9172 matches found
dhcp security update
12:4.1.1-31.P1.0.1.el63.1 - Added oracle-errwarn-message.patch 12:4.1.1-31.P1.1 - An error in the handling of malformed client identifiers can cause a denial-of-service condition in affected servers. CVE-2012-3571, 843120 - Memory Leaks Found In ISC DHCP CVE-2012-3954, 843120...
glibc security and bug fix update
2.5-81.el58.4 - Fix iconv segfault if the invalid multibyte character 0xffff is input when converting from IBM930 837896 2.5-81.el58.3 - Fix unbound alloca in vfprintf 833720...
krb5 security and bug fix update
1.6.1-70.el5 - add upstream patch for telnetd buffer overflow CVE-2011-4862, 770351 1.6.1-69.el5 - ftp: fix a static analysis should-never-happen NULL dereference 750823 1.6.1-68.el5 - backport fixes to teach libkrb5 to use descriptors higher than FDSETSIZE to talk to a KDC by using poll if it's...
conga security, bug fix, and enhancement update
0.12.2-51.0.1.el5 - Added conga-enterprise.patch - Added conga-enterprise-Carthage.patch to support OEL5 - Replaced redhat logo image in conga-0.12.2.tar.gz 0.12.2-51 - Fix bz711494 CVE-2011-1948 plone: reflected XSS vulnerability - Fix bz771920 CVE-2011-4924 Zope: Incomplete upstream patch for...
xulrunner security update
1.9.2.26-2.0.1.el62 - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 1.9.2.26-2 - added fix for mozbz727401...
php53 security update
5.3.3-1.6 - add security fix for CVE-2012-0830 786757...
libxml2 security update
2.6.16-12.9.0.1 - Add oracle-enterprise.patch and replace doc/redhat.gif in the tarball 2.6.16-12.9 - Fix an off by one error in encoding CVE-2011-0216 - Fix missing error status in XPath evaluation CVE-2011-2834 - Make sure the parser returns when getting a Stop order CVE-2011-3905 - Fix an...
php-pear security and bug fix update
1.9.4-4 - fix patch application for 747361 1.9.4-3 - ignore REST cache creation failures as non-root user 747361 1.9.4-2 - fix XML-Util provides 1.9.4-1 - update to 1.9.4 651897 - update XMLRPC to 1.5.4, StructuresGraph to 1.0.4, ArchiveTar to 1.3.7 1.9.1-1 - update to 1.9.1 651897 - fix...
netpbm security update
10.35.58-8.el5.3 - Actually apply the patch for - CVE-2009-4274 760849 10.35.58-8.el5.2 - fix xpmtoppm overfow - CVE-2009-4274 760849 10.35.58-8.el5.1 - fix libjasper heap buffer overflow CVE-2011-4516 CVE-2011-4517 760849...
dbus security update
1:1.2.24-5 - Merge changes from RHEL-6 branch: Drop default patch fuzz Merge CVE-2010-4352.patch from RHEL-60-Z - Apply patches for CVE-2011-2200 - Resolves: 725313...
libvirt security, bug fix, and enhancement update
0.8.2-22.0.1.el5 - Replaced docs/et.png in tarball libvirt-0.8.2-22.el5 - Fix auditing of disk hotunplug operations rhbz710151 libvirt-0.8.2-21.el5 - remote: Protect against integer overflow rhbz717207 0.8.2-20.el5 - Support enabling or disabling the HPET for Xen domains rhbz703193 - SMBIOS suppo...
ruby security update
1.8.1-16.el4 - Comply with guidelines - Related: rhbz709959 1.8.1-15.el4 - Address CVE-2011-1005 'Untrusted codes able to modify arbitrary strings' ruby-1.8.7-CVE-2011-1005.patch - Address CVE-2011-0188 'memory corruption in BigDecimal on 64bit platforms' ruby-1.8.7-CVE-2011-0188.patch - Address...
xen security update
3.0.3-120.el56.2 - Fix logic and integer overflow in xctrybzip2decode rhbz 696938 - Fix logic and integer overflow in xctrylzmadecode rhbz 696938 - Fix integer and buffer overflows in xcdomprobebzimagekernel rhbz 696938...
libvirt security update
0.8.2-15.0.1.el56.4 - Replaced docs/et.png in tarball 0.8.2-15.el56.4 - Make error reporting in libvirtd thread safe CVE-2011-1486...
kdenetwork security update
7:4.3.4-11.1 - CVE-2010-1000, improper sanitization of metalink attribute for downloading files...
