9173 matches found
unbound security update
1.7.3-11 - Fix amplifying an incoming query into a large number of queries directed to a target - Resolves: rhbz1839177 CVE-2020-12662, rhbz1840262 CVE-2020-12663...
Unbreakable Enterprise kernel security update
2.6.39-400.322.1 - ipvs: reset ipvs pointer in netns Julian Anastasov Orabug: 31027196 - ipvs: prefer NETDEVDOWN event to free cached dsts Julian Anastasov Orabug: 31027196 - HID: hiddev: do cleanup in failure of opening a device Hillf Danton Orabug: 31206362 CVE-2019-19527 - HID: hiddev: avoid...
Unbreakable Enterprise kernel security update
2.6.39-400.323.1 - USB: adutux: fix use-after-free on disconnect Johan Hovold Orabug: 31240297 CVE-2019-19523 - USB: core: Fix races in character device registration and deregistraion Alan Stern Orabug: 31317669 CVE-2019-19537 - USB: iowarrior: fix use-after-free on disconnect Johan Hovold Orabug...
firefox security update
68.9.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file Fri May 29 2020 Jan Horak - Update to 68.9.0 build1 - Added patch for pipewire 0.3 Mon May 11 2020 Jan...
freerdp security update
2.0.0-4.rc4 - CVE-2020-11521: Fix out-of-bounds write in planar.c 1837621 - CVE-2020-11523: Fix integer overflow in region.c 1837622 - CVE-2020-11524: Fix out-of-bounds write in interleaved.c 1837623...
firefox security update
68.9.0-1.0.1.el82 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 Fri May 29 2020 Jan Horak - Update to 68.9.0 build1 - Added patch for pipewire 0.3 Mon May ...
freerdp security update
2.0.0-4.rc4.1 - CVE-2020-13398: Fix out-of-bounds write in crypto.c 1841974...
freerdp security update
1.0.2-7 - CVE-2020-13398: Fix out-of-bounds write in crypto.c 1841980...
bind security update
32:9.11.13-5 - Limit number of queries triggered by a request CVE-2020-8616 32:9.11.13-4 - Fix invalid tsig request CVE-2020-8617...
freerdp security update
2:2.0.0-46.rc4.1 - CVE-2020-11521: Fix out-of-bounds write in planar.c 1837632 - CVE-2020-11523: Fix integer overflow in region.c 1837633 - CVE-2020-11524: Fix out-of-bounds write in interleaved.c 1837631...
freerdp security update
2:2.0.0-46.rc4.2 - CVE-2020-13398: Fix out-of-bounds write in crypto.c 1841978...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.46.1 - ipv6: only static routes qualify for equal cost multipathing Hannes Frederic Sowa Orabug: 30977687 CVE-2013-4125 - USB: adutux: fix use-after-free on disconnect Johan Hovold Orabug: 31240296 CVE-2019-19523 - USB: core: Fix races in character device registration and...
bind security update
32:9.8.2-0.68.rc1.7 - Correct tests covering CVE-2020-8617 32:9.8.2-0.68.rc1.6 - Add additional fix to limit recursions 32:9.8.2-0.68.rc1.5 - Add CVE tests to codebase 32:9.8.2-0.68.rc1.4 - Limit number of queries triggered by a request CVE-2020-8616 - Fix invalid tsig request CVE-2020-8617...
Unbreakable Enterprise kernel security update
4.1.12-124.39.5 - Input: ff-memless - kill timer in destroy Oliver Neukum Orabug: 31213691 CVE-2019-19524 - libertas: Fix two buffer overflows at parsing bss descriptor Wen Huang Orabug: 31351307 CVE-2019-14896 CVE-2019-14897 CVE-2019-14897 - binfmtelf: use ELFETDYNBASE only for PIE Kees Cook...
bind security update
32:9.11.4-16.P2.6 - Fix EDNS512 loops on broken servers 32:9.11.4-16.P2.5 - Add CVE tests to codebase 32:9.11.4-16.P2.4 - Limit number of queries triggered by a request CVE-2020-8616 - Fix invalid tsig request CVE-2020-8617 32:9.11.4-16.P2.3 - Disable atomic operations on ppc64, ppc64le, aarch64,...
git security update
1.8.3.1-23 - Prevent crafted URL containing new lines, empty host or lacks a scheme to cause credential leak. Resolves: CVE-2020-11008...
python-virtualenv security update
...
python-pip security update
...
