9180 matches found
firefox security update
firefox: 3.6.23-2.0.1.el61 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 3.6.23-2 - Update to 3.6.23 xulrunner: 1.9.2.23-1.0.1.el61.1 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 1.9.2.23-1.1 - Rebuild. 1.9.2.23-1 - Update to...
Oracle Linux 6 Unbreakable Enterprise kernel security fix update
2.6.32-100.35.1.el6uek - net dccp: handle invalid feature options length CVE-2011-1770 - net can: add missing socket check in can/raw release CVE-2011-1748 - net can: Add missing socket check in can/bcm release CVE-2011-1598...
glibc security update
2.5-58.el56.2 - Avoid too much stack use in fnmatch 681054, CVE-2011-1071 - Properly quote output of locale 625893, CVE-2011-1095 - Don't leave empty element in rpath when skipping the first element, ignore rpath elements containing non-isolated use of when privileged 667974, CVE-2011-0536 - Fix...
libtiff security update
3.9.4-1.el60.1 - Add fix for CVE-2011-0192 Resolves: 679298...
thunderbird security update
1.5.0.12-35.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js Replaced clean.gif in tarball 1.5.0.12-35 - Added fixes from 1.9.1.17...
cups security update
1:1.4.2-35:.1 - Applied patch to fix cupsd memory corruption vulnerability CVE-2010-2941, STR 3648, bug 624438...
exim security update
4.63-3.el55.2 - fix buffer overflow in stringformat CVE-2010-4344, 662019...
kernel security update
2.6.9-89.29.1.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
firefox security update
firefox: 3.6.7-2.0.1.el5 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones 3.6.7-2 - Update to 3.6.7 beta2 3.6.7-1 - Update to 3.6.7 3.6.4-9 - Fixed rhbz531159 - default browser check xulrunner: 1.9.2.7-2.0.1.el5 - Added...
thunderbird security update
1.5.0.12-28.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js - Replaced clean.gif in tarball 1.5.0.12-28 - Added fixes from 1.9.1.11 1.5.0.12-26 - Added patches from 1.9.1.10...
postgresql security update
7.3.21-3 - Fix CVE-2010-1169, CVE-2010-1170, CVE-2009-4136, CVE-2010-0733, CVE-2010-0442 via back-ports of upstream patches for Postgres 7.4 Resolves: 589541...
mysql security update
4.1.22-2.el4.3 - Add comment suggesting disabling symbolic links in /etc/my.cnf 4.1.22-2.el4.2 - Add fixes for CVE-2008-4098, CVE-2009-4030 two successive attempts to fix DATA/INDEX DIRECTORY vulnerabilities and CVE-2008-4456 mysql command line client XSS flaw Resolves: 512255 4.1.22-2.el4.1 - Ad...
mysql security update
5.0.77-4.2 - Add fixes for CVE-2009-4019, CVE-2009-4028, CVE-2009-4030 Resolves: 556505 - Use non-expired certificates for SSL testing upstream bug 50702 - Emit explicit error message if user tries to build RPM as root - Add comment suggesting disabling symbolic links in /etc/my.cnf...
kvm security and bug fix update
kvm-83-105.0.1.el54.22 - Add kvm-add-oracle-workaround-for-libvirt-bug.patch kvm-83-105.el54.22 - kvm-CVE-2010-0297-usb-linux.c-fix-buffer-overflow.patch bz560769 - Resolves: bz560769 CVE-2010-0297 kvm-userspace-rhel5: usb-linux.c: fix buffer overflow rhel-5.4.z kvm-83-105.el54.21 -...
cups security update
1:1.3.7-8:.6 - Applied patch to fix CVE-2009-0791 bug 491840. 1:1.3.7-8:.5 - Applied patch to fix CVE-2009-0949 bug 500972...
dovecot security and bug fix update
1.0.7-7 - permissions of deliver and dovecot.conf from 1.0.7-5 reverted - password can be stored in different file readable only for root now - Resolves: 436287, CVE-2008-4870 1.0.7-6 - added missing directory in file list - Resolves: 436287 1.0.7-5 - change permissions of deliver and dovecot.con...
firefox security update
firefox : 3.0.5-1.0.1 - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html - Removed the corresponding files of Red Hat. - Added patch oracle-firefox-branding.patch - Update firstrun URL in spec file 3.0.5-1 - Update to Firefox 3.0.5 nspr: 4.7.3-2 - Update to NSPR 4.7.3...
ruby security update
1.8.5-5.el52.6 - security fix 470262 - CVE-2008-4310: real fix for CVE-2008-3656. original patch named as fix for CVE-2008-3656 actually fixed different issue CVE-2008-1145, hence we are providing correct patch and renaming original patch to refer to proper CVE...
