9182 matches found
sssd security and bug fix update
1.16.5-10.0.3 - Revert Redhat's change of disallowing duplicated incomplete gid when 'idprovider=ldap' is used, which caused regression in AD environment. Orabug: 29286774 Doc ID 2605732.1 1.16.5-10.15 - Resolves: rhbz2149703 - smartcards: special characters must be escaped when building search...
postgresql-jdbc security update
42.2.18-6 - fix for CVE-2022-31197 Tue Aug 10 2021 Mohan Boddu - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz1991688...
libreoffice security update
7.1.8.1-8.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:7.1.8.1-8 - Resolves: rhbz2134759 Untrusted Macros - Resolves: rhbz2134757 Weak Master Keys - Resolves: rhbz2134755 Static...
expat security update
2.4.9-1.1 - CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate - Resolves: CVE-2022-43680...
libXpm security update
3.5.12-9 - Fix CVE-2022-46285: infinite loop on unclosed comments 2161800 - Fix CVE-2022-44617: runaway loop with width of 0 2161808 - Fix CVE-2022-4883: compression depends on /usr/local/bin:/usr/bin 2160238...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.362.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release notes for shenandoah-8u352-b08. - Fix broken links and missing release notes in older releases. - Drop RH1163501 patch which is not upstream or in 11, 17 & 19 packages and seems obsolete - Patch was broken by inclusion of...
nodejs and nodejs-nodemon security, bug fix, and enhancement update
nodejs 1:16.18.1-3 - Update sources of undici WASM blobs Resolves: rhbz2151617 1:16.18.1-2 - Add back libs and v8-devel subpackages - Related: RHBZ2121126 - Record previously fixed CVE - Resolves: CVE-2021-44906 1:16.18.1-1 - Rebase + CVEs - Resolves: 2142808 - Resolves: 2142826, 2131745, 2142855...
sudo security update
1.8.23-10.3 RHEL 7.9.Z ERRATUM - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user Resolves: rhbz2161222 1.8.23-10.2 - RHEL 7.9.Z ERRATUM - defaults usepty plus SELinux ROLE in user specification breaks terminal Resolves: rhbz1972820 1.8.23-10.1 - RHEL 7.9.Z ERRATUM -...
bind security update
32:9.11.4-26.P2.13 - Tighten cache protection against record from forwarders CVE-2021-25220 32:9.11.4-26.P2.12 - Include test of forwarders CVE-2021-25220 32:9.11.4-26.P2.11 - Prevent excessive resource use while processing large delegations. CVE-2022-2795...
curl security update
7.76.1-19.el91.1 - fix POST following PUT confusion CVE-2022-32221...
java-17-openjdk security and bug fix update
1:17.0.6.0.10-3.0.1 - Replace upstream references Orabug: 34340155 1:17.0.6.0.10-3 - Add missing release note for JDK-8295687 - Resolves: rhbz2160111 1:17.0.6.0.10-3 - Update FIPS support to bring in latest changes - OJ1357: Fix issue on FIPS with a SecurityManager in place - Related: rhbz2147476...
libXpm security update
3.5.12-2 - Fix CVE-2022-4883: compression commands depends on /usr/local/bin:/usr/bin 2161715...
sudo security update
1.9.5p2-7.1 RHEL 9.1.0.Z ERRATUM - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user Resolves: rhbz2161224...
sudo security update
1.8.29.8.1 RHEL 8.7.0.Z ERRATUM - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user Resolves: rhbz2161220...
qemu security update
15:4.2.1-24.el7 - Revert 'virtio-scsi: Send 'REPORTED LUNS CHANGED' sense data upon disk hotplug events' Mark Kanda Orabug: 34905939 15:4.2.1-23.el7 - hw/display/ati2d: Fix buffer overflow in ati2dblt CVE-2021-3638 Philippe Mathieu-Daude Orabug: 33930374 CVE-2021-3638 - tests/acpi: virt: update...
ruby:2.5 security update
ruby 2.5.9-110.0.1 - Fix for CVE-2022-28739 Orabug: 34824177...
java-11-openjdk security and bug fix update
11.0.18.0.10-2.0.1 - Replace upstream references Orabug: 34340155 1:11.0.18.0.10-2 - Update to jdk-11.0.18+10 GA - Update release notes to 11.0.18+10 - Switch to GA mode for release - This tarball is embargoed until 2023-01-17 @ 1pm PT. - Related: rhbz2157798 1:11.0.18.0.9-0.2.ea - Update to...
