8998 matches found
NetworkManager and libnma security, bug fix, and enhancement update
libnma 1.8.30-2 - Rebuild with new gtk-doc to fix multilib issues rh 1853152 NetworkManager 1.30.0-7.0.1 - add connectivity check via Oracle servers Orabug: 32051972 - Disable the build of NetworkManager-config-connectivity- subpackage for 8.3 1:1.30.0-7 - initrd: set multi-connect=single for...
screen security update
4.1.0-0.27.2012314git3c2946 - fix CVE-2021-26937 1927063...
xterm security update
253-1.0.1 - fix xutf8.h to work with up-to-date Xlib - fix crash in combining character support CVE-2021-27135 orabug 32496959...
spice and spice-gtk security update
spice 0.14.2-1.1 - Fix multiple buffer overflows in QUIC decoding code Resolves: CVE-2020-14355 spice-gtk 0.37-1.2 - Fix multiple buffer overflows in QUIC decoding code Resolves: CVE-2020-14355...
dovecot security update
1:2.3.8-2.2 - fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts 1866755 - fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation 1866760 - fix CVE-2020-12674 crash due to assert in RPA implementation 1866767...
thunderbird security update
68.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.5.0-1 - Update to 68.5.0 build1...
git security update
2.18.4-2 - Update to release 2.18.4 - Resolves: CVE-2020-11008...
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
...
libarchive security update
3.1.2-14 - Fix patch application error 3.1.2-13 - Fix CVE-2019-18408: RAR use-after-free...
python27:2.7 security and bug fix update
...
Unbreakable Enterprise kernel security update
4.1.12-124.32.3 - scsi: sg: fixup infoleak when using SGGETREQUESTTABLE Hannes Reinecke Orabug: 26941755 CVE-2017-14991 - failover: allow name change on IFFUP slave interfaces Si-Wei Liu Orabug: 29707258 - Revert 'netfailover: delay taking over primary device to accommodate udevd renaming' Si-Wei...
java-11-openjdk security update
1:11.0.3.7-2.0.1 - link atomic for ix86 build Livy Ge 1:11.0.3.7-2 - Do not generate lib-style requires for -slowdebug subpackages. - Resolves: rhbz1693468 1:11.0.3.7-2 - Fix requires/provides for the non-system JDK case. JDK 11 is not a system JDK at this point. - Resolves: rhbz1693468...
gnupg2 security update
2.0.22-5 - fix CVE-2018-12020 - missing sanitization of original filename...
glibc security update
2.12-1.212.0.1 - backport rh patch 1047983 from OL7, Orabug 25407655 2.12-1.212 - CVE-2017-15670: glob: Fix one-byte overflow with GLOBTILDE 1504810 - CVE-2017-15804: glob: Fix buffer overflow in GLOBTILDE unescaping 1504810 2.12-1.211 - Avoid large allocas in the dynamic linker 1452717 2.12-1.21...
firefox security update
52.8.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 52.8.0-1 - Update to 52.8.0 ESR...
qemu-kvm security update
1.5.3-156.el75.1 - kvm-vga-add-ramaddrt-cast.patch bz1567913 - kvm-vga-fix-region-calculation.patch bz1567913 - Resolves: bz1567913 CVE-2018-7858 qemu-kvm: Qemu: cirrus: OOB access when updating vga display rhel-7 rhel-7.5.z...
java-1.7.0-openjdk security update
1:1.7.0.181-2.6.14.5.0.1 - Update DISTRONAME in specfile 1:1.7.0.181-2.6.14.5 - added depndence on latest c-j-c who do not have the incorrect jre-abrt handling - Resolves: rhbz1559766 1:1.7.0.181-2.6.14.3 - Bump release number to an unused one as rhel-7.5-z-java-unsafe-candidate wrongly using .el...
