8997 matches found
icedtea-web security update
1.7.2-16 - added patch1, patch4 and patch11 to fix CVE-2019-10182 - added patch2 to fix CVE-2019-10181 - added patch3 and patch33 to fix CVE-2019-10185 - Resolves: rhbz1724958 - Resolves: rhbz1725928 - Resolves: rhbz1724989...
python27:2.7 security update
Cython 0.28.1-7 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 PyYAML 3.12-16 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 babel 2.5.1-9 - Bumping due to problems with modular RPM upgrade path 1695587 - Related:...
firefox security update
60.7.0-1.0.2 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 60.7.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.7.0-1 - Manaul CentOS Debranding 60.7.0-1 - Updated to 60.7.0 ESR 60.6.3-1 - Updated to 60.6.3 ESR 60.6.2-1 - Updated to 60.6....
virt:rhel security update
libguestfs 1:1.38.4-10.1.0.1 - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.38.4-10.1 - Fix inspection of partition-less devices resolves: rhbz1714747 libssh2 1.8.0-7.el80.1 - fix integer overflow in keyboard interactive handling th...
openwsman security update
2.6.5-5 - Fix CVE-2019-3816 Resolves: 1693972 - Remove Dist Tag from the oldest changelog entry...
thunderbird security and bug fix update
60.8.0-1.0.1 60.8.0-1 - Updated to 60.8.0 60.7.2-3 - Rebuild to fix rhbz1725919 - Thunderbird fails to authenticate with gmail with ssl/tls and OAuth2...
httpd:2.4 security update
httpd 2.4.37-11.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-11 - Resolves: 1695431 - CVE-2019-0211 httpd: privilege escalation from modules scripts - Resolves: 1696090 - CVE-2019-0215 httpd:2.4/httpd: modssl:...
firefox security update
60.7.2-3.0.2 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 60.7.2-3.0.1 Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.7.2-3 - Update to 60.7.2 ESR 60.7.1-1 - Updated to 60.7.1 ESR...
bind security update
32:9.11.4-17.P2.1 - Fix CVE-2019-6471...
firefox security update
60.6.1-1.0.2 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 60.6.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Build with ol8 rust/llvm rather than scl 60.6.1-1 - Update to 60.6.1 ESR Build 1 60.6.0-3 - Added Google API keys mozbz1531176...
java-1.8.0-openjdk security update
1:1.8.0.212.b04-1 - Remove additions to EXTRACFLAGS and EXTRACPPFLAGS which are now made by upstream. - Resolves: rhbz1693468 1:1.8.0.212.b04-1 - Add JDK-8223219 to avoid -fstack-protector overriding -fstack-protector-strong - Resolves: rhbz1693468 1:1.8.0.212.b04-0 - Update to...
pacemaker security and bug fix update
2.0.1-4.3 - New build with fixed test in gating.yaml - Resolves: rhbz1694557 - Resolves: rhbz1695247 - Resolves: rhbz1697264 - Resolves: rhbz1697265 2.0.1-4.2 - New build to apply z-stream tag - Resolves: rhbz1694557 - Resolves: rhbz1695247 - Resolves: rhbz1697264 - Resolves: rhbz1697265 2.0.1-4....
gvfs security update
1.36.2-2.1 - CVE-2019-3827: Prevent access if any authentication agent isn't available 1690470 1.36.2-2 - rebuild...
qemu-kvm security update
1.5.3-160.el76.3 - kvm-slirp-check-sscanf-result-when-emulating-ident.patch bz1669067 - kvm-slirp-fix-big-little-endian-conversion-in-ident-prot.patch bz1669067 - kvm-slirp-ensure-there-is-enough-space-in-mbuf-to-null-t.patch bz1669067 - kvm-slirp-don-t-manipulate-sorcv-in-tcpemu.patch bz1669067 ...
mod_auth_mellon security update
0.14.0-3.2 - Resolves: rhbz1696197 - CVE-2019-3878 modauthmellon: authentication bypass in ECP flow rhel-8.0.0.z...
