8967 matches found
firefox security update
68.9.0-1.0.1.el82 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 Fri May 29 2020 Jan Horak - Update to 68.9.0 build1 - Added patch for pipewire 0.3 Mon May ...
freerdp security update
1.0.2-7 - CVE-2020-13398: Fix out-of-bounds write in crypto.c 1841980...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.46.1 - ipv6: only static routes qualify for equal cost multipathing Hannes Frederic Sowa Orabug: 30977687 CVE-2013-4125 - USB: adutux: fix use-after-free on disconnect Johan Hovold Orabug: 31240296 CVE-2019-19523 - USB: core: Fix races in character device registration and...
freerdp security update
2:2.0.0-46.rc4.1 - CVE-2020-11521: Fix out-of-bounds write in planar.c 1837632 - CVE-2020-11523: Fix integer overflow in region.c 1837633 - CVE-2020-11524: Fix out-of-bounds write in interleaved.c 1837631...
freerdp security update
2:2.0.0-46.rc4.2 - CVE-2020-13398: Fix out-of-bounds write in crypto.c 1841978...
bind security update
32:9.11.13-5 - Limit number of queries triggered by a request CVE-2020-8616 32:9.11.13-4 - Fix invalid tsig request CVE-2020-8617...
bind security update
32:9.8.2-0.68.rc1.7 - Correct tests covering CVE-2020-8617 32:9.8.2-0.68.rc1.6 - Add additional fix to limit recursions 32:9.8.2-0.68.rc1.5 - Add CVE tests to codebase 32:9.8.2-0.68.rc1.4 - Limit number of queries triggered by a request CVE-2020-8616 - Fix invalid tsig request CVE-2020-8617...
Unbreakable Enterprise kernel security update
4.1.12-124.39.5 - Input: ff-memless - kill timer in destroy Oliver Neukum Orabug: 31213691 CVE-2019-19524 - libertas: Fix two buffer overflows at parsing bss descriptor Wen Huang Orabug: 31351307 CVE-2019-14896 CVE-2019-14897 CVE-2019-14897 - binfmtelf: use ELFETDYNBASE only for PIE Kees Cook...
bind security update
32:9.11.4-16.P2.6 - Fix EDNS512 loops on broken servers 32:9.11.4-16.P2.5 - Add CVE tests to codebase 32:9.11.4-16.P2.4 - Limit number of queries triggered by a request CVE-2020-8616 - Fix invalid tsig request CVE-2020-8617 32:9.11.4-16.P2.3 - Disable atomic operations on ppc64, ppc64le, aarch64,...
git security update
1.8.3.1-23 - Prevent crafted URL containing new lines, empty host or lacks a scheme to cause credential leak. Resolves: CVE-2020-11008...
python-virtualenv security update
...
python-pip security update
...
Unbreakable Enterprise kernel security update
5.4.17-2011.2.2uek - scsi: qla2xxx: Move free of fcport out of interrupt context Joe Carnuccio Orabug: 31225231 - xfs: move inode flush to the sync workqueue Darrick J. Wong Orabug: 31132665 - arm64: Kconfig: Enable NODESSPANOTHERNODES config for NUMA Hoan Tran Orabug: 31049202 - scsi: bnx2fc:...
kernel security and bug fix update
3.10.0-1127.8.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1127.8.2 - net netlabel: cope with NULL catmap Paolo Abeni 1827239 1827240...
kernel security update
2.6.32-754.29.2.OL6 - Update genkey bug 25599697 2.6.32-754.29.2 - net netlabel: cope with NULL catmap Paolo Abeni 1827226 CVE-2020-10711...
