9160 matches found
kernel security update
3.10.0-1160.119.1.0.14 - HID: core: fix shift-out-of-bounds in hidreportrawevent CVE-2022-48978 Orabug: 38644370 - crypto: seqiv - Handle EBUSY correctly CVE-2023-53373 Orabug: 38644370 - nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 Orabug: 38644370 - netsched: hfsc: Fix a...
keylime security update
7.12.1-11.3 - Registrar allows identity takeover via duplicate UUID registration Resolves: RHEL-130760 7.12.1-11.2 - Properly fix the malformed certificate workaround Resolves: RHEL-111244...
firefox security update
140.4.0-4.0.1 - Update to 140.4.0 ESR Orabug: 38595697CVE-2025-11708CVE-2025-11709 CVE-2025-11710CVE-2025-11711CVE-2025-11712CVE-2025-11714 CVE-2025-11715...
firefox security update
140.5.0-1.0.1 - Update to 140.5.0 ESR Orabug: 38708474CVE-2025-13012CVE-2025-13013 CVE-2025-13014CVE-2025-13015CVE-2025-13016CVE-2025-13017 CVE-2025-13018CVE-2025-13019CVE-2025-13020...
firefox security update
140.3.0-1.0.1 - Update to 140.3.0 Orabug: 38509157CVE-2025-10527CVE-2025-10528 CVE-2025-10529CVE-2025-10532CVE-2025-10533CVE-2025-10536 CVE-2025-10537 - Disable SVE parts of libyuv if not supported Orabug: 38509157...
mysql:8.4 security update
mecab mecab-ipadic mysql 8.4.7-1 - Rebase to 8.4.7...
mysql:8.4 security update
mecab mecab-ipadic mysql 8.4.7-1 - Rebase to 8.4.7 rapidjson...
mysql:8.0 security update
mecab mecab-ipadic mysql 8.0.44-1 - Rebase to MySQL 8.0.44...
xorg-x11-server security update
1.20.4-29.0.5 - Security update for CVE-2025-62229 CVE-2025-62230 CVE-2025-62231 Orabug: 38691191 1.20.4-29.0.3 - Fix CVE-2025-49175, CVE-2025-49176, CVE-2025-49178, CVE-2025-49179, CVE-2025-49180 Orabug: 38157695 1.20.4-29.0.1 - Fixed CVE-2025-26594 CVE-2025-26595 CVE-2025-26596 - CVE-2025-26597...
mysql security update
8.0.44-1 - Rebase to MySQL 8.0.44...
Unbreakable Enterprise kernel security update
5.4.17-2136.350.3.1 - Reapply 'cpuidle: menu: Avoid discarding useful information' Harshvardhan Jha Orabug: 38744458 - fbcon: fix integer overflow in font allocation Samasth Norway Ananda Orabug: 38744453 5.4.17-2136.350.3 - net/rds: Fix rsrecvpending counting issue Gerd Rausch Orabug: 38506370...
Unbreakable Enterprise kernel security update
5.15.0-315.196.5.1 - netfilter: nftables: reject duplicate device on updates Pablo Neira Ayuso Orabug: 38744086 CVE-2025-38678 - Reapply 'cpuidle: menu: Avoid discarding useful information' Harshvardhan Jha Orabug: 38744084 - rtc: expose RTCFEATUREUPDATEINTERRUPT Alexandre Belloni Orabug: 3874408...
firefox security update
140.6.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.6.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.6.0-1 - Update to 140.6.0 ESR...
ruby:3.3 security update
ruby 3.3.10-5 - Upgrade to Ruby 3.3.10. Resolves: RHEL-127912 - Fix possible denial of service in resolv gem CVE-2025-24294 - Fix URI Credential Leakage Bypass previous fixes. CVE-2025-61594 - Fix REXML denial of service. CVE-2025-58767 Resolves: RHEL-122015 rubygem-mysql2 rubygem-pg...
ruby:3.3 security update
ruby 3.3.10-5 - Upgrade to Ruby 3.3.10. Resolves: RHEL-106820 - Fix possible denial of service in resolv gem CVE-2025-24294 - Fix URI Credential Leakage Bypass previous fixes. CVE-2025-61594 - Fix REXML denial of service. CVE-2025-58767 Resolves: RHEL-122012 rubygem-abrt rubygem-mysql2 rubygem-pg...
wireshark security update
1:3.4.10-8.1 - Resolves: RHEL-130438 - Access of Uninitialized Pointer in Wireshark...
edk2 security update
20250905-4 - Create new 20250905 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability in BIOS where an attacker may cause 'Protection Mechanism Failure' by local access Orabug: 38381983 CVE-2025-3770 - EDK2: EDK2 contains a vulnerability in BIOS where a...
firefox security update
140.6.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.6.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.6.0-1 - Update to 140.6.0 ESR...
luksmeta security update
9-4.1 - Fix handling of large metadata Resolves: RHEL-122138...
tigervnc security update
1.8.0-33.0.9 - Fix CVE-2025-62229: xorg-x11-server: Use-after-free in XPresentNotify structures creation Orabug: 38694278 - Fix CVE-2025-62230: xorg-x11-server: Use-after-free in Xkb client resource removal - Fix CVE-2025-62231: xorg-x11-server: Value overflow in Xkb extension XkbSetCompatMap...
tomcat security update
1:9.0.87-6.1 - Resolves: RHEL-124518 tomcat: Directory traversal via rewrite with possible RCE CVE-2025-55752 - Resolves: RHEL-91753 tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651...
lasso security update
2.5.1-8.0.1 - Fixes CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso Orabug: 38658691...
