9182 matches found
thunderbird security update
68.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.5.0-1 - Update to 68.5.0 build1...
thunderbird security update
68.4.1-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.4.1-2 - Update to 68.4.1 build1...
kernel security update
2.6.32-754.24.3.OL6 - Update genkey bug 25599697 2.6.32-754.24.3 - drm drm/i915/cmdparser: Fix jump whitelist clearing Denys Vlasenko 1756891 CVE-2019-0155...
python-requests security update
2.6.0-5 - Fix CVE-2018-18074 Resolves: rhbz1647368...
httpd:2.4 security update
httpd 2.4.37-11.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-11 - Resolves: 1695431 - CVE-2019-0211 httpd: privilege escalation from modules scripts - Resolves: 1696090 - CVE-2019-0215 httpd:2.4/httpd: modssl:...
firefox security update
60.7.2-3.0.2 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 60.7.2-3.0.1 Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.7.2-3 - Update to 60.7.2 ESR 60.7.1-1 - Updated to 60.7.1 ESR...
java-1.8.0-openjdk security update
1:1.8.0.212.b04-1 - Remove additions to EXTRACFLAGS and EXTRACPPFLAGS which are now made by upstream. - Resolves: rhbz1693468 1:1.8.0.212.b04-1 - Add JDK-8223219 to avoid -fstack-protector overriding -fstack-protector-strong - Resolves: rhbz1693468 1:1.8.0.212.b04-0 - Update to...
libssh2 security update
1.4.3-12.0.1.el76.2 - Orabug: 29909723 Added patch CVE-2019-3862 added length checks to prevent out-of-bounds reads and writes in libssh2packetaddCVE-2019-3862...
ghostscript security and bug fix update
9.07-31.el76.10 - Resolves: 1673915 - ghostscript: Regression: double comment chars '%' in gsinit.ps leading to missing metadata - Resolves: 1678171 - CVE-2019-3835 ghostscript: superexec operator is available 700585 - Resolves: 1680025 - CVE-2019-3838 ghostscript: forceput in DefineResource is...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.21.4 - x86/fpu: Make eager FPU default Mihai Carabas Orabug: 28156176 CVE-2018-3665 3.8.13-118.21.3 - KVM: Fix stack-out-of-bounds read in writemmio Wanpeng Li Orabug: 27951287 CVE-2017-17741 CVE-2017-17741 - xfs: set format back to extents if xfsbmapextentstobtree Eric...
kernel security update
3.10.0-862.3.3.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-862.3.3 - x86 always enable eager FPU by default on non-AMD processors Paolo...
thunderbird security update
52.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.8.0-1 - Update to 52.8.0...
libvirt security update
3.9.0-14.el75.5 - cpu: define the 'ssbd' CPUID feature bit CVE-2018-3639...
policycoreutils security, bug fix, and enhancement update
2.5-22.0.1 - Lazy unmount private, shared entry Joe Jin orabug 12560705 2.5-22 - semanage: Fix fcontext help message 1499259 - semanage: Improve semanage-user.8 man page 1079946 - semodule: Improve man page 1337192 2.5-21 - Update translations 2.5-20 - setfiles: Mention customizable types in...
firefox security update
52.7.2-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.7.2-1 - Update to 52.7.2 ESR...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.19.7 - Bluetooth: Properly check L2CAP config option output buffer length Ben Seri Orabug: 26796364 CVE-2017-1000251 3.8.13-118.19.6 - xen: fix bio vec merging Roger Pau Monne Orabug: 26645550 CVE-2017-12134 3.8.13-118.19.5 - fs/exec.c: account for argv/envp pointers Kees Co...
ghostscript security and bug fix update
9.07-28 - Security fix for CVE-2017-8291 updated to address SIGSEGV 9.07-27 - Added security fix for CVE-2017-8291 bug 1446063 9.07-26 - Updated requirements for lcms2 to avoid possible issues in the future 9.07-25 - Added security fix for CVE-2017-7207 bug 1434353 - Added explicit requirement fo...
tomcat security update
0:7.0.69-12 - Resolves: rhbz1441487 CVE-2017-5648 tomcat: Calls to application listeners did not use the appropriate facade object - Resolves: rhbz1441480 CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used - Resolves: rhbz1459746 CVE-2017-5664 tomcat: Security...
