9182 matches found
cups-filters security update
1.20.0-29.0.1 - header/footer not being printed in banner page. Orabug: 28265099 [email protected] - Fixes Orabug: 29163824 source indentation not following convention [email protected] 1.20.0-29.2 - CVE-2023-24805 cups-filters: remote code execution in cups-filters, beh CUPS backend...
webkit2gtk3 security update
2.38.5-1.2 - Add patch for CVE-2023-28204 Resolves: 2209747 - Add patch for CVE-2023-32373 Resolves: 2209730...
webkit2gtk3 security update
2.38.5-1.4 - Add patch for CVE-2023-28204 Resolves: 2209744 - Add patch for CVE-2023-32373 Resolves: 2209727...
istio security update
istio 1.16.4-1 - Added Oracle specific files for 1.16.4-1 kubernetes 1.25.7-2 - libct/cg: add misc controller to v1 drivers upstream runc patch olcne 1.6.1-9 - Updated the CVE ID's in Istio-1.16.4 changelog entry 1.6.1-8 - Update Istio config to include 1.15.7 to support upgrade from 1.5.x to 1.6...
istio security update
istio 1.15.7-1 - Added Oracle specific files for 1.15.7-1 kubernetes 1.24.8-2 - libct/cg: add misc controller to v1 drivers upstream runc patch 1.24.8-1 - Added Oracle specific build files for Kubernetes olcne 1.5.12-6 - Updated the CVE ID's in Istio-1.15.7 changelog entry 1.5.12-5 - Bug fix -...
olcne security update
1.6.1-9 - Updated the CVE ID's in Istio-1.16.4 changelog entry 1.6.1-8 - Update Istio config to include 1.15.7 to support upgrade from 1.5.x to 1.6.x 1.6.1-7 - Bugfix:Append a slash in oci-instance-metada query url 1.6.1-6 - Fixed helm installation in OLCNE upgrade 1.6.1-5 - Deprecate...
istio security update
istio 1.16.4-1 - Added Oracle specific files for 1.16.4-1 kubernetes 1.25.7-2 - libct/cg: add misc controller to v1 drivers upstream runc patch olcne 1.6.1-9 - Updated the CVE ID's in Istio-1.16.4 changelog entry 1.6.1-8 - Update Istio config to include 1.15.7 to support upgrade from 1.5.x to 1.6...
istio security update
istio 1.15.7-1 - Added Oracle specific files for 1.15.7-1 kubernetes 1.24.8-2 - libct/cg: add misc controller to v1 drivers upstream runc patch 1.24.8-1 - Added Oracle specific build files for Kubernetes olcne 1.5.12-6 - Updated the CVE ID's in Istio-1.15.7 changelog entry 1.5.12-5 - Bug fix -...
virt:kvm_utils2 security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.1.1-6-el8 - CVE-2023-1544 is not applicable to Oracle QEMU 6.1.1 Karl Heubaum Orabug: 35305727 CVE-2023-1544 - virtio-gpu: do not byteswap padding Paolo Bonzini...
olcne security update
1.6.1-9 - Updated the CVE ID's in Istio-1.16.4 changelog entry 1.6.1-8 - Update Istio config to include 1.15.7 to support upgrade from 1.5.x to 1.6.x 1.6.1-7 - Bugfix:Append a slash in oci-instance-metada query url 1.6.1-6 - Fixed helm installation in OLCNE upgrade 1.6.1-5 - Deprecate...
qemu security update
15:4.2.1-26.el7 - migration: check magic value for deciding the mapping of channels manish.mishra Orabug: 34735462 - io: Add support for MSGPEEK for socket channel manish.mishra Orabug: 34735462 - migration: Move channel setup out of postcopytryrecover Peter Xu Orabug: 34735462 - vdpa: commit all...
kernel security and bug fix update
4.18.0-477.13.18.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
pcs security update
0.10.15-4.0.1.el88.1 - Replace HAM-logo.png with a generic one 0.10.15-4.el88.1 - Fix displaying differences between configuration checkpoints in pcs config checkpoint diff command - Fix pcs stonith update-scsi-devices command which was broken since Pacemaker-2.1.5-rc1 - Updated bundled rubygem...
mysql:8.0 security, bug fix, and enhancement update
mecab 0.996-2.12 - Bump version for 'mysql' module rebuild We are moving the 'mecab-devel' RPM from the 'buildroot' repo to the 'AppStream' repo - Resolves: 2180411 mecab-ipadic mysql 8.0.32-1 - Update to MySQL 8.0.32 8.0.31-1 - Update to MySQL 8.0.31...
emacs security update
1:26.1-10.2 - Bump release 1:26.1-10.1 - Bump release 1:26.1-10 - Fix ob-latex.el command injection vulnerability 2180586 1:26.1-9 - Fix MH-E mail composition with GNU Mailutils 1991156 1:26.1-8 - Fix ctags local command execute vulnerability 2149386...
