8998 matches found
thunderbird security update
78.9.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.9.0-3 - Update to 78.9.0 build2, updated langpacks 78.9.0-2 - Update to 78.9.0 build2 78.9.0-1 - Update to 78.9.0 build1...
nodejs:14 security and bug fix update
nodejs 1:14.16.0-2 - Resolves: RHBZ1932427 - remove --debug-nghttp2 option 1:14.16.0-1 - Resolves: RHBZ1932317, RHBZ1932425 - Rebase, remove ini patch 1:14.15.4-2 - Add patch for yarn crash - Resolves: RHBZ1916465 1:14.15.4-1 - Security rebase to 14.15.4 -...
firefox security update
78.6.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.6.0-1 - Update to 78.6.0 build1...
Unbreakable Enterprise kernel security update
4.1.12-124.45.2 - powercap: restrict energy meter to root access Kanth Ghatraju Orabug: 32137965 CVE-2020-8694 CVE-2020-8695 4.1.12-124.45.1 - Revert 'x86/efi: Initialize and display UEFI secure boot state a bit later during init' Eric Snowberg Orabug: 31887248 - xfs: fix xfsinode use after free...
java-1.8.0-openjdk security update
1:1.8.0.272.b10-1 - Add backport of JDK-8215727: 'Restore JFR thread sampler loop to old / previous behaviour' - Resolves: rhbz1876665 1:1.8.0.272.b10-0 - Update to aarch64-shenandoah-jdk8u272-b10. - Switch to GA mode for final release. - Update release notes for 8u272 release. - Add backport of...
tomcat security and bug fix update
0:7.0.76-15 - Resolves: CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS 0:7.0.76-14 - Revert rhbz1814315 because it caused other issues with ipa-server, see rhbz1831127 - Resolves: CVE-2020-9484 tomcat: Apache Tomcat Remote Code Executio...
thunderbird security update
68.11.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.11.0-1 - Update to 68.11.0 build1...
GNOME security, bug fix, and enhancement update
accountsservice 0.6.50-8 - Dont set HasNoUsers=true if realmd has providers Related: 1750516 appstream-data 8-20191129 - Regenerate the RHEL metadata to include the latest evince changes - Resolves: 1768461 clutter 1.26.2-8 - rebuild to get the new in 8.2.0 - plus address 1785233 evince 3.28.4-4 ...
ksh security update
20120801-140.0.1 - disable ASTnospawnveg for taskset workaround orabug 26754277 Red Hat Bug: 1295563 20120801-140 - Do not evaluate arithmetic expressions from environment variables at startup Resolves: 1790543...
openjpeg2 security update
2.3.1-2 - Fix CVE-2020-6851 1790589...
libarchive security update
3.3.2-8 - Fix CVE-2019-18408: RAR use-after-free...
freerdp and vinagre security, bug fix, and enhancement update
freerdp 2.0.0-1.rc4 - Update to 2.0.0-rc4 1291254 vinagre 3.22.0-12 - Apply the patch - Resolves: 1569552 3.22.0-11 - Set maximum length of RDP password to 255 characters - Resolves: 1569552 3.22.0-10 - Make vinagre build with FreeRDP 2 library - Resolves: 1680229...
mariadb security and bug fix update
1:5.5.64-1 - Rebase to 5.5.64 - Resolves: 1490398 - CVEs fixed: 1610986 CVE-2018-3058 CVE-2018-3063 CVE-2018-3066 CVE-2018-3081 - CVEs fixed: 1664043 CVE-2018-3282 CVE-2019-2503 - CVEs fixed: 1701686 CVE-2019-2529...
glibc security and bug fix update
aarch64: 2.17-292.0.2 - CR29749550 armv5 build failure - Add 3 arm patches to aarch64 tree to avoid future build/merge failures. - Rebase aarch64 patches at 30000 to avoid future conflicts. - Reviewed-by: Jose E. Marchesi - EL Errata - Add BUSMCEERRAR, BUSMCEERRAO to...
python27:2.7 security update
Cython 0.28.1-7 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 PyYAML 3.12-16 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 babel 2.5.1-9 - Bumping due to problems with modular RPM upgrade path 1695587 - Related:...
firefox security update
60.5.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.5.1-1 - Update to 60.5.1 ESR 60.5.0-3 - Added fix for rhbz1672424 - Firefox crashes on NFS drives...
qemu-kvm security update
1.5.3-156.el75.3 - kvm-i386-Define-the-Virt-SSBD-MSR-and-handling-of-it-CVE.patch bz1584363 - kvm-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch bz1584363 - Resolves: bz1584363 CVE-2018-3639 qemu-kvm: hw: cpu: AMD: speculative store bypass rhel-7.5.z...
