8984 matches found
python3.9 security update
3.9.25-3.0.1.el97.1 - Remove upstream URL reference 3.9.25-3.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 and CVE-2026-1299 Resolves: RHEL-143108 RHEL-143169 RHEL-144893...
mysql8.4 security update
8.4.8-1 - Rebase to 8.4.8 8.4.7-2 - Skip tests that are failing on Konflux - Resolves: ROK-831...
python3.12 security update
3.12.12-4.0.1.el97.1 - Remove upstream URL reference 3.12.12-4.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 and CVE-2026-1299 Resolves: RHEL-143106 RHEL-143168 RHEL-144891...
postgresql:12 security update
12.22-6.0.1 - Add backport of CVE-2025-8714 Orabug: 38667546 12.22-6 - Fix CVE-2026-2004 CVE-2026-2005 CVE-2026-2006 12.22-5 - Fix previous Backport 12.22-4 - Backport CVE-2025-8715 12.22-3 - Fix backport for CVE-2025-1094 12.22-2 - Backport fix for CVE-2025-1094 12.22-1 - Update to 12.22 - Fixes...
kernel security update
6.12.0-124.43.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
gimp security update
2:3.0.4-1.4 - fix CVE-2026-0797 - fix CVE-2026-2044 - fix CVE-2026-2045 - fix CVE-2026-2047 - fix CVE-2026-2048...
ImageMagick security update
6.9.10.68-7.0.5 - Fix CVE-2025-62171 and CVE-2026-23876 Orabug: 38997140 6.9.10.68-7.0.3 - Security update CVE-2025-57803 Orabug: 38455460 6.9.10.68-7.0.1 - Fix for CVE-2025-55154 Orabug: 38417011...
Unbreakable Enterprise kernel security update
6.12.0-109.67.6 - net: tunnel: make skbvlaninetprepare return drop reasons Menglong Dong Orabug: 39027305 6.12.0-109.67.5 - uek-rpm: fixed specs to explicitly call python3 as set as a requirement Mark Nicholson Orabug: 38933158 - Revert 'net/rds: fix crash by expanding kref coverage to...
postgresql:15 security update
pgaudit 1.7.0-1 - Initial import for postgresql 15 module - Update to 1.7.0 - Support postgresql 15 - Related: 2128410 pgrepack 1.4.8-2 - Add new build dependencies to fix build with lz4 enabled - Related: RHEL-47350 1.4.8-1 - Update to version 1.4.8 - Postgresql 15 is supported - Related: 212841...
postgresql:15 security update
pgaudit 1.7.0-1 - Update to 1.7.0 - Support postgresql 15 - Related: 2128241 1.5.0-1 - Update to version 1.5.0 Related: 1855776 1.4.0-4 - Bump release for rebuild against libpq-12.1-3 1.4.0-3 - BuildRequires libpq-devel 1.4.0-2 - BuildRequires postgresql-server-devel 1.4.0-1 - Update to 1.4.0...
git-lfs security update
3.4.1-8 - Rebuild with new Golang - Resolves: RHEL-146094, RHEL-149269...
libvpx security update
1.7.0-13 - Add patch for superframe index full Resolves: RHEL-150334...
postgresql:16 security update
pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3636 pgrepack 1.5.1-1 - Update to 1.5.1 postgres-decoderbufs 2.4.0-1.Final - Initial import for postgresql 16 stream - Related: RHEL-3636 postgresql 16.13-1 - Update to 16.13 - Fix...
kernel security update
4.18.0-553.111.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
postgresql:16 security update
pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3635 pgrepack 1.5.1-1 - Update to v1.5.1 1.4.8-2 - Add new build dependencies to fix build with lz4 enabled - Related: RHEL-47604 1.4.8-1 - Resolves: RHEL-3636 - Initial import for PG 16...
