8990 matches found
buildah security update
1.37.5-1.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.37.5-1 - update to https://github.com/containers/buildah/releases/tag/v1.37.5 - Resolves: RHEL-61857 2:1.37.4-2 - enable CNI - Resolves: RHEL-62107 2:1.37.4-1 - update to...
cups security update
1:2.3.3op2-31 - RHEL-60343 CVE-2024-47175 cups: remote command injection via attacker controlled data in PPD file...
python3.11-urllib3 security update
1.26.12-2.1 - Security fix for CVE-2024-37891 Resolves: RHEL-59990...
podman security update
5.2.2-9.0.1 - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 4:5.2.2-9 - update to the latest content of...
python3.12-urllib3 security update
1.26.18-2.1 - Security fix for CVE-2024-37891 Resolves: RHEL-59997...
tigervnc security update
1.14.1-1 - 1.14.1 Resolves: RHEL-66600 - Fix CVE-2024-9632: xorg-x11-server: heap-based buffer overflow privilege escalation vulnerability Resolves: RHEL-62000...
grafana security update
10.2.6-7 - Resolves RHEL-62308: CVE-2024-47875 10.2.6-6 - Resolves: RHEL-57927 10.2.6-5 - Resolves RHEL-47185...
krb5 security update
1.21.1-4.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-4 - libkrad: implement support for Message-Authenticator CVE-2024-3596 Resolves: RHEL-55423 - Fix various issues detected by static analysis Resolves: RHEL-58216 - Remove RSA protocol for PKINIT Resolves: RHEL-15323...
squid security update
7:3.5.20-17.0.3 - Disable ESI support CVE-2024-45802Orabug: 37289058...
grafana-pcp security update
5.1.1-9 - Resolves: RHEL-57932 5.1.1-8 - Add a premade uwsgi dashboard for the vector datasource...
Unbreakable Enterprise kernel security update
5.15.0-300.163.18.7 - Revert 'net/mlx5: disable the 'fast unload' feature on Exadata systems' Qing Huang Orabug: 37285705 - Revert 'net/mlx5: pretend 'fast unload' succeeded on Exadata systems' Qing Huang Orabug: 37285705 5.15.0-300.163.18.6 - x86/fpu: Keep xfdstate in sync with MSRIA32XFD Adamos...
pcp security update
6.2.2-7 - Fix buffer sizing checks in pmstore PDU handling RHEL-57809 - Guard against symlink attacks in pmpost program RHEL-57814 - Fix libpcpweb webgroup slow request refcounting RHEL-58307 - Updated pmdahacluster for newer crmmon versions RHEL-58303...
kernel security update
5.14.0-503.14.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
.NET 9.0 security update
9.0.100-1.0.1 - Add support for Oracle Linux 9.0.100-1 - Update to .NET SDK 9.0.100 and Runtime 9.0.0 - Resolves: RHEL-65539 9.0.100rc.2.24474.1-0.7 - Disable bootstrap - Related: RHEL-62776 9.0.100rc.2.24474.1-0.6 - Rebootstrap - Related: RHEL-62776 9.0.100rc.2.24474.1-0.5 - Add missing runtime...
squid security update
7:5.5-14.3 - Disable ESI support - Resolves: RHEL-65076 - CVE-2024-45802 squid: Denial of Service processing ESI response content 7:5.5-14.2 - Resolves: RHEL-64425 TCPMISSABORTED/100 erros when uploading 7:5.5-14.1 - Resolves: RHEL-62332 - Regression Transfer-encoding:chunked data is not sent to...
python3.11 security update
3.11.9-7.1 - Security fix for CVE-2024-6232 Resolves: RHEL-57410...
openexr security update
3.1.1-2.1 - fix CVE-2023-5481 RHEL-64162...
python3.12 security update
3.12.5-2.1 - Security fix for CVE-2024-6232 Resolves: RHEL-57415...
