9159 matches found
nginx security update
1.20.1-24.0.1.el97.2 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 - Update upstream references Orabug: 36579090 2:1.20.1-24.2 - Resolves: RHEL-159557 - CVE-2026-27654 nginx: NGINX: Denial of Service or file modification via buffer...
git-lfs security update
3.6.1-8 - Rebuild with new Golang...
grafana-pcp security update
5.1.1-13 - Resolves RHEL-156641: CVE-2026-25679...
nginx:1.24 security update
1.24.0-5.2.0.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 1:1.24.0-5.2 - Resolves: RHEL-157886 CVE-2026-32647 nginx:1.24/nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files - Resolves: RHEL-159445...
vim security update
8.0.1763-22.0.1.el810.1 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-22.1 - RHEL-159620 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob function - RHEL-155428...
capstone security update
5.0.1-7 - Fix CVE-2025-67873 heap buffer overflow Resolves: RHEL-141551 - Fix CVE-2025-68114 memory corruption Resolves: RHEL-137747...
libtiff security update
4.6.0-6.2 - fix CVE-2023-52356: libtiff could crash in TIFFReadRGBATileExt when parsing crafted tiff file RHEL-148254...
nodejs22 security update
1:22.22.2-1 - Update to version 22.22.2 - introduced patch updating deps/nghttp2 to v 1.68.1 for CVE-2026-27135 - disabled failing tests in nghttp2 due to newer version - patch for npm/braces CVE-2026-25547 1:22.22.0-4 - sources: changed ICU version syntax...
crun security update
1.27-1 - update to https://github.com/containers/crun/releases/tag/1.27 - fixes CVE-2026-30892 crun: crun: Privilege escalation due to incorrect parsing of the --user option rhel-9.7.z - Resolves: RHEL-161439...
fontforge security update
20230101-15 - Resolves: RHEL-138129 CVE-2025-15270 SFD File Parsing Remote Code Execution Vulnerability...
crun security update
1.27-1 - update to https://github.com/containers/crun/releases/tag/1.27 - fixes CVE-2026-30892 crun: crun: Privilege escalation due to incorrect parsing of the --user option rhel-10.1.z - Resolves: RHEL-161416...
kernel security update
4.18.0-553.117.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
freerdp security update
2:3.10.3-5.5 - Fix use of nscprocessmessage - Increase timeout for TestSynchCritical Resolves: RHEL-155979 2:3.10.3-5.4 - Backport several CVE fixes Resolves: RHEL-147948, RHEL-147949, RHEL-147956, RHEL-147963, RHEL-147964 Resolves: RHEL-147972, RHEL-147979, RHEL-147984, RHEL-147985, RHEL-148898...
nginx security update
2:1.26.3-2.0.1.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 2:1.26.3-6 - Resolves: RHEL-157874 CVE-2026-32647 nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files 2:1.26.3-5 - Resolves: RHEL-159433 CVE-2026-27651 nginx: NGINX: Denial of Service via...
kernel security update
6.12.0-124.49.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
kernel security update
5.14.0-611.47.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
python3.9 security update
3.9.25-3.0.1.el97.2 - Remove upstream URL reference 3.9.25-3.2 - Security fix for CVE-2026-4519 Resolves: RHEL-158052 3.9.25-3.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 and CVE-2026-1299 Resolves: RHEL-143108 RHEL-143169 RHEL-144893...
freerdp security update
2:2.11.7-6 - Fix use of nscprocessmessage Resolves: RHEL-155984 2:2.11.7-5 - Backport several CVE fixes Resolves: RHEL-147954, RHEL-147955, RHEL-147970, RHEL-147977, RHEL-147980 Resolves: RHEL-148002, RHEL-148014, RHEL-148031, RHEL-148906, RHEL-148996 Resolves: RHEL-149007, RHEL-149056, RHEL-1559...
rsync security update
3.4.1-2.2 - Resolves: RHEL-152885 - CVE-2025-10158 Out of bounds array access via negative index 3.4.1-2.1 - Resolves: RHEL-152878 - clearing DISPLAY breaks SSHASKPASS expectations...
gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update
gstreamer1-plugins-bad-free 1.16.1-6.0.1 - Update origin URL Orabug: 36209826 1.16.1-6 - Add patch for CVE-2026-3082 Resolves: RHEL-156202 gstreamer1-plugins-base 1.16.1-6.0.1 - Update origin URL Orabug: 36209826 1.16.1-6 - Add patch for CVE-2026-2921 Resolves: RHEL-156169 gstreamer1-plugins-good...