.NET Core security update
2.1.514-2 - Update to new tarball for the release - Resolves: RHBZ1830065 2.1.514-1 - Update to .NET Core SDK 2.1.514 and Runtime 2.1.18 - Resolves: RHBZ1830065...
container-tools:1.0 security and bug fix update
buildah 1.5-4.0.1.gite94b4f9 - Fixes troubles with oracle registry login Orabug: 29937283 1.5-4.gite94b4f9 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: 1819431 container-selinux 2:2.124.0-1.gitf958d0c - update to...
kernel security and bug fix update
4.18.0-193.1.22.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-193.1.22 - net netlabel: cope with NULL catmap Paolo Abeni 1827249...
thunderbird security update
68.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.8.0-1 - Update to 68.8.0 build2...
squid:4 security update
squid 7:4.4-8.1 - Resolves: 1828368 - CVE-2019-12519 squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow - Resolves: 1828367 - CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution...
container-tools:2.0 security update
buildah 1.11.6-7.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-7 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: 1819393 conmon 2:2.0.6-1.0.1 - Remove upstream references Orabug: 30871880...
container-tools:ol8 security update
buildah 1.11.6-8.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-8 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: 1817742 1.11.6-7 - fix 'COPY command takes long time with buildah' - Resolves...
libreswan security update
3.29-7.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 3.29-7 - Resolves: rhbz1814935 CVE-2020-1763 doS attack via malicious IKEv1 informational exchange message rhel-8.2.0.z...
thunderbird security update
68.8.0-1.0.1.el82 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.8.0-1 - Update to 68.8.0 build2...
Unbreakable Enterprise kernel security update
4.14.35-1902.302.2 - KVM: x86: Protect pmuintel.c from Spectre-v1/L1TF attacks Marios Pomonis Orabug: 31191092 - KVM: x86: Protect MSR-based index computations in fixedmsrtosegunit from Spectre-v1/L1TF attacks Marios Pomonis Orabug: 31191092 - KVM: x86: Protect x86decodeinsn from Spectre-v1/L1TF...
firefox security update
68.8.0-1.0.1.el82 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 Wed Apr 29 2020 Jan Horak - Update to 68.8.0 build1 68.7.0-3 - Added fix for rhbz1821418...
squid security update
7:3.5.20-15.1 - Resolves: 1828359 - CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution - Resolves: 1828360 - CVE-2019-12519 squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow -...
firefox security update
68.8.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file Wed Apr 29 2020 Jan Horak - Update to 68.8.0 build1 68.7.0-3 - Added fix for rhbz1821418...
libvirt security update
5.7.0-13.el7 - domain groups: Fix multiple Domain Group vCPU administration flaws Wim ten Have Orabug: 31145304 - qemu: fix missing if definedENABLEEXADATA Menno Lageman - build: Fix qemu-submodule-init syntax-check issue Wim ten Have - libvirt: Fix various introduced Fedora/RHEL build violations...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.45.1 - HID: hiddev: do cleanup in failure of opening a device Hillf Danton Orabug: 31206361 CVE-2019-19527 - HID: hiddev: avoid opening a disconnected device Hillf Danton Orabug: 31206361 CVE-2019-19527 - HID: Fix assumption that devices have inputs Alan Stern Orabug: 312086...
gnutls security update
3.6.8-10 - Fix CVE-2020-11501 1826176...
targetcli security update
2.1.51-4 - Increase the release version 2.1.51-3 - targetclid.sock allows unprivileged user to execute commands 2.1.51-2 - Create the target/pr directory when installing the package...
git security update
2.18.4-2 - Update to release 2.18.4 - Resolves: CVE-2020-11008...
Unbreakable Enterprise kernel security update
4.1.12-124.39.1 - qla2xxx: Update driver version to 9.00.00.00.42.0-k1-v2 Arun Easi Orabug: 30372266 - qla2xxx: Fix device discovery when FCP2 device is lost. Arun Easi Orabug: 30372266 - brcmfmac: add subtype check for event handling in data path John Donnelly Orabug: 30776354 CVE-2019-9503 -...
freeradius:3.0 security update
...
python27:2.7 security, bug fix, and enhancement update
...