Unbreakable Enterprise kernel security update
2.6.39-400.298.7 - net/rds: Fix endless RNR situation Hakon Bugge Orabug: 27645402 - x86/entry/64: Dont use IST entry for BP stack Andy Lutomirski CVE-2018-8897...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.19.10 - mqueue: fix a use-after-free in sysmqnotify Cong Wang Orabug: 26643556 CVE-2017-11176 3.8.13-118.19.9 - ipv6: avoid overflow of offset in ip6find1stfragopt Sabrina Dubroca Orabug: 27011273 CVE-2017-7542 - packet: fix tpreserve race in packetsetring Willem de Bruijn...
X.org X11 libraries security, bug fix and enhancement update
libICE 1.0.9-9 - Add upstream patch to not pull libbsd - Add custom patch for Fedora 24 & 25 1.0.9-8 - Fix changelog 1.0.9-7 - Use libbsd for randoms CVE-2017-2626, rhbz1427715 1.0.9-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora26MassRebuild 1.0.9-5 - Force disable documentation generatio...
java-1.8.0-openjdk security update
1:1.8.0.141-2.b16 - Update to aarch64-jdk8u141-b16. - Revert change to remove-intree-libraries.sh following backout of 8173207 - Resolves: rhbz1466509 1:1.8.0.141-2.b15 - Revert previous commit so we can revise the security update. - Resolves: rhbz1468473 1:1.8.0.141-1.b15 - Backport '8180048:...
glibc security update
2.12-1.209.0.3.2 - backport rh patch 1047983 from OL7, Orabug 25407655 2.12-1.209.2 - Avoid large allocas in the dynamic linker 1452711 2.12-1.209.1 - Fix thread cancellation issues for setmntent and others 1437618...
firefox security update
45.8.0-2.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.8.0-2 - Update to 45.8.0 ESR B2 45.8.0-1 - Update to 45.8.0 ESR 45.7.0-2 - Enabled ppc/s390 arches rhbz1418765...
ntp security and bug fix update
4.2.6p5-25.0.1 - add disable monitor to default ntp.conf CVE-2013-5211 4.2.6p5-25 - don't allow spoofed packet to enable symmetric interleaved mode CVE-2016-1548 - check mode of new source in config command CVE-2016-2518 - make MAC check resilient against timing attack CVE-2016-1550 4.2.6p5-24 -...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.14 - net: add recursion limit to GRO Sabrina Dubroca Orabug: 24829133 CVE-2016-7039...
ntp security update
4.2.6p5-10.0.1.el68.1 - add disable monitor to default ntp.conf CVE-2013-5211...
openssh security update
6.6.1p1-25 + 0.9.3-9 - CVE-2016-1908: possible fallback from untrusted to trusted X11 forwarding 1298741 6.6.1p1-24 + 0.9.3-9 - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317818...
java-1.6.0-openjdk security update
1.6.0.38-1.13.10.0.0.1 - Add oracle-enterprise.patch 1:1.6.0.38-1.13.10.0 - Add patch to replace -fno-strict-overflow with -fwrapv on older RHEL 5.11 GCC. - Resolves: rhbz1295772 1:1.6.0.38-1.13.10.0 - Update to IcedTea 1.13.10 & OpenJDK 6 b38. - Resolves: rhbz1295772...
file security and bug fix update
5.11-31 - fix 1255396 - Make the build ID output consistent with other tools 5.11-30 - fix CVE-2014-8116 - bump the acceptable ELF program headers count to 2048 5.11-29 - fix 839229 - fix detection of version of XML files 5.11-28 - fix 839229 - fix detection of version of XML files 5.11-27 - fix...
java-1.7.0-openjdk security update
1:1.7.0.91-2.6.2.2.0.1 - Update DISTRONAME in specfile 1:1.7.0.91-2.6.2.2 - added and applied patch500 8072932or8074489.patch to fix tck failure - Resolves: rhbz1271919 1:1.7.0.91-2.6.2.1 - Bump to 2.6.2 and u91b00. - Resolves: rhbz1271919...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.9uek - x86, tls: Interpret an all-zero struct userdesc as 'no segment' Andy Lutomirski Orabug: 21518750 - x86, tls, ldt: Stop checking lm in LDTempty Andy Lutomirski Orabug: 21518750 2.6.32-400.37.8uek - KVM: x86: SYSENTER emulation is broken Nadav Amit Orabug: 21502741...
kernel security and bug fix update
3.10.0-229.4.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-229.4.2 - x86 crypto: aesni - fix memory usage in GCM decryption Kurt Stutsman 1213331 1212178 CVE-2015-3331 3.10.0-229.4.1 - crypto x86: sha256ssse3 - also test for BMI2 Herbert Xu 1211484 1201563 - crypto testmgr: fix RNG return...
kernel security and bug fix update
kernel 2.6.18-404.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.3 - net: sctp: fix slab corruption from use after free on INIT collisions Daniel Borkmann Orabug: 20780349 CVE-2015-1421...
kernel security and bug fix update
2.6.32-504.8.1 - crypto crc32c: Kill pointless CRYPTOCRC32CX8664 option Jarod Wilson 1175509 1036212 - crypto testmgr: add larger crc32c test vector to test FPU path in crc32cintel Jarod Wilson 1175509 1036212 - crypto tcrypt: Added speed test in tcrypt for crc32c Jarod Wilson 1175509 1036212 -...
