8990 matches found
firefox security update
128.10.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 128.10.1 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.10.1-1 - Update to 128.10.1...
php:8.2 security update
php 8.2.28-1 - rebase to 8.2.28 8.2.25-1 - rebase to 8.2.25 RHEL-65837 8.2.13-1 - rebase to 8.2.13 RHEL-14699 - add %phpize and %phpconfig macros - move httpd/nginx wants directives to config files in /etc - php-fpm.conf: move include directive after global section following upstream example,...
.NET 9.0 security update
9.0.106-1.0.1 - Add support for Oracle Linux 9.0.106-1 - Update to .NET SDK 9.0.106 and Runtime 9.0.5 - Resolves: RHEL-89453...
grafana security update
10.2.6-13 - Resolves RHEL-89954: CVE-2025-4123 10.2.6-12 - Resolves RHEL-88922: Move home directory of grafana to /var/lib/grafana 10.2.6-11 - Resolves RHEL-84636: CVE-2025-30204 10.2.6-10 - Resolves RHEL-75919: grafana selinux issue with autofst...
compat-openssl11 security update
1:1.1.1k-5.1 - Fixes cve-2023-0286 X.400 address type confusion in X.509 GeneralName Resolves: RHEL-88969 1:1.1.1k-5 - Update expired certificates used in the testsuite Resolves: RHEL-5297...
libsoup security update
2.72.0-10.1 - Backport patches for various CVEs, plus test improvements Resolves: RHEL-85906 Resolves: RHEL-85912 Resolves: RHEL-85919 Resolves: RHEL-87061 Resolves: RHEL-87069 Resolves: RHEL-87102 Resolves: RHEL-87120 Resolves: RHEL-88364 Resolves: RHEL-88367...
php security update
8.0.30-3 - Fix libxml streams use wrong content-type header when requesting a redirected resource CVE-2025-1219 - Fix Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes CVE-2025-1861 - Fix Streams HTTP...
kernel security update
5.14.0-570.17.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...
podman security update
5.4.0-9.0.1 - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 5:5.4.0-9 - update to the latest content of...
firefox security update
128.10.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 128.10.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.10.0-1 - Update to 128.10.0 build1...
nodejs:20 security update
nodejs 1:20.19.1-1 - Update to version 20.19.1 Resolves: RHEL-78764 1:20.18.2-3 - Update c-ares to 1.34.5 to address CVE-2025-31498 nodejs-nodemon nodejs-packaging...
firefox security update
128.10.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.10.1 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.10.1-1 - Update to 128.10.1...
mod_auth_openidc security update
2.4.10-1.el96.1 Resolves: RHEL-86224 - modauthopenidc allows OIDCProviderAuthRequestMethod POSTs to leak protected data CVE-2025-31492...
gimp security update
2.99.8-4 - Applying fixes for vulnerabilities that led to possible RCE conditions. - Fixes: CVE-2023-44441 CVE-2023-44442 CVE-2023-44443 CVE-2023-44444 - Resolves: RHEL-86049 RHEL-86046 RHEL-86043 RHEL-86040...
buildah security update
1.39.4-1.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.39.4-1 - update to https://github.com/containers/buildah/releases/tag/v1.39.4 - Resolves: RHEL-85114 2:1.39.3-1 - update to https://github.com/containers/buildah/releases/tag/v1.39.3 - Resolves:...
kernel security update
4.18.0-553.53.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
redis:7 security update
7.2.8-1 - rebase to 7.2.8 for CVE-2025-21605 7.2.7-1 - rebase to 7.2.7 for CVE-2024-46981 and CVE-2024-51741 7.2.6-1 - rebase to 7.2.6 RHEL-26628 7.0.12-1 - rebase to 7.0.12 2221899 7.0.11-1 - rebase to 7.0.11 for new redis:7 stream 2129826...
