9180 matches found
ruby security update
1.8.7.374-3 - Fix REXML billion laughs attack via parameter entity expansion CVE-2014-8080. Resolves: rhbz1163993 - REXML incomplete fix for CVE-2014-8080 CVE-2014-8090. Resolves: rhbz1163993...
Unbreakable Enterprise kernel security update
3.8.13-44.1.1 - auditsc: auditkrule mask accesses need bounds checking Andy Lutomirski Orabug: 19590596 CVE-2014-3917...
jakarta-commons-httpclient security update
1:3.1-16 - Fix MITM security vulnerability - Resolves: CVE-2014-3577...
tomcat security update
0:7.0.42-5 - Related: CVE-2013-4286 - Related: CVE-2013-4322 - Related: CVE-2014-0050 - revisit patches for above...
Unbreakable Enterprise kernel security update
2.6.39-400.214.6 - aacraid: missing capable check in compat ioctl Dan Carpenter Orabug: 18721962 CVE-2013-6383 - vhost: fix total length when packets are too short Michael S. Tsirkin Orabug: 18721977 CVE-2014-0077...
httpd security update
2.2.15-30.0.1.el65 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-30 - moddav: add security fix for CVE-2013-6438 1078174 - modlogconfig: add security fix for CVE-2014-0098 1078174...
qemu-kvm security, bug fix, and enhancement update
qemu-kvm-0.12.1.2-2.415.el6 - kvm-target-i386-don-t-migrate-steal-time-MSR-on-older-ma.patch bz1022821 - Resolves: bz1022821 live-migration from RHEL6.5 to RHEL6.4.z fails with 'error while loading state for instance 0x0 of device 'cpu'' 0.12.1.2-2.414.el6 -...
java-1.7.0-openjdk security update
1.7.0.45-2.4.3.2.0.1.el6 - Update DISTRONAME in specfile 1.7.0.40-2.4.3.1.el6 - sync with rhel 6.5 to icedtea 2.4 because of pernament tck failures - nss kept disabled - Resolves: rhbz1017626 1.7.0.25-2.3.13.4.el6 - added back patch408 tck201310155.patch, to resolve one of tck failures - Resolves...
kernel security and bug fix update
kernel 2.6.18-371.1.2.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
glibc security and bug fix update
2.5-118.2 - Fix integer overflows in valloc and memalign. 1011804. 2.5-118.1 - Add support for newer L3 caches on x86-64 and correctly count the number of hardware threads sharing a cacheline 1011424...
Oracle Linux 5 kernel update
kernel 2.6.18-371.0.0.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
Unbreakable Enterprise kernel Security update
2.6.39-400.17.2 - x86/msr: Add capabilities check Alan Cox Orabug: 16405007 CVE-2013-0268...
samba4 security, bug fix and enhancement update
4.0.0-55.rc4 - Fix dependencies of samba4-test package. - related: 896142 4.0.0-54.rc4 - Fix summary and description of dc subpackages. - resolves: 896142 - Remove conflicting libsmbclient.7 manpage. - resolves: 896240 4.0.0-53.rc4 - Fix provides filter rules to remove conflicting libraries from...
firefox security update
firefox 10.0.11-1.0.1.el63 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 10.0.11-1 - Update to 10.0.11 ESR xulrunner 10.0.11-1.0.1.el63 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 10.0.11-1 - Update to 10.0.11 ESR...
Unbreakable Enterprise kernel Security update
2.6.39-200.33.1 - sfc: Replace some literal constants with EFXPAGESIZE/EFXBUFSIZE Ben Hutchings Orabug: 14769994 - CVE-2012-3412 sfc: Fix maximum number of TSO segments and minimum TX queue size Ben Hutchings Orabug: 14769994 CVE-2012-3412...
thunderbird security update
10.0.8-1.0.1.el63 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball 10.0.8-1 - Update to 10.0.8 ESR...
thunderbird security update
10.0.7-1.0.1.el63 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball 10.0.7-1 - Update to 10.0.7 ESR...
python security update
2.4.3-46.el58.2 - if hash randomization is enabled, also enable it within pyexpat Resolves: CVE-2012-0876 2.4.3-46.el58.1 - distutils.commands.register: create /.pypirc securely Resolves: CVE-2011-4944 - send encoding in SimpleHTTPServer.listdirectory to protect IE7 against potential XSS attacks...
