9180 matches found
gettext security and bug fix update
0.19.8.1-3 - fix CVE-2018-18751: double-free in xgettext rhbz1648433...
file security update
5.11-36 - fix out-of-bounds read via a crafted ELF file CVE-2018-10360...
libsndfile security update
1.0.25-11 - fix CVE-2018-13139 - stack-based buffer overflow in sndfile-deinterleave utility 1598577...
okular security update
4.10.5-8 - Fix path traversal issue when extracting an .okular file Resolves: bz1634726...
evolution security and bug fix update
atk 2.28.1-2 - Remove patch to fix invalid unref at atkgobjectaccessibleobjectgonecb - Resolves: 1753123 evolution 3.28.5-8 - Update patch for RH bug 1686408 CVE-2018-15587: Reposition signature bar 3.28.5-7 - Add patch for RH bug 1686408 CVE-2018-15587: Reposition signature bar 3.28.5-6 - Add...
squid security and bug fix update
7:3.5.20-15 - Resolves: 1690551 - Squid cachepeer DNS lookup failed when not all lower case - Resolves: 1680022 - squid cant display download/upload packet size for HTTPS sites - Resolves: 1717430 - Excessive memory usage when running out of descriptors - Resolves: 1676420 - Cache siblings return...
unzip security update
6.0-21 - Fix CVE-2019-13232 - Resolves: CVE-2019-13232...
python-twisted-web security update
12.1.0-6 - Fix CVE-2019-12387 HTTP Header Injection Resolves: rhbz1721518...
wireshark security and bug fix update
1.10.14-24.0.1 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.10.14-24 - Related: 1613034 - Typo in the previous patch discovered by covscan 1.10.14-23 - Related: 1613034 - Fixing an infinite loop created by previous update 1.10.14-22 - Related: 1633330 - fixing a...
ImageMagick security, bug fix, and enhancement update
autotrace 0.31.1-38 - Resolves: 1765205 rebuild against new IM emacs 1:24.3-23 - Resolves: 1765208 rebuild against new IM ImageMagick 6.9.10.68-3 - Fixing freeze when svg file contains class='' 6.9.10.68-2 - Fixed ghostscript fonts, fixed multilib conflicts 6.9.10.68-1 - Rebase to 6.9.10.68...
samba security, bug fix, and enhancement update
4.10.4-10 - resolves: 1786324 - fix security level check for DsRGetForestTrustInformation 4.10.4-9 - resolves: 1764468 - Fix CVE-2019-10218 4.10.4-8 - resolves: 1656541 - Fix join using netbios name 4.10.4-7 - resolves: 1657428 - Fix spnego downgrade - resolves: 1663064 - Fix net ads join in...
advancecomp security update
1.15-22 - Resolves: 1686115, integer overflow in pngcompress 1.15-21 - Resolves: 1711051, CVE-2019-8383 denial of service - Resolves: 1710910, CVE-2019-8379 null pointer dereference 1.15-20 - Mass rebuild 2014-01-24 1.15-19 - Mass rebuild 2013-12-27 1.15-18 - Rebuilt for...
python3 security update
3.6.8-13.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-13 - Security fix for CVE-2019-16056 Resolves: rhbz1750774 3.6.8-12 - Add support for OpenSSL FIPS mode - Fix faulthandler stack size Resolves: rhbz1732908 3.6.8-11 - Security fix for CVE-2018-20852 Resolves:...
mutt security update
5:1.5.21-29 - Fix IMAP header caching path traversal vulnerability - Resolves: 1608011 - Resolves: CVE-2018-14355...
doxygen security and bug fix update
1:1.8.5-4 - Resolves: 1483569, incorrect processing of code blocks - Resolves: 1724173 - CVE-2016-10245, cross-site scripting...
mod_auth_mellon security and bug fix update
0.14.0-8 - Resolves: rhbz1731052 - CVE-2019-13038 modauthmellon: an Open Redirect via the login?ReturnTo= substring which could facilitate information theft rhel-7 0.14.0-7 - Resolves: rhbz1727789 - modauthmellon fix for AJAX header name X-Requested-With 0.14.0-6 - Apply the patch from the previo...
