8998 matches found
kernel security update
5.14.0-427.35.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
Unbreakable Enterprise kernel security update
4.14.35-2047.540.4.1 - Revert 'selftests/kcmp: Make the test output consistent and clear' Samasth Norway Ananda Orabug: 37029311 4.14.35-2047.540.4 - kdb: Use the passed prompt in kdbpositioncursor Douglas Anderson - ipvs: Avoid unnecessary calls to skbisgsosctp Ismael Luceno - printk: add kthrea...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.335.4.el8 - mm: memcg/slab: enable kmalloc-cg- caches for x8664. Imran Khan Orabug: 36951041 - printk: add kthread for long-running print Stephen Brennan Orabug: 36456582 - kdb: Use the passed prompt in kdbpositioncursor Douglas Anderson - driver core: Fix ueventshow vs driver detach...
Unbreakable Enterprise kernel security update
5.4.17-2136.335.4 caches for x8664. Imran Khan Orabug: 36951041 - printk: add kthread for long-running print Stephen Brennan Orabug: 36456582 - kdb: Use the passed prompt in kdbpositioncursor Douglas Anderson - driver core: Fix ueventshow vs driver detach race Dan Williams - pinctrl: ti:...
dovecot security update
1:2.3.16-11.1 - fix CVE-2024-23184: using a large number of address headers may trigger a denial of service RHEL-55211 - fix CVE-2024-23185: very large headers can cause resource exhaustion when parsing message RHEL-55225...
qt5-qtbase security update
5.9.7-5.0.1 - Backport fix for CVE-2024-39936 Orabug: 36904373...
glib2 security update
2.68.4-14.1 - Fix CVE-2024-34397, signal subscription vulnerabilities - Resolves: RHEL-56979...
java-11-openjdk security update
1:11.0.23.0.9-2.0.3 - Fixes below CVE's - CVE-2024-21131 Improve-UTF8-String-supports - CVE-2024-21138 Better-symbol-storage - Fixes malformed control flow openjdk bug8303466 - CVE-2024-21140 Improved-loop-handling - CVE-2024-21144 Enhance-Pack-200-loading - CVE-2024-21145 Improve-2D-image-handli...
emacs security update
1:27.2-10 - org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code CVE-2024-39331 - Disable xwidgets RHEL-33447...
resource-agents security update
4.9.0-54.4 - bundled setuptools: fix CVE-2024-6345 Resolves: RHEL-50360 4.9.0-54.3 - gcp-pd-move: fix TLSVERSION1 issue Resolves: RHEL-50041 4.9.0-54.2 - bundled urllib3: fix CVE-2024-37891 Resolves: RHEL-44923 4.9.0-54.1 - AWS agents: retry failed metadata requests to avoid instantly failing whe...
bubblewrap and flatpak security update
bubblewrap 0.4.0-2 - Backport upstream fix to help address CVE-2024-42472 in flatpak flatpak 1.12.9-3 - Fix previous changelog entry 1.12.9-2 - Backport upstream patches for CVE-2024-42472 - Require bubblewrap version that has new --bind-fd option backported for addressing CVE-2024-42472...
bubblewrap and flatpak security update
bubblewrap 0.4.1-7 - Add support for --bind-fd and --ro-bind-fd CVE-2024-42472 flatpak 1.12.9-3 - Fix previous changelog entry 1.12.9-2 - Backport upstream patches for CVE-2024-42472 - Require bubblewrap version that has new --bind-fd option backported for addressing CVE-2024-42472...
fence-agents security update
4.2.1-129.4 - bundled setuptools: fix CVE-2024-6345 Resolves: RHEL-50223 4.2.1-129.3 - bundled urllib3: fix CVE-2024-37891 Resolves: RHEL-43568 4.2.1-129.2 - fenceeps: add fenceepsr2 for ePowerSwitch R2 and newer Resolves: RHEL-7734 - bundled jinja2: fix CVE-2024-34064 Resolves: RHEL-35655...
nodejs:18 security update
nodejs 1:18.20.4-1 - Update to 18.20.4 Fixes: CVE-2024-22020 CVE-2024-28863 nodejs-nodemon nodejs-packaging...
nodejs:18 security update
nodejs 1:18.20.4-1 - Update to 18.20.4 Fixes: CVE-2024-22020 CVE-2024-28863 nodejs-nodemon nodejs-packaging...
libndp security update
1.2-10.0.1 - Increasing release number as per Oracle package release policy...
ghostscript security update
9.54.0-17 - RHEL-44759 CVE-2024-33870 ghostscript: path traversal to arbitrary files if the current directory is in the permitted paths - RHEL-44745 CVE-2024-33869 ghostscript: path traversal and command execution due to path reduction - RHEL-44731 CVE-2024-29510 ghostscript: format string...
orc security update
0.4.31-7 - Add patch for CVE-2024-40897 - Resolves: RHEL-50701...
gvisor-tap-vsock security update
6:0.7.3-5 - rebuild for CVE-2024-24783 - Resolves: RHEL-28435...
podman security update
4.9.4-10.0.1 - Fixes issue of podman execvp error while using podmansh Orabug: 36073625 - Improved saving remote build context to tarfile in Podman daemon Orabug: 36495655 - Add devices on container startup, not on creation - Backport fast gzip for compression Orabug: 36420418 - overlay: Put shou...
python3.9 security update
3.9.18-3.5 - Security fix for CVE-2024-8088 Resolves: RHEL-55968 3.9.18-3.4 - Security fix for CVE-2024-6923 Resolves: RHEL-53044...
wget security update
1.21.1-8 - Resolves: RHEL-43226 - Misinterpretation of input may lead to improper behavior...
