9185 matches found
libuv security update
1:1.41.1-2 - Backport fixes for CVE-2024-24806 Resolves: RHEL-24790...
golang security update
1.21.11-1 - Update to Go 1.21.11 that fixes CVE-2024-24789 and CVE-2024-24790 - Resolves: RHEL-40275...
openldap security update
2.4.46-19 - Bump version to 2.4.46-19 - Resolves: RHEL-34283 - openldap: null pointer dereference in bermemallocx function...
python3.11-PyMySQL security update
1.0.2-2 - Security fix for CVE-2024-36039 Resolves: RHEL-38365...
less security update
530-3 - Fix CVE-2024-32487 - Resolves: RHEL-32738...
c-ares security update
1.13.0-11 - Resolves: RHEL-26525 - c-ares: Out of bounds read in aresreadline rhel-8...
nghttp2 security update
1.33.0-6.1 - fix CONTINUATION frames DoS CVE-2024-27316 1.33.0-6 - fix CONTINUATION frames DoS CVE-2024-28182...
httpd:2.4/httpd security update
httpd 2.4.37-65.0.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-65 - Resolves: RHEL-31857 - httpd:2.4/httpd: HTTP response splitting CVE-2023-38709 modhttp2 modmd...
openssh security update
8.7p1-38.0.2 - Restore dropped earlier ifdef condition for safe exit1 call in sshsigdie Orabug: 36783468 Resolves CVE-2024-6387...
pki-core security update
11.5.0-2.0.1 - Replaced upstream graphical references Orabug: 33952704 11.5.0-2 - RHEL-9916 CVE-2023-4727 pki-core: dogtag ca: token authentication bypass vulnerability...
git security update
2.43.5-1 - Update to 2.43.5 - Related: RHEL-36399, RHEL-36411 2.43.4-1 - Update to 2.43.4 - Resolves: RHEL-36399, RHEL-36411...
git security update
2.43.5-1 - Update to 2.43.5 - Related: RHEL-36402, RHEL-36414 2.43.4-1 - Update to 2.43.4 - Resolves: RHEL-36402, RHEL-36414...
python3.11 security update
3.11.7-1.1 - Security fix for CVE-2023-6597 - Fix tests for XMLPullParser with Expat with fixed CVE Resolves: RHEL-33884...
python3.9 security update
3.9.18-3.1 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix tests for XMLPullParser with Expat with fixed CVE Resolves: RHEL-33887, RHEL-34287...
libreswan security update
4.12-2.0.1.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-2.1 - Fix CVE-2024-3652 RHEL-40102...
python3.11 security update
3.11.9-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.9-1 - Rebase to 3.11.9 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix expat tests for the latest expat security release Resolves: RHEL-33672, RHEL-33684...
thunderbird security update
115.12.1-1.0.1 - Add Oracle prefs 115.12.1 - Add OpenELA debranding 115.12.1-1 - Update to 115.12.1 build1 115.12.0-2 - Update to 115.12.0 build2 115.12.0-1 - Update to 115.12.0 build1...
thunderbird security update
115.12.1-1.0.1 - Add Oracle prefs file 115.12.1 - Add OpenELA debranding 115.12.1-1 - Update to 115.12.1 build1 115.12.0-2 - Update to 115.12.0 build2 115.12.0-1 - Update to 115.12.0 build1...
ghostscript security update
9.27-13 - CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver library...
ghostscript security update
9.54.0-16 - RHEL-39110 fix regression discovered in OPVP device 9.54.0-15 - RHEL-39110 CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver library...
nghttp2 security update
1.43.0-5.2 - fix CONTINUATION frames DoS CVE-2024-28182, CVE-2024-27316...
thunderbird security update
115.12.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.12.1-1 - Update to 115.12.1 build1 115.12.0-2 - Update to 115.12.0 build2 115.12.0-1 - Update to 115.12.0 build1...
glibc security update
2.17-326.0.9.3 - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi Oracle history: June-22-2023 Cupertino Miranda - 2.17-326.0.9 - OraBug 35517820 Reworked previous patch for OraBug 35318841 and removed free of stack allocations. Reviewed-by: Jose E. Marchesi June-20-2023...
flatpak security update
1.0.9-13 - Fix CVE-2024-32462...
container-tools:ol8 bug fix and enhancement update
aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related: Jira:RHEL-2110 2:1.8.0-1 - update to...
glibc security update
2.17-326.0.6.3 - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi Oracle history: April-28-2023 Cupertino Miranda - 2.17-326.0.6 - OraBug 35338741 Glibc tunable to disable huge pages on pthreadcreate stacks Reviewed-by: Jose E. Marchesi February-22-2023 Cupertino Miranda -...
flatpak security update
1.12.9-1 - Update to 1.12.9 CVE-2024-32462...
flatpak security update
1.12.9-1 - Update to 1.12.9 CVE-2024-32462 1.12.8-1 - Rebase to 1.12.8 RHEL-4220 1.10.8-3 - Let flatpak own %sysconfdir/flatpak RHEL-15822...
firefox security update
115.12.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.12.0-1 - Update to 115.12.0 build1...
