9177 matches found
firefox security update
78.9.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.9.0-1 - Update to 78.9.0 build1...
firefox security update
78.6.1-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.6.1-1 - Update to 78.6.1 build1...
thunderbird security update
78.5.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.5.1-1 - Update to 78.5.1 build1...
kernel security, bug fix, and enhancement update
4.18.0-240.OL8 - Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 =...
thunderbird security update
78.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.4.0-1 - Update to 78.4.0 build1 - Disabled telemetry...
xorg-x11-server security update
1.20.4-12 - CVE fixes for: CVE-2020-14345 1872389, CVE-2020-14346 1872393, CVE-2020-14361 1872400, CVE-2020-14362 1872407 - Temporarily revert fixes from 1.20.4-11 build for delivery of CVE fixes 1.20.4-11 - Fix a crash when moving an animated cursor between screens - Be case-insentive when...
qemu-kvm security update
1.5.3-175.el79.1 - Fixing release number for z-stream...
thunderbird security update
68.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.12.0-1 - Update to 68.12.0 build1...
kubernetes security update
1.12.10-1.0.13 - CVE-2020-8559: Privilege escalation from compromised node to cluster - CVE-2020-8557: Node disk DOS by writing to container /etc/hosts...
firefox security update
68.7.0-2.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 68.7.0-2 - Update to 68.7.0 build3 68.6.1-1 - Update to 68.6.1 ESR Wed Mar 04 2020 Jan Horak - Update to 68.6.0 build1 68.5.0-3 - Added fix for rhbz1805667 - Enabled mzbz@1170092 -...
pcs security update
0.10.4-6.0.1.el82.1 - Replace HAM-logo.png with a generic one 0.10.4-6.el82.1 - Fixed running pcs status on remote nodes - Fixed ruby daemon closing connection after 30s - Fixed inability to create colocation constraint in webUI - Updated bundled rubygem-json - Resolves: rhbz1832914 rhbz1838084...
unbound security update
1.7.3-11 - Fix amplifying an incoming query into a large number of queries directed to a target - Resolves: rhbz1839177 CVE-2020-12662, rhbz1840262 CVE-2020-12663...
container-tools:2.0 security update
buildah 1.11.6-7.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-7 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: 1819393 conmon 2:2.0.6-1.0.1 - Remove upstream references Orabug: 30871880...
Unbreakable Enterprise kernel security update
2.6.39-400.321.1 - net: qlogic: Fix memory leak in qlalloclargebuffers Navid Emamdoost Orabug: 31055329 CVE-2019-18806...
grub2 security update
2.02-78.0.3.el81.1 - honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS Orabug: 30643497 - set EFIDIR as redhat for additional grub2 tools Orabug: 29875597 - Update upstream references Orabug: 26388226 - Copy symvers.gz to /boot during kernel install Orabug: 29773086 - Insert Unbreakable...
openslp security update
2.0.0-4 - Fix a heap-based buffer overflow vulnerability leading to remote code execution, CVE-2019-5544 Resolves: 1788447...
curl security and bug fix update
7.61.1-11 - rebuild with updated annobin to prevent Execshield RPMDiff check from failing 7.61.1-10 - fix SMTP end-of-response out-of-bounds read CVE-2019-3823 - fix NTLMv2 type-3 header stack buffer overflow CVE-2019-3822 - fix NTLM type-2 out-of-bounds buffer read CVE-2018-16890 - xattr: strip...
libguestfs-winsupport security update
7.2-3 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root privilege escalation resolves: rhbz1698502...
yum-utils security update
1.1.30-42.0.1 - add dependency btrfs-progs for yum-plugin-fs-snapshot [email protected] bug 16285176 - use unified btrfs binary instead of btrfsctl [email protected] bug 16285176 -1.1.30-42 - reposync: prevent path traversal. - Resolves: bug1600619...
