8998 matches found
java-1.6.0-openjdk security update
1:1.6.0.40-1.13.12.4.0.1 - Add oracle-enterprise.patch 1:1.6.0.40-1.13.12.4 - Bump source tarballs to try and really fix TCK failures this time. - Resolves: rhbz1350043 1:1.6.0.40-1.13.12.3 - Bump source tarballs to missing -DNDEBUG on JDK native code. - Resolves: rhbz1350043 1:1.6.0.40-1.13.12.2...
kernel-uek security update
kernel-uek 4.1.12-37.6.1 - vfs: rename: check backing inode being equal Miklos Szeredi Orabug: 24010060 CVE-2016-6198 CVE-2016-6197 - vfs: add vfsselectinode helper Miklos Szeredi Orabug: 24010060 CVE-2016-6198 CVE-2016-6197 - ovl: verify upper dentry before unlink and rename Miklos Szeredi Orabu...
java-1.8.0-openjdk security update
1:1.8.0.101-3.b13 - Replace bad 8159244 patch from upstream 8u with fresh backport from OpenJDK 9. - Resolves: rhbz1350034 1:1.8.0.101-2.b13 - Add missing hunk from 8147771, missed due to inclusion of unneeded 8138811 - Resolves: rhbz1350034 1:1.8.0.101-1.b13 - Add workaround for a typo in the...
ImageMagick security update
6.7.2.7-4 - Add fix for CVE-2016-3714, CVE-2016-3715, CVE-2016-3716 and CVE-2016-3717...
java-1.7.0-openjdk security update
1:1.7.0.101-2.6.6.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.101-2.6.6.1 - added Patch666 fontpath.patch to fix tck regressions - Resolves: rhbz1325427 1:1.7.0.101-2.6.6.0 - Fix ztos handling in templateTableppc64.cpp to be same as others in 7. - Resolves: rhbz1325427 1:1.7.0.101-2.6.6.0 - Bum...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.12uek - virtio-net: drop NETIFFFRAGLIST Jason Wang Orabug: 22145596 CVE-2015-5156...
nss and nspr security update
nspr 4.10.8-2 - Resolves: Bug 1269359 - CVE-2015-7183 - nspr: heap-buffer overflow in PLARENAALLOCATE can lead to crash under ASAN, potential memory corruption rhel-5.11.z nss 3.19.1-2 - Resolves: Bug 1269354 - CVE-2015-7182 CVE-2015-7181...
jakarta-taglibs-standard security update
0:1.1.1-11.7 - Gracefully handle parsers without FSP support e.g. Java 5 GCJ - Resolves: CVE-2015-0254 0:1.1.1-11.6 - Prevent XXE and RCE in JSTL XML tags - Apply correction for previous CVE-2015-0254 patch prevent XXE in - Resolves: CVE-2015-0254 0:1.1.1-11.5 - Prevent XXE and RCE in JSTL XML ta...
gdk-pixbuf2 security update
2.24.1-6 - Fix CVE 2015-4491 - Resolves 1253210...
openssl security update
1.0.1e-42.8 - improved fix for CVE-2015-1791 - add missing parts of CVE-2015-0209 fix for corectness although unexploitable 1.0.1e-42.7 - fix CVE-2014-8176 - invalid free in DTLS buffering code - fix CVE-2015-1789 - out-of-bounds read in X509cmptime - fix CVE-2015-1790 - PKCS7 crash with missing...
libreoffice security, bug fix, and enhancement update
libabw 0.0.2-1 - new upstream release 0.0.2 - generate man pages for the tools 0.0.1-1 - new upstream release libcmis 0.4.1-5 - Related: rhbz1132065 coverity: fix mismatching exceptions 0.4.1-4 - a few use-after-free fixes for the C wrapper 0.4.1-3 - Resolves: rhbz1132065 rebase to 0.4.1 libetony...
krb5 security, bug fix and enhancement update
1.12.2-14 - fix for kinit -C loops 1184629, MIT/krb5 issue 243, 'Do not loop on principal unknown errors'. 1.12.2-13 - fix for CVE-2014-5352 1179856 'gssprocesscontexttoken incorrectly frees context MITKRB5-SA-2015-001' - fix for CVE-2014-9421 1179857 'kadmind doubly frees partial deserialization...
Unbreakable Enterprise kernel security update
2.6.39-400.215.15 - isofs: Fix unbounded recursion when processing relocated directories Jan Kara Orabug: 20224060 CVE-2014-5471 CVE-2014-5472 - x8664, traps: Stop using IST for SS Andy Lutomirski Orabug: 20224028 CVE-2014-9090 CVE-2014-9322...
glibc security and bug fix update
2.17-55.0.4.el70.3 - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. Jose E. Marchesi 2.17-55.3 - Fix wordexp to honour WRDENOCMD CVE-2014-7817, 1170118...
java-1.7.0-openjdk security and bug fix update
1:1.7.0.71-2.5.3.1.0.1.el511 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1:1.7.0.71-2.5.3.1 - Bump to 2.5.3 with security updates. - Remove obsolete patches which are now included upstream. - Disable LCMS via environment variables rather than maintaining a patch. -...
