9185 matches found
Unbreakable Enterprise kernel security update
2.6.39-400.315.1.1 - x86/tsx: Add config options to set tsx=on|off|auto Michal Hocko Orabug: 30419231 CVE-2019-11135 - x86/speculation/taa: Add documentation for TSX Async Abort Pawan Gupta Orabug: 30419231 CVE-2019-11135 - x86/tsx: Add 'auto' option to TSX cmdline parameter Pawan Gupta Orabug:...
samba security, bug fix, and enhancement update
4.9.1-6 - related: 1703204 - Fix printing with smbspool as CUPS backend 4.9.1-5 - resolves: 1703204 - Fix smbspool krb5 authentication 4.9.1-4 - resolves: 1690222 - Fix --max-protocol documentation of smbclient - resolves: 1518353 - Fix 'net ads join -Uadmin@forestdomain' - resolves: 1696524 - Fi...
container-tools:rhel8 security and bug fix update
container-selinux 2:2.94-1.git1e99f1d - Resolves: 1690286 - bump to v2.94 - Resolves: 1693806, 1689255 2:2.89-1.git2521d0d - bump to v2.89 runc 1.0.0-55.rc5.dev.git2abd837 - Resolves: CVE-2019-5736...
python3 security update
3.6.8-2.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-2 - Security fix for CVE-2019-9636 rhbz1693973...
kernel security and bug fix update
2.6.32-754.11.1.OL6 - Update genkey bug 25599697 2.6.32-754.11.1 - x86 mm/fault: Allow stack access below rsp Waiman Long 1644401 - sound alsa: rawmidi: Change resized buffers atomically Denys Vlasenko 1593083 CVE-2018-10902...
openssl security update
1.0.2k-12.0.3 - Oracle bug 28672370: backport CVE-2018-0732 - Oracle bug 28672351: backport CVE-2018-0737...
Unbreakable Enterprise kernel security update
4.1.12-124.18.9 - rebuild bumping release 4.1.12-124.18.8 - Cipso: cipsov4optptr enter infinite loop yujuan.qi Orabug: 28563992 CVE-2018-10938 - Btrfs: fix listadd corruption and soft lockups in fsync Liu Bo Orabug: 28119834 - x86/paravirt: Fix spectre-v2 mitigations for paravirt guests Peter...
libvirt security and bug fix update
3.9.0-14.el75.6 - logging: Don't inhibit shutdown in system daemon rhbz1573268 - util: don't check for parallel iteration in hash-related functions rhbz1581364 - cpu: define the 'virt-ssbd' CPUID feature bit CVE-2018-3639 - virNumaGetHugePageInfo: Return pageavail and pagefree as ULL rhbz1582418...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.19.10 - mqueue: fix a use-after-free in sysmqnotify Cong Wang Orabug: 26643556 CVE-2017-11176 3.8.13-118.19.9 - ipv6: avoid overflow of offset in ip6find1stfragopt Sabrina Dubroca Orabug: 27011273 CVE-2017-7542 - packet: fix tpreserve race in packetsetring Willem de Bruijn...
samba4 security update
4.2.10-10 - resolves: 1450779 - Security fix for CVE-2017-7494...
bind security update
32:9.9.4-38 - Fix CVE-2016-8864 32:9.9.4-37 - Fix CVE-2016-2776 32:9.9.4-36 - Added automatic interface scan functionality 1294506 - Removed NetworkManager dispatcher script since it is not needed any more 1294506 32:9.9.4-35 - Added GeoIP support 1220594 32:9.9.4-34 - Added support for CAA recor...
java-1.8.0-openjdk security update
1:1.8.0.111-0.b15 - added nss restricting requires - Resolves: rhbz1381990 1:1.8.0.111-0.b15 - Turn debug builds on for all JIT architectures. Always AssumeMP on RHEL. - Resolves: rhbz1381990 1:1.8.0.111-0.b15 - Update to aarch64-jdk8u111-b15, with AArch64 fix for S8160591. - Resolves: rhbz138199...
