9184 matches found
sendmail security and bug fix update
8.13.1-6 - rpm attributes S,5,T not recorded for statistics file - fix specfile for passing rpm -V test 8.13.1-5 - recompile with -fno-strict-aliasing - fix typo, purge-mqueue script - remove README.certcnnul 8.13.1-4 - fix CVE-2009-4565 554987 - fix MAXHOSTNAMELEN 485380 - fix stale files in...
kvm security and bug fix update
kvm-83-164.0.1.el55.30 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch to replace RHEL with OEL - Added kvm-Introduce-oel-machine-type.patch so that OEL is a recognized VM kvm-83-164.el55.30 - Revert the bz661397 patches as they are not enough -...
kernel security and bug fix update
2.6.9-89.33.1.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
php security update
5.1.6-27.3 - add security fix for CVE-2010-3870 626735 5.1.6-27.2 - fix varexport test cases 626735 5.1.6-27.1 - add security fixes for CVE-2010-1917, CVE-2010-3065, CVE-2010-2531, CVE-2010-1128, CVE-2010-0397 626735...
kernel security update
2.6.18-194.17.4.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina Yang orabug...
firefox security update
firefox: 3.6.11-2.0.1.el5 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones 3.6.11-2 - Update to 3.6.11 Build 2 3.6.11-1 - Update to 3.6.11 nss: 3.12.8-1.0.1.el5 - Update clean.gif in the nss-3.12.8-stripped.tar.bz2 tarball...
postgresql security update
8.1.21-1.el55.1 - Update to PostgreSQL 8.1.21 to fix CVE-2010-1169, CVE-2010-1170, CVE-2009-4136, CVE-2010-0733, CVE-2010-0442, and assorted other bugs described at http://www.postgresql.org/docs/8.1/static/release.html Resolves: 586058...
openssl security update
0.9.8e-12.6 - fix CVE-2009-3245 - add missing bnwexpand return checks 570924 0.9.8e-12.5 - fix CVE-2010-0433 - do not pass NULL princ to krb5ktgetentry which in the RHEL-5 and newer versions will crash in such case 569774 0.9.8e-12.4 - do not disable SSLv2 in the renegotiation patch - SSLv2 does...
thunderbird security update
1.5.0.12-25.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js - Replaced clean.gif in tarball 1.5.0.12-25 - Added patches from 2.0.0.24 1.5.0.12-24 - Update patchset to fix regression as per 1.9.0.13...
java-1.6.0-openjdk security update
1:1.6.0.0.0-1.7.b09.0.1.el5 - Add oracle-enterprise.patch 1:1.6.0-1.7.b09 - Fixed applying patches 1:1.6.0-1.6.b09 - Updated Release 1:1.6.0-1.5.b09 - Fixed Makefile patch 1:1.6.0-1.4.b09 - Updated release tag 1:1.6.0-1.3.b09 - Updated release...
samba security update
3.0.33-3.15.el5 - Security Release, fixes CVE-2009-1888, CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906 - resolves: 526660...
kernel security and bug fix update
2.6.9-89.0.15.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race...
java-1.6.0-openjdk security and bug fix update
1:1.6.0.0-1.2.b09.0.1.el5 - Add oracle-enterprise.patch 1:1.6.0.0-1.2.b09 - Updated release. - Moved java-1.6.0-openjdk-securitypatches.patch to java-1.6.0-openjdk-march24-securitypatches.patch. - Created new java-1.6.0-openjdk-july28-securitypatches.patch. - Updated release. - Resolves: rhbz5133...
firefox security update
firefox: 3.0.11-2.0.1.el53 - Update firstrun and homepage URLs - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones - Added patch oracle-firefox-branding.patch 3.0.11-2 - Update due to respin 3.0.11-1 - Update to 3.0.11 xulrunner...
Moderate: kernel security and bug fix update
2.6.9-67.0.7.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with...
Important: xpdf security update
3.00-14.el4 - Resolves: 356811, CVE-2007-4352 CVE-2007-5392 CVE-2007-5393...
