8984 matches found
webkit2gtk3 security update
2.52.3-0.1 - Update to 2.52.1...
thunderbird security update
140.9.1-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.9.1 - Add OpenELA debranding 140.9.1-1 - Update to 140.9.1 ESR...
kernel security update
4.18.0-553.120.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
osbuild-composer security update
101.4-5.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size to 1GB Orabug: 36827079 - support for building OL8/9 images on Oracle Linu...
osbuild-composer security update
149-5.0.1 - Add missing dependency over dracut-config-rescue for image-installer ORABUG: 38587453 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming...
freerdp security update
2:2.11.7-7 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162949, RHEL-162965...
.NET 8.0 security update
8.0.126-1.0.1 - Add support for Oracle Linux 8.0.126-1 - Update to .NET SDK 8.0.126 and Runtime 8.0.26 - Resolves: RHEL-163416...
openexr security update
3.1.1-3.1 - fix CVE-2026-27622...
delve security update
1.25.2-3.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-3 - Rebuild with latest Go...
giflib security update
5.2.1-9.1 - fix CVE-2026-23868: double free in GifMakeSavedImage RHEL-154863...
.NET 8.0 security update
8.0.126-1.0.1 - Add support for Oracle Linux 8.0.126-1 - Update to .NET SDK 8.0.126 and Runtime 8.0.26 - Resolves: RHEL-163413...
kernel security update
5.14.0-611.49.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
OpenEXR security update
2.2.0-12.1 - fix CVE-2026-27622...
ImageMagick security update
6.9.10.68-7.0.9 - Fix CVE-2026-28691 and CVE-2026-28693 Orabug: 39174244 6.9.10.68-7.0.7 - Fixes Local File Disclosure via Path Traversal CVE-2026-25965 Orabug: 39118995 - Fixes Memory allocation with excessive without limits in the internal SVG decoder CVE-2026-25985 6.9.10.68-7.0.5 - Fix...
giflib security update
5.1.4-4 - fix CVE-2026-23868: double free in GifMakeSavedImage RHEL-154853...
go-rpm-macros security update
3.6.0-8 - Rebuild with latest Go...
go-rpm-macros security update
3.6.0-14 - Rebuild with latest Go - Resolves: RHEL-158726...
giflib security update
5.2.1-22.1 - fix CVE-2026-23868: double free in GifMakeSavedImage RHEL-154849...
nodejs:20 security update
nodejs 1:20.20.2-1 - Update to version 20.20.2 - Patch nghttp2 to version 1.68.1 and disable tests which would fail due to this change. Resolves: RHEL-154018 Fixes: CVE-2026-27135 CVE-2026-27904 CVE-2026-26996 CVE-2026-25547 CVE-2026-21710 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves:...
freerdp security update
2:3.10.3-5.6 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162946, RHEL-162962...
libarchive security update
3.5.3-9 - Resolves: CVE-2026-4424 - Resolves: CVE-2026-5121 3.5.3-8 - Release bump...
389-ds-base security update
1.3.11.1-5.0.7 - Security fix for CVE-2025-14905 Orabug: 39146844 1.3.11.1-5.0.5 - Allow Uniqueness plugin to search uniqueness attributes using custom matching rules Orabug: 38388205...
perl:5.32 security update
perl 4:5.32.1-474 - Resolves: RHEL-153834 - Fix CVE-2025-40909 - Clone dirhandles without fchdir 4:5.32.1-473 - Fix CVE-2023-47038 - Added perl-autouse and perl-ExtUtils-MM-Utils to perl run-requires 4:5.32.1-472 - Add definition of OPTIMIZE to .ph files, if optimizing is used bug2159760...
.NET 9.0 security update
9.0.116-1.0.1 - Add support for Oracle Linux 9.0.116-1 - Update to .NET SDK 9.0.116 and Runtime 9.0.15 - Resolves: RHEL-163396...
.NET 10.0 security update
10.0.106-1.0.1 - Add support for Oracle Linux 10.0.106-1 - Update to .NET SDK 10.0.106 and Runtime 10.0.6 - Resolves: RHEL-163381...
.NET 9.0 security update
9.0.116-1.0.1 - Add support for Oracle Linux 9.0.116-1 - Update to .NET SDK 9.0.116 and Runtime 9.0.15 - Resolves: RHEL-163394...
.NET 10.0 security update
10.0.106-1.0.1 - Add support for Oracle Linux 10.0.106-1 - Update to .NET SDK 10.0.106 and Runtime 10.0.6 - Resolves: RHEL-163385...
freerdp security update
2:2.11.7-1.6 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162958, RHEL-162978...
libarchive security update
3.3.3-7 - Resolves: CVE-2026-4424 - Resolves: CVE-2026-5121...
python3 security update
3.6.8-21.0.9 - Security update CVE-2025-15366, CVE-2025-15367, CVE-2026-1299 Orabug: 39159999 3.6.8-21.0.7 - Security update CVE-2025-12084 Orabug: 38971895 3.6.8-21.0.5 - tarfile now validates archives to ensure member offsets are non-negative Orabug: 38442771CVE-2025-8194 3.6.8-21.0.3 - Fix DoS...
thunderbird security update
140.9.1-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.9.1 - Add OpenELA debranding 140.9.1-1 - Update to 140.9.1 ESR...
libarchive security update
3.7.7-8 - Resolves: CVE-2026-4424 3.7.7-7 - Release bump for typo in dist 3.7.7-6 - Release bump...
