8998 matches found
squid security update
7:5.2-1.2 - Resolves: 2130251 - CVE-2022-41318 squid: buffer-over-read in SSPI and SMB authentication...
expat security update
2.1.0-15.0.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910302 2.1.0-15 - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674...
expat security update
2.2.10-12.3 - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674...
prometheus-jmx-exporter security update
0.12.0-8 - Bump snakeyaml version to 1.32 to collect fix for CVE-2022-25857 BZ 2128477...
kubernetes security update
kubernetes 1.21.14-2 - Fixed kubernetes-cni version. 1.21.14-1 - Addresses CVE-2022-3172 olcne 1.4.8-2 - Updated Kubernetes package release version to 1.21.6-2 1.4.8-1 - Upgraded kubernetes-1.21.6 to 1.21.14 - Resolve Kubernetes CVE-2022-3172 for version 1.21 1.4.7-1 - Upgrade Istio from 1.13.5 t...
squid:4 security update
libecap squid 7:4.15-3.1 - Resolves: 2100782 - CVE-2021-46784 squid:4/squid: DoS when processing gopher server responses...
bind security update
32:9.11.36-3.1 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178...
kubernetes security update
kubernetes 1.21.14-2 - Fixed kubernetes-cni version. 1.21.14-1 - Addresses CVE-2022-3172 olcne 1.4.8-2 - Updated Kubernetes package release version to 1.21.6-2 1.4.8-1 - Upgraded kubernetes-1.21.6 to 1.21.14 - Resolve Kubernetes CVE-2022-3172 for version 1.21 1.4.7-1 - Upgrade Istio from 1.13.5 t...
bind9.16 security update
32:9.16.23-0.7.1 - Fix possible serve-stale related crash CVE-2022-3080 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178...
bind security update
32:9.16.23-1.1 - Fix possible serve-stale related crash CVE-2022-3080 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178...
Unbreakable Enterprise kernel security update
4.1.12-124.67.3 - media: imon: Fix null-ptr-deref in imonprobe Arvind Yadav Orabug: 31225377 CVE-2017-16537 - fbcon: remove soft scrollback code Linus Torvalds Orabug: 31914703 CVE-2020-14390 - inet: use bigger hash table for IP ID generation Eric Dumazet Orabug: 33778986 CVE-2021-45486 - ipv4:...
kubernetes security update
kubernetes 1.22.14-1 - Added Oracle specific build files for Kubernetes kubernetes 1.23.11-1 - Added Oracle specific build files for Kubernetes olcne 1.5.6-1 - Upgraded kubernetes-1.23.7 to 1.23.11, 1.22.8 to 1.22.14 and 1.21.6 to 1.21.14 - Resolve Kubernetes CVE-2022-3172 for version 1.21 -...
kubernetes security update
kubernetes 1.22.14-1 - Added Oracle specific build files for Kubernetes kubernetes 1.23.11-1 - Added Oracle specific build files for Kubernetes olcne 1.5.6-1 - Upgraded kubernetes-1.23.7 to 1.23.11, 1.22.8 to 1.22.14 and 1.21.6 to 1.21.14 - Resolve Kubernetes CVE-2022-3172 for version 1.21 -...
squid security update
7:4.11-3.0.1...
bind security update
32:9.11.4-26.P2.10 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178...
firefox security update
102.3.0-6.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.3.0-6 - Update to 102.3.0 build1...
firefox security update
102.3.0-6.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.3.0-6 - Update to 102.3.0 build1...
thunderbird security update
102.3.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.3.0-3 - Update to 102.3.0 build1...
thunderbird security update
102.3.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.3.0-3 - Update to 102.3.0 build1...
webkit2gtk3 security update
2.36.7-1 - Update to 2.36.7 Related: 2123429...
