8992 matches found
keepalived security update
1.3.5-8 - Fixed patch that was incorrectly removed 1652694 1.3.5-7 - Fix buffer overflow when parsing HTTP status codes 1652694...
firefox security update
60.2.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.2.0-1 - Update to 60.2.0 ESR 60.1.0-9 - Do not set user agent rhbz1608065 - GTK dialogs are localized now rhbz1619373 - JNLP association works again rhbz1607457 60.1.0-8 - Fixed homepage and bookmarks...
libvirt security update
0.10.2-64.0.1 - Replace docs/et.png in tarball with blank image 0.10.2-64 - cpu: define the 'ssbd' CPUID feature bit CVE-2018-3639 - cpu: define the 'virt-ssbd' CPUID feature bit CVE-2018-3639 0.10.2-63 - qemu: avoid denial of service reading from QEMU monitor CVE-2018-5748 - qemu: avoid denial o...
python-paramiko security update
1.7.5-4 - Fix and enable tests %check. - Backport a change which makes tests exit with nonzero status when they fail. - Add a fix for upstream tests for CVE-2018-7750 broken in previous. 1.7.5-3 - Fix a security flaw CVE-2018-7750 in Paramiko's server mode emphasis on server mode; this does not...
kubernetes security update
1.9.1-2.1.5 - Production built 1.9.1-2.1.5 - Fix the upgrade version check - Remove w/a from Orabug 27125915 1.9.1-2.1.4.dev - Make sure worker node upgrade properly - Orabug 27649898 1.9.1-2.1.3.dev - Ensure that the runtime mounts RO volumes read-only CVE-2017-1002102 - Update Dashboard version...
quagga security update
0.99.22.4-5 - Fixed CVE-2018-5379 - Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code - Resolves: rhbz1546015...
firefox security update
52.5.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.5.1-1 - Update to 52.5.1 ESR...
groovy security update
1.8.9-8 - Fix Information disclosure vulnerability - Resolves: CVE-2016-6814...
qemu-kvm security and bug fix update
1.5.3-126.el73.5 - kvm-cirrus-fix-patterncopy-checks.patch bz1420490 - kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch bz1420490 - kvm-cirrus-add-blitisunsafe-call-to-cirrusbitbltcput.patch bz1420490 - Resolves: bz1420490 EMBARGOED CVE-2017-2620 qemu-kvm: Qemu: display: cirrus:...
firefox security update
45.6.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.6.0-1 - Update to 45.6.0 ESR...
bind97 security update
32:9.7.0-21.P2.7 - Fix CVE-2016-2776 32:9.7.0-21.P2.6 - Fix CVE-2016-1285 and CVE-2016-1286 32:9.7.0-21.P2.5 - Fix CVE-2015-8704 32:9.7.0-21.P2.4 - Fix CVE-2015-8000 32:9.7.0-21.P2.3 - Fix CVE-2015-5722 32:9.7.0-21.P2.2 - Fix CVE-2015-5477 32:9.7.0-21.P2.1 - Fix CVE-2014-8500 1171972...
krb5 security update
1.13.2-12 - Fix CVE-2015-8631, CVE-2015-8630, and CVE-2015-8629 - Remove obsolete trigger to enable building of package - Resolves: 1306969...
foomatic security update
4.0.4-5 - Also consider back tick and semicolon as illegal shell escape characters. - CVE-2015-8327, CVE-2015-8560 4.0.4-4 - Prevent foomatic-rip overrun bug 1214534...
bind97 security update
32:9.7.0-21.P2.4 - Fix CVE-2015-8000 32:9.7.0-21.P2.3 - Fix CVE-2015-5722 32:9.7.0-21.P2.2 - Fix CVE-2015-5477 32:9.7.0-21.P2.1 - Fix CVE-2014-8500 1171972...
openldap security, bug fix, and enhancement update
2.4.40-8 - NSS does not support string ordering 1231522 - implement and correct order of parsing attributes 1231522 - add multimask and multistrength to correctly handle sets of attributes 1231522 - add new cipher suites and correct AES-GCM attributes 1245279 - correct DEFAULT ciphers handling to...
chrony security, bug fix, and enhancement update
2.1.1-1 - update to 2.1.1 1117882 - add -n option to gzip command to not save timestamp 2.1-1 - update to 2.1 1117882 1169353 1206504 1209568 CVE-2015-1821 CVE-2015-1822 CVE-2015-1853 - extend chrony-helper to allow using servers from DNS SRV records 1211600 - add servers from DHCP with iburst...
