9000 matches found
squid security update
7:5.5-13 - Resolves: RHEL-45056 - squid: Out-of-bounds write error may lead to Denial of Service CVE-2024-37894 - Resolves: RHEL-45643 - squid: vulnerable to a Denial of Service attack against Cache Manager error responses CVE-2024-23638...
containernetworking-plugins security update
1:1.4.0-4 - rebuild for CVE-2024-1394 - Resolves: RHEL-40809...
edk2 security update
20231122-6.0.1.el94.2 - Replace upstream references Orabug:36569119 20231122-6.el94.2 - edk2-NetworkPkg-SECURITY-PATCH-CVE-2023-45237.patch RHEL-40270 RHEL-40272 - edk2-NetworkPkg-TcpDxe-SECURITY-PATCH-CVE-2023-45236.patch RHEL-40270 RHEL-40272 -...
python3 security update
3.11.7-1.3 - Security fix for CVE-2024-4032 Resolves: RHEL-44097 3.11.7-1.2 - Enable importing of hash-based .pyc files under FIPS mode Resolves: RHEL-40785...
python3 security update
3.9.18-3.3 - Security fix for CVE-2024-4032 Resolves: RHEL-44106 3.9.18-3.2 - Enable importing of hash-based .pyc files under FIPS mode Resolves: RHEL-40767...
cups security update
1:2.3.3op2-27 - Revert the cups-libs license identifier to the 'legacy' format 1:2.3.3op2-26 - RHEL-40388 cups: Cupsd Listen arbitrary chmod 0140777 - Delete the domain socket file after stopping the cups.socket service - Fix cupsd Listener checks 1:2.3.3op2-25 - CVE-2024-35235 cups: Cupsd Listen...
runc security update
4:1.1.12-3 - rebuild for CVE-2024-1394 - Resolves: RHEL-24320...
libreoffice security update
7.1.8.1-13.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Added the --with-hamcrest option to configure. 1:7.1.8.1-13 - Fix CVE-2024-3044 add notify for script use...
libuv security update
1:1.42.0-2 - Backport fix for CVE-2024-24806 Resolves: RHEL-24791...
libvirt security update
10.0.0-6.6.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 10.0.0-6.6.el94 - vmx: Do not require DVS Port ID RHEL-45520 - vmx: Do not require all ID data for VMWare Distributed Switch RHEL-46595 10.0.0-6.5.el94 - qemu: Fix migration with disabled vmx- CPU features RHEL-44984...
Unbreakable Enterprise kernel security update
5.15.0-208.159.3.2 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.333.5.1.el8 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755 - pci: add hotplug patch support for SOLIDIGM Aura10 AIC 0x025e:0x0b60 Alan Adamson Orabug: 36836653...
Unbreakable Enterprise kernel security update
5.4.17-2136.333.5.1 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755 - pci: add hotplug patch support for SOLIDIGM Aura10 AIC 0x025e:0x0b60 Alan Adamson Orabug: 36836653...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.333.5.1.el7 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755 - pci: add hotplug patch support for SOLIDIGM Aura10 AIC 0x025e:0x0b60 Alan Adamson Orabug: 36836653...
Unbreakable Enterprise kernel security update
4.1.12-124.87.2.2 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755...
Unbreakable Enterprise kernel security update
4.14.35-2047.538.5.1 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755...
httpd security update
2.4.57-11.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.57-11 - Resolves: RHEL-45792 - httpd: Encoding problem in modproxy CVE-2024-38473 2.4.57-9 - Resolves: RHEL-45766 - httpd: null pointer dereference in modproxy CVE-2024-38477 - Resolves: RHEL-45749 - httpd: Potentia...
httpd:2.4 security update
httpd 2.4.37-65.0.1.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-65.1 - Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue in modrewrite CVE-2024-38474 - Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in modproxy CVE-2024-38473 - Resolves:...
java-21-openjdk security update
1:21.0.4.0.7-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.4.0.7-1 - Update to jdk-21.0.4+7 GA - Update release notes to 21.0.4+7 - Switch to GA mode. - Sync the copy of the portable specfile with the latest update - Add missing section headers in NEWS - This tarball is embargoed unti...
qt5-qtbase security update
5.15.3-8 - HTTP2: Delay any communication until encrypted can be responded to Resolves: RHEL-46340...
java-17-openjdk security update
1:17.0.12.0.7-2.0.1 - Add Oracle vendor bug URL 1:17.0.12.0.7-2 - Update to jdk-17.0.12+7 GA - Update .gitignore to ignore openjdk-17.0.12+7.tar.xz - Sync java-17-openjdk-portable.specfile - Set buildver to 7 - Set portablerelease 1 - Set isga to 1 - Update sources to openjdk-17.0.12+7.tar.xz -...
thunderbird security update
115.13.0-3.0.1 - Add Oracle prefs file 115.13.0 - Add OpenELA debranding 115.13.0-3 - Update to 115.13.0 build5 115.13.0-2 - Update to 115.13.0 build3 115.13.0-1 - Update to 115.13.0 build1...
thunderbird security update
115.13.0-3.0.1 - Add Oracle prefs 115.13.0 - Add OpenELA debranding 115.13.0-3 - Update to 115.13.0 build5 115.13.0-2 - Update to 115.13.0 build3 115.13.0-1 - Update to 115.13.0 build1...
