502 matches found
Fix of CVE: CVE-2021-27135
CVE-2021-27135: fix crash when processing combining characters...
Update of microcode_ctl
...
java-1.8.0-openjdk: Fix of 6 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u422-b05. That fixes following CVEs: - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: Infinite loop vunlerability in SymbolTable - CVE-2024-21140: Int overflow/underflow in Range Check Elimination RCE - CVE-2024-21144: Invalid header...
Update of nss
Update to CKBI 2.60 from NSS 3.86 - Removed: - Certificate "Camerfirma Global Chambersign Root" - Certificate "Cybertrust Global Root" - Certificate "DST Root CA X3" - Certificate "EC-ACC" - Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" - Certificate "GlobalSign Root CA - R2" -...
Update of ca-certificates
update to CKBI 2.58 from NSS 3.67 - removed old certificates: - Certificate "Camerfirma Global Chambersign Root" - Certificate "Cybertrust Global Root" - Certificate "Equifax Secure eBusiness CA 1" - Certificate "Equifax Secure Global eBusiness CA" - Certificate "Explicitly Distrusted DigiNotar...
python: Fix of 2 CVEs
CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess CPU resources while parsing the cookie value - CVE-2024-6232: fix regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing and was vulnerable to ReDoS via specifically-crafted tar...
clamav: Fix of 2 CVEs
Update to 0.103.11 - CVE-2023-20032: fix missing buffer size check that may result in a heap buffer overflow write - Don't apply clamav-check.patch and CVE-2022-20698.patch as they have already been applied in new 0.103.11 version - Don't apply clamav-clamonacc-service.patch since el6 doesn't...
Update of kernel, kernel-debug-devel, kernel-devel, kernel-debug, kernel-debug-devel, python-perf, perf, kernel-headers
...
php: Fix of CVE-2024-11234
CVE-2024-11234: fix stream HTTP fulluri CRLF injection...
microcode_ctl: Fix of CVE-2023-31315
Update Intel CPU microcode to 20240813: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000390; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b0005c0; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
git: Fix of CVE-2024-32004
CVE-2024-32004: integrating ownership checking to detect dubious local repositories during cloning...
Update of ca-certificates
update to CKBI 2.60 from NSS 3.86 - removed old certificates: - Certificate "EC-ACC" - Certificate "GlobalSign ECC Root CA - R4" - Certificate "GTS Root R1" - Certificate "GTS Root R2" - Certificate "GTS Root R3" - Certificate "GTS Root R4" - Certificate "Hellenic Academic and Research...
php: Fix of CVE-2024-8925
CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data boundaries larger than the read buffer...
Update of amanda
Fix bug that leads to amdump and runtar problem due to options recognized as invalid falsely...
Update of bind-sdb, bind-libs, bind-devel, bind, bind-utils, bind-chroot
...
Update of kernel, kernel-headers, kernel-debug-devel, kernel-debug, perf, python-perf, kernel-debug-devel, kernel-devel
KB-127: Bump version separete fw build...
Update of php 5.3: Fix segfault during graceful Apache restart
ELS-42: Fix segfault during graceful Apache restart...
Update of openssl-static, openssl, openssl-devel, openssl-perl, openssl, openssl-devel
...
bind: Fix of CVE-2024-1975
CVE-2024-1975: Remove support for SIG0 message verification - Fix tsiggss test...
Update of microcode_ctl
Fix silent microcode rejection in some cases - Loading to /dev/null is enabled on VM...
Update of nss
Update to CKBI 2.62 from NSS 3.91 - Added: - Certificate "BJCA Global Root CA1" - Certificate "BJCA Global Root CA2"...
Update of openssl-static, openssl-perl, openssl-devel, openssl, openssl-devel, openssl
Always check certificates from local root store first...
kernel: Fix of 39 CVEs
nfs: fix UAF in direct writes CVE-2024-26958 - NFSD: Fix the behavior of READ near OFFSETMAX CVE-2022-48827 - thermal: core: prevent potential string overflow CVE-2023-52868 - ath5k: fix OOB in ath5keepromreadpcalinfo5111 CVE-2021-47633 - RDMA/cma: Ensure rdmaaddrcancel happens before issuing...
Update of ca-certificates
update to CKBI 2.62 from NSS 3.91 - added new certificates: - Certificate "BJCA Global Root CA1" - Certificate "BJCA Global Root CA2"...
Update of microcode_ctl
Update Intel CPU microcode to microcode-20220207 release: - Fixes in releasenote.md file...
Update of kernel-abi-whitelists, kernel-firmware, kernel-doc
...
Update of bind-sdb, bind-libs, bind-devel, bind, bind-utils, bind-chroot
...
squid: Fix of CVE-2024-45802
CVE-2024-45802: disable ESI...
squid34: Fix of CVE-2024-45802
CVE-2024-45802: disable ESI...
Update of els-define
Add OracleLinux support...
