8997 matches found
ol8addon security update
...
go-toolset:ol8addon security update
go-toolset 1.18.3-1 - Update to golang 1.18.3 golang 1.18.3-1.0.1 - Rebase to 1.18.3 by adding upstream patches to the 1.18.0 openssl-fips - Modify Patch51852 to remove portions already upstream - Use baseversion to distinguish the version of the tarball from the final version - Reviewed-by: Jose...
olcne security update
olcne 1.5.4-3 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over 1.5.4-2 - Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227 1.5.4-1 - Upgrade Kubernetes to 1.23.7 1.5.3-1 - Address qemu...
Unbreakable Enterprise kernel-container security update
5.15.0-0.30.20 - floppy: use a statically allocated error counter Willy Tarreau Orabug: 34218638 CVE-2022-1652 - x86: Disable RET on kexec Konrad Rzeszutek Wilk Orabug: 34335631 CVE-2022-23816 CVE-2022-29901 - x86/bugs: do not enable IBPB-on-entry when IBPB is not supported Thadeu Lima de Souza...
olcne security update
olcne 1.5.4-3 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over 1.5.4-2 - Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227 1.5.4-1 - Upgrade Kubernetes to 1.23.7 1.5.3-1 - Address qemu...
olcne security update
olcne 1.4.6-2 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over - Update gen-certs-helper script to skip printing olcnetransferscript execution - Cleanup grpc connection when node not found and use substr method in case fqdn used for hostname...
olcne security update
olcne 1.4.6-2 - Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over - Update gen-certs-helper script to skip printing olcnetransferscript execution - Cleanup grpc connection when node not found and use substr method in case fqdn used for hostname...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.515.3.el7 - uek-rpm: Enable Pensando EMMC reset controller Thomas Tai Orabug: 34325721 - mfd: pensandoelbasr: Add Pensando Elba System Resource Chip Brad Larson Orabug: 34325721 - dsc-drivers: update drivers for 1.15.9-C-65 Shannon Nelson Orabug: 34325721 4.14.35-2047.515.2.el7 -...
Unbreakable Enterprise kernel security update
4.14.35-2047.515.3 - uek-rpm: Enable Pensando EMMC reset controller Thomas Tai Orabug: 34325721 - mfd: pensandoelbasr: Add Pensando Elba System Resource Chip Brad Larson Orabug: 34325721 - dsc-drivers: update drivers for 1.15.9-C-65 Shannon Nelson Orabug: 34325721 4.14.35-2047.515.2 - net/rds:...
squid:4 security update
squid 7:4.15-3.1 - Resolves: 2100782 - CVE-2021-46784 squid:4/squid: DoS when processing gopher server responses...
libgcrypt security update
1.8.5-7fips - Add API to provide hash calculation in RSA/DSA/ECDSA signature operations Orabug: 33081130 - Change Epoch from 1 to 10 1.8.5-7 - Fix CVE-2021-33560 2018525...
squid security update
7:5.2-1.1 - Resolves: 2100784 - CVE-2021-46784 squid: DoS when processing gopher server responses...
zlib security update
1.2.3-29.0.1 - Fix a bug that can crash deflate when using ZFIXED CVE-2018-25032Orabug: 34161396...
kernel security and bug fix update
3.10.0-1160.71.1.0.1 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.71.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 -...
Unbreakable Enterprise kernel security update
4.1.12-124.64.1 - iscsi-target: Fix the issue with shutdownsession removal Gulam Mohamed Orabug: 29661566 - scsi: target: fix hang when multiple threads try to destroy the same iscsi session Gulam Mohamed Orabug: 29661566 - scsi: target: remove boilerplate code Gulam Mohamed Orabug: 29661566 -...
qemu-kvm security and bug fix update
6.2.0-11.el90.3 - kvm-RHEL-disable-seqpacket-for-vhost-vsock-device-in-rhe.patch bz2071102 - kvm-virtio-net-fix-map-leaking-on-error-during-receive.patch bz2075635 - kvm-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch bz2075640 - Resolves: bz2071102 RHEL 9.0 guest with vsock device...
grub2, mokutil, shim, and shim-unsigned-x64 security update
2.02-123.0.4.el86.8 - enable multiboot2 Orabug: 34285558 - backport arm64: Fix EFI loader kernel image allocation Orabug: 33702462 - backport Arm: check for the PE magic for the compiled arch Orabug: 33702462 - Backport some better script logic for BTRFS support Orabug: 32448171 - Do not add shim...
php:7.4 security update
php 7.4.19-3 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626...
php:8.0 security update
php 8.0.13-3 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626...
firefox security update
91.11.0-2.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Removed Upstream references 91.11.0-2 - Update to 91.11.0 build2...
thunderbird security update
91.11.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires Orabug: 33802044 91.11.0-2 - Update to 91.11.0 build2 91.11.0-1 - Update to 91.11.0 build1...
python security update
2.7.5-92.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-92 - Security fix for CVE-2021-3177 Resolves: rhbz1918168 2.7.5-91 - Security fixes for CVE-2020-26116, CVE-2020-26137 and CVE-2022-0391 - Test fixes for the latest expat security release - Update the certificates...
kernel security and bug fix update
4.18.0-372.13.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
thunderbird security update
91.11.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.11.0-2 - Update to 91.11.0 build2 91.11.0-1 - Update to 91.11.0 build1...
libxml2 security update
2.9.7-13.1 - Fix CVE-2022-29824 2082297...
