8998 matches found
libexif security update
0.6.22-5 - Fix CVE-2020-0452 - Resolves: 1902593...
Unbreakable Enterprise kernel security update
2.6.39-400.328.1 - crypto: authenc - fix parsing key with misaligned rtalen Eric Biggers Orabug: 31535531 CVE-2020-10769 - crypto: authenc - Export key parsing helper function Mathias Krause Orabug: 31535531 CVE-2020-10769...
gd security update
Fri Mar 27 2020 [email protected] - 2.2.5-7 - Fix CVE-2018-14553 - Potential Null pointer dereference in gdImageClone Resolves: RHBZ1811788 - Fixed heap based buffer overflow in gdcolormatch.c:gdImageColorMatch in libgd as used in imagecolormatch Resolves: RHBZ1678104 CVE-2019-6977 - Fixed...
container-tools:ol8 security, bug fix, and enhancement update
...
kernel security update
3.10.0-1160.2.2.OL7 - Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.3 3.10.0-1160.2.2 - net bluetooth: l2ca...
zsh security update
5.5.1-6.el81.2 - improve printing of error messages introduced by the fix of CVE-2019-20044 5.5.1-6.el81.1 - drop privileges securely when unsetting PRIVILEGED option CVE-2019-20044...
nodejs:10 security update
nodejs 1:10.19.0-1 - Rebase to 10.19.0 to fix CVE-2019-15604 to CVE-2019-15606 1:10.16.3-1 - Rebase to 10.16.3 to fix CVE-2019-9511 to CVE-2019-9518 1:10.14.1-1 - Resolves: RHBZ1644207 - fixes node-gyp permissions - rebase 1:10.11.0-2 - BuildRequire nodejs-packaging for proper npm dependency...
fribidi security update
1.0.4-7 - Security fix for CVE-2019-18397 Resolves: rhbz1781226...
glibc security update
2.28-72.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...
dovecot security and bug fix update
1:2.2.36-10 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741788 1:2.2.36-9 - reset errno before iterating through users 1630410 1:2.2.36-8 - fix CVE-2019-3814: improper certificate...
python36:3.6 security update
python-PyMySQL 0.8.0-10 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 python-docs 3.6.7-2 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 python-docutils 0.14-12 - Bumping due to problems with modular RPM upgrade path 169558...
ovmf security update
20180508-3.gitee3198e672e2.el76.1 - ovmf-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch bz1684006 - ovmf-MdeModulePkg-RamDiskDxe-Restrict-on-RAM-disk-size-CV.patch bz1684006 - Resolves: bz1684006 CVE-2018-12180 OVMF: edk2: Buffer Overflow in BlockIo service for RAM disk rhel-7.6.z...
thunderbird security update
60.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.4.0-1 - Update to 60.4.0 60.3.0-1 - Update to 60.3.0 60.2.1-6 - Fixed missing calendar langpacks...
firefox security update
60.1.0-4.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.1.0-4 - Disabled jemalloc on all second arches 60.1.0-3 - Updated to 60.1.0 ESR build2 60.1.0-2 - Disabled jemalloc on second arches 60.1.0-1 - Updated to 60.1.0 ESR 60.0-12 - Fixing bundled libffi...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.7 - x86/entry/64: Dont use IST entry for BP stack Andy Lutomirski CVE-2018-8897...
glibc security, bug fix, and enhancement update
2.17-196 - Avoid large allocas in the dynamic linker 1452721 2.17-195 - Rounding issues on POWER 1457177 2.17-194 - Use a built-in list of system call names 1439165 2.17-193 - Inhibit FMA while compiling sqrt, pow 1413638 2.17-192 - Exclude lock elision support for older Intel hardware with Intel...
sudo security update
1.8.6p3-28 - Fixes CVE-2017-1000367 Resolves: rhbz1455399...
tomcat security, bug fix, and enhancement update
0:7.0.69-10 - Related: rhbz1368122 0:7.0.69-9 - Resolves: rhbz1362213 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz1368122 0:7.0.69-7 - Resolves: rhbz1362545 0:7.0.69-6 - Related: rhbz1201409 Added /etc/sysconfig/tomcat to the systemd unit fo...
file security, bug fix, and enhancement update
5.04-30 - fix CVE-2014-3538 unrestricted regular expression matching 5.04-29 - fix 1284826 - try to read ELF header to detect corrupted one 5.04-28 - fix 1263987 - fix bugs found by coverity in the patch 5.04-27 - fix CVE-2014-3587 incomplete fix for CVE-2012-1571 - fix CVE-2014-3710 out-of-bound...
pcre security update
8.32-15.1 - Fix CVE-2015-2328 infinite recursion compiling pattern with recursive reference in a group with indefinite repeat bug 1330508 - Fix CVE-2015-8385 buffer overflow caused by named forward reference to duplicate group number bug 1330508 - Fix CVE-2015-8386 buffer overflow caused by...
