8993 matches found
rpm security update
4.14.3-14 - Be more careful about copying data from signature header 1958477 - Fixes CVE-2021-20271...
qt5-qtbase security and bug fix update
5.12.5-8 - Build against system xkb and openssl 1.1 Resolves: bz1882375 5.12.5-7 - Fix buffer overflow in XBM parser Resolves: bz1870364...
firefox security update
78.6.1-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.6.1-1 - Update to 78.6.1 build1...
cyrus-sasl security, bug fix, and enhancement update
2.1.27-5 - Reduce excessive GSSAPI plugin logging - Resolves: rhbz1274734 2.1.27-4 - Add support for setting maxssf=0 in GSS-SPNEGO - Resolves: rhbz1822133 2.1.27-3 - Backport GSSAPI Channel Bindings support - Resolves: rhbz1817054 2.1.27-2 - Backport fix for CVE-2019-19906 - Resolves: rhbz180403...
xorg-x11-server security update
1.20.4-12 - CVE fixes for: CVE-2020-14345 1872389, CVE-2020-14346 1872393, CVE-2020-14361 1872400, CVE-2020-14362 1872407 - Temporarily revert fixes from 1.20.4-11 build for delivery of CVE fixes 1.20.4-11 - Fix a crash when moving an animated cursor between screens - Be case-insentive when...
qemu-kvm security update
1.5.3-175.el79.1 - Fixing release number for z-stream...
kubernetes security update
1.12.10-1.0.13 - CVE-2020-8559: Privilege escalation from compromised node to cluster - CVE-2020-8557: Node disk DOS by writing to container /etc/hosts...
thunderbird security update
68.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.6.0-1 - Update to 68.6.0 build2...
firefox security update
68.7.0-2.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 68.7.0-2 - Update to 68.7.0 build3 68.6.1-1 - Update to 68.6.1 ESR Wed Mar 04 2020 Jan Horak - Update to 68.6.0 build1 68.5.0-3 - Added fix for rhbz1805667 - Enabled mzbz@1170092 -...
container-tools:ol8 security, bug fix, and enhancement update
...
python-reportlab security update
3.4.0-6.el810.2 - Fix Requires for doc subpackage - Resolves: 1788556 3.4.0-6.el810.1 - Do not eval strings passed to toColor - Resolves: 1788555...
firefox security update
60.4.0-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.4.0-1 - Update to 60.4.0 ESR 60.3.0-2 - Added firefox-gnome-shell-extension...
java-1.7.0-openjdk security update
1:1.7.0.181-2.6.14.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.181-2.6.14.1 - Fix invalid license 'LGPL+' should be LGPLv2+ for ECC code and add missing ones - Resolves: rhbz1559766 1:1.7.0.181-2.6.14.0 - Bump to 2.6.14 and u181b00. - Drop 8197981 Zero 32-bit patch now applied upstream. - Updat...
patch security update
2.7.1-10 - Fixed Coverity reported issues 2.7.1-9 - Fixed CVE-2018-1000156 - Malicious patch files cause ed to execute arbitrary commands...
python-paramiko security update
1.7.5-4 - Fix and enable tests %check. - Backport a change which makes tests exit with nonzero status when they fail. - Add a fix for upstream tests for CVE-2018-7750 broken in previous. 1.7.5-3 - Fix a security flaw CVE-2018-7750 in Paramiko's server mode emphasis on server mode; this does not...
slf4j security update
0:1.7.4-4 - Disallow EventData deserialization by default CVE-2018-8088...
libvirt security update
0.10.2-62.0.1.el69.1 - Replace docs/et.png in tarball with blank image 0.10.2-62.el69.1 - util: Implement virFileReadHeaderFD CVE-2017-5715 - util: add virFileReadHeaderQuiet wrapper around virFileReadHeaderFD CVE-2017-5715 - util: introduce virHostCPUGetMicrocodeVersion CVE-2017-5715 - conf:...
firefox security update
52.5.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.5.1-1 - Update to 52.5.1 ESR...
php security update
5.4.16-43 - gd: fix DoS vulnerability in gdImageCreateFromGd2Ctx CVE-2016-10167 - gd: Signed Integer Overflow gdio.c CVE-2016-10168...
postgresql security update
8.4.20-8 - backport fix for CVE-2017-7546 rhbz1484677...
groovy security update
1.8.9-8 - Fix Information disclosure vulnerability - Resolves: CVE-2016-6814...
git security update
1.8.3.1-12 - prevent command injection via malicious ssh URLs Resolves: CVE-2017-1000117...
NetworkManager and libnl3 security, bug fix and enhancement update
NetworkManager 1:1.8.0-9 - device: don't change MTU unless explicitly configured rh 1460760 - core: don't remove external IPv4 addresses rh 1459813 1:1.8.0-8 - cli: fix output of iface in overview output rh1460219 - ppp: unexport NMPPPManager instance on dispose rh1459579 - cli: remove spurious...
curl security update
7.19.7-53 - treat Negotiate authentication as connection-oriented CVE-2017-2628...
glibc security update
2.12-1.209.0.1 - Update newmode size to fix a possible corruption 2.12-1.209 - Fix AFINET6 getaddrinfo with nscd 1416496 2.12-1.208 - Update tests for struct sockaddrstorage changes 1338673 2.12-1.207 - Use FLCLOEXEC in internal calls to fopen 1012343. 2.12-1.206 - Fix CVE-2015-8779 glibc:...
spice security update
0.12.4-20 - Fix buffer overflow in mainchannelallocmsgrcvbuf when reading large messages. Resolves: CVE-2016-9577 - Fix remote DoS via crafted message. Resolves: CVE-2016-9578...
