9173 matches found
Unbreakable Enterprise kernel-container security update
4.14.35-2047.508.3.el7 - fuse: fix live lock in fuseiget Amir Goldstein Orabug: 33396682 CVE-2021-28950 - block: workaround to avoid self-deadlock in delgendisk Junxiao Bi Orabug: 33392821 - net: bonding: add new option arpallslaves for arpiptarget Venkat Venkatsubra Orabug: 33352735...
Unbreakable Enterprise kernel security update
4.14.35-2047.508.3 - fuse: fix live lock in fuseiget Amir Goldstein Orabug: 33396682 CVE-2021-28950 - block: workaround to avoid self-deadlock in delgendisk Junxiao Bi Orabug: 33392821 - net: bonding: add new option arpallslaves for arpiptarget Venkat Venkatsubra Orabug: 33352735 4.14.35-2047.508...
Unbreakable Enterprise kernel security update
5.4.17-2136.300.7 - KVM: SVM: Fix mismerge in svmupdatepiirte Liam Merwick Orabug: 33446526 - Revert KVM: x86: hyperv: Remove duplicate definitions of Reference TSC Page Liam Merwick Orabug: 33450675 5.4.17-2136.300.6 - Revert scsi: core: Cap scsihost cmdperlun at canqueue Jack Vogel Orabug:...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.300.7.el7 - KVM: SVM: Fix mismerge in svmupdatepiirte Liam Merwick Orabug: 33446526 - Revert KVM: x86: hyperv: Remove duplicate definitions of Reference TSC Page Liam Merwick Orabug: 33450675 5.4.17-2136.300.6 - Revert scsi: core: Cap scsihost cmdperlun at canqueue Jack Vogel Orabug:...
httpd security update
2.4.6-97.0.1.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-97.1 - Resolves: 2011729 - CVE-2021-40438 httpd: modproxy: SSRF via a crafted request uri-path containing 'unix:'...
httpd:2.4 security update
httpd 2.4.37-39.1.0.1.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-39.1 - Resolves: 2007234 - CVE-2021-40438 httpd:2.4/httpd: modproxy: SSRF via a crafted request uri-path - Resolves: 2007646 - CVE-2021-26691...
openssl security update
1.0.2k-22 - fix CVE-2021-23841 openssl: NULL pointer dereference in X509issuerandserialhash - fix CVE-2021-23840 openssl: integer overflow in CipherUpdate - Resolves: rhbz1932132, rhbz1932126...
openssl security update
1.0.2k-22 - fix CVE-2021-23841 openssl: NULL pointer dereference in X509issuerandserialhash - fix CVE-2021-23840 openssl: integer overflow in CipherUpdate - Resolves: rhbz1932132, rhbz1932126...
libxml2 security update
2.9.1-6.0.3 - Rebuild to include attribution logo Orabug: 33024216 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-6.6 - Fix CVE-2016-4658 1966916...
389-ds-base security and bug fix update
1.3.10.2-13 - Bump version to 1.3.10.2-13 - Resolves: Bug 2005399 - Internal unindexed searches in syncrepl - Resolves: Bug 2005432 - CVE-2021-3652 389-ds:1.4/389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed - Resolves: Bug 2005434 - ACIs are being evaluated again...
kernel security and bug fix update
3.10.0-1160.45.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...
grafana security update
7.3.6-3 - resolve CVE-2021-39226 - resolve CVE-2021-27358...
firefox security update
91.2.0-4.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.2.0-4 - Disable webrender on the s390x due to wrong colors: rhbz2009503 91.2.0-3 - Update to 91.2.0 build1 91.1.0-1 - Update to 91.1.0 build1 Tue Aug 17 2021 Jan Horak -...
Unbreakable Enterprise kernel-container security update
5.4.17-2102.206.1 - Revert 'scsi: core: Cap scsihost cmdperlun at canqueue' Jack Vogel Orabug: 33403144 5.4.17-2102.206.0 - Revert 'uek-rpm: Don't recompute build-ids for kernel-uek-debuginfo' Jack Vogel Orabug: 33245043 - integrity: Load mokx variables into the blacklist keyring Eric Snowberg...
Unbreakable Enterprise kernel security update
5.4.17-2102.206.1 - Revert 'scsi: core: Cap scsihost cmdperlun at canqueue' Jack Vogel Orabug: 33403144 5.4.17-2102.206.0 - Revert 'uek-rpm: Don't recompute build-ids for kernel-uek-debuginfo' Jack Vogel Orabug: 33245043 - integrity: Load mokx variables into the blacklist keyring Eric Snowberg...
