9182 matches found
kernel security, bug fix, and enhancement update
3.10.0-957.10.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.10.1 - fs revert 'fs nfs: Don't write back further requests if there is a...
openssl security update
1.0.2k-16.0.1.el76.1 - Bump release for rebuild. 1.0.2k-16.1 - use SHA-256 in FIPS RSA pairwise key check - fix CVE-2018-5407 - EC signature local timing side-channel key extraction 1.0.2k-16 - fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA - fix incorrect error message on...
Unbreakable Enterprise kernel security update
4.1.12-124.26.1 - NFS: commit direct writes even if they fail partially J. Bruce Fields Orabug: 28212440 - rds: update correct congestion map for loopback transport Mukesh Kacker Orabug: 29175685 - ext4: only look at the bgflags field if it is valid Theodore Tso Orabug: 29316684 CVE-2018-10876...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.31.1 - alarmtimer: Prevent overflow for relative nanosleep Thomas Gleixner Orabug: 29269167 CVE-2018-13053 - KEYS: Don't permit requestkey to construct a new keyring David Howells Orabug: 29304552 CVE-2017-17807 - KEYS: add missing permission check for requestkey destination...
cockpit security update
173.2-1.0.1 - turn off display of subscriptions menu item in GUI - Drop subscription-manager requirement since we do not ship it [email protected] - Remove Red Hat references. 173.2-1 - ws: Fix bug parsing invalid base64 headers rhbz1672296...
Unbreakable Enterprise kernel security update
4.14.35-1844.3.2 - uek-rpm: Remove hardcoded 'kernelgitcommit' macro from specfile Victor Erminpour Orabug: 29357695 - mm: cleancache: fix corruption on missed inode invalidation Pavel Tikhomirov Orabug: 29364665 CVE-2018-16862 - l2tp: fix reading optional fields of L2TPv3 Jacob Wen Orabug:...
Unbreakable Enterprise kernel security update
2.6.39-400.307.1 - proc: restrict kernel stack dumps to root John Donnelly Orabug: 29114880 CVE-2018-17972 - alarmtimer: Prevent overflow for relative nanosleep Thomas Gleixner Orabug: 29269182 CVE-2018-13053 - ext4: only look at the bgflags field if it is valid Theodore Ts'o Orabug: 29409428...
java-1.7.0-openjdk security update
1:1.7.0.211-2.6.17.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set ITCFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debuginfo in...
java-1.7.0-openjdk security update
1:1.7.0.211-2.6.17.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set ITCFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debuginfo in...
java-1.8.0-openjdk security update
1:1.8.0.201.b09-0 - Update to aarch64-shenandoah-jdk8u201-b09. - Resolves: rhbz1661577 1:1.8.0.192.b12-0 - Add port of 8189170 to AArch64 which is missing from upstream 8u version. - Resolves: rhbz1661577 1:1.8.0.192.b12-0 - Add 8160748 for AArch64 which is missing from upstream 8u version. -...
java-11-openjdk security update
1:11.0.2.7-0.0.1 - link atomic for ix86 build 1:11.0.2.7-0 - Update to shenandoah-jdk-11.0.2+7 January 2019 CPU - Make tagsuffix optional and comment it out while unused. - Drop JDK-8211105/RH1628612/RH1630996 applied upstream. - Drop JDK-8209639/RH1640127 applied upstream. - Re-generate...
kernel security and bug fix update
2.6.32-754.11.1.OL6 - Update genkey bug 25599697 2.6.32-754.11.1 - x86 mm/fault: Allow stack access below rsp Waiman Long 1644401 - sound alsa: rawmidi: Change resized buffers atomically Denys Vlasenko 1593083 CVE-2018-10902...
polkit security update
0.96-11.el610.1 - Fix of CVE-2019-6133, PID reuse via slow fork - Resolves: rhbz1667310...
java-1.8.0-openjdk security update
1:1.8.0.201.b09-0 - Update to aarch64-shenandoah-jdk8u201-b09. - Resolves: rhbz1661577 1:1.8.0.192.b12-1 - Add 8160748 for AArch64 which is missing from upstream 8u version. - Add port of 8189170 to AArch64 which is missing from upstream 8u version. - Resolves: rhbz1661577 1:1.8.0.192.b12-0 -...
qemu security update
...
oraclelinux-release-el7 security update
1.0-5 - Fix olyumconfigure.sh OraBug 29241080...
oraclelinux-release-el6 security update
1.0-5 - Fix olyumconfigure.sh OraBug 29241080...
firefox security update
60.5.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.5.1-1 - Update to 60.5.1 ESR 60.5.0-3 - Added fix for rhbz1672424 - Firefox crashes on NFS drives...