Unbreakable Enterprise kernel security and bugfix update
2.6.39-400.286.2 - HID: hiddev: validate numvalues for HIDIOCGUSAGES, HIDIOCSUSAGES commands Scott Bauer Orabug: 24798694 CVE-2016-5829 2.6.39-400.286.1 - Revert 'rds: skip rx/tx work when destroying connection' Brian Maly Orabug: 24790158 2.6.39-400.285.1 - netfilter: xtables: speed up jump targ...
qemu-kvm security update
0.12.1.2-2.491.el68.1 - kvm-Add-vga.h-unmodified-from-Linux.patch bz1331407 - kvm-vga.h-remove-unused-stuff-and-reformat.patch bz1331407 - kvm-vga-use-constants-from-vga.h.patch bz1331407 - kvm-vga-Remove-some-should-be-done-in-BIOS-comments.patch bz1331407 -...
krb5 security update
1.13.2-12 - Fix CVE-2015-8631, CVE-2015-8630, and CVE-2015-8629 - Remove obsolete trigger to enable building of package - Resolves: 1306969...
foomatic security update
4.0.4-5 - Also consider back tick and semicolon as illegal shell escape characters. - CVE-2015-8327, CVE-2015-8560 4.0.4-4 - Prevent foomatic-rip overrun bug 1214534...
samba4 security update
4.0.0-68.rc4 - resolves: 1314670 - Fix CVE-2015-7560...
libpng security update
2:1.2.49-2 - Security fix for CVE-2015-7981 and CVE-2015-8126 - Resolves: 1283572...
firefox security update
38.4.0-1.0.1.el511 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.4.0-1 - Update to 38.4.0 ESR...
firefox security update
38.3.0-2.0.1.el67 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 38.3.0-2 - Update to 38.3.0 ESR...
firefox security update
38.1.0-1.0.1.el71 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 38.1.0-1 - Update to 38.1.0 ESR 38.0.1-2 - Fixed rhbz1222807 by removing preun section...
tomcat security update
0:7.0.54-2 - Resovles: CVE-2014-0227...
unzip security update
6.0-2 - Fix CVE-2014-9636 CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 Resolves: 1196132 1196120 1196124 1196128...
firefox security update
firefox 31.2.0-3.0.1.el70 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 31.2.0-3 - Update to 31.2.0 ESR - Fix for mozbz1042889 31.1.0-7 - Enable WebM on all arches xulrunner 31.2.0-1.0.1 - Replaced xulrunner-redhat-default-prefs.js with...
openssl security update
0.9.8e-27.4 - fix CVE-2014-0221 - recursion in DTLS code leading to DoS - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3510 - fix DoS in anonymous ECDH...
openssl security update
1.0.1e-34.4 - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing serve...
389-ds-base security update
1.2.11.15-34 - Release 1.2.11.15-34 - Resolves: 1123861 EMBARGOED CVE-2014-3562 unauthenticated information disclosure rhel-6.5.z DS 616, BZ 1123477...
mariadb security update
1:5.5.37-1 - Rebase to 5.5.37 https://kb.askmonty.org/en/mariadb-5537-changelog/ Also fixes: CVE-2014-2440 CVE-2014-0384 CVE-2014-2432 CVE-2014-2431 CVE-2014-2430 CVE-2014-2436 CVE-2014-2438 CVE-2014-2419 Resolves: 1101062...
samba security update
4.1.1-35 - resolves: 1105504 - CVE-2014-0244: DoS in nmbd. - resolves: 1108844 - CVE-2014-3493: DoS in smbd with unicode path names. - resolves: 1105573 - CVE-2014-0178: Uninitialized memory exposure. 4.1.1-33 - related: 717484 - Add missing configure line to enable profiling data support. 4.1.1-...
samba and samba3x security update
3.6.9-169 - resolves: 1105499 - CVE-2014-0244: DoS in nmbd. - resolves: 1108840 - CVE-2014-3493: DoS in smbd with unicode path names...
libxml2 security update
2.7.6-14.0.1.el65.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2-2.7.6-14.el65.1 - Improve handling of xmlStopParserCVE-2013-2877 - Do not fetch external parameter entities CVE-2014-0191...
kvm security update
kvm-83-266.0.1.el510.1 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83-26610.1.el5 - KVM: x86: prevent cross page vapicaddr access CVE-2013-6368 bz1032219 - KVM: x86: Fix potential divide by 0 in lapic CVE-2013-6367 bz1032216 - Resolves:...
thunderbird security update
24.2.0-1.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Make sure build with nspr-devel = 4.10.0 24.2.0-1 - Update to 24.2.0 ESR 24.1.0-1 - Update to 24.1.0 ESR...
bind security update
32:9.8.2-0.17.rc1.0.2.el64.5 - bump release and build for ULN 32:9.8.2-0.17.rc1.5 - fix CVE-2013-4854...
curl security update
7.19.7-36 - fix cookie tailmatching to prevent cross-domain leakage CVE-2013-1944...
Unbreakable Enterprise kernel security update
2.6.32-300.39.4 - exec: do not leave bprm-interp on stack Kees Cook Orabug: 16286741 CVE-2012-4530 - exec: use -ELOOP for max recursion depth Kees Cook Orabug: 16286741 CVE-2012-4530 2.6.32-300.39.3 - Xen: Fix stack corruption in xenfailsafecallback for 32bit PVOPS guests. Frediano Ziglio Orabug:...