postgresql:13 security update
pgaudit 1.5.0-1 - Update to version 1.5.0 Related: 1855776 1.4.0-4 - Bump release for rebuild against libpq-12.1-3 1.4.0-3 - BuildRequires libpq-devel 1.4.0-2 - BuildRequires postgresql-server-devel 1.4.0-1 - Update to 1.4.0 1.3.1-1 - Update to 1.3.1 and apply patch for pgsql v12 compatibility...
python-pyasn1 security update
0.3.7-6.el810.1 - Resolves: RHEL-148145...
python3 security update
3.6.8-21.0.7 - Security update CVE-2025-12084 Orabug: 38971895 3.6.8-21.0.5 - tarfile now validates archives to ensure member offsets are non-negative Orabug: 38442771CVE-2025-8194 3.6.8-21.0.3 - Fix DoS parsing crafted tarfile headers Orabug: 37626372CVE-2024-6232 - Disable testsocket in the PGO...
Unbreakable Enterprise kernel security update
5.4.17-2136.353.3 - xfrm: flush all states in xfrmstatefini Sabrina Dubroca Orabug: 38934000 - xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added Sabrina Dubroca Orabug: 38934000 - Revert 'xfrm: destroy xfrmstate synchronously on net exit path' Sabrina Dubroca...
nfs-utils security update
2.3.3-68.0.1 - nfsd: allow more than 64 backlogged connections - spec: remove multiple warnings when upgrading nfs-utils with gssproxy Orabug: 35173372 2.3.3-68 - Add requires for selinux-policy RHEL-127095 2.3.3-67 - mountd: Minor refactor of getrootfh RHEL-127095 - mountd: Separate lookup of th...
image-builder security update
45-1.0.3 - Rebuilt to fix CVE-2025-61726, CVE-2025-61729, CVE-2025-68121...
osbuild-composer security update
101.4-4.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size to 1GB Orabug: 36827079 - support for building OL8/9 images on Oracle Linu...
image-builder security update
45-1.0.3 - Rebuilt to fix CVE-2025-61726, CVE-2025-61729, CVE-2025-68121...
delve security update
1.25.2-2.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-2 - Rebuild with latest Go...
osbuild-composer security update
149-4.0.1 - Add missing dependency over dracut-config-rescue for image-installer ORABUG: 38587453 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming...
osbuild-composer security update
149-5.0.1 - Add missing dependency over dracut-config-rescue for image-installer Orabug: 38587453 - Add OL10 support - Update repository URLs for baseos, appstream and UERK - Fix the label for UEKR repository - Simplify repository names JIRA: OLDIS-35893 - Ensure build on latest golang:...
postgresql security update
Wed Feb 25 2026 Filip Janus - 13.23-2 - fix CVE-2026-2004 CVE-2026-2005 CVE-2026-2006...
delve security update
1.25.2-2.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-2 - Rebuild without changes. - Resolves: RHEL-153104...
nfs-utils security update
2.5.4-38.0.1.el97.3 - spec: remove multiple warnings when upgrading nfs-utils with gssproxy Orabug: 36044562 2.5.4-38.3 - Add requires for selinux-policy RHEL-127104 2.5.4-38.2 - Replace statfs64 with statfs RHEL-127104 - NFS export symlink vulnerability fix RHEL-127104 - mountd: Minor refactor o...
nfs-utils security update
2.8.3-0.0.1.el101.3 - remove multiple warnings when upgrading nfs-utils with gssproxy 2.8.3-3 - Add requires for selinux-policy RHEL-127092 2.8.3-2 - mountd: Minor refactor of getrootfh RHEL-127092 - mountd: Separate lookup of the exported directory and the mount path RHEL-127092 - support: Add a...
git-lfs security update
3.6.1-7 - Rebuild with new Golang - Resolves: RHEL-146860, RHEL-149620 3.6.1-6 - Rebuild with new Golang - Resolves: RHEL-147080 3.6.1-5 - Rebuild with new Golang - Resolves: RHEL-147103...
