9180 matches found
libksba security update
1.3.5-8 - Fix for CVE-2022-3515 2135702...
Unbreakable Enterprise kernel-container security update
5.15.0-3.60.5.1.el8 - fs: remove nollseek Jason A. Donenfeld Orabug: 34721465 - vfio: do not set FMODELSEEK flag Jason A. Donenfeld Orabug: 34721465 - dma-buf: remove useless FMODELSEEK flag Jason A. Donenfeld Orabug: 34721465 - fs: do not compare against -llseek Jason A. Donenfeld Orabug: 347214...
pki-core security update
10.5.18-23 - - RHEL 7.9 Batch Update 18: - - Bugzilla Bug 2107329 - CVE-2022-2414 pki-core: access to external entities when parsing XML can lead to XXE rhel-7.9.z ckelley, mharmsen - Bugzilla Bug 2111514 - CVE-2022-2393 pki-core: When using the caServerKeygenDirUserCert profile, user can get...
libksba security update
1.5.1-5 - Fix for CVE-2022-3515 2135703...
libksba security update
1.3.0-6 - Fix for CVE-2022-3515 2135695...
firefox security update
102.4.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.4.0-1 - Update to 102.4.0 build1...
Unbreakable Enterprise kernel security update
5.4.17-2136.312.3.4 - Revert 'fs: check FMODELSEEK to control internal pipe splicing' Saeed Mirzamohammadi Orabug: 34666845 5.4.17-2136.312.3.3 cpusreadlock deadlock Tejun Heo Orabug: 34607590 - cgroup: Elide write-locking threadgrouprwsem when updating csses on an empty subtree Tejun Heo Orabug:...
java-11-openjdk security and bug fix update
1:11.0.17.0.8-2.0.1 - link atomic for ix86 build 1:11.0.17.0.8-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data with Europe/Kyiv JDK-8293834 - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on...
java-17-openjdk security and bug fix update
1:17.0.5.0.8-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data with Europe/Kyiv JDK-8293834 - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream - Related: rhbz2132934...
java-11-openjdk security and bug fix update
11.0.17.0.8-2.0.1 - Replace upstream references Orabug: 34340155 1:11.0.17.0.8-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data with Europe/Kyiv JDK-8293834 - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public A...
java-17-openjdk security and bug fix update
1:17.0.5.0.8-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data with Europe/Kyiv JDK-8293834 - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream - Related: rhbz2133695...
java-11-openjdk security and bug fix update
1:11.0.17.0.8-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Update CLDR data with Europe/Kyiv JDK-8293834 - Drop JDK-8292223 patch which we found to be unnecessary - Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream - Related: rhbz2133695...
java-1.8.0-openjdk security update
1:1.8.0.352.b08-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Add test to ensure timezones can be translated - Related: rhbz2133695 1:1.8.0.352.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release notes for shenandoah-8u352-b08. - Rebase FIPS patch against 8u352-b07...
java-1.8.0-openjdk security update
1.8.0.352.b08-2.0.1 - Replace upstream references Orabug: 34340145 1:1.8.0.352.b08-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Add test to ensure timezones can be translated - Related: rhbz2133695 1:1.8.0.352.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.312.3.4 - Revert 'fs: check FMODELSEEK to control internal pipe splicing' Saeed Mirzamohammadi Orabug: 34666845 5.4.17-2136.312.3.3 cpusreadlock deadlock Tejun Heo Orabug: 34607590 - cgroup: Elide write-locking threadgrouprwsem when updating csses on an empty subtree Tejun Heo Orabug:...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.352.b08-2 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173 - Add test to ensure timezones can be translated - Related: rhbz2133695 1:1.8.0.352.b08-1 - Update to shenandoah-jdk8u352-b08 GA - Update release notes for shenandoah-8u352-b08. - This tarball is embargoed until...
firefox security update
102.3.0-7.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.3.0-7 - Fix for expat CVE-2022-40674 and non functional webrtc...
thunderbird security update
102.3.0-4.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.3.0-4 - Fix for expat CVE-2022-40674...
thunderbird security update
102.3.0-4.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.3.0-4 - Fix for expat CVE-2022-40674...
firefox security update
102.3.0-7.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.3.0-7 - Fix for expat CVE-2022-40674 and non functional webrtc...
nodejs:16 security update
nodejs 1:16.17.1-1 - Rebase to version 16.17.1 - Resolves: CVE-2022-35255 CVE-2022-35256 - Resolves: 2132004, 2130552 - Resolves 2121095...
nodejs security update
16.17.1-1 - Rebase to version 16.17.1 Resolves: CVE-2022-35255 CVE-2022-35256...
kvm_utils2 security update
...
.NET 6.0 security and bugfix update
6.0.110-1.0.1 - Add missing Oracle RIDs - Build all packages on source-build even when in servicing 6.0.110-1 - Update to .NET SDK 6.0.110 and Runtime 6.0.10 - Resolves: RHBZ2131328...
.NET 6.0 security and bugfix update
6.0.110-1.0.1 - Add missing Oracle RIDs 6.0.110-1 - Update to .NET SDK 6.0.110 and Runtime 6.0.10 - Resolves: RHBZ2131327...
