8997 matches found
kubernetes security update
1.12.7-1.2.3 - OLCNE-494 CVE-2019-11244 fix CVE-2019-11244: 'kubectl --http-cache= ' - creates world-writeable cached schema files 1.12.7-1.1.3 - OCNE-372 kubeadm: properly umount dirs in /var/lib/kubelet...
kubeadm-ha-setup security update
0.0.2-1.0.52 - OLCNE-678 Restore fails when trying to restore after a failed update 0.0.2-1.0.51 - OLCNE-667 Minor version update doesn't update kubeadm on all master nodes 0.0.2-1.0.50 - Make k8s 1.14 specific changes 0.0.2-1.0.49 - OLCNE-668 Remove 1.10 and 1.11 version since they are...
Unbreakable Enterprise kernel security update
4.1.12-124.29.3 - mlx4core: change lognumqp,rdmarc with scaleprofile Mukesh Kacker Orabug: 30064080 4.1.12-124.29.2 - scsi: storvsc: Fix scsicmd error assignments in storvschandleerror Cathy Avery Orabug: 30052805 4.1.12-124.29.1 - USB: check usbgetextradescriptor for proper size Mathias Payer...
java-1.7.0-openjdk security update
1:1.7.0.231-2.6.19.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.231-2.6.19.1 - Add missing hyphen in tapset filename. - Resolves: rhbz1724452 1:1.7.0.231-2.6.19.0 - Update tapset filename matching pattern. - Resolves: rhbz1724452 1:1.7.0.231-2.6.19.0 - Bump to 2.6.19 including tapsets and OpenJD...
java-1.7.0-openjdk security update
1:1.7.0.231-2.6.19.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.231-2.6.19.1 - Add missing hyphen in tapset filename. - Resolves: rhbz1724452 1:1.7.0.231-2.6.19.0 - Update tapset name in patch. - Resolves: rhbz1724452 1:1.7.0.231-2.6.19.0 - Bump to 2.6.19 including tapsets and OpenJDK 7u231-b01....
thunderbird security update
60.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.8.0-1 - Updated to 60.8.0 60.7.2-3 - Rebuild to fix rhbz1725919 - Thunderbird fails to authenticate with gmail with ssl/tls and OAuth2...
java-1.8.0-openjdk security update
1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz1724452 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz1724452 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Adjust...
java-11-openjdk security update
1:11.0.4.11-0.0.1 - link atomic for ix86 build 1:11.0.4.11-0 - Update to shenandoah-jdk-11.0.4+11 GA - Switch to GA mode for final release. - Resolves: rhbz1724452 1:11.0.4.10-0.0.ea - Update to shenandoah-jdk-11.0.4+10 EA - Resolves: rhbz1724452 1:11.0.4.9-0.0.ea - Update to...
java-1.8.0-openjdk security update
1:1.8.0.222.b10-0 - Update to aarch64-shenandoah-jdk8u222-b10. - Resolves: rhbz1724452 1:1.8.0.222.b09-0 - Update to aarch64-shenandoah-jdk8u222-b09. - Switch to GA mode for final release. - Resolves: rhbz1724452 1:1.8.0.222.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u222-b08. - Resolves:...
vim security update
2:8.0.1763-11 - 1719812 - CVE-2019-12735 vim: vim/neovim: arbitrary command execution in getchar.c rhel-8.1.0...
vim security update
2:7.4.629-5.2 - 1724045 - fix CVE-2019-12735 the :source! command allows arbitrary command execution via the modeline - fix spec warnings about expanding macros...
thunderbird security update
60.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.8.0-1 - Updated to 60.8.0 60.7.2-3 - Rebuild to fix rhbz1725919 - Thunderbird fails to authenticate with gmail with ssl/tls and OAuth2...
firefox security update
60.8.0-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one...
firefox security update
60.8.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file...
dbus security update
1:1.2.24-11.0.1 - fix netlink poll: error 4 Zhenzhong Duan 1:1.2.24-11 - Apply patch for CVE-2019-12749 1725574 1:1.2.24-10 - Fix CVE-2019-12749 1725574...
qemu security update
15:3.1.0-5.el7 - Only enable the halt poll control MSR if it is supported by the host Mark Kanda Orabug: 29946722 15:3.1.0-4.el7 - kvm: i386: halt poll control MSR support Marcelo Tosatti Orabug: 29933278 - Document CVEs as fixed: CVE-2017-9524, CVE-2017-6058, CVE-2017-5931 Mark Kanda Orabug:...