ImageMagick security update
6.9.10.68-7.0.7 - Fixes Local File Disclosure via Path Traversal CVE-2026-25965 Orabug: 39118995 - Fixes Memory allocation with excessive without limits in the internal SVG decoder CVE-2026-25985 6.9.10.68-7.0.5 - Fix CVE-2025-62171 and CVE-2026-23876 Orabug: 38997140 6.9.10.68-7.0.3 - Security...
libvpx security update
1.3.0-8.0.3 - Fixes heap buffer overflow in libvpx CVE-2026-2447 Orabug: 39112729 1.3.0-8.0.1 - Fixes CVE-2025-5283 vpxcodecencinitmulti fix double free on init fail Orabug: 38103810...
thunderbird security update
140.9.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.9.0 - Add OpenELA debranding 140.9.0-1 - Update to 140.9.0 ESR...
fontforge security update
20201107-8 - Resolves: RHEL-138245 CVE-2025-15270 SFD File Parsing Remote Code Execution Vulnerability...
perl-YAML-Syck security update
1.30-6 - Resolves: RHEL-156475 - Fix CVE-2026-4177...
openssh security update
8.7p1-48.0.1 - Upstream references found with /usr/bin/ssh Orabug: 37814929 - upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand Orabug: 37647064 - Update upstream references Orabug: 36564626 8.7p1-48 - CVE-2026-3497: Fix information disclosure or denial of service due to...
libpng12 security update
1.2.57-6 - fix CVE-2026-25646: heap buffer overflow in pngsetquantize RHEL-148339...
libpng15 security update
1.5.30-8 - fix CVE-2026-25646: heap buffer overflow in pngsetquantize RHEL-148340...
mysql:8.4 security update
mecab mecab-ipadic mysql 8.4.8-1 - Rebase to 8.4.8...
python3 security update
3.6.8-75.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-75 - Security fix for CVE-2026-4519 Resolves: RHEL-158077...
rsync security update
3.1.3-24 - Resolves: RHEL-152887 - CVE-2025-10158 - Out of bounds array access via negative index...
openssh security update
9.9p1-13.0.1 - Upstream references found with /usr/bin/ssh Orabug: 37824421 9.9p1-13 - CVE-2026-3497: Fix information disclosure or denial of service due to uninitialized variables in gssapi-keyex Resolves: RHEL-155811...
mariadb:10.11 security update
galera 26.4.23-1 - Rebase to 26.4.23 Judy mariadb 3:10.11.15-1 - Rebase to 10.11.15 - Resolves: RHBZ2417697 3:10.11.14-1 - Rebase to 10.11.14 - Resolves: RHBZ2386961 3:10.11.13-1 - Rebase to 10.11.13 3:10.11.11-1 - Rebase to 10.11.11...
openssh security update
8.0p1-28.0.1 - Update upstream references Orabug: 36587718 8.0p1-28 - CVE-2026-3497: Fix information disclosure or denial of service due to uninitialized variables in gssapi-keyex Resolves: RHEL-155814...
grafana-pcp security update
5.3.0-3 - Resolves RHEL-158459: CVE-2026-25679...
grafana-pcp security update
5.1.1-13 - Resolves RHEL-158731: CVE-2026-25679...
rsync security update
3.2.5-3.2 - Resolves: RHEL-152888 - CVE-2025-10158 Out of bounds array access via negative index 3.2.5-3.1 - Resolves: RHEL-152879 - clearing DISPLAY breaks SSHASKPASS expectations...
