8998 matches found
python-pip security update
9.0.3-23 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2218241...
libmicrohttpd security update
1:0.9.59-3 - Add cve-2023-27371.patch Related: rhbz2174639 CVE-2023-27371...
c-ares security update
1.13.0-8 - Resolves: rhbz2209517 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service rhel-8.9.0 1.13.0-7 - Resolves: rhbz2170867 - c-ares: buffer overflow in configsortlist due to missing string length check rhel-8...
nghttp2 security update
1.43.0-5.1 - fix HTTP/2 Rapid Reset CVE-2023-44487...
ghostscript security update
9.54.0-14 - fix for CVE-2023-43115 - Resolves: RHEL-10184 9.54.0-13 - fix for CVE-2023-38559 - Resolves: rhbz2224372 9.54.0-12 - fix for CVE-2023-36664 - Resolves: rhbz2217810...
squid security update
7:5.5-6.1 - Resolves: RHEL-14819 - squid: squid: denial of Servicein FTP - Resolves: RHEL-14807 - squid: squid: Denial of Service in HTTP Digest Authentication - Resolves: RHEL-14780 - squid: squid: Request/Response smuggling in HTTP/1.1 and ICAP 7:5.5-6 - Resolves: 2231827 - Crash with...
open-vm-tools security update
11.0.5-3.0.1 - fix spaces in vmware udev rule for scsi devices Orabug: 24461968 - Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. Orabug: 22815019 - Increase timeout for scsi devices on VMWare guests by adding a udev rule. - Created a new file 99-vmware-scsi-timeout.rules - Modified sp...
curl security update
7.76.1-26.el93.2 - fix cookie injection with none file CVE-2023-38546 7.76.1-26.el93.1 - socks: return error if hostname too long for remote resolve CVE-2023-38545...
microcode_ctl security update
4:20230808-2.0.2 - update 06-6a-06 to 0xd0003b9 CVE-2023-23583...
open-vm-tools security update
12.2.5-3.0.1.2 - Address CVE-2023-34058 - BZ 2246963 - SAML token signature token bypass. - Address CVE-2023-34059 - BZ 2246962 - vmware-user-suid-wrapper...
samba security update
4.18.6-101 - resolves: RHEL-11937 Fix CVE-2023-3961 - smbd must check the pipename - resolves: RHEL-11937 Fix CVE-2023-4091 - SMB clients can truncate files - resolves: RHEL-11937 Fix CVE-2023-42669 - Remove rpcecho server...
python security update
2.7.5-94.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-94 - Security fix for CVE-2023-40217 Resolves: RHEL-9615...
microcode_ctl security update
4:20230808-2.0.2 - update 06-6a-06 to 0xd0003b9 CVE-2023-23583...
microcode_ctl security update
2:2.1-73.19.0.3 - update 06-6a-06 to 0xd0003b9 CVE-2023-23583...
plexus-archiver security update
0:2.4.2-6 - Avoid override target symlink by standard file in AbstractUnArchiver - Fixes: CVE-2023-37460...
qt5 security and bug fix update
adwaita-qt 1.4.2-1 - 1.4.2 Resolves: bz2175754 python-pyqt5-sip 12.11.1-1 - 12.11.1 Resolves: bz2188589 python-qt5 5.15.9-1 - 5.15.9 Resolves: bz2175758 qgnomeplatform 0.9.0-1 - 0.9.0 Resolves: bz2175753 qt5 5.15.9-1 - 5.15.9 Resolves: bz2175724 qt5-doc 5.15.9-1 - 5.15.9 Resolves: bz2175726...
libvirt security, bug fix, and enhancement update
9.5.0-7.0.1 - The path to the guest agent socket file can become too long and cause problems.rhbz2233744 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 9.5.0-7 - util: use 'stubDriverType' instead of just 'stubDriver' rhbz2074209 - util: add stub driver name to virPCIDevice object...
python-wheel security update
1:0.36.2-8 - Security fix for CVE-2022-40898 - Resolves: rhbz2178881...
pcs
0.11.6-3 - Refreshing any page in pcs-web-ui no longer causes it to display a blank page - Resolves: rhbz2222788 0.11.6-2 - Added BuildRequires: debugedit - for generating MiniDebugInfo - triggered by removing find-debuginfo.sh from rpm - Make use of filters when extracting tarballs to enhance...
