8998 matches found
spice-vdagent security and bug fix update
0.20.0-3 - Fix mouse problems in multi-monitor environments under Wayland Resolves: rhbz1790904 rhbz1824610 0.20.0-2 - Resolves: CVE-2020-25650, CVE-2020-25651, CVE-2020-25652, CVE-2020-25653...
sqlite security update
3.26.0-13 - enabled fts3conf.test on s390x and ppc64 architectures 3.26.0-12 - Fixed CVE-2020-13434 1845843 - Fixed CVE-2020-15358 1855208...
Unbreakable Enterprise kernel security update
...
microcode_ctl security, bug fix and enhancement update
4:20200609-2.20201027.1.0.1 - add support for UEK6 kernels - remove no longer appropriate caveats for 06-2d-07 and 06-55-04 4:20200609-2.20201027.1 - Update Intel CPU microcode to microcode-20201027 release, addresses CVE-2020-8694, CVE-2020-8695, CVE-2020-8696, CVE-2020-8698 1893265, 1893253,...
kernel security and bug fix update
4.18.0-193.28.12.OL8 - Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x6...
nodejs:12 security and bug fix update
nodejs 1:12.18.4-2 - Resolves: RHBZ1883966 - nodejs-devel not installable due to missing brotli - Some spec fixes 12.18.4-1 - Rebase to 12.18.4 nodejs-nodemon nodejs-packaging...
systemd security and bug fix update
219-78.0.1 - Backport upstream patches related to private-tmp Sushmita Bhattacharya Orabug: 31561883 - backport upstream pstore tmpfiles patch Eric DeVolder Orabug: 31414539 - udev rules: fix memory hot add and remove Orabug: 31309730 - enable and start the pstore service Orabug: 30950903 - fix t...
virt:ol security update
qemu-kvm 2.12.0-99.0.1.el82.4 - Added bug30251155-remove-upstream-reference Orabug: 30251155 2.12.0-99.el82.4 - kvm-usb-fix-setuplen-init-CVE-2020-14364.patch bz1869708 - Resolves: bz1869708 CVE-2020-14364 qemu-kvm: QEMU: usb: out-of-bounds r/w access issue while processing usb packets rhel-8.2.0...
httpd:2.4 security update
modhttp2 1.11.3-3.1 - Resolves: 1869072 - CVE-2020-9490 httpd:2.4/modhttp2: httpd: Push diary crash on specifically crafted HTTP/2 header...
.NET Core 3.1 security and bugfix update
3.1.107-1.0.1 - Update patch to support 8.2 [email protected] - support OL release scheme [email protected] 3.1.107-1 - Update to .NET Core Runtime 3.1.7 and SDK 3.1.107 - Resolves: RHBZ1862593 - Resolves: RHBZ1861113...
java-1.8.0-openjdk security update
1:1.8.0.262.b10-0.1 - Update to aarch64-shenandoah-jdk8u262-b10. - Switch to GA mode for final release. - Update release notes for 8u262 release. - Fix typo in jfrarches which leads to ppc64 being wrongly excluded. - Split JDK-8042159 patch into per-repo patches as upstream. - Update JDK-8042159...
thunderbird security update
68.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.9.0-1 - Update to 68.9.0 build1...
python3 security and bug fix update
3.6.8-23.0.1.el8 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-23 - Modify the test suite to better handle disabled SSL/TLS versions and FIPS mode - Use OpenSSLs DRBG and disable os.getrandom function in FIPS mode Resolves: rhbz1754028, rhbz1754027, rhbz1754026, rhbz177447...
firefox security update
68.7.0-2.0.1.el81 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 68.7.0-2 - Update to 68.7.0 build3 68.6.1-1 - Update to 68.6.1 ESR Wed Mar 04 2020 Jan Hora...
squid security and bug fix update
7:3.5.20-15 - Resolves: 1690551 - Squid cachepeer DNS lookup failed when not all lower case - Resolves: 1680022 - squid cant display download/upload packet size for HTTPS sites - Resolves: 1717430 - Excessive memory usage when running out of descriptors - Resolves: 1676420 - Cache siblings return...
qemu-kvm security, bug fix, and enhancement update
1.5.3-173.el7 - kvm-tcpemu-Fix-oob-access.patch bz1791560 - kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch bz1791560 - kvm-slirp-use-correct-size-while-emulating-commands.patch bz1791560 - Resolves: bz1791560 CVE-2020-7039 qemu-kvm: QEMU: slirp: OOB buffer access while emulating tc...
