9172 matches found
libsoup security update
2.62.2-2.0.5 - Fixes CVE-2025-2784 CVE-2025-4948 CVE-2025-32049 Orabug: 38085184 - CVE-2025-32906 CVE-2025-32911 CVE-2025-32913 CVE-2025-32914 2.62.2-2.0.3 - Fixed CVE-2024-52531 buffer overflow via UTF-8 conversion in - soupheaderparseparamliststrict Orabug: 37557504...
thunderbird security update
128.12.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 128.12.0 - Add OpenELA debranding 128.12.0-1 - Update to 128.12.0 build1...
gimp security update
2:2.8.22-1.0.3 - Fixes CVE-2025-5473 GIMP ICO File Parsing Integer Overflow Orabug: 38110877 - Fixes CVE-2025-48797 Multiple heap buffer overflows in TGA parser - Fixes CVE-2025-48798 Multiple use after free in XCF parser...
thunderbird security update
128.12.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.12.0 - Add OpenELA debranding 128.12.0-1 - Update to 128.12.0 build1...
firefox security update
128.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 128.12.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.12.0-1 - Update to 128.12.0 build1...
firefox security update
128.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.12.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.12.0-1 - Update to 128.12.0 build1...
pam security update
1.3.1-37.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36272695 1.3.1-37 - pamnamespace: fix potential privilege escalation. Resolves: CVE-2025-6020 and RHEL-96724...
sudo security update
1.9.5p2-1.0.1 - Fixes sudo -s unclosed sessions when usepty option used Orabug: 36952911 1.9.5p2-10.1 RHEL 8.10.0.Z ERRATUM - CVE-2025-32462 sudo: LPE via host option Resolves: RHEL-100014...
python3.11 security update
3.11.13-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.13-1 - Update to 3.11.13 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 Resolves: RHEL-98037, RHEL-98006, RHEL-98223, RHEL-98114, RHEL-98200...
python3.9 security update
3.9.21-2.1 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 Resolves: RHEL-98053, RHEL-98025, RHEL-98243, RHEL-98195, RHEL-98219...
python3 security update
3.6.8-70.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-70 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 Resolves: RHEL-98030, RHEL-97987, RHEL-98232, RHEL-98065, RHEL-981...
python3.12 security update
3.12.11-1 - Update to 3.12.11 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 Resolves: RHEL-98040, RHEL-98010, RHEL-97808, RHEL-98070, RHEL-98213...
glibc security update
2.34-168.0.1.20 - Forward-port Oracle patches for ol9-u6 Reviewed-by: Jose E. Marchesi Oracle history:...
libblockdev security update
2.28-7.0.1 - enable btrfs support Orabug: 30792917 2.28-7 - Don't allow suid and dev set on fs resize CVE-2025-6019 Resolves: RHEL-96034...
sudo security update
1.9.5p2-10.1 RHEL 9.6.0.Z ERRATUM - CVE-2025-32462 sudo: LPE via host option Resolves: RHEL-100016...
kernel security update
5.14.0-570.24.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...
osbuild-composer security update
101-4.0.1 - Rebuilt to fix: - CVE-2024-34156 - CVE-2024-1394 - RHEL-24303 - RHEL-57905 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size...
weldr-client security update
35.12-3 - Update test repository snapshot urls rhel 8.10 and remove cs8 repos The snapshots for cs8 have been removed from the service - Rebuild for CVE-2025-22871 Resolves: RHEL-89289...
weldr-client security update
35.12-4 - Bump release for y-stream AND z-stream building using centpkg build --rhel-target=zstream Related: RHEL-89344 35.12-3 - tests: OSTree does not support the qcow2 image type - Add test repositories for RHEL 9.6 and 9.7 - Rebuild for CVE-2025-22871 Resolves: RHEL-89344...
osbuild-composer security update
132.2-2.0.1 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming and set a correct kernel for Oracle Linux Orabug: 37253643 - Support using OCI...
perl-File-Find-Rule security update
0.34-9 - Use 3 arg open in grep CVE-2011-10007 - Package tests...
kernel security update
4.18.0-553.58.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
emacs security update
1:27.2-14.el96.2 - Restore definition of variable 'enable-dir-local-variables' RHEL-92653 1:27.2-14.el96.1 - Bump Z-stream release 1:27.2-14 - Fix arbitrary code execution via Lisp macro expansion RHEL-69399 1:27.2-13 - Bump release 1:27.2-12 - Eliminate use of obsolete patch syntax RHEL-80443...
mod_proxy_cluster security update
1.3.22-1.el96.1 - Resolves: RHEL-81070 Rebase modproxycluster to upstream 1.3.22.Final release 1.3.20-1 - Rebase modcluster to upstream 1.3.20.Final tag - Related: RHEL-27497 - Rebase to upstream 1.3.20.Final release...
perl-YAML-LibYAML security update
1:0.70-2 - Use 3-arg form of open in LoadFile CVE-2025-40908...
krb5 security update
1.21.1-8.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-9 - Do not block HMAC-MD4/5 in FIPS mode Resolves: RHEL-88704 - Don't issue RC4 session keys by default CVE-2025-3576 Resolves: RHEL-88048 - Add PKINIT paChecksum2 from MS-PKCA v20230920 Resolves: RHEL-82647 1.21.1-7 -...
pam security update
1.5.1-25.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36406534 1.5.1-25 - pamnamespace: fix potential privilege escalation. Resolves: CVE-2025-6020 and RHEL-96729...
perl-File-Find-Rule security update
0.34-19.1 - Use 3 arg open in grep CVE-2011-10007 - Package tests...
