8998 matches found
gnutls security update
3.6.16-8.3fips - Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length as defined in FIPS 186-4 section B.3.2 Orabug: 33200526 - Allow bigger known RSA modulus sizes when calling rsageneratefips1864keypair directly Orabug: 33200526 - Change Epoch from 1 to 10fips...
bind and dhcp security update
bind 32:9.11.36-11.1 - Speed up parsing of DNS messages with many different names CVE-2023-4408 - Prevent increased CPU consumption in DNSSEC validator CVE-2023-50387 CVE-2023-50868 - Do not use headerprev in expirelruheaders dhcp 4.3.6 - Change bug tracker path 12:4.3.6-49.1 - Rebuild because of...
X.Org server security update
1.20.4-29 - Fix regression caused by the fix for CVE-2024-31083 1.20.4-28 - CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082 and CVE-2024-31083 Resolves: https://issues.redhat.com/browse/RHEL-31003 Resolves: https://issues.redhat.com/browse/RHEL-30989 Resolves:...
bind9.16 security update
32:9.16.23-0.16.2 - Prevent crashing at masterformat system test CVE-2023-6516 32:9.16.23-0.16.1 - Prevent increased CPU load on large DNS messages CVE-2023-4408 - Prevent assertion failure when nxdomain-redirect is used with RFC 1918 reverse zones CVE-2023-5517 - Prevent assertion failure if DNS...
httpd:2.4/mod_http2 security update
httpd modhttp2 1.15.7-8.5 - Resolves: RHEL-29816 - httpd:2.4/modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 modmd...
squid security update
7:3.5.20-17.0.1 - Mutiple CVE fixes for squid Orabug: 33146289 - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing 788 - Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range...
bind security update
bind 32:9.16.23-14.4 - Rebuild with correct z-stream tag again 32:9.16.23-14.3 - Rebuild together with bind-dyndb-ldap to adjust ABI changes 32:9.16.23-14.2 - Import tests for large DNS messages fix - Add downstream change complementing CVE-2023-50387 32:9.16.23-14.1 - Prevent increased CPU load ...
unbound security update
1.16.2-5.6 - Rebuilt again with z-stream target 1.16.2-5.5 - Correct typo in new config file 1.16.2-5.4 - Ensure group access correction reaches also updated configs CVE-2024-1488 1.16.2-5.3 - Ensure only unbound group can change configuration CVE-2024-1488...
virt:kvm_utils3 security update
hivex libguestfs libguestfs-winsupport 8.9-1 - Rebase to ntfs-3g 2022.10.3 - Fixes: CVE-2022-40284 - resolves: rhbz2236372 libiscsi libnbd libtpms libvirt 9.0.0-5 - Fix off-by-one error in udevListInterfacesByStatus Martin Kletzander Orabug: 36364464 CVE-2024-1441 libvirt-dbus libvirt-python...
unbound security update
1.16.2-3.5 - Rebuilt again with z-stream target 1.16.2-3.4 - Correct typo in new config file 1.16.2-3.3 - Ensure group access correction reaches also updated configs CVE-2024-1488 1.16.2-3.2 - Ensure only unbound group can change configuration CVE-2024-1488...
kernel security, bug fix, and enhancement update
4.18.0-513.24.19.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
varnish security update
6.6.2-4.1 - Resolves: RHEL-30387 - varnish: HTTP/2 Broken Window Attack may result in denial of service CVE-2024-30156 6.6.2-4 - Add parameters h2rstallowance and h2rstallowanceperiod to mitigate CVE-2023-44487 - Resolves: RHEL-12817...
varnish security update
varnish 6.0.13-1 - new version 6.0.13 - Resolves: RHEL-30378 - varnish:6/varnish: HTTP/2 Broken Window Attack may result in denial of service CVE-2024-30156 varnish-modules...
rear security update
2.6-11.0.1 - Change OSVENDOR to OracleServer 2.6-11 - make initrd accessible only by root CVE-2024-23301, PR 3123...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.330.7.1.el7 - KVM: x86: Add BHINO Daniel Sneddon Orabug: 36384803 CVE-2024-2201 - x86/bhi: Mitigate KVM by default Pawan Gupta Orabug: 36384803 CVE-2024-2201 - x86/bhi: Add BHI mitigation knob Pawan Gupta Orabug: 36384803 CVE-2024-2201 - x86/bhi: Enumerate Branch History Injection BHI...
nodejs:20 security update
nodejs 1:20.11.1-1 - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 high - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 medium nodejs-nodemon nodejs-packaging...