.NET 10.0 security update
10.0.106-1.0.1 - Add support for Oracle Linux 10.0.106-1 - Update to .NET SDK 10.0.106 and Runtime 10.0.6 - Resolves: RHEL-163384...
.NET 9.0 security update
9.0.116-1.0.1 - Add support for Oracle Linux 9.0.116-1 - Update to .NET SDK 9.0.116 and Runtime 9.0.15 - Resolves: RHEL-163389...
python security update
2.7.5-94.0.5 - Fix for CVE-2025-15366 and CVE-2025-15367 Orabug: 39114639 2.7.5-94.0.3 - Fix for CVE-2025-12084 Orabug: 38902314...
.NET 8.0 security update
8.0.126-1.0.1 - Add support for Oracle Linux 8.0.126-1 - Update to .NET SDK 8.0.126 and Runtime 8.0.26 - Resolves: RHEL-163417...
squid:4 security update
libecap 1.0.1-2 - Resolves: 1695587 - Ensure modular RPM upgrade path 1.0.1-1 - new version 1.0.1 - autoconf.h moved from lookaside to dist-git 1.0.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora27BinutilsMassRebuild 1.0.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora27MassRebuild...
Unbreakable Enterprise kernel security update
6.12.0-201.74.2.1 - Revert 'rds: Drop rds conn in connect worker if not in down state.' Vijayendra Suman Orabug: 39200413 - iouring/kbuf: check if target buffer list is still legacy on recycle Jens Axboe Orabug: 39202438 - ipv6: use RCU in ip6xmit Eric Dumazet Orabug: 39202432 CVE-2025-40135 - ds...
Unbreakable Enterprise kernel security update
5.4.17-2136.354.4.1 - Revert 'rds: Drop rds conn in connect worker if not in down state.' Alok Tiwari Orabug: 39200399 5.4.17-2136.354.4 - macvlan: fix possible UAF in macvlanforwardsource Eric Dumazet Orabug: 38887731 CVE-2026-23001 - macvlan: Use 'hash' iterators to simplify code Christophe...
bind security update
32:9.11.36-16.7 - Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519...
vim security update
8.2.2637-23.0.1.el97.2 - Remove upstream references Orabug: 31197557 2:8.2.2637-23.2 - RHEL-155437 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin - RHEL-155422 CVE-2026-28421 vim: Vim: Denial of service and information disclosure via crafted swap fi...
pcs security update
0.10.18-2.0.1.el810.9 - Replaced HAM-logo 0.10.18 - Debrand PCS 0.10.18-2.el810.9 - Fixed CVE-2026-31958 by patching bundled Tornado Resolves: RHEL-155293...
cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
344-3.0.1 - Storage: Enable btrfs support Orabug: 37464632 - Replaced upstream urls in documentation with oracle links Orabug: 36528753 - Drop subscription-manager-cockpit requirement for ol Orabug: 34681110 - Remove duplicate reference to server in cockpit Orabug: 34030494 - Update documentation...
nodejs:20 security update
nodejs 1:20.20.2-1 - Update to version 20.20.2 Patch nghttp2 to version 1.68.1 and disable tests which would fail due to this change. Resolves: RHEL-164336 Fixes: CVE-2026-27135 CVE-2026-27904 CVE-2026-26996 CVE-2026-25547 CVE-2026-21710 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves:...
golang-github-openprinting-ipp-usb security update
0.9.27-5.1 - rebuilt to fix CVE-2026-25679...
bind security update
9.16.23-34.0.1.el97.2 - Fix warning when changing device file permissions Orabug: 36518580 32:9.16.23-34.2 - Prevent Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 32:9.16.23-34.1 - Prevent cache poisoning due to weak PRNG CVE-2025-40780 - Replace downstream fixes...
firefox security update
140.9.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.9.1 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.9.1-1 - Update to 140.9.1 ESR...
squid security update
7:6.10-6.3 - Resolves: RHEL-160667 - squid: Squid: Denial of Service via crafted ICP traffic CVE-2026-32748 7:6.10-6.2 - Resolves: RHEL-160665 - squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling CVE-2026-33526...
bind9.18 security update
32:9.18.29-5.4 - Correct backport issue in the patch CVE-2026-1519 32:9.18.29-5.3 - Prevent Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519...
bind9.16 security update
32:9.16.23-0.22.5 - Prevent Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519...