openssl security update
0.9.8e-31 - add support for fallback SCSV to partially mitigate CVE-2014-3566 padding attack on SSL3 0.9.8e-30 - fix CVE-2014-0221 - recursion in DTLS code leading to DoS - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix...
nss and nspr security, bug fix, and enhancement update
3.16.1-2 - Backport nss-3.12.6 upstream fix required by Firefox 31 ESR - Resolves: Bug 1110860 3.16.1-1 - Rebase to nss-3.16.1 for FF31 - Resolves: Bug 1110860 - Rebase nss in RHEL 5.11 to NSS 3.16.1, required for FF 31...
Unbreakable Enterprise kernel security and bug fix update
kernel-uek 3.8.13-44 - net: Use netlinknscapable to verify the permisions of netlink messages Eric W. Biederman Orabug: 19404229 CVE-2014-0181 - net: Add variants of capable for use on netlink messages Eric W. Biederman Orabug: 19404229 - net: Add variants of capable for use on on sockets Eric W...
openssl security update
1.0.1e-34.3 - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability...
openssl security update
0.9.8e-27.3 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability 0.9.8e-27.1 - replace expired GlobalSign Root CA certificate in ca-bundle.crt...
Unbreakable Enterprise kernel security update
3.8.13-26.2.4.el6uek - aacraid: missing capable check in compat ioctl Dan Carpenter Orabug: 18721961 CVE-2013-6383 - vhost: fix total length when packets are too short Michael S. Tsirkin Orabug: 18721976 CVE-2014-0077...
kernel security, bug fix, and enhancement update
kernel 2.6.18-371.8.1 - virt HID: memory corruption flaw drivers/usb/input/hid-core.c Jacob Tanenbaum 1032996 1032999 CVE-2013-2888 - virt HID: memory corruption flaw in drivers/hv/hid-core.c Jacob Tanenbaum 1032996 1032999 CVE-2013-2888 - scsi lpfc: Fix task management commands having a fixed...
java-1.7.0-openjdk security update
1.7.0.45-2.4.3.1.0.1.el510 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.45-2.4.3.1.el5 - Updated to icedtea 2.4.3 - Resolves: rhbz1017623 1.7.0.45-2.4.3.0.el5 - fixed and updated tapset - removed bootstrap - source 11 redeclared to 1111 - added source12:...
java-1.6.0-openjdk security update
1:1.6.0.0-1.62.1.11.11.90 - updated to icedtea6-1.11.11.90.tar.gz - removed upstreamed patch9 jaxp-backport-factoryfinder.patch - removed upstreamed patch10 fixToFontSecurityFix.patch. - modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz973129...
java-1.7.0-openjdk security update
1.7.0.25-2.3.10.4.0.1.el59 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.25-2.3.10.4.el5 - updated to newer IcedTea7-forest 2.3.10 with 8010118 fix - removed upstreamed patch1000 MBeanFix.patch - Resolves: rhbz973117 1.7.0.25-2.3.10.3.el5 - reverted fix for license...
libxslt security update
1.1.26-2.0.2.el63.1 - Increment release to avoid ULN conflict with previous release. 1.1.26-2.0.1.el63.1 - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball 1.1.26-2.el63.1 - fixes CVE-2011-1202 CVE-2011-3970 CVE-2012-2825 CVE-2012-2871 CVE-2012-2870 - Fix direct patter...
Unbreakable Enterprise kernel Security update
2.6.39-200.29.2 - epoll: clear the tfilechecklist on -ELOOP Joe Jin CVE-2012-3375 - Don't limit non-nested epoll paths Jason Baron - epoll: kabi fixups for epoll limit wakeup paths Joe Jin CVE-2011-1083 - epoll: limit paths Jason Baron CVE-2011-1083 - cred: copyprocess should clear...
kernel security and bug fix update
2.6.32-220.7.1.el6 - netdrv tg3: Fix single-vector MSI-X code John Feeney 787162 703555 - mm export removefrompagecache to modules Jerome Marchand 772687 751419 - block cfq-iosched: fix cfqciclink race confition Vivek Goyal 786022 765673 - fs cifs: lower default wsize when unix extensions are not...
httpd security update
2.2.15-9.0.1.el61.2 - replace index.html with Oracle's index page - update vstring in specfile 2.2.15-9.2, - updated patch for CVE-2011-3192 from upstream 733062 2.2.15-9.1 - fix 733062 - backported CVE-2011-3192 fix from httpd trunk...
firefox security update
firefox: 3.6.17-1.0.1.el60 - Added firefox-oracle-default-prefs.js and removed firefox-redhat-default-prefs.js 3.6.17-1 - Update to 3.6.17 xulrunner: 1.9.2.17-4.0.1.el60 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 1.9.2.17-4 - Rebuild 1.9.2.17-3 - Update to...