8997 matches found
libtirpc security update
1.1.4-4.0.1 - Backport fix for CVE-2018-14621 in libtirpc Orabug: 33017925...
libsndfile security update
1.0.28-10.1 - a crafted wav file could cause heap buffer overflow that allowed an arbitrary code execution1985027...
grafana security, bug fix, and enhancement update
7.3.6-2 - change working dir to in grafana-cli wrapper fixes Red Hat BZ 1916083 - add pcp-redis-datasource to allowloadingunsignedplugins config option 7.3.6-1 - update to 7.3.6 tagged upstream community sources, see CHANGELOG - remove dependency on SAML not supported in the open source version o...
Unbreakable Enterprise kernel security update
...
xterm security update
331-1.2 - Fix issue found by covcan - Related: rhbz1927567 331-1.1 - Backport security fix for CVE-2021-27135 - Resolves: rhbz1927567...
thunderbird security update
78.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.6.0-1 - Update to 78.6.0...
cloud-init security, bug fix, and enhancement update
19.4-11.0.1 - Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 Orabug: 30435672 - Update OCI Datasource to support IMDSv2 - limit permissions Orabug: 31352433 - Changes to ignore all enslaved interfaces Orabug: 30092148 - Fix swap file size allocation logic to allocate...
libX11 security update
1.6.7-3 - Fix CVE-2020-14363 1873922...
samba security, bug fix, and enhancement update
4.10-16-5 - related: 1785121 - Add missing RPM Requires 4.10.16-2 - resolves: 1828354 - add additioanl hostnames to the keytab - resolves: 1836427 - add dnshostname option net-ads-join 4.10.16-1 - related: 1785121 - Rebase to version 4.10.16 4.10.15-5 - resolves: 1831986 - Fix gencache for normal...
gnutls security update
3.6.8-10 - Fix CVE-2020-11501 1826176...
taglib security update
1.8-8.20130218git - Fixed OOB read when loading invalid ogg flac file Resolves: bz1585260...
cups security and bug fix update
1:1.6.3-43 - 1687571 - cupsd doesnt clean tmp files if client conn is terminated abnormally 1:1.6.3-42 - 1651575 - CVE-2018-4700 cups 1:1.6.3-41 - 1608764 - CVE-2018-4180 cups - 1607291 - CVE-2018-4181 cups...
zsh security update
5.0.2-34.el77.2 - improve printing of error messages introduced by the fix of CVE-2019-20044 5.0.2-33.el77.1 - drop privileges securely when unsetting PRIVILEGED option CVE-2019-20044...
sqlite security update
3.26.0-4 - Fixed CVE-2019-13734 1786508...
libjpeg-turbo security update
1.5.3-10 - Fix CVE-2018-14498 1687477 1.5.3-9 - Fix LDFLAGS 1688397 1.5.3-8 - Support running with Intel CET 1688397...
Unbreakable Enterprise kernel security update
4.14.35-1902.7.3 - rds: Rename rdssendping to rdssendhsping Hakon Bugge Orabug: 30418043 - rds: Use READ,WRITEONCE for heartbeat start and state Hakon Bugge Orabug: 30418043 - rds: Change heartbeat params from module params to sysctl Hakon Bugge Orabug: 30418043 - rds: Fix and augment probe...
squid:4 security update
libecap 1.0.1-2 - Resolves: 1696354 - Ensure modular RPM upgrade path squid 7:4.4-5 - Resolves: 1744672 - CVE-2019-12527 squid:4/squid: heap-based buffer overflow in HttpHeader::getAuth...
uriparser security update
0.7.5-10 - Fix CVE-2018-19198, CVE-2018-19199 Fix unescaped % in a comment Resolves: 1652002, 1652001...
ruby:2.5 security update
ruby 2.5.3-104 - Prohibit arbitrary code execution when installing a malicious gem. Resolves: CVE-2019-8324 rubygem-mongo 2.5.1-2 - Disable tests to fix FTBFS by dropped MongoDB module. Resolves: rhbz1710863 rubygem-pg 1.0.0-2 - Assign a random testing port...
