CLSA-2026-1774028594 Update of postgresql11

Initial backport of PostgreSQL 11.22 for RHEL 7 - Based on Fedora/RHEL 8 spec files for PostgreSQL 10 and 12 - Adapted for RHEL 7 compatibility: - Disabled ICU support by default not readily available on RHEL 7 - Disabled plpython3 by default may need SCL for Python 3 - Removed perl-generators...

dovecot security and bug fix update

1:2.3.8-9 - fix CVE-2020-24386 IMAP hibernation function allows mail access 1913534 1:2.3.8-8 - fix CVE-2020-25275 denial of service via mail MIME parsing 1914019 1:2.3.8-7 - change run directory from /var/run to /run 1805947 1:2.3.8-6 - fix mail storage block count parsing 1894418 - MIME parser...

NetworkManager and libnma security, bug fix, and enhancement update

libnma 1.8.30-2 - Rebuild with new gtk-doc to fix multilib issues rh 1853152 NetworkManager 1.30.0-7.0.1 - add connectivity check via Oracle servers Orabug: 32051972 - Disable the build of NetworkManager-config-connectivity- subpackage for 8.3 1:1.30.0-7 - initrd: set multi-connect=single for...

qt5-qtbase security update

5.9.7-4 - Fix: Files placed by attacker can influence the working directory and lead to malicious code execution Resolves: bz1814740 Resolves: bz1814685 5.9.7-3 - Fix multilib issue with qtcore-config.h header file Resolves: bz1534528 - Move libQt5EglFSDeviceIntegration lib into correct subpackag...

ImageMagick security, bug fix, and enhancement update

autotrace 0.31.1-38 - Resolves: 1765205 rebuild against new IM emacs 1:24.3-23 - Resolves: 1765208 rebuild against new IM ImageMagick 6.9.10.68-3 - Fixing freeze when svg file contains class='' 6.9.10.68-2 - Fixed ghostscript fonts, fixed multilib conflicts 6.9.10.68-1 - Rebase to 6.9.10.68...

bind security and bug fix update

32:9.11.4-26.P2 - Permit explicit disabling of RSAMD5 in FIPS mode 1737407 32:9.11.4-25.P2 - Fix CVE-2018-5745 - Fix CVE-2019-6465 32:9.11.4-24.P2 - Do not override random numbers provider in DHCP 1668682 32:9.11.4-23.P2 - Report errors on invalid IDN 2008 names 1679307 32:9.11.4-22.P2 - Fix...

yum security, bug fix, and enhancement update

createrepoc 0.11.0-3 - Backport patch to switch off timestamps on documentation in order to remove file conflicts RhBug:1738788 0.11.0-2 - Consistently produce valid URLs by prepending protocol. RhBug:1632121 - modifyrepoc: Prevent doubling of compression test.gz.gz RhBug:1639287 - Correct pkg...

bind security, bug fix, and enhancement update

32:9.11.4-9.P2 - Fix CVE-2019-6471 32:9.11.4-8.P2 - Fix scriptlet errors when selinux-policy is not installed 1647659 32:9.11.4-7.P2 - Fix inefective limit of TCP clients CVE-2018-5743 32:9.11.4-6.P2 - Use /sbin/nologin again 1676661 32:9.11.4-5.P2 - Make sure selinux-policy is installed soon...

openssl security update

1.0.2k-16.0.1.el76.1 - Bump release for rebuild. 1.0.2k-16.1 - use SHA-256 in FIPS RSA pairwise key check - fix CVE-2018-5407 - EC signature local timing side-channel key extraction 1.0.2k-16 - fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA - fix incorrect error message on...

Fedora 28 : 32:bind (2018-f22b937f52)

Update to bind-9.11.4-P2 - Add /dev/urandom to chroot 1631515 - Fix multilib conflicts of devel package - Add support for OpenSSL provided random data Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...

Fedora 29 : 32:bind (2018-a54e46032f)

Update to bind-9.11.4-P2 - Add /dev/urandom to chroot 1631515 - Fix multilib conflicts of devel package - Add support for OpenSSL provided random data Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...

openssl security, bug fix, and enhancement update

1.0.2k-16.0.1 - sha256 is used for the RSA pairwise consistency test instead of sha1 1.0.2k-16 - fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA - fix incorrect error message on FIPS DSA parameter generation 1603597 1.0.2k-14 - ppc64le is not multilib architecture 1585004...

BlackArch Linux v2018.06.01 - Penetration Testing Distribution

BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1981 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. ChangeLog: added more than 60 new tools added confi...

Fedora 26 : qt5-qtwebengine (2017-9a7e562fca)

An update of QtWebEngine to the security and bugfix release 5.9.2, including : Chromium Snapshot : - Security fixes from Chromium up to version 61.0.3163.79 Including: CVE-2017-5092, CVE-2017-5093, CVE-2017-5095, CVE-2017-5097, CVE-2017-5099, CVE-2017-5102, CVE-2017-5103, CVE-2017-5107,...

Oracle Linux 7 : openssh (ELSA-2017-2029)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2029 advisory. 7.4p1-11 + 0.10.3-1 - Compiler warnings 1341754 7.4p1-10 + 0.10.3-1 - Add missing messages in FIPS mode 1341754 7.4p1-9 + 0.10.3-1 - Allow harmless...

openssh security, bug fix, and enhancement update

7.4p1-11 + 0.10.3-1 - Compiler warnings 1341754 7.4p1-10 + 0.10.3-1 - Add missing messages in FIPS mode 1341754 7.4p1-9 + 0.10.3-1 - Allow harmless syscalls for s390 crypto modules 1451809 7.4p1-8 + 0.10.3-1 - Fix multilib issue in documentation 1450361 7.4p1-6 + 0.10.3-1 - ControlPath too long...

Fedora 23 : pcs-0.9.149-2.fc23 (2016-cdd4228cc7)

Re-synced to upstream sources Security fix for CVE-2016-0720, CVE-2016-0721 - Rubygems built with RELRO Spec file cleanup Fixed multilib .pyc/.pyo issue ---- Re-synced to upstream sources Security fix for CVE-2016-0720, CVE-2016-0721 Rubygems built with RELRO Spec file cleanup Fixed multilib...

Fedora 22 : pcs-0.9.149-2.fc22 (2016-3b20c4ec9d)

Added missing python-lxml dependency ---- Re-synced to upstream sources Security fix for CVE-2016-0720, CVE-2016-0721 Rubygems built with RELRO Spec file cleanup Fixed multilib .pyc/.pyo issue Note that Tenable Network Security has extracted the preceding description block directly from the Fedor...

OracleVM 3.3 : python (OVMSA-2015-0098)

The remote OracleVM system is missing necessary patches to address critical security updates : - Add Oracle Linux distribution in platform.py orabug 21288328 Keshav Sharma - Enable use of deepcopy with instance methods Resolves: rhbz1223037 - Since -libs now provide python-ordered dict, added...

libreoffice security, bug fix, and enhancement update

libabw 0.0.2-1 - new upstream release 0.0.2 - generate man pages for the tools 0.0.1-1 - new upstream release libcmis 0.4.1-5 - Related: rhbz1132065 coverity: fix mismatching exceptions 0.4.1-4 - a few use-after-free fixes for the C wrapper 0.4.1-3 - Resolves: rhbz1132065 rebase to 0.4.1 libetony...