kernel security update
3.10.0-1160.119.1.0.18 - e1000e: fix heap overflow in e1000seteeprom CVE-2025-39898 Orabug: 38904071 - i40e: fix idx validation in config queues msg CVE-2025-39971 Orabug: 38904071 - vsock: track pkt owner vsock Orabug: 38904071 - vhost-vsock: add pkt cancel capability Orabug: 38904071 - vsock:...
nginx:1.24 security update
1.24.0-5.1.0.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 1:1.24.0-5.1 - Resolves: RHEL-146526 - nginx:1.24/nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 1:1.24.0-5 - Resolves:...
go-rpm-macros security update
3.6.0-13 - Rebuild with latest Go - Resolves: RHEL-146862...
go-rpm-macros security update
3.6.0-7 - Rebuild with latest Go 3.6.0-6 - Update CI support 3.6.0-5 - Add riscv64 to golangarches for RHEL 10+...
thunderbird security update
140.8.0-2.0.1 - Add Oracle prefs 140.8.0-2 - Update to 140.8.0 ESR...
libsoup security update
2.62.2-2.0.11 - Fixes CVE-2026-0719 CVE-2026-1761 Orabug: 38958074 2.62.2-2.0.9 - Fix CVE-2025-14523 Orabug: 38873507 2.62.2-2.0.7 - Backport patch for CVE-2025-4945 and CVE-2025-11021 Orabug: 38664275 2.62.2-2.0.5 - Fixes CVE-2025-2784 CVE-2025-4948 CVE-2025-32049 Orabug: 38085184 - CVE-2025-329...
gnutls security update
3.8.10-3 - Fix CVE-2025-9820, CVE-2025-14831, drop unused patches - Fix PKCS11 token initialization label overflow CVE-2025-9820 - Fix name constraint processing performance issue CVE-2025-14831 - Drop unused patches...
kernel security update
5.14.0-611.36.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
libpng security update
2:1.6.40-8.2 - fix CVE-2026-25646: heap buffer overflow in pngsetquantize RHEL-148323 - fix CVE-2026-22695: heap buffer over-read in pngimagefinishread RHEL-148818 - fix CVE-2026-22801: heap buffer over-read in pngimagewritebit RHEL-146645...
thunderbird security update
140.8.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.8.0 - Add OpenELA debranding 140.8.0-1 - Update to 140.8.0 ESR...
kernel security update
4.18.0-553.109.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
Unbreakable Enterprise kernel security update
5.4.17-2136.352.5.1 - xfrm: flush all states in xfrmstatefini Sabrina Dubroca Orabug: 39016499 - xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added Sabrina Dubroca Orabug: 39016499 - Revert 'xfrm: destroy xfrmstate synchronously on net exit path' Sabrina Dubroc...
thunderbird security update
140.8.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.8.0 - Add OpenELA debranding 140.8.0-1 - Update to 140.8.0 ESR...
valkey security update
8.0.7-1 - Rebase to 8.0.7 for CVE-2026-21863 CVE-2025-67733...
udisks2 security update
2.10.90-6.0.1.el101.1 - Enable btrfs support for OL supported arches Orabug: 37464632 2.10.90-6.1 - Add missing polkit check for RestoreEncryptedHeader CVE-2026-26103 RHEL-148565 - Add missing polkit check for HeaderBackup CVE-2026-26104 RHEL-148588...
mingw-fontconfig security update
2.12.6-4 - Rebuilt with mingw-expat fix Related: RHEL-114628...
Unbreakable Enterprise kernel security update
5.15.0-317.197.5.2 - xfrm: flush all states in xfrmstatefini Sabrina Dubroca Orabug: 39016261 - xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added Sabrina Dubroca Orabug: 39016261 - Revert 'xfrm: destroy xfrmstate synchronously on net exit path' Sabrina Dubroca...
container-tools:ol8 security update
aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 buildah 2:1.33.14-2 - rebuild for CVE-2025-61729 - Resolves: RHEL-140529 cockpit-podman 84.1-1 - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84.1 - Related: Jira:RHEL-25557 conmon...
valkey security update
8.0.7-1 - Rebase to 8.0.7 for CVE-2026-21863 CVE-2025-67733...