9182 matches found
Unbreakable Enterprise kernel security update
4.1.12-124.26.12 - x86/mds: Add empty commit for CVE-2019-11091 Konrad Rzeszutek Wilk Orabug: 29721935 CVE-2019-11091 - x86/microcode: Add loader version file in debugfs Boris Ostrovsky Orabug: 29754165 - x86/microcode: Fix CPU synchronization routine Borislav Petkov Orabug: 29754165 -...
qemu-kvm security update
0.12.1.2-2.506.el610.3 - kvm-target-i386-define-md-clear-bit.patch bz1698996 - Resolves: bz1698996 CVE-2018-12130 qemu-kvm: hardware: MFBDS...
qemu security update
12:2.9.0-21.el7 - x86: Add mds feature Karl Heubaum - e1000: Never increment the RX undersize count register Chris Kenna - i386: Add some MSR based features on Cascadelake-Server CPU model Tao Xu Orabug: 29643540 - i386: Update stepping of Cascadelake-Server Tao Xu Orabug: 29643540 - kvm: Use...
Unbreakable Enterprise kernel security update
4.14.35-1844.4.5.2 - x86/mds: Add empty commit for CVE-2019-11091 Konrad Rzeszutek Wilk Orabug: 29721848 CVE-2019-11091 - x86/speculation/mds: Make mdsmitigation mutable after init Konrad Rzeszutek Wilk Orabug: 29721835 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 4.14.35-1844.4.5.1 -...
Unbreakable Enterprise kernel security update
2.6.39-400.310.1 - x86/speculation/mds: Make cpumatches cpuinit Patrick Colp Orabug: 29752091 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 - x86/speculation/mds: Only worry about firmware loaded microcode Patrick Colp Orabug: 29641786 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127...
kernel security and bug fix update
2.6.32-754.14.2.OL6 - Update genkey bug 25599697 2.6.32-754.14.2 - x86 x86/speculation/mds: Add SMT warning message Waiman Long 1692386 1692387 1692388 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 - x86 x86/speculation/mds: Add mds=full, nosmt cmdline option Waiman Long 1692386 1692387 1692388...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.33.2 - x86/speculation/mds: Make cpumatches cpuinit Patrick Colp Orabug: 29751729 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 - x86/speculation/mds: Only worry about firmware loaded microcode Patrick Colp Orabug: 29641784 CVE-2018-12126 CVE-2018-12130...
qemu security update
15:3.1.0-3.el7 - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed Mark Kanda Orabug: 29744956 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 15:3.1.0-2.el7 - x86: Add mds feature Karl Heubaum - e1000: Never increment the RX undersize count register...
qemu security update
15:3.1.0-3.el7 - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed Mark Kanda Orabug: 29744956 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 15:3.1.0-2.el7 - x86: Add mds feature Karl Heubaum - e1000: Never increment the RX undersize count register...
freeradius security update
3.0.13-10 - Fixes two EAP-PWD security issues Resolves: bz1699413 authentication bypass with an invalid curve attack...
python-jinja2 security update
2.7.2-3 - Fix for CVE-2016-10745 Resolves: rhbz1701308...
flatpak security update
1.0.2-5 - Fix IOCSTI sandbox bypass 1700651...
ghostscript security update
9.07-31.el76.11 - Resolves: 1673398 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - fix for pdf2dsc regression added...
ovmf security update
20180508-3.gitee3198e672e2.el76.1 - ovmf-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch bz1684006 - ovmf-MdeModulePkg-RamDiskDxe-Restrict-on-RAM-disk-size-CV.patch bz1684006 - Resolves: bz1684006 CVE-2018-12180 OVMF: edk2: Buffer Overflow in BlockIo service for RAM disk rhel-7.6.z...
kernel security and bug fix update
3.10.0-957.12.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.12.1 - kernel locking/rwsem: Fix possible missed wakeup Waiman Long 1690323...
java-1.7.0-openjdk security update
1:1.7.0.221-2.6.18.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.221-2.6.18.0 - Bump to 2.6.18 and OpenJDK 7u221-b02. - Resolves: rhbz1693468...
java-1.7.0-openjdk security update
1:1.7.0.221-2.6.18.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.221-2.6.18.0 - Bump to 2.6.18 and OpenJDK 7u221-b02. - Resolves: rhbz1693468...
