8998 matches found
kernel security and bug fix update
2.6.32-431.11.2 - net sctp: fix sctpsfdo51Dce to verify if peer is AUTH capable Daniel Borkmann 1070715 1067451 CVE-2014-0101 - vhost validate vhostgetvqdesc return value Michael S. Tsirkin 1062579 1058677 CVE-2014-0055 2.6.32-431.11.1 - net netpoll: take rcureadlockbh in netpollsendskbondev...
Unbreakable Enterprise Kernel security update
2.6.39-400.211.2 - fs/compatioctl.c: VIDEOSETSPUPALETTE missing error check Kees Cook Orabug: 17842208 CVE-2013-1928 - Bluetooth: RFCOMM - Fix info leak via getsockname Mathias Krause Orabug: 17842129 CVE-2012-6545 - Bluetooth: RFCOMM - Fix info leak in ioctlRFCOMMGETDEVLIST Mathias Krause Orabug...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.29.2uek - Bluetooth: RFCOMM - Fix missing msgnamelen update in rfcommsockrecvmsg Mathias Krause Orabug: 17173824 CVE-2013-3225 - Bluetooth: fix possible info leak in btsockrecvmsg Mathias Krause Orabug: 17173824 CVE-2013-3224 - atm: update msgnamelen in vccrecvmsg Mathias...
perl security update
4:5.10.1-130 - Resolves: 915692 - CVE-2012-5526 newline injection due to improper CRLF escaping in Set-Cookie and P3P headers - Resolves: 915692 - CVE-2012-6329 possible arbitrary code execution via Locale::Maketext - Resolves: 915692 - CVE-2013-1667 DoS in rehashing code...
1
kernel 2.6.18-348.2.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
java-1.7.0-openjdk security update
1.7.0.9-2.3.5.3.0.1.el63 - Update DISTRONAME in specfile 1.7.0.9-2.3.5.3.el63 - Sync logging fixes with upstream icedtea7-forest and jdk7u 1.7.0.9-2.3.5.1.el63 - Removed 6664509 backout and added 8005615 to fix the issue 1.7.0.9-2.3.5.el63.1 - Backed out 6664509 and 7201064.patch which cause...
mysql security update
5.1.67-1 - Update to 5.1.67, for assorted upstream bugfixes including CVEs announced in January 2013 Resolves: 901380...
gnome-vfs2 security and bug fix update
2.16.2-10.el5 - Prevent trash applet crashing 848822 2.16.2-9.el5 - Prevent deleting items linking out of the trash 586015 - Do not stat every file on an ClearCase mvfs filesystem 822817 - Do not silently skip directory having no read permission during copy 772307 - Allow trashing symlink to...
thunderbird security update
10.0.12-3.0.1.el63 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 10.0.12-3 - Update to 10.0.12 ESR...
kernel security, bug fix, and enhancement update
kernel 2.6.18-308.24.1.el5 - Revert: scsi sg: fix races during device removal Ewan Milne 868950 861004 2.6.18-308.23.1.el5 - net bnx2x: Add remote-fault link detection Alexander Gordeev 870120 796905 - net bnx2x: Cosmetic changes Alexander Gordeev 870120 796905 - net rds-ping cause kernel panic...
thunderbird security update
10.0.11-1.0.1.el63 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 10.0.11-1 - Update to 10.0.11 ESR...
firefox security update
firefox: 10.0.5-1.0.1.el62 - Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js 10.0.5-1 - Update to 10.0.5 ESR xulrunner: 10.0.5-1.0.1.el62 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 10.0.5-1 - Update to 10.0.5 ESR 10.0.4-2 - Adde...
openssl security and bug fix update
1.0.0-20.3 - fix problem with the SGC restart patch that might terminate handshake incorrectly - fix for CVE-2012-0884 - MMA weakness in CMS and PKCS7 code 802725 - fix for CVE-2012-1165 - NULL read dereference on bad MIME headers 802489...
seamonkey security update
1.0.9-78.0.1.el4 - Add mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and remove corresponding RedHat ones 1.0.9-78.el4 - Added fixes from 1.9.2.26...
thunderbird security update
1.5.0.12-46.0.1.el4 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replaced clean.gif in tarball 1.5.0.12-46 - Added fixes from 1.9.2.26...
tomcat5 security update
0:5.5.23-0jpp.22 - Resolves: CVE-2011-0013 rhbz 675931 - Resolves: CVE-2010-3718 rhbz 675931 - Resolves: CVE-2011-1184 rhbz 744983 - Resolves: CVE-2011-2204 rhbz 719181...
qemu-kvm security and bug fix update
qemu-kvm-0.12.1.2-2.160.el61.2 - kvm-virtio-guard-against-negative-vq-notifies.patch bz717403 - Resolves: bz717403 qemu-kvm: OOB memory access caused by negative vq notifies rhel-6.1.z qemu-kvm-0.12.1.2-2.160.el61 - kvm-Fix-phys-memory-client-pass-guest-physical-address-n.patch bz701771 -...