firefox security update
68.5.0-2.0.1.el81 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 - Update to 68.5.0 build2...
nss security update
3.44.0-9 - Fix out-of-bounds write in NSCEncryptUpdate 1775912...
kernel security, bug fix, and enhancement update
4.18.0-147.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-147 - x86 perf/x86/intel: Fix spurious NMI on fixed counter Michael Petlan...
http-parser security update
2.7.1-8 - Backport needed test fixes - Related: rhbz1666024 - CVE-2018-7159 http-parser: nodejs: HTTP parser allowed for spaces inside Content-Length header values rhel-7 2.7.1-7 - Resolves: rhbz1666024 - CVE-2018-7159 http-parser: nodejs: HTTP parser allowed for spaces inside Content-Length head...
thunderbird security update
60.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.7.0-1 - Update to 60.7.0...
thunderbird security update
60.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.5.0-1 - Update to 60.5.0...
qemu security update
15:3.0.0-3.el7 - monitor: guard iothread access by mon-useiothread Wolfgang Bumiller Orabug: 29046045 - monitor: delay monitor iothread creation Wolfgang Bumiller Orabug: 29010480 - Revert 'qmp: isolate responses into io thread' Marc-Andre Lureau Orabug: 29010480 - usb-mtp: outlaw slashes in...
bind security update
32:9.9.4-61.1 - Fix CVE-2018-5740...
kernel security and bug fix update
kernel 2.6.18-419.0.0.0.10 - Backport CVE-2017-5715 to RHCK/OL5 orabug 27787723 2.6.18-419.0.0.0.9 - rebuild with retpoline compiler...
git security update
1.8.3.1-14 - Backport fix for CVE-2018-1123 - Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1...
wpa_supplicant security update
1:0.7.3-9.2 - Fix backport errors CVE-2017-13077, CVE-2017-13080 1:0.7.3-9.1 - avoid key reinstallation CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082...
Unbreakable Enterprise kernel security update
2.6.39-400.297.8 - Bluetooth: Properly check L2CAP config option output buffer length Ben Seri Orabug: 26796428 CVE-2017-1000251 2.6.39-400.297.7 - xen: fix bio vec merging Roger Pau Monne Orabug: 26645562 CVE-2017-12134 - fs/exec.c: account for argv/envp pointers Kees Cook Orabug: 26638926...
kernel security update
kernel - 2.6.18-419.0.0.0.3 - nfsd: stricter decoding of write-like NFSv2/v3 ops orabug 26586706 CVE-2017-7895...
kernel security update
3.10.0-514.21.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.21.2 - mm enlarge stack guard gap Larry Woodman 1452732 1452733...
java-1.6.0-openjdk security update
1:1.6.0.40-1.13.12.4.0.1 - Add oracle-enterprise.patch 1:1.6.0.40-1.13.12.4 - Bump source tarballs to try and really fix TCK failures this time. - Resolves: rhbz1350043 1:1.6.0.40-1.13.12.3 - Bump source tarballs to missing -DNDEBUG on JDK native code. - Resolves: rhbz1350043 1:1.6.0.40-1.13.12.2...
java-1.8.0-openjdk security update
1:1.8.0.101-3.b13 - Replace bad 8159244 patch from upstream 8u with fresh backport from OpenJDK 9. - Resolves: rhbz1350034 1:1.8.0.101-2.b13 - Add missing hunk from 8147771, missed due to inclusion of unneeded 8138811 - Resolves: rhbz1350034 1:1.8.0.101-1.b13 - Add workaround for a typo in the...
Unbreakable Enterprise kernel security update
2.6.39-400.278.2 - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222773 CVE-2015-8767...
samba3x security update
3.6.23-12.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 19973497 3.6.23-12 - related: 1322685 - Update CVE patchset 3.6.23-11 - related: 1322685 - Update CVE patchset 3.6.23-10 - resolves: 1322685 - Fix CVE-2015-5370 - resolves: 1322685 - Fix CVE-2016-2110 -...
