8988 matches found
libvpx security update
1.3.0-8.0.1 - Fixes CVE-2025-5283 vpxcodecencinitmulti fix double free on init fail Orabug: 38103810...
podman security update
5.4.0-12.0.1 - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 5:5.4.0-12 - update to the latest content of...
golang security update
1.24.4-1 - Update to Go 1.24.4 fips-1 - Resolves: RHEL-101074 1.23.10-1 - Update to Go 1.23.10 - Fix for CVE-2025-4673, CVE-2025-0913, and CVE-2025-22874 - Resolves: RHEL-96000...
jq security update
1.6-17.el9.2 - Fix CVE-2025-48060 - Resolves: RHEL-92990 1.6-17.el9.1 - Fix CVE-2024-23337 - Resolves: RHEL-92972 1.6-17 - Fix SAST findings in jq 1.6 - Resolves: RHEL-28653 1.6-16 - Make jq 1.6 fast - Resolves: RHEL-13431...
ipa security update
4.6.8-5.0.3.el79.17 - Fix privilege escalation from host to domain vulnerability - CVE-2025-4404 Orabug: 38085890...
Unbreakable Enterprise kernel security update
5.15.0-309.180.4.2 - Add Zen34 clients Borislav Petkov AMD Orabug: 38129825 CVE-2024-36350 CVE-2024-36357 - x86/process: Move the buffer clearing before MONITOR Kim Phillips Orabug: 38129825 CVE-2024-36350 CVE-2024-36357 - Add normal counters Borislav Petkov AMD Orabug: 38129825 CVE-2024-36350...
Unbreakable Enterprise kernel security update
6.12.0-100.28.2.2.el10uek - Add Zen34 clients Borislav Petkov AMD Orabug: 38129827 CVE-2024-36350 CVE-2024-36357 - x86/process: Move the buffer clearing before MONITOR Kim Phillips Orabug: 38129827 CVE-2024-36350 CVE-2024-36357 - Add normal counters Borislav Petkov AMD Orabug: 38129827...
kernel security update
5.14.0-570.25.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...
socat security update
1.7.4.1-6.1 - add fix for CVE-2024-54661 Resolves: RHEL-70096 - switch to autopatch, remove unused patches...
glibc security update
2.34-168.0.1.20 - Forward-port Oracle patches for ol9-u6 Reviewed-by: Jose E. Marchesi Oracle history: June-9-2025 Cupertino Miranda - 2.34-168.0.1.19 - Forward-port Oracle patches for ol9-u6 Reviewed-by: David Faust May-17-2025 Cupertino Miranda - 2.34-168.0.1.14 - Forward-port Oracle patches fo...
python-setuptools security update
53.0.0-13.1 - Security fix for CVE-2025-47273 Resolves: RHEL-96807...
Unbreakable Enterprise kernel security update
5.4.17-2136.344.4.3 - Add Zen34 clients Borislav Petkov AMD Orabug: 38129026 CVE-2024-36350 CVE-2024-36357 - x86/process: Move the buffer clearing before MONITOR Kim Phillips Orabug: 38129026 CVE-2024-36350 CVE-2024-36357 - KVM: SVM: Advertize TSA CPUID bits to guests Borislav Petkov AMD Orabug:...
ruby:3.3 security update
ruby 3.3.8-4 - Upgrade to Ruby 3.3.8. Resolves: RHEL-68632 - Fix Net::IMAP vulnerable to possible DoS by memory exhaustion. CVE-2025-25186 - Fix Denial of Service in CGI::Cookie.parse. CVE-2025-27219 - Fix userinfo leakage in URIjoin, URImerge and URI+. CVE-2025-27221 rubygem-abrt 0.4.0-1 - Updat...
python-tornado security update
4.2.1-5.0.1 - Fixed CVE-2025-47287 Raise errors instead of logging Orabug: 38049949...
python3.11 security update
3.11.11-2.1 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 - Resolves: RHEL-98045, RHEL-98015, RHEL-98238, RHEL-98177, RHEL-98206...
thunderbird security update
128.12.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 128.12.0 - Add OpenELA debranding 128.12.0-1 - Update to 128.12.0 build1...
libsoup security update
2.62.2-2.0.5 - Fixes CVE-2025-2784 CVE-2025-4948 CVE-2025-32049 Orabug: 38085184 - CVE-2025-32906 CVE-2025-32911 CVE-2025-32913 CVE-2025-32914 2.62.2-2.0.3 - Fixed CVE-2024-52531 buffer overflow via UTF-8 conversion in - soupheaderparseparamliststrict Orabug: 37557504...
gimp security update
2:2.8.22-1.0.3 - Fixes CVE-2025-5473 GIMP ICO File Parsing Integer Overflow Orabug: 38110877 - Fixes CVE-2025-48797 Multiple heap buffer overflows in TGA parser - Fixes CVE-2025-48798 Multiple use after free in XCF parser...
python3.12 security update
3.12.9-1.1 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 - Resolves: RHEL-98058, RHEL-98020, RHEL-97809, RHEL-98184, RHEL-98211...
thunderbird security update
128.12.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.12.0 - Add OpenELA debranding 128.12.0-1 - Update to 128.12.0 build1...
python3 security update
3.6.8-70.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-70 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 Resolves: RHEL-98030, RHEL-97987, RHEL-98232, RHEL-98065, RHEL-981...
python3.12 security update
3.12.11-1 - Update to 3.12.11 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 Resolves: RHEL-98040, RHEL-98010, RHEL-97808, RHEL-98070, RHEL-98213...
pam security update
1.3.1-37.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36272695 1.3.1-37 - pamnamespace: fix potential privilege escalation. Resolves: CVE-2025-6020 and RHEL-96724...
