9172 matches found
kdebase security update
6:3.5.4-21.0.1.el55.1 - Update definition of KONQUERORVERSION in specfile 6:3.5.4-21.1 - Resolves: 570622, CVE-2010-0436 kdm privilege escalation flaw...
curl security, bug fix and enhancement update
7.15.5-9 - http://curl.haxx.se/docs/adv20100209.html 565408 7.15.5-8 - mention lack of IPv6, FTPS and LDAP support while using a socks proxy 473128 - avoid tight loop if an upload connection is broken 479967 - add options --ftp-account and --ftp-alternative-to-user to program help 517084 - fix...
cpio security update
2.5-16.1 - CVE-2010-0624 fix heap-based buffer overflow by expanding a specially-crafted archive...
postgresql security update
8.1.18-2.el54.1 - Remove unnecessary .o file that confuses TPS tests Related: 525284 8.1.18-1.el54.1 - Update to PostgreSQL 8.1.18 to fix CVE-2009-0922, CVE-2009-3230, and assorted other bugs described at http://www.postgresql.org/docs/8.1/static/release.html Resolves: 525284...
cman security, bug fix, and enhancement update
2.0.115-1 - RSA II fencing agent has been fixed. - Resolves: rhbz493802 2.0.114-1 - local variable 'verbosefilename' referenced before assignment has been fixed - RSA II fencing agent has been fixed. - Resolves: rhbz493802 rhbz514758 2.0.113-1 - Limitations with 2-node fencescsi are now properly...
freetype security update
2.2.1-21 - Add freetype-2009-CVEs.patch - Resolves: 496111...
firefox security update
xulrunner: 1.9.0.7-3.0.1.el5 - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one 1.9.0.7-3 - Updated per 1.9.0.8 firefox: 3.0.7-3.0.1.el4 - Update firstrun and homepage URLS - Add oracle-firefox-branding.patch - Add firefox-oracle-default-prefs.js and...
sudo security update
1.6.9p17-3.el53.1 - audit patch rediff one chunk failed to apply due to fuzz=0 - Fix for incorrect handling of groups in RunasUser 481720 Resolves: 481820...
xorg-x11 security update
6.8.2-1.0.1.EL.33.0.4 - Add Enterprise Linux detection - Add XFree86-4.3.0-oracle-bug-report-address-update.patch 6.8.2-1.EL.33.0.4 - cve-2008-2360.patch: Render AllocateGlyph extension Integer overflows - fix 6.8.2-1.EL.33.0.3 - cve-2008-1377.patch: Record and Security Extension Input validation...
dovecot security and bug fix update
1.0.7-2 - LDAP+auth cache user login mixup CVE-2007-6598, 427575 - insecure mailextragroups option CVE-2008-1199, 436927 1.0.7-1 - update to latest upstream, fixes a few bugs 331441, 245249, plus two security vulnerabilities CVE-2007-2231, CVE-2007-4211 - increased default loginprocesssize to 64...
libvorbis security update
1.1.2-3.el5.2 - fix release tag Related: 444707 1.1.2-3.el5.1 - fix CVE-2008-1420, CVE-2008-1419, CVE-2008-1423 Resolves: 444707...
Moderate: httpd security update
2.2.3-12.el51.3.0.1 - use oracle index page oracleindex.html, update vstring and distro 2.2.3-12.el51.3 - further update to backport for CVE-2007-6421 427240 2.2.3-12.el51.2 - updated backport for CVE-2007-6421 427240 2.2.3-11.el51.1 - add security fixes for CVE-2007-6388, CVE-2007-6421 and...
Important: poppler security update
2.3.27-8.1 Fixes for: - 345101 - CVE-2007-4352 xpdf memory corruption in DCTStream::readProgressiveDataUnit - 345111 - CVE-2007-5392 xpdf buffer overflow in DCTStream::reset - 345121 - CVE-2007-5393 xpdf buffer overflow in CCITTFaxStream::lookChar...
Important: nfs-utils-lib security update
1.0.8-7.2.z2 - Updated libnfsidmap to -17 to fix a security issue bz 254041 1.0.8-7.2.z1 - Fixed RPC library buffer overflow bz 265061...
Important: nfs-utils-lib security update
1.0.6-8.z1 - Fixed RPC library buffer overflow bz 265001...
Moderate: kernel security and bugfix update
2.6.9-55.0.6.0.1 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix for nfs open call taking longer issue Chuck Lever orabug 5580407 bz 219412 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach...
