8998 matches found
nodejs and nodejs-nodemon security, bug fix, and enhancement update
nodejs 1:16.19.1-1 - Rebase to 16.19.1 - Resolves: rhbz2153714 - Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920 - Resolves: CVE-2022-25881 CVE-2022-4904 nodejs-nodemon 2.0.20-3 - Patch bundled glob-parent - Resolves: CVE-2021-35065...
qemu-kvm security update
6.1.1-6.el9 - Update changelog Karl Heubaum Orabug: 35343538 - ebpf: fix compatibility with libbpf 1.0+ Shreesh Adiga Orabug: 35268538 - ebpf: replace deprecated bpfprogramsetsocketfilter Haochen Tong Orabug: 35268538 - CVE-2023-1544 is not applicable to Oracle QEMU 6.1.1 Karl Heubaum Orabug:...
autotrace security update
0.31.1-65 - Resolves: rhbz2121828 Fix the gating tests by using only local test Upstream testsuite will not work as this package code is very old 0.31.1-64 - Resolves: rhbz2121828 CVE-2022-32323 - heap-buffer overflow via the ReadImage at input-bmp.c...
python-mako security update
1.1.4-6 - Fix CVE-2022-40023 2133606...
gstreamer1-plugins-good security update
1.18.4-6 - Fixes for CVE-2022-1920, CVE-2022-1921, CVE-2022-1922, CVE-2022-1923, CVE-2022-1924, CVE-2022-1925, CVE-2022-2122 Resolves: rhbz2131034, rhbz2131039, rhbz2131045, rhbz2131049, rhbz2131054, rhbz2131060, rhbz2131064...
libguestfs-winsupport security update
9.2-1 - Rebase to ntfs-3g 2022.5.17 - Fixes: CVE-2021-46790, CVE-2022-30783, CVE-2022-30784, CVE-2022-30785, CVE-2022-30786, CVE-2022-30787, CVE-2022-30788, CVE-2022-30789 resolves: rhbz2127235 rhbz2127242 also 2127264 2127250 2127257...
libtpms security update
0.9.1-3.20211126git1ff6fe1f43 - Backport 'tpm2: Check size of buffer before accessing it' CVE-2023-1017 & CVE-2023-1018 Resolves: rhbz2173960 Resolves: rhbz2173967...
frr security, bug fix, and enhancement update
8.3.1-5 - Resolves: 2147522 - It is not possible to run FRR as a non-root user 8.3.1-4 - Resolves: 2144500 - AVC error when reloading FRR with provided reload script 8.3.1-3 - Related: 2129743 - Adding missing rules for vtysh and other daemons 8.3.1-2 - Resolves: 2128738 - out-of-bounds read in t...
Image Builder security, bug fix, and enhancement update
cockpit-composer 45-1.0.1 - Make per page documentation links point to Oracle Linux Orabug: 32013095, Orabug:34398922 45-1 - New upstream release 44-1 - New upstream release 43-1 - New upstream release 42-1 - New upstream release osbuild 81-1 - New upstream release 80-1 - New upstream release 79-...
grafana security and enhancement update
9.0.9-2 - resolve CVE-2022-39229 grafana: Using email as a username can prevent other users from signing in - resolve CVE-2022-2880 CVE-2022-41715 grafana: various flaws 9.0.9-1 - update to 9.0.9 tagged upstream community sources, see CHANGELOG - resolve CVE-2022-35957 grafana: Escalation from...
wireshark security and bug fix update
1:3.4.10-4 - Resolves: 2152064 - CVE-2022-3190 wireshark: f5ethtrailer Infinite loop in legacy style dissector 1:3.4.10-3 - Resolves: 2083581 - capinfos aborts in FIPS 1:3.4.10-2 - Resolves: 2160648 - Enhanced TMT testing for centos-stream...
gdk-pixbuf2 security update
2.42.6-3 - Backport fixes for CVE-2021-46829 and CVE-2021-44648 - Resolves: rhbz2115213 - Resolves: rhbz2044346...
