9185 matches found
python-pillow security update
5.1.1-20 - Security fix for CVE-2023-50447 Resolves: RHEL-22240 5.1.1-19 - Security fix for CVE-2023-44271 Resolves: RHEL-15460...
kernel security, bug fix, and enhancement update
4.18.0-553.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x...
nodejs security update
1:16.20.2-8.0.1 - Fix CVE-2024-28182, CVE-2024-22025, CVE-2024-25629, CVE-2024-27982, CVE-2024-27983...
thunderbird security update
115.11.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.11.0-1 - Update to 115.11.0 build2...
thunderbird security update
115.11.0-1.0.1 - Add Oracle prefs 115.11.0-1 - Update to 115.11.0 build2...
nodejs:20 security update
nodejs 1:20.12.2-2 - Backport nghttp2 patch for CVE-2024-28182 1:20.12.2-1 - Rebase to version 20.12.0 Fixes: CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 node Fixes: CVE-2024-25629 c-ares nodejs-nodemon nodejs-packaging...
firefox security update
115.11.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.11.0-1 - Update to 115.11.0 build1...
firefox security update
115.11.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.11.0-1 - Update to 115.11.0 build1...
Unbreakable Enterprise kernel security update
5.15.0-206.153.7 - mmc: core: Initialize mmcblkiocdata Mikko Rapeli - ahci: asm1064: asm1166: don't limit reported ports Conrad Kostecki - mmc: core: Fix switch on gp3 partition Dominique Martinet - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory Michael Kelley -...
.NET 7.0 security update
7.0.119-1.0.1 - Add OracleLinux support...
.NET 8.0 security update
8.0.105-1.0.1 - Add support for Oracle Linux 8.0.105-1 - Update to .NET SDK 8.0.105 and Runtime 8.0.5 - Resolves: RHEL-35317...
nodejs:18 security update
nodejs 1:18.20.2-2 - Removes .ps1 files - Rebase to 18.20.2 - Fixes: CVE-2024-27983, CVE-2024-28182, CVE-2024-27982, CVE-2024-25629 nodejs-nodemon nodejs-packaging...
Unbreakable Enterprise kernel security update
5.4.17-2136.331.7 - Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' Siddh Raman Pant - Revert 'selftests: mm: fix maphugetlb failure on 64K page size systems' Harshit Mogalapalli Orabug: 36584568 - Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port' Arumugam...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.331.7.el7 - Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' Siddh Raman Pant - Revert 'selftests: mm: fix maphugetlb failure on 64K page size systems' Harshit Mogalapalli Orabug: 36584568 - Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port' Arumugam...
Unbreakable Enterprise kernel security update
4.14.35-2047.536.5 - mmc: core: Fix switch on gp3 partition Dominique Martinet - Revert 'Revert 'md/raid5: Wait for MDSBCHANGEPENDING in raid5d'' Song Liu - mm/memory-failure: fix an incorrect use of tail pages Liu Shixin - Revert 'x86/mm/identmap: Use gbpages only where full GB page should be...
nodejs:18 security update
nodejs 1:18.20.2-1 - Removes .ps1 files - Rebase to 18.20.2 - Fixes: CVE-2024-27983, CVE-2024-28182, CVE-2024-27982, CVE-2024-25629 nodejs-nodemon nodejs-packaging...
nodejs:20 security update
nodejs 1:20.12.2-2 - Backport nghttp2 patch for CVE-2024-28182 1:20.12.2-1 - Rebase to version 20.12.0 Fixes: CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 node Fixes: CVE-2024-25629 c-ares nodejs-nodemon nodejs-packaging...
kernel security and bug fix update
5.14.0-427.16.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
glibc security update
2.28-236.0.1.13 - Forward port of Oracle patches. Reviewed-by: Jose E. Marchesi...
