9182 matches found
sudo security update
1.8.25-4.0.1.el8.1 - Treat an ID of -1 as invalid since that means 'no change' Orabug: 30421281 CVE-2019-14287 - Add sudostrtoid tests for -1 and range errors. Orabug: 30421281...
sudo security update
1.8.23-4.0.1 - Treat an ID of -1 as invalid since that means 'no change' Orabug: 30421281 CVE-2019-14287 - Add sudostrtoid tests for -1 and range errors. Orabug: 30421281...
Unbreakable Enterprise kernel security update
4.14.35-1902.6.6 - RDMA/restrack: Protect from reentry to resource return path Leon Romanovsky Orabug: 30388717 4.14.35-1902.6.5 - hvnetvsc: fix vf serial matching with pci slot info Haiyang Zhang Orabug: 30373111 - rds: Use correct conn when dropping connections due to cancel Hakon Bugge Orabug:...
patch security update
2.7.1-12 - Fixed CVE-2018-20969, invoke ed directly instead of using the shell...
Unbreakable Enterprise kernel security update
2.6.39-400.315.1 - loopback: off by one in tcmloopmakenaatpg Dan Carpenter Orabug: 30254296 CVE-2011-5327 - floppy: fix out-of-bounds read in copybuffer Denis Efremov Orabug: 30318221 CVE-2019-14283...
docker-engine security update
18.09.8-1.0.4 - Modified version to include ol suffix 18.09.8-1.0.3 - ol7 image related changes 18.09.8-1.0.2 - Merge upstream for CVE fixes...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.39.1 - tcp: purge write queue in tcpconnectinit Eric Dumazet Orabug: 30240134 CVE-2019-15239 - cx24116: fix a buffer overflow when checking userspace params Mauro Carvalho Chehab Orabug: 30254282 CVE-2015-9289 - floppy: fix out-of-bounds read in copybuffer Denis Efremov...
Unbreakable Enterprise kernel security update
4.1.12-124.32.1 - NFSv4: Don't try to reclaim unused state owners Trond Myklebust Orabug: 30124013 - x86/microcode: Update late microcode in parallel Ashok Raj Orabug: 30302412 - floppy: fix out-of-bounds read in copybuffer Denis Efremov Orabug: 30318219 CVE-2019-14283 - xen-netback: stop netif T...
nodejs:10 security update
nodejs-packaging 17-3 - Change Requires to Recommends on nodejs dependency, so it is usable for building nodejs...
qemu-kvm security update
0.12.1.2-2.506.el610.5 - kvm-slirp-fix-big-little-endian-conversion-in-ident-prot.patch bz1669066 - kvm-slirp-ensure-there-is-enough-space-in-mbuf-to-null-t.patch bz1669066 - kvm-slirp-don-t-manipulate-sorcv-in-tcpemu.patch bz1669066 - kvm-qxl-check-release-info-object.patch bz1712728 -...
httpd:2.4 security update
httpd 2.4.37-12.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-12 - Resolves: 1744997 - CVE-2019-9511 httpd:2.4/modhttp2: HTTP/2: large amount of data request leads to denial of service - Resolves: 1745084 -...
kernel security update
2.6.32-754.23.1.OL6 - Update genkey bug 25599697 2.6.32-754.23.1 - vhost vhost: make sure lognum innum Eugenio Perez 1750869 1750869 CVE-2019-14835...
dovecot security update
1:2.2.36-5.1 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741788...
dovecot security update
1:2.0.9-22.1 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1752708...
kernel security update
4.18.0-80.11.20.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.11.20 - vhost vhost: make sure lognum innum Eugenio Perez 1750881...
Unbreakable Enterprise kernel security update
4.1.12-124.31.1.1 - KVM: coalescedmmio: add bounds checking Matt Delco Orabug: 30318042 CVE-2019-14821 CVE-2019-14821...
