8994 matches found
ghostscript security, bug fix, and enhancement update
9.25-2 - obsoleted old ghostscript-devel to allow clean upgrade to libgs-devel 9.25-1 - Rebase to latest upstream version bug 1636115 - Resolves: 1673399 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - Resolves: 1678172 - CVE-2019-3835 ghostscript: superexec...
libvirt security, bug fix, and enhancement update
4.5.0-23 - api: disallow virDomainSaveImageGetXMLDesc on read-only connections CVE-2019-10161 - api: disallow virDomainManagedSaveDefineXML on read-only connections CVE-2019-10166 - api: disallow virConnectGetDomainCapabilities on read-only connections CVE-2019-10167 - api: disallow...
curl security and bug fix update
7.29.0-54.0.1 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitive password comparison https://curl.haxx.se/docs/CVE-2016-8616.html - CVE-2016-8617 OOB write via unchecked multiplication...
patch security and bug fix update
2.7.1-11 - Fixed CVE-2016-10713 - Out-of-bounds access in pchwriteline function - Fixed CVE-2018-6952 - Double free of memory - Resolves: 1626473, honor new file mode 100755 when applying patches - Resolves: 1653294, Added virtual provides for bundled gnulib library...
unixODBC security update
2.3.1-14.0.1 - backport unchecked malloc memory references fix Orabug: 29684195 2.3.1-14 - fixed insecure buffer copy 1571530 - fixed possible buffer overflow 1571528 2.3.1-13 - revert: ltdl bundling 2.3.1-12 - fix the libtool-ltdl compatibility Resolves: rhbz1267438...
libguestfs-winsupport security update
7.2-3 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root privilege escalation resolves: rhbz1698502...
compat-libtiff3 security update
3.9.4-12 - Fix CVE-2018-7456 - Resolves: 1561319...
samba security, bug fix, and enhancement update
4.9.1-6 - related: 1703204 - Fix printing with smbspool as CUPS backend 4.9.1-5 - resolves: 1703204 - Fix smbspool krb5 authentication 4.9.1-4 - resolves: 1690222 - Fix --max-protocol documentation of smbclient - resolves: 1518353 - Fix 'net ads join -Uadmin@forestdomain' - resolves: 1696524 - Fi...
libreoffice security and bug fix update
1:5.3.6.1-21.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.3.6.1-21 - Resolves: rhbz1066844 drop libreofficekit requires 1:5.3.6.1-20 - Resolves: rhbz1672003 CVE-2018-16858...
exempi security update
2.2.0-9 - Fix CVE-2017-18233 resolves: 1574865 - Fix CVE-2017-18234 resolves: 1656011 - Fix CVE-2017-18236 resolves: 1574905 - Fix CVE-2017-18238 resolves: 1572270 - Fix CVE-2018-7730 resolves: 1572631...
procps-ng security and bug fix update
3.3.10-26 - free: unreclaimable slabs counted into free memory, used mem incorrect - Resolves: rhbz1699264 3.3.10-25 - ps: recognize SCHEDDEADLINE in CLS field, upstream backport - Resolves: rhbz1692843 3.3.10-24 - top: Do not default to the cwd in configsread - Resolves: rhbz1577023...
gvfs security and bug fix update
1.36.2-3 - Force NT1 protocol version for workgroup support 1619719 1.36.2-2 - Prevent spawning new daemons if outgoing operation exists 1632960 - CVE-2019-3827: Prevent access if any authentication agent isnt available 1673887...
polkit security and bug fix update
0.112-22.0.1 - Increase timeout to avoid defunct processes Orabug: 26930744 0.112-22 - pkttyagent: polkit-agent-helper-1 timeout leaves tty echo disabled - Resolves: rhbz1325512 0.112-21 - Mitigation of regression caused by fix of CVE-2018-19788 - Resolves: rhbz1656377 0.112-20 - Fix of...
