9177 matches found
hivex security and bug fix update
1.3.3-4.3 - Add missing checks for small/truncated files resolves: rhbz1158993 - Fix typo in man page Win::Hivex.3.pm resolves: rhbz1164693...
wireshark security, bug fix, and enhancement update
1.8.10-17.0.2 - Fix ocfs2 dissector John Haxby orabug 21505640 1.8.10-17.0.1.el6 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.8.10-17 - security patches - Resolves: CVE-2015-2189 CVE-2015-2191 1.8.10-16 - security patches - Resolves: CVE-2014-8710 CVE-2014-8711...
qemu-kvm security update
0.12.1.2-2.448.el66.4 - kvm-pcnet-fix-Negative-array-index-read.patch bz1225886 - kvm-pcnet-force-the-buffer-access-to-be-in-bounds-during.patch bz1225886 - Resolves: bz1225886 EMBARGOED CVE-2015-3209 qemu-kvm: qemu: pcnet: multi-tmd buffer overflow in the tx path rhel-6.6.z...
tomcat security update
0:7.0.54-2 - Resovles: CVE-2014-0227...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.4 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930553 CVE-2014-9584 - selinux: Permit bounded transitions under NONEWPRIVS or NOSUID. Stephen Smalley Orabug: 20930502 CVE-2014-3215 - Add PRGET,SETNONEWPRIVS to prevent execve from granting privs Andy...
unzip security update
6.0-2 - Fix CVE-2014-9636 CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 Resolves: 1196132 1196120 1196124 1196128...
libvirt security and bug fix update
0.10.2-46.0.1.el66.2 - Replace docs/et.png in tarball with blank image 0.10.2-46.el66.2 - qemu: allow restore with non-migratable XML input rhbz1155564 - qemu: Introduce qemuDomainDefCheckABIStability rhbz1155564 - Make ABI stability issue easier to debug rhbz1155564 - CVE-2014-3633: qemu:...
krb5 security and bug fix update
1.6.1-78.el5 - gssapi: pull in upstream fix for a possible NULL dereference in spnego CVE-2014-4344, 1121509 1.6.1-77.el5 - fix what appears to be a cosmetic error in the patch for self-tests for CVE-2014-4341 1.6.1-76.el5 - run the backported self-tests, such as they are, for CVE-2014-4341...
tomcat6 security update
0:6.0.24-78 - Related: CVE-2013-4590 - remove xml schema names javaee5, - javaeewebservices12, and javaeewebservices12client - from descriptor.DigesterFactory initialization. These - schema definitions are not relevant to 6.0.24 as the version - of their spec did not exist at the time. 0:6.0.24-7...
nss and nspr security update
nspr 4.10.2-4 - Rebase to nspr-4.10.6 - Resolves: Bug 1116199 4.10.2-3 - Retagging - Resolves: rhbz1032466 nss 3.15.3-7 - Remove an unused patch - Related: Bug 1116199 3.15.3-6 - Fix race-condition in certificate validation - Resolves: Bug 1116199 3.15.3-5 - Remove two unused patches - Resolves:...
firefox security update
24.7.0-1.0.1.el65 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 24.7.0-1 - Update to 24.7.0 ESR...
httpd security update
2.2.3-85.0.1.el510 - fix modssl always performing full renegotiation Joe Jin orabug 12423387 - replace index.html with Oracle's index page oracleindex.html - update vstring and distro in specfile 2.2.3-85 - modlogconfig: add security fix for CVE-2014-0098 1078176 2.2.3-84 - moddav: add security f...
thunderbird security update
24.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.4.0-1 - Update to 24.4.0...
kernel security and bug fix update
kernel 2.6.18-371.3.1.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
libguestfs security, bug fix, and enhancement update
1:1.20.11-2 - Fix CVE-2013-4419: insecure temporary directory handling for guestfish's network socket resolves: rhbz1019737 1:1.20.11-1 - Rebase to libguestfs 1.20.11. resolves: rhbz958183 - Remove buildnet: builds now detect network automatically. - The rhel-6.x branches containing the patches...
glibc security, bug fix, and enhancement update
2.12-1.132 - Revert the addition of gettimeofday vDSO function for ppc and ppc64 until OPD VDSO function call issues are resolved 1026533. 2.12-1.131 - Call gethostbyname4r only for PFUNSPEC 1022022. 2.12-1.130 - Fix integer overflows in valloc and memalign. 1008310. 2.12-1.129 - Initialize...