tomcat security update
1:9.0.87-1.7 - Resolves: RHEL-124507 tomcat: Directory traversal via rewrite with possible RCE CVE-2025-55752 - Resolves: RHEL-91743 tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651...
grafana security update
10.2.6-17 - Resolves RHEL-125692: CVE-2025-58183 - Resolves RHEL-120426: Grafana-selinux prevents plugins from searching cgroups...
libsoup security update
2.62.2-2.0.7 - Backport patch for CVE-2025-4945 and CVE-2025-11021 Orabug: 38664275 2.62.2-2.0.5 - Fixes CVE-2025-2784 CVE-2025-4948 CVE-2025-32049 Orabug: 38085184 - CVE-2025-32906 CVE-2025-32911 CVE-2025-32913 CVE-2025-32914 2.62.2-2.0.3 - Fixed CVE-2024-52531 buffer overflow via UTF-8 conversi...
kernel security update
5.14.0-611.13.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
webkit2gtk3 security update
2.50.3-1 - Update to 2.50.3...
kernel security update
4.18.0-553.89.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
webkit2gtk3 security update
2.50.3-1 - Update to 2.50.3...
go-toolset:rhel8 security update
delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 Sync from CentOS Stream 9 - Related: RHEL-121223 golang 1.25.3-1 - Update to Go 1.25.3 sync from CentOS Stream 9 - Build go-toolset as a subpackage - Preserve GOAMD64=v1 for RHEL 8 -...
abrt security update
2.10.9-25.0.1 - Replaces sosreport to sos report in sosreport-event.conf Orabug: 38590929 - abrt-dump-oops-Fix-vmcore-call-trace-parsing-arm Orabug: 34184473 - Disable autoreporting on Oracle Linux Orabug: 32890748 - Add orabug32082455-Upstreamreferenceinpython3-abrt-addon.patch Orabug: 32082455 ...
sssd security update
1.16.5-10.0.5.16 - krb5: disable Kerberos localauth an2ln plugin for AD/IPA Orabug: 38621159...
systemd security update
252-55.0.3.7 - serialize: don't allocate 1M on the stack just like that LINUX-16166 - Route logs from container mapped uids to the system journal Orabug: 38135007 - Drop delay when nspawn fails to reset loginuid Orabug: 37793135 - Improve logging for api bus connection and subscribers Orabug:...
edk2 security update
20250905-4.el8 - Create new 20250905 release for OL8 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability in BIOS where an attacker may cause "Protection Mechanism Failure" by local access Orabug: 38381983 CVE-2025-3770 - EDK2: EDK2 contains a vulnerability in BIOS where...
Unbreakable Enterprise kernel security update
5.15.0-314.193.5.5 - crypto: essiv - Check ssize for decryption and in-place encryption Herbert Xu Orabug: 38705933 CVE-2025-40019...
Unbreakable Enterprise kernel security update
5.4.17-2136.349.3.2 - crypto: essiv - Check ssize for decryption and in-place encryption Herbert Xu Orabug: 38705546 CVE-2025-40019...
kernel security update
5.14.0-611.11.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
kernel security update
4.18.0-553.87.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
libtiff security update
4.0.3-35.0.1 - fix CVE-2025-8176: prevent skipping first line in tiffdither and tiffmedian tools Orabug: 38658716 - fix CVE-2025-8177: buffer overflow thumbnail setrow Orabug: 38658716 - fix CVE-2025-9900: buffer underflow crash in TIFFReadRGBAImageOriented Orabug: 38658716...
openssl security update
3.5.1-4.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream references Orabug: 34340177 3.5.1.openela.0.1 - Add OpenELA specific changes 1:3.5.1-4 - Fix CVE-2025-9230 Resolves: RHEL-115929 1:3.5.1-...
firefox security update
140.5.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.5.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.5.0-1 - Update to 140.5.0 ESR...
gimp:2.8 security update
gimp 2:2.8.22-26.3 - fix CVE-2025-10920 - fix CVE-2025-10921 - fix CVE-2025-10922 - fix CVE-2025-10923 - fix CVE-2025-10924 - fix CVE-2025-10925 - fix CVE-2025-10934 2:2.8.22-26.2 - fix CVE-2025-5473 RHEL-95696 2:2.8.22-26.1 - fix CVE-2025-48797 RHEL-93503 - fix CVE-2025-48798 RHEL-93506...
libxml2 security update
2.9.13-14 - Rebuilt for the correct target in RHEL 9.7-z RHEL-119283 2.9.13-13 - Fix CVE-2025-9714 RHEL-119283...
postgresql security update
12.22-5.0.1 - Add backport of CVE-2025-8714 Orabug: 38667546 12.22-5 - Fix previous Backport 12.22-4 - Backport CVE-2025-8715 12.22-3 - Fix backport for CVE-2025-1094 12.22-2 - Backport fix for CVE-2025-1094 12.22-1 - Update to 12.22 - Fixes: CVE-2024-10976 CVE-2024-10978 12.20-1 - Update to 12.2...
kernel security update
5.14.0-611.7.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 248176...
expat security update
2.5.0-5.1 - Fix CVE-2025-59375 - Resolves: RHEL-114644...
kernel security update
5.14.0-611.8.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 248176...
kernel security update
5.14.0-611.9.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 248176...
sqlite security update
3.34.1-9 - Fixes CVE-2025-6965...
cups security update
1:2.2.6-64 - RHEL-122666 CVE-2025-58364 cups: Null Pointer Dereference in CUPS ippreadio Leading to Remote DoS...