9184 matches found
kernel security and bug fix update
2.6.32-358.23.2 - md dm-snapshot: fix data corruption Mikulas Patocka 1004252 1004233 CVE-2013-4299 2.6.32-358.23.1 - md raid1, raid10: use freezearray in place of raisebarrier in various places Jes Sorensen 1003765 997845 - scsi megaraidsas: megaraidsas driver init fails in kdump kernel Nikola...
kernel security and bug fix update
kernel 2.6.18-348.16.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
nss, nss-util, nss-softokn, and nspr security update
nspr 4.9.5-2 - Update to NSPR495RTM - Resolves: rhbz927186 - Rebase to nspr-4.9.5 - Add upstream URL for an existing patch per packaging guidelines 4.9.5-1 - Resolves: Rebase to nspr-4.9.5 4.9.2-1 - Update to nspr-4.9.2 - Related: rhbz863286 nss 3.14.3-4.0.1.el64 - Added nss-vendor.patch to chang...
kernel security update
2.6.32-358.0.1 - kernel utrace: ensure archptrace/ptracerequest can never race with SIGKILL Oleg Nesterov 912073 912074 CVE-2013-0871...
mysql security update
5.1.66-1 - Update to 5.1.66, for assorted upstream bugfixes including CVEs announced in July and October 2012 Resolves: 871813...
firefox security and bug fix update
firefox 10.0.8-1.0.2.el63 - Updated firefox-oracle-default-prefs.js based on latest firefox-redhat-default-prefs.js 10.0.8-1.0.1.el63 - Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js 10.0.8-1 - Update to 10.0.8 ESR xulrunner 10.0.8-1.0.1.el63 - Replace...
kernel security update
kernel: 2.6.18-308.8.2.el5 - xen x8664: check address on trap handlers or guest callbacks Paolo Bonzini 813430 813431 CVE-2012-0217 - xen x8664: Do not execute sysret with a non-canonical return address Paolo Bonzini 813430 813431 CVE-2012-0217 - xen x86: prevent hv boot on AMD CPUs with Erratum...
1
2.6.18-308.8.1.0.1.el5 - net bonding: fix carrier detect when bond is down orabug 12377284 - mm fix hugetlb page leak Dave McCracken orabug 12375075 - fix ia64 build error due to add-support-above-32-vcpus.patchZhenzhong Duan - x86 use dynamic vcpuinfo remap to support more than 32 vcpus Zhenzhon...
firefox security update
firefox: 10.0.4-1.0.1.el62 - Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js 10.0.4-1 - Update to 10.0.4 ESR xulrunner: 10.0.4-1.0.1.el62 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 10.0.4-1 - Update to 10.0.4 ESR 10.0.3-3 - Fixe...
Unbreakable Enterprise kernel security and bug fix update
2.6.32-300.11.1.el6uek - fs xfs: Fix possible memory corruption in xfsreadlink Carlos Maiolino CVE-2011-4077 - scsi increase qla2xxx firmware ready time-out Joe Jin - scsi qla2xxx: Module parameter to control use of async or sync port login Joe Jin - net tg3: Fix single-vector MSI-X code Joe Jin ...
Unbreakable Enterprise kernel security update
2.6.32-200.23.1.el6uek - net: Remove atmclip.h to prevent break kabi check. - KConfig: add CONFIGUEK5=n to ol6/config-generic 2.6.32-200.22.1.el6uek - ipv6: make fragment identifications less predictable Joe Jin CVE-2011-2699 - vlan: fix panic when handling priority tagged frames Joe Jin...
kernel security, bug fix, and enhancement update
kernel: 2.6.18-274.7.1.0.1.el5 - fix ia64 build error due to add-support-above-32-vcpus.patchZhenzhong Duan - x86 use dynamic vcpuinfo remap to support more than 32 vcpus Zhenzhong Duan - scsi add additional scsi medium error handling John Sobecki orabug 12904887 - x86 Fix lvt0 reset when hvm boo...
openssl security update
1.0.0-4.2 - disable code for SSLOPNETSCAPEREUSECIPHERCHANGEBUG - CVE-2010-3864 649304 1.0.0-4.1 - fix race in extension parsing code - CVE-2010-3864 649304...
bind security update
20:9.2.4-30.6 - fix CVE-2010-3613...
automake security update
1.9.6-2.3 - increase delay in self checks - add delays in aclocal7 self check http://osdir.com/ml/sysutils.automake.bugs/2006-09/msg00012.html - preserve timestamps of configure files 1.9.6-2.2 - add fix for CVE-2009-4029...
