9184 matches found
glibc security update
2.28-225.0.4.6 - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode. - CVE-2203-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaihinet RHEL-2435. - CVE-2023-4813: work around RHEL-8 limitation in test RHEL-2435. Reviewed by: Jose E...
python-reportlab security update
2.5-11 - Do not evaluate unichar element - Resolves: RHEL-7011...
libvpx security update
1.9.0-7 - Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217 Resolves: rhbz2241191 - crash related to VP9 encoding in libvpx CVE-2023-44488 Resolves: rhbz2241806...
kernel security and bug fix update
3.10.0-1160.102.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.102.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug:...
libvpx security update
1.7.0-10 - Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217 Resolves: rhbz2241191 - crash related to VP9 encoding in libvpx CVE-2023-44488 Resolves: rhbz2241806...
nodejs security and bug fix update
1:16.20.2-1 - Update to 16.20.2-1 Resolves CVE-2023-32002 CVE-2023-32006 CVE-2023-32559...
libssh2 security update
1.8.0-4.el79.1 - fix use-of-uninitialized-value CVE-2020-22218...
Unbreakable Enterprise kernel security update
5.15.0-106.131.4 - jbd2: check 'jh-btransaction' before removing it from checkpoint Zhihao Cheng - jbd2: fix checkpoint cleanup performance regression Zhang Yi - scsi: qla2xxx: Fix TMF leak through Quinn Tran - scsi: qla2xxx: Fix command flush during TMF Quinn Tran - scsi: qla2xxx: Limit TMF to 8...
glibc security update
2.34-60.0.3.7 - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode 2234716. - CVE-2203-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaihinet. Reviewed by: Jose E. Marchesi...
glibc security update
2.28-225.0.4 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi...
kvm_utils3 security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 9.0.0-3.el8 - storage: Fix returning of locked objects from 'virStoragePoolObjListSearch' Peter Krempa Orabug: 35644221 CVE-2023-3750 - virpci: Resolve leak in virPCIVirtualFunctionList cleanup Tim Shearer Orabug: 35395469...
ghostscript security update
9.54.0-10 - fix for CVE-2023-36664 - Resolves: rhbz2217798...
firefox security update
115.3.1-1.0.1 - Update to 115.3.1...
thunderbird security update
115.3.1-1.0.1 - Update to 115.3.1 build1...
glibc security update
2.34-60.0.3 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi...
bind security update
32:9.11.36-8.2 - stack exhaustion in control channel code may lead to DoS CVE-2023-3341...
bind9.16 security update
32:9.16.23-14.2 - stack exhaustion in control channel code may lead to DoS CVE-2023-3341...
nodejs:18 security, bug fix, and enhancement update
nodejs 1:18.17.1-1 - Rebase to version 18.17.1 Resolves: rhbz2228940 Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 - Specify proper OpenSSL configuration section build Related: rhbz2226726 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 nodejs-packaging...
ImageMagick security update
6.9.10.68-7 - Added fix for CVE-2021-40211...
firefox security update
115.3.1-1.0.1 - Update to 115.3.1...
thunderbird security update
115.3.1-1.0.1 - Update to 115.3.1 build1...
glibc security update
2.28-225.0.4 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi...
glibc security update
2.34-60.0.3 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi...
Unbreakable Enterprise kernel security update
4.1.12-124.79.2 - net/sched: clsroute: No longer copy tcfresult on update to avoid use-after-free valis Orabug: 35814273 CVE-2023-4206 - net/sched: schqfq: account for stab overhead in qfqenqueue Pedro Tammela Orabug: 35636291 CVE-2023-3611 - rds: Fix lack of reentrancy for connection reset with...
kernel security update
4.18.0-477.27.1.el88.OL8 - x86/microcode/intel: Expose collectcpuinfoearly for IFS - x86/cpu: Load microcode during restoreprocessorstate - x86/microcode: Deprecate MICROCODEOLDINTERFACE - x86/microcode: Rip out the OLDINTERFACE - x86/microcode: Default-disable late loading - x86/microcode: Taint...
nodejs:16 security, bug fix, and enhancement update
nodejs 1:16.20.2-2 - Rebase to 16.20.2 Resolves: rhbz2231866 Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 Resolves: CVE-2022-25883 nodejs-packaging 26-1 - nodejs.prov: find namespaced bundled dependencies - Apply...
nodejs:18 security, bug fix, and enhancement update
nodejs 1:18.17.1-1 - Rebase to version 18.17.1 Resolves: rhbz2228939 Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 - Specify proper OpenSSL configuration section build nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 nodejs-packaging...
libtiff security update
4.0.9-29 - Fix CVE-2023-0800 CVE-2023-0801 CVE-2023-0802 CVE-2023-0803 CVE-2023-0804 - Resolves: BZ2170167 BZ2170172 BZ2170178 BZ2170187 BZ2170192...
kernel security update
5.14.0-284.30.1.el92 - x86/microcode/intel: Expose collectcpuinfoearly for IFS - x86/cpu: Load microcode during restoreprocessorstate - x86/microcode: Rip out the OLDINTERFACE - x86/microcode: Default-disable late loading - x86/microcode: Taint and warn on late loading - x86/microcode: Remove...
