8967 matches found
cpio security and bug fix update
2.11-24 - fix for CVE-2014-9112 2.11-23 - better check for read error rhbz1138148 - fix ru translation rhbz1075513...
autofs security, bug fix and enhancement update
5.0.7-54.0.1 - add autofs-5.0.5-lookup-mounts.patch Orabug:12658280 Bert Barbe 1:5.0.7-54 - bz1263508 - Heavy program map usage can lead to a hang - fix out of order call in program map lookup. - Resolves: rhbz1263508 1:5.0.7-53 - bz1238573 - RFE: autofs MAPHASHTABLESIZE description - update...
kvm security update
kvm-83-274.0.1.el5 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83.274.el5 - net-add-checks-to-validate-ring-buffer-pointers.patch bz1263272 - Resolves: bz1263272 CVE-2015-5279 kvm: qemu: Heap overflow vulnerability in ne2000receive...
subversion security update
1.7.14-7.1 - add security fixes for CVE-2015-0248, CVE-2015-0251, CVE-2015-3184, CVE-2015-3187...
firefox security update
38.2.1-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.2.1-1 - Update to 38.2.1 ESR...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-98.1.1 - md: use kzalloc when bitmap is disabled Benjamin Randazzo Orabug: 21563041 CVE-2015-5697...
libuser security update
0.56.13-8 - Update CVE-2015-3246 patch based on review comments Resolves: 1235518 0.56.13-7 - Dont use 512-bit RSA private keys in tests Related: 1235518 - Fix testsuite failures if more than one architecture is building concurrently Related: 1235518 0.56.13-6 - Fix CVE-2015-3246 Resolves: 123551...
grep security, bug fix, and enhancement update
2.20-3 - Updated pcre buildrequires to require pcre-devel = 7.8-7 Related: rhbz1193030 2.20-2 - Fixed invalid UTF-8 byte sequence error in PCRE mode by pcre-backported-fixes patch Resolves: rhbz1193030 - Fixed buffer overrun for grep -F Resolves: CVE-2015-1345 - Fixed bogus date in the changelog...
autofs security and bug fix update
5.0.5-113.0.1 - add autofs-5.0.5-lookup-mounts.patch Orabug:12658280 Bert Barbe use tcp instead of udp 5.0.5-113 - bz1201195 - autofs: MAPFMTDEFAULT is not macro in lookupprogram.c - fix macro usage in lookupprogram.c. - Resolves: rhbz1201195 5.0.5-112 - bz1124083 - Autofs stopped mounting...
kvm security update
kvm-83-272.0.1.el5 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83.272.el5 - kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch bz1219266 - Resolves: bz1219266 kvm: qemu: floppy disk controller flaw rhel-5.11.z...
kvm security update
kvm-83-270.0.1.el511 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83-270.el5 - KVM: x86: Check non canonical addresses upon WRMSR - Resolves: bz1152982 CVE-2014-3610 kernel: kvm: noncanonical MSR writes rhel-5.11.z kvm-83-269.el5 - KVM:...
qemu-kvm security and bug fix update
0.12.1.2-2.448.el66.2 - kvm-cirrus-fix-blit-region-check.patch bz1170571 - kvm-cirrus-don-t-overflow-CirrusVGAState-cirrusbltbuf.patch bz1170571 - Resolves: bz1170571 CVE-2014-8106 qemu-kvm: qemu: cirrus: insufficient blit region checks rhel-6.6.z 0.12.1.2-2.448.el66.1 -...
firefox security update
31.6.0-2.0.1.el511 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 31.6.0-1 - Update to 31.6.0 ESR Build 2 31.6.0-1 - Update to 31.6.0 ESR...
pcre security and enhancement update
8.32-14 - Fix CVE-2014-8964 unused memory usage on zero-repeat assertion condition bug 1169797 8.32-13 - Disable unsupported JIT mode on little-endian 64-bit PowerPC platform bug 1125642 - Raise optimization level to 3 on little-endian 64-bit PowerPC bug 1123498...
subversion security update
1.7.14-7 - add security fixes for CVE-2014-3528, CVE-2014-3580, CVE-2014-8108...
