8990 matches found
python3.12 security update
3.12.5-2.3 - Security fix for CVE-2024-7592 Resolves: RHEL-85300...
libxslt security update
1.1.32-6.1.0.1 - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball 1.1.32-6.1 - Fix CVE-2024-55549 RHEL-83506 - Fix CVE-2025-24855 RHEL-83492...
tomcat security update
1:9.0.87-2.el95.1 - Resolves: RHEL-82946 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT CVE-2025-24813 - Resolves: RHEL-71719 tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379...
python3.11 security update
3.11.9-7.3 - Security fix for CVE-2024-7592 Resolves: RHEL-85299...
firefox security update
128.9.0-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 128.9.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.9.0-2 - Update to 128.9.0 build2 128.9.0...
firefox security update
128.9.0-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.9.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.9.0-2 - Update to 128.9.0 build2 128.9.0-1 - Update to 128.9.0 build1...
expat security update
2.5.0-3.3 - Improve fix for CVE-2024-8176 - Resolves: RHEL-57488 2.5.0-3.2 - Fix CVE-2024-8176 - Resolves: RHEL-57488...
kernel security update
5.14.0-503.35.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
python-jinja2 security update
2.10.1-7 - Security fix for CVE-2025-27516 Resolves: RHEL-85066...
libreoffice security update
1:7.1.8.1-15.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Added the --with-hamcrest option to configure. 1:7.1.8.1-15 - Fix CVE-2025-1080 Filter out more unwanted command URIs...
tigervnc security update
1.8.0-33.0.5 - Fix CVE-2025-26594 xorg-x11-server Use-after-free of the root cursor Orabug: 37712725 - Fix CVE-2025-26595 xorg-x11-server Buffer overflow in XkbVModMaskText - Fix CVE-2025-26596 xorg-x11-server Heap overflow in XkbWriteKeySyms - Fix CVE-2025-26597 xorg-x11-server Buffer overflow i...
freetype security update
2.10.4-10 - Fix for CVE-2025-27363 out-of-bound write vulnerability - Patch initially by Marc Deslauriers of Canonical - https://www.openwall.com/lists/oss-security/2025/03/14/3 - Adjusted for EL9 by Jonathan Wright of AlmaLinux - and a member of the Meta security team - Resolves: RHEL-83105...
freetype security update
2.9.1-10 - Fix CVE-2025-27363 Out-of-bounds Write - Resolves: RHEL-83094...
python-jinja2 security update
2.11.3-8 - Security fix for CVE-2025-27516 Resolves: RHEL-85064...
kernel security update
3.10.0-1160.119.1.0.7 - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices Benot Sevens CVE-2024-53197 Orabug: 37686305 - can: bcm: Fix UAF in bcmprocshow YueHaibing CVE-2023-52922 Orabug: 37686305 - HID: core: zero-initialize the report buffer Benot Sevens...
grafana security update
10.2.6-9 - Resolves RHEL-84634: CVE-2025-30204...
nginx:1.24 security update
1.24.0-4.0.1.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 1:1.24.0-4.1 - Resolves: RHEL-84480 - nginx:1.24/nginx: specially crafted MP4 file may cause denial of service CVE-2024-7347 1:1.24.0-4 - Resolves: RHEL-49350 - nginx worker...
nginx:1.22 security update
1.22.1-8.0.1.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 1:1.22.1-8.1 - Resolves: RHEL-84486 - nginx:1.22/nginx: specially crafted MP4 file may cause denial of service CVE-2024-7347 1:1.22.1-8 - Resolves: RHEL-49349 - nginx worker...
podman security update
5.2.2-15.0.1 - podman: do not set rlimits to the default value Orabug: 37310981 - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 4:5.2.2-15 - update ...
container-tools:ol8 security update
aardvark-dns buildah cockpit-podman conmon containernetworking-plugins containers-common 1-82.0.1 - Updated removed references Orabug: 33473101 Alex Burmashev - Adjust registries.conf Nikita Gerasimov - remove references to RedHat registry Nikita Gerasimov 2:1-82 - update vendored components -...
kernel security update
4.18.0-553.46.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
kernel security update
5.14.0-503.34.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
fence-agents security update
4.10.0-76.6 - fenceibmvpc: refresh bearer-token if token data is corrupt, and avoid edge-case of writing empty token file Resolves: RHEL-83487 4.10.0-76.5 - bundled jinja2: fix CVE-2025-27516 Resolves: RHEL-82712...
libxslt security update
1.1.34-9.0.1.el95.1 - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball 1.1.34-9.1 - Fix CVE-2025-24855 RHEL-83501...
emacs security update
1:24.3-23.0.1.1 - Fix CVE-2025-1244 man.el shell injection vulnerability Orabug: 37658579...
postgresql:12 security update
pgaudit postgres-decoderbufs postgresql 12.22-3 - Fix backport for CVE-2025-1094 12.22-2 - Backport fix for CVE-2025-1094...