go-toolset:ol8 security and bug fix update
delve 1.9.1-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.9.1-1 - Rebase to 1.9.1 - Related: rhbz2131026 golang 1.19.6-1 - Rebase to Go 1.19.6 - Resolves: rhbz2174430 1.19.4-2 - Fix memory leaks in EVPsign,verifyraw - Resolves: rhbz2132767 go-toolset 1.19.6-1 - Rebase to Go...
go-toolset:ol8 security update
delve 1.9.1-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.9.1-1 - Rebase to 1.9.1 - Related: rhbz2131026 golang 1.19.9-1 - Rebase to Go 1.19.9 - Resolves: rhbz2204473 go-toolset 1.19.9-1 - Rebase to Go 1.19.9 - Resolves: rhbz2204473...
go-toolset and golang security update
golang 1.19.9-2 - Fix TestEncryptOAEP and TLS failures in FIPS mode - Resolves: rhbz2204476 1.19.9-1 - Rebase to Go 1.19.9 - Resolves: rhbz2204476 go-toolset 1.19.9-1 - Update to Go 1.19.9 - Related: rhbz2204476...
curl security and bug fix update
7.61.1-30.el88.2 - sftp: do not specify OAPPEND when not in append mode 2187717 7.61.1-30.el88.1 - fix FTP too eager connection reuse CVE-2023-27535...
ctags security update
5.8-23 - CVE-2022-4515, arbitrary code execution issue Resolves: rhbz2153787...
libreswan security and bug fix update
4.9-2.0.1.2 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.9-2.2 - Update libreswan-4.9-2176248-authby-rsasig.patch 4.9-2.1 - Resolves: rhbz2187647 authby=rsasig fails in FIPS policy 4.9-2 - Fix CVE-2023-23009: remote DoS via crafted TS payload with an incorrect selector length...
poppler security update
20.11.0-6 - Check for overflow when computing number of symbols - in JBIG2 text region - Resolves: 2126361...
libtiff security update
4.0.9-27 - Fix various CVEs - Resolves: CVE-2022-3627 CVE-2022-3970...
grafana security update
7.5.15-4 - resolve CVE-2022-39229 grafana: using email as a username can block other users from signing in - resolve CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY - resolve CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps - resolve...
tigervnc security and bug fix update
1.12.0-15 - xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability Resolves: bz2180305 1.12.0-14 - SELinux: allow vncsession create .vnc directory Resolves: bz2164704 1.12.0-13 - Add sanity check when cleaning up keymap changes Resolves: bz2169960...
frr security and bug fix update
7.5.1-7.0.1 - Fix POSTIN scriptlet Orabug: 34712485 7.5.1-7 - Resolves: 2128737 - out-of-bounds read in the BGP daemon may lead to information disclosure or denial of service 7.5.1-6 - Resolves: 1939516 - frr service cannot reload itself, due to executing in the wrong SELinux context 7.5.1-5 -...
freerdp security update
2:2.2.0-10 - Fix 'implicit declaration of function' errors 2136153, 2145139 - 2:2.2.0-9 - CVE-2022-39282: Fix length checks in parallel driver 2136151 - CVE-2022-39283: Add missing length check in video channel 2136153 - CVE-2022-39316, CVE-2022-39317: Add missing length checks in zgfx 2145139 -...
thunderbird security update
102.11.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.11.0-1 - Update to 102.11.0 build1...
gssntlmssp security update
1.2.0-1 - New release 1.2.0 - Fix CVE-2023-25563: multiple out-of-bounds read when decoding NTLM fields - Fix CVE-2023-25564: memory corruption when decoding UTF16 strings - Fix CVE-2023-25565: incorrect free when decoding target information - Fix CVE-2023-25566: memory leak when parsing username...
libtar security update
1.2.20-17 - fix use-after-free bugs introduced by incorrect memleak fixes CVE-2021-33640 1.2.20-16 - fix memory leaks through gnulongname,link CVE-2021-33645 CVE-2021-33646 - fix out-of-bounds read in gnulongname,link CVE-2021-33643 CVE-2021-33644...
python-mako security update
1.0.6-14 - Fix CVE-2022-40023 2128977...
wayland security, bug fix, and enhancement update
1.21.0-1 - wayland 1.21.0 rhbz2137625...
device-mapper-multipath security and bug fix update
0.8.4-37 - Fix bugzilla linked to the changes was previously linked to the wrong bug, 2162537 - Resolves: bz 2166468 0.8.4-36 - Add 0129-libmultipath-select-resize-action-even-if-reload-is-.patch - Add 0130-libmultipath-cleanup-ACTCREATE-code-in-selectactio.patch - Add...
xorg-x11-server-Xwayland security update
21.1.3-10 - Fix CVE-2023-0494 2166972 21.1.3-9 - Follow-up fix for CVE-2022-46340 2151777 21.1.3-8 - CVE fix for: CVE-2022-4283 2151802, CVE-2022-46340 2151777, CVE-2022-46341 2151782, CVE-2022-46342 2151785, CVE-2022-46343 2151792, CVE-2022-46344 2151795 21.1.3-7 - Fix CVE-2022-3550, CVE-2022-35...