rsyslog5 and rsyslog security update
5.8.12-5.0.1 - use setsid to get a controlling session and process group Orabug: 17364545 5.8.12-5 - fix CVE-2014-3634 resolves: 1149158...
nss security update
nss 3.16.2-7.0.1.el70 - Added nss-vendor.patch to change vendor 3.16.2-7 - Resolves: Bug 1145433 - CVE-2014-1568 3.16.2-6 - Rolling back to commit e5fb6e476c179665976e906604496cbbb24f22a7 - Related: Bug 1145433 nss-softokn 3.16.2-3 - Resolves: Bug 1145433 - CVE-2014-1568 nss-util 3.16.2-2 -...
resteasy-base security update
2.3.5-3 - Resolves: rhbz1121917 - CVE-2014-3490: XXE via parameter entities...
thunderbird security update
24.7.0-1.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.7.0-1 - Update to 24.7.0...
wireshark security update
1.0.15-6.0.1.el5 - Added oracle-ocfs2-network.patch - increase max packet size to 65536 Herbert van den Bergh orabug 13542633 1.0.15-6 - security patches - Resolves: CVE-2012-6056 CVE-2012-6060 CVE-2012-6061 CVE-2012-6062 CVE-2013-3557 CVE-2013-3559 CVE-2013-4081 CVE-2013-4083 CVE-2013-4927...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-26.2.2.el6uek - netfilter: nfconntrackdccp: fix skbheaderpointer API usages Daniel Borkmann Orabug: 18421673 CVE-2014-2523 - cifs: ensure that uncached writes handle unmapped areas correctly Jeff Layton Orabug: 18461067 CVE-2014-0069 CVE-2014-0069 - net: sctp: fix sctpsfdo51Dce ...
samba4 security update
4.0.0-60.rc4 - resolves: 1018039 - Fix CVE-2013-4408. 4.0.0-59.rc4 - Fix usage of client min/max protocol options in winbindd - related: 949993...
gimp security update
2:2.6.9-6 - fix overflow in XWD loader CVE-2013-1913, CVE-2013-1978 2:2.6.9-5 - fix overflow in XWD loader 879302 2:2.6.9-5 - fix overflow in GIF loader 847303 2:2.6.9-5 - fix overflows in GIF, CEL loaders 727800, 839020 2:2.6.9-4.1 - fix various overflows 666793, 703403, 703405, 703407, 704512...
gnupg2 security update
2.0.14-6 - fix CVE-2013-4351 gpg treats no-usage-permitted keys as all-usages-permitted 2.0.14-5 - fix CVE-2012-6085 GnuPG: readblock corrupt key input validation - fix CVE-2013-4402 GnuPG: infinite recursion in the compressed packet parser...
xorg-x11-server security update
1.13.0-11.1.2 - CVE-2013-4396: Fix use-after free in ImageText requests 1014561...
libvirt security and bug fix update
0.10.2-18.0.1.el64.14 - Replace docs/et.png in tarball with blank image 0.10.2-18.el64.14 - spec: Update requirements to pick up rebuilt polkit CVE-2013-4311 0.10.2-18.el64.13 - spec: Fix messed up dependency on polkit CVE-2013-4311 0.10.2-18.el64.12 - Introduce APIs for splitting/joining strings...
bind97 security update
32:9.7.0-17.P2.2 - fix for CVE-2013-4854...
firefox security update
firefox 17.0.6-1.0.1.el64 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 17.0.6-1 - Update to 17.0.6 ESR 17.0.5-2 - Updated XulRunner check xulrunner 17.0.6-2.0.1.el64 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed...
icedtea-web security update
1.2.1-1 - Updated to 1.2.1 - Resolves: CVE-2012-3422 - Resolves: CVE-2012-3423...
