8986 matches found
php security update
8.0.30-5 - Fix Null byte termination in dnsgetrecord GHSA-www2-q4fc-65wf - Fix Heap buffer overflow in arraymerge CVE-2025-14178 - Fix Information Leak of Memory in getimagesize CVE-2025-14177...
edk2 security update
20241117-4.0.1.el97.3 - Replace upstream references Orabug:36569119 20241117-4.el97.3 - edk2-OvmfPkg-MemEncryptSevLib-Evict-cache-lines-during-SN.patch RHEL-125104 - edk2-MdePkg-Add-the-COHERENCYSFWNO-CPUID-bit-field.patch RHEL-125104 -...
gimp security update
2:3.0.4-1.3 - fix CVE-2025-15059...
virt:ol and virt-devel:ol security update
qemu-kvm 4.2.0-59.el85.2 - kvm-virtiofsd-Drop-membership-of-all-supplementary-group.patch bz2048627 - Resolves: bz2048627 CVE-2022-0358 virt:rhel/qemu-kvm: QEMU: virtiofsd: potential privilege escalation via CVE-2018-13405 rhel-8.5.0.z...
openssl security update
1.0.2k-26.0.1fips - Change Epoch from 1 to 10 - Fix DH self-test to add shared secret comparison Orabug: 32467026 - Add DH support changes for SP 800-56A rev3 requirements Orabug: 32467059 - Add TLS KDF self-test Orabug: 32467193 - Add EC keys pairwise consistency test Orabug: 32467059...
virt:ol and virt-devel:ol security and bug fix update
hivex libguestfs libguestfs-winsupport 8.8-2 - Rebase to ntfs-3g 2022.10.3 - Fixes: CVE-2022-40284 - resolves: rhbz2236373 libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-33 - CVE-2023-3354 QEMU: VNC: improper I/O watch removal in TLS handshak...
kernel security update
6.12.0-124.38.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
go-toolset:ol8 security and bug fix update
go-toolset 1.11.13-1 - Bump version to 1.11.13 - Related: rhbz1743204 - Related: rhbz1743206 golang 1.11.13-2 - Improve error message when using non-FIPS API in FIPS mode. - Fixes CVE-2019-9512. - Fixes CVE-2019-9514. - Resolves: rhbz1745711 - Resolves: rhbz1745705 1.11.6-3 - Updates to be less...
go-toolset:ol8 security update
delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 Sync from CentOS Stream 9 - Related: RHEL-121223 golang 1.25.7-1 - Update to Go 1.25.7 fips-1 - Resolves: RHEL-146469...
virt:ol and virt-devel:ol security and bug fix update
hivex libguestfs 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix CVE-2022-2211 Denial of Service in --key parameter resolves: rhbz2101280 1:1.44.0-8 -...
kernel security update
4.18.0-553.105.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
kernel security update
5.14.0-611.34.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
golang security update
1.25.7-1 - Update to Go 1.25.7 fips-1 - Resolves: RHEL-146476...
golang security update
1.25.7-1 - Rebase to latest rhel-10-main 170a5b7e084...
virt:ol and virt-devel:ol security update
libvirt 6.0.0-28.1.0.1 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma qemu-kvm 4.2.0-34.el83.5 - kvm-Drop-bogus-IPv6-messages.patch bz1939493 - Resolves: bz1939493 CVE-2020-10756 virt:rhel/qemu-kvm: QEMU: slirp: networking out-of-bounds read information disclosure vulnerability...
gnupg2 security update
2.4.5-4 - Fix CVE-2026-24882 tpm2daemon buffer overflow...
virt:ol and virt-devel:ol security and bug fix update
hivex 1.3.18-21 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 libvirt 6.0.0-35.1.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma - Disable parallel builds Karl Heubaum 6.0.0-35.1.el8 -...
