9158 matches found
sudo security update
1.9.15-10.p5 - Resolves: RHEL-164619 - CVE-2026-35535 sudo: Sudo: Privilege escalation due to failure in privilege drop calls...
tigervnc security update
1.15.0-6.1 - Fix CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002, CVE-2026-34003 xorg-x11-server: various XKB and XSYNC vulnerabilities Resolves: RHEL-163212 Resolves: RHEL-163280 Resolves: RHEL-163266 - Fix CVE-2026-34352 Resolves: RHEL-167769...
webkit2gtk3 security update
2.52.3-1 - Update to 2.52.3...
python3.9 security update
3.9.25-3.0.1.el97.3 - Remove upstream URL reference 3.9.25-3.3 - Security fixes for CVE-2026-4786 and CVE-2026-6100 Resolves: RHEL-168157, RHEL-167915 3.9.25-3.2 - Security fix for CVE-2026-4519 Resolves: RHEL-158052 3.9.25-3.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 an...
python3.12 security update
3.12.12-4.0.1.el97.3 - Remove upstream URL reference 3.12.12-4.3 - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-168156, RHEL-167914 3.12.12-4.2 - Security fix for CVE-2026-4519 Resolves: RHEL-158051 3.12.12-4.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 a...
gdk-pixbuf2 security update
2.42.12-5 - jpeg: Reject unsupported number of components...
python3.12 security update
3.12.12-3.0.1.el101.3 - Remove upstream URL reference 3.12.12-3.3 - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-167885, RHEL-168119 3.12.12-3.2 - Security fix for CVE-2026-4519 Resolves: RHEL-158127 3.12.12-3.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367...
python3.12-wheel security update
0.41.2-3.1 - Security fix for CVE-2026-24049 Resolves: RHEL-143652...
java-1.8.0-openjdk security update
1:1.8.0.492.b09-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.492.b09-1 - Update to 8u492-b09 GA - Update release notes for 8u492-b09. - Add missing CVEs for 8u482. - Regenerate JDK-8199936/PR3533 patch following JDK-8374917 - Regenerate JDK-8186464/RH1433262 patch following...
pcs security update
0.11.10-1.el97.3 - Fixed CVE-2026-4800 by updating pcs-web-ui to 0.1.23.2 Resolves: RHEL-164191...
golang security update
1.25.9-3 - Do not ignore any tests in check 1.25.9-2 - Skip terminal test in container 1.25.9-1 - Update to Go 1.25.9 fips-2...
golang security update
1.25.9-1 - Update to Go 1.25.9 fips-2 - Resolves: RHEL-169931...
grafana security update
10.2.6-20 - Resolves RHEL-161802: CVE-2026-27877...
buildah security update
1.41.8-3.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.41.8-3 - rebuild for CVE-2026-34986 - Resolves: RHEL-165027...
libpng12 security update
1.2.50-10.0.1 - Fix CVE-2026-25646: heap buffer overflow in pngsetquantize Orabug: 39183864...
java-17-openjdk security update
1:17.0.19.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.19.0.10-1 - Update to jdk-17.0.19+10 GA - Add to .gitignore openjdk-17.0.19+10.tar.xz - Set updatever to 19 - Set buildver to 10 - Set rpmrelease to 1 - Update sources to openjdk-17.0.19+10.tar.xz - This tarball is embargoed...
qemu-kvm security update
7.2.0-37.el9 - hashing: use mmap/munmap for isal functions Elena Ufimtseva Orabug: 39165991 - multifd: replace allocations/free with mmap/munmap Elena Ufimtseva Orabug: 39165991 - pagecache: use mmap based data pool for cache items Elena Ufimtseva Orabug: 39165991 - pagecache: change cache...
virt:kvm_utils3 bug fix update
hivex 1.3.18-23 - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976194 1.3.18-22.el8 - Resolves: bz2000225 Rebase virt:rhel module:stream based on AV-8.6 1.3.18-21 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 1.3.18 - Resolves: bz1810193 Upgrade...
oci-utils security update
-- 0.14.0-19 - Fix secondary vnic default metric to be a lower priority value Orabug: 38154477...
grafana security update
10.2.6-24 - Resolves RHEL-161790: CVE-2026-27877...
java-25-openjdk security update
1:25.0.3.0.9-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:25.0.3.0.9-1 - Update to jdk-25.0.3+9 GA - Update release notes to 25.0.3+9 - Update FIPS patch to 57722aab802 version synced with 25.0.3+8 - Drop local libpng patches now JDK-8372534, JDK-8375063 & JDK-8377526 are included upstrea...
