8967 matches found
olcne kubernetes security update
olcne 1.0.3-1 - updated the default Kubernetes version to 1.14.9 kubernetes 1.14.9-1.0.3 - CVE-2019-11254 kube-apiserver Denial of Service vulnerability from malicious YAML payloads 1.14.9-1.0.2 - Use bounded crio version 1.14.9-1.0.1 - Added Oracle specific build files for Kubernetes cri-o...
kubernetes kubeadm-ha-setup kubeadm-upgrade security update
kubernetes 1.12.10-1.0.11 - CVE-2019-11254 kube-apiserver Denial of Service vulnerability from malicious YAML payloads 1.12.10-1.0.10 - CVE-2019-16276 Kubernetes Vulnerabilities Allow Authentication Bypass, DoS 1.12.10-1.0.9 - Define rolling update for flannel 1.12.10-1.0.8 - Modify...
virt:ol security and bug fix update
qemu-kvm 2.12.0-88.0.1.el810.3 - Added bug30251155-remove-upstream-reference Orabug: 30251155 2.12.0-88.el810.3 - kvm-tcpemu-Fix-oob-access.patch bz1791565 - kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch bz1791565 - kvm-slirp-use-correct-size-while-emulating-commands.patch bz17915...
container-tools:ol8 security and bug fix update
buildah 1.11.6-6.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-6 - fix COPY command takes long time with buildah - Resolves: 1806119 1.11.6-5 - fix Podman support for FIPS Mode requires a bind mount inside the container - Resolves: 1804188 cockpit-podman 11-1 - Fix Alert...
nodejs:10 security update
nodejs 1:10.19.0-2 - Resolves: RHBZ1811498 1:10.19.0-1 - Rebase to 10.19.0 to fix CVE-2019-15604 to CVE-2019-15606 1:10.16.3-1 - Rebase to 10.16.3 to fix CVE-2019-9511 to CVE-2019-9518 1:10.14.1-1 - Resolves: RHBZ1644207 - fixes node-gyp permissions - rebase 1:10.11.0-2 - BuildRequire...
Unbreakable Enterprise kernel security update
4.14.35-1902.301.1 - vhost: Check docket skfamily instead of call getname Eugenio Perez Orabug: 31085991 CVE-2020-10942 - uek-rpm: config-mips64-embedded misc pruning Eric Saint-Etienne Orabug: 31079017 - ubifs: Check for name being NULL while mounting Richard Weinberger Orabug: 29410897 - team:...
krb5-appl security update
1.0.1-10 - Apply previous patch - Resolves: 1814774 1.0.1-9 - Fix CVE-2020-10188 netclear/nextitem buffer overrun - Resolves: 1814774 1.0.1-8 - bump release number to sort newer than the recent 6.2 update...
firefox security update
68.7.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.7.0-2 - Update to 68.7.0 build3...
firefox security update
68.6.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.6.1-1 - Update to 68.6.1 ESR...
telnet security update
1:0.17-65 - Resolves: 1814475 - Arbitrary remote code execution in utility.c via short writes or urgent data...
qemu-kvm security update
1.5.3-173.el78.1 - kvm-util-add-slirpfmt-helpers.patch bz1798970 - kvm-tcpemu-fix-unsafe-snprintf-usages.patch bz1798970 - Resolves: bz1798970 CVE-2020-8608 qemu-kvm: QEMU: Slirp: potential OOB access due to unsafe snprintf usages rhel-7.8.z...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.44.1 - net: qlogic: Fix memory leak in qlalloclargebuffers Navid Emamdoost Orabug: 31055328 CVE-2019-18806 - swiotlb: clean up reporting Kees Cook Orabug: 31085018 CVE-2018-5953...
Unbreakable Enterprise kernel security update
2.6.39-400.321.1 - net: qlogic: Fix memory leak in qlalloclargebuffers Navid Emamdoost Orabug: 31055329 CVE-2019-18806...
firefox security update
68.6.1-1.0.1.el81 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 68.6.1-1 - Update to 68.6.1 ESR...
kernel security and bug fix update
4.18.0-147.8.11.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-147.8.11 - rebuild, due infrastructure issues last kernel build wasn'...
firefox security update
68.7.0-2.0.1.el81 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 68.7.0-2 - Update to 68.7.0 build3 68.6.1-1 - Update to 68.6.1 ESR Wed Mar 04 2020 Jan Hora...
qemu-kvm security and bug fix update
0.12.1.2-2.506.el610.7 - kvm-slirp-disable-tcpemu.patch bz1791680 - kvm-slirp-add-slirpfmt-helpers.patch bz1798966 - kvm-tcpemu-fix-unsafe-snprintf-usages.patch bz1798966 - Resolves: bz1791680 QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. rhel-6 - Resolves: bz1798966...
