9173 matches found
evince and poppler security and bug fix update
evince 3.28.2-10 - Do not try to use iconview widget when in tree view mode - Resolves: 1610436 poppler 0.26.5-43 - Fix crash on broken file in tilingPatternFill - Resolves: 1801340...
openwsman security update
2.6.3-7.git4391e5c - Fix CVE-2019-3833 Resolves: 1677691...
e2fsprogs security and bug fix update
1.45.6-19 - fix issues with metabg when resizing file system 1849718 1.42.9-18 - fix out-of-bounds write on corrupted fs 1797731 - fix out-of-bounds write on corrupted fs 1768710 - fix e2fsprogs creating corrupted meta image 1711880 - fix typo in ext4 man page 1720130 - provide easy metod for...
libxslt security update
1.1.28-6.0.1 - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball 1.1.28-6 - Fix CVE-2019-18197 1775516 - Fix CVE-2019-11068 1715731...
mariadb security and bug fix update
1:5.5.68-1 - Rebase to 5.5.68 This is the last upstream release. This major version reached upstream EOL - Related to: rhbz1834835 1:5.5.67-2 - Resolves: rhbz1689827 1:5.5.67-1 - Rebase to 5.5.67 - Related to: rhbz1834835 - CVEs fixed: rhbz1821939 CVE-2020-2574 1:5.5.66-1 - Rebase to 5.5.66 -...
librabbitmq security update
0.8.0-3 - Resolves: 1809991, CVE-2019-18609 - integer overflow...
libssh2 security update
1.8.0-4 - fix integer overflow in SSHMSGDISCONNECT logic CVE-2019-17498 1.8.0-3 - sanitize public header file detected by rpmdiff 1.8.0-2 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix out-of-bounds memory comparison with specially...
cloud-init security, bug fix, and enhancement update
19.4-7.0.3 - Add conditional restart of NetworkManager for cloud-final. Orabug: 31965645 - Correct postinstall upgrade cloud-init.service mismerge order. 19.4-7.0.1 - Add Oracle Linux variant to known distros - Add cloud-init hotplug event handling support Orabug: 30485135 - Oracle data source...
libvirt security and bug fix update
4.5.0-36 - virDevMapperGetTargetsImpl: Be tolerant to kernels without DM support rhbz1823976 - virDevMapperGetTargetsImpl: quit early if device is not a devmapper target rhbz1823976 4.5.0-35 - qemu: dont take agent and monitor job for shutdown CVE-2019-20485 - qemu: dont hold a monitor and agent...
dbus security update
1:1.10.24-15.0.1 - fix netlink poll: error 4 Zhenzhong Duan 1:1.10.24-15 - Fix CVE-2020-12049 1851992...
httpd security, bug fix, and enhancement update
2.4.6-95.0.1 - replace index.html with Oracles index page oracleindex.html 2.4.6-95 - Resolves: 1823262 - CVE-2020-1934 httpd: modproxyftp use of uninitialized value 2.4.6-94 - Resolves: 1565491 - CVE-2017-15715 httpd: bypass with a trailing newline in the file name - Resolves: 1747283 -...
OpenEXR security update
1.7.1-8 - fix CVE-2020-11764 1833552 - fix CVE-2020-11763 1833566 - fix CVE-2020-11761 1834461...
expat security update
2.1.0-12 - add security fixes for CVE-2018-20843, CVE-2019-15903...
NetworkManager security and bug fix update
1:1.18.8-1 - Update to 1.18.8 relase - ifcfg-rh: handle '802-1x.,phase2-ca-path' rh 1841397, CVE-2020-10754 - ifcfg-rh: handle 802-1x.pin properties. 1:1.18.6-4 - ip-tunnel: set cloned-mac-address only for layer2 tunnel devices rh 1832170 1:1.18.6-3 - Update translations rh 1796852 1:1.18.6-2 -...
qemu-kvm security, bug fix, and enhancement update
1.5.3-175.el7 - kvm-vnc-fix-memory-leak-when-vnc-disconnect.patch bz1810408 - Resolves: bz1810408 CVE-2019-20382 qemu-kvm: QEMU: vnc: memory leakage upon disconnect rhel-7 1.5.3-174.el7 - kvm-util-add-slirpfmt-helpers2.patch bz1800515 - kvm-tcpemu-fix-unsafe-snprintf-usages2.patch bz1800515 -...