Important: kernel security update
2.6.18-8.1.10.0.1.el5 - Fix bonding primary=ethX Bert Barbe IT 101532 ORA 5136660 - Add entropy module option to e1000/bnx2 John Sobecki ORA 6045759 2.6.18-8.1.10.el5 - mm Prevent the stack growth into hugetlb reserved regions Konrad Rzeszutek 253313 CVE-2007-3739 2.6.18-8.1.9.el5 - misc cpuset...
Important: cups security update
1.1.22-0.rc1.9.20.2 - Better patch for CVE-2007-3387 bug 248220. 1.1.22-0.rc1.9.20.1 - Applied patch to fix CVE-2007-3387 bug 248220...
Important php security update
4.3.9-3.22 - avoid default pear.conf change 4.3.9-3.21 - add security fix for CVE-2006-5465 from upstream 4.3.9-3.20 - add fix for phperror varargs use 199947 4.3.9-3.18 - rebuild 4.3.9-3.17 - add security fix from upstream: CVE-2006-4484 - add metaphone fix 205714 4.3.9-3.16 - add security fixes...
kernel security update
4.18.0-553.52.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
emacs security update
1:27.2-11.el95.2 - Fix arbitrary code execution via Lisp macro expansion RHEL-69395...
Unbreakable Enterprise kernel security update
5.4.17-2136.342.5 - ima: Fix use-after-free on a dentry's dname.name Stefan Berger Orabug: 36835558 CVE-2024-39494 5.4.17-2136.342.4 - sched: schcake: add bounds checks to host bulk flow fairness counts Toke Hoiland-Jorgensen - udf: Fix use of checkaddoverflow with mixed type arguments Ben...
bind security update
bind 9.16.23-18.0.1 - Fix warning when changing device file permissions Orabug: 36518580 32:9.16.23-18.1 - Rebuild with correct z-stream tag again 32:9.16.23-18 - Prevent crashing at masterformat system test CVE-2023-6516 32:9.16.23-17 - Import tests for large DNS messages fix - Add downstream...
httpd:2.4/mod_http2 security update
httpd modhttp2 1.15.7-8.5 - Resolves: RHEL-29816 - httpd:2.4/modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 modmd...
gnutls security update
3.7.6-23.3 - Fixes for CVE-2023-5981, CVE-2024-0553, CVE-2024-0567...
edk2 security update
20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
nodejs:18 security update
nodejs 1:18.18.2-1 - Rebase to version 18.18.2 Resolves: CVE-2023-44487 CVE-2023-45143 CVE-2023-38552 CVE-2023-39333 nodejs-nodemon nodejs-packaging...
glibc security update
2.28-225.0.4 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi...
qemu security update
15:4.2.1-28.el7 - virtio-crypto: verify src&dst buffer length for sym request Zhenwei Pi Orabug: 35724113 CVE-2023-3180 - hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller CVE-2023-0330 Thomas Huth Orabug: 35724112 CVE-2023-0330 - kvm: Atomic memslot updates David Hildenbrand Orabug...
.NET 6.0 security, bug fix, and enhancement update
6.0.121-1.0.1 - Update to .NET SDK 6.0.121 and Runtime 6.0.21 - Resolves: RHBZ2228567...
python-requests security update
2.20.0-3 - Fix Unintended leak of Proxy-Authorization header CVE-2023-32681...
libcap security update
2.48-5 - Fix integer overflow in libcapstrdup CVE-2023-2603 Resolves: rhbz2210637 - Correctly check pthreadcreate return value to avoid memory leak CVE-2023-2602 Resolves: rhbz2210644...
libtar security update
1.2.20-17 - fix use-after-free bugs introduced by incorrect memleak fixes CVE-2021-33640 1.2.20-16 - fix memory leaks through gnulongname,link CVE-2021-33645 CVE-2021-33646 - fix out-of-bounds read in gnulongname,link CVE-2021-33643 CVE-2021-33644...
libtpms security update
0.9.1-3.20211126git1ff6fe1f43 - Backport 'tpm2: Check size of buffer before accessing it' CVE-2023-1017 & CVE-2023-1018 Resolves: rhbz2173960 Resolves: rhbz2173967...
