8997 matches found
mercurial security update
2.6.2-8 - Fix CVE-2017-1000115 and CVE-2017-1000116...
firefox security update
52.3.0-3.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.3.0-3 - Fix for rhbz1470294 - bundling newer libffi for ppc platforms 52.3.0-2 - Update to 52.3.0 ESR b2...
kernel security and bug fix update
3.10.0-514.26.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.26.1 - mm enlarge stack guard gap Larry Woodman 1452732 1452733...
firefox security update
52.2.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.2.0-1 - Update to 52.2.0 ESR 52.1.1-1 - Update to 52.1.1 ESR...
wireshark security and bug fix update
1.8.10-25.0.1 - Fix ocfs2 dissector John Haxby orabug 21505640 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.8.10-25 - rebuilt 1.8.10-24 - Related: 1245887 - segfault with CVE-2013-4075 capture - valgrind error with CVE-2015-3812 capture 1.8.10-23 - Resolves: 12381...
openjpeg security update
1.3-16 - Revert previous changes in patch for CVE-2016-5159 - Fix double free in patch for CVE-2016-5139 - Fix memory leaks and invalid read in ciobytein Related: 1419775 1.3-15 - Add two more allocation checks to patch for CVE-2016-5159 Related: 1419775 1.3-14 - Add patches for CVE-2016-5139,...
libtiff security update
3.9.4-21 - Fix patch for CVE-2016-5652 - Related: 1412078 3.9.4-20 - Fix CWE-476 defect found by covscan - Related: 1412078 3.9.4-19 - Add patches for CVEs: - CVE-2016-9533 CVE-2016-9534 CVE-2016-9535 - CVE-2016-9536 CVE-2016-9537 CVE-2016-9540 - CVE-2016-5652 - Resolves: 1412078...
expat security update
2.0.1-13 - updated security fix for CVE-2016-0718 2.0.1-12 - add security fix for CVE-2016-0718...
wget security and bug fix update
1.14-13 - Fix CVE-2016-4971 1345778 - Added support for non-ASCII URLs Related: CVE-2016-4971 1.14-12 - Fix wget to include Host header on CONNECT as required by HTTP 1.1 1203384 - Run internal test suite during build 1295846 - Fix -nv being documented as synonym for two options 1147572 1.14-11 -...
ntp security update
4.2.6p5-10.el68.1 - don't allow spoofed packets to demobilize associations CVE-2015-7979, CVE-2016-1547 - don't allow spoofed packet to enable symmetric interleaved mode CVE-2016-1548 - check mode of new source in config command CVE-2016-2518 - make MAC check resilient against timing attack...
thunderbird security update
38.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 38.5.0-1 - Update to 38.5.0...
libpng security update
2:1.5.13-7 - Security fix for CVE-2015-8126 - Changing pngptr to infoptf based on upstream - Related: 1283576 2:1.5.13-6 - Security fix for CVE-2015-8126 - Resolves: 1283576...
thunderbird security update
38.4.0-1.0.1.el67 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 38.4.0-1 - Update to 38.4.0...
qemu-kvm security update
0.12.1.2-2.448.el66.4 - kvm-pcnet-fix-Negative-array-index-read.patch bz1225886 - kvm-pcnet-force-the-buffer-access-to-be-in-bounds-during.patch bz1225886 - Resolves: bz1225886 EMBARGOED CVE-2015-3209 qemu-kvm: qemu: pcnet: multi-tmd buffer overflow in the tx path rhel-6.6.z...
xen security update
3.0.3-146.el5 - xen-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch - xen-FDC-Fix-buffer-overflow-Herv-Poussineau.patch - Resolves: bz1219333 xen: qemu: floppy disk controller flaw rhel-5.11.z 3.0.3-144.el5 - xm: Fix vcpu-pin complain for CPU number out of range rhbz 955656 - libxc:...
ipa and slapi-nis security and bug fix update
ipa 4.1.0-18.0.1.el71.3 - Replace login-screen-logo.png 20362818 - Drop subscription-manager requires for OL7 - Drop redhat-access-plugin-ipa requires for OL7 - Blank out header-logo.png product-name.png 4.1.0-18.3 - ipa-python ipalib.errors.LDAPError: failed to decode certificate:...
