8997 matches found
ghostscript security and bug fix update
9.07-31.el76.9 - Related: 1667442 - CVE-2019-6116 - added missing parts of patch 9.07-31.el76.8 - Resolves: 1667442 - CVE-2019-6116 ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators 9.07-31.el76.7 - Resolves: 1665919 pdf2ps reports an error when reading from std...
firefox security update
60.5.0-2.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.5.0-2 - Updated to 60.5.0 ESR build2 60.5.0-1 - Updated to 60.5.0 ESR build1 60.4.0-3 - Fixing fontconfig warnings rhbz1601475 60.4.0-2 - Added pipewire patch from Tomas Popela rhbz1664270...
bind security update
32:9.9.4-73 - Fixes debug level comments 1647539...
systemd security update
219-62.0.4 - do not create utmp update symlinks for reboot and poweroff Orabug: 27854896 - OL7 udev rule for virtio net standby interface Orabug: 28826743 - fix netdev is missing for iscsi entry in /etc/fstab Orabug: 25897792 [email protected] - set 'RemoveIPC=no' in logind.conf as default fo...
firefox security update
60.5.0-2.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.5.0-2 - Updated to 60.5.0 ESR build2 60.5.0-1 - Updated to 60.5.0 ESR build1 60.4.0-3 - Fixing fontconfig warnings rhbz1601475 60.4.0-2 - Added pipewire patch from Tomas Popela...
kernel security, bug fix, and enhancement update
3.10.0-957.5.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.5.1 - fs revert 'fs sunrpc: Ensure we always close the socket after a...
qemu security update
12:2.9.0-19.el7 - lsi53c895a: convert to trace-events Mark Cave-Ayland Orabug: 28205376 - lsi: Reselection needed to remove pending commands from queue George Kennedy Orabug: 28626490 - lsi53c895a: check message length value is valid Prasad J Pandit Orabug: 28873208 CVE-2018-18849 - 9p: fix QEMU...
qemu security update
15:3.0.0-4.el7 - usb-mtp: use ONOFOLLOW and OCLOEXEC. Gerd Hoffmann Orabug: 29056673 CVE-2018-16872 - pvrdma: add uarread routine Prasad J Pandit CVE-2018-20191 - pvrdma: release ring object in case of an error Prasad J Pandit Orabug: 29171822 CVE-2018-20126 - pvrdma: check number of pages when...
thunderbird security update
60.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.4.0-1 - Update to 60.4.0...
thunderbird security update
60.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.4.0-1 - Update to 60.4.0 60.3.0-1 - Update to 60.3.0 60.2.1-6 - Fixed missing calendar langpacks...
perl security update
4:5.16.3-294 - Fix CVE-2018-18311 Integer overflow leading to buffer overflow bug 1661064...
Unbreakable Enterprise kernel security update
4.14.35-1844.1.3 - net: rds: fix rdsibsysctlmaxrecvallocation error Zhu Yanjun Orabug: 29003422 - nfs: dont dirty kernel pages read by direct-io Dave Kleikamp Orabug: 29122062 - KVM: X86: Fix scan ioapic use-before-initialization Wanpeng Li Orabug: 29026132 CVE-2018-19407 - hugetlb: take PMD...
Unbreakable Enterprise kernel security update
4.1.12-124.24.3 - ext4: update idisksize when new eof exceeds it Shan Hai Orabug: 28940828 - ext4: update idisksize if direct write past ondisk size Eryu Guan Orabug: 28940828 - ext4: protect idisksize update by idatasem in direct write path Eryu Guan Orabug: 28940828 - ALSA: usb-audio: Fix UAF...
libvncserver security update
0.9.9-13 - Fix CVE-2018-15127 Heap out-of-bounds write in rfbserver.c:rfbProcessFileTransferReadBuffer bug 1662995...
systemd security update
219-62.0.4 - do not create utmp update symlinks for reboot and poweroff Orabug: 27854896 - OL7 udev rule for virtio net standby interface Orabug: 28826743 - fix netdev is missing for iscsi entry in /etc/fstab Orabug: 25897792 [email protected] - set 'RemoveIPC=no' in logind.conf as default fo...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.29.1 - Copy secureboot flag in boot params across kexec reboot Dave Young Orabug: 22066352 CVE-2015-7837 - ipv6: tcp: add rcu locking in tcpv6sendsynack Eric Dumazet Orabug: 25059183 CVE-2016-3841 - ipv6: add complete rcu protection around np-opt Eric Dumazet Orabug: 2505918...
keepalived security update
1.3.5-8 - Fixed patch that was incorrectly removed 1652694 1.3.5-7 - Fix buffer overflow when parsing HTTP status codes 1652694...
Unbreakable Enterprise kernel security update
2.6.39-400.305.1 - ipv6: tcp: add rcu locking in tcpv6sendsynack Eric Dumazet Orabug: 25059185 CVE-2016-3841 - ipv6: add complete rcu protection around np-opt Eric Dumazet Orabug: 25059185 CVE-2016-3841 - scsi: qla2xxx: Fix an integer overflow in sysfs code Dan Carpenter Orabug: 28220492...