Unbreakable Enterprise kernel security update
5.15.0-100.96.32 - crypto: Report fips module name and version for aarch64 Saeed Mirzamohammadi Orabug: 35225251 - uek-rpm: Enable RFC7919 config for aarch64 Saeed Mirzamohammadi Orabug: 35225251 5.15.0-100.96.31 - uek-rpm: Update linux-firmware dependency Somasundaram Krishnasamy Orabug: 3521342...
Unbreakable Enterprise kernel security update
5.4.17-2136.317.5.3 - udf: Fix file corruption when appending just after end of preallocated extent Jan Kara Orabug: 35192150 - selftests/ftrace: Fix bash specific '==' operator Masami Hiramatsu Google Orabug: 35192150 - net: Fix unwanted sign extension in netdevstatstostats64 Felix Riemann Orabu...
kernel security, bug fix, and enhancement update
5.14.0-162.6.11.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
kernel security, bug fix, and enhancement update
5.14.0-70.26.1.0.10.OL9 - lockdown: also lock down previous kgdb use Daniel Thompson Orabug: 34290418 CVE-2022-21499 5.14.0-70.26.10.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.517.3.el7 - KVM: x86: use raw clock values consistently Paolo Bonzini Orabug: 34575637 - KVM: x86: reorganize pvclockgtoddata members Paolo Bonzini Orabug: 34575637 - KVM: x86: switch KVMCLOCK base to monotonic raw clock Marcelo Tosatti Orabug: 34575637 4.14.35-2047.517.2.el7 - kernf...
ruby:2.7 security, bug fix, and enhancement update
ruby 2.7.6-138 - Upgrade to Ruby 2.7.6. Resolves: rhbz2109424 - Fix FTBFS due to an incompatible load directive. Related: rhbz2109424 - Fix a fiddle import test on an optimized glibc on Power 9. Related: rhbz2109424 - Fix regular Expression Denial of Service Vulnerability of Date Parsing Methods...
kernel security, bug fix, and enhancement update
4.18.0-372.26.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
cri-o security update
1.21.7-2 - Addresses CVE-2022-1708 1.21.7-1 - Added Oracle Specifile Files for cri-o...
python-virtualenv security update
15.1.0-7 - Security fix for CVE-2019-20916 for the bundled pip wheel Resolves: rhbz1868135...
postgresql security update
9.2.24-8 - Resolves: CVE-2022-1552 - Backport upstrem fix: a117cebd638dd02e5c2e791c25e43745f233111b...
Unbreakable Enterprise kernel security update
4.14.35-2047.514.3 - uek-rpm: Update OL7 SecureBoot certificate files Saeed Mirzamohammadi Orabug: 34219958 4.14.35-2047.514.2 - perf: Fix sysperfeventopen race against self Peter Zijlstra Orabug: 34207044 CVE-2022-1729 - debug: Lock down kgdb Stephen Brennan Orabug: 34207043 CVE-2022-21499...
go-toolset:ol8addon security update
go-toolset 1.17.10-1 - Set version to correspond to the matching build golang version - delve can be now added to aarch64 as well, remove ifarch. golang 1.17.10-1.0.1 - Add patches between Go 1.17.7 and Go 1.17.10 - Rename baseversn to baseversion - Remove unneeded patches from previous version -...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.513.2.1.el7 - perf: Fix sysperfeventopen race against self Peter Zijlstra Orabug: 34175592 CVE-2022-1729...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.307.3.1 - Revert 'rds/ib: recover rds connection from stuck tx path' Nagappan Ramasamy Palaniappan Orabug: 34124233 5.4.17-2136.307.3 - kvm: debugfs: fix memory leak in kvmcreatevmdebugfs Pavel Skripkin Orabug: 33099019 - KVM: debugfs: Reuse binary stats descriptors Jing Zhang Orabug:...
thunderbird security update
91.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 91.6.0-1 - Update to 91.6.0 build1...
Unbreakable Enterprise kernel security update
4.1.12-124.59.1.2 - fix regression in 'epoll: Keep a reference on files added to the check list' Al Viro Orabug: 33679854 CVE-2021-1048 - fget: check that the fd still exists after getting a ref to it Linus Torvalds Orabug: 33679806 CVE-2021-0920 - fs: add fgetmany and fputmany Jens Axboe Orabug:...