NetworkManager-libreswan security update
1.2.22-4 - Unbreak validation of unknown keys 1.2.22-2 - Fix improper escaping of Libreswan configuration CVE-2024-9050...
webkit2gtk3 security update
2.46.3-1 - Update to 2.46.3 2.46.2-1 - Update to 2.46.2 - Add patch to disable Evolution sandbox warning 2.46.1-2 - Add patch to keep GSocketMonitor callback alive Resolves: RHEL-59185 2.46.1-1 - Update to 2.46.1 Resolves: RHEL-59185...
expat security update
2.5.0-3.1 - Fix CVE-2024-50602 - Resolves: RHEL-65064 2.5.0-3 - Fix CVE-2024-45490, CVE-2024-45491, CVE-2024-45492 - Resolves: RHEL-56761 - Resolves: RHEL-57520 - Resolves: RHEL-57511...
firefox security update
128.4.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 128.4.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.4.0-1 - Update to 128.4.0 build1...
bubblewrap and flatpak security update
bubblewrap 0.4.1-8 - Backport upstream fix to help address CVE-2024-42472 in flatpak flatpak 1.12.9-3 - Fix previous changelog entry 1.12.9-2 - Backport upstream patches for CVE-2024-42472 - Require bubblewrap version that has new --bind-fd option backported for addressing CVE-2024-42472...
libvpx security update
1.9.0-8 - Add patch to fix integer overflows. - Disable LTO to fix build - Resolves: RHEL-58144...
thunderbird security update
128.4.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.4.0 - Add OpenELA debranding 128.4.0-1 - Update to 128.4.0 build1...
libsoup security update
2.72.0-8.el95.2 - Backport upstream patch for CVE-2024-52532 - infinite loop while reading websocket data - Resolves: RHEL-67068 2.72.0-8.el95.1 - Backport upstream patch for CVE-2024-52530 - HTTP request smuggling via stripping null bytes from the ends of header names - Resolves: RHEL-67080...
webkit2gtk3 security update
2.46.3-1 - Update to 2.46.3...
squid security update
libecap squid 7:4.15-10.3 - Resolves: RHEL-22593 - CVE-2024-23638 squid:4/squid: vulnerable to a Denial of Service attack against Cache Manager error responses 7:4.15-10.2 - Disable ESI support - Resolves: RHEL-65075 - CVE-2024-45802 squid:4/squid: Denial of Service processing ESI response conten...
binutils security update
2.30-125.0.1 - Forward port Oracle patches from 2.30-125 Reviewed-by: Jose E. Marchesi Oracle history:...
giflib security update
4.1.6-9.0.1 - Fixes giflib CVE-2023-48161 issue Orabug: 37178930...
freerdp security update
2:2.11.7-1 - Update to 2.11.7 CVE-2024-32039, CVE-2024-32040, CVE-2024-32041, CVE-2024-32458, CVE-2024-32459, CVE-2024-32460, CVE-2024-32658, CVE-2024-32659, CVE-2024-32660, CVE-2024-32661, CVE-2024-32662 2:2.11.2-2 - CVE-2024-22211: Check codec resolution for overflow RHEL-22244...
lldpd security update
1.0.18-3 - Add lldpd-devel package RHEL-22127 1.0.18-2 - Remove networkd gating test RHEL-25990...
vim security update
8.2.2637-21.0.1 - Remove upstream references Orabug: 31197557 2:8.2.2637-21 - RHEL-40602 CVE-2021-3903 vim: heap-based buffer overflow vulnerability...
xorg-x11-server-Xwayland security update
23.2.7-1 - xwayland 23.2.7 - RHEL-29912 21.1.9-7 - CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31083 21.1.9-6 New build to add xorg-x11-server-Xwayland-devel RHEL-25083 21.1.9-5 Fix for CVE-2023-6816, CVE-2024-0229, CVE-2024-21885, CVE-2024-21886, CVE-2024-0408, CVE-2024-0409 21.1.9-4 -...
python3.11-PyMySQL security update
1.0.2-2 - Security fix for CVE-2024-36039 Resolves: RHEL-38370...
skopeo security update
2:1.16.1-1 - update to https://github.com/containers/skopeo/releases/tag/v1.16.1 - Related: RHEL-27608 2:1.16.0-1 - update to https://github.com/containers/skopeo/releases/tag/v1.16.0 - Resolves: RHEL-47197 RHEL-44886 RHEL-40812 2:1.15.2-1 - update to...
libvirt security update
10.5.0-7.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 10.5.0-7 - qemu: Refactor default panic model RHEL-56451 - qemu: Sometimes the default panic model doesn't exist RHEL-56451 - qemu: Use pvpanic by default on aarch64 RHEL-56451 10.5.0-6 - udevListInterfaces: Honour array length fo...