WALinuxAgent security update
2.2.32-1.0.1.el80.1 - Add oracle support to fix waagent.service build issue 2.2.32-1.el80.1 - wla-Add-fixes-for-handling-swap-file-and-other-nit-fixes.patch bz1711338 - Resolves: bz1711338 CVE-2019-0804 WALinuxAgent: swapfile created with weak permissions rhel-8...
kernel security and bug fix update
4.18.0-80.4.20.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.4.20 - net tcp: enforce tcpminsndmss in tcpmtuprobing Florian...
systemd security and bug fix update
239-13.0.1.3 - fix netdev is missing for iscsi entry in /etc/fstab [email protected] Orabug: 25897792 - set RemoveIPC=no in logind.conf as default for OL7.2 Orabug: 22224874 - allow dm remove ioctl to co-operate with UEK3 Vaughan Cao Orabug: 18467469 - add hv dynamic memory support Jerry...
ghostscript security update
9.25-2.1 - Resolves: 1692798 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - Resolves: 1678170 - CVE-2019-3835 ghostscript: superexec operator is available 700585 - Resolves: 1691414 - CVE-2019-3838 ghostscript: forceput in DefineResource is still accessible...
python36:3.6 security update
python-PyMySQL 0.8.0-10 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 python-docs 3.6.7-2 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 python-docutils 0.14-12 - Bumping due to problems with modular RPM upgrade path 169558...
thunderbird security update
60.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.7.0-1 - Update to 60.7.0...
virt:rhel security update
libguestfs 1:1.38.4-10.0.1 - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.38.4-10.1 - Fix inspection of partition-less devices resolves: rhbz1714747 libssh2 1.8.0-7.el80.1 - fix integer overflow in keyboard interactive handling that...
kernel security and bug fix update
4.18.0-80.1.20.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.1.20 - arm64 arm64/speculation: Support 'mitigations=' cmdline opti...
container-tools:rhel8 security and bug fix update
container-selinux 2:2.94-1.git1e99f1d - Resolves: 1690286 - bump to v2.94 - Resolves: 1693806, 1689255 2:2.89-1.git2521d0d - bump to v2.89 runc 1.0.0-55.rc5.dev.git2abd837 - Resolves: CVE-2019-5736...
python-jinja2 security update
2.10.1-2 - Rebuild of package to go through gating - Resolves: rhbz1701300 2.10.1-1 - Rebase to 2.10.1 security update to fix CVE-2019-10906 - Resolves: rhbz1701300 2.10-9 - Require platform-python-setuptools instead of python3-setuptools - Resolves: rhbz1650536 2.10-8 - Revert changes commited t...
firefox security update
60.8.0-1.0.2 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 60.8.0-1.0.1 Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file...
bind security update
32:9.11.4-17.P2 - Fix inefective limit of TCP clients CVE-2018-5743...
httpd security update
2.4.6-89.0.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-89.1 - Resolves: 1719722 - CVE-2018-1312 httpd: Weak Digest auth nonce generation in modauthdigest...
flatpak security update
1.0.6-3 - Fix IOCSTI sandbox bypass 1700653...
python3 security update
3.6.8-2.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-2 - Security fix for CVE-2019-9636 rhbz1693973...
cyrus-imapd security update
3.0.7-15.1 - Resolves: 1718194 - don't overrun buffer when parsing strings with sscanf...
libssh2 security update
1.4.3-12.0.1.el76.3 - Bump and rebuild. 1.4.3-12.el76.3 - fix out-of-bounds memory comparison with specially crafted message channel request CVE-2019-3862...
virt:rhel security update
4.5.0-23.2.0.1.el8 - added librbd1 as dependency Keshav Sharma 4.5.0-23.2.el8 - admin: reject clients unless their UID matches the current UID CVE-2019-10132 - locking: restrict sockets to mode 0600 CVE-2019-10132 - logging: restrict sockets to mode 0600 CVE-2019-10132 4.5.0-23.1.el8 - cpux86: Do...
pki-deps:10.6 security update
apache-commons-collections 3.2.2-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora29MassRebuild 3.2.2-9 - Remove workaround for symlink-directory rpm bug jackson-bom 2.9.8-1 - Update to latest upstream release 2.9.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild 2.9.4-1 -...
curl security and bug fix update
7.29.0-51.0.1.el76.3 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitive password comparison https://curl.haxx.se/docs/CVE-2016-8616.html - CVE-2016-8617 OOB write via unchecked...
freeradius:3.0 security update
3.0.17-4 - Fixes two EAP-PWD security issues Resolves: bz1699416 authentication bypass with an invalid curve attack...