libwmf security and bug fix update
0.2.8.4-44 - Resolves: rhbz1840569 adapt to new urw-fonts 0.2.8.4-43 - Resolves: rhbz1679005 CVE-2019-6978 0.2.8.4-42 - Related: rhbz1239162 fix patch context...
cups security and bug fix update
1:1.6.3-51 - 1823758 - CVE-2017-18190 cups: DNS rebinding attacks via incorrect whitelist rhel-7 1:1.6.3-50 - 1813413 - RHEL 7.7 segfault in cupsdSaveJob caused by no space in /var 1:1.6.3-49 - more covscan issues raised from the fix 1672212 1:1.6.3-48 - fixing covscan issue from 1672212 1:1.6.3-...
openldap security update
2.4.44-22 - Fix CVE-2020-12243 openldap: denial of service via nested boolean expressions in LDAP search filters 1838405...
pcp security, bug fix, and enhancement update
4.3.2-12 - Fix pcp-atop dynamic memory initialization issues BZ 1818710 4.3.2-8 - Fix rpm %post privilege escalation CVEs BZs 1815249, 1815528 - Resolve an selinux policy issue with pmlogger BZ 1792859...
fontforge security update
20120731b-13 - Resolves:rh1790973 - CVE-2020-5395:out-of-bounds write in sfd.c...
samba security, bug fix, and enhancement update
4.10-16-5 - related: 1785121 - Add missing RPM Requires 4.10.16-2 - resolves: 1828354 - add additioanl hostnames to the keytab - resolves: 1836427 - add dnshostname option net-ads-join 4.10.16-1 - related: 1785121 - Rebase to version 4.10.16 4.10.15-5 - resolves: 1831986 - Fix gencache for normal...
exiv2 security update
0.27.0-3 - Validate relationship of the total size to the offset to avoid crash Resolves: bz1775695...
bluez security update
5.44-7 - fixing CVE-2020-0556...
unoconv security update
0.6-8 - Resolves: rhbz1803831 CVE-2019-17400...
webkitgtk4 security, bug fix, and enhancement update
2.28.2-2 - Resolves: rhbz1817144 Rebuild to support ppc and s390 2.28.2-1 - Resolves: rhbz1817144 Rebase to 2.28.2...
subversion security update
1.7.14-16 - add security fix for CVE-2018-11782...
glibc security, bug fix, and enhancement update
2.17-317.0.1 - Merge RH el7 u8 patches with Oracle patches Review-exception: Simple merge - Adding Mike Fabians C.utf-8 patch C.utf-8 is a unicode-aware version of the C locale Orabug 29784239. Reviewed-by: Jose E. Marchesi - Remove glibc-ora28641867.patch as duplicate of glibc-rh1705899-4.patch ...
tigervnc security and bug fix update
1.8.0-21 - Add upstream patch needed because of previous security fixes Resolves: bz1826822 1.8.0-20 - Fix stack buffer overflow in CMsgReader::readSetCursor Resolves: bz1791773 - Fix heap buffer overflow in DecodeManager::decodeRect Resolves: bz1791768 - Fix heap buffer overflow in...
libvpx security update
1.3.0-8 - Fix for CVE-2020-0034 - Resolves: rhbz1823909 1.3.0-7 - Fix for CVE-2019-9232 and CVE-2019-9433 - Resolves: rhbz1796085, rhbz1796099 1.3.0-6 - Fix for CVE-2017-0393 - Resolves: rhbz1779498 1.3.0-4 - fix Illegal Instruction abort 1.3.0-3 - update library symbol list for 1.3.0 from Debian...
cpio security update
2.11-28 - Improper input validation when writing tar header fields 1766222...
qt5-qtbase security update
5.9.7-4 - Fix: Files placed by attacker can influence the working directory and lead to malicious code execution Resolves: bz1814740 Resolves: bz1814685 5.9.7-3 - Fix multilib issue with qtcore-config.h header file Resolves: bz1534528 - Move libQt5EglFSDeviceIntegration lib into correct subpackag...
spamassassin security update
3.4.0-6 - Fix CVE-2019-12420 - Resolves: rhbz1812976...