freerdp security update
2:2.11.7-1.5 - Fix use of nscprocessmessage Resolves: RHEL-155993 2:2.11.7-1.4 - Backport several CVE fixes Resolves: RHEL-148046, RHEL-148049, RHEL-148054, RHEL-148061, RHEL-148079 Resolves: RHEL-148094, RHEL-148096, RHEL-148104, RHEL-148939, RHEL-149029 Resolves: RHEL-149042, RHEL-149065,...
gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update
gstreamer1-plugins-bad-free 1.22.12-5 - fix for CVE-2026-2923, CVE-2026-3082 Resolves: RHEL-156231, RHEL-156248 gstreamer1-plugins-base 1.22.12-5 - Apply patch for CVE-2026-2921 Resolves: RHEL-156241 gstreamer1-plugins-good 1.22.12-5 - Apply patches for CVE-2026-3083, CVE-2026-3085 Resolves:...
thunderbird security update
140.9.0-1.0.1 - Add Oracle prefs 140.9.0-1 - Update to 140.9.0 ESR...
grafana security update
10.2.6-23 - Resolves RHEL-158458: CVE-2026-25679...
grafana security update
10.2.6-19 - Resolves RHEL-158728: CVE-2026-25679 10.2.6-17 - Resolves RHEL-144959: CVE-2026-21721 - Resolves RHEL-146863: CVE-2025-61726 - Resolves RHEL-147081: CVE-2025-61729 - Resolves RHEL-147370: CVE-2025-61728 - Resolves RHEL-149621: CVE-2025-68121 10.2.6-17 - Resolves RHEL-125692:...
libxslt security update
1.1.34-14.0.1.el97.1 - Fix memory leak in exclPrefixPush Orabug: 37871881 - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball 1.1.34-14.1 - Fix upgrade path for CVE-2023-40403 RHEL-82213 1.1.34-12.1 - Fix CVE-2023-40403 RHEL-82213 1.1.34-12 - Include alloc changes into...
gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update
gstreamer1-plugins-bad-free 1.24.11-3 - fix for CVE-2026-2923, CVE-2026-3082 Resolves: RHEL-156111, RHEL-156158 gstreamer1-plugins-base 1.24.11-2 - Apply patch for CVE-2026-2921 Resolves: RHEL-156120 gstreamer1-plugins-good 1.24.11-2 - Apply patches for CVE-2026-3083, CVE-2026-3085 Resolves:...
python3.12 security update
3.12.12-4 - Security fix for CVE-2026-4519 Resolves: RHEL-158029...
python3.11 security update
3.11.13-6.0.1 - Update rpm-macros description Orabug: 36024572 3.11.13-6 - Security fix for CVE-2026-4519 Resolves: RHEL-158028...
python3.11 security update
3.11.13-5.2.0.1 - Remove upstream URL reference Orabug: 36073032 3.11.13-5.2 - Security fix for CVE-2026-4519 Resolves: RHEL-158050...
squid security update
7:5.5-22.4 - Resolves: RHEL-160692 - squid: Squid: Denial of Service via crafted ICP traffic CVE-2026-32748 7:5.5-22.3 - Resolves: RHEL-160693 - squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling CVE-2026-33526...
python3.12 security update
3.12.12-3.0.1.el101.2 - Remove upstream URL reference 3.12.12-3.2 - Security fix for CVE-2026-4519 Resolves: RHEL-158127 3.12.12-3.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 and CVE-2026-1299 Resolves: RHEL-143054 RHEL-143105 RHEL-144852...
python3.12 security update
3.12.12-4.0.1.el97.2 - Remove upstream URL reference 3.12.12-4.2 - Security fix for CVE-2026-4519 Resolves: RHEL-158051 3.12.12-4.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 and CVE-2026-1299 Resolves: RHEL-143106 RHEL-143168 RHEL-144891...