9184 matches found
microcode_ctl security update
4:20230808-2.0.2 - update 06-6a-06 to 0xd0003b9 CVE-2023-23583...
qt5 security and bug fix update
adwaita-qt 1.4.2-1 - 1.4.2 Resolves: bz2175754 python-pyqt5-sip 12.11.1-1 - 12.11.1 Resolves: bz2188589 python-qt5 5.15.9-1 - 5.15.9 Resolves: bz2175758 qgnomeplatform 0.9.0-1 - 0.9.0 Resolves: bz2175753 qt5 5.15.9-1 - 5.15.9 Resolves: bz2175724 qt5-doc 5.15.9-1 - 5.15.9 Resolves: bz2175726...
pcs
0.11.6-3 - Refreshing any page in pcs-web-ui no longer causes it to display a blank page - Resolves: rhbz2222788 0.11.6-2 - Added BuildRequires: debugedit - for generating MiniDebugInfo - triggered by removing find-debuginfo.sh from rpm - Make use of filters when extracting tarballs to enhance...
libvirt security, bug fix, and enhancement update
9.5.0-7.0.1 - The path to the guest agent socket file can become too long and cause problems.rhbz2233744 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 9.5.0-7 - util: use 'stubDriverType' instead of just 'stubDriver' rhbz2074209 - util: add stub driver name to virPCIDevice object...
python-wheel security update
1:0.36.2-8 - Security fix for CVE-2022-40898 - Resolves: rhbz2178881...
kernel security, bug fix, and enhancement update
5.14.0-362.8.13.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
tang security update
14-2 - Fix service start up 14-1 - New upstream release - v14. Resolves: rhbz2182411 Resolves: CVE-2023-1672...
dnsmasq security and bug fix update
2.85-14 - Backport Coverity fix to hide detected issue 2156789 2.85-13 - Rebuild with modified gating settings 2.85-12 - Make create logfile writeable by root 2156789 2.85-11 - Do not create and search --local and --address=/x/ domains 2209031 2.85-10 - Fix also dynamically set resolvers over dbu...
libtiff security update
4.4.0-10 - Fix CVE-2023-26965 CVE-2023-3316 CVE-2023-26966 CVE-2023-3576 - Resolves: CVE-2023-26965 CVE-2023-3316 CVE-2023-26966 CVE-2023-3576 4.4.0-9 - Fix CVE-2023-2731 - Resolves: CVE-2023-2731...
yajl security update
2.1.0-22 - fix CVE-2023-33460 - Resolves: 2221253...
mod_auth_openidc security and bug fix update
2.4.9.4-4 Resolves: rhbz2189268 - authopenidc.conf mode 0640 by default 2.4.9.4-3 - Resolves: rhbz2184145 - CVE-2023-28625 NULL pointer dereference when OIDCStripCookies is set and a crafted Cookie header is supplied 2.4.9.4-2 - Resolves: rhbz2153656 - CVE-2022-23527 - Open Redirect in...
LibRaw security update
0.20.2-6 - Fix CVE-2021-32142 Resolves: 2172140...
haproxy security and bug fix update
2.4.22-1 - Update to 2.4.22 2196530 2.4.17-7 - Fix uninitizalized resevered bytes CVE-2023-0836, 2180861...
ghostscript security and bug fix update
9.54.0-13 - fix for CVE-2023-38559 - Resolves: rhbz2224372 9.54.0-12 - fix for CVE-2023-36664 - Resolves: rhbz2217810...
ncurses security and bug fix update
6.2-10.20210508 - ignore TERMINFO and HOME only if setuid/setgid/capability 2211666 6.2-9.20210508 - fix buffer overflow on terminfo with too many capabilities CVE-2023-29491 - ignore TERMINFO and HOME environment variables if running as root 2211666...
procps-ng security and bug fix update
3.3.17-13.0.1 - ps: remove uptime integer conversion Orabug: 35909347 - ps: improved three elapsed 'jiffies/tics' calculations Orabug: 35909347 3.3.17-13 - ps: mitigation of possible buffer overflow - Resolves: rhbz2228504 3.3.17-12 - sysctl: '-N' option shows values instead of names if '-p' -...
gmp security and enhancement update
1:6.2.0-13 - Fix: previous commit removed one function from the library and thus broke the ABI - function gmpnpreinvdivrem1 should now not be removed Related: rhbz2044216 1:6.2.0-12 - Add SIMD optimization patches for s390x provided by the IBM Resolves: rhbz2044216 1:6.2.0-11 Fix: Integer overflo...