Unbreakable Enterprise kernel security update
2.6.39-400.278.2 - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222773 CVE-2015-8767...
samba3x security update
3.6.23-12.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 19973497 3.6.23-12 - related: 1322685 - Update CVE patchset 3.6.23-11 - related: 1322685 - Update CVE patchset 3.6.23-10 - resolves: 1322685 - Fix CVE-2015-5370 - resolves: 1322685 - Fix CVE-2016-2110 -...
java-1.7.0-openjdk security update
1:1.7.0.99-2.6.5.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.99-2.6.5.0 - Bump to 2.6.5 and u99b00. - Correct check for fsg.sh in tarball creation script - Resolves: rhbz1320656...
openssh security update
4.3p2-82.0.1 - change default value of MaxStartups - CVE-2010-5107 John Haxby orabug 22766491...
389-ds-base security and bug fix update
1.3.4.0-26 - release 1.3.4.0-26 - Resolves: bug 1299346 - deadlock on connection mutex DS 48341 1.3.4.0-25 - release 1.3.4.0-25 - Resolves: bug 1299757 - CVE-2016-0741 389-ds-base: Worker threads do not detect abnormally closed connections causing DoS 1.3.4.0-24 - release 1.3.4.0-24 - Resolves: b...
ruby193-ruby security update
1.9.3.484-50.0.1 - fix build issue: self test report 'dh key to small' 1.9.3.484-50 - Fix off-by-one stack-based buffer overflow in the encodes function CVE-2014-4975. Related: rhbz1164004 - Fix REXML billion laughs attack via parameter entity expansion CVE-2014-8080. Related: rhbz1164004 - REXML...
firefox security update
38.5.0-2.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.5.0-2 - Update to 38.5.0 ESR...
nss, nss-util, and nspr security update
nspr 4.10.8-2 - Resolves: Bug 1269360 - CVE-2015-7183 - nspr: heap-buffer overflow in PLARENAALLOCATE can lead to crash under ASAN, potential memory corruption nss 3.19.1-5.0.1 - Added nss-vendor.patch to change vendor 3.19.1-5 - Rebuild against updated NSPR 3.19.1-4 - Sync up with the rhel-6.6...
firefox security update
38.1.1-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.1.1-1 - Update to 38.1.1 ESR...
thunderbird security update
31.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 31.8.0-1 - Update to 31.8.0...
abrt security update
abrt 2.1.11-22.0.1 - Drop libreport-rhel and libreport-plugin-rhtsupport requires 2.1.11-22 - do not open the buildids file as the user abrt - do not unlink failed and big user core files - Related: 1212819, 1216973 2.1.11-21 - validate all D-Bus method arguments - Related: 1214610 2.1.11-20 -...
firefox security update
38.0-3.0.1.el71 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 38.0-3 - Enabled system nss - Removed unused patches 38.0-2 - Update to 38.0 ESR 38.0b8-0.11 - Update to 38.0 Beta 8 38.0b6-0.10 - Added patch for mozbz1152515 38.0b6-0.9 - Update to 38.0 Beta 6...
qemu-kvm security update
1.5.3-86.el71.2 - kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch bz1219269 - Resolves: bz1219269 EMBARGOED CVE-2015-3456 qemu-kvm: qemu: floppy disk controller flaw rhel-7.1.z...
openssl security update
1.0.1e-30.7 - update fix for CVE-2015-0287 to what was released upstream 1.0.1e-30.6 - fix CVE-2015-0209 - potential use after free in d2iECPrivateKey - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.2uek - netfilter: conntrack: disable generic tracking for known protocols Florian Westphal Orabug: 20679631 CVE-2014-8160 - mac80211: fix fragmentation code, particularly for encryption Johannes Berg Orabug: 20673314 CVE-2014-8709 - tracing/syscalls: Ignore numbers outsid...
libvirt security, bug fix, and enhancement update
1.2.8-16.0.1 - Replace docs/et.png in tarball with blank image 1.2.8-16 - qemu: don't setup cpuset.mems if memory mode in numatune is not 'strict' rhbz1186094 - lxc: don't setup cpuset.mems if memory mode in numatune is not 'strict' rhbz1186094 1.2.8-15 - qemu: Add missing goto error in...
