8998 matches found
firefox security update
102.15.0-1.0.1 - Update to 102.15.0 build2...
thunderbird security update
102.15.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.15.0-1 - Update to 102.15.0 build1 102.14.0-3 - Bump NVR to rebuild 102.14.0-2 - Rebuild due to rhbz2228948...
Unbreakable Enterprise kernel security update
4.1.12-124.78.2 - xfrm: fix crash in XFRMMSGGETSA netlink handler Vegard Nossum Orabug: 35598955 CVE-2023-3106 - netfilter: nftables: validate registers coming from userspace Harshvardhan Jha Orabug: 34012909 CVE-2022-1015 4.1.12-124.78.1 - vcscreen: move load of struct vcdata pointer in vcsread ...
openssl security update
3.0.7-16.0.1 - Replace upstream references Orabug: 34340177...
kernel security and bug fix update
3.10.0-1160.99.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.99.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...
cups security update
1:2.2.6-51.1 - CVE-2023-32360 cups: Information leak through Cups-Get-Document operation...
cups security update
1:2.3.3op2-16.1 - CVE-2023-32360 cups: Information leak through Cups-Get-Document operation...
cups security update
1:1.6.3-52 - CVE-2023-32360 cups: Information leak through Cups-Get-Document operation...
rust-toolset:ol8 security update
1.66.1-2 - rust-cargo: cargo does not respect the umask when extracting dependencies CVE-2023-38497...
rust security update
1.66.1-2 - rust-cargo: cargo does not respect the umask when extracting dependencies CVE-2023-38497...
.NET 6.0 security, bug fix, and enhancement update
6.0.121-1.0.1 - Update to .NET SDK 6.0.121 and Runtime 6.0.21 - Resolves: RHBZ2228567...
.NET 7.0 security, bug fix, and enhancement update
7.0.110-1.0.1 - Update to .NET SDK 7.0.110 and Runtime 7.0.10 - Resolves: RHBZ2228571...
microcode_ctl security update
4:20220809-2.20230214.1.0.3 - update 06-55-04 to 0x2007006 - update 06-55-06 to 0x4003604 - update 06-55-07 to 0x5003604 - update 06-6a-06 to 0xd0003a5 - Resolves for Oracle hardware: CVE-2022-40982 Orabug: 35692740...
microcode_ctl security update
2:2.1-73.15.0.6 - also rebuild initramfs for kernel-ueknano Orabug: 35698043 2:2.1-73.15.0.5 - update 06-55-04 to 0x2007006 - update 06-55-06 to 0x4003604 - update 06-55-07 to 0x5003604 - update 06-6a-06 to 0xd0003a5 - Resolves for Oracle hardware: CVE-2022-40982 Orabug: 35692745 2:2.1-73.15.0.2 ...
.NET 6.0 security, bug fix, and enhancement update
6.0.121-1.0.1 - Update to .NET SDK 6.0.121 and Runtime 6.0.21 - Resolves: RHBZ2228567...
.NET 7.0 security, bug fix, and enhancement update
7.0.110-1.0.1 - Update to .NET SDK 7.0.110 and Runtime 7.0.10 - Resolves: RHBZ2228571...
microcode_ctl security update
4:20230214-2.0.3 - update 06-55-04 to 0x2007006 - update 06-55-06 to 0x4003604 - update 06-55-07 to 0x5003604 - update 06-6a-06 to 0xd0003a5 - Resolves for Oracle hardware: CVE-2022-40982 Orabug: 35692741...
iperf3 security update
3.5-7 - Fixes CVE-2023-38403 Resolves: rhbz2223729...
python-requests security update
2.20.0-3 - Fix Unintended leak of Proxy-Authorization header CVE-2023-32681...
postgresql:10 security update
10.23-2.0.1 - Fixed postgresql port binding issue during bootup Orabug: 35103668 10.23-2 - Backport fixes for CVE-2023-2454 and CVE-2023-2455 - Update postgresql-setup to 8.7 https://github.com/devexp-db/postgresql-setup/pull/35 - Resolves: 2207931 10.23-1 - Resolves: CVE-2022-2625 - Rebase to...
openssh security update
5.3p1-124.0.2 - Fix for CVE-2016-6210 incomplete fix Orabug: 29375502CVE-2016-6210 5.3p1-124.0.1 - Fix for CVE-2023-38408 Orabug: 35672523...
kernel security update
2.6.32-754.35.1.0.10.el6.OL6 - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds CVE-2022-4378 Orabug: 35304147 - proc: avoid integer type confusion in getproclong Linus Torvalds CVE-2022-4378 Orabug: 35304147...
openssh security update
7.4p1-23.0.1fips - Change Epoch from 1 to 10 - Enable fips KDF POST Orabug: 32461750 - Disable diffie-hellman-group-exchange-sha256 KEX FIPS method Orabug: 32461739 7.4p1-23.0.1 - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without...
dbus security update
1:1.12.20-7.0.1.1 - Fix CVE-2023-34969 2213402 1.12.20-7.0.1 - fix netlink poll: error 4 Zhenzhong Duan 1:1.12.20-7 - Fix CVE-2022-42010 2133647 - Fix CVE-2022-42011 2133641 - Fix CVE-2022-42012 2133635 1:1.12.20-6 - Override upstream sysusers.d confguration 2118226 1:1.12.20-5 - Rebuilt for IMA...
libxml2 security update
2.9.7-16.1 - Fix CVE-2023-28484 2185994 - Fix CVE-2023-29469 2185984...
postgresql:13 security update
pgaudit pgrepack postgres-decoderbufs postgresql 13.11-1.0.1 - Update to 13.11 - Resolves: 2212815 - Update postgresql-setup to 8.7 https://github.com/devexp-db/postgresql-setup/pull/35 - Resolves: 2207933 - Update 1001-Fixed-postgresql-service-network-binding-issue.patch for postgresql-setup...
