8967 matches found
mysql55-mysql security update
5.5.37-1 - Update to MySQL 5.5.37, for various fixes described at http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-37.html Includes fixes for: CVE-2014-2440 CVE-2014-0384 CVE-2014-2432 CVE-2014-2431 CVE-2014-2430 CVE-2014-2436 CVE-2014-2438 CVE-2014-2419 Resolves: 1089202...
thunderbird security update
24.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.5.0-1 - Update to 24.5.0...
tomcat6 security update
0:6.0.24-64 - Resolves: CVE-2014-0050 0:6.0.24-63 - Resolves: CVE-2013-4322 CVE-2013-4286...
wget security and bug fix update
1.12-1.11 - Add --trust-server-names option to fix CVE-2010-2252 833831 1.12-1.10 - Build wget again with partial RELRO. LDFLAGS changed due to openssl rebase. 1.12-1.9 - Fix wget to recognize certificates with alternative names 1060113...
openldap security and bug fix update
2.4.23-34.1 - fix: segfault on certain queries with rwm overlay 1058250 2.4.23-34 - fix: deadlock during SSLForceHandshake 996373 + revert nss-handshake-threadsafe.patch...
openssl security update
1.0.1e-16.4 - fix CVE-2013-4353 - Invalid TLS handshake crash 1.0.1e-16.3 - fix CVE-2013-6450 - possible MiTM attack on DTLS1 1.0.1e-16.2 - fix CVE-2013-6449 - crash when version in SSL structure is incorrect...
coreutils security, bug fix, and enhancement update
8.4-31.0.1 - clean up empty file if cp is failed Orabug 15973168 8.4-31 - adjust the fix for the du bindmounts failure836557 Mon Oct 07 2013 Ondrej Oprala - Fix su retvals once again 8.4-29 - CVE-2013-0221 CVE-2013-0223 CVE-2013-0222 - fix various segmentation faults in sort, uniq and join1015019...
firefox security update
firefox 17.0.7-1.0.1.el64 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 17.0.7-1 - Update to 17.0.7 ESR xulrunner 17.0.7-1.0.1.el64 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNERVERSION from SOURCE21 17.0.7...
krb5 security update
1.10.3-10.3 - pull up fix for UDP ping-pong flaw in kpasswd service CVE-2002-2443,...
tomcat5 security update
0:5.5.23-0jpp.40 - Related: CVE-2013-1976 It was found during additional testing - that the tomcat5 init may fail to start because the user - shell is set to sbin/nologin. Fixed in init scrip. SU now - uses -s /bin/sh during startup 0:5.5.23-0jpp.39 - Resolves: CVE-2013-1976 Improper TOMCATLOG...
libvirt security and bug fix update
0.10.2-18.0.1.el64.5 - Replace docs/et.png in tarball with blank image 0.10.2-18.el64.5 - daemon: Fix leak after listing volumes CVE-2013-1962 - Don't try to add non-existant devices to ACL rhbz958837 - Avoid spamming logs with cgroups warnings rhbz958837 - audit: Properly encode device path in...
stunnel security update
4.29-3 Resolves: CVE-2013-1762...
bind security and bug fix update
32:9.8.2-0.17.rc1.0.2.el64.4 - bump release and build for ULN...
pixman security update
0.26.2-5 - Fix bug 914474 CVE 2013-1591 - Remove openmp.patch...
ruby security update
1.8.5-29 - Fix regression introduced by fix for entity expansion DOS vulnerability in REXML https://bugs.ruby-lang.org/issues/7961 ruby-2.0.0-add-missing-rexml-require.patch - Related: rhbz915377 1.8.5-28 - Addresses entity expansion DoS vulnerability in REXML...
git security update
1.7.1-3.1 - fix CVE-2013-0308 1.7.1-3 - fix CVE-2010-3906...
nss and nspr security, bug fix, and enhancement update
nspr 4.9.2-2 - NVR bump 4.9.2-1 - Resolves: rhbz893372- RFE Rebase nspr to 4.9.2 due to Firefox 17 ESR nss 3.13.6-3 - Fix changelog inconsistencies with commit and bug resolved - Resolves: rhbz891149 CVE-2013-0743 3.13.6-2 - CVE-2013-0743 - Resolves: rhbz891149 - Dis-trust TURKTRUST mis-issued...