pcp security, bug fix, and enhancement update
6.2.0-2.0.1 - Fixed libpcp derived metric issue for ol9 Orabug: 36538820 6.2.0-2 - Disable RESP proxying by default in pmproxy RHEL-30719...
gnutls security update
3.8.3-4fips - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35925409 - Update FIPS module name for Oracle Linux Orabug: 35925409 3.8.3-4 - Bump release to ensure el9 package is greater than el9 packages 3.8.3-3 - Bump release to ensure el9 package is greater than...
git-lfs security update
3.2.0-3 - Rebuild with new Golang - Resolves: RHEL-32542...
python-jwcrypto security update
0.8-5 - Address potential DoS with high compression ratio Resolves: RHEL-28698...
sssd security and bug fix update
2.9.4-6.0.1 - Restore default debug level for ssscache Orabug: 32810448 2.9.4-6 - Resolves: RHEL-27209 - Race condition during authorization leads to GPO policies functioning inconsistently rhel-9.4.0 2.9.4-5 - Resolves: RHEL-28161 - Passkey cannot fall back to password 2.9.4-4 - Resolves:...
skopeo security and bug fix update
2:1.14.3-2 - update to the latest content of https://github.com/containers/skopeo/tree/release-1.14 https://github.com/containers/skopeo/commit/5f2b9af - Resolves: RHEL-28736 2:1.14.3-1 - update to the latest content of https://github.com/containers/skopeo/tree/release-1.14...
buildah bug fix update
1.33.7-1.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.33.7-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/b95e962 - Resolves: RHEL-28230...
libreswan security update
4.12-2.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-2 - Fix CVE-2024-2357 RHEL-32761 - x509: unpack IPv6 general names based on length RHEL-32718...
libxml2 security update
2.9.13-6 - Fix CVE-2024-25062 RHEL-29196...
Unbreakable Enterprise kernel security update
4.1.12-124.85.1 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to race condition Zheng Wang Orabug: 35282809 CVE-2023-1989...
grafana-pcp security update
5.1.1-2 - fix CVE-2024-1394...
mod_http2 security update
2.0.26-2 - Resolves: RHEL-31855 - modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 2.0.26-1 - Resolves: RHEL-14691 - modhttp2 rebase to 2.0.26...
podman security and bug fix update
4.9.4-3.0.1 - Add devices on container startup, not on creation - Backport fast gzip for compression Orabug: 36420418 - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 4:4.9.4-3 - rebuild - Related:...
grafana security update
9.2.10-16 - Check OrdID is correct before deleting snapshot - fix CVE-2024-1313 - fix CVE-2024-1394...
gnutls security update
3.8.3-4 - Bump release to ensure el9 package is greater than el9 packages 3.8.3-3 - Bump release to ensure el9 package is greater than el9 packages 3.8.3-2 - Fix timing side-channel in deterministic ECDSA RHEL-28959 - Fix potential crash during chain building/verification RHEL-28954...
git-lfs security update
3.4.1-2 - Rebuild with new Golang - Resolves: RHEL-32570, RHEL-28385, RHEL-28402, RHEL-28432...
tigervnc security update
1.13.1-8.3 - Rebuild z-stream target Resolves: RHEL-30985 Resolves: RHEL-31015 1.13.1-8.2 - Fix crash caused by fix for CVE-2024-31083 Resolves: RHEL-30985 1.13.1-8.1 - Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents Resolves: RHEL-31015 ...
libvirt security and bug fix update
10.0.0-6.2.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 10.0.0-6.2.el94 - qemu: Fix migration with custom XML RHEL-32654 10.0.0-6.1.el94 - Fix off-by-one error in udevListInterfacesByStatus CVE-2024-1441, RHEL-25081 - remote: check for negative array lengths before allocation...
bind security update
bind 9.16.23-18.0.1 - Fix warning when changing device file permissions Orabug: 36518580 32:9.16.23-18.1 - Rebuild with correct z-stream tag again 32:9.16.23-18 - Prevent crashing at masterformat system test CVE-2023-6516 32:9.16.23-17 - Import tests for large DNS messages fix - Add downstream...