kernel security and bug fix update
4.18.0-477.21.18.OL8 - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM Tamas Koczka CVE-2022-42896 - net/sched: tcindex: update imperfect hash filters respecting rcu Jamal Hadi Salim CVE-2023-1281 - net/sched: tcindex: search key must be 16 bits Jamal Hadi Salim CVE-2023-1281 ...
nodejs:16 security, bug fix, and enhancement update
nodejs 1:16.20.1-1 - Rebase to 16.20.1 Resolves: rhbz2188289 Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 - Replace /usr/etc/npmrc symlink with builtin configuration Resolves: rhbz2222288 nodejs-nodemon nodejs-packaging...
curl security update
7.61.1-30.el88.3 - GSS delegation too eager connection re-use CVE-2023-27536 - fix host name wildcard checking CVE-2023-28321 - rebuild certs with 2048-bit RSA keys...
iperf3 security update
3.9-10 - Fixes CVE-2023-38403 Resolves: rhbz2223676...
nodejs:18 security, bug fix, and enhancement update
nodejs 1:18.16.1-1 - Rebase to 18.16.1 Resolves: rhbz2188290 rhbz2166926 Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 - Replace /usr/etc/npmrc symlink with builtin configuration Resolves: rhbz2222287 nodejs-nodemon nodejs-packaging 2021.06-4 - NPM bundler: also find...
postgresql:12 security update
pgaudit pgrepack postgres-decoderbufs postgresql 12.15-1.0.1 - Fixed postgresql port binding issue during bootup Orabug: 35103668 12.15-1 - Update postgresql-setup to 8.7 https://github.com/devexp-db/postgresql-setup/pull/35 - Resolves: 2207932 - Update to version 12.15...
libcap security update
2.48-5 - Fix integer overflow in libcapstrdup CVE-2023-2603 Resolves: rhbz2210637 - Correctly check pthreadcreate return value to avoid memory leak CVE-2023-2602 Resolves: rhbz2210644...
kernel security and bug fix update
3.10.0-1160.95.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.95.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...
thunderbird security update
102.14.0-1.0.1 - Update to 102.14.0 build1...
linux-firmware security update
20230516-999.25.git6c9e0ed5.el8 - Add missing amd-ucode/ files to nano and core rpm Orabug: 35642190 - Add posttrans scriptlet to reload microcode on AMD Orabug: 35636951 - Recreate initramfs for AMD systems Orabug: 35636951 20230516-999.24.git6c9e0ed5.el7 - 8a07fa49 linux-firmware: Update AMD...
linux-firmware security update
20230516-999.25.git6c9e0ed5.el7 - Add missing amd-ucode/ files to nano rpm Orabug: 35642190 - Add posttrans scriptlet to reload microcode on AMD Orabug: 35636951 - Recreate initramfs for AMD systems Orabug: 35636951 20230516-999.24.git6c9e0ed5.el7 - 8a07fa49 linux-firmware: Update AMD fam19h cpu...
linux-firmware security update
20230516-999.25.git6c9e0ed5.el9 - Add missing amd-ucode/ files to nano and core rpm Orabug: 35642190 - Add posttrans scriptlet to reload microcode on AMD Orabug: 35636951 - Recreate initramfs for AMD systems Orabug: 35636951 20230516-999.24.git6c9e0ed5.el7 - 8a07fa49 linux-firmware: Update AMD...
thunderbird security update
102.14.0-1.0.1 - Update to 102.14.0 build1...
linux-firmware security update
20230516-999.25.git6c9e0ed5.el7 - Add missing amd-ucode/ files to nano rpm Orabug: 35642190 - Add posttrans scriptlet to reload microcode on AMD Orabug: 35636951 - Recreate initramfs for AMD systems Orabug: 35636951 20230516-999.24.git6c9e0ed5.el7 - 8a07fa49 linux-firmware: Update AMD fam19h cpu...
dbus security update
1:1.12.8-24.0.1.1 - Fix CVE-2023-34969 2213166...
thunderbird security update
102.14.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.14.0-1 - Update to 102.14.0 build1...
python-werkzeug security update
0.12.2-4.0.1 - Fix CVE-2023-23934 Orabug: 35662419 - Fix CVE-2023-25577 Orabug: 35662419 - enable tests Orabug: 35662419...
firefox security update
102.14.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.14.0-1 - Update to 102.14.0 build1...
python-flask security update
0.12.2-4.0.1 - Fix for CVE-2023-30861 Orabug: 35662469 - Add test for CVE-2023-30861 Orabug: 35662469...
kernel security, bug fix, and enhancement update
5.14.0-284.25.1.0.12 - Fix KVM: x86/mmu: Fix race condition in directpagefault Orabug: 35673032 CVE-2022-45869 5.14.0-284.25.12 - KVM: x86/mmu: Fix race condition in directpagefault - prlimit: doprlimit needs to have a speculation check CVE-2023-0458 - x86/speculation: Allow enabling STIBP with...
firefox security update
102.14.0-1.0.1 - Updated homepages to use https Orabug: 34648274 102.14.0-1 - Update to 102.14.0 build1...
firefox security update
102.14.0-1.0.1 - Updated homepages to use https Orabug: 34648274 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.14.0-1 - Update to 102.14.0 build1...
mod_auth_openidc:2.3 security update
cjose 0.6.1-3 - CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE Resolves: rhbz2223308 modauthopenidc 2.4.9.4-1 - Resolves: rhbz2025368 - Rebase to new version...
libeconf security update
0.4.1-3 - Fix stack-based buffer overflow in readfile. Resolves: 2212467 CVE-2023-22652...