9185 matches found
buildah security update
1.37.5-1.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.37.5-1 - update to https://github.com/containers/buildah/releases/tag/v1.37.5 - Resolves: RHEL-61857 2:1.37.4-2 - enable CNI - Resolves: RHEL-62107 2:1.37.4-1 - update to...
python3.9 security update
3.9.19-8.1 - Security fix for CVE-2024-6232 Resolves: RHEL-57420...
python3.12-urllib3 security update
1.26.18-2.1 - Security fix for CVE-2024-37891 Resolves: RHEL-59997...
grafana security update
10.2.6-7 - Resolves RHEL-62308: CVE-2024-47875 10.2.6-6 - Resolves: RHEL-57927 10.2.6-5 - Resolves RHEL-47185...
Unbreakable Enterprise kernel security update
5.15.0-300.163.18.7 - Revert 'net/mlx5: disable the 'fast unload' feature on Exadata systems' Qing Huang Orabug: 37285705 - Revert 'net/mlx5: pretend 'fast unload' succeeded on Exadata systems' Qing Huang Orabug: 37285705 5.15.0-300.163.18.6 - x86/fpu: Keep xfdstate in sync with MSRIA32XFD Adamos...
krb5 security update
1.21.1-4.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-4 - libkrad: implement support for Message-Authenticator CVE-2024-3596 Resolves: RHEL-55423 - Fix various issues detected by static analysis Resolves: RHEL-58216 - Remove RSA protocol for PKINIT Resolves: RHEL-15323...
.NET 9.0 security update
9.0.100-1.0.1 - Add support for Oracle Linux 9.0.100-1 - Update to .NET SDK 9.0.100 and Runtime 9.0.0 - Resolves: RHEL-65539 9.0.100rc.2.24474.1-0.7 - Disable bootstrap - Related: RHEL-62776 9.0.100rc.2.24474.1-0.6 - Rebootstrap - Related: RHEL-62776 9.0.100rc.2.24474.1-0.5 - Add missing runtime...
pcp security update
6.2.2-7 - Fix buffer sizing checks in pmstore PDU handling RHEL-57809 - Guard against symlink attacks in pmpost program RHEL-57814 - Fix libpcpweb webgroup slow request refcounting RHEL-58307 - Updated pmdahacluster for newer crmmon versions RHEL-58303...
kernel security update
5.14.0-503.14.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
bubblewrap and flatpak security update
bubblewrap 0.4.1-8 - Backport upstream fix to help address CVE-2024-42472 in flatpak flatpak 1.12.9-3 - Fix previous changelog entry 1.12.9-2 - Backport upstream patches for CVE-2024-42472 - Require bubblewrap version that has new --bind-fd option backported for addressing CVE-2024-42472...
firefox security update
128.4.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 128.4.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.4.0-1 - Update to 128.4.0 build1...
thunderbird security update
128.4.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.4.0 - Add OpenELA debranding 128.4.0-1 - Update to 128.4.0 build1...
NetworkManager-libreswan security update
1.2.22-4 - Unbreak validation of unknown keys 1.2.22-2 - Fix improper escaping of Libreswan configuration CVE-2024-9050...
libvpx security update
1.9.0-8 - Add patch to fix integer overflows. - Disable LTO to fix build - Resolves: RHEL-58144...
libsoup security update
2.72.0-8.el95.2 - Backport upstream patch for CVE-2024-52532 - infinite loop while reading websocket data - Resolves: RHEL-67068 2.72.0-8.el95.1 - Backport upstream patch for CVE-2024-52530 - HTTP request smuggling via stripping null bytes from the ends of header names - Resolves: RHEL-67080...
squid security update
7:5.5-14.3 - Disable ESI support - Resolves: RHEL-65076 - CVE-2024-45802 squid: Denial of Service processing ESI response content 7:5.5-14.2 - Resolves: RHEL-64425 TCPMISSABORTED/100 erros when uploading 7:5.5-14.1 - Resolves: RHEL-62332 - Regression Transfer-encoding:chunked data is not sent to...
