8998 matches found
python3.9 security update
3.9.16-1.2 - Security fix for CVE-2023-40217...
Unbreakable Enterprise kernel security update
5.4.17-2136.324.5.3 - Revert 'jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint' Sherry Yang Orabug: 35896102 5.4.17-2136.324.5.2 - fix breakage in dormdir Al Viro Orabug: 35885837 5.4.17-2136.324.5.1 - x86: KVM: SVM: always update the x2avic msr interception Maxim...
firefox security update
115.3.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.3.1-1 - Update to 115.3.1 115.3.0-1 - Update to 115.3.0 ESR 115.2.0-3 - Update to 115.2.0 ESR...
thunderbird security update
115.3.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.3.1-1 - Update to 115.3.1 build1 115.3.0-1 - Update to 115.3.0 115.2.1-5 - Update to 115.2.1...
python3.11 security update
3.11.2-2.2 - Security fix for CVE-2023-40217 Resolves: rhbz2235789...
bind security update
32:9.16.23-11.2 - stack exhaustion in control channel code may lead to DoS CVE-2023-3341...
mariadb:10.5 security update
galera 26.4.14-1 - Rebase to 26.4.14 26.4.13-1 - Rebase to 26.4.13 26.4.12-1 - Rebase to 26.4.12 Judy mariadb 3:10.5.22-1 - Rebase to 10.5.22 3:10.5.21-1 - Rebase to version 10.5.21 3:10.5.20-2 - Use fortifylevel to disable fortification in debug builds 3:10.5.20-1 - Rebase to version 10.5.20...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.324.5.3.el8 - Revert 'jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint' Sherry Yang Orabug: 35896102 5.4.17-2136.324.5.2.el8 - fix breakage in dormdir Al Viro Orabug: 35885837 5.4.17-2136.324.5.1.el8 - x86: KVM: SVM: always update the x2avic msr interception...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.324.5.3.el7 - Revert 'jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint' Sherry Yang Orabug: 35896102 5.4.17-2136.324.5.2.el7 - fix breakage in dormdir Al Viro Orabug: 35885837 5.4.17-2136.324.5.1.el7 - x86: KVM: SVM: always update the x2avic msr interception...
bind security update
32:9.11.4-26.P2.15 - Limit the amount of recursion possible in control channel CVE-2023-3341...
busybox security and bug fix update
1:1.15.1-21.0.1 - Backport fix for CVE-2022-48174 Orabug: 35819048...
python3.11 security update
3.11.2-2.2 - Security fix for CVE-2023-40217 Resolves: rhbz2235789...
Unbreakable Enterprise kernel security update
4.14.35-2047.530.5.1 - Revert 'rtnetlink: Reject negative ifindexes in RTMNEWLINK' Saeed Mirzamohammadi Orabug: 35896831 4.14.35-2047.530.5 - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c Kyle Zeng Orabug: 35824288 CVE-2023-42753 - netfilter: xtu32: validate...
glibc security update
2.28-225.0.4.6 - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode. - CVE-2203-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaihinet RHEL-2435. - CVE-2023-4813: work around RHEL-8 limitation in test RHEL-2435. Reviewed by: Jose E...
glibc security update
2.34-60.0.3.7 - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode 2234716. - CVE-2203-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaihinet. Reviewed by: Jose E. Marchesi 2.34-60.0.3 - CVE-2023-4911: tunables: Terminate immediately if...
python-reportlab security update
2.5-11 - Do not evaluate unichar element - Resolves: RHEL-7011...
libvpx security update
1.9.0-7 - Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217 Resolves: rhbz2241191 - crash related to VP9 encoding in libvpx CVE-2023-44488 Resolves: rhbz2241806...
kernel security and bug fix update
3.10.0-1160.102.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.102.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug:...
libvpx security update
1.7.0-10 - Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217 Resolves: rhbz2241191 - crash related to VP9 encoding in libvpx CVE-2023-44488 Resolves: rhbz2241806...
nodejs security and bug fix update
1:16.20.2-1 - Update to 16.20.2-1 Resolves CVE-2023-32002 CVE-2023-32006 CVE-2023-32559...
libssh2 security update
1.8.0-4.el79.1 - fix use-of-uninitialized-value CVE-2020-22218...
glibc security update
2.34-60.0.3.7 - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode 2234716. - CVE-2203-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaihinet. Reviewed by: Jose E. Marchesi...
Unbreakable Enterprise kernel security update
5.15.0-106.131.4 - jbd2: check 'jh-btransaction' before removing it from checkpoint Zhihao Cheng - jbd2: fix checkpoint cleanup performance regression Zhang Yi - scsi: qla2xxx: Fix TMF leak through Quinn Tran - scsi: qla2xxx: Fix command flush during TMF Quinn Tran - scsi: qla2xxx: Limit TMF to 8...
glibc security update
2.28-225.0.4 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi...
kvm_utils3 security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 9.0.0-3.el8 - storage: Fix returning of locked objects from 'virStoragePoolObjListSearch' Peter Krempa Orabug: 35644221 CVE-2023-3750 - virpci: Resolve leak in virPCIVirtualFunctionList cleanup Tim Shearer Orabug: 35395469...
bind security update
32:9.11.36-8.2 - stack exhaustion in control channel code may lead to DoS CVE-2023-3341...
firefox security update
115.3.1-1.0.1 - Update to 115.3.1...
glibc security update
2.34-60.0.3 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi...
ghostscript security update
9.54.0-10 - fix for CVE-2023-36664 - Resolves: rhbz2217798...
bind9.16 security update
32:9.16.23-14.2 - stack exhaustion in control channel code may lead to DoS CVE-2023-3341...
thunderbird security update
115.3.1-1.0.1 - Update to 115.3.1 build1...
glibc security update
2.28-225.0.4 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi...
nodejs:18 security, bug fix, and enhancement update
nodejs 1:18.17.1-1 - Rebase to version 18.17.1 Resolves: rhbz2228940 Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 - Specify proper OpenSSL configuration section build Related: rhbz2226726 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 nodejs-packaging...
firefox security update
115.3.1-1.0.1 - Update to 115.3.1...
