9175 matches found
libpng12 security update
1.2.50-7 - Security fix for CVE-2015-7981 and CVE-2015-8126 - Resolves: 1283576...
chrony security, bug fix, and enhancement update
2.1.1-1 - update to 2.1.1 1117882 - add -n option to gzip command to not save timestamp 2.1-1 - update to 2.1 1117882 1169353 1206504 1209568 CVE-2015-1821 CVE-2015-1822 CVE-2015-1853 - extend chrony-helper to allow using servers from DNS SRV records 1211600 - add servers from DHCP with iburst...
wireshark security, bug fix, and enhancement update
1.10.14-7.0.1 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.10.14-7 - Rebase some tvbuff API from upstream to 1.10.14 - Fixes crash when tvblengthremaining is used - Related: CVE-2015-6244 1.10.14-6 - Security patch - Resolves: CVE-2015-3182 1.10.14-5 - Fix crash...
firefox security update
38.4.0-1.0.1.el511 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.4.0-1 - Update to 38.4.0 ESR...
subversion security update
1.6.11-15 - add security fixes for CVE-2015-0248, CVE-2015-0251, CVE-2015-3187...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-98.1.1 - md: use kzalloc when bitmap is disabled Benjamin Randazzo Orabug: 21563041 CVE-2015-5697...
sudo security, bug fix, and enhancement update
1.8.6p3-19 - RHEL-6.7 erratum - modified the authlogicfix patch to fix 1144448 - fixed a bug in the ldapusermatchfix patch Resolves: rhbz1144448 Resolves: rhbz1142122 1.8.6p3-18 - RHEL-6.7 erratum - fixed the mantypos-ldap.patch Resolves: rhbz1138267 1.8.6p3-17 - RHEL-6.7 erratum - added patch fo...
qemu-kvm security and bug fix update
1.5.3-86.el71.5 - kvm-i8254-fix-out-of-bounds-memory-access-in-pitioport.patch bz1243726 - Resolves: bz1243726 CVE-2015-3214 qemu-kvm: qemu: i8254: out-of-bounds memory access in pitioportread function rhel-7.1.z 1.5.3-86.el71.4 - kvm-ide-Check-array-bounds-before-writing-to-iobuffer-C.patch...
kvm security update
kvm-83-270.0.1.el511 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83-270.el5 - KVM: x86: Check non canonical addresses upon WRMSR - Resolves: bz1152982 CVE-2014-3610 kernel: kvm: noncanonical MSR writes rhel-5.11.z kvm-83-269.el5 - KVM:...
freetype security update
2.3.11-15.el66.1 - Fixes CVE-2014-9657 - Check minimum size of recordsize. - Fixes CVE-2014-9658 - Use correct value for minimum table length test. - Fixes CVE-2014-9675 - New macro that checks one character more than strncmp. - Fixes CVE-2014-9660 - Check BDFGLYPHBITS. - Fixes CVE-2014-9661 -...
thunderbird security update
31.4.0-1.0.1.el66 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 31.4.0-1 - Update to 31.4.0 31.3.0-3 - Fixed problems with dictionaries mozbz1097550...
rpm security update
4.11.1-18 - Add check against malicious CPIO file name size 1163060 - Fixes CVE-2014-8118 4.11.1-17 - Fix race condidition where unchecked data is exposed in the file system 1163060 - Fixes CVE-2013-6435...
kernel security and bug fix update
kernel 2.6.18-400.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...
libxml2 security update
2.6.26-2.1.25.0.1.el511 - Add libxml2-enterprise.patch - Replaced doc/redhat.gif in tarball with updated image 2.6.26-2.1.25.el5 - CVE-2014-3660 denial of service via recursive entity expansion rhbz1161841 2.6.26-2.1.24.el5 - fixed one regexp bug and added a rhbz922450 - Another small change on t...
cups-filters security update
1.0.35-15:.1 - Applied upstream patch to fix BrowseAllow parsing issue CVE-2014-4338, bug 1091568. - Applied upstream patch for cups-browsed DoS via processbrowsedata out-of-bounds read CVE-2014-4337, bug 1111510...
libvirt security and bug fix update
1.1.1-29.0.1.el70.3 - Replace docs/et.png in tarball with blank image 1.1.1-29.el70.3 - domainconf: fix domain deadlock CVE-2014-3657 1.1.1-29.el70.2 - qemu: split out cpuset.mems setting rhbz1135871 - qemu: leave restricting cpuset.mems after initialization rhbz1135871 - qemu: blkiotune: Use...
