9182 matches found
qemu-kvm security update
1.5.3-86.el71.2 - kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch bz1219269 - Resolves: bz1219269 EMBARGOED CVE-2015-3456 qemu-kvm: qemu: floppy disk controller flaw rhel-7.1.z...
libxml2 security update
2.9.1-5.0.1.el71.2 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-5.2 - Fix missing entities after CVE-2014-3660 fix - CVE-2014-0191 Do not fetch external parameter entities rhbz1195649 - Fix regressions introduced by CVE-2014-0191 patch...
openssl security update
1.0.1e-30.7 - update fix for CVE-2015-0287 to what was released upstream 1.0.1e-30.6 - fix CVE-2015-0209 - potential use after free in d2iECPrivateKey - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix...
libvirt security, bug fix, and enhancement update
1.2.8-16.0.1 - Replace docs/et.png in tarball with blank image 1.2.8-16 - qemu: don't setup cpuset.mems if memory mode in numatune is not 'strict' rhbz1186094 - lxc: don't setup cpuset.mems if memory mode in numatune is not 'strict' rhbz1186094 1.2.8-15 - qemu: Add missing goto error in...
389-ds-base security, bug fix, and enhancement update
1.2.11.15-50 - Release 1.2.11.15-50 - Resolves: 1179099 - Problem with single value attribute MMR replication DS 47915, DS 569 1.2.11.15-49 - Release 1.2.11.15-49 - Resolves: 1180629 - CVE-2014-8105: information disclosure through 'cn=changelog' subtree - Resolves: 1179099 - Problem with single...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.36.12 - HID: fix a couple of off-by-ones Jiri Kosina Orabug: 19849320 CVE-2014-3184 - ALSA: control: Protect user controls against concurrent access Lars-Peter Clausen Orabug: 20192545 CVE-2014-4652 - udf: Avoid infinite loop when processing indirect ICBs Jan Kara Orabug:...
jakarta-commons-httpclient security update
1:3.1-16 - Fix MITM security vulnerability - Resolves: CVE-2014-3577...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.36.7uek - sctp: Fix skackbacklog wrap-around problem Xufeng Zhang Orabug: 19404246 CVE-2014-4667...
qemu-kvm security and bug fix update
0.12.1.2-2.415.el65.10 - kvm-virtio-out-of-bounds-buffer-write-on-invalid-state-l.patch bz1095692 - kvm-usb-sanity-check-setupindex-setuplen-in-postload.patch bz1095743 - kvm-usb-sanity-check-setupindex-setuplen-in-postload-2.patch bz1095743 -...
openssl097a and openssl098e security update
0.9.8e-18.0.1.el65.2 - Updated the description 0.9.8e-18.2 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability 0.9.8e-18 - fix for CVE-2012-2110 - memory corruption in asn1d2ireadbio 814185...
libtasn1 security update
2.3-6 - added check for null pointer 1102336 2.3-5 - fix various DER decoding issues 1102336 2.3-4 - fix CVE-2012-1569 - missing length check when decoding DER lengths 804920...
Unbreakable Enterprise kernel security update
2.6.39-400.214.6 - aacraid: missing capable check in compat ioctl Dan Carpenter Orabug: 18721962 CVE-2013-6383 - vhost: fix total length when packets are too short Michael S. Tsirkin Orabug: 18721977 CVE-2014-0077...
mysql security and bug fix update
5.1.73-3 - Fixes for CVE-2014-0001 Resolves: 1055880 5.1.73-2 - Make mysqld init script more robust and ignore existing but non-being-used unix socket file Resolves: 1058719 5.1.73-1 - Update to MySQL 5.1.73, for various fixes described at...
libjpeg-turbo security update
1.2.1-3 - Resolves: 1031955 apply patch for CVE-2013-6630 1.2.1-2 - Resolves: 1031955 libjpeg-turbo: various flaws CVE-2013-6629...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.29.3uek - block: do not pass disk names as format strings Jerry Snitselaar Orabug: 17230124 CVE-2013-2851 - afkey: initialize satype in keynotifypolicyflush Nicolas Dichtel Orabug: 17370765 CVE-2013-2237 - Bluetooth: L2CAP - Fix info leak via getsockname Mathias Krause Orabu...
firefox security update
firefox 17.0.3-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 17.0.3-1 - Update to 17.0.3 ESR 17.0.2-4 - Added NM preferences 17.0.2-3 - Update to 17.0.2 ESR 17.0.1-2 - Update to 17.0.1 ESR 17.0-1 - Update to 17.0 ESR 17.0-0.2.b4 - Update to 17 Beta 4...
firefox security update
firefox 10.0.12-1.0.1.el63 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 10.0.12-1 - Update to 10.0.12 ESR xulrunner 10.0.12-1.0.1.el63 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 10.0.12-1 - Update to 10.0.12 ESR...