.NET Core 3.1 security and bugfix update
3.1.424-1.0.1 - Add missing Oracle Linux Runtime IDs 3.1.424-1 - Update to .NET SDK 3.1.424 and Runtime 3.1.30 - Resolves: RHBZ2131728...
gnutls and nettle security, bug fix, and enhancement update
gnutls 3.7.6-12 - fips: mark PBKDF2 with short key and output sizes non-approved - fips: only mark HMAC as approved in PBKDF2 - fips: mark gnutlskeygenerate with short key sizes non-approved - fips: fix checking on hash algorithm used in ECDSA - fips: preserve operation context around FIPS...
expat security update
2.2.5-8.0.1.3 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-8.3 - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674...
qemu-kvm security update
...
Unbreakable Enterprise kernel security update
4.14.35-2047.518.4 - xfs: avoid race between writeback and data/cow fork changes Wengang Wang Orabug: 34508036 4.14.35-2047.518.3 - KVM: SVM: Clear the CR4 register on reset Babu Moger Orabug: 34617675 4.14.35-2047.518.2 - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34566753...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.518.4.el7 - xfs: avoid race between writeback and data/cow fork changes Wengang Wang Orabug: 34508036 4.14.35-2047.518.3.el7 - KVM: SVM: Clear the CR4 register on reset Babu Moger Orabug: 34617675 4.14.35-2047.518.2.el7 - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug...
squid security update
7:3.5.20-17.0.1 - Mutiple CVE fixes for squid Orabug: 33146289 - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing 788 - Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range...
squid security update
7:5.2-1.2 - Resolves: 2130251 - CVE-2022-41318 squid: buffer-over-read in SSPI and SMB authentication...
prometheus-jmx-exporter security update
0.12.0-8 - Bump snakeyaml version to 1.32 to collect fix for CVE-2022-25857 BZ 2128477...
expat security update
2.2.10-12.3 - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674...
expat security update
2.1.0-15.0.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910302 2.1.0-15 - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674...
bind security update
32:9.11.36-3.1 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178...
kubernetes security update
kubernetes 1.21.14-2 - Fixed kubernetes-cni version. 1.21.14-1 - Addresses CVE-2022-3172 olcne 1.4.8-2 - Updated Kubernetes package release version to 1.21.6-2 1.4.8-1 - Upgraded kubernetes-1.21.6 to 1.21.14 - Resolve Kubernetes CVE-2022-3172 for version 1.21 1.4.7-1 - Upgrade Istio from 1.13.5 t...
kubernetes security update
kubernetes 1.21.14-2 - Fixed kubernetes-cni version. 1.21.14-1 - Addresses CVE-2022-3172 olcne 1.4.8-2 - Updated Kubernetes package release version to 1.21.6-2 1.4.8-1 - Upgraded kubernetes-1.21.6 to 1.21.14 - Resolve Kubernetes CVE-2022-3172 for version 1.21 1.4.7-1 - Upgrade Istio from 1.13.5 t...
squid:4 security update
libecap squid 7:4.15-3.1 - Resolves: 2100782 - CVE-2021-46784 squid:4/squid: DoS when processing gopher server responses...
bind9.16 security update
32:9.16.23-0.7.1 - Fix possible serve-stale related crash CVE-2022-3080 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178...
bind security update
32:9.16.23-1.1 - Fix possible serve-stale related crash CVE-2022-3080 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178...
Unbreakable Enterprise kernel security update
4.1.12-124.67.3 - media: imon: Fix null-ptr-deref in imonprobe Arvind Yadav Orabug: 31225377 CVE-2017-16537 - fbcon: remove soft scrollback code Linus Torvalds Orabug: 31914703 CVE-2020-14390 - inet: use bigger hash table for IP ID generation Eric Dumazet Orabug: 33778986 CVE-2021-45486 - ipv4:...
squid security update
7:4.11-3.0.1...
bind security update
32:9.11.4-26.P2.10 - Fix memory leak in ECDSA verify processing CVE-2022-38177 - Fix memory leak in EdDSA verify processing CVE-2022-38178...
kubernetes security update
kubernetes 1.22.14-1 - Added Oracle specific build files for Kubernetes kubernetes 1.23.11-1 - Added Oracle specific build files for Kubernetes olcne 1.5.6-1 - Upgraded kubernetes-1.23.7 to 1.23.11, 1.22.8 to 1.22.14 and 1.21.6 to 1.21.14 - Resolve Kubernetes CVE-2022-3172 for version 1.21 -...
kubernetes security update
kubernetes 1.22.14-1 - Added Oracle specific build files for Kubernetes kubernetes 1.23.11-1 - Added Oracle specific build files for Kubernetes olcne 1.5.6-1 - Upgraded kubernetes-1.23.7 to 1.23.11, 1.22.8 to 1.22.14 and 1.21.6 to 1.21.14 - Resolve Kubernetes CVE-2022-3172 for version 1.21 -...
thunderbird security update
102.3.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.3.0-3 - Update to 102.3.0 build1...
firefox security update
102.3.0-6.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.3.0-6 - Update to 102.3.0 build1...
firefox security update
102.3.0-6.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.3.0-6 - Update to 102.3.0 build1...