rust-toolset:ol8 security, bug fix, and enhancement update

rust 1.49.0-1 - Update to 1.49.0. 1.48.0-1 - Update to 1.48.0. rust-toolset 1.49.0-1 - Update to Rust and Cargo 1.49.0. 1.48.0-1 - Update to Rust and Cargo 1.48.0...

p11-kit security, bug fix, and enhancement update

0.23.22-1 - Rebase to 0.23.22 to fix memory safety issues CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363 - Preserve DTNEEDED information from the previous version, flagged by rpmdiff - Add xsltproc to BR 0.23.21-4 - Fix realloc usage on proxy cleanup 1894979 - Make 'trust anchor --store'...

glibc security, bug fix, and enhancement update

2.28-151.0.1.el84 - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag ...

sqlite security update

3.26.0-13 - enabled fts3conf.test on s390x and ppc64 architectures 3.26.0-12 - Fixed CVE-2020-13434 1845843 - Fixed CVE-2020-15358 1855208...

krb5 security update

1.18.2-8 - Add recursion limit for ASN.1 indefinite lengths CVE-2020-28196 - Resolves: 1906492 1.18.2-7 - Document -k option in kvno1 synopsis - Resolves: 1869055 1.18.2-6 - Enable MD5 override for FIPS RADIUS - Resolves: 1872689 1.18.2-5.2 - Unify kvno option documentation - Resolves: 1869055...

opensc security, bug fix, and enhancement update

0.20.0-4 - Use file cache by default 1892810 - Avoid calloc with 0 argument 1895401 0.20.0-3 - Support PIN change for HID Alt tokens 1830901 - Fix CVE-2020-26570, CVE-2020-26571 and CVE-2020-26572 - Fix right padding of token labels of some cards 1877973...

mailman:2.1 security update

3:2.1.29-11 - Fixes for CVE-2020-12108 and CVE-2020-15011...

GNOME security, bug fix, and enhancement update

accountsservice 0.6.55-1 - Rebase to 0.6.55 Resolves: 1846376 atkmm 2.24.2-7 - Rebuild for annobin fixes - Resolves: rhbz1703969 cairomm 1.12.0-8 - Rebuild for the annobin fixes - Resolves: rhbz1703971 chrome-gnome-shell 10.1-7 - Disable updates support Resolves: 1802105 dleyna-core 0.6.0-3 - Don...

python-urllib3 security update

1.24.2-5.0.1 - set RECENTDATE to 01/30/2019 to make checks happy Orabug: 30228991 1.24.2-5 - Security fix for CVE-2020-26137 Resolves: rhbz1883889...

userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update

egl-wayland 1.1.5-3 - Add upstream patch to address rhbz1842473 1.1.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora33MassRebuild 1.1.5-1 - Update to 1.1.5 libdrm 2.4.103-1 - Update to 2.4.103 libglvnd 1.3.2-1 - Update to 1.3.2 release libinput 1.16.3-1 - libinput 1.16.3 1886648 libwacom...

raptor2 security and bug fix update

2.0.15-16 - Resolves: rhbz1900904 CVE-2020-25713 raptor2: malformed input file can lead to a segfault 2.0.15-15 - Resolves: rhbz1896534 CVE-2017-18926 raptor: heap-based buffer overflow 2.0.15-14 - Resolves: rhbz1896340 Suppress documentation in Flatpak builds...

curl security and bug fix update

7.61.1-18 - http: send payload when proxy authentication is done 1918692 - curl: Inferior OCSP verification CVE-2020-8286 - libcurl: FTP wildcard stack overflow CVE-2020-8285 - curl: trusting FTP PASV responses CVE-2020-8284 7.61.1-17 - validate an ssl connection using an intermediate certificate...

cpio security update

2.12-10 - Fixed improper input validation when writing tar header fields 1766223 2.12-9 - Extract: retain times for symlinks 1487673...

python-lxml security update

4.2.3-2 - Security fix for CVE-2020-27783: mXSS due to the use of improper parser Resolves: rhbz1901633...

ghostscript security, bug fix, and enhancement update

9.27-1 - Rebase to 9.27 - Resolves: rhbz1874523...

wpa_supplicant security, bug fix, and enhancement update

1:2.9-5 - P2P: Fix a corner case in peer addition based on PD Request CVE-2021-27803 - Fix buffer overflow when processing P2P group information CVE-2021-0326 1:2.9-4 - enable WPA-EAP-SUITE-B-192 rh 1916394 1:2.9-3 - fix p2plisten unexpectedly stopped after 5 seconds rh 1693684 - allow changing...

systemd security, bug fix, and enhancement update

239-45.0.1 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev rules: fix memory hot add and remove Orabug: 31310273 - fix to enable systemd-pstore.service Orabug: 30951066 - journal: change support URL shown in the catalog entries Orabug: 30853009 - fix to generate...

