8998 matches found
nodejs:12 security and bug fix update
nodejs 1:12.19.1-1 - Resolves: RHBZ1901044, 1901045, 1901046, 1901047 - c-ares, ajv and y18n CVEs and yarn installability issues...
thunderbird security update
78.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.5.0-1 - Update to 78.5.0 build3...
oddjob security, bug fix, and enhancement update
0.34.5-3 - Support HOMEMODE from /etc/login.defs Resolves: rhbz1886362 0.34.5-2 - Add gating tests using idm:DL1 module stream and upstream tests Resolves: rhbz1682457 0.34.5-1 - Upstream release 0.34.5 - Resolves: rhbz1833289 - Rebase oddjob to 0.34.5 - Resolves: rhbz1833052 - CVE-2020-10737...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.48.1 - crypto: user - fix memory leak in cryptoreport Navid Emamdoost Orabug: 31351641 CVE-2019-19062 - media: rc: prevent memory leak in cx23888irprobe Navid Emamdoost Orabug: 31351673 CVE-2019-19054...
grub2 security update
2.02-81.0.3 - Fix CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707 Orabug: 31225072 - Update signing certificate for efi binaries...
nodejs:10 security update
nodejs 1:10.21.0-3 - Resolves: RHBZ1845306 - Remove brotli-devel requires from nodejs-devel 1:10.21.0-2 - Resolves: RHBZ1845306 - Turn off debug builds 1:10.21.0-1 - Security update to 10.21.0 - Resolves: RHBZ1845306 - Fixes CVE-2020-11080, CVE-2020-8174, CVE-2020-10531 - Bundle brotli, because...
olcne kubernetes security update
olcne 1.0.3-1 - updated the default Kubernetes version to 1.14.9 kubernetes 1.14.9-1.0.3 - CVE-2019-11254 kube-apiserver Denial of Service vulnerability from malicious YAML payloads 1.14.9-1.0.2 - Use bounded crio version 1.14.9-1.0.1 - Added Oracle specific build files for Kubernetes cri-o...
libreoffice security and bug fix update
1:5.3.6.1-24.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.3.6.1-24 - Resolves: rhbz1728763 bg of blocks is black 1:5.3.6.1-23 - Resolves: rhbz1601372 libreoffice fails to build with...
thunderbird security update
68.3.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.3.0-2 - Update to 68.3.0 build2 68.2.0-2 - Added patch for TLS 1.3 support...
elfutils security, bug fix, and enhancement update
0.176-5 - Add elfutils-0.176-strip-symbols-illformed.patch 0.176-4 - Add elfutils-0.176-elf-update.patch 1717349 0.176-3 - Rebuilt for annobin change. 0.176-2 - Add elfutils-0.176-xlate-note.patch 1705138 0.176-1 - New upstream release. - backends: riscv improved core file and return value locati...
thunderbird security update
68.2.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.2.0-1 - Update to 68.2.0 68.1.1-2 - Update to 68.1.1 60.9.0-2 - Update to 60.9.0...
keepalived security and bug fix update
1.3.5-16 - Rework previous miscscript/vrrpscript patch 1667292 1.3.5-15 - Rework previous checker comparison patch 1715308 1.3.5-14 - Make checker variables non global 1715308 1.3.5-13 - Fix comparison of checkers on reload 1715308 1.3.5-12 - Fix build errors 1678480 1.3.5-11 - Fix problems with...
java-11-openjdk security update
1:11.0.3.7-0.0.1 - link atomic for ix86 build 1:11.0.3.7-0 - Add -mstackrealign workaround to build flags to avoid SSE issues on x86 - Resolves: rhbz1693468 1:11.0.3.7-0 - Update to shenandoah-jdk-11.0.3+7 April 2019 GA - Resolves: rhbz1693468 1:11.0.3.6-0 - Update to shenandoah-jdk-11.0.3+6 Apri...
ghostscript security update
8.70-24.el610.2 - It was found that the fix for CVE-2018-16509 was not complete, the missing pieces added into ghostscript-CVE-2018-16509.patch 8.70-24.el610.1 - Resolves: 1641124 - CVE-2018-16509 ghostscript: /invalidaccess bypass after failed restore 8.70-24 - Added security fix for CVE-2017-82...
ruby security update
2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-103.3.8.1 - Bluetooth: Properly check L2CAP config option output buffer length Ben Seri Orabug: 26796363 CVE-2017-1000251...
openssh security update
5.3p1-123 - Fix for CVE-2016-6210: User enumeration via covert timing channel 1357442...