krb5 security update
1.6.1-80.el5 - rebuild 1.6.1-79.el5 - incorporate fix for MITKRB5-SA-2014-001 CVE-2014-4345, 1132785...
bind97 security and bug fix update
32:9.7.0-21.P2 - Fix CVE-2014-0591 32:9.7.0-20.P2 - Fix init script to not unmount filesystem when ROOTDIR is empty 1059118 32:9.7.0-19.P2 - fix for CVE-2013-4854 32:9.7.0-18.P2 - fix CVE-2013-2266...
squid security update
7:3.3.8-12 - Resolves: 1134933 - CVE-2014-3609 assertion failure in header processing...
thunderbird security update
24.8.0-1.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.8.0-1 - Update to 24.8.0...
mariadb security update
1:5.5.37-1 - Rebase to 5.5.37 https://kb.askmonty.org/en/mariadb-5537-changelog/ Also fixes: CVE-2014-2440 CVE-2014-0384 CVE-2014-2432 CVE-2014-2431 CVE-2014-2430 CVE-2014-2436 CVE-2014-2438 CVE-2014-2419 Resolves: 1101062...
samba security update
4.1.1-35 - resolves: 1105504 - CVE-2014-0244: DoS in nmbd. - resolves: 1108844 - CVE-2014-3493: DoS in smbd with unicode path names. - resolves: 1105573 - CVE-2014-0178: Uninitialized memory exposure. 4.1.1-33 - related: 717484 - Add missing configure line to enable profiling data support. 4.1.1-...
tomcat security update
0:7.0.42-6 - Resolves: CVE-2014-0099 Fix possible overflow when parsing - long values from byte array - Resolves: CVE-2014-0096 Information discloser process XSLT - files not subject to same constraint running under - java security manager - Resolves: CVE-2014-0075 Avoid overflow in...
thunderbird security update
24.7.0-1.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.7.0-1 - Update to 24.7.0...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.36.3uek - fix autofs/afs/etc. magic mountpoint breakage Al Viro Orabug: 19028505 CVE-2014-0203 - SELinux: Fix kernel BUG on empty security contexts. Stephen Smalley Orabug: 19028381 CVE-2014-1874 - floppy: don't write kernel-only members to FDRAWCMD ioctl output Matthew Dale...
subversion security update
1.6.11-10 - add security fixes for CVE-2013-1968, CVE-2013-2112, CVE-2014-0032...
kernel security and bug fix update
2.6.32-431.5.1 - net sctp: fix checksum marking for outgoing packets Daniel Borkmann 1046041 1040385 - kernel ptrace: Cleanup useless header Aaron Tomlin 1046043 1036312 - kernel ptrace: kill BKL in ptrace syscall Aaron Tomlin 1046043 1036312 - fs nfs: Prevent a 3-way deadlock between layoutretur...
xorg-x11-server security update
1.13.0-11.1.2 - CVE-2013-4396: Fix use-after free in ImageText requests 1014561...
php security update
5.3.3-23 - add security fix for CVE-2013-4113...
libvirt security and bug fix update
0.10.2-18.0.1.el64.5 - Replace docs/et.png in tarball with blank image 0.10.2-18.el64.5 - daemon: Fix leak after listing volumes CVE-2013-1962 - Don't try to add non-existant devices to ACL rhbz958837 - Avoid spamming logs with cgroups warnings rhbz958837 - audit: Properly encode device path in...
cups security update
1:1.4.2-50:.4 - Added BrowseLDAPCACertFile and PrintcapGUI to restricted options list. 1:1.4.2-50:.3 - Fix for CVE-2012-5519 patch: handle blacklisted lines that have no value part gracefully. 1:1.4.2-50:.2 - Added documentation for new CVE-2012-5519 option. 1:1.4.2-50:.1 - Applied patch to fix...
