8990 matches found
python3.11 security update
3.11.9-7 - Security fix for CVE-2024-8088 Resolves: RHEL-55959 3.11.9-6 - Security fix for CVE-2024-6923 Resolves: RHEL-53038 3.11.9-5 - Properly propagate the optimization flags to C extensions 3.11.9-4 - Build Python with -O3 - https://fedoraproject.org/wiki/Changes/PythonbuiltwithgccO3 3.11.9-...
kernel security update
5.14.0-503.11.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
podman security update
5.2.2-1.0.2 - Bump epoch to ensure upgrade path Orabug: 37240207 5.2.2-1.0.1 - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 2:5.2.2-1 - update to...
mod_auth_openidc security update
2.4.10-1 Rebase to 2.4.10 version improves state cookies piling up problem Resolves: RHEL-32450 Race condition in modauthopenidc filecache Resolves: RHEL-25422 modauthopenidc: DoS when using OIDCSessionType client-cookie and manipulating cookies CVE-2024-24814...
fontforge security update
20201107-6 - Resolves: RHEL-26716 - CVE-2024-25081 and CVE-2024-25082 fontforge: various flaws...
python-jinja2 security update
2.11.3-6 - Security fix for CVE-2024-34064 Resolves: RHEL-35653...
gnome-shell and gnome-shell-extensions security update
gnome-shell 40.10-21 - Only open portal login in response to user action Resolves: RHEL-39098 40.10-20 - Fix inhibit-shortcut permissions Resolves: RHEL-2031 40.10-19 - Use correct bus name for screencast service Related: RHEL-35775 gnome-shell-extensions 40.7-19 - Extend workspace buttons to...
jose security update
14-1 - Rebase jose-14 upstream version Resolves: RHEL-38079...
iperf3 security update
3.9-13 - Resolves: RHEL-29579 - vulnerable to marvin attack if the authentication option is used 3.9-12 - Resolves: RHEL-39975 - possible denial of service 3.9-11 - Related: 2223676 - bumping version for correct update path...
bluez security update
5.72-2 - Bump release to rebuild for RHEL-9.5 5.72-1 - Update to 5.72...
mingw-glib2 security update
2.78.6-1 - Bump glib2 version 2.78.6 - Fix CVEs: CVE-2024-34397 - Resolves: RHEL-35776...
oci-seccomp-bpf-hook security update
1.2.10-2 - rebuild - Resolves: RHEL-35939...
NetworkManager security update
1.48.10-2.0.1 - disable MPTCP handling by default Orabug: 34801142 - add connectivity check via Oracle servers Orabug: 32051972 1:1.48.10-2 - cloud-setup: Allow bigger restart bursts RHEL-56740 - cloud-setup: Fix Azure swap of primary and secondary IP addresses RHEL-56387 1:1.48.10-1 - Unblock th...
emacs security update
1:27.2-10 - Disable xwidgets RHEL-14551 - org-file-contents: Consider all remote files unsafe CVE-2024-30205 - Make Gnus treats inline MIME contents as untrusted CVE-2024-30203 - Add protection for LaTeX preview CVE-2024-30204 - org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code...
gtk3 security update
3.24.31-5 - Stop looking for modules in cwd CVE-2024-6655 - Resolves: RHEL-46993 3.24.31-4 - Actually reduce the height of window titlebars 3.24.31-3 - Reduce the height of window titlebars...
libgcrypt security update
1.10.0-11 - Fix CVE-2024-2236 RHEL-34579...
httpd security update
2.4.62-1.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.62-1 - new version 2.4.62 - Resolves: RHEL-52724 - Regression introduced by CVE-2024-38474 fix 2.4.59-7 - Resolves: RHEL-49856: htcacheclean.service missing Install section 2.4.59-6 - modssl: restore SSLOPNORENEGOTIA...
postfix security update
2:3.5.25-1 - New version Resolves: RHEL-20023 - Dropped upstreamed patches...
tpm2-tools security update
5.2-4 - Backport upstream fixes. - tpm2checkquote: Fix check of magic number. CVE-2024-29038 - tpm2checkquote: Add comparison of pcr selection. CVE-2024-29039 - Fix check of magic number. Resolves: RHEL-23198 Resolves: RHEL-41031 Resolves: RHEL-41035...