qt5-qtbase security update
5.15.9-11 - qt5: QtCore Assertion Failure Denial of Service Resolves: RHEL-96233...
libarchive security update
3.5.3-5 - Resolves: CVE-2025-25724...
iputils security update
20210202-11.0.1.1 - Upstream backport 'ping: Add SARESTART to saflags' Orabug: 34573399 20210202-11.1 - Fix CVE-2025-47268 iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping RHEL-94335 20210202-11 - ping: Fix ping6 binding to VRF and address RHEL-57734 20210202-10 -...
perl-FCGI security update
1:0.74-8.0.1 - Fix CVE-2025-40907 integer overflow when parsing FastCGI parameters Orabug: 38047531...
perl-YAML-LibYAML security update
1:0.82-6.1 - Use 3-arg form of open in LoadFile CVE-2025-40908...
libblockdev security update
2.28-14.0.1 - enable btrfs support Orabug: 30792917 2.28-14 - Don't allow suid and dev set on fs resize CVE-2025-6019 Resolves: RHEL-96038...
tigervnc security update
1.14.1-8 - Additional fix to CVE-2025-49176: xorg-x11-server: Integer Overflow in Big Requests Extension Resolves: RHEL-97305 1.14.1-7 - Fix CVE-2025-49175: xorg-x11-server: Out-of-Bounds Read in X Rendering Extension Animated Cursors Resolves: RHEL-97287 - Fix CVE-2025-49176: xorg-x11-server:...
kernel security update
5.14.0-570.23.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...
xorg-x11-server and xorg-x11-server-Xwayland security update
xorg-x11-server 1.20.11-31 - CVE fix for: CVE-2025-49175 RHEL-97289, CVE-2025-49176 RHEL-97311, CVE-2025-49178 RHEL-97388, CVE-2025-49179 RHEL-97410, CVE-2025-49180 RHEL-97255 1.20.11-30 - xfree86: Fix potentially NULL reference to platform device's PCI device Resolves:...
mod_auth_openidc security update
2.4.10-1.el96.2 Resolves: RHEL-95948 - modauthopenidc: DoS via Empty POST in modauthopenidc with OIDCPreservePost Enabled CVE-2025-3891...
xorg-x11-server and xorg-x11-server-Xwayland security update
xorg-x11-server 1.20.11-26 - CVE fix for: CVE-2025-49175 RHEL-97273, CVE-2025-49176 RHEL-97329, CVE-2025-49178 RHEL-97369, CVE-2025-49179 RHEL-97422, CVE-2025-49180 RHEL-97235 xorg-x11-server-Xwayland 21.1.3-18 - CVE fix for: CVE-2025-49175 RHEL-97278, CVE-2025-49176 RHEL-97299, CVE-2025-49178...
tigervnc security update
1.15.0-7 - Additional fix to CVE-2025-49176: xorg-x11-server: Integer Overflow in Big Requests Extension Resolves: RHEL-97294 1.15.0-6 - Fix CVE-2025-49175: xorg-x11-server: Out-of-Bounds Read in X Rendering Extension Animated Cursors Resolves: RHEL-97268 - Fix CVE-2025-49176: xorg-x11-server:...
firefox security update
128.11.0-1.0.1 - Update to 128.11.0 Orabug: 38077559CVE-2025-5263CVE-2025-5264 CVE-2025-5266CVE-2025-5267CVE-2025-5268CVE-2025-5269...
perl-FCGI:0.78 security update
perl-FCGI 1:0.78-12 - Fix CVE-2025-40907 integer overflow when parsing FastCGI parameters perl-FCGI 1:0.78-12 - Fix CVE-2025-40907 integer overflow when parsing FastCGI parameters perl-FCGI 1:0.78-12 - Fix CVE-2025-40907 integer overflow when parsing FastCGI parameters perl-FCGI 1:0.78-12 - Fix...
postgresql security update
9.2.24-9.0.5 - Resolves CVE-2025-1094: Improper neutralization of quoting syntax in certain - libpq functions Orabug: 37843176...
idm:DL1 security update
bind-dyndb-ldap 11.6-6 - Fix rpminspect warnings Resolves: RHEL-22497 custodia ipa 4.9.13-18.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.13-18 - Set krbCanonicalName admin@REALM on the admin user Resolves: RHEL-89895 4.9.13-17 - kdb: keeep ipadbgetconnection from...
apache-commons-beanutils security update
Fri Jun 13 2025 Mikolaj Izdebski - Fix improper access control vulnerability - Resolves: CVE-2025-48734...
ipa security update
4.12.2-14.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 - Add bind to ipa-server-common Requires Orabug: 36518596 4.12.2-14.1 - Resolves: RHEL-89908 EMBARGOED CVE-2025-4404 ipa: Privilege escalation from host to domain admin in FreeIPA - Resolves: RHEL-89144 kdb:...
container-tools:ol8 security update
aardvark-dns buildah 2:1.33.12-2 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/cf49e7c - fixes 'CVE-2025-22871 container-tools:rhel8/buildah: Request smuggling due to acceptance of invalid chunked data in...
kernel security update
3.10.0-1160.119.1.0.9.el7.OL7 - netfilter: ipset: add missing range check in bitmapipuadt Jeongjun Park CVE-2024-53141 Orabug: 37964173 - Update OL SB certificates - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985797...
buildah security update
1.39.4-2.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.39.4-2 - rebuild to fix CVE-2025-22871 buildah: Request smuggling due to acceptance of invalid chunked data in net/http - Resolves: RHEL-89294...
podman security update
5.4.0-10.0.1 - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 5:5.4.0-10 - rebuild to fix CVE-2025-22871 podman: Request smuggling due to acceptance ...