9182 matches found
librepo security update
1.8.1-8 - Validate paths read from repomd.xml RhBug: 1866500...
python-pip security update
9.0.3-18 - Patch for pip install allow directory traversal, leading to arbitrary file write Resolves: rhbz1868016 9.0.3-17 - Remove unused CA bundle from the bundled requests library Resolves: rhbz1775200...
grafana security, bug fix, and enhancement update
6.7.4-3 - apply patch for CVE-2020-13430 also to sources, not only to compiled webpack 6.7.4-2 - security fix for CVE-2020-13430 6.7.4-1 - update to 6.7.4 tagged upstream community sources, see CHANGELOG - security fix for CVE-2020-13379 6.7.3-1 - update to 6.7.3 tagged upstream community sources...
nss and nspr security, bug fix, and enhancement update
nspr 4.25.0-2 - Rebuild 4.25.0-1 - Update to NSPR 4.25 nss 3.53.1-11 - Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases default in RHEL8 3.53.1-10 - Disable dh timing test because it's unreliable on s390 3.53.1-9 - Explicitly enable...
thunderbird security update
68.3.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.3.0-3 - Update to 68.3.0 build2...
kernel security, bug fix, and enhancement update
4.18.0-193.el8.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-193.el8 - kvm KVM: PPC: Book3S HV: Use gfntopfnmemslot in HPT page fau...
qemu-kvm security and bug fix update
0.12.1.2-2.506.el610.7 - kvm-slirp-disable-tcpemu.patch bz1791680 - kvm-slirp-add-slirpfmt-helpers.patch bz1798966 - kvm-tcpemu-fix-unsafe-snprintf-usages.patch bz1798966 - Resolves: bz1791680 QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. rhel-6 - Resolves: bz1798966...
kernel security and bug fix update
kernel 2.6.18-419.0.0.0.10 - Backport CVE-2017-5715 to RHCK/OL5 orabug 27787723 2.6.18-419.0.0.0.9 - rebuild with retpoline compiler...
thunderbird security update
52.9.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.9.1-1 - Update to 52.9.1...
sssd and ding-libs security and bug fix update
ding-libs 0.4.0-13 - Resolves: rhbz1538061 - sssd/libiniconfig cannot parse configuration file with line longer than 5102 0.4.0-12 - Related: rhbz1377213 - ding-libs dont parse lines without an equal sign sssd 1.13.3-60.0.1 - Orabug 26746822 - revert patch 0118 to fix LDAP netgroup lookup problem...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.21.4 - x86/fpu: Make eager FPU default Mihai Carabas Orabug: 28156176 CVE-2018-3665 3.8.13-118.21.3 - KVM: Fix stack-out-of-bounds read in writemmio Wanpeng Li Orabug: 27951287 CVE-2017-17741 CVE-2017-17741 - xfs: set format back to extents if xfsbmapextentstobtree Eric...
kernel security update
3.10.0-862.3.3.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-862.3.3 - x86 always enable eager FPU by default on non-AMD processors Paolo...
thunderbird security update
52.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.8.0-1 - Update to 52.8.0...
policycoreutils security, bug fix, and enhancement update
2.5-22.0.1 - Lazy unmount private, shared entry Joe Jin orabug 12560705 2.5-22 - semanage: Fix fcontext help message 1499259 - semanage: Improve semanage-user.8 man page 1079946 - semodule: Improve man page 1337192 2.5-21 - Update translations 2.5-20 - setfiles: Mention customizable types in...
dnsmasq security update
2.76-2.2 - Small correction of CVE-2017-14491 2.76-2.1 - Fix CVE-2017-14491 - Fix CVE-2017-14492 - Fix CVE-2017-14493 - Fix CVE-2017-14494 - Fix CVE-2017-14496 - Fix CVE-2017-14495 - extra fixes...
bind security and bug fix update
32:9.8.2-0.62.rc1.4 - Fix CVE-2017-3142 and CVE-2017-3143 32:9.8.2-0.62.rc1.3 - Update root servers and trust anchors 1458234...
samba security and bug fix update
4.4.4-13 - resolves: 1437816 - Fix krb5 memory cache in libads sasl code - resolves: 1437741 - Fix CVE-2016-2125, CVE-2016-2126 and CVE-2017-2619...
samba4 security and bug fix update
4.2.10-9 - resolves: 1405358 - CVE-2016-2125 CVE-2016-2126 4.2.10-8 - Synchronize patches for Samba 4.2.10 with RHEL 7.2.z - Resolves: 1383685 - Update samba4 to be on par with RHEL 7.2.z...
openssh security update
4.3p2-82.0.1 - change default value of MaxStartups - CVE-2010-5107 John Haxby orabug 22766491...