Unbreakable Enterprise kernel security update
5.15.0-105.125.6.2.2 - netfilter: nfnetlinkosf: avoid OOB read Wander Lairson Costa Orabug: 35824297 - netfilter: nftables: exthdr: fix 4-byte stack OOB write Florian Westphal Orabug: 35824297 - netfilter: xtsctp: validate the flaginfo count Wander Lairson Costa Orabug: 35824297 - netfilter: xtu3...
Unbreakable Enterprise kernel security update
5.4.17-2136.323.8.2 - netfilter: nfnetlinkosf: avoid OOB read Wander Lairson Costa Orabug: 35824307 - netfilter: xtsctp: validate the flaginfo count Wander Lairson Costa Orabug: 35824307 - netfilter: xtu32: validate user space input Wander Lairson Costa Orabug: 35824307 - netfilter: ipset: add th...
qemu security update
15:4.2.1-28.el7 - virtio-crypto: verify src&dst buffer length for sym request Zhenwei Pi Orabug: 35724113 CVE-2023-3180 - hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller CVE-2023-0330 Thomas Huth Orabug: 35724112 CVE-2023-0330 - kvm: Atomic memslot updates David Hildenbrand Orabug...
qemu security update
15:4.2.1-28.el7 - virtio-crypto: verify src&dst buffer length for sym request Zhenwei Pi Orabug: 35724113 CVE-2023-3180 - hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller CVE-2023-0330 Thomas Huth Orabug: 35724112 CVE-2023-0330 - kvm: Atomic memslot updates David Hildenbrand Orabug...
open-vm-tools security update
12.1.5-2.0.2.3 - Resolves: RHEL-4584 CVE-2023-20900 open-vm-tools: SAML token signature bypass...
Unbreakable Enterprise kernel security update
4.14.35-2047.529.3.2 - netfilter: xtsctp: validate the flaginfo count Wander Lairson Costa Orabug: 35824309 - netfilter: xtu32: validate user space input Wander Lairson Costa Orabug: 35824309 - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c Kyle Zeng Orabug:...
mariadb:10.3 security, bug fix, and enhancement update
galera 25.3.37-1 - Rebase to 25.3.37 Judy 1.0.5-18.0.1 - Rebuild Orabug: 31667911 mariadb 3:10.3.39-1 - MariaDB 10.3.32 socat: E Failed to set SNI host '' SST failure - Rebase to 10.3.39 - CVEs fixed: CVE-2022-47015, CVE-2018-25032, CVE-2022-32091, CVE-2022-32084...
kernel security, bug fix, and enhancement update
4.18.0-477.27.0.18.OL8 - bluetooth: Perform careful capability checks in hcisockioctl CVE-2023-2002 - ipvlan:Fix out-of-bounds caused by unclear skb-cb CVE-2023-3090 - net/sched: clsfw: Fix improper refcount update leads to use-after-free CVE-2023-3776 - netfilter: nftsetpipapo: fix improper...
open-vm-tools security update
12.1.5-1.0.2.3 - Resolves: RHEL-4584 CVE-2023-20900 open-vm-tools: SAML token signature bypass...
postgresql:15 security update
pgaudit pgrepack postgres-decoderbufs postgresql 15.3-1 - Update to upstream version 15.3 - Fixes: CVE-2023-2454 CVE-2023-2455 - Resolves: 2207934...
frr security and bug fix update
7.5.1-7.0.1.2 - Fix BFD crash in FRR running in MetalLB BZ2231829 - Fix for CVE-2023-38802...
ncurses security update
6.1-9.20180224.1 - fix buffer overflow on terminfo with too many capabilities CVE-2023-29491...
dmidecode security update
1:3.3-4.1 - Resolves: CVE-2023-30630...
libwebp security update
1.0.0-8.1 - Added fix for CVE-2023-4863...
frr security update
8.3.1-5.2 - Fix for CVE-2023-38802...
firefox security update
102.15.1-1.0.1 - Update to 102.15.1 build2...
thunderbird security update
102.15.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.15.1-1 - Update to 102.15.1...
firefox security update
102.15.1-1.0.1 - Update to 102.15.1 build2...
libwebp security update
1.2.0-7 - Added fix for CVE-2023-4863...
thunderbird security update
102.15.1-1.0.1 - Update to 102.15.1...
firefox security update
102.15.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.15.1-1 - Update to 102.15.1...