firefox security and bug fix update
firefox: 10.0.3-1.0.1.el62 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 10.0.3-1 - Update to 10.0.3 ESR xulrunner: 10.0.3-1.0.1.el62 - Replace xulrunner-redhat-default-prefs.js with - xulrunner-oracle-default-prefs.js 10.0.3-1 - Update to 10.0.3 ESR...
glibc security and bug fix update
2.3.4-2.57 - Use malloc as needed in fnmatch 769360 2.3.4-2.56 - Fix handling if newline in addmntent 769360 - Use correct type when casting dtag 769360. - Properly quite output of local 769360 - Check size of pattern in wide character representation in fnmatch 769360 - Report write error in addm...
samba3x security update
3.5.4-0.83.2 - Security Release, add fix for CVE-2011-2724 - related: 722555 3.5.4-0.83.1 - Security Release, fixes CVE-2011-2694, CVE-2011-2522, CVE-2011-1678 - resolves: 722555...
Oracle Linux 6 Unbreakable Enterprise kernel security fix update
2.6.32-100.37.1.el6uek - net gre: fix netns vs proto registration ordering CVE-2011-1767 - net tunnels: fix netns vs proto registration ordering CVE-2011-1768...
openldap security update
2.4.19-15.2 - fix: security - DoS when submitting special MODRDN request 680975 2.4.19-15.1 - fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success - fix: CVE-2011-1025 rootpw is not verified for ndb backend...
tomcat6 security and bug fix update
0:6.0.24-24 - Resolves: rhbz674601 - Removed wildcard in main %files that caused duplicate ownership - of log4j.properties 0:6.0.24-23 - Resolves: rhbz674601 - Reverse - tomcat user requires login shell - Reverse - rhbz 611244 tomcat-juli missing symlink - PM/QE decision to include only the...
openoffice.org security update
openoffice.org 1.1.5-10.7.10 - Resolves: rhbz642175 openoffice.org various flaws - CVE-2010-4643 heap based buffer overflow when parsing TGA files 1.1.5-10.7.8 - Resolves: rhbz642175 openoffice.org various flaws - CVE-2010-3450 directory traversal flaws in handling of XSLT jar filter descriptions...
java-1.6.0-openjdk security update
1:1.6.0.0-1.17.b17.0.1.el5 - Add oracle-enterprise.patch 1:1.6.0.0-1.17.b17.el5 - Updated to 1.7.7 tarball - Resolves: bz668487 - Also resolves bz668488...
openssl security update
0.9.8e-12.7 - fix CVE-2010-4180 - completely disable code for SSLOPNETSCAPEREUSECIPHERCHANGEBUG 659462...
qspice security update
0.3.0-54.el55.2 - Fix unsafe accesses + spice: drop libpng from windows components 537849 + libspice: fix unsafe guest data accessing Resolves: 568719 + fix unsafe free call. Resolves: 568723 + spice server: fix unsafe cursor items handling. Resolves: 568719...
openldap security update
2.3.43-12.1 - fixed segfault issues in modrdn 606375 - added patch handling null char in TLS to compat package 606375, patch backported by Jan Vcelak...
libpng security update
2:1.2.10-7.1.el55.3 - Back-port fixes for CVE-2009-2042, CVE-2010-0205, CVE-2010-1205, CVE-2010-2249 Resolves: 609921...
firefox security, bug fix, and enhancement update
3.6.4-8.0.1.el4 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones 3.6.4-8.el4 - Update to 3.6.4 build 7 - Disable checking for updates since they can't be applied 3.6.4-7.el4 - Update to 3.6.4 build 6 3.6.4-6.el4 - Update to...
openldap security and bug fix update
2.3.43-12 - updated spec file, so the compat-libs linking patch applies correctly 2.3.43-11 - backported patch to handle null character in TLS certificates 560912 2.3.43-10 - updated chase-referral patch to compile cleanly - updated init script 562714 2.3.43-9 - updated ldap.sysconf to include...
kvm security and bug fix update
kvm-83-105.0.1.el54.13 - Add kvm-add-oracle-workaround-for-libvirt-bug.patch kvm-83-105.el54.13 - kvm-kernel-KVM-x86-emulator-limit-instructions-to-15-bytes.patch bz541164 - Resolves: bz541164 CVE-2009-4031 kernel: KVM: x86 emulator: limit instructions to 15 bytes rhel-5.4.z kvm-83-105.el54.12 -...
kernel security and bug fix update
2.6.9-89.0.11.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race avoidan...
firefox security update
firefox: 3.0.12-1.0.1.el53 - Update firstrun and homepage URLs - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones - Added patch oracle-firefox-branding.patch 3.0.12-1 - Update to 3.0.12 xulrunner: 1.9.0.12-1.0.1.el53 - Added...