openssl and openssl-fips-provider security update
openssl 1:3.2.2-6.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream references Orabug: 34340177 1:3.2.2-6 - rebuilt Related: RHEL-55339 1:3.2.2-5 - Fix CVE-2024-6119: Possible denial of service i...
containernetworking-plugins security update
1:1.5.1-2 - rebuild for CVE-2024-24791 - Resolves: RHEL-47166 1:1.5.1-1 - update to https://github.com/containernetworking/plugins/releases/tag/v1.5.1 - Related: RHEL-27608 1:1.5.0-1 - update to https://github.com/containernetworking/plugins/releases/tag/v1.5.0 - Related: RHEL-27608 1:1.4.1-1 -...
bcc security update
0.30.0-6 - Rebuild with LLVM 18 RHEL-28684 0.30.0-5 - Drop python3-pyelftools dependency on s390x until it is available 0.30.0-4 - Exclude btrfs and f2fs libbpf tools RHEL-36579 0.30.0-3 - Really prevent the loading of compromised headers RHEL-28769, CVE-2024-2314 - Add python3-pyelftools...
edk2 security update
20240524-6.0.1 - Replace upstream references Orabug:36569119 20240524-6 - edk2-OvmfPkg-CpuHotplugSmm-delay-SMM-exit.patch RHEL-56974 - edk2-Bumped-openssl-submodule-version-to-0205b5898872.patch RHEL-55336 - Resolves: RHEL-56974 qemu-kvm: warning: Blocked re-entrant IO on MemoryRegion:...
cockpit security update
323.1-1.0.1 - Replaced upstream urls in documentation with oracle links Orabug: 36528753 - Drop subscription-manager-cockpit requirement for ol Orabug: 34681110 - Remove duplicate reference to server in cockpit Orabug: 34030494 - Update documentation links Orabug: 30271413, Orabug: 32013095,...
qemu-kvm security update
9.0.0-10 - kvm-nbd-server-CVE-2024-7409-Avoid-use-after-free-when-c.patch RHEL-52617 - Resolves: RHEL-52617 CVE-2024-7409 qemu-kvm: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure rhel-9.5 9.0.0-9 -...
python-jwcrypto security update
1.5.6-2 - Disable auto-generation of dependencies Related: RHEL-34809 1.5.6-1 - Rebase to version 1.5.6 Resolve: RHEL-34809...
runc security update
4:1.1.13-4 - rebuild against new golang - Resolves: RHEL-46380 4:1.1.13-3 - rebuild against golang-1.22.4 - Resolves: RHEL-46380 4:1.1.13-2 - rebuild - Resolves: RHEL-46380 4:1.1.13-1 - update to https://github.com/opencontainers/runc/releases/tag/v1.1.13 - Related: RHEL-27608 4:1.1.12-2 - Switch...
poppler security update
21.01.0-21 - Fix crash in broken documents when using -dests - Resolves: RHEL-44333 21.01.0-20 - Fix a crash during signing - Resolves: RHEL-31934...
webkit2gtk3 security update
2.44.3-2 - Add patch to fix WebAssembly Resolves: RHEL-32578 2.44.3-1 - Update to 2.44.3 Resolves: RHEL-32578 2.44.2-1 - Update to 2.44.2 Resolves: RHEL-32578 2.44.1-1 - Update to 2.44.1 Resolves: RHEL-32578 Resolves: RHEL-29637 2.42.5-1 - Update to 2.42.5 Resolves: RHEL-3960 2.42.4-1 - Update to...
cyrus-imapd security update
3.4.8-1 - Update to 3.4.8, fixing CVE-2024-34055...
python-dns security update
2.6.1-3 - Ensure dns.rdtypes subpackages are available Related: RHEL-32663 2.6.1-2 - Add missing files due to build change from hatchling to setuptools Related: RHEL-32663 2.6.1-1 - Rebase to 2.6.1 Resolves: RHEL-32628, RHEL-32663...
python3.12 security update
3.12.5-2 - Security fix for CVE-2024-8088 Resolves: RHEL-55963 3.12.5-1 - Update to 3.12.5 - Security fix for CVE-2024-6923 Resolves: RHEL-53041 3.12.4-3 - Properly propagate the optimization flags to C extensions 3.12.4-2 - Build Python with -O3 -...