9173 matches found
keepalived security update
2.2.8-3 - Validate vrrp ipset names for CVE-2024-41184 Resolves: RHEL-49557...
bzip2 security update
1.0.8-10 - Revert the previous commit introduced a regression Resolves: CVE-2019-12900 1.0.8-9 - Fix out of bounds access in BZ2decompress Resolves: RHEL-65198...
libsoup security update
2.62.3-7 - Backport upstream patch for CVE-2024-52531 - buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict Resolves: RHEL-76376...
git-lfs security update
3.4.1-4 - Backport CVE-2024-53263 fixes - Resolves: RHEL-73931...
unbound security update
1.16.2-5.8 - Prevent unbounded name compression CVE-2024-8508 1.16.2-5.7 - Rebuild to propagate to CentOS Stream RHEL-25500...
gstreamer1-plugins-base and gstreamer1-plugins-good security update
gstreamer1-plugins-base 1.10.4-2.0.1 - Fixed CVE-2024-47607,CVE-2024-47538 and CVE-2024-47615 Orabug: 37407070 gstreamer1-plugins-good 1.10.4-2.0.1 - Fixes CVE-2024-47537, CVE-2024-47540, CVE-2024-47613 and - CVE-2024-47607 Orabug: 37407070...
libsoup security update
2.72.0-8.3 - Backport upstream patch for CVE-2024-52531 - buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict Resolves: RHEL-76381...
mariadb:10.5 security update
galera Judy mariadb 3:10.5.27-1 - Rebase to 10.5.27 3:10.5.26-1 - Rebase to 10.5.26 3:10.5.25-1 - Rebase to 10.5.25...
bzip2 security update
1.0.6-28 - The previous fix caused some regressions - Use an updated patch that deals with the original issue+the regressions Resolves: RHEL-71140...
redis security update
6.2.17-1 -- rebase to 6.2.17 for CVE-2024-46981 6.2.16-1 - rebase to 6.2.16 RHEL-26627...
keepalived security update
2.1.5-10 - CVE-2024-41184 Resolves: RHEL-49561...
mariadb:10.11 security update
galera 26.4.20-1 - Rebase to 26.4.20 26.4.19-1 - Rebase to 26.4.19 26.4.18-1 - Rebase to 26.4.18 Judy mariadb 3:10.11.10-1 - Rebase to 10.11.10 3:10.11.9-1 - Rebase to 10.11.9...
python-jinja2 security update
2.10.1-6 - Security fix for CVE-2024-56326 Resolves: RHEL-74677...
gimp:2.8 security update
gimp 2:2.28.22-26 - bump spec pygobject2 2.28.7-5 - bump spec to fix NVR pygtk2 2.24.0-25 - Fix shebang mangling for prefix=app 1907579 - disable numpy for flatpak 1907579 python2-pycairo 1.16.3-7 - bump spec for NVR fix...
redis:7 security update
7.2.7-1 - rebase to 7.2.7 for CVE-2024-46981 and CVE-2024-51741...
Unbreakable Enterprise kernel security update
5.15.0-304.171.4.3 - NFSD: Limit the number of concurrent async COPY operations Chuck Lever Orabug: 37516381 CVE-2024-49974 - NFSD: Async COPY result needs to return a write verifier Chuck Lever Orabug: 37516381 CVE-2024-49974 - security/keys: fix slab-out-of-bounds in keytaskpermission Chen Rido...
iperf3 security update
3.1.7-3.0.1 - Fixes Improper JSON Handling CVE-2024-53580 Orabug: 37495333...
unbound security update
1.6.6-5.0.1 - Fix CVE-2023-50387 and CVE-2023-50868 Orabug: 37387426...
java-21-openjdk security update for RHEL 8.10, 9.4 and 9.5
1:21.0.6.0.7-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.6.0.7-1 - Update to jdk-21.0.6+7 GA - Update release notes to 21.0.6+7 - Sync the copy of the portable & devkit specfiles with the latest update - Include the latest devkit patches - Update README.md to list an easier way of...
java-17-openjdk security update for RHEL 8.6, 8.8, 8.10, 9.4 and 9.5
1:17.0.14.0.7-3.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.14.0.7-3 - Set rpmrelease to 3 - Revert 'Require tzdata-java 2024b at runtime and for build' 1:17.0.14.0.7-2 - Do not pass nil to jvmdir macro in cjc logic - Related: RHEL-73867 1:17.0.14.0.7-2 - Adapt to newest cjc to fix...
python-jinja2 security update
2.11.3-7 - Security fix for CVE-2024-56326 Resolves: RHEL-74690...
redis:6 security update
6.2.17-1.0.1 - Build with 64k pages to support redis on both UEK6 and UEK7 on aarch64 6.2.17-1 - rebase to 6.2.17 for CVE-2024-46981 6.2.16-1 - rebase to 6.2.16 RHEL-66165...
git-lfs security update
3.4.1-4 - Backport CVE-2024-53263 fixes - Resolves: RHEL-73936...
kernel security update
5.14.0-503.22.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
grafana security update
9.2.10-21 - Resolves RHEL-72881: CVE-2025-21614 - Resolves RHEL-72869: CVE-2025-21613...