Moderate: dbus security update
1.0.0-6.3.el51 - CVE-2008-0595: D-Bus security policy circumvention - Resolves: 432437 1.0.0-6.el51 - CVE-2006-6107: D-Bus denial of service - Resolves: 219601...
Critical: firefox security update
1.5.0.12-0.3.el4.0.1 - Add firefox-oracle-default-bookmarks.html and firefox-oracle-default-prefs.js for errata rebuild 1.5.0.12-0.3.el4 - Add a patch to stick with major versions 1.5.0.12 / 1.8.0.12 1.5.0.12-0.2.el4 - Update to latest snapshot of Mozilla 1.8.0 branch - Include patches for Mozill...
Important: xen security update
3.0.3-25.0.3.el5 - fix ethernet bonding in balanced-rr mode, respin rhbz215887 3.0.3-25.0.2.el5 - fix ethernet bonding in balanced-rr mode rhbz215887 3.0.3-25.0.1.el5 - disable qemu monitor mode, for security reasons rhbz230295 - fix IA64 shadow page table mode rhbz230459, rhbz230331...
Important: kernel security update
2.6.9-55.0.2.0.1 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix for nfs open call taking longer issue Chuck Lever orabug 5580407 bz 219412 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach...
Moderate: postgresql security update
7.4.17-1.RHEL4.1 - Update to PostgreSQL 7.4.17 for CVE-2007-2138, data loss bugs Resolves: 237680...
Critical thunderbird security update
1.5.0.8-0.1.1.el4 - defaults changed to oracle... 1.5.0.8-0.1.el4 - Update to 1.5.0.8 RC 1.5.0.7-0.1.el4 - Update to 1.5.0.7 1.5.0.5-0.el4.2 - Fix the launcher and icons 1.5.0.5-0.el4.1 - Update to 1.5.0.5...
nginx:1.24 security update
1.24.0-3.0.1 - Remove Red Hat references Orabug: 29498217 1:1.24.0-3 - Resolves: RHEL-157877 CVE-2026-32647 nginx:1.24/nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files - Resolves: RHEL-159436 CVE-2026-27651 nginx:1.24/nginx: NGINX: Denial of Service via undisclose...
virt:ol and virt-devel:ol security and bug fix update
hivex libguestfs libguestfs-winsupport 8.8-2 - Rebase to ntfs-3g 2022.10.3 - Fixes: CVE-2022-40284 - resolves: rhbz2236373 libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-33 - CVE-2023-3354 QEMU: VNC: improper I/O watch removal in TLS handshak...
edk2 security update
1.7.1 - Create new 1.7.1 release for OL7 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK2: In the Linux kernel...
Unbreakable Enterprise kernel security update
5.4.17-2136.335.4 caches for x8664. Imran Khan Orabug: 36951041 - printk: add kthread for long-running print Stephen Brennan Orabug: 36456582 - kdb: Use the passed prompt in kdbpositioncursor Douglas Anderson - driver core: Fix ueventshow vs driver detach race Dan Williams - pinctrl: ti:...
kernel security update
5.14.0-427.28.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
python3.11 security update
3.11.9-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.9-1 - Rebase to 3.11.9 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix expat tests for the latest expat security release Resolves: RHEL-33672, RHEL-33684...
edk2 security update
Tue Feb 27 2024 Aaron Young - Create new 20240227 release for OL9 which includes the following fixed CVEs: CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2022-36763 CVE-2022-36764 CVE-2022-36765 - Update to OpenSSL 3.0.10 which include...
nodejs:20 security update
nodejs 1:20.12.2-2 - Backport nghttp2 patch for CVE-2024-28182 1:20.12.2-1 - Rebase to version 20.12.0 Fixes: CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 node Fixes: CVE-2024-25629 c-ares nodejs-nodemon nodejs-packaging...
grafana security and bug fix update
9.2.10-8 - Rebuild with latest version of golang - resolves CVE-2024-1394...