xorg-x11-server-Xwayland security update
21.1.3-7 - Fix CVE-2023-0494 2166974 21.1.3-6 - Follow-up fix for CVE-2022-46340 2151778 21.1.3-5 - CVE fix for: CVE-2022-4283 2151803, CVE-2022-46340 2151778, CVE-2022-46341 2151783, CVE-2022-46342 2151786, CVE-2022-46343 2151793, CVE-2022-46344 2151796 21.1.3-4 - Fix CVE-2022-3550, CVE-2022-355...
containernetworking-plugins security and bug fix update
1:1.2.0-1 - update to https://github.com/containernetworking/plugins/releases/tag/v1.2.0 - Related: 2124478...
git security and bug fix update
...
edk2 security, bug fix, and enhancement update
20221207gitfff6d81270b5-9 - edk2-remove-amd-sev-feature-flag-from-secure-boot-builds-.patch bz2169247 - Resolves: bz2169247 edk2 Install a sev guest with enrolled secure boot failed 20221207gitfff6d81270b5-8 - edk2-OvmfPkg-disable-dynamic-mmio-window-rhel-only.patch bz2174605 - Resolves: bz217460...
fence-agents security and bug fix update
4.10.0-43 - fencevmwaresoap: set logintimeout lower than default pcmkmonitortimeout 20s to remove tmp dirs Resolves: rhbz2122944 4.10.0-42 - fencing/fencewti: add --plug-separator to be able to avoid characters that are in node names Resolves: rhbz2152107 4.10.0-41 - fencescsi: skip key generatio...
buildah security and bug fix update
1.29.1-1.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 1:1.29.1-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.29 https://github.com/containers/buildah/commit/7fa17a8 - Related: 2124478 1:1.29.0-3 - update to the lates...
freeradius security and bug fix update
3.0.21-37 - Fix defect found by covscan Resolves: 2151705 3.0.21-36 - Fix multiple CVEs Resolves: 2151705 Resolves: 2151703 Resolves: 2151707 3.0.21-35 - Rebuild to add subpackages to CRB report Resolves: 2126380...
virt:kvm_utils security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libvirt 5.7.0-40 - build: change dependency to allow post install erasing of /usr/bin/nc Wim ten Have Orabug: 35289777 - util: Make virFileClose quiet on success Andrea Bolognani Orabug: 35090886 5.7.0-39 - exadata: update maxvcpus for vNUMA...
qemu-kvm security, bug fix, and enhancement update
7.2.0-14 - Rebuild for 9.2 release - Resolves: bz2173590 bugs in emulation of BMI instructions for libguestfs without KVM - Resolves: bz2156876 virtual networkrhel7.9guest qemu-kvm: vhost vring error in virtqueue 1: Invalid argument 22 7.2.0-13 -...
libarchive security update
3.5.3-4 - Resolves: CVE-2022-36227...
git-lfs security and bug fix update
3.2.0-1 - Update to 3.2.0 - Resolves: 2139383 2.13.3-4 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz1991688 2.13.3-3 - Rebuilt for RHEL 9 BETA for openssl 3.0 Related: rhbz1971065 2.13.3-2 - Fixed name of source tarball - Fixed date in the latest changelog entry - Related: 19525...
grafana-pcp security and enhancement update
5.1.1-1 - update to 5.1.1 tagged upstream community sources, see CHANGELOG - resolve CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY 5.0.0-4 - update to 5.0.0 tagged upstream community sources, see CHANGELOG - install plugin in /usr/share and create symlink from /var...
poppler security and bug fix update
21.01.0-14 - Check for overflow when computing number of symbols - in JBIG2 text region - Resolves: 2126364...
emacs security and bug fix update
1:27.2-8 - Use a 64KB page size for pdump 1979804 1:27.2-7 - Fix ctags local command execute vulnerability 2149387...
tigervnc security and bug fix update
1.12.0-13 - xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability Resolves: bz2180309 1.12.0-12 - SELinux: allow vncsession create .vnc directory Resolves: bz2164703 1.12.0-11 - Add sanity check when cleaning up keymap changes Resolves: bz2169965...
