9184 matches found
linux-firmware security update
20230516-999.22.git6c9e0ed5.el7 - remove amd-ucode/README Orabug: 35645306 - Resolves 'Zenbleed' Orabug: 35650345 CVE-2023-20593...
Unbreakable Enterprise kernel security update
4.1.12-124.77.2 - media: dm1105: Fix use after free bug in dm1105remove due to race condition Zheng Wang Orabug: 35514108 CVE-2023-35824 - media: dvb-core: Fix kernel WARNING for blocking operation in waitevent Takashi Iwai Orabug: 35477742 CVE-2023-31084 - media: dvbfrontend: fix locking issues ...
linux-firmware security update
20230516-999.22.git6c9e0ed5.el7 - remove amd-ucode/README Orabug: 35645306 - Resolves 'Zenbleed' Orabug: 35650345 CVE-2023-20593...
linux-firmware security update
20230516-999.22.git6c9e0ed5.el8 - remove amd-ucode/README Orabug: 35645306 - Resolves 'Zenbleed' Orabug: 35650345 CVE-2023-20593...
java-17-openjdk security and bug fix update
1:17.0.8.0.7-2.0.1 - OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 - OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 - OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 - harfbuzz: OpenJDK: On^2 growth via consecutive...
java-11-openjdk security and bug fix update
1:11.0.20.0.8-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:11.0.20.0.8-2 - Bump release number so we are newer than 9.0 - Related: rhbz2221106 1:11.0.20.0.8-1 - Update to jdk-11.0.20.0+8 GA - Update release notes to 11.0.20.0+8 - Drop local inclusion of JDK-8274864 & JDK-8305113 as they a...
linux-firmware security update
20230516-999.20.git6c9e0ed5.el9 - cd72938cb480 linux-firmware: Update AMD fam17h cpu microcode - 92624e57af69 linux-firmware: Update AMD cpu microcode 20230516-999.19.git6c9e0ed5.el9 - Rebase to upstream - Revert removal of old iwlwifi firmwares Orabug: 35260375...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.382.b05-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.382.b05-2 - CVE-2023-22045 and CVE-2023-22049 fixed - Release bump for Oracle rebuild 1:1.8.0.382.b05-1 - Update to shenandoah-jdk8u372-b05 GA - Update release notes for shenandoah-8u372-b05. - This tarball is embargoed...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.382.b05-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.382.b05-2 - CVE-2023-22045 and CVE-2023-22049 fixed - Release bump for Oracle rebuild 1:1.8.0.382.b05-1 - Update to shenandoah-jdk8u372-b05 GA - Update release notes for shenandoah-8u372-b05. - This tarball is embargoed...
linux-firmware security update
20230516-999.20.git6c9e0ed5.el7 - cd72938cb480 linux-firmware: Update AMD fam17h cpu microcode - 92624e57af69 linux-firmware: Update AMD cpu microcode...
linux-firmware security update
20230516-999.20.git6c9e0ed5.el8 - cd72938cb480 linux-firmware: Update AMD fam17h cpu microcode - 92624e57af69 linux-firmware: Update AMD cpu microcode 20230516-999.19.git6c9e0ed5.el8 - Rebase to upstream - Revert removal of old iwlwifi firmwares Orabug: 35260375...
linux-firmware security update
20230516-999.20.git6c9e0ed5.el7 - cd72938cb480 linux-firmware: Update AMD fam17h cpu microcode - 92624e57af69 linux-firmware: Update AMD cpu microcode 20230516-999.19.git6c9e0ed5.el7 - Rebase to upstream - Revert removal of old iwlwifi firmwares Orabug: 35260375...
java-17-openjdk security and bug fix update
1:17.0.8.0.7-2.0.1 - OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 - OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 - OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 - harfbuzz: OpenJDK: On^2 growth via consecutive...
java-11-openjdk security and bug fix update
1:11.0.20.0.8-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 - Fix tzdata requirement copy-and-paste error that led to two BuildRequires and no Requires 1:11.0.20.0.8-2 - Bump release number so we are newer than 9.0 - Related: rhbz2221106 1:11.0.20.0.8-1 - Update to jdk-11.0.20.0+8 GA - Updat...
kernel security, bug fix, and enhancement update
4.18.0-477.15.18.OL8 - net: tls: fix possible race condition between dotlsgetsockoptconf and dotlssetsockoptconf Hangyu Hua CVE-2023-28466...
