9173 matches found
cyrus-sasl security, bug fix, and enhancement update
2.1.27-5 - Reduce excessive GSSAPI plugin logging - Resolves: rhbz1274734 2.1.27-4 - Add support for setting maxssf=0 in GSS-SPNEGO - Resolves: rhbz1822133 2.1.27-3 - Backport GSSAPI Channel Bindings support - Resolves: rhbz1817054 2.1.27-2 - Backport fix for CVE-2019-19906 - Resolves: rhbz180403...
pcre2 security and enhancement update
10.32-2 - Fix CVE-2019-20454 a crash when \X is used without UTF mode in a JIT bug 1734468...
kernel security, bug fix, and enhancement update
4.18.0-240.OL8 - Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 =...
python27:2.7 security update
...
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
...
squid:4 security, bug fix, and enhancement update
...
spamassassin security update
3.4.2-10 - Fixed CVE-2018-11805 - Resolves: rhbz1787514 - Fixed CVE-2020-1930 - Resolves: rhbz1820649 - Fixed CVE-2020-1931 - Resolves: rhbz1820650 3.4.2-9 - Fix CVE-2019-12420 - Resolves: rhbz1812977 3.4.2-8 - Removed the obsolete SOUGHT channel for rule updates - Resolves: rhbz1630362...
freerdp and vinagre security, bug fix, and enhancement update
freerdp 2:2.1.1-1 - Update to 2.1.1 rhbz1834287. 2:2.0.0-47.rc4 - Fix SCARDINSUFFICIENTBUFFER error rhbz1803054 - Do not advertise /usb in help output rhbz1761144 vinagre 3.22.0-23 - Remove unused variable CovScan - Related: 1839744 3.22.0-22 - Rebuild due to new version of FreeRDP - Fix an issue...
python3 security and bug fix update
3.6.8-31.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-31 - Avoid infinite loop when reading specially crafted TAR files CVE-2019-20907 Resolves: rhbz1856481 - Resolve hash collisions for Pv4Interface and IPv6Interface CVE-2020-14422 Resolves: rhbz1854926 3.6.8-30 -...
idm:DL1 and idm:client security, bug fix, and enhancement update
bind-dyndb-ldap 11.3-1 - New upstream release - Resolves: rhbz1845211 ipa 4.8.7-12.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.8.7-12 - Require selinux sub package in the proper version Related: RHBZ1868432 - SELinux: do not double-define nodet and pkitomcatcertt...
httpd:2.4 security, bug fix, and enhancement update
httpd 2.4.37-13.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracles index page oracleindex.html 2.4.37-30 - Resolves: 1209162 - support logging to journald from CustomLog 2.4.37-29 - Resolves: 1823263 CVE-2020-1934 - CVE-2020-1934 httpd: modproxyftp use o...
targetcli security and enhancement update
2.1.53-1 - Update to new upstream version 2.1.52-1 - Update to new upstream version...
opensc security, bug fix, and enhancement update
0.20.0-2 - Unbreak different CardOS 5 configurations supporting raw RSA 1830856 0.20.0-1 - Rebase to current upstream release 1810660...
python38:3.8 security, bug fix, and enhancement update
...
thunderbird security update
78.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.4.0-1 - Update to 78.4.0 build1 - Disabled telemetry...
xorg-x11-server security update
1.17.4-18.0.1 - Fix regression from the patch for Orabug 27204421 which crashes Xvfb Orabug: 28485058 - Fix X consumes 100% CPU if messagebus restarted Orabug: 27204421 - Fix X server failure in FIPS mode Orabug: 22866111 1.17.4-18 - CVE fixes for: CVE-2020-14345 1872388, CVE-2020-14346 1872392,...
xorg-x11-server security update
1.20.4-12 - CVE fixes for: CVE-2020-14345 1872389, CVE-2020-14346 1872393, CVE-2020-14361 1872400, CVE-2020-14362 1872407 - Temporarily revert fixes from 1.20.4-11 build for delivery of CVE fixes 1.20.4-11 - Fix a crash when moving an animated cursor between screens - Be case-insentive when...
libX11 security update
1.6.4-4 - Fix CVE-2020-14363 1873920...
libX11 security update
1.6.7-3 - Fix CVE-2020-14363 1873922...
freetype security update
2.8-14.el79.1 - Test bitmap size earlier for PNGs - Fix memory leak in pngshim.c - Resolves: 1891635...
