8998 matches found
python3 security update
1.1.0-3 - Security fix for CVE-2024-36039 Resolves: RHEL-38366...
python-idna security update
2.5-7 - Fix patch application for security fix for CVE-2024-3651 Resolves: RHEL-32703 2.5-6 - Security fix for CVE-2024-3651 Resolves: RHEL-32703...
389-ds security update
1.4.3.39-7 - Bump version to 1.4.3.39-7 - Resolves: RHEL-16277 - LDAP connections are closed with code T2 before the IO block timeout is reached. rhel-8.10.0.z 1.4.3.39-6 - Bump version to 1.4.3.39-6 - Resolves: RHEL-16277 - LDAP connections are closed with code T2 before the IO block timeout is...
python3 security update
3.12.3-2 - Enable importing of hash-based .pyc files under FIPS mode Resolves: RHEL-40776 3.12.3-1 - Update to 3.12.3 Related: RHEL-33685 3.12.2-3 - Move all test modules to the python3-test package, namely: - phello - xxsubinterpreters - xxlimited - xxlimited35 - xxsubtype 3.12.2-2 - Fix tests f...
go-toolset security update
delve 1.21.2-3.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.21.2-3 - Skip an additional test as it's breaking in the CI system. - Modify the name of the patch. - Resolves: RHEL-22820 1.21.2-2 - Fix: Remove architectures from exclude ExcludeArch - Resolves: RHEL-22820 1.21.2-1...
iperf3 security update
3.5-10 - Resolves: RHEL-29578 - vulnerable to marvin attack if the authentication option is used 3.5-9 - Resolves: RHEL-17069 - possible denial of service 3.5-8 - Related: 2222205 - bumping nvr for correct update path...
libreoffice security update
6.4.7.2-17.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 6.4.7.2 - Remove Red Hat branding - Change vendor to RESF 1:6.4.7.2-17 - Fix CVE-2024-3044 add notify for script use...
kernel security and bug fix update
4.18.0-553.8.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
nghttp2 security update
1.33.0-6.1 - fix CONTINUATION frames DoS CVE-2024-27316 1.33.0-6 - fix CONTINUATION frames DoS CVE-2024-28182...
qemu-kvm security update
8.2.0-11.el94.4 - Fixing CVE-2024-4467 - Resolves: RHEL-35610...
openldap security update
2.4.46-19 - Bump version to 2.4.46-19 - Resolves: RHEL-34283 - openldap: null pointer dereference in bermemallocx function...
libuv security update
1:1.41.1-2 - Backport fixes for CVE-2024-24806 Resolves: RHEL-24790...
cups security update
1:2.2.6-60 - RHEL-40386 cups: Cupsd Listen arbitrary chmod 0140777 - Delete the domain socket file after stopping the cups.socket service - Fix cupsd Listener checks 1:2.2.6-59 - RHEL-40386 cups: Cupsd Listen arbitrary chmod 0140777 - Require cups.socket in cupsd service file 1:2.2.6-58 -...
pki-core security update
10.5.18-32 - - RHEL 7.9 Async Security Update CY24Q2.4: - - Updated nspr-devel and nss-devel build requirements as well as nss and nss-tools runtime requirements mharmsen - Updated jss dependencies mharmsen - Added git build dependency mharmsen - Additional trivial fix jmagne - RHEL-9917 -...
less security update
530-3 - Fix CVE-2024-32487 - Resolves: RHEL-32738...
python-pillow security update
5.1.1-21 - Security fix for CVE-2024-28219 Resolves: RHEL-31071...
c-ares security update
1.13.0-11 - Resolves: RHEL-26525 - c-ares: Out of bounds read in aresreadline rhel-8...
python3.11-PyMySQL security update
1.0.2-2 - Security fix for CVE-2024-36039 Resolves: RHEL-38365...
xmlrpc-c security and bug fix update
1.51.0-9 - Address segfault found in CVE-2023-52425 RHEL-24226...
golang security update
1.21.11-1 - Update to Go 1.21.11 that fixes CVE-2024-24789 and CVE-2024-24790 - Resolves: RHEL-40275...
openssh security update
8.7p1-38.0.2 - Restore dropped earlier ifdef condition for safe exit1 call in sshsigdie Orabug: 36783468 Resolves CVE-2024-6387...
httpd:2.4/httpd security update
httpd 2.4.37-65.0.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-65 - Resolves: RHEL-31857 - httpd:2.4/httpd: HTTP response splitting CVE-2023-38709 modhttp2 modmd...
pki-core security update
11.5.0-2.0.1 - Replaced upstream graphical references Orabug: 33952704 11.5.0-2 - RHEL-9916 CVE-2023-4727 pki-core: dogtag ca: token authentication bypass vulnerability...
git security update
2.43.5-1 - Update to 2.43.5 - Related: RHEL-36399, RHEL-36411 2.43.4-1 - Update to 2.43.4 - Resolves: RHEL-36399, RHEL-36411...
git security update
2.43.5-1 - Update to 2.43.5 - Related: RHEL-36402, RHEL-36414 2.43.4-1 - Update to 2.43.4 - Resolves: RHEL-36402, RHEL-36414...