libldb security update
1.1.13-3.1 - Resolves: rhbz1290712 - CVE-2015-5330 libldb: samba: Remote memory read in Samba LDAP server rhel-7.2.z - Remove the patch from the previous commit, it doesn't fix a remotely eploitable issue. Add patches from upstream 11636 instead...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.2.2 - KVM: svm: unconditionally intercept DB Paolo Bonzini Orabug: 22333698 CVE-2015-8104 - KVM: x86: work around infinite loop in microcode when AC is delivered Eric Northup Orabug: 22333689 CVE-2015-5307 CVE-2015-5307 - KVM: x86: Defining missing x86 vectors Nadav Amit...
openssh security, bug fix, and enhancement update
6.6.1p1-22 - Use the correct constant for glob limits 1160377 6.6.1p1-21 - Extend memory limit for remote glob in sftp acc. to stat limit 1160377 6.6.1p1-20 - Fix vulnerabilities published with openssh-7.0 1265807 - Privilege separation weakness related to PAM support - Use-after-free bug related...
java-1.6.0-openjdk security update
1:1.6.0.35-1.13.9.4.0.1.el511 - Add oracle-enterprise.patch 1:1.6.0.37-1.13.9.4 - Update with new IcedTea & b37 tarballs, including fix for appletviewer regression. - Resolves: rhbz1271926 1:1.6.0.37-1.13.9.3 - Update with new IcedTea & b37 tarballs, including more Kerberos fixes for TCK...
kernel security, bug fix, and enhancement update
2.6.32-504.30.3 - redhat spec: Update dracut dependency to pull in drbg module Frantisek Hrbata 1241517 1241338 2.6.32-504.30.2 - crypto rng: Remove krng Herbert Xu 1233512 1226418 - crypto drbg: Add stdrng alias and increase priority Herbert Xu 1233512 1226418 - crypto seqiv: Move IV seeding int...
kernel security and bug fix update
3.10.0-229.7.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-229.7.2 - fs pipe: fix pipe corruption and iovec overrun on partial copy Seth Jennings 1202861 1198843 CVE-2015-1805 3.10.0-229.7.1 - scsi storvsc: get rid of overly verbose warning messages Vitaly Kuznetsov 1215770 1206437 - scsi...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-68.3.2 - x8664, vdso: Fix the vdso address randomization algorithm Andy Lutomirski Orabug: 21226729 CVE-2014-9585 - isofs: Fix infinite looping over CE entries Jan Kara Orabug: 21225975 CVE-2014-9420 - x8664, switchto: Load TLS descriptors before switching DS and ES Andy...
Unbreakable Enterprise kernel security update
2.6.39-400.249.4 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930552 CVE-2014-9584 - selinux: Permit bounded transitions under NONEWPRIVS or NOSUID. Stephen Smalley Orabug: 20930502 CVE-2014-3215 - Add PRGET,SETNONEWPRIVS to prevent execve from granting privs Andy Lutomirski...
Unbreakable Enterprise kernel security update
2.6.39-400.249.3 - IB/core: Prevent integer overflow in ibumemget address arithmetic Shachar Raindel Orabug: 20788393 CVE-2014-8159 CVE-2014-8159 2.6.39-400.249.2 - xen-pciback: limit guest control of command register Jan Beulich Orabug: 20704156 CVE-2015-2150 CVE-2015-2150 - net: sctp: fix slab...
Unbreakable Enterprise kernel security update
2.6.39-400.248.3 - kvm: fix excessive pages un-pinning in kvmiommumap error path. Quentin Casasnovas Orabug: 20687314 CVE-2014-3601 CVE-2014-8369 CVE-2014-3601 - Revert 'mm: Fix NULL pointer dereference in madviseMADVWILLNEED support' Guangyu Sun Orabug: 20673281 CVE-2014-8173 2.6.39-400.248.2 -...
kernel security and bug fix update
kernel 2.6.18-402.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...
