9158 matches found
kernel security update
5.14.0-687.17.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
nginx:1.24 security update
1.24.0-7.0.1.2 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 1:1.24.0-7.2 - Resolves: RHEL-178681 - nginx:1.24/nginx: code execution and denial of service CVE-2026-9256 - Resolves: RHEL-182554 - nginx:1.24/nginx: HTTP/2: Remote Denial o...
tomcat security update
1:9.0.117-1 - Resolves: RHEL-150714 Certificate revocation bypass due to improper OCSP response validation - Resolves: Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled CVE-2026-34500 - Resolves: Tomcat: Cloud membership for clustering component exposed the Kubernet...
perl-Archive-Tar security update
2.30-2 - Fix CVE-2026-42496: validate symlink and hardlink targets in secure extract mode - Resolves: RHEL-181654 2.30-1 - 2.30 bump 2.28-1 - 2.28 bump - Fixes CVE-2018-12015 directory traversal bug 1588761 2.26-6 - Do not run optional test on RHEL 2.26-5 - Rebuilt for...
libxml2 security update
2.9.1-6.0.13.6 - Backport fix for CVE-2025-9714 Orabug: 39476695 2.9.1-6.0.11.6 - Fix CVE-2025-32415: Fix heap buffer overflow Orabug: 38310750 2.9.1-6.0.9.6 - Fix CVE-2025-7425: heap-use-after-free in xmlFreeID Orabug: 38290330 2.9.1-6.0.7.6 - Fix CVE-2025-6021, CVE-2025-32414, CVE-2025-49794,...
firefox security update
140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.12.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.12.0-1 - Update to 140.12.0 ESR...
firefox security update
140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.12.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.12.0-1 - Update to 140.12.0 ESR...
perl-Archive-Tar security update
2.38-6.1 - Fix CVE-2026-42496: validate symlink and hardlink targets in secure extract mode - Resolves: RHEL-181662...
python3.12-urllib3 security update
1.26.19-3 - Security fixes for CVE-2026-44431 and CVE-2026-44432 Resolves: RHEL-185125, RHEL-184900...
openssl security update
3.5.5-4.0.1 - Replace upstream references Orabug: 34340177 3.5.5.openela.0.1 - Add OpenELA specific changes 1:3.5.5-4 - Fix CVE-2026-7383, CVE-2026-9076, CVE-2026-34180, CVE-2026-34181, CVE-2026-34183, CVE-2026-42764, CVE-2026-42766, CVE-2026-42767, CVE-2026-42768, CVE-2026-42769, CVE-2026-42770,...
rsync security update
3.2.5-7.2 - Fix integer overflow in compressed-token decoding CVE-2026-43618 - Resolves: RHEL-174932 3.2.5-7.1 - Fix TOCTOU symlink race in daemon no-chroot mode CVE-2026-29518 - Resolves: RHEL-174952 3.2.5-4 - Resolves: RHEL-104404 - Do not clear DISPLAY unconditionally...
mod_md security update
1:2.4.26-2.1 - Resolves: RHEL-175644 - modmd: OCSP response limits CVE-2026-29168 1:2.4.26-2 - Resolves: RHEL-134497 - httpd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753...
perl-IO-Compress security update
2.081-2 - Remove use of eval in File::GlobMapper for safer string interpolation - Resolves: RHEL-180411...
perl-IO-Compress security update
2.102-4.1 - Fix CVE-2026-48962: remove use of eval in File::GlobMapper - Resolves: RHEL-180418...
git-lfs security update
3.7.1-4.1 - Fix CVE-2026-39821: vendored golang.org/x/net/idna ToUnicode incorrectly accepting all-ASCII xn-- labels - Resolves: RHEL-183797...
python security update
2.7.5-94.0.9 - Fix for CVE-2026-4786 Orabug: 39418723 2.7.5-94.0.7 - Fix for CVE-2026-4519 Orabug: 39243798 2.7.5-94.0.5 - Fix for CVE-2025-15366 and CVE-2025-15367 Orabug: 39114639 2.7.5-94.0.3 - Fix for CVE-2025-12084 Orabug: 38902314...
firefox security update
140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.12.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.12.0-1 - Update to 140.12.0 ESR...
git-lfs security update
3.4.1-11 - Backport CVE-2026-39821 fix vendored golang.org/x/net IDNA - Resolves: RHEL-183731...