389-ds-base security update
2.6.1-8 - Resolves: RHEL-83876 - CVE-2025-2487 389-ds-base: null pointer dereference leads to denial of service rhel-9.6 2.6.1-7 - Bump version to 2.6.1-7 2.6.1-6 - Resolves: RHEL-86065 - Backport lib389 fixes required for WebUI rhel-9.6.z - Resolves: RHEL-80713 - Increased memory consumption...
webkit2gtk3 security update
2.48.1-1 - Update to 2.48.1 2.48.0-1 - Update to 2.48.0...
libxslt security update
1.1.34-13.0.1 - Fix memory leak in exclPrefixPush Orabug: 37871881 - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball 1.1.34-13 - Rebuild for z-stream/0day - Resolves: RHEL-83514 - Resolves: RHEL-85988 1.1.34-12 - Include alloc changes into previous patch RHEL-83514...
osbuild-composer security update
132.2-1.0.1 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming and set a correct kernel for Oracle Linux Orabug: 37253643 - Support using OCI...
grafana security update
10.2.6-11 - Resolves RHEL-84636: CVE-2025-30204 10.2.6-10 - Resolves RHEL-75919: grafana selinux issue with autofst...
skopeo security update
2:1.18.1-1 - update to the latest content of https://github.com/containers/skopeo/tree/release-1.18 https://github.com/containers/skopeo/commit/bfd0850 - fixes 'CVE-2025-27144 skopeo: Go JOSE's Parsing Vulnerable to Denial of Service rhel-9.6.z' - Resolves: RHEL-82972...
git security update
2.47.1-2 - add the option to sanitize sideband channel messages - Resolves: RHEL-84513...
xterm security update
366-10 - Fix CVE-2022-45063 - Resolves: RHEL-87485...
ghostscript security update
9.54.0-18 - RHEL-18397 CVE-2023-46751 ghostscript: dangling pointer in gdevprnopenprinterseekable - RHEL-67048 CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space - RHEL-67053 CVE-2024-46954 ghostscript: Directory Traversal in Ghostscript via Overlong...
osbuild-composer security update
101-3.0.1 - Rebuilt to fix: - CVE-2024-34156 - CVE-2024-1394 - RHEL-24303 - RHEL-57905 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size...
webkit2gtk3 security update
2.48.2-1 - Update to 2.48.2 - Reenable JavaScriptCore JIT...
grafana security update
9.2.10-23 - Resolves RHEL-89949: CVE-2025-4123...
compat-openssl10 security update
1.1.0.2o-4.1 - Fix CVE-2023-0286 X.400 address type confusion in X.509 GeneralName Resolves: RHEL-9699...
redis:6 security update
6.2.18-1.0.1 - Build with 64k pages to support redis on both UEK6 and UEK7 on aarch64 6.2.18-1 - rebase to 6.2.18 for CVE-2025-21605...
.NET 8.0 security update
8.0.116-1.0.1 - Add support for Oracle Linux 8.0.116-1 - Update to .NET SDK 8.0.116 and Runtime 8.0.16 - Resolves: RHEL-89446...
ruby:2.5 security update
ruby 2.5.9-114 - Fix integer overflow in searchinrange function in regexec.c CVE-2019-19012. Resolves: RHEL-87505 rubygem-abrt rubygem-bson rubygem-bundler 1.16.1-5 - Fix unexpected code execution in Gemfiles CVE-2021-43809 Resolves: RHEL-87017 rubygem-mongo rubygem-mysql2 rubygem-pg...
.NET 9.0 security update
9.0.106-1.0.1 - Add support for Oracle Linux 9.0.106-1 - Update to .NET SDK 9.0.106 and Runtime 9.0.5 - Resolves: RHEL-89451 9.0.105-2 - Update to .NET SDK 9.0.105 and Runtime 9.0.4 - Resolves: RHEL-85279...
yelp and yelp-xsl security update
yelp 2:3.28.1-3.1 - Fix CVE-2025-3155 RHEL-85922 yelp-xsl 3.28.0-2.1 - Fix CVE-2025-3155 RHEL-85922...
libjpeg-turbo security update
1.5.3-14 - updated previous fix RHEL-87364 1.5.3-13 - fix CVE-2020-13790: heap-based buffer over-read in getrgbrow RHEL-87364...
kernel security update
4.18.0-553.52.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
emacs security update
1:27.2-11.el95.2 - Fix arbitrary code execution via Lisp macro expansion RHEL-69395...
java-1.8.0-openjdk security update
1:1.8.0.442.b06-1.0.3 - Fixed CVE-2025-21587, CVE-2025-30691 and CVE-2025-30698 Orabug: 37840723...
