9185 matches found
httpd security update
2.4.57-11.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.57-11 - Resolves: RHEL-45792 - httpd: Encoding problem in modproxy CVE-2024-38473 2.4.57-9 - Resolves: RHEL-45766 - httpd: null pointer dereference in modproxy CVE-2024-38477 - Resolves: RHEL-45749 - httpd: Potentia...
Unbreakable Enterprise kernel security update
5.15.0-208.159.3.2 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755...
httpd:2.4 security update
httpd 2.4.37-65.0.1.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-65.1 - Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue in modrewrite CVE-2024-38474 - Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in modproxy CVE-2024-38473 - Resolves:...
qt5-qtbase security update
5.15.9-10 - HTTP2: Delay any communication until encrypted can be responded to Resolves: RHEL-46348...
libndp security update
1.7-7 - Validate route information option length...
libndp security update
1.8-6 - Validate route information option length 1.8-5 - Convert the license tag to SPDX format Related: RHELMISC-1363...
thunderbird security update
115.13.0-3.0.1 - Add Oracle prefs 115.13.0 - Add OpenELA debranding 115.13.0-3 - Update to 115.13.0 build5 115.13.0-2 - Update to 115.13.0 build3 115.13.0-1 - Update to 115.13.0 build1...
thunderbird security update
115.13.0-3.0.1 - Add Oracle prefs file 115.13.0 - Add OpenELA debranding 115.13.0-3 - Update to 115.13.0 build5 115.13.0-2 - Update to 115.13.0 build3 115.13.0-1 - Update to 115.13.0 build1...
qt5-qtbase security update
5.15.3-8 - HTTP2: Delay any communication until encrypted can be responded to Resolves: RHEL-46340...
kernel security update
5.14.0-427.26.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
java-1.8.0-openjdk security update
1.8.0.422.b05-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.422.b05-1.1 - Update to shenandoah-jdk8u422-b05 GA - Update release notes for shenandoah-8u422-b05. - Rebase PR2462 patch following patched hunk being removed by JDK-8322106 - Switch to GA mode. - Sync the copy of the portab...
java-11-openjdk security update
11.0.24.0.8-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:11.0.24.0.8-1 - Update to jdk-11.0.24+8 GA - Update release notes to 11.0.24+8 - Adjusted DTLS & RPATH NEWS entries to match OpenJDK 17 & 21 release notes - Switch to GA mode for release - Fix Provides to reflect up to date componen...
java-17-openjdk security update
1:17.0.12.0.7-2.0.1 - Add Oracle vendor bug URL 1:17.0.12.0.7-2 - Update to jdk-17.0.12+7 GA - Update .gitignore to ignore openjdk-17.0.12+7.tar.xz - Sync java-17-openjdk-portable.specfile - Set buildver to 7 - Set portablerelease 1 - Set isga to 1 - Update sources to openjdk-17.0.12+7.tar.xz -...
java-21-openjdk security update
1:21.0.4.0.7-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.4.0.7-1 - Update to jdk-21.0.4+7 GA - Update release notes to 21.0.4+7 - Switch to GA mode. - Sync the copy of the portable specfile with the latest update - Add missing section headers in NEWS - This tarball is embargoed unti...
virt:kvm_utils3 bug fix update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 9.0.0-5.el8 - Fix off-by-one error in udevListInterfacesByStatus Martin Kletzander Orabug: 36364464 CVE-2024-1441 libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 7.2.0-13 - vfio/migration: Enhance VFIO migratio...
ruby security update
ruby 2.5.9-112 - Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755. CVE-2023-36617 Resolves: RHEL-5614 - Fix Buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-34125 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281 Resolves: RHEL-34117 -...
virt:ol and virt-devel:rhel security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-50 - kvm-qcow2-Don-t-open-datafile-with-BDRVONOIO.patch RHEL-35616 - kvm-iotests-244-Don-t-store-data-file-with-protocol-in-i.patch RHEL-35616 -...
skopeo security update
2:1.14.3-3 - golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394...
firefox security update
115.13.0-3.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file 115.13.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 115.13.0-3 - Update to 115.13.0 build3 115.13.0-2 - Update to 115.13.0 build2 115.13.0-1 - Update to 115.13.0...
firefox security update
115.13.0-3.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.13.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 115.13.0-3 - Update to 115.13.0 build3 115.13.0-2 - Update to 115.13.0 build2 115.13.0-1 - Update to 115.13.0...
dotnet8.0 security update
8.0.107-1.0.1 - Add support for Oracle Linux 8.0.107-1 - Update to .NET SDK 8.0.107 and Runtime 8.0.7 - Resolves: RHEL-45322...
openssh security update
8.7p1-38.0.2.4 - Possible remote code execution due to a race condition CVE-2024-6409 Resolves: RHEL-45741...
dotnet8.0 security update
8.0.107-1.0.1 - Add support for Oracle Linux 8.0.107-1 - Update to .NET SDK 8.0.107 and Runtime 8.0.7 - Resolves: RHEL-45324...
virt:ol and virt-devel:rhel security and bug fix update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 8.0.0-23.2.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma 8.0.0-23.2 - util: Fix error return for virProcessKillPainfullyDelay RHEL-36064 - rpc: ensure...
pki-core security update
jss ldapjdk pki-core 10.15.1-1.0.1 - Remove upstream reference 10.15.1-1 - Rebase to PKI 10.15.1 - Fix CVE 2023-4727 resteasy tomcatjss...
