9173 matches found
bluez security update
5.52-4 + bluez-5.52-4 - Fixing 1885378 5.52-3 + bluez-5.52-3 - Revering the 5.52-2 patch due some mismatch with upsream patch. 5.52-2 + bluez-5.52-2 - Fixing 1885378 5.52-1 + bluez-5.52-1 - Fixing 1830397...
libdb security update
5.3.28-40 - Resolves: CVE-2019-2708 - Resolves: 1856237...
krb5 security update
1.18.2-8 - Add recursion limit for ASN.1 indefinite lengths CVE-2020-28196 - Resolves: 1906492 1.18.2-7 - Document -k option in kvno1 synopsis - Resolves: 1869055 1.18.2-6 - Enable MD5 override for FIPS RADIUS - Resolves: 1872689 1.18.2-5.2 - Unify kvno option documentation - Resolves: 1869055...
cpio security update
2.12-10 - Fixed improper input validation when writing tar header fields 1766223 2.12-9 - Extract: retain times for symlinks 1487673...
httpd:2.4 security, bug fix, and enhancement update
httpd 2.4.37-39.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracles index page oracleindex.html 2.4.37-39 - prevent htcacheclean from while break when first file processed 2.4.37-38 - Resolves: 1918741 - Thousands of /tmp/modproxy.tmp. files created by...
mailman:2.1 security update
3:2.1.29-11 - Fixes for CVE-2020-12108 and CVE-2020-15011...
evolution security, bug fix, and enhancement update
evolution 3.28.5-16 - Resolves: 1902630 Crash on file drag into mail composer with WebKitGTK 2.30 3.28.5-15 - Resolves: 1883619 ECalendarItem: Settings loaded only when being shown evolution-data-server 3.28.5-15 - Resolves: 1862403 CVE-2020-16117: Crash on malformed server response with minimal...
unbound security, bug fix, and enhancement update
1.7.3-15 - Fix SPEC file to not check md5 mtime and size of /var/lib/unbound/root.key - Resolves: rhbz1714175 - Use system-wide crypto policy setting PROFILE=SYSTEM instead of custom setting - Resolves: rhbz1842837 - Enable additional logging in unbound - Resolves: rhbz1850460 - security hardenin...
go-toolset:ol8 security, bug fix, and enhancement update
delve 1.5.0-2.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.5.0-2 - Add golang-1.15.4 related patch - Resolves: rhbz1901189 1.5.0-1 - Rebase to 1.5.0 - Related: rhbz1870531 golang 1.15.7-1 - Rebase to 1.15.7 - Resolves: rhbz1870531 - Resolves: rhbz1919261 1.15.5-1 - Rebase to...
wpa_supplicant security, bug fix, and enhancement update
1:2.9-5 - P2P: Fix a corner case in peer addition based on PD Request CVE-2021-27803 - Fix buffer overflow when processing P2P group information CVE-2021-0326 1:2.9-4 - enable WPA-EAP-SUITE-B-192 rh 1916394 1:2.9-3 - fix p2plisten unexpectedly stopped after 5 seconds rh 1693684 - allow changing...
GNOME security, bug fix, and enhancement update
accountsservice 0.6.55-1 - Rebase to 0.6.55 Resolves: 1846376 atkmm 2.24.2-7 - Rebuild for annobin fixes - Resolves: rhbz1703969 cairomm 1.12.0-8 - Rebuild for the annobin fixes - Resolves: rhbz1703971 chrome-gnome-shell 10.1-7 - Disable updates support Resolves: 1802105 dleyna-core 0.6.0-3 - Don...
sqlite security update
3.26.0-13 - enabled fts3conf.test on s390x and ppc64 architectures 3.26.0-12 - Fixed CVE-2020-13434 1845843 - Fixed CVE-2020-15358 1855208...
glibc security, bug fix, and enhancement update
2.28-151.0.1.el84 - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag ...
dovecot security and bug fix update
1:2.3.8-9 - fix CVE-2020-24386 IMAP hibernation function allows mail access 1913534 1:2.3.8-8 - fix CVE-2020-25275 denial of service via mail MIME parsing 1914019 1:2.3.8-7 - change run directory from /var/run to /run 1805947 1:2.3.8-6 - fix mail storage block count parsing 1894418 - MIME parser...
qt5-qtbase security and bug fix update
5.12.5-8 - Build against system xkb and openssl 1.1 Resolves: bz1882375 5.12.5-7 - Fix buffer overflow in XBM parser Resolves: bz1870364...
python-cryptography security, bug fix, and enhancement update
3.2.1-4 - CVE-2020-36242: Fixed a bug where certain sequences of update calls when symmetrically encrypting very large payloads 2GB could result in an integer overflow, leading to buffer overflows. - Resolves: rhbz1926528 3.2.1-3 - Conflict with non-matching vector package 3.2.1-2 - Re-add remove...
