9182 matches found
samba security update
3.6.23-30.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 18253258 3.6.23-30 - related: 1322686 - Update manpages 3.6.23-29 - related: 1322686 - Update CVE patchset 3.6.23-28 - related: 1322686 - Update manpages 3.6.23-27 - related: 1322686 - Update CVE patchset...
ruby193-ruby security update
1.9.3.484-50.0.1 - fix build issue: self test report 'dh key to small' 1.9.3.484-50 - Fix off-by-one stack-based buffer overflow in the encodes function CVE-2014-4975. Related: rhbz1164004 - Fix REXML billion laughs attack via parameter entity expansion CVE-2014-8080. Related: rhbz1164004 - REXML...
ntp security update
4.2.6p5-5.el67.4 - don't accept server/peer packets with zero origin timestamp CVE-2015-8138...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.2.4 - KEYS: Don't permit requestkey to construct a new keyring David Howells Orabug: 22373442 CVE-2015-7872 3.8.13-118.2.3 - dcache: Handle escaped paths in prependpath Eric W. Biederman Orabug: 22373283 - vfs: Test for and handle paths that are unreachable from their mntroo...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-98.5.2 - virtio-net: drop NETIFFFRAGLIST Jason Wang Orabug: 22145600 CVE-2015-5156 3.8.13-98.5.1 - netdev: fix NETIFFGSOUDPTUNNELBIT enum shift in i40e driver import Todd Vierling Orabug: 22066176...
sqlite security update
3.6.20-1.2 - Add patch for compiler warnings highlighted by rpmdiff. Related: rhbz1244727 3.6.20-1.el67.1 - fix for CVE-2015-3416 Resolves: 1244727...
krb5 security update
1.10.3-37 - fix for CVE-2014-5355 1193939 'krb5: unauthenticated denial of service in recvauthcommon and others' 1.10.3-36 - fix for CVE-2014-5353 1174543 'Fix LDAP misused policy name crash' 1.10.3-35 - Changelog fixes to make errata subsystem happy. 1.10.3-34 - fix for CVE-2014-5352 1179856...
389-ds-base security, bug fix, and enhancement update
1.3.3.1-13 - release 1.3.3.1-13 - Resolves: bug 1183655 - Fixed Covscan FORWARDNULL defects DS 47988 1.3.3.1-12 - release 1.3.3.1-12 - Resolves: bug 1182477 - Windows Sync accidentally cleared rawentry DS 47989 - Resolves: bug 1180325 - upgrade script fails if /etc and /var are on different file...
samba security update
4.1.1-38 - resolves: 1194132 - CVE-2015-0240: RCE in netlogon server...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.36.13uek - net: guard tcpsetkeepalive to tcp sockets Eric Dumazet Orabug: 20224099 CVE-2012-6657 - isofs: Fix unbounded recursion when processing relocated directories Jan Kara Orabug: 20224061 CVE-2014-5471 CVE-2014-5472 - x8664, traps: Stop using IST for SS Andy Lutomirski...
nss, nss-util, and nss-softokn security, bug fix, and enhancement update
nss 3.16.2.3-2.0.1.el70 - Added nss-vendor.patch to change vendor 3.16.2.3-2 - Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1165525 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 3.16.2.3-1 - Resolves: Bug 1165525 - Upgrade to NSS 3.16.2.3 for Firefox 31.3...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.36.11uek - net: sctp: fix panic on duplicate ASCONF chunks Daniel Borkmann Orabug: 20010592 CVE-2014-3687 - net: sctp: fix skboverpanic when receiving malformed ASCONF chunks Daniel Borkmann Orabug: 20010579 CVE-2014-3673...
Unbreakable Enterprise kernel Security update
kernel-uek 3.8.13-44.1.4.el7uek - USB: whiteheat: Added bounds checking for bulk command response James Forshaw Orabug: 19849334 CVE-2014-3185 - HID: fix a couple of off-by-ones Jiri Kosina Orabug: 19849317 CVE-2014-3181 - kvm: vmx: handle invvpid vm exit gracefully Petr Matousek Orabug: 19906300...
java-1.6.0-openjdk security and bug fix update
1:1.6.0.1-5.1.13.3 - updated to icedtea 1.13.3 - updated to openjdk-6-src-b31-15apr2014 - renmoved upstreamed patch7, 1.13fixes.patch - Resolves: rhbz1085009...
nss and nspr security, bug fix, and enhancement update
nspr 4.10.2-2 - Fix changelog comments - Resolves: rhbz1032466 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws rhel-5.10 4.10.2-1 - Update to nspr-4.10.2 - Remove an unused patch - Resolves: rhbz1032466 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws rhel-5.10 4.10.0...
