8998 matches found
open-vm-tools security update
12.2.5-3.0.1.1 - Fix CVE-2023-34058 open-vm-tools: SAML token signature bypass - Fix CVE-2023-34059 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper...
python39:3.9 and python39-devel:3.9 security update
modwsgi 4.7.1-7 - Bump release for rebuild Resolves: rhbz2213595 4.7.1-6 - Remove rpath Resolves: rhbz2213837 numpy 1.19.4-3 - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz1933055 1.19.4-2 - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz187743...
mod_auth_openidc:2.3 security and bug fix update
cjose 0.6.1-4 - CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE Resolves: rhbz2223308 modauthopenidc 2.4.9.4-5 Related: rhbz2141850 - fix cjose version dependency 2.4.9.4-4 Resolves: rhbz2141850 - authopenidc.conf mode 0640 by...
container-tools:ol8 security and bug fix update
aardvark-dns 2:1.7.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.7.0 - Related: 2176055 2:1.6.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.6.0 - Related: 2176055 buildah 1:1.31.3-1 - update to...
samba security, bug fix, and enhancement update
evolution-mapi 3.28.3-8 - Related: 2190417 - Rebuild for samba rebase to 4.18.x openchange 2.3-32.0.1 - Use ldconfigscriptlets 2.3-32 - Related: 2190417 Rebuild for samba rebase to 4.18.x samba 4.18.6-1 - related: rhbz2190417 - Update to version 4.18.6 - resolves: rhbz2232564 - Fix the rpc...
container-tools:4.0 security and bug fix update
buildah 1:1.24.6-7 - rebuild for CVE-2023-29406 - Related: 2176055 1:1.24.6-6 - rebuild for following CVEs: CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400 - Resolves: 2179943 - Resolves: 2187341 - Resolves:...
python27:2.7 security and bug fix update
babel 2.5.1-10 - Fix CVE-2021-20095 Resolves: rhbz1955615 2.5.1-9 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 2.5.1-8 - Fix unversioned requires/buildrequires - Resolves: rhbz1628242 2.5.1-7 - Remove unversioned binaries - Resolves: rhbz1613343 2.5.1-6 - Make...
java-21-openjdk security and bug fix update
1:21.0.1.0.12-2.0.1 - Add Oracle vendor bug URL 1:21.0.1.0.12-2 - Switch to using portable binaries built on RHEL 7 - Sync the copy of the portable specfile with the RHEL 7 version - Related: RHEL-12997 1:21.0.1.0.12-1 - Update to jdk-21.0.1.0+12 GA - Update release notes to 21.0.1.0+12 - Sync th...
virt:ol and virt-devel:rhel security, bug fix, and enhancement update
hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix...
linux-firmware security, bug fix, and enhancement update
20230516-999.27.git6c9e0ed5.el8 - Update firmware for qat4xxx devices Orabug: 35811008...
python38:3.8 and python38-devel:3.8 security update
babel Cython modwsgi 4.6.8-5 - Remove rpath Resolves: rhbz2213836 4.6.8-4 - Core dumped upon file upload = 1GB Resolves: rhbz2125171 4.6.8-3 - Exclude unsupported i686 arch rhbz1779142 4.6.8-2 - Adjusted for Python 3.8 module in RHEL 8 4.6.8-1 - update to 4.6.8 1721376 4.6.6-6 - try again to drop...
ruby:2.5 security update
rubygem-abrt 0.3.0-4 - Execute test suite unconditionally. - Upload correct sources. 0.3.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild 0.3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora27MassRebuild 0.3.0-1 - Update to abrt 0.3.0. 0.2.0-2 - Rebuilt for...
fwupd security update
1.7.8-2.0.1 - Modify %prep to correctly apply downstream patches - Align sections to 512 bytes Orabug: 35265981 - Use objcopy to build arm/aarch64 binaries if binutils 2.30-113.0.3 or newer Orabug: 35265981 - Enabled signing for aarch64 Orabug: 35265981 - Modify meson.build for fwupd-efi Orabug:...
dnsmasq security and bug fix update
2.79-31 - Do not create and search --local and --address=/x/ domains 2233542 2.79-30 - Make create logfile writeable by root 2156789 2.79-29 - Fix also dynamically set resolvers over dbus 2186481 2.79-28 - Correct possible crashes when server=/example.net/ is used 2186481 2.79-27 - Limit offered...
libpq security update
13.11-1 - Rebase to 13.11 Resolves: 2171369...
