9177 matches found
aspell security update
12:0.60.6.1-22 - resolves: 1988497 fix CVE-2019-25051...
compat-exiv2-026 security update
0.26-7 - Fix stack exhaustion issue in the printIFDStructure function Resolves: bz2003669...
qt5-qtsvg security update
5.15.2-4 - Fix out-of-bound write that may lead to DoS Resolves: bz2038487...
libsndfile security update
1.0.28-12 - fix heap buffer overflow in flac 2030507 1.0.28-11 - a crafted wav file could cause heap buffer overflow that allowed an arbitrary code execution1985028...
pki-core:10.6 security and bug fix update
jss 4.9.3-1 - Rebase to JSS 4.9.3 - Bug 2046022 - CVE-2021-4213 pki-core:10.6/jss: memory leak in TLS connection leads to OOM rhel-8 4.9.2-1 - Rebase to JSS 4.9.2 ldapjdk 4.23.0-1 - Rebase to LDAP SDK 4.23.0 4.23.0-0.1 - Rebase to LDAP SDK 4.23.0-alpha1 pki-core 10.12.0-2.0.1 - Remove upstream...
gfbgraph security update
0.2.4-1 - Update to 0.2.4 Resolves: 1997941...
php:7.4 security update
libzip 1.6.1-1 - update to 1.6.1 - enable lzma support php-pear 1:1.10.12-1 - update PEAR to 1.10.12 - update ArchiveTar to 1.4.9 - update ConsoleGetopt to 1.4.3 - update XMLUtil to 1.4.5 php-pecl-apcu 5.1.18-1 - update to 5.1.18 php-pecl-rrd php-pecl-xdebug 2.9.5-1 - update to 2.9.5 php-pecl-zip...
libpq security update
13.5-1 - Rebase to 13.5 Resolves: 2023294...
maven:3.6 security and enhancement update
httpcomponents-client 4.5.10-4 - Fix incorrect handling of malformed authority component in request URIs - Resolves: CVE-2020-13956 maven 1:3.6.2-7 - Add maven-openjdk17 - Resolves: rhbz1991521...
squid:4 security and bug fix update
libecap squid 7:4.15-3 - Resolves: 1941506 - CVE-2021-28116 squid:4/squid: out-of-bounds read in WCCP protocol data may lead to information disclosure 7:4.15-2 - Resolves: 2006121 - SQUID shortens FTP Link wrong that contains a semi-colon and as a result is not able to download zip file.CODE 404 ...
samba security, bug fix, and enhancement update
4.15.5-5 - resolves: rhbz2064325 - Fix 'create krb5 conf = yes' when a KDC has a single IP address. 4.15.5-4 - resolves: rhbz2057503 - Fix winbind kerberos ticket refresh 4.15.5-3 - related: rhbz1979959 - Fix typo in testparm output 4.15.5-2 - resolves: rhbz1979959 - Improve idmap autorid sanity...
flatpak security and bug fix update
1.8.7-1 - Rebase to 1.8.7 2041972 1.8.6-1 - Rebase to 1.8.6 2010533 1.8.5-6 - Fix CVE-2021-41133 2012869...
libtiff security update
4.0.9-21 - Fix CVE-2020-19131 2006535...
grafana security, bug fix, and enhancement update
7.5.11-2 - resolve CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache - resolve CVE-2021-43813 grafana: directory traversal vulnerability for .md files 7.5.11-1 - update to 7.5.11 tagged upstream community sources, see CHANGELOG - resolve CVE-2021-39226 7.5.10-1 - upda...
kernel security, bug fix, and enhancement update
4.18.0-372.9.1.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
go-toolset:ol8 security and bug fix update
delve 1.7.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.7.2-1 - Rebase to 1.7.2 - Related: rhbz2014088 golang 1.17.7-1 - Rebase to Go 1.17.7 - Remove fips memory leak patch fixed in tree - Resolves: rhbz2015930 go-toolset 1.17.7-1 - Rebase to Go 1.17.7 - Remove fips memory...
container-tools:ol8 security, bug fix, and enhancement update
buildah 1:1.24.2-4 - update to the latest content of https://github.com/containers/buildah/tree/release-1.24 https://github.com/containers/buildah/commit/7b559a3 - Related: 2059296 1:1.24.2-3 - switch to RHEL maintenance branch which fixes CVE-2022-27651 - Resolves: 2067559 1:1.24.2-2 - Add patch...