Unbreakable Enterprise kernel security update
5.4.17-2136.311.6 - Revert 'KVM: x86: Print error code in exception injection tracepoint iff valid' Sherry Yang Orabug: 34535896 5.4.17-2136.311.5 - netfilter: nftables: do not allow RULEID to refer to another chain Thadeu Lima de Souza Cascardo Orabug: 34495567 CVE-2022-2586 - netfilter: nftable...
kernel security, bug fix, and enhancement update
5.14.0-70.26.1.0.10.OL9 - lockdown: also lock down previous kgdb use Daniel Thompson Orabug: 34290418 CVE-2022-21499 5.14.0-70.26.10.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted...
mysql security, bug fix, and enhancement update
8.0.30-3 - Release bump for rebuild 8.0.30-1 - Update to MySQL 8.0.30 - Remove patches now upstream: chain certs, OpenSSL 3, s390 and robin hood - Add a new plugin 8.0.29-1 - Update to MySQL 8.0.29...
nodejs and nodejs-nodemon security and bug fix update
nodejs 16.16.0-1 - Rebase to version 16.16.0 Resolves: RHBZ2106290 Resolves: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 16.14.0-5 - Decouple dependency bundling from bootstrapping nodejs-nodemon...
Unbreakable Enterprise kernel-container security update
5.15.0-2.52.3.el8 - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Thadeu Lima de Souza Cascardo Orabug: 34495548 CVE-2022-2585 - fix race between exititimers and /proc/pid/timers Oleg Nesterov Orabug: 34495548 - rds: ib: Add preemption control when using per-cpu variables...
gnupg2 security update
2.3.3-2 - Fix CVE-2022-34903 2108449...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.311.6 - Revert 'KVM: x86: Print error code in exception injection tracepoint iff valid' Sherry Yang Orabug: 34535896 5.4.17-2136.311.5 - netfilter: nftables: do not allow RULEID to refer to another chain Thadeu Lima de Souza Cascardo Orabug: 34495567 CVE-2022-2586 - netfilter: nftable...
dbus-broker security update
28-5.1 - Fix a stack buffer over-read in the c-shquote library - Fix null pointer reference when supplying a malformed XML config file - Add gating.yaml Resolves: CVE-2022-31212 Resolves: CVE-2022-31213...
webkit2gtk3 security update
2.36.7-1 - Update to 2.36.7 Related: 2123430...
Unbreakable Enterprise kernel security update
5.15.0-2.52.3 - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Thadeu Lima de Souza Cascardo Orabug: 34495548 CVE-2022-2585 - fix race between exititimers and /proc/pid/timers Oleg Nesterov Orabug: 34495548 - rds: ib: Add preemption control when using per-cpu variables Hakon...
ruby security, bug fix, and enhancement update
3.0.4-160 - Upgrade to Ruby 3.0.4. Resolves: rhbz2109428 - OpenSSL test suite fixes due to disabled SHA1. Related: rbhz2109428 - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739...
kernel security update
2.6.32-754.35.1.0.7.OL6 - bluetooth: eliminate the potential race condition when removing the HCI controller Lin Ma CVE-2021-32399 Orabug: 33763116 - RDMA/ucma: Put a lock around every call to the rdmacm layer Jason Gunthorpe Orabug: 33763116 - RDMA/cma: Add missing locking to rdmaaccept Leon...
Unbreakable Enterprise kernel security update
4.14.35-2047.517.3 - KVM: x86: use raw clock values consistently Paolo Bonzini Orabug: 34575637 - KVM: x86: reorganize pvclockgtoddata members Paolo Bonzini Orabug: 34575637 - KVM: x86: switch KVMCLOCK base to monotonic raw clock Marcelo Tosatti Orabug: 34575637 4.14.35-2047.517.2 - kernfs: Repla...
php:7.4 security update
php-pear 1:1.10.13-1 - update PEAR to 1.10.13 - update ArchiveTar to 1.4.14...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.517.3.el7 - KVM: x86: use raw clock values consistently Paolo Bonzini Orabug: 34575637 - KVM: x86: reorganize pvclockgtoddata members Paolo Bonzini Orabug: 34575637 - KVM: x86: switch KVMCLOCK base to monotonic raw clock Marcelo Tosatti Orabug: 34575637 4.14.35-2047.517.2.el7 - kernf...
ruby:3.0 security, bug fix, and enhancement update
ruby 3.0.4-141 - Upgrade to Ruby 3.0.4. Resolves: rhbz2109431 Resolves: rhbz2110981 - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739...
kernel security update
2.6.32-754.35.1.0.6.OL6 :digitoepollctl: clean the failure exits up a bit Marc Zyngier CVE-2020-0466 Orabug: 34086960 - epoll: Keep a reference on files added to the check list Al Viro CVE-2020-0466 Orabug: 34086960 - fix regression in 'epoll: Keep a reference on files added to the check list Al...
