9173 matches found
bind security update
32:9.7.3-2.3.P3 - fix DOS against recursive servers 754398 32:9.7.3-2.2.P3 - update to 9.7.3-P3 CVE-2011-2464 32:9.7.3-2.1.P1 - update to 9.7.3-P1 CVE-2011-1910...
firefox security update
firefox: 3.6.24-3.0.1.el61 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 3.6.24-3 - Update to 3.6.24 xulrunner: 1.9.2.24-2.0.1.el61.1 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 1.9.2.24-2 - Update to 1.9.2.24...
thunderbird security update
3.1.11-1.0.1.el61 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball 3.1.11-2 - Update to 3.1.11...
perl security and bug fix update
5.10.1-119 - 692862 - lc launders tainted flag, CVE-2011-1487 - make SOURCE1 executable, because it missed +x in brew - Resolves: rhbz692862 5.10.1-118 - Correct perl-5.10.1-rt77352.patch - Related: rhbz640720 5.10.1-117 - 671352 CGI-3.51 security update - Resolves: rhbz671352 5.10.1-116 - requir...
kdelibs security update
6:4.3.4-11.2 - rebase the fix for CVE-2011-1094 6:4.3.4-11.1 - fixes CVE-2011-1094, CVE-2011-1168...
glibc security update
2.12-1.7.el60.5 - Avoid too much stack use in fnmatch 681054, CVE-2011-1071 - Properly quote output of locale 625893, CVE-2011-1095 - Don't leave empty element in rpath when skipping the first element, ignore rpath elements containing non-isolated use of when privileged 667974, CVE-2011-0536...
subversion security update
1.6.11-2.3 - add security fix for CVE-2011-0715 681173...
gcc security and bug fix update
4.1.2-50.el5 - fix up fastjar directory traversal bugs CVE-2010-0831 4.1.2-49.el5 - fix ICE in setuidsinptset 605803 - fix ICE in makertlfornonlocaldecl 582682, 508735, 503565, PR c++/33094 - dont build gcjwebplugin 596097 - fix IPP handling in libgcj 578382 - document -print-multi-os-directory...
quagga security update
0.98.6-5.el55.2 - Resolves: 638627 - CVE-2007-4826 CVE-2010-2948 quagga: various flaws...
kdegraphics security update
3.3.1-18.1 - Resolves: 639833 CVE-2010-3702, uninitialized Gfx::parser pointer dereference CVE-2010-3704, array indexing error in FoFiType1::parse...
freetype security update
2.2.1-25 - Add freetype-2.2.1-axis-name-overflow.patch Avoid overflow when dealing with names of axes - Resolves: 614012 2.2.1-24 - Modify freetype-2.2.1-CVE-2010-2519.patch additional fix If the type of the POST fragment is 0, the segment is completely ignored - Resolves: 614012 2.2.1-23 - Add...
httpd security and enhancement update
2.2.3-31.0.1.el54.4 - Replace index.html with Oracle's index page oracleindex.html - Update vstring and distro in specfile 2.2.3-31.4 - require and BR a version of OpenSSL with the secure reneg API 567980 2.2.3-31.3 - modssl: add SSLInsecureRenegotiation 567980 - add security fixes for...
openssl security update
0.9.7a-43.17.5 - do not disable SSLv2 in the renegotiation patch - SSLv2 does not support renegotiation - allow unsafe renegotiation on clients with SSLOPLEGACYSERVERCONNECT 0.9.7a-43.17.4 - mention the RFC5746 in the renegotiation fix doc 0.9.7a-43.17.3 - CVE-2009-3555 - support the secure...
tar security update
1.13.25-16.RHEL3 - CVE-2010-0624 - fix heap-based buffer overflow by expanding a specially-crafted archive...
cpio security update
2.5-6 - CVE-2010-0624 fix heap-based buffer overflow by expanding a specially-crafted archive 2.5-5.RHEL3 - fix buffer overflow on 64-bit systems 229191...
