8994 matches found
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.38.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 30165288 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 30165288 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1...
kdelibs and kde-settings security and bug fix update
kdelibs 6:4.14.8-11 - KConfig: malicious .desktop files would execute code Resolves: bz1740736 kde-settings 19-23.10.0.1 - Change GreetString bug 11710280 19-23.10 - Use correct tcsh syntax for config scripts Resolves: bz1738491...
qemu-kvm security update
1.5.3-167.el77.1 - kvm-qxl-check-release-info-object.patch bz1732337 - kvm-Fix-heap-overflow-in-ipreass-on-big-packet-input.patch bz1734748 - Resolves: bz1732337 CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources rhel-7 rhel-7.7.z - Resolves: bz1734748...
kernel security and bug fix update
3.10.0-1062.1.1 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.1.1 - fs nfsv4.1: Avoid false retries when RPC calls are interrupted Benjam...
squid:4 security update
libecap 1.0.1-2 - Resolves: 1696354 - Ensure modular RPM upgrade path squid 7:4.4-5 - Resolves: 1744672 - CVE-2019-12527 squid:4/squid: heap-based buffer overflow in HttpHeader::getAuth...
ghostscript security update
9.25-2.2 - Resolves: 1744008 - CVE-2019-14811 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdfhookDSCCreator 701445 - Resolves: 1744012 - CVE-2019-14812 ghostscript: Safer Mode Bypass by .forceput Exposure in setuserparams 701444 - Resolves: 1744003 - CVE-2019-14813 ghostscript: Safer...
pango security update
1.42.4-5 - Fixes crash in pangofcfontkeygetvariations when key is null 1.42.4-4 - Fixes bidi crash - Security fix for CVE-2019-1010238 - Resolves: 1738461 1.42.4-3 - rebuild 1.42.4-2 - rebuild...
pango security update
1.42.4-4 - Fixes bidi crash - Security fix for CVE-2019-1010238 - Resolves: 1738459...
mysql:8.0 security update
mecab 0.996-1.9 - Release bump for rebuilding on new arches Related: 1518842 0.996-1.8 - skip %verify of /etc/opt/rh/rh-mysql57/mecabrc Resolves: 1382315 0.996-1.7 - Prefix library major number with SCL name in soname 0.996-1.6 - Require runtime package from the scl 0.996-1.5 - Convert to SCL...
kernel security, bug fix, and enhancement update
4.18.0-80.7.10.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.7.10 - x86 Update stepping values for Whiskey Lake U/Y David Arcari...
redis:5 security update
5.0.3-2 - fix Heap buffer overflow in HyperLogLog triggered by malicious client CVE-2019-10192 - fix Stack buffer overflow in HyperLogLog triggered by malicious client CVE-2019-10193...
openssl security update
1.0.2k-19.0.1 - Bump release for rebuild. 1.0.2k-19 - close the RSA decryption 9 lives of Bleichenbacher cat timing side channel 1649568 1.0.2k-18 - fix CVE-2018-0734 - DSA signature local timing side channel - fix CVE-2019-1559 - 0-byte record padding oracle - close the RSA decryption One & done...
subversion:1.10 security update
libserf 1.3.9-9 - Resolves: 1696354 - Ensure modular RPM upgrade path subversion 1.10.2-2 - rebuild to ensure NVR ordering 1696354 1.10.2-1.1 - Resolves: 1733442 - CVE-2019-0203 subversion:1.10/subversion: remote unauthenticated denial-of-service in subversion svnserve utf8proc 2.1.1-5 - Resolves...
docker-engine security update
18.03.1.ol-0.0.15 - cherry-picked fix for CVE-2018-15664 from upstream 18.03.1.ol-0.0.14 - rebuild 18.03.1.ol-0.0.13 - update for CVE-2018-20699 18.03.1.ol-0.0.12 - correct the version string of containerd 18.03.1.ol-0.0.11 - update runc for CVE-2019-5736 18.03.1.ol-0.0.10 - update Go to version...
glibc security update
2.17-292.0.1.7 - Remove glibc-ora28641867.patch as duplicate of glibc-rh1705899-4.patch - Make IOfunlockfile match funlockfile and IOflockfile match flockfile Both should test if stream-flags & IOUSERLOCK == 0 IOlocklock stream-lock; OraBug 28481550. Reviewed-by: Jose E. Marchesi - Modify...
kernel security update
4.18.0-80.7.20.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.7.20 - x86 x86/entry/64: Use JMP instead of JMPQ Josh Poimboeuf...
openssl security update
1.0.1e-58.0.1 - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix CVE-2018-0739 - Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz - sha256 is used for the RSA pairwise consistency test instead of sha1 1.0.1e-58 - fi...
ghostscript security update
9.25-2.1 - Resolves: 1737338 - CVE-2019-10216 ghostscript: -dSAFER escape via .buildfont1 701394...