vino security update
2.28.1-9 - Reject clients in deferred auth state - Bug 1009228...
httpd security update
2.2.15-28.0.1.el64 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-28 - modrewrite: add security fix for CVE-2013-1862 953729 2.2.15-27 - add security fixes for CVE-2012-3499, CVE-2012-4558 915883, 915884...
libxml2 security update
2.7.6-12.0.1.el64.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-12.el64.1 -detect and stop excessive entities expansion upon replacement rhbz912574 2.7.6-12.el6 - fix out of range heap access CVE-2012-5134 2.7.6-11.el6 - Change the...
util-linux-ng security, bug fix and enhancement update
2.17.2-12.9 - fix 892471 - CVE-2013-0157 mount folder existence information disclosure 2.17.2-12.8 - fix 679833 - RFE tailf should support - fix 719927 - RFE add adjtimex --compare functionality to hwclock - fix 730272 - losetup does not warn if backing file is 512 bytes - fix 730891 - document...
jakarta-commons-httpclient security update
1:3.1-0.7 - Add missing connection hostname check against X.509 certificate name - Resolves: CVE-2012-5783...
Unbreakable Enterprise kernel Security update
2.6.32-300.38.1 - net/sfc limit number of segments per skb on tx Maxim Uvarov Orabug: 14769994 CVE-2012-3412...
spice-gtk security update
0.11-11.el63.1 - Fix version for Z-stream Related: rhbz854823 0.11-12 - Add patch fixing CVE-2012-3524 Resolves: rhbz854823...
bind security update
32:9.8.2-0.10.rc1.3 - fix CVE-2012-4244...
kernel security and bug fix update
2.6.32-279.1.1.el6 - kernel Prevent keyctl newsession from causing a panic David Howells 833433 827424 CVE-2012-2745 - net ipv6/netfilter: fix null pointer dereference in nfctfrag6reasm Petr Matousek 833410 833412 CVE-2012-2744 - fs nfs: Map minor mismatch error to protocol not support error Stev...
samba security update
3.0.33-3.36.el4 - Security Release, fixes CVE-2012-1182 - resolves: 812010...
ruby security, bug fix, and enhancement update
1.8.7.352-3 - mkconfig.rb: fix for continued lines. ruby-1.8.7-p352-mkconfig.rb-fix-for-continued-lines.patch - Resolves: rhbz730287 1.8.7.352-2 - Fix of ruby interpreter crash in FIPS mode. ruby-1.8.7-FIPS.patch - Resolves: rhbz717709 1.8.7.352-1 - Update to Ruby 1.8.7-p352. Remove Patch43:...
firefox security update
firefox: 3.6.23-2.0.1.el61 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 3.6.23-2 - Update to 3.6.23 xulrunner: 1.9.2.23-1.0.1.el61.1 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 1.9.2.23-1.1 - Rebuild. 1.9.2.23-1 - Update to...
Oracle Linux 6 Unbreakable Enterprise kernel security fix update
2.6.32-100.35.1.el6uek - net dccp: handle invalid feature options length CVE-2011-1770 - net can: add missing socket check in can/raw release CVE-2011-1748 - net can: Add missing socket check in can/bcm release CVE-2011-1598...
glibc security update
2.5-58.el56.2 - Avoid too much stack use in fnmatch 681054, CVE-2011-1071 - Properly quote output of locale 625893, CVE-2011-1095 - Don't leave empty element in rpath when skipping the first element, ignore rpath elements containing non-isolated use of when privileged 667974, CVE-2011-0536 - Fix...
libtiff security update
3.9.4-1.el60.1 - Add fix for CVE-2011-0192 Resolves: 679298...
thunderbird security update
1.5.0.12-35.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js Replaced clean.gif in tarball 1.5.0.12-35 - Added fixes from 1.9.1.17...
cups security update
1:1.4.2-35:.1 - Applied patch to fix cupsd memory corruption vulnerability CVE-2010-2941, STR 3648, bug 624438...
exim security update
4.63-3.el55.2 - fix buffer overflow in stringformat CVE-2010-4344, 662019...
kernel security update
2.6.9-89.29.1.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
firefox security update
firefox: 3.6.7-2.0.1.el5 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones 3.6.7-2 - Update to 3.6.7 beta2 3.6.7-1 - Update to 3.6.7 3.6.4-9 - Fixed rhbz531159 - default browser check xulrunner: 1.9.2.7-2.0.1.el5 - Added...