dhcp security update
12:4.1.1-53.P1.0.1.4 - Added oracle-errwarn-message.patch 12:4.1.1-53.P1.el69.4 - Resolves: 1570897 - Fix comamnd execution in NM script CVE-2018-1111...
python-paramiko security update
1.7.5-4 - Fix and enable tests %check. - Backport a change which makes tests exit with nonzero status when they fail. - Add a fix for upstream tests for CVE-2018-7750 broken in previous. 1.7.5-3 - Fix a security flaw CVE-2018-7750 in Paramiko's server mode emphasis on server mode; this does not...
slf4j security update
0:1.7.4-4 - Disallow EventData deserialization by default CVE-2018-8088...
firefox security update
52.5.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.5.1-1 - Update to 52.5.1 ESR...
postgresql security update
8.4.20-8 - backport fix for CVE-2017-7546 rhbz1484677...
kernel security update
2.6.32-696.10.3.OL6 - Update genkey bug 25599697 2.6.32-696.10.3 - fs binfmtelf.c:loadelfbinary: return -EINVAL on zero-length mappings Petr Matousek 1492959 1492961 CVE-2017-1000253 - fs binfmtelf.c: fix bug in loading of PIE binaries Petr Matousek 1492959 1492961 CVE-2017-1000253...
mercurial security update
2.6.2-8 - Fix CVE-2017-1000115 and CVE-2017-1000116...
firefox security update
52.3.0-3.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.3.0-3 - Fix for rhbz1470294 - bundling newer libffi for ppc platforms 52.3.0-2 - Update to 52.3.0 ESR b2...
kernel security and bug fix update
3.10.0-514.26.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.26.1 - mm enlarge stack guard gap Larry Woodman 1452732 1452733...
glibc security update
2.12-1.209.0.1 - Update newmode size to fix a possible corruption 2.12-1.209 - Fix AFINET6 getaddrinfo with nscd 1416496 2.12-1.208 - Update tests for struct sockaddrstorage changes 1338673 2.12-1.207 - Use FLCLOEXEC in internal calls to fopen 1012343. 2.12-1.206 - Fix CVE-2015-8779 glibc:...
tigervnc security and bug fix update
1.1.0-24 - Proper global init/deinit of GnuTLS Resolves: bz1418946 1.1.0-23 - Fix buffer overflow in FullFramePixelBuffer::fillRect Resolves: bz1416289 1.1.0-22 - Fix buffer overflow in FullFramePixelBuffer::fillRect Resolves: bz1416289 1.1.0-21 - Enable DRI2 and DRI3 Resolves: bz1323065 1.1.0-20...
spice security update
0.12.4-20 - Fix buffer overflow in mainchannelallocmsgrcvbuf when reading large messages. Resolves: CVE-2016-9577 - Fix remote DoS via crafted message. Resolves: CVE-2016-9578...
ipa security update
4.4.0-14.0.1.el73.1.1 - Blank out header-logo.png product-name.png Replace login-screen-logo.png 20362818 4.4.0-14.1.1 - Resolves: 1370493 CVE-2016-7030 ipa: DoS attack against kerberized services by abusing password policy - ipa-kdb: search for password policies globally - Renamed patches 1011 a...
expat security update
2.0.1-13 - updated security fix for CVE-2016-0718 2.0.1-12 - add security fix for CVE-2016-0718...
wget security and bug fix update
1.14-13 - Fix CVE-2016-4971 1345778 - Added support for non-ASCII URLs Related: CVE-2016-4971 1.14-12 - Fix wget to include Host header on CONNECT as required by HTTP 1.1 1203384 - Run internal test suite during build 1295846 - Fix -nv being documented as synonym for two options 1147572 1.14-11 -...
curl security, bug fix, and enhancement update
7.29.0-35 - fix incorrect use of a previously loaded certificate from file related to CVE-2016-5420 7.29.0-34 - acknowledge the --no-sessionid/CURLOPTSSLSESSIONIDCACHE option required by the fix for CVE-2016-5419 7.29.0-33 - fix re-using connections with wrong client cert CVE-2016-5420 - fix TLS...