kernel security and bug fix update
5.14.0-284.18.12 - cifs: fix wrong unlock before return from cifstreeconnect - docs: Remove the unnecessary unicode character - perf vendor events intel: Refresh ivytown metrics and events - perf vendor events: Update Intel ivytown - perf vendor events intel: Refresh jaketown metrics and events -...
firefox security update
102.13.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.13.0-2 - Update to 102.13.0 build2 102.13.0-1 - Update to 102.13.0 build1...
thunderbird security update
102.13.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.13.0-2 - Update to 102.13.0 build2 102.13.0-1 - Update to 102.13.0 build1...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.382.b05-1 - Update to shenandoah-jdk8u372-b05 GA - Update release notes for shenandoah-8u372-b05. - This tarball is embargoed until 2023-07-18 @ 1pm PT. - Resolves: rhbz2221106 1:1.8.0.382.b04-0.1.ea - Update to shenandoah-jdk8u382-b04 EA - Update release notes for shenandoah-8u382-b04. -...
java-11-openjdk security and bug fix update
1:11.0.20.0.8-1.0.1 - link atomic for ix86 build 1:11.0.20.0.8-1 - Update to jdk-11.0.20.0+8 GA - Update release notes to 11.0.20.0+8 - Switch to GA mode for release - This tarball is embargoed until 2023-07-18 @ 1pm PT. - Resolves: rhbz2221106 1:11.0.20.0.7-0.1.ea - Update to jdk-11.0.20+7 EA -...
webkit2gtk3 security update
2.38.5-1.3 - Disable JIT CVE-2023-32435, CVE-2023-32439...
webkit2gtk3 security update
2.38.5-1.5 - Disable JIT CVE-2023-32435, CVE-2023-32439...
bind security update
2:9.11.4-26.P2.14 - Prevent the cache going over the configured limit CVE-2023-2828...
bind security update
32:9.11.36-8.1 - Improve RBT overmem cache cleaning CVE-2023-2828...
pcs security update
0.11.4-7 - Fix displaying differences between configuration checkpoints in "pcs config checkpoint diff" command - Fix "pcs stonith update-scsi-devices" command which was broken since Pacemaker-2.1.5-rc1 - Fixed loading of cluster status in the web interface when fencing levels are configured -...
systemd security and bug fix update
239-74.0.4.2 - Fix CVE-2023-26604 - pager: set whenver we invoke a pager [email protected] 2175624 - pager: make pager secure when under euid is changed or explicitly requested [email protected] 2175624 - pager: lets check SYSTEMDPAGERSECURE with securegetenv...
bind9.16 security update
32:9.16.23-14.1 - Improve RBT overmem cache cleaning CVE-2023-2828...
nodejs:18 security update
nodejs 1:18.14.2-3 - Update bundled c-ares to 1.19.1 Resolves: CVE-2022-4904 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067...
bind security update
32:9.16.23-11.1 - Improve RBT overmem cache cleaning CVE-2023-2828...
nodejs:16 security update
nodejs 1:16.19.1-2 - Update bundled c-ares to 1.19.1 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067...
python39:3.9 and python39-devel:3.9 security update
python39 3.9.16-1.1 - Security fix for CVE-2023-24329...
grafana security update
9.0.9-3 - resolve CVE-2023-3128 grafana: Remove Email Lookup from oauth integrations rhbz2213701 rhbz2213626...
buildah security update
runc 1:1.1.4-1.0.1 - rootless: fix /sys/fs/cgroup mounts to prevent CVE-2023-25809 - rootfs: prohibit symlinks that conflicts with readonlyPaths and/or maskedPaths to prevent CVE-2023-27561 - Prohibit /proc and /sys to be symlinks to prevent CVE-2023-28642 - JIRA: OLDIS-25589...
.NET 7.0 security, bug fix, and enhancement update
7.0.109-1.0.1 - Set TargetRid based on os release major version, add OL arm64 RuntimeIdentifier Orabug: 34671152 7.0.109-1 - Update to .NET SDK 7.0.109 and Runtime 7.0.9 - Resolves: RHBZ2219632...