python3.9 security update
3.9.18-3.1 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix tests for XMLPullParser with Expat with fixed CVE Resolves: RHEL-33887, RHEL-34287...
python3.11 security update
3.11.7-1.1 - Security fix for CVE-2023-6597 - Fix tests for XMLPullParser with Expat with fixed CVE Resolves: RHEL-33884...
libreswan security update
4.12-2.0.1.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-2.1 - Fix CVE-2024-3652 RHEL-40102...
python3.11 security update
3.11.9-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.9-1 - Rebase to 3.11.9 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix expat tests for the latest expat security release Resolves: RHEL-33672, RHEL-33684...
ghostscript security update
9.27-13 - CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver library...
thunderbird security update
115.12.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.12.1-1 - Update to 115.12.1 build1 115.12.0-2 - Update to 115.12.0 build2 115.12.0-1 - Update to 115.12.0 build1...
nghttp2 security update
1.43.0-5.2 - fix CONTINUATION frames DoS CVE-2024-28182, CVE-2024-27316...
thunderbird security update
115.12.1-1.0.1 - Add Oracle prefs file 115.12.1 - Add OpenELA debranding 115.12.1-1 - Update to 115.12.1 build1 115.12.0-2 - Update to 115.12.0 build2 115.12.0-1 - Update to 115.12.0 build1...
thunderbird security update
115.12.1-1.0.1 - Add Oracle prefs 115.12.1 - Add OpenELA debranding 115.12.1-1 - Update to 115.12.1 build1 115.12.0-2 - Update to 115.12.0 build2 115.12.0-1 - Update to 115.12.0 build1...
ghostscript security update
9.54.0-16 - RHEL-39110 fix regression discovered in OPVP device 9.54.0-15 - RHEL-39110 CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver library...
glibc security update
2.17-326.0.9.3 - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi Oracle history: June-22-2023 Cupertino Miranda - 2.17-326.0.9 - OraBug 35517820 Reworked previous patch for OraBug 35318841 and removed free of stack allocations. Reviewed-by: Jose E. Marchesi June-20-2023...
glibc security update
2.17-326.0.6.3 - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi Oracle history: April-28-2023 Cupertino Miranda - 2.17-326.0.6 - OraBug 35338741 Glibc tunable to disable huge pages on pthreadcreate stacks Reviewed-by: Jose E. Marchesi February-22-2023 Cupertino Miranda -...
flatpak security update
1.0.9-13 - Fix CVE-2024-32462...
container-tools:ol8 bug fix and enhancement update
aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related: Jira:RHEL-2110 2:1.8.0-1 - update to...
firefox security update
115.12.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.12.0-1 - Update to 115.12.0 build1...
flatpak security update
1.12.9-1 - Update to 1.12.9 CVE-2024-32462 1.12.8-1 - Rebase to 1.12.8 RHEL-4220 1.10.8-3 - Let flatpak own %sysconfdir/flatpak RHEL-15822...
firefox security update
115.12.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file 115.12.0-1 - Update to 115.12.0 build1...
flatpak security update
1.12.9-1 - Update to 1.12.9 CVE-2024-32462...
glibc security update
2.28-251.0.2.2 - Forward port of Oracle patches over 2.28-251.2 Reviewed-by: Jose E. Marchesi Oracle history: May-23-2024 Cupertino Miranda - 2.28-251.0.2.1 - Forward port of Oracle patches over 2.28-251.1 Reviewed-by: Jose E. Marchesi May-22-2024 Cupertino Miranda - 2.28-251.0.2 - Forward port o...
firefox security update
115.12.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.12.0-1 - Update to 115.12.0 build1...
python-idna security update
2.10-7.0.1.1 - Rebuild with release bump 2.10-7.1 - Security fix for CVE-2024-3651 Resolves: RHEL-33464...
virt:kvm_utils1 security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libvirt 5.7.0-42 - Document CVEs as fixed Karl Heubaum CVE-2023-2700 - Fix off-by-one error in udevListInterfacesByStatus Martin Kletzander Orabug: 36364474 CVE-2024-1441 - libvirt- : Check caller-provided buffers to be NULL with size 0 Erik...
ruby security update
3.0.7-162 - Upgrade to Ruby 3.0.7. Resolves: RHEL-35740 - Fix HTTP response splitting in CGI. Resolves: RHEL-35741 - Fix ReDoS vulnerability in URI. Resolves: RHEL-35742 - Fix ReDoS vulnerability in Time. Resolves: RHEL-35743 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35744 -...
Unbreakable Enterprise kernel security update
5.15.0-207.156.6 - uek-container: Add advanced routing options Boris Ostrovsky Orabug: 36691279 - slub: use countpartialfreeapprox in slaboutofmemory Jianfeng Wang Orabug: 36655468 - slub: introduce countpartialfreeapprox Jianfeng Wang Orabug: 36655468 - Revert 'lockd: introduce safe async lock o...
libreoffice security update
7.1.8.1-12.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Added the --with-hamcrest option to configure. 7.1.8.1 - Remove Red Hat branding - Change vendor to RESF 1:7.1.8.1-12 - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target protocols 1:7.1.8.1-...