Unbreakable Enterprise kernel security update
2.6.39-400.297.5 - selinux: quiet the filesystem labeling behavior message Paul Moore Orabug: 25721485 - RDS/IB: active bonding port state fix for intfs added late Mukesh Kacker Orabug: 25875426 - HID: hid-cypress: validate length of report Greg Kroah-Hartman Orabug: 25891914 CVE-2017-7273 - udf:...
freeradius security update
2.2.6-7 - Resolves: Bug1469115 CVE-2017-10979 freeradius: Out-of-bounds write in radcoalesce - Resolves: Bug1469118 CVE-2017-10978 freeradius: Out-of-bounds read/write due to improper output buffer size check in makesecret - Resolves: Bug1469120 CVE-2017-10980 freeradius: Memory leak in decodetlv...
mariadb security and bug fix update
5.5.52-1 - Rebase to 5.5.52, that also include fix for CVE-2016-6662 Resolves: 1377974 1:5.5.50-2 - Rebuild Related: 1359629...
kvm security update
83-276.0.1.el511 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch 83-275.el511 - kvm-virtio-error-out-if-guest-exceeds-virtqueue-size.patch bz1359723 - Resolves: bz1359723 CVE-2016-5403 kvm: Qemu: virtio: unbounded memory allocation on host via...
kernel security and bug fix update
3.10.0-327.28.3.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.28.3 - net tcp: enable per-socket rate limiting of all 'challenge acks' Florian Westphal 1355603 1355605 CVE-2016-5696 - net tcp: uninline tcpoowratelimited Florian Westphal 1355603 1355605 CVE-2016-5696 - net tcp: make...
openssl security update
1.0.1e-48.1 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when readi...
nss, nss-util, and nspr security, bug fix, and enhancement update
nspr 4.11.0-0.1 - Rebase to NSPR 4.11 nss 3.21.0-0.3.0.1 - Added nss-vendor.patch to change vendor 3.21.0-0.3 - Ensure all ssl.sh tests are executed 3.21.0-0.2 - Ensure abi compatibility 3.21.0-0.1 - Rebase to NSS-3.21 nss-util 3.21.0-0.3 - Rebase RHEL 6.7.z to NSS-util 3.21 in preparation for...
glibc security and bug fix update
2.17-106.0.1.4 - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. 2.17-106.4 - Revert problematic libresolv change, not needed for the CVE-2015-7547 fix...
java-1.8.0-openjdk security update
1:1.8.0.71-1.b15 - Add patch to turn off strict overflow on IndicRearrangementProcessor,2.cpp - Resolves: rhbz1295751 1:1.8.0.71-0.b15 - January 2016 security update to u71b15. - Improve verbosity and helpfulness of tarball generation script. - Update patch documentation using version originally...
krb5 security, bug fix, and enhancement update
1.13.2-9 - Add patch and test case for 'KDC does not return proper client principal for client referrals' - Resolves: 1259846 1.13.2-9 - Ammend patch for RedHat bug 1252454 'testsuite complains 'Lifetime has increased by 32436 sec while 0 sec passed!', while rhel5-libkrb5 passes' to handle the...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-55.1.8 - kvm: fix excessive pages un-pinning in kvmiommumap error path. Quentin Casasnovas Orabug: 20687313 CVE-2014-3601 CVE-2014-8369 CVE-2014-3601 3.8.13-55.1.7 - ttusb-dec: buffer overflow in ioctl Dan Carpenter Orabug: 20673376 CVE-2014-8884 - mm: Fix NULL pointer dereferen...