webkit2gtk3 security update
2.38.5-1.3 - Restore libwpe and wpebackend-fdo dependencies Related: 2185741 sort of 2.38.5-1.2 - Disable libwpe and wpebackend-fdo dependencies Related: 2185741 sort of 2.38.5-1.1 - Add patch for CVE-2023-28205 Resolves: 2185741 2.38.5-1 - Update to 2.38.5 Related: 2127468 2.38.4-1 - Update to...
git security update
2.39.3-1 - Update to 2.39.3 - Resolves: 2188364, 2188373, 2190157, 2190158...
grafana-pcp security update
3.2.0-3 - resolve CVE-2022-27664 grafana-pcp: golang: net/http: handle server errors after sending GOAWAY...
libreswan security update
4.9-3.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.9-3 - Fix CVE-2023-30570: Malicious IKEv1 Aggressive Mode packets can crash libreswan - Resolves: rhbz2187179...
bind9.16 security and bug fix update
32:9.16.23-0.14 - Handle subtle difference between upstream and rhel CVE-2022-3094 32:9.16.23-0.13 - Prevent flooding with UPDATE requests CVE-2022-3094 - Handle RRSIG queries when server-stale is active CVE-2022-3736 - Fix crash when soft-quota is reached and serve-stale is active CVE-2022-3924...
freeradius:3.0 security update
3.0.20-14 - Fix defect found by Covscan Resolves: 2151704 3.0.20-13 - Fix multiple CVEs - Add rpminspect configuration Resolves: 2151702 Resolves: 2151704 Resolves: 2151706...
xorg-x11-server security and bug fix update
1.20.11-15 - Rebuild for the missing debuginfo Related: rhbz2169522 1.20.11-14 - Fix xvfb-run script with --listen-tcp Resolves: rhbz2169522 1.20.11-13 - Fix CVE-2023-0494 2166977 1.20.11-12 - Follow-up fix for CVE-2022-46340 2151774 1.20.11-11 - CVE fix for: CVE-2022-4283 2151799, CVE-2022-46340...
webkit2gtk3 security and bug fix update
2.38.5-1 - Update to 2.38.5 Related: 2127468 2.38.4-1 - Update to 2.38.4 Related: 2127468 2.38.3-1 - Update to 2.38.3 Related: 2127468 2.38.2-1 - Update to 2.38.2 Related: 2127468 2.38.1-2 - Fix crashes on aarch64 Enable WPE renderer Related: 2127468 2.38.1-1 - Update to 2.38.1 Related: 2127468...
dhcp security and bug fix update
12:4.3.6-49 - Fix for CVE-2022-2928 - Fix for CVE-2022-2929 - send back dhcp6.vendor-opts again 2142024...
curl security and bug fix update
7.61.1-30 - fix HTTP multi-header compression denial of service CVE-2023-23916 7.61.1-29 - h2: lower initial window size to 32 MiB 2166254 7.61.1-28 - smb/telnet: fix use-after-free when HTTP proxy denies tunnel CVE-2022-43552 7.61.1-27 - upon HTTP11REQUIRED, retry the request with HTTP/1.1 21393...
gcc-toolset-12-binutils security update
2.38-17 - Fix an illegal memory access parsing a corrupt ELF file. 2153220...
unbound security and bug fix update
1.16.2-5 - Stop creating wrong devel manual pages 2135322 1.16.2-4 - Apply correctly previous change CVE-2022-3204 1.16.2-3 - Fix NRDelegation attack leading to uncontrolled resource consumption CVE-2022-3204...
php:7.4 security update
libzip 1.6.1-1 - update to 1.6.1 - enable lzma support 1.5.2-1 - update to 1.5.2 - add all explicit cmake options to ensure openssl is used even in local build with other lilbraries available 1.5.1-1 - update to 1.5.1 - drop dependency on zlib-devel and bzip2-devel no more referenced in libzip.pc...
Image Builder security, bug fix, and enhancement update
cockpit-composer 45-1.0.1 - Make per page documentation links point to Oracle Linux Orabug: 32013095 45-1 - New upstream release 44-1 - New upstream release 43-1 - New upstream release 42-1 - New upstream release 40-1 - New upstream release 39-1 - New upstream release 38-1 - New upstream release...
libarchive security update
3.3.3-5 - Fix for CVE-2022-36227...
git-lfs security and bug fix update
3.2.0-2 - Rebuild with Golang-1.19.4 - Resolves: 2163744 3.2.0-1 - Update to version 3.2.0 - Resolves: 2139382 2.13.3-2 - Define %gobuild macro with proper ldflags - Related: rhbz2021549 2.13.3-1 - Update to version 2.13.3 - Fixed round brackets in Provides - Moved manpages.tgz to look-a-side cac...