hivex security, bug fix, and enhancement update
1.3.10-5.7 - Fix: 'Argument list too long' when using virt-v2v on Windows guest with French copy of Citrix installed related: rhbz1145056 1.3.10-5.6 - Fix: typo in man page resolves: rhbz1099286 1.3.10-5.4 - Fix: hivex missing checks for small/truncated files resolves: rhbz1158992 1.3.10-5.3 - Fi...
kernel security and bug fix update
3.10.0-123.9.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.9.2 - virt kvm: fix PIT timer race condition Petr Matousek 1144879 1144880 CVE-2014-3611 - virt kvm/vmx: handle invept and invvpid vm exits gracefully Petr Matousek 1145449 1116936 1144828 1144829 CVE-2014-3645 CVE-2014-3646...
krb5 security and bug fix update
1.6.1-78.el5 - gssapi: pull in upstream fix for a possible NULL dereference in spnego CVE-2014-4344, 1121509 1.6.1-77.el5 - fix what appears to be a cosmetic error in the patch for self-tests for CVE-2014-4341 1.6.1-76.el5 - run the backported self-tests, such as they are, for CVE-2014-4341...
unbreakable enterprise kernel security update
2.6.39-400.215.7 - sctp: Fix skackbacklog wrap-around problem Xufeng Zhang Orabug: 19404245 CVE-2014-4667...
thunderbird security update
24.6.0-1.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.6.0-1 - Update to 24.6.0...
curl security and bug fix update
7.19.7-37.el65.3 - fix re-use of wrong HTTP NTLM connection CVE-2014-0015 - fix connection re-use when using different log-in credentials CVE-2014-0138 7.19.7-37.el65.2 - fix authentication failure when server offers multiple auth options 1096797 7.19.7-37.el65.1 - refresh expired cookie in test1...
samba4 security update
4.0.0-61.rc4 - resolves: 1073913 - Fix CVE-2012-6150. - resolves: 1073913 - Fix CVE-2013-4496. - resolves: 1073913 - Fix CVE-2013-6442...
thunderbird security update
24.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.4.0-1 - Update to 24.4.0...
postgresql84 and postgresql security update
8.4.20-1 - Update to PostgreSQL 8.4.20 1065843 for fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-19.html http://www.postgresql.org/docs/8.4/static/release-8-4-20.html...
firefox security update
24.3.0-2.0.1.el65 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Build with nspr-devel = 4.10.0 to fix build failure 24.3.0-2 - Update to 24.3.0 ESR Build 2 24.3.0-1 - Update to 24.3.0 ESR...
unbreakable enterprise kernel security update
2.6.39-400.211.3 - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951806 CVE-2013-4470 - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951818 CVE-2013-4470 - KVM: x86: Fix potential divide by 0 in lapic CVE-2013-6367 Andy Honig Orabu...
ruby security update
1.8.7.352-13 - Workaround build issues against OpenSSL with enabled ECC curves. - Make DRb compatible with OpenSSL 1.0.1. ruby-1.9.3-p222-generate-1024-bits-RSA-key-instead-of-512-bits.patch - Fix CVE-2013-4164 Heap Overflow in Floating Point Parsing...
libgcrypt security update
1.4.5-11 - fix CVE-2013-4242 GnuPG/libgcrypt susceptible to cache side-channel attack 1.4.5-10 - Add GCRYCTLSETENFORCEDFIPSFLAG command...
vino security update
2.28.1-9 - Reject clients in deferred auth state - Bug 1009228...
glibc security and bug fix update
2.5-118.2 - Fix integer overflows in valloc and memalign. 1011804. 2.5-118.1 - Add support for newer L3 caches on x86-64 and correctly count the number of hardware threads sharing a cacheline 1011424...
Oracle Linux 5 kernel update
kernel 2.6.18-371.0.0.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
httpd security update
2.2.15-28.0.1.el64 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-28 - modrewrite: add security fix for CVE-2013-1862 953729 2.2.15-27 - add security fixes for CVE-2012-3499, CVE-2012-4558 915883, 915884...
firefox security update
firefox 17.0.5-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 17.0.5-1 - Update to 17.0.5 ESR xulrunner 17.0.5-1.0.1.el64 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNERVERSION from SOURCE21 17.0.5-1 -...
java-1.7.0-openjdk security update
1.7.0.9-2.3.7.1.0.2.el63 - Increase release number and rebuild. 1.7.0.9-2.3.7.1.0.1.el63 - Update DISTRONAME in specfile 1.7.0.9-2.3.7.1.el63 - Updated main source tarball - Resolves: rhbz911529 1.7.0.9-2.3.7.0.el63 - Removed patch1000 sec-2013-02-01-8005615.patch - Removed patch1001...