ruby security and bug fix update
1.8.5-27 - unintentional file creation caused by inserting an illegal NUL character ruby-1.8.6-CVE-2012-4522-io.c-pipeopen-command-name-should-not-contain-null-.patch - Related: rhbz867750 1.8.5-26 - escaping vulnerability about Exceptiontos / NameErrortos ruby-1.8.7-p371-CVE-2012-4481.patch -...
kernel security, bug fix and enhancement update
2.6.32-279.19.1.el6 - drm i915: dont clobber the pipe param in sanitizemodesetting Frantisek Hrbata 876549 857792 - drm i915: Sanitize BIOS debugging bits from PIPECONF Frantisek Hrbata 876549 857792 - net fix divide by zero in tcp algorithm illinois Flavio Leitner 871920 866514 CVE-2012-4565 - f...
bind security update
32:9.8.2-0.10.rc1.6 - fix CVE-2012-5688...
java-1.6.0-openjdk security update
1:1.6.0.0-1.50.1.11.5 - Changed permissions of sa-jdi.jar to correct 644 - Resolves: rhbz865045 1:1.6.0.0-1.49.1.11.5 - Updated to IcedTea6 1.11.5 - Resolves rhbzs 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 86551...
freeradius security update
2.1.12-4 - resolves: bug855316 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509 certificate validation...
1
kernel 2.6.18-308.13.1.0.1.el5 - kernel Initialize the local uninitialized variable stats. orabug 14051367 - fs JBD:make jbd support 512B blocks correctly for ocfs2. orabug 13477763 - x86 fix fpu context corrupt when preempt in signal context orabug 14038272 - net bonding: fix carrier detect when...
dhcp security update
12:4.1.1-31.P1.0.1.el63.1 - Added oracle-errwarn-message.patch 12:4.1.1-31.P1.1 - An error in the handling of malformed client identifiers can cause a denial-of-service condition in affected servers. CVE-2012-3571, 843120 - Memory Leaks Found In ISC DHCP CVE-2012-3954, 843120...
krb5 security update
1.9-33.2 - pull up the patch to correct a possible NULL pointer dereference in kadmind CVE-2012-1013, 827517 1.9-33.1 - add candidate patch from upstream to fix freeing uninitialized pointer in the KDC MITKRB5-SA-2012-001, CVE-2012-1015, 839859...
glibc security and bug fix update
2.5-81.el58.4 - Fix iconv segfault if the invalid multibyte character 0xffff is input when converting from IBM930 837896 2.5-81.el58.3 - Fix unbound alloca in vfprintf 833720...
libtiff security update
3.9.4-6 - Add fixes for CVE-2012-2088, CVE-2012-2113 Resolves: 835748...
openssl security update
0.9.7a-43.18.0.1 - fix for CVE-2012-2110 - memory corruption in asn1d2ireadbio 814185 backport of OL5 patch 0.9.7a-11.2 by Tomas Mraz...
libtiff security update
3.9.4-5 - Add fix for CVE-2012-1173 Resolves: CVE-2012-1173...
freetype security update
2.3.11-6.el62.9 - Fix CVE-2012-1126, 1127, 1130, 1131, 1132, 1134, 1136, 1137, 1139, 1140, 1141, 1142, 1143, 1144 - Properly initialize array 'result' in FTOutlineGetOrientation - Check bytes per row for overflow in bdfparseglyphs - Resolves: 806268...
cups security and bug fix update
1:1.3.7-30 - Backported patch to fix transcoding for ASCII bug 759081, STR 3832. 1:1.3.7-29 - The imageto filters could crash with bad GIF files CVE-2011-2896, STR 3867, STR 3914, bug 752118. 1:1.3.7-28 - Web interface didn't show completed jobs for printer STR 3436, bug 625900 - Serial backend...
xulrunner security update
1.9.2.26-2.0.1.el62 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 1.9.2.26-2 - added fix for mozbz727401...