go-toolset:ol8 security, bug fix, and enhancement update

delve 1.5.0-2.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.5.0-2 - Add golang-1.15.4 related patch - Resolves: rhbz1901189 1.5.0-1 - Rebase to 1.5.0 - Related: rhbz1870531 golang 1.15.7-1 - Rebase to 1.15.7 - Resolves: rhbz1870531 - Resolves: rhbz1919261 1.15.5-1 - Rebase to...

python-cryptography security, bug fix, and enhancement update

3.2.1-4 - CVE-2020-36242: Fixed a bug where certain sequences of update calls when symmetrically encrypting very large payloads 2GB could result in an integer overflow, leading to buffer overflows. - Resolves: rhbz1926528 3.2.1-3 - Conflict with non-matching vector package 3.2.1-2 - Re-add remove...

unbound security, bug fix, and enhancement update

1.7.3-15 - Fix SPEC file to not check md5 mtime and size of /var/lib/unbound/root.key - Resolves: rhbz1714175 - Use system-wide crypto policy setting PROFILE=SYSTEM instead of custom setting - Resolves: rhbz1842837 - Enable additional logging in unbound - Resolves: rhbz1850460 - security hardenin...

python3 security update

3.6.8-37.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-37 - Fix for CVE-2021-23336 Resolves: rhbz1928904 3.6.8-36 - Fix for CVE-2021-3177 Resolves: rhbz1918168 3.6.8-35 - New options -a and -k for pathfix.py script backported from upstream Resolves: rhbz1917691 3.6.8-3...

sane-backends security update

1.0.27-22 - related 1852663 - needed to rebuild due infrastructure error 1.0.27-21 - 1852663, 1848097 - NULL pointer dereference in saneiepsonnetread function 1.0.27-20 - 1852468, 1852467, 1852466, 1852465 - prevent buffer overflow in esci2img - 1852668, 1852667, 1852666, 1852665 - disable...

httpd:2.4 security, bug fix, and enhancement update

httpd 2.4.37-39.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracles index page oracleindex.html 2.4.37-39 - prevent htcacheclean from while break when first file processed 2.4.37-38 - Resolves: 1918741 - Thousands of /tmp/modproxy.tmp. files created by...

exiv2 security, bug fix, and enhancement update

0.27.3-2 - Avoid duplicating Changelog file Resolves: bz1880984 0.27.3-1 - Update to 0.27.3 Resolves: bz1880984...

bash security and bug fix update

4.4.19-14 - Fix hang when limit for nproc is very high Resolves: 1890888 4.4.19-13 - Correctly drop saved UID when effective UID is not equal to its real UID Resolves: 1793943...

qt5-qtbase security and bug fix update

5.12.5-8 - Build against system xkb and openssl 1.1 Resolves: bz1882375 5.12.5-7 - Fix buffer overflow in XBM parser Resolves: bz1870364...

grafana security, bug fix, and enhancement update

7.3.6-2 - change working dir to in grafana-cli wrapper fixes Red Hat BZ 1916083 - add pcp-redis-datasource to allowloadingunsignedplugins config option 7.3.6-1 - update to 7.3.6 tagged upstream community sources, see CHANGELOG - remove dependency on SAML not supported in the open source version o...

kernel security, bug fix, and enhancement update

4.18.0-305.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x...

sudo security and bug fix update

1.8.29-7 - RHEL 8.4 ERRATUM - CVE-2021-3156 Resolves: rhbz1917734 - CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit Resolves: rhzb1916434 - CVE-2021-23240 sudo: symbolic link attack in SELinux-enabled sudoedit Resolves: rhbz1917038 - updated upstream url...

freerdp security, bug fix, and enhancement update

2:2.2.0-1 - Update to 2.2.0 rhbz1881971...

evolution security, bug fix, and enhancement update

evolution 3.28.5-16 - Resolves: 1902630 Crash on file drag into mail composer with WebKitGTK 2.30 3.28.5-15 - Resolves: 1883619 ECalendarItem: Settings loaded only when being shown evolution-data-server 3.28.5-15 - Resolves: 1862403 CVE-2020-16117: Crash on malformed server response with minimal...

dovecot security and bug fix update

1:2.3.8-9 - fix CVE-2020-24386 IMAP hibernation function allows mail access 1913534 1:2.3.8-8 - fix CVE-2020-25275 denial of service via mail MIME parsing 1914019 1:2.3.8-7 - change run directory from /var/run to /run 1805947 1:2.3.8-6 - fix mail storage block count parsing 1894418 - MIME parser...

spice-vdagent security and bug fix update

0.20.0-3 - Fix mouse problems in multi-monitor environments under Wayland Resolves: rhbz1790904 rhbz1824610 0.20.0-2 - Resolves: CVE-2020-25650, CVE-2020-25651, CVE-2020-25652, CVE-2020-25653...

