8998 matches found
Unbreakable Enterprise kernel security update
5.15.0-1.43.4.1 - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460936 CVE-2022-2588 5.15.0-1.43.4 - Revert selftests/bpf: add tests verifying unprivileged bpf behaviour Alan Maguire Orabug: 34399286 - Revert selftests/bpf: Add test for reg2btfids o...
Unbreakable Enterprise kernel security update
4.14.35-2047.516.1.1 - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460938 CVE-2022-2588 4.14.35-2047.516.1 - KVM: x86: Avoid theoretical NULL pointer dereference in kvmirqdeliverytoapicfast Vitaly Kuznetsov Orabug: 34323860 CVE-2022-2153 - KVM: x8...
Unbreakable Enterprise kernel-container security update
5.15.0-1.43.4.1 - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460936 CVE-2022-2588 5.15.0-1.43.4 - Revert selftests/bpf: add tests verifying unprivileged bpf behaviour Alan Maguire Orabug: 34399286 - Revert selftests/bpf: Add test for reg2btfids o...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.516.1.1 - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460938 CVE-2022-2588 4.14.35-2047.516.1 - KVM: x86: Avoid theoretical NULL pointer dereference in kvmirqdeliverytoapicfast Vitaly Kuznetsov Orabug: 34323860 CVE-2022-2153 - KVM: x8...
Unbreakable Enterprise kernel security update
5.4.17-2136.309.5.1 - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460937 CVE-2022-2588...
kernel security and bug fix update
4.18.0-372.19.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
virt:kvm_utils security update
libvirt 5.7.0-34.el8 - qemu: blockcopy: Allow late opening of the backing chain of a shallow copy Peter Krempa Orabug: 33091019 - qemu: capabilities: Introduce QEMUCAPSBLOCKDEVSNAPSHOTALLOWWRITEONLY Peter Krempa Orabug: 33091019 - qemuDomainBlockCopyCommon: Record updated flags to block job Peter...
openssl security update
1:1.1.1k-7 - Fix CVE-2022-2097: AES OCB fails to encrypt some bytes on 32-bit x86 Resolves: CVE-2022-2097 - Update expired certificates used in the testsuite Resolves: rhbz2100554 - Fix CVE-2022-1292: openssl: crehash script allows command injection Resolves: rhbz2090371 - Fix CVE-2022-2068: the...
virt:ol and virt-devel:ol security, bug fix, and enhancement update
libvirt 8.0.0-5.2.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma 8.0.0-5.2.el8 - cpumap: Disable cpu64-rhel for host-model and baseline rhbz2084030 - cputest: Drop some old artificial baseline tests rhbz2084030 - cputest: Give...
vim security update
8.0.1763-19.0.1.4 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-19.4 - fix issue reported by covscan 2:8.0.1763-19.3 - CVE-2022-1785 vim: Out-of-bounds Write - CVE-2022-1897 vim: out-of-bounds write in...
php security update
8.0.13-2 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626...
httpd security update
2.4.6-97.0.7.5 - modproxy: approxyhttprequest to clear hop-by-hop first and fixup last CVE-2022-31813Orabug: 34381850...
httpd security update
2.4.51-7.0.2 - modproxy: approxyhttprequest to clear hop-by-hop first and fixup last CVE-2022-31813Orabug: 34381949...
httpd security update
2.2.15-69.0.4 - modproxy: approxyhttprequest to clear hop-by-hop first and fixup last CVE-2022-31813Orabug: 34317859 2.2.15-69.0.3 - core: Simpler connection close logic CVE-2022-22720Orabug: 33991577...
xorg-x11-server security update
1.20.4-18 - CVE fix for: CVE-2022-2319/ZDI-CAN-16062, CVE-2022-2320/ZDI-CAN-16070 Resolves: rhbz2109031, rhbz2109033...
ruby:2.5 security update
ruby 2.5.9-110 - Fix FTBFS due to an incompatible load directive. - Fix a fiddle import test on an optimized glibc on Power 9. - Fix by adding length limit option for methods that parses date strings. Resolves: CVE-2021-41817 - CGI::Cookie.parse no longer decodes cookie names to prevent spoofing...