Unbreakable Enterprise kernel security update
3.8.13-44.1.1 - auditsc: auditkrule mask accesses need bounds checking Andy Lutomirski Orabug: 19590596 CVE-2014-3917...
tomcat security update
0:7.0.42-5 - Related: CVE-2013-4286 - Related: CVE-2013-4322 - Related: CVE-2014-0050 - revisit patches for above...
kernel security and bug fix update
kernel 2.6.18-371.9.1.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
qemu-kvm security and bug fix update
0.12.1.2-2.415.el65.10 - kvm-virtio-out-of-bounds-buffer-write-on-invalid-state-l.patch bz1095692 - kvm-usb-sanity-check-setupindex-setuplen-in-postload.patch bz1095743 - kvm-usb-sanity-check-setupindex-setuplen-in-postload-2.patch bz1095743 -...
libtasn1 security update
2.3-6 - added check for null pointer 1102336 2.3-5 - fix various DER decoding issues 1102336 2.3-4 - fix CVE-2012-1569 - missing length check when decoding DER lengths 804920...
Unbreakable Enterprise kernel security update
2.6.32-400.34.3 - inet: fix addrlen/msg-msgnamelen assignment in recverror and rxpmtu functions Hannes Frederic Sowa 18247290 CVE-2013-7263 CVE-2013-7265 2.6.32-400.34.2 - exec/ptrace: fix getdumpable incorrect tests Kees Cook 18239033 CVE-2013-2929 CVE-2013-2929 - inet: prevent leakage of...
libjpeg-turbo security update
1.2.1-3 - Resolves: 1031955 apply patch for CVE-2013-6630 1.2.1-2 - Resolves: 1031955 libjpeg-turbo: various flaws CVE-2013-6629...
samba security, bug fix, and enhancement update
3.6.9-164 - resolves: 1008574 - Fix offline logon cache not updating for cross child domain group membership. 3.6.9-163 - resolves: 1015359 - Fix CVE-2013-0213 and CVE-2013-0214 in SWAT. 3.6.9-162 - resolves: 978007 - Fix 'valid users' manpage documentation. 3.6.9-161 - resolves: 997338 - Fix...
java-1.7.0-openjdk security update
1.7.0.45-2.4.3.2.0.1.el6 - Update DISTRONAME in specfile 1.7.0.40-2.4.3.1.el6 - sync with rhel 6.5 to icedtea 2.4 because of pernament tck failures - nss kept disabled - Resolves: rhbz1017626 1.7.0.25-2.3.13.4.el6 - added back patch408 tck201310155.patch, to resolve one of tck failures - Resolves...
kernel security and bug fix update
kernel 2.6.18-371.1.2.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
samba3x security and bug fix update
3.6.6-0.136 - resolves: 984807 - CVE-2013-4124: DoS via integer overflow when reading an EA list 3.6.6-0.135 - Fix PIDL parsing with newer versions of gcc. - Fix dereferencing a unique pointer in the WKSSVC server. - resolves: 982484 3.6.6-0.134 - Check for system libtevent and require version...
Unbreakable Enterprise kernel Security update
2.6.39-400.17.2 - x86/msr: Add capabilities check Alan Cox Orabug: 16405007 CVE-2013-0268...
samba4 security, bug fix and enhancement update
4.0.0-55.rc4 - Fix dependencies of samba4-test package. - related: 896142 4.0.0-54.rc4 - Fix summary and description of dc subpackages. - resolves: 896142 - Remove conflicting libsmbclient.7 manpage. - resolves: 896240 4.0.0-53.rc4 - Fix provides filter rules to remove conflicting libraries from...
thunderbird security update
10.0.8-1.0.1.el63 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball 10.0.8-1 - Update to 10.0.8 ESR...
thunderbird security update
10.0.7-1.0.1.el63 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball 10.0.7-1 - Update to 10.0.7 ESR...
glibc security and bug fix update
2.3.4-2.57 - Use malloc as needed in fnmatch 769360 2.3.4-2.56 - Fix handling if newline in addmntent 769360 - Use correct type when casting dtag 769360. - Properly quite output of local 769360 - Check size of pattern in wide character representation in fnmatch 769360 - Report write error in addm...
nfs-utils security, bug fix, and enhancement update
1.2.3-15 - mout.nfs: Don't roll back to IPv4 whe IPv6 fails bz 744657 - rpcdebug: Added pNFS and FSCache debugging bz 747400 1.2.3-14 - mount.nfs: Backported how upstream handles the SIGXFSZ signal bz 697981 1.2.3-13 - mount.nfs: Reworked the code that deals with RLIMITFSIZE bz 697981 1.2.3-12 -...
bind97 security update
32:9.7.0-6.P2.4 - fix DOS against recursive servers 754398...
httpd security and bug fix update
2.2.3-53.0.2.el57.3 - Fix modssl always performing full renegotiation orabug 12423387 - replace index.html with Oracle's index page oracleindex.html - update vstring and distro in specfile 2.2.3-53.3 - add security fix for CVE-2011-3368 743903 - fix regressions in byterange handling 736593...