thunderbird security update
1.5.0.12-28.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js - Replaced clean.gif in tarball 1.5.0.12-28 - Added fixes from 1.9.1.11 1.5.0.12-26 - Added patches from 1.9.1.10...
postgresql security update
7.3.21-3 - Fix CVE-2010-1169, CVE-2010-1170, CVE-2009-4136, CVE-2010-0733, CVE-2010-0442 via back-ports of upstream patches for Postgres 7.4 Resolves: 589541...
mysql security update
4.1.22-2.el4.3 - Add comment suggesting disabling symbolic links in /etc/my.cnf 4.1.22-2.el4.2 - Add fixes for CVE-2008-4098, CVE-2009-4030 two successive attempts to fix DATA/INDEX DIRECTORY vulnerabilities and CVE-2008-4456 mysql command line client XSS flaw Resolves: 512255 4.1.22-2.el4.1 - Ad...
mysql security update
5.0.77-4.2 - Add fixes for CVE-2009-4019, CVE-2009-4028, CVE-2009-4030 Resolves: 556505 - Use non-expired certificates for SSL testing upstream bug 50702 - Emit explicit error message if user tries to build RPM as root - Add comment suggesting disabling symbolic links in /etc/my.cnf...
kvm security and bug fix update
kvm-83-105.0.1.el54.22 - Add kvm-add-oracle-workaround-for-libvirt-bug.patch kvm-83-105.el54.22 - kvm-CVE-2010-0297-usb-linux.c-fix-buffer-overflow.patch bz560769 - Resolves: bz560769 CVE-2010-0297 kvm-userspace-rhel5: usb-linux.c: fix buffer overflow rhel-5.4.z kvm-83-105.el54.21 -...
cups security update
1:1.3.7-8:.6 - Applied patch to fix CVE-2009-0791 bug 491840. 1:1.3.7-8:.5 - Applied patch to fix CVE-2009-0949 bug 500972...
dovecot security and bug fix update
1.0.7-7 - permissions of deliver and dovecot.conf from 1.0.7-5 reverted - password can be stored in different file readable only for root now - Resolves: 436287, CVE-2008-4870 1.0.7-6 - added missing directory in file list - Resolves: 436287 1.0.7-5 - change permissions of deliver and dovecot.con...
firefox security update
firefox : 3.0.5-1.0.1 - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html - Removed the corresponding files of Red Hat. - Added patch oracle-firefox-branding.patch - Update firstrun URL in spec file 3.0.5-1 - Update to Firefox 3.0.5 nspr: 4.7.3-2 - Update to NSPR 4.7.3...
ruby security update
1.8.5-5.el52.6 - security fix 470262 - CVE-2008-4310: real fix for CVE-2008-3656. original patch named as fix for CVE-2008-3656 actually fixed different issue CVE-2008-1145, hence we are providing correct patch and renaming original patch to refer to proper CVE...
wireshark security update
1.0.3-4.0.1.el52 - Add oracle-ocfs2-network.patch 1.0.3-4 - fix pam session file, wireshark requires root pswd everytime its started 1.0.3-3 - fix pie flags 1.0.3-1 - upgrade to 1.0.3 - fixes several security issues - Resolves: 461569...
firefox security update
devhelp: 0.12-19 - Rebuild against xulrunner firefox: 3.0.2-3.0.1.el5 - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html - Removed the corresponding files of Red Hat. - Added patch oracle-firefox-branding.patch - Update firstrun URL 3.0.2-3 - Update to Firefox 3.0.2 bui...
openoffice.org security update
1.1.5-10.0.5 - Resolves: rhbz450521 CVE-2008-2366 1.1.5-10.0.4 - Resolves: rhbz450521 CVE-2008-2152...
net-snmp security update
5.3.1-24.1 - fix buffer overflow in perl module CVE-2008-2292 449897 - fix SNMPv3 authentication checks unknown CVE 449897...
cups security update
cups 1.2.4-11.14:.6 - Applied patch to fix CVE-2008-0053 HP-GL/2 input processing, bug 438117. - Applied patch to fix CVE-2008-1373 GIF overflow, bug 438303. 1.2.4-11.14:.5 - Applied patch to prevent heap-based buffer overflow in CUPS helper program bug 436153, CVE-2008-0047, STR 2729...