8990 matches found
php:7.4 security update
libzip 1.6.1-1 - update to 1.6.1 - enable lzma support php 7.4.33-2 - fix low/moderate CVEs RHEL-66589 - Fix cgi.forceredirect configuration is bypassable due to the environment variable collision CVE-2024-8927 - Fix Logs from childrens may be altered CVE-2024-9026 - Fix Erroneous parsing of...
python3.9:3.9.21 security update
3.9.21-1 - Update to 3.9.21 - Security fix for CVE-2024-11168 and CVE-2024-9287 Resolves: RHEL-64888 Resolves: RHEL-67259...
python3.12 security update
3.12.8-1 - Update to 3.12.8 - Security fix for CVE-2024-9287 and CVE-2024-12254 Resolves: RHEL-64880, RHEL-70315...
php:8.1 security update
php 8.1.30-1 - rebase to 8.1.30 RHEL-64144 php-pecl-apcu 5.1.21-1 - update to 5.1.21 for PHP 8.1 2070040 php-pecl-rrd php-pecl-xdebug3 3.1.4-1 - update to 3.1.4 for PHP 8.1 2070040 php-pecl-zip 1.20.1-1 - update to 1.20.1 for PHP 8.1 2070040...
python3.12 security update
3.12.5-2.2 - Security fix for CVE-2024-9287 and CVE-2024-12254 Resolves: RHEL-64885, RHEL-70316...
python3.11 security update
3.11.11-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.11-1 - Update to 3.11.11 Resolves: RHEL-64879...
php:8.2 security update
php 8.2.25-1 - rebase to 8.2.25 RHEL-65837 php-pecl-apcu 5.1.23-1 - update to 5.1.23 for PHP 8.2 RHEL-14699 php-pecl-rrd php-pecl-xdebug3 3.2.2-2 - drop inetntoa usage using upstream patch 3.2.2-1 - update to 3.2.2 for PHP 8.2 RHEL-14699 php-pecl-zip 1.22.3-1 - update to 1.22.3 for PHP 8.2...
kernel security update
5.14.0-503.16.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
php:8.2 security update
libzip php 8.2.25-1 - rebase to 8.2.25 RHEL-66166 php-pear php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip...
kernel security update
4.18.0-553.32.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
postgresql security update
13.18-1 - Update to 13.18...
ruby security update
3.0.7-163 - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: rbhz2322153 3.0.7-162 - Upgrade to Ruby 3.0.7. Resolves: RHEL-35740 - Fix HTTP response splitting in CGI. Resolves: RHEL-35741 - Fix ReDoS vulnerability in URI. Resolves: RHEL-35742 - Fix ReDoS vulnerability in Time. Resolves:...
ruby:2.5 security update
ruby 2.5.9-113.0.1 - Fix REXML ReDoS vulnerability CVE-2024-49761. rubygem-abrt 0.3.0-4 - Execute test suite unconditionally. - Upload correct sources. rubygem-bson rubygem-bundler rubygem-mongo 2.5.1-2 - Disable tests to fix FTBFS by dropped MongoDB module. Resolves: rhbz1710863 rubygem-mysql2...
libsoup security update
2.62.2-2.0.1 - Fixed CVE-2024-52530 for smuggling nullbytes in header names Orabug: 37289659...
ruby:3.1 security update
ruby 3.1.5-145 - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: RHEL-68530 3.1.5-144 - Upgrade to Ruby 3.1.5. Resolves: RHEL-33978 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-34129 - Fix RCE vulnerability with .rdocoptions in RDoc. Resolves: RHEL-34121 - Fix arbitrary...
postgresql:15 security update
pgaudit pgrepack postgres-decoderbufs postgresql 15.10-1 - Update to 15.10 - Fixes: CVE-2024-10976 CVE-2024-10978 CVE-2024-10979...
postgresql:15 security update
pgaudit pgrepack postgres-decoderbufs postgresql 15.10-1 - Update to 15.10 - Fixes: CVE-2024-10976 CVE-2024-10978 CVE-2024-10979...
postgresql:12 security update
pgaudit pgrepack postgres-decoderbufs postgresql 12.22-1 - Update to 12.22 - Fixes: CVE-2024-10976 CVE-2024-10978...
