8997 matches found
gzip security update
1.10-9 - fix an arbitrary-file-write vulnerability in zgrep Resolves: CVE-2022-1271...
Unbreakable Enterprise kernel-container security update
5.15.0-0.30.19 - net/mlx4: Increase numsrq in lowmemprofile Dave Kleikamp Orabug: 34052160 5.15.0-0.30.18 - Revert ocfs2: mount shared volume without ha stack Junxiao Bi Orabug: 33701900 - KVM: x86/speculation: Disable Fill buffer clear within guests Pawan Gupta Orabug: 34202258 CVE-2022-21123...
zlib security update
1.2.11-31.1 - Fix CVE-2018-25032 Resolves: CVE-2018-25032...
pcs security update
0.11.1-10.el90.1 - Updated bundled rubygems: sinatra, rack-protection - Resolves: rhbz2081333 0.11.1-10 - Fixed snmp client - Fixed translating resource roles in colocation constraint - Resolves: rhbz2048640 0.11.1-9 - Fixed cluster destroy in web ui - Fixed covscan issue in web ui - Resolves:...
firefox security update
91.9.0-1.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Removed Upstream references 91.9.0-1 - Update to 91.9.0...
java-11-openjdk security update
1:11.0.15.0.10-1 - Update to jdk-11.0.15.0+10 - Update release notes to 11.0.15.0+10 - Switch to GA mode for release - Rebase RH1996182 FIPS patch after JDK-8254410 - Resolves: rhbz2073594...
postgresql security update
13.7-1 - Resolves: CVE-2022-1552 - Update to 13.7 - Release notes: https://www.postgresql.org/docs/release/13.7/...
expat security update
2.2.5-8.0.1.2 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-8.2 - Improve fix for CVE-2022-25313 - Related: CVE-2022-25313 2.2.5-8.1 - Fix multiple CVEs - Resolves: CVE-2022-25314 - Resolves: CVE-2022-25313...
rsync security update
3.2.3-9.1 - Resolves: 2074784 - A flaw found in zlib v1.2.2.2 through zlib v1.2.11 when compressing certain inputs...
libarchive security update
3.5.3-2 - Resolves: CVE-2022-26280...
curl security update
7.76.1-14.el90.4 - fix too eager reuse of TLS and SSH connections CVE-2022-27782 7.76.1-14.el90.3 - fix leak of SRP credentials in redirects CVE-2022-27774 7.76.1-14.el90.2 - add missing tests to Makefile 7.76.1-14.el90.1 - fix credential leak on redirect CVE-2022-27774 - fix auth/cookie leak on...
java-17-openjdk security update
1:17.0.3.0.7-1 - April 2022 security update to jdk 17.0.3+7 - Update to jdk-17.0.3.0+7 tarball - Update release notes to 17.0.3.0+7 - Add missing README.md and generatesourcetarball.sh - Resolves: rhbz2073578...
firefox security update
91.10.0-1.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Removed Upstream references 91.10.0-1 - Update to 91.10.0 build1...
libinput security update
1.19.3-2 - CVE-2022-1215: fix a format string vulnerability 2076816...
thunderbird security update
91.10.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires Orabug: 33802044 91.10.0-1 - Update to 91.10.0 build1...
.NET 6.0 security, bug fix, and enhancement update
6.0.105-1.0.1 - Add missing Oracle RIDs - Build all packages on source-build even when in servicing 6.0.105-1 - Update to .NET SDK 6.0.105 and Runtime 6.0.5 - Resolves: RHBZ2082268 6.0.104-1 - Update to .NET SDK 6.0.104 and Runtime 6.0.4 - Resolves: RHBZ2080460...
thunderbird security update
91.9.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires Orabug: 33802044 91.9.1-1 - Update to 91.9.1 build1...
python-virtualenv security update
15.1.0-7 - Security fix for CVE-2019-20916 for the bundled pip wheel Resolves: rhbz1868135...