Unbreakable Enterprise kernel security update
4.1.12-124.28.6 - scsi: libfc: Fixup discmutex handling in fcoe module Hannes Reinecke Orabug: 29511036 - scsi: libfc: sanitize EDTOV and RATOV setting in fcp Hannes Reinecke Orabug: 29511036 - sysctl: Fix kabi breakage Shuning Zhang Orabug: 29689925 - proc: Fix procsysprunedcache to hold a sb...
libvirt security update
5.0.0-9.el7 - qemu: remove cpuhostmask and cpuguestmask from virCaps structure Wim ten Have Orabug: 29956508 5.0.0-8.el7 - api: disallow virDomainSaveImageGetXMLDesc on read-only connections Jan Tomko Orabug: 29955742 CVE-2019-10161 - domain: Define explicit flags for saved image xml Eric Blake...
Unbreakable Enterprise kernel security update
4.14.35-1902.3.1 - x86/platform/UV: Mark tscchecksync as an init function [email protected] Orabug: 29701029 - mm, pagealloc: check for max order in hot path Michal Hocko Orabug: 29924411 - net/mlx5: FW tracer, Enable tracing Feras Daoud Orabug: 29717200 - net/mlx5: FW tracer, parse traces and...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.36.1 - tun: call devgetvalidname before registernetdevice Cong Wang Orabug: 29925557 CVE-2018-7191...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.36.1 - tun: call devgetvalidname before registernetdevice Cong Wang Orabug: 29925557 CVE-2018-7191...
qemu-kvm security update
0.12.1.2-2.506.el610.4 - kvm-target-i386-Sanitize-the-XSAVE-related-feature-bits.patch bz1673779 - kvm-slirp-check-sscanf-result-when-emulating-ident.patch bz1689790 - Resolves: bz1673779 RHEL8 VM's do not install on RHEL6 KVM hypervisor - Resolves: bz1689790 CVE-2019-9824 qemu-kvm: QEMU: Slirp:...
libssh2 security update
1.4.2-3.0.1.el610.1 - Orabug: 29909723 Added patch CVE-2019-3862. [email protected] Added Additional length checks to prevent out-of-bounds CVE-2019-3862 1.4.2-3.el610.1 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix integer overflow...
thunderbird security update
60.7.2-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.7.2-2 - Update to 60.7.2 build2 60.7.2-1 - Update to 60.7.2 60.7.1-1 - Update to 60.7.1...
thunderbird security update
60.7.2-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.7.2-2 - Update to 60.7.2 build2 60.7.2-1 - Update to 60.7.2 60.7.1-1 - Update to 60.7.1...
firefox security update
60.7.2-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.7.2-1 - Update to 60.7.2 ESR 60.7.1-1 - Updated to 60.7.1 ESR...
firefox security update
60.7.2-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.7.2-1 - Update to 60.7.2 ESR 60.7.1-1 - Updated to 60.7.1 ESR...
libvirt security and bug fix update
4.5.0-10.0.1 - added librbd1 as dependency Keshav Sharma 4.5.0-10.el76.12 - api: disallow virDomainSaveImageGetXMLDesc on read-only connections CVE-2019-10161 - api: disallow virDomainManagedSaveDefineXML on read-only connections CVE-2019-10166 - api: disallow virConnectGetDomainCapabilities on...
libssh2 security update
1.4.3-12.0.1.el76.2 - Orabug: 29909723 Added patch CVE-2019-3862 added length checks to prevent out-of-bounds reads and writes in libssh2packetaddCVE-2019-3862...
libssh2 security update
1.4.2-2.0.1.el67.1 - Orabug: 29909723 Added patch CVE-2019-3862. Added Additional length checks to prevent out-of-bounds CVE-2019-3862...
libvirt security update
0.10.2-64.0.1 - Replace docs/et.png in tarball with blank image 0.10.2-64.el610.2 - api: disallow virDomainSaveImageGetXMLDesc on read-only connections CVE-2019-10161...
python security update
2.7.5-80.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-80 - Security fix for CVE-2019-10160 Resolves: rhbz1718401...
kernel security and bug fix update
2.6.32-754.15.3.OL6 - Update genkey bug 25599697 2.6.32-754.15.3 - net tcp: enforce tcpminsndmss in tcpmtuprobing Florian Westphal 1719614 CVE-2019-11479 - net tcp: add tcpminsndmss sysctl Florian Westphal 1719614 CVE-2019-11479 - net tcp: tcpfragment should apply sane memory limits Florian...
kernel security update
3.10.0-957.21.3.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.21.3 - net tcp: enforce tcpminsndmss in tcpmtuprobing Florian Westphal 17199...
bind security update
32:9.8.2-0.68.rc1.3 - Use only selected documentation files 32:9.8.2-0.68.rc1.2 - Fix CVE-2018-5743...