kernel security, bug fix, and enhancement update
5.14.0-362.8.13.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
libfastjson security update
0.99.9-5 - Rebuild Resolves: rhbz2227786 0.99.9-4 - Address CVE-2020-12762 Resolves: rhbz2203172...
libmicrohttpd security update
1:0.9.72-5 - Add cve-2023-27371.patch Related: rhbz2174640 CVE-2023-27371...
skopeo security update
2:1.13.3-1 - update to https://github.com/containers/skopeo/releases/tag/v1.13.3 - Related: 2176063 2:1.13.2-1 - update to https://github.com/containers/skopeo/releases/tag/v1.13.2 - Related: 2176063 2:1.13.1-1 - update to https://github.com/containers/skopeo/releases/tag/v1.13.1 - Related: 21760...
xorg-x11-server security and bug fix update
1.20.11-19 - Backport fix for a deadlock with DRI3 Resolves: rhbz2192550 1.20.11-18 - CVE fix for: CVE-2023-1393 Resolves: rhbz2180297...
procps-ng security and bug fix update
3.3.17-13.0.1 - ps: remove uptime integer conversion Orabug: 35909347 - ps: improved three elapsed 'jiffies/tics' calculations Orabug: 35909347 3.3.17-13 - ps: mitigation of possible buffer overflow - Resolves: rhbz2228504 3.3.17-12 - sysctl: '-N' option shows values instead of names if '-p' -...
python-pip security update
21.2.3-7 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2207997...
wireshark security update
1:3.4.10-6 - Resolves: 2211413 - XRA dissector infinite loop 1:3.4.10-5 - Resolves: 2210864 - Candump log file parser crash Resolves: 2210865 - VMS TCPIPtrace file parser crash Resolves: 2210868 - NetScaler file parser crash Resolves: 2210870 - RTPS dissector crash Resolves: 2210871 - IEEE C37.11...
LibRaw security update
0.20.2-6 - Fix CVE-2021-32142 Resolves: 2172140...
liblouis security update
3.16.1-5 - Fix CVE-2023-26767 2181147 - Fix CVE-2023-26768 2181151 - Fix CVE-2023-26769 2181149...
python3.11 security update
3.11.5-1 - Rebase to 3.11.5 - Security fixes for CVE-2023-40217 and CVE-2023-41105 Resolves: RHEL-3045, RHEL-3269 3.11.4-3 - Fix symlink handling in the fix for CVE-2023-24329 Resolves: rhbz263261 3.11.4-2 - Security fix for CVE-2007-4559 Resolves: rhbz263261 3.11.4-1 - Update to 3.11.4 - Securit...
ghostscript security and bug fix update
9.54.0-13 - fix for CVE-2023-38559 - Resolves: rhbz2224372 9.54.0-12 - fix for CVE-2023-36664 - Resolves: rhbz2217810...
java-21-openjdk security and bug fix update
1:21.0.1.0.12-2.0.1 - Add Oracle vendor bug URL 1:21.0.1.0.12-2 - Switch to using portable binaries built on RHEL 7 - Sync the copy of the portable specfile with the RHEL 7 version - Related: RHEL-12997 1:21.0.1.0.12-1 - Update to jdk-21.0.1.0+12 GA - Update release notes to 21.0.1.0+12 - Sync th...
python3.11-pip security update
22.3.1-4 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2218247 22.3.1-3 - Fix changelog to contain Fedora contributors Resolves: RHEL-232...
avahi security update
0.8-15 - Fix CVE-2023-1981 2186689 0.8-14 - Fix CVE-2021-3502 1949949 0.8-13 - Fix CVE-2021-3468 1944092...
libtiff security update
4.4.0-10 - Fix CVE-2023-26965 CVE-2023-3316 CVE-2023-26966 CVE-2023-3576 - Resolves: CVE-2023-26965 CVE-2023-3316 CVE-2023-26966 CVE-2023-3576 4.4.0-9 - Fix CVE-2023-2731 - Resolves: CVE-2023-2731...
libssh security update
0.10.4-11 - Fix loglevel regression - Related: rhbz2182252, rhbz2189740 0.10.4.10 - Fix null dereference issues found by covscan - Related: rhbz2182252, rhbz2189740 0.10.4-9 - Fix CVE-2023-1667 and CVE-2023-2283 - Fix issues found by cosvcan - Resolves: rhbz2182252, rhbz2189740...