PyXML security update
0.8.4-4.2 - Use system expat library Resolves: 531852 0.8.4-4.1 - Fix buffer over read Resolves: 531852...
squirrelmail security update
1.4.8-5.0.1.el54.10 - Remove Redhat splash screen images 1.4.8-5.10 - fix: CVE-2009-2964 : CSRF issues in all forms - extend to all forms 1.4.8-5.9 - fix: CVE-2009-2964 : CSRF issues in all forms - add missing parts 1.4.8-5.8 - fix: CVE-2009-2964 : CSRF issues in all forms...
firefox security update
firefox: 3.0.14-1.0.1.el54 - Update firstrun and homepage URLs in specfile - Added patch oracle-firefox-branding.patch - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones 3.0.14-1 - Update to 3.0.14 3.0.13-1 - Update to 3.0.13...
udev security update
095-14.20 - fix for CVE-2009-1185 bug 495051 - Resolves: rhbz495055...
bind security update
9.3.4-6.0.3.P1 - check DSAdoverify return value correctly...
kernel security and bug fix update
2.6.9-78.0.8.0.1.EL - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with...
seamonkey security update
1.0.9-16.3.0.1.el46 - Added mozilla-oracle-default-prefs.js, mozilla-oracle-default-bookmarks.html, and mozilla-home-page.patch 1.0.9-16.3.el4 - Ensure the correct headers are exported 1.0.9-16.2.el4 - Respun for mozilla bugs 439035,439735,440308 1.0.9-16.1.el4 - Update patchset to fix regression...
xorg-x11-server security update
1.1.1-48.41.0.1.el52.1 - Added Enterprise Linux detection 1.1.1-48.41.1 - cve-2008-1377.patch: Record and Security Extension Input validation - cve-2008-1379.patch: MIT-SHM extension Input Validation flaw - cve-2008-2360.patch: Render AllocateGlyph extension Integer overflows - cve-2008-2361.patc...
gnutls security update
1.4.1-3 - fix three security issues in gnutls handshake - GNUTLS-SA-2008-1 447461, 447462, 447463...
Important: tetex security update
2.0.2-22.0.1.EL4.8 - backport upstream fix for xpdf integer overflow CVE-2007-3387 248207 Resolves: 248207...
Important: XFree86 security update
4.3.0-115.EL.0.2 - Change Patch - needs to be -p0 not -p1 4.3.0-115.EL.0.1 - Add oracle detection to Imake. 4.3.0-115.EL - Add xorg-x11-6.8.2-sorted-xkbcomp-dirs.patch to fix rpmdiff multilib failure. 4.3.0-114.EL - Add xorg-x11-server-CVE-2006-6101.patch 218870 4.3.0-113.EL - Fix for CID font...
Unbreakable Enterprise kernel security update
5.4.17-2136.349.3.1 - i40e: add validation for ringlen param Lukasz Czapnik Orabug: 38604171 CVE-2025-39973 - i40e: increase max descriptors for XL710 Justin Bronder Orabug: 38604171 CVE-2025-39973 5.4.17-2136.349.3 - Revert 'net/mlx5e: Update and set Xon/Xoff upon MTU set' Jakub Kicinski Orabug:...
Unbreakable Enterprise kernel security update
5.15.0-300.163.18.7 - Revert 'net/mlx5: disable the 'fast unload' feature on Exadata systems' Qing Huang Orabug: 37285705 - Revert 'net/mlx5: pretend 'fast unload' succeeded on Exadata systems' Qing Huang Orabug: 37285705 5.15.0-300.163.18.6 - x86/fpu: Keep xfdstate in sync with MSRIA32XFD Adamos...
kernel security update
5.14.0-427.40.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
java-21-openjdk security update
1:21.0.4.0.7-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.4.0.7-1 - Update to jdk-21.0.4+7 GA - Update release notes to 21.0.4+7 - Switch to GA mode. - Sync the copy of the portable specfile with the latest update - Add missing section headers in NEWS - This tarball is embargoed unti...
idm:DL1 and idm:client security update
bind-dyndb-ldap custodia ipa 4.9.13-9.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 9.4.13-9 - dcerpc: invalidate forest trust intfo cache when filtering out realm domains Resolves: RHEL-28559 - Backport latests test fixes in python3-tests ipatests: add xfail for...
xorg-x11-server-Xwayland security update
21.1.3-15 Fix for CVE-2023-6816, CVE-2024-0229, CVE-2024-21885, CVE-2024-21886, CVE-2024-0408, CVE-2024-0409 21.1.3-14 - Fix for CVE-2023-6377, CVE-2023-6478 21.1.3-13 - Fix for CVE-2023-5367...
nodejs:18 security update
nodejs 1:18.20.2-2 - Removes .ps1 files - Rebase to 18.20.2 - Fixes: CVE-2024-27983, CVE-2024-28182, CVE-2024-27982, CVE-2024-25629 nodejs-nodemon nodejs-packaging...
perl security update
4:5.32.1-481 - Fixes: CVE-2023-47038...
traceroute security update
3:2.1.0-18 - add gating.yaml 3:2.1.0-17 - fix improper command line parsing CVE-2023-46316...