Unbreakable Enterprise kernel security update
4.1.12-124.26.10 - x86/apic: Make archsetuphwirq NUMA node aware Henry Willard Orabug: 29534769 4.1.12-124.26.9 - KEYS: encrypted: fix buffer overread in validmasterdesc Eric Biggers Orabug: 29591025 CVE-2017-13305 4.1.12-124.26.8 - scsi: target: remove hardcoded T10 Vendor ID in INQUIRY response...
java-11-openjdk security update
1:11.0.3.7-0.0.1 - link atomic for ix86 build 1:11.0.3.7-0 - Add -mstackrealign workaround to build flags to avoid SSE issues on x86 - Resolves: rhbz1693468 1:11.0.3.7-0 - Update to shenandoah-jdk-11.0.3+7 April 2019 GA - Resolves: rhbz1693468 1:11.0.3.6-0 - Update to shenandoah-jdk-11.0.3+6 Apri...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.212.b04-1 - Update to aarch64-shenandoah-jdk8u212-b04. - Resolves: rhbz1693468 1:1.8.0.212.b03-0 - Update to aarch64-shenandoah-jdk8u212-b03. - Resolves: rhbz1693468 1:1.8.0.212.b02-0 - Update to aarch64-shenandoah-jdk8u212-b02. - Remove patches included upstream -...
java-1.8.0-openjdk security update
1:1.8.0.212.b04-0 - Update to aarch64-shenandoah-jdk8u212-b04. - Resolves: rhbz1693468 1:1.8.0.212.b03-0 - Update to aarch64-shenandoah-jdk8u212-b03. - Resolves: rhbz1693468 1:1.8.0.212.b02-0 - Update to aarch64-shenandoah-jdk8u212-b02. - Remove patches included upstream -...
mod_auth_mellon security and bug fix update
0.14.0-2.4 - Actually apply the patch in the previous build - Resolves: rhbz1697488 - CVE-2019-3877 modauthmellon: open redirect in logout url when using URLs with backslashes 0.14.0-2.3 - Resolves: rhbz1697488 - CVE-2019-3877 modauthmellon: open redirect in logout url when using URLs with...
kubernetes security update
1.11.3-2.5.2 - OLCNE-235 CVE-2019-9946 portmap inserts rules at the front of the iptables nat chains 1.11.3-2.4.2 - CVE-2019-1002101 kubectl fix potential directory traversal 1.11.3-2.3.2 - CVE-2019-1002100 Limit the number of operations in a single json patch to be 10,000...
kubernetes security update
1.9.11-2.5.1 - OLCNE-235 CVE-2019-9946 portmap inserts rules at the front of the iptables nat chains 1.9.11-2.4.1 - CVE-2019-1002101 kubectl fix potential directory traversal 1.9.11-2.3.1 - CVE-2019-1002100 Limit the number of operations in a single json patch to be 10,000 - Fixup kubeadm-setup.s...
kubernetes security update
1.10.5-2.5.4 - OLCNE-235 CVE-2019-9946 portmap inserts rules at the front of the iptables nat chains 1.10.5-2.4.4 - CVE-2019-1002101 kubectl fix potential directory traversal 1.10.5-2.3.4 - CVE-2019-1002100 Limit the number of operations in a single json patch to be 10,000 - Fixup kubeadm-setup.s...
kubernetes kubeadm-upgrade kubeadm-ha-setup security update
kubernetes 1.12.7-1.1.2 - OLCNE-257 fix coredns issue and minor upgrade issue 1.12.7-1.1.1 - OLCNE-235 CVE-2019-9946 portmap inserts rules at the front of the iptables nat chains 1.12.7-1.0.1 - Add Oracle Build Files For Version v1.12.7 kubeadm-upgrade 0.0.1-1.0.22 -- Bump up 1.12.7 version for...
Unbreakable Enterprise kernel security update
4.14.35-1844.4.5 - x86/apic/x2apic: set back affinity of a single interrupt to one cpu Mridula Shastry Orabug: 29510342 4.14.35-1844.4.4 - ext4: fix data corruption caused by unaligned direct AIO Lukas Czerner Orabug: 29598590 - swiotlb: checking whether swiotlb buffer is full with iotlbused Dong...
kernel security and bug fix update
2.6.32-754.12.1.OL6 - Update genkey bug 25599697 2.6.32-754.12.1 - x86 vDSO: Don't generate retpoline for indirect call Waiman Long 1638552 - fs cifs: fix reparse point/symlink breakage Leif Sahlberg 1636484 - scsi qla2xxx: Mask off Scope bits in retry delay Himanshu Madhani 1588133 - net tcp: ma...
python security update
2.7.5-77.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-77 - Security fix for CVE-2019-9636 Resolves: rhbz1689316...
openssh security update
5.3p1-124 - Fix for CVE-2018-15473: User enumeration via malformed packets in authentication requests...