edk2 security, bug fix, and enhancement update
20230524-3 - edk2-OvmfPkg-AmdSev-fix-BdsPlatform.c-assertion-failure-d.patch bz2190244 - edk2-OvmfPkg-IoMmuDxe-add-locking-to-IoMmuAllocateBounceB.patch bz2211060 - edk2-OvmfPkg-AmdSevDxe-Shim-Reboot-workaround-RHEL-only.patch bz2218196 - Resolves: bz2190244 EDK2 AMDSERVER 9.3 Bug OVMF AP Creatio...
cups security and bug fix update
1:2.3.3op2-21 - bump the spec because the previous build was made with buildroot 9.2 1:2.3.3op2-20 - CVE-2023-32360 cups: Information leak through Cups-Get-Document operation 1:2.3.3op2-19 - CVE-2023-34241 cups: use-after-free in cupsdAcceptClient in scheduler/client.c - CVE-2023-32324 cups: heap...
podman security, bug fix, and enhancement update
2:4.6.1-5.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 2:4.6.1-5 - update to the latest content of https://github.com/containers/podman/tree/v4.6.1-rhel https://github.com/containers/podman/commit/ea33dce - Related: 2176063 2:4.6.1-4 - amend podmansh provides...
dnsmasq security and bug fix update
2.85-14 - Backport Coverity fix to hide detected issue 2156789 2.85-13 - Rebuild with modified gating settings 2.85-12 - Make create logfile writeable by root 2156789 2.85-11 - Do not create and search --local and --address=/x/ domains 2209031 2.85-10 - Fix also dynamically set resolvers over dbu...
c-ares security, bug fix, and enhancement update
1.19.1-1 - Resolves: rhbz2209564 - CVE-2023-31124 c-ares: AutoTools does not set CARESRANDOMFILE during cross compilation rhel-9 - Resolves: rhbz2209556 - CVE-2023-31130 c-ares: Buffer Underwrite in aresinetnetpton rhel-9 - Resolves: rhbz2209550 - CVE-2023-31147 c-ares: Insufficient randomness in...
gdb security update
10.2.11.0.1 - Merge Oracle patches for ol9 Reviewed-by: Jose E. Marchesi 10.2-11.el9 - Backport 'libiberty: prevent buffer overflow when decoding user input' Luis Ferreira, RHBZ2132600 Mon Mar 27 2023 Bruno Larsen - Backport 'gdb/breakpoint Fix assert in jiteventhandler' Tom de Vries, RHBZ 213062...
tang security update
14-2 - Fix service start up 14-1 - New upstream release - v14. Resolves: rhbz2182411 Resolves: CVE-2023-1672...
haproxy security and bug fix update
2.4.22-1 - Update to 2.4.22 2196530 2.4.17-7 - Fix uninitizalized resevered bytes CVE-2023-0836, 2180861...
flatpak security, bug fix, and enhancement update
1.12.8-1 - Update to 1.12.8 CVE-2023-28100, CVE-2023-28101 Resolves: 2180312, 2221792...
libX11 security update
1.7.0-8 - CVE fix for: CVE-2023-3138 Resolve: rhbz2213763...
python3.9 security update
3.9.18-1 - Update to 3.9.18 - Security fix for CVE-2023-40217 Resolves: RHEL-3043 3.9.17-2 - Fix symlink handling in the fix for CVE-2023-24329 Resolves: rhbz263261 3.9.17-1 - Update to 3.9.17 - Security fix for CVE-2023-24329 Resolves: rhbz2173917 3.9.16-2 - Add filters for tarfile extraction...
sysstat security and bug fix update
12.5.4-7.0.1 - add mpstat -H option to also display physically hotplugged vCPUs Orabug: 34683087 12.5.4-7 - add description of UMASK to man/systat.in rhbz2216805 12.5.4-6 - fix the arithmetic overflow in allocatestructures that is still possible on some 32 bit systems CVE-2023-33204...
tpm2-tss security and enhancement update
3.2.2-2 - Remove misapplied license Resolves: rhbz2160307 3.2.2-1 - Rebase to 3.2.2 - Use systemd-sysusers to create user Resolves: CVE-2023-22745 Resolves: rhbz2095479 Resolves: rhbz2160307 Resolves: rhbz2162613...
grafana security and enhancement update
9.2.10-7 - bump release number for rebuild with fixed gating.yaml file 9.2.10-6 - resolve RHEL-12665 - resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work - testing is turned off due to test failures caused by testing date mismatch 9.2.10-5 - resolve CVE-2023-3128...