9180 matches found
seamonkey security update
1.0.9-79.0.1.el4 - Add mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and remove corresponding RedHat ones 1.0.9-79.el4 - Added fix for mozbz727401...
php security update
5.3.3-3.6 - add security fix for CVE-2012-0830 786743...
kernel security and bug fix update
2.6.32-220.4.1.el6 - fs Revert 'proc: enable writing to /proc/pid/mem' Johannes Weiner 782649 782650 CVE-2012-0056 2.6.32-220.3.1.el6 - kernel Remove 'WARNING: at kernel/sched.c:5915' Larry Woodman 768288 766051 - x86 kernel: Fix memory corruption in module load Prarit Bhargava 769595 767140 -...
thunderbird security update
3.1.15-1.0.1.el61 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball 3.1.15-1 - Update to 3.1.15...
qt security update
1:4.6.2-17.1 - Resolves: rhbz737812 fix multiple flaws in Qt CVE-2011-3193, CVE-2011-3194...
firefox security and bug fix update
firefox: 3.6.18-1.0.1.el61 - Added firefox-oracle-default-prefs.js and removed firefox-redhat-default-prefs.js 3.6.18-1 - Update to 3.6.18 xulrunner: 1.9.2.18-2.0.1.el61 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 1.9.2.18-2 - Update to 1.9.2.18...
wireshark security update
1.0.15-1.0.1.el56.4 - Added oracle-ocfs2-network.patch 1.0.15-1.4 - fix few security issues - Resolves: CVE -2011-0024 CVE-2011-0538 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 CVE-2011-1143 612240 1.0.15-1.3 - recompile with -fno-strict-aliasing 1.0.15-1.2 - fix buffer overflow in ENTTEC dissector...
Unbreakable enterprise kernel security and bug fix update
Following Security fixes are included in this unbreakable enterprise kernel errata: CVE-2010-3432 The sctppacketconfig function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial o...
kernel security and bug fix update
2.6.9-89.0.26.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
sendmail security and bug fix update
8.13.8-8 - rpm attributes S,5,T not recorded for statistics file 8.13.8-7 - fix specfile for passing rpm -V test 555277 8.13.8-6.el5 - fix verification of SSL certificate with NUL in name 553618, CVE-2009-4565 - do not accept localhost.localdomain as valid address from smtp 449391 - skip colon...
kdelibs security update
3.5.4-25.0.1.el54.1 - Remove Version branding - Maximum rpm trademark logos removed pics/crystalsvg/-mime-rpm in tarball 3.5.4-25.1 - bump release 3.5.4-22.2 - Resolves: 539716, CVE-2009-0689, kdelibs remote array overrun...
cups security update
1:1.3.7-11:.4 - Applied patch to fix CVE-2009-3553 bug 530111, STR 3200. - Applied patch to fix CVE-2009-2820 bug 529833, STR 3367, STR 3401...
xpdf security update
2.02-17.el3 - Resolves: 527470, CVE-2009-0791 2.02-16.el3 - Resolves: 527470, CVE-2009-0791 2.02-15.el3 - Resolves: 527470, CVE-2009-0791...
openssh security, bug fix, and enhancement update
4.3p2-36 - tiny change in chroot sftp capability into openssh-server solve ls speed problem 440240 4.3p2-35 - workaround to plaintext recovery attack against CBC ciphers CVE-2008-5161 502230 4.3p2-34 - disable protocol 1 in the FIPS mode 4.3p2-33 - fix scp hangup on exit 454812 - call integrity...
apr-util security update
1.2.7-7.el53.1 - add security fixes for CVE-2009-0023, CVE-2009-1955, and CVE-2009-1956 504560...
net-snmp security update
5.3.1-24.2 - fix crash in bulk request processing 469373...
thunderbird security update
1.5.0.12-14.0.1 - Add thunderbird-oracle-default-prefs.js for errata rebuild 1.5.0.12-13 - Respun for mozilla bugs 439035,439735,440308 1.5.0.12-12 - Update patchset to fix regression as per 1.8.1.15...
cups security update
1.2.4-11.18:.1 - Applied patch to fix CVE-2008-1722 integer overflow in image filter, bug 441692, STR 2790...