hunspell security update
1.3.2-16 - Resolves: rhbz1775556 CVE-2019-16707...
libexif security, bug fix, and enhancement update
0.6.22-1 - Upgrade to 0.6.22 - Resolves: 1841316...
libtiff security update
4.0.3-35 - Fix two resource leaks Related: 1771371 4.0.3-34 - Fix CVE-2019-17546 Resolves: 1771371 4.0.3-33 - Fix CVE-2019-14973 Resolves: 1755704...
libsrtp security and bug fix update
1.4.4-11.20101004cvs - Fix global buffer overflow Resolves: bz1301202 - Fix improper handling of CSRC count and extension header length in RTP header Resolves: bz1323705 - Fix buffer overflow in application of crypto profiles Resolves: bz1141897...
systemd security and bug fix update
219-78.0.1 - Backport upstream patches related to private-tmp Sushmita Bhattacharya Orabug: 31561883 - backport upstream pstore tmpfiles patch Eric DeVolder Orabug: 31414539 - udev rules: fix memory hot add and remove Orabug: 31309730 - enable and start the pstore service Orabug: 30950903 - fix t...
mod_auth_openidc security update
1.8.8-7 - Fix a regression in the previous patches - Related: rhbz1805748 - CVE-2019-20479 modauthopenidc: open redirect issue exists in URLs with slash and backslash rhel-7 1.8.8-6 - Resolves: rhbz1805748 - CVE-2019-20479 modauthopenidc: open redirect issue exists in URLs with slash and backslas...
libsndfile security update
1.0.25-12 - fix CVE-2018-19662 - buffer over-read in the function i2alawarray 1673086...
tomcat security and bug fix update
0:7.0.76-15 - Resolves: CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS 0:7.0.76-14 - Revert rhbz1814315 because it caused other issues with ipa-server, see rhbz1831127 - Resolves: CVE-2020-9484 tomcat: Apache Tomcat Remote Code Executio...
kernel security, bug fix, and enhancement update
3.10.0-1160.OL7 - Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.3 3.10.0-1160 - kernel modsign: Add...
libmspack security update
0.5-0.8.alpha - Fix for CVE-2019-1010305 resolves: rhbz1736744...
freeradius security and bug fix update
3.0.13-15 - Fixes EAP-PWD: DoS issues due to multithreaded BNCTX access Resolves: bz1818808 3.0.13-14 - Fixes receiving of multiple RADIUS packets under load Resolves: bz1630684 3.0.13-13 - Fixes logging of cleartext pap password Resolves: bz1677435 3.0.13-12 - Fixes paircompare with attribute...
okular security update
4.10.5-9 - Document::processAction: If the url points to a binary, dont run it Resolves: bz1821451...
audiofile security update
1:0.3.6-9 - Apply security patches. CVE-2018-17095, CVE-2018-13440 - Resolves: rhbz1600369, rhbz1601014, rhbz1637128 1:0.3.6-8 - Escape macros in %changelog 1:0.3.6-7 - Merge upstream pull requests 42,43,44 from Agostino Sarubbo to fix security issues. CVE-2017-6827, CVE-2017-6828, CVE-2017-6829,...
glib2 and ibus security and bug fix update
glib2 2.56.1-7 - Backport patch to limit access to files when copying CVE-2019-12450 Resolves: 1722099 2.56.1-6 - Backport patches for GDBus auth Resolves: 1777221 ibus 1.5.17-11 - Resolves: 1750835 - Fix CVE-2019-14822 missing authorization allows...
curl security update
7.29.0-59.0.1 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug: 30568724 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitiv...
libpng security update
2:1.5.13-8 - Fix CVE-2017-12652 - Resolves: 1744870...
libxml2 security and bug fix update
2.9.1-6.0.1.5 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-6.5 - Fix CVE-2019-19956 1793000 - Fix CVE-2019-20388 1810057 - Fix CVE-2020-7595 1810073 - Fix xsd:any schema validation 1812145...
python security update
2.7.5-89.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-89 - Security fix for CVE-2019-16935 Resolves: rhbz1797998 2.7.5-88 - Security fix for CVE-2019-16056 Resolves: rhbz1750773 2.7.5-87 - Fix CVE-2018-20852 Resolves: rhbz1741551...