Unbreakable Enterprise kernel security update
5.4.17-2136.341.3.3 - ima: Fix use-after-free on a dentry's dname.name Stefan Berger Orabug: 37727037 CVE-2024-39494 5.4.17-2136.341.3.2 - ocfs2: fix slab-use-after-free due to dangling pointer dqipriv Dennis Lam Orabug: 37707634 CVE-2024-57892 - ocfs2: correct return value of ocfs2localfreeinfo...
libxml2 security update
2.9.1-6.0.5 - Fix CVE-2024-56171 Orabug: 37694105 - Fix CVE-2025-24928 Orabug: 37694105 2.9.1-6.0.3 - Rebuild to include attribution logo Orabug: 33024216 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-6.6 - Fix CVE-2016-4658 1966916...
kernel security update
4.18.0-553.45.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
libreoffice security update
1:6.4.7.2-19.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:6.4.7.2-19 - Fix CVE-2025-1080 Filter out more unwanted command URIs 6.4.7.2 - Remove Red Hat branding - Change vendor to RESF...
pcs security update
0.10.18-2.0.1.el810.4 - Replace HAM-logo.png with a generic one 0.10.18-2.el810.4 - Fixed CVE-2024-52804 by patching bundled Tornado Resolves: RHEL-81924...
webkit2gtk3 security update
2.46.6-2 - Add patch for CVE-2025-24201...
grub2 security update
2.06-94.0.1 - Rework the scripts to cover both in-place upgrade and update scenarios Orabug: 36768566 - Restore correct order of processing config files Orabug: 36758359 - Support setting custom kernels as default kernels Orabug: 36043978 - Bump SBAT metadata for grub to 3 Orabug: 34872719 - Fix...
thunderbird security update
128.8.0-2.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.8.0 - Add OpenELA debranding 128.8.0-2 - Update to 128.8.0 build5 128.8.0-1 - Update to 128.8.0 build1...
webkit2gtk3 security update
2.46.6-2 - Add patch for CVE-2025-24201...
firefox security update
128.8.0-1.0.1 - Update to 128.8.0 build1 Orabug: 37700882CVE-2025-1930CVE-2025-1931 CVE-2025-1932CVE-2025-1933CVE-2025-1934CVE-2025-1935CVE-2025-1936 CVE-2025-1937CVE-2025-1938...
thunderbird security update
128.8.0-2.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 128.8.0 - Add OpenELA debranding 128.8.0-2 - Update to 128.8.0 build5 128.8.0-1 - Update to 128.8.0 build1...
krb5 security update
1.18.2-31.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.18.2-31 - Prevent overflow when calculating ulog block size CVE-2025-24528 Resolves: RHEL-78248 - kdb5util: fix DB entry flags on modification Resolves: RHEL-56060...
python3 security update
3.6.8-21.0.3 - Fix DoS parsing crafted tarfile headers Orabug: 37626372CVE-2024-6232 - Disable testsocket in the PGO profile task...
kernel security update
3.10.0-1160.119.1.0.6.el7.OL7 - media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat Benoit Sevens CVE-2024-53104 Orabug: 37584712...
.NET 9.0 security, bug fix, and enhancement update
9.0.104-1.0.1 - Add support for Oracle Linux 9.0.104-1 - Update to .NET SDK 9.0.104 and Runtime 9.0.3 - Resolves: RHEL-81649...
.NET 8.0 security, bug fix, and enhancement update
8.0.114-1.0.1 - Add support for Oracle Linux 8.0.114-1 - Update to .NET SDK 8.0.114 and Runtime 8.0.14 - Resolves: RHEL-81639...
pcs security update
0.11.8-1.el95.2 - Fixed CVE-2024-52804 by patching bundled Tornado Resolves: RHEL-81924...
gcc security update
4.8.5-45.0.1 - Orabug: 37603707 ELSA-2025-1601 Moderate: gcc security update CVE-2020-11023 rebuild for CVE-2020-11023 - Reviewed-by: Jose E. Marchesi 4.8.5-44.0.5 - fix arm cross building inline issue. gcc48-cfns-fix-protos.patch - Reviewed-by: Jose E. Marchesi 4.8.5-44.0.3 - Orabug: 31505739...
.NET 9.0 security, bug fix, and enhancement update
9.0.104-1.0.1 - Add support for Oracle Linux 9.0.104-1 - Update to .NET SDK 9.0.104 and Runtime 9.0.3 - Resolves: RHEL-81645...
.NET 8.0 security, bug fix, and enhancement update
8.0.114-1.0.1 - Add support for Oracle Linux 8.0.114-1 - Update to .NET SDK 8.0.114 and Runtime 8.0.14 - Resolves: RHEL-81640...
libxml2 security update
2.9.7-19 - Fix CVE-2024-56171 RHEL-80122 - Fix CVE-2025-24928 RHEL-80137 2.9.7.18.2 - Fix CVE-2022-49043 RHEL-76289 2.9.7-18.1 - Fix CVE-2024-25062 RHEL-31056...
libxml2 security update
2.9.13-6.2 - Fix CVE-2024-56171 RHEL-80128 - Fix CVE-2025-24928 RHEL-80143...
kernel security update
5.14.0-503.31.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
Unbreakable Enterprise kernel security update
5.4.17-2136.341.3.1 - Revert 'NFSD: Limit the number of concurrent async COPY operations' Sherry Yang Orabug: 37667080 5.4.17-2136.341.3 - iouring: fix possible deadlock in ioregisteriowqmaxworkers Hagar Hemdan Orabug: 37565787 - iouring/rw: fix missing NOWAIT check for ODIRECT start write Jens...