9180 matches found
bind9.16 security update
32:9.16.23-0.9.1 - Fix possible serve-stale related crash CVE-2022-3080 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178 32:9.16.23-0.9 - Tighten cache protection against record from forwarders CVE-2021-25220 - Include test of...
e2fsprogs security and bug fix update
1.45.6-5 - Update e2fsprogs with upstream fixes and improvements 2083621 - Fix out-of-bounds read/write via crafter filesystem 2073548...
mutt security update
5:2.0.7-2 - Fix CVE-2022-1328 2109247...
grafana-pcp security update
3.2.0-2 - resolve CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header - resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working - resolve CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read -...
php:7.4 security, bug fix, and enhancement update
libzip 1.6.1-1 - update to 1.6.1 - enable lzma support php 7.4.30-1 - rebase to 7.4.30 2099615 7.4.19-3 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 7.4.19-2 - fix SSRF bypass in FILTERVALIDATEURL CVE-2021-21705 - fix Local privilege escalation via...
kernel security, bug fix, and enhancement update
4.18.0-425.3.1.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
httpd:2.4 security update
httpd 2.4.37-51.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracles index page oracleindex.html 2.4.37-51 - Resolves: 2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via aprwrite - Resolves: 2097031 - CVE-2022-28615 httpd:2.4/httpd:...
grafana security, bug fix, and enhancement update
7.5.15-3 - resolve CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse functions - resolve CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header - resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working ...
container-tools:3.0 security update
buildah 1.19.9-6 - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 https://github.com/containers/buildah/commit/6d7f496 - Related: 2061390 1.19.9-5 - update to the latest content of https://github.com/containers/buildah/tree/release-1.19...
zlib security update
1.2.3-29.0.3 - Fix for CVE-2022-37474 Orabug: 34759428...
zlib security update
1.2.7-20.0.1 - Resolves: CVE-2022-37434 Orabug: 34752508...
kvm_utils security update
hivex 1.3.18-21 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 1.3.18 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release 1.3.18 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release 1.3.15...
ol8addon security update
golang 1.17.13-1.0.1 - Update tarball to 1.17.12 - Add patches between Go 1.17.12 and Go 1.17.13 - Reviewed-by: David Faust 1.17.12-1 - Update Go to version 1.17.12 - Resolves: rhbz2109182 go-toolset 1.17.13-1 - Set version to correspond to the matching build golang version...
kernel security, bug fix, and enhancement update
5.14.0-70.30.1.0.10.OL9 - lockdown: also lock down previous kgdb use Daniel Thompson Orabug: 34290418 CVE-2022-21499 5.14.0-70.30.10.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted...
qemu security update
15:4.2.1-21.el7 - qemu-kvm.spec: Fix the qemu-regdump sos report plugin path Mark Kanda Orabug: 34680062 - qmp-regdump: Require python3 on OL8 Mark Kanda Orabug: 34672256 - iotests: Adjust 186.out to account for 'null' node-name Mark Kanda Orabug: 34447388 - block: Set the name of BlockBackend if...
kernel security and bug fix update
3.10.0-1160.80.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.80.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...
pcs security update
0.9.169-3.0.1 - replace logo pcsd/public/favicon.ico in tarball - remove Source1 HAM-logo.png 0.9.169-3.el73.2 - Update rubygem rack - Upgrade jquery in web-ui - Resolves: rhbz2099578 rhbz2093232 0.9.169-3.el73.1 - Explicitly close libcurl connections to prevent stalled TCP connections in...
pki-core security update
11.0.6-1.0.1 - Replaced upstream graphical references Orabug: 33952704 11.0.6-1 - Bug 2107335 - CVE-2022-2414 pki-core: access to external entities when parsing XML can lead to XXE rhel-9.0.0.z...
php-pear security update
1:1.9.4-23 - update ArchiveTar to 1.4.14 CVE-2020-36193 CVE-2020-28948 CVE-2020-28949...
zlib security update
1.2.11-32 - Fix heap-based buffer over-read or buffer overflow in inflate in inflate.c - Resolves: CVE-2022-37434...
lua security update
5.4.2-4.3 - Fix up CVE-2022-33099 patch 5.4.2-4.2 - Enable gating 5.4.2-4.1 - apply upstream fix for CVE-2022-33099...
python3.9 security update
3.9.10-3 - Security fix for CVE-2020-10735 - Fix the test suite support for Expat = 2.4.5 Resolves: rhbz1834423...
