8998 matches found
thunderbird security update
102.7.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.7.1-1 - Update to 102.7.1 build1 102.7.0-1 - Update to 102.7.0 build1...
libtasn1 security update
4.16.0-9 - Resolves: rhbz2140602...
kernel security and bug fix update
5.14.0-162.12.11.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
kernel security and bug fix update
3.10.0-1160.83.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.83.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...
libXpm security update
3.5.13-8 - Fix CVE-2022-46285: infinite loop on unclosed comments 2160230 - Fix CVE-2022-44617: runaway loop with width of 0 2160232 - Fix CVE-2022-4883: compression depends on /usr/local/bin:/usr/bin 2160242...
usbguard security update
1.0.0-10.2 - Fix dbus memory leak on connection failure - Fix unauthorized access via D-bus Resolves: rhbz2127877...
sssd security and bug fix update
1.16.5-10.0.3 - Revert Redhat's change of disallowing duplicated incomplete gid when 'idprovider=ldap' is used, which caused regression in AD environment. Orabug: 29286774 Doc ID 2605732.1 1.16.5-10.15 - Resolves: rhbz2149703 - smartcards: special characters must be escaped when building search...
libtiff security update
4.4.0-5 - Bump release - Resolves: CVE-2022-2953 4.4.0-4 - Resolves: CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 4.4.0-3 - Fix CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 - Resolves: 2106768...
firefox security update
102.7.0-1.0.1 - Updated homepages to use https Orabug: 34648274 102.7.0-1 - Update to 102.7.0 build1 102.6.0-2 - Add firefox-x11 subpackage to allow explicit run of firefox under x11 on RHEL9...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.362.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release notes for shenandoah-8u352-b08. - Fix broken links and missing release notes in older releases. - Drop RH1163501 patch which is not upstream or in 11, 17 & 19 packages and seems obsolete - Patch was broken by inclusion of...
dbus security update
1.12.20-7.0.1 - fix netlink poll: error 4 Zhenzhong Duan 1:1.12.20-7 - Fix CVE-2022-42010 2133647 - Fix CVE-2022-42011 2133641 - Fix CVE-2022-42012 2133635...
libxml2 security update
2.9.13-3 - Fix CVE-2022-40303 2136564 - Fix CVE-2022-40304 2136569...
bind security update
32:9.11.4-26.P2.13 - Tighten cache protection against record from forwarders CVE-2021-25220 32:9.11.4-26.P2.12 - Include test of forwarders CVE-2021-25220 32:9.11.4-26.P2.11 - Prevent excessive resource use while processing large delegations. CVE-2022-2795...
firefox security update
102.7.0-1.0.1 - Updated homepages to use https Orabug: 34648274 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.7.0-1 - Update to 102.7.0 build1 102.6.0-2 - Add firefox-x11 subpackage to allow explicit run of firefox under x11 on...
sqlite security update
3.34.1-6 - Fixes CVE-2022-35737...
curl security update
7.76.1-19.el91.1 - fix POST following PUT confusion CVE-2022-32221...
postgresql-jdbc security update
42.2.18-6 - fix for CVE-2022-31197 Tue Aug 10 2021 Mohan Boddu - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz1991688...
java-11-openjdk security and bug fix update
1:11.0.18.0.10-1 - Update to jdk-11.0.18+10 GA - Update release notes to 11.0.18+10 - Switch to GA mode for release - This tarball is embargoed until 2023-01-17 @ 1pm PT. - Related: rhbz2150192 1:11.0.18.0.9-0.2.ea - Update to jdk-11.0.18+9 - Update release notes to 11.0.18+9 - Drop local copy of...
expat security update
2.4.9-1.1 - CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate - Resolves: CVE-2022-43680...
