9177 matches found
qt5-qtbase security and bug fix update
5.12.5-8 - Build against system xkb and openssl 1.1 Resolves: bz1882375 5.12.5-7 - Fix buffer overflow in XBM parser Resolves: bz1870364...
xstream security update
1.3.1-12 - Rebuild with OpenJDK 7 1.3.1-11 - Fix remote code execution vulnerability - Resolves: CVE-2020-26217...
Unbreakable Enterprise kernel security update
4.1.12-124.46.4.1 - target: fix XCOPY NAA identifier lookup Mike Christie Orabug: 32248041 CVE-2020-28374 4.1.12-124.46.4 - xen/events: block rogue events for some time Juergen Gross Orabug: 31984335 CVE-2020-27673 - xen/events: defer eoi in case of excessive number of events Juergen Gross Orabug...
firefox security update
78.5.0-1.0.1 - Fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 78.5.0-1 - Update to 78.5.0 build1...
thunderbird security update
68.12.0-1.0.1 Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.12.0-1 - Update to 68.12.0 build1...
kubernetes kubeadm-ha-setup kubernetes-cni kubernetes-cni-plugins security update
kubernetes 1.12.10-1.0.15 - Address CVE-2020-16845 kubeadm-ha-setup 0.0.2-1.0.73 - Fix update to coredns image tag 0.0.2-1.0.72 - Address CVE-2020-16845 kubernetes-cni 0.7.1-1.0.3 - Pin min version of cni-plugins kubernetes-cni-plugins 0.8.6-1.0.3 - Address CVE-2020-16845...
java-11-openjdk security and enhancement update
1:11.0.8.10-0 - Update to shenandoah-jdk-11.0.8+10 GA - Switch to GA mode for final release. - Update release notes with last minute fix JDK-8248505. - This tarball is embargoed until 2020-07-14 @ 1pm PT. - Resolves: rhbz1838811 1:11.0.8.9-0.0.ea - Update to shenandoah-jdk-11.0.8+9 EA - Update...
thunderbird security update
68.9.0-1.0.1.el82 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.9.0-1 - Update to 68.9.0 build1...
docker-engine docker-cli security update
docker-engine 19.03.11-1.0.0 - update to 19.03.11 for CVE-2020-13401 19.03.1-1.0.0 - update to 19.03.1 19.03-0.0.1 - update to 19.03 18.09.1-1.0.6 - disable kmem accounting for UEKR4 18.09.1-1.0.5 - apply e4931e664feac6fa8846f3f04268a0cc98822549, fixes CVE-2019-5736 18.09.1-1.0.4 - fix...
dotnet3.1 security update
3.1.104-2.0.2 - Update patch to support 8.2 [email protected] 3.1.104-2.0.1 - support OL release scheme [email protected] 3.1.104-2 - Update to new release - Resolves: RHBZ1833091 3.1.104-1 - Update to .NET Core Runtime 3.1.4 and SDK 3.1.104 - Resolves: RHBZ1833091...
samba security, bug fix, and enhancement update
4.10.4-10 - resolves: 1786324 - fix security level check for DsRGetForestTrustInformation 4.10.4-9 - resolves: 1764468 - Fix CVE-2019-10218 4.10.4-8 - resolves: 1656541 - Fix join using netbios name 4.10.4-7 - resolves: 1657428 - Fix spnego downgrade - resolves: 1663064 - Fix net ads join in...
ppp security update
2.4.7-26 - Fixed buffer overflow in the eaprequest and eapresponse functions Resolves: CVE-2020-8597...
sudo security update
1.8.25p1-8.1 - RHEL 8.1.0.Z ERRATUM - CVE-2019-18634 Resolves: rhbz1798092...
grub2 security update
2.02-78.0.3.el81.1 - honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS Orabug: 30643497 - set EFIDIR as redhat for additional grub2 tools Orabug: 29875597 - Update upstream references Orabug: 26388226 - Copy symvers.gz to /boot during kernel install Orabug: 29773086 - Insert Unbreakable...
ipa security and bug fix update
4.6.5-11.0.1 - Blank out header-logo.png product-name.png - Replace login-screen-logo.png Orabug: 20362818 4.6.5-11.el77.4 - Resolves: 1781153 - After upgrade AD Trust Agents were removed from LDAP - trust upgrade: ensure that host is member of adtrust agents - Resolves: 1777303 - CVE-2019-10195...
openslp security update
2.0.0-4 - Fix a heap-based buffer overflow vulnerability leading to remote code execution, CVE-2019-5544 Resolves: 1788447...
virt:ol security, bug fix, and enhancement update
...