Unbreakable Enterprise kernel security update
6.12.0-1.23.3.1 - x86/bhi: Do not set BHIDISS in 32-bit mode Pawan Gupta Orabug: 37920680 - x86/bpf: Add IBHF call at end of classic BPF Daniel Sneddon Orabug: 37920680 - x86/bpf: Call branch history clearing sequence on exit Daniel Sneddon Orabug: 37920680 - selftest/x86/bugs: Add selftests for...
thunderbird security update
128.10.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file - Force use of gcc-toolset-13 due to clang dependency 128.10.0 - Add OpenELA debranding 128.10.0-1 - Update to 128.10.0 build1...
Unbreakable Enterprise kernel security update
5.15.0-308.179.6.2 - x86/bhi: Do not set BHIDISS in 32-bit mode Pawan Gupta Orabug: 37920681 - x86/bpf: Add IBHF call at end of classic BPF Daniel Sneddon Orabug: 37920681 - x86/bpf: Call branch history clearing sequence on exit Daniel Sneddon Orabug: 37920681 - selftest/x86/bugs: Add selftests f...
python39:3.9 security update
modwsgi 4.7.1-7.1 - Resolves: RHEL-87514 - CVE-2022-2255 python39:3.9/modwsgi: Trusted Proxy Headers Removing Bypass numpy python39 python3x-pip python3x-setuptools python3x-six python-cffi python-chardet python-cryptography python-idna python-lxml python-ply python-psutil python-psycopg2...
Unbreakable Enterprise kernel security update
5.15.0-308.179.6 - net: bridge: IP defragmentation failing for jumboframes Venkat Venkatsubra Orabug: 37847171 - uek-rpm: remove .el9 from shim version Samasth Norway Ananda Orabug: 37834731 - RDS: avoid using offlined CPU during reconnect Arumugam Kolappan Orabug: 37783021 - net/mlx5e: Rely on...
Unbreakable Enterprise kernel security update
5.4.17-2136.343.5.1 - nvme: fix deadlock between reset and scan Bitao Hu Orabug: 37920457 5.4.17-2136.343.5 - sctp: sysctl: authenable: avoid using current-nsproxy Matthieu Baerts NGI0 Orabug: 37846673 - sctp: sysctl: cookiehmacalg: avoid using current-nsproxy Matthieu Baerts NGI0 Orabug: 3784666...
osbuild-composer security update
118.2-1.0.1 - jwt-go allows excessive memory allocation during header parsing CVE-2025-30204...
mod_auth_openidc:2.3 security update
cjose modauthopenidc 2.4.9.4-8 - Resolves: RHEL-87759 - Empty POST causes crash with OIDCPreservePost...
thunderbird security update
128.9.2-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file - Force use of gcc-toolset-13 due to clang dependency 128.9.2 - Add OpenELA debranding 128.9.2-1 - Update to 128.9.2...
libtiff security update
4.0.9-34 - fix CVE-2017-17095: heap-based buffer overflow in pal2rgb RHEL-87363...
ruby security update
3.0.7-165 - Fix Denial of Service in CGI::Cookie.parse. CVE-2025-27219 Resolves: RHEL-86104 - Fix ReDoS in CGI::UtilescapeElement. CVE-2025-27220 Resolves: RHEL-86130 3.0.7-164 - Undefine GC compaction methods on ppc64le. Resolves: RHEL-83136 - Fix printing warnings when using IRB from a script...