openexr security update
3.1.1-2.1 - fix CVE-2023-5481 RHEL-64162...
expat security update
2.5.0-3.1 - Fix CVE-2024-50602 - Resolves: RHEL-65064 2.5.0-3 - Fix CVE-2024-45490, CVE-2024-45491, CVE-2024-45492 - Resolves: RHEL-56761 - Resolves: RHEL-57520 - Resolves: RHEL-57511...
python3.11 security update
3.11.9-7.1 - Security fix for CVE-2024-6232 Resolves: RHEL-57410...
webkit2gtk3 security update
2.46.3-1 - Update to 2.46.3 2.46.2-1 - Update to 2.46.2 - Add patch to disable Evolution sandbox warning 2.46.1-2 - Add patch to keep GSocketMonitor callback alive Resolves: RHEL-59185 2.46.1-1 - Update to 2.46.1 Resolves: RHEL-59185...
python3.12 security update
3.12.5-2.1 - Security fix for CVE-2024-6232 Resolves: RHEL-57415...
webkit2gtk3 security update
2.46.3-1 - Update to 2.46.3...
squid security update
libecap squid 7:4.15-10.3 - Resolves: RHEL-22593 - CVE-2024-23638 squid:4/squid: vulnerable to a Denial of Service attack against Cache Manager error responses 7:4.15-10.2 - Disable ESI support - Resolves: RHEL-65075 - CVE-2024-45802 squid:4/squid: Denial of Service processing ESI response conten...
binutils security update
2.30-125.0.1 - Forward port Oracle patches from 2.30-125 Reviewed-by: Jose E. Marchesi Oracle history:...
jose security update
14-1 - Rebase jose-14 upstream version Resolves: RHEL-38079...
libgcrypt security update
1.10.0-11 - Fix CVE-2024-2236 RHEL-34579...
qemu-kvm security update
9.0.0-10 - kvm-nbd-server-CVE-2024-7409-Avoid-use-after-free-when-c.patch RHEL-52617 - Resolves: RHEL-52617 CVE-2024-7409 qemu-kvm: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure rhel-9.5 9.0.0-9 -...
mingw-glib2 security update
2.78.6-1 - Bump glib2 version 2.78.6 - Fix CVEs: CVE-2024-34397 - Resolves: RHEL-35776...
podman security update
5.2.2-1.0.2 - Bump epoch to ensure upgrade path Orabug: 37240207 5.2.2-1.0.1 - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 2:5.2.2-1 - update to...
httpd security update
2.4.62-1.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.62-1 - new version 2.4.62 - Resolves: RHEL-52724 - Regression introduced by CVE-2024-38474 fix 2.4.59-7 - Resolves: RHEL-49856: htcacheclean.service missing Install section 2.4.59-6 - modssl: restore SSLOPNORENEGOTIA...
oci-seccomp-bpf-hook security update
1.2.10-2 - rebuild - Resolves: RHEL-35939...
cyrus-imapd security update
3.4.8-1 - Update to 3.4.8, fixing CVE-2024-34055...
xorg-x11-server-Xwayland security update
23.2.7-1 - xwayland 23.2.7 - RHEL-29912 21.1.9-7 - CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31083 21.1.9-6 New build to add xorg-x11-server-Xwayland-devel RHEL-25083 21.1.9-5 Fix for CVE-2023-6816, CVE-2024-0229, CVE-2024-21885, CVE-2024-21886, CVE-2024-0408, CVE-2024-0409 21.1.9-4 -...
xorg-x11-server security update
1.20.11-26 - Fix regression caused by the fix for CVE-2024-31083 1.20.11-25 - CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082 and CVE-2024-31083 - Add util-linux as a dependency of Xvfb - Fix compilation error on i686...
freerdp security update
2:2.11.7-1 - Update to 2.11.7 CVE-2024-32039, CVE-2024-32040, CVE-2024-32041, CVE-2024-32458, CVE-2024-32459, CVE-2024-32460, CVE-2024-32658, CVE-2024-32659, CVE-2024-32660, CVE-2024-32661, CVE-2024-32662 2:2.11.2-2 - CVE-2024-22211: Check codec resolution for overflow RHEL-22244...