libguestfs-winsupport security update
7.2-3 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root privilege escalation resolves: rhbz1698502...
qemu security update
15:3.0.0-4.el7 - usb-mtp: use ONOFOLLOW and OCLOEXEC. Gerd Hoffmann Orabug: 29056673 CVE-2018-16872 - pvrdma: add uarread routine Prasad J Pandit CVE-2018-20191 - pvrdma: release ring object in case of an error Prasad J Pandit Orabug: 29171822 CVE-2018-20126 - pvrdma: check number of pages when...
qemu security update
15:3.0.0-3.el7 - monitor: guard iothread access by mon-useiothread Wolfgang Bumiller Orabug: 29046045 - monitor: delay monitor iothread creation Wolfgang Bumiller Orabug: 29010480 - Revert 'qmp: isolate responses into io thread' Marc-Andre Lureau Orabug: 29010480 - usb-mtp: outlaw slashes in...
qemu security update
12:2.9.0-11.1.el7 - i386: Define the Virt SSBD MSR and handling of it CVE-2018-3639 Konrad Rzeszutek Wilk Orabug: 28110449 CVE-2018-3639 - i386: define the AMD 'virt-ssbd' CPUID feature bit CVE-2018-3639 Konrad Rzeszutek Wilk Orabug: 28110449 CVE-2018-3639 - i386: define the 'ssbd' CPUID feature...
yum-utils security update
1.1.30-42.0.1 - add dependency btrfs-progs for yum-plugin-fs-snapshot [email protected] bug 16285176 - use unified btrfs binary instead of btrfsctl [email protected] bug 16285176 -1.1.30-42 - reposync: prevent path traversal. - Resolves: bug1600619...
thunderbird security update
52.8.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.8.0-2 - Update to 52.8.0...
postgresql security update
9.2.23-3 - setup: keep PGSETUP variables after switching to not-privileged user 9.2.23-2 - fix CVE-2017-12172...
qemu-kvm security update
1.5.3-141.el74.4 - kvm-multiboot-validate-multiboot-header-address-values.patch bz1501120 - Resolves: bz1501120 CVE-2017-14167 qemu-kvm: Qemu: i386: multiboot OOB access while loading kernel image rhel-7.4.z 1.5.3-141.el74.3 - kvm-bswap.h-Remove-cputo32wu.patch bz1501294 -...
curl security update
7.29.0-42.el74.1 - fix buffer overflow while processing IMAP FETCH response CVE-2017-1000257...
mercurial security update
2.6.2-8 - Fix CVE-2017-1000115 and CVE-2017-1000116...
firefox security update
52.3.0-3.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.3.0-3 - Fix for rhbz1470294 - bundling newer libffi for ppc platforms 52.3.0-2 - Update to 52.3.0 ESR b2...
kernel security and bug fix update
3.10.0-514.26.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.26.1 - mm enlarge stack guard gap Larry Woodman 1452732 1452733...
firefox security update
52.2.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.2.0-1 - Update to 52.2.0 ESR 52.1.1-1 - Update to 52.1.1 ESR...
glibc security update
2.12-1.209.0.1 - Update newmode size to fix a possible corruption 2.12-1.209 - Fix AFINET6 getaddrinfo with nscd 1416496 2.12-1.208 - Update tests for struct sockaddrstorage changes 1338673 2.12-1.207 - Use FLCLOEXEC in internal calls to fopen 1012343. 2.12-1.206 - Fix CVE-2015-8779 glibc:...
wireshark security and bug fix update
1.8.10-25.0.1 - Fix ocfs2 dissector John Haxby orabug 21505640 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.8.10-25 - rebuilt 1.8.10-24 - Related: 1245887 - segfault with CVE-2013-4075 capture - valgrind error with CVE-2015-3812 capture 1.8.10-23 - Resolves: 12381...
openjpeg security update
1.3-16 - Revert previous changes in patch for CVE-2016-5159 - Fix double free in patch for CVE-2016-5139 - Fix memory leaks and invalid read in ciobytein Related: 1419775 1.3-15 - Add two more allocation checks to patch for CVE-2016-5159 Related: 1419775 1.3-14 - Add patches for CVE-2016-5139,...
qemu-kvm security and bug fix update
0.12.1.2-2.491.el68.6 - kvm-cirrusvga-fix-division-by-0-for-color-expansion-rop.patch bz1418230 bz1419416 - kvm-cirrusvga-fix-off-by-one-in-blitregionisunsafe.patch bz1418230 bz1419416 - kvm-display-cirrus-check-vga-bits-per-pixel-bpp-value.patch bz1418230 bz1419416 -...