dovecot security and bug fix update
1:2.2.36-6 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741787 1:2.2.36-5 - fix CVE-2019-3814: improper certificate validation 1674369 - fix CVE-2019-7524: buffer overflow in...
libreoffice security and bug fix update
1:5.3.6.1-24.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.3.6.1-24 - Resolves: rhbz1728763 bg of blocks is black 1:5.3.6.1-23 - Resolves: rhbz1601372 libreoffice fails to build with...
zziplib security update
0.13.62-12 - Fix a directory traversal bug - unzip-mem should now strip all '../' prefixes from the archived files - Resolves: CVE-2018-17828...
bind security and bug fix update
32:9.11.4-16.P2 - Finish dig query when name is too long 1743572 32:9.11.4-15.P2 - Stop listening on IPv6 by default 1753259 32:9.11.4-14.P2 - Limit number of queries per TCP connection CVE-2019-6477 32:9.11.4-13.P2 - Revert not searching names with dot 1743572 32:9.11.4-12.P2 - Fix mkeys test...
python security update
2.7.5-88.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-88 - Security fix for CVE-2019-16056 Resolves: rhbz1750773 2.7.5-87 - Fix CVE-2018-20852 Resolves: rhbz1741551...
php security update
5.4.16-48 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043 5.4.16-47 - fix stack-buffer-overflow while parsing HTTP response CVE-2018-7584 - fix out-of-bounds read in base64decodexmlrpc CVE-2019-9024 - fix reflected XSS in phar 404 page CVE-2018-5712 - fix reflected XSS in phar 403 and...
bluez security update
5.44-6 - fixing CVE-2018-10910. Resolves: 1609340...
tcpdump security update
4.9.2-4.0.1.el77.1 - Fix CVE-2018-14468 Orabug: 30480183...
polkit security and bug fix update
0.112-26.0.1 - Increase timeout to avoid defunct processes Orabug: 26930744 0.112-26 - Refined upstream fix of CVE-2018-1116 to avoid ABI changes - Related: rhbz1601411 0.112-25 - fix of CVE-2018-1116 - Resolves: rhbz1601411 0.112-24 - pkttyagent: resetting terminal erases rest of input line -...
httpd security, bug fix, and enhancement update
2.4.6-93.0.1 - replace index.html with Oracles index page oracleindex.html 2.4.6-93 - Resolves: 1677496 - CVE-2018-17199 httpd: modsessioncookie does not respect expiry time 2.4.6-92 - htpasswd: add SHA-2 crypt support 1486889 2.4.6-91 - Resolves: 1630886 - scriptlet can fail if hostname is not...
mariadb security and bug fix update
1:5.5.65-1 - Rebase to 5.5.65 Also fixes: CVE-2019-2737 CVE-2019-2739 CVE-2019-2740 CVE-2019-2805 Resolves: 1741357 - Revert upstream changes that make the mysqlinstalldb relocatable because it broke mysqlinstalldb when run without --rpm arg Resolves: 1731062 - Add openssl BR that was missing for...
poppler and evince security update
evince 3.28.2-9 - Handle failure from TIFFReadRGBAImageOriented - Resolves: 1717352 poppler 0.26.5-42 - Fix potential integer overflow and check length for negative values - Resolves: 1757283 0.26.5-41 - Ignore dict Length if it is broken - Resolves: 1733026 0.26.5-40 - Fail gracefully if not all...
qemu-kvm security, bug fix, and enhancement update
1.5.3-173.el7 - kvm-tcpemu-Fix-oob-access.patch bz1791560 - kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch bz1791560 - kvm-slirp-use-correct-size-while-emulating-commands.patch bz1791560 - Resolves: bz1791560 CVE-2020-7039 qemu-kvm: QEMU: slirp: OOB buffer access while emulating tc...
expat security update
2.1.0-11 - add security fix for CVE-2015-2716...