nano security update
5.6.1-6 - fix emergency file replacement vulnerability RHEL-35237...
xorg-x11-server security update
1.20.11-26 - Fix regression caused by the fix for CVE-2024-31083 1.20.11-25 - CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082 and CVE-2024-31083 - Add util-linux as a dependency of Xvfb - Fix compilation error on i686...
bpftrace security update
0.21.1-1 - Rebase on bpftrace 0.21.1 - Add LLVM 18 support RHEL-28685 0.20.4-3 - Fix latest build not built in side tag 0.20.4-2 - Rebuild for bcc 0.30.0-4 0.20.4-1 - Rebase on bpftrace 0.20.4 - Fix CVE allowing unprivileged users loading of compromised linux headers RHEL-28765, CVE-2024-2313 -...
python3.12-PyMySQL security update
1.1.0-3 - Security fix for CVE-2024-36039 Resolves: RHEL-38371 1.1.0-2 - Rebuilt for timestamp .pyc invalidation mode 1.1.0-4 - Initial package - Fedora contributions by: Benjamin A. Beasley Carl George Damien Ciabrini Haikel Guemar Iryna Shcherbina Itamar Reis Peixoto Julien Enselme Lumir Balhar...
krb5 security update
1.21.1-3.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-3 - CVE-2024-37370 CVE-2024-37371 Fix vulnerabilities in GSS message token handling Resolves: RHEL-45402 RHEL-45392...
buildah security update
1.37.2-1.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.37.2-1 - update to https://github.com/containers/buildah/releases/tag/v1.37.2 - Related: RHEL-27608 2:1.37.1-1 - update to https://github.com/containers/buildah/releases/tag/v1.37.1 - Related: RHEL-276...
microcode_ctl security update
20240910-1.0.1 - switch upstream to 9 Stream sources for simplicity - don't bother calling dracut if virtualized Orabug: 35710094 - ensure UEK also rebuilds initramfs Orabug: 34280058 - add support for UEK7 kernels - enable early update for 06-4f-01 - remove no longer appropriate caveats for...
python3.9 security update
3.9.19-8 - Security fix for CVE-2024-8088 Resolves: RHEL-55967 3.9.19-7 - Security fix for CVE-2024-6923 Resolves: RHEL-53045 3.9.19-6 - Ensure 3rd party extension modules for the debug build use the -O0 flag 3.9.19-5 - Properly propagate the optimization flags to C extensions 3.9.19-4 - Build...
grafana security update
10.2.6-4 - Resolves RHEL-44874 10.2.6-3 - Resolves RHEL-35937 10.2.6-2 - Fixes patch 1002 for update to golang-fips - Remove unused code under apsl-1.1 and apsl-1.2 licenses - Resolves RHEL-33655 10.2.6-1 - Rebase to grafana 10.2.6 9.2.10-15 - Resolves RHEL-23468 - Allows for gid to be 0 - Allows...
libsoup security update
2.62.3-6 - Backport upstream patch for CVE-2024-52530 - HTTP request smuggling via stripping null bytes from the ends of header names - Backport upstream patch for CVE-2024-52530 - infinite loop while reading websocket data - Resolves: RHEL-67076 - Resolves: RHEL-67067...
cups-filters security update
1.0.35-29.0.3 - Unsupport cups-browsed service - CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 Orabug: 37217141...
expat security update
2.2.5-16.0.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-16 - Fix CVE-2024-50602 - Resolves: RHEL-65062...
tigervnc security update
1.13.1-14 - Fix CVE-2024-9632: xorg-x11-server: heap-based buffer overflow privilege escalation vulnerability Resolves: RHEL-61999...
Unbreakable Enterprise kernel security update
5.4.17-2136.337.5 - net/mlx5: disable the 'fast unload' feature on Exadata systems Qing Huang Orabug: 37093177 5.4.17-2136.337.4 - ocfs2: reserve space for inline xattr before attaching reflink tree Gautham Ananthakrishna Orabug: 37199020 - Revert 'ocfs2: ocfs2 crash due to invalid hnextleafblk...
gstreamer1-plugins-base security update
1.16.1-4.0.1 - Update origin URL Orabug: 36209826 1.16.1-4 - CVE-2024-4453 gstreamer1: EXIF Metadata Parsing Integer Overflow - Resolves: RHEL-38509...
