9160 matches found
kernel security update
5.14.0-611.27.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
golang-github-openprinting-ipp-usb security update
0.9.27-4 - rebuild to fix CVE-2025-61729...
util-linux security update
2.40.2-15 - libblkid: use snprintf instead of sprintf 2.40.2-14 - Fix setpwnam buffer use CVE-2025-14104...
python3 security update
3.6.8-72.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-72 - Security fix for CVE-2025-12084 Resolves: RHEL-135911...
php security update
8.3.29-1 - rebase to 8.3.29...
openssl security update
3.5.1-7.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream references Orabug: 34340177 3.5.1.openela.0.1 - Add OpenELA specific changes 1:3.5.1-7 - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468...
openssl security update
3.5.1-7.0.1 - Replace upstream references Orabug: 34340177 - Update FIPS provider name Orabug: 35824276 1:3.5.1-7 - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469 CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420 CVE-2025-69421 CVE-2026-22795 CVE-2026-227...
kernel security update
3.10.0-1160.119.1.0.16 - net: sched: sfb: fix null pointer access issue when sfbinit fails CVE-2022-50356 Orabug: 38790244 - fs: fix UAF/GPF bug in nilfsmdtdestroy CVE-2022-50367 Orabug: 38790244 - iomap: iomap: fix memory corruption when recording CVE-2022-50406 Orabug: 38790244 - mm: fix zswap...
openssl security update
1:1.1.1k-14 - Backport fix for Out-of-bounds read & write in RFC 3211 KEK Unwrap Fix CVE-2025-9230 Resolves: RHEL-128613 - Fix bug for ticketlifetimehint exceed issue Resolves: RHEL-119891 1:1.1.1k-13 - Backport fix SSLselectnext proto from OpenSSL 3.2 Fix CVE-2024-5535 Resolves: RHEL-45654...
openssl security update
3.5.1-7.0.1fips - Update additional upstream references - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35824276 - Update FIPS module name Orabug: 35824276 3.5.1-7.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable...
iperf3 security update
3.9-14.1 - Resolves: RHEL-136181 - iperf Heap Buffer Overflow CVE-2025-54349...
iperf3 security update
3.17.1-5 - Resolves: RHEL-136170 - iperf Heap Buffer Overflow CVE-2025-54349...
glibc security update
2.39-58.0.1.7 - Forward port Oracle changes to 2.39-58.7. - Reviewed-by: David Faust Oracle history: November-26-2025 Cupertino Miranda - 2.39-58.0.1.2 - Forward port Oracle changes to 2.39-58.2. - Reviewed-by: Jose E. Marchesi September-29-2025 David Faust - 2.39-58.0.1 - Forward port Oracle...
iperf3 security update
3.5-12 - Resolves: RHEL-136175 - iperf Heap Buffer Overflow CVE-2025-54349...
image-builder security update
45-1.0.2 - Fix CVE-2025-58183...
php:8.2 security update
php 8.2.30-1 - rebase to 8.2.30 php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip...
gimp:2.8 security update
gimp 2:2.8.22-26.4 - fix CVE-2025-14422 2:2.8.22-26.3 - fix CVE-2025-10920 - fix CVE-2025-10921 - fix CVE-2025-10922 - fix CVE-2025-10923 - fix CVE-2025-10924 - fix CVE-2025-10925 - fix CVE-2025-10934 2:2.8.22-26.2 - fix CVE-2025-5473 RHEL-95696 2:2.8.22-26.1 - fix CVE-2025-48797 RHEL-93503 - fix...
openssl security update
3.5.1-7.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream references Orabug: 34340177 3.5.1.openela.0.1 - Add OpenELA specific changes 1:3.5.1-7 - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468...
openssl security update
3.5.1-7.0.1 - Replace upstream references Orabug: 34340177 - Update FIPS provider name Orabug: 35824276 1:3.5.1-7 - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469 CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420 CVE-2025-69421 CVE-2026-22795 CVE-2026-227...
kernel security update
3.10.0-1160.119.1.0.15 - Bluetooth: L2CAP: fix use-after-free in l2capconndel CVE-2022-3640 Orabug: 38742878 - Bluetooth: L2CAP: Fix use-after-free caused by l2capchanput Orabug: 38742878 - Bluetooth: L2CAP: Fix user-after-free CVE-2022-50386 Orabug: 38742878 - wifi: brcmfmac: fix use-after-free...
osbuild-composer security update
101.4-2.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size to 1GB Orabug: 36827079 - support for building OL8/9 images on Oracle Linu...
grafana-pcp security update
5.1.1-11 - Resolves RHEL-140538: CVE-2025-61729...
php:8.3 security update
php 8.3.29-1 - rebase to 8.3.29 php-pecl-apcu 5.1.23-1 - update to 5.1.23 for PHP 8.2 RHEL-14699 5.1.21-1 - update to 5.1.21 for PHP 8.1 2070040 php-pecl-redis6 6.1.0-2 - ignore 1 ONLINE test 6.1.0-1 - RHEL build 6.1.0-1 - update to 6.1.0 - drop patch merged upstream 6.1.0RC2-1 - update to 6.1.0R...
python3.9 security update
3.9.25-3.0.1 - Remove upstream URL reference 3.9.25-3 - Security fix for CVE-2025-12084 Resolves: RHEL-135897...
