9173 matches found
yum security, bug fix, and enhancement update
createrepoc 0.11.0-3 - Backport patch to switch off timestamps on documentation in order to remove file conflicts RhBug:1738788 0.11.0-2 - Consistently produce valid URLs by prepending protocol. RhBug:1632121 - modifyrepoc: Prevent doubling of compression test.gz.gz RhBug:1639287 - Correct pkg...
kernel security and bug fix update
2.6.32-754.14.2.OL6 - Update genkey bug 25599697 2.6.32-754.14.2 - x86 x86/speculation/mds: Add SMT warning message Waiman Long 1692386 1692387 1692388 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 - x86 x86/speculation/mds: Add mds=full, nosmt cmdline option Waiman Long 1692386 1692387 1692388...
java-1.7.0-openjdk security update
1:1.7.0.191-2.6.15.4.0.1 - Update DISTRONAME in specfile 1:1.7.0.191-2.6.15.4 - Bump to revised 2.6.15 tarball with PR3616 -notimestamp javadoc fix - Resolves: rhbz1594249 1:1.7.0.191-2.6.15.3 - Bump to revised 2.6.15 tarball with jdk7u191-b01 - Resolves: rhbz1594249 1:1.7.0.191-2.6.15.2 - Fix ho...
kernel security and bug fix update
3.10.0-693.17.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.17.1 - s390 locking/barriers: remove old gmb macro definition Denys Vlasenko...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.14.2 - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060050 CVE-2016-6480 CVE-2016-6480 - IB/srpt: Simplify srpthandletskmgmt Bart Van Assche Orabug: 25060011 CVE-2016-6327 - audit: fix a double fetch in auditlogsingleexecvearg Paul Moore...
kernel security, bug fix, and enhancement update
2.6.32-642 - scsi fc: revert - ensure scanwork isnt active when freeing fcrport Ewan Milne 1326447 - netdrv ixgbe: Update ixgbe driver to use netdevpicktx in ixgbeselectqueue John Greene 1310749 - netdrv mlx5e: Fix adding vlan rule with vid zero twice Kamal Heib 1322809 2.6.32-641 - netdrv ixgbe:...
kernel security update
2.6.32-431.20.5 - netdrv pppol2tp: fail when socket option level is not SOLPPPOL2TP 1119461 1119462 CVE-2014-4943 2.6.32-431.20.4 - kernel utrace: force IRET path after utracefinishvfork Oleg Nesterov 1115932 1115933 CVE-2014-4699...
Oracle Linux 6 kernel update
2.6.32-431 - md Disabling of TRIM on RAID5 for RHEL6.5 was too aggressive Jes Sorensen 1028426 2.6.32-430 - x86 Revert 'efi: be more paranoid about available space when creating variables' Rafael Aquini 1012370 1023173 - x86 Revert 'efivars: firmware bug workarounds should be in platform code'...
Unbreakable Enterprise kernel security and bug fix update
2.6.32-300.3.1.el6uek - proc: fix oops on invalid /proc/ /maps access Linux Torvalds - Revert 'capabilities: do not grant full privs for setuid w/ file caps + no effective caps' Joe Jin - mm: Use MMFCOMPAT instead ia32compat to prevent kabi be broken Joe Jin - proc: enable writing to /proc/pid/me...
kernel security and bug fix update
2.6.32-131.21.1.el6 - net ipv6/udp: fix the wrong headroom check Thomas Graf 753167 698170 2.6.32-131.20.1.el6 - net vlan: fix panic when handling priority tagged frames Andy Gospodarek 742849 714936 CVE-2011-3593 - netdrv igb: fix WOL on second port of i350 device Frantisek Hrbata 743807 718293 ...