device-mapper-multipath security and bug fix update
0.8.7-20 - Add 0083-multipath.rules-fix-smart-bug-with-failed-valid-path.patch - Add 0084-libmultipath-limit-paths-that-can-get-wwid-from-envi.patch - Change how the installation dir for kpartxid is specified - Resolves: bz 1926147 0.8.7-19 - Fix bugzilla linked to the changes was previously link...
samba security, bug fix, and enhancement update
evolution-mapi 3.40.1-5 - Related: 2131993 Rebuild against samba 4.17 openchange 2.3-40 - Related: 2131993 Rebuild against samba 4.17 samba 4.17.5-102.0.1 - Fix memleak in nsswinbindinitgroupsdyn Orabug: 34994509 4.17.5-102 - resolves: rhbz2169980 - Fix winbind memory leak - resolves: rhbz2156056...
bind security and bug fix update
32:9.16.23-11 - Correct backport issue in statistics rendering fix 2126912 32:9.16.23-10 - Handle subtle difference between upstream and rhel CVE-2022-3094 32:9.16.23-9 - Prevent flooding with UPDATE requests CVE-2022-3094 - Handle RRSIG queries when server-stale is active CVE-2022-3736 - Fix cra...
pki-core security, bug fix, and enhancement update
jss 5.3.0-1 - Rebase to JSS 5.3.0 5.3.0-0.3.beta2 - Rebase to JSS 5.3.0-beta2 - Bug 2017098 - pki pkcs12-cert-add command failing with 'Unable to validate PKCS 12 file: Digests do not match' exception 5.3.0-0.2.beta1 - Rebase to JSS 5.3.0-beta1 ldapjdk 5.3.0-1 - Rebase to LDAP SDK 5.3.0...
postgresql-jdbc security update
42.2.27-1 - rebase to 42.2.27 - fix for CVE-2022-41946...
net-snmp security and bug fix update
1:5.9.1-9.0.1 - fix error index value when snmpget is used a proxy pass Orabug: 35010262 1:5.9.1-9 - fix CVE-2022-44792 and CVE-2022-44793 2141902 and 2141906 - fix memory leak when ipv6 disable set to 1 2151540 1:5.9.1-8 - fix default snmpd.conf file content 2067954...
jackson security update
jackson-annotations 2.14.1-1 - Update to version 2.14.1 - Resolves: 2070122 jackson-core 2.14.1-1 - Update to version 2.14.1 - Resolves: 2070122 jackson-databind 2.14.1-1 - Update to version 2.14.1 - Resolves: 2070122 jackson-jaxrs-providers 2.14.1-1 - Update to version 2.14.1 - Resolves: 2070122...
skopeo security and bug fix update
2:1.11.2-0.1 - update to the latest content of https://github.com/containers/skopeo/tree/release-1.11 https://github.com/containers/skopeo/commit/3f98753 - Related: 2124478 2:1.11.1-1 - update to https://github.com/containers/skopeo/releases/tag/v1.11.1 - Related: 2124478 2:1.11.0-1 - update to...
curl security update
7.76.1-23 - fix HTTP multi-header compression denial of service CVE-2023-23916 7.76.1-22 - smb/telnet: fix use-after-free when HTTP proxy denies tunnel CVE-2022-43552 7.76.1-21 - fix POST following PUT confusion CVE-2022-32221 7.76.1-20 - control code in cookie denial of service CVE-2022-35252...
unbound security update
1.16.2-3 - Fix NRDelegation attack leading to uncontrolled resource consumption CVE-2022-3204...
libtiff security update
4.4.0-7 - Fix CVE-2022-3970 - Resolves: CVE-2022-3970 4.4.0-6 - Fix CVE-2022-3597 CVE-2022-3626 CVE-2022-3599 CVE-2022-3570 CVE-2022-3598 CVE-2022-3627 - Resolves: CVE-2022-3597 CVE-2022-3626 CVE-2022-3599 CVE-2022-3570 CVE-2022-3598 CVE-2022-3627...
