9177 matches found
nss security, bug fix, and enhancement update
3.19.1-1 - Rebase nss to 3.19.1 - Pick up upstream fix for client auth. regression caused by 3.19.1 - Revert upstream change to minimum key sizes - Remove patches that rendered obsolote by the rebase - Update existing patches on account of the rebase 3.18.0-7 - Pick up upstream patch from...
firefox security update
38.1.0-1.0.1.el71 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 38.1.0-1 - Update to 38.1.0 ESR 38.0.1-2 - Fixed rhbz1222807 by removing preun section...
xen security update
3.0.3-146.el5 - xen-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch - xen-FDC-Fix-buffer-overflow-Herv-Poussineau.patch - Resolves: bz1219333 xen: qemu: floppy disk controller flaw rhel-5.11.z 3.0.3-144.el5 - xm: Fix vcpu-pin complain for CPU number out of range rhbz 955656 - libxc:...
hivex security, bug fix, and enhancement update
1.3.10-5.7 - Fix: 'Argument list too long' when using virt-v2v on Windows guest with French copy of Citrix installed related: rhbz1145056 1.3.10-5.6 - Fix: typo in man page resolves: rhbz1099286 1.3.10-5.4 - Fix: hivex missing checks for small/truncated files resolves: rhbz1158992 1.3.10-5.3 - Fi...
glibc security and bug fix update
2.12-1.149.4 - Fix recursive dlopen 1173469. 2.12-1.149.3 - Fix typo in ressend and resquery rh1172023. 2.12-1.149.2 - Fix crashes on invalid input in IBM gconv modules CVE-2014-6040, 1139571. 2.12-1.149.1 - Fix wordexp to honour WRDENOCMD CVE-2014-7817, 1170121...
mariadb security update
1:5.5.40-1 - Rebase to 5.5.40 Also fixes: CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6484 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559 CVE-2014-6564 Resolves: 1160548 1:5.5.37-1 - Rebase to 5.5.37...
thunderbird security update
31.2.0-3.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 31.2.0-3 - Enabled jemalloc on ppc64 and s390x 31.2.0-2 - Update to 31.2.0 31.1.1-2 - Sync preferences with Firefox 31.1.1-1 - Update to 31.1.1 31.1.0-1 - Update to 31.1.0 31.0-1 - Rebase to ...
unbreakable enterprise kernel security update
2.6.39-400.215.7 - sctp: Fix skackbacklog wrap-around problem Xufeng Zhang Orabug: 19404245 CVE-2014-4667...
samba4 security update
4.0.0-61.rc4 - resolves: 1073913 - Fix CVE-2012-6150. - resolves: 1073913 - Fix CVE-2013-4496. - resolves: 1073913 - Fix CVE-2013-6442...
augeas security update
1.0.0-5.1 - Fix CVE-2013-6412, incorrect permissions under strict umask RHBZ1036079...
unbreakable enterprise kernel security update
2.6.39-400.211.3 - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951806 CVE-2013-4470 - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951818 CVE-2013-4470 - KVM: x86: Fix potential divide by 0 in lapic CVE-2013-6367 Andy Honig Orabu...
kernel security and bug fix update
kernel 2.6.18-371.3.1 - net be2net: don't use GRO for packets w/ re-inserted VLAN tags Ivan Vecera 1023348 1008691 - net tg3: call pcienablewake to set power state John Feeney 1014973 996331 - misc backport fixes for percpu-rw-semaphore Mikulas Patocka 1014715 867997 - xen information leak via I/...
ruby security update
1.8.7.352-13 - Workaround build issues against OpenSSL with enabled ECC curves. - Make DRb compatible with OpenSSL 1.0.1. ruby-1.9.3-p222-generate-1024-bits-RSA-key-instead-of-512-bits.patch - Fix CVE-2013-4164 Heap Overflow in Floating Point Parsing...
python security, bug fix, and enhancement update
2.6.6-51 - Fixed memory leak in ssl.getpeeraltnames Resolves: rhbz1002983 2.6.6-50 - Added fix for CVE-2013-4238 Resolves: rhbz998784 2.6.6-49 - Fix shebangs in several files in python-tools subpackage Resolves: rhbz521898 2.6.6-48 - Fix sqlite3.Cursor.lastrowid under a Turkish locale. Resolves:...
libgcrypt security update
1.4.5-11 - fix CVE-2013-4242 GnuPG/libgcrypt susceptible to cache side-channel attack 1.4.5-10 - Add GCRYCTLSETENFORCEDFIPSFLAG command...
sudo security and bug fix update
1.7.2p1-28 - backported fixes for CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-2777 Resolves: rhbz968221 1.7.2p1-27 - visudo: fixed incorrect warning and parse error regarding undefined aliases which were in fact defined Resolves: rhbz849679 Resolves: rhbz905624 1.7.2p1-26 - updated sudoers...
