9185 matches found
pki-core:10.6 and pki-deps:10.6 security update
apache-commons-collections apache-commons-lang apache-commons-net bea-stax fasterxml-oss-parent 49-1 - Rebase to upstream version 49 26-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild 26-5 - Fix license tag 26-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora27MassRebuild...
perl:5.32 security update
perl-Algorithm-Diff perl-Archive-Tar perl-Archive-Zip perl-autodie perl-bignum perl-Carp perl-Compress-Bzip2 perl-Compress-Raw-Bzip2 perl-Compress-Raw-Lzma perl-Compress-Raw-Zlib 2.096-2 - Fix test broken by update in zlib on s390x - Related: RHEL-16371 perl-Config-Perl-V perl-constant...
389-ds:1.4 security update
1.4.3.39-3 - Bump version to 1.4.3.39-3 - Resolves: RHEL-19240 - RFE Add PROXY protocol support to 389-ds-base via confiuration item - similar to Postfix 1.4.3.39-2 - Bump version to 1.4.3.39-2 - Resolves: RHEL-23209 - CVE-2024-1062 389-ds:1.4/389-ds-base: a heap overflow leading to...
idm:DL1 security update
bind-dyndb-ldap 11.6-4 - Modify empty zone conflicts under exclusive mode Resolves: rhbz2126877 11.6-3 - Rebuild against bind 9.11.36 - Resolves: rhbz2022762 11.6-2 - Rebuild against bind 9.11.26 - Resolves: rhbz1904612 11.6-1 - New upstream release - Resolves: rhbz1891735 11.3-1 - New upstream...
python27:2.7 security update
babel 2.5.1-10 - Fix CVE-2021-20095 Resolves: rhbz1955615 2.5.1-9 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 2.5.1-8 - Fix unversioned requires/buildrequires - Resolves: rhbz1628242 2.5.1-7 - Remove unversioned binaries - Resolves: rhbz1613343 2.5.1-6 - Make...
container-tools:ol8 security update
...
httpd:2.4 security update
httpd 2.4.37-64.0.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-64 - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 2.4.37-63 - modxml2enc: fix media type handling Resolves: RHEL-14321 modhttp2 1.15.7-10 - Resolves: RHEL-29817 -...
exempi security update
2.4.5-4 - Fix CVE-2020-18652 - Resolves: RHEL-5416 2.4.5-3 - Fix CVE-2020-18651 - Resolves: RHEL-5415...
gstreamer1-plugins-base security update
1.16.1-3.0.1 - Update origin URL Orabug: 36209826 1.16.1-3 - CVE-2023-37328 gstreamer1-plugins-base: heap overwrite in subtitle parsing - Resolves: RHEL-19472...
ansible-core bug fix, enhancement, and security update
2.16.3-2 - rebuild with python 3.12 RHEL-24141 2.16.3-1 - ansible-core 2.16.3 release RHEL-23782 - Fix CVE-2024-0690 possible information leak in tasks that ignore ANSIBLENOLOG configuration RHEL-22123 2.16.2-1 - ansible-core 2.16.2 release RHEL-19297 2.16.1-1 - ansible-core 2.16.1 release...
libreoffice security fix update
1:5.3.6.1-26.0.1 - adjust color palette to match Redwood style. - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.3.6.1-26 - Fix CVE-2022-38745 Empty entry in Java class path - Fix CVE-2023-09...
mutt security update
5:2.0.7-3 - Fix for: CVE-2023-4874 CVE-2023-4875 - Resolves: RHEL-2811...
python3.11-cryptography security update
37.0.2-6 - Security fix for CVE-2023-49083 - Resolves: RHEL-19831...
libsndfile security update
1.0.28-14 - fix integer overflows causing CVE-2022-33065 RHEL-3750...
qt5-qtbase security update
5.15.3-7 - Fix CVE-2024-25580: potential buffer overflow when reading KTX images Resolves: RHEL-25725 5.15.3-6 - Fix incorrect integer overflow check in HTTP2 implementation Resolves: RHEL-20238...
ghostscript security update
9.27-12 - fix to prevent divison by zero in devices - Resolves: rhbz2235009...
vorbis-tools security update
1:1.4.0-29 - fix out-of-bounds read in oggenc CVE-2023-43361...
gmp security update
1:6.1.2-11 - Fix: CVE-2021-43618 Resolves: RHEL-23055...
gstreamer1-plugins-good security update
1.16.1-4 - CVE-2023-37327: integer overflow leading to heap overwrite in FLAC image tag handling - Resolves: RHEL-19469...
