8992 matches found
git security update
2.18.2-1 - Update to release 2.18.2 - Remote code execution in recursive clones with nested submodules Resolves: CVE-2019-1387 - Fixes CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353, CVE-2019-1354...
kernel security and bug fix update
2.6.32-754.25.1.OL6 - Update genkey Orabug: 25599697 2.6.32-754.25.1 - kvm KVM: VMX: Set VMENTERL1DFLUSHNOTREQUIRED if !X86BUGL1TF Waiman Long 1733760 - virt KVM: coalescedmmio: add bounds checking Bandan Das 1746799 CVE-2019-14821 - virt KVM: MMIO: Lock coalesced device when checking for availab...
freetype security update
2.3.11-19 - Fix potential buffer overflow - Resolves: 1767863 2.3.11-18 - Fix potential buffer overflow - Resolves: 1758402...
grub2 security update
2.02-78.0.2 - grub-set-bootflag: fix grubenv update method, fix CVE-2019-14865 Orabug: 30607067...
openslp security update
1:2.0.0-8 - Fix a heap-based buffer overflow vulnerability leading to remote code execution, CVE-2019-5544 Resolves: 1781701...
python security update
...
Unbreakable Enterprise kernel security update
4.14.35-1902.8.4 - Revert 'oled: give panic handler chance to run before kexec' John Donnelly Orabug: 30594702 - Revert 'oled: export symbols' John Donnelly Orabug: 30594702 - net/rds: Recycle RDS headers to speed up connection fail over Ka-Cheong Poon Orabug: 30628735 - net/rds: Reduce RDS heade...
python security update
2.7.5-86.0.3 - Prefix dot in domain for proper subdomain validation CVE-2018-20852Orabug: 30114725...
thunderbird security update
68.3.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.3.0-2 - Update to 68.3.0 build2 68.2.0-2 - Added patch for TLS 1.3 support...
nss-softokn security update
3.44.0-6.0.1 - Add fips140-2 DSA Known Answer Test fix Orabug 26696773 - Add fips140-2 ECDSA/RSA/DSA Pairwise Consistency Test fix Orabug 26617866, Orabug 26617833, Orabug 26617780 3.44.0-6 - Fix out-of-bounds write in NSCEncryptUpdate 1775909...
nss, nss-softokn, nss-util security update
nss 3.44.0-7 - Increase timeout on sslgtest so that slow platforms can complete when running on a busy system. 3.44.0-6 - back out out-of-bounds patch patch for nss-softokn. - Fix segfault on empty or malformed ecdh keys 1777712 3.44.0-5 - Fix out-of-bounds write in NSCEncryptUpdate 1775910...
thunderbird security update
68.3.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.3.0-1 - Update to 68.3.0 build2 68.2.0-2 - Added patch for TLS 1.3 support...
nss security update
3.44.0-9 - Fix out-of-bounds write in NSCEncryptUpdate 1775912...
Unbreakable Enterprise kernel security update
2.6.39-400.317.1 - ieee802154: enforce CAPNETRAW for raw sockets Allen Pais Orabug: 30444948 CVE-2019-17053 - mISDN: enforce CAPNETRAW for raw sockets Ori Nimron Orabug: 30445161 CVE-2019-17055 - net: sit: fix memory leak in sitinitnet Mao Wenan Orabug: 30445309 CVE-2019-16994 - media: dvb: usb:...