Unbreakable Enterprise kernel security update
5.4.17-2136.330.7.1 - KVM: x86: Add BHINO Daniel Sneddon Orabug: 36384803 CVE-2024-2201 - x86/bhi: Mitigate KVM by default Pawan Gupta Orabug: 36384803 CVE-2024-2201 - x86/bhi: Add BHI mitigation knob Pawan Gupta Orabug: 36384803 CVE-2024-2201 - x86/bhi: Enumerate Branch History Injection BHI bug...
Unbreakable Enterprise kernel security update
5.15.0-205.149.5.1 - KVM: x86: Add BHINO Daniel Sneddon Orabug: 36384802 CVE-2024-2201 - x86/bhi: Mitigate KVM by default Pawan Gupta Orabug: 36384802 CVE-2024-2201 - x86/bhi: Add BHI mitigation knob Pawan Gupta Orabug: 36384802 CVE-2024-2201 - x86/bhi: Enumerate Branch History Injection BHI bug...
Unbreakable Enterprise kernel security update
4.14.35-2047.535.2.1 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36467681 CVE-2024-1086 4.14.35-2047.535.2 - Fix null ptr in rdstcprecvpath Allison Henderson Orabug: 33499812 - LTS version: v4.14.338 Saeed Mirzamohammadi - crypto: scompress - initialize...
less security update
590-3 - Fix CVE-2022-48624 - Resolves: RHEL-26265...
nodejs:20 security update
nodejs 1:20.11.1-1 - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 high - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 medium nodejs-nodemon nodejs-packaging...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.330.7.1.el8 - KVM: x86: Add BHINO Daniel Sneddon Orabug: 36384803 CVE-2024-2201 - x86/bhi: Mitigate KVM by default Pawan Gupta Orabug: 36384803 CVE-2024-2201 - x86/bhi: Add BHI mitigation knob Pawan Gupta Orabug: 36384803 CVE-2024-2201 - x86/bhi: Enumerate Branch History Injection BHI...
grafana security and bug fix update
9.2.10-8 - Rebuild with latest version of golang - resolves CVE-2024-1394...
kernel security update
4.18.0-513.18.1.0.19.OL8 - netfilter: nftables: reject QUEUE/DROP verdict parameters Orabug: 36461932 CVE-2024-1086 4.18.0-513.18.19.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted...
curl security and bug fix update
7.61.1-33.5 - cap SFTP packet size sent RHEL-5485 - when keyboard-interactive auth fails, try password 2229800 - unify the upload/method handling CVE-2023-28322 - fix cookie injection with none file CVE-2023-38546 - lowercase the domain names before PSL checks CVE-2023-46218...
kernel security update
5.14.0-362.24.1.0.13.OL9 - netfilter: nftables: reject QUEUE/DROP verdict parameters Orabug: 36461940 CVE-2024-1086 - 5.14.0-362.24.13.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel...
opencryptoki security update
3.21.0-10 - timing side-channel in handling of RSA PKCS1 v1.5 padded ciphertexts Marvin Resolves: RHEL-22791...
grafana-pcp security and bug fix update
5.1.1-2 - Rebuild with latest version of golang - resolves CVE-2024-1394...
less security update
530-2 - Fix CVE-2022-48624 - Resolves: RHEL-26265...
expat security update
2.2.5-11.0.1.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-11.1 - CVE-2023-52425 expat: parsing large tokens can trigger a denial of service - Resolves: RHEL-29321...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.329.3.2.el8 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36465920 CVE-2024-1086...