Unbreakable Enterprise kernel security update
4.14.35-2047.543.3 - rds: Add rds stuck shutdown timeout Rohit Nair Orabug: 37214079 - gtp: allow -1 to be specified as file description from userspace Pablo Neira Ayuso - ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin Takashi Iwai - can: bcm: Clear bo-bcmprocread after...
redis:7 security update
7.2.6-1 - rebase to 7.2.6 RHEL-26628 7.0.12-1 - rebase to 7.0.12 2221899 7.0.11-1 - rebase to 7.0.11 for new redis:7 stream 2129826 7.0.11-1 - Upstream 7.0.11 release. 7.0.10-2 - fix modules directory ownership and permissions 2176173 - drop redis-shutdown helper and rely on systemd 2181181...
ruby:3.1 security update
ruby 3.1.5-144 - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: RHEL-68520 rubygem-abrt rubygem-mysql2 rubygem-pg...
postgresql:16 security update
pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3636 pgrepack 1.5.1-1 - Update to 1.5.1 postgres-decoderbufs 2.4.0-1.Final - Initial import for postgresql 16 stream - Related: RHEL-3636 postgresql 16.6-1 - Update to 16.6 - Fixes:...
postgresql:13 security update
pgaudit 1.5.0-1 - Update to version 1.5.0 Related: 1855776 1.4.0-4 - Bump release for rebuild against libpq-12.1-3 1.4.0-3 - BuildRequires libpq-devel 1.4.0-2 - BuildRequires postgresql-server-devel 1.4.0-1 - Update to 1.4.0 1.3.1-1 - Update to 1.3.1 and apply patch for pgsql v12 compatibility...
postgresql:16 security update
pgaudit pgrepack 1.5.1-1 - Update to v1.5.1 pgvector 0.6.2-1 - Initial packaging postgres-decoderbufs postgresql 16.6-1 - Update to 16.6 - Fixes: CVE-2024-10976 CVE-2024-10978 CVE-2024-10979 16.4-2 - Fix build on 16.4 16.4-1 - Update to 16.4 16.1-3 - Remove /var/run/postgresql - Related: RHEL-512...
python3:3.6.8 security update
3.6.8-69.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-69 - Security fix for CVE-2024-11168 Resolves: RHEL-67252 3.6.8-68 - Security fix for CVE-2024-9287 Resolves: RHEL-64878...
tigervnc security update
1.8.0-33.0.3 - xorg-x11-server: xkb: Fix buffer overflow in XkbSetCompatMap CVE-2024-9632Orabug: 37295822...
thunderbird security update
128.5.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 128.5.0 - Add OpenELA debranding 128.5.0-1 - Update to 128.5.0 build1...
thunderbird security update
128.5.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.5.0 - Add OpenELA debranding 128.5.0-1 - Update to 128.5.0 build1...
firefox security update
128.5.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 128.5.1 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.5.1-1 - Update to 128.5.1 128.5.0-1 -...
firefox security update
128.5.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.5.1 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.5.1-1 - Update to 128.5.1 128.5.0-1 - Update to 128.5.0 build1...
python-tornado security update
6.4.2-1 - Update to 6.4.2 Resolves: RHEL-68663...
krb5 security update
1.15.1-55.0.7 - libkrad: implement support for Message-Authenticator CVE-2024-3596 Orabug: 37241077...
tuned security update
2.24.0-2.0.1 - Fix RPS/XPS and busy polling optimization not getting applied Orabug: 32153315 - Fix error in uninstalling tuned Orabug: 351528377 - Updated patch with the more recent version Orabug: 30730976 - Set AMD CPU freq governor to ondemand when unapplying cpu tunings Orabug: 30033199 -...