samba4 security update
4.0.0-67.rc4 - resolves: 1290708 - CVE-2015-7540 - related: 1290708 - CVE-2015-5299 - related: 1290708 - CVE-2015-5296 - related: 1290708 - CVE-2015-5252 - related: 1290708 - CVE-2015-5330...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-98.1.2 - udp: fix behavior of wrong checksums Eric Dumazet Orabug: 21628850 CVE-2015-5364 CVE-2015-5366...
java-1.6.0-openjdk security update
1:1.6.0.36-1.13.8.1 - Update tarball to fix TCK regression PR2565 - Resolves: rhbz1235153 1:1.6.0.36-1.13.8.0 - Update to IcedTea 1.13.8 - Update nopr2125.patch to work against new version. - Resolves: rhbz1235153...
httpd security, bug fix, and enhancement update
2.2.15-45.0.1 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-45 - modproxybalancer: add support for 'drain mode' N 767130 2.2.15-44 - set SSLCipherSuite to DEFAULT:!EXP:!SSLv2:!DES:!IDEA:!SEED:+3DES 1086771 2.2.15-43 - revert DirectoryMatch patc...
php security update
5.1.6-45 - core: fix integer overflow in unserialize CVE-2014-3669 - exif: fix heap corruption issue in exifthumbnail CVE-2014-3670 - xmlrpc: fix buffer overflow in date parser 1155607...
php security update
5.4.16-23.3 - fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710 5.4.16-23.2 - xmlrpc: fix out-of-bounds read flaw in mkgmtime CVE-2014-3668 - core: fix integer overflow in unserialize CVE-2014-3669 - exif: fix heap corruption issue in exifthumbnail CVE-2014-3670...
bash security update
3.0-27.0.3 - Rework env function definition for safety Florian Weimer CVE-2014-7169...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-35.3.5.el7uek - net: Use netlinknscapable to verify the permisions of netlink messages Eric W. Biederman Orabug: 19404231 CVE-2014-0181 - net: Add variants of capable for use on netlink messages Eric W. Biederman Orabug: 19404231 - net: Add variants of capable for use on on...
kernel security and bug fix update
kernel 2.6.18-371.11.1 - fs dcache: fix cleanup on warning in dsplicealias Denys Vlasenko 1109720 1080606 - net neigh: Make neighaddtimer symmetrical to neighdeltimer Marcelo Ricardo Leitner 1111195 1109888 - net neigh: set NUDINCOMPLETE when probing router reachability Marcelo Ricardo Leitner...
openssl098e security update
0.9.8e-29.2 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability...
struts security update
1.2.9-4jpp.7 - Resolves: rhbz1092457 - CVE-2014-0114: Fixed ClassLoader manipulation vulnerability - Added dist tag to release...
kernel security and bug fix update
2.6.32-431.11.2 - net sctp: fix sctpsfdo51Dce to verify if peer is AUTH capable Daniel Borkmann 1070715 1067451 CVE-2014-0101 - vhost validate vhostgetvqdesc return value Michael S. Tsirkin 1062579 1058677 CVE-2014-0055 2.6.32-431.11.1 - net netpoll: take rcureadlockbh in netpollsendskbondev...
mysql55-mysql security update
5.5.36-2 - Fix CVE-2014-0001 Related: 1055875 5.5.36-1 - Update to MySQL 5.5.36, for various fixes described at http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-36.html Including fixes for CVE-2014-0412, CVE-2014-0437, CVE-2013-5908, CVE-2013-5807, CVE-2014-0420, CVE-2014-0393,...
samba3x security and bug fix update
3.6.6-0.136 - resolves: 984807 - CVE-2013-4124: DoS via integer overflow when reading an EA list 3.6.6-0.135 - Fix PIDL parsing with newer versions of gcc. - Fix dereferencing a unique pointer in the WKSSVC server. - resolves: 982484 3.6.6-0.134 - Check for system libtevent and require version...
perl security update
4:5.10.1-130 - Resolves: 915692 - CVE-2012-5526 newline injection due to improper CRLF escaping in Set-Cookie and P3P headers - Resolves: 915692 - CVE-2012-6329 possible arbitrary code execution via Locale::Maketext - Resolves: 915692 - CVE-2013-1667 DoS in rehashing code...