Unbreakable Enterprise kernel security update
4.1.12-124.56.1 - ocfs2: subsystem.sumutex is required while accessing the item-ciparent alex chen Orabug: 29184589 CVE-2017-18216 - bcache: fix potential deadlock problem in btreegccoalesce Zhiqiang Liu CVE-2020-12771 - filldir64: remove WARNONONCE for bad directory entries Linus Torvalds Orabug...
Unbreakable Enterprise kernel security update
4.14.35-2047.507.7.6 - fuse: fix live lock in fuseiget Amir Goldstein Orabug: 33406810 CVE-2021-28950 - block: workaround to avoid self-deadlock in delgendisk Junxiao Bi Orabug: 33406819 - net: bonding: add new option arpallslaves for arpiptarget Venkat Venkatsubra Orabug: 33406814 - net/mlx5: Ra...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.507.7.6.el7 - fuse: fix live lock in fuseiget Amir Goldstein Orabug: 33406810 CVE-2021-28950 - block: workaround to avoid self-deadlock in delgendisk Junxiao Bi Orabug: 33406819 - net: bonding: add new option arpallslaves for arpiptarget Venkat Venkatsubra Orabug: 33406814 - net/mlx5...
nodejs:14 security and bug fix update
nodejs 1:14.17.5-1 - Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, - CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672 - Resolves RHBZ1847529 make FIPS always available - Resolves: RHBZ1988599, RHBZ1994000, RHBZ1993998, RHBZ1993095 - Resolves: RHBZ1994028,...
squid security update
7:3.5.20-17.0.1 - Mutiple CVE fixes for squid Orabug: 33146289 - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing 788 - Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range...
krb5 security update
1.18.2-8.3 - Fix KDC null deref on TGS inner body null server CVE-2021-37750 - Resolves: 1997600 1.18.2-8.2 - Rebuild for rpminspect; no code changes - Resolves: 1983728 1.18.2-8.1 - Fix KDC null deref on bad encrypted challenge CVE-2021-36222 - Resolves: 1983728...
mysql:8.0 security, bug fix, and enhancement update
mysql 8.0.26-1 - Update to MySQL 8.0.26 8.0.25-1 - Update to MySQL 8.0.25 8.0.24-1 - Update to MySQL 8.0.24 - Upstreamed patch: mysql-main-cast.patch 8.0.23-1 - Update to MySQL 8.0.23 - Created mysql-fix-includes-robin-hood.patch - Created mysql-main-cast.patch 8.0.22-1 - Update to MySQL 8.0.22 -...
Unbreakable Enterprise kernel-container security update
5.4.17-2102.205.7.3.el7 - btrfs: fix NULL pointer dereference when deleting device by invalid id Qu Wenruo Orabug: 33281078 CVE-2021-3739...
Unbreakable Enterprise kernel security update
5.4.17-2102.205.7.3 - btrfs: fix NULL pointer dereference when deleting device by invalid id Qu Wenruo Orabug: 33281078 CVE-2021-3739...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.507.7.5.el7 - Bluetooth: defer cleanup of resources in hciunregisterdev Tetsuo Handa Orabug: 33369947 CVE-2021-3573 - Bluetooth: use correct lock to prevent UAF of hdev object Lin Ma Orabug: 33369947 - Bluetooth: fix the erroneous flushwork order Lin Ma Orabug: 33369947 CVE-2021-3564...
Unbreakable Enterprise kernel security update
4.14.35-2047.507.7.5 - Bluetooth: defer cleanup of resources in hciunregisterdev Tetsuo Handa Orabug: 33369947 CVE-2021-3573 - Bluetooth: use correct lock to prevent UAF of hdev object Lin Ma Orabug: 33369947 - Bluetooth: fix the erroneous flushwork order Lin Ma Orabug: 33369947 CVE-2021-3564 -...
go-toolset:ol8 security update
go-toolset 1.15.14-2 - Revert to Go 1.15.14 - Related: rhbz1995126 - Reverts: rhbz1994087 1.15.15-1 - Rebase to Go 1.15.15 - Resolves: rhbz1994087 - Add reject leading zeros patch - Resolves: rhbz1994010...
Unbreakable Enterprise kernel security update
4.1.12-124.54.6.1 - fs/namespace.c: fix mountpoint reference counter race Piotr Krysiuk Orabug: 33369433 CVE-2020-12114 CVE-2020-12114 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace Josef Bacik Orabug: 33369414 CVE-2019-19448 CVE-2019-19448 - cfg80211: wext: avoid...
nodejs:12 security and bug fix update
nodejs 1:12.22.5-1 - Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, - CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672 - Resolves RHBZ1951621 make FIPS always available - Resolves: RHBZ1988595, RHBZ1993992, RHBZ1993989, RHBZ1993093 - Resolves: RHBZ1994025,...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.507.7.4.el7 - KVM: x86: Check kvmrebooting in kvmspuriousfault Sean Christopherson Orabug: 33362693 4.14.35-2047.507.7.3 - arm64: Reserve elfcorehdr before scanning reserved memory from device tree Dave Kleikamp Orabug: 33354710 4.14.35-2047.507.7.2 - net: geneve: modify IP header...