NetworkManager and libnma security, bug fix, and enhancement update
libnma 1.8.30-2 - Rebuild with new gtk-doc to fix multilib issues rh 1853152 NetworkManager 1.30.0-7.0.1 - add connectivity check via Oracle servers Orabug: 32051972 - Disable the build of NetworkManager-config-connectivity- subpackage for 8.3 1:1.30.0-7 - initrd: set multi-connect=single for...
libvncserver security update
0.9.11-17 - Fix CVE-2020-25708 Resolves: 1898078 0.9.11-16 - Fix CVE-2019-20839 Resolves: 1851032 - Fix CVE-2018-21247 Resolves: 1852516 - Fix CVE-2020-14405 Resolves: 1860527 - Fix CVE-2020-14397 Resolves: 1861152...
spice security update
0.14.3-4 - Disable client-side renegotiation to prevent potential DoS Resolves: rhbz1904459 0.14.3-3 - Fix some static analyzer issues - Removed Obsoletes line for spice-client Related: rhbz1840240 0.14.3-2 - Fix multiple buffer overflows in QUIC decoding code Resolves: rhbz1829946 0.14.3-1 -...
grafana security, bug fix, and enhancement update
7.3.6-2 - change working dir to in grafana-cli wrapper fixes Red Hat BZ 1916083 - add pcp-redis-datasource to allowloadingunsignedplugins config option 7.3.6-1 - update to 7.3.6 tagged upstream community sources, see CHANGELOG - remove dependency on SAML not supported in the open source version o...
curl security and bug fix update
7.61.1-18 - http: send payload when proxy authentication is done 1918692 - curl: Inferior OCSP verification CVE-2020-8286 - libcurl: FTP wildcard stack overflow CVE-2020-8285 - curl: trusting FTP PASV responses CVE-2020-8284 7.61.1-17 - validate an ssl connection using an intermediate certificate...
tigervnc security, bug fix, and enhancement update
1.11.0-6 - Use GNOME as default session Resolves: bz1853608 1.11.0-5 - Make sure we log properly output to journal actually log to syslog Resolves: bz1841537 1.11.0-4 - Make sure we log properly output to journal Resolves: bz1841537 1.11.0-3 - vncserver: ignore new 'session' parameter from the ne...
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
apache-commons-collections jss 4.8.1-2 - Bug 1932803 - HSM + FIPS: CMCRequest with a shared secret resulting in error 4.8.1-1 - Rebase to upstream JSS v4.8.1 - Red Hat Bugilla 1908541 - jss broke SCEP - missing PasswordChallenge class - Red Hat Bugilla 1489256 - RFE jss should support RSA with OA...
trousers security, bug fix, and enhancement update
0.3.15-1 - Rebase to 0.3.15 - Fix CVE-2020-24330 CVE-2020-24331 CVE-2020-24332 resolves: rhbz1725782 rhbz1877517 rhbz1882402 rhbz1882414...
python-lxml security update
4.2.3-2 - Security fix for CVE-2020-27783: mXSS due to the use of improper parser Resolves: rhbz1901633...
sudo security and bug fix update
1.8.29-7 - RHEL 8.4 ERRATUM - CVE-2021-3156 Resolves: rhbz1917734 - CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit Resolves: rhzb1916434 - CVE-2021-23240 sudo: symbolic link attack in SELinux-enabled sudoedit Resolves: rhbz1917038 - updated upstream url...
python-urllib3 security update
1.24.2-5.0.1 - set RECENTDATE to 01/30/2019 to make checks happy Orabug: 30228991 1.24.2-5 - Security fix for CVE-2020-26137 Resolves: rhbz1883889...
spice-vdagent security and bug fix update
0.20.0-3 - Fix mouse problems in multi-monitor environments under Wayland Resolves: rhbz1790904 rhbz1824610 0.20.0-2 - Resolves: CVE-2020-25650, CVE-2020-25651, CVE-2020-25652, CVE-2020-25653...
kernel security, bug fix, and enhancement update
4.18.0-305.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x...
libxml2 security update
2.9.7-9.0.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.7-9 - Fix CVE-2020-24977 1878252...
exiv2 security, bug fix, and enhancement update
0.27.3-2 - Avoid duplicating Changelog file Resolves: bz1880984 0.27.3-1 - Update to 0.27.3 Resolves: bz1880984...
raptor2 security and bug fix update
2.0.15-16 - Resolves: rhbz1900904 CVE-2020-25713 raptor2: malformed input file can lead to a segfault 2.0.15-15 - Resolves: rhbz1896534 CVE-2017-18926 raptor: heap-based buffer overflow 2.0.15-14 - Resolves: rhbz1896340 Suppress documentation in Flatpak builds...
