9172 matches found
qemu-kvm security and bug fix update
1.5.3-105.el72.3 - kvm-fwcfg-add-check-to-validate-current-entry-value-CVE.patch bz1298047 - Resolves: bz1298047 CVE-2016-1714 qemu-kvm: Qemu: nvram: OOB r/w access in processing firmware configurations rhel-7.2.z 1.5.3-105.el72.2 - kvm-raw-posix-Fix-.bdrvcogetblockstatus-for-unaligne.patch...
bind97 security update
32:9.7.0-21.P2.4 - Fix CVE-2015-8000 32:9.7.0-21.P2.3 - Fix CVE-2015-5722 32:9.7.0-21.P2.2 - Fix CVE-2015-5477 32:9.7.0-21.P2.1 - Fix CVE-2014-8500 1171972...
libpng12 security update
1.2.50-7 - Security fix for CVE-2015-7981 and CVE-2015-8126 - Resolves: 1283576...
wireshark security, bug fix, and enhancement update
1.10.14-7.0.1 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.10.14-7 - Rebase some tvbuff API from upstream to 1.10.14 - Fixes crash when tvblengthremaining is used - Related: CVE-2015-6244 1.10.14-6 - Security patch - Resolves: CVE-2015-3182 1.10.14-5 - Fix crash...
bind security update
30:9.3.6-25.P1.4 - Fix CVE-2015-5722 30:9.3.6-25.P1.3 - Fix CVE-2015-5477 30:9.3.6-25.P1.2 - Remove files backup after patching Related: 1171971 30:9.3.6-25.P1.1 - Fix CVE-2014-8500 1171971...
firefox security update
38.2.0-4.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 38.2.0-4 - Update to 38.2.0 ESR...
thunderbird security update
31.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 31.6.0-1 - Update to 31.6.0...
libvirt security and bug fix update
1.1.1-29.0.1.el70.4 - Replace docs/et.png in tarball with blank image 1.1.1-29.el70.4 - qemu: blockcopy: Don't remove existing disk mirror info rhbz1149078 - qemu: copy: Accept 'format' parameter when copying to a non-existing img rhbz1149078 - qemu: reject rather than hang on blockcommit of acti...
axis security update
0:1.2.1-7.5 - Fix MITM security vulnerability - Use GCJ friendly patch - Resolves: CVE-2014-3596 0:1.2.1-7.4 - Fix MITM security vulnerability - Resolves: CVE-2014-3596...
thunderbird security update
24.8.0-1.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.8.0-1 - Update to 24.8.0...
json-c security update
0.11-4 - fix has collision CVE-2013-6371 - fix buffer overflow CVE-2013-6370 - enable upstream test suite...
thunderbird security update
24.7.0-1.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.7.0-1 - Update to 24.7.0...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.36.3uek - fix autofs/afs/etc. magic mountpoint breakage Al Viro Orabug: 19028505 CVE-2014-0203 - SELinux: Fix kernel BUG on empty security contexts. Stephen Smalley Orabug: 19028381 CVE-2014-1874 - floppy: don't write kernel-only members to FDRAWCMD ioctl output Matthew Dale...
gnutls security update
2.8.5-14 - fix session ID length check 1102024...
thunderbird security update
24.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.5.0-1 - Update to 24.5.0...
gnutls security update
1.4.1-14 - Renamed gnutls-1.4.1-cve-2014-0092-1.patch to cve-2014-5138.patch - Renamed gnutls-1.4.1-cve-2014-0092-2.patch to cve-2014-0092.patch 1.4.1-13 - fix issues of CVE-2014-0092 1069888 1.4.1-12 - fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619 upstream patch 966754 1.4.1-11 - fix...
kernel security and bug fix update
2.6.32-431.5.1 - net sctp: fix checksum marking for outgoing packets Daniel Borkmann 1046041 1040385 - kernel ptrace: Cleanup useless header Aaron Tomlin 1046043 1036312 - kernel ptrace: kill BKL in ptrace syscall Aaron Tomlin 1046043 1036312 - fs nfs: Prevent a 3-way deadlock between layoutretur...