389-ds-base security and bug fix update
1.3.8.4-25.1 - Bump version to 1.3.8.4-25.1 - Resolves: Bug 1718689 - dse.ldif strip-off string after 1023 character missing patch file 1.3.8.4-25 - Bump version to 1.3.8.4-25 - Resolves: Bug 1722828 - referint update should discard any changes if mep update fails - Resolves: Bug 1718689 - dse.ld...
go-toolset:rhel8 security update
go-toolset 1.11.5-2 - Include patch to fix CVE-2019-9741 - Resolves: rhbz1690443 golang 1.11.5-2 - Include patch to fix CVE-2019-9741 - Resolves: rhbz1690443 1.11.5-2 - Switch to pagure fork for Go FIPS...
java-11-openjdk security update
1:11.0.3.7-2.0.1 - link atomic for ix86 build Livy Ge 1:11.0.3.7-2 - Do not generate lib-style requires for -slowdebug subpackages. - Resolves: rhbz1693468 1:11.0.3.7-2 - Fix requires/provides for the non-system JDK case. JDK 11 is not a system JDK at this point. - Resolves: rhbz1693468...
thunderbird security update
60.6.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.6.1-1 - Update to 60.6.1 60.6.0-1 - Update to 60.6.0...
dotnet security, bug fix, and enhancement update
2.1.507-2 - Link against strerrorr correctly - Resolves: RHBZ1712471 2.1.507-1 - Update to .NET Core Runtime 2.1.11 and SDK 2.1.507 - Resolves: RHBZ1710068 2.1.506-1 - Update to .NET Core Runtime 2.1.10 and SDK 2.1.506 - Resolves: RHBZ1696836...
thunderbird security update
60.7.2-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.7.2-2 - Update to 60.7.2 build2 60.7.2-1 - Update to 60.7.2 60.7.1-1 - Update to 60.7.1...
kernel security, bug fix, and enhancement update
3.10.0-957.27.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.27.2 - x86 hyper-v: fix hyperv.h UAPI header Vitaly Kuznetsov 1727109 169249...
java-11-openjdk security update
1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 GA - Switch to GA mode for final release. - Resolves: rhbz1724452 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 EA - Resolves: rhbz1724452 1:11.0.4.9-0.0.ea - Update to shenandoah-jdk-11.0.4+9 EA - Resolves: rhbz1724452 1:11.0.4.8-0.0.e...
edk2 security update
20180508gitee3198e672e2-9.el80 - edk2-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch bz1690501 - edk2-MdeModulePkg-RamDiskDxe-Restrict-on-RAM-disk-size-CV.patch bz1690501 - Resolves: bz1690501 CVE-2018-12180 edk2: Buffer Overflow in BlockIo service for RAM disk rhel-8.0.0.z...
java-1.8.0-openjdk security update
1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz1724452 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz1724452 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust...
wget security update
1.19.5-7.0.1.1 - SSLv3 support dropped from openssll, v3 test certificates need to be replaced Orabug: 29613455 1.19.5-7.1 - Fix tests with on armhfp 1.19.5-7.1 - Fix CVE-2019-5953 1696735...
kubernetes security update
1.9.11-2.7.1 - OLCNE-494 CVE-2019-11244 fix CVE-2019-11244: 'kubectl --http-cache= ' - creates world-writeable cached schema files 1.9.11-2.6.1 - OLCNE-382 CVE-2019-11243 rest.AnonymousClientConfig does not remove the sa credentials...
kubernetes security update
1.11.3-2.7.2 - OLCNE-494 CVE-2019-11244 fix CVE-2019-11244: 'kubectl --http-cache= ' - creates world-writeable cached schema files 1.11.3.2.6.2 - OLCNE-384 CVE-2019-11243 rest.AnonymousClientConfig does not remove the serviceaccount credentials from config created by rest.InClusterConfig...
kubernetes security update
1.10.5-2.7.4 - OLCNE-494 CVE-2019-11244 fix CVE-2019-11244: 'kubectl --http-cache= ' - creates world-writeable cached schema files 1.10.5-2.6.4 - OLCNE-383 CVE-2019-11243 Authentication information exposure in rest.AnonymousClientConfig...