samba security update
3.6.23-14.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 18253258 3.6.23-14 - related: 1191338 - Update patchset for CVE-2015-0240. 3.6.23-13 - resolves: 1191338 - CVE-2015-0240: RCE in netlogon...
ntp security update
4.2.2p1-18.el5 - don't generate weak control key for resolver CVE-2014-9293 - don't generate weak MD5 keys in ntp-keygen CVE-2014-9294 - fix buffer overflows via specially-crafted packets CVE-2014-9295...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-55.1.2.el6uek - isofs: Fix unbounded recursion when processing relocated directories Jan Kara Orabug: 20224059 CVE-2014-5471 CVE-2014-5472 - x8664, traps: Stop using IST for SS Andy Lutomirski Orabug: 20224027 CVE-2014-9090 CVE-2014-9322...
kernel security update
kernel 2.6.18-400.1.1.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...
ruby security update
2.0.0.353-22 - Fix REXML billion laughs attack via parameter entity expansion CVE-2014-8080. Resolves: rhbz1163998 - REXML incomplete fix for CVE-2014-8080 CVE-2014-8090. Resolves: rhbz1163998 2.0.0.353-21 - Fix off-by-one stack-based buffer overflow in the encodes function CVE-2014-4975 Resolves...
kernel security and bug fix update
2.6.32-504.1.3 - Revert: net revert 'bridge: Set vlanfeatures to allow offloads on vlans' Vlad Yasevich 1144442 1121991 2.6.32-504.1.2 - x86 kvm: fix PIT timer race condition mguzik 1149592 1149593 CVE-2014-3611 - x86 kvm: vmx: handle invept and invvpid vm exits gracefull mguzik 1144826 1144837...
Unbreakable Enterprise kernel Security update
kernel-uek 2.6.32-400.36.9uek - ALSA: control: Don't access controls outside of protected regions Lars-Peter Clausen Orabug: 19817787 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 - ALSA: control: Fix replacing user controls Lars-Peter Clausen Orabug: 19817749 CVE-2014-4653 CVE-2014-4654 CVE-2014-465...
kernel security update
3.10.0-123.4.4 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.4.4 - net l2tpppp: fail when socket option level is not SOLPPPOL2TP Petr Matousek 1119465 1119466 CVE-2014-4943 3.10.0-123.4.3 - x86 ptrace: force IRET path after a ptracestop Oleg Nesterov 1115934 1115935 CVE-2014-4699...
wireshark security update
1.8.10-7.0.1.el6 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.8.10-7 - security patches - Resolves: CVE-2013-6337 1.8.10-6 - security patches - Resolves: CVE-2014-2281 CVE-2014-2283 CVE-2014-2299 1.8.10-5 - security patches - Resolves: CVE-2013-6336 CVE-2013-6338...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.34.4uek - netfilter: nfconntrackdccp: fix skbheaderpointer API usages Daniel Borkmann Orabug: 18462076 CVE-2014-2523 - net: sctp: fix sctpsfdo51Dce to verify if we/peer is AUTH capable Daniel Borkmann Orabug: 18461091 CVE-2014-0101...
bind security update
32:9.8.2-0.23.rc1.1 - Fix CVE-2014-0591 32:9.8.2-0.23.rc1 - Fix gssapictx memory leak 911167 32:9.8.2-0.22.rc1 - fix CVE-2013-4854 32:9.8.2-0.21.rc1 - fix CVE-2013-2266 - ship dns/rrl.h in -devel subpkg 32:9.8.2-0.20.rc1 - remove one bogus file from /usr/share/doc, introduced by RRL patch...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.33.4uek - kernel/signal.c: stop info leak via the tkill and the tgkill syscalls Emese Revfy Orabug: 17951083 CVE-2013-2141 - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - KVM: x86: Fix potential divide by 0 in lapic...
