8992 matches found
libxml2 security update
2.9.1-6.0.1.4 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-6.4 - Fix CVE-2015-8035 1595697 - Fix CVE-2018-14404 1602817 - Fix CVE-2017-15412 1729857 - Fix CVE-2016-5131 1714050 - Fix CVE-2017-18258 1579211 - Fix CVE-2018-1456 1622715...
python-twisted-web security update
12.1.0-6 - Fix CVE-2019-12387 HTTP Header Injection Resolves: rhbz1721518...
nbdkit security and bug fix update
1.8.0-3 - Fix for CVE-2019-14850 denial of service due to premature opening of back-end connection resolves: rhbz1757261 1.8.0-2 - Explicitly disable nbdkit-ext2-plugin in configure resolves: rhbz1724242...
lftp security update
4.4.8-12 - Resolves: 1611641 - CVE-2018-10916 lftp: particular remote file names may lead to current working directory erased...
dovecot security and bug fix update
1:2.2.36-6 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741787 1:2.2.36-5 - fix CVE-2019-3814: improper certificate validation 1674369 - fix CVE-2019-7524: buffer overflow in...
poppler and evince security update
evince 3.28.2-9 - Handle failure from TIFFReadRGBAImageOriented - Resolves: 1717352 poppler 0.26.5-42 - Fix potential integer overflow and check length for negative values - Resolves: 1757283 0.26.5-41 - Ignore dict Length if it is broken - Resolves: 1733026 0.26.5-40 - Fail gracefully if not all...
wireshark security and bug fix update
1.10.14-24.0.1 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.10.14-24 - Related: 1613034 - Typo in the previous patch discovered by covscan 1.10.14-23 - Related: 1613034 - Fixing an infinite loop created by previous update 1.10.14-22 - Related: 1633330 - fixing a...
squid security and bug fix update
7:3.5.20-15 - Resolves: 1690551 - Squid cachepeer DNS lookup failed when not all lower case - Resolves: 1680022 - squid cant display download/upload packet size for HTTPS sites - Resolves: 1717430 - Excessive memory usage when running out of descriptors - Resolves: 1676420 - Cache siblings return...
libreoffice security and bug fix update
1:5.3.6.1-24.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.3.6.1-24 - Resolves: rhbz1728763 bg of blocks is black 1:5.3.6.1-23 - Resolves: rhbz1601372 libreoffice fails to build with...
httpd security, bug fix, and enhancement update
2.4.6-93.0.1 - replace index.html with Oracles index page oracleindex.html 2.4.6-93 - Resolves: 1677496 - CVE-2018-17199 httpd: modsessioncookie does not respect expiry time 2.4.6-92 - htpasswd: add SHA-2 crypt support 1486889 2.4.6-91 - Resolves: 1630886 - scriptlet can fail if hostname is not...
mod_auth_mellon security and bug fix update
0.14.0-8 - Resolves: rhbz1731052 - CVE-2019-13038 modauthmellon: an Open Redirect via the login?ReturnTo= substring which could facilitate information theft rhel-7 0.14.0-7 - Resolves: rhbz1727789 - modauthmellon fix for AJAX header name X-Requested-With 0.14.0-6 - Apply the patch from the previo...
python security update
2.7.5-88.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-88 - Security fix for CVE-2019-16056 Resolves: rhbz1750773 2.7.5-87 - Fix CVE-2018-20852 Resolves: rhbz1741551...
rsyslog security, bug fix, and enhancement update
8.24.0-52 RHEL 7.8 ERRATUM - edited patch file ID for imfile to not log useless errors also improved file-id behavior to adress newly found problems resolves: rhbz1763746 8.24.0-49 RHEL 7.8 ERRATUM - fixed fsync patch to actually revognize the new option resolves: rhbz1696686 failedQA 8.24.0-48...
libosinfo security and bug fix update
1.1.0-5 - Resolves: rhbz1740212 - New defect found in libosinfo-1.1.0-4.el7 1.1.0-4 - Resolves: rhbz1727842 - CVE-2019-13313 libosinfo: osinfo-install-script option leaks password via command line argument...
tcpdump security update
4.9.2-4.0.1.el77.1 - Fix CVE-2018-14468 Orabug: 30480183...