java-11-openjdk security update
1:11.0.25.0.9-1.0.1 - Update to jdk-11.0.25+9 GA Orabug: 37178930 - Fixes CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235 - Removed patches - 1001-orabug36904359-CVE-2024-21138-fix.patch - 1002-orabug36904359-CVE-2024-21138-fix.patch - 1003-orabug36904359-CVE-2024-21140-fix-part1.patc...
java-1.8.0-openjdk security update
1:1.8.0.432.b06-1.0.1 - Update to shenandoah8u432-b06 Orabug: 37185223 - Fixes CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235 - Removed patches - 1001-orabug36904359-CVE-2024-21131-fix.patch - 1002-orabug36904359-CVE-2024-21138-fix.patch -...
webkit2gtk3 security update
2.46.3-2 - Add patch for CVE-2024-44309...
perl-App-cpanminus:1.7044 security update
perl-App-cpanminus 1.7044-6 - Patch the code to use https instead of http CVE-2024-45321 perl-CPAN-DistnameInfo perl-CPAN-Meta-Check perl-File-pushd perl-Module-CPANfile perl-Parse-PMFile perl-String-ShellQuote perl-App-cpanminus 1.7044-6 - Patch the code to use https instead of http CVE-2024-453...
Unbreakable Enterprise kernel security update
4.1.12-124.92.3 - memcgwriteeventcontrol: fix a user-triggerable oops Al Viro Orabug: 37070674 CVE-2024-45021 - ocfs2: fix races between hole punching and AIO+DIO Su Yue Orabug: 36835819 CVE-2024-40943 4.1.12-124.92.2 - fbdev: savage: Handle err return when savagefbcheckvar failed Cai Xinchen...
webkit2gtk3 security update
2.46.3-2 - Add patch for CVE-2024-44309...
container-tools:ol8 security update
aardvark-dns buildah 2:1.33.11-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/fe85f0d - Resolves: RHEL-61853 2:1.33.10-1 - update to the latest content of...
pam security update
1.3.1-36.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36272695 1.3.1-36 - pamaccess: rework resolving of tokens as hostname. Resolves: CVE-2024-10963 and RHEL-66242 1.3.1-35 - pamunix: always run the helper to obtain shadow password file entries. CVE-2024-10041. Resolves:...
kernel:4.18.0 security update
4.18.0-553.30.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
kernel security update
5.14.0-503.15.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
Unbreakable Enterprise kernel security update
5.4.17-2136.336.5.3.1.el8uek - mm: avoid leaving partial pfn mappings around in error case Linus Torvalds Orabug: 37311329 CVE-2024-47674 - mm: add remappfnrangenotrack Christoph Hellwig Orabug: 37311329 CVE-2024-47674 - mm/memory.c: make remappfnrange reject unaligned addr Alex Zhang Orabug:...
pam:1.5.1 security update
1.5.1-22.0.1 - pamaccess: clean up the remote host matching code Orabug: 36771903 - pamlimits: fix use after free in pamsmopensession Orabug: 36406534 1.5.1-22 - pamaccess: rework resolving of tokens as hostname. Resolves: CVE-2024-10963 and RHEL-66245 1.5.1-21 - pamunix: always run the helper to...
perl-App-cpanminus security update
1.7044-14.1 - Patch the code to use https instead of http CVE-2024-45321 - Resolves: RHEL-56519...
edk2 security update
Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...
xerces-c security update
3.1.1-10.0.1 - back port fix for CVE-2023-37536 Orabug: 37241079...
osbuild-composer security update
118-2.0.1 - Simplify repository names JIRA: OLDIS-35893 118-2 - Ensure build on latest golang: CVE-2024-34156...
python3.9 security update
3.9.19-8.1 - Security fix for CVE-2024-6232 Resolves: RHEL-57420...