tigervnc security update
1.13.1-8 - Fix copy/paste error in the DeviceStateNotify Resolves: RHEL-20533 1.13.1-7 - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20389 - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent...
edk2 security update
20220126gitbb1bba3d77-6.el89.6 - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch RHEL-21840 RHEL-21842 - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Un.patch RHEL-21840 RHEL-21842 - Resolves: RHEL-21842 CVE-2023-45230 edk2: Buffer overflow in the DHCPv6 client via a lon...
tigervnc security update
1.8.0-31.0.1 - Dropped xorg-CVE-2023-5367.patch, xorg-CVE-2023-6816.patch, xorg-CVE-2023-6377.patch, xorg-CVE-2023-6478.patch, xorg-CVE-2024-0229-1.patch, xorg-CVE-2024-0229-2.patch, xorg-CVE-2024-0229-3.patch, xorg-CVE-2024-21885.patch, xorg-CVE-2024-21886-1.patch, xorg-CVE-2024-21886-2.patch,...
grub2 security update
2.06-70.0.2.2 - search command: add flag to only search root dev - Resolves: CVE-2023-4001...
squid:4 security update
libecap squid 7:4.15-7.5 - Fix squid: Denial of Service in SSL Certificate validation CVE-2023-46724 - Fix squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728 - Fix squid: Buffer over-read in the HTTP Message processing feature CVE-2023-49285 - Fix squid: Incorrect Check of...
avahi security update
0.7-21.1 - Fix CVE-2021-3468 1939614 - Fix CVE-2023-38469 2191687 - Fix CVE-2023-38470 2191694 - Fix CVE-2023-38471 2191690 - Fix CVE-2023-38472 2191692 - Fix CVE-2023-38473 2191691...
squid:4 security update
libecap squid 7:4.15-7.1 - Resolves: RHEL-14801 - squid: squid: Denial of Service in HTTP Digest Authentication - Resolves: RHEL-14776 - squid: squid: Request/Response smuggling in HTTP/1.1 and ICAP...
emacs security update
1:26.1-11 - Bump version...
qt5 security and bug fix update
adwaita-qt 1.4.2-1 - 1.4.2 Resolves: bz2175754 python-pyqt5-sip 12.11.1-1 - 12.11.1 Resolves: bz2188589 python-qt5 5.15.9-1 - 5.15.9 Resolves: bz2175758 qgnomeplatform 0.9.0-1 - 0.9.0 Resolves: bz2175753 qt5 5.15.9-1 - 5.15.9 Resolves: bz2175724 qt5-doc 5.15.9-1 - 5.15.9 Resolves: bz2175726...
buildah security update
1.31.3-1.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 1:1.31.3-1 - update to https://github.com/containers/buildah/releases/tag/v1.31.3 - Related: 2176063 1:1.31.2-1 - update to https://github.com/containers/buildah/releases/tag/v1.31.2 - Related: 2176063...
java-17-openjdk security and bug fix update
1:17.0.9.0.9-2.0.1 - Update to jdk-17.0.9+9 GA - Update release notes to 17.0.9+9 - OpenJDK: memory corruption issue on x8664 with AVX-512 JDK-8317121 CVE-2023-22025 - OpenJDK: certificate path validation issue during client authentication JDK-8309966 CVE-2023-22081 - OpenJDK: Additional zip64...
linux-firmware security update
20230516-999.27.git6c9e0ed5.el9 - Update firmware for qat4xxx devices Orabug: 35811008 20230516-999.26.git6c9e0ed5.el9 - Run dracut -f in %posttrans instead of %post Orabug: 35661938 - Drop latest AMD microcode commits to family 19 file to include Milan microcode but not Genoa Orabug: 35708511...
bind security update
32:9.11.36-8.2 - stack exhaustion in control channel code may lead to DoS CVE-2023-3341...
qemu security update
15:4.2.1-28.el7 - virtio-crypto: verify src&dst buffer length for sym request Zhenwei Pi Orabug: 35724113 CVE-2023-3180 - hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller CVE-2023-0330 Thomas Huth Orabug: 35724112 CVE-2023-0330 - kvm: Atomic memslot updates David Hildenbrand Orabug...
kernel security, bug fix, and enhancement update
5.14.0-284.30.0.12.OL9 - x86/tsx: Add a feature bit for TSX control MSR support CVE-2023-1637 - x86/speculation: Restore speculation related MSRs CVE-2023-1637 - x86/pm: Save the MSR validity status at context setup CVE-2023-1637 - x86/pm: Fix false positive kmemleak report in msrbuildcontext...