9159 matches found
thunderbird security update
140.9.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.9.0 - Add OpenELA debranding 140.9.0-1 - Update to 140.9.0 ESR...
kernel security update
6.12.0-124.47.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
kernel security update
4.18.0-553.115.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
kernel security update
5.14.0-611.45.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
freerdp security update
2:2.11.7-4 - Backport several CVE fixes Resolves: RHEL-151979, RHEL-152206...
freerdp security update
2:2.11.7-1.3 - Backport several CVE fixes Resolves: RHEL-151988, RHEL-152215...
firefox security update
140.9.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.9.0-1 - Update to 140.9.0 ESR...
firefox security update
140.9.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.9.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.9.0-1 - Update to 140.9.0 ESR...
libpng security update
2:1.5.13-8.0.3 - Fix CVE-2026-25646 Orabug: 39093556 2:1.5.13-8.0.1 - Fix CVE-2025-64720 Orabug: 38824465...
freerdp security update
2:2.2.0-5.0.3 - Fixed CVE-2026-22855 CVE-2026-22858 CVE-2026-22859 Orabug: 39075086 2:2.2.0-5.0.1 - fixed CVE-2026-23530 CVE-2026-23531 CVE-2026-23532 CVE-2026-23533 CVE-2026-23884 Orabug: 38971897 2:2.2.0-5 - Update: Refactored RPC gateway parser rhbz2017944 + fix issues discovered by Covscan...
firefox security update
140.9.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.9.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.9.0-1 - Update to 140.9.0 ESR...
golang security update
1.25.8-2 - Update to Go 1.25.8 fips-1 - Resolves: RHEL-157451...
ncurses security update
6.4-15.20240127 - fix buffer overflow in infocmp -i CVE-2025-69720...
freerdp security update
2:3.10.3-5.3 - Backport several CVE fixes Resolves: RHEL-151975, RHEL-152202...
golang security update
1.25.8-1 - Update to Go 1.25.8 fips-1...
mysql:8.0 security update
mecab 0.996-2.12 - Bump version for 'mysql' module rebuild We are moving the 'mecab-devel' RPM from the 'buildroot' repo to the 'AppStream' repo - Resolves: 2180411 0.996-2 - Rebuild to fix the issue described in 2000986 - Resolves: 2000986 0.996-1.9 - Release bump for rebuilding on new arches...
virt:ol and virt-devel:ol security update
hivex 1.3.18-23 - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976194 libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 libguestfs-winsupport 8.10-1 - Rebase to ntfs-3g 2022.10.3 - Fixes: CVE-2022-40284 - resolves: rhbz2236373 libiscsi...
glibc security update
2.28-251.0.4.31 - Forward port of Oracle patches Reviewed-by: Jose E. Marchesi Oracle history: February-24-2026 Cupertino Miranda - 2.28-251.0.4.27 - Fixed orabug 38834066 stpcpy MTE support Reviewed-by: Jose E. Marchesi December-8-2025 Cupertino Miranda - 2.28-251.0.3.27 - Forward port of Oracle...
nginx security update
1.20.1-24.0.1.el97.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 - Update upstream references Orabug: 36579090 2:1.20.1-24.1 - Resolves: RHEL-146525 - nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connection...
mysql:8.4 security update
mecab 0.996-3.4 - Bump version for package rebuild We are moving the 'mecab-devel' RPM from the 'buildroot' repo to the 'CRB' repo - Resolves: 2182069 0.996-3.3 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz1991688 0.996-3.2 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related:...
python3 security update
3.6.8-74.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-74 - Security fix for CVE-2025-0938 Resolves: RHEL-153235...
389-ds:1.4 security update
1.4.3.39-23 - Resolves: RHEL-137074 - CVE-2025-14905 389-ds:1.4/389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow rhel-8.10.z - Resolves: RHEL-152098 - Scalability issue of replication online initialization with large database rhel-8.10.z 1.4.3.39-22 -...
opencryptoki security update
3.22.0-3.2 - Resolves: RHEL-144817, CVE-2026-23893 Privilege Escalation or Data Exposure via Symlink Following...
opencryptoki security update
3.25.0-4.2 - Resolves: RHEL-144820, Privilege Escalation or Data Exposure via Symlink Following...
kernel security update
3.10.0-1160.119.1.0.19 - ext4: fix use-after-free in ext4orphancleanup CVE-2022-50673 Orabug: 39036029 - Squashfs: check return result of sbminblocksize CVE-2025-38415 Orabug: 39036029 - atm: clip: Fix infinite recursive call of clippush. CVE-2025-38459 Orabug: 39036029 - usb: core: config: Preve...