krb5 security update
1.8.2-3.4 - add upstream patches to fix standalone kpropd exiting if the per-client child process exits with an error, and hang or crash in the KDC when using the LDAP kdb backend CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, 671101 1.8.2-3.3 - pull up crypto changes made between 1.8.2 and 1.8.3 t...
bind security update
32:9.7.0-5.P2.1 - fix CVE-2010-3613 and CVE-2010-3614...
openssl security update
0.9.7a-43.17.6 - CVE-2010-4180 - disable code for SSLOPNETSCAPEREUSECIPHERCHANGEBUG 659462 - CVE-2009-3245 - fix missing checks on allocation failure in bnwexpand 570924...
mysql security update
4.1.22-2.el4.4 - Add fixes for CVE-2010-1848, CVE-2010-3681, CVE-2010-3840 Resolves: 645637 - Backpatch longlong overflow fix so that code can be tested on more recent platforms...
cups security update
1:1.1.22-0.rc1.9.32:.10 - Applied small fix to CVE-2009-0791 change: allow objSize=0 in gmallocCn if C 0. As well as being correct, this aids with testing the fix for CVE-2009-3609. 1:1.1.22-0.rc1.9.32:.9 - Back-ported upstream patch to fix integer overflow in pdftops ImageStream CVE-2009-3609, b...
gpdf security update
2.8.2-7.7.2.el48.7 - Add gpdf-2.8.2-CVE-2010-3702.patch Properly initialize parser - Add gpdf-2.8.2-CVE-2010-3704.patch Fix crash in broken pdf code 0 - Resolves: 639831...
cups security update
1:1.3.7-11:.6 - Applied patch for CVE-2010-0302 incomplete fix for CVE-2009-3553, bug 557775...
kvm security and bug fix update
kvm-83-105.0.1.el54.27 - Add kvm-add-oracle-workaround-for-libvirt-bug.patch kvm-83-105.el54.27 - kvm-kernel-KVM-VMX-Check-cpl-before-emulating-debug-register-ac.patch bz563516 - Resolves: bz563516 KVM: Check cpl before emulating debug register access rhel-5.4.z kvm-83-105.el54.26 -...
bind security update
30:9.3.6-4.P1.2 - NSEC validation code could cause wrong NXDOMAIN responses 554851, CVE-2010-0097 - improve fix for CVE-2009-4022 538744 - C,DNAMEs could be returned to clients without proper DNSSEC validation - don't validate + cache out-of-bailiwick data returned with a secure answer. Refetch i...
krb5 security update
1.6.1-36.el54.1 - add candidate patch to correct KDC integer overflows which could be triggered by malformed RC4 and AES ciphertexts CVE-2009-4212, 546347...
dbus security update
1.1.2-12.el54.1 - CVE-2009-1189 dbus: invalid fix for CVE-2008-3834...
ntp security update
4.2.2p1-9.el54.1 - fix DoS with mode 7 packets 532639, CVE-2009-3563 - compile with -fno-strict-aliasing...
bind security update
30:9.3.6-4.P1.1 - don't cache unvalidated additional sections 538744...
firefox security update
firefox: 3.0.15-3.0.1.el54 - Update firstrun and homepage URLs in specfile - Added patch oracle-firefox-branding.patch - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones 3.0.15-3 - Rebuild due to Mozilla's respin 3.0.15-2 -...
kdegraphics security update
3.3.1-15.2 - Add missing NULL check to CVE-2009-3608 patch 3.3.1-15.1 - CVE-2009-0791...
cups security update
1:1.3.7-11:.3 - Include NULL pointer check in ObjectStream::getObject. Part of the fix for CVE-2009-3608 bug 526637. 1:1.3.7-11:.2 - Applied patch to fix CVE-2009-3608 bug 526637 and CVE-2009-3609 bug 526893...
kvm security and bug fix update
83-105.0.1.el54.7 - Add kvm-add-oracle-workaround-for-libvirt-bug.patch kvm-83-105.el54.7 - kvm-qemu-virtio-net-do-not-return-stack-pointer-from-fun.patch bz524557 - Resolves: bz524557 QEMU crash during virtio-net WHQL tests for Win2008 R2 kvm-83-105.el54.6 -...
dhcp security update
7:3.0.1-10.2EL3 - Make sure fix for 507734 is included Related: rhbz507734 7:3.0.1-10.1EL3 - Fix for CVE-2009-0692 Resolves: rhbz507734...
seamonkey security update
1.0.9-43.0.1.el48 - Added mozilla-oracle-default-prefs.js, and mozilla-oracle-default-bookmarks.html and removed corresponding Redhat ones 1.0.9-43.el4 - Added fixes from 1.9.0.11...
