9184 matches found
skopeo security update
2:1.13.3-1 - update to https://github.com/containers/skopeo/releases/tag/v1.13.3 - Related: 2176063 2:1.13.2-1 - update to https://github.com/containers/skopeo/releases/tag/v1.13.2 - Related: 2176063 2:1.13.1-1 - update to https://github.com/containers/skopeo/releases/tag/v1.13.1 - Related: 21760...
java-21-openjdk security and bug fix update
1:21.0.1.0.12-2.0.1 - Add Oracle vendor bug URL 1:21.0.1.0.12-2 - Switch to using portable binaries built on RHEL 7 - Sync the copy of the portable specfile with the RHEL 7 version - Related: RHEL-12997 1:21.0.1.0.12-1 - Update to jdk-21.0.1.0+12 GA - Update release notes to 21.0.1.0+12 - Sync th...
c-ares security, bug fix, and enhancement update
1.19.1-1 - Resolves: rhbz2209564 - CVE-2023-31124 c-ares: AutoTools does not set CARESRANDOMFILE during cross compilation rhel-9 - Resolves: rhbz2209556 - CVE-2023-31130 c-ares: Buffer Underwrite in aresinetnetpton rhel-9 - Resolves: rhbz2209550 - CVE-2023-31147 c-ares: Insufficient randomness in...
buildah security update
1.31.3-1.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 1:1.31.3-1 - update to https://github.com/containers/buildah/releases/tag/v1.31.3 - Related: 2176063 1:1.31.2-1 - update to https://github.com/containers/buildah/releases/tag/v1.31.2 - Related: 2176063...
python-cryptography security update
36.0.1-4 - Fix FTBFS caused by rsapkcs1implicitrejection OpenSSL feature, resolves rhbz2203840 36.0.1-3 - Fix CVE-2023-23931: Don't allow updateinto to mutate immutable objects, resolves rhbz2172399 - Fix FTBFS due to failing testloadinvalideckeyfrompem and testdecryptinvaliddecrypt...
protobuf-c security update
1.3.3-13 - Applied patch for for CVE-2022-48468 2186677...
python3.11-pip security update
22.3.1-4 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2218247 22.3.1-3 - Fix changelog to contain Fedora contributors Resolves: RHEL-232...
podman security, bug fix, and enhancement update
2:4.6.1-5.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 2:4.6.1-5 - update to the latest content of https://github.com/containers/podman/tree/v4.6.1-rhel https://github.com/containers/podman/commit/ea33dce - Related: 2176063 2:4.6.1-4 - amend podmansh provides...
cloud-init security, bug fix, and enhancement update
23.1.1-11.0.2 - Fix Oracle Datasource network and getdata methods for OCI OL Orabug: 35950168 23.1.1-11.0.1 - Increase retry value and add timeout for OCI Orabug: 35329883 - Fix log file permission Orabug: 35302969 - Update detection logic for OL distros in config template Orabug: 34845400 - Adde...
runc security update
4:1.1.9-1 - update to https://github.com/opencontainers/runc/releases/tag/v1.1.9 - Related: 2176063 4:1.1.8-1 - update to https://github.com/opencontainers/runc/releases/tag/v1.1.8 - Related: 2176063 4:1.1.7-2 - rebuild for following CVEs: CVE-2021-43784 CVE-2022-41724 CVE-2023-28642 - Resolves:...
python-pip security update
21.2.3-7 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2207997...
libssh security update
0.10.4-11 - Fix loglevel regression - Related: rhbz2182252, rhbz2189740 0.10.4.10 - Fix null dereference issues found by covscan - Related: rhbz2182252, rhbz2189740 0.10.4-9 - Fix CVE-2023-1667 and CVE-2023-2283 - Fix issues found by cosvcan - Resolves: rhbz2182252, rhbz2189740...
python3.11 security update
3.11.5-1 - Rebase to 3.11.5 - Security fixes for CVE-2023-40217 and CVE-2023-41105 Resolves: RHEL-3045, RHEL-3269 3.11.4-3 - Fix symlink handling in the fix for CVE-2023-24329 Resolves: rhbz263261 3.11.4-2 - Security fix for CVE-2007-4559 Resolves: rhbz263261 3.11.4-1 - Update to 3.11.4 - Securit...
