9151 matches found
glibc security update
2.28-251.0.4.37 - Forward port of Oracle patches Reviewed-by: David Faust Oracle history: May-7-2026 Cupertino Miranda - 2.28-251.0.4.34 - Forward port of Oracle patches Reviewed-by: Jose E. Marchesi March-18-2026 Cupertino Miranda - 2.28-251.0.4.31 - Forward port of Oracle patches Reviewed-by:...
firefox security update
140.10.2-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 - diable wasisdk to prevent build failure with newer llvm 140.10.2 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.10.2-1 - Update to 140.10.2 ESR...
Unbreakable Enterprise kernel security update: Fragnesia
5.15.0-320.202.8.5 - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420565 CVE-2026-46300 - net: skbuff: preserve shared-frag marker during coalescing William Bowling Orabug: 39420565...
Unbreakable Enterprise kernel security update: Fragnesia
5.4.17-2136.355.3.4 - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420568 CVE-2026-46300 - net: skbuff: preserve shared-frag marker during coalescing William Bowling Orabug: 39420568...
Unbreakable Enterprise kernel security update: Fragnesia
6.12.0-202.76.4.4 - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420559 CVE-2026-46300 - net: skbuff: preserve shared-frag marker during coalescing William Bowling Orabug: 39420559...
firefox security update
140.10.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 - diable wasisdk to prevent build failure with newer llvm 140.10.1 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.10.1-1 - Update to 140.10.1 ESR...
gdk-pixbuf2 security update
2.36.12-3.0.3 - Backport fixes for CVE-2026-5201 Orabug: 39288631 2.36.12-3.0.1 - jpeg: Be more careful with chunked icc data Orabug: 38359772CVE-2025-7345...
libsndfile security update
1.0.28-17 - apply patch for CVE-2026-37555 Resolves: ?RHEL-174533...
kernel security update
4.18.0-553.125.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
oci-utils security update
-- 0.14.0-22 - Rework systemd service file creation. Orabug: 39316494...
Unbreakable Enterprise kernel security update
5.15.0-320.202.8.4 - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391447 CVE-2026-46333 5.15.0-320.202.8.3 - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache Jeff Layton Orabug: 39362036 CVE-2026-31402 - net/sched: Only allow actct to bind to clsact/ingress qdiscs and...
Unbreakable Enterprise kernel security update
6.12.0-202.76.4.3 - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391434 CVE-2026-46333...
Unbreakable Enterprise kernel security update
5.4.17-2136.355.3.3 - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391459 CVE-2026-46333 5.4.17-2136.355.3.2 - scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount Maurizio Lombardi Orabug: 39368774 CVE-2026-23193 - scsi: target: iscsi: Fix use-after-free i...
ruby:3.3 security update
ruby 3.3.10-6 - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171255 3.3.10-5 - Upgrade to Ruby 3.3.10. Resolves: RHEL-127912 - Fix possible denial of service in resolv gem CVE-2025-24294 - Fix URI Credential Leakage Bypass previous fixes...
squid security update
7:3.5.20-17.0.11.13 - Security update for CVE-2026-32748 CVE-2026-33526 Orabug: 39230173 7:3.5.20-17.0.9.13 - Fixes CVE-2025-62168, squid: Squid vulnerable to information disclosure via - authentication credential leakage in error handling Orabug: 38587551 7:3.5.20-17.0.7.13 - Fixes CVE-2025-5457...
ruby security update
3.0.7-166 - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171254...
nginx security update
2:1.26.3-2.0.1.el101.2 - Reference oracle-indexhtml within Requires Orabug: 33802044 2:1.26.3-8 - Fix release number 2:1.26.3-7 - Resolves: RHEL-176217 - nginx: NGINX: Arbitrary Code 2:1.26.3-6 - Resolves: RHEL-157874 CVE-2026-32647 nginx: NGINX: Denial of Service or Code Execution via specially...
nginx:1.24 security update
1.24.0-3.0.1.1 - Remove Red Hat references Orabug: 29498217 1:1.24.0-3.1 - Resolves: RHEL-176224 - nginx:1.24/nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 1:1.24.0-3 - Resolves: RHEL-157877 CVE-2026-32647 nginx:1.24/nginx: NGINX: Denial of Service or Code Execution via...
nginx security update
2:1.20.1-24.0.1.el97.3 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 - Update upstream references Orabug: 36579090 2:1.20.1-24.3 - Resolves: RHEL-176230 - nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 2:1.20.1-24.2...
libpng security update
2:1.6.37-12.4 - fix CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE RHEL-161436...
libpng security update
2:1.6.40-8.4 - fix CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE RHEL-161324...
ruby security update
3.3.10-12 - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171244...
gimp:2.8 security update
gimp 2:2.8.22-26.6 - fix CVE-2026-4150 - fix CVE-2026-4153 - fix CVE-2026-4154 - fix CVE-2026-4887 2:2.8.22-26.5 - fix CVE-2026-0797 - fix CVE-2026-2044 - fix CVE-2026-2045 - fix CVE-2026-2048 2:2.8.22-26.4 - fix CVE-2025-14422 2:2.8.22-26.3 - fix CVE-2025-10920 - fix CVE-2025-10921 - fix...
giflib security update
4.1.6-9.0.3 - Security update for CVE-2026-23868 Orabug: 39230174...