advancecomp security update
1.15-22 - Resolves: 1686115, integer overflow in pngcompress 1.15-21 - Resolves: 1711051, CVE-2019-8383 denial of service - Resolves: 1710910, CVE-2019-8379 null pointer dereference 1.15-20 - Mass rebuild 2014-01-24 1.15-19 - Mass rebuild 2013-12-27 1.15-18 - Rebuilt for...
mutt security update
5:1.5.21-29 - Fix IMAP header caching path traversal vulnerability - Resolves: 1608011 - Resolves: CVE-2018-14355...
texlive security update
2:2012-45.20130427r30134 - Related: 1650521, buffer overflow in t1checkunusualcharstring function 2:2012-44.20130427r30134 - Resolves: 1650521, buffer overflow in t1checkunusualcharstring function...
avahi security update
0.6.31-20 - multicast DNS no longer responds to unicast queries outside of local network 1663410...
bash security update
4.2.46-34 - BASHCMD should not be writable in restricted shell Resolves: 1693181...
net-snmp security and bug fix update
1:5.7.2-47 - revert calculation of free space 1779609 1:5.7.2-46 - fix sha224 and sha384 declaration check 1774693 1:5.7.2-45 - fix memory leak introduced by fix of snmp v3 traps forwarding 1751195 1:5.7.2-44 - add support for glusterfs 1316386 - change services to start after network-online.targ...
mariadb security and bug fix update
1:5.5.65-1 - Rebase to 5.5.65 Also fixes: CVE-2019-2737 CVE-2019-2739 CVE-2019-2740 CVE-2019-2805 Resolves: 1741357 - Revert upstream changes that make the mysqlinstalldb relocatable because it broke mysqlinstalldb when run without --rpm arg Resolves: 1731062 - Add openssl BR that was missing for...
file security update
5.11-36 - fix out-of-bounds read via a crafted ELF file CVE-2018-10360...
php security update
5.4.16-48 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043 5.4.16-47 - fix stack-buffer-overflow while parsing HTTP response CVE-2018-7584 - fix out-of-bounds read in base64decodexmlrpc CVE-2019-9024 - fix reflected XSS in phar 404 page CVE-2018-5712 - fix reflected XSS in phar 403 and...
bluez security update
5.44-6 - fixing CVE-2018-10910. Resolves: 1609340...
libqb security update
1.0.1-9 Also add OEXCL to logblackbox.c when creating files Resolves: rhbz1714853 1.0.1-8 Improve socket security Resolves: rhbz1714853...
ImageMagick security, bug fix, and enhancement update
autotrace 0.31.1-38 - Resolves: 1765205 rebuild against new IM emacs 1:24.3-23 - Resolves: 1765208 rebuild against new IM ImageMagick 6.9.10.68-3 - Fixing freeze when svg file contains class='' 6.9.10.68-2 - Fixed ghostscript fonts, fixed multilib conflicts 6.9.10.68-1 - Rebase to 6.9.10.68...
expat security update
2.1.0-11 - add security fix for CVE-2015-2716...
kernel security, bug fix, and enhancement update
3.10.0-1127.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1127 - fs flexfiles: Dont tie up all the rpciod threads in resends Benjamin...
GNOME security, bug fix, and enhancement update
accountsservice 0.6.50-7 - version bump to prevent future update path introduced by RHBA-2019:45836 Resolves: 1721562 colord 1.3.4-2 - Downgrade a trivial warning to a debug statement - Resolves: 1421231 control-center 3.28.1-6 - Calculate better extents for the configured displays arrangement...
mailman security and bug fix update
3:2.1.15-30 - Resolves: 1599692 - Sanitize input on listinfo page CVE-2018-0618 3:2.1.15-29 - Resolves: 1611689 - Trim long text in 'no such list' messages 3:2.1.15-28 - Resolves: 1718180 - Try to decode member name first 3:2.1.15-27 - Related : 1545973 - Bump release to override rhel-7.4.z versi...
gettext security and bug fix update
0.19.8.1-3 - fix CVE-2018-18751: double-free in xgettext rhbz1648433...
libsndfile security update
1.0.25-11 - fix CVE-2018-13139 - stack-based buffer overflow in sndfile-deinterleave utility 1598577...
cups security and bug fix update
1:1.6.3-43 - 1687571 - cupsd doesnt clean tmp files if client conn is terminated abnormally 1:1.6.3-42 - 1651575 - CVE-2018-4700 cups 1:1.6.3-41 - 1608764 - CVE-2018-4180 cups - 1607291 - CVE-2018-4181 cups...