Unbreakable Enterprise kernel security update
2.6.39-400.297.4 - mm: larger stack guard gap, between vmas Hugh Dickins Orabug: 26326145 CVE-2017-1000364...
quagga security and bug fix update
0.99.15-14 - Resolves: 1416013 - CVE-2017-5495 quagga: Telnet interface input buffer allocates unbounded amounts of memory 0.99.15-13 - fix path of ripd pid file 842308 0.99.15-12 - fix start function in watchqugga initscript 862826, 1208617 0.99.15-11 - fix for CVE-2013-2236 1391918 - fix for...
firefox security update
45.5.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.5.0-1 - Update to 45.5.0 ESR 45.4.0-3 - Added upcoming upstream patches mozbz1018486 45.4.0-2 - Added Laszlo Ersek patch for aarch64 crashes...
tomcat6 security and bug fix update
0:6.0.24-98 - Resolves: rhbz1362210 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz1368119 0:6.0.24-97 - Resolves: rhbz1367051 CVE-2015-5174 URL Normalization issue - Resolves: rhbz1367054 CVE-2016-0706 Security Manager bypass via...
firefox security update
38.6.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 38.6.1-1 - Update to 38.6.1 ESR...
openssh security update
6.6.1p1-23 + 0.9.3-9 - Disable undocumented feauture Roaming for good 1298218 - prevents CVE-2016-0777 and CVE-2016-0778...
gnutls security update
3.3.8-14 - Prevent downgrade attack to RSA-MD5 in server key exchange. 3.3.8-13 - Corrected reseed and respect of maxnumberofbitsperrequest in FIPS140-2 mode. Also enhanced the initial tests. 1228199...
java-1.8.0-openjdk security update
1:1.8.0.65-0.b17 - October 2015 security update to u65b17. - Add script for generating OpenJDK tarballs from a local Mercurial tree. - Update RH1191652 patch to build against current AArch64 tree. - Use appropriate source ID to avoid unpacking both tarballs on AArch64. - Fix library removal scrip...
httpd security update
2.2.15-47.0.1 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-47 - fix regressions caused by fix for CVE-2015-3183 2.2.15-46 - core: fix chunk header parsing defect CVE-2015-3183...
java-1.6.0-openjdk security update
1:1.6.0.36-1.13.8.1 - Update tarball to fix TCK regression PR2565 - Resolves: rhbz1235153 1:1.6.0.36-1.13.8.0 - Update to IcedTea 1.13.8 - Update nopr2125.patch to work against new version. - Resolves: rhbz1235153...
ntp security, bug fix, and enhancement update
4.2.6p5-5 - reject packets without MAC when authentication is enabled CVE-2015-1798 - protect symmetric associations with symmetric key against DoS attack CVE-2015-1799 - fix generation of MD5 keys with ntp-keygen on big-endian systems CVE-2015-3405 - log when stepping clock for leap second or...
openssl security update
0.9.8e-36.0.1 - Backport openssl 08-Jan-2015 security fixes John Haxby orabug 20409893 - fix CVE-2014-3570 - Bignum squaring may produce incorrect results - fix CVE-2014-3571 - DTLS segmentation fault in dtls1getrecord - fix CVE-2014-3572 - ECDHE silently downgrades to ECDH Client 0.9.8e-36 - als...
Unbreakable Enterprise kernel security update
2.6.39-400.250.6 - x86/asm/entry/64: Remove a bogus 'retfromfork' optimization Andy Lutomirski Orabug: 21308308 CVE-2015-2830 - x86, mm/ASLR: Fix stack randomization on 64-bit systems Hector Marco-Gisbert Orabug: 21307918 CVE-2015-1593 CVE-2015-1593...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.6 - x86/asm/entry/64: Remove a bogus 'retfromfork' optimization Andy Lutomirski Orabug: 21308307 CVE-2015-2830 - x86, mm/ASLR: Fix stack randomization on 64-bit systems Hector Marco-Gisbert Orabug: 21307917 CVE-2015-1593 CVE-2015-1593...
bash security update
3.2-33.4.0.1 - Fix segfaults from CVE-2014-6277 and CVE-2014-6278 completely. orabug 19905421...
php security update
5.4.16-23.3 - fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710 5.4.16-23.2 - xmlrpc: fix out-of-bounds read flaw in mkgmtime CVE-2014-3668 - core: fix integer overflow in unserialize CVE-2014-3669 - exif: fix heap corruption issue in exifthumbnail CVE-2014-3670...