Unbreakable Enterprise Kernel security update
2.6.39-400.211.2 - fs/compatioctl.c: VIDEOSETSPUPALETTE missing error check Kees Cook Orabug: 17842208 CVE-2013-1928 - Bluetooth: RFCOMM - Fix info leak via getsockname Mathias Krause Orabug: 17842129 CVE-2012-6545 - Bluetooth: RFCOMM - Fix info leak in ioctlRFCOMMGETDEVLIST Mathias Krause Orabug...
nss and nspr security, bug fix, and enhancement update
nspr 4.9.2-4 - Resolves: rhbz924741 - Rebase to nspr-4.9.5 nss 3.14.3-6 - Resolves: rhbz986969 - nssutilReadSecmodDB leaks memory 3.14.3-5 - Define -DNOFORKCHECK when compiling softoken for ABI compatibility - Remove the unused and obsolete nss-nochktest.patch - Resolves: rhbz949845 - RFERHEL5...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.29.2uek - Bluetooth: RFCOMM - Fix missing msgnamelen update in rfcommsockrecvmsg Mathias Krause Orabug: 17173824 CVE-2013-3225 - Bluetooth: fix possible info leak in btsockrecvmsg Mathias Krause Orabug: 17173824 CVE-2013-3224 - atm: update msgnamelen in vccrecvmsg Mathias...
openchange security, bug fix and enhancement update
evolution-mapi 0.28.3-12 - Add patch for RH bug 903241 Double-free on message copy/move 0.28.3-11 - Add patch for RH bug 902932 Cannot connect with latest samba 0.28.3-10 - Drop multilib by obsoleting evolution-mapi 0.28.3-9 RH bug 886914. 0.28.3-9 - Adapt to OpenChange 1.0 RH bug 767678. 0.28.3-...
java-1.7.0-openjdk security update
1.7.0.9-2.3.5.3.0.1.el63 - Update DISTRONAME in specfile 1.7.0.9-2.3.5.3.el63 - Sync logging fixes with upstream icedtea7-forest and jdk7u 1.7.0.9-2.3.5.1.el63 - Removed 6664509 backout and added 8005615 to fix the issue 1.7.0.9-2.3.5.el63.1 - Backed out 6664509 and 7201064.patch which cause...
gnome-vfs2 security and bug fix update
2.16.2-10.el5 - Prevent trash applet crashing 848822 2.16.2-9.el5 - Prevent deleting items linking out of the trash 586015 - Do not stat every file on an ClearCase mvfs filesystem 822817 - Do not silently skip directory having no read permission during copy 772307 - Allow trashing symlink to...
kernel security, bug fix, and enhancement update
kernel 2.6.18-308.24.1.el5 - Revert: scsi sg: fix races during device removal Ewan Milne 868950 861004 2.6.18-308.23.1.el5 - net bnx2x: Add remote-fault link detection Alexander Gordeev 870120 796905 - net bnx2x: Cosmetic changes Alexander Gordeev 870120 796905 - net rds-ping cause kernel panic...
thunderbird security update
10.0.11-1.0.1.el63 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 10.0.11-1 - Update to 10.0.11 ESR...
java-1.6.0-openjdk security update
1.6.0.0-1.27.1.10.8.0.1.el58 - Add oracle-enterprise.patch 1:1.6.0.0-1.27.1.10.8 - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added also to package.definition - Resolves:...
firefox security update
firefox: 10.0.5-1.0.1.el62 - Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js 10.0.5-1 - Update to 10.0.5 ESR xulrunner: 10.0.5-1.0.1.el62 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 10.0.5-1 - Update to 10.0.5 ESR 10.0.4-2 - Adde...
thunderbird security update
1.5.0.12-46.0.1.el4 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replaced clean.gif in tarball 1.5.0.12-46 - Added fixes from 1.9.2.26...
seamonkey security update
1.0.9-78.0.1.el4 - Add mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and remove corresponding RedHat ones 1.0.9-78.el4 - Added fixes from 1.9.2.26...
openssl security update
0.9.8e-20.1 - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes 771770 - fix for CVE-2011-4109 - double free in policy checks 771771 - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding 771775 - fix for CVE-2011-4619 - SGC restart DoS attac...
tomcat5 security update
0:5.5.23-0jpp.22 - Resolves: CVE-2011-0013 rhbz 675931 - Resolves: CVE-2010-3718 rhbz 675931 - Resolves: CVE-2011-1184 rhbz 744983 - Resolves: CVE-2011-2204 rhbz 719181...
perl security update
4:5.8.8-32.0.1.el57.6 - Up release number and rebuild 4:5.8.8-32.el5.6 - CVE-2010-2761 CVE-2010-4410 perl: CGI module multiple issues fixed by security patch based on commit from version 3.50 - Related: rhbz743626 4:5.8.8-32.el5.5 - CVE-2010-2761 CVE-2010-4410 perl: CGI module multiple issues fix...
postgresql84 security update
8.4.9-1.el57.1 - Update to PostgreSQL 8.4.9, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-9.html http://www.postgresql.org/docs/8.4/static/release-8-4-8.html including the fix for CVE-2011-2483 Resolves: 740739...
openswan security update
2.6.24-8.1 Resolves: 635058 CVE-2010-3302 CVE-2010-3308 CVE-2010-2752 CVE-2010-3753...
kernel security and bug fix update
2.6.9-89.31.1.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
seamonkey security update
1.0.9-60.0.1.el4 - Added mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and emoved corresponding RedHat ones 1.0.9-60.el4 - Added fixes from 1.9.1.11 1.0.9-59.el4 - Added fix for mozbz570451...