pidgin security and bug fix update
2.7.9-3.el6 - Add patch for RH bug 684685 zero-out crypto keys before freeing. 2.7.9-2.el6 - Add patch for CVE-2011-1091 RH bug 683031. 2.7.9-1.el6 - Update to 2.7.9 RH bug 616917. - Remove patches now included upstream: pidgin-2.6.6-clientLogin-proxy-fix.patch...
openswan security update
2.6.24-8.1 Resolves: 635058 CVE-2010-3302 CVE-2010-3308 CVE-2010-2752 CVE-2010-3753...
kernel security and bug fix update
2.6.9-89.31.1.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
libxml and libxml2 security update
libxml: 1:1.8.17-9.3 - fix a couple of crash - Resolves: rhbg515226 libxml2: 2.6.26-2.1.2.8.0.1 - Add libxml2-enterprise.patch and update logos in tarball 2.6.26-2.1.2.8 - Fix a couple of crash CVE-2009-2414 and CVE-2009-2416 - Resolves: rhbz515236...
ruby security update
1.8.5-5.el53.7 - security fixes. 505087 - CVE-2007-1558: APOP password disclosure vulnerability. - CVE-2009-0642: Incorrect checks for validity of X.509 certificates. - CVE-2009-1904: DoS vulnerability in BigDecimal...
poppler security update
0.5.4-4.4.el53.9 - Another fix of integer overflows. - Adds memory-allocation.patch. - Resolves: 490707 0.5.4-4.4.el53.8 - Change calling of exit to exit. - Adds exit-handling.patch. - Resolves: 490707 0.5.4-4.4.el53.7 - Improve handling of EOF at JBIG2Stream.cc. - Adds eof-handling.patch. -...
gpdf security update
2.8.2-7.7.2.el47.4 - More memory allocation checks. - Resolves: 490716 2.8.2-7.7.2.el47.3 - A small change of specfile. - Resolves: 490716 2.8.2-7.7.2.el47.2 - Fixes problems with memory allocation. - Resolves: 490716 2.8.2-7.7.2.el47.1 - Add patch for CVE-2009-0146, CVE-2009-0147, CVE-2009-0166....
php security and bug fix update
4.3.9-3.22.12 - set higher memorylimit in /usr/bin/pear 263501 4.3.9-3.22.11 - update to PEAR 1.4.9, matching RHEL-5 263501 bundle XMLRPC-1.5.0, ConsoleGetopt-1.2, ArchiveTar-1.3.1 fix paths in default pear.conf, installed PEAR registry replace /usr/bin/pear et al with simpler wrapper scripts...
Critical: firefox security update
1.5.0.12-9.0.1 - Added Oracle specific links into default bookmarks 1.5.0.12-9 - Update to latest snapshot of Mozilla 1.8.0 branch - Added a patch with backported fixes from 1.8.1.12...
Important: kernel security update
2.6.9-55.0.12.0.1 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix for nfs open call taking longer issue Chuck Lever orabug 5580407 bz 219412 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach...
Moderate: tomcat security update
5.5.23-0jpp.3.0.2 - Patch for CVE-2007-3382 and CVE-2007-3385 Resolves: rhbz254155 5.5.23-0jpp.3.0.1 - Patch for CVE-2007-3386 Resolves: rhbz254155...
Important: php security update
5.1.6-12.el5 - add security fix for CVE-2007-1864, SOAP redirect handling issue, FTP CRLF injection issue 235016 5.1.6-11.el5 - add security fix for CVE-2007-1718 235016 5.1.6-9.el5 - add security fix for CVE-2007-1583 235016 - add security fixes for CVE-2007-0455, CVE-2007-1001 235036 5.1.6-7.el...
Important: kernel security and bug fix update
2.6.18-8.1.6.0.1.el5 -Fix bonding primary=ethX so it picks correct network Bert Barbe IT 101532 ORA 5136660 -Add entropy module option to e1000 John Sobecki ORA 6045759 -Add entropy module option to bnx2 John Sobecki ORA 6045759 2.6.18.8-1.6.el5 - bluetooth close information leaks in setsockopt...
389-ds-base security update
2.5.2-9 - Resolves: RHEL-83874 - CVE-2025-2487 389-ds-base: null pointer dereference leads to denial of service rhel-9.5.z - Resolves: RHEL-80712 - Increased memory consumption caused by NDN cache rhel-9.5.z - Resolves: RHEL-87194 - Some replication status data are reset upon a restart. rhel-9.5....
webkit2gtk3 security update
2.42.5-1 - Update to 2.42.5 Resolves: RHEL-3961 2.42.4-1 - Update to 2.42.4 Resolves: RHEL-3961 Resolves: RHEL-19365 2.42.3-1 - Update to 2.42.3 Resolves: RHEL-3961 2.42.2-1 - Update to 2.42.2 Resolves: RHEL-3961 2.42.1-1 - Update to 2.42.1 Resolves: RHEL-3961 2.42.0-1 - Upgrade to 2.42.0 Resolve...