spamassassin security update
3.4.0-4 - Add missing Requires for perlXSLoader and perlExtUtils::MakeMaker, - which are no longer auto-generated due to a expected change in rpm-build - Related: rhbz1632998 3.4.0-3 - Fix CVE-2018-11781 - Local user code injection in the meta rule syntax - Fix CVE-2017-15705 - Certain unclosed...
gnupg2 security update
2.0.14-9 - fix CVE-2018-12020 - missing sanitization of original filename...
firefox security update
52.7.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.7.0-1 - Update to 52.7.0 ESR...
qemu-kvm security update
1.5.3-141.el74.1 - kvm-qemu-nbd-Ignore-SIGPIPE.patch bz1468107 - Resolves: bz1468107 CVE-2017-10664 qemu-kvm: Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort rhel-7.4.z...
tcpdump security, bug fix, and enhancement update
14:4.9.0-5 - Resolves: 1441597; use bigger capture buffer than in upstream 14:4.9.0-4 - Drop downstream patch drop root privileges - Add libcap-ng as a new build dependency - Related: 1262283 14:4.9.0-3 - Fix tests according to our patches and libpcap version 14:4.9.0-2 - Use getnameinfo instead ...
thunderbird security update
52.2.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.2.0-1 - Update to 52.2.0...
firefox security update
45.2.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.2.0-1 - Update to 45.2.0 ESR 45.1.1-2 - Added fix for mozbz1270046 - new Samba auth response...
cpio security and bug fix update
2.11-24 - fix for CVE-2014-9112 2.11-23 - better check for read error rhbz1138148 - fix ru translation rhbz1075513...
autofs security, bug fix and enhancement update
5.0.7-54.0.1 - add autofs-5.0.5-lookup-mounts.patch Orabug:12658280 Bert Barbe 1:5.0.7-54 - bz1263508 - Heavy program map usage can lead to a hang - fix out of order call in program map lookup. - Resolves: rhbz1263508 1:5.0.7-53 - bz1238573 - RFE: autofs MAPHASHTABLESIZE description - update...
kvm security update
kvm-83-274.0.1.el5 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83.274.el5 - net-add-checks-to-validate-ring-buffer-pointers.patch bz1263272 - Resolves: bz1263272 CVE-2015-5279 kvm: qemu: Heap overflow vulnerability in ne2000receive...
subversion security update
1.7.14-7.1 - add security fixes for CVE-2015-0248, CVE-2015-0251, CVE-2015-3184, CVE-2015-3187...
firefox security update
38.2.1-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.2.1-1 - Update to 38.2.1 ESR...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-98.1.1 - md: use kzalloc when bitmap is disabled Benjamin Randazzo Orabug: 21563041 CVE-2015-5697...
libuser security update
0.56.13-8 - Update CVE-2015-3246 patch based on review comments Resolves: 1235518 0.56.13-7 - Dont use 512-bit RSA private keys in tests Related: 1235518 - Fix testsuite failures if more than one architecture is building concurrently Related: 1235518 0.56.13-6 - Fix CVE-2015-3246 Resolves: 123551...
autofs security and bug fix update
5.0.5-113.0.1 - add autofs-5.0.5-lookup-mounts.patch Orabug:12658280 Bert Barbe use tcp instead of udp 5.0.5-113 - bz1201195 - autofs: MAPFMTDEFAULT is not macro in lookupprogram.c - fix macro usage in lookupprogram.c. - Resolves: rhbz1201195 5.0.5-112 - bz1124083 - Autofs stopped mounting...
grep security, bug fix, and enhancement update
2.20-3 - Updated pcre buildrequires to require pcre-devel = 7.8-7 Related: rhbz1193030 2.20-2 - Fixed invalid UTF-8 byte sequence error in PCRE mode by pcre-backported-fixes patch Resolves: rhbz1193030 - Fixed buffer overrun for grep -F Resolves: CVE-2015-1345 - Fixed bogus date in the changelog...
