8997 matches found
Unbreakable Enterprise kernel security update
4.1.12-124.26.7 - ibcore: initialize shpd field when allocating 'struct ibpd' Mukesh Kacker Orabug: 29384815 - Revert 'x86/apic: Make archsetuphwirq NUMA node aware' Brian Maly Orabug: 29542185 - qlcnic: fix Tx descriptor corruption on 82xx devices Shahed Shaikh Orabug: 27708787 - block: Fix a ra...
libssh2 security update
1.4.3-12.el76.2 - sanitize public header file detected by rpmdiff 1.4.3-12.el76.1 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix integer overflow in SSH packet processing channel resulting in out of bounds write CVE-2019-3857 - fix...
thunderbird security update
60.6.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.6.1-1 - Update to 60.6.1 60.6.0-1 - Update to 60.6.0...
firefox security update
60.6.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.6.1-1 - Update to 60.6.1 ESR Build 1...
thunderbird security update
60.6.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.6.1-1 - Update to 60.6.1 60.6.0-1 - Update to 60.6.0...
firefox security update
60.6.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.6.1-1 - Update to 60.6.1 ESR Build 1...
Unbreakable Enterprise kernel security update
4.1.12-124.26.5 - scsi: scsitransportiscsi: modify detected conn err to KERNERR Fred Herard Orabug: 29487790 - xen/blkfront: avoid NULL blkfrontinfo dereference on device removal Vasilis Liaskovitis Orabug: 29469740 4.1.12-124.26.4U - bnxten: Fix race conditions in .ndogetstats64. Michael Chan...
openwsman security update
2.6.3-6.git4391e5c - Update the fix for CVE-2019-3816 Resolves: 1668657 - Remove Dist Tag from the oldest changelog entry 2.6.3-5.git4391e5c - Fix CVE-2019-3816 Resolves: 1668657...
ghostscript security and bug fix update
9.07-31.el76.10 - Resolves: 1673915 - ghostscript: Regression: double comment chars '%' in gsinit.ps leading to missing metadata - Resolves: 1678171 - CVE-2019-3835 ghostscript: superexec operator is available 700585 - Resolves: 1680025 - CVE-2019-3838 ghostscript: forceput in DefineResource is...
firefox security update
60.6.0-3.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.6.0-3 - Added Google API keys mozbz1531176 60.6.0-2 - Update to 60.6.0 ESR Build 2 60.6.0-1 - Update to 60.6.0 ESR Build 1...
firefox security update
60.6.0-3.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.6.0-3 - Added Google API keys mozbz1531176 60.6.0-2 - Update to 60.6.0 ESR Build 2 60.6.0-1 - Update to 60.6.0 ESR Build 1...
cloud-init security update
18.2-1.0.1 - add modified version of enable-ec2utils-to-stop-retrying-to-get-ec2-metadata.patch for 18.2: 1. Enable ec2utils.py having a way to stop retrying to get ec2 metadata 2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader Resolves: Oracle-Bug:41660 Bugzilla...
qemu security update
15:3.1.0-1.el7 - vfio-pci: emit FAILOVERPRIMARYCHANGED event on guest behalf when unrealized - vfio-pci: emit FAILOVERPRIMARYCHANGED event on guest behalf when unrealized Si-Wei Liu Orabug: 29216696 - vfio-pci: add FAILOVERPRIMARYCHANGED event to shorten downtime during failover Si-Wei Liu Orabug...
openssl security update
1.0.2k-16.0.1.el76.1 - Bump release for rebuild. 1.0.2k-16.1 - use SHA-256 in FIPS RSA pairwise key check - fix CVE-2018-5407 - EC signature local timing side-channel key extraction 1.0.2k-16 - fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA - fix incorrect error message on...
openssl security and bug fix update
1.0.2k-16.0.1.el76.1 - Bump release for rebuild. 1.0.2k-16.1 - use SHA-256 in FIPS RSA pairwise key check - fix CVE-2018-5407 - EC signature local timing side-channel key extraction...
tomcat security update
0:7.0.76-9 - Resolves: rhbz1641873 CVE-2018-11784 tomcat: Open redirect in default servlet...
kernel security, bug fix, and enhancement update
3.10.0-957.10.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.10.1 - fs revert 'fs nfs: Don't write back further requests if there is a...
Unbreakable Enterprise kernel security update
2.6.39-400.307.1 - proc: restrict kernel stack dumps to root John Donnelly Orabug: 29114880 CVE-2018-17972 - alarmtimer: Prevent overflow for relative nanosleep Thomas Gleixner Orabug: 29269182 CVE-2018-13053 - ext4: only look at the bgflags field if it is valid Theodore Ts'o Orabug: 29409428...
cockpit security update
173.2-1.0.1 - turn off display of subscriptions menu item in GUI - Drop subscription-manager requirement since we do not ship it [email protected] - Remove Red Hat references. 173.2-1 - ws: Fix bug parsing invalid base64 headers rhbz1672296...
