8985 matches found
brotli security update
1.0.9-9 - Resolves: RHEL-133995 Rebuild for CVE-2025-6176 Brotli decompression bomb DoS in scrapy 1.0.9-8 - Resolves: RHEL-133995 CVE-2025-6176 Brotli decompression bomb DoS in scrapy...
python-wheel security update
1:0.41.2-5.1 - Security fix for CVE-2026-24049 Resolves: RHEL-143630...
libsoup3 security update
3.6.5-9 - Fix CVE-2026-0719 3.6.5-8 - Fix CVE-2025-14523 3.6.5-7 - Add patch for CVE-2025-12105 3.6.5-6 - Fix integer overflow in date/time parsing 3.6.5-5 - Bump revision number 3.6.5-4 - Fix several CVEs...
freerdp security update
2:2.11.7-1.1 - Backport several CVE fixes Resolves: RHEL-142426, RHEL-142410, RHEL-142394, RHEL-142378, RHEL-142362, Resolves: RHEL-142346, RHEL-142330...
fence-agents security update
4.16.0-13.2 - bundled pyasn1: fix CVE-2026-23490 Resolves: RHEL-142444...
fontforge security update
20201107-7 - Resolves: RHEL-138206 CVE-2025-15279 GUtils BMP File Parsing Heap-based Buffer Overflow - Resolves: RHEL-138228 CVE-2025-15275 SFD File Parsing Heap-based Buffer Overflow - Resolves: RHEL-138158 CVE-2025-15269 SFD File Parsing Use-After-Free...
freerdp security update
2:2.11.7-2 - Backport several CVE fixes Resolves: RHEL-142417, RHEL-142401, RHEL-142385, RHEL-142369, RHEL-142353 Resolves: RHEL-142337, RHEL-142321...
python security update
2.7.5-94.0.3 - Fix for CVE-2025-12084 Orabug: 38902314...
python3 security update
3.6.8-73.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-73 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367, CVE-2026-1299 Resolves: RHEL-143063, RHEL-143120, RHEL-144860...
image-builder security update
45-1.0.2 - Fix CVE-2025-58183...
nodejs24 security update
1:24.13.0-1.0.1 - Update upstream references 1:24.13.0-1 - Update to 24.13.0 1:24.11.1-2 - makefile: change package manager to RH one...
nodejs22 security update
1:22.22.0-3 - Bump release to get correct RHEL build 1:22.22.0-2 - Filter for nodejs22.fmf in gating plan 1:22.22.0-1 - Update to 22.22.0 1:22.19.0-3 - Unit-tests adjustment - disable internet/test-dgram-membership...
util-linux security update
2.37.4-21.0.1 - Orabug 35995271 - report lost loop device...
util-linux security update
2.32.1-48.0.1 - Orabug 35995159 - report lost loop device 2.32.1-48 - fix RHEL-134296 - libblkid: use snprintf instead of sprintf - fix RHEL-133946 - login-utils: fix setpwnam buffer use CVE-2025-14104...
qemu-kvm security update
10.0.0-14.el101.5 - kvm-Revert-i386-cpu-Move-adjustment-of-CPUIDEXTPDCM-be.patch RHEL-135453 - Resolves: RHEL-135453 Live migration after workload update fails with operation failed: guest CPU doesn't match specification: missing features: pdcm rhel-10.1.z 10.0.0-14.el101.4 -...
fence-agents security update
4.2.1-129.21 - bundled pyasn1: fix CVE-2026-23490 Resolves: RHEL-142447...
resource-agents security update
4.9.0-54.28 - bundled pyasn1: fix CVE-2026-23490 Resolves: RHEL-142448...
fence-agents security update
4.10.0-98.5 - bundled pyasn1: fix CVE-2026-23490 Resolves: RHEL-142459...
osbuild-composer security update
149-4.0.1 - Add missing dependency over dracut-config-rescue for image-installer Orabug: 38587453 - Add OL10 support - Update repository URLs for baseos, appstream and UERK - Fix the label for UEKR repository - Simplify repository names JIRA: OLDIS-35893 - Ensure build on latest golang:...
curl security update
8.12.1-2.el101.2 - openssl: respect system crypto policy for TLS max version RHEL-128923 8.12.1-2.el101.1 - cookie: don't treat the leading slash as trailing CVE-2025-9086 Resolves: RHEL-122689...
net-snmp security update
1:5.7.2-49.0.3 - Fix out of bound access Orabug: 38873509CVE-2025-68615...
python3.12 security update
3.12.12-3.0.1 - Remove upstream URL reference 3.12.12-3 - Security fix for CVE-2025-13836 Resolves: RHEL-140978 3.12.12-2 - Security fix for CVE-2025-12084 Resolves: RHEL-135387...
wireshark security update
4.4.2-4.0.1.el101.2 - Fix post script to not fail during initial installation Orabug: 37565359 1:4.4.2-4.2 - Resolves: RHEL-136916 - NULL Pointer Dereference in Wireshark CVE-2025-9817 1:4.4.2-4.1 - Resolves: RHEL-130425 - Access of Uninitialized Pointer in Wireshark...
kernel security update
5.14.0-611.27.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
kernel security update
6.12.0-124.31.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
golang-github-openprinting-ipp-usb security update
0.9.27-4 - rebuild to fix CVE-2025-61729...
util-linux security update
2.40.2-15 - libblkid: use snprintf instead of sprintf 2.40.2-14 - Fix setpwnam buffer use CVE-2025-14104...