Unbreakable Enterprise kernel security update
2.6.39-400.215.11 - ALSA: control: Don't access controls outside of protected regions Lars-Peter Clausen Orabug: 19817786 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 - ALSA: control: Fix replacing user controls Lars-Peter Clausen Orabug: 19817748 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 - kvm:...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.36.8uek - auditsc: auditkrule mask accesses need bounds checking Andy Lutomirski Orabug: 19590638 CVE-2014-3917 - futex: Fix errors in nested key ref-counting Darren Hart Orabug: 19590443 CVE-2014-0205...
kernel security and bug fix update
2.6.32-431.29.2 - kernel futex: Fix errors in nested key ref-counting Denys Vlasenko 1094457 1094458 CVE-2014-0205 - net vxlan: fix NULL pointer dereference Jiri Benc 1114549 1096351 CVE-2014-3535 2.6.32-431.29.1 - mm hugetlb: ensure hugepage access is denied if hugepages are not supported Gustav...
openssl security update
0.9.7a-43.18.0.2 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability...
kernel security, bug fix, and enhancement update
kernel 2.6.18-371.8.1.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
mysql55-mysql security update
5.5.36-2 - Fix CVE-2014-0001 Related: 1055875 5.5.36-1 - Update to MySQL 5.5.36, for various fixes described at http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-36.html Including fixes for CVE-2014-0412, CVE-2014-0437, CVE-2013-5908, CVE-2013-5807, CVE-2014-0420, CVE-2014-0393,...
unbreakable enterprise kernel security update
2.6.39-400.109.6 - block: do not pass disk names as format strings Kees Cook Orabug: 17230083 CVE-2013-2851 - libceph: Fix NULL pointer dereference in auth client code Tyler Hicks Orabug: 17230108 CVE-2013-1059 - ipv6: ip6skdstcheck must not assume ipv6 dst Eric Dumazet Orabug: 17371078...
httpd security update
2.2.15-29.0.1.el64 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-29 - moddav: add security fix for CVE-2013-1896 991368...
unbreakable enterprise kernel security update
2.6.39-400.109.3 - Revert 'be2net: enable interrupts in probe' Jerry Snitselaar Orabug: 17179597 2.6.39-400.109.2 - be2net: enable interrupts in probe Jerry Snitselaar Orabug: 17080364 - Bluetooth: RFCOMM - Fix missing msgnamelen update in rfcommsockrecvmsg Mathias Krause Orabug: 17173830...
kvm security update
kvm-83-262.0.1.el59.3 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83-262.el53 - kvm-kernel-kvm-accept-unaligned-MSRKVMSYSTEMTIME-writes.patch bz947363 - Resolves: bz947363 RHEL.5.8.32 guest hang when installing kvm-83-262.el52 -...
java-1.6.0-openjdk security update
1:1.6.0.0-1.54.1.11.6 - removed patch8 revertTwoWrongSecurityPatches2013-02-06.patch - added patch8: 7201064.patch to be reverted - added patch9: 8005615.patch to fix the 6664509.patch - Resolves: rhbz906707 1:1.6.0.0-1.53.1.11.6 - added patch8 revertTwoWrongSecurityPatches2013-02-06.patch to...
wireshark security, bug fix, and enhancement update
1.0.15-5.0.1.el5 - Added oracle-ocfs2-network.patch - increase max packet size to 65536 Herbert van den Bergh orabug 13542633 1.0.15-5 - fixed CVE-2012-4285, CVE-2012-4289, CVE-2012-4291 and CVE-2012-4290 849521 1.0.15-4 - fixed NetDump dissector 484999 1.0.15-3 - fixed various flaws: CVE-2011-19...
Unbreakable Enterprise kernel security update
2.6.32-300.39.2 - ext4: fix undefined behavior in ext4fillflexinfo Xi Wang orabug 16020245 CVE-2012-2100 - Divide by zero in TCP congestion control Algorithm Jesper Dangaard Brouer orabug 16020447 CVE-2012-4565 - ipv6: discard overlapping fragment Luis Henriques orabug 16021354 CVE-2012-4444...
Unbreakable Enterprise kernel security update
2.6.39-300.17.3 - mm/hotplug: correctly add new zone to all other nodes zone lists Jiang Liu Orabug: 16020976 Bug-db: 14798 CVE-2012-5517 - Divide by zero in TCP congestion control Algorithm. Jesper Dangaard Brouer Orabug: 16020656 Bug-db: 14798 CVE-2012-4565 - Fix length of buffer copied in...
Unbreakable Enterprise kernel security and bug fix update
2.6.32-300.37.1. - sfc: Replace some literal constants with EFXPAGESIZE/EFXBUFSIZE Ben Hutchings Orabug: 14769994 - CVE-2012-3412 sfc: Fix maximum number of TSO segments and minimum TX queue size Ben Hutchings Orabug: 14769994 CVE-2012-3412 2.6.32-300.36.1. - dl2k: Clean up rioioctl Stephan Muell...
java-1.6.0-openjdk security update
1:1.6.0.0-1.49.1.11.4 - Updated to latest IedTea6 1.11.4 - Resolves: rhbz853345 1:1.6.0.0-1.48.1.11.3 - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz828752 1:1.6.0.0-1.47.1.11.3 - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: -...