Unbreakable Enterprise kernel security update
4.14.35-1902.5.2.2 - KVM: coalescedmmio: add bounds checking Matt Delco Orabug: 30318013 CVE-2019-14821 CVE-2019-14821...
kernel security update
3.10.0-1062.1.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.1.2 - vhost vhost: make sure lognum innum Eugenio Perez 1750879 1750880...
dovecot security update
1:2.2.36-3.1 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1751383...
thunderbird security update
60.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.9.0-1 - Update to 60.9.0...
patch security update
2.7.6-9 - CVE-2018-20969, invoke ed directly instead of using the shell...
nginx:1.14 security update
1:1.14.1-9.0.1 - Remove Red Hat references Orabug: 29498217 1:1.14.1-9 - Resolves: 1744811 - CVE-2019-9511 nginx:1.14/nginx: HTTP/2: large amount of data request leads to denial of service - Resolves: 1744325 - CVE-2019-9513 nginx:1.14/nginx: HTTP/2: flood using PRIORITY frames resulting in...
pki-deps:10.6 security update
jackson-databind...
thunderbird security update
60.9.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.9.0-2 - Update to 60.9.0...
Unbreakable Enterprise kernel security update
4.14.35-1902.5.2.1 - vhost: make sure lognum innum yongduan Orabug: 30312787 CVE-2019-14835 - vhost: block speculation of translated descriptors Michael S. Tsirkin Orabug: 30312787 CVE-2019-14835 - vhost: Fix Spectre V1 vulnerability Jason Wang Orabug: 30312787...
thunderbird security update
60.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.9.0-1 - Update to 60.9.0...
edk2 security update
1:1.2-5.el7 - Update spec file to remove 'modprobe kvm-intel' and remove --enable-kvm arg to ovmfvarsgenerator so qemu will not require kvm kernel module. Aaron Young - Update spec file to modprobe kvmintel module prior to running qemu to enroll default keys. Aaron Young - Enroll Oracle cert/key...
poppler security update
0.66.0-11.el80.12 - Ignore dict Length if it is broken - Resolves: 1741146 0.66.0-11.el80.11 - Check whether input is RGB in PSOutputDev::checkPageSlice - also when using '-optimizecolorspace' flag - Resolves: 1741145 0.66.0-11.el80.10 - Fail gracefully if not all components of JPEG2000Stream -...
libwmf security update
0.2.9-8 - Related: rhbz1717799 fix clang warning 0.2.9-7 - Related: rhbz1717799 bump n-v-r 0.2.9-6 - Related: rhbz1679006 bump n-v-r 0.2.9-5 - Resolves: rhbz1679006 libgd CVE-2019-6978...
kernel security and bug fix update
4.18.0-80.11.10.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.11.10 - wireless mwifiex: Don't abort on small, spec-compliant...
.NET Core on Red Hat Enterprise Linux security and bug fix update
2.1.509-1 - Update to .NET Core Runtime 2.1.13 and SDK 2.1.509 - Resolves: RHBZ1747874...
firefox security update
60.9.0-1.0.1 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.9.0-1 - Update to 60.9.0 ESR...
kernel security and bug fix update
2.6.32-754.21.1.OL6 - Update genkey bug 25599697 2.6.32-754.21.1 - scsi scsi: megaraidsas: return error when create DMA pool failed Tomas Henzl 1712858 CVE-2019-11810 - net net: Set skprotcreator when copying sockets to the right proto Andrea Claudi 1657117 CVE-2018-9568 2.6.32-754.20.1 - x86...
firefox security update
60.9.0-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.9.0-1 - Update to 60.9.0 ESR...
nghttp2 security update
1.33.0-1.el800.1 - backport security fixes from nghttp2-1.39.2 CVE-2019-9511 and CVE-2019-9513...
