Lucene search
K
OraclelinuxRecent

9177 matches found

Oracle linux
Oracle linux
•added 2022/03/17 12:0 a.m.•140 views

gnutls security update

3.6.16-4.0.1fips - Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length as defined in FIPS 186-4 section B.3.2 Orabug: 33200526 - Allow bigger known RSA modulus sizes when calling rsageneratefips1864keypair directly Orabug: 33200526 - Change Epoch from 1 to 10...

9.8CVSS2.5AI score0.03751EPSS
Exploits1
Oracle linux
Oracle linux
•added 2022/03/16 12:0 a.m.•50 views

libarchive security update

3.3.3-3 - Do not follow symlinks when processing the fixup list CVE-2021-31566 3.3.3-2 - Fix handling of symbolic link ACLs CVE-2021-23177...

7.8CVSS0.7AI score0.00367EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/03/16 12:0 a.m.•115 views

glibc security update

2.28-164.0.5.3 - Merge external errata patches. - Siddhesh Poyarekar - 2.28-164.3 - CVE-2021-3999: getcwd: align stack on clone in aarch64 and fix a memory leak 2032280 - Siddhesh Poyarekar - 2.28-164.2 - CVE-2022-23218, CVE-2022-23219: Fix buffer overflows in sunrpc clntcreate for 'unix' and...

9.8CVSS2.9AI score0.04729EPSS
Exploits3
Oracle linux
Oracle linux
•added 2022/03/16 12:0 a.m.•38 views

389-ds:1.4 security and bug fix update

1.4.3.23-14 - Bump version to 1.4.3.23-14 - Resolves: Bug 2059893 - Paged search lookthroughlimit counter doesnt take read ahead into account - Resolves: Bug 2060106 - Based on 1944494 RFC 4530 entryUUID attribute - plugin entryuuid failing - Resolves: Bug 2060110 - double-free of the virtual...

7.5CVSS2.8AI score0.01983EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/03/16 12:0 a.m.•189 views

httpd:2.4 security update

httpd 2.4.37-43.0.2.2 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-43.2 - Resolves: 2059256 - CVE-2021-34798 httpd:2.4/httpd: NULL pointer dereference via malformed requests - Resolves: 2059257 - CVE-2021-39275...

9.8CVSS0.9AI score0.64509EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/03/16 12:0 a.m.•92 views

expat security update

2.2.5-4.3 - Improve fix for CVE-2022-25236 - Related: CVE-2022-25236 2.2.5-4.2 - Fix multiple CVEs - Resolves: CVE-2022-25236 - Resolves: CVE-2022-25235 - Resolves: CVE-2022-25315 2.2.5-4.1 - Fix multiple CVEs - CVE-2022-23852 expat: integer overflow in function XMLGetBuffer - CVE-2021-45960 expa...

9.8CVSS2.5AI score0.34174EPSS
Exploits3
Oracle linux
Oracle linux
•added 2022/03/16 12:0 a.m.•59 views

vim security update

8.0.1763-16.0.1 - - Remove upstream references Orabug: 31197557 2:8.0.1763-16.12 - CVE-2022-0361 vim: Heap-based Buffer Overflow in GitHub repository 2:8.0.1763-16.11 - CVE-2022-0413 vim: use after free in src/excmds.c - Fix specfile problems - Resolves: rhbz2048525 2:8.0.1763-16.10 - CVE-2022-04...

9.8CVSS2.9AI score0.02086EPSS
Exploits6
Oracle linux
Oracle linux
•added 2022/03/16 12:0 a.m.•391 views

expat security update

2.1.0-12.0.1 - lib: Prevent integer overflow on groupSize CVE-2021-46143Orabug: 33910302 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910302...

8.1CVSS3.2AI score0.03992EPSS
Exploits1
Oracle linux
Oracle linux
•added 2022/03/16 12:0 a.m.•85 views

libxml2 security update

2.9.7-12 - Fix CVE-2022-23308 2057663 2.9.7-11 - Fix CVE-2021-3541 1958783 2.9.7-10 - Fix CVE-2021-3516 1956976 - Fix CVE-2021-3517 1957001 - Fix CVE-2021-3518 1957028 - Fix CVE-2021-3537 1957284...