.NET Core 3.1 security and bugfix update
3.1.423-1.0.1 - Add missing Oracle Linux Runtime IDs 3.1.423-1 - Update to .NET SDK 3.1.423 and Runtime 3.1.29 - Resolves: RHBZ2123785...
nodejs:14 security and bug fix update
nodejs 1:14.20.0-2 - Replace with macros with RPM confitionals - Unify configure calls into single command - Refactor bootstrap-related parts - Decouple dependency bundling from bootstrapping - Resolves: RHBZ2111417 1:14.20.0-1 - Rebase to latest version - Resolves: RHBZ2106367 - CVE fixes for...
.NET 6.0 security and bugfix update
6.0.109-1.0.1 - Add missing Oracle RIDs 6.0.109-1 - Update to .NET SDK 6.0.109 and Runtime 6.0.9 - Resolves: RHBZ2123789...
ruby:2.7 security, bug fix, and enhancement update
ruby 2.7.6-138 - Upgrade to Ruby 2.7.6. Resolves: rhbz2109424 - Fix FTBFS due to an incompatible load directive. Related: rhbz2109424 - Fix a fiddle import test on an optimized glibc on Power 9. Related: rhbz2109424 - Fix regular Expression Denial of Service Vulnerability of Date Parsing Methods...
nodejs:16 security and bug fix update
nodejs 1:16.16.0-3 - Fix build - Resolves: RHBZ2111416 1:16.16.0-2 - Refactor spec - Resolves: RHBZ2111416 1:16.16.0-1 - Rebase to latest version - Resolves: RHBZ2106369 - CVE fixes for CVE-2022-32212/3/4/5 - Resolves: 2109578, 2109581, 2109584, 2109588 nodejs-nodemon 2.0.19-2 - Switched from...
mariadb:10.3 security and bug fix update
galera 25.3.35-1 - Rebase to 25.3.35 mariadb 3:10.3.35-1 - Rebase to 10.3.35 3:10.3.34-1 - Rebase to 10.3.34...
rsyslog rsyslog7 security update
rsyslog 5.8.10-12.0.2 - Back port fix for heap-based overflow in TCP syslog server - Resolves CVE-2022-24903 Orabug: 34226447 rsyslog7 7.4.10-7.0.1 - Back port fix for heap-based overflow in TCP syslog server - Resolves CVE-2022-24903 Orabug: 34226447...
python3 security update
3.6.8-47.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-47 - Security fix for CVE-2015-20107 Resolves: rhbz2075390 3.6.8-46 - Security fix for CVE-2022-0391: urlparse does not sanitize URLs containing ASCII newline and tabs - Fix the test suite support for Expat = 2.4.5...
.NET 6.0 security and bugfix update
6.0.109-1.0.1 - Add missing Oracle RIDs - Build all packages on source-build even when in servicing 6.0.109-1 - Update to .NET SDK 6.0.109 and Runtime 6.0.9 - Resolves: RHBZ2123791...
gnupg2 security update
2.2.20-3 - Fix CVE-2022-34903 2108447...
kernel security, bug fix, and enhancement update
4.18.0-372.26.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
istio security update
istio 1.13.7-1 - Added Oracle specific files for 1.13.7-1 olcne 1.4.7-1 - Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045 1.4.6-2 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over - Update gen-certs-helper script to skip printin...
istio security update
istio 1.13.7-1 - Added Oracle specific files for 1.13.7-1 olcne 1.4.7-1 - Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045 1.4.6-2 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over - Update gen-certs-helper script to skip printin...