Xorg security and bug fix update
gdm 3.28.2-16 - Dont bring up login screen if background session gets killed Related: 1680120 3.28.2-15 - sync AllowMultipleSessionsPerUser patch from 7.6 branch Resolves: 1664353 - Create dconf dirs by default Resolves: 1664284 3.28.2-14 - Fix unlock on XDMCP sessions Resolves: 1693060 3.28.2-13...
qt5 security, bug fix, and enhancement update
qt5-qt3d 5.9.7-1 - Update to 5.9.7 Resolves: bz1564024 qt5-qtbase 5.9.7-1 - Enable -doc subpkg on PPC Resolves: bz1564000 5.9.7-1 - Update to 5.9.7 Resolves: bz1564000 qt5-qtcanvas3d 5.9.7-1 - Update to 5.9.7 Resolves: bz1564001 qt5-qtconnectivity 5.9.7-1 - Update to 5.9.7 Resolves: bz1564002...
nss, nss-softokn, nss-util, and nspr security, bug fix, and enhancement update
nspr 4.21.0-1 - Rebase to NSPR 4.21 nss 3.44.0-4 - Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa 3.44.0-3 - Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v15 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSLENABLESESSIONTICKET...
mariadb security and bug fix update
1:5.5.64-1 - Rebase to 5.5.64 - Resolves: 1490398 - CVEs fixed: 1610986 CVE-2018-3058 CVE-2018-3063 CVE-2018-3066 CVE-2018-3081 - CVEs fixed: 1664043 CVE-2018-3282 CVE-2019-2503 - CVEs fixed: 1701686 CVE-2019-2529...
libjpeg-turbo security update
1.2.90-8 - Fix CVE-2018-14498 1687475 1.2.90-7 - Fix CVE-2018-11212 1586062 - Fix CVE-2016-3616 1318509, CVE-2018-11213 1589091 and CVE-2018-11214 1589110 - Fix CVE-2018-11813 1591203...
kernel security, bug fix, and enhancement update
3.10.0-1062.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062 - fs revert 'xfs: disable copyfilerange to avoid broken splice copy' Eric...
libtiff security update
4.0.3-32 - Fix one more Covscan defect - Related: 1647965 4.0.3-31 - Fix processing of RAS files without colormap - Related: 1647965 4.0.3-30 - Fix various Covscan defects - Related: 1647965 4.0.3-29 - Fix compiler warning introduced by patch for CVE-2018-18661 - Related: 1647965 4.0.3-28 - Fix...
udisks2 security, bug fix, and enhancement update
2.7.3-9 - Build udisks2-lsm subpackage 1672664 - Fix sigint source removal on daemon exit 1643350 - CVE-2018-17336: Fix format string vulnerability in udiskslog 1637427 - Describe command options in the udisksctl man page 1568269...
http-parser security update
2.7.1-8 - Backport needed test fixes - Related: rhbz1666024 - CVE-2018-7159 http-parser: nodejs: HTTP parser allowed for spaces inside Content-Length header values rhel-7 2.7.1-7 - Resolves: rhbz1666024 - CVE-2018-7159 http-parser: nodejs: HTTP parser allowed for spaces inside Content-Length head...
unzip security update
6.0-20 - Fix CVE-2018-18384 Resolves: CVE-2018-18384...
ruby security update
2.0.0.648-36 - Introduce 'Gem::UserInteractionverbose' method as precondition to fix CVE-2019-8321. rubygems-2.3.0-refactor-checking-reallyverbose.patch - Fix escape sequence injection vulnerability in verbose. - Fix escape sequence injection vulnerability in gem owner. Resolves: CVE-2019-8322 -...
bind security, bug fix, and enhancement update
32:9.11.4-9.P2 - Fix CVE-2019-6471 32:9.11.4-8.P2 - Fix scriptlet errors when selinux-policy is not installed 1647659 32:9.11.4-7.P2 - Fix inefective limit of TCP clients CVE-2018-5743 32:9.11.4-6.P2 - Use /sbin/nologin again 1676661 32:9.11.4-5.P2 - Make sure selinux-policy is installed soon...