389-ds-base security, bug fix, and enhancement update
1.3.10.2-16 - Bump version to 1.3.10.2-16 - Resolves: Bug 2077395 - CVE-2022-0918 389-ds:1.4/389-ds-base: sending crafted message could result in DoS - Resolves: Bug 2014768 - Log the Auto Member invalid regex rules in the LDAP errors log - Resolves: Bug 2018153 - RFE - Provide an option to abort...
httpd:2.4 security update
httpd 2.4.37-47.0.1.2 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-47.2 - Resolves: 2097247 - CVE-2020-13950 httpd:2.4/httpd: modproxy NULL pointer dereference...
microcode_ctl security update
4:20220207-1.0.4 - ensure UEK also rebuilds initramfs Orabug: 34280058...
microcode_ctl security update
2:2.1-73.13.0.5 - ensure UEK also rebuilds initramfs Orabug: 34280052 2:2.1-73.13.0.3 - update 06-55-04 to 0x2006d05 - update 06-55-07 to 0x5003302 - update 06-6a-04 to 0xb000280 - update 06-6a-06 to 0xd000375 2:2.1-73.13.0.2 - roll back 06-6a-06 to 0xd0002a0 due to PCIe issues on reset Orabug:...
postgresql security update
9.2.24-8 - Resolves: CVE-2022-1552 - Backport upstrem fix: a117cebd638dd02e5c2e791c25e43745f233111b...
kernel security update
4.18.0-372.9.1.0.2.el8.OL8 - debug: lockdown kgdb Orabug: 34270802 CVE-2022-21499 4.18.0-372.9.1.0.1.el8.OL8 - mei: me: disable driver on the ign firmware Alexander Usyskin Orabug: 34176425...
cups security and bug fix update
1:2.2.6-45.2 - CVE-2022-26691 cups: authorization bypass when using 'local' authorization 1:2.2.6-45.1 - 2073531 - 30-second delays printing to Windows 2016 server via HTTPS...
kernel security update
3.10.0-1160.66.1.0.2.el7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499...
olcne security update
1.4.5-1 - Address qemu CVE-2022-26353, CVE-2021-3748...
olcne security update
1.4.5-1 - Address qemu CVE-2022-26353, CVE-2021-3748...
olcne security update
1.5.3-1 - Address qemu CVE-2022-26353, CVE-2021-3748...
olcne security update
1.5.3-1 - Address qemu CVE-2022-26353, CVE-2021-3748...
.NET 6.0 security and bugfix update
6.0.106-1.0.1 - Add missing Oracle RIDs 6.0.106-1 - Update to .NET SDK 6.0.106 and Runtime 6.0.6 - Resolves: RHBZ2093432 6.0.105-1 - Update to .NET SDK 6.0.105 and Runtime 6.0.5 - Resolves: RHBZ2082267...
xz security update
5.2.2-2 - Fix CVE-2022-1271 Resolves: CVE-2022-1271...
.NET Core 3.1 security and bugfix update
3.1.420-1.0.1 - Add missing Oracle Linux Runtime IDs - Update to .NET SDK 3.1.417 and Runtime 3.1.23 - Resolves: RHBZ2060566 3.1.420-1 - Update to .NET SDK 3.1.420 and Runtime 3.1.26 - Resolves: RHBZ2096319 3.1.419-1 - Update to .NET SDK 3.1.419 and Runtime 3.1.25 - Resolves: RHBZ2081443...
microcode_ctl security update
2:2.1-73.13.0.3 - update 06-55-04 to 0x2006d05 - update 06-55-07 to 0x5003302 - update 06-6a-04 to 0xb000280 - update 06-6a-06 to 0xd000375 2:2.1-73.13.0.2 - roll back 06-6a-06 to 0xd0002a0 due to PCIe issues on reset Orabug: 34076312 2:2.1-73.13.0.1 - for Intel, do not trigger load if on-disk...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.514.3.el7 - uek-rpm: Update OL7 SecureBoot certificate files Saeed Mirzamohammadi Orabug: 34219958 4.14.35-2047.514.2 - perf: Fix sysperfeventopen race against self Peter Zijlstra Orabug: 34207044 CVE-2022-1729 - debug: Lock down kgdb Stephen Brennan Orabug: 34207043 CVE-2022-21499...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.514.5.el7 - x86/speculation/mmio: Fix late microcode loading Patrick Colp Orabug: 34275786 4.14.35-2047.514.4.el7 - Add debugfs for controlling MMIO state data Kanth Ghatraju Orabug: 34202260 CVE-2022-21123 CVE-2022-21125 CVE-2022-21127 CVE-2022-21166 - KVM: x86/speculation: Disable...
Unbreakable Enterprise kernel security update
4.14.35-2047.514.5 - x86/speculation/mmio: Fix late microcode loading Patrick Colp Orabug: 34275786 4.14.35-2047.514.4 - Add debugfs for controlling MMIO state data Kanth Ghatraju Orabug: 34202260 CVE-2022-21123 CVE-2022-21127 CVE-2022-21125 CVE-2022-21166 - KVM: x86/speculation: Disable Fill...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.308.7.el7 - uek-rpm: Update OL7/8 Secureboot certificate and shim versions Sherry Yang Orabug: 34248329 5.4.17-2136.308.6 - mac80211hwsim: call ieee80211txprepareskb under RCU protection Johannes Berg - arm: remove CONFIGARCHHASHOLESMEMORYMODEL Mike Rapoport - x86/cpu: Load microcode...