Unbreakable Enterprise kernel security update
2.6.39-400.298.6 - perf/hwbp: Simplify the perf-hwbp code, fix documentation Linus Torvalds Orabug: 27947612 CVE-2018-100199 2.6.39-400.298.5 - xen-netfront: fix rx stall when reqprodpvt goes back to more than zero again Dongli Zhang Orabug: 25053376 - x86/IBRS: Remove support for IBRSENABLEDUSER...
kernel security update
kernel 2.6.18-419.0.0.0.5 - fs fix kernel panic on boot on ia64 guests Honglei Wang orabug 26934100 2.6.18-419.0.0.0.4 - fs fix bug in loading of PIE binaries Michael Davidson orabug 26916951 CVE-2017-1000253...
sudo security update
1.7.2p1-29.0.2 - Fix CVE-2017-1000368...
bind security update
32:9.8.2-0.62.rc1.1 - Fix CVE-2017-3136 ISC change 4575 - Fix CVE-2017-3137 ISC change 4578...
openssh security and bug fix update
5.3p1-122 - Allow to use ibmca crypto hardware 1397547 - CVE-2015-8325: privilege escalation via user's PAM environment and UseLogin=yes 1405374 5.3p1-121 - Fix missing hmac-md5-96 from server offer 1373836 5.3p1-120 - Prevent infinite loop when Ctrl+Z pressed at password prompt 1218424 - Remove...
thunderbird security update
45.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 45.6.0-1 - Update to the latest upstream 45.6.0...
thunderbird security update
45.5.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 45.5.1-1 - Update to 45.5.1...
bind security update
30:9.3.6-25.P1.9 - Fix CVE-2016-2776 30:9.3.6-25.P1.8 - Fix issue with patch for CVE-2016-1285 and CVE-2016-1286 found by test suite 30:9.3.6-25.P1.7 - Fix CVE-2016-1285 and CVE-2016-1286 30:9.3.6-25.P1.6 - Fix CVE-2015-8704 30:9.3.6-25.P1.5 - Fix CVE-2015-8000 30:9.3.6-25.P1.4 - Fix CVE-2015-572...
golang security, bug fix, and enhancement update
1.6.3-1 - Resolves: rhbz1358278 - CVE-2016-5386 1.6.2-1 - rebase to 1.6.2 - Resolves: rhbz1346331...
ImageMagick security update
6.7.2.7-5 - Add fix for CVE-2016-3714, CVE-2016-3715, CVE-2016-3716 and CVE-2016-3717...
kernel security update
kernel 2.6.18-409 - fs ext4: limit group search loop for non-extent files Lukas Czerner 1301100 - fb vm: convert fbmmap to vmiomapmemory helper Jacob Tanenbaum 1035240 CVE-2013-2596 - s390 add dummy ioremappfnrange to asm-s390/pgtable.h Jacob Tanenbaum 1035240 CVE-2013-2596 - mm vm: add...
kernel-uek security update
kernel-uek 4.1.12-32.1.2 - KEYS: Fix keyring ref leak in joinsessionkeyring Yevgeny Pats Orabug: 22563965 CVE-2016-0728 4.1.12-32.1.1 - ocfs2: return non-zero stblocks for inline data John Haxby Orabug: 22218243 - xen/events/fifo: Consume unprocessed events when a CPU dies Ross Lagerwall Orabug:...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.2.5 - KEYS: Fix keyring ref leak in joinsessionkeyring Yevgeny Pats Orabug: 22563965 CVE-2016-0728...
qemu-kvm security update
0.12.1.2-2.479.el67.3 - kvm-net-pcnet-add-check-to-validate-receive-data-size-CV.patch bz1287950 - kvm-pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch bz1287950 - Resolves: bz1287950 CVE-2015-7504 CVE-2015-7512 qemu-kvm: various flaws rhel-6.7.z...
thunderbird security update
38.3.0-1.0.1.el67 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 38.3.0-1 - Update to 38.3.0...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-98.2.2 - sctp: fix ASCONF list handling Marcelo Ricardo Leitner Orabug: 21842668 CVE-2015-3212 - KEYS: ensure we free the assoc array edit if edit is valid Colin Ian King Orabug: 21842655 CVE-2015-1333...
qemu-kvm security fix update
1.5.3-86.el71.6 - kvm-rtl8139-avoid-nested-ifs-in-IP-header-parsing-CVE-20.patch bz1248764 - kvm-rtl8139-drop-tautologous-if-ip-.-statement-CVE-2015-.patch bz1248764 - kvm-rtl8139-skip-offload-on-short-Ethernet-IP-header-CVE.patch bz1248764 -...
bind97 security update
32:9.7.0-21.P2.3 - Fix CVE-2015-5722 32:9.7.0-21.P2.2 - Fix CVE-2015-5477 32:9.7.0-21.P2.1 - Fix CVE-2014-8500 1171972...