kernel security, bug fix, and enhancement update
3.10.0-1127.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1127 - fs flexfiles: Dont tie up all the rpciod threads in resends Benjamin...
nodejs:12 security update
nodejs 1:12.16.1-2 - Fix CVE-2020-10531 1:12.16.1-1 - Resolves: RHBZ1800393, RHBZ1800394, RHBZ1800380 - Rebase to 12.16.1 1:12.14.1-1 - Rebase to 12.14.1 1:12.13.1-1 - Resolves: RHBZ 1773503, update to 12.13.1 - minor clean up and sync with Fedora spec - turn off debug builds 1:12.4.0-2 -...
haproxy security update
1.8.15-6.1 - - Fix hapack zero byte input causing overwrite CVE-2020-11100, 1819518 1.8.15-6 - Add gating tests 1682106...
ipmitool security update
0:1.8.18-9 - Disable -fstrict-aliasing RPMDiff issue 0:1.8.18-8 - Backport fix for CVE-2020-5208...
ipmitool security update
1.8.18-12 - Disable -fstrict-aliasing RPMDiff issue 1.8.18-11 - Backport fix for CVE-2020-5208...
libvncserver security update
0.9.9-14 - Fix CVE-2019-15690 an integer overflow in HandleCursorShape in a client bug 1814339...
tomcat6 security update
0:6.0.24-114 - Related: rhbz1806803 Update patch to remove secret attribute renaming 0:6.0.24-113 - Related: rhbz1806803 Add IIS attributes to filter pattern and update secret logic 0:6.0.24-112 - Resolves: rhbz1806803 CVE-2020-1938 tomcat6: tomcat: Apache Tomcat AJP File Read/Inclusion...
libvncserver security update
0.9.11-9.2 - Enable gating bug 1681199 0.9.11-9.1 - Fix CVE-2019-15690 an integer overflow in HandleCursorShape in a client bug 1814342...
thunderbird security update
68.6.0-1.0.1.el81 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.6.0-1 - Update to 68.6.0 build2...
tomcat security update
0:7.0.76-11 - Resolves: rhbz1806801 CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability...
thunderbird security update
68.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.6.0-1 - Update to 68.6.0 build2...
icu security update
4.2.1-15 - Apply icu.13634.integer.overflow.patch - Apply icu.20958.segv.mapper.patch - Resolves: rhbz1809876...
icu security update
60.3-2 - Apply ICU-13634-Adding-integer-overflow-logic-to-ICU4C-num.patch - Apply ICU-20958-Prevent-SEGVMAPERR-in-append.patch - Resolves: rhbz1808238...
zsh security update
5.5.1-6.el81.2 - improve printing of error messages introduced by the fix of CVE-2019-20044 5.5.1-6.el81.1 - drop privileges securely when unsetting PRIVILEGED option CVE-2019-20044...
zsh security update
4.3.11-11 - improve printing of error messages introduced by the fix of CVE-2019-20044 4.3.11-10 - drop privileges securely when unsetting PRIVILEGED option CVE-2019-20044...
python-imaging security update
1.1.6-20 - Fixes for CVE-2020-5312 and related part of CVE-2019-16865 Resolves: rhbz1789533...
icu security update
50.2-4 - Apply ICU-13634-Adding-integer-overflow-logic-to-ICU4C-num.patch - Apply ICU-20958-Prevent-SEGVMAPERR-in-append.patch - Resolves: rhbz1808235...
zsh security update
5.0.2-34.el77.2 - improve printing of error messages introduced by the fix of CVE-2019-20044 5.0.2-33.el77.1 - drop privileges securely when unsetting PRIVILEGED option CVE-2019-20044...
kernel security, bug fix, and enhancement update
3.10.0-1062.18.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.18.1 - x86 x86/boot/64: Round memory hole size up to next PMD page Fra...
python-virtualenv security update
15.1.0-4 - Bump Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1643829 15.1.0-3 - Add three new patches for CVEs in bundled urllib3 and requests CVE-2018-20060, CVE-2019-11236, CVE-2018-18074 Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1643829...