firefox security update
60.5.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.5.1-1 - Update to 60.5.1 ESR 60.5.0-3 - Added fix for rhbz1672424 - Firefox crashes on NFS drives...
flatpak security update
1.0.2-4 - Tweak /proc sandbox patch 1675433 1.0.2-3 - Do not mount /proc in root sandbox 1675433...
docker-engine security update
18.03.1.ol-0.0.12 - correct the version string of containerd 18.03.1.ol-0.0.11 - update runc for CVE-2019-5736 18.03.1.ol-0.0.10 - update Go to version 1.10.8 18.03.1.ol-0.0.9 - correct changelog 18.03.1.ol-0.0.8 - fix orabug 28452214 and orabug 28461404 18.03.1.ol-0.0.6 - obsolete/provide the...
systemd security update
219-62.0.4 - do not create utmp update symlinks for reboot and poweroff Orabug: 27854896 - OL7 udev rule for virtio net standby interface Orabug: 28826743 - fix netdev is missing for iscsi entry in /etc/fstab Orabug: 25897792 [email protected] - set 'RemoveIPC=no' in logind.conf as default fo...
docker-engine security update
17.06.2.ol-1.0.6 - update the version string of runc to show the CVE fixed 17.06.2.ol-1.0.4 - build using Go 1.10.8 - apply fix for runc CVE-2019-5736 17.06.2.ol-1.0.3 - spec: do not replace config files Jacob Wen Orabug: 28235986...
kubernetes security update
kubernetes 1.9.11-2.2.1 - CVE-2019-6486 1.9.11-2.1.1 - Fix kubeadm-registry.sh - Use golang 1.9.3 - CVE-2018-1002105 Handle error responses from backends - Bump to v1.9.11 1.9.1-2.1.7 - Orabug 27803001 1.9.1-2.1.5 - Production built 1.9.1-2.1.5 - Fix the upgrade version check - Remove w/a from...
Unbreakable Enterprise kernel security update
4.14.35-1844.2.5 - x86/apic: Switch all APICs to Fixed delivery mode Thomas Gleixner Orabug: 29262403 4.14.35-1844.2.4 - x86/platform/UV: Add check of TSC state set by UV BIOS [email protected] Orabug: 29205471 - x86/tsc: Provide a means to disable TSC ART [email protected] Orabug: 29205471 -...
runc security update
1.0.0-19.rc5.git4bb1fe4.0.3.el7 - Apply patch for CVE-2019-5736 Wiekus Beukes 1.0.0-19.rc5.git4bb1fe4.0.2.el7 - update Go version to 1.10.8, fix version string Laszlo Laca Peter 1.0.0-19.rc5.git4bb1fe4.0.1.el7 - Tuning .spec file 2:1.0.0-19.rc5.git4bb1fe4 - release v1.0.0rc5...
Unbreakable Enterprise kernel security update
2.6.39-400.306.1 - ext4: validate that metadata blocks do not overlap superblock Theodore Ts'o Orabug: 28220576 CVE-2018-1094 - Provide a NLMF flag void dumping inet/inet6 stats in rtnlifinfo Manish Kumar Singh Orabug: 28318718 - btrfs: relocation: Only remove reloc rbtrees if reloc control has...
Unbreakable Enterprise kernel security update
4.1.12-124.25.1 - x86/bugs: Fix the AMD SSBD usage of the SPECCTRL MSR Tom Lendacky Orabug: 28870524 CVE-2018-3639 - x86/bugs: Add AMD's SPECCTRL MSR usage Konrad Rzeszutek Wilk Orabug: 28870524 CVE-2018-3639 - x86/cpufeatures: rename X86FEATUREAMDSSBD to X86FEATURELSCFGSSBD Mihai Carabas Orabug:...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.30.1 - ext4: validate that metadata blocks do not overlap superblock Theodore Ts'o Orabug: 28220451 CVE-2018-1094 - ext4: always initialize the crc32c checksum driver Theodore Ts'o Orabug: 28220451 CVE-2018-1094 CVE-2018-1094 - vfs: Add sbrdonlysb to query the MSRDONLY flag ...
thunderbird security update
60.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.5.0-1 - Update to 60.5.0...
thunderbird security update
60.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.5.0-1 - Update to 60.5.0...
spice security update
0.14.0-6.0.2.1 - Add ARM support 0.14.0-6.1 - Fix off-by-one error during guest-to-host memory address conversion Resolves: CVE-2019-3813...
polkit security update
0.112-18.0.1 - Increase timeout to avoid defunct processes bug26930744 0.112-18.el76.1 - Fix of CVE-2019-6133, PID reuse via slow fork - Resolves: rhbz1667311...