python3 security update
3.6.8-13.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-13 - Security fix for CVE-2019-16056 Resolves: rhbz1750774 3.6.8-12 - Add support for OpenSSL FIPS mode - Fix faulthandler stack size Resolves: rhbz1732908 3.6.8-11 - Security fix for CVE-2018-20852 Resolves:...
evolution security and bug fix update
atk 2.28.1-2 - Remove patch to fix invalid unref at atkgobjectaccessibleobjectgonecb - Resolves: 1753123 evolution 3.28.5-8 - Update patch for RH bug 1686408 CVE-2018-15587: Reposition signature bar 3.28.5-7 - Add patch for RH bug 1686408 CVE-2018-15587: Reposition signature bar 3.28.5-6 - Add...
qt security update
1:4.8.7-8 - Fix QImage allocation failure in qgifhandler Resolves: bz1667863 - Fix QTgaFile CPU exhaustion Resolves: bz1667879 - Fix QBmpHandler segmentation fault on malformed BMP file Resolves: bz1667862 1:4.8.7-7 - Fix crash when parsing malformed url reference in svg Resolves: bz1667882...
doxygen security and bug fix update
1:1.8.5-4 - Resolves: 1483569, incorrect processing of code blocks - Resolves: 1724173 - CVE-2016-10245, cross-site scripting...
polkit security and bug fix update
0.112-26.0.1 - Increase timeout to avoid defunct processes Orabug: 26930744 0.112-26 - Refined upstream fix of CVE-2018-1116 to avoid ABI changes - Related: rhbz1601411 0.112-25 - fix of CVE-2018-1116 - Resolves: rhbz1601411 0.112-24 - pkttyagent: resetting terminal erases rest of input line -...
unzip security update
6.0-21 - Fix CVE-2019-13232 - Resolves: CVE-2019-13232...
bind security and bug fix update
32:9.11.4-16.P2 - Finish dig query when name is too long 1743572 32:9.11.4-15.P2 - Stop listening on IPv6 by default 1753259 32:9.11.4-14.P2 - Limit number of queries per TCP connection CVE-2019-6477 32:9.11.4-13.P2 - Revert not searching names with dot 1743572 32:9.11.4-12.P2 - Fix mkeys test...
okular security update
4.10.5-8 - Fix path traversal issue when extracting an .okular file Resolves: bz1634726...
qemu-kvm security, bug fix, and enhancement update
1.5.3-173.el7 - kvm-tcpemu-Fix-oob-access.patch bz1791560 - kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch bz1791560 - kvm-slirp-use-correct-size-while-emulating-commands.patch bz1791560 - Resolves: bz1791560 CVE-2020-7039 qemu-kvm: QEMU: slirp: OOB buffer access while emulating tc...
nodejs:12 security update
nodejs 1:12.16.1-2 - Fix CVE-2020-10531 1:12.16.1-1 - Resolves: RHBZ1800393, RHBZ1800394, RHBZ1800380 - Rebase to 12.16.1 1:12.14.1-1 - Rebase to 12.14.1 1:12.13.1-1 - Resolves: RHBZ 1773503, update to 12.13.1 - minor clean up and sync with Fedora spec - turn off debug builds 1:12.4.0-2 -...
haproxy security update
1.8.15-6.1 - - Fix hapack zero byte input causing overwrite CVE-2020-11100, 1819518 1.8.15-6 - Add gating tests 1682106...
ipmitool security update
0:1.8.18-9 - Disable -fstrict-aliasing RPMDiff issue 0:1.8.18-8 - Backport fix for CVE-2020-5208...
ipmitool security update
1.8.18-12 - Disable -fstrict-aliasing RPMDiff issue 1.8.18-11 - Backport fix for CVE-2020-5208...
libvncserver security update
0.9.9-14 - Fix CVE-2019-15690 an integer overflow in HandleCursorShape in a client bug 1814339...
libvncserver security update
0.9.11-9.2 - Enable gating bug 1681199 0.9.11-9.1 - Fix CVE-2019-15690 an integer overflow in HandleCursorShape in a client bug 1814342...
thunderbird security update
68.6.0-1.0.1.el81 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.6.0-1 - Update to 68.6.0 build2...