Unbreakable Enterprise kernel security update
4.1.12-124.34.1 - block/loop: set hwsectors Shaohua Li Orabug: 30244514 - block-mq: fix hung due to too much warning log Junxiao Bi Orabug: 30273956 - oled: export symbols Wengang Wang Orabug: 30512063 - oled: give panic handler chance to run before kexec Wengang Wang Orabug: 30512063 - USB:...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.41.1 - x86/speculation: Determine swapgs before alternative instructions are set Patrick Colp Orabug: 30379626 - ieee802154: enforce CAPNETRAW for raw sockets Allen Pais Orabug: 30444947 CVE-2019-17053 - mISDN: enforce CAPNETRAW for raw sockets Ori Nimron Orabug: 30445159...
firefox security update
68.3.0-1.0.1 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.3.0-1 - Update to 68.3.0 ESR 68.2.0-4 - Added patch for TLS 1.3 support. 68.2.0-3 - Rebuild 68.2.0-2 - Rebuild...
docker-engine docker-cli security update
docker-engine 19.03.1-1.0.0 - update to 19.03.1 19.03-0.0.1 - update to 19.03...
firefox security update
68.3.0-1.0.1 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references Orabug: 30530527 68.3.0-1 - Update to 68.3.0 ESR 68.2.0-4 - Added patch for TLS 1.3 support. 68.2.0-3 - Rebuild...
microcode_ctl security update
3:1.17-33.19.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618737 3:1.17-33.19.0.1 - merge Oracle changes for early load via dracut - enable late load on install for UEK4 kernels marked safe except BDW-79 - update 06-55-04 to 0x2000065 - update 06-55-07 to...
microcode_ctl security update
2:2.1-53.3.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 2:2.1-53.3.0.1 - do not late load prior to 3.10.0 - ensure late loading fixes are present on 4.1.12- and 4.14.35- - enable early loading on 06-4f-01 - update 06-55-04 to 0x2000065 - update...
SDL security update
1.2.15-15 - Fix CVE-2019-13616 a heap buffer over-read in BlitNtoN bug 1747237 - Resolves: rhbz1756276...
389-ds-base security and bug fix update
1.3.9.1-12 - Bump version to 1.3.9.1-12 - Resolves: Bug 1767622 - CleanAllRUV task limit not enforced 1.3.9.1-11 - Bump version to 1.3.9.1-11 - Resolves: Bug 1748198 - EMBARGOED CVE-2019-14824 389-ds-base: Read permission check bypass via the deref plugin - Resolves: Bug 1754831 - After audit log...
tcpdump security update
14:4.9.2-4.1 - Resolves: 1761349 - CVE-2018-19519 tcpdump: Stack-based buffer over-read in print-hncp.c...
kernel security and bug fix update
3.10.0-1062.7.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.7.1 - drm drm/i915/cmdparser: Fix jump whitelist clearing Dave Airlie...
SDL security update
1.2.15-36 - Fix CVE-2019-13616 a heap buffer over-read in BlitNtoN bug 1747237 - Resolves: rhbz1756279...
php:7.3 security update
php 7.3.5-5 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043...
php:7.2 security update
php 7.2.11-4 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043...
ghostscript security update
9.25-5.1 - 1769342 - CVE-2019-14869 ghostscript: -dSAFER escape in .charkeys...
kernel security update
4.18.0-147.0.21.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-147.0.21 - drm drm/i915: Lower RM timeout to avoid DSI hard hangs Dav...
sudo security update
1.8.25p1-8 - RHEL-8.1.0 - fixed CVE-2019-14287 Resolves: rhbz1760696...
kernel security update
4.18.0-147.0.31.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-147.0.31 - drm drm/i915/cmdparser: Fix jump whitelist clearing Dave...
glibc security, bug fix, and enhancement update
2.28-72.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...
Unbreakable Enterprise kernel security update
2.6.39-400.316.1 - ipv4: ipmr: various fixes and cleanups Eric Dumazet Orabug: 30183226 CVE-2017-18509 - scsi: sg: fixup infoleak when using SGGETREQUESTTABLE Hannes Reinecke Orabug: 30393903 CVE-2017-14991 - usb: misc: legousbtower: Fix NULL pointer deference Greg Kroah-Hartman Orabug: 30412152...
glibc security update
2.28-72.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...
openssl security update
1.1.1c-2 - do not try to use EC groups disallowed in FIPS mode in TLS - fix Valgrind regression with constant-time code 1.1.1c-1 - update to the 1.1.1c release 1.1.1b-6 - adjust the default cert pbe algorithm for pkcs12 -export in the FIPS mode 1.1.1b-5 - Fix small regressions related to the reba...