mailman security and bug fix update
3:2.1.12-25 - fix CVE-2002-0389 - local users able to read private mailing list archives 3:2.1.12-24 - fix CVE-2015-2775 - directory traversal in MTA transports 3:2.1.12-23 - fix 1095359 - handle update when some mailing lists have been created by newer Mailman than this one 3:2.1.12-22 - fix...
kvm security update
kvm-83-272.0.1.el5 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83.272.el5 - kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch bz1219266 - Resolves: bz1219266 kvm: qemu: floppy disk controller flaw rhel-5.11.z...
kvm security update
kvm-83-270.0.1.el511 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83-270.el5 - KVM: x86: Check non canonical addresses upon WRMSR - Resolves: bz1152982 CVE-2014-3610 kernel: kvm: noncanonical MSR writes rhel-5.11.z kvm-83-269.el5 - KVM:...
firefox security update
31.6.0-2.0.1.el511 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 31.6.0-1 - Update to 31.6.0 ESR Build 2 31.6.0-1 - Update to 31.6.0 ESR...
subversion security update
1.7.14-7 - add security fixes for CVE-2014-3528, CVE-2014-3580, CVE-2014-8108...
kernel security and bug fix update
kernel 2.6.18-400.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...
firefox security update
31.3.0-4.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones 31.3.0-4 - Update to 31.3.0 ESR Build 2 - Fix for geolocation API rhbz1063739 31.2.0-5 - splice workaround rhbz1150082 31.2.0-4 - ppc build fix rhbz1151959...
libXfont security update
1.2.2-1.0.6 - CVE-2014-0209: integer overflow of allocations in font metadata file parsing bug 1163602, bug 1163601 - CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies bug 1163602, bug 1163601 - CVE-2014-0211: integer overflows calculating memory needs for xfs replies bug...
rsyslog5 and rsyslog security update
5.8.12-5.0.1 - use setsid to get a controlling session and process group Orabug: 17364545 5.8.12-5 - fix CVE-2014-3634 resolves: 1149158...
nss security update
nss 3.16.2-7.0.1.el70 - Added nss-vendor.patch to change vendor 3.16.2-7 - Resolves: Bug 1145433 - CVE-2014-1568 3.16.2-6 - Rolling back to commit e5fb6e476c179665976e906604496cbbb24f22a7 - Related: Bug 1145433 nss-softokn 3.16.2-3 - Resolves: Bug 1145433 - CVE-2014-1568 nss-util 3.16.2-2 -...
resteasy-base security update
2.3.5-3 - Resolves: rhbz1121917 - CVE-2014-3490: XXE via parameter entities...
wireshark security update
1.0.15-6.0.1.el5 - Added oracle-ocfs2-network.patch - increase max packet size to 65536 Herbert van den Bergh orabug 13542633 1.0.15-6 - security patches - Resolves: CVE-2012-6056 CVE-2012-6060 CVE-2012-6061 CVE-2012-6062 CVE-2013-3557 CVE-2013-3559 CVE-2013-4081 CVE-2013-4083 CVE-2013-4927...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-26.2.2.el6uek - netfilter: nfconntrackdccp: fix skbheaderpointer API usages Daniel Borkmann Orabug: 18421673 CVE-2014-2523 - cifs: ensure that uncached writes handle unmapped areas correctly Jeff Layton Orabug: 18461067 CVE-2014-0069 CVE-2014-0069 - net: sctp: fix sctpsfdo51Dce ...
openssl security update
1.0.1e-16.4 - fix CVE-2013-4353 - Invalid TLS handshake crash 1.0.1e-16.3 - fix CVE-2013-6450 - possible MiTM attack on DTLS1 1.0.1e-16.2 - fix CVE-2013-6449 - crash when version in SSL structure is incorrect...
samba4 security update
4.0.0-60.rc4 - resolves: 1018039 - Fix CVE-2013-4408. 4.0.0-59.rc4 - Fix usage of client min/max protocol options in winbindd - related: 949993...