opensc security, bug fix, and enhancement update
0.19.0-3 - Make OpenSC multilib also on s390 and ppc arches 0.19.0-2 - Make OpenSC multilib again by moving the conflicting files on ix86 arch 0.19.0-1 - Rebase to new upstream release 1656791 - Add Support for HID Crescendo 144K 1612372 - Add Support for CAC Alt tokens 1645581 - Fix usage...
libmspack security update
0.5-0.7.alpha - Fixes for CVE-2018-18584 CVE-2018-18585. resolves: rhbz1648384 rhbz1648385...
ntp security, bug fix, and enhancement update
4.2.6p5-29.0.1 - Bump release to avoid ULN conflict with Oracle modified errata. 4.2.6p5-29 - fix CVE-2016-7429 patch to restore default ttl configuration 1550637 - fix buffer overflow in parsing of address in ntpq and ntpdc CVE-2018-12327 - fix crash in parsing of received address in ntpq 161625...
spice-gtk security and bug fix update
libgovirt 0.3.4-2 - Parse XML nodes automatically Related: rhbz1427467 - Set detailed error message for async call Related: rhbz1427467 spice-gtk 0.35-4 - Fix bad channel-reset on usbredir Resolves: rhbz1625550 0.35-3 - Fix insufficient encoding checks for LZ Resolves: rhbz1598652 spice-vdagent...
glibc security and bug fix update
aarch64: 2.17-292.0.2 - CR29749550 armv5 build failure - Add 3 arm patches to aarch64 tree to avoid future build/merge failures. - Rebase aarch64 patches at 30000 to avoid future conflicts. - Reviewed-by: Jose E. Marchesi - EL Errata - Add BUSMCEERRAR, BUSMCEERRAO to...
libwpd security update
0.10.0-2 - Resolves: rhbz1650535 CVE-2018-19208...
keycloak-httpd-client-install security, bug fix, and enhancement update
0.8-1 - Resolves: rhbz1673716 - Rebase k-h-c-i to version 0.8 - The rebase also includes fixes for: - rhbz1533190 - CVE-2017-15111 keycloak-httpd-client-install: unsafe /tmp log file in --log-file option in keycloakcli.py - rhbz1533202 - CVE-2017-15112 keycloak-httpd-client-install: unsafe use of...
ovmf security and enhancement update
20180508-6.gitee3198e672e2.el7 - ovmf-MdeModulePkg-HiiDatabase-Fix-potential-integer-overf.patch bz1691479 - ovmf-MdeModulePkg-HiiImage-Fix-stack-overflow-when-corrup.patch bz1691479 - ovmf-MdeModulePkg-PartitionDxe-Add-check-for-underlying-d.patch bz1691647 -...
kde-workspace security and bug fix update
kdelibs 6:4.14.8-10 - Do not fork konsole process when opening terminal from apps using dolphin-part Resolves: bz1710362 6:4.14.8-9 - Do not fork konsole process when opening terminal from apps using dolphin-part Resolves: bz1710362 6:4.14.8-8 - Disable JAR repack script to avoid multilib...
poppler security, bug fix, and enhancement update
evince 3.28.2-8 - Do not free EvDocumentInfo in evwindowsaveprintsettings, - it is freed in EvDocuments destructor - Resolves: 1541358 3.28.2-7 - Do not store page-scaling for documents with enforced - page-scaling - Resolves: 1541358 3.28.2-6 - Use PrintScaling preference stored in PDFs -...
python-urllib3 security update
1.10.2-7 - Provide python2-urllib3 - Add patch for CVE-2019-11236 Resolves: rhbz1703360 1.10.2-6 - Source URL switched to HTTPS protocol - Add patch for CVE-2018-20060 Resolves: rhbz1658471...
tomcat security, bug fix, and enhancement update
0:7.0.76-9 - Resolves: rhbz1641873 CVE-2018-11784 tomcat: Open redirect in default servlet - Resolves: rhbz1552375 CVE-2018-1304 tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended expo sure of resources - Resolves: rhbz1552374 CVE-2018-1305 tomcat: Late...