389-ds-base security, bug fix, and enhancement update
1.2.11.15-11 - Resolves: Bug 896256 - updating package touches configuration files 1.2.11.15-10 - Resolves: Bug 889083 - For modifiersName/internalModifiersName feature, internalModifiersname is not working for DNA plugin 1.2.11.15-9 - Resolves: Bug 891930 - DNA plugin no longer reports additiona...
freeradius2 security and bug fix update
2.1.12-5 - resolves: bug855308 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509 certificate validation...
ruby security and bug fix update
1.8.5-27 - unintentional file creation caused by inserting an illegal NUL character ruby-1.8.6-CVE-2012-4522-io.c-pipeopen-command-name-should-not-contain-null-.patch - Related: rhbz867750 1.8.5-26 - escaping vulnerability about Exceptiontos / NameErrortos ruby-1.8.7-p371-CVE-2012-4481.patch -...
kernel security, bug fix and enhancement update
2.6.32-279.19.1.el6 - drm i915: dont clobber the pipe param in sanitizemodesetting Frantisek Hrbata 876549 857792 - drm i915: Sanitize BIOS debugging bits from PIPECONF Frantisek Hrbata 876549 857792 - net fix divide by zero in tcp algorithm illinois Flavio Leitner 871920 866514 CVE-2012-4565 - f...
freeradius security update
2.1.12-4 - resolves: bug855316 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509 certificate validation...
dbus security update
1:1.2.24-7.0.1.el63 - fix netlink poll: error 4 Zhenzhong Duan 1:1.2.24-7 - Resolves: 854821 1:1.2.24-6 - Apply patches for CVE-2011-2200 - Resolves: 725314...
xen security update
3.0.3-135.el58.5 - console: Prevent escape sequence length overflow rhbz 851253...
glibc security and bug fix update
2.5-81.el58.7 - Fix out of bounds array access in strto exposed by 847929 patch. 2.5-81.el58.6 - Fix integer overflow leading to buffer overflow in strto 847929 2.5-81.el58.5 - Do not use PTIEEEIP ptrace calls 839411 - Update ULPs 839411 - Fix various transcendentals in non-default rounding modes...
1
kernel 2.6.18-308.13.1.0.1.el5 - kernel Initialize the local uninitialized variable stats. orabug 14051367 - fs JBD:make jbd support 512B blocks correctly for ocfs2. orabug 13477763 - x86 fix fpu context corrupt when preempt in signal context orabug 14038272 - net bonding: fix carrier detect when...
libreoffice security update
3.4.5.2-16.1.0.1.el63 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 3.4.5.2-16.1 - Resolves: rhbz839867 CVE-2012-2665...
pidgin security update
2.7.9-5.el6.2 - Add patch for CVE-2011-2485 RH bug 837561. 2.7.9-5.el6.1 - Add patch for CVE-2012-1178 RH bug 837560. - Add patch for CVE-2012-2318 RH bug 837560. - Add patch for CVE-2012-3374 RH bug 837560. 2.7.9-5.el6 - Add patch for CVE-2011-4602 RH bug 766453. 2.7.9-4.el6 - Add patch for...
bind97 security update
32:9.7.0-10.P2.1 - fix CVE-2012-1667 and CVE-2012-1033...
sudo security and bug fix update
1.7.2p1-13 - patch: parse ldap.conf more closely to nssldap Resolves: rhbz750318 1.7.2p1-12 - added patch for CVE-2011-0010 Resolves: rhbz757157 1.7.2p1-11 - backported selinux support from 1.7.4p5 477185, 673157 - fixed bug in RunasSpec group matching 627543 - disable 'sudo -l' output word...
cups security and bug fix update
1:1.3.7-30 - Backported patch to fix transcoding for ASCII bug 759081, STR 3832. 1:1.3.7-29 - The imageto filters could crash with bad GIF files CVE-2011-2896, STR 3867, STR 3914, bug 752118. 1:1.3.7-28 - Web interface didn't show completed jobs for printer STR 3436, bug 625900 - Serial backend...
thunderbird security update
3.1.18-2.0.1.el62 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball 3.1.18-2 - added fix for mozbz727401...
texlive security update
2007-57 - fix CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554, texlive various flaws 773183...
mysql security update
5.0.95-1.el57.1 - Update to 5.0.95, to get the last upstream bugfixes in this release series including numerous CVEs announced in January 2012 Resolves: 787140...
jasper security update
1.900.1-15.1 - CERT VU887409: heap buffer overflow flaws lead to arbitrary code execution 749149...
netpbm security update
10.35.58-8.el5.3 - Actually apply the patch for - CVE-2009-4274 760849 10.35.58-8.el5.2 - fix xpmtoppm overfow - CVE-2009-4274 760849 10.35.58-8.el5.1 - fix libjasper heap buffer overflow CVE-2011-4516 CVE-2011-4517 760849...