python3.11 security update
3.11.13-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.13-1 - Update to 3.11.13 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 Resolves: RHEL-98037, RHEL-98006, RHEL-98223, RHEL-98114, RHEL-98200...
firefox security update
128.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 128.12.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.12.0-1 - Update to 128.12.0 build1...
sudo security update
1.9.5p2-1.0.1 - Fixes sudo -s unclosed sessions when usepty option used Orabug: 36952911 1.9.5p2-10.1 RHEL 8.10.0.Z ERRATUM - CVE-2025-32462 sudo: LPE via host option Resolves: RHEL-100014...
python3.9 security update
3.9.21-2.1 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 Resolves: RHEL-98053, RHEL-98025, RHEL-98243, RHEL-98195, RHEL-98219...
firefox security update
128.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.12.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.12.0-1 - Update to 128.12.0 build1...
glibc security update
2.34-168.0.1.20 - Forward-port Oracle patches for ol9-u6 Reviewed-by: Jose E. Marchesi Oracle history:...
sudo security update
1.9.5p2-10.1 RHEL 9.6.0.Z ERRATUM - CVE-2025-32462 sudo: LPE via host option Resolves: RHEL-100016...
libblockdev security update
2.28-7.0.1 - enable btrfs support Orabug: 30792917 2.28-7 - Don't allow suid and dev set on fs resize CVE-2025-6019 Resolves: RHEL-96034...
kernel security update
5.14.0-570.24.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...
osbuild-composer security update
101-4.0.1 - Rebuilt to fix: - CVE-2024-34156 - CVE-2024-1394 - RHEL-24303 - RHEL-57905 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size...
weldr-client security update
35.12-3 - Update test repository snapshot urls rhel 8.10 and remove cs8 repos The snapshots for cs8 have been removed from the service - Rebuild for CVE-2025-22871 Resolves: RHEL-89289...
weldr-client security update
35.12-4 - Bump release for y-stream AND z-stream building using centpkg build --rhel-target=zstream Related: RHEL-89344 35.12-3 - tests: OSTree does not support the qcow2 image type - Add test repositories for RHEL 9.6 and 9.7 - Rebuild for CVE-2025-22871 Resolves: RHEL-89344...
perl-File-Find-Rule security update
0.34-9 - Use 3 arg open in grep CVE-2011-10007 - Package tests...
kernel security update
4.18.0-553.58.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
osbuild-composer security update
132.2-2.0.1 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming and set a correct kernel for Oracle Linux Orabug: 37253643 - Support using OCI...
pam security update
1.5.1-25.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36406534 1.5.1-25 - pamnamespace: fix potential privilege escalation. Resolves: CVE-2025-6020 and RHEL-96729...
qt5-qtbase security update
5.15.9-11 - qt5: QtCore Assertion Failure Denial of Service Resolves: RHEL-96233...
libarchive security update
3.5.3-5 - Resolves: CVE-2025-25724...
perl-YAML-LibYAML security update
1:0.70-2 - Use 3-arg form of open in LoadFile CVE-2025-40908...
krb5 security update
1.21.1-8.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-9 - Do not block HMAC-MD4/5 in FIPS mode Resolves: RHEL-88704 - Don't issue RC4 session keys by default CVE-2025-3576 Resolves: RHEL-88048 - Add PKINIT paChecksum2 from MS-PKCA v20230920 Resolves: RHEL-82647 1.21.1-7 -...
iputils security update
20210202-11.0.1.1 - Upstream backport 'ping: Add SARESTART to saflags' Orabug: 34573399 20210202-11.1 - Fix CVE-2025-47268 iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping RHEL-94335 20210202-11 - ping: Fix ping6 binding to VRF and address RHEL-57734 20210202-10 -...
emacs security update
1:27.2-14.el96.2 - Restore definition of variable 'enable-dir-local-variables' RHEL-92653 1:27.2-14.el96.1 - Bump Z-stream release 1:27.2-14 - Fix arbitrary code execution via Lisp macro expansion RHEL-69399 1:27.2-13 - Bump release 1:27.2-12 - Eliminate use of obsolete patch syntax RHEL-80443...
mod_proxy_cluster security update
1.3.22-1.el96.1 - Resolves: RHEL-81070 Rebase modproxycluster to upstream 1.3.22.Final release 1.3.20-1 - Rebase modcluster to upstream 1.3.20.Final tag - Related: RHEL-27497 - Rebase to upstream 1.3.20.Final release...
perl-File-Find-Rule security update
0.34-19.1 - Use 3 arg open in grep CVE-2011-10007 - Package tests...
mod_auth_openidc security update
2.4.10-1.el96.2 Resolves: RHEL-95948 - modauthopenidc: DoS via Empty POST in modauthopenidc with OIDCPreservePost Enabled CVE-2025-3891...
tigervnc security update
1.15.0-7 - Additional fix to CVE-2025-49176: xorg-x11-server: Integer Overflow in Big Requests Extension Resolves: RHEL-97294 1.15.0-6 - Fix CVE-2025-49175: xorg-x11-server: Out-of-Bounds Read in X Rendering Extension Animated Cursors Resolves: RHEL-97268 - Fix CVE-2025-49176: xorg-x11-server:...
tigervnc security update
1.14.1-8 - Additional fix to CVE-2025-49176: xorg-x11-server: Integer Overflow in Big Requests Extension Resolves: RHEL-97305 1.14.1-7 - Fix CVE-2025-49175: xorg-x11-server: Out-of-Bounds Read in X Rendering Extension Animated Cursors Resolves: RHEL-97287 - Fix CVE-2025-49176: xorg-x11-server:...