ImageMagick security update
6.9.10.68-7 - Added fix for CVE-2021-40211...
thunderbird security update
115.3.1-1.0.1 - Update to 115.3.1 build1...
glibc security update
2.34-60.0.3 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi...
Unbreakable Enterprise kernel security update
4.1.12-124.79.2 - net/sched: clsroute: No longer copy tcfresult on update to avoid use-after-free valis Orabug: 35814273 CVE-2023-4206 - net/sched: schqfq: account for stab overhead in qfqenqueue Pedro Tammela Orabug: 35636291 CVE-2023-3611 - rds: Fix lack of reentrancy for connection reset with...
kernel security update
4.18.0-477.27.1.el88.OL8 - x86/microcode/intel: Expose collectcpuinfoearly for IFS - x86/cpu: Load microcode during restoreprocessorstate - x86/microcode: Deprecate MICROCODEOLDINTERFACE - x86/microcode: Rip out the OLDINTERFACE - x86/microcode: Default-disable late loading - x86/microcode: Taint...
nodejs:18 security, bug fix, and enhancement update
nodejs 1:18.17.1-1 - Rebase to version 18.17.1 Resolves: rhbz2228939 Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 - Specify proper OpenSSL configuration section build nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 nodejs-packaging...
nodejs:16 security, bug fix, and enhancement update
nodejs 1:16.20.2-2 - Rebase to 16.20.2 Resolves: rhbz2231866 Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 Resolves: CVE-2022-25883 nodejs-packaging 26-1 - nodejs.prov: find namespaced bundled dependencies - Apply...
libtiff security update
4.0.9-29 - Fix CVE-2023-0800 CVE-2023-0801 CVE-2023-0802 CVE-2023-0803 CVE-2023-0804 - Resolves: BZ2170167 BZ2170172 BZ2170178 BZ2170187 BZ2170192...
kernel security update
5.14.0-284.30.1.el92 - x86/microcode/intel: Expose collectcpuinfoearly for IFS - x86/cpu: Load microcode during restoreprocessorstate - x86/microcode: Rip out the OLDINTERFACE - x86/microcode: Default-disable late loading - x86/microcode: Taint and warn on late loading - x86/microcode: Remove...
Unbreakable Enterprise kernel security update
5.15.0-105.125.6.2.2 - netfilter: nfnetlinkosf: avoid OOB read Wander Lairson Costa Orabug: 35824297 - netfilter: nftables: exthdr: fix 4-byte stack OOB write Florian Westphal Orabug: 35824297 - netfilter: xtsctp: validate the flaginfo count Wander Lairson Costa Orabug: 35824297 - netfilter: xtu3...
Unbreakable Enterprise kernel security update
5.4.17-2136.323.8.2 - netfilter: nfnetlinkosf: avoid OOB read Wander Lairson Costa Orabug: 35824307 - netfilter: xtsctp: validate the flaginfo count Wander Lairson Costa Orabug: 35824307 - netfilter: xtu32: validate user space input Wander Lairson Costa Orabug: 35824307 - netfilter: ipset: add th...
Unbreakable Enterprise kernel security update
4.14.35-2047.529.3.2 - netfilter: xtsctp: validate the flaginfo count Wander Lairson Costa Orabug: 35824309 - netfilter: xtu32: validate user space input Wander Lairson Costa Orabug: 35824309 - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c Kyle Zeng Orabug:...
qemu security update
15:4.2.1-28.el7 - virtio-crypto: verify src&dst buffer length for sym request Zhenwei Pi Orabug: 35724113 CVE-2023-3180 - hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller CVE-2023-0330 Thomas Huth Orabug: 35724112 CVE-2023-0330 - kvm: Atomic memslot updates David Hildenbrand Orabug...
qemu security update
15:4.2.1-28.el7 - virtio-crypto: verify src&dst buffer length for sym request Zhenwei Pi Orabug: 35724113 CVE-2023-3180 - hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller CVE-2023-0330 Thomas Huth Orabug: 35724112 CVE-2023-0330 - kvm: Atomic memslot updates David Hildenbrand Orabug...
open-vm-tools security update
12.1.5-2.0.2.3 - Resolves: RHEL-4584 CVE-2023-20900 open-vm-tools: SAML token signature bypass...
kernel security, bug fix, and enhancement update
4.18.0-477.27.0.18.OL8 - bluetooth: Perform careful capability checks in hcisockioctl CVE-2023-2002 - ipvlan:Fix out-of-bounds caused by unclear skb-cb CVE-2023-3090 - net/sched: clsfw: Fix improper refcount update leads to use-after-free CVE-2023-3776 - netfilter: nftsetpipapo: fix improper...