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
...
container-tools:ol8 security, bug fix, and enhancement update
...
php:7.2 security, bug fix, and enhancement update
...
curl security update
7.61.1-12 - double free due to subsequent call of realloc CVE-2019-5481 - fix heap buffer overflow in function tftpreceivepacket CVE-2019-5482 - fix TFTP receive buffer overflow CVE-2019-5436...
sudo security, bug fix, and enhancement update
1.8.29-5 - RHEL 8.2 ERRATUM - CVE-2019-18634 Resolves: rhbz1798093 1.8.29-4 - RHEL 8.2 ERRATUM - CVE-2019-19232 Resolves: rhbz1786987 Resolves: rhbz1796518 1.8.29-2 - RHEL 8.2 ERRATUM - rebase to 1.8.29 Resolves: rhbz1733961 Resolves: rhbz1651662 1.8.28p1-1 - RHEL 8.2 ERRATUM - rebase to 1.8.28p1...
edk2 security, bug fix, and enhancement update
20190829git37eef91017ad-9.el8 - edk2-OvmfPkg-QemuVideoDxe-unbreak-secondary-vga-and-bochs.patch bz1806359 - Resolves: bz1806359 bochs-display cannot show graphic wihout driver attach 20190829git37eef91017ad-8.el8 - edk2-MdeModulePkg-Enable-Disable-S3BootScript-dynamically.patch bz1801274 -...
gcc security and bug fix update
8.3.1-5.0.3 - Fix Orabug 29838827 - provide an option to adjust the maximum depth of nested include This is the same bug as gcc upstream PR90581 from Gcc9: gcc9-pr90581.patch - Fix Orabug 29541051 - confusing error message when there is a problem with ASANOPTIONS 'ERROR: expected '='' This is the...
libxml2 security update
2.9.7-7.0.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.7-7 - Fix CVE-2018-14404 1595989 2.9.7-6 - Fix CVE-2018-9251 1565322...
python-pip security update
9.0.3-16 - Add four new patches for CVEs in bundled urllib3 and requests CVE-2018-20060, CVE-2019-11236, CVE-2019-11324, CVE-2018-18074 Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1702473 Resolves: rhbz1643829...
libmspack security and bug fix update
0.7-0.2.alpha.4 - Fix for CVE-2019-1010305 - Remove 'fix' for CVE-2018-14680 as this fix is included in base tar ball. resolves: rhbz1736745, rhbz1736743 0.7-0.2.alpha.3 - Add gating tests resolves: rhbz1682770...
patch security and bug fix update
2.7.6-11 - Related: 1733565, apply the patch correctly 2.7.6-10 - CVE-2019-13636 , Dont follow symlinks unless --follow-symlinks is given - Resolves: 1665928, patch has a huge error output and segfaults when the file to be patched does not exist...
liblouis security and bug fix update
2.6.2-21 - A further Coverity fix 1602585 2.6.2-20 - Fix buffer overruns found by Coverity 1602585 2.6.2-19 - Fix two issues found by Coverity 1602585 2.6.2-18 - Apply patch for CVE-2018-12085 1589942 2.6.2-17 - Fix CVE-2018-11577 1585906 - Fix CVE-2018-11684 1588632 - Fix CVE-2018-11685 1588637 ...
openssl security and bug fix update
1.1.1c-15 - add selftest of the RANDDRBG implementation 1.1.1c-14 - fix incorrect error return value from FIPSselftestdsa - S390x: properly restore SIGILL signal handler 1.1.1c-12 - additional fix for the edk2 build 1.1.1c-9 - disallow use of SHA-1 signatures in TLS in FIPS mode 1.1.1c-8 - fix...
libsndfile security update
1.0.28-10 - fix CVE-2018-19661 and CVE-2018-19662 - buffer over-read in the function i2alawarray in alaw 1673085 1.0.28-9 - fix CVE-2018-13139 - stack-based buffer overflow in sndfile-deinterleave utility 1598482...