qemu-kvm security update
0.12.1.2-2.491.el68.1 - kvm-Add-vga.h-unmodified-from-Linux.patch bz1331407 - kvm-vga.h-remove-unused-stuff-and-reformat.patch bz1331407 - kvm-vga-use-constants-from-vga.h.patch bz1331407 - kvm-vga-Remove-some-should-be-done-in-BIOS-comments.patch bz1331407 -...
krb5 security update
1.13.2-12 - Fix CVE-2015-8631, CVE-2015-8630, and CVE-2015-8629 - Remove obsolete trigger to enable building of package - Resolves: 1306969...
samba4 security update
4.0.0-68.rc4 - resolves: 1314670 - Fix CVE-2015-7560...
bind security update
30:9.3.6-25.P1.5 - Fix CVE-2015-8000 30:9.3.6-25.P1.4 - Fix CVE-2015-5722 30:9.3.6-25.P1.3 - Fix CVE-2015-5477 30:9.3.6-25.P1.2 - Remove files backup after patching Related: 1171971 30:9.3.6-25.P1.1 - Fix CVE-2014-8500 1171971...
libpng security update
2:1.5.13-7 - Security fix for CVE-2015-8126 - Changing pngptr to infoptf based on upstream - Related: 1283576 2:1.5.13-6 - Security fix for CVE-2015-8126 - Resolves: 1283576...
libpng security update
2:1.2.49-2 - Security fix for CVE-2015-7981 and CVE-2015-8126 - Resolves: 1283572...
firefox security update
38.4.0-1.0.1.el511 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.4.0-1 - Update to 38.4.0 ESR...
libwmf security update
0.2.8.4-25 - Resolves: rhbz1227428 - CVE-2015-0848 CVE-2015-4588 CVE-2015-4695 CVE-2015-4696 0.2.8.4-24 - Resolves: rhbz1227429 CVE-2015-0848 libwmf: heap overflow when decoding BMP images...
firefox security update
38.3.0-2.0.1.el67 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 38.3.0-2 - Update to 38.3.0 ESR...
nss security, bug fix, and enhancement update
3.19.1-1 - Rebase nss to 3.19.1 - Pick up upstream fix for client auth. regression caused by 3.19.1 - Revert upstream change to minimum key sizes - Remove patches that rendered obsolote by the rebase - Update existing patches on account of the rebase 3.18.0-7 - Pick up upstream patch from...
Unbreakable Enterprise kernel security update
2.6.39-400.250.11 - udp: fix behavior of wrong checksums Eric Dumazet Orabug: 21628851 CVE-2015-5364 CVE-2015-5366...
firefox security update
38.1.0-1.0.1.el71 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 38.1.0-1 - Update to 38.1.0 ESR 38.0.1-2 - Fixed rhbz1222807 by removing preun section...
kvm security update
kvm-83-273.0.1.el5 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83.273.el5 - kvm-pcnet-Properly-handle-TX-requests-during-Link-Fail.patch bz1225896 - kvm-pcnet-fix-Negative-array-index-read.patch bz1225896 -...
wpa_supplicant security and enhancement update
1:2.0-17 - AP WMM: Fix integer underflow in WMM Action frame parser rh 1221178 rh 1222015 1:2.0-16 - P2P: Validate SSID element length before copying it CVE-2015-1863 1:2.0-15 - Add domainmatch config option from upstream rh 1178263 - Include peer certificate in EAP events for use by clients...
docker security update
1.6.1-1.0.1 - Update source to 1.6.1 from https://github.com/docker/docker/releases/tag/v1.6.1 Symlink traversal on container respawn allows local privilege escalation CVE-2015-3629 Insecure opening of file-descriptor 1 leading to privilege escalation CVE-2015-3627 Read/write proc paths allow hos...