tigervnc security update
1.13.1-8.3 - Rebuild z-stream target Resolves: RHEL-30985 Resolves: RHEL-31015 1.13.1-8.2 - Fix crash caused by fix for CVE-2024-31083 Resolves: RHEL-30985 1.13.1-8.1 - Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents Resolves: RHEL-31015 ...
kernel security, bug fix, and enhancement update
5.14.0-427.13.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
skopeo security update
2:1.13.3-4 - Rebuild with golang 1.20.12: golang:net/http/internal: Denial of Service DoS via Resource Consumption via HTTP requests CVE-2023-39326...
kernel security update
5.14.0-362.18.1.el93.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
conmon security update
conmon 2.1.3-8 - address CVE-2023-39326 cri-o 1.25.5-1 - Added Oracle Specifile Files for cri-o cri-tools 1.25.0-3 - Resolve CVE-2023-39326 flannel-cni-plugin 1.0.1-4 - Resolve CVE-2023-39326 helm 3.11.1-3 - address CVE-2023-39326 istio 1.16.7-3 - Updated Golang to 1.20.12 to address CVE...
kernel security update
5.14.0-362.18.0.2 - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: schhfsc: upgrade 'rt' to 'sc' when it becomes a inner curve CVE-2023-4623 - dpll: core: Add DPLL framework base functions CVE-2023-6679 - dpll: spec: Add Netlink spec in YAML CVE-2023-6679 - dpl...
gimp security update
2:2.99.8-4 - fix CVE-2023-44441 - fix CVE-2023-44442 - fix CVE-2023-44443 - fix CVE-2023-44444...
postgresql:10 security update
10.23-3.0.1 - Resolves: CVE-2023-5869...
nodejs:20 security update
nodejs 1:20.8.1-1 - Update node and nghttp - Add fips patch - Fixes CVE-2023-44487 nghttp - Fixes CVE-2023-45143, CVE-2023-39331, CVE-2023-39332, CVE-2023-38552, CVE-2023-39333 nodejs-nodemon nodejs-packaging...
python27:2.7 security and bug fix update
babel 2.5.1-10 - Fix CVE-2021-20095 Resolves: rhbz1955615 2.5.1-9 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 2.5.1-8 - Fix unversioned requires/buildrequires - Resolves: rhbz1628242 2.5.1-7 - Remove unversioned binaries - Resolves: rhbz1613343 2.5.1-6 - Make...
samba security, bug fix, and enhancement update
evolution-mapi 3.40.1-6 - Related: 2190415 Rebuild against samba 4.18 openchange 2.3-41 - Related: 2190415 Rebuild against samba 4.18 samba 4.18.6-100 - related: rhbz2190415 - Update to version 4.18.6 - resolves: rhbz2211617 - Fix the rpcclient dfsgetinfo command 4.18.5-100 - resolves: rhbz222289...
nodejs security update
1:16.20.2-3.0.1 - Update nghttp2 to 1.57.0 Resolves: CVE-2023-44487...
java-11-openjdk security and bug fix update
1:11.0.21.0.9-1.0.1 - link atomic for ix86 build 1:11.0.21.0.9-1 - Update to jdk-11.0.21+9 GA - Update release notes to 11.0.21+9 - Remove system crypto policy patch which doesn't belong on RHEL 7 with no system policies - Update generatetarball.sh to be closer to upstream vanilla script inc. no...
bind security update
32:9.11.4-26.P2.15 - Limit the amount of recursion possible in control channel CVE-2023-3341...
Unbreakable Enterprise kernel security update
4.1.12-124.79.2 - net/sched: clsroute: No longer copy tcfresult on update to avoid use-after-free valis Orabug: 35814273 CVE-2023-4206 - net/sched: schqfq: account for stab overhead in qfqenqueue Pedro Tammela Orabug: 35636291 CVE-2023-3611 - rds: Fix lack of reentrancy for connection reset with...
linux-firmware security update
20230516-999.22.git6c9e0ed5.el8 - remove amd-ucode/README Orabug: 35645306 - Resolves 'Zenbleed' Orabug: 35650345 CVE-2023-20593...
open-vm-tools security and bug fix update
11.0.5-3.0.1 - fix spaces in vmware udev rule for scsi devices Orabug: 24461968 - Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. Orabug: 22815019 - Increase timeout for scsi devices on VMWare guests by adding a udev rule. - Created a new file 99-vmware-scsi-timeout.rules - Modified sp...
Image Builder security, bug fix, and enhancement update
cockpit-composer 45-1.0.1 - Make per page documentation links point to Oracle Linux Orabug: 32013095 45-1 - New upstream release 44-1 - New upstream release 43-1 - New upstream release 42-1 - New upstream release 40-1 - New upstream release 39-1 - New upstream release 38-1 - New upstream release...