kernel security update
3.10.0-514.6.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.6.2 - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic...
expat security update
2.0.1-13 - updated security fix for CVE-2016-0718 2.0.1-12 - add security fix for CVE-2016-0718...
openssh security, bug fix, and enhancement update
6.6.1p1-31 + 0.9.3-9 - Do not depend on selinux-policy 1373297 6.6.1p1-30 + 0.9.3-9 - Drop dependency on libcap-ng for ssh-keycat 1357859 6.6.1p1-29 + 0.9.3-9 - Rework SELinux context handling with chroot using libcap-ng 1357859 6.6.1p1-28 + 0.9.3-9 - SFTP force permission collision with umask...
wget security and bug fix update
1.14-13 - Fix CVE-2016-4971 1345778 - Added support for non-ASCII URLs Related: CVE-2016-4971 1.14-12 - Fix wget to include Host header on CONNECT as required by HTTP 1.1 1203384 - Run internal test suite during build 1295846 - Fix -nv being documented as synonym for two options 1147572 1.14-11 -...
util-linux security, bug fix, and enhancement update
2.23.2-33.0.1 - fix Oracle bug 23001516 - backport lscpu: correct the Virtualization type on Xen DomU PV guest - Reviewed-by: Joe Jin 2.23.2-33 - improve patch for 1007734 libblkid realpaths 2.23.2-32 - improve patch for chrt1 deadline support 1298384 - fix 1007734 - blkid shows devices as...
qemu-kvm security update
0.12.1.2-2.491.el68.3 - kvm-virtio-error-out-if-guest-exceeds-virtqueue-size.patch bz1359724 - Resolves: bz1359724 EMBARGOED CVE-2016-5403 qemu-kvm: Qemu: virtio: unbounded memory allocation on host via guest leading to DoS rhel-6.8.z 0.12.1.2-2.491.el68.2 - kvm-vga-add-srvbe-register-set.patch...
ntp security update
4.2.6p5-10.el68.1 - don't allow spoofed packets to demobilize associations CVE-2015-7979, CVE-2016-1547 - don't allow spoofed packet to enable symmetric interleaved mode CVE-2016-1548 - check mode of new source in config command CVE-2016-2518 - make MAC check resilient against timing attack...
qemu-kvm security update
0.12.1.2-2.491.el68.1 - kvm-Add-vga.h-unmodified-from-Linux.patch bz1331407 - kvm-vga.h-remove-unused-stuff-and-reformat.patch bz1331407 - kvm-vga-use-constants-from-vga.h.patch bz1331407 - kvm-vga-Remove-some-should-be-done-in-BIOS-comments.patch bz1331407 -...
kernel-uek security update
kernel-uek 4.1.12-32.2.3 - rebuild bumping release 4.1.12-32.2.2 - x86/iopl/64: properly context-switch IOPL on Xen PV Andy Lutomirski Orabug: 22997978 CVE-2016-3157 - fs/hugetlbfs/inode.c: fix bugs in hugetlbvmtruncatelist Mike Kravetz Orabug: 22667863...
thunderbird security update
38.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 38.5.0-1 - Update to 38.5.0...
bind security update
30:9.3.6-25.P1.5 - Fix CVE-2015-8000 30:9.3.6-25.P1.4 - Fix CVE-2015-5722 30:9.3.6-25.P1.3 - Fix CVE-2015-5477 30:9.3.6-25.P1.2 - Remove files backup after patching Related: 1171971 30:9.3.6-25.P1.1 - Fix CVE-2014-8500 1171971...
libpng security update
2:1.5.13-7 - Security fix for CVE-2015-8126 - Changing pngptr to infoptf based on upstream - Related: 1283576 2:1.5.13-6 - Security fix for CVE-2015-8126 - Resolves: 1283576...
libpng security update
2:1.2.49-2 - Security fix for CVE-2015-7981 and CVE-2015-8126 - Resolves: 1283572...
thunderbird security update
38.4.0-1.0.1.el67 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 38.4.0-1 - Update to 38.4.0...
nss-softokn security update
3.14.3-23 - Pick up upstream freebl patch for CVE-2015-2730 - Check for P == Q or P ==-Q before adding P and Q...
nss security, bug fix, and enhancement update
3.19.1-1 - Rebase nss to 3.19.1 - Pick up upstream fix for client auth. regression caused by 3.19.1 - Revert upstream change to minimum key sizes - Remove patches that rendered obsolote by the rebase - Update existing patches on account of the rebase 3.18.0-7 - Pick up upstream patch from...