Unbreakable Enterprise kernel security update
2.6.39-400.314.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 30165287 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 30165287 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1 swapgs...
ghostscript security update
9.25-2.3 - Resolves: 1744010 - CVE-2019-14811 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdfhookDSCCreator 701445 - Resolves: 1744014 - CVE-2019-14812 ghostscript: Safer Mode Bypass by .forceput Exposure in setuserparams 701444 - Resolves: 1744005 - CVE-2019-14813 ghostscript: Safer...
firefox security update
68.1.0-1.0.1 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 68.1.0-1 - Update to 68.1.0 ESR 68.0.1-4 - Enable system nss...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.38.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 30165288 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 30165288 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1...
qemu-kvm security update
1.5.3-167.el77.1 - kvm-qxl-check-release-info-object.patch bz1732337 - kvm-Fix-heap-overflow-in-ipreass-on-big-packet-input.patch bz1734748 - Resolves: bz1732337 CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources rhel-7 rhel-7.7.z - Resolves: bz1734748...
kdelibs and kde-settings security and bug fix update
kdelibs 6:4.14.8-11 - KConfig: malicious .desktop files would execute code Resolves: bz1740736 kde-settings 19-23.10.0.1 - Change GreetString bug 11710280 19-23.10 - Use correct tcsh syntax for config scripts Resolves: bz1738491...
kernel security and bug fix update
3.10.0-1062.1.1 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.1.1 - fs nfsv4.1: Avoid false retries when RPC calls are interrupted Benjam...
squid:4 security update
libecap 1.0.1-2 - Resolves: 1696354 - Ensure modular RPM upgrade path squid 7:4.4-5 - Resolves: 1744672 - CVE-2019-12527 squid:4/squid: heap-based buffer overflow in HttpHeader::getAuth...
ghostscript security update
9.25-2.2 - Resolves: 1744008 - CVE-2019-14811 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdfhookDSCCreator 701445 - Resolves: 1744012 - CVE-2019-14812 ghostscript: Safer Mode Bypass by .forceput Exposure in setuserparams 701444 - Resolves: 1744003 - CVE-2019-14813 ghostscript: Safer...
pango security update
1.42.4-5 - Fixes crash in pangofcfontkeygetvariations when key is null 1.42.4-4 - Fixes bidi crash - Security fix for CVE-2019-1010238 - Resolves: 1738461 1.42.4-3 - rebuild 1.42.4-2 - rebuild...
pango security update
1.42.4-4 - Fixes bidi crash - Security fix for CVE-2019-1010238 - Resolves: 1738459...
docker-engine security update
18.03.1.ol-0.0.15 - cherry-picked fix for CVE-2018-15664 from upstream 18.03.1.ol-0.0.14 - rebuild 18.03.1.ol-0.0.13 - update for CVE-2018-20699 18.03.1.ol-0.0.12 - correct the version string of containerd 18.03.1.ol-0.0.11 - update runc for CVE-2019-5736 18.03.1.ol-0.0.10 - update Go to version...
mysql:8.0 security update
mecab 0.996-1.9 - Release bump for rebuilding on new arches Related: 1518842 0.996-1.8 - skip %verify of /etc/opt/rh/rh-mysql57/mecabrc Resolves: 1382315 0.996-1.7 - Prefix library major number with SCL name in soname 0.996-1.6 - Require runtime package from the scl 0.996-1.5 - Convert to SCL...
redis:5 security update
5.0.3-2 - fix Heap buffer overflow in HyperLogLog triggered by malicious client CVE-2019-10192 - fix Stack buffer overflow in HyperLogLog triggered by malicious client CVE-2019-10193...
openssl security update
1.0.2k-19.0.1 - Bump release for rebuild. 1.0.2k-19 - close the RSA decryption 9 lives of Bleichenbacher cat timing side channel 1649568 1.0.2k-18 - fix CVE-2018-0734 - DSA signature local timing side channel - fix CVE-2019-1559 - 0-byte record padding oracle - close the RSA decryption One & done...