Unbreakable Enterprise kernel security update
4.14.35-1902.4.8 - x86/boot: Clear RSDP address in bootparams for broken loaders Juergen Gross Orabug: 30111373 4.14.35-1902.4.7 - rds: ib: Qualify CM REQ duplicate detection with connection being up Hakon Bugge Orabug: 30062149 - rds: Further prioritize local loop-back connections Hakon Bugge...
kernel security and bug fix update
2.6.32-754.18.2.OL6 - Update genkey bug 25599697 2.6.32-754.18.2 - x86 x86/speculation: Enable Spectre v1 swapgs mitigations Waiman Long 1724512 CVE-2019-1125 - x86 x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations Waiman Long 1724512 CVE-2019-1125 2.6.32-754.18.1 - virt xenbu...
openssl security update
1.0.1e-58.0.1 - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix CVE-2018-0739 - Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz - sha256 is used for the RSA pairwise consistency test instead of sha1 1.0.1e-58 - fi...
qemu-kvm security, bug fix, and enhancement update
1.5.3-167.el7 - Reverting kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch bz1618503 - Resolves: bz1618503 qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads rhel-7 1.5.3-166.el7 - kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch bz1618503 - Resolves: bz1618503 qemu-kv...
dhcp security and bug fix update
12:4.2.5-77.0.1 - Direct users to Oracle Linux support site. 12:4.2.5-77 - Resolves: 1712414 - Reset signal handlers set by isclib 12:4.2.5-76 - Resolves: 1704675 - Fix crash of dhcpd6 triggered by bind rebase 12:4.2.5-75 - Resolves: 1672308 - Do not restart dhcp on NetworkManagers up events...
uriparser security update
0.7.5-10 - Fix CVE-2018-19198, CVE-2018-19199 Fix unescaped % in a comment Resolves: 1652002, 1652001...
httpd security and bug fix update
2.4.6-90.0.1 - replace index.html with Oracles index page oracleindex.html Resolves: 1566317 - CVE-2018-1312 httpd: Weak Digest auth nonce generation in modauthdigest - Resolves: 1696141 - CVE-2019-0217 httpd: modauthdigest: access control bypass due to race condition - Resolves: 1696096 -...
libssh2 security, bug fix, and enhancement update
1.8.0-3 - sanitize public header file detected by rpmdiff 1.8.0-2 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix out-of-bounds memory comparison with specially crafted message channel request CVE-2019-3862 - fix out-of-bounds reads wit...
binutils security and bug fix update
2.27-41.base.0.1 - Complete the backport of upstream commit a5def14f1ca70e14d9433cb229c9369fa3051598 Add a test for R386GOT32/R386GOT32X IFUNC reloc error Orabug 27930573 - Reviewed-by: Jose E. Marchesi 2.27-41.base - Fix up some linker tests that fail because of the Rx8664GOTPCRELX patch. 169974...
python security and bug fix update
2.7.5-86.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-86 - Security fix for CVE-2019-10160 Resolves: rhbz1718388 2.7.5-85 - Security fix for CVE-2019-9948 Resolves: rhbz1704174 2.7.5-84 - Disallow control chars in http URLs - Fixes CVE-2019-9740 and CVE-2019-9947...
python-requests security update
2.6.0-5 - Fix CVE-2018-18074 Resolves: rhbz1647368...
elfutils security, bug fix, and enhancement update
0.176-2 - Add elfutils-0.176-xlate-note.patch 1704754 0.176-1 - New upstream release 1676504 CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7150, CVE-2019-7664, CVE-2019-7665, CVE-2018-16062, CVE-2018-16402, CVE-2018-16403, CVE-2018-18310, CVE-2018-18521, CVE-2018-18520...
mod_auth_openidc security update
1.8.8-5 - Resolves: rhbz1626297 - CVE-2017-6413 modauthopenidc: OIDCCLAIM and OIDCAuthNHeader not skipped in an 'AuthType oauth20' configuration rhel-7 1.8.8-4 - Resolves: rhbz1626299 - CVE-2017-6059 modauthopenidc: Shows user-supplied content on error pages rhel-7...
libarchive security update
3.1.2-12 - fixed use after free in RAR decoder 1700749 - fixed double free in RAR decoder 1700748 3.1.2-11 - fix out-of-bounds read within lhareaddatanone CVE-2017-14503 - fix crash on crafted 7zip archives CVE-2019-1000019 - fix infinite loop in ISO9660 CVE-2019-1000020...
blktrace security update
1.0.5-9 - Fix buffer overflow in the devmapread function 1580579 Fixes CVE-2018-10689...
exiv2 security, bug fix, and enhancement update
0.27.0-2 - Minor improvements Resolves: bz1652637 0.27.0-1 - Exiv2 0.27.0 Resolves: bz1652637...