Unbreakable Enterprise kernel security update
4.1.12-124.24.1 - pinctrl: amd: Use devmpinctrlregister for pinctrl registration Laxman Dewangan Orabug: 27539246 CVE-2017-18174 - mlock: fix mlock count can not decrease in race condition Yisheng Xie Orabug: 27677611 CVE-2017-18221 - perf/core: Fix the perfcputimemaxpercent check Tan Xiaojun...
qemu security update
15:3.0.0-3.el7 - monitor: guard iothread access by mon-useiothread Wolfgang Bumiller Orabug: 29046045 - monitor: delay monitor iothread creation Wolfgang Bumiller Orabug: 29010480 - Revert 'qmp: isolate responses into io thread' Marc-Andre Lureau Orabug: 29010480 - usb-mtp: outlaw slashes in...
qemu security update
15:3.0.0-3.el7 - monitor: guard iothread access by mon-useiothread Wolfgang Bumiller Orabug: 29046045 - monitor: delay monitor iothread creation Wolfgang Bumiller Orabug: 29010480 - Revert 'qmp: isolate responses into io thread' Marc-Andre Lureau Orabug: 29010480 - usb-mtp: outlaw slashes in...
ntp security update
4.2.6p5-15.0.1 - add disable monitor to default ntp.conf CVE-2013-5211 4.2.6p5-15 - fix buffer overflow in parsing of address in ntpq and ntpdc CVE-2018-12327 4.2.6p5-14 - fix CVE-2016-7429 patch to work correctly on multicast client 1422973 4.2.6p5-13 - fix buffer overflow in datum refclock driv...
firefox security update
60.4.0-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.4.0-1 - Update to 60.4.0 ESR 60.3.0-2 - Added firefox-gnome-shell-extension...
firefox security update
60.4.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.4.0-1 - Update to 60.4.0 ESR 60.3.0-2 - Added firefox-gnome-shell-extension 60.3.0-1 - Update to 60.3.0 ESR...
ghostscript security and bug fix update
9.07-31.el76.6 - Resolves: 1657822 - ghostscript: Regression: Warning: Dropping incorrect smooth shading object Error: /rangecheck in --run-- 9.07-31.el76.5 - Resolves: 1654621 - CVE-2018-16541 ghostscript: incorrect free logic in pagedevice replacement 699664 - Resolves: 1650210 - CVE-2018-17183...
Unbreakable Enterprise kernel security update
4.14.35-1818.5.4 - RDS: null pointer dereference in rdsatomicfreeop Mohamed Ghannam Orabug: 28020694 CVE-2018-5333 - x86/speculation: Make enhanced IBRS the default spectre v2 mitigation Alejandro Jimenez Orabug: 28474853 - x86/speculation: Enable enhanced IBRS usage Alejandro Jimenez Orabug:...
Unbreakable Enterprise kernel security update
4.1.12-124.23.2 - ntty: fix EXTPROC vs ICANON interaction with TIOCINQ aka FIONREAD Linus Torvalds Orabug: 28855335 CVE-2018-18386 - nfs: Don't take a reference on fl-flfile for LOCK operation Benjamin Coddington Orabug: 28887442 - x86/topology: Update the 'cpu cores' field in /proc/cpuinfo...
kubernetes security update
1.9.11-2.1.1 - Fix kubeadm-registry.sh - Use golang 1.9.3 - CVE-2018-1002105 Handle error responses from backends - Bump to v1.9.11...
Unbreakable Enterprise kernel security update
2.6.39-400.304.1 - mnt: Prevent pivotroot from creating a loop in the mount tree Eric W. Biederman Orabug: 26575709 CVE-2014-7970 CVE-2014-7970 - vfs: more mntparent cleanups Al Viro Orabug: 26575709 CVE-2014-7970 - vfs: new internal helper: mnthasparentmnt Al Viro Orabug: 26575709 CVE-2014-7970 ...
Unbreakable Enterprise kernel security update
4.1.12-124.23.1 - xfs: don't call xfsdashrinkinode with NULL bp Eric Sandeen Orabug: 28898616 CVE-2018-13094 - ALSA: rawmidi: Change resized buffers atomically Takashi Iwai Orabug: 28898636 CVE-2018-10902 - md/raid5: fix a race condition in stripe batch Shaohua Li Orabug: 28917012 - xfs: don't fa...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.28.1 - udf: Check component length before reading it Jan Kara Orabug: 21193696 CVE-2014-9728 - udf: Verify isize when loading inode Shan Hai Orabug: 21193696 CVE-2014-9728 - intelpstate: Fix overflow in busyscaled due to long delay mridula shastry Orabug: 28005134 - scsi:...
ghostscript security update
8.70-24.el610.2 - It was found that the fix for CVE-2018-16509 was not complete, the missing pieces added into ghostscript-CVE-2018-16509.patch 8.70-24.el610.1 - Resolves: 1641124 - CVE-2018-16509 ghostscript: /invalidaccess bypass after failed restore 8.70-24 - Added security fix for CVE-2017-82...
ghostscript security and bug fix update
9.07-31.el76.3 - Resolves: 1654290 ghostscript update breaks xdvi gs: Error: /undefined in flushpage 9.07-31.el76.2 - Resolves: 1652901 - CVE-2018-16863 ghostscript: incomplete fix for CVE-2018-16509...
ruby security update
2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395...
