8998 matches found
ntp security, bug fix, and enhancement update
4.2.6p5-5 - reject packets without MAC when authentication is enabled CVE-2015-1798 - protect symmetric associations with symmetric key against DoS attack CVE-2015-1799 - fix generation of MD5 keys with ntp-keygen on big-endian systems CVE-2015-3405 - log when stepping clock for leap second or...
Unbreakable Enterprise kernel security update
2.6.39-400.250.6 - x86/asm/entry/64: Remove a bogus 'retfromfork' optimization Andy Lutomirski Orabug: 21308308 CVE-2015-2830 - x86, mm/ASLR: Fix stack randomization on 64-bit systems Hector Marco-Gisbert Orabug: 21307918 CVE-2015-1593 CVE-2015-1593...
php security update
5.4.16-23.3 - fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710 5.4.16-23.2 - xmlrpc: fix out-of-bounds read flaw in mkgmtime CVE-2014-3668 - core: fix integer overflow in unserialize CVE-2014-3669 - exif: fix heap corruption issue in exifthumbnail CVE-2014-3670...
Unbreakable Enterprise kernel security update
2.6.39-400.215.11 - ALSA: control: Don't access controls outside of protected regions Lars-Peter Clausen Orabug: 19817786 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 - ALSA: control: Fix replacing user controls Lars-Peter Clausen Orabug: 19817748 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 - kvm:...
php53 and php security update
5.3.3-27.2 - spl: fix use-after-free in ArrayIterator due to object change during sorting. CVE-2014-4698 - spl: fix use-after-free in SPL Iterators. CVE-2014-4670 - gd: fix NULL pointer dereference in gdImageCreateFromXpm. CVE-2014-2497 - fileinfo: fix incomplete fix for CVE-2012-1571 in...
squid security update
7:3.1.10-22 - Resolves: 1134936 - CVE-2013-4115 buffer overflow when processing overly long DNS names 7:3.1.10-21 - Resolves: 1134936 - CVE-2014-3609 assertion failure in header processing...
unbreakable enterprise kernel security update
2.6.39-400.214.3 - inet: fix addrlen/msg-msgnamelen assignment in recverror and rxpmtu functions Hannes Frederic Sowa 18247289 CVE-2013-7263 CVE-2013-7265 2.6.39-400.214.2 - inet: prevent leakage of uninitialized memory to user in recv syscalls Hannes Frederic Sowa 18238382 CVE-2013-7263...
kernel security and bug fix update
kernel 2.6.18-371.1.2 - xen x86: check segment descriptor read result in 64-bit OUTS emulation Radim Krcmar 1012958 1012959 CVE-2013-4368 - md dm snapshot: fix data corruption Mikulas Patocka 1004734 975353 CVE-2013-4299 2.6.18-371.1.1 - crypto ansicprng fix off by one err in non-block size reque...
Unbreakable Enterprise kernel Security update
2.6.39-400.24.1 - perf: Treat attr.config as u64 in perfsweventinit Tommi Rantala Orabug: 16808734 CVE-2013-2094...
mysql security and bug fix update
5.0.95-3 - Re-add patch for CVE-2009-4030, mistakenly removed in 5.0.95 rebase Resolves: CVE-2012-4452 5.0.95-2 - Support rotation of mysqld log though this is not enabled by default Resolves: 647223 - Fix crash with EXPLAIN and prepared statements Resolves: 654000 - Adopt init script updates fro...
Unbreakable Enterprise kernel security update
2.6.32-300.39.2 - ext4: fix undefined behavior in ext4fillflexinfo Xi Wang orabug 16020245 CVE-2012-2100 - Divide by zero in TCP congestion control Algorithm Jesper Dangaard Brouer orabug 16020447 CVE-2012-4565 - ipv6: discard overlapping fragment Luis Henriques orabug 16021354 CVE-2012-4444...
java-1.6.0-openjdk security update
1:1.6.0.0-1.49.1.11.4 - Updated to latest IedTea6 1.11.4 - Resolves: rhbz853345 1:1.6.0.0-1.48.1.11.3 - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz828752 1:1.6.0.0-1.47.1.11.3 - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: -...
java-1.7.0-openjdk security update
1.7.0.5-2.2.1.0.1.el63.3 - Modify DISTRONAME for Oracle 1.7.0.5-2.2.1.el6.3 - Removed patch 304 java-1.7.0-openjdk-beans-isPackageAccessible.patch - Applied upstream patches for same issue: patch 1001 sec-webrevs-openjdk7-29aug2012-7162473.patch patch 1002...