Unbreakable Enterprise kernel security update
2.6.32-300.32.3 - dl2k: Clean up rioioctl Stephan Mueller Orabug: 14675306 CVE-2012-2313 - hugetlb: fix resvmap leak in error path Christoph Lameter Orabug: 14676403 CVE-2012-2390 - rds: set correct msgnamelen Jay Fenlason Orabug: 14676504 CVE-2012-3430...
glibc security and bug fix update
2.12-1.47.el62.9 - Always use another area after a failed allocation in the main arena 795328 - Remove sse3 memcpy 695812 changes 799259 2.12-1.47.el62.8 - Avoid nargs integer overflow which could be used to bypass FORTIFYSOURCE 794815 2.12-1.47.el62.7 - Fix locking on malloc family retry paths...
xen security and bug fix update
3.0.3-135.el58.2 - Fix broken timestamp log rhbz 797836 3.0.3-135.el58.1 - qemu-dm/e1000: bounds packet size against buffer size rhbz 786862 - Use correct expansion in xen-network-common.sh rhbz 797191...
util-linux security, bug fix, and enhancement update
2.13-0.59.0.1.el5 - Merge UEK modification fix 10104470 - Import hwclock from util-linux-ng Kris Van Hees 2.13-0.59 - fix 768382 - CVE-2011-1675 CVE-2011-1677 util-linux various flaws 2.13-0.58 - fix 677452 - util-linux fails to build with gettext-0.17 2.13-0.57 - fix 646300 - login doesn't updat...
libvorbis security update
1.2.3-4.1 - fix CVE-2012-0444 787076...
glibc security, bug fix, and enhancement update
2.12-1.47 - Don't start AVC thread until credentials are installed 700507 2.12-1.46 - Update systemtaparches 2.12-1.45 - Update configure script 2.12-1.44 - Add gdb hooks 711927 2.12-1.43 - Don't assume ATPAGESIZE is always available 739184 - Define IPMULTICASTALL 738763 2.12-1.42 - Avoid race...
libxml2 security and bug fix update
2.7.6-4.0.1.el6 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-4 - Fixes another XPath problem CVE-2011-2834 - Resolves: rhbz732335 2.7.6-3 - Fixes various other issues in 2.7.6 XPath evaluation - Resolves: rhbz732335 2.7.6-2 - Fix a...
httpd security and bug fix update
2.2.3-53.0.2.el57.3 - Fix modssl always performing full renegotiation orabug 12423387 - replace index.html with Oracle's index page oracleindex.html - update vstring and distro in specfile 2.2.3-53.3 - add security fix for CVE-2011-3368 743903 - fix regressions in byterange handling 736593...
gcc and gcc4 security update
4.1.2-46.el54.2 - fix libjava to avoid opening .la/dlopening .so files from current working directory or subdirectories thereof 545672, CVE-2009-3736...
ntp security update
4.1.2-6.el3 - fix DoS with mode 7 packets 532641, CVE-2009-3563 - fix buffer overflow in ntpq 532641, CVE-2009-0159...
xerces-j2 security update
0:2.7.1-7jpp.2.2 - Specifies target=1.3 for compilation Resolves: rhbz526017 0:2.7.1-7jpp.2.1 - Add patch for CVE-2009-2625 Resolves: rhbz526017...
openssl security, bug fix, and enhancement update
0.9.8e-12 - abort if selftests failed and random number generator is polled - mention EVPaes and EVPsha2xx routines in the manpages - add README.FIPS 0.9.8e-10 - fix CVE-2009-1386 CVE-2009-1387 DTLS DoS problems 503685, 503688 0.9.8e-9 - fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 DTLS DoS...
gnutls security update
1.4.1-3.1 - fix chain verification issue CVE-2008-4989 470079...
tomcat security update
5.5.23-0jpp.7.el52.1 - add patch for CVE-2008-1232 Resolves: rhbz457727 - add patch for CVE-2008-1947 Resolves: rhbz449916 - add patch for CVE-2008-2370 Resolves: rhbz458634 - add patch for CVE-2008-2938 Resolves: rhbz456214...
samba security and bug fix update
3.0.28-1.el52.1 - Security fix for CVE-2008-1105 - Fix join verification - Fix smb signing - resolves: CVE-2008-1105 - resolves: 447380 - resolves: 444637...
mysql security and bug fix update
5.0.45-7 - Adjust thread stack requests to allow for platform-specific guard page size; necessary to prevent stack overrun on PPC with RHEL5's 64K page size. Resolves: 435391 - Remove calendar-dependent queries from 'view' test; necessary to get regression tests to pass after 2007. 5.0.45-6 -...