dotnet6.0 security update
6.0.132-1.0.1 - Add support for Oracle Linux 6.0.132-1 - Update to .NET SDK 6.0.132 and Runtime 6.0.32 - Resolves: RHEL-45319...
dotnet6.0 security update
6.0.132-1.0.1 - Add support for Oracle Linux 6.0.132-1 - Update to .NET SDK 6.0.132 and Runtime 6.0.32 - Resolves: RHEL-45321...
fence-agents security update
4.10.0-62.4 - bundled urllib3: fix CVE-2024-37891 Resolves: RHEL-43956...
kernel security and bug fix update
5.14.0-427.24.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
buildah security update
1.33.7-3.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.33.7-3 - rebuild for CVE-2024-1394 - Resolves: RHEL-24307...
gvisor-tap-vsock security update
6:0.7.3-4 - rebuild for CVE-2024-1394 - Resolves: RHEL-24315...
libreswan security update
4.12-2.0.1.4 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-2.4 - Fix CVE-2024-3652 RHEL-32482...
podman security update
4.9.4-5.0.1 - Fixes issue of podman execvp error while using podmansh Orabug: 36073625 - Improved saving remote build context to tarfile in Podman daemon Orabug: 36495655 - Add devices on container startup, not on creation - Backport fast gzip for compression Orabug: 36420418 - overlay: Put shoul...
openssh security update
8.7p1-38.0.2.1 - Update upstream references Orabug: 36564626 8.7p1-38.1 - Possible remote code execution due to a race condition CVE-2024-6387 Resolves: RHEL-45347...
python-idna security update
2.5-7 - Fix patch application for security fix for CVE-2024-3651 Resolves: RHEL-32703 2.5-6 - Security fix for CVE-2024-3651 Resolves: RHEL-32703...
python-jinja2 security update
2.10.1-5 - Security fix for CVE-2024-34064 Resolves: RHEL-35651...
python3 security update
3.12.3-2 - Enable importing of hash-based .pyc files under FIPS mode Resolves: RHEL-40776 3.12.3-1 - Update to 3.12.3 Related: RHEL-33685 3.12.2-3 - Move all test modules to the python3-test package, namely: - phello - xxsubinterpreters - xxlimited - xxlimited35 - xxsubtype 3.12.2-2 - Fix tests f...
go-toolset security update
delve 1.21.2-3.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.21.2-3 - Skip an additional test as it's breaking in the CI system. - Modify the name of the patch. - Resolves: RHEL-22820 1.21.2-2 - Fix: Remove architectures from exclude ExcludeArch - Resolves: RHEL-22820 1.21.2-1...
python3 security update
1.1.0-3 - Security fix for CVE-2024-36039 Resolves: RHEL-38366...
389-ds security update
1.4.3.39-7 - Bump version to 1.4.3.39-7 - Resolves: RHEL-16277 - LDAP connections are closed with code T2 before the IO block timeout is reached. rhel-8.10.0.z 1.4.3.39-6 - Bump version to 1.4.3.39-6 - Resolves: RHEL-16277 - LDAP connections are closed with code T2 before the IO block timeout is...
container-tools security update
aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related: Jira:RHEL-2110 2:1.8.0-1 - update to...
libreoffice security update
6.4.7.2-17.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 6.4.7.2 - Remove Red Hat branding - Change vendor to RESF 1:6.4.7.2-17 - Fix CVE-2024-3044 add notify for script use...
iperf3 security update
3.5-10 - Resolves: RHEL-29578 - vulnerable to marvin attack if the authentication option is used 3.5-9 - Resolves: RHEL-17069 - possible denial of service 3.5-8 - Related: 2222205 - bumping nvr for correct update path...
glibc security update
2.34-100.0.1.2 - Forward-port Oracle patches for ol9-u4 Reviewed by: Jose E. Marchesi Oracle history: April-30-2024 Cupertino Miranda - 2.34-100.0.1 - Forward-port Oracle patches for ol9-u4 Reviewed by: Indu Bhagat March-28-2024 Cupertino Miranda - 2.34-100.0.1 - Forward-port Oracle patches for...
kernel security and bug fix update
4.18.0-553.8.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
cups security update
1:2.2.6-60 - RHEL-40386 cups: Cupsd Listen arbitrary chmod 0140777 - Delete the domain socket file after stopping the cups.socket service - Fix cupsd Listener checks 1:2.2.6-59 - RHEL-40386 cups: Cupsd Listen arbitrary chmod 0140777 - Require cups.socket in cupsd service file 1:2.2.6-58 -...
python-pillow security update
5.1.1-21 - Security fix for CVE-2024-28219 Resolves: RHEL-31071...
xmlrpc-c security and bug fix update
1.51.0-9 - Address segfault found in CVE-2023-52425 RHEL-24226...
pki-core security update
10.5.18-32 - - RHEL 7.9 Async Security Update CY24Q2.4: - - Updated nspr-devel and nss-devel build requirements as well as nss and nss-tools runtime requirements mharmsen - Updated jss dependencies mharmsen - Added git build dependency mharmsen - Additional trivial fix jmagne - RHEL-9917 -...
qemu-kvm security update
8.2.0-11.el94.4 - Fixing CVE-2024-4467 - Resolves: RHEL-35610...