8992 matches found
tomcat6 security update
0:6.0.24-114 - Related: rhbz1806803 Update patch to remove secret attribute renaming 0:6.0.24-113 - Related: rhbz1806803 Add IIS attributes to filter pattern and update secret logic 0:6.0.24-112 - Resolves: rhbz1806803 CVE-2020-1938 tomcat6: tomcat: Apache Tomcat AJP File Read/Inclusion...
tomcat security update
0:7.0.76-11 - Resolves: rhbz1806801 CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability...
thunderbird security update
68.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.6.0-1 - Update to 68.6.0 build2...
zsh security update
4.3.11-11 - improve printing of error messages introduced by the fix of CVE-2019-20044 4.3.11-10 - drop privileges securely when unsetting PRIVILEGED option CVE-2019-20044...
python-imaging security update
1.1.6-20 - Fixes for CVE-2020-5312 and related part of CVE-2019-16865 Resolves: rhbz1789533...
icu security update
60.3-2 - Apply ICU-13634-Adding-integer-overflow-logic-to-ICU4C-num.patch - Apply ICU-20958-Prevent-SEGVMAPERR-in-append.patch - Resolves: rhbz1808238...
icu security update
4.2.1-15 - Apply icu.13634.integer.overflow.patch - Apply icu.20958.segv.mapper.patch - Resolves: rhbz1809876...
zsh security update
5.5.1-6.el81.2 - improve printing of error messages introduced by the fix of CVE-2019-20044 5.5.1-6.el81.1 - drop privileges securely when unsetting PRIVILEGED option CVE-2019-20044...
kernel security, bug fix, and enhancement update
3.10.0-1062.18.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.18.1 - x86 x86/boot/64: Round memory hole size up to next PMD page Fra...
icu security update
50.2-4 - Apply ICU-13634-Adding-integer-overflow-logic-to-ICU4C-num.patch - Apply ICU-20958-Prevent-SEGVMAPERR-in-append.patch - Resolves: rhbz1808235...
python-virtualenv security update
15.1.0-4 - Bump Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1643829 15.1.0-3 - Add three new patches for CVEs in bundled urllib3 and requests CVE-2018-20060, CVE-2019-11236, CVE-2018-18074 Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1643829...
zsh security update
5.0.2-34.el77.2 - improve printing of error messages introduced by the fix of CVE-2019-20044 5.0.2-33.el77.1 - drop privileges securely when unsetting PRIVILEGED option CVE-2019-20044...
python-pip security update
9.0.3-7 - Bump Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1702473 Resolves: rhbz1643829 9.0.3-6 - Add four new patches for CVEs in bundled urllib3 and requests CVE-2018-20060, CVE-2019-11236, CVE-2019-11324, CVE-2018-18074 Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves:...
firefox security update
68.6.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file Wed Mar 04 2020 Jan Horak - Update to 68.6.0 build1 68.5.0-3 - Added fix for rhbz1805667 - Enabled...
qemu security update
15:3.1.0-7.el7 - qemu-img: Add --target-is-zero to convert David Edmondson 15:3.1.0-6.el7 - qemu.spec: Remove 'BuildRequires: kernel' Karl Heubaum Orabug: 30858754 - target/i386: add support for MSRIA32TSXCTRL Paolo Bonzini Orabug: 30652327 - iscsi: Cap block count from GET LBA STATUS CVE-2020-17...
firefox security update
68.6.0-1.0.1.el81 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 68.6.0-1.0.1 - Update to 68.6.0 build1 68.5.0-3 - Added fix for rhbz1805667 - Enabled...