curl security update
7.76.1-26 - unify the upload/method handling CVE-2023-28322 - fix host name wildcard checking CVE-2023-28321 7.76.1-25 - adapt the fix of CVE-2023-27535 for RHEL 9 curl 7.76.1-24 - fix SSH connection too eager reuse still CVE-2023-27538 - fix GSS delegation too eager connection re-use...
python3.9 security update
3.9.18-1 - Update to 3.9.18 - Security fix for CVE-2023-40217 Resolves: RHEL-3043 3.9.17-2 - Fix symlink handling in the fix for CVE-2023-24329 Resolves: rhbz263261 3.9.17-1 - Update to 3.9.17 - Security fix for CVE-2023-24329 Resolves: rhbz2173917 3.9.16-2 - Add filters for tarfile extraction...
sysstat security and bug fix update
12.5.4-7.0.1 - add mpstat -H option to also display physically hotplugged vCPUs Orabug: 34683087 12.5.4-7 - add description of UMASK to man/systat.in rhbz2216805 12.5.4-6 - fix the arithmetic overflow in allocatestructures that is still possible on some 32 bit systems CVE-2023-33204...
librabbitmq security update
0.11.0-7 - add missing gating.yaml - fix rpminspect issue Related: 2215766 0.11.0-6 - Resolves: 2215766, insecure credentials submission...
libtiff security update
4.4.0-10 - Fix CVE-2023-26965 CVE-2023-3316 CVE-2023-26966 CVE-2023-3576 - Resolves: CVE-2023-26965 CVE-2023-3316 CVE-2023-26966 CVE-2023-3576 4.4.0-9 - Fix CVE-2023-2731 - Resolves: CVE-2023-2731...
Unbreakable Enterprise kernel security update
5.4.17-2136.325.5 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access dtc...
python3 security update
3.6.8-21.0.1 - Remove the 'getfile' feature of pydoc Orabug: 33182027CVE-2021-3426 - Fix buffer overflow in PyCArgrepr Orabug: 32551171CVE-2021-3177 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-21 - Test fixups for CVE-2023-40217 Resolves: RHEL-3139 3.6.8-20 - Security fi...
squid security update
7:3.5.20-17.0.1 - Mutiple CVE fixes for squid Orabug: 33146289 - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing 788 - Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range...
xorg-x11-server security update
1.20.4-24 - CVE fix for: CVE-2023-5367 Resolves: https://issues.redhat.com/browse/RHEL-13424...
squid:4 security update
libecap squid 4.15-6.0.1 - Improve HTTP chunked encoding compliance CVE-2023-46846 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847...
dnsmasq security update
2.76-17.0.3.3 - Fixed heap-based buffer overflow in sortrrset CVE-2020-25681 Orabug: 35904921 - Fixed buffer overflow in extractname CVE-2020-25682 Orabug: 35904921...
dnsmasq security update
2.76-17.0.3.3 - Fixed heap-based buffer overflow in sortrrset CVE-2020-25681 Orabug: 35904921 - Fixed buffer overflow in extractname CVE-2020-25682 Orabug: 35904921...
.NET 6.0 security update
6.0.124-1.0.1 - Update to .NET SDK 6.0.124 and Runtime 6.0.24 - Resolves: RHEL-14466...
ghostscript security update
9.54.0-11 - fix for CVE-2023-43115 - Resolves: rhbz2241108...
Unbreakable Enterprise kernel security update
4.1.12-124.80.1 - Bluetooth: L2CAP: Fix use-after-free in l2capsockreadycb Sungwoo Kim Orabug: 35814478 CVE-2023-40283 - net/sched: clsu32: No longer copy tcfresult on update to avoid use-after-free valis Orabug: 35814297 CVE-2023-4208 - RDMA/core: net: fix kernel NULL error Zhu Yanjun Orabug:...
squid security update
7:5.5-5.el92.1 - Improve HTTP chunked encoding compliance CVE-2023-46846 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847 - Fix userinfo percent-encoding CVE-2023-46848...
.NET 7.0 security update
7.0.113-1.0.1 - Update to .NET SDK 7.0.113 and Runtime 7.0.13 - Resolves: RHEL-14474...
.NET 6.0 security update
6.0.124-1.0.1 - Update to .NET SDK 6.0.124 and Runtime 6.0.24 - Resolves: RHEL-14462...
java-1.8.0-openjdk security update
1:1.8.0.392.b08-4.0.1 - Update to shenandoah-jdk8u392-b08 GA - OpenJDK: segmentation fault in ciMethodBlocks CVE-2022-40433 - OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 - OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 - A...
java-1.8.0-openjdk security update
1:1.8.0.392.b08-3.0.1 - Update to shenandoah-jdk8u392-b08 GA - OpenJDK: segmentation fault in ciMethodBlocks CVE-2022-40433 - OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 - OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 - A...