firefox security update
115.12.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.12.0-1 - Update to 115.12.0 build1...
firefox security update
115.12.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file 115.12.0-1 - Update to 115.12.0 build1...
glibc security update
2.28-251.0.2.2 - Forward port of Oracle patches over 2.28-251.2 Reviewed-by: Jose E. Marchesi Oracle history: May-23-2024 Cupertino Miranda - 2.28-251.0.2.1 - Forward port of Oracle patches over 2.28-251.1 Reviewed-by: Jose E. Marchesi May-22-2024 Cupertino Miranda - 2.28-251.0.2 - Forward port o...
virt:kvm_utils1 security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libvirt 5.7.0-42 - Document CVEs as fixed Karl Heubaum CVE-2023-2700 - Fix off-by-one error in udevListInterfacesByStatus Martin Kletzander Orabug: 36364474 CVE-2024-1441 - libvirt- : Check caller-provided buffers to be NULL with size 0 Erik...
python-idna security update
2.10-7.0.1.1 - Rebuild with release bump 2.10-7.1 - Security fix for CVE-2024-3651 Resolves: RHEL-33464...
ruby security update
3.0.7-162 - Upgrade to Ruby 3.0.7. Resolves: RHEL-35740 - Fix HTTP response splitting in CGI. Resolves: RHEL-35741 - Fix ReDoS vulnerability in URI. Resolves: RHEL-35742 - Fix ReDoS vulnerability in Time. Resolves: RHEL-35743 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35744 -...
389-ds-base security update
2.4.5-8 - Bump version to 2.4.5-8 - Fix License tag 2.4.5-7 - Bump version to 2.4.5-7 - Resolves: RHEL-34819 - redhat-ds:11/389-ds-base: Malformed userPassword may cause crash at domodify in slapd/modify.c - Resolves: RHEL-34825 - redhat-ds:11/389-ds-base: potential denial of service via speciall...
libreoffice security update
7.1.8.1-12.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Added the --with-hamcrest option to configure. 7.1.8.1 - Remove Red Hat branding - Change vendor to RESF 1:7.1.8.1-12 - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target protocols 1:7.1.8.1-...
rpm-ostree security update
2024.3-3 - Backport https://github.com/coreos/rpm-ostree/security/advisories/GHSA-2m76-cwhg-7wv6 Resolves: RHEL-31852 2024.3-2 - Backport https://github.com/coreos/rpm-ostree/security/advisories/GHSA-2m76-cwhg-7wv6 Resolves: RHEL-31852...
Unbreakable Enterprise kernel security update
5.15.0-207.156.6 - uek-container: Add advanced routing options Boris Ostrovsky Orabug: 36691279 - slub: use countpartialfreeapprox in slaboutofmemory Jianfeng Wang Orabug: 36655468 - slub: introduce countpartialfreeapprox Jianfeng Wang Orabug: 36655468 - Revert 'lockd: introduce safe async lock o...
gvisor-tap-vsock security and bug fix update
6:0.7.3-3 - rebuild for CVE-2023-45290 - Resolves: RHEL-28388...
idm:DL1 security update
bind-dyndb-ldap custodia ipa 4.9.13-10.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.13-10 - kdb: apply combinatorial logic for ticket flags CVE-2024-3183 Resolves: RHEL-29927 - kdb: fix vulnerability in GCD rules handling CVE-2024-2698 Resolves: RHEL-29692...
firefox security update
115.11.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file 115.11.0-1 - Update to 115.11.0 build1...
thunderbird security update
115.11.0-1.0.1 - Add Oracle prefs file 115.11.0-1 - Update to 115.11.0 build2...
fence-agents security update
4.10.0-62.3 - bundled jinja2: fix CVE-2024-34064 Resolves: RHEL-36482 4.10.0-62.2 - fenceeps: add fenceepsr2 for ePowerSwitch R2 and newer Resolves: RHEL-35273 4.10.0-62.1 - ha-cloud-support: upgrade bundled pyroute2 libs to fix issue in gcp-vpc-move-route's stop-action Resolves: RHEL-29668...
buildah security and bug fix update
1.33.7-2.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.33.7-2 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/997beea - Resolves: RHEL-28731...
podman security and bug fix update
4.9.4-4.0.1 - Improved saving remote build context to tarfile in Podman daemon Orabug: 36495655 - Add devices on container startup, not on creation - Backport fast gzip for compression Orabug: 36420418 - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement...
containernetworking-plugins security and bug fix update
1:1.4.0-3 - rebuild for CVE-2023-45290 - Resolves: RHEL-28384...
gdk-pixbuf2 security update
2.42.6-4 - Backport fixes for CVE-2022-48622 - Resolves: RHEL-36432...
cockpit security update
311.2-1.0.1 - Replaced upstream urls in documentation with oracle links Orabug: 36528753 - Drop subscription-manager-cockpit requirement for ol Orabug: 34681110 - Remove duplicate reference to server in cockpit Orabug: 34030494 - Update documentation links Orabug: 30271413, Orabug: 32013095,...
c-ares security update
1.19.1-2 - Resolves: RHEL-26529 - Out of bounds read in aresreadline rhel-9...