pam security update
1.3.1-33 - pamnamespace: protectdir: use ODIRECTORY to prevent local DoS situations. CVE-2024-22365. Resolves: RHEL-21242 1.3.1-32 - pamaccess: handle hostnames in access.conf. Resolves: RHEL-3374 1.3.1-31 - pamfaillock: create tallydir before creating tallyfile. Resolves: RHEL-19810 1.3.1-30 -...
poppler security update
21.01.0-11 - Fix crashes in FoFiType1C - Rebuild for inclusion of poppler-glib-doc in CRB - Resolves: RHEL-4255, RHEL-4273 21.01.0-10 - Check XRef's Catalog for being a Dict - Resolves: 2189816 20.11.0-9 - Check isDict before calling getDict 2 - Resolves: 2189837 20.11.0-8 - Check isDict before...
python-pillow security update
5.1.1-20 - Security fix for CVE-2023-50447 Resolves: RHEL-22240 5.1.1-19 - Security fix for CVE-2023-44271 Resolves: RHEL-15460...
zziplib security update
0.13.68-13 - Fix CVE-2020-18770 Previous patch contained segfault bug Resolves: RHEL-14966 0.13.68-12 - Add the gating tests from the 8.8.0 branch Resolves: RHEL-24429 0.13.68-11 - Use /usr/libexec/platform-python macro during the config phase used for doc generation Resolves: RHEL-22880 0.13.68-...
kernel security and bug fix update
5.14.0-427.18.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
freeglut security update
3.0.0-9 - Fix CVE-2024-24258 and CVE-2024-24259 Resolves: https://issues.redhat.com/browse/RHEL-25175 Resolves: https://issues.redhat.com/browse/RHEL-25177...
perl-CPAN security update
2.18-399 - Fix tests to run in correct order 2.18-398 - Fix CVE-2023-31484 - Package tests 2.18-397 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild 2.18-396 - Rebase patches to prevent from installing back-up files 2.18-395 - Rebuilt for...
harfbuzz security update
1.7.5-4 - Resolves:RHEL-8400 allows attackers to trigger On^2 growth via consecutive marks...
squashfs-tools security update
4.3-21 - CVE-2021-41072 squashfs-tools: additional write outside destination directory exploit fix CVE-2021-40153 squashfs-tools: unvalidated filepaths allow writing outside of destination Resolves: rhbz2007303 rhbz2000637...
frr security update
7.5.1-22.0.1 - Fix POSTIN scriptlet Orabug: 34712485 - Resolves: RHEL-15916 - Flowspec overflow in bgpd/bgpflowspec.c - Resolves: RHEL-15919 - Out of bounds read in bgpd/bgplabel.c - Resolves: RHEL-15869 - crash from specially crafted MPUNREACHNLRI-containing BGP UPDATE message - Resolves:...
pcs security update
0.10.18-2.0.1 - Replace HAM-logo.png with a generic one 0.10.18-2 - Fixed CVE-2024-25126, CVE-2024-26141, CVE-2024-26146 in bundled dependency rack Resolves: RHEL-26445, RHEL-26447, RHEL-26449 0.10.18-1 - Rebased to the latest sources see CHANGELOG.md Resolves: RHEL-7741 0.10.17-6 - Rebased to th...
xorg-x11-server-Xwayland security update
21.1.3-15 Fix for CVE-2023-6816, CVE-2024-0229, CVE-2024-21885, CVE-2024-21886, CVE-2024-0408, CVE-2024-0409 21.1.3-14 - Fix for CVE-2023-6377, CVE-2023-6478 21.1.3-13 - Fix for CVE-2023-5367...
xorg-x11-server security update
1.20.4-24 - Fix use after free related to CVE-2024-21886 1.20.11-21 - CVE fix for: CVE-2023-6816, CVE-2024-0229, CVE-2024-21885, CVE-2024-21886, CVE-2024-0408 and CVE-2024-0409 Resolves: https://issues.redhat.com/browse/RHEL-21207 Resolves: https://issues.redhat.com/browse/RHEL-20528 Resolves:...
systemd security update
239-82.0.1 - Fixed deletion issue for symlink when device is opened Orabug: 36228608 - Fix local-fs and remote-fs targets during system boot replaces old Orabug: 25897792 Orabug: 35871376 - 1A Add 'systemd-fstab-generator-reload-targets.service' file Orabug: 35871376 - 1B Add required rpms for...
fence-agents security and bug fix update
4.2.1-129 - bundled urllib3: fix CVE-2023-45803 Resolves: RHEL-18132 - bundled pycryptodome: fix CVE-2023-52323 Resolves: RHEL-20915 - bundled jinja2: fix CVE-2024-22195 Resolves: RHEL-22174 4.2.1-127 - fencescsi: fix registration handling if ISID conflicts Resolves: RHEL-5397 - fencezvmip:...