Moderate: tomcat security update
5.5.23-0jpp.3.0.3 - Patch for CVE-2007-5342 Resolves: bz 427776 - Patch for CVE-2007-5461 Resolves: bz 334561...
Important: cups security update
1.2.4-11.14:.4 - Prevent double-free when a browsed class has the same name as a printer or vice versa bug 433766, STR 2656. 1.2.4-11.14:.3 - pdftops: Fix invalid dereference from bad Info object found during testing of bug 356571. 1.2.4-11.14:.2 - Applied patch to fix CVE-2007-4045 bug 356571. -...
Critical: samba security update
3.0.25b-0.el51.1 - Security fix for CVE-2007-4138 - Security fix for CVE-2007-4572 - Security fix for CVE-2007-5398 - Multilib Fix - resolves: 351501 - resolves: 350761 - resolves: 359151 - resolves: 356851 -------------- next part -------------- An HTML attachment was scrubbed... URL:...
Important: tetex security update
2.0.2-22.0.1.EL4.10 - fix t1lib flaw CVE-2007-4033 356691 Resolves: 356691 2.0.2-22.0.1.EL4.9 - fix CVE-2007-4352 CVE-2007-5392 CVE-2007-5393, various xpdf flaws 356691 Resolves: 356691...
Important: perl security update
5.8.5-36.el45.2.0.1 - Added patch perl-5.8.5-OEL-mock-build.patch to disable test lib/Net/t/hostname.t, so that mock build succeeds 5.8.5-36.el4.2 - Resolves: bug323791 - fix previous patch 5.8.5-36.el4.1 - Resolves: bug323791 - fix regular expression UTF parsing errors...
Critical firefox security update
1.5.0.8-0.1.1.el4 - Replace default-bookmarks.html and default-prefs.js 1.5.0.8-0.1.el4 - Update to 1.5.0.8 RC 1.5.0.7-0.1.el4 - Update to 1.5.0.7 1.5.0.5-0.el4.1 - Update to 1.5.0.5...
Important php security update
4.3.9-3.22 - avoid default pear.conf change 4.3.9-3.21 - add security fix for CVE-2006-5465 from upstream 4.3.9-3.20 - add fix for phperror varargs use 199947 4.3.9-3.18 - rebuild 4.3.9-3.17 - add security fix from upstream: CVE-2006-4484 - add metaphone fix 205714 4.3.9-3.16 - add security fixes...
Important openssl security update
0.9.7a-43.14 - fix CVE-2006-2937 - mishandled error on ASN.1 parsing 207276 - fix CVE-2006-2940 - parasitic public keys DoS 207274 - fix CVE-2006-3738 - buffer overflow in SSLgetsharedciphers 206940 - fix CVE-2006-4343 - sslv2 client DoS 206940 0.9.7a-43.11 - fix CVE-2006-4339 - prevent attack on...
edk2:20220126gitbb1bba3d77 security update
20220126gitbb1bba3d77-13.el8.4 - edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch RHEL-60830 - Resolves: RHEL-60830 CVE-2024-38796 edk2: Integer overflows in PeCoffLoaderRelocateImage rhel-8.10.z...
edk2 security update
1.7.1 - Create new 1.7.1 release for OL7 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK2: In the Linux kernel...
httpd security update
2.4.57-11.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.57-11 - Resolves: RHEL-45792 - httpd: Encoding problem in modproxy CVE-2024-38473 2.4.57-9 - Resolves: RHEL-45766 - httpd: null pointer dereference in modproxy CVE-2024-38477 - Resolves: RHEL-45749 - httpd: Potentia...
nodejs:20 security update
nodejs 1:20.11.1-1 - Rebase to version 20.11.1 - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 high - Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 medium nodejs-nodemon nodejs-packaging...
kernel security update
4.18.0-513.18.1.0.19.OL8 - netfilter: nftables: reject QUEUE/DROP verdict parameters Orabug: 36461932 CVE-2024-1086 4.18.0-513.18.19.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted...
olcne security update
1.8.1-2 - Cleanup spec file 1.8.1-1 - Fix OLM upgrade failure - upgrade from 0.17.0 to 0.23.1 failed due to a couple of crds missing - Add hostpathRequiresPrivilged value to rook template cr to be passed to module operator - Fixed Istio-1.18 and Istio-1.19 installation on aarch64 architecture -...
nodejs:16 security update
nodejs 1:16.20.2-4.0.1 - reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks Resolves: CVE-2024-22019 nodejs-nodemon nodejs-packaging 26-1 - nodejs.prov: find namespaced bundled dependencies - Apply https://src.fedoraproject.org/rpms/nodejs-packaging/c/e24e7df...
tigervnc security update
1.13.1-2.7 - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20388 - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent Resolves: RHEL-20382 - Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching ...
nss security update
3.90.0-4 - Fix expired certs in tests - Fix CVE-2023-5388...