Unbreakable Enterprise kernel security update
4.1.12-124.44.4 - scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS [email protected] Orabug: 32020790 4.1.12-124.44.3 - qed: Reduce verbosity of unimplemented MFW messages Mintz, Yuval Orabug: 31959299 - kexec: validate pe files against the systemblacklistkeyring Eric...
containerd security update
1.2.14-1.0.1 - BUILDINFO: commit=259ae80da592d4f6b5e3cdc87202d36bc86a3579 - Addresses CVE-2020-15157 1.2.14-1.0.0 - Added Oracle specific build files...
docker-engine docker-cli security update
docker-engine 19.03.11-6 - Fix for CVE-2020-15157 19.03.11-5 - Bugfix for 'docker images name' not working on docker 19.03.11-ol - Address CVE-2020-16845 19.03.11-4 - added patch for registry list 19.03.11-3 - update to 19.03.11 for CVE-2020-13401 19.03.1-1.0.0 - update to 19.03.1 19.03-0.0.1 -...
java-1.8.0-openjdk security update
1:1.8.0.272.b10-0 - Remove the 64-bit siphash test which fails to compile on x86-32 debug builds with gcc 4.4.7 in RHEL 6 - Resolves: rhbz1876665 1:1.8.0.272.b10-0 - Update to aarch64-shenandoah-jdk8u272-b10. - Switch to GA mode for final release. - Update release notes for 8u272 release. - Add...
java-1.8.0-openjdk security update
1:1.8.0.272.b10-1 - Add backport of JDK-8215727: 'Restore JFR thread sampler loop to old / previous behaviour' - Resolves: rhbz1876665 1:1.8.0.272.b10-0 - Update to aarch64-shenandoah-jdk8u272-b10. - Switch to GA mode for final release. - Update release notes for 8u272 release. - Add backport of...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.272.b10-1 - Add backport of JDK-8215727: 'Restore JFR thread sampler loop to old / previous behaviour' - Resolves: rhbz1876665 1:1.8.0.272.b10-0 - Update to aarch64-shenandoah-jdk8u272-b10. - Switch to GA mode for final release. - Update release notes for 8u272 release. - Add backport of...
firefox security update
78.4.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.4.0-1 - Update to 78.4.0 build2...
firefox security update
78.4.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.4.0-1 - Update to 78.4.0 build2...
java-11-openjdk security update
1:11.0.9.11-0.0.1 - link atomic for ix86 build 1:11.0.9.11-0 - Delay tzdata 2020b dependency until tzdata update has shipped. - Resolves: rhbz1876665 1:11.0.9.11-0 - Update to jdk-11.0.9+11 - Update release notes for 11.0.9 release. - Add backport of JDK-8254177 to update to tzdata 2020b - Requir...
kernel security update
3.10.0-1160.2.2.OL7 - Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.3 3.10.0-1160.2.2 - net bluetooth: l2ca...
java-11-openjdk security and bug fix update
1:11.0.9.11-0 - Update to jdk-11.0.9+11 - Update release notes for 11.0.9 release. - Add backport of JDK-8254177 to update to tzdata 2020b - Require tzdata 2020b due to resource changes in JDK-8254177 - Delay tzdata 2020b dependency until tzdata update has shipped. - This tarball is embargoed unt...
kernel security and bug fix update
4.18.0-193.28.12.OL8 - Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x6...
nodejs:12 security and bug fix update
nodejs 1:12.18.4-2 - Resolves: RHBZ1883966 - nodejs-devel not installable due to missing brotli - Some spec fixes 12.18.4-1 - Rebase to 12.18.4 nodejs-nodemon nodejs-packaging...
thunderbird security update
78.3.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.3.1-1 - Update to 78.3.1 build1 78.3.0-3 - Update to 78.3.0 build1 - Remove librdp.so as long as we cannot ship it in RHEL 78.2.1-1 - Update to 78.2.1 build1...
firefox security and bug fix update
78.3.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.3.0 - Update to 78.3.0 build1 78.2.0-3 - Update to 78.2.0 build1...
Unbreakable Enterprise kernel security update
5.4.17-2011.7.4 - iommu/amd: Restore IRTE.RemapEn bit for amdiommuactivateguestmode Suravee Suthikulpanit Orabug: 31931369 - iommu/amd: Fix potential @entry null deref Joao Martins Orabug: 31931369 - iommu/amd: Restore IRTE.RemapEn bit after programming IRTE Suravee Suthikulpanit Orabug: 31931369...
