9177 matches found
java-1.8.0-openjdk security update
1:1.8.0.252.b09-2 - Add release notes. - Mark license files with appropriate macro. - Resolves: rhbz1810557 1:1.8.0.252.b09-1 - Make use of --with-extra-asflags introduced in jdk8u252-b01. - Resolves: rhbz1810557 1:1.8.0.252.b09-0 - Update to aarch64-shenandoah-jdk8u242-b09. - Switch to GA mode f...
java-1.7.0-openjdk security update
1:1.7.0.261-2.6.22.2.0.1 - Update DISTRONAME in specfile 1:1.7.0.261-2.6.22.2 - Modify NEWS installation to avoid subpackage naming. - Resolves: rhbz1810557 1:1.7.0.261-2.6.22.1 - Add release notes from IcedTea. - Mark license files with appropriate macro. - Resolves: rhbz1810557...
git security update
1.8.3.1-22 - Crafted URL containing new lines can cause credential leak - Resolves: CVE-2020-5260...
java-11-openjdk security update
1:11.0.7.10-1 - Add JDK-8228407 backport to resolve crashes during verification. - Resolves: rhbz1810557 1:11.0.7.10-1 - Amend release notes, removing issue actually fixed in 11.0.6. - Resolves: rhbz1810557 1:11.0.7.10-1 - Re-apply --with-extra-asflags as crash was not due to this. - Resolves:...
java-1.7.0-openjdk security update
1:1.7.0.261-2.6.22.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.261-2.6.22.1 - Add release notes from IcedTea. - Resolves: rhbz1810557 1:1.7.0.261-2.6.22.0 - Bump to 2.6.22 and OpenJDK 7u261-b02. - Resolves: rhbz1810557...
java-1.8.0-openjdk security update
1:1.8.0.252.b09-2 - Add release notes. - Resolves: rhbz1810557 1:1.8.0.252.b09-1 - Make use of --with-extra-asflags introduced in jdk8u252-b01. - Resolves: rhbz1810557 1:1.8.0.252.b09-0 - Update to aarch64-shenandoah-jdk8u242-b09. - Switch to GA mode for final release. - Resolves: rhbz1810557...
git security update
2.18.2-2 - Crafted URL containing new lines can cause credential leak - Resolves: CVE-2020-5260...
thunderbird security update
68.7.0-1.0.1.el81 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.7.0-1 - Update to 68.7.0 build1...
tigervnc security update
1.9.0-14 - Bump build version Resolves: bz1819877 Resolves: bz1819879 Resolves: bz1819882 Resolves: bz1819886 Resolves: bz1819884 1.9.0-13 - Fix stack buffer overflow in CMsgReader::readSetCursor Resolves: bz1819877 - Fix heap buffer overflow in DecodeManager::decodeRect Resolves: bz1819879 - Fix...
thunderbird security update
68.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.7.0-1 - Update to 68.7.0 build1...
olcne kubernetes security update
olcne 1.0.3-1 - updated the default Kubernetes version to 1.14.9 kubernetes 1.14.9-1.0.3 - CVE-2019-11254 kube-apiserver Denial of Service vulnerability from malicious YAML payloads 1.14.9-1.0.2 - Use bounded crio version 1.14.9-1.0.1 - Added Oracle specific build files for Kubernetes cri-o...
kubernetes kubeadm-ha-setup kubeadm-upgrade security update
kubernetes 1.12.10-1.0.11 - CVE-2019-11254 kube-apiserver Denial of Service vulnerability from malicious YAML payloads 1.12.10-1.0.10 - CVE-2019-16276 Kubernetes Vulnerabilities Allow Authentication Bypass, DoS 1.12.10-1.0.9 - Define rolling update for flannel 1.12.10-1.0.8 - Modify...
virt:ol security and bug fix update
qemu-kvm 2.12.0-88.0.1.el810.3 - Added bug30251155-remove-upstream-reference Orabug: 30251155 2.12.0-88.el810.3 - kvm-tcpemu-Fix-oob-access.patch bz1791565 - kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch bz1791565 - kvm-slirp-use-correct-size-while-emulating-commands.patch bz17915...
nodejs:10 security update
nodejs 1:10.19.0-2 - Resolves: RHBZ1811498 1:10.19.0-1 - Rebase to 10.19.0 to fix CVE-2019-15604 to CVE-2019-15606 1:10.16.3-1 - Rebase to 10.16.3 to fix CVE-2019-9511 to CVE-2019-9518 1:10.14.1-1 - Resolves: RHBZ1644207 - fixes node-gyp permissions - rebase 1:10.11.0-2 - BuildRequire...
container-tools:ol8 security and bug fix update
buildah 1.11.6-6.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-6 - fix COPY command takes long time with buildah - Resolves: 1806119 1.11.6-5 - fix Podman support for FIPS Mode requires a bind mount inside the container - Resolves: 1804188 cockpit-podman 11-1 - Fix Alert...
