8984 matches found
dovecot security update
1:2.3.16-15.1 - fix CVE-2026-27858: denial of service via crafted message before authentication RHEL-161639 - fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command RHEL-162287 - fix CVE-2026-27857: denial of service via specially crafted NOOP...
dovecot security update
1:2.3.16-7 - fix CVE-2026-27858: denial of service via crafted message before authentication RHEL-161630 - fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command RHEL-162282 - fix CVE-2026-27857: denial of service via specially crafted NOOP...
fence-agents security update
4.10.0-98.13 - bundled pyasn1: fix CVE-2026-30922 Resolves: RHEL-157201 4.10.0-98.12 - bundled cryptography: replace with dependency to fix CVE-2026-26007 - bundled PyJWT: upgrade to v2.12.1 to fix CVE-2026-32597 Resolves: RHEL-148436, RHEL-155675...
libsoup security update
2.72.0-12.6 - Backport patch for CVE-2026-5119...
fence-agents security update
4.16.0-13.4 - bundled pyasn1: replace with dependency to fix CVE-2026-30922 - bundled PyJWT: upgrade to v2.12.1 to fix CVE-2026-32597 Resolves: RHEL-157186, RHEL-155667...
libsoup security update
2.62.3-14 - Backport patch for CVE-2026-5119 - Run testsuite during RPM check phase...
freeipmi security update
1.6.17-1 - Update to 1.6.17 1.6.14-6 - .fmf/version: Add fmf metadtata root 1.6.14-5 - gating: RHEL-10: Add OSCI testing...
tigervnc security update
1.15.0-9 - Fix CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002, CVE-2026-34003 xorg-x11-server: various XKB and XSYNC vulnerabilities Resolves: RHEL-163203 Resolves: RHEL-163271 Resolves: RHEL-163257 - Fix CVE-2026-34352 Resolves: RHEL-167760...
corosync security update
3.1.9-2.1 - Resolves: RHEL-163801 - Resolves: RHEL-163822 - totemsrp: Return error if sanity check fails fixes CVE-2026-35091 - totemsrp: Fix integer overflow in membjoinsanity fixes CVE-2026-35092...
openssh security update
8.7p1-49.0.1 - Upstream references found with /usr/bin/ssh Orabug: 37814929 - upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand Orabug: 37647064 - Update upstream references Orabug: 36564626 8.7p1-49 - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in...
LibRaw security update
0.19.5-6 - Backport fix for CVE-2026-24660 from upstream Resolves: RHEL-165412 0.19.5-5 - Backport fixes for CVE-2026-20889 and CVE-2026-21413 from upstream - Migrate to SPDX license Resolves: RHEL-165404, RHEL-165408...
kernel security update
5.14.0-611.54.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
systemd security update
257-13.0.1.el101.3 - Fix detection of Oracle Virtualization or BM envs Orabug: 37531877 - Avoid udevadm warnings when using udev valid configs Orabug: 37503197 - allow dm remove ioctl to co-operate with UEK3 Orabug: 18467469 - set 'RemoveIPC=no' in logind.conf as default Orabug: 22224874 - Fix...
systemd security update
252-55.0.3.el97.9 - serialize: don't allocate 1M on the stack just like that LINUX-16166 - Route logs from container mapped uids to the system journal Orabug: 38135007 - Drop delay when nspawn fails to reset loginuid Orabug: 37793135 - Improve logging for api bus connection and subscribers Orabug...
perl-XML-Parser security update
2.41-10.0.3 - Security update for CVE-2006-10002 and CVE-2006-10003 Orabug: 39220442...
dovecot security update
1:2.3.21-16.1 - fix CVE-2026-27858: denial of service via crafted message before authentication RHEL-161625 - fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command RHEL-162273 - fix CVE-2026-27857: denial of service via specially crafted NOOP...
kernel security update
4.18.0-553.123.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
osbuild-composer security update
149-6.0.1 - Add missing dependency over dracut-config-rescue for image-installer Orabug: 38587453 - Add OL10 support - Update repository URLs for baseos, appstream and UERK - Fix the label for UEKR repository - Simplify repository names JIRA: OLDIS-35893 - Ensure build on latest golang:...
openssh security update
8.0p1-29.0.1 - Update upstream references Orabug: 36587718 8.0p1-29 - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Resolves: RHEL-164743 - CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode multiplexing sessions Resolves:...
openssh security update
9.9p1-14.0.1 - Upstream references found with /usr/bin/ssh Orabug: 37824421 9.9p1-14 - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Resolves: RHEL-164738 - CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode multiplexing...
kernel security update
6.12.0-124.55.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
python-tornado security update
6.5.5-1.1 - Update to 6.5.5 Resolves: RHEL-160941...
libcap security update
2.48-6.1 - Fix TOCTOU race condition in capsetfile CVE-2026-4878 Resolves: RHEL-169304...
python-tornado security update
6.5.5-1.1 - Update to 6.5.5 Resolves: RHEL-160934...
thunderbird security update
140.10.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.10.0 - Add OpenELA debranding 140.10.0-1 - Update to 140.10.0 ESR...
python3 security update
3.6.8-21.0.11 - Security update CVE-2026-4519 Orabug: 39246828...
python security update
2.7.5-94.0.7 - Fix for CVE-2026-4519 Orabug: 39243798...