1
kernel 2.6.18-348.2.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
1
kernel 2.6.18-348.1.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
1
kernel: 2.6.18-308.8.2.0.1.el5 - net bonding: fix carrier detect when bond is down orabug 12377284 - mm fix hugetlb page leak Dave McCracken orabug 12375075 - fix ia64 build error due to add-support-above-32-vcpus.patchZhenzhong Duan - x86 use dynamic vcpuinfo remap to support more than 32 vcpus...
java-1.6.0-openjdk security update
1:1.6.0.0-1.43.1.10.6 - Updated to IcedTea6 1.10.6 - Resolves: rhbz787144 - Security fixes - S7082299: Fix in AtomicReferenceArray - S7088367: Fix issues in java sound - S7110683: Issues with some KeyboardFocusManager method - S7110687: Issues with TimeZone class - S7110700: Enhance exception...
qemu-kvm security and bug fix update
qemu-kvm-0.12.1.2-2.160.el61.2 - kvm-virtio-guard-against-negative-vq-notifies.patch bz717403 - Resolves: bz717403 qemu-kvm: OOB memory access caused by negative vq notifies rhel-6.1.z qemu-kvm-0.12.1.2-2.160.el61 - kvm-Fix-phys-memory-client-pass-guest-physical-address-n.patch bz701771 -...
pidgin security and bug fix update
2.7.9-3.el6 - Add patch for RH bug 684685 zero-out crypto keys before freeing. 2.7.9-2.el6 - Add patch for CVE-2011-1091 RH bug 683031. 2.7.9-1.el6 - Update to 2.7.9 RH bug 616917. - Remove patches now included upstream: pidgin-2.6.6-clientLogin-proxy-fix.patch...
libtiff security and bug fix update
3.9.4-1.el60.2 - Fix incorrect fix for CVE-2011-0192 Resolves: 688829 - Add fix for CVE-2011-1167 Resolves: 688742...
libvpx security update
0.9.0-8 - Fix CVE-2010-4203 Resolves: rhbz652440 0.9.0-7 - Import 0.9.0-6 package from Fedora - Add patch porting yasm syntax to gas Related: rhbz603113...
tetex security update
3.0-33.8.el5.5 - unify patches for CVE-2010-0739 and CVE-2010-1440 3.0-33.8.el5.4 - fix CVE-2010-1440 586819 3.0-33.8.el5.3 - initialize data in arithmetic coder elsewhere CVE-2009-0146 3.0-33.8.el5.2 - initialize dataLen to properly fix CVE-2009-0146 3.0-33.8.el5.1 - fix CVE-2010-0739...
httpd security and bug fix update
2.0.46-75.0.1.ent - use oracle index page oracleindex.html - remove logos in poweredby.gif and poweredbyrh.png - add apr-configure.patch 2.0.46-75.ent - add security fix for CVE-2009-1891 515705 - include fix for upstream PR 39605 2.0.46-74.ent - add security fixes for CVE-2009-2412 515705 - add...
cups security update
1:1.3.7-8:.4 - Applied additional patches by Tim Waugh for batch3892.pdf, batch4781.pdf, batch5486.pdf, batch19856.pdf, batch19869.pdf testing files from CERT bug 491864. - Resolves: rhbz492386. 1:1.3.7-8:.3 - Applied patches to fix CVE-2009-0163 bug 490596, CVE-2009-0146 bug 490612, CVE-2009-014...
kernel security and bug fix update
2.4.21-58.0.0.0.1.EL - add directio support for qla drivers herb ora 6346849 - support PT Quad card ora 5751043 - io to nfs partition hangs ora 5088963 - add entropy for bnx2 nic ora 5931647 - avoid large allocation-fragmentation in MTU zab - fix clear highpage wli 2.4.21-58.EL - copyuser doesn't...
Important: kernel security and bug fix update
2.6.18-53.1.14.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki orabug 6045759 - NET Fix msi issue with kexec/kdump Michael Chan orabug 6219364 - MM Fix allocpagesnode static nid' race made kernel crash Joe Jin orabug 6187457 - splice Fix bad unlockpage in error case Jens Axboe...
Important: xorg-x11-server security update
1.1.1-48.26.4.0.1 - Add Enterprise Linux detection 1.1.1-48.26.4 - cve-2007-5760.patch: XFree86-Misc Extension Invalid Array Index Vulnerability - cve-2007-5958.patch: Xorg / XFree86 file existence disclosure vulnerability - cve-2007-6427.patch: XInput Extension Memory Corruption Vulnerability -...
virt:ol and virt-devel:ol security and bug fix update
libvirt 8.0.0-10.1.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma 8.0.0-10.1.el8 - qemuprocess: Don't require a hugetlbfs mount for memfd rhbz2132176 - qemunamespace: Tolerate missing ACLs when creating a path in namespace...
.NET 8.0 security update
8.0.116-1.0.1 - Add support for Oracle Linux 8.0.116-1 - Update to .NET SDK 8.0.116 and Runtime 8.0.16 - Resolves: RHEL-89446...