Unbreakable Enterprise kernel security update
2.6.39-400.215.13 - net: sctp: fix panic on duplicate ASCONF chunks Daniel Borkmann Orabug: 20010591 CVE-2014-3687 - net: sctp: fix skboverpanic when receiving malformed ASCONF chunks Daniel Borkmann Orabug: 20010578 CVE-2014-3673...
openssl security update
0.9.8e-31 - add support for fallback SCSV to partially mitigate CVE-2014-3566 padding attack on SSL3 0.9.8e-30 - fix CVE-2014-0221 - recursion in DTLS code leading to DoS - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix...
php53 and php security update
5.3.3-27.1 - core: type confusion issue in phpinfo. CVE-2014-4721 - date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712 - core: fix heap-based buffer overflow in DNS TXT record parsing. CVE-2014-4049 - core: unserialize SPL ArrayObject / SPLObjectStorage type confusion flaw...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-35.3.3.el7uek - filter: prevent nla extensions to peek beyond the end of the message Mathias Krause Orabug: 19315781 CVE-2014-3144 CVE-2014-3145 - mac80211: fix AP powersave TX vs. wakeup race Emmanuel Grumbach Orabug: 19316457 CVE-2014-2706...
unbreakable enterprise kernel security update
2.6.39-400.215.4 - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229505 CVE-2014-4943 CVE-2014-4943 - ptrace,x86: force IRET path after a ptracestop Tejun Heo Orabug: 19230690 CVE-2014-4699...
unbreakable enterprise kernel security update
2.6.39-400.215.2 - futex: Make lookuppistate more robust Thomas Gleixner Orabug: 18918614 CVE-2014-3153 - futex: Always cleanup owner tid in unlockpi Thomas Gleixner Orabug: 18918614 CVE-2014-3153 - futex: Validate atomic acquisition in futexlockpiatomic Thomas Gleixner Orabug: 18918614...
java-1.7.0-openjdk security update
1.7.0.55-2.4.7.1.0.1.el510 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.55-2.4.7.1.el5 - regenerated sources to fix TCK failure - Resolves: rhbz1085000 1.7.0.55-2.4.7.0.el5 - bumped to future icedtea-forest 2.4.7 - updatever set to 55, buildver se to 13, release rese...
php security update
5.1.6-43 - drop unneeded patch 5.1.6-42 - add security fixes for CVE-2012-2688, CVE-2011-1398, CVE-2013-1643, CVE-2013-6420...
sssd security and bug fix update
1.5.1-70 - Fix IPA provider performance issue when storing large host groups - Resolves: rhbz979047 - sssdbe goes to 99% CPU and causes significant login delays when client is under load 1.5.1-69 - Fix startup with a broken configuration - Resolves: rhbz974036 - sssd core process keeps running...
kernel security and bug fix update
kernel 2.6.18-348.12.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
java-1.7.0-openjdk security update
1.7.0.25-2.3.10.3.0.1.el64 - Update DISTRONAME in specfile 1.7.0.25-2.3.10.3.el6 - removed upstreamed patch1000 MBeanFix.patch - updated to newer IcedTea7-forest 2.3.10 with 8010118 fix - Resolves: rhbz973119 1.7.0.25-2.3.10.2.el6 - added patch1000 MBeanFix.patch to fix regressions caused by...
Unbreakable Enterprise kernel Security update
2.6.39-400.21.2 - KVM: x86: Convert MSRKVMSYSTEMTIME to use gfntohvacache functions CVE-2013-1797 Andy Honig Orabug: 16711660 CVE-2013-1797 - Bluetooth: Fix incorrect strncpy in hidpsetuphid Anderson Lizardo Orabug: 16711065 CVE-2013-0349 - USB: ioti: Fix NULL dereference in chaseport Wolfgang...
1
kernel 2.6.18-348.3.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
Unbreakable Enterprise kernel security update
2.6.39-300.28.1 - kmod: make requestmodule killable Oleg Nesterov Orabug: 16286305 CVE-2012-4398 - kmod: introduce callmodprobe helper Oleg Nesterov Orabug: 16286305 CVE-2012-4398 - usermodehelper: implement UMHKILLABLE Oleg Nesterov Orabug: 16286305 CVE-2012-4398 - usermodehelper: introduce...
php53 and php security update
5.3.3-3.5 - remove extra php.ini-prod/devel files caused by %patch -b 5.3.3-3.4 - add security fixes for CVE-2011-4885, CVE-2011-4566 769754...
java-1.6.0-openjdk security update
1:1.6.0.0-1.40.1.9.10 - Resolves: rhbz744788 - Bumped to IcedTea6 1.9.8 -removed font copying Security fixes - S7000600, CVE-2011-3547: InputStream skip information leak - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor - S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow ...