python3.11 security update
3.11.7-1.5 - Security fix for CVE-2024-8088 Resolves: RHEL-55960 3.11.7-1.4 - Security fix for CVE-2024-6923 Resolves: RHEL-53037...
python3.12 security update
3.12.1-4.3 - Security fix for CVE-2024-8088 Resolves: RHEL-55964 3.12.1-4.2 - Security fix for CVE-2024-6923 Resolves: RHEL-53087...
buildah security update
1.33.7-4.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.33.7-4 - rebuild for CVE-2024-24783 - Resolves: RHEL-28428...
containernetworking-plugins security update
1:1.4.0-5 - rebuild for CVE-2024-24783 - Resolves: RHEL-28431...
runc security update
4:1.1.12-4 - rebuild for CVE-2024-24783 - Resolves: RHEL-28439...
postgresql security update
13.16-1.0.1 - Remove non ASCII character from changelog date 13.16-1 - Update to 13.16 13.14-2 - Remove /var/run/postgresql - Related: RHEL-25756 13.14-1 - Update to 13.14 - Fix CVE-2024-0985 13.13-1 - Update to 13.13 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, and CVE-2023-39417 -...
krb5 security update
1.21.1-2.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-2 - CVE-2024-37370 CVE-2024-37371 Fix vulnerabilities in GSS message token handling Resolves: RHEL-45401 RHEL-45390...
skopeo security update
2:1.14.5-1 - update to the latest content of https://github.com/containers/skopeo/tree/release-1.14 https://github.com/containers/skopeo/commit/072072b - Resolves: RHEL-40805...
python-urllib3 security update
1.26.5-5.1 - Security fix for CVE-2024-37891 - Backport upstream patch to fix TypeError for http connection if the PoolManager - is instantiated with serverhostname Resolves: RHEL-49853...
virt:kvm_utils3 security update
hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol libguestfs-winsupport...
Unbreakable Enterprise kernel security update
4.1.12-124.89.4 - isdn: mISDN: netjet: Fix crash in njprobe: Zheyu Ma Orabug: 36940405 CVE-2021-47284 - tracing: Restructure traceclockglobal to never block Steven Rostedt VMware Orabug: 36940388 CVE-2021-46939 - udf: Fix NULL pointer dereference in udfsymlink function Arturo Giusti Orabug:...
virt:kvm_utils2 security update
hivex libguestfs libguestfs-winsupport 8.6-1 - Rebase to ntfs-3g 2021.8.22 - Fixes: CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254 resolves: rhbz2004490...
postgresql:12 security update
pgaudit pgrepack postgres-decoderbufs postgresql 12.20-1 - Update to 12.20 - Fix CVE-2024-7348...
postgresql:13 security update
pgaudit pgrepack postgres-decoderbufs postgresql 13.16-1 - Update to 13.16 - Fix CVE-2024-7348...
postgresql:15 security update
pgaudit 1.7.0-1 - Initial import for postgresql 15 module - Update to 1.7.0 - Support postgresql 15 - Related: 2128410 pgrepack postgres-decoderbufs 1.9.7-1.Final - Iitial import for postgresql 15 stream - Related: 2128410 postgresql 15.8-1 - Update to 15.8 15.6-3 - Remove /var/run/postgresql -...
postgresql:15 security update
pgaudit pgrepack postgres-decoderbufs postgresql 15.8-1 - Update to 15.8 - Fix CVE-2024-7348...
python39:3.9 and python39-devel:3.9 security update
modwsgi numpy python39 3.9.19-7 - Security fix for CVE-2024-8088 Resolves: RHEL-55954 3.9.19-6 - Security fix for CVE-2024-6923 Resolves: RHEL-53102 3.9.19-5 - Properly propagate the optimization flags to C extensions 3.9.19-4 - Build Python with -O3 -...
postgresql:16 security update
pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3636 pgrepack postgres-decoderbufs 2.4.0-1.Final - Initial import for postgresql 16 stream - Related: RHEL-3636 postgresql 16.4-1 - Update to 16.4 - Fix CVE-2024-7348...
libvpx security update
1.7.0-11 - Add patch to fix integer overflows. - Fix compilation by including limits.h - Resolves: RHEL-40650...
postgresql:16 security update
pgaudit pgrepack postgres-decoderbufs postgresql 16.4-1 - Update to 16.4...
kernel security update
5.14.0-427.33.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
nodejs:20 security update
nodejs 1:20.16.0-1 - Update to 20.16.0 Fixes: CVE-2024-36137 CVE-2024-22018 CVE-2024-22020 nodejs-nodemon nodejs-packaging...
nodejs:20 security update
nodejs 1:20.16.0-1 - Update to 20.16.0 Fixes: CVE-2024-36137 CVE-2024-22018 CVE-2024-22020 nodejs-nodemon nodejs-packaging...
python3.12-setuptools security update
68.2.2-4 - Security fix for CVE-2024-6345 Resolves: RHEL-50475...
tomcat security update
1:9.0.87-1.el810.2 - Resolves: RHEL-46167 tomcat: Improper Handling of Exceptional Conditions CVE-2024-34750...
tomcat security update
1:9.0.87-1.el94.2 - Resolves: RHEL-46162 tomcat: Improper Handling of Exceptional Conditions CVE-2024-34750...
libreoffice security update
6.4.7.2-18.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 6.4.7.2 - Remove Red Hat branding - Change vendor to RESF 1:6.4.7.2-18 - Fix CVE-2024-6472 remove ability to trust not validated...
libreoffice security update
7.1.8.1-14.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Added the --with-hamcrest option to configure. 7.1.8.1 - Remove Red Hat branding - Change vendor to RESF 1:7.1.8.1-14 - Fix CVE-2024-6472 remove ability to trust not validated macro signatures in high security...