zsh security and bug fix update
5.0.2-33 - fix regression in oh-my-zsh vcsinfo hooks introduced in -30 1677696 5.0.2-32 - fix improper handling of shebang line longer than 64 bytes CVE-2018-13259...
systemd security, bug fix, and enhancement update
219-67.0.1 - do not create utmp update symlinks for reboot and poweroff Orabug: 27854896 - OL7 udev rule for virtio net standby interface Orabug: 28826743 - fix netdev is missing for iscsi entry in /etc/fstab Orabug: 25897792 [email protected] - set 'RemoveIPC=no' in logind.conf as default fo...
mercurial security update
2.6.2-10 - Add missing hunk for CVE-2018-13347 patch - Related: CVE-2018-13347 2.6.2-9 - Fix various CVEs - Resolves: CVE-2018-1000132 CVE-2018-13346 CVE-2018-13347...
keepalived security and bug fix update
1.3.5-16 - Rework previous miscscript/vrrpscript patch 1667292 1.3.5-15 - Rework previous checker comparison patch 1715308 1.3.5-14 - Make checker variables non global 1715308 1.3.5-13 - Fix comparison of checkers on reload 1715308 1.3.5-12 - Fix build errors 1678480 1.3.5-11 - Fix problems with...
openssh security, bug fix, and enhancement update
7.4p1-21 + 0.10.3-2 - Avoid double comma in the default cipher list in FIPS mode 1722446 7.4p1-20 + 0.10.3-2 - Revert the updating of cached passwd structure 1712053 7.4p1-19 + 0.10.3-2 - Update cached passwd structure after PAM authentication 1674541 7.4p1-18 + 0.10.3-2 - invalidate supplemental...
freerdp and vinagre security, bug fix, and enhancement update
freerdp 2.0.0-1.rc4 - Update to 2.0.0-rc4 1291254 vinagre 3.22.0-12 - Apply the patch - Resolves: 1569552 3.22.0-11 - Set maximum length of RDP password to 255 characters - Resolves: 1569552 3.22.0-10 - Make vinagre build with FreeRDP 2 library - Resolves: 1680229...
advancecomp security update
1.15-21 - Resolves: 1711051, CVE-2019-8383 denial of service - Resolves: 1710910, CVE-2019-8379 null pointer dereference...
sox security update
14.4.1-7 - Fix CVE-2017-18189 Upstream patch: https://sourceforge.net/p/sox/code/ci/09d7388c8ad5701ed9c59d1d600ff6154b066397/ Resolves: 1553590...
ghostscript security update
9.25-2.2 - Resolves: 1737336 - CVE-2019-10216 ghostscript: -dSAFER escape via .buildfont1 701394...
openssl security and bug fix update
1.0.2k-19.0.1 - Bump release for rebuild. 1.0.2k-19 - close the RSA decryption 9 lives of Bleichenbacher cat timing side channel 1649568 1.0.2k-18 - fix CVE-2018-0734 - DSA signature local timing side channel - fix CVE-2019-1559 - 0-byte record padding oracle - close the RSA decryption One & done...
libsolv security and bug fix update
0.6.34-4 - Polish the changelog 0.6.34-3 - Make sure that targeted updates dont do reinstalls - Resolves: bug1668256 - Fix NULL pointer dereference CVE-2018-20532, CVE-2018-20533 - Resolves: bug1669562 - Resolves: bug1669576 - Fix illegal address access in poolwhatprovides CVE-2018-20534 -...
zziplib security update
0.13.62-11 - Fix CVE-2018-6541 - Part of the original patch has already been applied in the past CVE-2018-7726, so the bug should not be reproducible in a way described in the github issue, even without this commit. Applying the rest of the original patch anyway. -...
libcgroup security update
0.41-21 - fix CVE-2018-14348 resolves: 1612122...
rsyslog security and bug fix update
8.24.0-38.0.2 - Newer gcc complains about implicit declaration of prctl. Added header file to quiesce the compiler 8.24.0-38 RHEL 7.7 ERRATUM - added patch increasing max path size preventing buffer overflow with too long paths resolves: rhbz1656860 8.24.0-37 RHEL 7.7 ERRATUM - edited patch fixin...
sssd security, bug fix, and enhancement update
1.16.4-21 - Resolves: rhbz1714952 - sssd RHEL 7.7 Tier 0 Localization - Rebuild japanese gmo file explicitly 1.16.4-20 - Resolves: rhbz1714952 - sssd RHEL 7.7 Tier 0 Localization 1.16.4-19 - Resolves: rhbz1707959 - sssd does not properly check GSS-SPNEGO 1.16.4-18 - Resolves: rhbz1710286 - The...
perl-Archive-Tar security update
1.92-3 - CVE-2018-12015 - Directory traversal in Archive::Tar bug 1592803...