java-17-openjdk security and bug fix update
1:17.0.6.0.10-3 - Add missing release note for JDK-8295687 - Resolves: rhbz2160111 1:17.0.6.0.10-3 - Update FIPS support to bring in latest changes - OJ1357: Fix issue on FIPS with a SecurityManager in place - Related: rhbz2147473 1:17.0.6.0.10-3 - Fix flatpak builds by disabling TestTranslations...
java-11-openjdk security and bug fix update
1:11.0.18.0.10-1 - Update to jdk-11.0.18+10 GA - Update release notes to 11.0.18+10 - Switch to GA mode for release - This tarball is embargoed until 2023-01-17 @ 1pm PT. - Related: rhbz2157797 1:11.0.18.0.9-0.2.ea - Update to jdk-11.0.18+9 - Update release notes to 11.0.18+9 - Drop local copy of...
libreoffice security update
6.4.7.2-12.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:6.4.7.2-12 - Resolves: rhbz2134752 CVE-2022-26305 Untrusted Macros - Resolves: rhbz2134751 CVE-2022-26307 Weak Master Keys -...
dpdk security update
21.11-2 - Backport fixes for CVE-2022-2132 2107171...
libxml2 security update
2.9.7-15.1 - Fix CVE-2022-40303 2136562 - Fix CVE-2022-40304 2136567...
postgresql:10 security update
10.23-1 - Fix CVE-2022-2625 - Resolves: 2143167 - Rebase to 10.23...
systemd security and bug fix update
239-68.0.2.1 - Backport upstream pstore dmesg fix Orabug: 34850699 - Standardize ioctl BTRFSIOCQGROUPCREATE check and return -ENOTCONN, if quota is not enabled Orabug: 34694253 - Disable unprivileged BPF by default Orabug: 32870980 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev...
kernel security and bug fix update
4.18.0-425.10.1.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
.NET 6.0 security, bug fix, and enhancement update
6.0.113-1.0.1 - Add missing Oracle Linux Runtime IDs 6.0.113-1 - Update to .NET SDK 6.0.113 and Runtime 6.0.13 - Resolves: RHBZ2154458...
sqlite security update
3.26.0-17 - Fixed CVE-2022-35737...
libtasn1 security update
4.13-4 - Resolves: rhbz2140600...
libtiff security update
4.0.9-26 - Fix various CVEs - Resolves: CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 CVE-2022-2953 4.0.9-25 - Fix CVE-2022-2867 2118857 - Fix CVE-2022-2868 2118882 - Fix CVE-2022-2869 2118878 4.0.9-24 - Fix CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 - Resolves: 2103222...
dbus security update
1.12.8-23.0.1 - fix netlink poll: error 4 Zhenzhong Duan 1:1.12.8-23.1 - Fix CVE-2022-42010 2133644 - Fix CVE-2022-42011 2133638 - Fix CVE-2022-42012 2133632...
usbguard security update
1.0.0-8.2 - Fix unauthorized access via D-bus - Fix memory leak on D-bus connection failure Resolves: rhbz2127848...
Unbreakable Enterprise kernel security update
5.15.0-6.80.3.1 - Revert 'rds: ib: Enable FC by default' Hakon Bugge Orabug: 34964359 5.15.0-6.80.3 - net/mlx5: Suppress error logging on UCTX creation Marina Orabug: 34888471 - rds: ib: Fix leaked MRs during kexec Hakon Bugge Orabug: 34892082 - uek-rpm: Add ptpkvm.ko to core rpm Somasundaram...
Unbreakable Enterprise kernel-container security update
5.15.0-6.80.3.1 - Revert 'rds: ib: Enable FC by default' Hakon Bugge Orabug: 34964359 5.15.0-6.80.3 - net/mlx5: Suppress error logging on UCTX creation Marina Orabug: 34888471 - rds: ib: Fix leaked MRs during kexec Hakon Bugge Orabug: 34892082 - uek-rpm: Add ptpkvm.ko to core rpm Somasundaram...
expat security update
2.2.5-10.0.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-10.1 - CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate - Resolves: CVE-2022-43680...
grub2 security update
2.06-46.0.4 - Bump SBAT metadata for grub to 3 Orabug: 34872719 2.06-46.0.3 - Fix CVE-2022-2601 and CVE-2022-3775 Orabug: 34871953 - Enable signing for aarch64 EFI...