perl-HTTP-Tiny security update
0.074-2 - Changes the verifySSL default parameter from 0 to 1 - CVE-2023-31486 - Resolves: rhbz2228409...
libreswan security update
4.12-2.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-2 - Resolves: rhbz2234731 authby=rsasig fails in FIPS policy 4.12-1 - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 - Resolves: rhbz2215955...
python3.11-pip security update
22.3.1-4 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2218249 22.3.1-3 - Fix changelog to contain Fedora contributors Resolves: RHEL-232...
wireshark security update
1:2.6.2-17 - Resolves: 2211412 - XRA dissector infinite loop 1:2.6.2-16 - Resolves: 2210866 - VMS TCPIPtrace file parser crash - Resolves: 2210867 - NetScaler file parser crash - Resolves: 2210869 - RTPS dissector crash...
xorg-x11-server-Xwayland security and bug fix update
21.1.3-12 - Backport fix for a deadlock with DRI3 Resolves: rhbz2212831 21.1.3-11 - Fix CVE-2023-1393 2180298...
qt5-qtbase security update
5.15.3-5 - Fix infinite loops in QXmlStreamReader CVE-2023-38197 Resolves: bz2222770 5.15.3-4 - Don't allow remote attacker to bypass security restrictions caused by flaw in certificate validation CVE-2023-34410 version 2 Resolves: bz2212753 5.15.3-3 - Don't allow remote attacker to bypass securi...
ghostscript security and bug fix update
9.27-11 - fix for CVE-2023-4042 - Resolves: rhbz2228153 9.27-10 - fix for CVE-2023-38559 - Resolves: rhbz2224371 9.27-9 - fix for CVE-2023-28879 - Resolves: rhbz2188297 9.27-8 - fix embedding of CIDFonts - Resolves: rhbz2169890 9.27-7 - fix bbox device calculating bounding box incorrectly -...
python-cryptography security update
3.2.1-6 - Fix CVE-2023-23931: Don't allow updateinto to mutate immutable objects, resolves rhbz2172404...
edk2 security and bug fix update
20220126gitbb1bba3d77-6 - edk2-UefiCpuPkg-MpInitLib-fix-apic-mode-for-cpu-hotplug.patch bz2150267 - Resolves: bz2150267 ovmf must consider max cpu count not boot cpu count for apic mode rhel-8 20220126gitbb1bba3d77-5 - edk2-SecurityPkg-DxeImageVerificationLib-Check-result-of-.patch bz1861743 -...
shadow-utils security and bug fix update
2:4.6-19 - gpasswd: fix password leak. Resolves: 2215947 2:4.6-18 - Update patch to close label to reset libselinux state. Resolves: 1984740 - useradd: check if subid range exists for user. Resolves: 2012929 - findnewguid: Skip over IDs that are reserved for legacy reasons. Resolves: 1994269...
grafana security and enhancement update
9.2.10-7 - resolve RHEL-12649 - resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work - testing is turned off due to test failures caused by testing date mismatch 9.2.10-6 - Add /usr/share/grafana to systemd-sysusers --replace 9.2.10-5 - resolve CVE-2023-3128 grafana:...
libX11 security update
1.6.8-6 - CVE fix for: CVE-2023-3138 Resolve: rhbz2213762...
webkit2gtk3 security and bug fix update
2.40.5-1 - Upgrade to 2.40.5. Also, disable JIT Resolves: 2176269 Resolves: 2185742 Resolves: 2209728 Resolves: 2209745 Resolves: 2218649 Resolves: 2218651 Resolves: 2224611 2.38.5-1.4 - Add patch for CVE-2023-28204 Resolves: 2209744 - Add patch for CVE-2023-32373 Resolves: 2209727 2.38.5-1.3 -...
cups security and bug fix update
1:2.2.6-54 - RHEL-2612 - cups pulls an unneeded dependency on python3 1:2.2.6-53 - CVE-2023-32360 cups: Information leak through Cups-Get-Document operation 1:2.2.6-52 - 2217178 - Delays printing to lpd when reserved ports are exhausted - 2217283 - The command 'cancel -x ' does not remove job fil...
flatpak security, bug fix, and enhancement update
1.10.8-1 - Rebase to 1.10.8 2222103 - Fix CVE-2023-28100 and CVE-2023-28101 2180311...
emacs security update
1:26.1-11 - Bump version...