Unbreakable Enterprise kernel security update
4.1.12-124.38.1 - rds: transport module should be auto loaded when transport is set Rao Shoaib Orabug: 31031928 - KVM: X86: Fix NULL deref in vcpuscanioapic Wanpeng Li Orabug: 31078882 - vhost: Check docket skfamily instead of call getname Eugenio Perez Orabug: 31085993 CVE-2020-10942 - Revert...
ipmitool security update
1.8.15-3 - Backport fix for CVE-2020-5208...
telnet security update
1:0.17-49 - Resolves: 1814775 - Arbitrary remote code execution in utility.c via short writes or urgent data...
telnet security update
1:0.17-73.1 - Resolves: 1814473 - Arbitrary remote code execution in utility.c via short writes or urgent data...
mariadb security and bug fix update
1:5.5.65-1 - Rebase to 5.5.65 Also fixes: CVE-2019-2737 CVE-2019-2739 CVE-2019-2740 CVE-2019-2805 Resolves: 1741357 - Revert upstream changes that make the mysqlinstalldb relocatable because it broke mysqlinstalldb when run without --rpm arg Resolves: 1731062 - Add openssl BR that was missing for...
curl security and bug fix update
7.29.0-57.0.1 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug: 30568724 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitiv...
expat security update
2.1.0-11 - add security fix for CVE-2015-2716...
doxygen security and bug fix update
1:1.8.5-4 - Resolves: 1483569, incorrect processing of code blocks - Resolves: 1724173 - CVE-2016-10245, cross-site scripting...
mutt security update
5:1.5.21-29 - Fix IMAP header caching path traversal vulnerability - Resolves: 1608011 - Resolves: CVE-2018-14355...
python3 security update
3.6.8-13.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-13 - Security fix for CVE-2019-16056 Resolves: rhbz1750774 3.6.8-12 - Add support for OpenSSL FIPS mode - Fix faulthandler stack size Resolves: rhbz1732908 3.6.8-11 - Security fix for CVE-2018-20852 Resolves:...
net-snmp security and bug fix update
1:5.7.2-47 - revert calculation of free space 1779609 1:5.7.2-46 - fix sha224 and sha384 declaration check 1774693 1:5.7.2-45 - fix memory leak introduced by fix of snmp v3 traps forwarding 1751195 1:5.7.2-44 - add support for glusterfs 1316386 - change services to start after network-online.targ...
python security update
2.7.5-88.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-88 - Security fix for CVE-2019-16056 Resolves: rhbz1750773 2.7.5-87 - Fix CVE-2018-20852 Resolves: rhbz1741551...
php security update
5.4.16-48 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043 5.4.16-47 - fix stack-buffer-overflow while parsing HTTP response CVE-2018-7584 - fix out-of-bounds read in base64decodexmlrpc CVE-2019-9024 - fix reflected XSS in phar 404 page CVE-2018-5712 - fix reflected XSS in phar 403 and...
python-twisted-web security update
12.1.0-6 - Fix CVE-2019-12387 HTTP Header Injection Resolves: rhbz1721518...
libreoffice security and bug fix update
1:5.3.6.1-24.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.3.6.1-24 - Resolves: rhbz1728763 bg of blocks is black 1:5.3.6.1-23 - Resolves: rhbz1601372 libreoffice fails to build with...
bash security update
4.2.46-34 - BASHCMD should not be writable in restricted shell Resolves: 1693181...
bind security and bug fix update
32:9.11.4-16.P2 - Finish dig query when name is too long 1743572 32:9.11.4-15.P2 - Stop listening on IPv6 by default 1753259 32:9.11.4-14.P2 - Limit number of queries per TCP connection CVE-2019-6477 32:9.11.4-13.P2 - Revert not searching names with dot 1743572 32:9.11.4-12.P2 - Fix mkeys test...