libreswan security update
4.12-1.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-1 - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 - Resolves: rhbz2215956 4.9-5 - Just bumping up the version to include bugs for CVE-2023-2295. There is no code fix for it. Fix for it is including t...
libfastjson security update
0.99.9-5 - Rebuild Resolves: rhbz2227786 0.99.9-4 - Address CVE-2020-12762 Resolves: rhbz2203172...
httpd and mod_http2 security, bug fix, and enhancement update
httpd 2.4.57-5.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.57-5 - Fix issue found by covscan - Related: 2222001 2.4.57-4 - Resolves: 2217726 - Make PROPFIND tolerant of deletion race 2.4.57-3 - Resolves: 2222001 - modstatus lists BusyWorkers IdleWorkers keys twice...
libqb security update
2.0.6-4 - bump rpm version for rhel-exception build Resolves: rhbz2230712 2.0.6-3 - blackbox: fix buffer overflow with long log lines Resolves: rhbz2236171 2.0.6-1 - ipc: Retry receiving credentials if the the message is short Resolves: rhbz2149647 2.0.6-1 - Rebase to 2.0.6 Resolves: rhbz2072903...
frr security and bug fix update
8.3.1-11 - Resolves: RHEL-2263 - bgpd: Do not explicitly print MAXTTL value for ebgp-multihop vty output 8.3.1-10 - Related: 2216912 - adding sysadmin to capabilities 8.3.1-9 - Resolves: 2215346 - frr policy does not allow the execution of /usr/sbin/ipsec 8.3.1-8 - Resolves: 2216912 - SELinux is...
linux-firmware security, bug fix, and enhancement update
20230516-999.27.git6c9e0ed5.el9 - Update firmware for qat4xxx devices Orabug: 35811008...
perl-CPAN security update
2.29-3 - Resolves: rhbz2218907 - Fix CVE-2023-31484...
python-tornado security update
6.1.0-9 - Fix an open redirect in StaticFileHandler Resolves: CVE-2023-28370...
avahi security update
0.8-15 - Fix CVE-2023-1981 2186689 0.8-14 - Fix CVE-2021-3502 1949949 0.8-13 - Fix CVE-2021-3468 1944092...
liblouis security update
3.16.1-5 - Fix CVE-2023-26767 2181147 - Fix CVE-2023-26768 2181151 - Fix CVE-2023-26769 2181149...
tomcat security and bug fix update
1:9.0.62-37 - Resolves: RHEL-12551 - Remove JDK subpackges which are unused 1:9.0.62-16 - Related: 2184133 Declare file conflicts 1:9.0.62-15 - Resolves: 2184133 Fix bug in Obsoletes 1:9.0.62-14 - Resolves: 2210632 CVE-2023-28709 tomcat 1:9.0.62-13 - Resolves: 2189675 Missing Tomcat POM files in...
containernetworking-plugins security and bug fix update
1:1.3.0-4 - add Epoch in Provides - Related: 2176063 1:1.3.0-3 - remove noopenssl for FIPS compliance - Related: 2176063 1:1.3.0-2 - rebuild for following CVEs: CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400 -...
cups security and bug fix update
1:2.3.3op2-21 - bump the spec because the previous build was made with buildroot 9.2 1:2.3.3op2-20 - CVE-2023-32360 cups: Information leak through Cups-Get-Document operation 1:2.3.3op2-19 - CVE-2023-34241 cups: use-after-free in cupsdAcceptClient in scheduler/client.c - CVE-2023-32324 cups: heap...
libreoffice security update
7.1.8.1-11.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:7.1.8.1-11 - Resolves: rhbz2210193 CVE-2023-0950 Array Index UnderFlow in Calc Formula Parsing - Resolves: rhbz2210197...
flatpak security, bug fix, and enhancement update
1.12.8-1 - Update to 1.12.8 CVE-2023-28100, CVE-2023-28101 Resolves: 2180312, 2221792...
glib2 security and bug fix update
2.68.4-11 - Really fix authentication failures when sd-bus clients connect to GDBus servers - Resolves: 2217771 2.68.4-10 - Fix authentication failures when sd-bus clients connect to GDBus servers - Resolves: 2217771 2.68.4-9 - Resolve s390x crashes introduced by fixes for...
libmicrohttpd security update
1:0.9.72-5 - Add cve-2023-27371.patch Related: rhbz2174640 CVE-2023-27371...