openssl security and bug fix update
3.0.7-6.0.1 - Replace upstream references Orabug: 34340177 1:3.0.7-6 - Fixes RNG slowdown in FIPS mode Resolves: rhbz2168224 1:3.0.7-5 - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free...
dhcp security and enhancement update
12:4.4.2-18.b1 - Fix for CVE-2022-2928 - Fix for CVE-2022-2929 - Use systemd-sysusers for dhcp user and group 2095396...
fwupd security and bug fix update
1.8.10-2.0.1 - Drop pesign.service restart in postun Orabug: 34760075 - Update signing certificate JIRA: OLDIS-16371 - Rebuild for SecureBoot signatures Orabug: 33801813 - Build with the updated Oracle certificate - Use oraclesecureboot301 as certdir Orabug: 29881368 - Use new signing certificate...
xorg-x11-server security and bug fix update
1.20.11-17 - Fix xvfb-run script with --listen-tcp Resolves: rhbz2172116 1.20.11-16 - CVE-2023-0494 2166973 1.20.11-15 - Follow-up fix for CVE-2022-46340 2151776 1.20.11-14 - CVE fix for: CVE-2022-4283 2151801, CVE-2022-46340 2151776, CVE-2022-46341 2151781, CVE-2022-46342 2151788, CVE-2022-46343...
lua security update
5.4.4-3 - Apply upstream patch for CVE-2022-28805...
podman security and bug fix update
4.4.1-3.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 2:4.4.1-3 - update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel https://github.com/containers/podman/commit/e1703bb - Related: 2124478 2:4.4.1-2 - update to the latest...
conmon security and bug fix update
2:2.1.7-1 - update to https://github.com/containers/conmon/releases/tag/v2.1.7 - Resolves: 2173697 2:2.1.6-1 - update to https://github.com/containers/conmon/releases/tag/v2.1.6 - Related: 2124478 2:2.1.5-1 - update to https://github.com/containers/conmon/releases/tag/v2.1.5 - Related: 2124478...
webkit2gtk3 security and bug fix update
2.38.5-1 - Update to 2.38.5 Related: 2127467 2.38.4-1 - Update to 2.38.4 Related: 2127467 2.38.3-1 - Update to 2.38.3 Related: 2127467 2.38.2-1 - Update to 2.38.2 Related: 2127467 2.38.1-2 - Fix use with aarch64 64 KiB page size Related: 2127467 2.38.1-1 - Update to 2.38.1 Resolves: 2127467...
freerdp security update
2:2.4.1-5 - Fix 'implicit declaration of function' errors 2136155, 2145140 - 2:2.4.1-4 - CVE-2022-39282: Fix length checks in parallel driver 2136152 - CVE-2022-39283: Add missing length check in video channel 2136154 - CVE-2022-39316, CVE-2022-39317: Add missing length checks in zgfx 2145140 -...
sysstat security and bug fix update
12.5.4-5.0.1 - add mpstat -H option to also display physically hotplugged vCPUs Orabug: 34683087 12.5.4-5 - Fix --dec argument validation rhbz2080650 12.5.4-4 - arithmetic overflow in allocatestructures on 32 bit systems CVE-2022-39377...
8.1 security update
php-pecl-apcu 5.1.21-1 - update to 5.1.21 for PHP 8.1 2070040 php-pecl-rrd 2.0.3-4 - build for PHP 8.1 2070040 php-pecl-xdebug3 3.1.4-1 - update to 3.1.4 for PHP 8.1 2070040 php-pecl-zip 1.20.1-1 - update to 1.20.1 for PHP 8.1 2070040 php 8.1.14-1 - rebase to 8.1.14 8.1.8-1 - update to 8.1.8...
krb5 security, bug fix, and enhancement update
1.20.1-8.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.20.1-8 - Fix datetime parsing in kadmin on s390x - Resolves: rhbz2169985 1.20.1-7 - Fix double free on kdb5util key creation failure - Resolves: rhbz2166603 1.20.1-6 - Add support for MS-PAC extended KDC signature...