9172 matches found
kernel security update
5.14.0-570.19.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...
mingw-freetype and spice-client-win security update
2.8-3.1 - Fix CVE-2025-27363 Resolves: RHEL-83101...
firefox security update
128.10.0-1.0.1 - Updated to 128.10.0 build Orabug: 37924620 - Fixes CVE-2025-2817 CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 and - CVE-2025-4093 128.9.0-2.0.1 - Update to 128.9.0 build2 Orabug: 37796786CVE-2025-3028CVE-2025-3029 CVE-2025-3030 128.8.0-1.0.1 - Update to 128.8.0 build1 Orabug:...
systemd security update
252-51.0.2 - coredump: use %d in kernel core pattern - CVE-2025-4598...
systemd security update
239-82.0.4.5 - coredump: use %d in kernel core pattern - CVE-2025-4598...
pcs security update
0.11.9-2.el96.1 - rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser CVE-2025-46727...
firefox security update
128.11.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 128.11.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.11.0-1 - Update to 128.11.0...
firefox security update
128.11.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.11.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.11.0-1 - Update to 128.11.0...
kernel security update
4.18.0-553.54.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
pcs security update
0.10.18-2.0.1.el810.5 - Replace HAM-logo.png with a generic one 0.10.18-2.el810.5 - Fixed CVE-2024-52804 by patching bundled Tornado Resolves: RHEL-93167 - Fixed CVE-2025-46727 by updating bundled rubygem rack Resolves: RHEL-90147...
thunderbird security update
128.10.1-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.10.1 - Add OpenELA debranding 128.10.1-1 - Update to 128.10.1...
gstreamer1-plugins-bad-free security update
1.22.12-4 - fix for CVE-2025-3887 Resolves: RHEL-93063...
unbound security update
1.16.2-18 - Prevent unbounded name compression CVE-2024-8508...
kernel security update
5.14.0-570.18.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...
gstreamer1-plugins-bad-free security update
1.16.1-5.0.1 - Update origin URL Orabug: 36209826 1.16.1-5 - fix for CVE-2025-3887 Resolves: RHEL-93051...
libsoup security update
2.62.3-9 - Add patches to improve test reliability - Backport patches for various CVEs Resolves: RHEL-85879 Resolves: RHEL-92280 Resolves: RHEL-93031 Resolves: RHEL-93032...
python-tornado security update
6.4.2-2.2 - tests: add citest.fmf + update gating.yaml Related: RHEL-91999 6.4.2-2.1 - httputil: Raise errors instead of logging in multipart/form-data parsing Resolves: RHEL-91999...
libsoup security update
2.72.0-10.2 - Backport patches for various CVEs Resolves: RHEL-85888 Resolves: RHEL-87081 Resolves: RHEL-88332 Resolves: RHEL-92285...
ghostscript security update
9.54.0-19 - RHEL-88966 CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow 9.54.0-18 - RHEL-18397 CVE-2023-46751 ghostscript: dangling pointer in gdevprnopenprinterseekable - RHEL-67048 CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Spac...
php:8.3 security update
php 8.3.19-1 - rebase to 8.3.19 8.3.15-1 - rebase to 8.3.15 8.3.12-1 - rebase to 8.3.12 RHEL-62189 - enable command history in phpdbg - backport Argon2 password hashing in OpenSSL ext - build sockets extension statically - switch to nikic/php-parser version 5 - openssl: always warn about missing...
expat security update
2.5.0-5 - Fix CVE-2024-8176 - Resolves: RHEL-57489 2.5.0-4 - Fix CVE-2024-50602 - Resolves: RHEL-65066...
redis security update
6.2.18-1 - rebase to 6.2.18 for CVE-2025-21605...
php:8.2 security update
php 8.2.28-1 - rebase to 8.2.28 8.2.25-1 - rebase to 8.2.25 RHEL-65837 8.2.13-1 - rebase to 8.2.13 RHEL-14699 - add %phpize and %phpconfig macros - move httpd/nginx wants directives to config files in /etc - php-fpm.conf: move include directive after global section following upstream example,...
xdg-utils security update
1.1.3-13 - Update documentation for CVE-2022-4055 RHEL-87487 1.1.3-12 - Fix CVE-2022-4055 RHEL-87487...
yelp security update
2:40.3-2.1 - Fix CVE-2025-3155 RHEL-85926...
.NET 8.0 security update
8.0.116-1.0.1 - Add support for Oracle Linux 8.0.116-1 - Update to .NET SDK 8.0.116 and Runtime 8.0.16 - Resolves: RHEL-89448...