389-ds-base security and bug fix update
1.3.4.0-26 - release 1.3.4.0-26 - Resolves: bug 1299346 - deadlock on connection mutex DS 48341 1.3.4.0-25 - release 1.3.4.0-25 - Resolves: bug 1299757 - CVE-2016-0741 389-ds-base: Worker threads do not detect abnormally closed connections causing DoS 1.3.4.0-24 - release 1.3.4.0-24 - Resolves: b...
firefox security update
38.5.0-2.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.5.0-2 - Update to 38.5.0 ESR...
jakarta-taglibs-standard security update
0:1.1.1-11.7 - Gracefully handle parsers without FSP support e.g. Java 5 GCJ - Resolves: CVE-2015-0254 0:1.1.1-11.6 - Prevent XXE and RCE in JSTL XML tags - Apply correction for previous CVE-2015-0254 patch prevent XXE in - Resolves: CVE-2015-0254 0:1.1.1-11.5 - Prevent XXE and RCE in JSTL XML ta...
firefox security update
38.1.1-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.1.1-1 - Update to 38.1.1 ESR...
qemu-kvm security update
1.5.3-86.el71.2 - kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch bz1219269 - Resolves: bz1219269 EMBARGOED CVE-2015-3456 qemu-kvm: qemu: floppy disk controller flaw rhel-7.1.z...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.2uek - netfilter: conntrack: disable generic tracking for known protocols Florian Westphal Orabug: 20679631 CVE-2014-8160 - mac80211: fix fragmentation code, particularly for encryption Johannes Berg Orabug: 20673314 CVE-2014-8709 - tracing/syscalls: Ignore numbers outsid...
libreoffice security, bug fix, and enhancement update
libabw 0.0.2-1 - new upstream release 0.0.2 - generate man pages for the tools 0.0.1-1 - new upstream release libcmis 0.4.1-5 - Related: rhbz1132065 coverity: fix mismatching exceptions 0.4.1-4 - a few use-after-free fixes for the C wrapper 0.4.1-3 - Resolves: rhbz1132065 rebase to 0.4.1 libetony...
krb5 security, bug fix and enhancement update
1.12.2-14 - fix for kinit -C loops 1184629, MIT/krb5 issue 243, 'Do not loop on principal unknown errors'. 1.12.2-13 - fix for CVE-2014-5352 1179856 'gssprocesscontexttoken incorrectly frees context MITKRB5-SA-2015-001' - fix for CVE-2014-9421 1179857 'kadmind doubly frees partial deserialization...
glibc security and bug fix update
2.17-55.0.4.el70.3 - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. Jose E. Marchesi 2.17-55.3 - Fix wordexp to honour WRDENOCMD CVE-2014-7817, 1170118...
ruby security update
1.8.7.374-3 - Fix REXML billion laughs attack via parameter entity expansion CVE-2014-8080. Resolves: rhbz1163993 - REXML incomplete fix for CVE-2014-8080 CVE-2014-8090. Resolves: rhbz1163993...
Unbreakable Enterprise kernel security update
3.8.13-44.1.1 - auditsc: auditkrule mask accesses need bounds checking Andy Lutomirski Orabug: 19590596 CVE-2014-3917...
tomcat security update
0:7.0.42-5 - Related: CVE-2013-4286 - Related: CVE-2013-4322 - Related: CVE-2014-0050 - revisit patches for above...
qemu-kvm security and bug fix update
0.12.1.2-2.415.el65.10 - kvm-virtio-out-of-bounds-buffer-write-on-invalid-state-l.patch bz1095692 - kvm-usb-sanity-check-setupindex-setuplen-in-postload.patch bz1095743 - kvm-usb-sanity-check-setupindex-setuplen-in-postload-2.patch bz1095743 -...
libtasn1 security update
2.3-6 - added check for null pointer 1102336 2.3-5 - fix various DER decoding issues 1102336 2.3-4 - fix CVE-2012-1569 - missing length check when decoding DER lengths 804920...
Unbreakable Enterprise kernel security update
2.6.32-400.34.3 - inet: fix addrlen/msg-msgnamelen assignment in recverror and rxpmtu functions Hannes Frederic Sowa 18247290 CVE-2013-7263 CVE-2013-7265 2.6.32-400.34.2 - exec/ptrace: fix getdumpable incorrect tests Kees Cook 18239033 CVE-2013-2929 CVE-2013-2929 - inet: prevent leakage of...
libjpeg-turbo security update
1.2.1-3 - Resolves: 1031955 apply patch for CVE-2013-6630 1.2.1-2 - Resolves: 1031955 libjpeg-turbo: various flaws CVE-2013-6629...