virt:ol and virt-devel:ol security update
qemu-kvm 4.2.0-59.el85 - kvm-hw-scsi-scsi-disk-MODEPAGEALLS-not-allowed-in-MODE.patch bz2025605 - kvm-e1000-fix-tx-re-entrancy-problem.patch bz2025011 - Resolves: bz2025605 CVE-2021-3930 virt:rhel/qemu-kvm: QEMU: off-by-one error in modesensepage in hw/scsi/scsi-disk.c rhel-8.5.0.z - Resolves:...
virt:ol and virt-devel:ol security and bug fix update
libvirt 8.0.0-10.1.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma 8.0.0-10.1.el8 - qemuprocess: Don't require a hugetlbfs mount for memfd rhbz2132176 - qemunamespace: Tolerate missing ACLs when creating a path in namespace...
openssl security update
1:1.0.2k-26.0.1 - Fixes CVE-2025-9230 Fix incorrect check of unwrapped key size Orabug: 38916245...
gcc-toolset-14-binutils security update
2.41-3.1 - Fix a potential illegal memory access when linking a corrupt input file. RHEL-130636 Thu Feb 20 2025 Nick Clifton - Backport fixes for PR 32082 and PR 32153 in order to fix the PR 20267 linker tests. 2.41-3 - NVR Bump to allow rebuilding with GTS-14 gcc. RHEL-53519 2.41-2 - Fix s390x...
nodejs:22 security update
nodejs 1:22.22.0-1 - Update to 22.22.0 Resolves: RHEL-118152 nodejs-nodemon 3.0.1-1 - Exclude ix86 arches from building. Related: RHEL-35991 nodejs-packaging 2021.06-4 - Exclude ix86 arches from building. Related: RHEL-35991...
nodejs:20 security update
nodejs 1:20.20.0-1 - Update to version 20.20.0 Resolves: RHEL-130972 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883...
libsoup security update
2.62.2-2.0.9 - Fix CVE-2025-14523 Orabug: 38873507 2.62.2-2.0.7 - Backport patch for CVE-2025-4945 and CVE-2025-11021 Orabug: 38664275 2.62.2-2.0.5 - Fixes CVE-2025-2784 CVE-2025-4948 CVE-2025-32049 Orabug: 38085184 - CVE-2025-32906 CVE-2025-32911 CVE-2025-32913 CVE-2025-32914 2.62.2-2.0.3 - Fixe...
glib2 security update
2.56.1-9.0.3 - Fixes CVE-2025-13601 gescapeuristring overflow Orabug: 38909821 2.56.1-9.0.1 - Fix overflow of GDBusConnection serial Orabug: 38666376...
php:7.4 security update
libzip 1.6.1-1 - update to 1.6.1 - enable lzma support php 7.4.33-3 - Fix Heap-Use-After-Free in sapireadpostdata Processing in CLI SAPI Interface GHSA-4w77-75f9-2c8w - Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs CVE-2024-11234 - Fix Single byte overread wit...
brotli security update
1.0.6-4 - Resolves: RHEL-133986 CVE-2025-6176 Brotli decompression bomb DoS in scrapy...
pcs security update
0.11.10-1.el97.2 - Fixed CVE-2025-13465 by updating pcs-web-ui to 0.1.23.1 Resolves: RHEL-144292...
pcs security update
0.12.1-1.el101.2 - Fixed CVE-2025-13465 by updating pcs-web-ui to 0.1.23.1 Resolves: RHEL-144292...
nodejs:24 security update
nodejs 1:24.13.0-1 - Update to 24.13.0 Resolves: RHEL-135257 1:24.4.1-1 - Initial import of nodejs:24 nodejs-nodemon 3.0.3-1 - Initial import into nodejs:24 module nodejs-packaging 2021.06-6 - Properly handle @group/package deps in nodejs-symlink-deps Resolves: RHEL-121576 2021.06-5 - nodejs.req ...
python3.12 security update
3.12.12-2 - Security fix for CVE-2025-13836 Resolves: RHEL-140993...
libsoup3 security update
3.6.5-10 - Add patch for CVE-2026-1761 3.6.5-9 - Fix CVE-2026-0719 3.6.5-8 - Fix CVE-2025-14523 3.6.5-7 - Add patch for CVE-2025-12105 3.6.5-6 - Fix integer overflow in date/time parsing 3.6.5-5 - Bump revision number 3.6.5-4 - Fix several CVEs...