Unbreakable Enterprise kernel security update
4.1.12-124.84.2 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36251327 CVE-2024-1086 4.1.12-124.84.1 - mm: avoid conflict between MADVDOEXEC and upstream advice values Anthony Yznaga Orabug: 36334311 - kobject: Fix slab-out-of-bounds in fillkobjpath Wang Hai...
tpm2-tss security and enhancement update
3.2.2-2 - Remove misapplied license Resolves: rhbz2160307 3.2.2-1 - Rebase to 3.2.2 - Use systemd-sysusers to create user Resolves: CVE-2023-22745 Resolves: rhbz2095479 Resolves: rhbz2160307 Resolves: rhbz2162613...
java-1.8.0-openjdk security update
1:1.8.0.392.b08-2 - Revert jcmd move as jcmd will not operate without tools.jar - Related: RHEL-13577 1:1.8.0.392.b08-1 - Update to shenandoah-jdk8u392-b08 GA - Update release notes for shenandoah-8u392-b08. - Update generatetarball.sh to be closer to upstream vanilla script inc. no more ECC...
curl security and bug fix update
7.61.1-30 - fix HTTP multi-header compression denial of service CVE-2023-23916 7.61.1-29 - h2: lower initial window size to 32 MiB 2166254 7.61.1-28 - smb/telnet: fix use-after-free when HTTP proxy denies tunnel CVE-2022-43552 7.61.1-27 - upon HTTP11REQUIRED, retry the request with HTTP/1.1 21393...
java-11-openjdk security, bug fix, and enhancement update
1:11.0.16.0.8-1.0.1 - link atomic for ix86 build 1:11.0.16.0.8-1 - Update to jdk-11.0.16+8 - Update release notes to 11.0.16+8 - Use same tarball naming style as java-17-openjdk and java-latest-openjdk - Drop JDK-8284920 patch now upstreamed - Print release file during build, which should now...
Unbreakable Enterprise kernel security update
4.1.12-124.62.3 - fget: check that the fd still exists after getting a ref to it Linus Torvalds Orabug: 33679806 CVE-2021-0920 - fs: add fgetmany and fputmany Jens Axboe Orabug: 33679806 - afunix: fix garbage collect vs MSGPEEK Miklos Szeredi Orabug: 33679806 CVE-2021-0920 - net: split out...
libxml2 security update
2.9.7-12 - Fix CVE-2022-23308 2057663 2.9.7-11 - Fix CVE-2021-3541 1958783 2.9.7-10 - Fix CVE-2021-3516 1956976 - Fix CVE-2021-3517 1957001 - Fix CVE-2021-3518 1957028 - Fix CVE-2021-3537 1957284...
Unbreakable Enterprise kernel security update
5.4.17-2136.302.7.2.1 - vfs: fscontext: fix up param length parsing in legacyparseparam Jamie Hill-Daniel Orabug: 33761451 CVE-2022-0185...
Unbreakable Enterprise kernel security update
4.14.35-2047.510.5.2.el7uek - xfs: map unwritten blocks in XFSIOCALLOC,FREESP just like fallocate Darrick J. Wong Orabug: 33722441 CVE-2021-4155 4.14.35-2047.510.5.1.el7uek - fget: check that the fd still exists after getting a ref to it Linus Torvalds Orabug: 33679805 CVE-2021-0920 - fs: add...
firefox security update
78.13.0-2.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.13.0-2 - Update to 78.13.0 build2 78.13.0-1 - Update to 78.13.0 build1...
firefox security update
78.11.0-3.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.11.0-3 - Update to 78.11.0 build2 release 78.11.0-2 - Fix rhelminorversion for dist .el84 and .el8...
xstream security update
1.3.1-13 - Fix remote code execution vulnerability - Resolves: CVE-2021-21344 - Resolves: CVE-2021-21345 - Resolves: CVE-2021-21346 - Resolves: CVE-2021-21347 - Resolves: CVE-2021-21350...
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
...
icu security update
60.3-2 - Apply ICU-13634-Adding-integer-overflow-logic-to-ICU4C-num.patch - Apply ICU-20958-Prevent-SEGVMAPERR-in-append.patch - Resolves: rhbz1808238...
dovecot security update
1:2.2.36-3.1 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1751383...