8.8CVSS1.1AI score0.0828EPSS
Exploits1
Oracle linux
Oracle linux
•added 2022/03/14 12:0 a.m.•55 views

thunderbird security update

91.7.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 91.7.0-2 - Update to 91.7.0 build2 91.7.0-1 - Update to 91.7.0 build1...

9.8CVSS1.7AI score0.34174EPSS
Exploits7
Oracle linux
Oracle linux
•added 2022/03/14 12:0 a.m.•54 views

thunderbird security update

91.7.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.7.0-2 - Update to 91.7.0 build2 91.7.0-1 - Update to 91.7.0 build1...

9.8CVSS1.7AI score0.34174EPSS
Exploits7
Oracle linux
Oracle linux
•added 2022/03/11 12:0 a.m.•38 views

.NET Core 3.1 security and bugfix update

3.1.417-1.0.1 - Add missing Oracle Linux Runtime IDs 3.1.417-1 - Update to .NET SDK 3.1.417 and Runtime 3.1.23 - Resolves: RHBZ2060567...

7.5CVSS1.5AI score0.03228EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/03/11 12:0 a.m.•40 views

.NET 6.0 security and bugfix update

6.0.103-4.0.1 - Add missing Oracle RIDs 6.0.103-4 - Rebuild against .NET 6.0.102 to pick up the correct fixes - Resolves: RHBZ2059640 6.0.103-3 - Update to new source release for SDK 6.0.103 and Runtime 6.0.3 - Resolves: RHBZ2059640 6.0.103-2 - Switch to new source release for SDK 6.0.103 and...

7.5CVSS1.4AI score0.03228EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/03/11 12:0 a.m.•43 views

.NET 5.0 security and bugfix update

5.0.212-1.0.1 - Support AArch64 on Oracle Linux Orabug: 32738620 - Include new Oracle Linux runtime IDs Add 1000-Add-missing-OL-RIDs.patch 5.0.212-1 - Update to .NET SDK 5.0.212 and Runtime 5.0.15 - Resolves: RHBZ2060496...

7.5CVSS1.4AI score0.03228EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/03/11 12:0 a.m.•77 views

kernel security, bug fix, and enhancement update

4.18.0-348.20.15.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

9CVSS0.88106EPSS
Exploits127
Oracle linux
Oracle linux
•added 2022/03/10 12:0 a.m.•89 views

Unbreakable Enterprise kernel security update

5.4.17-2136.304.4.5 - lib/ioviter: initialize 'flags' in new pipebuffer Max Kellermann Orabug: 33942329 CVE-2022-0847 - bpf: Disallow unprivileged bpf by default Pawan Gupta Orabug: 33942374...

7.8CVSS4.8AI score0.88106EPSS
Exploits100
Oracle linux
Oracle linux
•added 2022/03/10 12:0 a.m.•55 views

Unbreakable Enterprise kernel-container security update

4.14.35-2047.511.5.6.el7 - lib/ioviter: initialize 'flags' in new pipebuffer Max Kellermann Orabug: 33942242 CVE-2022-0847...

7.8CVSS2.4AI score0.88106EPSS
Exploits100
Oracle linux
Oracle linux
•added 2022/03/10 12:0 a.m.•95 views

Unbreakable Enterprise kernel-container security update

5.4.17-2136.304.4.5 - lib/ioviter: initialize 'flags' in new pipebuffer Max Kellermann Orabug: 33942329 CVE-2022-0847 - bpf: Disallow unprivileged bpf by default Pawan Gupta Orabug: 33942374...

7.8CVSS4.8AI score0.88106EPSS
Exploits100
Oracle linux
Oracle linux
•added 2022/03/10 12:0 a.m.•111 views

Unbreakable Enterprise kernel security update

4.14.35-2047.511.5.6 - lib/ioviter: initialize 'flags' in new pipebuffer Max Kellermann Orabug: 33942242 CVE-2022-0847...