wireshark security update
1.0.3-4.0.1.el52 - Add oracle-ocfs2-network.patch 1.0.3-4 - fix pam session file, wireshark requires root pswd everytime its started 1.0.3-3 - fix pie flags 1.0.3-1 - upgrade to 1.0.3 - fixes several security issues - Resolves: 461569...
openoffice.org security update
1.1.5-10.0.5 - Resolves: rhbz450521 CVE-2008-2366 1.1.5-10.0.4 - Resolves: rhbz450521 CVE-2008-2152...
net-snmp security update
5.3.1-24.1 - fix buffer overflow in perl module CVE-2008-2292 449897 - fix SNMPv3 authentication checks unknown CVE 449897...
cups security update
cups 1.2.4-11.14:.6 - Applied patch to fix CVE-2008-0053 HP-GL/2 input processing, bug 438117. - Applied patch to fix CVE-2008-1373 GIF overflow, bug 438303. 1.2.4-11.14:.5 - Applied patch to prevent heap-based buffer overflow in CUPS helper program bug 436153, CVE-2008-0047, STR 2729...
Important: xorg-x11 security update
6.8.2-1.EL.13.37.0.1 - Add Enterprise Linux detection 6.8.2-1.EL.13.37.7 - Add cve-2007-1351.patch 234056 6.8.2-1.EL.13.37.6 - Add cve-2007-1003.patch 233000 - Add int-overflow.patch 231693 6.8.2-1.EL.13.37.5 - Add xorg-x11-6.8.2-sorted-xkbcomp-dirs.patch to fix rpmdiff multilib failure...
java-11-openjdk security update
1:11.0.25.0.9-1.0.1 - Update to jdk-11.0.25+9 GA Orabug: 37178930 - Fixes CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235 - Removed patches - 1001-orabug36904359-CVE-2024-21138-fix.patch - 1002-orabug36904359-CVE-2024-21138-fix.patch - 1003-orabug36904359-CVE-2024-21140-fix-part1.patc...
httpd security update
2.4.6-99.0.3.1 - Opt-ins for unsafe prefixstat and %3f Orabug: 36904263CVE-2024-38474CVE-2024-38475 - modproxy: validate hostname Orabug: 36904263CVE-2024-38477...
edk2 security update
20231122-6.0.1.el94.2 - Replace upstream references Orabug:36569119 20231122-6.el94.2 - edk2-NetworkPkg-SECURITY-PATCH-CVE-2023-45237.patch RHEL-40270 RHEL-40272 - edk2-NetworkPkg-TcpDxe-SECURITY-PATCH-CVE-2023-45236.patch RHEL-40270 RHEL-40272 -...
java-17-openjdk security update
1:17.0.12.0.7-2.0.1 - Add Oracle vendor bug URL 1:17.0.12.0.7-2 - Update to jdk-17.0.12+7 GA - Update .gitignore to ignore openjdk-17.0.12+7.tar.xz - Sync java-17-openjdk-portable.specfile - Set buildver to 7 - Set portablerelease 1 - Set isga to 1 - Update sources to openjdk-17.0.12+7.tar.xz -...
pcs security update
0.10.18-2.0.1 - Replace HAM-logo.png with a generic one 0.10.18-2 - Fixed CVE-2024-25126, CVE-2024-26141, CVE-2024-26146 in bundled dependency rack Resolves: RHEL-26445, RHEL-26447, RHEL-26449 0.10.18-1 - Rebased to the latest sources see CHANGELOG.md Resolves: RHEL-7741 0.10.17-6 - Rebased to th...
traceroute security update
3:2.1.0-8 - add gating.yaml 3:2.1.0-7 - fix improper command line parsing CVE-2023-46316...
edk2 security update
20220126gitbb1bba3d77-13 - edk2-EmbeddedPkg-Hob-Integer-Overflow-in-CreateHob.patch RHEL-21158 - edk2-StandaloneMmPkg-Hob-Integer-Overflow-in-CreateHob.patch RHEL-21158 - Resolves: RHEL-21158 CVE-2022-36765 edk2: integer overflow in CreateHob could lead to HOB OOB R/W rhel-8...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.331.7.el7 - Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' Siddh Raman Pant - Revert 'selftests: mm: fix maphugetlb failure on 64K page size systems' Harshit Mogalapalli Orabug: 36584568 - Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port' Arumugam...
mod_http2 security update
2.0.26-2 - Resolves: RHEL-31855 - modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 2.0.26-1 - Resolves: RHEL-14691 - modhttp2 rebase to 2.0.26...
java-11-openjdk security update
1:11.0.23.0.9-2.0.1 - link atomic for ix86 build 1:11.0.23.0.9-2 - Fix 11.0.22 release date in NEWS - Restore ppc64le --with-jobs=1 workaround to avoid flaky ppc builds 1:11.0.23.0.9-1 - Update to jdk-11.0.23+9 GA - Update release notes to 11.0.23+9 - Switch to GA mode for release - Require tzdat...
gnutls security update
3.7.6-23.4 - Fix timing side-channel in deterministic ECDSA RHEL-28958 - Fix potential crash during chain building/verification RHEL-28953...