389-ds-base security, bug fix, and enhancement update
1.3.3.1-13 - release 1.3.3.1-13 - Resolves: bug 1183655 - Fixed Covscan FORWARDNULL defects DS 47988 1.3.3.1-12 - release 1.3.3.1-12 - Resolves: bug 1182477 - Windows Sync accidentally cleared rawentry DS 47989 - Resolves: bug 1180325 - upgrade script fails if /etc and /var are on different file...
389-ds-base security, bug fix, and enhancement update
1.2.11.15-50 - Release 1.2.11.15-50 - Resolves: 1179099 - Problem with single value attribute MMR replication DS 47915, DS 569 1.2.11.15-49 - Release 1.2.11.15-49 - Resolves: 1180629 - CVE-2014-8105: information disclosure through 'cn=changelog' subtree - Resolves: 1179099 - Problem with single...
samba security update
4.1.1-38 - resolves: 1194132 - CVE-2015-0240: RCE in netlogon server...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.36.12 - HID: fix a couple of off-by-ones Jiri Kosina Orabug: 19849320 CVE-2014-3184 - ALSA: control: Protect user controls against concurrent access Lars-Peter Clausen Orabug: 20192545 CVE-2014-4652 - udf: Avoid infinite loop when processing indirect ICBs Jan Kara Orabug:...
ruby security update
1.8.7.374-3 - Fix REXML billion laughs attack via parameter entity expansion CVE-2014-8080. Resolves: rhbz1163993 - REXML incomplete fix for CVE-2014-8080 CVE-2014-8090. Resolves: rhbz1163993...
jakarta-commons-httpclient security update
1:3.1-16 - Fix MITM security vulnerability - Resolves: CVE-2014-3577...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.36.7uek - sctp: Fix skackbacklog wrap-around problem Xufeng Zhang Orabug: 19404246 CVE-2014-4667...
unbreakable enterprise kernel security update
2.6.39-400.215.6 - filter: prevent nla extensions to peek beyond the end of the message Mathias Krause Orabug: 19315782 CVE-2014-3144 CVE-2014-3145 2.6.39-400.215.5 - ntty: Fix nttywrite crash when echoing in raw mode Peter Hurley Orabug: 18756449 CVE-2014-0196 CVE-2014-0196...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.36.4uek - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229529 CVE-2014-4943 CVE-2014-4943 - ptrace,x86: force IRET path after a ptracestop Tejun Heo Orabug: 19230692 CVE-2014-4699...
tomcat6 security and bug fix update
0:6.0.24-72 - Related: CVE-2014-0075 - rebuild to generate javadoc - correctly. previous build generated 0-length javadoc 0:6.0.24-69 - Related: CVE-2014-0075 incomplete 0:6.0.24-68 - Related: CVE-2013-4322. arches needs to be specified - as in arches noarch, so docs/webapps will produce - full...
openssl097a and openssl098e security update
0.9.8e-18.0.1.el65.2 - Updated the description 0.9.8e-18.2 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability 0.9.8e-18 - fix for CVE-2012-2110 - memory corruption in asn1d2ireadbio 814185...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.29.3uek - block: do not pass disk names as format strings Jerry Snitselaar Orabug: 17230124 CVE-2013-2851 - afkey: initialize satype in keynotifypolicyflush Nicolas Dichtel Orabug: 17370765 CVE-2013-2237 - Bluetooth: L2CAP - Fix info leak via getsockname Mathias Krause Orabu...
tomcat6 security update
0:6.0.24-55 - Related: rhbz955976 CVE-2013-1976. Changed log location - so only root can use it. Touching TOMCATLOG is no longer - required 0:6.0.24-54 - Resolves: rhbz956771 Related: CVE-2012-3439 digest - authentication broken after errata for cve-2012-3439 - patch for 3439 corrected 0:6.0.24-5...
Unbreakable Enterprise kernel Security update
2.6.39-200.33.1 - sfc: Replace some literal constants with EFXPAGESIZE/EFXBUFSIZE Ben Hutchings Orabug: 14769994 - CVE-2012-3412 sfc: Fix maximum number of TSO segments and minimum TX queue size Ben Hutchings Orabug: 14769994 CVE-2012-3412...