wireshark security update
4.4.2-4.0.1.el101.4 - Fix post script to not fail during initial installation Orabug: 37565359 1:4.4.2-4.4 - Resolves: RHEL-152921 - CVE-2026-3203 Buffer Over-read 1:4.4.2-4.3 - Resolves: RHEL-152912 - CVE-2026-3201 Improperly Controlled Sequential Memory Allocation 1:4.4.2-4.2 - Resolves:...
thunderbird security update
140.9.1-1.0.1 - Add Oracle prefs 140.9.1-1 - Update to 140.9.1 ESR...
kernel security update
6.12.0-124.52.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
webkit2gtk3 security update
2.52.3-0.1 - Update to 2.52.1...
bind security update
9.18.33-10.0.2.el101.3 - Hard require needed openssl-libs Orabug: 38742109 - Fix warning when changing device file permissions Orabug: 36518580 32:9.18.33-10.3 - Prevent Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 32:9.18.33-10.2 - Fix upstream reported regressio...
osbuild-composer security update
101.4-5.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size to 1GB Orabug: 36827079 - support for building OL8/9 images on Oracle Linu...
kernel security update
4.18.0-553.120.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
thunderbird security update
140.9.1-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.9.1 - Add OpenELA debranding 140.9.1-1 - Update to 140.9.1 ESR...
osbuild-composer security update
149-5.0.1 - Add missing dependency over dracut-config-rescue for image-installer ORABUG: 38587453 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming...
openexr security update
3.1.1-3.1 - fix CVE-2026-27622...
giflib security update
5.2.1-9.1 - fix CVE-2026-23868: double free in GifMakeSavedImage RHEL-154863...
giflib security update
5.1.4-4 - fix CVE-2026-23868: double free in GifMakeSavedImage RHEL-154853...
OpenEXR security update
2.2.0-12.1 - fix CVE-2026-27622...
ImageMagick security update
6.9.10.68-7.0.9 - Fix CVE-2026-28691 and CVE-2026-28693 Orabug: 39174244 6.9.10.68-7.0.7 - Fixes Local File Disclosure via Path Traversal CVE-2026-25965 Orabug: 39118995 - Fixes Memory allocation with excessive without limits in the internal SVG decoder CVE-2026-25985 6.9.10.68-7.0.5 - Fix...
.NET 8.0 security update
8.0.126-1.0.1 - Add support for Oracle Linux 8.0.126-1 - Update to .NET SDK 8.0.126 and Runtime 8.0.26 - Resolves: RHEL-163413...
freerdp security update
2:2.11.7-7 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162949, RHEL-162965...
.NET 8.0 security update
8.0.126-1.0.1 - Add support for Oracle Linux 8.0.126-1 - Update to .NET SDK 8.0.126 and Runtime 8.0.26 - Resolves: RHEL-163416...
delve security update
1.25.2-3.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-3 - Rebuild with latest Go...
kernel security update
5.14.0-611.49.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
giflib security update
5.2.1-22.1 - fix CVE-2026-23868: double free in GifMakeSavedImage RHEL-154849...
go-rpm-macros security update
3.6.0-8 - Rebuild with latest Go...
go-rpm-macros security update
3.6.0-14 - Rebuild with latest Go - Resolves: RHEL-158726...
nodejs:20 security update
nodejs 1:20.20.2-1 - Update to version 20.20.2 - Patch nghttp2 to version 1.68.1 and disable tests which would fail due to this change. Resolves: RHEL-154018 Fixes: CVE-2026-27135 CVE-2026-27904 CVE-2026-26996 CVE-2026-25547 CVE-2026-21710 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves:...
389-ds-base security update
1.3.11.1-5.0.7 - Security fix for CVE-2025-14905 Orabug: 39146844 1.3.11.1-5.0.5 - Allow Uniqueness plugin to search uniqueness attributes using custom matching rules Orabug: 38388205...
libarchive security update
3.5.3-9 - Resolves: CVE-2026-4424 - Resolves: CVE-2026-5121 3.5.3-8 - Release bump...
libarchive security update
3.3.3-7 - Resolves: CVE-2026-4424 - Resolves: CVE-2026-5121...
libarchive security update
3.7.7-8 - Resolves: CVE-2026-4424 3.7.7-7 - Release bump for typo in dist 3.7.7-6 - Release bump...
.NET 9.0 security update
9.0.116-1.0.1 - Add support for Oracle Linux 9.0.116-1 - Update to .NET SDK 9.0.116 and Runtime 9.0.15 - Resolves: RHEL-163389...
freerdp security update
2:2.11.7-1.6 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162958, RHEL-162978...