Unbreakable Enterprise kernel security update: Copy Fail
6.12.0-201.74.2.2 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl Herbert Xu Orabug: 39292190 - crypto: authencesn - Fix src offset when decrypting in-place Herbert Xu Orabug: 39292190 - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption Herbert Xu...
Unbreakable Enterprise kernel security update: Copy Fail
5.4.17-2136.354.4.2 - crypto: algifaead - Fix minimum RX size check for decryption Herbert Xu Orabug: 39292250 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl Herbert Xu Orabug: 39292250 - crypto: authencesn - Fix src offset when decrypting in-place Herbert Xu Orabug: 39292250 -...
Unbreakable Enterprise kernel security update: Copy Fail
5.15.0-319.201.4.4 - crypto: algifaead - Fix minimum RX size check for decryption Herbert Xu Orabug: 39291961 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl Herbert Xu Orabug: 39291961 - crypto: authencesn - Fix src offset when decrypting in-place Herbert Xu Orabug: 39291961 -...
fence-agents security update
4.2.1-129.25 - bundled cryptography: replace with dependency to fix CVE-2026-26007 - bundled PyJWT: replace with dependency to fix CVE-2026-32597 - bundled pyasn1: fix CVE-2026-30922 Resolves: RHEL-148431, RHEL-155670, RHEL-157189...
xorg-x11-server-Xwayland security update
21.1.3-20 - CVE fix for: CVE-2026-33999, CVE-2026-34000, CVE-2026-34001 CVE-2026-34002, CVE-2026-34003 Resolves: https://redhat.atlassian.net/browse/RHEL-163191 Resolves: https://redhat.atlassian.net/browse/RHEL-163287 Resolves: https://redhat.atlassian.net/browse/RHEL-163245...
libcap security update
2.69-7.1 - Fix TOCTOU race condition in capsetfile CVE-2026-4878 Resolves: RHEL-169301...
libcap security update
2.48-10.1 - Fix TOCTOU race condition in capsetfile CVE-2026-4878 Resolves: RHEL-169311...
sudo security update
1.9.5p2-15 RHEL 9.7.0 ERRATUM - CVE-2026-35535 - Privilege escalation due to failure in privilege drop calls Resolves: RHEL-166065...
dtrace security update
2.0.7-4 - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap if section header data is corrupted. CVE-2026-21996. Orabug: 39121874 - Ensure safety checks are performed on program header data from ELF...
thunderbird security update
140.10.0-1.0.1 - Add Oracle prefs 140.10.0-1 - Update to 140.10.0 ESR...
grafana-pcp security update
5.3.0-4 - Resolves RHEL-166433: CVE-2026-32282 - Resolves RHEL-167474: CVE-2026-32283...
libtiff security update
4.4.0-15.3 - fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile RHEL-159330...
dtrace security update
2.0.7-4 - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap if section header data is corrupted. CVE-2026-21996. Orabug: 39121874 - Ensure safety checks are performed on program header data from ELF...
dtrace security update
2.0.7-4 - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap if section header data is corrupted. CVE-2026-21996. Orabug: 39121874 - Ensure safety checks are performed on program header data from ELF...
libtiff security update
4.6.0-6.3 - fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile RHEL-159309...
vim security update
8.2.2637-23.0.1.el97.3 - Remove upstream references Orabug: 31197557 2:8.2.2637-23.3 - Resolves: RHEL-164965 vim: arbitrary command execution via modeline sandbox bypass 2:8.2.2637-23.2 - RHEL-155437 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin -...
PackageKit security update
1.1.12-8.0.1 - removed rhel-Vendor.conf.patch 1.1.12-8 - Backport fix for CVE-2026-41651. - Resolves: RHEL-170493...
grafana security update
10.2.6-21 - Resolves RHEL-166655: CVE-2026-32282 - Resolves RHEL-167660: CVE-2026-32283...
vim security update
8.0.1763-22.0.1.el810.3 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-22.3 - Relates: RHEL-164956 vim: arbitrary command execution via modeline sandbox bypass 2:8.0.1763-22.2 - Resolves: RHEL-164956 vim...
xorg-x11-server security update
1.20.11-28 - CVE fix for: CVE-2026-33999, CVE-2026-34000, CVE-2026-34001 CVE-2026-34002, CVE-2026-34003 Resolves: https://redhat.atlassian.net/browse/RHEL-163216 Resolves: https://redhat.atlassian.net/browse/RHEL-163298 Resolves: https://redhat.atlassian.net/browse/RHEL-163229...
grafana-pcp security update
5.1.1-14 - Resolves RHEL-166656: CVE-2026-32282 - Resolves RHEL-167661: CVE-2026-32283...
sudo security update
1.9.5p2-1.0.1.el810.5 - Fixes sudo -s unclosed sessions when usepty option used Orabug: 36952911 1.9.5p2-1.5 RHEL 8.10.0.Z ERRATUM - CVE-2026-35535 - Privilege escalation due to failure in privilege drop calls Resolves: RHEL-166060 1.9.5p2-1.3 RHEL 8.10.0.Z ERRATUM - sudo passes SHELL environment...
grafana security update
10.2.6-25 - Resolves RHEL-166432: CVE-2026-32282 - Resolves RHEL-167473: CVE-2026-32283...