Unbreakable Enterprise kernel security update
4.1.12-124.22.4 - Revert commit 8bd274934987 'block: fix bdi vs gendisk lifetime mismatch' Ashish Samant Orabug: 28968102 - KVM/x86: Add IBPB support Ashok Raj Orabug: 28703712 - x86/intel/spectrev2: Remove unnecessary retpcompiler test Boris Ostrovsky Orabug: 28814570 - x86/intel/spectrev4:...
sos-collector security update
1.5-3.0.1 - To recognize OL systemOraBug 28807430 - import os module to detect /etc/redhat-release OraBug 28740046 1.5-3 - Resolve race condition in cluster profile loading - Quote all options globally - RHBZ1633515 - RHBZ1647955 1.5-2 - Fix cluster option reporting 1.5-1 - Update to version 1.5 ...
qemu security update
15:3.0.0-1.el7 - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28763782 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug: 28763774 CVE-2018-17962 - rtl8139: fix possible out of bound access Jason Wang Orabug: 28763765 CVE-2018-17958 - ne2000: fix possible ou...
kernel security, bug fix, and enhancement update
3.10.0-957.1.3.el7.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel olkmodsigning [email protected] - Update x509.genkey bug 24817676 3.10.0-957.1.3.el7 - x86 Mark Intel Cascade Lake supported Steve Best 1650213 16399...
NetworkManager security update
1:1.12.0-8 - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin CVE-2018-15688...
ghostscript security update
9.07-31.el76.1 - Remove as many non-standard operators as possible to make the codebase closer to upstream for later CVEs - Resolves: 1621383 - CVE-2018-16511 ghostscript: missing type check in type checker 699659 - Resolves: 1621159 - CVE-2018-15908 ghostscript: .tempfile file permission issues...
thunderbird security update
60.3.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.3.0-1 - Update to 60.3.0 60.2.1-6 - Fixed missing calendar langpacks...
qemu security update
15:3.0.0-1.el7 - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28763782 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug: 28763774 CVE-2018-17962 - rtl8139: fix possible out of bound access Jason Wang Orabug: 28763765 CVE-2018-17958 - ne2000: fix possible ou...
thunderbird security update
60.2.1-5.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.2.1-5 - Fixing minor issues 60.2.1-3 - Reverting deleting of key3db 60.2.1-2 - Update to 60.2.1 - Added fix for rhbz1546988 60.0-1 - Rebase to version 60...
java-11-openjdk security update
1:11.0.1.13-3.0.1 - link atomic for ix86 build 1:11.0.1.13-3 - Bump release for rebuild. 1:11.0.1.13-2 - Use LTS designator in version output for RHEL. 1:11.0.1.13-1 - Update to October 2018 CPU release, 11.0.1+13. 1:11.0.0.28-2 - Use --with-vendor-version-string=18.9 so as to show original GA da...
thunderbird security update
60.3.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 60.3.0-1 - Update to 60.3.0 60.2.1-6 - Fixed missing calendar langpacks 60.2.1-5 - Fixing minor issues...
git security update
1.8.3.1-20 - Fix CVE-2018-17456: arbitrary code execution via .gitmodules Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1...
spice-server security update
0.12.4-16.2 - Prevent potential buffer/integer overflows with invalid MonitorsConfig messages sent from an authenticated client Resolves: CVE-2017-7506 0.12.4-16.1 - Fix flexible array buffer overflow Resolves: rhbz1596008...
Unbreakable Enterprise kernel security update
4.14.35-1818.4.5 - x86/intel/spectrev2: Remove unnecessary retpcompiler test Boris Ostrovsky Orabug: 28814574 - x86/intel/spectrev4: Deprecate specstorebypassdisable=userspace Boris Ostrovsky Orabug: 28814574 - x86/speculation: x86specctrlset needs to be called unconditionally Boris Ostrovsky...
Unbreakable Enterprise kernel security update
2.6.39-400.303.1 - scsi: libsas: fix memory leak in sassmpgetphyevents Jason Yan Orabug: 27927686 CVE-2018-7757 - Revert 'Fix up non-directory creation in SGID directories' Brian Maly Orabug: 28781234...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.26.1 - netfilter: xtTCPMSS: add more sanity tests on tcph-doff Eric Dumazet Orabug: 27896807 CVE-2017-18017 - scsi: libsas: fix memory leak in sassmpgetphyevents Jason Yan Orabug: 27927692 CVE-2018-7757...