.NET 6.0 security, bug fix, and enhancement update
6.0.113-1.0.1 - Add missing Oracle Linux Runtime IDs 6.0.113-1 - Update to .NET SDK 6.0.113 and Runtime 6.0.13 - Resolves: RHBZ2154459...
istio security update
istio 1.13.9-1 - Added Oracle specific files for 1.13.9-1 olcne 1.4.10-1 - Upgraded istio-1.13.7 to istio-1.13.9 to resolve Istio CVE-2022-39278...
istio security update
istio 1.13.9-1 - Added Oracle specific files for 1.13.9-1 olcne 1.4.10-1 - Upgraded istio-1.13.7 to istio-1.13.9 to resolve Istio CVE-2022-39278...
istio security update
istio 1.15.3-1 - Added Oracle specific files for 1.15.3-1 olcne 1.5.10-2 - Update istio to 1.15.3 to address Istio CVE-2022-392787 1.5.9-1 - Fix a regression during provisioning where arguments for the externalip restriction webhook are handled incorrectly 1.5.8-4 - Fix 1.21 kubernetes version to...
istio security update
istio 1.15.3-1 - Added Oracle specific files for 1.15.3-1 olcne 1.5.10-2 - Update istio to 1.15.3 to address Istio CVE-2022-39278...
xorg-x11-server security update
1.20.4-21 - Follow-up fix for CVE-2022-46340 2151775 1.20.4-20 - CVE fix for: CVE-2022-4283 2151800, CVE-2022-46340 2151775, CVE-2022-46341 2151780, CVE-2022-46342 2151787, CVE-2022-46343 2151790, CVE-2022-46344 2151797...
Unbreakable Enterprise kernel security update
4.14.35-2047.521.4 - tcp: Tunables for TCP delayed ack min and max timers Venkat Venkatsubra Orabug: 34883100 4.14.35-2047.521.3 - Revert 'random: use expired timer rather than wq for mixing fast pool' Saeed Mirzamohammadi Orabug: 34918228 4.14.35-2047.521.2 - RDS/IB: Fix the misplaced counter...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.315.5 - Revert 'xfs: fix use-after-free on CIL context on shutdown' Sherry Yang Orabug: 34917369 5.4.17-2136.315.4 - net/mlx5: Suppress error logging on UCTX creation Marina Orabug: 34888473 - uek-rpm: Add ptpkvm.ko to nano rpm Somasundaram Krishnasamy Orabug: 33487655 - block: fix RO...
tigervnc security update
1.8.0-23 - Rebuild for xorg-x11-server CVEs Resolves: CVE-2022-4283 bz2154267 Resolves: CVE-2022-46340 bz2154261 Resolves: CVE-2022-46341 bz2154264 Resolves: CVE-2022-46342 bz2154262 Resolves: CVE-2022-46343 bz2154265 Resolves: CVE-2022-46344 bz2154266...
Unbreakable Enterprise kernel security update
5.4.17-2136.315.5 - Revert 'xfs: Lower CIL flush limit for large logs' Sherry Yang Orabug: 34917369 - Revert 'xfs: Throttle commits on delayed background CIL push' Sherry Yang Orabug: 34917369 - Revert 'xfs: fix use-after-free on CIL context on shutdown' Sherry Yang Orabug: 34917369...
nodejs:14 security, bug fix, and enhancement update
nodejs 1:14.21.1-2 - Apply upstream fix for CVE-2022-24999 Resolves: CVE-2022-24999 - Record CVEs fixed by current or previous upstream releases Resolves: CVE-2021-44906 1:14.21.1-1 - Rebase to version 14.21.1 Resolves: rhbz2129805 CVE-2022-43548 CVE-2022-3517...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.521.4.el7 - tcp: Tunables for TCP delayed ack min and max timers Venkat Venkatsubra Orabug: 34883100 4.14.35-2047.521.3.el7 - Revert 'random: use expired timer rather than wq for mixing fast pool' Saeed Mirzamohammadi Orabug: 34918228 4.14.35-2047.521.2.el7 - RDS/IB: Fix the misplace...
webkit2gtk3 security update
2.36.7-1.1 - Add patch for CVE-2022-42856 Resolves: 2153735...
webkit2gtk3 security update
2.36.7-1.1 - Add patch for CVE-2022-42856 Resolves: 2153738...
Unbreakable Enterprise kernel security update
4.1.12-124.70.2 - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882781 CVE-2022-4378 - proc: avoid integer type confusion in getproclong Linus Torvalds Orabug: 34882781 CVE-2022-4378 - netfilter: nfconntrackirc: Fix forged IP logic David Leadbeater Orabu...