389-ds:1.4 security update
1.4.3.28-7 - Bump version to 1.4.3.28-7 - Resolves: Bug 2081008 - CVE-2022-0996 389-ds:1.4/389-ds-base: expired password was still allowed to access the database - Resolves: Bug 2081014 - CVE-2022-0918 389-ds:1.4/389-ds-base: sending crafted message could result in DoS...
mariadb:10.5 security, bug fix, and enhancement update
galera 26.4.11-1 - Rebase to 26.4.11 mariadb 3:10.5.16-2 - Release bump for rebuild 3:10.5.16-1 - Rebase to 10.5.16 3:10.5.15-1 - Rebase to 10.5.15...
go-toolset:ol8 security and bug fix update
delve 1.7.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.7.2-1 - Rebase to 1.7.2 - Related: rhbz2014088 golang 1.17.12-1 - Update Go to version 1.17.12 - Resolves: rhbz2109182 1.17.10-2 - Clean up dist-git patches - Resolves: rhbz2109173 go-toolset 1.17.12-1 - Update Go to...
thunderbird security update
91.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires Orabug: 33802044 91.12.0-1 - Update to 91.12.0 build1...
thunderbird security update
91.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.12.0-1 - Update to 91.12.0 build1...
firefox security update
91.12.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build 91.12.0-1 - Update to 91.12.0 build1...
firefox security update
91.12.0-2.0.1 - Removed Upstream references 91.12.0-1 - Update to 91.12.0 build1...
firefox security update
91.12.0-2.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.12.0-1 - Update to 91.12.0 build1...
openssl security update
1:1.1.1k-7 - Fix CVE-2022-2097: AES OCB fails to encrypt some bytes on 32-bit x86 Resolves: CVE-2022-2097 - Update expired certificates used in the testsuite Resolves: rhbz2100554 - Fix CVE-2022-1292: openssl: crehash script allows command injection Resolves: rhbz2090371 - Fix CVE-2022-2068: the...
Unbreakable Enterprise kernel security update
4.1.12-124.65.1 - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33825689 CVE-2022-0492 - ocfs2: kill EBUSY from dlmfsevictinode Junxiao Bi Orabug: 34091904 - ocfs2: dlmfs: fix error handling of userdlmdestroylock Junxiao Bi via Ocfs2-devel Orabug: 34091904 - ocfs2:...
go-toolset and golang security and bug fix update
golang 1.17.12-1 - Update Go to version 1.17.12 - Resolves: rhbz2109183 1.17.7-2 - Clean up dist-git patches - Resolves: rhbz2109174 go-toolset 1.17.12-1 - Update Go to version 1.17.12 - Resolves: rhbz2109183...
pcre2 security update
10.32-3 - Resolves: CVE-2022-1586...
libvirt libvirt-python security update
libvirt 5.7.0-34.el7 - qemu: blockcopy: Allow late opening of the backing chain of a shallow copy Peter Krempa Orabug: 33091019 - qemu: capabilities: Introduce QEMUCAPSBLOCKDEVSNAPSHOTALLOWWRITEONLY Peter Krempa Orabug: 33091019 - qemuDomainBlockCopyCommon: Record updated flags to block job Peter...
qemu security update
15:4.2.1-18.el7 - block: introduce maxhwiov for use in scsi-generic Paolo Bonzini Orabug: 33785156 - file-posix: try BLKSECTGET on block devices too, do not round to power of 2 Paolo Bonzini Orabug: 33785156 - block: add maxhwtransfer to BlockLimits Paolo Bonzini Orabug: 33785156 - block-backend:...
microcode_ctl security update
3:1.17-33.31.0.3 - update 06-55-04 to 0x2006d05 - update 06-55-07 to 0x5003302 - update 06-6a-04 to 0xb000280 - update 06-6a-06 to 0xd000375 3:1.17-33.31.0.2 - update Intel microcode bundle to 20210608 3:1.17-33.31.0.1 - recognize the 'force-intel' file path available on EL7+ orabug 31655792 -...
thunderbird security update
91.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 91.12.0-1 - Update to 91.12.0 build1...
java-17-openjdk security, bug fix, and enhancement update
1:17.0.4.0.8-0.2.ea - Revert the following changes until copy-java-configs has adapted to relative symlinks: - Move cacerts replacement to install section and retain original of this and tzdb.dat - Run tests on the installed image, rather than the build image - Introduce variables to refer to the...
java-17-openjdk security, bug fix, and enhancement update
1:17.0.4.0.8-0.2.ea - Add rpminspect.yaml to turn off Java bytecode inspections - java-17-openjdk deliberately produces Java 17 bytecode, not the default Java 11 bytecode - Resolves: rhbz2109106 1:17.0.4.0.8-0.2.ea - Revert the following changes until copy-java-configs has adapted to relative...