Unbreakable Enterprise kernel security and bug fix update
2.6.32-300.7.1.el6uek - Revert "proc: enable writing to /proc/pid/mem" orabug 13619701 CVE-2012-0056 - PATCH x86, tsc: Skip TSC synchronization checks for tsc=reliable Suresh Siddha 2.6.32-300.6.1.el6uek - tracing: Fix null pointer deref with SENDSIGFORCED Oleg Nesterov orabug 13611655...
util-linux-ng security, bug fix, and enhancement update
2.17.2-12.4 - fix CVE-2011-1675 - mount fails to anticipate RLIMITFSIZE - fix CVE-2011-1677 - umount may fail to remove /etc/mtab lock file 2.17.2-12.3 - fix fatal typos in patch for 723546 2.17.2-12.2 - rename /etc/hushlogin to /etc/hushlogins 696731 2.17.2-12.1 - fix 723546 - Defects revealed b...
kernel security, bug fix, and enhancement update
2.6.32-131.12.1.el6 - netdrv be2net: clear intr bit in beprobe Ivan Vecera 726308 722596 2.6.32-131.11.1.el6 - mm hold the page lock until after setpagestablenode Andrea Arcangeli 726095 683658 - netdrv be2net: remove certain cmd failure logging Ivan Vecera 725329 719304 - net nl80211: missing...
sendmail security and bug fix update
8.13.1-6 - rpm attributes S,5,T not recorded for statistics file - fix specfile for passing rpm -V test 8.13.1-5 - recompile with -fno-strict-aliasing - fix typo, purge-mqueue script - remove README.certcnnul 8.13.1-4 - fix CVE-2009-4565 554987 - fix MAXHOSTNAMELEN 485380 - fix stale files in...
openssl security update
1.0.0-4.2 - disable code for SSLOPNETSCAPEREUSECIPHERCHANGEBUG - CVE-2010-3864 649304 1.0.0-4.1 - fix race in extension parsing code - CVE-2010-3864 649304...
php security update
5.1.6-27.3 - add security fix for CVE-2010-3870 626735 5.1.6-27.2 - fix varexport test cases 626735 5.1.6-27.1 - add security fixes for CVE-2010-1917, CVE-2010-3065, CVE-2010-2531, CVE-2010-1128, CVE-2010-0397 626735...
Unbreakable enterprise kernel security update
2.6.32-100.20.1.el5 - fs xfs: return inode fork offset in bulkstat for fsr Dave Chinner - fs xfs: always use iget in bulkstat Dave Chinner CVE-2010-2943 - fs xfs: validate untrusted inode numbers during lookup Dave Chinner CVE-2 010-2943 - fs xfs: rename XFSIGETBULKSTAT to XFSIGETUNTRUSTED Dave...
kvm security, bug fix and enhancement update
kvm-83-164.0.1.el5 - Add kvm-Introduce-oel-machine-type.patch - Add kvm-add-oracle-workaround-for-libvirt-bug.patch kvm-83-164.el5 - kvm-Fix-Windows-guests-SVVP-tests.patch bz495844 - Resolves: bz495844 KVM SVVP: 'Signed Driver check' failure - on the disabled vCPUs that the VM's BIOS doesn't hid...
firefox security update
firefox: 3.0.16-1.0.1.el54 - Update firstrun and homepage URLs in specfile - Added patch oracle-firefox-branding.patch - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones 3.0.16-1 - Update to 3.0.16 xulrunner: 1.9.0.16-2.0.1.el5...
java-1.6.0-openjdk security update
1:1.6.0.0.0-1.7.b09.0.1.el5 - Add oracle-enterprise.patch 1:1.6.0-1.7.b09 - Fixed applying patches 1:1.6.0-1.6.b09 - Updated Release 1:1.6.0-1.5.b09 - Fixed Makefile patch 1:1.6.0-1.4.b09 - Updated release tag 1:1.6.0-1.3.b09 - Updated release...
libvorbis security update
1:1.1.2-3.el5.4 - fix CVE-CVE-2009-3379 Resolves: 532418...
kernel security and bug fix update
2.6.9-78.0.13.0.1.EL - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon wit...
kernel security and bug fix update
2.4.21-58.0.0.0.1.EL - add directio support for qla drivers herb ora 6346849 - support PT Quad card ora 5751043 - io to nfs partition hangs ora 5088963 - add entropy for bnx2 nic ora 5931647 - avoid large allocation-fragmentation in MTU zab - fix clear highpage wli 2.4.21-58.EL - copyuser doesn't...
firefox security update
devhelp: 0.12-20 - Rebuild against xulrunner firefox: 3.0.4-1.0.1.el5 - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html Removed the corresponding files of Red Hat. - Added patch oracle-firefox-branding.patch - Update firstrun URL in spec file 3.0.4-5 - Update to Firefo...
Important: xorg-x11-server security update
1.1.1-48.26.4.0.1 - Add Enterprise Linux detection 1.1.1-48.26.4 - cve-2007-5760.patch: XFree86-Misc Extension Invalid Array Index Vulnerability - cve-2007-5958.patch: Xorg / XFree86 file existence disclosure vulnerability - cve-2007-6427.patch: XInput Extension Memory Corruption Vulnerability -...