.NET 7.0 security update
7.0.113-1.0.1 - Update to .NET SDK 7.0.113 and Runtime 7.0.13 - Resolves: RHEL-14467...
binutils security update
2.30-119.0.2.2 - Fix for CVE-2022-4285. - Fix illegal memory address when parsing an ELF file contaiing corrupt symbol version information. Upstream commit 5c831a3c7f3ca98d6aba1200353311e1a1f84c70. - Partial backport of bfdmuloverflow support from upstream commit...
thunderbird security update
115.4.1-1.0.1 - Update to 115.4.1 build1 - Add fix for CVE-2023-44488...
firefox security update
115.4.0-1.0.1 - Update to 115.4.0 build1 - Add fix for CVE-2023-44488 - Set homepage from os-release HOMEURL...
thunderbird security update
115.4.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.4.1-1 - Update to 115.4.1 build1 115.4.0-3 - Update to 115.4.0 build3 115.4.0-2 - Update to 115.4.0 build2 115.4.0-1 - Update to 115.4.0 build1...
thunderbird security update
115.4.1-1.0.1 - Update to 115.4.1 build1 - Add fix for CVE-2023-44488...
java-17-openjdk security and bug fix update
1:17.0.9.0.9-2.0.1 - Update to jdk-17.0.9+9 GA - Update release notes to 17.0.9+9 - OpenJDK: memory corruption issue on x8664 with AVX-512 JDK-8317121 CVE-2023-22025 - OpenJDK: certificate path validation issue during client authentication JDK-8309966 CVE-2023-22081 - OpenJDK: Additional zip64...
firefox security update
115.4.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.4.0-1 - Update to 115.4.0 build1 - Add fix for CVE-2023-44488 - Set homepage from os-release HOME...
libguestfs-winsupport security update
9.2-2 - Rebase to ntfs-3g 2022.10.3 - Fixes: CVE-2022-40284 - resolves: rhbz2236130...
firefox security update
115.4.0-1.0.1 - Update to 115.4.0 build1 - Add fix for CVE-2023-44488 - Set homepage from os-release HOMEURL...
java-17-openjdk security and bug fix update
1:17.0.9.0.9-2.0.1 - Update to jdk-17.0.9+9 GA - Update release notes to 17.0.9+9 - OpenJDK: memory corruption issue on x8664 with AVX-512 JDK-8317121 CVE-2023-22025 - OpenJDK: certificate path validation issue during client authentication JDK-8309966 CVE-2023-22081 - OpenJDK: Additional zip64...
grub2 security update
2.02-0.87.0.26.el79.9 - Enable common subpackage for aarch64 - Do not sign aarch64 efi binaries Orabug: 32670043 - Remove aarch64 deps on shim Orabug: 32670043 - Restore versioned certificate provide for aarch64 package to satisfy shim Orabug: 32670043 2.02-0.87.0.24.el79.9 - Replace...
java-11-openjdk security and bug fix update
1:11.0.21.0.9-2.0.1 - Update to jdk-11.0.21+9 GA - Update release notes to 11.0.21+9 - OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 - OpenJDK: Additional zip64 files validation 8313765 RHBZ2237170 - OpenJDK: Print an exception when encountering nu...
nginx:1.22 security update
1:1.22.1-3.0.1.1 - Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack CVE-2023-44487...
java-11-openjdk security and bug fix update
1:11.0.21.0.9-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 - Update to jdk-11.0.21+9 GA - Update release notes to 11.0.21+9 - OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 - OpenJDK: Additional zip64 files validation 8313765 RHBZ2237170 -...
python39:3.9 and python39-devel:3.9 security update
Cython 0.29.21-5 - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz1877430 modwsgi 4.7.1-5 - Core dumped upon file upload = 1GB Resolves: rhbz2125172 numpy 1.19.4-3 - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz1933055 pybind11 2.7.1-1 - Update...
python27:2.7 security update
babel Cython numpy pytest python2 2.7.18-13.0.1.2 - Security fix for CVE-2023-40217 python2-pip python2-rpm-macros python2-setuptools python2-six python-attrs python-backports python-backports-sslmatchhostname python-chardet python-coverage python-dns python-docs python-docutils python-funcsigs...