opensc security update
0.23.0-2 - Fix regression in handling OpenPGP cards - Fix CVE-2023-2977: buffer overrun in pkcs15init for cardos 0.23.0-1 - Rebase to latest 0.23.0 release 2100409 - Use separate OpenSSL context to work better from inside of OpenSSL providers...
samba security, bug fix, and enhancement update
evolution-mapi 3.40.1-6 - Related: 2190415 Rebuild against samba 4.18 openchange 2.3-41 - Related: 2190415 Rebuild against samba 4.18 samba 4.18.6-100 - related: rhbz2190415 - Update to version 4.18.6 - resolves: rhbz2211617 - Fix the rpcclient dfsgetinfo command 4.18.5-100 - resolves: rhbz222289...
libX11 security update
1.7.0-8 - CVE fix for: CVE-2023-3138 Resolve: rhbz2213763...
xorg-x11-server-Xwayland security, bug fix, and enhancement update
22.1.9-2 - Rebuild 2158761 22.1.9-1 - xwayland 22.1.9 2158761 21.1.3-8 - Fix CVE-2023-1393 2180299...
xorg-x11-server security and bug fix update
1.20.11-19 - Backport fix for a deadlock with DRI3 Resolves: rhbz2192550 1.20.11-18 - CVE fix for: CVE-2023-1393 Resolves: rhbz2180297...
krb5 security and bug fix update
1.21.1-1.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-1 - New upstream version 1.21.1 - Fix double-free in KDC TGS processing CVE-2023-39975 - Add support for 'pacprivsvrenctype' KDB string attribute Resolves: rhbz2060421...
perl-HTTP-Tiny security update
0.076-461 - Changes the verifySSL default parameter from 0 to 1 - CVE-2023-31486 - Resolves: rhbz2228412...
qemu-kvm security, bug fix, and enhancement update
8.0.0-16.el93 - kvm-migration-Add-migration-prefix-to-functions-in-targe.patch bz2229868 - kvm-migration-Move-more-initializations-to-migrateinit.patch bz2229868 - kvm-migration-Add-.saveprepare-handler-to-struct-SaveVM.patch bz2229868 -...
webkit2gtk3 security and bug fix update
2.40.5-1 - Update to 2.40.5 Related: 2176270 2.40.4-1 - Update to 2.40.4 Related: 2176270 2.40.3-2 - Disable JIT Related: 2176270 2.40.3-1 - Update to 2.40.3 Related: 2176270 2.40.2-1 - Update to 2.40.2 Related: 2176270 2.40.1-1 - Upgrade to 2.40.1 Resolves: 2176270...
grafana security and enhancement update
9.2.10-7 - bump release number for rebuild with fixed gating.yaml file 9.2.10-6 - resolve RHEL-12665 - resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work - testing is turned off due to test failures caused by testing date mismatch 9.2.10-5 - resolve CVE-2023-3128...
binutils security update
2.35.2-42.0.1 - Forward-port Oracle patches to 2.35.2-42...
libpq security update
13.11-1 - Update to 13.11 Resolves: 2171370...
wireshark security update
1:3.4.10-6 - Resolves: 2211413 - XRA dissector infinite loop 1:3.4.10-5 - Resolves: 2210864 - Candump log file parser crash Resolves: 2210865 - VMS TCPIPtrace file parser crash Resolves: 2210868 - NetScaler file parser crash Resolves: 2210870 - RTPS dissector crash Resolves: 2210871 - IEEE C37.11...
shadow-utils security and bug fix update
2:4.9-8 - gpasswd: fix password leak. Resolves: 2215948 2:4.9-7 - useradd: check if subid range exists for user. Resolves: 2179987 - findnewguid: Skip over IDs that are reserved for legacy reasons. Resolves: 2179988...
tpm2-tss security and enhancement update
3.2.2-2 - Remove misapplied license Resolves: rhbz2160307 3.2.2-1 - Rebase to 3.2.2 - Use systemd-sysusers to create user Resolves: CVE-2023-22745 Resolves: rhbz2095479 Resolves: rhbz2160307 Resolves: rhbz2162613...
edk2 security, bug fix, and enhancement update
20230524-3 - edk2-OvmfPkg-AmdSev-fix-BdsPlatform.c-assertion-failure-d.patch bz2190244 - edk2-OvmfPkg-IoMmuDxe-add-locking-to-IoMmuAllocateBounceB.patch bz2211060 - edk2-OvmfPkg-AmdSevDxe-Shim-Reboot-workaround-RHEL-only.patch bz2218196 - Resolves: bz2190244 EDK2 AMDSERVER 9.3 Bug OVMF AP Creatio...