openssh security, bug fix, and enhancement update
8.0p1-13 - Upstream: ClientAliveCountMax=0 disable the connection killing behaviour 2015828 8.0p1-12 - Add support for 'Include' directive in sshdconfig file 1926103 8.0p1-11 - CVE-2021-41617 upstream fix 2008885...
cpio security update
2.12-11 - Fixed CVE-2021-38185 1992511...
rust-toolset:ol8 security, bug fix, and enhancement update
rust 1.58.1-1 - Update to 1.58.1. 1.58.0-1 - Update to 1.58.0. 1.57.0-1 - Update to 1.57.0. 1.56.1-2 - Add rust-std-static-wasm32-wasi Resolves: rhbz1980080 1.56.0-1 - Update to 1.56.1. 1.55.0-1 - Update to 1.55.0. - Backport support for LLVM 13. 1.54.0-2 - Make std-static-wasm arch-specific to...
python27:2.7 security update
babel 9.0.3-19 - Remove bundled windows executables - Resolves: rhbz2006792 python2 2.7.18-10.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 2.7.18-10 - Security fix for CVE-2022-0391: urlparse does not sanitize URLs containing ASCII newline and tabs Resolves: rhbz2047376...
zsh security update
5.5.1-9 - do not perform PROMPTSUBST evaluation on file.file/%K arguments CVE-2021-45444 5.5.1-8 - improve printing of error messages introduced by the fix of CVE-2019-20044 5.5.1-7 - drop privileges securely when unsetting PRIVILEGED option CVE-2019-20044...
python38:3.8 and python38-devel:3.8 security update
numpy 1.17.3-6 - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz1933055 python38 3.8.12-1 - Update to 3.8.12 Resolves: rhbz2004587 3.8.11-1 - Update to 3.8.11 - Fix for CVE-2021-3733 and CVE-2021-3737 Resolves: rhbz1995234, rhbz1995162 python3x-pip 19.3.1-5 - Remove...
dovecot security update
1:2.3.16-2 - do not disable xz/lzma for now despite being deprecated 1:2.3.16-1 - dovecot updated to 2.3.16, pigeonhole to 0.5.16 - fix CVE-2021-33515 plaintext commands injection 1980014...
podman security update
1.6.4-32.0.1 - Reduce unnecessary writable mounts in NaiveDiffDriver Orabug: 31025483 - handle redirect from the docker registry v2 Orabug: 29874238 [email protected] - remove changes in NaiveDiffDriver 1.6.4-32 - update to the latest content of...
zlib security update
1.2.7-20 - Resolves: CVE-2018-25032...
gzip security update
1.5-11 - fix an arbitrary-file-write vulnerability in zgrep Resolves: CVE-2022-1271...
Unbreakable Enterprise kernel security update
4.14.35-2047.513.2 - Revert 'rds/ib: recover rds connection from stuck tx path' Nagappan Ramasamy Palaniappan Orabug: 34124234 4.14.35-2047.513.1 - mm/page-writeback: Fix performance when BDI's share of ratio is 0. Chi Wu Orabug: 34050050 - esp: Fix possible buffer overflow in ESP transformation...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.307.3.1 - Revert 'rds/ib: recover rds connection from stuck tx path' Nagappan Ramasamy Palaniappan Orabug: 34124233 5.4.17-2136.307.3 - kvm: debugfs: fix memory leak in kvmcreatevmdebugfs Pavel Skripkin Orabug: 33099019 - KVM: debugfs: Reuse binary stats descriptors Jing Zhang Orabug:...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.513.2.el7 - Revert 'rds/ib: recover rds connection from stuck tx path' Nagappan Ramasamy Palaniappan Orabug: 34124234 4.14.35-2047.513.1.el7 - mm/page-writeback: Fix performance when BDI's share of ratio is 0. Chi Wu Orabug: 34050050 - esp: Fix possible buffer overflow in ESP...