firefox security update
38.4.0-1.0.1.el511 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.4.0-1 - Update to 38.4.0 ESR...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.10 - md: use kzalloc when bitmap is disabled Benjamin Randazzo Orabug: 21563043 CVE-2015-5697 - netfilter: nfconntrack: reserve two bytes for nfctext-len Andrey Vagin Orabug: 21562781 CVE-2014-9715...
bind97 security update
32:9.7.0-21.P2.2 - Fix CVE-2015-5477 32:9.7.0-21.P2.1 - Fix CVE-2014-8500 1171972...
wpa_supplicant security and enhancement update
1:0.7.3-6 - AP WMM: Fix integer underflow in WMM Action frame parser rh 1221178 rh 1226396 1:0.7.3-5 - Add domainmatch config option from upstream rh 1186806 rh 1178263 - Include peer certificate in EAP events for use by clients - Add dbus signal for information about server certification -...
sudo security, bug fix, and enhancement update
1.8.6p3-19 - RHEL-6.7 erratum - modified the authlogicfix patch to fix 1144448 - fixed a bug in the ldapusermatchfix patch Resolves: rhbz1144448 Resolves: rhbz1142122 1.8.6p3-18 - RHEL-6.7 erratum - fixed the mantypos-ldap.patch Resolves: rhbz1138267 1.8.6p3-17 - RHEL-6.7 erratum - added patch fo...
wpa_supplicant security and enhancement update
1:2.0-17 - AP WMM: Fix integer underflow in WMM Action frame parser rh 1221178 rh 1222015 1:2.0-16 - P2P: Validate SSID element length before copying it CVE-2015-1863 1:2.0-15 - Add domainmatch config option from upstream rh 1178263 - Include peer certificate in EAP events for use by clients...
docker security update
1.6.1-1.0.1 - Update source to 1.6.1 from https://github.com/docker/docker/releases/tag/v1.6.1 Symlink traversal on container respawn allows local privilege escalation CVE-2015-3629 Insecure opening of file-descriptor 1 leading to privilege escalation CVE-2015-3627 Read/write proc paths allow hos...
unzip security update
6.0-2 - Fix CVE-2014-9636 CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 Resolves: 1196132 1196120 1196124 1196128...
freetype security update
2.3.11-15.el66.1 - Fixes CVE-2014-9657 - Check minimum size of recordsize. - Fixes CVE-2014-9658 - Use correct value for minimum table length test. - Fixes CVE-2014-9675 - New macro that checks one character more than strncmp. - Fixes CVE-2014-9660 - Check BDFGLYPHBITS. - Fixes CVE-2014-9661 -...
thunderbird security update
31.4.0-1.0.1.el66 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 31.4.0-1 - Update to 31.4.0 31.3.0-3 - Fixed problems with dictionaries mozbz1097550...
libxml2 security update
2.6.26-2.1.25.0.1.el511 - Add libxml2-enterprise.patch - Replaced doc/redhat.gif in tarball with updated image 2.6.26-2.1.25.el5 - CVE-2014-3660 denial of service via recursive entity expansion rhbz1161841 2.6.26-2.1.24.el5 - fixed one regexp bug and added a rhbz922450 - Another small change on t...
libvirt security and bug fix update
1.1.1-29.0.1.el70.3 - Replace docs/et.png in tarball with blank image 1.1.1-29.el70.3 - domainconf: fix domain deadlock CVE-2014-3657 1.1.1-29.el70.2 - qemu: split out cpuset.mems setting rhbz1135871 - qemu: leave restricting cpuset.mems after initialization rhbz1135871 - qemu: blkiotune: Use...
krb5 security update
1.6.1-80.el5 - rebuild 1.6.1-79.el5 - incorporate fix for MITKRB5-SA-2014-001 CVE-2014-4345, 1132785...
bind97 security and bug fix update
32:9.7.0-21.P2 - Fix CVE-2014-0591 32:9.7.0-20.P2 - Fix init script to not unmount filesystem when ROOTDIR is empty 1059118 32:9.7.0-19.P2 - fix for CVE-2013-4854 32:9.7.0-18.P2 - fix CVE-2013-2266...
firefox security update
firefox 24.8.0-1.0.1.el70 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 24.8.0-1 - Update to 24.8.0 ESR xulrunner 24.8.0-1.0.1.el70 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNERVERSION from SOURCE21 24.8.0-...
squid security update
7:3.3.8-12 - Resolves: 1134933 - CVE-2014-3609 assertion failure in header processing...