Unbreakable Enterprise kernel security update
4.14.35-1902.301.1 - vhost: Check docket skfamily instead of call getname Eugenio Perez Orabug: 31085991 CVE-2020-10942 - uek-rpm: config-mips64-embedded misc pruning Eric Saint-Etienne Orabug: 31079017 - ubifs: Check for name being NULL while mounting Richard Weinberger Orabug: 29410897 - team:...
krb5-appl security update
1.0.1-10 - Apply previous patch - Resolves: 1814774 1.0.1-9 - Fix CVE-2020-10188 netclear/nextitem buffer overrun - Resolves: 1814774 1.0.1-8 - bump release number to sort newer than the recent 6.2 update...
firefox security update
68.7.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.7.0-2 - Update to 68.7.0 build3...
firefox security update
68.6.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.6.1-1 - Update to 68.6.1 ESR...
telnet security update
1:0.17-65 - Resolves: 1814475 - Arbitrary remote code execution in utility.c via short writes or urgent data...
qemu-kvm security update
1.5.3-173.el78.1 - kvm-util-add-slirpfmt-helpers.patch bz1798970 - kvm-tcpemu-fix-unsafe-snprintf-usages.patch bz1798970 - Resolves: bz1798970 CVE-2020-8608 qemu-kvm: QEMU: Slirp: potential OOB access due to unsafe snprintf usages rhel-7.8.z...
Unbreakable Enterprise kernel security update
2.6.39-400.321.1 - net: qlogic: Fix memory leak in qlalloclargebuffers Navid Emamdoost Orabug: 31055329 CVE-2019-18806...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.44.1 - net: qlogic: Fix memory leak in qlalloclargebuffers Navid Emamdoost Orabug: 31055328 CVE-2019-18806 - swiotlb: clean up reporting Kees Cook Orabug: 31085018 CVE-2018-5953...
firefox security update
68.7.0-2.0.1.el81 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 68.7.0-2 - Update to 68.7.0 build3 68.6.1-1 - Update to 68.6.1 ESR Wed Mar 04 2020 Jan Hora...
qemu-kvm security and bug fix update
0.12.1.2-2.506.el610.7 - kvm-slirp-disable-tcpemu.patch bz1791680 - kvm-slirp-add-slirpfmt-helpers.patch bz1798966 - kvm-tcpemu-fix-unsafe-snprintf-usages.patch bz1798966 - Resolves: bz1791680 QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. rhel-6 - Resolves: bz1798966...
kernel security and bug fix update
4.18.0-147.8.11.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-147.8.11 - rebuild, due infrastructure issues last kernel build wasn'...
firefox security update
68.6.1-1.0.1.el81 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 68.6.1-1 - Update to 68.6.1 ESR...
Unbreakable Enterprise kernel security update
4.1.12-124.38.1 - rds: transport module should be auto loaded when transport is set Rao Shoaib Orabug: 31031928 - KVM: X86: Fix NULL deref in vcpuscanioapic Wanpeng Li Orabug: 31078882 - vhost: Check docket skfamily instead of call getname Eugenio Perez Orabug: 31085993 CVE-2020-10942 - Revert...
telnet security update
1:0.17-73.1 - Resolves: 1814473 - Arbitrary remote code execution in utility.c via short writes or urgent data...
telnet security update
1:0.17-49 - Resolves: 1814775 - Arbitrary remote code execution in utility.c via short writes or urgent data...
ipmitool security update
1.8.15-3 - Backport fix for CVE-2020-5208...
file security update
5.11-36 - fix out-of-bounds read via a crafted ELF file CVE-2018-10360...
libreoffice security and bug fix update
1:5.3.6.1-24.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.3.6.1-24 - Resolves: rhbz1728763 bg of blocks is black 1:5.3.6.1-23 - Resolves: rhbz1601372 libreoffice fails to build with...