Unbreakable Enterprise kernel security update
5.4.17-2136.308.9 - x86/speculation/mmio: Fix late microcode loading Patrick Colp Orabug: 34276099 5.4.17-2136.308.8 - Add debugfs for controlling MMIO state data Kanth Ghatraju Orabug: 34202259 CVE-2022-21123 CVE-2022-21127 CVE-2022-21125 CVE-2022-21166 - KVM: x86/speculation: Disable Fill buffe...
Unbreakable Enterprise kernel security update
4.14.35-2047.514.3 - uek-rpm: Update OL7 SecureBoot certificate files Saeed Mirzamohammadi Orabug: 34219958 4.14.35-2047.514.2 - perf: Fix sysperfeventopen race against self Peter Zijlstra Orabug: 34207044 CVE-2022-1729 - debug: Lock down kgdb Stephen Brennan Orabug: 34207043 CVE-2022-21499...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.308.9 - x86/speculation/mmio: Fix late microcode loading Patrick Colp Orabug: 34276099 5.4.17-2136.308.8 - Add debugfs for controlling MMIO state data Kanth Ghatraju Orabug: 34202259 CVE-2022-21123 CVE-2022-21125 CVE-2022-21127 CVE-2022-21166 - KVM: x86/speculation: Disable Fill buffe...
Unbreakable Enterprise kernel security update
5.4.17-2136.308.7 - uek-rpm: Update OL7/8 Secureboot certificate and shim versions Sherry Yang Orabug: 34248329 5.4.17-2136.308.6 - mac80211hwsim: call ieee80211txprepareskb under RCU protection Johannes Berg - arm: remove CONFIGARCHHASHOLESMEMORYMODEL Mike Rapoport - x86/cpu: Load microcode duri...
microcode_ctl security update
4:20220207-1.0.3 - update 06-55-04 to 0x2006d05 - update 06-55-07 to 0x5003302 - update 06-6a-04 to 0xb000280 - update 06-6a-06 to 0xd000375 4:20220207-1.0.2 - roll back 06-6a-06 to 0xd0002a0 due to PCIe issues on reset Orabug: 34076995 4:20220207-1.0.1 - add support for UEK6 and UEK7 kernels -...
xz security update
5.2.4-4 - Fix arbitrary file write vulnerability Resolves: CVE-2022-1271...
subversion:1.14 security update
subversion 1.14.1-2 - add fix for CVE-2022-24070...
python-twisted-web security update
12.1.0-8 - Security fix for CVE-2022-24801: Possible http request smuggling Resolves: rhbz2073114...
go-toolset:ol8addon security update
go-toolset 1.16.15-1 - Rebase to Go 1.16.15 golang 1.16.15-1.0.1 - Add patches from 1.16.12 to 1.16.15 - Add Sources for 3 binary files that changed between 1.16.12 and 1.16.15 - Rename basevrsn to baseversion - Reviewed-by: XXX XXX...
go-toolset:ol8addon security update
go-toolset 1.17.10-1 - Set version to correspond to the matching build golang version - delve can be now added to aarch64 as well, remove ifarch. golang 1.17.10-1.0.1 - Add patches between Go 1.17.7 and Go 1.17.10 - Rename baseversn to baseversion - Remove unneeded patches from previous version -...
shim security update
15.6-1.0.3 - Update shimx64.efi and shimia32.efi signed by Microsoft JIRA: OLDIS-16370 15.6-1.0.2 - Update to shim-unsigned v15.6.rc2 JIRA: OLDIS-16370 15.6-1.0.1 - Update to shim-unsigned v15.6.rc1 JIRA: OLDIS-16370 15.5-1.0.3 - Update vendor certs JIRA: OLDIS-16370 - Update oraclegrub2-sig-key...
shim-signed security update
15.6-1.0.7 - Update shimx64.efi and shimia32.efi signed by Microsoft JIRA: OLDIS-16370 15.6-1.0.5 - Update to shim-unsigned v15.6.rc2 JIRA: OLDIS-16370 15.6-1.0.3 - Add all algorithms using OPENSSLaddallalgorithms JIRA: OLDIS-16370 15.6-1.0.1 - Update to 15.6.rc1 JIRA: OLDIS-16370 - update...