Moderate: thunderbird security update
1.5.0.12-8.el4.0.1 - Add thunderbird-oracle-default-prefs.js for errata rebuild 1.5.0.12-8 - Update to latest snapshot of Mozilla 1.8.0 branch - Added a patch with backported fixes from 1.8.1.12...
Important: kernel security and bug fix update
2.6.9-67.0.4.0.1.EL - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach Brown orabug 5760648 - remove patch sysrq-b that queues upto keventd thread orab...
Moderate: postgresql security update
7.4.19-1.el46.1 - Update to PostgreSQL 7.4.19 to fix CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601 Resolves: 427135...
Important: mysql security update
4.1.20-3.RHEL4.1.el46.1 - Back-port upstream fixes for CVE-2007-5925, CVE-2007-5969. Resolves: 422181...
Critical: samba security and bug fix update
3.0.9-1.3E.14.3 - Security fix for CVE-2007-6015 - Fix for regression introduced with CVE-2007-4572 - resolves: 407321 - resolves: 389021...
Critical: firefox security update
1.5.0.12-0.7.el4.0.1 - Add firefox-oracle-default-bookmarks.html and firefox-oracle-default-prefs.js for errata rebuild 1.5.0.12-0.7.el4 - Update to latest snapshot of Mozilla 1.8.0 branch 1.5.0.12-0.6.el4 - added pathes for Mozilla bugs 325761 and 392149 1.5.0.12-0.5.el4 - added pathes for Mozil...
Moderate: tomcat security update
5.5.23-0jpp.1.0.4.el5 - Remove erroneous rebuild-gcj-db for javadoc subpackage - Add fixes for CVE-2007-2449 and CVE-2007-2450 - resolves: bug 244846, bug 244816...
Critical firefox security update
1.5.0.8-0.1.1.el4 - Replace default-bookmarks.html and default-prefs.js 1.5.0.8-0.1.el4 - Update to 1.5.0.8 RC 1.5.0.7-0.1.el4 - Update to 1.5.0.7 1.5.0.5-0.el4.1 - Update to 1.5.0.5...
Unbreakable Enterprise kernel security update
4.1.12-124.92.3 - memcgwriteeventcontrol: fix a user-triggerable oops Al Viro Orabug: 37070674 CVE-2024-45021 - ocfs2: fix races between hole punching and AIO+DIO Su Yue Orabug: 36835819 CVE-2024-40943 4.1.12-124.92.2 - fbdev: savage: Handle err return when savagefbcheckvar failed Cai Xinchen...
edk2 security update
Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...
bind9.16 security update
32:9.16.23-0.22 - Minor fix of reclimit test backport CVE-2024-1737 32:9.16.23-0.21 - Backport addition of max-records-per-type and max-records-per-type options CVE-2024-1737 32:9.16.23-0.20 - Resolve CVE-2024-1975 - Resolve CVE-2024-1737 - Resolve CVE-2024-4076 - Add ability to change runtime...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.334.6.el7 - loop: Fix a race between loop detach and loop open Gulam Mohamed Orabug: 36197800 - x86/bhi: Do not enable unnecessary BHI mitigation in OCI and Exadata VMs Alexandre Chartre Orabug: 36672495 - x86/bhi: Avoid warning in DB handler due to BHI mitigation Alexandre Chartre...
virt:kvm_utils1 security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libvirt 5.7.0-42 - Document CVEs as fixed Karl Heubaum CVE-2023-2700 - Fix off-by-one error in udevListInterfacesByStatus Martin Kletzander Orabug: 36364474 CVE-2024-1441 - libvirt- : Check caller-provided buffers to be NULL with size 0 Erik...
edk2 security update
Tue Feb 27 2024 Aaron Young - Create new 20240227 release for OL9 which includes the following fixed CVEs: CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2022-36763 CVE-2022-36764 CVE-2022-36765 - Update to OpenSSL 3.0.10 which include...