Update of nscd, glibc-headers, glibc, glibc-utils, glibc-static, glibc-static, glibc-devel, glibc-devel, glibc, glibc-common
More precise DNS name checks accepting dash-.example.com, among other things...
Update of perl-Pod-Simple, perl-IO-Compress-Bzip2, perl-Log-Message, perl-CPANPLUS, perl-Parse-CPAN-Meta, perl-Archive-Tar, perl-Locale-Maketext-Simple, perl-Compress-Raw-Zlib, perl-ExtUtils-MakeMaker, perl-version, perl-Params-Check, perl-Module-CoreList, perl-parent, perl-Log-Message-Simple, perl-IO-Compress-Base, perl-Archive-Extract, perl-Test-Harness, perl-Module-Load, perl-Compress-Zlib, perl-Module-Pluggable, perl-Pod-Escapes, perl-Module-Build, perl-Module-Loaded, perl-Test-Simple, perl-Term-UI, perl-Package-Constants, perl-Object-Accessor, perl-Digest-SHA, perl-ExtUtils-ParseXS, perl-File-Fetch, perl-Time-HiRes, perl-Compress-Raw-Bzip2, perl-Time-Piece, perl-CGI, perl-ExtUtils-CBuilder, perl-IO-Zlib, perl-Module-Load-Conditional, perl-IO-Compress-Zlib, perl-ExtUtils-Embed, perl-IPC-Cmd, perl-CPAN
...
php: Fix of CVE-2024-11233
CVE-2024-11233: fix single byte overread with convert.quoted-printable-decode filter...
php: Fix of CVE-2024-8927
CVE-2024-8927: Fix bypass of cgi.forceredirect configuration...
Update of nss
Update to CKBI 2.64 from NSS 3.95 - Removed: - Certificate "E-Tugra Certification Authority" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification Authority - G6" - Certificate "Symantec Class 2 Public Primary Certification Authority - G6" -...
Update of kernel-firmware, kernel-abi-whitelists, kernel-doc
KB-127: Bump version separete fw build...
Update of bind-sdb, bind-libs, bind-devel, bind, bind-utils, bind-chroot
...
Update of bind-sdb, bind-libs, bind-devel, bind, bind-utils, bind-chroot
...
Update of ca-certificates
update to CKBI 2.64 from NSS 3.95 - updated: - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed old certificates: - Certificate "E-Tugra Certification Authority" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification...
exim: Fix of CVE-2026-40685
CVE-2026-40685: fix OOB heap write in dewrap during JSON expansion...
ImageMagick: Fix of 3 CVEs
CVE-2020-27751: fix shift exponent that is too large for 64-bit type at magick/quantum-export.c - CVE-2020-27757: fix outside the range of representable values of type 'unsigned long long' bug at magick/quantum-private.h - CVE-2020-27768: fix outside the range of representable values of type...
Update of microcode_ctl
Update AMD CPU microcode to 2023-10-19: - Addition AMD CPU microcode for processor family 19h: sig 0x00a10f12, sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11; - Update AMD CPU microcode for processor family 17h: sig 0x00830f10...
Update of bind-devel, bind-chroot, bind-libs, bind, bind-libs, bind-utils, bind-devel, bind-sdb
...
kernel: Fix of 3 CVEs
NFSv4.0: Fix a use-after-free problem in the asynchronous open CVE-2024-53173 - ALSA: usb-audio: Fix out of bounds reads when finding clock sources CVE-2024-53150 - misc/libmasm/module: Fix two use after free in ibmasminitone CVE-2021-47334...
squid34: Fix of CVE-2024-25617
CVE-2024-25617: Improve handling of expanding HTTP header values to prevent DoS...
kernel: Fix of 6 CVEs
hwmon: ibmpex Fix possible UAF when ibmpexregisterbmc fails CVE-2022-49029 - ppp: fix pppasyncencode illegal access CVE-2024-50035 - ext4: no need to continue when the number of entries is 1 CVE-2024-49967 - net/packet: fix slab-out-of-bounds access in packetrecvmsg CVE-2022-20368 - packet: in...
quagga: Fix of CVE-2018-5381
CVE-2018-5381: bgpd capability parser can enter an infinite loop on invalid OPEN messages whose Multi-Protocol capability has an unrecognized AFI/SAFI, causing a denial of service...
openldap: Fix of 14 CVEs
Rebase to 2.4.58 to fix the following vulnerabilities: - CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions - CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing - CVE-2020-36223: fix slapd crash in the Values Return...
clamav: Fix of 8 CVEs
Update to 1.0.9 LTS version - CVE-2025-20260: Fixed a possible buffer overflow write bug in the PDF file parser - CVE-2025-20128: Fixed a possible buffer overflow read bug in the OLE2 file parser - CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems...
binutils: Fix of CVE-2025-0840
CVE-2025-0840: fix stack-buffer-overflow at objdump disassemblebytes...