Important: kernel security and bug fix update
kernel-2.4.21-53.EL - Fix ipv4 treason uncloaked message Anton Arapov 249237 - Fix ipv4 fib-sem-out-of-bounds checking Don Howard 250429 CVE-2007-2172 - Reset current-pdeathsignal on SUID binary execution Peter Zijlstra 251117 CVE-2007-3848 - Fix local DoS with corrupted elf on ia64 Don Howard...
.NET 9.0 security update
9.0.106-1.0.1 - Add support for Oracle Linux 9.0.106-1 - Update to .NET SDK 9.0.106 and Runtime 9.0.5 - Resolves: RHEL-89451 9.0.105-2 - Update to .NET SDK 9.0.105 and Runtime 9.0.4 - Resolves: RHEL-85279...
libjpeg-turbo security update
1.5.3-14 - updated previous fix RHEL-87364 1.5.3-13 - fix CVE-2020-13790: heap-based buffer over-read in getrgbrow RHEL-87364...
virt:kvm_utils1 security update
hivex 1.3.18-21 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 1.3.18 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release 1.3.18 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release 1.3.15...
libvirt security update
libvirt 9.0.0-5.el9 - Fix off-by-one error in udevListInterfacesByStatus Martin Kletzander Orabug: 36364464 CVE-2024-1441 libvirt-python 9.0.0-5.el9 - Update to libvirt 9.0.0-5 Karl Heubaum...
glibc security update
2.34-100.0.1.2 - Forward-port Oracle patches for ol9-u4 Reviewed by: Jose E. Marchesi...
fence-agents security update
4.10.0-55.2 - python-certifi: Removal of e-Tugra root certificate CVE-2023-37920 - python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804...
edk2 security update
20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
dnsmasq security and bug fix update
2.79-31 - Do not create and search --local and --address=/x/ domains 2233542 2.79-30 - Make create logfile writeable by root 2156789 2.79-29 - Fix also dynamically set resolvers over dbus 2186481 2.79-28 - Correct possible crashes when server=/example.net/ is used 2186481 2.79-27 - Limit offered...
tomcat security update
1:9.0.62-5.2 - HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487...
nodejs:18 security update
nodejs 1:18.18.2-1 - Rebase to version 18.18.2 Resolves: CVE-2023-44487 CVE-2023-45143 CVE-2023-38552 CVE-2023-39333 nodejs-nodemon nodejs-packaging...
nodejs:16 security update
nodejs 1:16.20.2-3.0.1 - Update nghttp2 to 1.57.0 Resolves: CVE-2023-44487 nodejs-nodemon nodejs-packaging 26-1 - nodejs.prov: find namespaced bundled dependencies - Apply https://src.fedoraproject.org/rpms/nodejs-packaging/c/e24e7df...
glibc security update
2.28-225.0.4 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi...
kernel security, bug fix, and enhancement update
4.18.0-477.27.0.18.OL8 - bluetooth: Perform careful capability checks in hcisockioctl CVE-2023-2002 - ipvlan:Fix out-of-bounds caused by unclear skb-cb CVE-2023-3090 - net/sched: clsfw: Fix improper refcount update leads to use-after-free CVE-2023-3776 - netfilter: nftsetpipapo: fix improper...
libcap security update
2.48-5 - Fix integer overflow in libcapstrdup CVE-2023-2603 Resolves: rhbz2210637 - Correctly check pthreadcreate return value to avoid memory leak CVE-2023-2602 Resolves: rhbz2210644...
gcc-toolset-12-binutils security update
2.38-17 - Fix an illegal memory access parsing a corrupt ELF file. 2153220...
postgresql-jdbc security update
42.2.14-2 - Fix CVE-2022-41946...
libtpms security update
0.9.1-3.20211126git1ff6fe1f43 - Backport 'tpm2: Check size of buffer before accessing it' CVE-2023-1017 & CVE-2023-1018 Resolves: rhbz2173960 Resolves: rhbz2173967...
nodejs:14 security, bug fix, and enhancement update
nodejs 1:14.21.1-2 - Apply upstream fix for CVE-2022-24999 Resolves: CVE-2022-24999 - Record CVEs fixed by current or previous upstream releases Resolves: CVE-2021-44906 1:14.21.1-1 - Rebase to version 14.21.1 Resolves: rhbz2129805 CVE-2022-43548 CVE-2022-3517...
nodejs:16 security, bug fix, and enhancement update
nodejs 1:16.18.1-3 - Update sources of undici WASM blobs Resolves: rhbz2151546 1:16.18.1-2 - Record CVE references already addressed in this or previous upstream versions Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 1:16.18.1-1 - Rebase + CVE fixes - Resolves: 2142806 -...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.314.6.2.el7 - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34883034 CVE-2022-4378 - proc: avoid integer type confusion in getproclong Linus Torvalds Orabug: 34883034 CVE-2022-4378 5.4.17-2136.314.6.1.el7 - RDMA/uverbs: Move IBEVENTDEVICEFATAL ...
grafana-pcp security update
3.2.0-2 - resolve CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header - resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working - resolve CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read -...