Unbreakable Enterprise kernel security update
4.1.12-124.29.3.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 29967571 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 29967571 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1 swapgs...
qemu-kvm security update
0.12.1.2-2.506.el610.4 - kvm-target-i386-Sanitize-the-XSAVE-related-feature-bits.patch bz1673779 - kvm-slirp-check-sscanf-result-when-emulating-ident.patch bz1689790 - Resolves: bz1673779 RHEL8 VM's do not install on RHEL6 KVM hypervisor - Resolves: bz1689790 CVE-2019-9824 qemu-kvm: QEMU: Slirp:...
Unbreakable Enterprise kernel security update
2.6.39-400.301.1 - x86/speculation/l1tf: Fix overflow in l1tfpfnlimit on 32bit Vlastimil Babka Orabug: 28505519 CVE-2018-3620 - x86/speculation/l1tf: Exempt zeroed PTEs from inversion Sean Christopherson Orabug: 28505519 CVE-2018-3620 - x86/speculation/l1tf: Protect PAE swap entries against L1TF...
kernel security and bug fix update
2.6.32-754.2.1.OL6 - Update genkey bug 25599697 2.6.32-754.2.1 - x86 entry/64: Don't use IST entry for BP stack Waiman Long 1596113 CVE-2018-10872 - fs gfs2: Flush delayed work earlier in gfs2inodelookup Andreas Grunbacher 1506281 - mm mempolicy: fix use after free when calling getmempolicy Augus...
gcc security, bug fix, and enhancement update
4.8.5-28.0.1 - Orabug: 27557686 Egeyar Bagcioglu - Introduce 'oraclerelease' into .spec file. Echo it to gcc/DEV-PHASE. 4.8.5-28 - Minor testsuite fixes to clean up test results 1469697 - retpoline support for spectre mitigation 1535655 4.8.5-27 - bump for rebuild with RELRO enabled even for...
libvirt security update
3.2.0-14.0.1.el74.7 - bump release and rebuild 3.2.0-14.el74.7 - qemu: Properly store microcode version in QEMU caps cache CVE-2017-5715 3.2.0-14.el74.6 - util: add virFileReadHeaderQuiet wrapper around virFileReadHeaderFD CVE-2017-5715 - util: introduce virHostCPUGetMicrocodeVersion CVE-2017-571...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.1 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 25392692 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 26479780 - KEYS: fix dereferencing NULL payload with nonzero length Eric Biggers Orabug: 26592025 - oracleasm:...
Unbreakable Enterprise kernel security update
2.6.39-400.297.11 - mqueue: fix a use-after-free in sysmqnotify Cong Wang Orabug: 26643562 CVE-2017-11176 - ipv6: avoid overflow of offset in ip6find1stfragopt Sabrina Dubroca Orabug: 27011278 CVE-2017-7542 - packet: fix tpreserve race in packetsetring Willem de Bruijn Orabug: 27002453...
samba security update
3.6.23-43.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 18253258 3.6.24-43 - resolves: 1450782 - Fix CVE-2017-7494...
Unbreakable Enterprise kernel security update
2.6.39-400.295.2 - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986995 CVE-2017-7895 2.6.39-400.295.1 - ocfs2/o2net: o2netlistendataready should do nothing if socket state is not TCPLISTEN Tariq Saeed Orabug: 25510857 - IB/CORE: sync the resouce access in fmrpool...
nss and nss-util security update
nss 3.28.4-1.0.1 - Added nss-vendor.patch to change vendor - Temporarily disable some tests until expired PayPalEE.cert is renewed 3.28.4-1 - Rebase to 3.28.4 nss-util 3.28.4-1 - Rebase to NSS 3.28.4 to accommodate base64 encoding fix...
tomcat6 security update
0:6.0.24-105 - Related: rhbz1402664 CVE-2016-6816 Adding system property from asfbz-60594 to allow use of some un-encoded characters - Related: rhbz1402664 CVE-2016-6816 Resolving a security regression 2017-6056 caused by CVE-2016-6816 0:6.0.24-104 - Related: rhbz1402664 build. reverting...