Unbreakable Enterprise kernel security update
2.6.39-400.308.1 - x86/fpu: Fix 32-bit signal frame handling Dave Hansen Orabug: 28874707 - x86/fpu: Factor out memsetxstate, 0 in fpufinit paths Oleg Nesterov Orabug: 28874707 - x86/fpu: Always allow FPU in interrupt if useeagerfpu Oleg Nesterov Orabug: 28874707 - x86/fpu: Don't do threadfpuend ...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.32.1 - x86/fpu: Factor out memsetxstate, 0 in fpufinit paths Oleg Nesterov Orabug: 29012034 - x86/fpu: Always allow FPU in interrupt if useeagerfpu Oleg Nesterov Orabug: 29012034 - x86/fpu: Fix 32-bit signal frame handling Dave Hansen Orabug: 29012034 - x86/fpu: Don't do...
docker-engine security update
17.06.2.ol-1.0.7 - update for CVE-2018-20699...
docker-engine security update
18.03.1.ol-0.0.14 - rebuild 18.03.1.ol-0.0.13 - update for CVE-2018-20699...
freerdp security update
1.0.2-15.1 - Fix CVE-2018-8786 1684152 - Fix CVE-2018-8787 1684156 - Fix CVE-2018-8788 1684163...
Unbreakable Enterprise kernel security update
4.1.12-124.26.7 - ibcore: initialize shpd field when allocating 'struct ibpd' Mukesh Kacker Orabug: 29384815 - Revert 'x86/apic: Make archsetuphwirq NUMA node aware' Brian Maly Orabug: 29542185 - qlcnic: fix Tx descriptor corruption on 82xx devices Shahed Shaikh Orabug: 27708787 - block: Fix a ra...
thunderbird security update
60.6.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.6.1-1 - Update to 60.6.1 60.6.0-1 - Update to 60.6.0...
firefox security update
60.6.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.6.1-1 - Update to 60.6.1 ESR Build 1...
thunderbird security update
60.6.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.6.1-1 - Update to 60.6.1 60.6.0-1 - Update to 60.6.0...
libssh2 security update
1.4.3-12.el76.2 - sanitize public header file detected by rpmdiff 1.4.3-12.el76.1 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix integer overflow in SSH packet processing channel resulting in out of bounds write CVE-2019-3857 - fix...
firefox security update
60.6.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.6.1-1 - Update to 60.6.1 ESR Build 1...
Unbreakable Enterprise kernel security update
4.1.12-124.26.5 - scsi: scsitransportiscsi: modify detected conn err to KERNERR Fred Herard Orabug: 29487790 - xen/blkfront: avoid NULL blkfrontinfo dereference on device removal Vasilis Liaskovitis Orabug: 29469740 4.1.12-124.26.4U - bnxten: Fix race conditions in .ndogetstats64. Michael Chan...
openwsman security update
2.6.3-6.git4391e5c - Update the fix for CVE-2019-3816 Resolves: 1668657 - Remove Dist Tag from the oldest changelog entry 2.6.3-5.git4391e5c - Fix CVE-2019-3816 Resolves: 1668657...
ghostscript security and bug fix update
9.07-31.el76.10 - Resolves: 1673915 - ghostscript: Regression: double comment chars '%' in gsinit.ps leading to missing metadata - Resolves: 1678171 - CVE-2019-3835 ghostscript: superexec operator is available 700585 - Resolves: 1680025 - CVE-2019-3838 ghostscript: forceput in DefineResource is...
firefox security update
60.6.0-3.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.6.0-3 - Added Google API keys mozbz1531176 60.6.0-2 - Update to 60.6.0 ESR Build 2 60.6.0-1 - Update to 60.6.0 ESR Build 1...
firefox security update
60.6.0-3.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.6.0-3 - Added Google API keys mozbz1531176 60.6.0-2 - Update to 60.6.0 ESR Build 2 60.6.0-1 - Update to 60.6.0 ESR Build 1...
cloud-init security update
18.2-1.0.1 - add modified version of enable-ec2utils-to-stop-retrying-to-get-ec2-metadata.patch for 18.2: 1. Enable ec2utils.py having a way to stop retrying to get ec2 metadata 2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader Resolves: Oracle-Bug:41660 Bugzilla...
qemu security update
15:3.1.0-1.el7 - vfio-pci: emit FAILOVERPRIMARYCHANGED event on guest behalf when unrealized - vfio-pci: emit FAILOVERPRIMARYCHANGED event on guest behalf when unrealized Si-Wei Liu Orabug: 29216696 - vfio-pci: add FAILOVERPRIMARYCHANGED event to shorten downtime during failover Si-Wei Liu Orabug...
openssl security and bug fix update
1.0.2k-16.0.1.el76.1 - Bump release for rebuild. 1.0.2k-16.1 - use SHA-256 in FIPS RSA pairwise key check - fix CVE-2018-5407 - EC signature local timing side-channel key extraction...
tomcat security update
0:7.0.76-9 - Resolves: rhbz1641873 CVE-2018-11784 tomcat: Open redirect in default servlet...