cups security and bug fix update
1:1.6.3-43 - 1687571 - cupsd doesnt clean tmp files if client conn is terminated abnormally 1:1.6.3-42 - 1651575 - CVE-2018-4700 cups 1:1.6.3-41 - 1608764 - CVE-2018-4180 cups - 1607291 - CVE-2018-4181 cups...
bash security update
4.2.46-34 - BASHCMD should not be writable in restricted shell Resolves: 1693181...
bind security and bug fix update
32:9.11.4-16.P2 - Finish dig query when name is too long 1743572 32:9.11.4-15.P2 - Stop listening on IPv6 by default 1753259 32:9.11.4-14.P2 - Limit number of queries per TCP connection CVE-2019-6477 32:9.11.4-13.P2 - Revert not searching names with dot 1743572 32:9.11.4-12.P2 - Fix mkeys test...
net-snmp security and bug fix update
1:5.7.2-47 - revert calculation of free space 1779609 1:5.7.2-46 - fix sha224 and sha384 declaration check 1774693 1:5.7.2-45 - fix memory leak introduced by fix of snmp v3 traps forwarding 1751195 1:5.7.2-44 - add support for glusterfs 1316386 - change services to start after network-online.targ...
GNOME security, bug fix, and enhancement update
accountsservice 0.6.50-7 - version bump to prevent future update path introduced by RHBA-2019:45836 Resolves: 1721562 colord 1.3.4-2 - Downgrade a trivial warning to a debug statement - Resolves: 1421231 control-center 3.28.1-6 - Calculate better extents for the configured displays arrangement...
libxml2 security update
2.9.1-6.0.1.4 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-6.4 - Fix CVE-2015-8035 1595697 - Fix CVE-2018-14404 1602817 - Fix CVE-2017-15412 1729857 - Fix CVE-2016-5131 1714050 - Fix CVE-2017-18258 1579211 - Fix CVE-2018-1456 1622715...
lftp security update
4.4.8-12 - Resolves: 1611641 - CVE-2018-10916 lftp: particular remote file names may lead to current working directory erased...
php security update
5.4.16-48 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043 5.4.16-47 - fix stack-buffer-overflow while parsing HTTP response CVE-2018-7584 - fix out-of-bounds read in base64decodexmlrpc CVE-2019-9024 - fix reflected XSS in phar 404 page CVE-2018-5712 - fix reflected XSS in phar 403 and...
bluez security update
5.44-6 - fixing CVE-2018-10910. Resolves: 1609340...
mailman security and bug fix update
3:2.1.15-30 - Resolves: 1599692 - Sanitize input on listinfo page CVE-2018-0618 3:2.1.15-29 - Resolves: 1611689 - Trim long text in 'no such list' messages 3:2.1.15-28 - Resolves: 1718180 - Try to decode member name first 3:2.1.15-27 - Related : 1545973 - Bump release to override rhel-7.4.z versi...
zziplib security update
0.13.62-12 - Fix a directory traversal bug - unzip-mem should now strip all '../' prefixes from the archived files - Resolves: CVE-2018-17828...
avahi security update
0.6.31-20 - multicast DNS no longer responds to unicast queries outside of local network 1663410...
python security update
2.7.5-88.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-88 - Security fix for CVE-2019-16056 Resolves: rhbz1750773 2.7.5-87 - Fix CVE-2018-20852 Resolves: rhbz1741551...
libqb security update
1.0.1-9 Also add OEXCL to logblackbox.c when creating files Resolves: rhbz1714853 1.0.1-8 Improve socket security Resolves: rhbz1714853...
nbdkit security and bug fix update
1.8.0-3 - Fix for CVE-2019-14850 denial of service due to premature opening of back-end connection resolves: rhbz1757261 1.8.0-2 - Explicitly disable nbdkit-ext2-plugin in configure resolves: rhbz1724242...
mod_auth_mellon security and bug fix update
0.14.0-8 - Resolves: rhbz1731052 - CVE-2019-13038 modauthmellon: an Open Redirect via the login?ReturnTo= substring which could facilitate information theft rhel-7 0.14.0-7 - Resolves: rhbz1727789 - modauthmellon fix for AJAX header name X-Requested-With 0.14.0-6 - Apply the patch from the previo...
gettext security and bug fix update
0.19.8.1-3 - fix CVE-2018-18751: double-free in xgettext rhbz1648433...