jakarta-commons-httpclient security update
1:3.1-0.7 - Add missing connection hostname check against X.509 certificate name - Resolves: CVE-2012-5783...
nss, nss-util, and nspr security, bug fix, and enhancement update
nspr 4.9.2-0.1 - Retagging to ensure n-v-r is lower than the one for rhel-6.4 - Resolves: rhbz891661 - RFE Rebase nspr to 4.9.2 due to Firefox 17 ESR 4.9.2-1 - Resolves: rhbz891661 - RFE Rebase nspr to 4.9.2 due to Firefox 17 ESR nss 3.13.6-2.0.1.el63 - Added nss-vendor.patch to change vendor...
xulrunner security update
10.0.8-2.0.1.el63 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 10.0.8-2 - Added patches from 10.0.9 ESR...
gimp security update
2:2.2.13-2.0.7.el58.5 - fix overflow in GIF loader CVE-2012-3481 2:2.2.13-2.0.7.el58.4 - fix overflows in PSD plugin CVE-2009-3909, CVE-2012-3402 - fix heap corruption and overflow in GIF plug-in CVE-2011-2896 - fix overflow in CEL plug-in CVE-2012-3403...
nss and nspr security, bug fix, and enhancement update
nspr 4.9.1-4 - Resolves: rhbz834219 - Fix postinstall scriptlet failures - Fix %post and %postun lines per packaging guidelines - Updated License: to MPLv2.0 per upstream 4.9.1-3 - Resolves: rhbz834219 - Ensure nspr-config.in changes get applied 4.9.1-2 - Resolves: rhbz834219 - restore top sectio...
389-ds-base security update
1.2.10.2-18 - Resolves: Bug 830001 - unhasheduserpassword visible after changing password -- patch 0020 disallows users' direct modify on unhasheduserpassword 1.2.10.2-17 - Resolves: Bug 830001 - unhasheduserpassword visible after changing password -- patch 0019 fixes deref issue. 1.2.10.2-16 -...
samba3x security update
3.5.10-0.108 - Security Release, fixes CVE-2012-1182 - resolves: 804650...
libxml2 security update
2.7.6-4.0.1.el62.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-4.el62.1 - Make sure the parser returns when getting a Stop order CVE-2011-3905 - Fix an allocation error when copying entities CVE-2011-3919 - Resolves: rhbz771913...
ruby security, bug fix, and enhancement update
1.8.7.352-3 - mkconfig.rb: fix for continued lines. ruby-1.8.7-p352-mkconfig.rb-fix-for-continued-lines.patch - Resolves: rhbz730287 1.8.7.352-2 - Fix of ruby interpreter crash in FIPS mode. ruby-1.8.7-FIPS.patch - Resolves: rhbz717709 1.8.7.352-1 - Update to Ruby 1.8.7-p352. Remove Patch43:...
rsync security, bug fix, and enhancement update
3.0.6-4 - fix 700450 - free parsed hostnames - fix 575022 - set TZ variable after chroot 3.0.6-3 - Add upstream patch to fix CVE-2011-1097 - Incremental file-list corruption due to temporary fileextracnt increments Resolves: 688923 3.0.6-2 - Remove BuildRequires dependency on popt-devel, until th...
ruby security update
1.8.5-19.el56.1 - Address CVE-2011-1004 'Symlink race condition by removing directory trees in fileutils module' ruby-1.8.7-CVE-2011-1004.patch - Address CVE-2011-1005 'Untrusted codes able to modify arbitrary strings' ruby-1.8.7-CVE-2011-1005.patch - Address CVE-2011-0188 'memory corruption in...
glibc security update
2.5-58.el56.2 - Avoid too much stack use in fnmatch 681054, CVE-2011-1071 - Properly quote output of locale 625893, CVE-2011-1095 - Don't leave empty element in rpath when skipping the first element, ignore rpath elements containing non-isolated use of when privileged 667974, CVE-2011-0536 - Fix...
thunderbird security update
1.5.0.12-35.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js Replaced clean.gif in tarball 1.5.0.12-35 - Added fixes from 1.9.1.17...
cups security update
1:1.4.2-35:.1 - Applied patch to fix cupsd memory corruption vulnerability CVE-2010-2941, STR 3648, bug 624438...
exim security update
4.63-3.el55.2 - fix buffer overflow in stringformat CVE-2010-4344, 662019...