9184 matches found
tracker-miners security update
3.1.2-4 - Backport stricter seccomp jail Resolves: RHEL-12469...
apr security update
1.7.0-12 - fix integer bounds checking in aprencode Resolves: RHEL-17123...
Unbreakable Enterprise kernel security update
4.14.35-2047.532.3 - Revert 'mmc: core: Capture correct oemid-bits for eMMC cards' Dominique Martinet - media: dvb-usb-v2: af9035: fix missing unlock Hans Verkuil - perf/core: Fix potential NULL deref Peter Zijlstra 4.14.35-2047.532.2 - x86: change default to specstorebypassdisable=prctl...
squid:4 security update
libecap squid 7:4.15-7.3 - Fix squid: DoS against HTTP and HTTPS CVE-2023-5824 7:4.15-7.1 - Resolves: RHEL-14801 - squid: squid: Denial of Service in HTTP Digest Authentication - Resolves: RHEL-14776 - squid: squid: Request/Response smuggling in HTTP/1.1 and ICAP...
olcne security update
conmon 2.1.3-7 - Resolve CVE-2023-39325 2.1.3-6 - Add ol8baseoslatest, and ol9baseoslatest, to Jenkinsfile 2.1.3-5 - Add systemd-devel as build requirement 2.1.3-4 - Add support ARM build 2.1.3.3 - Add OL9 support 2.1.3.2 - Update inline with Linux team building conmon for all but OL7. cri-o...
edk2 security update
20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
edk2 security update
20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
olcne security update
conmon 2.1.3-7 - Resolve CVE-2023-39325 2.1.3-6 - Add ol8baseoslatest, and ol9baseoslatest, to Jenkinsfile 2.1.3-5 - Add systemd-devel as build requirement 2.1.3-4 - Add support ARM build 2.1.3.3 - Add OL9 support 2.1.3.2 - Update inline with Linux team building conmon for all but OL7. cri-o...
edk2 security update
20230821 - Create new 20230821 release for OL8 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
edk2 security update
20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
edk2 security update
20230821 - Create new 20230821 release for OL8 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
edk2 security update
20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
Unbreakable Enterprise kernel security update
4.1.12-124.81.2 - rebuild bumping release 4.1.12-124.81.1 - netfilter: xtsctp: validate the flaginfo count Wander Lairson Costa Orabug: 35923500 CVE-2023-39193 - USB: eneusb6250: Allocate enough memory for full object Kees Cook Orabug: 35924058 CVE-2023-45862 - netfilter: xtu32: validate user spa...
kernel security and bug fix update
4.18.0-513.9.19.OL8 - media: dvb-core: Fix use-after-free due to race at dvbregisterdevice Mauro Carvalho Chehab CVE-2022-45884 - cifs: Fix UAF in cifsdemultiplexthread Zhang Xiaoxu CVE-2023-1192 - nvmet-tcp: Fix a possible UAF in queue intialization setup Sagi Grimberg CVE-2023-5178 - net: tun:...
postgresql:13 security update
pgaudit pgrepack postgres-decoderbufs postgresql 13.13-1.0.1 - Fixed postgresql port binding issue during bootup Orabug: 35103668 13.13-1 - Update to 13.13 - Fixes: CVE-2023-5868 CVE-2023-5869 CVE-2023-5870 CVE-2023-39417 - Resolves: RHEL-16085 RHEL-16123...
thunderbird security update
115.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 115.5.0-1 - Update to 115.5.0 build1...
thunderbird security update
115.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 115.5.0-1 - Update to 115.5.0 build1...
firefox security update
115.5.0-1.0.1 - Update to 115.5.0 build1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file...
thunderbird security update
115.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.5.0-1 - Update to 115.5.0 build1...
dotnet8.0 security update
8.0.100-2.0.1 - Update to .NET 8.0 8.0.100rc.2-0.1.0.1 - Add support for Oracle Linux 8.0.100rc.2-0.1 - Update to .NET 8 RC 2 - Resolves: RHEL-13790 8.0.100rc.1-0.4 - Disable bootstrap - Related: RHEL-4074 8.0.100rc.1-0.3 - Add backported patches for additional s390x issues - Related: RHEL-4074...
squid security update
7:5.5-6.2 - Fix: squid: DoS against HTTP and HTTPS CVE-2023-5824...
firefox security update
115.5.0-1.0.1 - Update to 115.5.0 build1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file...
firefox security update
115.5.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.5.0-1 - Update to 115.5.0 build1...
dotnet7.0 security update
7.0.114-1.0.1 - Update to .NET SDK 7.0.114 and Runtime 7.0.14...
dotnet6.0 security update
6.0.125-1.0.1 - Update to .NET SDK 6.0.125 and Runtime 6.0.25 - Add support for Oracle Linux...
dotnet6.0 security update
6.0.125-1.0.2 - Add strict BuildRequires on 6.0.125-1.0.1 6.0.125-1.0.1 - Update to .NET SDK 6.0.125 and Runtime 6.0.25...
samba security update
4.18.6-2.0.1 - resolves: RHEL-11937 Fix CVE-2023-3961 - smbd must check the pipename - resolves: RHEL-11937 Fix CVE-2023-4091 - SMB clients can truncate files - resolves: RHEL-11937 Fix CVE-2023-42669 - Remove rpcecho server...
dotnet7.0 security update
7.0.114-1.0.1 - Update to .NET SDK 7.0.114 and Runtime 7.0.14...
squid:4 security update
libecap squid 7:4.15-7.1 - Resolves: RHEL-14801 - squid: squid: Denial of Service in HTTP Digest Authentication - Resolves: RHEL-14776 - squid: squid: Request/Response smuggling in HTTP/1.1 and ICAP...