cloud-init security, bug fix, and enhancement update
23.1.1-10.0.1 - Added missing services in rhel/systemd/cloud-init.service Orabug: 32183938 - Add IPv6 IMDS and dhcp6 support for Oracle Datasource Orabug: 35470783 - Increase retry value and add timeout for OCI Orabug: 35329883 - Fix log file permissions Orabug: 35302985 - Update detection logic...
avahi security update
0.7-21 - Fix CVE-2023-1981 2186688...
libreoffice security update
6.4.7.2-15.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:6.4.7.2-15 - Resolves: rhbz2210191 CVE-2023-0950 Array Index UnderFlow in Calc Formula Parsing - Resolves: rhbz2210195...
opensc security and bug fix update
0.20.0-6 - Fix introduced issues tagged by coverity RHEL-765 0.20.0-5 - Avoid potential crash because of missing list terminator 2196234 - Fix CVE-2023-2977: potential buffer overrun in pkcs15 cardoshaveverifyrcpackage 2211093 - Backport upstream changes regarding to reader removal 2097048...
python3.11 security update
3.11.5-1 - Rebase to 3.11.5 - Security fixes for CVE-2023-40217 and CVE-2023-41105 Resolves: RHEL-3047, RHEL-3267 3.11.4-4 - Add the importallmodulespy311.py file for the python3.11-rpm-macros subpackage Resolves: rhbz2207631 3.11.4-3 - Fix symlink handling in the fix for CVE-2023-24329 Resolves:...
tpm2-tss security and enhancement update
2.3.2-5 - Ensure layer number is in bounds Resolves: rhbz2160302 Resolves: rhbz2162611...
procps-ng security update
3.3.15-14.0.1 - ps: remove uptime integer conversion Orabug: 35909165 - ps: improved three elapsed 'jiffies/tics' calculations Orabug: 35909165 - Set TZ to avoid repeated stat'/etc/localtime' Orabug: 32769816 3.3.15-14 - CVE-2023-4016: ps: possible buffer overflow - Resolves: rhbz2228503...
libfastjson security update
0.99.9-2 - Address CVE-2020-12762 Resolves: rhbz2203171...
librabbitmq security update
0.9.0-4 - Resolves: 2215765, insecure credentials submission...
protobuf-c security update
1.3.0-8 - Rebuild for gating test 1.3.0-7 - Applied patch for for CVE-2022-48468 2186678...
yajl security update
2.1.0-12 - fix CVE-2023-33460 - Resolves: 2221252...
bind security update
32:9.11.36-11 - Prevent exahustion of memory from control channel CVE-2023-3341 32:9.11.36-10 - Prevent the cache going over the configured limit CVE-2023-2828 32:9.11.36-9 - Prevent flooding with UPDATE requests CVE-2022-3094 - include upstream test for that change...
kernel security, bug fix, and enhancement update
4.18.0-513.5.19.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
tomcat security and bug fix update
1:9.0.62-27 - Related: RHEL-12543 - Bump release number 1:9.0.62-16 - Resolves: RHEL-12543 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack - Remove JDK subpackges which are unused 1:9.0.62-14 - Related: RHEL-2330 Bump release number 1:9.0.62-13 -...
tang security and bug fix update
7-8 - Set correct user/group tang/tang in tangd-keygen Resolves: rhbz2188743 7-7 - Fix race condition when creating/rotating keys Resolves: rhbz2182410 Resolves: CVE-2023-1672...
xorg-x11-server security and bug fix update
1.20.11-17 - Backport fix for a deadlock with DRI3 Resolves: rhbz2192556 1.20.11-16 - CVE fix for: CVE-2023-1393 Resolves: rhbz2180296...
qt5-qtsvg security update
5.15.3-2 - Fix uninitialized variable usage in munitsPerEm CVE-2023-32573 Resolves: bz2208141...
python3 security update
3.6.8-56.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-56 - Security fix for CVE-2023-40217 Resolves: RHEL-3041 3.6.8-55 - Fix symlink handling in the fix for CVE-2007-4559 Resolves: rhbz263261 3.6.8-54 - Bump release fo...
sysstat security and bug fix update
11.7.3-11.0.1 - add mpstat -H option to also display physically hotplugged vCPUs Orabug: 34683071 11.7.3-11 - fix the arithmetic overflow in allocatestructures that is still possible on some 32 bit systems CVE-2023-33204 11.7.3-10 - Fix incorrect CPU usage on ALL CPU field for iowait in mpstat...