8993 matches found
firefox security update
68.2.0-1.0.1 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.2.0-1 - Update to 68.2.0 ESR 68.1.0-6 - Enable system nss on RHEL6...
java-1.7.0-openjdk security update
1:1.7.0.241-2.6.20.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.241-2.6.20.0 - Bump to 2.6.20 and OpenJDK 7u241-b01. - Drop PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Drop JDK-8226318/RH1738637 which is now included upstream. - Resolves: rhbz1753423...
java-1.7.0-openjdk security update
1:1.7.0.241-2.6.20.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.241-2.6.20.0 - Bump to 2.6.20 and OpenJDK 7u241-b01. - Drop PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Resolves: rhbz1753423...
java-1.8.0-openjdk security update
1:1.8.0.232.b09-0 - Update to aarch64-shenandoah-jdk8u232-b09. - Switch to GA mode for final release. - Remove PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Resolves: rhbz1753423 1:1.8.0.232.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u232-b08. - Resolves: rhbz1753423...
java-11-openjdk security update
1:11.0.5.10-0.0.1 - link atomic for ix86 build Livy Ge 1:11.0.5.10-0 - Update to shenandoah-jdk-11.0.5+10 GA - Switch to GA mode for final release. - Remove PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Resolves: rhbz1753423 1:11.0.5.9-0.0.ea - Update to shenandoah-jdk-11.0.5+9...
java-1.8.0-openjdk security update
1:1.8.0.232.b09-0 - Update to aarch64-shenandoah-jdk8u232-b09. - Switch to GA mode for final release. - Remove PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Resolves: rhbz1753423 1:1.8.0.232.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u232-b08. - Resolves: rhbz1753423...
kernel security and bug fix update
3.10.0-1062.4.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.4.1 - vhost vhost: make sure lognum innum Eugenio Perez 1750879 1750880...
java-11-openjdk security update
1:11.0.5.10-0.0.1 - link atomic for ix86 build 1:11.0.5.10-0 - Update to shenandoah-jdk-11.0.5+10 GA - Switch to GA mode for final release. - Remove PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Resolves: rhbz1753423 1:11.0.5.9-0.0.ea - Update to shenandoah-jdk-11.0.5+9 EA -...
Unbreakable Enterprise kernel security update
4.1.12-124.32.3 - scsi: sg: fixup infoleak when using SGGETREQUESTTABLE Hannes Reinecke Orabug: 26941755 CVE-2017-14991 - failover: allow name change on IFFUP slave interfaces Si-Wei Liu Orabug: 29707258 - Revert 'netfailover: delay taking over primary device to accommodate udevd renaming' Si-Wei...
jss security update
Thu Sep 12 2019 Dogtag PKI Team - NVR bump 4.4.6-2 - Bugzilla 1747966 - CVE 2019-14823 jss: OCSP policy 'Leaf and Chain' implicitly trusts the root certificate...
java-1.8.0-openjdk security update
1:1.8.0.232.b09-0 - Update to aarch64-shenandoah-jdk8u232-b09. - Switch to GA mode for final release. - Remove PR1834/RH1022017 which is now handled by JDK-8228825 upstream. - Resolves: rhbz1753423 1:1.8.0.232.b08-0.0.ea - Update to aarch64-shenandoah-jdk8u232-b08. - Resolves: rhbz1753423...
sudo security update
1.8.23-4.0.1 - Treat an ID of -1 as invalid since that means 'no change' Orabug: 30421281 CVE-2019-14287 - Add sudostrtoid tests for -1 and range errors. Orabug: 30421281...
sudo security update
1.8.25-4.0.1.el8.1 - Treat an ID of -1 as invalid since that means 'no change' Orabug: 30421281 CVE-2019-14287 - Add sudostrtoid tests for -1 and range errors. Orabug: 30421281...
Unbreakable Enterprise kernel security update
4.14.35-1902.6.6 - RDMA/restrack: Protect from reentry to resource return path Leon Romanovsky Orabug: 30388717 4.14.35-1902.6.5 - hvnetvsc: fix vf serial matching with pci slot info Haiyang Zhang Orabug: 30373111 - rds: Use correct conn when dropping connections due to cancel Hakon Bugge Orabug:...
docker-engine security update
18.09.8-1.0.4 - Modified version to include ol suffix 18.09.8-1.0.3 - ol7 image related changes 18.09.8-1.0.2 - Merge upstream for CVE fixes...
patch security update
2.7.1-12 - Fixed CVE-2018-20969, invoke ed directly instead of using the shell...
Unbreakable Enterprise kernel security update
2.6.39-400.315.1 - loopback: off by one in tcmloopmakenaatpg Dan Carpenter Orabug: 30254296 CVE-2011-5327 - floppy: fix out-of-bounds read in copybuffer Denis Efremov Orabug: 30318221 CVE-2019-14283...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.39.1 - tcp: purge write queue in tcpconnectinit Eric Dumazet Orabug: 30240134 CVE-2019-15239 - cx24116: fix a buffer overflow when checking userspace params Mauro Carvalho Chehab Orabug: 30254282 CVE-2015-9289 - floppy: fix out-of-bounds read in copybuffer Denis Efremov...