7.8CVSS2.4AI score0.88106EPSS
Exploits100
Oracle linux
Oracle linux
•added 2022/03/10 12:0 a.m.•76 views

python-pip security update

9.0.3-8.0.1 - CVE-2019-20916 Orabug: 33861505...

7.5CVSS1.5AI score0.03028EPSS
Exploits1
Oracle linux
Oracle linux
•added 2022/03/10 12:0 a.m.•61 views

firefox security and bug fix update

91.7.0-3.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build 91.7.0-3 - Update to 91.7.0 build3 91.7.0-2 - Added expat backports of...

9.8CVSS1.6AI score0.34174EPSS
Exploits7
Oracle linux
Oracle linux
•added 2022/03/10 12:0 a.m.•56 views

firefox security update

91.7.0-3.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.7.0-3 - Update to 91.7.0 build3 91.7.0-2 - Added expat backports of CVE-2022-25235, CVE-2022-25236 and CVE-2022-25315 91.7.0-1 - Update to 91.7.0 build2 91.6.0-2 - Install...

9.8CVSS1.5AI score0.34174EPSS
Exploits7
Oracle linux
Oracle linux
•added 2022/03/09 12:0 a.m.•54 views

.NET 6.0 security and bugfix update

6.0.102-1.0.1 - Add missing Oracle RIDs 6.0.102-1 - Update to .NET SDK 6.0.102 and Runtime 6.0.2 - Resolves: RHBZ2048257...

7.5CVSS1.7AI score0.03739EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/03/08 12:0 a.m.•41 views

Unbreakable Enterprise kernel security update

5.4.17-2136.304.4.4 - arm64: Use the clearbhb instruction in mitigations James Morse Orabug: 33921646 - arm64: add IDAA64ISAR2EL1 sys register Joey Gouly Orabug: 33921646 - KVM: arm64: Allow SMCCCARCHWORKAROUND3 to be discovered and migrated James Morse Orabug: 33921646 - arm64: Mitigate spectre...

6.5CVSS0.3AI score0.00306EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/03/08 12:0 a.m.•90 views

Unbreakable Enterprise kernel-container security update

5.4.17-2136.304.4.4 - arm64: Use the clearbhb instruction in mitigations James Morse Orabug: 33921646 - arm64: add IDAA64ISAR2EL1 sys register Joey Gouly Orabug: 33921646 - KVM: arm64: Allow SMCCCARCHWORKAROUND3 to be discovered and migrated James Morse Orabug: 33921646 - arm64: Mitigate spectre...

6.5CVSS0.2AI score0.00306EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/03/08 12:0 a.m.•52 views

Unbreakable Enterprise kernel-container security update

4.14.35-2047.511.5.4.el7 - x86/speculation: Add knob for eibrsretpolineenabled Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Update link to AMD...

6.5CVSS0.7AI score0.00306EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/03/08 12:0 a.m.•59 views

ruby:2.5 security update

ruby 2.5.9-109.0.1 - Rebuild with a dependency containing fix for Orabug: 33921593 2.5.9-109 - Properly fix command injection vulnerability in Rdoc. Related: CVE-2021-31799 2.5.9-108 - Fix command injection vulnerability in RDoc. Resolves: CVE-2021-31799 - Fix StartTLS stripping vulnerability in...

7.4CVSS1.2AI score0.0305EPSS
Exploits2
Oracle linux
Oracle linux
•added 2022/03/08 12:0 a.m.•59 views

Unbreakable Enterprise kernel security update

4.14.35-2047.511.5.4 - x86/speculation: Add knob for eibrsretpolineenabled Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Update link to AMD...