ImageMagick security, bug fix, and enhancement update
autotrace 0.31.1-38 - Resolves: 1765205 rebuild against new IM emacs 1:24.3-23 - Resolves: 1765208 rebuild against new IM ImageMagick 6.9.10.68-3 - Fixing freeze when svg file contains class='' 6.9.10.68-2 - Fixed ghostscript fonts, fixed multilib conflicts 6.9.10.68-1 - Rebase to 6.9.10.68...
rsyslog security, bug fix, and enhancement update
8.24.0-52 RHEL 7.8 ERRATUM - edited patch file ID for imfile to not log useless errors also improved file-id behavior to adress newly found problems resolves: rhbz1763746 8.24.0-49 RHEL 7.8 ERRATUM - fixed fsync patch to actually revognize the new option resolves: rhbz1696686 failedQA 8.24.0-48...
squid security and bug fix update
7:3.5.20-15 - Resolves: 1690551 - Squid cachepeer DNS lookup failed when not all lower case - Resolves: 1680022 - squid cant display download/upload packet size for HTTPS sites - Resolves: 1717430 - Excessive memory usage when running out of descriptors - Resolves: 1676420 - Cache siblings return...
file security update
5.11-36 - fix out-of-bounds read via a crafted ELF file CVE-2018-10360...
lftp security update
4.4.8-12 - Resolves: 1611641 - CVE-2018-10916 lftp: particular remote file names may lead to current working directory erased...
evolution security and bug fix update
atk 2.28.1-2 - Remove patch to fix invalid unref at atkgobjectaccessibleobjectgonecb - Resolves: 1753123 evolution 3.28.5-8 - Update patch for RH bug 1686408 CVE-2018-15587: Reposition signature bar 3.28.5-7 - Add patch for RH bug 1686408 CVE-2018-15587: Reposition signature bar 3.28.5-6 - Add...
mod_auth_mellon security and bug fix update
0.14.0-8 - Resolves: rhbz1731052 - CVE-2019-13038 modauthmellon: an Open Redirect via the login?ReturnTo= substring which could facilitate information theft rhel-7 0.14.0-7 - Resolves: rhbz1727789 - modauthmellon fix for AJAX header name X-Requested-With 0.14.0-6 - Apply the patch from the previo...
nbdkit security and bug fix update
1.8.0-3 - Fix for CVE-2019-14850 denial of service due to premature opening of back-end connection resolves: rhbz1757261 1.8.0-2 - Explicitly disable nbdkit-ext2-plugin in configure resolves: rhbz1724242...
libqb security update
1.0.1-9 Also add OEXCL to logblackbox.c when creating files Resolves: rhbz1714853 1.0.1-8 Improve socket security Resolves: rhbz1714853...
kernel security, bug fix, and enhancement update
3.10.0-1127.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1127 - fs flexfiles: Dont tie up all the rpciod threads in resends Benjamin...
okular security update
4.10.5-8 - Fix path traversal issue when extracting an .okular file Resolves: bz1634726...
wireshark security and bug fix update
1.10.14-24.0.1 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.10.14-24 - Related: 1613034 - Typo in the previous patch discovered by covscan 1.10.14-23 - Related: 1613034 - Fixing an infinite loop created by previous update 1.10.14-22 - Related: 1633330 - fixing a...
httpd security, bug fix, and enhancement update
2.4.6-93.0.1 - replace index.html with Oracles index page oracleindex.html 2.4.6-93 - Resolves: 1677496 - CVE-2018-17199 httpd: modsessioncookie does not respect expiry time 2.4.6-92 - htpasswd: add SHA-2 crypt support 1486889 2.4.6-91 - Resolves: 1630886 - scriptlet can fail if hostname is not...
qt security update
1:4.8.7-8 - Fix QImage allocation failure in qgifhandler Resolves: bz1667863 - Fix QTgaFile CPU exhaustion Resolves: bz1667879 - Fix QBmpHandler segmentation fault on malformed BMP file Resolves: bz1667862 1:4.8.7-7 - Fix crash when parsing malformed url reference in svg Resolves: bz1667882...
avahi security update
0.6.31-20 - multicast DNS no longer responds to unicast queries outside of local network 1663410...
GNOME security, bug fix, and enhancement update
accountsservice 0.6.50-7 - version bump to prevent future update path introduced by RHBA-2019:45836 Resolves: 1721562 colord 1.3.4-2 - Downgrade a trivial warning to a debug statement - Resolves: 1421231 control-center 3.28.1-6 - Calculate better extents for the configured displays arrangement...