nodejs and nodejs-nodemon security, bug fix, and enhancement update
nodejs 1:16.18.1-3 - Update sources of undici WASM blobs Resolves: rhbz2151617 1:16.18.1-2 - Add back libs and v8-devel subpackages - Related: RHBZ2121126 - Record previously fixed CVE - Resolves: CVE-2021-44906 1:16.18.1-1 - Rebase + CVEs - Resolves: 2142808 - Resolves: 2142826, 2131745, 2142855...
libreoffice security update
7.1.8.1-8.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:7.1.8.1-8 - Resolves: rhbz2134759 Untrusted Macros - Resolves: rhbz2134757 Weak Master Keys - Resolves: rhbz2134755 Static...
bash security update
5.1.8-6 - Add a null check in parameterbracetransform function Resolves: CVE-2022-3715...
libXpm security update
3.5.12-9 - Fix CVE-2022-46285: infinite loop on unclosed comments 2161800 - Fix CVE-2022-44617: runaway loop with width of 0 2161808 - Fix CVE-2022-4883: compression depends on /usr/local/bin:/usr/bin 2160238...
go-toolset and golang security and bug fix update
golang 1.18.9-1 - Rebase to Go 1.18.9 - Enable big endian support for fips mode - Fix ppc64le linker issue - Resolves: rhbz2144547 - Resolves: rhbz2149311 go-toolset 1.18.9-1 - Rebase to Go 1.18.9 - Enable big endian support for fips mode - Fix ppc64le linker issue - Resolves: rhbz2144547 -...
sudo security update
1.8.23-10.3 RHEL 7.9.Z ERRATUM - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user Resolves: rhbz2161222 1.8.23-10.2 - RHEL 7.9.Z ERRATUM - defaults usepty plus SELinux ROLE in user specification breaks terminal Resolves: rhbz1972820 1.8.23-10.1 - RHEL 7.9.Z ERRATUM -...
firefox security update
102.7.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.7.0-1 - Update to 102.7.0 build1 102.6.0-2 - Add firefox-x11 subpackage to allow explicit run of...
libXpm security update
3.5.12-2 - Fix CVE-2022-4883: compression commands depends on /usr/local/bin:/usr/bin 2161715...
java-17-openjdk security and bug fix update
1:17.0.6.0.10-3.0.1 - Replace upstream references Orabug: 34340155 1:17.0.6.0.10-3 - Add missing release note for JDK-8295687 - Resolves: rhbz2160111 1:17.0.6.0.10-3 - Update FIPS support to bring in latest changes - OJ1357: Fix issue on FIPS with a SecurityManager in place - Related: rhbz2147476...
sudo security update
1.8.29.8.1 RHEL 8.7.0.Z ERRATUM - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user Resolves: rhbz2161220...
qemu security update
15:4.2.1-24.el7 - Revert 'virtio-scsi: Send 'REPORTED LUNS CHANGED' sense data upon disk hotplug events' Mark Kanda Orabug: 34905939 15:4.2.1-23.el7 - hw/display/ati2d: Fix buffer overflow in ati2dblt CVE-2021-3638 Philippe Mathieu-Daude Orabug: 33930374 CVE-2021-3638 - tests/acpi: virt: update...
sudo security update
1.9.5p2-7.1 RHEL 9.1.0.Z ERRATUM - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user Resolves: rhbz2161224...
ruby:2.5 security update
ruby 2.5.9-110.0.1 - Fix for CVE-2022-28739 Orabug: 34824177...
java-11-openjdk security and bug fix update
11.0.18.0.10-2.0.1 - Replace upstream references Orabug: 34340155 1:11.0.18.0.10-2 - Update to jdk-11.0.18+10 GA - Update release notes to 11.0.18+10 - Switch to GA mode for release - This tarball is embargoed until 2023-01-17 @ 1pm PT. - Related: rhbz2157798 1:11.0.18.0.9-0.2.ea - Update to...
libreoffice security update
6.4.7.2-12.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:6.4.7.2-12 - Resolves: rhbz2134752 CVE-2022-26305 Untrusted Macros - Resolves: rhbz2134751 CVE-2022-26307 Weak Master Keys -...