libsoup security update
2.62.2-2.0.13 - Backport fix for CVE-2026-5119 Orabug: 39527088 2.62.2-2.0.11 - Fixes CVE-2026-0719 CVE-2026-1761 Orabug: 38958074 2.62.2-2.0.9 - Fix CVE-2025-14523 Orabug: 38873507 2.62.2-2.0.7 - Backport patch for CVE-2025-4945 and CVE-2025-11021 Orabug: 38664275 2.62.2-2.0.5 - Fixes...
kernel security update
5.14.0-687.17.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
mod_http2 security update
2.0.26-6.1 - Resolves: RHEL-182417 - modhttp2: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 2.0.26-6 - Resolves: RHEL-166293 - httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020...
mysql security update
8.0.46-1 - Rebase to 8.0.46 8.0.45-2 - Revert to soft static allocation of MariaDB and MySQL sysusers.d files...
thunderbird security update
140.11.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.11.0 - Add OpenELA debranding 140.11.0-1 - Update to 140.11.0 ESR 140.10.1-1 - Update to 140.10.1 ESR...
xorg-x11-server-Xwayland security update
24.1.9-4.2 - Other security related fixes Resolves: https://redhat.atlassian.net/browse/RHEL-184292 24.1.9-4.1 - CVE fix for: CVE-2026-50256, CVE-2026-50257, CVE-2026-50258, CVE-2026-50259, CVE-2026-50260, CVE-2026-50261, CVE-2026-50262, CVE-2026-50263 Resolves:...
podman security update
5.8.2-3.0.1 - Rework CNI/Netavark detection logic JIRA: EVG-3769 - Rebuild on new golang to support experimental GODEBUG fipsnoenforceems - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 6:5.8.2-3 - Rebuild for CVE-2026-32283 - Resolves: RHEL-167685 6:5.8.2-2 - Rebui...
podman security update
5.8.2-3.0.1 - Rework CNI/Netavark detection logic JIRA: EVG-3769 - Rebuild on new golang to support experimental GODEBUG fipsnoenforceems - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 6:5.8.2-3 - Rebuild for CVE-2026-32283 - Resolves: RHEL-167685 6:5.8.2-2 - Rebui...
freerdp security update
2:2.11.7-7.3 - Lock appWindow to fix use-after-free in RAIL mode CVE-2026-25952 Resolves: RHEL-159860 2:2.11.7-7.2 - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix growth of preallocated buffers CVE-2026-27951 - Fix heap-buffer-overflow in bitmapcacheput CVE-2026-29775 - Add D...
libreoffice security update
1:6.4.7.2-20.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:6.4.7.2-20 - Fix CVE-2026-4430 Conform AlignEngine parsing to what section 2.3.4.10 of the spec has - Resolves: RHEL-176575...
.NET 8.0 security update
8.0.128-1.0.1 - Add support for Oracle Linux 8.0.128-1 - Update to .NET SDK 8.0.128 and Runtime 8.0.28 - Resolves: RHEL-181055 8.0.127-1 - Update to .NET SDK 8.0.127 and Runtime 8.0.27 - Resolves: RHEL-173923...
xorg-x11-server security update
1.20.11-34.2 - Other security related fixes Resolves: https://redhat.atlassian.net/browse/RHEL-184288 1.20.11-34.1 - CVE fix for: CVE-2026-50256, CVE-2026-50257, CVE-2026-50258, CVE-2026-50259, CVE-2026-50260, CVE-2026-50261, CVE-2026-50262, CVE-2026-50263, CVE-2026-50264 Resolves:...
.NET 10.0 security update
10.0.109-1.0.1 - Add support for Oracle Linux 10.0.109-1 - Update to .NET SDK 10.0.109 and Runtime 10.0.9 - Resolves: RHEL-181558 10.0.108-1 - Update to .NET SDK 10.0.108 and Runtime 10.0.8 - Resolves: RHEL-173910...