Unbreakable Enterprise kernel security update
4.14.35-2047.507.7.4 - KVM: x86: Check kvmrebooting in kvmspuriousfault Sean Christopherson Orabug: 33362693 4.14.35-2047.507.7.3 - arm64: Reserve elfcorehdr before scanning reserved memory from device tree Dave Kleikamp Orabug: 33354710 4.14.35-2047.507.7.2 - net: geneve: modify IP header check ...
curl security update
7.61.1-18.el84.1 - fix bad connection reuse due to flawed path name checks CVE-2021-22924 - disable metalink support to fix the following vulnerabilities CVE-2021-22923 - metalink download sends credentials CVE-2021-22922 - wrong content via metalink not discarded...
nss and nspr security, bug fix, and enhancement update
nspr 4.32.0-1 - Update to NSPR 4.32 4.31.0-1 - Update to NSPR 4.31 4.30.0-1 - Update to NSPR 4.30 nss 3.67.0-6 - Fix ssl alert issue 3.67.0-5 - Fix issue with reading databases that were updated using unpatched versions of nss 3.67.0-4 - Better fix for the sdb timeout. The issue wasn't a race, it...
Unbreakable Enterprise kernel security update
5.4.17-2102.205.7.2 - btrfs: fix race between marking inode needs to be logged and log syncing Filipe Manana Orabug: 33349276 5.4.17-2102.205.7.1 - RDMA/cma: Revert INIT-INIT patch Mike Marciniszyn Orabug: 33306518 5.4.17-2102.205.7 - rds: ib: Set SENDSIGNALED on the last WR posted Hakon Bugge...
Unbreakable Enterprise kernel-container security update
5.4.17-2102.205.7.2.el7 - btrfs: fix race between marking inode needs to be logged and log syncing Filipe Manana Orabug: 33349276 5.4.17-2102.205.7.1 - RDMA/cma: Revert INIT-INIT patch Mike Marciniszyn Orabug: 33306518 5.4.17-2102.205.7 - rds: ib: Set SENDSIGNALED on the last WR posted Hakon Bugg...
kernel security, bug fix, and enhancement update
4.18.0-305.19.14.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
libtirpc security update
1.1.4-4.0.1 - Backport fix for CVE-2018-14621 in libtirpc Orabug: 33017925...
firefox security update
78.14.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.14.0-1 - Update to 78.14.0 build1...
firefox security update
78.14.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.14.0-1 - Update to 78.14.0 build1...
thunderbird security update
78.14.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.14.0-1 - Update to 78.14.0 build1 78.13.0-2 - Use the right name for the appstream file...
thunderbird security update
78.14.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.14.0-1 - Update to 78.14.0 build1 78.13.0-2 - Use the right name for the appstream file...
cyrus-imapd security update
3.0.7-20.1 - Fix for CVE-2021-33582...
oswatcher security update
9.0.0-5 - Use static path configuration for oswatcher scripts CVE-2021-2464 Orabug: 33220951...
Unbreakable Enterprise kernel security update
4.1.12-124.54.6 - xen-netback: do not kfreeskb when irq is disabled Dongli Zhang Orabug: 33282046 4.1.12-124.54.5 - l2tp: fix race between l2tpsessiondelete and l2tptunnelcloseall Guillaume Nault Orabug: 33113975 CVE-2020-0429 - l2tp: ensure sessions are freed after their PPPOL2TP socket Guillaum...
kernel security and bug fix update
4.18.0-305.17.14.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
kernel security and bug fix update
3.10.0-1160.42.2.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...
bind security update
32:9.11.4-26.P2.7 - Apply again patch 172, got removed by mistake 32:9.11.4-26.P2.6 - Insufficient IXFR checks could lead to assertion failure CVE-2021-25214...
sssd security and bug fix update
1.16.5-10.0.1 - Revert Redhat's change of disallowing duplicated incomplete gid when 'idprovider=ldap' is used, which caused regression in AD environment. Orabug: 29286774 Doc ID 2605732.1 1.16.5-10.10 - Resolves: rhbz1973796 - SSSD is NOT able to contact the Global Catalog when local site is dow...
hivex security update
1.3.10-6.12 - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976193...
kernel security and bug fix update
3.10.0-1160.41.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...