thunderbird security update
140.7.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.7.0 - Add OpenELA debranding 140.7.0-1 - Update to 140.7.0 ESR...
kernel security update
4.18.0-553.104.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
libsoup security update
2.62.3-13 - Backport patch for CVE-2026-1761 2.62.3-12 - Backport patch for CVE-2026-0719 - Fix NTLM authentication test failures in FIPS mode...
firefox security update
140.7.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.7.0-1 - Update to 140.7.0 ESR...
libsoup security update
2.72.0-12.5 - Backport patch for CVE-2026-1761 2.72.0-12.4 - Backport patch for CVE-2026-0719 - Fix NTLM authentication test failures in FIPS mode...
fontforge security update
20230101-14 - Resolves: RHEL-138159 CVE-2025-15279 GUtils BMP File Parsing Heap-based Buffer Overflow - Resolves: RHEL-138144 CVE-2025-15275 SFD File Parsing Heap-based Buffer Overflow - Resolves: RHEL-138126 CVE-2025-15269 SFD File Parsing Use-After-Free...
keylime security update
7.12.1-16 - CVE-2026-1709: Registrar authentication bypass 7.12.1-15 - Registrar allows identity takeover via duplicate UUID registration 7.12.1-14 - Properly fix malformed TPM certificates workaround 7.12.1-13 - Avoid opening /dev/stdout when printing 7.12.1-12 - Fix malformed TPM certificates...
git-lfs security update
3.4.1-7 - Rebuild with new Golang - Resolves: RHEL-140536...
kernel security update
5.14.0-611.30.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
kernel security update
6.12.0-124.35.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
thunderbird security update
140.7.0-1.0.1 - Add Oracle prefs 140.7.0-1 - Update to 140.7.0 ESR...
keylime security update
7.12.1-11.4 - CVE-2026-1709: Registrar authentication bypass Resolves: RHEL-145390...
java-1.8.0-openjdk security update
1.8.0.482.b08-1.0.1 - Update to 8u482-b08 GA. Orabug: 38893614 - Update release notes for 8u482-b08. - Resolves: RHEL-142689 - Resolves: RHEL-139521 - Resolves: RHEL-131446 - Resolves: RHEL-131459 - Resolves: RHEL-142865 - Resolves: RHEL-142696 - Fixes CVE-2026-21925 CVE-2026-21933 CVE-2026-21945...
freerdp security update
2:3.10.3-5.1 - Backport several CVE fixes Resolves: RHEL-142413, RHEL-142397, RHEL-142381, RHEL-142365, RHEL-142349 Resolves: RHEL-142333, RHEL-142317...
Unbreakable Enterprise kernel security update
5.4.17-2136.352.5 - crypto: afalg - Fix incorrect boolean values in afalgctx Eric Biggers Orabug: 38879907 CVE-2025-40022 5.4.17-2136.352.4 - arm64: pensando: Must boot Ortano kernel with spin-table Rob Gardner Orabug: 38821197 5.4.17-2136.352.3 - net/sched: adjust device watchdog timer to detect...
Unbreakable Enterprise kernel security update
6.12.0-107.59.3.4 - mptcp: fix a race in mptcppmdeladdtimer Eric Dumazet Orabug: 38932996 CVE-2025-40257 - tls: Use skdstget and dstdevrcu in getnetdevforsock. Kuniyuki Iwashima Orabug: 38932973 CVE-2025-40149 - mptcp: fix race condition in mptcpschedulework Eric Dumazet Orabug: 38932955...
osbuild-composer security update
101.4-3.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size to 1GB Orabug: 36827079 - support for building OL8/9 images on Oracle Linu...
Unbreakable Enterprise kernel security update
5.15.0-316.196.4.2 - xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added Sabrina Dubroca - usb: raw-gadget: cap rawio transfer length to KMALLOCMAXSIZE Gopi Krishna Menon - ext4: clear istateflags when alloc inode Haibo Chen - ext4: align max orphan file size wi...