kernel security, bug fix, and enhancement update
2.6.32-431.1.2 - x86 kvm: fix cross page vapicaddr access Paolo Bonzini 1032214 1032215 CVE-2013-6368 - x86 kvm: fix division by zero in apicgettmcct Paolo Bonzini 1032212 1032213 CVE-2013-6367 2.6.32-431.1.1 - netdrv mlx4en: Check device state when setting coalescing Amir Vadai 1032395 975908 -...
kernel security and bug fix update
2.6.32-358.18.1 - x86 perf/x86: Fix offcorersp valid mask for SNB/IVB Nikola Pajkovsky 971314 971315 CVE-2013-2146 - net br: fix schedule while atomic issue in brfeaturesrecompute Jiri Pirko 990464 980876 - scsi isci: Fix a race condition in the SSP task management path David Milburn 990470 97860...
glibc security and bug fix update
2.5-107.4 - Add missing patch to avoid use after free 816647. 2.5-107.3 - Fix multibyte character processing crash in regexp CVE-2013-0242, 951130 - Fix getaddrinfo stack overflow resulting in application crash CVE-2013-1914, 951130 2.5-107.2 - Call feraiseexcept only if exceptions are not masked...
kernel security and bug fix update
kernel 2.6.18-348.4.1 - virt xen-netback: backports Andrew Jones 910884 910885 CVE-2013-0216 - virt xen-netback: netifschedulable should take a netif Andrew Jones 910884 910885 CVE-2013-0216 - virt pciback: rate limit error mess from pcibackenablemsi Igor Mammedov 910876 910877 CVE-2013-0231 - ne...
tomcat6 security update
0:6.0.24-52 - Related: rhbz 882010 rhbz 883692 rhbz 883705 - Javadoc generation did not work. Using targetrhel-6.4.Z-noarch-candidate - to avoid building on ppc64, ppc, and x390x. 0:6.0.24-50 - Resolves: rhbz 882010 CVE-2012-3439 CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 - three DIGEST...
sssd security, bug fix and enhancement update
1.9.2-82 - Resolves: rhbz888614 - Failure in memberof can lead to failed database update 1.9.2-81 - Resolves: rhbz903078 - TOCTOU race conditions by copying and removing directory trees 1.9.2-80 - Resolves: rhbz903078 - Out-of-bounds read flaws in autofs and ssh services responders 1.9.2-79 -...
java-1.6.0-openjdk security update
1:1.6.0.0-1.56.1.11.8 - Rebuild with updated sources - Resolves: rhbz911524 1:1.6.0.0-1.55.1.11.8 - Updated to icedtea6 1.11.8 - Removed patch9 7201064.patch - Removed patch10 8005615.patch - Removed not-applied patch 6664509.patch - Removed mauve as deadly outdated and run on QA - jtreg kept,...
squirrelmail security and bug fix update
1.4.8-21.0.2.el5 - remove Redhat splash screen images from source 1.4.8-21.0.1.el5 - remove Redhat splash screen images - add README instead of README.RedHat 1.4.8-21 - change charset for zhCN and zhTW to utf-8 508686 1.4.8-20 - fix header encoding issue 241861 - fix code producing warnings in th...
kernel security and bug fix update
2.6.32-279.9.1.el6 - md raid1, raid10: avoid deadlock during resync/recovery. Dave Wysochanski 845464 835613 - fs dlm: fix deadlock between dlmsend and dlmcontrold David Teigland 849051 824964 - ata libata: Add space to fix 2GB ATA Flash Disk/ADMA428M blacklist Prarit Bhargava 851445 843849 - fs...
kernel security and bug fix update
kernel 2.6.18-308.13.1.el5 - net e1000e: Cleanup logic in e1000checkforserdeslink82571 Dean Nelson 841370 771366 - net e1000e: Correct link check logic for 82571 serdes Dean Nelson 841370 771366 - mm NULL pointer dereference in vmenoughmemory Jerome Marchand 840077 836244 - fs dlm: fix slow rsb...