tigervnc security, bug fix, and enhancement update

1.11.0-6 - Use GNOME as default session Resolves: bz1853608 1.11.0-5 - Make sure we log properly output to journal actually log to syslog Resolves: bz1841537 1.11.0-4 - Make sure we log properly output to journal Resolves: bz1841537 1.11.0-3 - vncserver: ignore new 'session' parameter from the ne...

bluez security update

5.52-4 + bluez-5.52-4 - Fixing 1885378 5.52-3 + bluez-5.52-3 - Revering the 5.52-2 patch due some mismatch with upsream patch. 5.52-2 + bluez-5.52-2 - Fixing 1885378 5.52-1 + bluez-5.52-1 - Fixing 1830397...

libdb security update

5.3.28-40 - Resolves: CVE-2019-2708 - Resolves: 1856237...

pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update

apache-commons-collections jss 4.8.1-2 - Bug 1932803 - HSM + FIPS: CMCRequest with a shared secret resulting in error 4.8.1-1 - Rebase to upstream JSS v4.8.1 - Red Hat Bugilla 1908541 - jss broke SCEP - missing PasswordChallenge class - Red Hat Bugilla 1489256 - RFE jss should support RSA with OA...

idm:DL1 and idm:client security, bug fix, and enhancement update

bind-dyndb-ldap 11.6-2 - Rebuild against bind 9.11.26 - Resolves: rhbz1904612 11.6-1 - New upstream release - Resolves: rhbz1891735 ipa 4.9.2-3.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.2-3 - ipa-client-install displays false message 'sudo binary does not seem to ...

container-tools:ol8 security, bug fix, and enhancement update

cockpit-podman 29-2 - fix gating test failure for cockpit-podman - Related: 1914884 29-1 - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/29 - Related: 1883490 conmon 2:2.0.26-1 - update to https://github.com/containers/conmon/releases/tag/v2.0.26 - Related: 1883490...

python38:3.8 security update

python38 3.8.6-3 - Security fix for CVE-2021-3177 Resolves: rhbz1919161 3.8.6-2 - Add support for upstream architecture names https://fedoraproject.org/wiki/Changes/PythonUpstreamArchitectureNames Resolves: rhbz1868006 3.8.6-1 - Update to 3.8.6 - Security fix for CVE-2020-26116 python-requests...

virt:ol and virt-devel:rhel security, bug fix, and enhancement update

libvirt 6.0.0-35.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma - Disable parallel builds Karl Heubaum libvirt-dbus 1.3.0 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release libvirt-python...

perl security update

4:5.10.1-144.0.1 - Backport patch for CVE-2020-10543 Orabug: 32855589 - Backport patch for CVE-2020-10878 Orabug: 32855589 - Backport patch for CVE-2020-12723 Orabug: 32855589...

slapi-nis security and bug fix update

0.56.5-4 - CVE 2021-3480: slapi-nis: NULL dereference DoS with specially crafted Binding DN - Resolves: rhbz1942937...

xorg-x11-server security update

1.20.4-16 - CVE fix for: CVE-2021-3472 1944956...

Unbreakable Enterprise kernel security update

5.4.17-2102.201.3uek - locking/qrwlock: Fix ordering in queuedwritelockslowpath Ali Saidi Orabug: 32805544 5.4.17-2102.201.2uek - md/bitmap: wait for external bitmap writes to complete during tear down Sudhakar Panneerselvam Orabug: 32764237 - ocfs2: fix deadlock between setattr and dioendiowrite...

Unbreakable Enterprise kernel security update

4.14.35-2047.503.1 - bpf, x86: Validate computation of branch displacements for x86-64 Piotr Krysiuk Orabug: 32759961 CVE-2021-29154 - uek-rpm: Add Amazon Elastic Network Adapter module to nano rpm. Somasundaram Krishnasamy Orabug: 32781585 - ext4: handle error of ext4setupsystemzone on remount J...

Unbreakable Enterprise kernel-container security update

4.14.35-2047.503.1.el7 - bpf, x86: Validate computation of branch displacements for x86-64 Piotr Krysiuk Orabug: 32759961 CVE-2021-29154 - uek-rpm: Add Amazon Elastic Network Adapter module to nano rpm. Somasundaram Krishnasamy Orabug: 32781585 - ext4: handle error of ext4setupsystemzone on remou...

Unbreakable Enterprise kernel security update

4.1.12-124.50.2 - btrfs: fix race when cloning extent buffer during rewind of an old root Filipe Manana Orabug: 32669454 CVE-2021-28964 - xen-blkback: don't leak persistent grants from xenblkbkmap Jan Beulich Orabug: 32697855 CVE-2021-28688 - netfilter: xtables: Use correct memory barriers. Mark...

postgresql security update

9.2.24-6 - Patch fixing BZ1741488 CVE-2019-10208 9.2.24-5 - Patch fixing CVE-2020-25694 BZ1907894 - Patch fixing CVE-2020-25695 BZ1907895...

kernel security update

2.6.32-754.35.1.0.3.OL6 - Fixes for RHSA-2021:1288 Orabug: 32809880...