9151 matches found
freerdp security update
2:3.10.3-5.8 - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix clipboard use-after-free during auto-reconnect CVE-2026-25997 - Fix heap-buffer-overflow in bitmapcacheput CVE-2026-29775 - Add DSP format checks CVE-2026-31884 - Fix DSP array bounds checks CVE-2026-31883 - Fix DSP...
Unbreakable Enterprise kernel security update
6.12.0-202.76.4.1 - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present Hyunwoo Kim Orabug: 39344513 CVE-2026-43500 - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets David Howells Orabug: 39344513 - rxrpc: only handle RESPONSE during service challenge Wang Jie...
Unbreakable Enterprise kernel security update
5.15.0-320.202.8.2 - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39344515 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39344515 CVE-2026-43284 5.15.0-320.202.8.1 - x86/CPU/AMD: Add a fix for AMD-SB-7052 Prathyushi Nangia Orabug...
Unbreakable Enterprise kernel security update
5.4.17-2136.355.3.1 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39344527 CVE-2026-43284 - x86/CPU/AMD: Add a fix for AMD-SB-7052 Prathyushi Nangia Orabug: 39344576 CVE-2025-54518 5.4.17-2136.355.3 - crypto: algifaead - Fix minimum RX size check for decryption...
Unbreakable Enterprise kernel security update: Dirty Frag
5.15.0-319.201.4.6 - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39342679 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39342679 CVE-2026-43284 5.15.0-319.201.4.5 - iommu/arm-smmu-v3: Handle zeroed A4-2C HTTU override settings...
Unbreakable Enterprise kernel security update: Dirty Frag
5.4.17-2136.354.4.3 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39342682 CVE-2026-43284...
Unbreakable Enterprise kernel security update: Dirty Frag
6.12.0-201.74.2.3 - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present Hyunwoo Kim Orabug: 39342689 CVE-2026-43500 - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets David Howells Orabug: 39342689 - rxrpc: only handle RESPONSE during service challenge Wang Jie...
corosync security update
3.1.8-1.1 - Resolves: RHEL-163805 - Resolves: RHEL-163826 - totemsrp: Return error if sanity check fails fixes CVE-2026-35091 - totemsrp: Fix integer overflow in membjoinsanity fixes CVE-2026-35092...
mingw-libtiff security update
4.0.9-4 - fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile Resolves: RHEL-159337...
freeipmi security update
1.6.17-1 - Update to 1.6.17, fixes CVE-2026-33554...
resource-agents security update
4.9.0-54.33 - bundled pyasn1: fix CVE-2026-30922 Resolves: RHEL-157190 4.9.0-54.32 - db2: do not use db2stop to avoid divergence in the log Resolves: RHEL-166181 4.9.0-54.31 - db2: set reintegration when promotion is successful Resolves: RHEL-153157...
python security update
2.6.6-68.0.6 - Fix CVE-2026-4519 Orabug: 39253111...
libpng security update
2:1.6.37-12.3 - fix CVE-2026-33636: out-of-bounds R/W in the palette expansion on ARM Neon RHEL-161291...
libpng security update
2:1.6.40-8.3 - fix CVE-2026-33636: out-of-bounds R/W in the palette expansion on ARM Neon RHEL-161208...
libsoup security update
2.62.3-14 - Backport patch for CVE-2026-5119 - Run testsuite during RPM check phase...
libsoup security update
2.72.0-12.6 - Backport patch for CVE-2026-5119...
git-lfs security update
3.6.1-8.1 - Rebuild with new Golang - Resolves: RHEL-167659, RHEL-170836, RHEL-166651...
fence-agents security update
4.10.0-98.13 - bundled pyasn1: fix CVE-2026-30922 Resolves: RHEL-157201 4.10.0-98.12 - bundled cryptography: replace with dependency to fix CVE-2026-26007 - bundled PyJWT: upgrade to v2.12.1 to fix CVE-2026-32597 Resolves: RHEL-148436, RHEL-155675...
fence-agents security update
4.16.0-13.4 - bundled pyasn1: replace with dependency to fix CVE-2026-30922 - bundled PyJWT: upgrade to v2.12.1 to fix CVE-2026-32597 Resolves: RHEL-157186, RHEL-155667...
dovecot security update
1:2.3.16-7 - fix CVE-2026-27858: denial of service via crafted message before authentication RHEL-161630 - fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command RHEL-162282 - fix CVE-2026-27857: denial of service via specially crafted NOOP...
dovecot security update
1:2.3.16-15.1 - fix CVE-2026-27858: denial of service via crafted message before authentication RHEL-161639 - fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command RHEL-162287 - fix CVE-2026-27857: denial of service via specially crafted NOOP...
gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update
gstreamer1-plugins-bad-free 1.10.4-4.0.1 - Security update for CVE-2026-3082 Orabug: 39199326 gstreamer1-plugins-base 1.10.4-2.0.3 - Security update for CVE-2026-2921 Orabug: 39199326 1.10.4-2.0.1 - Fixed CVE-2024-47607,CVE-2024-47538 and CVE-2024-47615 Orabug: 37407070 gstreamer1-plugins-good...
image-builder security update
45-1.0.4 - Rebuilt to fix CVE-2026-25679, CVE-2026-27137...
image-builder security update
45-1.0.4 - Rebuilt to fix CVE-2026-25679, CVE-2026-27137...