Unbreakable Enterprise kernel security update
4.14.35-2047.534.3.1 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36251145 CVE-2024-1086...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.329.3.2.el7 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36465920 CVE-2024-1086...
olcne security update
1.8.1-2 - Cleanup spec file 1.8.1-1 - Fix OLM upgrade failure - upgrade from 0.17.0 to 0.23.1 failed due to a couple of crds missing - Add hostpathRequiresPrivilged value to rook template cr to be passed to module operator - Fixed Istio-1.18 and Istio-1.19 installation on aarch64 architecture -...
olcne security update
1.8.1-2 - Cleanup spec file 1.8.1-1 - Fix OLM upgrade failure - upgrade from 0.17.0 to 0.23.1 failed due to a couple of crds missing - Add hostpathRequiresPrivilged value to rook template cr to be passed to module operator - Fixed Istio-1.18 and Istio-1.19 installation on aarch64 architecture -...
olcne security update
1.8.1-2 - Cleanup spec file 1.8.1-1 - Fix OLM upgrade failure - upgrade from 0.17.0 to 0.23.1 failed due to a couple of crds missing - Add hostpathRequiresPrivilged value to rook template cr to be passed to module operator - Fixed Istio-1.18 and Istio-1.19 installation on aarch64 architecture -...
ruby:3.1 security, bug fix, and enhancement update
ruby 3.1.4-143 - Upgrade to Ruby 3.1.4. Resolves: RHEL-5586 - Fix HTTP response splitting in CGI. Resolves: RHEL-5591 - Fix ReDos vulnerability in URI. Resolves: RHEL-28919 Resolves: RHEL-5612 - Fix ReDos vulnerability in Time. Resolves: RHEL-28920 - Make RDoc soft dependency in IRB. Resolves:...
olcne security update
1.8.1-2 - Cleanup spec file 1.8.1-1 - Fix OLM upgrade failure - upgrade from 0.17.0 to 0.23.1 failed due to a couple of crds missing - Add hostpathRequiresPrivilged value to rook template cr to be passed to module operator - Fixed Istio-1.18 and Istio-1.19 installation on aarch64 architecture -...
Unbreakable Enterprise kernel security update
5.15.0-204.147.6.3 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36464807 CVE-2024-1086...
Unbreakable Enterprise kernel security update
4.1.12-124.84.2 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36251327 CVE-2024-1086 4.1.12-124.84.1 - mm: avoid conflict between MADVDOEXEC and upstream advice values Anthony Yznaga Orabug: 36334311 - kobject: Fix slab-out-of-bounds in fillkobjpath Wang Hai...
Unbreakable Enterprise kernel security update
5.4.17-2136.329.3.2 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36465920 CVE-2024-1086...
libreoffice security fix update
6.4.7.2-16.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:6.4.7.2-16 - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target protocols...
thunderbird security update
115.9.0-1.0.1 - Add Oracle prefs 115.9.0-1 - Update to 115.9.0 build1 - Fix expat CVE-2023-52425...
grafana security update
9.2.10-8 - Rebuild with latest version of golang - resolve RHEL-24313...
expat security update
2.5.0-1.1 - CVE-2023-52425: Fix parsing of large tokens - CVE-2024-28757: Reject direct parameter entity recursion - Resolves: RHEL-29698 - Resolves: RHEL-29695...
firefox security update
115.9.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.9.1-1 - Update to 115.9.1 115.9.0-2 - Update to 115.9.0 build2 115.9.0-1 - Update to 115.9.0 buil...
nodejs:18 security update
nodejs 1:18.19.1-1 - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 high - Fixes: CVE-2023-46809 medium nodejs-nodemon nodejs-packaging...
nodejs:18 security update
nodejs 1:18.19.1-1 - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 high - Fixes: CVE-2023-46809 medium nodejs-nodemon nodejs-packaging...
grafana-pcp security update
5.1.1-2 - Rebuild with latest version of golang - resolves CVE-CVE-2024-1394...
firefox security update
115.9.1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file 115.9.1 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 115.9.1-1 - Update to 115.9.1 115.9.0-2 - Update to 115.9.0 build2 115.9.0-1 - Update to 115.9.0 build1 - Fix exp...