libpng security update
2:1.2.10-7.1.el57.5 - Install the correct fix for CVE-2011-2690 Resolves: 721303 2:1.2.10-7.1.el57.4 - Back-port fixes for CVE-2011-2690, CVE-2011-2692 Note: CVE-2011-2691, announced at the same time, does not apply to 1.2.10; likewise for CVE-2011-2501 Resolves: 721303...
thunderbird security update
1.5.0.12-38.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js - Replaced clean.gif in tarball 1.5.0.12-39 - Added fixes from 1.9.2.18...
xerces-j2 security update
0:2.7.1-12.6 - Add xerces-j2-CVE-2009-2625.patch - Resolves: rhbz690931 CVE-2009-2625...
bind security update
32:9.7.3-2.1.P1 - update to 9.7.3-P1 CVE-2011-1910...
apr security update
1.3.9-3.1 - add fix for CVE-2011-0419 703520...
thunderbird security update
1.5.0.12-38.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js - Replaced clean.gif in tarball 1.5.0.12-38 - Added fixes for mozbz645565 and mozbz646460 1.5.0.12-37 - Added fixes from 1.9.1.19...
seamonkey security update
1.0.9-67.0.1.el48 - Add mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and remove corresponding RedHat ones 1.0.9-67.el4 - Added fixes from 1.9.1.17...
java-1.6.0-openjdk security update
1.6.0.0-1.39.b17 - respin of IcedTea6 1.7.10 - Resolves: rhbz676276 1.6.0.0-1.37.b17 - Updated to IcedTea6 1.7.10 - Resolves: rhbz676276...
mysql security update
4.1.22-2.el4.4 - Add fixes for CVE-2010-1848, CVE-2010-3681, CVE-2010-3840 Resolves: 645637 - Backpatch longlong overflow fix so that code can be tested on more recent platforms...
cups security update
1:1.1.22-0.rc1.9.32:.10 - Applied small fix to CVE-2009-0791 change: allow objSize=0 in gmallocCn if C 0. As well as being correct, this aids with testing the fix for CVE-2009-3609. 1:1.1.22-0.rc1.9.32:.9 - Back-ported upstream patch to fix integer overflow in pdftops ImageStream CVE-2009-3609, b...
gpdf security update
2.8.2-7.7.2.el48.7 - Add gpdf-2.8.2-CVE-2010-3702.patch Properly initialize parser - Add gpdf-2.8.2-CVE-2010-3704.patch Fix crash in broken pdf code 0 - Resolves: 639831...
xpdf security update
2.02-19.el3 - Resolves: 639826, CVE-2010-3702, uninitialized Gfx::parser pointer dereference 2.02-18.el3 - Resolves: 639826, CVE-2010-3702, uninitialized Gfx::parser pointer dereference...
kernel security and bug fix update
2.6.9-89.0.28.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
kdebase security update
6:3.5.4-21.0.1.el55.1 - Update definition of KONQUERORVERSION in specfile 6:3.5.4-21.1 - Resolves: 570622, CVE-2010-0436 kdm privilege escalation flaw...
curl security, bug fix and enhancement update
7.15.5-9 - http://curl.haxx.se/docs/adv20100209.html 565408 7.15.5-8 - mention lack of IPv6, FTPS and LDAP support while using a socks proxy 473128 - avoid tight loop if an upload connection is broken 479967 - add options --ftp-account and --ftp-alternative-to-user to program help 517084 - fix...
cpio security update
2.5-16.1 - CVE-2010-0624 fix heap-based buffer overflow by expanding a specially-crafted archive...
cups security update
1:1.3.7-11:.6 - Applied patch for CVE-2010-0302 incomplete fix for CVE-2009-3553, bug 557775...
kvm security and bug fix update
kvm-83-105.0.1.el54.27 - Add kvm-add-oracle-workaround-for-libvirt-bug.patch kvm-83-105.el54.27 - kvm-kernel-KVM-VMX-Check-cpl-before-emulating-debug-register-ac.patch bz563516 - Resolves: bz563516 KVM: Check cpl before emulating debug register access rhel-5.4.z kvm-83-105.el54.26 -...