tigervnc security update
1.15.0-9 - Fix CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002, CVE-2026-34003 xorg-x11-server: various XKB and XSYNC vulnerabilities Resolves: RHEL-163203 Resolves: RHEL-163271 Resolves: RHEL-163257 - Fix CVE-2026-34352 Resolves: RHEL-167760...
libcap security update
2.48-6.1 - Fix TOCTOU race condition in capsetfile CVE-2026-4878 Resolves: RHEL-169304...
python-tornado security update
6.5.5-1.1 - Update to 6.5.5 Resolves: RHEL-160934...
perl-XML-Parser security update
2.41-10.0.3 - Security update for CVE-2006-10002 and CVE-2006-10003 Orabug: 39220442...
python-tornado security update
6.5.5-1.1 - Update to 6.5.5 Resolves: RHEL-160941...
thunderbird security update
140.10.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.10.0 - Add OpenELA debranding 140.10.0-1 - Update to 140.10.0 ESR...
corosync security update
3.1.9-2.1 - Resolves: RHEL-163801 - Resolves: RHEL-163822 - totemsrp: Return error if sanity check fails fixes CVE-2026-35091 - totemsrp: Fix integer overflow in membjoinsanity fixes CVE-2026-35092...
freeipmi security update
1.6.17-1 - Update to 1.6.17 1.6.14-6 - .fmf/version: Add fmf metadtata root 1.6.14-5 - gating: RHEL-10: Add OSCI testing...
LibRaw security update
0.19.5-6 - Backport fix for CVE-2026-24660 from upstream Resolves: RHEL-165412 0.19.5-5 - Backport fixes for CVE-2026-20889 and CVE-2026-21413 from upstream - Migrate to SPDX license Resolves: RHEL-165404, RHEL-165408...
systemd security update
257-13.0.1.el101.3 - Fix detection of Oracle Virtualization or BM envs Orabug: 37531877 - Avoid udevadm warnings when using udev valid configs Orabug: 37503197 - allow dm remove ioctl to co-operate with UEK3 Orabug: 18467469 - set 'RemoveIPC=no' in logind.conf as default Orabug: 22224874 - Fix...
systemd security update
252-55.0.3.el97.9 - serialize: don't allocate 1M on the stack just like that LINUX-16166 - Route logs from container mapped uids to the system journal Orabug: 38135007 - Drop delay when nspawn fails to reset loginuid Orabug: 37793135 - Improve logging for api bus connection and subscribers Orabug...
dovecot security update
1:2.3.21-16.1 - fix CVE-2026-27858: denial of service via crafted message before authentication RHEL-161625 - fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command RHEL-162273 - fix CVE-2026-27857: denial of service via specially crafted NOOP...
kernel security update
4.18.0-553.123.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
openssh security update
8.0p1-29.0.1 - Update upstream references Orabug: 36587718 8.0p1-29 - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Resolves: RHEL-164743 - CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode multiplexing sessions Resolves:...
kernel security update
5.14.0-611.54.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
kernel security update
6.12.0-124.55.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
osbuild-composer security update
149-6.0.1 - Add missing dependency over dracut-config-rescue for image-installer Orabug: 38587453 - Add OL10 support - Update repository URLs for baseos, appstream and UERK - Fix the label for UEKR repository - Simplify repository names JIRA: OLDIS-35893 - Ensure build on latest golang:...
openssh security update
8.7p1-49.0.1 - Upstream references found with /usr/bin/ssh Orabug: 37814929 - upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand Orabug: 37647064 - Update upstream references Orabug: 36564626 8.7p1-49 - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in...
openssh security update
9.9p1-14.0.1 - Upstream references found with /usr/bin/ssh Orabug: 37824421 9.9p1-14 - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Resolves: RHEL-164738 - CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode multiplexing...
python security update
2.7.5-94.0.7 - Fix for CVE-2026-4519 Orabug: 39243798...
python3 security update
3.6.8-21.0.11 - Security update CVE-2026-4519 Orabug: 39246828...
Unbreakable Enterprise kernel security update: Copy Fail
5.15.0-319.201.4.4 - crypto: algifaead - Fix minimum RX size check for decryption Herbert Xu Orabug: 39291961 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl Herbert Xu Orabug: 39291961 - crypto: authencesn - Fix src offset when decrypting in-place Herbert Xu Orabug: 39291961 -...
Unbreakable Enterprise kernel security update: Copy Fail
5.4.17-2136.354.4.2 - crypto: algifaead - Fix minimum RX size check for decryption Herbert Xu Orabug: 39292250 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl Herbert Xu Orabug: 39292250 - crypto: authencesn - Fix src offset when decrypting in-place Herbert Xu Orabug: 39292250 -...
Unbreakable Enterprise kernel security update: Copy Fail
6.12.0-201.74.2.2 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl Herbert Xu Orabug: 39292190 - crypto: authencesn - Fix src offset when decrypting in-place Herbert Xu Orabug: 39292190 - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption Herbert Xu...
sudo security update
1.9.5p2-15 RHEL 9.7.0 ERRATUM - CVE-2026-35535 - Privilege escalation due to failure in privilege drop calls Resolves: RHEL-166065...
xorg-x11-server-Xwayland security update
21.1.3-20 - CVE fix for: CVE-2026-33999, CVE-2026-34000, CVE-2026-34001 CVE-2026-34002, CVE-2026-34003 Resolves: https://redhat.atlassian.net/browse/RHEL-163191 Resolves: https://redhat.atlassian.net/browse/RHEL-163287 Resolves: https://redhat.atlassian.net/browse/RHEL-163245...