Unbreakable Enterprise kernel security update
4.1.12-124.24.5 - rds: congestion updates can be missed when kernel low on memory Mukesh Kacker Orabug: 28425811 - net/rds: ib: Fix endless RNR Retries caused by memory allocation failures Venkat Venkatsubra Orabug: 28127993 - net: rds: fix excess initialization of the recv SGEs Zhu Yanjun Orabug...
spice-server security update
0.12.4-16.3 - Fix off-by-one error during guest-to-host memory address conversion Resolves: CVE-2019-3813 0.12.4-16.2 - Prevent potential buffer/integer overflows with invalid MonitorsConfig messages sent from an authenticated client Resolves: CVE-2017-7506 0.12.4-16.1 - Fix flexible array buffer...
firefox security update
60.5.0-2.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.5.0-2 - Updated to 60.5.0 ESR build2 60.5.0-1 - Updated to 60.5.0 ESR build1 60.4.0-3 - Fixing fontconfig warnings rhbz1601475 60.4.0-2 - Added pipewire patch from Tomas Popela rhbz1664270...
ghostscript security and bug fix update
9.07-31.el76.9 - Related: 1667442 - CVE-2019-6116 - added missing parts of patch 9.07-31.el76.8 - Resolves: 1667442 - CVE-2019-6116 ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators 9.07-31.el76.7 - Resolves: 1665919 pdf2ps reports an error when reading from std...
bind security update
32:9.9.4-73 - Fixes debug level comments 1647539...
firefox security update
60.5.0-2.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.5.0-2 - Updated to 60.5.0 ESR build2 60.5.0-1 - Updated to 60.5.0 ESR build1 60.4.0-3 - Fixing fontconfig warnings rhbz1601475 60.4.0-2 - Added pipewire patch from Tomas Popela...
systemd security update
219-62.0.4 - do not create utmp update symlinks for reboot and poweroff Orabug: 27854896 - OL7 udev rule for virtio net standby interface Orabug: 28826743 - fix netdev is missing for iscsi entry in /etc/fstab Orabug: 25897792 [email protected] - set 'RemoveIPC=no' in logind.conf as default fo...
kernel security, bug fix, and enhancement update
3.10.0-957.5.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.5.1 - fs revert 'fs sunrpc: Ensure we always close the socket after a...
qemu security update
12:2.9.0-19.el7 - lsi53c895a: convert to trace-events Mark Cave-Ayland Orabug: 28205376 - lsi: Reselection needed to remove pending commands from queue George Kennedy Orabug: 28626490 - lsi53c895a: check message length value is valid Prasad J Pandit Orabug: 28873208 CVE-2018-18849 - 9p: fix QEMU...
qemu security update
15:3.0.0-4.el7 - usb-mtp: use ONOFOLLOW and OCLOEXEC. Gerd Hoffmann Orabug: 29056673 CVE-2018-16872 - pvrdma: add uarread routine Prasad J Pandit CVE-2018-20191 - pvrdma: release ring object in case of an error Prasad J Pandit Orabug: 29171822 CVE-2018-20126 - pvrdma: check number of pages when...
thunderbird security update
60.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.4.0-1 - Update to 60.4.0 60.3.0-1 - Update to 60.3.0 60.2.1-6 - Fixed missing calendar langpacks...
thunderbird security update
60.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.4.0-1 - Update to 60.4.0...
perl security update
4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow bug 1661064...
Unbreakable Enterprise kernel security update
4.14.35-1844.1.3 - net: rds: fix rdsibsysctlmaxrecvallocation error Zhu Yanjun Orabug: 29003422 - nfs: dont dirty kernel pages read by direct-io Dave Kleikamp Orabug: 29122062 - KVM: X86: Fix scan ioapic use-before-initialization Wanpeng Li Orabug: 29026132 CVE-2018-19407 - hugetlb: take PMD...
Unbreakable Enterprise kernel security update
4.1.12-124.24.3 - ext4: update idisksize when new eof exceeds it Shan Hai Orabug: 28940828 - ext4: update idisksize if direct write past ondisk size Eryu Guan Orabug: 28940828 - ext4: protect idisksize update by idatasem in direct write path Eryu Guan Orabug: 28940828 - ALSA: usb-audio: Fix UAF...
libvncserver security update
0.9.9-13 - Fix CVE-2018-15127 Heap out-of-bounds write in rfbserver.c:rfbProcessFileTransferReadBuffer bug 1662995...
systemd security update
219-62.0.4 - do not create utmp update symlinks for reboot and poweroff Orabug: 27854896 - OL7 udev rule for virtio net standby interface Orabug: 28826743 - fix netdev is missing for iscsi entry in /etc/fstab Orabug: 25897792 [email protected] - set 'RemoveIPC=no' in logind.conf as default fo...