.NET 7.0 security, bug fix, and enhancement update
7.0.109-1.0.1 - Set TargetRid based on os release major version, add OL arm64 RuntimeIdentifier Orabug: 34671152 7.0.109-1 - Update to .NET SDK 7.0.109 and Runtime 7.0.9 - Resolves: RHBZ2219632...
aardvark-dns security update
runc 1:1.1.4-1.0.1 - rootless: fix /sys/fs/cgroup mounts to prevent CVE-2023-25809 - rootfs: prohibit symlinks that conflicts with readonlyPaths and/or maskedPaths to prevent CVE-2023-27561 - Prohibit /proc and /sys to be symlinks to prevent CVE-2023-28642 - JIRA: OLDIS-25589...
thunderbird security update
102.13.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.13.0-2 - Update to 102.13.0 build2 102.13.0-1 - Update to 102.13.0 build1...
.NET 6.0 security, bug fix, and enhancement update
6.0.120-1.0.1 - Add missing Oracle Linux Runtime IDs 6.0.120-1 - Update to .NET SDK 6.0.120 and Runtime 6.0.20 - Resolves: RHBZ2219637...
.NET 6.0 security, bug fix, and enhancement update
6.0.120-1.0.1 - Add missing Oracle Linux Runtime IDs 6.0.120-1 - Update to .NET SDK 6.0.120 and Runtime 6.0.20 - Resolves: RHBZ2219637...
firefox security update
102.13.0-2.0.1 - Updated homepages to use https Orabug: 34648274 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.13.0-2 - Update to 102.13.0 build2 102.13.0-1 - Update to 102.13.0 build1...
firefox security update
102.13.0-2.0.1 - Updated homepages to use https Orabug: 34648274 102.13.0-2 - Update to 102.13.0 build2 102.13.0-1 - Update to 102.13.0 build1...
thunderbird security update
102.13.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.13.0-2 - Update to 102.13.0 build2 102.13.0-1 - Update to 102.13.0 build1...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.321.4.el8 - tick/common: Align tick period during schedtimer setup Thomas Gleixner Orabug: 35520079 - net/rds: Fix endless rdssendxmit loop if cpindex 0 Gerd Rausch Orabug: 35510149 5.4.17-2136.321.3.el8 - selinux: don't use make's grouped targets feature yet Paul Moore - lib: cpurmap...
Unbreakable Enterprise kernel security update
5.4.17-2136.321.4 - tick/common: Align tick period during schedtimer setup Thomas Gleixner Orabug: 35520079 - net/rds: Fix endless rdssendxmit loop if cpindex 0 Gerd Rausch Orabug: 35510149 5.4.17-2136.321.3 - selinux: don't use make's grouped targets feature yet Paul Moore - lib: cpurmap: Fix...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.321.4.el7 - tick/common: Align tick period during schedtimer setup Thomas Gleixner Orabug: 35520079 - net/rds: Fix endless rdssendxmit loop if cpindex 0 Gerd Rausch Orabug: 35510149 5.4.17-2136.321.3.el7 - selinux: don't use make's grouped targets feature yet Paul Moore - lib: cpurmap...
python38:3.8 and python38-devel:3.8 security update
babel 2.7.0-11 - Fix CVE-2021-20095 Resolves: rhbz1955615 Cython 0.29.14-4 - Exclude unsupported i686 arch modwsgi 4.6.8-4 - Core dumped upon file upload = 1GB Resolves: rhbz2125171 numpy 1.17.3-6 - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz1933055 python38...
python27:2.7 security update
babel 2.5.1-10 - Fix CVE-2021-20095 Resolves: rhbz1955615 Cython 0.28.1-7 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 numpy 1:1.14.2-16 - Fix include path - Related: rhbz1907601 pytest python2 2.7.18-13.0.1.1 - Fix for CVE-2023-24329 - Add missing part of fix f...
ruby:2.7 security, bug fix, and enhancement update
ruby 2.7.8-139 - Upgrade to Ruby 2.7.8. Resolves: rhbz2149262 - Fix HTTP response splitting in CGI. Resolves: CVE-2021-33621 - Fix ReDoS vulnerability in URI. Resolves: CVE-2023-28755 - Fix ReDoS vulnerability in Time. Resolves: CVE-2023-28756 rubygem-abrt 0.4.0-1 - Update to abrt 0.4.0. Resolves...
open-vm-tools security update
12.1.5-1.0.2 - CISA Major Incident CVE-2023-20867 open-vm-tools: authentication bypass vulnerability in the vgauth module...
open-vm-tools security update
12.1.5-1.0.2 - CISA Major Incident CVE-2023-20867 open-vm-tools: authentication bypass vulnerability in the vgauth module...