Unbreakable Enterprise kernel security update
4.14.35-2047.535.2.1 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36467681 CVE-2024-1086 4.14.35-2047.535.2 - Fix null ptr in rdstcprecvpath Allison Henderson Orabug: 33499812 - LTS version: v4.14.338 Saeed Mirzamohammadi - crypto: scompress - initialize...
nodejs:18 security update
nodejs 1:18.19.1-1 - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 high - Fixes: CVE-2023-46809 medium nodejs-nodemon nodejs-packaging...
buildah security update
1.31.4-1.0.1 - update to https://github.com/containers/buildah/releases/tag/v1.31 - https://github.com/containers/buildah/commit/11bbf33...
tomcat security update
1:9.0.62-37.el93.2 - Resolves: 2252050 HTTP request smuggling via malformed trailer headers CVE-2023-46589...
virt:ol and virt-devel:rhel security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-40.el89.2 - Resolves: RHEL-7309 CVE-2023-3019 virt:rhel/qemu-kvm: QEMU: e1000e: heap use-after-free in e1000ewritepackettoguest rhel-8 seabios sgabios...
fence-agents security update
4.2.1-121.2 - bundled urllib3: fix CVE-2023-43804 Resolves: RHEL-11988 - bundled certifi: fix CVE-2023-37920 Resolves: RHEL-6972...
squid security update
7:5.5-6.0.1.el93.5 - squid: Denial of Service in SSL Certificate validation CVE-2023-46724 - squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728 - squid: Buffer over-read in the HTTP Message processing feature CVE-2023-49285 - squid: Incorrect Check of Function Return Value...
firefox security update
115.6.0-1.0.1 - Udate to 115.6.0 build1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file...
thunderbird security update
115.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 115.5.0-1 - Update to 115.5.0 build1...
dotnet8.0 security update
8.0.100-2.0.1 - Update to .NET 8.0 8.0.100rc.2-0.1.0.1 - Add support for Oracle Linux 8.0.100rc.2-0.1 - Update to .NET 8 RC 2 - Resolves: RHEL-13790 8.0.100rc.1-0.4 - Disable bootstrap - Related: RHEL-4074 8.0.100rc.1-0.3 - Add backported patches for additional s390x issues - Related: RHEL-4074...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.325.5.el8 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access...
tomcat security and bug fix update
1:9.0.62-27 - Related: RHEL-12543 - Bump release number 1:9.0.62-16 - Resolves: RHEL-12543 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack - Remove JDK subpackges which are unused 1:9.0.62-14 - Related: RHEL-2330 Bump release number 1:9.0.62-13 -...
python3 security update
3.6.8-56.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-56 - Security fix for CVE-2023-40217 Resolves: RHEL-3041 3.6.8-55 - Fix symlink handling in the fix for CVE-2007-4559 Resolves: rhbz263261 3.6.8-54 - Bump release fo...
python3.11 security update
3.11.5-1 - Rebase to 3.11.5 - Security fixes for CVE-2023-40217 and CVE-2023-41105 Resolves: RHEL-3045, RHEL-3269 3.11.4-3 - Fix symlink handling in the fix for CVE-2023-24329 Resolves: rhbz263261 3.11.4-2 - Security fix for CVE-2007-4559 Resolves: rhbz263261 3.11.4-1 - Update to 3.11.4 - Securit...
tomcat security and bug fix update
1:9.0.62-37 - Resolves: RHEL-12551 - Remove JDK subpackges which are unused 1:9.0.62-16 - Related: 2184133 Declare file conflicts 1:9.0.62-15 - Resolves: 2184133 Fix bug in Obsoletes 1:9.0.62-14 - Resolves: 2210632 CVE-2023-28709 tomcat 1:9.0.62-13 - Resolves: 2189675 Missing Tomcat POM files in...
python3 security update
3.6.8-51.0.1.2 - Security fix for CVE-2023-40217 Resolves: rhbz2235789...