Unbreakable Enterprise kernel security update
5.4.17-2011.2.2uek - scsi: qla2xxx: Move free of fcport out of interrupt context Joe Carnuccio Orabug: 31225231 - xfs: move inode flush to the sync workqueue Darrick J. Wong Orabug: 31132665 - arm64: Kconfig: Enable NODESSPANOTHERNODES config for NUMA Hoan Tran Orabug: 31049202 - scsi: bnx2fc:...
kernel security and bug fix update
3.10.0-1127.8.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1127.8.2 - net netlabel: cope with NULL catmap Paolo Abeni 1827239 1827240...
container-tools:1.0 security and bug fix update
buildah 1.5-4.0.1.gite94b4f9 - Fixes troubles with oracle registry login Orabug: 29937283 1.5-4.gite94b4f9 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: 1819431 container-selinux 2:2.124.0-1.gitf958d0c - update to...
.NET Core security update
2.1.514-2 - Update to new tarball for the release - Resolves: RHBZ1830065 2.1.514-1 - Update to .NET Core SDK 2.1.514 and Runtime 2.1.18 - Resolves: RHBZ1830065...
kernel security and bug fix update
4.18.0-193.1.22.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-193.1.22 - net netlabel: cope with NULL catmap Paolo Abeni 1827249...
kernel security update
2.6.32-754.29.2.OL6 - Update genkey bug 25599697 2.6.32-754.29.2 - net netlabel: cope with NULL catmap Paolo Abeni 1827226 CVE-2020-10711...
squid:4 security update
squid 7:4.4-8.1 - Resolves: 1828368 - CVE-2019-12519 squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow - Resolves: 1828367 - CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution...
container-tools:2.0 security update
buildah 1.11.6-7.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-7 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: 1819393 conmon 2:2.0.6-1.0.1 - Remove upstream references Orabug: 30871880...
libreswan security update
3.29-7.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 3.29-7 - Resolves: rhbz1814935 CVE-2020-1763 doS attack via malicious IKEv1 informational exchange message rhel-8.2.0.z...
thunderbird security update
68.8.0-1.0.1.el82 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.8.0-1 - Update to 68.8.0 build2...
thunderbird security update
68.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.8.0-1 - Update to 68.8.0 build2...
container-tools:ol8 security update
buildah 1.11.6-8.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-8 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: 1817742 1.11.6-7 - fix 'COPY command takes long time with buildah' - Resolves...
Unbreakable Enterprise kernel security update
4.14.35-1902.302.2 - KVM: x86: Protect pmuintel.c from Spectre-v1/L1TF attacks Marios Pomonis Orabug: 31191092 - KVM: x86: Protect MSR-based index computations in fixedmsrtosegunit from Spectre-v1/L1TF attacks Marios Pomonis Orabug: 31191092 - KVM: x86: Protect x86decodeinsn from Spectre-v1/L1TF...
firefox security update
68.8.0-1.0.1.el82 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 Wed Apr 29 2020 Jan Horak - Update to 68.8.0 build1 68.7.0-3 - Added fix for rhbz1821418...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.45.1 - HID: hiddev: do cleanup in failure of opening a device Hillf Danton Orabug: 31206361 CVE-2019-19527 - HID: hiddev: avoid opening a disconnected device Hillf Danton Orabug: 31206361 CVE-2019-19527 - HID: Fix assumption that devices have inputs Alan Stern Orabug: 312086...
squid security update
7:3.5.20-15.1 - Resolves: 1828359 - CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution - Resolves: 1828360 - CVE-2019-12519 squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow -...