Unbreakable Enterprise kernel security update
2.6.32-200.20.1.el6uek - afpacket: prevent information leak CVE-2011-2898 - gro: Only reset frag0 when skb can be pulled CVE-2011-2723 - vm: fix vmpgoff wrap in stack expansion CVE-2011-2496 - vm: fix vmpgoff wrap in upward expansion CVE-2011-2496 - taskstats: don't allow duplicate entries in...
freetype security update
2.3.11-6.el60.2 - Add freetype-2.3.11-CVE-2010-3855.patch Protect against invalid runcnt values. - Resolves: 651761 2.3.11-6.el60.1 - Add freetype-2.3.11-CVE-2010-2805.patch Fix comparison. - Add freetype-2.3.11-CVE-2010-2806.patch Protect against negative stringsize. Fix comparison. - Add...
mysql security and bug fix update
5.0.77-3 - Add fix for CVE-2009-2446 format string vulnerability in COMCREATEDB and COMDROPDB processing Resolves: 512200 5.0.77-2 - Back-port upstream fix for CVE-2008-4456 mysql command line client XSS flaw Resolves: 502169 5.0.77-1 - Update to MySQL 5.0.77, for numerous fixes described at...
kernel security and bug fix update
2.6.9-78.0.22.0.1.EL - xen fix for hung JVM thread after GPF orabug 7916406 Chuck Anderson - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mt...
firefox security update
1.5.0.12-0.21.0.1.el4 - Add firefox-oracle-default-bookmarks.html and firefox-oracle-default-prefs.js 1.5.0.12-0.21.el4 - JavaScript error correction 1.5.0.12-0.20.el4 - Add patches for backported fixes from 1.8.1.16...
Important kernel security update
2.6.9-42.0.3.0.2 -rebuilt for EL 2.6.9-42.0.3.0.1 -Fix bonding primary=ethX so it picks correct network IT 101532 ORA 5136660 2.6.9-42.0.3 -fix mprotect to not allow permission subversion Jason Baron 190073 CVE-2006-2071 -fix sysperfmonctl file descriptor reference count issue Anil Keshavamurthy...
virt:ol and virt-devel:ol security and bug fix update
hivex 1.3.18-21 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 libvirt 6.0.0-35.1.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma - Disable parallel builds Karl Heubaum 6.0.0-35.1.el8 -...
libtiff security update
4.0.9-34 - fix CVE-2017-17095: heap-based buffer overflow in pal2rgb RHEL-87363...
qemu-kvm security update
9.0.0-10.el95.3 - kvm-target-i386-fix-feature-dependency-for-WAITPKG.patch RHEL-84866 - Resolves: RHEL-84866 Live migration after workload update fails with operation failed: guest CPU doesn't match specification: missing features: waitpkg rhel-9.5.z...
libsoup security update
2.62.3-8 - Backport patches for various CVEs, plus test improvements Resolves: RHEL-85887 Resolves: RHEL-85900 Resolves: RHEL-85901 Resolves: RHEL-87039 Resolves: RHEL-87094 Resolves: RHEL-87114 Resolves: RHEL-88348 Resolves: RHEL-88351...
Unbreakable Enterprise kernel security update
5.4.17-2136.330.7.1 - KVM: x86: Add BHINO Daniel Sneddon Orabug: 36384803 CVE-2024-2201 - x86/bhi: Mitigate KVM by default Pawan Gupta Orabug: 36384803 CVE-2024-2201 - x86/bhi: Add BHI mitigation knob Pawan Gupta Orabug: 36384803 CVE-2024-2201 - x86/bhi: Enumerate Branch History Injection BHI bug...