ImageMagick security and bug fix update
6.2.8.0-15.el5 - Fix for PostScript conversion was incomplete, as larger documents would end up being cropped without the -g option 797364 6.2.8.0-14.el5 - Add fix for CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 - Add fix for CVE-2012-0259 CVE-2012-0260 CVE-2012-1798 6.2.8.0-13.el5 -...
gnutls security update
1.4.1-7.2 - fix CVE-2011-4128 - buffer overflow in gnutlssessiongetdata 752308 - fix CVE-2012-1569 - missing length check when decoding DER lengths 804920 - fix CVE-2012-1573 - security issue in packet parsing 805432...
libtasn1 security update
2.3-3.1 - fix CVE-2012-1569 - missing length check when decoding DER lengths 804920...
libpng security update
2:1.2.48-1 - Update to libpng 1.2.48, for minor security issues CVE-2011-3045 Resolves: 801663...
thunderbird security update
3.1.18-1.0.1.el62 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball 3.1.18-1 - Update to 3.1.18...
ruby security update
1.8.5-22.1 - Properly initialize the random number generator when forking new process ruby-1.8.7-CVE-2011-3009.patch - Related: rhbz768829 1.8.5-21.1 - Revert accidential move of tcl/tk libraries. - Related: rhbz768829 1.8.5-20.1 - Address CVE-2011-4815 "DoS excessive CPU use via hash...
libxml2 security update
2.6.16-12.9.0.1 - Add oracle-enterprise.patch and replace doc/redhat.gif in the tarball 2.6.16-12.9 - Fix an off by one error in encoding CVE-2011-0216 - Fix missing error status in XPath evaluation CVE-2011-2834 - Make sure the parser returns when getting a Stop order CVE-2011-3905 - Fix an...
thunderbird security update
3.1.16-2.0.1.el61 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball 3.1.16-2 - Update to 3.1.16...
dbus security update
1:1.2.24-5 - Merge changes from RHEL-6 branch: Drop default patch fuzz Merge CVE-2010-4352.patch from RHEL-60-Z - Apply patches for CVE-2011-2200 - Resolves: 725313...
krb5-appl security update
1.0.1-2.1 - ftpd: add candidate patch to detect setegid/setregid/setresgid and check for errors when calling them MITKRB5-SA-2011-005, CVE-2011-1526, 713341...
xen security update
3.0.3-120.el56.2 - Fix logic and integer overflow in xctrybzip2decode rhbz 696938 - Fix logic and integer overflow in xctrylzmadecode rhbz 696938 - Fix integer and buffer overflows in xcdomprobebzimagekernel rhbz 696938...
libvirt security update
0.8.2-15.0.1.el56.4 - Replaced docs/et.png in tarball 0.8.2-15.el56.4 - Make error reporting in libvirtd thread safe CVE-2011-1486...
kdenetwork security update
7:4.3.4-11.1 - CVE-2010-1000, improper sanitization of metalink attribute for downloading files...
krb5 security update
1.8.2-3.4 - add upstream patches to fix standalone kpropd exiting if the per-client child process exits with an error, and hang or crash in the KDC when using the LDAP kdb backend CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, 671101 1.8.2-3.3 - pull up crypto changes made between 1.8.2 and 1.8.3 t...
bind security update
32:9.7.0-5.P2.1 - fix CVE-2010-3613 and CVE-2010-3614...
openssl security update
0.9.7a-43.17.6 - CVE-2010-4180 - disable code for SSLOPNETSCAPEREUSECIPHERCHANGEBUG 659462 - CVE-2009-3245 - fix missing checks on allocation failure in bnwexpand 570924...
seamonkey security update
1.0.9-66.0.1.el48 - Add mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and remove corresponding RedHat ones 1.0.9-66.el4 - Added fixes from 1.9.1.16...
seamonkey security update
1.0.9-65.0.1.el48 - Added mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and emoved corresponding RedHat ones 1.0.9-65.el4 - Added fix for mozbz607222...
dbus security update
1.1.2-12.el54.1 - CVE-2009-1189 dbus: invalid fix for CVE-2008-3834...
PyXML security update
0.8.4-4.2 - Use system expat library Resolves: 531852 0.8.4-4.1 - Fix buffer over read Resolves: 531852...
cman security, bug fix, and enhancement update
2.0.115-1 - RSA II fencing agent has been fixed. - Resolves: rhbz493802 2.0.114-1 - local variable 'verbosefilename' referenced before assignment has been fixed - RSA II fencing agent has been fixed. - Resolves: rhbz493802 rhbz514758 2.0.113-1 - Limitations with 2-node fencescsi are now properly...