golang security update
1.21.9-2 - Rebuilt for z-stream - Related: RHEL-24312 - Related: RHEL-28940 1.21.9-1 - Fix CVE-2024-1394 - Fix CVE-2023-45288 - Resolves RHEL-24312 - Resolves RHEL-28940...
avahi security update
0.8-20 - Fix CVE-2023-38469 RHEL-5637 0.8-19 - Fix CVE-2023-38471 RHEL-5642 0.8-18 - Fix CVE-2023-38472 RHEL-5645 0.8-17 - Fix CVE-2023-38470 RHEL-5641 0.8-16 - Fix CVE-2023-38473 RHEL-5729...
libvirt security update
10.0.0-6.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 10.0.0-6 - qemu: virtiofs: do not crash if cgroups are missing RHEL-7386 - qemu: virtiofs: set correct label when creating the socket RHEL-7386 - qemu: virtiofs: error out if getting the group or user name fails RHEL-7386 10.0.0-5...
pcp security update
6.2.0-1.0.1 - Fixed libpcp derived metric issue for ol9 Orabug: 36538820 6.2.0-1 - Rebase to latest stable version of PCP RHEL-2317 6.1.1-4 - Fix pcp-ss1 handling of UDP packet states RHEL-17649 6.1.1-2 - Fix pcp-ss1 default handling of listen state RHEL-17335 - Added pcp package dependency on...
Image builder components bug fix, enhancement and security update
osbuild 110-1 - New upstream release 109-1 - New upstream release 106-1 - New upstream release 105-1 - New upstream release 104-2 - Fix unit tests in RHEL CI by backporting upstream fixes 104-1 - New upstream release 103-1 - New upstream release 102-1 - New upstream release 101-2 - Change unit-te...
mingw-glib2 security update
2.78.0-1 - Bump glib2 version 2.78.0 - Drop DesktopQE gating - Fix CVEs: CVE-2023-32636, CVE-2023-29499, CVE-2023-32611, CVE-2023-32665, DoS - Resolves: RHEL-5019 - Resolves: RHEL-5020 - Resolves: RHEL-5092 - Resolves: RHEL-5093 - Resolves: RHEL-5094...
systemd security update
252-32.0.2 - Due to a new Orabug: 36564551 filed on April 29 2024, reverting from back to - previous Tony Lam patch Orabug: 25897792 until issue with Orabug: 36564551 is resolved. - Re-Added 1001-Fix-missing-netdev-for-iscsi-entry-in-fstab.patch Orabug: 25897792 - Removed the following, associate...
ipa security update
4.11.0-9.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 - Add bind to ipa-server-common Requires Orabug: 36518596 4.11.0-9 - Resolves: RHEL-28258 vault fails on non-fips client if server is in FIPS mode - Resolves: RHEL-26154 ipa: freeipa: specially crafted HTTP requests...
pam security update
1.3.1-19.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36406534 1.3.1-19 - pamnamespace: protectdir: use ODIRECTORY to prevent local DoS situations. CVE-2024-22365. Resolves: RHEL-21244 1.3.1-18 - libpam: use getlogin from libc and not utmp. Resolves: RHEL-16727 - pamaccess:...
httpd security update
2.4.57-8.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.57-8 - modxml2enc: fix media type handling Resolves: RHEL-17686 - moddav: add DavBasePath Resolves: RHEL-6600 2.4.57-7 - Resolves: RHEL-14447 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 2.4.57-...
buildah security update
1.33.6-2.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.33.6-2 - update tags for systemd libsubid - Resolves: RHEL-26594 2:1.33.6-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33...
ming2-puxman security update
0.42.2-3 - Bump pixman version 0.42.2 - Drop DesktopQE gating - Fix CVEs: CVE-2022-44638 - Resolves: RHEL-5013...