mariadb security update
1:5.5.68-1.0.1 - Fixes CVE-2025-13699, remote code execution via improper path validation Orabug: 38829265 - Fixes failing SSL and timezone tests...
php:8.2 security update
libzip 1.7.3-1 - update to 1.7.3 1.6.1-1 - update to 1.6.1 - enable lzma support 1.5.2-1 - update to 1.5.2 - add all explicit cmake options to ensure openssl is used even in local build with other lilbraries available 1.5.1-1 - update to 1.5.1 - drop dependency on zlib-devel and bzip2-devel no mo...
osbuild-composer security update
149-3.0.1 - Add missing dependency over dracut-config-rescue for image-installer ORABUG: 38587453 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming...
fence-agents security update
4.10.0-98.4 - bundled urllib3: fix CVE-2025-66471 - bundled urllib3: fix CVE-2026-21441 Resolves: RHEL-139793, RHEL-140795 4.10.0-98.1 - bundled urllib3: fix CVE-2025-66418 Resolves: RHEL-136061...
grafana security update
9.2.10-27.0.1 - Fixes CVE-2024-1442 Add email verification when updating user email Orabug: 38550520 9.2.10-27 - Resolves RHEL-140537: CVE-2025-61729...
python3.12 security update
3.12.12-4.0.1 - Remove upstream URL reference 3.12.12-4 - Release bump to correct the build for wrong release Related: RHEL-141026 3.12.12-3 - Security fix for CVE-2025-13836 Resolves: RHEL-141026 3.12.12-2 - Security fix for CVE-2025-12084 Resolves: RHEL-135399...
python3.11 security update
3.11.13-5.0.1 - Remove upstream URL reference Orabug: 36073032 3.11.13-5 - Security fix for CVE-2025-13836 Resolves: RHEL-141025 3.11.13-4 - Security fix for CVE-2025-12084 Resolves: RHEL-135395...
python3.11 security update
3.11.13-4.0.1 - Update rpm-macros description Orabug: 36024572 3.11.13-4 - Security fix for CVE-2025-13836 Resolves: RHEL-140992 3.11.13-3 - Security fix for CVE-2025-12084 Resolves: RHEL-135390...
glibc security update
2.39-58.0.1.7 - Forward port Oracle changes to 2.39-58.7. - Reviewed-by: David Faust Oracle history: November-26-2025 Cupertino Miranda - 2.39-58.0.1.2 - Forward port Oracle changes to 2.39-58.2. - Reviewed-by: Jose E. Marchesi September-29-2025 David Faust - 2.39-58.0.1 - Forward port Oracle...
gcc-toolset-15-binutils security update
2.44-3.1 - Fix a potential illegal memory access when linking a corrupt input file. RHEL-130674...
kernel security update
5.14.0-611.26.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
curl security update
7.76.1-35.el97.3 - http: fix crash in rate-limited upload RHEL-129493 7.76.1-35.el97.2 - openssl: respect system crypto policy for TLS max version RHEL-128921 7.76.1-35.el97.1 - rebuild for rhel-9.7.0 z-stream RHEL-121659 7.76.1-35 - cookie: don't treat the leading slash as trailing CVE-2025-9086...
fence-agents security update
4.2.1-129.20 - bundled urllib3: fix CVE-2025-66471 - bundled urllib3: fix CVE-2026-21441 Resolves: RHEL-139756, RHEL-140783 4.2.1-129.17 - bundled urllib3: fix CVE-2025-66418 Resolves: RHEL-136027 4.2.1-129.16 - fencenutanixahv: new fence agent Resolves: RHEL-110964 4.2.1-129.15 - fencekubevirt:...
java-1.8.0-openjdk security update
1.8.0.482.b08-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.482.b08-1 - Update to 8u482-b08 GA. - Update release notes for 8u482-b08. - Remove generated-configure.sh changes from JDK-8141590 & FIPS patch as we already autogenerate this - Turn on system FreeType as on later JDK versio...
python3.11-urllib3 security update
1.26.12-6 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-140555, RHEL-139408...
python3.11-urllib3 security update
1.26.12-5.1 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-140565, RHEL-139404...
python-urllib3 security update
1.26.5-6.1 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139401...
python3.12-urllib3 security update
1.26.19-1.1 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139403...
python-urllib3 security update
1.24.2-9 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139410...
python3.12-urllib3 security update
1.26.19-2 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139409...
python-urllib3 security update
1.26.19-2.1 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139387...
perl security update
4:5.16.3-299.0.1 - Fixed CVE-2023-31484 verify TLS certificates Orabug: 38816274...
kernel security update
4.18.0-553.97.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
Unbreakable Enterprise kernel security update
5.4.17-2136.351.3.3 - crypto: afalg - Fix incorrect boolean values in afalgctx Eric Biggers Orabug: 38884602 CVE-2025-40022...
kernel security update
6.12.0-124.29.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
resource-agents security update
4.9.0-54.27 - bundled urllib3: fix CVE-2025-66471 - bundled urllib3: fix CVE-2026-21441 Resolves: RHEL-139760, RHEL-140787 4.9.0-54.24 - bundled urllib3: fix CVE-2025-66418 Resolves: RHEL-136031 4.9.0-54.23 - nfsserver: add ability to set e.g. 'pipefs-directory=/run/nfs/rpcpipefs' in /etc/nfs.con...