grafana security update
7.5.11-3 - resolve CVE-2022-31107 grafana: OAuth account takeover...
grafana security update
7.5.11-5 - resolve CVE-2022-31107 grafana: OAuth account takeover...
java-11-openjdk security, bug fix, and enhancement update
1:11.0.16.0.8-1.0.1 - Replace upstream references Orabug: 34340155 1:11.0.16.0.8-1 - Update to jdk-11.0.16+8 - Update release notes to 11.0.16+8 - Use same tarball naming style as java-17-openjdk and java-latest-openjdk - Drop JDK-8257794 patch now upstreamed - Print release file during build,...
java-1.8.0-openjdk security, bug fix, and enhancement update
1.8.0.342.b07-1.0.1 - Replace upstream references Orabug: 34340145 1:1.8.0.342.b07-1 - Update to shenandoah-jdk8u342-b07 - Update release notes for shenandoah-8u342-b07. - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update tarball script with...
java-1.8.0-openjdk security, bug fix, and enhancement update
1:1.8.0.342.b07-1 - Update to shenandoah-jdk8u342-b07 - Update release notes for shenandoah-8u342-b07. - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update tarball script with IcedTea GitHub URL and .src-rev generation - Use 'git apply' with...
java-1.8.0-openjdk security, bug fix, and enhancement update
1:1.8.0.342.b07-1 - Update to shenandoah-jdk8u342-b07 - Update release notes for shenandoah-8u342-b07. - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update tarball script with IcedTea GitHub URL and .src-rev generation - Use 'git apply' with...
java-11-openjdk security, bug fix, and enhancement update
1:11.0.16.0.8-1 - Update to jdk-11.0.16+8 - Update release notes to 11.0.16+8 - Use same tarball naming style as java-17-openjdk and java-latest-openjdk - Drop JDK-8257794 patch now upstreamed - Print release file during build, which should now include a correct SOURCE value from .src-rev - Updat...
java-11-openjdk security, bug fix, and enhancement update
1:11.0.16.0.8-1.0.1 - link atomic for ix86 build 1:11.0.16.0.8-1 - Update to jdk-11.0.16+8 - Update release notes to 11.0.16+8 - Use same tarball naming style as java-17-openjdk and java-latest-openjdk - Drop JDK-8284920 patch now upstreamed - Print release file during build, which should now...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.309.5 - lockdown: Fix kexec lockdown bypass with ima policy Eric Snowberg Orabug: 34386637 CVE-2022-21505...
Unbreakable Enterprise kernel-container security update
5.15.0-0.30.20.1 - lockdown: Fix kexec lockdown bypass with ima policy Eric Snowberg Orabug: 34386636 CVE-2022-21505...
Unbreakable Enterprise kernel security update
5.4.17-2136.309.5 - lockdown: Fix kexec lockdown bypass with ima policy Eric Snowberg Orabug: 34386637 CVE-2022-21505...
Unbreakable Enterprise kernel security update
5.15.0-0.30.20.1 - lockdown: Fix kexec lockdown bypass with ima policy Eric Snowberg Orabug: 34386636 CVE-2022-21505...
kernel security, bug fix, and enhancement update
4.18.0-372.16.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
grub2 security update
2.02-123.0.7.el86.8 - Enable back btrfs module by default Orabug: 34377188 2.02-123.0.6.el86.8 - Backport upstream SNP protocol fixes Orabug: 34195100 2.02-123.0.5.el86.8 - Rebase Fix EFI loader kernel image allocation patch, adapt it to new NX code Orabug: 34352232 2.02-123.0.4.el86.8 - enable...
grub2 security update
2.06-27.0.6.el90.7 - Enable back btrfs grub module for EFI pre-built image Orabug: 34360986 2.06-27.0.5.el90.7 - Replaced bugzilla.oracle.com references Orabug: 34202300 - Update provided certificate version to 202204 JIRA: OLDIS-16371 - Various coverity fixes JIRA: OLDIS-16371 - bump SBAT...
Unbreakable Enterprise kernel security update
5.15.0-0.30.20 - floppy: use a statically allocated error counter Willy Tarreau Orabug: 34218638 CVE-2022-1652 - x86: Disable RET on kexec Konrad Rzeszutek Wilk Orabug: 34335631 CVE-2022-29901 CVE-2022-23816 - x86/bugs: do not enable IBPB-on-entry when IBPB is not supported Thadeu Lima de Souza...