Unbreakable Enterprise kernel security update
4.14.35-1844.3.2 - uek-rpm: Remove hardcoded 'kernelgitcommit' macro from specfile Victor Erminpour Orabug: 29357695 - mm: cleancache: fix corruption on missed inode invalidation Pavel Tikhomirov Orabug: 29364665 CVE-2018-16862 - l2tp: fix reading optional fields of L2TPv3 Jacob Wen Orabug:...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.31.1 - alarmtimer: Prevent overflow for relative nanosleep Thomas Gleixner Orabug: 29269167 CVE-2018-13053 - KEYS: Don't permit requestkey to construct a new keyring David Howells Orabug: 29304552 CVE-2017-17807 - KEYS: add missing permission check for requestkey destination...
Unbreakable Enterprise kernel security update
4.1.12-124.26.1 - NFS: commit direct writes even if they fail partially J. Bruce Fields Orabug: 28212440 - rds: update correct congestion map for loopback transport Mukesh Kacker Orabug: 29175685 - ext4: only look at the bgflags field if it is valid Theodore Tso Orabug: 29316684 CVE-2018-10876...
java-1.7.0-openjdk security update
1:1.7.0.211-2.6.17.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set ITCFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debuginfo in...
java-1.7.0-openjdk security update
1:1.7.0.211-2.6.17.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set ITCFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debuginfo in...
java-11-openjdk security update
1:11.0.2.7-0.0.1 - link atomic for ix86 build 1:11.0.2.7-0 - Update to shenandoah-jdk-11.0.2+7 January 2019 CPU - Make tagsuffix optional and comment it out while unused. - Drop JDK-8211105/RH1628612/RH1630996 applied upstream. - Drop JDK-8209639/RH1640127 applied upstream. - Re-generate...
java-1.8.0-openjdk security update
1:1.8.0.201.b09-0 - Update to aarch64-shenandoah-jdk8u201-b09. - Resolves: rhbz1661577 1:1.8.0.192.b12-0 - Add port of 8189170 to AArch64 which is missing from upstream 8u version. - Resolves: rhbz1661577 1:1.8.0.192.b12-0 - Add 8160748 for AArch64 which is missing from upstream 8u version. -...
polkit security update
0.96-11.el610.1 - Fix of CVE-2019-6133, PID reuse via slow fork - Resolves: rhbz1667310...
java-1.8.0-openjdk security update
1:1.8.0.201.b09-0 - Update to aarch64-shenandoah-jdk8u201-b09. - Resolves: rhbz1661577 1:1.8.0.192.b12-1 - Add 8160748 for AArch64 which is missing from upstream 8u version. - Add port of 8189170 to AArch64 which is missing from upstream 8u version. - Resolves: rhbz1661577 1:1.8.0.192.b12-0 -...
kernel security and bug fix update
2.6.32-754.11.1.OL6 - Update genkey bug 25599697 2.6.32-754.11.1 - x86 mm/fault: Allow stack access below rsp Waiman Long 1644401 - sound alsa: rawmidi: Change resized buffers atomically Denys Vlasenko 1593083 CVE-2018-10902...
qemu security update
...
flatpak security update
1.0.2-4 - Tweak /proc sandbox patch 1675433 1.0.2-3 - Do not mount /proc in root sandbox 1675433...
docker-engine security update
18.03.1.ol-0.0.12 - correct the version string of containerd 18.03.1.ol-0.0.11 - update runc for CVE-2019-5736 18.03.1.ol-0.0.10 - update Go to version 1.10.8 18.03.1.ol-0.0.9 - correct changelog 18.03.1.ol-0.0.8 - fix orabug 28452214 and orabug 28461404 18.03.1.ol-0.0.6 - obsolete/provide the...
firefox security update
60.5.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.5.1-1 - Update to 60.5.1 ESR 60.5.0-3 - Added fix for rhbz1672424 - Firefox crashes on NFS drives...
systemd security update
219-62.0.4 - do not create utmp update symlinks for reboot and poweroff Orabug: 27854896 - OL7 udev rule for virtio net standby interface Orabug: 28826743 - fix netdev is missing for iscsi entry in /etc/fstab Orabug: 25897792 [email protected] - set 'RemoveIPC=no' in logind.conf as default fo...