Unbreakable Enterprise kernel security update
4.1.12-124.68.3 - Orabug: 34733462 Alok Tiwari 4.1.12-124.68.2 - ptp: fix the race between the release of ptpclock and cdev Vladis Dronov Orabug: 31350707 CVE-2020-10690 - ptp: Fix pass zero to ERRPTR in ptpclockregister YueHaibing Orabug: 31350707 - chardev: add helper function to register char...
openssl security update
3.0.1-41.0.3 - Add units tests for CVE-2022-3786, CVE-2022-3602 patches 3.0.1-41.0.2 - Fix CVE-2022-3786, CVE-2022-3602 3.0.1-41.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-41 - Zeroize public keys as required by FIPS 140-3 Resolves: rhbz2115861 - Add FIPS indicator for HKDF...
openssl security update
3.0.1-43.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-43 - CVE-2022-3602: X.509 Email Address Buffer Overflow - running tests Resolves: CVE-2022-3602 1:3.0.1-42 - CVE-2022-3602: X.509 Email Address Buffer Overflow Resolves: CVE-2022-3602...
compat-expat1 security update
1.95.8-8.0.1 - Ensure raw tagnames are safe exiting internalEntityParser CVE-2022-40674Orabug: 34708578...
expat security update
2.0.1-13.0.2 - Ensure raw tagnames are safe exiting internalEntityParser CVE-2022-40674Orabug: 34694174...
thunderbird security update
102.4.0-1 - Update to 102.4.0 build1...
firefox security update
102.3.0-7.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.3.0-7 - Fix for expat CVE-2022-40674 and non functional webrtc 102.3.0-6 - Update to 102.3.0 buil...
firefox security update
102.3.0-6.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.3.0-6 - Update to 102.3.0 build1...
389-ds:1.4 security update
1.4.3.28-8 - Bump version to 1.4.3.28-8 - Resolves: Bug 2131743 - SIGSEGV in syncrepl...
thunderbird security update
102.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.4.0-1 - Update to 102.4.0 build1 102.3.0-4 - Fix for expat CVE-2022-40674...
thunderbird security update
102.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.4.0-1 - Update to 102.4.0 build1...
firefox security update
102.4.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.4.0-1 - Update to 102.4.0 build1 102.3.0-7 - Fix for expat CVE-2022-40674 and non functional webr...
postgresql:12 security update
postgresql 12.12-1 - Resolves: 2131177 - Update to version 12.12...
mysql:8.0 security, bug fix, and enhancement update
mecab 0.996-2 - Rebuild to fix the issue described in 2000986 - Resolves: 2000986 mysql 8.0.30-1 - Update to MySQL 8.0.30 - Remove patches now upstream: chain certs, s390 and robin hood - Add a new plugin 'conflictingvariables.so' 8.0.29-1 - Update to MySQL 8.0.29 8.0.28-1 - Update to MySQL 8.0.2...
sqlite security update
3.26.0-16 - Fixed CVE-2020-35527 - Fixed CVE-2020-35525...
samba security and bug fix update
4.15.5-10.0.1 - Gluster volumes not accessible via Samba due to missing samba-vfs-glusterfs in OL8 Orabug: 30205755 4.15.5-10 - resolves: rhbz2126041 - Do not require samba package in python3-samba 4.15.5-9 - Fix CVE-2022-32742 - resolves: rhbz2125552...
thunderbird security update
102.3.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.3.0-3 - Update to 102.3.0 build1...
gnutls security update
3.6.16-5 - Fix double-free in gnutlspkcs7verify 2109787...
device-mapper-multipath security update
0.4.9-136.0.1 - mpathpersist: Fix Register and Ignore with 0x00 SARK Orabug: 32696195 - mpathpersist: update prkeys file on changing registrations Orabug: 32696195 - Keep upstream patch 0273-RHBZ-1988462-fix-disable-changed-wwids-segfault.patch fix segfault with disablechangedwwids for orabug...
device-mapper-multipath security update
0.8.4-22.2 - Add 0092-multipathd-ignore-duplicated-multipathd-command-keys.patch - Resolves: bz 2133994...
firefox security update
102.4.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.4.0-1 - Update to 102.4.0 build1...
git-lfs security and bug fix update
2.13.3-3 - Rebuild with new Golang - Resolves: rhbz2131795...
zlib security update
1.2.11.19 - Fix heap-based buffer over-read or buffer overflow in inflate in inflate.c - Resolves: CVE-2022-37434...
device-mapper-multipath security update
0.8.7-7.1 - Add 0044-multipathd-ignore-duplicated-multipathd-command-keys.patch - Resolves: bz 2133997...
kernel security, bug fix, and enhancement update
4.18.0-372.32.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
thunderbird security update
102.3.0-4.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.3.0-4 - Fix for expat CVE-2022-40674 102.3.0-3 - Update to 102.3.0 build1...
389-ds-base security and bug fix update
1.3.10-2-17 - Bump version to 1.3.10.2-17 - Resolves: Bug 2113056 - Import may break replication because changelog starting csn may not be created - Resolves: Bug 2131083 - SIGSEGV in syncrepl...
Unbreakable Enterprise kernel security update
5.15.0-3.60.5.1 - fs: remove nollseek Jason A. Donenfeld Orabug: 34721465 - vfio: do not set FMODELSEEK flag Jason A. Donenfeld Orabug: 34721465 - dma-buf: remove useless FMODELSEEK flag Jason A. Donenfeld Orabug: 34721465 - fs: do not compare against -llseek Jason A. Donenfeld Orabug: 34721465 -...