.NET 9.0 security update
9.0.106-1.0.1 - Add support for Oracle Linux 9.0.106-1 - Update to .NET SDK 9.0.106 and Runtime 9.0.5 - Resolves: RHEL-89453...
thunderbird security update
128.10.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs...
webkit2gtk3 security update
2.48.2-1 - Update to 2.48.2 - Reenable JIT...
avahi security update
0.8-22 - Fix CVE-2024-52616 RHEL-67722...
compat-openssl11 security update
1:1.1.1k-5.1 - Fixes cve-2023-0286 X.400 address type confusion in X.509 GeneralName Resolves: RHEL-88969 1:1.1.1k-5 - Update expired certificates used in the testsuite Resolves: RHEL-5297...
vim security update
8.2.2637-22.0.1 - Remove upstream references Orabug: 31197557 2:8.2.2637-22 - RHEL-2159 vim: Heap Use After Free in function inscomplgetexp in vim/vim...
grafana security update
10.2.6-13 - Resolves RHEL-89954: CVE-2025-4123 10.2.6-12 - Resolves RHEL-88922: Move home directory of grafana to /var/lib/grafana 10.2.6-11 - Resolves RHEL-84636: CVE-2025-30204 10.2.6-10 - Resolves RHEL-75919: grafana selinux issue with autofst...
libsoup security update
2.72.0-10.1 - Backport patches for various CVEs, plus test improvements Resolves: RHEL-85906 Resolves: RHEL-85912 Resolves: RHEL-85919 Resolves: RHEL-87061 Resolves: RHEL-87069 Resolves: RHEL-87102 Resolves: RHEL-87120 Resolves: RHEL-88364 Resolves: RHEL-88367...
kernel security update
5.14.0-570.16.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...
kernel security update
5.14.0-570.17.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...
nodejs:22 security update
nodejs 1:22.15.0-1 - Update to 22.15.0 - Drop upstream patches Resolves: RHEL-87319 RHEL-86586 1:22.13.1-4 - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87319 1:22.13.1-3 - Update c-ares to newest version with fix for CVE-2025-31498 Resolves: RHEL-86586 1:22.13.1-2 - Remove obsolete lua...
gvisor-tap-vsock security update
0.8.5-1 - Fix CVE-2025-22869 by updating to 0.8.5 - Resolves: RHEL-81313...
php security update
8.0.30-3 - Fix libxml streams use wrong content-type header when requesting a redirected resource CVE-2025-1219 - Fix Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes CVE-2025-1861 - Fix Streams HTTP...
firefox security update
128.10.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 128.10.1 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.10.1-1 - Update to 128.10.1...
firefox security update
128.10.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 128.10.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.10.0-1 - Update to 128.10.0 build1...
nodejs:20 security update
nodejs 1:20.19.1-1 - Update to version 20.19.1 Resolves: RHEL-78764 1:20.18.2-3 - Update c-ares to 1.34.5 to address CVE-2025-31498 nodejs-nodemon nodejs-packaging...
389-ds-base security update
2.6.1-8 - Resolves: RHEL-83876 - CVE-2025-2487 389-ds-base: null pointer dereference leads to denial of service rhel-9.6 2.6.1-7 - Bump version to 2.6.1-7 2.6.1-6 - Resolves: RHEL-86065 - Backport lib389 fixes required for WebUI rhel-9.6.z - Resolves: RHEL-80713 - Increased memory consumption...
webkit2gtk3 security update
2.48.1-1 - Update to 2.48.1 2.48.0-1 - Update to 2.48.0...
kernel security update
4.18.0-553.53.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
gimp security update
2.99.8-4 - Applying fixes for vulnerabilities that led to possible RCE conditions. - Fixes: CVE-2023-44441 CVE-2023-44442 CVE-2023-44443 CVE-2023-44444 - Resolves: RHEL-86049 RHEL-86046 RHEL-86043 RHEL-86040...
git security update
2.47.1-2 - add the option to sanitize sideband channel messages - Resolves: RHEL-84513...
xterm security update
366-10 - Fix CVE-2022-45063 - Resolves: RHEL-87485...
mod_auth_openidc security update
2.4.10-1.el96.1 Resolves: RHEL-86224 - modauthopenidc allows OIDCProviderAuthRequestMethod POSTs to leak protected data CVE-2025-31492...
grafana security update
10.2.6-11 - Resolves RHEL-84636: CVE-2025-30204 10.2.6-10 - Resolves RHEL-75919: grafana selinux issue with autofst...