cups security update
1:1.1.22-0.rc1.9.32:.3 - Updated patch to fix CVE-2009-0791 to treat also cases gmallocint C + int nObjs int objSize bug 491840. 1:1.1.22-0.rc1.9.32:.2 - Applied patch to fix CVE-2009-0949 bug 500972. 1:1.1.22-0.rc1.9.32:.1 - Applied patch to fix CVE-2009-0791 bug 491840. - Applied patch to fix...
util-linux security and bug fix update
2.12a-24.el4 - fix 458539 - man nfs : wrong information about nfs version used 2.12a-23.el4 - fix 485004 - move mount doesnt correctly update mtab 2.12a-22.el4 - fix 472186 - mount -a has problems with duplicate labels in a mpath setup - fix 471372 - RHEL4: fdisk cannot create partition with...
ntp security update
4.2.2p1-9.el53.2 - fix buffer overflow when parsing Autokey association message 500783, CVE-2009-1252 - fix buffer overflow in ntpq 500783, CVE-2009-0159...
lcms security update
1.18-beta1.1.el53.2 - Add patch theoretically preventing division by zero 1.18-beta1.1.el53.1 - Rebase to upstream 1.18beta1 - CVE-2009-0581 LittleCms memory leak - CVE-2009-0723 LittleCms integer overflow - CVE-2009-0733 LittleCms lack of upper-bounds check on sizes - Resolves: 487513...
cups security update
1.1.17-13.3.56 - Applied patch to fix CVE-2008-3640 STR 2919, bug 486052, which was not fixed in previous attempt...
thunderbird security update
1.5.0.12-18.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js 1.5.0.12-18 - Update patchset to fix regression as per 1.8.1.19...
vim security update
6.3.046-1.el47.5z - remove duplicate vimtutor manpage 6.3.046-1.el47.4z - fix netrw 6.3.046-1.el47.3z - add fix for CVE-2008-4101 6.3.046-1.el46.2z - don't add empty line when editing files with netrw 6.3.046-1.el46.1z - fix erroneous quoting in CVE-2008-2712 patch 6.3.046-1.el46.z - add fix for...
thunderbird security update
1.5.0.12-16.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js 1.5.0.12-16 - Update patchset to fix regression as per 1.8.1.17 1.5.0.12-15 - Rebuild with system nss and nspr 1.5.0.12-14 - Add patches for backported fixes from 1.8.1....
ruby security update
1.6.8-12.el3 - ruby-1.6.8-string-CVE-2008-2664.patch: wrong patch. Fix a segfault. 1.6.8-11.el3 - CVE-2008-2376: Integer overflow in rbaryfill. 1.6.8-10.el3 - security fixes. 451931 - CVE-2006-6303: Fix the infinite loop issue with the malformed multipart data in cgi.rb. - CVE-2008-2663: Fix the...
firefox security update
1.5.0.12-15.el51.0.1 - Add firefox-oracle-default-bookmarks.html and firefox-oracle-default-prefs.js 1.5.0.12-15 - Update patchset to fix regressions as per 1.8.1.14...
seamonkey security update
1.0.9-15.el4.0.1 - Add mozilla-oracle-default-bookmarks.html, mozilla-oracle-default-prefs.js, and mozilla-home-page.patch with Oracle default URLs 1.0.9-15.el4 - Fix SMTP regression 1.0.9-14.el4 - Don't deny for native wrappers in an XBL Binding 1.0.9-13.el4 - Fix assertions in script 1.0.9-12.e...
Critical: krb5 security update
1.2.7-68 - add preliminary patch to fix use of uninitialized pointer / double-free in KDC CVE-2008-0062,CVE-2008-0063 432620, 432621 - add preliminary patch to fix incorrect handling of high-numbered descriptors in the RPC library CVE-2008-0948 435087...
Moderate: tk security update
8.4.7-3.EL46.1 - CVE-2008-0553 CVE-2007-5378 - GIF overflow and also GIF overflow Resolves: rhbz 432512...
Important: libXfont security update
1.2.2-1.0.3 - cve-2008-0006.patch: XFS Integer Overflow Vulnerability...
pam security, bug fix, and enhancement update
0.99.6.2-3.26 - removed realtime default limits 240123 from the package as it caused regression on machines with nonexistent realtime group 0.99.6.2-3.25 - added and improved translations 219124 - adjusted the default limits for realtime users 240123 0.99.6.2-3.23 - pamunix: truncated MD5 passwor...
Critical: pcre security update
6.6-2.1 - Resolves: 315951, CVE-2007-1659, CVE-2007-1660 6.6-1.2 - Resolves: 315951, CVE-2007-1659, CVE-2007-1660...