Unbreakable Enterprise kernel security update
2.6.39-400.313.1 - ACPI: sbshc: remove raw pointer from printk message Greg Kroah-Hartman Orabug: 27987133 CVE-2018-5750 - dm: fix race between dmgetfromkobject and dmdestroy Hou Tao Orabug: 27987143 CVE-2017-18203 - tcp: enforce tcpminsndmss in tcpmtuprobing Eric Dumazet Orabug: 29886601...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.37.1 - Input: gtco - bounds check collection indent level Grant Hernandez Orabug: 30074414 CVE-2019-13631...
Unbreakable Enterprise kernel security update
4.1.12-124.30.1 - xen: let allocxenballoonedpages fail if not enough memory free Juergen Gross Orabug: 30073695 - mm/pagealloc.c: calculate 'available' memory in a separate function Igor Redko Orabug: 30073695 - Input: gtco - bounds check collection indent level Grant Hernandez Orabug: 30074413...
Unbreakable Enterprise kernel security update
4.14.35-1902.3.2 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 29967570 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 29967570 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1 swapgs...
Unbreakable Enterprise kernel security update
4.1.12-124.29.3.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 29967571 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 29967571 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1 swapgs...
ruby:2.5 security update
ruby 2.5.3-104 - Prohibit arbitrary code execution when installing a malicious gem. Resolves: CVE-2019-8324 rubygem-mongo 2.5.1-2 - Disable tests to fix FTBFS by dropped MongoDB module. Resolves: rhbz1710863 rubygem-pg 1.0.0-2 - Assign a random testing port...
nss and nspr security, bug fix, and enhancement update
nspr 4.21.0-2 - Rebuild 4.21.0-1 - Update to NSPR 4.21 nss 3.44.0-7 - Backport fixes from 3.44.1 3.44.0-6 - Add continuous RNG test required by FIPS - fipstest: use CKMTLS12MASTERKEYDERIVE instead of vendor specific mechanism 3.44.0-5 - Rebuild with the correct build target 3.44.0-4.1 - rebuild t...
icedtea-web security update
1.7.1-16 - Added Patch5, testTuning.patch to make tests pass inclean envirnment - Resolves: rhbz1724958 1.7.1-16 - added patch1, patch4 and patch11 to fix CVE-2019-10182 - added patch2 to fix CVE-2019-10181 - added patch3 and patch33 to fix CVE-2019-10185 - Resolves: rhbz1724958 - Resolves:...
kernel security update
kernel - 2.6.18-419.0.0.0.14 - x86/speculation/mds: Conditionally clear CPU buffers on idle entry Thomas Gleixner orabug 29821515 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 - x86/speculation/mds: Call VERW on NMI path when returning to user Patrick Colp orabug 29821515...
kernel security update
kernel - 2.6.18-419.0.0.0.13 - x86/speculation/mds: Conditionally clear CPU buffers on idle entry Thomas Gleixner orabug 29821515 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 - x86/speculation/mds: Call VERW on NMI path when returning to user Patrick Colp orabug 29821515...
icedtea-web security update
1.7.2-16 - added patch1, patch4 and patch11 to fix CVE-2019-10182 - added patch2 to fix CVE-2019-10181 - added patch3 and patch33 to fix CVE-2019-10185 - Resolves: rhbz1724958 - Resolves: rhbz1725928 - Resolves: rhbz1724989...
python27:2.7 security update
Cython 0.28.1-7 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 PyYAML 3.12-16 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 babel 2.5.1-9 - Bumping due to problems with modular RPM upgrade path 1695587 - Related:...
firefox security update
60.7.0-1.0.2 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 60.7.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.7.0-1 - Manaul CentOS Debranding 60.7.0-1 - Updated to 60.7.0 ESR 60.6.3-1 - Updated to 60.6.3 ESR 60.6.2-1 - Updated to 60.6....