Moderate: tar security update
1.14-12.5.1.RHEL4 - CVE-2007-4131 tar directory traversal vulnerability 251921...
Moderate: bind security update
9.2.4-27.0.1.el4 - fixed cryptographically weak query id generator CVE-2007-2926...
Moderate: cups security update
1.1.22-0.rc1.9.18 - REVERTED these changes: - Applied patch from STR 1301 bug 195354. - Patch pdftops to understand 'includeifexists', and use that in the pdftops.conf file bug 188583. - Clear the printer's statemessage and statereasons after successful job completion bug 187457. - Include...
nginx:1.22 security update
1.22.1-8.0.1.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 1:1.22.1-8.1 - Resolves: RHEL-84486 - nginx:1.22/nginx: specially crafted MP4 file may cause denial of service CVE-2024-7347 1:1.22.1-8 - Resolves: RHEL-49349 - nginx worker...
tigervnc security update
1.13.1-15 - Fix CVE-2025-26594 xorg-x11-server Use-after-free of the root cursor Resolves: RHEL-79397 - Fix CVE-2025-26595 xorg-x11-server Buffer overflow in XkbVModMaskText Resolves: RHEL-79401 - Fix CVE-2025-26596 xorg-x11-server Heap overflow in XkbWriteKeySyms Resolves: RHEL-79386 - Fix...
python-jinja2 security update
2.10.1-5 - Security fix for CVE-2024-34064 Resolves: RHEL-35651...
pki-core security update
11.5.0-2.0.1 - Replaced upstream graphical references Orabug: 33952704 11.5.0-2 - RHEL-9916 CVE-2023-4727 pki-core: dogtag ca: token authentication bypass vulnerability...
ansible-core bug fix, enhancement, and security update
2.16.3-2 - rebuild with python 3.12 RHEL-24141 2.16.3-1 - ansible-core 2.16.3 release RHEL-23782 - Fix CVE-2024-0690 possible information leak in tasks that ignore ANSIBLENOLOG configuration RHEL-22123 2.16.2-1 - ansible-core 2.16.2 release RHEL-19297 2.16.1-1 - ansible-core 2.16.1 release...
python3.11-urllib3 security update
1.26.12-2 - Security fix for CVE-2023-43804 Resolves: RHEL-11996...
poppler security update
21.01.0-11 - Fix crashes in FoFiType1C - Rebuild for inclusion of poppler-glib-doc in CRB - Resolves: RHEL-4255, RHEL-4273 21.01.0-10 - Check XRef's Catalog for being a Dict - Resolves: 2189816 20.11.0-9 - Check isDict before calling getDict 2 - Resolves: 2189837 20.11.0-8 - Check isDict before...
motif security update
2.3.4-28 - Fix CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer - Fix CVE-2023-43789: out of bounds read on XPM with corrupted colormap...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.330.7.1.el8 - KVM: x86: Add BHINO Daniel Sneddon Orabug: 36384803 CVE-2024-2201 - x86/bhi: Mitigate KVM by default Pawan Gupta Orabug: 36384803 CVE-2024-2201 - x86/bhi: Add BHI mitigation knob Pawan Gupta Orabug: 36384803 CVE-2024-2201 - x86/bhi: Enumerate Branch History Injection BHI...
less security update
530-2 - Fix CVE-2022-48624 - Resolves: RHEL-26265...
postgresql-jdbc security update
42.2.28-1 - rebase to 42.2.28 - fix for CVE-2024-1597...
postgresql:12 security update
pgaudit 1.4.0-7 - Release bump to avoid regression in nvrs - Resolves: RHEL-24969 pgrepack postgres-decoderbufs postgresql 12.18-1.0.1 - Update to version 12.18 - Fixes CVE-2024-0985...
gstreamer-plugins-bad-free security update
0.10.23-24 - Patch CVE-2023-44446: MXF demuxer use-after-free - Disable gtk-doc to fix the build - Resolves: RHEL-16792...
gnutls security update
3.6.16-8 - timing side-channel in the RSA-PSK authentication CVE-2023-5981...
thunderbird security update
115.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.6.0-1 - Update to 115.6.0 build2...
xorg-x11-server security update
1.20.4-25 - CVE fix for: CVE-2023-6377, CVE-2023-6478 Resolves: https://issues.redhat.com/browse/RHEL-18416 Resolves: https://issues.redhat.com/browse/RHEL-18428...