squid security and bug fix update
7:2.6.STABLE21-6 - Resolves: 561828 - CVE-2009-2855 CVE-2010-0308 squid various flaws rhel-5.5 7:2.6.STABLE21-5 - Resolves: 538738 - improved patch 7:2.6.STABLE21-4 - Resolves: 521926 - squid 'stop after stop' is not LSB compliant - Resolves: 496170 - Add arp filter option - Resolves: 516245 -...
php security update
5.1.6-24.5 - add security fix for CVE-2009-4142 543469 5.1.6-24.4 - build fix pdomysql on biarch systems 543469 5.1.6-24.3 - add security fixes for CVE-2009-2687, CVE-2009-3291, CVE-2009-3292, CVE-2009-3546 CVE-2009-4017 541597 - add build fix for mysqli on some biarch systems 543469...
wget security update
1.11.4-3 - add fix for CVE-2009-3490, incorrect verification of SSL certificate with NUL in name...
libxml and libxml2 security update
libxml: 1:1.8.17-9.3 - fix a couple of crash - Resolves: rhbg515226 libxml2: 2.6.26-2.1.2.8.0.1 - Add libxml2-enterprise.patch and update logos in tarball 2.6.26-2.1.2.8 - Fix a couple of crash CVE-2009-2414 and CVE-2009-2416 - Resolves: rhbz515236...
python security update
2.3.4-14.7.el48.2 - Fix all of the low priority security bugs: - Resolves: rhbz486329 - Multiple integer overflows in python core CVE-2008-2315 - Resolves: 455008 - PyStringFromStringAndSize does not check for negative size values CVE-2008-1887 - Resolves: 443810 - Multiple integer overflows...
ruby security update
1.8.5-5.el53.7 - security fixes. 505087 - CVE-2007-1558: APOP password disclosure vulnerability. - CVE-2009-0642: Incorrect checks for validity of X.509 certificates. - CVE-2009-1904: DoS vulnerability in BigDecimal...
poppler security update
0.5.4-4.4.el53.9 - Another fix of integer overflows. - Adds memory-allocation.patch. - Resolves: 490707 0.5.4-4.4.el53.8 - Change calling of exit to exit. - Adds exit-handling.patch. - Resolves: 490707 0.5.4-4.4.el53.7 - Improve handling of EOF at JBIG2Stream.cc. - Adds eof-handling.patch. -...
gpdf security update
2.8.2-7.7.2.el47.4 - More memory allocation checks. - Resolves: 490716 2.8.2-7.7.2.el47.3 - A small change of specfile. - Resolves: 490716 2.8.2-7.7.2.el47.2 - Fixes problems with memory allocation. - Resolves: 490716 2.8.2-7.7.2.el47.1 - Add patch for CVE-2009-0146, CVE-2009-0147, CVE-2009-0166....
Moderate: tcltk security update
8.3.5-92.8 - CVE-2008-0553 CVE-2007-5378 CVE-2007-4772 - problems: regexp, GIF overflow and also GIF overflow Resolves: 432511...
Critical: firefox security update
1.5.0.12-9.0.1 - Added Oracle specific links into default bookmarks 1.5.0.12-9 - Update to latest snapshot of Mozilla 1.8.0 branch - Added a patch with backported fixes from 1.8.1.12...
Moderate: httpd security update
2.0.46-70.ent.0.1 - use oracle index page oracleindex.html and logo removal - add apr-configure.patch 2.0.46-70.ent - add security fix for CVE-2007-6388 427235 - add security fix for modproxyftp UTF-7 XSS 427742 2.0.46-69.ent - add security fix for CVE-2007-3847 250759 - add security fixes for...
Important: kernel security update
2.6.9-55.0.12.0.1 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix for nfs open call taking longer issue Chuck Lever orabug 5580407 bz 219412 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach...
Important: kernel security and bug fix update
2.6.18-8.1.6.0.1.el5 -Fix bonding primary=ethX so it picks correct network Bert Barbe IT 101532 ORA 5136660 -Add entropy module option to e1000 John Sobecki ORA 6045759 -Add entropy module option to bnx2 John Sobecki ORA 6045759 2.6.18.8-1.6.el5 - bluetooth close information leaks in setsockopt...
389-ds-base security update
2.5.2-9 - Resolves: RHEL-83874 - CVE-2025-2487 389-ds-base: null pointer dereference leads to denial of service rhel-9.5.z - Resolves: RHEL-80712 - Increased memory consumption caused by NDN cache rhel-9.5.z - Resolves: RHEL-87194 - Some replication status data are reset upon a restart. rhel-9.5....
firefox security update
128.6.0-1.0.1 - Update to 128.6.0 build1 Orabug: 37460830CVE-2025-0237CVE-2025-0238 CVE-2025-0239CVE-2025-0240CVE-2025-0241CVE-2025-0242CVE-2025-0243 - Enable PipeWire camera support for RHEL 10 + backport upstream fixes for PipeWire camera support Fixes: RHEL-64749...
kernel security and bug fix update
5.14.0-427.24.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...