kvm security, bug fix and enhancement update
kvm-83-164.0.1.el5 - Add kvm-Introduce-oel-machine-type.patch - Add kvm-add-oracle-workaround-for-libvirt-bug.patch kvm-83-164.el5 - kvm-Fix-Windows-guests-SVVP-tests.patch bz495844 - Resolves: bz495844 KVM SVVP: 'Signed Driver check' failure - on the disabled vCPUs that the VM's BIOS doesn't hid...
kernel security and bug fix update
2.6.18-164.9.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina yang orabug 69930...
kernel security update
2.6.9-89.0.9.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race avoidanc...
firefox security update
devhelp: 0.12-20 - Rebuild against xulrunner firefox: 3.0.4-1.0.1.el5 - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html Removed the corresponding files of Red Hat. - Added patch oracle-firefox-branding.patch - Update firstrun URL in spec file 3.0.4-5 - Update to Firefo...
Important: XFree86 security update
4.3.0-125.EL.0.1 - Add oracle detection to Imake. 4.3.0-125.EL - cve-2007-4568.patch: XFS Integer Overflow Vulnerability - cve-2007-5958.patch: Xorg / XFree86 file existence disclosure vulnerability - cve-2007-6427.patch: XInput Extension Memory Corruption Vulnerability - cve-2007-6428.patch:...
Important openssh security update
3.9p1-8.RHEL4.17 - CVE-2006-5051 don't call cleanups from signal handler 208347 3.9p1-8.RHEL4.16 - CVE-2006-4924 prevent DoS on deattack detector code 207955...
Unbreakable Enterprise kernel security update
6.12.0-1.23.3.1 - x86/bhi: Do not set BHIDISS in 32-bit mode Pawan Gupta Orabug: 37920680 - x86/bpf: Add IBHF call at end of classic BPF Daniel Sneddon Orabug: 37920680 - x86/bpf: Call branch history clearing sequence on exit Daniel Sneddon Orabug: 37920680 - selftest/x86/bugs: Add selftests for...
httpd:2.4 security update
httpd 2.4.37-65.0.1.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-65.1 - Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue in modrewrite CVE-2024-38474 - Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in modproxy CVE-2024-38473 - Resolves:...
libvirt security update
libvirt 9.0.0-5.el9 - Fix off-by-one error in udevListInterfacesByStatus Martin Kletzander Orabug: 36364464 CVE-2024-1441 libvirt-python 9.0.0-5.el9 - Update to libvirt 9.0.0-5 Karl Heubaum...
bind security update
bind 9.16.23-18.0.1 - Fix warning when changing device file permissions Orabug: 36518580 32:9.16.23-18.1 - Rebuild with correct z-stream tag again 32:9.16.23-18 - Prevent crashing at masterformat system test CVE-2023-6516 32:9.16.23-17 - Import tests for large DNS messages fix - Add downstream...
Unbreakable Enterprise kernel security update
5.15.0-201.135.6 - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller Johnathan Mantey - netfilter: nftables: split async and sync catchall in two functions Pablo Neira Ayuso - netfilter: nftables: remove catchall element in GC sync path Pablo Neira Ayuso - scsi: mpt3sas: Fix...
.NET 6.0 security, bug fix, and enhancement update
6.0.121-1.0.1 - Update to .NET SDK 6.0.121 and Runtime 6.0.21 - Resolves: RHBZ2228567...
python-requests security update
2.20.0-3 - Fix Unintended leak of Proxy-Authorization header CVE-2023-32681...
libcap security update
2.48-5 - Fix integer overflow in libcapstrdup CVE-2023-2603 Resolves: rhbz2210637 - Correctly check pthreadcreate return value to avoid memory leak CVE-2023-2602 Resolves: rhbz2210644...
aardvark-dns security update
runc 1:1.1.4-1.0.1 - rootless: fix /sys/fs/cgroup mounts to prevent CVE-2023-25809 - rootfs: prohibit symlinks that conflicts with readonlyPaths and/or maskedPaths to prevent CVE-2023-27561 - Prohibit /proc and /sys to be symlinks to prevent CVE-2023-28642 - JIRA: OLDIS-25589...
bind security and bug fix update
32:9.16.23-11 - Correct backport issue in statistics rendering fix 2126912 32:9.16.23-10 - Handle subtle difference between upstream and rhel CVE-2022-3094 32:9.16.23-9 - Prevent flooding with UPDATE requests CVE-2022-3094 - Handle RRSIG queries when server-stale is active CVE-2022-3736 - Fix cra...