qt5-qtbase security update
5.15.9-10 - HTTP2: Delay any communication until encrypted can be responded to Resolves: RHEL-46348...
kernel security update
5.14.0-427.26.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
libndp security update
1.7-7 - Validate route information option length...
libndp security update
1.8-6 - Validate route information option length 1.8-5 - Convert the license tag to SPDX format Related: RHELMISC-1363...
java-11-openjdk security update
11.0.24.0.8-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:11.0.24.0.8-1 - Update to jdk-11.0.24+8 GA - Update release notes to 11.0.24+8 - Adjusted DTLS & RPATH NEWS entries to match OpenJDK 17 & 21 release notes - Switch to GA mode for release - Fix Provides to reflect up to date componen...
java-1.8.0-openjdk security update
1.8.0.422.b05-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.422.b05-1.1 - Update to shenandoah-jdk8u422-b05 GA - Update release notes for shenandoah-8u422-b05. - Rebase PR2462 patch following patched hunk being removed by JDK-8322106 - Switch to GA mode. - Sync the copy of the portab...
ruby security update
ruby 2.5.9-112 - Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755. CVE-2023-36617 Resolves: RHEL-5614 - Fix Buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-34125 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281 Resolves: RHEL-34117 -...
virt:kvm_utils3 bug fix update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 9.0.0-5.el8 - Fix off-by-one error in udevListInterfacesByStatus Martin Kletzander Orabug: 36364464 CVE-2024-1441 libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 7.2.0-13 - vfio/migration: Enhance VFIO migratio...
skopeo security update
2:1.14.3-3 - golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394...
virt:ol and virt-devel:rhel security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-50 - kvm-qcow2-Don-t-open-datafile-with-BDRVONOIO.patch RHEL-35616 - kvm-iotests-244-Don-t-store-data-file-with-protocol-in-i.patch RHEL-35616 -...
firefox security update
115.13.0-3.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.13.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 115.13.0-3 - Update to 115.13.0 build3 115.13.0-2 - Update to 115.13.0 build2 115.13.0-1 - Update to 115.13.0...
firefox security update
115.13.0-3.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file 115.13.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 115.13.0-3 - Update to 115.13.0 build3 115.13.0-2 - Update to 115.13.0 build2 115.13.0-1 - Update to 115.13.0...
dotnet8.0 security update
8.0.107-1.0.1 - Add support for Oracle Linux 8.0.107-1 - Update to .NET SDK 8.0.107 and Runtime 8.0.7 - Resolves: RHEL-45324...
openssh security update
8.7p1-38.0.2.4 - Possible remote code execution due to a race condition CVE-2024-6409 Resolves: RHEL-45741...
virt:ol and virt-devel:rhel security and bug fix update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 8.0.0-23.2.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma 8.0.0-23.2 - util: Fix error return for virProcessKillPainfullyDelay RHEL-36064 - rpc: ensure...
pki-core security update
jss ldapjdk pki-core 10.15.1-1.0.1 - Remove upstream reference 10.15.1-1 - Rebase to PKI 10.15.1 - Fix CVE 2023-4727 resteasy tomcatjss...
dotnet8.0 security update
8.0.107-1.0.1 - Add support for Oracle Linux 8.0.107-1 - Update to .NET SDK 8.0.107 and Runtime 8.0.7 - Resolves: RHEL-45322...
dotnet6.0 security update
6.0.132-1.0.1 - Add support for Oracle Linux 6.0.132-1 - Update to .NET SDK 6.0.132 and Runtime 6.0.32 - Resolves: RHEL-45321...
dotnet6.0 security update
6.0.132-1.0.1 - Add support for Oracle Linux 6.0.132-1 - Update to .NET SDK 6.0.132 and Runtime 6.0.32 - Resolves: RHEL-45319...
fence-agents security update
4.10.0-62.4 - bundled urllib3: fix CVE-2024-37891 Resolves: RHEL-43956...
libreswan security update
4.12-2.0.1.4 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-2.4 - Fix CVE-2024-3652 RHEL-32482...
buildah security update
1.33.7-3.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.33.7-3 - rebuild for CVE-2024-1394 - Resolves: RHEL-24307...
gvisor-tap-vsock security update
6:0.7.3-4 - rebuild for CVE-2024-1394 - Resolves: RHEL-24315...
kernel security and bug fix update
5.14.0-427.24.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
podman security update
4.9.4-5.0.1 - Fixes issue of podman execvp error while using podmansh Orabug: 36073625 - Improved saving remote build context to tarfile in Podman daemon Orabug: 36495655 - Add devices on container startup, not on creation - Backport fast gzip for compression Orabug: 36420418 - overlay: Put shoul...
openssh security update
8.7p1-38.0.2.1 - Update upstream references Orabug: 36564626 8.7p1-38.1 - Possible remote code execution due to a race condition CVE-2024-6387 Resolves: RHEL-45347...
libreoffice security update
6.4.7.2-17.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 6.4.7.2 - Remove Red Hat branding - Change vendor to RESF 1:6.4.7.2-17 - Fix CVE-2024-3044 add notify for script use...