Unbreakable Enterprise kernel security update
4.14.35-2025.401.4 - KVM: x86: always expose VIRTSSBD to guests Paolo Bonzini Orabug: 31957046 4.14.35-2025.401.3 - iommu/amd: Restore IRTE.RemapEn bit after programming IRTE Suravee Suthikulpanit Orabug: 31931371 - oracleasm: Access dbdev before dropping inode Stephen Brennan Orabug: 31901948 -...
Unbreakable Enterprise kernel security update
2.6.39-400.325.1 - media: rc: prevent memory leak in cx23888irprobe Navid Emamdoost Orabug: 31351676 CVE-2019-19054 - vgacon: Fix for missing check in scrollback handling Yunhai Zhang Orabug: 31705125 CVE-2020-14331 CVE-2020-14331 - rename kABI whitelists to lockedlists Dan Duval Orabug: 31783153...
Unbreakable Enterprise kernel security update
2.6.39-400.326.1 - ath9khtc: release allocated buffer if timed out Navid Emamdoost Orabug: 31351574 CVE-2019-19073 - USB: serial: ioti: fix information leak in completion handler Johan Hovold Orabug: 31352086 CVE-2017-8924 - mm/hugetlb: fix a race between hugetlb sysctl handlers Muchun Song Orabu...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.50.1 - USB: serial: omninet: fix reference leaks at open Mark Nicholson Orabug: 30484762 CVE-2017-8925 - GFS2: don't set rgrp globject until it's inserted into rgrp tree Bob Peterson Orabug: 30254252 CVE-2016-10905 - GFS2: Fix rgrp end rounding problem for bsize page size Bo...
bind security update
32:9.8.2-0.68.rc1.8 - Fix tsig-request verify CVE-2020-8622...
kernel security and bug fix update
2.6.32-754.35.1.OL6 - Update genkey bug 25599697 2.6.32-754.35.1 - ata libata: fix NULL sdev dereference race in atapiqccomplete Kenneth Yin 1876296 2.6.32-754.34.1 - mm mm: prevent getuserpages from overflowing page refcount Aristeu Rozanski 1705003 - mm mm/hugetlb.c: getuserpages ignores certai...
qemu-kvm security update
1.5.3-175.el79.1 - Fixing release number for z-stream...
spice and spice-gtk security update
spice 0.14.0-9.0.2.el79.1 - Add ARM support 0.14.0-9.1 - Fix multiple buffer overflows in QUIC decoding code Resolves: CVE-2020-14355 spice-gtk 0.35-5.1 - Fix multiple buffer overflows in QUIC decoding code Resolves: CVE-2020-14355...
squid security update
7:3.5.20-17.4 - Resolves: 1872349 - CVE-2020-24606 squid: Improper Input Validation could result in a DoS - Resolves: 1872327 - CVE-2020-15810 squid: HTTP Request Smuggling could result in cache poisoning - Resolves: 1872342 - CVE-2020-15811 squid: HTTP Request Splitting could result in cache...
nss and nspr security, bug fix, and enhancement update
nspr 4.25.0-2 - Rebuild to fix wrong dist tag 4.25.0-1 - Rebase to NSPR 4.25 nss 3.53.1-3 - Disable dh timing test because it's unreliable on s390 from Bob Relyea - Explicitly enable upgradedb/sharedb test cycles 3.53.1-2 - Disable TLS 1.3 by default 3.53.1-1 - Rebase to NSS 3.53.1 3.44.0-8 -...
libcroco security update
0.6.12-6 - Rebuild with 7.9-z target Related: 1835951 0.6.12-5 - Fix CVE-2020-12825 Resolves: 1835951...
spice and spice-gtk security update
spice 0.14.2-1.1 - Fix multiple buffer overflows in QUIC decoding code Resolves: CVE-2020-14355 spice-gtk 0.37-1.2 - Fix multiple buffer overflows in QUIC decoding code Resolves: CVE-2020-14355...
SDL security update
1.2.15-17 - Fix Some CVEs: CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638 - Resolves: rhbz1716201, rhbz1716202, rhbz1716206, - Resolves: rhbz1716207, rhbz1716208...
dnsmasq security and bug fix update
2.76-16 - Fix strict-mode retries on REFUSED 1755610 2.76-15 - Forward non-recursive queries to upstream, but serve local names 1755610 2.76-14 - Stop treating SERVFAIL as successful response 1815080 2.76-13 - Do not ignore DHCPv6 relay messages 1757247 2.76-12 - Fix memory leak in createhelper...