Unbreakable Enterprise kernel security update
4.14.35-1902.11.3 - xfs: do async inactivation only when fs freezed Junxiao Bi Orabug: 31013775 4.14.35-1902.11.2 - ib/core: Cancel fmr delayedworker when in shutdown phase of reboot system Hans Westgaard Ry Orabug: 30967501 - Revert 'printk: Default console logging level should be set to 4' Cesa...
kernel security and bug fix update
2.6.32-754.28.1.OL6 - Update genkey bug 25599697 2.6.32-754.28.1 - netdrv ixgbevf: Use cached link state instead of re-reading the value for ethtool Ken Cox 1795404 - isdn mISDN: enforce CAPNETRAW for raw sockets Andrea Claudi 1779473 CVE-2019-17055 - net cfg80211: wext: avoid copying malformed...
qemu-kvm security update
0.12.1.2-2.506.el610.6 - kvm-Fix-heap-overflow-in-ipreass-on-big-packet-input.patch bz1734747 - kvm-Using-ipdeq-after-mfree-might-read-pointers-from-a.patch bz1749731 - kvm-tcpemu-Fix-oob-access.patch bz1791558 - kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch bz1791558 -...
curl security update
7.29.0-54.0.5.el77.2 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug:30568724...
Unbreakable Enterprise kernel security update
2.6.39-400.320.1 - rds: Avoid flushing MRs in rdsrdmadropkeys aru kolappan Orabug: 30650888 - media: b2c2-flexcop-usb: add sanity checking Oliver Neukum Orabug: 30864535 CVE-2019-15291...
curl security update
7.19.7-54.0.2 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug:30568724 462...
xerces-c security update
3.1.1-10 - add security fix for CVE-2018-1311...
http-parser security update
2.7.1-8.2 - Do not break ABI with CVE-2019-15605 fix 2.7.1-8.1 - Resolves: CVE-2019-15605 http-parser: nodejs: HTTP request smuggling using malformed Transfer-Encoding header...
http-parser security update
2.8.0-5.2 - Do not break ABI with CVE-2019-15605 fix 2.8.0-5.1 - Resolves: CVE-2019-15605 http-parser: nodejs: HTTP request smuggling using malformed Transfer-Encoding header...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.43.1 - media: b2c2-flexcop-usb: add sanity checking Oliver Neukum Orabug: 30864534 CVE-2019-15291...
xerces-c security update
3.0.1-21 - add security fix for CVE-2018-1311...
sudo security update
1.8.6p3-29.0.1.el610.3 - Fixes OraBug: 28747380 sudo does not honor envkeep-='KRB5CCNAME' after 'sudo -k' [email protected] 1.8.6p3-29.3 - RHEL-6.10.z ERRATUM - fixed CVE-2019-18634 Resolves: rhbz1799018 1.8.6p3-29.2 - RHEL-6.10.z ERRATUM - fixed CVE-2019-14287 Resolves: rhbz1760684...
ppp security update
2.4.5-11 - Fixed buffer overflow in the eaprequest and eapresponse functions Resolves: CVE-2020-8597...
ppp security update
2.4.5-34.0.2 - Userland headers should always appear before kernel - Orabug: 27656836 [email protected] 2.4.5-34 - Fixed buffer overflow in the eaprequest and eapresponse functions Resolves: CVE-2020-8597...
ppp security update
2.4.7-26 - Fixed buffer overflow in the eaprequest and eapresponse functions Resolves: CVE-2020-8597...
java-1.7.0-openjdk security update
1:1.7.0.251-2.6.21.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.251-2.6.21.0 - Bump to 2.6.21 and OpenJDK 7u251-b02. - Resolves: rhbz1785753...
nodejs:10 security update
nodejs 1:10.19.0-1 - Rebase to 10.19.0 to fix CVE-2019-15604 to CVE-2019-15606 1:10.16.3-1 - Rebase to 10.16.3 to fix CVE-2019-9511 to CVE-2019-9518 1:10.14.1-1 - Resolves: RHBZ1644207 - fixes node-gyp permissions - rebase 1:10.11.0-2 - BuildRequire nodejs-packaging for proper npm dependency...
thunderbird security update
68.5.0-1.0.1.el81 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.5.0-1 - Update to 68.5.0 build1...
nodejs:12 security update
nodejs 1:12.16.1-1 - Resolves: RHBZ1800393, RHBZ1800394, RHBZ1800380 - Rebase to 12.16.1 nodejs-nodemon nodejs-packaging...
systemd security and bug fix update
239-18.0.2.el81.4 - fix to generate systemd-pstore.service file Orabug: 30230056 - fix netdev is missing for iscsi entry in /etc/fstab [email protected] Orabug: 25897792 - set 'RemoveIPC=no' in logind.conf as default for OL7.2 Orabug: 22224874 - allow dm remove ioctl to co-operate with UEK3...