6.5CVSS0.7AI score0.00306EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/03/01 12:0 a.m.•190 views

jquery-ui security update

1.10.4.custom-4.0.1 - Backport jQuery CVE-2020-11022 and CVE-2020-11023 fixes to bundled jQuery v1.10.2 Orabug: 33869588 1.10.4.custom-4 - removed %%defattr from specfile - removed Group from specfile - removed BuildRoot from specfiles Tue May 10 2016 Grant Gainey 1.10.4.custom-3 - jquery-ui: bui...

6.9CVSS2.1AI score0.99019EPSS
Exploits11
Oracle linux
Oracle linux
•added 2022/02/28 12:0 a.m.•61 views

Unbreakable Enterprise kernel-container security update

5.4.17-2136.304.4.2.el7 - netfilter: nftablesoffload: incorrect flow offload action array size Pablo Neira Ayuso Orabug: 33899500 CVE-2022-25636...

7.8CVSS3.1AI score0.02633EPSS
Exploits6
Oracle linux
Oracle linux
•added 2022/02/28 12:0 a.m.•76 views

Unbreakable Enterprise kernel-container security update

4.14.35-2047.511.5.2.el7 - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33876756 CVE-2022-0492 - scsi: libiscsi: Hold backlock when calling iscsicompletetask Gulam Mohamed Orabug: 33876755 4.14.35-2047.511.5.1 - arm64, mm, efi: Account for GICv3 LPI tables in stat...

7.8CVSS8.5AI score0.05528EPSS
Exploits16
Oracle linux
Oracle linux
•added 2022/02/28 12:0 a.m.•112 views

Unbreakable Enterprise kernel security update

4.14.35-2047.511.5.2 - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33876756 CVE-2022-0492 - scsi: libiscsi: Hold backlock when calling iscsicompletetask Gulam Mohamed Orabug: 33876755 4.14.35-2047.511.5.1 - arm64, mm, efi: Account for GICv3 LPI tables in static...

7.8CVSS8.5AI score0.05528EPSS
Exploits16
Oracle linux
Oracle linux
•added 2022/02/28 12:0 a.m.•52 views

ruby:2.5 security update

ruby 2.5.9-109 - Properly fix command injection vulnerability in Rdoc. Related: CVE-2021-31799 2.5.9-108 - Fix command injection vulnerability in RDoc. Resolves: CVE-2021-31799 - Fix StartTLS stripping vulnerability in Net::IMAP Resolves: CVE-2021-32066 - Fix FTP PASV command response can cause...

7.4CVSS0.9AI score0.0305EPSS
Exploits2
Oracle linux
Oracle linux
•added 2022/02/28 12:0 a.m.•60 views

Unbreakable Enterprise kernel security update

5.4.17-2136.304.4.2 - netfilter: nftablesoffload: incorrect flow offload action array size Pablo Neira Ayuso Orabug: 33899500 CVE-2022-25636...

7.8CVSS3.3AI score0.02633EPSS
Exploits6
Oracle linux
Oracle linux
•added 2022/02/25 12:0 a.m.•82 views

virt:kvm_utils security update

hivex 1.3.18-21 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 libguestfs 1.40.2-28.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.40.2-28 -...

8.5CVSS7.3AI score0.02904EPSS
Exploits7
Oracle linux
Oracle linux
•added 2022/02/24 12:0 a.m.•45 views

cyrus-sasl security update

2.1.27-6 - Fix for CVE-2022-24407 - Resolves: rhbz2055846...

8.8CVSS1.4AI score0.04123EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/02/24 12:0 a.m.•377 views

cyrus-sasl security update

2.1.26-24.0.1 - Check against gssapi null pointer Orabug: 33270138 2.1.26-24 - Fix for CVE-2022-24407 - Resolves: rhbz2055842...

8.8CVSS1.7AI score0.04123EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/02/23 12:0 a.m.•41 views

389-ds-base security and bug fix update

1.3.10.2-15 - Bump version to 1.3.10.2-15 - Resolves: Bug 2049812 - Fix csn generator to limit time skew drift - Resolves: Bug 2048530 - CVE-2021-4091 389-ds-base: double-free of the virtual attribute context in persistent search...