1
kernel 2.6.18-348.6.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
kernel security and bug fix update
kernel 2.6.18-348.2.1 - misc tainted flags, fix buffer size Prarit Bhargava 905829 901547 - net be2net: fix unconditionally returning IRQHANDLED in INTx Ivan Vecera 884704 878316 - net be2net: fix INTx ISR for interrupt behaviour on BE2 Ivan Vecera 884704 878316 - net be2net: fix a possible...
gdb security and bug fix update
7.2-60.el6 - Fix CVE-2011-4355 gdb: arbitrary code execution via .debuggdbscripts' Jan Kratochvil, RH BZ 756116. 7.2-58.el6 - Fix Backport gdb fix to handle identical binaries via additional build-id symlinks' RH BZ 836966...
java-1.7.0-openjdk security update
1.7.0.9-2.3.7.1.0.2.el63 - Increase release number and rebuild. 1.7.0.9-2.3.7.1.0.1.el63 - Update DISTRONAME in specfile 1.7.0.9-2.3.7.1.el63 - Updated main source tarball - Resolves: rhbz911529 1.7.0.9-2.3.7.0.el63 - Removed patch1000 sec-2013-02-01-8005615.patch - Removed patch1001...
xen security update
3.0.3-142.el59.1 - libxc: move error checking next to the function which returned the error rhbz 876997 - libxc: builder: limit maximum size of kernel/ramdisk rhbz 876997...
Unbreakable Enterprise kernel security update
2.6.32-300.39.4 - exec: do not leave bprm-interp on stack Kees Cook Orabug: 16286741 CVE-2012-4530 - exec: use -ELOOP for max recursion depth Kees Cook Orabug: 16286741 CVE-2012-4530 2.6.32-300.39.3 - Xen: Fix stack corruption in xenfailsafecallback for 32bit PVOPS guests. Frediano Ziglio Orabug:...
nss, nss-util, and nspr security, bug fix, and enhancement update
nspr 4.9.2-0.1 - Retagging to ensure n-v-r is lower than the one for rhel-6.4 - Resolves: rhbz891661 - RFE Rebase nspr to 4.9.2 due to Firefox 17 ESR 4.9.2-1 - Resolves: rhbz891661 - RFE Rebase nspr to 4.9.2 due to Firefox 17 ESR nss 3.13.6-2.0.1.el63 - Added nss-vendor.patch to change vendor...
1
2.6.18-308.20.1.0.1.el5 - kernel Initialize the local uninitialized variable stats. orabug 14051367 - fs JBD:make jbd support 512B blocks correctly for ocfs2. orabug 13477763 - x86 fix fpu context corrupt when preempt in signal context orabug 14038272 - net bonding: fix carrier detect when bond i...
java-1.6.0-openjdk security update
1:1.6.0.0-1.50.1.11.5 - Changed permissions of sa-jdi.jar to correct 644 - Resolves: rhbz865045 1:1.6.0.0-1.49.1.11.5 - Updated to IcedTea6 1.11.5 - Resolves rhbzs 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 86551...
xulrunner security update
10.0.8-2.0.1.el63 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 10.0.8-2 - Added patches from 10.0.9 ESR...
glibc security update
2.12-1.80.el63.5 - Fix integer overflow leading to buffer overflow in strto and related out of bounds array index 847931...
gimp security update
2:2.2.13-2.0.7.el58.5 - fix overflow in GIF loader CVE-2012-3481 2:2.2.13-2.0.7.el58.4 - fix overflows in PSD plugin CVE-2009-3909, CVE-2012-3402 - fix heap corruption and overflow in GIF plug-in CVE-2011-2896 - fix overflow in CEL plug-in CVE-2012-3403...
nss and nspr security, bug fix, and enhancement update
nspr 4.9.1-4 - Resolves: rhbz834219 - Fix postinstall scriptlet failures - Fix %post and %postun lines per packaging guidelines - Updated License: to MPLv2.0 per upstream 4.9.1-3 - Resolves: rhbz834219 - Ensure nspr-config.in changes get applied 4.9.1-2 - Resolves: rhbz834219 - restore top sectio...