busybox security and bug fix update
1:1.15.1-20 - Resolves: 855832 'Installation from NFS: That directory could not be mounted from the server' by switching NFS mount default from UDP to TCP. There was another place in uclibc this time which used UDP. 1:1.15.1-19 - Resolves: 1015010 'busybox: insecure directory permissions in /dev'...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-16.1.1.el6uek - dm snapshot: fix data corruption Mikulas Patocka Orabug: 17617582 CVE-2013-4299...
xorg-x11-server security update
1.13.0-11.1.2 - CVE-2013-4396: Fix use-after free in ImageText requests 1014561...
ruby security update
1.8.7.352-12 - Fix regression introduced by CVE-2013-4073 https://bugs.ruby-lang.org/issues/8575 ruby-2.0.0-p255-Fix-SSL-client-connection-crash-for-SAN-marked-critical.patch - Related: rhbz979300 1.8.7.352-11 - hostname check bypassing vulnerability in SSL client...
krb5 security update
1.10.3-10.3 - pull up fix for UDP ping-pong flaw in kpasswd service CVE-2002-2443,...
libvirt security and bug fix update
0.10.2-18.0.1.el64.5 - Replace docs/et.png in tarball with blank image 0.10.2-18.el64.5 - daemon: Fix leak after listing volumes CVE-2013-1962 - Don't try to add non-existant devices to ACL rhbz958837 - Avoid spamming logs with cgroups warnings rhbz958837 - audit: Properly encode device path in...
thunderbird security update
17.0.6-2.0.1.el64 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 17.0.6-2 - Update to 17.0.6 ESR...
cups security update
1:1.4.2-50:.4 - Added BrowseLDAPCACertFile and PrintcapGUI to restricted options list. 1:1.4.2-50:.3 - Fix for CVE-2012-5519 patch: handle blacklisted lines that have no value part gracefully. 1:1.4.2-50:.2 - Added documentation for new CVE-2012-5519 option. 1:1.4.2-50:.1 - Applied patch to fix...
axis security update
0:1.2.1-7.3 - Add missing connection hostname check against X.509 certificate name - Resolves: CVE-2012-5784...
ruby security and bug fix update
1.8.5-27 - unintentional file creation caused by inserting an illegal NUL character ruby-1.8.6-CVE-2012-4522-io.c-pipeopen-command-name-should-not-contain-null-.patch - Related: rhbz867750 1.8.5-26 - escaping vulnerability about Exceptiontos / NameErrortos ruby-1.8.7-p371-CVE-2012-4481.patch -...
kernel security, bug fix and enhancement update
2.6.32-279.19.1.el6 - drm i915: dont clobber the pipe param in sanitizemodesetting Frantisek Hrbata 876549 857792 - drm i915: Sanitize BIOS debugging bits from PIPECONF Frantisek Hrbata 876549 857792 - net fix divide by zero in tcp algorithm illinois Flavio Leitner 871920 866514 CVE-2012-4565 - f...
qpid security, bug fix, and enhancement update
python-qpid 0.14-11 - BZs: 825078 - Resolves: rhbz840053 qpid-cpp 0.14-22.0.1.el63 - Update summary and description in specfile to be product neutral 0.14-22 - BZs: 609685, 849654, 854004 0.14-21 - BZs: 831365, 840982, 844618 0.14-20 - BZs: 683711, 689408, 825078, 834608, 841196, 841488 0.14-19 -...
krb5 security update
1.9-33.2 - pull up the patch to correct a possible NULL pointer dereference in kadmind CVE-2012-1013, 827517 1.9-33.1 - add candidate patch from upstream to fix freeing uninitialized pointer in the KDC MITKRB5-SA-2012-001, CVE-2012-1015, 839859...
libvirt security, bug fix, and enhancement update
libvirt-0.9.10-21.0.1.el6 - Replace docs/et.png in tarball with blank image libvirt-0.9.10-21.el6 - qemu: Rollback on used USB devices rhbz743671 - qemu: Dont delete USB device on failed qemuPrepareHostdevUSBDevices rhbz743671 - Revert 'rpc: Discard non-blocking calls only when necessary'...
bind97 security update
32:9.7.0-10.P2.1 - fix CVE-2012-1667 and CVE-2012-1033...
