9173 matches found
firefox security update
68.6.0-1.0.1.el610 - fix LDLIBRARYPATH - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.6.0-1 - Update to 68.6.0 build1 68.5.0-3 - Added fix for rhbz1805667 - Enabled mzbz@1170092 - Firefox prefs at /etc Fri...
firefox security update
68.10.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file Fri Jun 26 2020 Jan Horak - Update to 68.10.0 build1...
grafana security update
6.3.6-2 - fix CVE-2020-13379...
sudo security, bug fix, and enhancement update
1.8.29-5 - RHEL 8.2 ERRATUM - CVE-2019-18634 Resolves: rhbz1798093 1.8.29-4 - RHEL 8.2 ERRATUM - CVE-2019-19232 Resolves: rhbz1786987 Resolves: rhbz1796518 1.8.29-2 - RHEL 8.2 ERRATUM - rebase to 1.8.29 Resolves: rhbz1733961 Resolves: rhbz1651662 1.8.28p1-1 - RHEL 8.2 ERRATUM - rebase to 1.8.28p1...
libreoffice security and bug fix update
6.0.6.1-20.0.1.el8 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:6.0.6.1-20 - Resolves: rhbz1743958 CVE-2019-9849, etc. - Resolves: rhbz1648281 Junk character gets added when some emojis are...
net-snmp security and bug fix update
1:5.7.2-47 - revert calculation of free space 1779609 1:5.7.2-46 - fix sha224 and sha384 declaration check 1774693 1:5.7.2-45 - fix memory leak introduced by fix of snmp v3 traps forwarding 1751195 1:5.7.2-44 - add support for glusterfs 1316386 - change services to start after network-online.targ...
texlive security update
2:2012-45.20130427r30134 - Related: 1650521, buffer overflow in t1checkunusualcharstring function 2:2012-44.20130427r30134 - Resolves: 1650521, buffer overflow in t1checkunusualcharstring function...
python-reportlab security update
3.4.0-6.el810.2 - Fix Requires for doc subpackage - Resolves: 1788556 3.4.0-6.el810.1 - Do not eval strings passed to toColor - Resolves: 1788555...
SDL security update
1.2.15-15 - Fix CVE-2019-13616 a heap buffer over-read in BlitNtoN bug 1747237 - Resolves: rhbz1756276...
GNOME security, bug fix, and enhancement update
accountsservice 0.6.50-7 - Dont send change updates for login history changes Resolves: 1713080 appstream-data 8-20190805 - Regenerate the RHEL metadata to include the latest cockpit changes - Resolves: 1673011 8-20190719 - Regenerate the RHEL metadata - Resolves: 1673011 8-20180721 - Regenerate...
ovmf security and enhancement update
20180508-6.gitee3198e672e2.el7 - ovmf-MdeModulePkg-HiiDatabase-Fix-potential-integer-overf.patch bz1691479 - ovmf-MdeModulePkg-HiiImage-Fix-stack-overflow-when-corrup.patch bz1691479 - ovmf-MdeModulePkg-PartitionDxe-Add-check-for-underlying-d.patch bz1691647 -...
binutils security and bug fix update
2.27-41.base.0.1 - Complete the backport of upstream commit a5def14f1ca70e14d9433cb229c9369fa3051598 Add a test for R386GOT32/R386GOT32X IFUNC reloc error Orabug 27930573 - Reviewed-by: Jose E. Marchesi 2.27-41.base - Fix up some linker tests that fail because of the Rx8664GOTPCRELX patch. 169974...
exiv2 security, bug fix, and enhancement update
0.27.0-2 - Minor improvements Resolves: bz1652637 0.27.0-1 - Exiv2 0.27.0 Resolves: bz1652637...
libarchive security update
3.1.2-12 - fixed use after free in RAR decoder 1700749 - fixed double free in RAR decoder 1700748 3.1.2-11 - fix out-of-bounds read within lhareaddatanone CVE-2017-14503 - fix crash on crafted 7zip archives CVE-2019-1000019 - fix infinite loop in ISO9660 CVE-2019-1000020...
keepalived security update
1.3.5-8 - Fixed patch that was incorrectly removed 1652694 1.3.5-7 - Fix buffer overflow when parsing HTTP status codes 1652694...
spamassassin security update
3.4.0-4 - Add missing Requires for perlXSLoader and perlExtUtils::MakeMaker, - which are no longer auto-generated due to a expected change in rpm-build - Related: rhbz1632998 3.4.0-3 - Fix CVE-2018-11781 - Local user code injection in the meta rule syntax - Fix CVE-2017-15705 - Certain unclosed...