firefox security update
60.5.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.5.1-1 - Update to 60.5.1 ESR 60.5.0-3 - Added fix for rhbz1672424 - Firefox crashes on NFS drives...
oraclelinux-release-el7 security update
1.0-5 - Fix olyumconfigure.sh OraBug 29241080...
oraclelinux-release-el6 security update
1.0-5 - Fix olyumconfigure.sh OraBug 29241080...
docker-engine security update
17.06.2.ol-1.0.6 - update the version string of runc to show the CVE fixed 17.06.2.ol-1.0.4 - build using Go 1.10.8 - apply fix for runc CVE-2019-5736 17.06.2.ol-1.0.3 - spec: do not replace config files Jacob Wen Orabug: 28235986...
kubernetes security update
kubernetes 1.9.11-2.2.1 - CVE-2019-6486 1.9.11-2.1.1 - Fix kubeadm-registry.sh - Use golang 1.9.3 - CVE-2018-1002105 Handle error responses from backends - Bump to v1.9.11 1.9.1-2.1.7 - Orabug 27803001 1.9.1-2.1.5 - Production built 1.9.1-2.1.5 - Fix the upgrade version check - Remove w/a from...
Unbreakable Enterprise kernel security update
4.14.35-1844.2.5 - x86/apic: Switch all APICs to Fixed delivery mode Thomas Gleixner Orabug: 29262403 4.14.35-1844.2.4 - x86/platform/UV: Add check of TSC state set by UV BIOS [email protected] Orabug: 29205471 - x86/tsc: Provide a means to disable TSC ART [email protected] Orabug: 29205471 -...
runc security update
1.0.0-19.rc5.git4bb1fe4.0.3.el7 - Apply patch for CVE-2019-5736 Wiekus Beukes 1.0.0-19.rc5.git4bb1fe4.0.2.el7 - update Go version to 1.10.8, fix version string Laszlo Laca Peter 1.0.0-19.rc5.git4bb1fe4.0.1.el7 - Tuning .spec file 2:1.0.0-19.rc5.git4bb1fe4 - release v1.0.0rc5...
Unbreakable Enterprise kernel security update
2.6.39-400.306.1 - ext4: validate that metadata blocks do not overlap superblock Theodore Ts'o Orabug: 28220576 CVE-2018-1094 - Provide a NLMF flag void dumping inet/inet6 stats in rtnlifinfo Manish Kumar Singh Orabug: 28318718 - btrfs: relocation: Only remove reloc rbtrees if reloc control has...
Unbreakable Enterprise kernel security update
4.1.12-124.25.1 - x86/bugs: Fix the AMD SSBD usage of the SPECCTRL MSR Tom Lendacky Orabug: 28870524 CVE-2018-3639 - x86/bugs: Add AMD's SPECCTRL MSR usage Konrad Rzeszutek Wilk Orabug: 28870524 CVE-2018-3639 - x86/cpufeatures: rename X86FEATUREAMDSSBD to X86FEATURELSCFGSSBD Mihai Carabas Orabug:...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.30.1 - ext4: validate that metadata blocks do not overlap superblock Theodore Ts'o Orabug: 28220451 CVE-2018-1094 - ext4: always initialize the crc32c checksum driver Theodore Ts'o Orabug: 28220451 CVE-2018-1094 CVE-2018-1094 - vfs: Add sbrdonlysb to query the MSRDONLY flag ...
thunderbird security update
60.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.5.0-1 - Update to 60.5.0...
thunderbird security update
60.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.5.0-1 - Update to 60.5.0...
polkit security update
0.112-18.0.1 - Increase timeout to avoid defunct processes bug26930744 0.112-18.el76.1 - Fix of CVE-2019-6133, PID reuse via slow fork - Resolves: rhbz1667311...
spice security update
0.14.0-6.0.2.1 - Add ARM support 0.14.0-6.1 - Fix off-by-one error during guest-to-host memory address conversion Resolves: CVE-2019-3813...
Unbreakable Enterprise kernel security update
4.1.12-124.24.5 - rds: congestion updates can be missed when kernel low on memory Mukesh Kacker Orabug: 28425811 - net/rds: ib: Fix endless RNR Retries caused by memory allocation failures Venkat Venkatsubra Orabug: 28127993 - net: rds: fix excess initialization of the recv SGEs Zhu Yanjun Orabug...
spice-server security update
0.12.4-16.3 - Fix off-by-one error during guest-to-host memory address conversion Resolves: CVE-2019-3813 0.12.4-16.2 - Prevent potential buffer/integer overflows with invalid MonitorsConfig messages sent from an authenticated client Resolves: CVE-2017-7506 0.12.4-16.1 - Fix flexible array buffer...