Unbreakable Enterprise kernel security update
2.6.39-400.286.3 - mm, gup: close FOLL MAPPRIVATE race Linus Torvalds Orabug: 24928646 CVE-2016-5195...
libxml2 security update
2.9.1-6.0.1.el71.2 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-6.2 - Fix a series of CVEs rhbz1286496 - CVE-2015-7941 Stop parsing on entities boundaries errors - CVE-2015-7941 Cleanup conditional section error handling - CVE-2015-831...
ntp security, bug fix, and enhancement update
4.2.6p5-22 - check origin timestamp before accepting KoD RATE packet CVE-2015-7704 - allow only one step larger than panic threshold with -g CVE-2015-5300 4.2.6p5-20 - validate lengths of values in extension fields CVE-2014-9297 - drop packets with spoofed source address ::1 CVE-2014-9298 - rejec...
curl security, bug fix, and enhancement update
7.29.0-25.0.1 - disable check to make build pass 7.29.0-25 - fix spurious failure of test 1500 on ppc64le 1218272 7.29.0-24 - use the default min/max TLS version provided by NSS 1170339 - improve handling of timeouts and blocking direction to speed up FTP 1218272 7.29.0-23 - require credentials t...
Unbreakable Enterprise kernel security update
2.6.39-400.250.5 - x8664, vdso: Fix the vdso address randomization algorithm Andy Lutomirski Orabug: 21226730 CVE-2014-9585 - isofs: Fix infinite looping over CE entries Jan Kara Orabug: 21225976 CVE-2014-9420 - x8664, switchto: Load TLS descriptors before switching DS and ES Andy Lutomirski...
httpd security, bug fix, and enhancement update
2.4.6-31.0.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-31 - modproxyfcgi: determine if FCGICONNCLOSE should be enabled instead of hardcoding it 1168050 - modproxy: support Unix Domain Sockets 1168081 2.4.6-30 - core: fix bypassing of modheaders rules via chunked request...
openssl security update
1.0.1e-16.7 - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension...
Oracle Linux 6 kernel security, bug fix and enhancement update
2.6.32-279.el6 - netdrv mlx4: ignore old module parameters Jay Fenlason 830553 2.6.32-278.el6 - kernel sysctl: silence warning about missing strategy for file-max at boot time Jeff Layton 803431 - net sunrpc: make new tcpmaxslottableentries sysctl use CTLUNNUMBERED Jeff Layton 803431 - drm i915:...
kernel security and bug fix update
2.6.18-128.7.1.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki,Guru Anbalagane orabug 6045759 - MM shrink zone patch John Sobecki,Chris Mason orabug 6086839 - NET Add xen pv/bonding netconsole support Tina yang orabug 6993043 bz 7258 - nfs convert ENETUNREACH to ENOTCONN Guru...
webkit2gtk3 security update
2.46.6-1 - Update to 2.46.6...
httpd security and bug fix update
2.4.53-7.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.53-7.1 - Resolves: 2165975 - prevent sscg creating /dhparams.pem - Resolves: 2165970 - CVE-2006-20001 httpd: moddav: out-of-bounds read/write of zero byte - Resolves: 2165973 - CVE-2022-37436 httpd: modproxy: HTTP...
httpd:2.4 security update
httpd 2.4.37-51.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracles index page oracleindex.html 2.4.37-51 - Resolves: 2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via aprwrite - Resolves: 2097031 - CVE-2022-28615 httpd:2.4/httpd:...
vim security update
8.2.2637-16.0.1.3 - Remove upstream references Orabug: 31197557 2:8.2.2637-16.3 - CVE-2022-1785 vim: Out-of-bounds Write - CVE-2022-1897 vim: out-of-bounds write in vimregsubboth in regexp.c - CVE-2022-1927 vim: buffer over-read in utfptr2char in mbyte.c...