openssl security update
1.0.1e-57.0.5 - Merge upstream patch to fix CVE-2018-0739 1.0.1e-57.0.3 - Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz...
firefox security update
60.2.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.2.0-1 - Update to 60.2.0 ESR 60.1.0-9 - Do not set user agent rhbz1608065 - GTK dialogs are localized now rhbz1619373 - JNLP association works again rhbz1607457 60.1.0-8 - Fixed homepage and bookmarks...
libvirt security update
0.10.2-64.0.1 - Replace docs/et.png in tarball with blank image 0.10.2-64 - cpu: define the 'ssbd' CPUID feature bit CVE-2018-3639 - cpu: define the 'virt-ssbd' CPUID feature bit CVE-2018-3639 0.10.2-63 - qemu: avoid denial of service reading from QEMU monitor CVE-2018-5748 - qemu: avoid denial o...
libvirt security and bug fix update
3.9.0-14.el75.4 - lxc: Drop useless check in live device update rhbz1557922 - Pass oldDev to virDomainDefCompatibleDevice on device update rhbz1557922 - qemu: Fix updating device with boot order rhbz1557922 - conf: Fix crash in virDomainDefCompatibleDevice rhbz1557922 - vmx: check for...
kubernetes security update
1.9.1-2.1.5 - Production built 1.9.1-2.1.5 - Fix the upgrade version check - Remove w/a from Orabug 27125915 1.9.1-2.1.4.dev - Make sure worker node upgrade properly - Orabug 27649898 1.9.1-2.1.3.dev - Ensure that the runtime mounts RO volumes read-only CVE-2017-1002102 - Update Dashboard version...
libvorbis security update
1.2.3-5.1 - Backport fix for CVE-2018-5146 1.2.3-5 - fix CVE-2012-0444 787077...
quagga security update
0.99.22.4-5 - Fixed CVE-2018-5379 - Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code - Resolves: rhbz1546015...
php security update
5.4.16-43 - gd: fix DoS vulnerability in gdImageCreateFromGd2Ctx CVE-2016-10167 - gd: Signed Integer Overflow gdio.c CVE-2016-10168...
groovy security update
1.8.9-8 - Fix Information disclosure vulnerability - Resolves: CVE-2016-6814...
git security update
1.8.3.1-12 - prevent command injection via malicious ssh URLs Resolves: CVE-2017-1000117...
subversion security update
1.7.14-11 - add security fix for CVE-2017-9800...
libtirpc security update
0.2.1-139 - Fix for CVE-2017-8779 bz 1449458...
qemu-kvm security update
0.12.1.2-2.491.el68.7 - kvm-cirrus-fix-patterncopy-checks.patch bz1420486 bz1420488 - kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch bz1420486 bz1420488 - kvm-cirrus-add-blitisunsafe-call-to-cirrusbitbltcput.patch bz1420486 bz1420488 - Resolves: bz1420486 EMBARGOED CVE-2017-2620...
bind security update
32:9.9.4-38.2 - Fix CVE-2017-3135 ISC change 4557 - Fix and test caching CNAME before DNAME ISC change 4558...
firefox security update
45.6.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.6.0-1 - Update to 45.6.0 ESR...
firefox security update
45.5.1-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.5.1-1 - Update to 45.5.1 ESR...
systemd security and bug fix update
219-30.0.1.3 - set 'RemoveIPC=no' in logind.conf as default for OL7.2 22224874 - allow dm remove ioctl to co-operate with UEK3 Vaughan Cao Orabug: 18467469 - add hv dynamic memory support Jerry Snitselaar Orabug: 18621475 - rules: load sg module 1223340 - run: drop mistakenly committed test code...
bind97 security update
32:9.7.0-21.P2.7 - Fix CVE-2016-2776 32:9.7.0-21.P2.6 - Fix CVE-2016-1285 and CVE-2016-1286 32:9.7.0-21.P2.5 - Fix CVE-2015-8704 32:9.7.0-21.P2.4 - Fix CVE-2015-8000 32:9.7.0-21.P2.3 - Fix CVE-2015-5722 32:9.7.0-21.P2.2 - Fix CVE-2015-5477 32:9.7.0-21.P2.1 - Fix CVE-2014-8500 1171972...
squid security update
7:3.3.8-26.3 - Related: 1330576 - CVE-2016-4553 squid: Cache poisoning issue in HTTP Request handling - Related: 1334491 - CVE-2016-4554 CVE-2016-4555 CVE-2016-4556 squid: various flaws 7:3.3.8-26.2 - Related: 1330576 - CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 squid: various flaws...