container-tools:ol8 security, bug fix, and enhancement update
cockpit-podman 29-2 - fix gating test failure for cockpit-podman - Related: 1914884 29-1 - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/29 - Related: 1883490 conmon 2:2.0.26-1 - update to https://github.com/containers/conmon/releases/tag/v2.0.26 - Related: 1883490...
idm:DL1 and idm:client security, bug fix, and enhancement update
bind-dyndb-ldap 11.6-2 - Rebuild against bind 9.11.26 - Resolves: rhbz1904612 11.6-1 - New upstream release - Resolves: rhbz1891735 ipa 4.9.2-3.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.2-3 - ipa-client-install displays false message 'sudo binary does not seem to ...
virt:ol and virt-devel:rhel security, bug fix, and enhancement update
libvirt 6.0.0-35.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma - Disable parallel builds Karl Heubaum libvirt-dbus 1.3.0 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release libvirt-python...
ghostscript security, bug fix, and enhancement update
9.27-1 - Rebase to 9.27 - Resolves: rhbz1874523...
python38:3.8 security update
python38 3.8.6-3 - Security fix for CVE-2021-3177 Resolves: rhbz1919161 3.8.6-2 - Add support for upstream architecture names https://fedoraproject.org/wiki/Changes/PythonUpstreamArchitectureNames Resolves: rhbz1868006 3.8.6-1 - Update to 3.8.6 - Security fix for CVE-2020-26116 python-requests...
userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update
egl-wayland 1.1.5-3 - Add upstream patch to address rhbz1842473 1.1.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora33MassRebuild 1.1.5-1 - Update to 1.1.5 libdrm 2.4.103-1 - Update to 2.4.103 libglvnd 1.3.2-1 - Update to 1.3.2 release libinput 1.16.3-1 - libinput 1.16.3 1886648 libwacom...
python27:2.7 security and bug fix update
python2 2.7.18-4.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 2.7.18-4 - Security fix for CVE-2021-3177 Resolves: rhbz1919163 2.7.18-3 - Fixes for bundling prefix=/app build in gimp/inkscape containers Resolves: rhbz1907592 2.7.18-2 - Security fix for CVE-2020-26116: Reject...
opensc security, bug fix, and enhancement update
0.20.0-4 - Use file cache by default 1892810 - Avoid calloc with 0 argument 1895401 0.20.0-3 - Support PIN change for HID Alt tokens 1830901 - Fix CVE-2020-26570, CVE-2020-26571 and CVE-2020-26572 - Fix right padding of token labels of some cards 1877973...
p11-kit security, bug fix, and enhancement update
0.23.22-1 - Rebase to 0.23.22 to fix memory safety issues CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363 - Preserve DTNEEDED information from the previous version, flagged by rpmdiff - Add xsltproc to BR 0.23.21-4 - Fix realloc usage on proxy cleanup 1894979 - Make 'trust anchor --store'...
brotli security update
1.0.6-3 - Resolves: CVE-2020-8927...
perl security and bug fix update
4:5.26.3-419 - Fix CVE-2020-10543 bug 1839273 - Fix CVE-2020-10878 bug 1839276 - Fix a file mode of a perl-example.stp example bug 1913693 4:5.26.3-418 - Fix CVE-2020-12723 bug 1839279...
python3 security update
3.6.8-37.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-37 - Fix for CVE-2021-23336 Resolves: rhbz1928904 3.6.8-36 - Fix for CVE-2021-3177 Resolves: rhbz1918168 3.6.8-35 - New options -a and -k for pathfix.py script backported from upstream Resolves: rhbz1917691 3.6.8-3...
freerdp security, bug fix, and enhancement update
2:2.2.0-1 - Update to 2.2.0 rhbz1881971...
samba security, bug fix, and enhancement update
openchange 2.3-27.0.1 - Use ldconfigscriptlets 2.3-27 - Rebuild for newer samba samba 4.13.3-3 - resolves: 1924615 - Fix a memcache bug when cache is full - resolves: 1924571 - Ensure that libwbclient has been updated before restarting services 4.13.3-2 - resolves: 1909647 - Fix winbind in trust...
systemd security, bug fix, and enhancement update
239-45.0.1 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev rules: fix memory hot add and remove Orabug: 31310273 - fix to enable systemd-pstore.service Orabug: 30951066 - journal: change support URL shown in the catalog entries Orabug: 30853009 - fix to generate...
perl security update
4:5.10.1-144.0.1 - Backport patch for CVE-2020-10543 Orabug: 32855589 - Backport patch for CVE-2020-10878 Orabug: 32855589 - Backport patch for CVE-2020-12723 Orabug: 32855589...
xorg-x11-server security update
1.20.4-16 - CVE fix for: CVE-2021-3472 1944956...
slapi-nis security and bug fix update
0.56.5-4 - CVE 2021-3480: slapi-nis: NULL dereference DoS with specially crafted Binding DN - Resolves: rhbz1942937...