.NET 9.0 security update
9.0.102-1.0.1 - Add support for Oracle Linux 9.0.102-1 - Update to .NET SDK 9.0.102 and Runtime 9.0.1 - Resolves: RHEL-71551...
.NET 8.0 security update
8.0.112-1.0.1 - Add support for Oracle Linux 8.0.112-1 - Update to .NET SDK 8.0.112 and Runtime 8.0.12 - Resolves: RHEL-71554...
Security and bug fixes for NetworkManager
1.48.10-5.0.1 - disable MPTCP handling by default Orabug: 34801142 - add connectivity check via Oracle servers Orabug: 32051972 1:1.48.10-5 - vpn: Support routing rules in vpn conenctions RHEL-73167 - vpn: Place gateway route to table defined in ipvx.route-table RHEL-73166 1:1.48.10-4 - Remove...
firefox security update
128.6.0-1.0.1 - Update to 128.6.0 build1 Orabug: 37460830CVE-2025-0237CVE-2025-0238 CVE-2025-0239CVE-2025-0240CVE-2025-0241CVE-2025-0242CVE-2025-0243 - Enable PipeWire camera support for RHEL 10 + backport upstream fixes for PipeWire camera support Fixes: RHEL-64749...
ipa security update
4.12.2-1.0.1.3 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 - Add bind to ipa-server-common Requires Orabug: 36518596 4.12.2-1.3 - Resolves: RHEL-69928 add support for python cryptography 44.0.0 - Resolves: RHEL-70258 Upgrade to ipa-server-4.12.2-1.el9 OTP-based bind to LDAP...
rsync security update
3.2.3-20.1 - Resolves: RHEL-72495 - Info Leak via Uninitialized Stack Contents...
rsync security update
3.1.3-20 - Resolves: RHEL-70157 - Info Leak via Uninitialized Stack Contents...
raptor2 security update
2.0.15-17 - Resolves: CVE-2024-57823 integer underflow when normalizing a URI with the turtle parser...
fence-agents security update
4.10.0-76.4 - bundled jinja2: fix CVE-2024-56201 and CVE-2024-56326 Resolves: RHEL-72070, RHEL-72063...
raptor2 security update
2.0.15-32 - Bump NVR 2.0.15-31 - Resolves: CVE-2024-57823 integer underflow when normalizing a URI with the turtle parser...
Bug fix of NetworkManager
1:1.40.16-18.0.1 - disable MPTCP handling by default Orabug: 35081472 - Fix ignore-carrier logic Orabug: 34956744 - Disable regeneration of the documentation Orabug: 34712048 - add connectivity check via Oracle servers Orabug: 32051972 - Disable the build of NetworkManager-config-connectivity-...
thunderbird security update
128.6.0-3.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 128.6.0 - Add OpenELA debranding 128.6.0-3 - Update to 128.6.0 build3 128.6.0-1 - Update to 128.6.0 build1...
Unbreakable Enterprise kernel security update
5.15.0-304.171.4 - Revert 'unicode: Don't special case ignorable code points' Linus Torvalds - Revert 'mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K' Aurelien Jarno - tcp: Fix use-after-free of nreq in reqsktimerhandler. Kuniyuki Iwashima - lib/buildid: Fix build ID parsing logic Jiri...
Unbreakable Enterprise kernel security update
5.4.17-2136.339.5 - tracing/kprobes: Skip symbol counting logic for module symbols in createlocaltracekprobe Nikolay Kuratov - vhostscsi: log write descriptors Dongli Zhang Orabug: 37393533 - vhost-scsi: protect vq-logbase with vq-mutex Dongli Zhang Orabug: 37393533 5.4.17-2136.339.4 - RDMA/bnxtr...
kernel security update
5.14.0-503.21.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
python-virtualenv security update
15.1.0-7.0.1 - Fixes CVE-2024-53899 Quote template strings in activation scripts Orabug: 37396464...
firefox security update
128.6.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.6.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.6.0-1 - Update to 128.6.0 build1...
firefox security update
128.6.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 128.6.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.6.0-1 - Update to 128.6.0 build1...
dpdk security update
23.11-2 - Backport fixes for CVE-2024-11614 RHEL-68601...
dpdk security update
23.11-2 - Backport fixes for CVE-2024-11614 RHEL-68600...
iperf3 security update
3.5-11 - Resolves: RHEL-72924 - Denial of Service in iperf Due to Improper JSON Handling...
webkit2gtk3 security update
2.46.5-1 - Update to 2.46.5...
thunderbird security update
128.6.0-3.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.6.0 - Add OpenELA debranding 128.6.0-3 - Update to 128.6.0 build3 128.6.0-1 - Update to 128.6.0 build1...
cups security update
1:2.2.6-62 - RHEL-60338 CVE-2024-47175 cups: remote command injection via attacker controlled data in PPD file...
webkit2gtk3 security update
2.46.5-1 - Update to 2.46.5...