9180 matches found
qemu-kvm security and bug fix update
6.2.0-11.el90.3 - kvm-RHEL-disable-seqpacket-for-vhost-vsock-device-in-rhe.patch bz2071102 - kvm-virtio-net-fix-map-leaking-on-error-during-receive.patch bz2075635 - kvm-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch bz2075640 - Resolves: bz2071102 RHEL 9.0 guest with vsock device...
grub2, mokutil, shim, and shim-unsigned-x64 security update
2.02-123.0.4.el86.8 - enable multiboot2 Orabug: 34285558 - backport arm64: Fix EFI loader kernel image allocation Orabug: 33702462 - backport Arm: check for the PE magic for the compiled arch Orabug: 33702462 - Backport some better script logic for BTRFS support Orabug: 32448171 - Do not add shim...
firefox security update
91.11.0-2.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Removed Upstream references 91.11.0-2 - Update to 91.11.0 build2...
thunderbird security update
91.11.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires Orabug: 33802044 91.11.0-2 - Update to 91.11.0 build2 91.11.0-1 - Update to 91.11.0 build1...
kernel security and bug fix update
4.18.0-372.13.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
python security update
2.7.5-92.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-92 - Security fix for CVE-2021-3177 Resolves: rhbz1918168 2.7.5-91 - Security fixes for CVE-2020-26116, CVE-2020-26137 and CVE-2022-0391 - Test fixes for the latest expat security release - Update the certificates...
libinput security update
1.16.3-3 - Fix a format string vulnerability in the device name logging 2076815 CVE-2022-1215...
libgcrypt security update
1.8.5-7 - Fix CVE-2021-33560 2018525...
ruby:2.6 security, bug fix, and enhancement update
ruby 2.6.10-109 - Upgrade to Ruby 2.6.10. Resolves: rhbz2088415 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739 - Fix FTBFS due to an incompatible load directive. - Fix a fiddle import test on an optimized glibc on Power 9...
compat-openssl10 security update
1:1.0.2o-4 - Fix CVE-2022-0778: Infinite loop in BNmodsqrt reachable when parsing certificates Resolves: rhbz2077417...
firefox security update
91.11.0-2.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.11.0-2 - Update to 91.11.0 build2 91.11.0-1 - Update to 91.11.0 build1...
firefox security update
91.11.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build 91.11.0-2 - Update to 91.11.0 build2 91.11.0-1 - Update to 91.11.0 build1...
thunderbird security update
91.11.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.11.0-2 - Update to 91.11.0 build2 91.11.0-1 - Update to 91.11.0 build1...
thunderbird security update
91.11.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 91.11.0-2 - Update to 91.11.0 build2 91.11.0-1 - Update to 91.11.0 build1...
cups security update
1:2.3.3op2-13.1 - CVE-2022-26691 cups: authorization bypass when using 'local' authorization...
vim security update
2:8.0.1763-19.0.1.2 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-19.2 - CVE-2022-1621 vim: heap buffer overflow - CVE-2022-1629 vim: buffer over-read 2:8.0.1763-19.1 - CVE-2022-1154 vim: use after free...
libxml2 security update
2.9.7-13.1 - Fix CVE-2022-29824 2082297...
go-toolset:ol8 security and bug fix update
delve 1.7.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.7.2-1 - Rebase to 1.7.2 - Related: rhbz2014088 golang 1.17.10-1 - Rebase to Go 1.17.10 - Resolves: rhbz2091077 go-toolset 1.17.10-1 - Rebase to Go 1.17.10 - Resolves: rhbz2091077...
java-1.8.0-openjdk security update
1:1.8.0.332.b09-1 - Update to shenandoah-jdk8u332-b09 GA - Update release notes for 8u332-b09. - Resolves: rhbz2074649...
pcre2 security update
10.37-5 - Explicitly require uft subpackages in tools subpackage 10.37-4 - Resolves: CVE-2022-1586 CVE-2022-1587...
java-11-openjdk security update
1:11.0.15.0.10-1 - Update to jdk-11.0.15.0+10 - Update release notes to 11.0.15.0+10 - Switch to GA mode for release - Rebase RH1996182 FIPS patch after JDK-8254410 - Resolves: rhbz2073594...
thunderbird security update
91.10.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires Orabug: 33802044 91.10.0-1 - Update to 91.10.0 build1...
firefox security update
91.9.1-1.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Removed Upstream references 91.9.1-1 - Update to 91.9.1 build1...
thunderbird security update
91.9.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires Orabug: 33802044 91.9.0-3 - Update to 91.9.0 build3 91.9.0-2 - Update to 91.9.0 build2 91.9.0-1 - Update to 91.9.0...
compat-openssl11 security and bug fix update
1:1.1.1k-4.0.1 - Backport upstream PRs 18446 and 18481 which update certificates used for the self-tests Orabug: 34326055 1:1.1.1k-4 - Fixes CVE-2022-0778 openssl: Infinite loop in BNmodsqrt reachable when parsing certificates Resolves: rhbz2063147 - Disable FIPS mode; it does not work and will n...
