-149271: CVE-2025-68121...
gimp security update
2.8.22-1.0.5 - Fixes CVE-2025-14422 Orabug: 38904303 2:2.22-1.0.5 - Fixes CVE-2025-10922 and CVE-2025-10934 Orabug: 38739185 2:2.8.22-1.0.3 - Fixes CVE-2025-5473 GIMP ICO File Parsing Integer Overflow Orabug: 38110877 - Fixes CVE-2025-48797 Multiple heap buffer overflows in TGA parser - Fixes...
munge security update
0.5.13-14.0.1 - Updated path for removal of unneeded init file 0.5.13-14 - Fix CVE-2026-25506 - Resolved: RHEL-148533...
protobuf security update
3.19.6-15 - Fix CVE-2026-0994: nested Any messages bypassing recursion depth limits 3.19.6-14 - Disable tests during build that are flaky 3.19.6-13 - Rebuilt for tests directory 3.19.6-12 - Copy patch from c9s to make emacs dependency optional Resolves: RHEL-93236...
golang-github-openprinting-ipp-usb security update
0.9.27-5 - rebuilt to fix CVE-2025-68121, CVE-2025-61726...
freerdp security update
2:2.11.7-1.2 - Backport several CVE fixes Resolves: RHEL-148847, RHEL-148887, RHEL-149020...
freerdp security update
2:3.10.3-5.2 - Backport several CVE fixes Resolves: RHEL-147912, RHEL-148815, RHEL-148859, RHEL-148892, RHEL-148973...
libpng15 security update
1.5.30-14.1 - fix CVE-2026-25646: heap buffer overflow in pngsetquantize RHEL-148404...
munge security update
0.5.15-11 - Fix CVE-2026-25506...
protobuf security update
3.14.0-17 - Fix CVE-2026-0994: nested Any messages bypassing recursion depth limits...
grafana-pcp security update
5.1.1-12 - Resolves RHEL-146864: CVE-2025-61726 - Resolves RHEL-147082: CVE-2025-61729 - Resolves RHEL-149622: CVE-2025-68121...
grafana-pcp security update
5.3.0-2 - Resolves RHEL-146722: CVE-2025-61726 - Resolves RHEL-146927: CVE-2025-61729 - Resolves RHEL-149228: CVE-2025-68121...
openssl security update
1:1.1.1k-15 - Fix CVE-2025-69419: Arbitrary code execution due to out-of-bounds write in PKCS12 processing ticketlifetimehint exceed 1 week in TLSv1.3 and breaks compliant clients Resolves: RHEL-149165 Resolves: RHEL-142715 1:1.1.1k-14.1 - Backport fix for openssl: Out-of-bounds read & write in R...
munge security update
0.5.13-3 - Fix CVE-2026-25506 - Resolves: RHEL-148521...
glibc security update
2.34-231.0.1.10 - Forward-port Oracle patches for ol9-u7 Reviewed-by: TBD Oracle history: November-14-2025 Cupertino Miranda - 2.34-231.0.1.2 - Forward-port Oracle patches for ol9-u7 Reviewed-by: Jose E. Marchesi September-24-2025 Cupertino Miranda - 2.34-231.0.1 - Forward-port Oracle patches for...
Unbreakable Enterprise kernel security update
6.12.0-108.64.6.3 - net/rds: Fix issue with a revert in rdssendqueuerm Sharath Srinivasan Orabug: 38937451 6.12.0-108.64.6.2 - Revert 'net/rds: fix crash by expanding kref coverage to rdsincoming.iconn' Sharath Srinivasan Orabug: 38937451 - Revert 'net/rds: expand kref coverage to...
java-11-openjdk security update
1:11.0.31.0.1-1.0.1 - Update to jdk-11.0.31+1 Orabug: 38950473 - Fixes CVE-2025-64720 CVE-2025-65018 CVE-2026-21925 - CVE-2026-21933 CVE-2026-21945...
gnupg2 security update
2.0.22-5.0.1 - Fix CVE-2025-68973 gpg.fail/memcpy Orabug: 38914175...