skopeo security update
2:1.13.3-3 - Rebuild with golang 1.20.10 - Related: Jira:RHEL-2786 2:1.13.3-2 - Rebuild with golang 1.21.3 - Related: Jira:RHEL-2786...
python3.11 security update
3.11.5-1 - Rebase to 3.11.5 - Security fixes for CVE-2023-40217 and CVE-2023-41105 Resolves: RHEL-3047, RHEL-3267 3.11.4-4 - Add the importallmodulespy311.py file for the python3.11-rpm-macros subpackage Resolves: rhbz2207631 3.11.4-3 - Fix symlink handling in the fix for CVE-2023-24329 Resolves:...
curl security update
7.76.1-26 - unify the upload/method handling CVE-2023-28322 - fix host name wildcard checking CVE-2023-28321 7.76.1-25 - adapt the fix of CVE-2023-27535 for RHEL 9 curl 7.76.1-24 - fix SSH connection too eager reuse still CVE-2023-27538 - fix GSS delegation too eager connection re-use...
squid security update
7:3.5.20-17.0.1 - Mutiple CVE fixes for squid Orabug: 33146289 - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing 788 - Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range...
thunderbird security update
115.4.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.4.1-1 - Update to 115.4.1 build1 115.4.0-3 - Update to 115.4.0 build3 115.4.0-2 - Update to 115.4.0 build2 115.4.0-1 - Update to 115.4.0 build1...
kvm_utils2 security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 7.10.0-3.el8 - virpci: Resolve leak in virPCIVirtualFunctionList cleanup Tim Shearer Orabug: 35395469 CVE-2023-2700 libvirt-dbus libvirt-python 7.10.0-3.el8 - Update version number to match libvirt 7.10.0-3 Karl Heubaum nbdkit...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.323.8.2.el7 - netfilter: nfnetlinkosf: avoid OOB read Wander Lairson Costa Orabug: 35824307 - netfilter: xtsctp: validate the flaginfo count Wander Lairson Costa Orabug: 35824307 - netfilter: xtu32: validate user space input Wander Lairson Costa Orabug: 35824307 - netfilter: ipset: ad...
postgresql:15 security update
pgaudit pgrepack postgres-decoderbufs postgresql 15.3-1 - Update to upstream version 15.3 - Fixes: CVE-2023-2454 CVE-2023-2455 - Resolves: 2207934...
libwebp security update
1.2.0-7 - Added fix for CVE-2023-4863...
postgresql:13 security update
pgaudit pgrepack postgres-decoderbufs postgresql 13.11-1.0.1 - Update to 13.11 - Resolves: 2212815 - Update postgresql-setup to 8.7 https://github.com/devexp-db/postgresql-setup/pull/35 - Resolves: 2207933 - Update 1001-Fixed-postgresql-service-network-binding-issue.patch for postgresql-setup...
linux-firmware security update
20230516-999.25.git6c9e0ed5.el9 - Add missing amd-ucode/ files to nano and core rpm Orabug: 35642190 - Add posttrans scriptlet to reload microcode on AMD Orabug: 35636951 - Recreate initramfs for AMD systems Orabug: 35636951 20230516-999.24.git6c9e0ed5.el7 - 8a07fa49 linux-firmware: Update AMD...
linux-firmware security update
20230516-999.25.git6c9e0ed5.el8 - Add missing amd-ucode/ files to nano and core rpm Orabug: 35642190 - Add posttrans scriptlet to reload microcode on AMD Orabug: 35636951 - Recreate initramfs for AMD systems Orabug: 35636951 20230516-999.24.git6c9e0ed5.el7 - 8a07fa49 linux-firmware: Update AMD...
Unbreakable Enterprise kernel security update
4.1.12-124.77.2 - media: dm1105: Fix use after free bug in dm1105remove due to race condition Zheng Wang Orabug: 35514108 CVE-2023-35824 - media: dvb-core: Fix kernel WARNING for blocking operation in waitevent Takashi Iwai Orabug: 35477742 CVE-2023-31084 - media: dvbfrontend: fix locking issues ...
linux-firmware security update
20230516-999.20.git6c9e0ed5.el7 - cd72938cb480 linux-firmware: Update AMD fam17h cpu microcode - 92624e57af69 linux-firmware: Update AMD cpu microcode...
kernel security, bug fix, and enhancement update
4.18.0-477.15.18.OL8 - net: tls: fix possible race condition between dotlsgetsockoptconf and dotlssetsockoptconf Hangyu Hua CVE-2023-28466...