Unbreakable Enterprise kernel security update
...
virt:kvm_utils security update
qemu-kvm 4.2.1.16.el8 - Document CVE-2021-4145 as fixed Mark Kanda Orabug: 33791496 CVE-2021-4145 - migration: Tally pre-copy, downtime and post-copy bytes independently David Edmondson - migration: Introduce ramtransferredadd David Edmondson - ACPI ERST: specification for ERST support Eric...
olcne istio istio security update
olcne 1.4.3-1 - Update Istio to 1.13.2 istio 1.12.6-1 - Addresses CVE-2022-24726, CVE-2022-24921 istio 1.13.2-1 - Added Oracle specific files for 1.13.2-1...
olcne istio istio security update
olcne 1.3.5-1 - Update Istio to 1.12.6prometheus-2.30.1, grafana-7.5.15 istio 1.12.6-1 - Addresses CVE-2022-24726, CVE-2022-24921 istio 1.11.4-1 - Added Oracle specific files for 1.11.4-1...
expat security update
2.0.1-13.0.1 - Prevent integer overflow in storeRawNames CVE-2022-25315Orabug: 34059442 - Add missing validation of encoding CVE-2022-25235Orabug: 34059442 - Protect against malicious namespace declarations CVE-2022-25236Orabug: 34059442...
thunderbird security update
91.9.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 91.9.0-3 - Update to 91.9.0 build3 91.9.0-2 - Update to 91.9.0 build2 91.9.0-1 - Update to 91.9.0...
thunderbird security update
91.9.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.9.0-3 - Update to 91.9.0 build3 91.9.0-2 - Update to 91.9.0 build2 91.9.0-1 - Update to 91.9.0...
firefox security update
91.9.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.9.0-1 - Update to 91.9.0...
firefox security update
91.9.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build 91.9.0-1 - Update to 91.9.0...
Unbreakable Enterprise kernel security update
4.1.12-124.62.3 - fget: check that the fd still exists after getting a ref to it Linus Torvalds Orabug: 33679806 CVE-2021-0920 - fs: add fgetmany and fputmany Jens Axboe Orabug: 33679806 - afunix: fix garbage collect vs MSGPEEK Miklos Szeredi Orabug: 33679806 CVE-2021-0920 - net: split out...
mariadb:10.5 security, bug fix, and enhancement update
galera 26.4.9-4 - Use downstream garbd-wrapper and garbd.service to ensure compatibility - Add upstream versions of garbd-wrapper called garbd-systemd and garbd.service in case user want's to use them 26.4.9-3 - Explicitly require the 'procps-ng' package - Otherwise it will not require it in the...
xmlrpc-c security update
1.51.0-5.1 - Add missing validation of encoding CVE-2022-25235 2058114...
vim security update
8.0.1763-16.0.1 - - Remove upstream references Orabug: 31197557 2:8.0.1763-16.13 - CVE-2022-1154 vim: use after free in utfptr2char...
qemu security update
15:4.2.1-16.el7 - Document CVE-2021-4145 as fixed Mark Kanda Orabug: 33791496 CVE-2021-4145 - migration: Tally pre-copy, downtime and post-copy bytes independently David Edmondson - migration: Introduce ramtransferredadd David Edmondson - ACPI ERST: specification for ERST support Eric DeVolder -...
maven-shared-utils security update
0.4-4 - Fix commandline injection vulnerability - Resolves: rhbz2068651...
container-tools:2.0 security update
buildah 1.11.6-10.0.1 - Handling redirect from the docker registry Orabug: 29874238 Nikita Gerasimov - Reduce unnecessary writable mounts in NaiveDiffDriver Orabug: 31025483 1.11.6-10 - update to the latest content of https://github.com/containers/buildah/tree/release-1.11-rhel...
container-tools:3.0 security and bug fix update
buildah 1.19.9-2 - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 https://github.com/containers/buildah/commit/7c6701d - fixes CVE-2022-27651 - Resolves: 2067539 podman 3.0.1-8 - update to the latest content of...
zlib security update
1.2.11-18 - Resolves: CVE-2018-25032 1.2.11-17 - Fixed DFLTCC compression level switching issues 1875492 - Enabled HW compression for compression levels 1 through 6 1847438 - Fixed inflateSyncPoint bad return value on z15 1888930...
mariadb:10.3 security and bug fix update
galera 25.3.34-4 - Explicitly require the 'procps-ng' package - Otherwise it will not require it in the lightweight systems e.g. containers - and Galera won't work properly 25.3.34-3 - Use downstream garbd-wrapper and garbd.service to ensure compatibility - Add upstream versions of garbd-wrapper...
kernel security and bug fix update
4.18.0-348.23.15.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...