Oracle Linux 6 Unbreakable Enterprise kernel security fix update
2.6.32-100.37.1.el6uek - net gre: fix netns vs proto registration ordering CVE-2011-1767 - net tunnels: fix netns vs proto registration ordering CVE-2011-1768...
kernel security and bug fix update
2.6.32-131.2.1.el6 - kernel lib/vsprintf.c: add %pU to print UUID/GUIDs Frantisek Hrbata 704280 700299 - scsi megaraidsas: Driver only report tape drive, JBOD and logic drives Tomas Henzl 704601 619422 2.6.32-131.1.1.el6 - net dccp: handle invalid feature options length Jiri Pirko 703012 703013...
tomcat6 security and bug fix update
0:6.0.24-24 - Resolves: rhbz674601 - Removed wildcard in main %files that caused duplicate ownership - of log4j.properties 0:6.0.24-23 - Resolves: rhbz674601 - Reverse - tomcat user requires login shell - Reverse - rhbz 611244 tomcat-juli missing symlink - PM/QE decision to include only the...
java-1.6.0-openjdk security update
1:1.6.0.0-1.17.b17.0.1.el5 - Add oracle-enterprise.patch 1:1.6.0.0-1.17.b17.el5 - Updated to 1.7.7 tarball - Resolves: bz668487 - Also resolves bz668488...
rpm security and bug fix update
4.4.2.3-20.el55.1 - make the sbits removal behavior consistent with all the RHELs - add proper suffix for Z branch 4.4.2.3-19 - fix CVE-2010-2059, fails to drop SUID/SGID bits on package upgrade 626707 - fix SELinux memory leak 627630, patch from Florian Festi...
openldap security update
2.3.43-12.1 - fixed segfault issues in modrdn 606375 - added patch handling null char in TLS to compat package 606375, patch backported by Jan Vcelak...
firefox security, bug fix, and enhancement update
3.6.4-8.0.1.el4 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones 3.6.4-8.el4 - Update to 3.6.4 build 7 - Disable checking for updates since they can't be applied 3.6.4-7.el4 - Update to 3.6.4 build 6 3.6.4-6.el4 - Update to...
firefox security update
firefox: 3.0.12-1.0.1.el53 - Update firstrun and homepage URLs - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones - Added patch oracle-firefox-branding.patch 3.0.12-1 - Update to 3.0.12 xulrunner: 1.9.0.12-1.0.1.el53 - Added...
xpdf security update
3.00-20.el4 - Resolves: 490712, CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 revised patch that adds a fix for some potential problems, latest upstream patch 3.00-19.el4 - Resolves: 490712, CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 revised patch that adds a fix for badpage10910.pdf 3.00-18.el4 -...
Moderate: python security update
2.2.3-6.8 - Fix possible integer overflow in image ops - Fix off by one strxfrm malloc - Fix pypcre bugs - Resolves: 392031...
Critical: firefox security update
1.5.0.12-0.3.el4.0.1 - Add firefox-oracle-default-bookmarks.html and firefox-oracle-default-prefs.js for errata rebuild 1.5.0.12-0.3.el4 - Add a patch to stick with major versions 1.5.0.12 / 1.8.0.12 1.5.0.12-0.2.el4 - Update to latest snapshot of Mozilla 1.8.0 branch - Include patches for Mozill...
virt:ol and virt-devel:ol security and bug fix update
libvirt 8.0.0-10.1.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma 8.0.0-10.1.el8 - qemuprocess: Don't require a hugetlbfs mount for memfd rhbz2132176 - qemunamespace: Tolerate missing ACLs when creating a path in namespace...
container-tools security update
aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related: Jira:RHEL-2110 2:1.8.0-1 - update to...
edk2 security update
Tue Feb 27 2024 Aaron Young - Create new 20240227 release for OL9 which includes the following fixed CVEs: CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2022-36763 CVE-2022-36764 CVE-2022-36765 - Update to OpenSSL 3.0.10 which include...
pki-core:10.6 and pki-deps:10.6 security update
apache-commons-collections apache-commons-lang apache-commons-net bea-stax fasterxml-oss-parent 49-1 - Rebase to upstream version 49 26-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild 26-5 - Fix license tag 26-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora27MassRebuild...
glibc security update
2.28-236.0.1.13 - Forward port of Oracle patches. Reviewed-by: Jose E. Marchesi...