Unbreakable Enterprise kernel security update
4.1.12-124.33.4 - ocfs2: protect extent tree in ocfs2prepareinodeforwrite Shuning Zhang Orabug: 30036349 - ocfs2: direct-IO: protect getblocks Junxiao Bi Orabug: 30036349 - SUNRPC: Remove xprtconnectstatus Trond Myklebust Orabug: 30165838 - SUNRPC: Handle ENETDOWN errors Trond Myklebust Orabug:...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.40.1 - USB: check usbgetextradescriptor for proper size Mathias Payer Orabug: 30045797 CVE-2018-20169 - scsi: sg: fixup infoleak when using SGGETREQUESTTABLE Hannes Reinecke Orabug: 30393902 CVE-2017-14991 - usb: misc: legousbtower: Fix NULL pointer deference Greg...
ghostscript security update
9.25-2.3 - 1769340 - CVE-2019-14869 ghostscript: -dSAFER escape in .charkeys...
freeradius:3.0 security and bug fix update
...
389-ds:1.4 security, bug fix, and enhancement update
...
dbus security update
1.12.8-9.0.1 - fix netlink poll: error 4 Zhenzhong Duan 1:1.12.8-9 - Ensure that patches are applied 1725570 1:1.12.8-8 - Fix CVE-2019-12749 1725570...
mod_auth_mellon security, bug fix, and enhancement update
0.14.0-9 - Just bump the release number - Related: rhbz1718238 - modauthmellon-diagnostics RPM not in product listings 0.14.0-8 - Resolves: rhbz1691894 - RFE Config option to change modauthmellon prefix 0.14.0-7 - Apply the patch from the previous commit - Resolves: rhbz1692471 - CVE-2019-3877...
qt5-qtbase security and bug fix update
qt5-qtbase 5.11-1-7 - Move libQt5EglFSDeviceIntegration lib out of the -devel subpkg Resolves: bz1692970 - Fix QImage allocaion failure Resolve: bz1667860 - Fix double free in QXmlStreamReader Resolve: bz1667858 - Fix segmentation fault on malformed BMP file Resolve: bz1667859 5.11.1-6 - Create a...
openssl security, bug fix, and enhancement update
1.1.1c-2 - do not try to use EC groups disallowed in FIPS mode in TLS - fix Valgrind regression with constant-time code 1.1.1c-1 - update to the 1.1.1c release 1.1.1b-6 - adjust the default cert pbe algorithm for pkcs12 -export in the FIPS mode 1.1.1b-5 - Fix small regressions related to the reba...
gettext security update
0.19.8.1-17 - Ported CI gating tests to Python 3.6 0.19.8.1-16 - add CI gating tests 0.19.8.1-15 - fix CVE-2018-18751: double-free in xgettext rhbz1647049...
libseccomp security, bug fix, and enhancement update
2.4.1-1 - rebase to 2.4.1 2.3.3-4 - spec: make the check phase conditional...
elfutils security, bug fix, and enhancement update
0.176-5 - Add elfutils-0.176-strip-symbols-illformed.patch 0.176-4 - Add elfutils-0.176-elf-update.patch 1717349 0.176-3 - Rebuilt for annobin change. 0.176-2 - Add elfutils-0.176-xlate-note.patch 1705138 0.176-1 - New upstream release. - backends: riscv improved core file and return value locati...
samba security, bug fix, and enhancement update
4.10.4-1 - resolves: 1712378 - Fix smbspool CUPS backend - resolves: 1696612 - Fix 'net ads join -U admin@parentdomain' 4.10.4-0 - related: 1638001 - Rebase to Samba version 4.10.4 - resolves: 1597298 - Build Samba with python3 - resolves: 1658558 - Add 'net ads leave --keep-account' option -...
squid:4 security and bug fix update
...