Unbreakable Enterprise kernel security update
4.14.35-2047.536.5 - mmc: core: Fix switch on gp3 partition Dominique Martinet - Revert 'Revert 'md/raid5: Wait for MDSBCHANGEPENDING in raid5d'' Song Liu - mm/memory-failure: fix an incorrect use of tail pages Liu Shixin - Revert 'x86/mm/identmap: Use gbpages only where full GB page should be...
java-11-openjdk security update
1:11.0.23.0.9-3.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:11.0.23.0.9-2 - Fix 11.0.22 release date in NEWS 1:11.0.23.0.9-1 - Update to jdk-11.0.23+9 GA - Update release notes to 11.0.23+9 - Switch to GA mode for release - Require tzdata 2024a due to upstream inclusion of JDK-8322725 - On...
java-1.8.0-openjdk security update
1:1.8.0.412.b08-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155...
kernel security update
5.14.0-362.18.0.13.OL9 - nfp: fix use-after-free in areacacheget Jialiang Wang CVE-2022-3545 - drivers: net: slip: fix NPD bug in sltxtimeout Duoming Zhou CVE-2022-41858 - can: afcan: fix NULL pointer dereference in canrcvfilter Oliver Hartkopp CVE-2023-2166 - RDMA/core: Fix resolvepreparesrc...
tigervnc security update
1.13.1-3.3 - xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367 - xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions CVE-2023-6377 - xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and...
containernetworking-plugins security update
1:1.3.0-6 - rebuild for following CVEs: CVE-2023-29409 CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 - Resolves: 2228743 - Resolves: 2237773 - Resolves: 2237776 - Resolves: 2237777 - Resolves: 2237778 1:1.3.0-5 - fix path to dhcp service - Resolves: RHEL-3140...
curl security update
7.76.1-26.el93.2 - fix cookie injection with none file CVE-2023-38546 7.76.1-26.el93.1 - socks: return error if hostname too long for remote resolve CVE-2023-38545...
kernel security, bug fix, and enhancement update
5.14.0-362.8.13.OL9 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
18 security update
nodejs 1:18.18.2-2 - Rebase to version 18.18.2 Resolves: CVE-2023-44487 CVE-2023-45143 CVE-2023-38552 CVE-2023-39333 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 nodejs-packaging 2021.06-4 - NPM bundler: also find namespaced bundled dependencies 2021.06-3 - Rebuilt for...
bind security update
32:9.16.23-11.2 - stack exhaustion in control channel code may lead to DoS CVE-2023-3341...
cross-gcc security update
12.1.1-2.0.4 - CVE-2023-4039 mitigation. Orabug 35752028. - Reviewed-by: Jose E. Marchesi...
18 security, bug fix, and enhancement update
nodejs 1:18.16.1-1 - Rebase to 18.16.1 Resolves: rhbz2188292 rhbz2187683 Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 - Replace /usr/etc/npmrc symlink with builtin configuration Resolves: rhbz2222285 nodejs-nodemon nodejs-packaging...
java-1.8.0-openjdk security and bug fix update
1:1.8.0.382.b05-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.382.b05-2 - CVE-2023-22045 and CVE-2023-22049 fixed - Release bump for Oracle rebuild 1:1.8.0.382.b05-1 - Update to shenandoah-jdk8u372-b05 GA - Update release notes for shenandoah-8u372-b05. - This tarball is embargoed...
bind9.16 security update
32:9.16.23-14.1 - Improve RBT overmem cache cleaning CVE-2023-2828...
Unbreakable Enterprise kernel security update
5.15.0-102.110.5 - RISC-V: Fix up a cherry-pick warning in setupvmfinal Alexandre Ghiti - Revert 'Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work' Liu Jian - riscv: mm: remove redundant parameter of createfdtearlypagetable Song Shuai - kernfs: change...
freerdp security update
2:2.4.1-5 - Fix 'implicit declaration of function' errors 2136155, 2145140 - 2:2.4.1-4 - CVE-2022-39282: Fix length checks in parallel driver 2136152 - CVE-2022-39283: Add missing length check in video channel 2136154 - CVE-2022-39316, CVE-2022-39317: Add missing length checks in zgfx 2145140 -...
grafana security and enhancement update
9.0.9-2 - resolve CVE-2022-39229 grafana: Using email as a username can prevent other users from signing in - resolve CVE-2022-2880 CVE-2022-41715 grafana: various flaws 9.0.9-1 - update to 9.0.9 tagged upstream community sources, see CHANGELOG - resolve CVE-2022-35957 grafana: Escalation from...
freeradius security and bug fix update
3.0.21-37 - Fix defect found by covscan Resolves: 2151705 3.0.21-36 - Fix multiple CVEs Resolves: 2151705 Resolves: 2151703 Resolves: 2151707 3.0.21-35 - Rebuild to add subpackages to CRB report Resolves: 2126380...