nginx:1.24 security update
1.24.0-2.0.1 - Remove Red Hat references Orabug: 29498217 1:1.24.0-2 - Resolves: RHEL-146517 - nginx:1.24/nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 1:1.24.0-1 - Resolves: RHEL-14714 - add nginx:1.24 to RHEL 8.10 1:1.22.1-2 - Resolves:...
gnutls security update
3.6.16-8.5 - Backport the fixes for CVE-2025-9820 and CVE-2025-14831...
vim security update
8.2.2637-23.0.1.el97.1 - Remove upstream references Orabug: 31197557 2:8.2.2637-23.1 - RHEL-147940 CVE-2026-25749 vim: Heap Overflow in Vim...
libarchive security update
3.7.7-5 - Resolves: CVE-2026-4111...
libarchive security update
3.5.3-7 - Resolves: CVE-2026-4111...
yggdrasil-worker-package-manager security update
0.2.3-4 - Bump release for rebuild...
yggdrasil security update
0.4.8-3 - Bump release for rebuild...
gimp:2.8 security update
gimp 2:2.8.22-26.5 - fix CVE-2026-0797 - fix CVE-2026-2044 - fix CVE-2026-2045 - fix CVE-2026-2048 2:2.8.22-26.4 - fix CVE-2025-14422 2:2.8.22-26.3 - fix CVE-2025-10920 - fix CVE-2025-10921 - fix CVE-2025-10922 - fix CVE-2025-10923 - fix CVE-2025-10924 - fix CVE-2025-10925 - fix CVE-2025-10934...
glibc security update
2.28-251.0.4.31 - Forward port of Oracle patches Reviewed-by: Jose E. Marchesi Oracle history: February-24-2026 Cupertino Miranda - 2.28-251.0.4.27 - Fixed orabug 38834066 stpcpy MTE support Reviewed-by: Jose E. Marchesi December-8-2025 Cupertino Miranda - 2.28-251.0.3.27 - Forward port of Oracle...
capstone security update
4.0.2-11 - Fix CVE-2025-68114 memory corruption and CVE-2025-67873 heap buffer overflow Resolves: RHEL-137758...
python-pyasn1 security update
0.1.9-7.0.1 - Fixes CVE-2026-23490 fixes potential memory exhaustion Orabug: 39060516...
grub2 security update
2.06-114.0.1.el97.1 - Update grub2 dependencies to match new Secure Boot certificate chain of trust Orabug: 37766761 - Fix typo in SBAT metadata Orabug: 37693946 - Allow installation of grub2 only with shim-aa64 that allows booting it Orabug: 37693946 - net/dns: Fix removal of DNS server Orabug:...
mysql security update
8.0.45-1 - Rebase to 8.0.45...
opencryptoki security update
3.25.0-5.2 - Resolves: RHEL-144815, Privilege Escalation or Data Exposure via Symlink Following...
libpng security update
2:1.6.34-10 - fix CVE-2026-25646: heap buffer overflow in pngsetquantize RHEL-148338 - fix CVE-2026-22695: heap buffer over-read in pngimagefinishread RHEL-148852 - fix CVE-2026-22801: heap buffer over-read in pngimagewritebit RHEL-146659...
python3.12 security update
3.12.12-3.0.1.el101.1 - Remove upstream URL reference 3.12.12-3.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 and CVE-2026-1299 Resolves: RHEL-143054 RHEL-143105 RHEL-144852...
kernel security update
5.14.0-611.41.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
grub2 security update
2.02-170.0.1.el810.1 - Update grub2 dependencies to match new Secure Boot certificate chain of trust Orabug: 37766761 - Fix typo in SBAT metadata Orabug: 37693946 - Allow installation of grub2 only with shim-aa64 that allows booting it Orabug: 37693946 - net/dns: Fix removal of DNS server Orabug:...
kernel security update
6.12.0-124.45.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
grub2 security update
2.12-29.0.1.el101.2 - efinet: Close and reopen card on failure Orabug: 37808688 - Update grub2 dependencies to match new Secure Boot certificate chain of trust Orabug: 37766761 - Fix typo in SBAT metadata Orabug: 37693946 - Allow installation of grub2 only with shim-aa64 that allows booting it...
vim security update
9.1.083-6.0.1.el101.1 - Remove upstream references Orabug: 31197557 2:9.1.083-6.1 - RHEL-147922 CVE-2026-25749 vim: Heap Overflow in Vim...
nginx security update
2:1.26.3-2.0.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 2:1.26.3-2 - CVE-2026-1642 nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections...
container-tools:rhel8 security update
aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related:...
freerdp security update
2:2.2.0-5.0.1 - fixed CVE-2026-23530 CVE-2026-23531 CVE-2026-23532 CVE-2026-23533 CVE-2026-23884 Orabug: 38971897...
libvpx security update
1.14.1-6 - Add patch for superindex full Resolves: RHEL-150332...