Unbreakable Enterprise kernel security update
4.14.35-1902.2.0 - mm: account managed pages to correct zone during deferred page init Daniel Jordan Orabug: 29914836 4.14.35-1902.1.5 - CVE numbers for build v4.14.35-1902.1.3 and fixup Jack Vogel Orabug: 29890784 Orabug: 29884301 Orabug: 29884301 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479...
libvirt security update
5.0.0-4.el7 - logging: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - locking: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - admin: reject clients unless their UID matches the current UID Daniel P. Berrange Orabug: 29861433...
Unbreakable Enterprise kernel security update
4.1.12-124.28.3 - Add CVE numbers for CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 Chuck Anderson Orabug: 29890820 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 - tcp: fix fackcount accounting on tcpshiftskbdata Joao Martins Orabug: 29890820 - tcp:...
libvirt security update
5.0.0-4.el7 - logging: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - locking: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - admin: reject clients unless their UID matches the current UID Daniel P. Berrange Orabug: 29861433...
Unbreakable Enterprise kernel security update
2.6.39-400.312.2 - tcp: enforce tcpminsndmss in tcpmtuprobing Eric Dumazet Orabug: 29886601 CVE-2019-11477 - tcp: add tcpminsndmss sysctl Eric Dumazet Orabug: 29884308 CVE-2019-11479 - tcp: tcpfragment should apply sane memory limits Eric Dumazet Orabug: 29884308 CVE-2019-11478 - tcp: fix fackcou...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.35.2 - tcp: enforce tcpminsndmss in tcpmtuprobing Eric Dumazet Orabug: 29886600 CVE-2019-11477 - tcp: add tcpminsndmss sysctl Eric Dumazet Orabug: 29884307 CVE-2019-11479 - tcp: tcpfragment should apply sane memory limits Eric Dumazet Orabug: 29884307 CVE-2019-11478 - tcp: f...
python security update
2.6.6-68.0.1 - Add Oracle Linux distribution in platform.py orabug 21288328 Keshav Sharma 2.6.6-68 - Security fix for CVE-2019-10160 Resolves: rhbz1716744 2.6.6-67 - Security fix for CVE-2019-9636 Resolves: rhbz1716744...
docker-engine security update
docker-engine 18.09.1-1.0.8 - cherry-picked fix for CVE-2018-15664 from upstream 18.09.1-1.0.7 - added runc version requirement 18.09.1-1.0.6 - disable kmem accounting for UEKR4 docker-cli 18.09.1-1.0.8 - rebuild 18.09.1-1.0.7 - rebuild 18.09.1-1.0.6 - disable kmem accounting for UEKR4 runc...
Unbreakable Enterprise kernel security update
2.6.39-400.312.1 - Bluetooth: hidp: fix buffer overflow Young Xiao Orabug: 29786788 CVE-2011-1079 CVE-2019-11884 - x86/speculation/mds: Fix verw usage to use memory operand Patrick Colp Orabug: 29791037 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 - x86/speculation/mds: Make...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.35.1 - Bluetooth: hidp: fix buffer overflow Young Xiao Orabug: 29786787 CVE-2011-1079 CVE-2019-11884 - x86/speculation/mds: Fix verw usage to use memory operand Patrick Colp Orabug: 29791038 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 - x86/speculation/mds:...
edk2 security update
1:1.2-5.el7 - Update spec file to remove 'modprobe kvm-intel' and remove --enable-kvm arg to ovmfvarsgenerator so qemu will not require kvm kernel module. Aaron Young - Update spec file to modprobe kvmintel module prior to running qemu to enroll default keys. Aaron Young - Enroll Oracle cert/key...
Unbreakable Enterprise kernel security update
4.1.12-124.28.1 - hugetlbfs: don't retry when pool page allocations start to fail Mike Kravetz Orabug: 29324267 - x86/speculation: RSB stuffing with retpoline on Skylake+ cpus William Roche Orabug: 29660924 - x86/speculation: reformatting RSB overwrite macro William Roche Orabug: 29660924 -...
thunderbird security update
60.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.7.0-1 - Update to 60.7.0...
thunderbird security update
60.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.7.0-1 - Update to 60.7.0...
Unbreakable Enterprise kernel security update
4.1.12-124.27.2 - x86/speculation/mds: Check for the right microcode before setting mitigation Kanth Ghatraju Orabug: 29797118 - vxlan: test dev-flags & IFFUP before accessing vxlan-dev-devaddr Venkat Venkatsubra Orabug: 29710939 - vxlan: test dev-flags & IFFUP before calling grocellsreceive Eric...