foomatic security update
4.0.4-5 - Also consider back tick and semicolon as illegal shell escape characters. - CVE-2015-8327, CVE-2015-8560 4.0.4-4 - Prevent foomatic-rip overrun bug 1214534...
qemu-kvm security and bug fix update
1.5.3-105.el72.3 - kvm-fwcfg-add-check-to-validate-current-entry-value-CVE.patch bz1298047 - Resolves: bz1298047 CVE-2016-1714 qemu-kvm: Qemu: nvram: OOB r/w access in processing firmware configurations rhel-7.2.z 1.5.3-105.el72.2 - kvm-raw-posix-Fix-.bdrvcogetblockstatus-for-unaligne.patch...
bind97 security update
32:9.7.0-21.P2.4 - Fix CVE-2015-8000 32:9.7.0-21.P2.3 - Fix CVE-2015-5722 32:9.7.0-21.P2.2 - Fix CVE-2015-5477 32:9.7.0-21.P2.1 - Fix CVE-2014-8500 1171972...
libpng12 security update
1.2.50-7 - Security fix for CVE-2015-7981 and CVE-2015-8126 - Resolves: 1283576...
chrony security, bug fix, and enhancement update
2.1.1-1 - update to 2.1.1 1117882 - add -n option to gzip command to not save timestamp 2.1-1 - update to 2.1 1117882 1169353 1206504 1209568 CVE-2015-1821 CVE-2015-1822 CVE-2015-1853 - extend chrony-helper to allow using servers from DNS SRV records 1211600 - add servers from DHCP with iburst...
wireshark security, bug fix, and enhancement update
1.10.14-7.0.1 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.10.14-7 - Rebase some tvbuff API from upstream to 1.10.14 - Fixes crash when tvblengthremaining is used - Related: CVE-2015-6244 1.10.14-6 - Security patch - Resolves: CVE-2015-3182 1.10.14-5 - Fix crash...
firefox security update
38.4.0-1.0.1.el511 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.4.0-1 - Update to 38.4.0 ESR...
subversion security update
1.6.11-15 - add security fixes for CVE-2015-0248, CVE-2015-0251, CVE-2015-3187...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.10 - md: use kzalloc when bitmap is disabled Benjamin Randazzo Orabug: 21563043 CVE-2015-5697 - netfilter: nfconntrack: reserve two bytes for nfctext-len Andrey Vagin Orabug: 21562781 CVE-2014-9715...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-98.1.1 - md: use kzalloc when bitmap is disabled Benjamin Randazzo Orabug: 21563041 CVE-2015-5697...
bind97 security update
32:9.7.0-21.P2.2 - Fix CVE-2015-5477 32:9.7.0-21.P2.1 - Fix CVE-2014-8500 1171972...
sudo security, bug fix, and enhancement update
1.8.6p3-19 - RHEL-6.7 erratum - modified the authlogicfix patch to fix 1144448 - fixed a bug in the ldapusermatchfix patch Resolves: rhbz1144448 Resolves: rhbz1142122 1.8.6p3-18 - RHEL-6.7 erratum - fixed the mantypos-ldap.patch Resolves: rhbz1138267 1.8.6p3-17 - RHEL-6.7 erratum - added patch fo...
qemu-kvm security and bug fix update
1.5.3-86.el71.5 - kvm-i8254-fix-out-of-bounds-memory-access-in-pitioport.patch bz1243726 - Resolves: bz1243726 CVE-2015-3214 qemu-kvm: qemu: i8254: out-of-bounds memory access in pitioportread function rhel-7.1.z 1.5.3-86.el71.4 - kvm-ide-Check-array-bounds-before-writing-to-iobuffer-C.patch...
kvm security update
kvm-83-270.0.1.el511 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83-270.el5 - KVM: x86: Check non canonical addresses upon WRMSR - Resolves: bz1152982 CVE-2014-3610 kernel: kvm: noncanonical MSR writes rhel-5.11.z kvm-83-269.el5 - KVM:...
freetype security update
2.3.11-15.el66.1 - Fixes CVE-2014-9657 - Check minimum size of recordsize. - Fixes CVE-2014-9658 - Use correct value for minimum table length test. - Fixes CVE-2014-9675 - New macro that checks one character more than strncmp. - Fixes CVE-2014-9660 - Check BDFGLYPHBITS. - Fixes CVE-2014-9661 -...