targetcli security update
2.1.51-4 - Increase the release version 2.1.51-3 - targetclid.sock allows unprivileged user to execute commands 2.1.51-2 - Create the target/pr directory when installing the package...
firefox security update
68.8.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file Wed Apr 29 2020 Jan Horak - Update to 68.8.0 build1 68.7.0-3 - Added fix for rhbz1821418...
git security update
2.18.4-2 - Update to release 2.18.4 - Resolves: CVE-2020-11008...
gnutls security update
3.6.8-10 - Fix CVE-2020-11501 1826176...
libvirt security update
5.7.0-13.el7 - domain groups: Fix multiple Domain Group vCPU administration flaws Wim ten Have Orabug: 31145304 - qemu: fix missing if definedENABLEEXADATA Menno Lageman - build: Fix qemu-submodule-init syntax-check issue Wim ten Have - libvirt: Fix various introduced Fedora/RHEL build violations...
Unbreakable Enterprise kernel security update
4.1.12-124.39.1 - qla2xxx: Update driver version to 9.00.00.00.42.0-k1-v2 Arun Easi Orabug: 30372266 - qla2xxx: Fix device discovery when FCP2 device is lost. Arun Easi Orabug: 30372266 - brcmfmac: add subtype check for event handling in data path John Donnelly Orabug: 30776354 CVE-2019-9503 -...
unzip security update
6.0-43 - Update the man page with the new exit code introduced in 6.0-42 - Related: CVE-2019-13232 6.0-42 - Fix CVE-2019-13232 - Resolves: CVE-2019-13232...
dnsmasq security, bug fix, and enhancement update
2.79-11 - Support multiple static leases for single mac on IPv6 1779187 2.79-10 - Fix memory leak in helper.c 1795370 2.79-9 - Fix replies to non-recursive queries 1700916 2.79-8 - Fix dhcpleasetime 1746411 2.79-7 - Fix TCP queries after interface recreation 1728698...
curl security update
7.61.1-12 - double free due to subsequent call of realloc CVE-2019-5481 - fix heap buffer overflow in function tftpreceivepacket CVE-2019-5482 - fix TFTP receive buffer overflow CVE-2019-5436...
libmspack security and bug fix update
0.7-0.2.alpha.4 - Fix for CVE-2019-1010305 - Remove 'fix' for CVE-2018-14680 as this fix is included in base tar ball. resolves: rhbz1736745, rhbz1736743 0.7-0.2.alpha.3 - Add gating tests resolves: rhbz1682770...
glibc security, bug fix, and enhancement update
2.28-101.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...
python27:2.7 security, bug fix, and enhancement update
...
binutils security and bug fix update
2.30-73.0.1 - Forward-port of Oracle patches from 2.30-68.0.2. - Reviewed-by: Elena Zannoni 2.30-68.0.2 - Backport the non-cycle-detecting-capable deduplicating CTF linker - Backport a fix for an upstream hashtab crash no upstream bug number, triggered by the above. - Fix deduplication of...
tcpdump security update
14:4.9.2-6 - Resolves: 1715423 - tcpdump pre creates user and groups unconditionally - Resolves: 1655622 - CVE-2018-19519 Stack-based buffer over-read in print-hncp.c:printprefix via crafted pcap...
openssl security and bug fix update
1.1.1c-15 - add selftest of the RANDDRBG implementation 1.1.1c-14 - fix incorrect error return value from FIPSselftestdsa - S390x: properly restore SIGILL signal handler 1.1.1c-12 - additional fix for the edk2 build 1.1.1c-9 - disallow use of SHA-1 signatures in TLS in FIPS mode 1.1.1c-8 - fix...
python-pip security update
9.0.3-16 - Add four new patches for CVEs in bundled urllib3 and requests CVE-2018-20060, CVE-2019-11236, CVE-2019-11324, CVE-2018-18074 Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1702473 Resolves: rhbz1643829...