vim security update
2:7.4.629-8.0.3 - Security update CVE-2026-25749 CVE-2026-28417 - CVE-2026-28421 CVE-2026-33412 Orabug: 39170094...
bind security update
32:9.11.4-26.0.7.P2.16 - Resolve CVE-2026-1519 Orabug: 39275755 32:9.11.4-26.0.5.P2.16 - Resolve CVE-2025-40778 Orabug: 38699863 32:9.11.4-26.0.3.P2.16 - Resolve CVE-2024-11187 Orabug: 37616907...
rsync security update
3.1.3-25 - Resolves: RHEL-169141 - CVE-2026-41035 - Use-after-free vulnerability in extended attribute handling...
kernel security update
4.18.0-553.124.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
kernel security update
5.14.0-611.55.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
gimp security update
2:3.0.4-1.5 - fix CVE-2026-4150 - fix CVE-2026-4151 - fix CVE-2026-4152 - fix CVE-2026-4153 - fix CVE-2026-4154 - fix CVE-2026-4887...
git-lfs security update
3.4.1-10 - Rebuild with new Golang - Resolves: RHEL-167541, RHEL-167379, RHEL-166518 3.4.1-9 - Rebuild with new Golang - Resolves: RHEL-156637...
Unbreakable Enterprise kernel security update
6.12.0-202.76.4.2 - net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks Victor Nogueira Orabug: 39361451 CVE-2026-23270 - netfilter: nftables: always walk all pending catchall elements Florian Westphal Orabug: 39361449 CVE-2026-23278 - nfsd: fix heap overflow in NFSv4.0...
Unbreakable Enterprise kernel security update
5.15.0-320.202.8.3 - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache Jeff Layton Orabug: 39362036 CVE-2026-31402 - net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks Victor Nogueira Orabug: 39362005 CVE-2026-23270 - KVM: x86: disable preemption around the call to...
krb5 security update
1.18.2-34.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.18.2-34 - Fix NegoEx parsing vulnerabilities CVE-2026-40355, CVE-2026-40356 Resolves: RHEL-171589 RHEL-171594...
jq security update
1.7.1-13 - Fix CVE-2026-40164 - Denial of Service via crafted JSON object causing hash collisions 1.7.1-12 - Fix CVE-2026-39979 out-of-bounds read in jvparsesized...
yggdrasil security update
0.4.8-5 - Bump release for rebuild...
jq security update
1.6-19.0.2 - Fix CVE-2026-40164 - Denial of Service via crafted JSON object causing hash collisions - Resolves: RHEL-168184 1.6-19.1 - Fix CVE-2026-39979 out-of-bounds read in jvparsesized - Resolves: RHEL-168201 1.6-19 - Fix CVE-2025-48060 - Resolves: RHEL-92993 1.6-18 - Fix CVE-2024-23337 -...
jq security update
1.6-12 - Fix CVE-2026-40164 - Denial of Service via crafted JSON object causing hash collisions - Fix CVE-2026-39979 out-of-bounds read in jvparsesized - Resolves: RHEL-168174 - Resolves: RHEL-168192...
kernel security update
6.12.0-124.56.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
freerdp security update
2:2.11.7-1.7 - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix growth of preallocated buffers CVE-2026-27951 - Fix heap-buffer-overflow in bitmapcacheput CVE-2026-29775 - Add DSP format checks CVE-2026-31884 - Fix DSP array bounds checks CVE-2026-31883 - Fix DSP array bounds...
libsoup3 security update
3.6.5-11 - Add patches for CVE-2026-4271 and CVE-2026-5119 3.6.5-10 - Add patch for CVE-2026-1761 3.6.5-9 - Fix CVE-2026-0719 3.6.5-8 - Fix CVE-2025-14523 3.6.5-7 - Add patch for CVE-2025-12105 3.6.5-6 - Fix integer overflow in date/time parsing 3.6.5-5 - Bump revision number 3.6.5-4 - Fix severa...
openexr security update
3.1.1-3.2 - fix CVE-2026-34588...
corosync security update
3.1.9-2.1 - Resolves: RHEL-163815 - Resolves: RHEL-163836 - totemsrp: Return error if sanity check fails fixes CVE-2026-35091 - totemsrp: Fix integer overflow in membjoinsanity fixes CVE-2026-35092...
thunderbird security update
140.10.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.10.0 - Add OpenELA debranding 140.10.0-1 - Update to 140.10.0 ESR...
openexr security update
3.1.10-8.2 - fix CVE-2026-34588...
glib2 security update
2.80.4-13 - Fix CVE-2025-14087 and CVE-2025-14512 2.80.4-12 - Fix NVR 2.80.4-11 - Add patch for CVE-2025-13601...
glib2 security update
2.68.4-169 - Add patch for CVE-2025-14087 and CVE-2025-14512...
glib2 security update
2.68.4-18.2 - Add patch for CVE-2025-14087 and CVE-2025-14512...
libtiff security update
4.0.9-37 - fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile RHEL-159316...
freerdp security update
2:2.11.7-9 - Lock appWindow to fix use-after-free in RAIL mode CVE-2026-25952 Resolves: RHEL-159850 2:2.11.7-8 - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix growth of preallocated buffers CVE-2026-27951 - Fix heap-buffer-overflow in bitmapcacheput CVE-2026-29775 - Add DSP...