libgcrypt security update
1.8.5-7 - Fix CVE-2021-33560 2018525...
thunderbird security update
91.11.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 91.11.0-2 - Update to 91.11.0 build2 91.11.0-1 - Update to 91.11.0 build1...
libinput security update
1.16.3-3 - Fix a format string vulnerability in the device name logging 2076815 CVE-2022-1215...
cups security update
1:2.3.3op2-13.1 - CVE-2022-26691 cups: authorization bypass when using 'local' authorization...
compat-openssl10 security update
1:1.0.2o-4 - Fix CVE-2022-0778: Infinite loop in BNmodsqrt reachable when parsing certificates Resolves: rhbz2077417...
firefox security update
91.11.0-2.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.11.0-2 - Update to 91.11.0 build2 91.11.0-1 - Update to 91.11.0 build1...
ruby:2.6 security, bug fix, and enhancement update
ruby 2.6.10-109 - Upgrade to Ruby 2.6.10. Resolves: rhbz2088415 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739 - Fix FTBFS due to an incompatible load directive. - Fix a fiddle import test on an optimized glibc on Power 9...
vim security update
2:8.0.1763-19.0.1.2 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-19.2 - CVE-2022-1621 vim: heap buffer overflow - CVE-2022-1629 vim: buffer over-read 2:8.0.1763-19.1 - CVE-2022-1154 vim: use after free...
firefox security update
91.11.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build 91.11.0-2 - Update to 91.11.0 build2 91.11.0-1 - Update to 91.11.0 build1...
go-toolset:ol8 security and bug fix update
delve 1.7.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.7.2-1 - Rebase to 1.7.2 - Related: rhbz2014088 golang 1.17.10-1 - Rebase to Go 1.17.10 - Resolves: rhbz2091077 go-toolset 1.17.10-1 - Rebase to Go 1.17.10 - Resolves: rhbz2091077...
firefox security update
91.9.1-1.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Removed Upstream references 91.9.1-1 - Update to 91.9.1 build1...
pcre2 security update
10.37-5 - Explicitly require uft subpackages in tools subpackage 10.37-4 - Resolves: CVE-2022-1586 CVE-2022-1587...
xz security update
5.2.5-8 - Fix arbitrary file write vulnerability Resolves: CVE-2022-1271...
subversion security update
1.14.1-5 - Fix for CVE-2022-24070 2076565...
Unbreakable Enterprise kernel security update
5.15.0-0.30.19 - net/mlx4: Increase numsrq in lowmemprofile Dave Kleikamp Orabug: 34052160 5.15.0-0.30.18 - Revert ocfs2: mount shared volume without ha stack Junxiao Bi Orabug: 33701900 - KVM: x86/speculation: Disable Fill buffer clear within guests Pawan Gupta Orabug: 34202258 CVE-2022-21123...
expat security update
2.2.10-12.2 - Improve fix for CVE-2022-25313 - Related: CVE-2022-25313 2.2.10-12.1 - Fix multiple CVEs - Resolves: CVE-2022-25314 - Resolves: CVE-2022-25313...
curl security update
7.61.1-22.el86.3 - fix too eager reuse of TLS and SSH connections CVE-2022-27782 7.61.1-22.el86.2 - fix invalid type in printf argument detected by Coverity 7.61.1-22.el86.1 - fix credential leak on redirect CVE-2022-27774 - fix auth/cookie leak on redirect CVE-2022-27776 - fix OAUTH2 bearer bypa...
libxml2 security update
2.9.13-1.1 - Fix CVE-2022-29824 2082299...
thunderbird security update
91.9.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires Orabug: 33802044 91.9.0-3 - Update to 91.9.0 build3 91.9.0-2 - Update to 91.9.0 build2 91.9.0-1 - Update to 91.9.0...
.NET 6.0 security and bugfix update
6.0.106-1.0.1 - Add missing Oracle RIDs - Build all packages on source-build even when in servicing 6.0.106-1 - Update to .NET SDK 6.0.106 and Runtime 6.0.6 - Resolves: RHBZ2093433...
rsyslog security update
8.2102.0-101.1 - Address CVE-2022-24903, Heap-based overflow in TCP syslog server resolves: rhbz2081402...
kernel security and bug fix update
5.14.0-70.17.1.0.10.OL9 - lockdown: also lock down previous kgdb use Daniel Thompson Orabug: 34290418 CVE-2022-21499 5.14.0-70.17.10.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted...
compat-openssl11 security and bug fix update
1:1.1.1k-4.0.1 - Backport upstream PRs 18446 and 18481 which update certificates used for the self-tests Orabug: 34326055 1:1.1.1k-4 - Fixes CVE-2022-0778 openssl: Infinite loop in BNmodsqrt reachable when parsing certificates Resolves: rhbz2063147 - Disable FIPS mode; it does not work and will n...
java-1.8.0-openjdk security update
1:1.8.0.332.b09-1 - Update to shenandoah-jdk8u332-b09 GA - Update release notes for 8u332-b09. - Resolves: rhbz2074649...
vim security update
8.2.2637-16.0.1 - - Remove upstream references Orabug: 31197557 2:8.2.2637-16.2 - CVE-2022-1621 vim: heap buffer overflow - CVE-2022-1629 vim: buffer over-read 2:8.2.2637-16.1 - CVE-2022-0554 vim: Use of Out-of-range Pointer Offset in vim prior - CVE-2022-0943 vim: Heap-based Buffer Overflow occu...