container-tools:4.0 security and bug fix update
buildah 1:1.24.6-7 - rebuild for CVE-2023-29406 - Related: 2176055 cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp oci-seccomp-bpf-hook podman 2:4.0.2-24 - rebuild for CVE-2023-29406 - Related: 2176055 python-podman runc skop...
nodejs:20 security update
nodejs 1:20.8.1-1 - Update node and nghttp - Add fips patch - Fixes CVE-2023-44487 nghttp - Fixes CVE-2023-45143, CVE-2023-39331, CVE-2023-39332, CVE-2023-38552, CVE-2023-39333 nodejs-nodemon nodejs-packaging...
kernel security update
3.10.0-1160.105.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.105.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug:...
c-ares security update
1.13.0-9.1 - Resolves: RHEL-11931 - Buffer Underwrite in aresinetnetpton rhel-8.9.0.z 1.13.0-9 - Resolves: rhbz2238293 - CVE-2020-22217 c-ares: read-heap-buffer-overflow in aresparsesoareply rhel-8 rhel-8.9.0.z...
tigervnc security update
1.8.0-26.0.1 - Dropped xorg-CVE-2023-5367.patch 1.8.0-26 - Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow Resolves: RHEL-15235 - Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty Resolves: RHEL-15223...
open-vm-tools security update
12.2.5-3.0.1.1 - Fix CVE-2023-34058 open-vm-tools: SAML token signature bypass - Fix CVE-2023-34059 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.325.5.el7 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.325.5.el8 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access...
python38:3.8 and python38-devel:3.8 security update
babel Cython modwsgi 4.6.8-5 - Remove rpath Resolves: rhbz2213836 4.6.8-4 - Core dumped upon file upload = 1GB Resolves: rhbz2125171 4.6.8-3 - Exclude unsupported i686 arch rhbz1779142 4.6.8-2 - Adjusted for Python 3.8 module in RHEL 8 4.6.8-1 - update to 4.6.8 1721376 4.6.6-6 - try again to drop...
python39:3.9 and python39-devel:3.9 security update
modwsgi 4.7.1-7 - Bump release for rebuild Resolves: rhbz2213595 4.7.1-6 - Remove rpath Resolves: rhbz2213837 numpy 1.19.4-3 - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz1933055 1.19.4-2 - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz187743...
java-21-openjdk security and bug fix update
1:21.0.1.0.12-2.0.1 - Add Oracle vendor bug URL 1:21.0.1.0.12-2 - Switch to using portable binaries built on RHEL 7 - Sync the copy of the portable specfile with the RHEL 7 version - Related: RHEL-12997 1:21.0.1.0.12-1 - Update to jdk-21.0.1.0+12 GA - Update release notes to 21.0.1.0+12 - Sync th...
container-tools:ol8 security and bug fix update
aardvark-dns 2:1.7.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.7.0 - Related: 2176055 2:1.6.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.6.0 - Related: 2176055 buildah 1:1.31.3-1 - update to...
ruby:2.5 security update
rubygem-abrt 0.3.0-4 - Execute test suite unconditionally. - Upload correct sources. 0.3.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild 0.3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora27MassRebuild 0.3.0-1 - Update to abrt 0.3.0. 0.2.0-2 - Rebuilt for...
virt:ol and virt-devel:rhel security, bug fix, and enhancement update
hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix...
mod_auth_openidc:2.3 security and bug fix update
cjose 0.6.1-4 - CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE Resolves: rhbz2223308 modauthopenidc 2.4.9.4-5 Related: rhbz2141850 - fix cjose version dependency 2.4.9.4-4 Resolves: rhbz2141850 - authopenidc.conf mode 0640 by...
container-tools:4.0 security and bug fix update
buildah 1:1.24.6-7 - rebuild for CVE-2023-29406 - Related: 2176055 1:1.24.6-6 - rebuild for following CVEs: CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400 - Resolves: 2179943 - Resolves: 2187341 - Resolves:...
samba security, bug fix, and enhancement update
evolution-mapi 3.28.3-8 - Related: 2190417 - Rebuild for samba rebase to 4.18.x openchange 2.3-32.0.1 - Use ldconfigscriptlets 2.3-32 - Related: 2190417 Rebuild for samba rebase to 4.18.x samba 4.18.6-1 - related: rhbz2190417 - Update to version 4.18.6 - resolves: rhbz2232564 - Fix the rpc...
linux-firmware security, bug fix, and enhancement update
20230516-999.27.git6c9e0ed5.el8 - Update firmware for qat4xxx devices Orabug: 35811008...
python27:2.7 security and bug fix update
babel 2.5.1-10 - Fix CVE-2021-20095 Resolves: rhbz1955615 2.5.1-9 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 2.5.1-8 - Fix unversioned requires/buildrequires - Resolves: rhbz1628242 2.5.1-7 - Remove unversioned binaries - Resolves: rhbz1613343 2.5.1-6 - Make...
dnsmasq security and bug fix update
2.79-31 - Do not create and search --local and --address=/x/ domains 2233542 2.79-30 - Make create logfile writeable by root 2156789 2.79-29 - Fix also dynamically set resolvers over dbus 2186481 2.79-28 - Correct possible crashes when server=/example.net/ is used 2186481 2.79-27 - Limit offered...
fwupd security update
1.7.8-2.0.1 - Modify %prep to correctly apply downstream patches - Align sections to 512 bytes Orabug: 35265981 - Use objcopy to build arm/aarch64 binaries if binutils 2.30-113.0.3 or newer Orabug: 35265981 - Enabled signing for aarch64 Orabug: 35265981 - Modify meson.build for fwupd-efi Orabug:...