tpm2-tools security update
5.2-4 - Backport upstream fixes. - tpm2checkquote: Fix check of magic number. CVE-2024-29038 - tpm2checkquote: Add comparison of pcr selection. CVE-2024-29039 - Fix check of magic number. Resolves: RHEL-23198 Resolves: RHEL-41031 Resolves: RHEL-41035...
cockpit security update
323.1-1.0.1 - Replaced upstream urls in documentation with oracle links Orabug: 36528753 - Drop subscription-manager-cockpit requirement for ol Orabug: 34681110 - Remove duplicate reference to server in cockpit Orabug: 34030494 - Update documentation links Orabug: 30271413, Orabug: 32013095,...
python-jwcrypto security update
1.5.6-2 - Disable auto-generation of dependencies Related: RHEL-34809 1.5.6-1 - Rebase to version 1.5.6 Resolve: RHEL-34809...
python3.12-PyMySQL security update
1.1.0-3 - Security fix for CVE-2024-36039 Resolves: RHEL-38371 1.1.0-2 - Rebuilt for timestamp .pyc invalidation mode 1.1.0-4 - Initial package - Fedora contributions by: Benjamin A. Beasley Carl George Damien Ciabrini Haikel Guemar Iryna Shcherbina Itamar Reis Peixoto Julien Enselme Lumir Balhar...
python-jinja2 security update
2.11.3-6 - Security fix for CVE-2024-34064 Resolves: RHEL-35653...
python3.11-PyMySQL security update
1.0.2-2 - Security fix for CVE-2024-36039 Resolves: RHEL-38370...
NetworkManager security update
1.48.10-2.0.1 - disable MPTCP handling by default Orabug: 34801142 - add connectivity check via Oracle servers Orabug: 32051972 1:1.48.10-2 - cloud-setup: Allow bigger restart bursts RHEL-56740 - cloud-setup: Fix Azure swap of primary and secondary IP addresses RHEL-56387 1:1.48.10-1 - Unblock th...
mod_auth_openidc security update
2.4.10-1 Rebase to 2.4.10 version improves state cookies piling up problem Resolves: RHEL-32450 Race condition in modauthopenidc filecache Resolves: RHEL-25422 modauthopenidc: DoS when using OIDCSessionType client-cookie and manipulating cookies CVE-2024-24814...
giflib security update
4.1.6-9.0.1 - Fixes giflib CVE-2023-48161 issue Orabug: 37178930...
python-dns security update
2.6.1-3 - Ensure dns.rdtypes subpackages are available Related: RHEL-32663 2.6.1-2 - Add missing files due to build change from hatchling to setuptools Related: RHEL-32663 2.6.1-1 - Rebase to 2.6.1 Resolves: RHEL-32628, RHEL-32663...
nano security update
5.6.1-6 - fix emergency file replacement vulnerability RHEL-35237...
poppler security update
21.01.0-21 - Fix crash in broken documents when using -dests - Resolves: RHEL-44333 21.01.0-20 - Fix a crash during signing - Resolves: RHEL-31934...
webkit2gtk3 security update
2.44.3-2 - Add patch to fix WebAssembly Resolves: RHEL-32578 2.44.3-1 - Update to 2.44.3 Resolves: RHEL-32578 2.44.2-1 - Update to 2.44.2 Resolves: RHEL-32578 2.44.1-1 - Update to 2.44.1 Resolves: RHEL-32578 Resolves: RHEL-29637 2.42.5-1 - Update to 2.42.5 Resolves: RHEL-3960 2.42.4-1 - Update to...
gtk3 security update
3.24.31-5 - Stop looking for modules in cwd CVE-2024-6655 - Resolves: RHEL-46993 3.24.31-4 - Actually reduce the height of window titlebars 3.24.31-3 - Reduce the height of window titlebars...
krb5 security update
1.21.1-3.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-3 - CVE-2024-37370 CVE-2024-37371 Fix vulnerabilities in GSS message token handling Resolves: RHEL-45402 RHEL-45392...