ksh security update
20120801-140.0.1 - disable ASTnospawnveg for taskset workaround orabug 26754277 Red Hat Bug: 1295563 20120801-140 - Do not evaluate arithmetic expressions from environment variables at startup Resolves: 1790543...
python-pillow security update
5.1.1-10 - Bump and rebuild for gating to deliver CVE fixes Resolves: rhbz1789535 5.1.1-9 - Fix for CVE-2020-5311 - out-of-bounds write in expandrow Resolves: rhbz1789535 5.1.1-8 - Combined fixes for CVE-2020-5312 and CVE-2019-16865 Resolves: rhbz1789533 Resolves: rhbz1774066...
openjpeg2 security update
2.3.1-3 - Fix CVE-2020-8112 1801033...
thunderbird security update
68.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.5.0-1 - Update to 68.5.0 build1...
python-pillow security update
2.0.0-20gitd1c6db8 - Combined fixes for CVE-2020-5312 and CVE-2019-16865 Resolves: rhbz1789533 Resolves: rhbz1774066 2.0.0-19gitd1c6db8 - Reenabled webp support on little endian archs. 2.0.0-18gitd1c6db8 - Disabled webp support on ppc64le due to 962091 and 1127230. - Updated URL. 2.0.0-17gitd1c6d...
Unbreakable Enterprise kernel security update
4.1.12-124.36.1.1 - KVM: nVMX: Check IO instruction VM-exit conditions Oliver Upton Orabug: 30847137 CVE-2020-2732 - KVM: nVMX: Refactor IO bitmap checks into helper function Oliver Upton Orabug: 30847137 CVE-2020-2732 - KVM: nVMX: Dont emulate instructions in guest mode Paolo Bonzini Orabug:...
Unbreakable Enterprise kernel security update
4.1.12-124.36.4 - KVM: nVMX: Check IO instruction VM-exit conditions Oliver Upton Orabug: 30944739 CVE-2020-2732 - KVM: nVMX: Refactor IO bitmap checks into helper function Oliver Upton Orabug: 30944739 CVE-2020-2732 - KVM: nVMX: Don't emulate instructions in guest mode Paolo Bonzini Orabug:...
Unbreakable Enterprise kernel security update
4.14.35-1902.10.8 - KVM: nVMX: Check IO instruction VM-exit conditions Oliver Upton Orabug: 30847136 CVE-2020-2732 - KVM: nVMX: Refactor IO bitmap checks into helper function Oliver Upton Orabug: 30847136 CVE-2020-2732 - KVM: nVMX: Dont emulate instructions in guest mode Paolo Bonzini Orabug:...
Unbreakable Enterprise kernel security update
4.1.12-124.36.3 - Fix KABI error by keeping the struct field being removed by the below patch Ritika Srivastava Orabug: 30902926 - Revert 'PCI: Check pref compatible bit for mem64 resource of PCIe device' Ritika Srivastava Orabug: 30902926 4.1.12-124.36.2 - rds: Use bitmap to designate dropped...
openjpeg2 security update
2.3.1-3 - Fix CVE-2020-8112 resolves: 1801030...
ksh security update
20120801-253.0.1.el81 - Disable ASTnospawnveg for taskset workaround Orabug: 26754277 Red Hat Bug: 1295563 20120801-253 - Do not evaluate arithmetic expressions from environment variables at startup Resolves: 1790546...
sudo security update
1.8.23-4.0.2.2 - Bump release to avoid conflict with previous Orace Linux errata 1.8.23-4.2 - RHEL 7.7.z - fixed CVE-2019-18634 Resolves: rhbz1798094 1.8.23-4.1 - RHEL-7.7.z - fixed CVE-2019-14287 Resolves: rhbz1760694...
java-1.7.0-openjdk security update
1:1.7.0.251-2.6.21.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.251-2.6.21.0 - Bump to 2.6.21 and OpenJDK 7u251-b02. - Resolves: rhbz1785753...
firefox security update
68.5.0-2.0.1.el81 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 - Update to 68.5.0 build2...