Unbreakable Enterprise kernel security update
4.1.12-124.32.1 - NFSv4: Don't try to reclaim unused state owners Trond Myklebust Orabug: 30124013 - x86/microcode: Update late microcode in parallel Ashok Raj Orabug: 30302412 - floppy: fix out-of-bounds read in copybuffer Denis Efremov Orabug: 30318219 CVE-2019-14283 - xen-netback: stop netif T...
nodejs:10 security update
nodejs-packaging 17-3 - Change Requires to Recommends on nodejs dependency, so it is usable for building nodejs...
qemu-kvm security update
0.12.1.2-2.506.el610.5 - kvm-slirp-fix-big-little-endian-conversion-in-ident-prot.patch bz1669066 - kvm-slirp-ensure-there-is-enough-space-in-mbuf-to-null-t.patch bz1669066 - kvm-slirp-don-t-manipulate-sorcv-in-tcpemu.patch bz1669066 - kvm-qxl-check-release-info-object.patch bz1712728 -...
httpd:2.4 security update
httpd 2.4.37-12.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-12 - Resolves: 1744997 - CVE-2019-9511 httpd:2.4/modhttp2: HTTP/2: large amount of data request leads to denial of service - Resolves: 1745084 -...
kernel security update
2.6.32-754.23.1.OL6 - Update genkey bug 25599697 2.6.32-754.23.1 - vhost vhost: make sure lognum innum Eugenio Perez 1750869 1750869 CVE-2019-14835...
dovecot security update
1:2.2.36-5.1 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741788...
dovecot security update
1:2.0.9-22.1 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1752708...
kernel security update
4.18.0-80.11.20.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.11.20 - vhost vhost: make sure lognum innum Eugenio Perez 1750881...
dovecot security update
1:2.2.36-3.1 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1751383...
kernel security update
3.10.0-1062.1.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.1.2 - vhost vhost: make sure lognum innum Eugenio Perez 1750879 1750880...
Unbreakable Enterprise kernel security update
4.1.12-124.31.1.1 - KVM: coalescedmmio: add bounds checking Matt Delco Orabug: 30318042 CVE-2019-14821 CVE-2019-14821...
Unbreakable Enterprise kernel security update
4.14.35-1902.5.2.2 - KVM: coalescedmmio: add bounds checking Matt Delco Orabug: 30318013 CVE-2019-14821 CVE-2019-14821...
thunderbird security update
60.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.9.0-1 - Update to 60.9.0...
patch security update
2.7.6-9 - CVE-2018-20969, invoke ed directly instead of using the shell...
nginx:1.14 security update
1:1.14.1-9.0.1 - Remove Red Hat references Orabug: 29498217 1:1.14.1-9 - Resolves: 1744811 - CVE-2019-9511 nginx:1.14/nginx: HTTP/2: large amount of data request leads to denial of service - Resolves: 1744325 - CVE-2019-9513 nginx:1.14/nginx: HTTP/2: flood using PRIORITY frames resulting in...
thunderbird security update
60.9.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.9.0-2 - Update to 60.9.0...
pki-deps:10.6 security update
jackson-databind...
Unbreakable Enterprise kernel security update
4.14.35-1902.5.2.1 - vhost: make sure lognum innum yongduan Orabug: 30312787 CVE-2019-14835 - vhost: block speculation of translated descriptors Michael S. Tsirkin Orabug: 30312787 CVE-2019-14835 - vhost: Fix Spectre V1 vulnerability Jason Wang Orabug: 30312787...
thunderbird security update
60.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.9.0-1 - Update to 60.9.0...
edk2 security update
1:1.2-5.el7 - Update spec file to remove 'modprobe kvm-intel' and remove --enable-kvm arg to ovmfvarsgenerator so qemu will not require kvm kernel module. Aaron Young - Update spec file to modprobe kvmintel module prior to running qemu to enroll default keys. Aaron Young - Enroll Oracle cert/key...
kernel security and bug fix update
4.18.0-80.11.10.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.11.10 - wireless mwifiex: Don't abort on small, spec-compliant...
poppler security update
0.66.0-11.el80.12 - Ignore dict Length if it is broken - Resolves: 1741146 0.66.0-11.el80.11 - Check whether input is RGB in PSOutputDev::checkPageSlice - also when using '-optimizecolorspace' flag - Resolves: 1741145 0.66.0-11.el80.10 - Fail gracefully if not all components of JPEG2000Stream -...
.NET Core on Red Hat Enterprise Linux security and bug fix update
2.1.509-1 - Update to .NET Core Runtime 2.1.13 and SDK 2.1.509 - Resolves: RHBZ1747874...
libwmf security update
0.2.9-8 - Related: rhbz1717799 fix clang warning 0.2.9-7 - Related: rhbz1717799 bump n-v-r 0.2.9-6 - Related: rhbz1679006 bump n-v-r 0.2.9-5 - Resolves: rhbz1679006 libgd CVE-2019-6978...
firefox security update
60.9.0-1.0.1 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.9.0-1 - Update to 60.9.0 ESR...
kernel security and bug fix update
2.6.32-754.21.1.OL6 - Update genkey bug 25599697 2.6.32-754.21.1 - scsi scsi: megaraidsas: return error when create DMA pool failed Tomas Henzl 1712858 CVE-2019-11810 - net net: Set skprotcreator when copying sockets to the right proto Andrea Claudi 1657117 CVE-2018-9568 2.6.32-754.20.1 - x86...
firefox security update
60.9.0-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.9.0-1 - Update to 60.9.0 ESR...
nghttp2 security update
1.33.0-1.el800.1 - backport security fixes from nghttp2-1.39.2 CVE-2019-9511 and CVE-2019-9513...
Unbreakable Enterprise kernel security update
2.6.39-400.314.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 30165287 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 30165287 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1 swapgs...
firefox security update
68.1.0-1.0.1 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.1.0-1 - Update to 68.1.0 ESR 68.0.1-4 - Enable system nss...
ghostscript security update
9.25-2.3 - Resolves: 1744010 - CVE-2019-14811 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdfhookDSCCreator 701445 - Resolves: 1744014 - CVE-2019-14812 ghostscript: Safer Mode Bypass by .forceput Exposure in setuserparams 701444 - Resolves: 1744005 - CVE-2019-14813 ghostscript: Safer...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.38.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 30165288 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 30165288 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1...