ImageMagick security and bug fix update
6.2.8.0-15.el5 - Fix for PostScript conversion was incomplete, as larger documents would end up being cropped without the -g option 797364 6.2.8.0-14.el5 - Add fix for CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 - Add fix for CVE-2012-0259 CVE-2012-0260 CVE-2012-1798 6.2.8.0-13.el5 -...
cups security and bug fix update
1:1.3.7-30 - Backported patch to fix transcoding for ASCII bug 759081, STR 3832. 1:1.3.7-29 - The imageto filters could crash with bad GIF files CVE-2011-2896, STR 3867, STR 3914, bug 752118. 1:1.3.7-28 - Web interface didn't show completed jobs for printer STR 3436, bug 625900 - Serial backend...
thunderbird security update
3.1.18-2.0.1.el62 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball 3.1.18-2 - added fix for mozbz727401...
mysql security update
5.0.95-1.el57.1 - Update to 5.0.95, to get the last upstream bugfixes in this release series including numerous CVEs announced in January 2012 Resolves: 787140...
jasper security update
1.900.1-15.1 - CERT VU887409: heap buffer overflow flaws lead to arbitrary code execution 749149...
libpng security update
2:1.2.10-7.1.el57.5 - Install the correct fix for CVE-2011-2690 Resolves: 721303 2:1.2.10-7.1.el57.4 - Back-port fixes for CVE-2011-2690, CVE-2011-2692 Note: CVE-2011-2691, announced at the same time, does not apply to 1.2.10; likewise for CVE-2011-2501 Resolves: 721303...
krb5-appl security update
1.0.1-2.1 - ftpd: add candidate patch to detect setegid/setregid/setresgid and check for errors when calling them MITKRB5-SA-2011-005, CVE-2011-1526, 713341...
seamonkey security update
1.0.9-67.0.1.el48 - Add mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and remove corresponding RedHat ones 1.0.9-67.el4 - Added fixes from 1.9.1.17...
java-1.6.0-openjdk security update
1.6.0.0-1.39.b17 - respin of IcedTea6 1.7.10 - Resolves: rhbz676276 1.6.0.0-1.37.b17 - Updated to IcedTea6 1.7.10 - Resolves: rhbz676276...
bzip2 security update
1.0.5-7 - Resolves: 632268 integer overflow flaw in BZ2decompress - CVE-2010-0405 upstream patch...
postgresql and postgresql84 security update
postgresql: 8.1.22-1.el55.1 - Update to PostgreSQL 8.1.22, for various fixes described at http://www.postgresql.org/docs/8.1/static/release.html including the fix for CVE-2010-3433 Resolves: 639931 postgresql84: 8.4.5-1.el55.1 - Update to PostgreSQL 8.4.5, for various fixes described at...
seamonkey security update
1.0.9-63.0.1.el4 - Added mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and emoved corresponding RedHat ones 1.0.9-63.el4 - Added fixes for mozbz576447, 583225 1.0.9-62.el4 - Added fixes from 1.9.1.12...
kernel security and bug fix update
2.6.9-89.0.28.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
freetype security update
2.1.4-15.el3 - Add freetype-2.1.4-axis-name-overflow.patch Avoid overflow when dealing with names of axes - Resolves: 614014 2.1.4-14.el3 - Add freetype-2.1.4-CVE-2010-2527.patch Use precision for '%s' where appropriate to avoid buffer overflows - Resolves: 614014 2.1.4-13.el3 - Add...
perl-Archive-Tar security update
1.39.1-1.el5.1 - cleaning spec and nvr - Related: rhbz595733 1.40-1.el5.1 - update to real version 1.3901, but for rpm updates, it will be 1.40 - Resolves: rhbz595733 1.40-1 - update to 1.40 - Resolves: rhbz595733...
kdebase security update
6:3.5.4-21.0.1.el55.1 - Update definition of KONQUERORVERSION in specfile 6:3.5.4-21.1 - Resolves: 570622, CVE-2010-0436 kdm privilege escalation flaw...
curl security, bug fix and enhancement update
7.15.5-9 - http://curl.haxx.se/docs/adv20100209.html 565408 7.15.5-8 - mention lack of IPv6, FTPS and LDAP support while using a socks proxy 473128 - avoid tight loop if an upload connection is broken 479967 - add options --ftp-account and --ftp-alternative-to-user to program help 517084 - fix...
cpio security update
2.5-16.1 - CVE-2010-0624 fix heap-based buffer overflow by expanding a specially-crafted archive...