7.5CVSS2.7AI score0.01983EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/02/23 12:0 a.m.•467 views

openldap security update

2.4.44-25 - Fix CVE-2020-25709 openldap: assertion failure in Certificate List syntax validation 2040539 - Fix CVE-2020-25710 openldap: assertion failure in CSN normalization with invalid input 2040538...

7.5CVSS1.3AI score0.02858EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/02/23 12:0 a.m.•44 views

python-pillow security update

5.1.1-18 - Fixup for CVE-2022-22817 - Security fixes for CVE-2022-22815, CVE-2022-22816 Resolves: rhbz2042522 5.1.1-17 - Fix for CVE-2022-22817 Resolves: rhbz2042527...

9.8CVSS1.2AI score0.03399EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/02/23 12:0 a.m.•52 views

python-pillow security update

2.0.0-23gitd1c6db8 - Fixup for CVE-2022-22817 - Security fixes for CVE-2022-22815, CVE-2022-22816 Resolves: rhbz2042522 2.0.0-22gitd1c6db8 - Fix for CVE-2022-22817 Resolves: rhbz2042527...

9.8CVSS1.2AI score0.03399EPSS
Exploits0
Oracle linux
Oracle linux
•added 2022/02/23 12:0 a.m.•140 views

kernel security and bug fix update

3.10.0-1160.59.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...

7.9CVSS7.2AI score0.02579EPSS
Exploits6
Oracle linux
Oracle linux
•added 2022/02/18 12:0 a.m.•43 views

aide security update

0.14-11.0.1 - precalculate buffer size in base64 functions Orabug: 33835910CVE-2021-45417...

7.8CVSS2AI score0.00493EPSS
Exploits1
Oracle linux
Oracle linux
•added 2022/02/16 12:0 a.m.•47 views

firefox security update

91.6.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build 91.6.0-1 - Update to 91.6.0 build1 91.5.0-2 - Use default update channel to fi...

1.2AI score0.00926EPSS
Exploits1
Oracle linux
Oracle linux
•added 2022/02/16 12:0 a.m.•56 views

thunderbird security update

91.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 91.6.0-1 - Update to 91.6.0 build1...

1.8AI score0.00926EPSS
Exploits1
Oracle linux
Oracle linux
•added 2022/02/16 12:0 a.m.•40 views

ruby:2.5 security update

rubygem-bundler 1.16.1-4 - Fix Bundler dependency confusion. Resolves: CVE-2020-36327...

9.3CVSS1.6AI score0.06307EPSS
Exploits1
Oracle linux
Oracle linux
•added 2022/02/16 12:0 a.m.•69 views

ruby:2.6 security update

ruby 2.6.9-108 - Upgrade to Ruby 2.6.9. - Skip JIT tests in RHEL 8. - Fix the issues required to start the 'make test-bundler' itself. - Fix Bundler dependency confusion. Resolves: CVE-2020-36327...

9.3CVSS0.7AI score0.06307EPSS
Exploits5
Oracle linux
Oracle linux
•added 2022/02/15 12:0 a.m.•36 views

thunderbird security update

91.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.6.0-1 - Update to 91.6.0 build1...

2AI score0.00926EPSS
Exploits1
Oracle linux
Oracle linux
•added 2022/02/14 12:0 a.m.•31 views

firefox security update

91.6.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.6.0-1 - Update to 91.6.0 build1 91.5.0-2 - Use default update channel to fix non working enterprise policies: rhbz2044667...

1.1AI score0.00926EPSS
Exploits1
Oracle linux
Oracle linux
•added 2022/02/14 12:0 a.m.•161 views

Unbreakable Enterprise kernel security update

5.4.17-2136.304.4.1 - Revert rds/ib: Kernel upgrade to rdsibconns info displayed by rds-info Rohit Nair Orabug: 33832625 - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33832582 CVE-2022-0492 5.4.17-2136.304.4 - scsi: libiscsi: Fix iscsitask use after free Mike...

8.4CVSS8.1AI score0.25151EPSS
Exploits27
Total number of security vulnerabilities9177