.NET 9.0 security update
9.0.118-1.0.1 - Add support for Oracle Linux 9.0.118-1 - Update to .NET SDK 9.0.118 and Runtime 9.0.17 - Resolves: RHEL-181553 9.0.117-1 - Update to .NET SDK 9.0.117 and Runtime 9.0.16 - Resolves: RHEL-173918...
golang security, bug fix, and enhancement update
1.26.4-1.0.1 - EXPERIMENTAL: Introduce fipsnoenforceems GODEBUG var 1.26.4-1 - Update to Go 1.26.4 fips-1 - Resolves: RHEL-183349...
thunderbird security update
140.12.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.12.0 - Add OpenELA debranding 140.12.0-1 - Update to 140.12.0 ESR...
fence-agents security update
4.10.0-110.3 - bundled PyJWT: upgrade to v2.13.0 to fix CVE-2026-48526 Resolves: RHEL-182313 4.10.0-110.2 - bundled pyasn1: fix CVE-2026-30922 Resolves: RHEL-157202 4.10.0-110.1 - bundled cryptography: replace with dependency to fix CVE-2026-26007 - bundled PyJWT: upgrade to v2.12.1 to fix...
python3.14 security, bug fix, and enhancement update
3.14.5-1 - Update to 3.14.5 Resolves: RHEL-180642 3.14.5rc1-1 - Update to 3.14.5rc1 - Move back to the generational from the incremental garbage collector - Security fix for CVE-2026-6019 Resolves: RHEL-180642 3.14.4-3 - Depend on sqlite-libs with deserialize API Resolves: RHEL-180476...
nginx:1.26 security update
1.26.3-9.0.1.1 - Require oracle-indexhtml 2:1.26.3-11 - nginx:1.26/nginx: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack 2:1.26.3-10 - nginx: code execution and denial of service CVE-2026-9256 2:1.26.3-9 - Resolves: RHEL-176218 - nginx:1.26/nginx: NGINX: Arbitrar...
coreutils security update
8.32-41.0.1 - clean up empty file if cp is failed Orabug 15973168 9.5-8 - CVE-2025-5278 - Fix Heap Buffer Under-Read in sort via Key Specification RHEL-180331...
libpng security update
2:1.6.37-11 - fix CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE RHEL-161344...
postgresql:12 security update
12.22-6.0.1 - Add backport of CVE-2025-8714 Orabug: 38667546 12.22-6 - Fix CVE-2026-2004 CVE-2026-2005 CVE-2026-2006 12.22-5 - Fix previous Backport 12.22-4 - Backport CVE-2025-8715 12.22-3 - Fix backport for CVE-2025-1094 12.22-2 - Backport fix for CVE-2025-1094 12.22-1 - Update to 12.22 - Fixes...
tigervnc security update
1.15.0-7.2 - Rebuild for updated xorg-x11-server Resolves: RHEL-184003...
openssh security update
7.4p1-23.0.5fips - Fix privilege escalation via scp legacy protocol when not in preserving file mode CVE-2026-35385Orabug: 39480251 7.4p1-23.0.3fips - Change Epoch from 1 to 10 - Enable fips KDF POST Orabug: 32461750 - Disable diffie-hellman-group-exchange-sha256 KEX FIPS method Orabug: 32461739...
buildah security update
1.43.1-2.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 102:1.43.1-2 - Rebuild for CVE-2026-25679 - Resolves: RHEL-158759...
runc security update
4:1.4.2-2 - Rebuild for CVE-2026-25679 - Resolves: RHEL-158787...
containernetworking-plugins security update
1:1.9.0-3 - Rebuild for CVE-2026-25679 - Resolves: RHEL-158763...
frr10 security update
10.4.3-3 - Resolves: RHEL-174696 - denial of service via crafted BGP UPDATE message 10.4.3-2 - Resolves: RHEL-174678 - denial of service via crafted FlowSpec component...
dracut security update
057-115.git20260527.0.1 - Skip the default FIPS logic on special UEK kernels where the FIPS module is linked directly into the kernel. Orabug: 38705580 - Ship Oracle IMA certificate Orabug: 35992862 - Ship 98-integrity.conf, populating initramfs with Oracle IMA certificate Orabug: 35992862 -...
vim security update
8.0.1763-24.0.1 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-24 - CVE-2026-41411 vim: Command injection via backticks in tag files...
nginx:1.26 security update
1.26.3-9.0.1 - Require oracle-indexhtml 2:1.26.3-9 - Resolves: RHEL-176218 - nginx:1.26/nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 2:1.26.3-8 - CVE-2026-32647 nginx:1.26/nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files 2:1.26.3-7 -...
gnutls security update
3.8.10-4 - Fix CVE-2026-33846 DTLS fragment reassembly, High, heap overwrite - Fix CVE-2026-42009 DTLS fragment reassembly, High, undefined behaviour - Fix CVE-2026-33845 DTLS fragment reassembly, High, heap overread - Fix CVE-2026-42010 PSK authentication, High, authentication bypass - Fix...