python3.11-urllib3 security update
1.26.12-2 - Security fix for CVE-2023-43804 Resolves: RHEL-11996...
traceroute security update
3:2.1.0-8 - add gating.yaml 3:2.1.0-7 - fix improper command line parsing CVE-2023-46316...
tigervnc security update
1.13.1-8 - Fix copy/paste error in the DeviceStateNotify Resolves: RHEL-20530 1.13.1-7 - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20388 - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent...
perl-Convert-ASN1 security update
0.27-18 - Fix unsafe decoding in indef case CVE-2013-7488...
pmix security update
2.2.5-3 - Add gating test - Resolves: RHEL-3692 2.2.5-2 - Fix CVE-2023-41915 - Resolves: RHEL-3692...
libX11 security update
1.6.8-8 - Backport fix for Xlib lockups due to recursive XError RHEL-23452 1.6.8-7 - Fix CVE-2023-43785: out-of-bounds memory access in XkbReadKeySyms - Fix CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage - Fix CVE-2023-43787: integer overflow in XCreateImage leading to a...
openssh security update
8.0p1-24.0.1 - Update upstream references Orabug: 36587718 8.0p1-24 - Providing a kill switch for scp to deal with CVE-2020-15778 Resolves: RHEL-22870 8.0p1-23 - Fix Terrapin attack Resolves: RHEL-19308 8.0p1-22 - Fix Terrapin attack Resolves: RHEL-19308 - Forbid shell metasymbols in...
python-jinja2 security update
2.10.1-4 - Security fix for CVE-2024-22195 Resolves: RHEL-21347 2.10.1-3 - Fix CVE-2020-28493: ReDOS vulnerability due to the sub-pattern Resolves: rhbz1928707 2.10.1-2 - Rebuild of package to go through gating - Resolves: rhbz1701301 2.10.1-1 - Rebase to 2.10.1 security update to fix...
libssh security update
0.9.6-14 - Fix CVE-2023-48795 Prefix truncation attack on Binary Packet Protocol BPP - Fix CVE-2023-6918 Missing checks for return values for digests - Fix CVE-2023-6004 ProxyCommand/ProxyJump features allow injection of malicious code through hostname - Note: version is bumped from 12 to 14...
libtiff security update
4.0.9-31 - Fix CVE-2022-3599 CVE-2022-4645 - Resolves: RHEL-5399 4.0.9-30 - Bump specfile to retrigger gating - Add tests folder for standard beakerlib - Related: RHEL-4683 RHEL-4685 RHEL-4686 RHEL-4687 RHEL-4688...
python3.11 security update
3.11.7-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.7-1 - Rebase to 3.11.7 Resolves: RHEL-21915 3.11.5-2 - Security fix for CVE-2023-27043 Resolves: RHEL-7842...
webkit2gtk3 security update
2.42.5-1 - Update to 2.42.5 Resolves: RHEL-3961 2.42.4-1 - Update to 2.42.4 Resolves: RHEL-3961 Resolves: RHEL-19365 2.42.3-1 - Update to 2.42.3 Resolves: RHEL-3961 2.42.2-1 - Update to 2.42.2 Resolves: RHEL-3961 2.42.1-1 - Update to 2.42.1 Resolves: RHEL-3961 2.42.0-1 - Upgrade to 2.42.0 Resolve...
libXpm security update
3.5.12-11 - Drop hardening patches from previous version to keep ABI compatibility 3.5.12-10 - CVE-2023-43786 libX11: stack exhaustion from infinite recursion in PutSubImage - CVE-2023-43787 libX11: integer overflow in XCreateImage leading to a heap overflow - CVE-2023-43788 libXpm: out of bounds...
gstreamer1-plugins-bad-free security update
1.16.1-4.0.1 - Update origin URL Orabug: 36209826 1.16.1-4 - Patch CVE-2023-40474: Integer overflow - Patch CVE-2023-40475: Integer overflow - Patch CVE-2023-40476: Integer overflow in H.265 video parser - Resolves: RHEL-19500, RHEL-19504, RHEL-19507 1.16.1-3 - Bump to avoid conflict with z strea...
edk2 security update
20220126gitbb1bba3d77-13 - edk2-EmbeddedPkg-Hob-Integer-Overflow-in-CreateHob.patch RHEL-21158 - edk2-StandaloneMmPkg-Hob-Integer-Overflow-in-CreateHob.patch RHEL-21158 - Resolves: RHEL-21158 CVE-2022-36765 edk2: integer overflow in CreateHob could lead to HOB OOB R/W rhel-8...
motif security update
2.3.4-20 - Fix CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer - Fix CVE-2023-43789: out of bounds read on XPM with corrupted colormap...