Unbreakable Enterprise kernel security update
5.15.0-8.91.4.1 - uek-rpm: Add opbmc to core rpm Somasundaram Krishnasamy Orabug: 35157130 5.15.0-8.91.4 - selftests/vm: remove ARRAYSIZE define from individual tests Shuah Khan Orabug: 35088471 - selftests: Provide local define of cpuidcount Reinette Chatre Orabug: 35088471 - tools: fix ARRAYSIZ...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.314.6.2.el7 - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34883034 CVE-2022-4378 - proc: avoid integer type confusion in getproclong Linus Torvalds Orabug: 34883034 CVE-2022-4378 5.4.17-2136.314.6.1.el7 - RDMA/uverbs: Move IBEVENTDEVICEFATAL ...
rsync security and enhancement update
3.1.3-19 - Resolves: 2116668 - zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field 3.1.3-18 - Resolves: 2111175 - remote arbitrary files write inside the directories of connecting peers 3.1.3-17 - Related: 2043753 - New option should...
libldb security, bug fix, and enhancement update
2.5.2-2 - resolves: rhbz2108998 - Rebuild to include python3-ldb-devel in CRB 2.5.2-1 - Rebase to version 2.5.2 - resolves: rhbz2109016 - Fix CVE-2022-32746 2.5.1-1 - related: rhbz2077484 - Rebase to version 2.5.1 2.5.0-1 - resolves: rhbz2077484 - Rebase to version 2.5.0...
expat security update
2.2.10-12.3 - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674...
glibc security update
2.17-325.0.3.ksplice1 - Latest Ksplice-aware release. 2.17-325.0.3 - OraBug 33968985 Security Patches This release fixes CVE-2022-23219, CVE-2022-23218, and CVE-2021-3999 Reviewed-by: Jose E. Marchesi...
udisks2 security and bug fix update
2.9.0-9 - Fix LVM-VDO statistics tests 2023880,2025483 - Fix GError ownership 1999149 2.9.0-8 - CVE-2021-3802: Harden the default mount options for ext filesystems 2004422...
openssl security update
1:1.0.2k-25 - Fixes CVE-2022-2078 Infinite loop in BNmodsqrt reachable when parsing certificates - Related: rhbz2067160...
firefox security update
91.4.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.4.0-1 - Update to 91.4.0 build1...
rust-toolset:ol8 security update
rust 1.54.0-3 - Lint against Unicode control codepoints. rust-toolset 1.54.0-1 - Update to Rust and Cargo 1.54.0. 1.53.0-1 - Update to Rust and Cargo 1.53.0...
linuxptp security update
2.0-2.el79.1 - validate length of forwarded messages CVE-2021-3570...
ghostscript security, bug fix, and enhancement update
9.27-1 - Rebase to 9.27 - Resolves: rhbz1874523...
unbound security, bug fix, and enhancement update
1.7.3-15 - Fix SPEC file to not check md5 mtime and size of /var/lib/unbound/root.key - Resolves: rhbz1714175 - Use system-wide crypto policy setting PROFILE=SYSTEM instead of custom setting - Resolves: rhbz1842837 - Enable additional logging in unbound - Resolves: rhbz1850460 - security hardenin...
cpio security update
2.12-10 - Fixed improper input validation when writing tar header fields 1766223 2.12-9 - Extract: retain times for symlinks 1487673...
Unbreakable Enterprise kernel security update
4.1.12-124.49.3.1 - SecureBoot Digicert 2021 certificates update Brian Maly Orabug: 32532671 4.1.12-124.49.3 - xen/netback: avoid race in xenvifrxringslotsavailable Juergen Gross Orabug: 32485156 - audit: fix error handling in auditdatatoentry Paul Moore Orabug: 32608451 CVE-2020-0444...
python27:2.7 security update
python2 2.7.17-2.0.2 - Fix buffer overflow in PyCArgrepr Orabug: 32551171CVE-2021-3177...
Unbreakable Enterprise kernel security update
4.14.35-2047.501.2 - scsi: iscsi: Verify lengths on passthrough PDUs Chris Leech Orabug: 32634994 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi: Ensure sysfs attributes are limited to PAGESIZE Chris Leech Orabug: 32634994 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi:...
dotnet security and bugfix update
2.1.522-1 - Update to .NET Core SDK 2.1.522 and Runtime 2.1.26 - Resolves: RHBZ1933844...
grub2 security update
2.02-90.0.2.el83.1 - Fix various coverity issues Orabug: 32530657 - Add SBAT metadata to grubx64.efi Orabug: 32530657 - Set proper blsdir if /boot is on btrfs rootfs Orabug: 32063327 - Add CVE-2020-15706, CVE-2020-15707 to the list Orabug: 31225072 - Update signing certificate for efi binaries -...