nodejs:22 security update
nodejs 1:22.22.0-1 - Update to 22.22.0 Resolves: RHEL-141879 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 2.0.20-2 - Patch bundled glob-parent - Resolves: CVE-2021-35065 2.0.20-1 - Rebase to 2.0.20 Resolves: CVE-2022-3517 2.0.15-1 - Resolves: RHBZ2005419 - Resolves...
firefox security update
140.7.0-1.0.1 - Update to 140.7.0 ESR Orabug: 38940976CVE-2025-14327CVE-2026-0877 CVE-2026-0878CVE-2026-0879CVE-2026-0880CVE-2026-0882CVE-2026-0883 CVE-2026-0884CVE-2026-0885CVE-2026-0886CVE-2026-0887CVE-2026-0890 CVE-2026-0891 140.6.0-1.0.1 - Update to 140.6.0 ESR Orabug:...
nodejs:20 security update
nodejs 1:20.20.0-1 - Update to version 20.20.0 Resolves: RHEL-141917 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 2.0.20-2 - Patch bundled glob-parent - Resolves: CVE-2021-35065 2.0.20-1 - Rebase to 2.0.20 Resolves: CVE-2022-3517 2.0.15-1 - Resolves: RHBZ2005419 - Resolves...
grafana security update
10.2.6-17 - Resolves RHEL-144959: CVE-2026-21721 - Resolves RHEL-146863: CVE-2025-61726 - Resolves RHEL-147081: CVE-2025-61729 - Resolves RHEL-147370: CVE-2025-61728 - Resolves RHEL-149621: CVE-2025-68121 10.2.6-17 - Resolves RHEL-125692: CVE-2025-58183 - Resolves RHEL-120426: Grafana-selinux...
grafana security update
10.2.6-22 - Resolves RHEL-144948: CVE-2026-21721 - Resolves RHEL-146721: CVE-2025-61726 - Resolves RHEL-146926: CVE-2025-61729 - Resolves RHEL-147351: CVE-2025-61728 - Resolves RHEL-149227: CVE-2025-68121...
kernel security update
3.10.0-1160.119.1.0.17 - scsi: ses: Fix possible descptr out-of-bounds accesses CVE-2023-53675 Orabug: 38860426 - ipv6: Fix out-of-bounds access in ipv6findtlv CVE-2023-53705 Orabug: 38860426 - netsched: hfsc: Fix a potential UAF in hfscdequeue too CVE-2025-37823 Orabug: 38860426 - libceph: fix...
nodejs:24 security update
nodejs 1:24.13.0-1 - Update to version 24.13.0 nodejs-nodemon 3.0.3-3 - Keep BR on just npm 3.0.3-2 - Fix BR for nodejs-npm nodejs-packaging 2021.06-6 - Properly handle @group/package deps in nodejs-symlink-deps Resolves: RHEL-121581 2021.06-5 - nodejs.req to properly detect bundled deps...
glibc security update
2.34-231.0.1.10 - Forward-port Oracle patches for ol9-u7 Reviewed-by: TBD Oracle history: November-14-2025 Cupertino Miranda - 2.34-231.0.1.2 - Forward-port Oracle patches for ol9-u7 Reviewed-by: Jose E. Marchesi September-24-2025 Cupertino Miranda - 2.34-231.0.1 - Forward-port Oracle patches for...
php security update
8.0.30-5 - Fix Null byte termination in dnsgetrecord GHSA-www2-q4fc-65wf - Fix Heap buffer overflow in arraymerge CVE-2025-14178 - Fix Information Leak of Memory in getimagesize CVE-2025-14177...
edk2 security update
20241117-4.0.1.el97.3 - Replace upstream references Orabug:36569119 20241117-4.el97.3 - edk2-OvmfPkg-MemEncryptSevLib-Evict-cache-lines-during-SN.patch RHEL-125104 - edk2-MdePkg-Add-the-COHERENCYSFWNO-CPUID-bit-field.patch RHEL-125104 -...