java-17-openjdk security and bug fix update
1:17.0.6.0.10-3 - Add missing release note for JDK-8295687 - Resolves: rhbz2160111 1:17.0.6.0.10-3 - Update FIPS support to bring in latest changes - OJ1357: Fix issue on FIPS with a SecurityManager in place - Related: rhbz2147473 1:17.0.6.0.10-3 - Fix flatpak builds by disabling TestTranslations...
java-11-openjdk security and bug fix update
1:11.0.18.0.10-1 - Update to jdk-11.0.18+10 GA - Update release notes to 11.0.18+10 - Switch to GA mode for release - This tarball is embargoed until 2023-01-17 @ 1pm PT. - Related: rhbz2157797 1:11.0.18.0.9-0.2.ea - Update to jdk-11.0.18+9 - Update release notes to 11.0.18+9 - Drop local copy of...
dpdk security update
21.11-2 - Backport fixes for CVE-2022-2132 2107171...
libxml2 security update
2.9.7-15.1 - Fix CVE-2022-40303 2136562 - Fix CVE-2022-40304 2136567...
systemd security and bug fix update
239-68.0.2.1 - Backport upstream pstore dmesg fix Orabug: 34850699 - Standardize ioctl BTRFSIOCQGROUPCREATE check and return -ENOTCONN, if quota is not enabled Orabug: 34694253 - Disable unprivileged BPF by default Orabug: 32870980 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev...
postgresql:10 security update
10.23-1 - Fix CVE-2022-2625 - Resolves: 2143167 - Rebase to 10.23...
kernel security and bug fix update
4.18.0-425.10.1.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
usbguard security update
1.0.0-8.2 - Fix unauthorized access via D-bus - Fix memory leak on D-bus connection failure Resolves: rhbz2127848...
.NET 6.0 security, bug fix, and enhancement update
6.0.113-1.0.1 - Add missing Oracle Linux Runtime IDs 6.0.113-1 - Update to .NET SDK 6.0.113 and Runtime 6.0.13 - Resolves: RHBZ2154458...
libtasn1 security update
4.13-4 - Resolves: rhbz2140600...
libtiff security update
4.0.9-26 - Fix various CVEs - Resolves: CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 CVE-2022-2953 4.0.9-25 - Fix CVE-2022-2867 2118857 - Fix CVE-2022-2868 2118882 - Fix CVE-2022-2869 2118878 4.0.9-24 - Fix CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 - Resolves: 2103222...
.NET 6.0 security, bug fix, and enhancement update
6.0.113-1.0.1 - Add missing Oracle Linux Runtime IDs 6.0.113-1 - Update to .NET SDK 6.0.113 and Runtime 6.0.13 - Resolves: RHBZ2154459...
grub2 security update
2.06-46.0.4 - Bump SBAT metadata for grub to 3 Orabug: 34872719 2.06-46.0.3 - Fix CVE-2022-2601 and CVE-2022-3775 Orabug: 34871953 - Enable signing for aarch64 EFI...
Unbreakable Enterprise kernel security update
5.15.0-6.80.3.1 - Revert 'rds: ib: Enable FC by default' Hakon Bugge Orabug: 34964359 5.15.0-6.80.3 - net/mlx5: Suppress error logging on UCTX creation Marina Orabug: 34888471 - rds: ib: Fix leaked MRs during kexec Hakon Bugge Orabug: 34892082 - uek-rpm: Add ptpkvm.ko to core rpm Somasundaram...
dbus security update
1.12.8-23.0.1 - fix netlink poll: error 4 Zhenzhong Duan 1:1.12.8-23.1 - Fix CVE-2022-42010 2133644 - Fix CVE-2022-42011 2133638 - Fix CVE-2022-42012 2133632...
expat security update
2.2.5-10.0.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-10.1 - CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate - Resolves: CVE-2022-43680...