Unbreakable Enterprise kernel security update
5.15.0-302.167.6 - ice: Add a per-VF limit on number of FDIR filters Ahmed Zaki Orabug: 36964088 CVE-2024-42291 - scsi: lpfc: Fix a possible null pointer dereference Huai-Yuan Liu Orabug: 36964437 CVE-2024-43821 - power: reset: pwr-mlxbf: support graceful shutdown Asmaa Mnebhi Orabug: 37208029 -...
podman security update
4.9.4-16.0.1 - Fixes issue of podman execvp error while using podmansh Orabug: 36073625 - Improved saving remote build context to tarfile in Podman daemon Orabug: 36495655 - Add devices on container startup, not on creation - Backport fast gzip for compression Orabug: 36420418 - overlay: Put shou...
bzip2 security update
1.0.6-27.0.1 - CVE-2019-12900: Accept as many selectors as the file format allows Orabug: 37266061 1.0.6-27 - Fixes out of bounds access in BZ2decompress RHEL-64929...
Unbreakable Enterprise kernel security update
4.14.35-2047.542.2 - fs/dcache: allow fractional values in fs.negative-dentry-limit Gautham Ananthakrishna Orabug: 37156524 - lib/math: move intpow from pwmbl.c for wider use Andy Shevchenko Orabug: 37156524 4.14.35-2047.542.1 - genirq/cpuhotplug: Retry with cpuonlinemask when migration fails...
firefox security update
128.4.0-1.0.1 - Update to 128.4.0 build1 Orabug: 37236498CVE-2024-10458CVE-2024-10459 CVE-2024-10460CVE-2024-10461CVE-2024-10462CVE-2024-10463 CVE-2024-10464CVE-2024-10465CVE-2024-10466CVE-2024-10467...
NetworkManager-libreswan security update
1.2.4-2.0.1 - Fix improper escaping of Libreswan configuration CVE-2024-9050Orabug: 37206712...
python-idna security update
2.4-1.0.1 - Fixed CVE 2024-3651 Orabug: 37206964...
edk2 security update
20231122-6.0.1.el94.4 - Replace upstream references Orabug:36569119 20231122-6.el94.4 - edk2-Bumped-openssl-submodule-version-to-0205b5898872.patch RHEL-55337 - Resolves: RHEL-55337 CVE-2024-6119 edk2/openssl: Possible denial of service in X.509 name checks rhel-9.4.z...
grafana-pcp security update
5.1.1-9 - Resolves RHEL-61780: CVE-2024-9355...
python-gevent security update
1.2.2-5 - Avoid printing TypeError traceback - gevent.pywsgi: Much improved handling of chunk trailers Backport fix for CVE-2023-41419 Resolves: RHEL-17078...
container-tools:ol8 security update
aardvark-dns buildah cockpit-podman conmon containernetworking-plugins containers-common 1-82.0.1 - Updated removed references Orabug: 33473101 Alex Burmashev - Adjust registries.conf Nikita Gerasimov - remove references to RedHat registry Nikita Gerasimov container-selinux criu crun fuse-overlay...
libtiff security update
4.4.0-12.1 - fix CVE-2024-7006 a null pointer dereference in tifdirinfo RHEL-52931...
bcc security update
0.25.0-9 - Really prevent the loading of compromised headers RHEL-28768, CVE-2024-2314 0.25.0-8 - Check header ownership RHEL-28768...
bpftrace security update
0.16.0-6 - Fix security hole checking unpacked kernel headers CVE-2024-2313 - Resolves: RHEL-28764...
python3.12 security update
3.12.6-1 - Update to 3.12.6 Resolves: RHEL-57405...
krb5 security update
1.18.2-30.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.18.2-30 - libkrad: implement support for Message-Authenticator CVE-2024-3596 Resolves: RHEL-50253 - Remove RSA protocol for PKINIT Resolves: RHEL-17616...