.NET 6.0 security and bugfix update
6.0.106-1.0.1 - Add missing Oracle RIDs - Build all packages on source-build even when in servicing 6.0.106-1 - Update to .NET SDK 6.0.106 and Runtime 6.0.6 - Resolves: RHBZ2093433...
thunderbird security update
91.9.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires Orabug: 33802044 91.9.1-1 - Update to 91.9.1 build1...
rsyslog security update
8.2102.0-101.1 - Address CVE-2022-24903, Heap-based overflow in TCP syslog server resolves: rhbz2081402...
libarchive security update
3.5.3-2 - Resolves: CVE-2022-26280...
pcs security update
0.11.1-10.el90.1 - Updated bundled rubygems: sinatra, rack-protection - Resolves: rhbz2081333 0.11.1-10 - Fixed snmp client - Fixed translating resource roles in colocation constraint - Resolves: rhbz2048640 0.11.1-9 - Fixed cluster destroy in web ui - Fixed covscan issue in web ui - Resolves:...
firefox security update
91.10.0-1.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Removed Upstream references 91.10.0-1 - Update to 91.10.0 build1...
firefox security update
91.9.0-1.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Removed Upstream references 91.9.0-1 - Update to 91.9.0...
.NET 6.0 security, bug fix, and enhancement update
6.0.105-1.0.1 - Add missing Oracle RIDs - Build all packages on source-build even when in servicing 6.0.105-1 - Update to .NET SDK 6.0.105 and Runtime 6.0.5 - Resolves: RHBZ2082268 6.0.104-1 - Update to .NET SDK 6.0.104 and Runtime 6.0.4 - Resolves: RHBZ2080460...
java-17-openjdk security update
1:17.0.3.0.7-1 - April 2022 security update to jdk 17.0.3+7 - Update to jdk-17.0.3.0+7 tarball - Update release notes to 17.0.3.0+7 - Add missing README.md and generatesourcetarball.sh - Resolves: rhbz2073578...
libinput security update
1.19.3-2 - CVE-2022-1215: fix a format string vulnerability 2076816...
postgresql security update
13.7-1 - Resolves: CVE-2022-1552 - Update to 13.7 - Release notes: https://www.postgresql.org/docs/release/13.7/...
xz security update
5.2.5-8 - Fix arbitrary file write vulnerability Resolves: CVE-2022-1271...
curl security update
7.76.1-14.el90.4 - fix too eager reuse of TLS and SSH connections CVE-2022-27782 7.76.1-14.el90.3 - fix leak of SRP credentials in redirects CVE-2022-27774 7.76.1-14.el90.2 - add missing tests to Makefile 7.76.1-14.el90.1 - fix credential leak on redirect CVE-2022-27774 - fix auth/cookie leak on...
libxml2 security update
2.9.13-1.1 - Fix CVE-2022-29824 2082299...
subversion security update
1.14.1-5 - Fix for CVE-2022-24070 2076565...
vim security update
8.2.2637-16.0.1 - - Remove upstream references Orabug: 31197557 2:8.2.2637-16.2 - CVE-2022-1621 vim: heap buffer overflow - CVE-2022-1629 vim: buffer over-read 2:8.2.2637-16.1 - CVE-2022-0554 vim: Use of Out-of-range Pointer Offset in vim prior - CVE-2022-0943 vim: Heap-based Buffer Overflow occu...
zlib security update
1.2.11-31.1 - Fix CVE-2018-25032 Resolves: CVE-2018-25032...
Unbreakable Enterprise kernel-container security update
5.15.0-0.30.19 - net/mlx4: Increase numsrq in lowmemprofile Dave Kleikamp Orabug: 34052160 5.15.0-0.30.18 - Revert ocfs2: mount shared volume without ha stack Junxiao Bi Orabug: 33701900 - KVM: x86/speculation: Disable Fill buffer clear within guests Pawan Gupta Orabug: 34202258 CVE-2022-21123...
expat security update
2.2.5-8.0.1.2 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-8.2 - Improve fix for CVE-2022-25313 - Related: CVE-2022-25313 2.2.5-8.1 - Fix multiple CVEs - Resolves: CVE-2022-25314 - Resolves: CVE-2022-25313...
rsync security update
3.2.3-9.1 - Resolves: 2074784 - A flaw found in zlib v1.2.2.2 through zlib v1.2.11 when compressing certain inputs...
kernel security and bug fix update
5.14.0-70.17.1.0.10.OL9 - lockdown: also lock down previous kgdb use Daniel Thompson Orabug: 34290418 CVE-2022-21499 5.14.0-70.17.10.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted...
Unbreakable Enterprise kernel security update
5.15.0-0.30.19 - net/mlx4: Increase numsrq in lowmemprofile Dave Kleikamp Orabug: 34052160 5.15.0-0.30.18 - Revert ocfs2: mount shared volume without ha stack Junxiao Bi Orabug: 33701900 - KVM: x86/speculation: Disable Fill buffer clear within guests Pawan Gupta Orabug: 34202258 CVE-2022-21123...
curl security update
7.61.1-22.el86.3 - fix too eager reuse of TLS and SSH connections CVE-2022-27782 7.61.1-22.el86.2 - fix invalid type in printf argument detected by Coverity 7.61.1-22.el86.1 - fix credential leak on redirect CVE-2022-27774 - fix auth/cookie leak on redirect CVE-2022-27776 - fix OAUTH2 bearer bypa...
expat security update
2.2.10-12.2 - Improve fix for CVE-2022-25313 - Related: CVE-2022-25313 2.2.10-12.1 - Fix multiple CVEs - Resolves: CVE-2022-25314 - Resolves: CVE-2022-25313...
gzip security update
1.10-9 - fix an arbitrary-file-write vulnerability in zgrep Resolves: CVE-2022-1271...