tomcat security update
0:7.0.42-6 - Resolves: CVE-2014-0099 Fix possible overflow when parsing - long values from byte array - Resolves: CVE-2014-0096 Information discloser process XSLT - files not subject to same constraint running under - java security manager - Resolves: CVE-2014-0075 Avoid overflow in...
samba security update
4.1.1-35 - resolves: 1105504 - CVE-2014-0244: DoS in nmbd. - resolves: 1108844 - CVE-2014-3493: DoS in smbd with unicode path names. - resolves: 1105573 - CVE-2014-0178: Uninitialized memory exposure. 4.1.1-33 - related: 717484 - Add missing configure line to enable profiling data support. 4.1.1-...
mariadb security update
1:5.5.37-1 - Rebase to 5.5.37 https://kb.askmonty.org/en/mariadb-5537-changelog/ Also fixes: CVE-2014-2440 CVE-2014-0384 CVE-2014-2432 CVE-2014-2431 CVE-2014-2430 CVE-2014-2436 CVE-2014-2438 CVE-2014-2419 Resolves: 1101062...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.36.3uek - fix autofs/afs/etc. magic mountpoint breakage Al Viro Orabug: 19028505 CVE-2014-0203 - SELinux: Fix kernel BUG on empty security contexts. Stephen Smalley Orabug: 19028381 CVE-2014-1874 - floppy: don't write kernel-only members to FDRAWCMD ioctl output Matthew Dale...
gnutls security update
2.8.5-14 - fix session ID length check 1102024...
thunderbird security update
24.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.5.0-1 - Update to 24.5.0...
httpd security update
2.2.3-85.0.1.el510 - fix modssl always performing full renegotiation Joe Jin orabug 12423387 - replace index.html with Oracle's index page oracleindex.html - update vstring and distro in specfile 2.2.3-85 - modlogconfig: add security fix for CVE-2014-0098 1078176 2.2.3-84 - moddav: add security f...
firefox security update
24.2.0-1.0.1.el64 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Build with nspr-devel = 4.10.0 to fix build failure 24.2.0-1 - Update to 24.2.0 ESR 24.1.0-4 - Fixed mozbz938730 - avoid mix of memory allocators crashes when using system sqlite 24.1.0-3 - Fixed...
kernel security and bug fix update
kernel 2.6.18-371.3.1 - net be2net: don't use GRO for packets w/ re-inserted VLAN tags Ivan Vecera 1023348 1008691 - net tg3: call pcienablewake to set power state John Feeney 1014973 996331 - misc backport fixes for percpu-rw-semaphore Mikulas Patocka 1014715 867997 - xen information leak via I/...
samba4 security and bug fix update
4.0.0-58.rc4 - Fix winbind lsat reconnection code, avoids ntlmv2-only session setup problems - resolves: 949993 4.0.0-57.rc4 - resolves: 984809 - CVE-2013-4124: DoS via integer overflow when reading an EA list 4.0.0-56.rc4 - Fix libwbclient.so.0 symlink. - resolves: 882338 - Fix correct linking o...
php security update
5.3.3-23 - add security fix for CVE-2013-4113...
curl security update
7.19.7-36 - fix cookie tailmatching to prevent cross-domain leakage CVE-2013-1944...
bind97 security update
32:9.7.0-17.P2.1 - fix CVE-2013-2266...
kernel security and bug fix update
kernel 2.6.18-348.2.1 - misc tainted flags, fix buffer size Prarit Bhargava 905829 901547 - net be2net: fix unconditionally returning IRQHANDLED in INTx Ivan Vecera 884704 878316 - net be2net: fix INTx ISR for interrupt behaviour on BE2 Ivan Vecera 884704 878316 - net be2net: fix a possible...
cups security update
1:1.4.2-50:.4 - Added BrowseLDAPCACertFile and PrintcapGUI to restricted options list. 1:1.4.2-50:.3 - Fix for CVE-2012-5519 patch: handle blacklisted lines that have no value part gracefully. 1:1.4.2-50:.2 - Added documentation for new CVE-2012-5519 option. 1:1.4.2-50:.1 - Applied patch to fix...
gdb security and bug fix update
7.2-60.el6 - Fix CVE-2011-4355 gdb: arbitrary code execution via .debuggdbscripts' Jan Kratochvil, RH BZ 756116. 7.2-58.el6 - Fix Backport gdb fix to handle identical binaries via additional build-id symlinks' RH BZ 836966...
freeradius2 security and bug fix update
2.1.12-5 - resolves: bug855308 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509 certificate validation...
libxml2 security update
2.7.6-8.0.1.el63.4 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-8.el63.4 - fix out of range heap access CVE-2012-5134...