kernel security update
4.18.0-553.100.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
php security update
8.3.29-1 - rebase to 8.3.29...
python3 security update
3.6.8-72.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-72 - Security fix for CVE-2025-12084 Resolves: RHEL-135911...
openssl security update
1:1.1.1k-14 - Backport fix for Out-of-bounds read & write in RFC 3211 KEK Unwrap Fix CVE-2025-9230 Resolves: RHEL-128613 - Fix bug for ticketlifetimehint exceed issue Resolves: RHEL-119891 1:1.1.1k-13 - Backport fix SSLselectnext proto from OpenSSL 3.2 Fix CVE-2024-5535 Resolves: RHEL-45654...
openssl security update
3.5.1-7.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream references Orabug: 34340177 3.5.1.openela.0.1 - Add OpenELA specific changes 1:3.5.1-7 - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468...
openssl security update
3.5.1-7.0.1 - Replace upstream references Orabug: 34340177 - Update FIPS provider name Orabug: 35824276 1:3.5.1-7 - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469 CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420 CVE-2025-69421 CVE-2026-22795 CVE-2026-227...
kernel security update
3.10.0-1160.119.1.0.16 - net: sched: sfb: fix null pointer access issue when sfbinit fails CVE-2022-50356 Orabug: 38790244 - fs: fix UAF/GPF bug in nilfsmdtdestroy CVE-2022-50367 Orabug: 38790244 - iomap: iomap: fix memory corruption when recording CVE-2022-50406 Orabug: 38790244 - mm: fix zswap...
php:8.2 security update
php 8.2.30-1 - rebase to 8.2.30 php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip...
gimp:2.8 security update
gimp 2:2.8.22-26.4 - fix CVE-2025-14422 2:2.8.22-26.3 - fix CVE-2025-10920 - fix CVE-2025-10921 - fix CVE-2025-10922 - fix CVE-2025-10923 - fix CVE-2025-10924 - fix CVE-2025-10925 - fix CVE-2025-10934 2:2.8.22-26.2 - fix CVE-2025-5473 RHEL-95696 2:2.8.22-26.1 - fix CVE-2025-48797 RHEL-93503 - fix...
image-builder security update
45-1.0.2 - Fix CVE-2025-58183...
iperf3 security update
3.17.1-5 - Resolves: RHEL-136170 - iperf Heap Buffer Overflow CVE-2025-54349...
openssl security update
3.5.1-7.0.1fips - Update additional upstream references - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35824276 - Update FIPS module name Orabug: 35824276 3.5.1-7.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable...
iperf3 security update
3.5-12 - Resolves: RHEL-136175 - iperf Heap Buffer Overflow CVE-2025-54349...
iperf3 security update
3.9-14.1 - Resolves: RHEL-136181 - iperf Heap Buffer Overflow CVE-2025-54349...
glibc security update
2.39-58.0.1.7 - Forward port Oracle changes to 2.39-58.7. - Reviewed-by: David Faust Oracle history: November-26-2025 Cupertino Miranda - 2.39-58.0.1.2 - Forward port Oracle changes to 2.39-58.2. - Reviewed-by: Jose E. Marchesi September-29-2025 David Faust - 2.39-58.0.1 - Forward port Oracle...
grafana-pcp security update
5.1.1-11 - Resolves RHEL-140538: CVE-2025-61729...
openssl security update
3.5.1-7.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream references Orabug: 34340177 3.5.1.openela.0.1 - Add OpenELA specific changes 1:3.5.1-7 - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468...
php:8.3 security update
php 8.3.29-1 - rebase to 8.3.29 php-pecl-apcu 5.1.23-1 - update to 5.1.23 for PHP 8.2 RHEL-14699 5.1.21-1 - update to 5.1.21 for PHP 8.1 2070040 php-pecl-redis6 6.1.0-2 - ignore 1 ONLINE test 6.1.0-1 - RHEL build 6.1.0-1 - update to 6.1.0 - drop patch merged upstream 6.1.0RC2-1 - update to 6.1.0R...
mariadb security update
1:5.5.68-1.0.1 - Fixes CVE-2025-13699, remote code execution via improper path validation Orabug: 38829265 - Fixes failing SSL and timezone tests...
osbuild-composer security update
149-3.0.1 - Add missing dependency over dracut-config-rescue for image-installer ORABUG: 38587453 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming...
kernel security update
3.10.0-1160.119.1.0.15 - Bluetooth: L2CAP: fix use-after-free in l2capconndel CVE-2022-3640 Orabug: 38742878 - Bluetooth: L2CAP: Fix use-after-free caused by l2capchanput Orabug: 38742878 - Bluetooth: L2CAP: Fix user-after-free CVE-2022-50386 Orabug: 38742878 - wifi: brcmfmac: fix use-after-free...
python3.9 security update
3.9.25-3.0.1 - Remove upstream URL reference 3.9.25-3 - Security fix for CVE-2025-12084 Resolves: RHEL-135897...
php:8.2 security update
libzip 1.7.3-1 - update to 1.7.3 1.6.1-1 - update to 1.6.1 - enable lzma support 1.5.2-1 - update to 1.5.2 - add all explicit cmake options to ensure openssl is used even in local build with other lilbraries available 1.5.1-1 - update to 1.5.1 - drop dependency on zlib-devel and bzip2-devel no mo...