389-ds-base security update
1.2.10.2-18 - Resolves: Bug 830001 - unhasheduserpassword visible after changing password -- patch 0020 disallows users' direct modify on unhasheduserpassword 1.2.10.2-17 - Resolves: Bug 830001 - unhasheduserpassword visible after changing password -- patch 0019 fixes deref issue. 1.2.10.2-16 -...
expat security update
2.0.1-11 - use symbol version for XMLSetHashSalt CVE-2012-0876, 816306 2.0.1-10 - add security fix for CVE-2012-1148 811825 - add security fix for CVE-2012-0876 811833...
ImageMagick security update
6.5.4.7-6 - Add fix for CVE-2010-4167 - Add fix for CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 - Add fix for CVE-2012-0259 CVE-2012-0260 CVE-2012-1798...
samba3x security update
3.5.10-0.108 - Security Release, fixes CVE-2012-1182 - resolves: 804650...
ruby security update
1.8.7.352-4 - Address CVE-2011-4815 'DoS excessive CPU use via hash meet-in-the-middle attacks oCERT-2011-003' ruby-1.8.7-p352-CVE-2011-4815.patch - Resolves: rhbz768831...
libxml2 security update
2.7.6-4.0.1.el62.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-4.el62.1 - Make sure the parser returns when getting a Stop order CVE-2011-3905 - Fix an allocation error when copying entities CVE-2011-3919 - Resolves: rhbz771913...
freetype security update
2.3.11-6.el61.8 - Add freetype-2.3.11-CVE-2011-3439.patch Various loading fixes. - Resolves: 754011...
xorg-x11-server security update
1.7.7-29.2 - cve-2011-4818.patch: Multiple input sanitization flaws in GLX and Render...
seamonkey security update
1.0.9-72.0.1.el4 - Add mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and remove corresponding RedHat ones 1.0.9-72.el4 - Added fixes from 1.9.2.20...
firefox security update
firefox: 3.6.20-2.0.1.el61 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 3.6.20-2 - Update to 3.6.20 xulrunner: 1.9.2.20-2.0.1.el61 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 1.9.2.20-2 - Update to 1.9.2.20...
ruby security update
1.8.5-19.el56.1 - Address CVE-2011-1004 'Symlink race condition by removing directory trees in fileutils module' ruby-1.8.7-CVE-2011-1004.patch - Address CVE-2011-1005 'Untrusted codes able to modify arbitrary strings' ruby-1.8.7-CVE-2011-1005.patch - Address CVE-2011-0188 'memory corruption in...
openssl security, bug fix, and enhancement update
1.0.0-10 - fix OCSP stapling vulnerability - CVE-2011-0014 676063 - correct the README.FIPS document 1.0.0-8 - add -x931 parameter to openssl genrsa command to use the ANSI X9.31 key generation method - use FIPS-186-3 method for DSA parameter generation - add OPENSSLFIPSNONAPPROVEDMD5ALLOW...
python security update
2.4.3-44 - add patch adapted from upstream patch 208 to add support for building against system expat; add --with-system-expat to configure invocation; remove embedded copy of expat-1.95.8 from the source tree during prep - ensure pyexpat.so gets built by explicitly listing all C modules in the...
cups security update
1.3.7-18:.8 - Applied patch to fix cupsd memory corruption vulnerability CVE-2010-2941, STR 3648, bug 624438. - Fix latent privilege escalation vulnerability CVE-2010-2431, STR 3510, bug 605397...
samba3x security update
3.3.8-0.52.2 - Security Release, fixes CVE-2010-3069 - resolves: 632231...
kvm security and bug fix update
kvm-83-164.0.1.el55.21 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83-164.el55.21 - kvm-Fix-segfault-in-mmio-subpage-handling-code.patch bz619412 - Resolves: bz619412 CVE-2010-2784 qemu: insufficient constraints checking in...
avahi security update
0.6.16-9.el5 - Related: 609318 - Fixes CVE-2010-2244 0.6.16-8.el5 - Related: 609318 - Fixes CVE-2010-2244...
samba and samba3x security update
samba: 3.0.33-3.29.el5 - Security Release, fixes CVE-2010-2063 - resolves: 602320 samba3x: 3.3.8-0.52 - Security Release, fixes CVE-2010-2063 - resolves: 602322...
kernel security update
2.6.9-89.0.19.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race...
kernel security update
2.6.9-89.0.16.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race...
poppler security and bug fix update
0.5.4-4.4.el54.11 - Fixes various flaws addressed in bugs 526637, 526893 and 526915 which were tracked in 527403. - Resolves: 527403 0.5.4-4.4.el54.10 - Add poppler-0.5.4-JBIG2-segment-reading.patch to fix reading of arithmetically encoded JBIG2 images with unknown length. - Resolves: 528147...