Unbreakable Enterprise kernel security update
2.6.39-400.250.9 - x86, tls: Interpret an all-zero struct userdesc as 'no segment' Andy Lutomirski Orabug: 21514969 - x86, tls, ldt: Stop checking lm in LDTempty Andy Lutomirski Orabug: 21514969 2.6.39-400.250.8 - KVM: x86: SYSENTER emulation is broken Nadav Amit Orabug: 21502740 CVE-2015-0239...
wireshark security, bug fix, and enhancement update
1.8.10-17.0.2 - Fix ocfs2 dissector John Haxby orabug 21505640 1.8.10-17.0.1.el6 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.8.10-17 - security patches - Resolves: CVE-2015-2189 CVE-2015-2191 1.8.10-16 - security patches - Resolves: CVE-2014-8710 CVE-2014-8711...
hivex security and bug fix update
1.3.3-4.3 - Add missing checks for small/truncated files resolves: rhbz1158993 - Fix typo in man page Win::Hivex.3.pm resolves: rhbz1164693...
openssl security update
0.9.8e-36.0.1 - Backport openssl 08-Jan-2015 security fixes John Haxby orabug 20409893 - fix CVE-2014-3570 - Bignum squaring may produce incorrect results - fix CVE-2014-3571 - DTLS segmentation fault in dtls1getrecord - fix CVE-2014-3572 - ECDHE silently downgrades to ECDH Client 0.9.8e-36 - als...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.4 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930553 CVE-2014-9584 - selinux: Permit bounded transitions under NONEWPRIVS or NOSUID. Stephen Smalley Orabug: 20930502 CVE-2014-3215 - Add PRGET,SETNONEWPRIVS to prevent execve from granting privs Andy...
firefox security update
firefox 31.5.0-2.0.1.el70 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 31.5.0-2 - Update to 31.5.0 ESR Build 2 xulrunner 31.5.0-1.0.1-el70 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNERVERSION from SOURCE2...
kernel security update
kernel 2.6.18-400.1.1 - x86 traps: stop using IST for SS Petr Matousek 1172809 CVE-2014-9322...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-55.1.1 - ALSA: control: Protect user controls against concurrent access Lars-Peter Clausen Orabug: 20192540 CVE-2014-4652 - target/rd: Refactor rdbuilddevicespace + rdreleasedevicespace Nicholas Bellinger Orabug: 20192516 CVE-2014-4027 - HID: logitech: perform bounds checking on...
libvirt security and bug fix update
0.10.2-46.0.1.el66.2 - Replace docs/et.png in tarball with blank image 0.10.2-46.el66.2 - qemu: allow restore with non-migratable XML input rhbz1155564 - qemu: Introduce qemuDomainDefCheckABIStability rhbz1155564 - Make ABI stability issue easier to debug rhbz1155564 - CVE-2014-3633: qemu:...
java-1.8.0-openjdk security update
1:1.8.0.25-1.b17 - Update to October CPU patch update. - Resolves: RHBZ1148896 1:1.8.0.20-3.b26 - fixed headless policytool moved to normal - jre/bin/policytool added to not headless exclude list - updated aarch694 source - ppc64le synced from fedora - Resolves: rhbz1081073 1:1.8.0.20-2.b26 -...
firefox security update
24.7.0-1.0.1.el65 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 24.7.0-1 - Update to 24.7.0 ESR...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-35.1.3.el6uek - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229497 CVE-2014-4943 CVE-2014-4943 - ptrace,x86: force IRET path after a ptracestop Tejun Heo Orabug: 19230689 CVE-2014-4699 - net: flowdissector: fail on evil iph-ihl Jason Wang...
Unbreakable Enterprise kernel security update
2.6.39-400.214.6 - aacraid: missing capable check in compat ioctl Dan Carpenter Orabug: 18721962 CVE-2013-6383 - vhost: fix total length when packets are too short Michael S. Tsirkin Orabug: 18721977 CVE-2014-0077...
httpd security update
2.2.15-30.0.1.el65 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-30 - moddav: add security fix for CVE-2013-6438 1078174 - modlogconfig: add security fix for CVE-2014-0098 1078174...
thunderbird security update
24.3.0-2.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Make sure build with nspr-devel = 4.10.0 24.3.0-2 - Update to 24.3.0 ESR Build 2 24.3.0-1 - Update to 24.3.0 24.2.0-2 - Fixed requested nspr/nss versions...