8998 matches found
glibc security, bug fix, and enhancement update
2.17-222 - Restore internal GLIBCPRIVATE symbols for use during upgrades 1523119 2.17-221 - CVE-2018-1000001: Fix realpath buffer underflow 1534635 - i386: Fix unwinding for 32-bit C++ application 1529982 - Reduce thread and dynamic loader stack usage 1527904 - x86-64: Use XSAVE/XSAVEC more often...
krb5 security, bug fix, and enhancement update
1.15.1-18 - Expose context errors in pkinitserverplugininit - Resolves: 1460089 1.15.1-17 - Drop certauth test changes that prevented runnig it - Resolves: 1498767 1.15.1-16 - Drop irrelevant DIR trigger logic - Resolves: 1431198 1.15.1-15 - Fix CVE-2017-7562 certauth eku bypass - Resolves: 14987...
python-paramiko security update
1.7.5-4 - Fix and enable tests %check. - Backport a change which makes tests exit with nonzero status when they fail. - Add a fix for upstream tests for CVE-2018-7750 broken in previous. 1.7.5-3 - Fix a security flaw CVE-2018-7750 in Paramiko's server mode emphasis on server mode; this does not...
firefox security update
52.7.3-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.7.3-1 - Update to 52.7.3 ESR...
Unbreakable Enterprise kernel security update
4.1.12-112.16.7 - mlx4: change the ICM table allocations to lowest needed size Daniel Jurgens Orabug: 27718305 - autofs: use dentry flags to block walks during expire Ian Kent Orabug: 26032471 Orabug: 27766149 - autofs races Al Viro Orabug: 27766149 Orabug: 27766149 - crypto: FIPS - allow tests t...
thunderbird security update
52.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.7.0-1 - Update to 52.7.0...
kubernetes security update
1.9.1-2.1.5 - Production built 1.9.1-2.1.5 - Fix the upgrade version check - Remove w/a from Orabug 27125915 1.9.1-2.1.4.dev - Make sure worker node upgrade properly - Orabug 27649898 1.9.1-2.1.3.dev - Ensure that the runtime mounts RO volumes read-only CVE-2017-1002102 - Update Dashboard version...
libvorbis security update
1.2.3-5.1 - Backport fix for CVE-2018-5146 1.2.3-5 - fix CVE-2012-0444 787077...
thunderbird security update
52.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.7.0-1 - Update to 52.7.0...
slf4j security update
0:1.7.4-4 - Disallow EventData deserialization by default CVE-2018-8088...
firefox security update
52.7.2-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.7.2-1 - Update to 52.7.2 ESR...
firefox security update
52.7.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 52.7.0-1 - Update to 52.7.0 ESR...
firefox security update
52.7.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.7.0-1 - Update to 52.7.0 ESR...
kernel security and bug fix update
2.6.32-696.23.1.OL6 - Update genkey bug 25599697 2.6.32-696.23.1 - scsi avoid a permanent stop of the scsi device's request queue Ewan Milne 1519857 1513455 - x86 retpoline/hyperv: Convert assembler indirect jumps Waiman Long 1543022 1535645 - x86 specctrl: Upgrade GCC retpoline warning to an err...
libreoffice security update
1:4.3.7.2-2.0.1.2 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile [email protected] - Build with --with-vendor='Oracle America, Inc.' [email protected] 1:4.3.7.2-2.2 - Resolves: rhbz1545033 CVE-2018-6871...
389-ds-base security update
1.2.11-15-94 - Release 1.2.11.15-94 - Resolves: Bug 1544415 - CVE-2017-15135 389-ds-base: Authentication bypass due to lack of size check in slapictmemcmp function in chmalloc.c fix cherry-pick error 1.2.11-15-93 - Release 1.2.11.15-93 - Resolves: Bug 1544415 - CVE-2017-15135 389-ds-base:...
qemu-kvm security update
0.12.1.2-2.503.el69.5 - kvm-cirrus-fix-oob-access-in-mode4and5-write-functions.patch bz1501296 - Resolves: bz1501296 CVE-2017-15289 qemu-kvm: Qemu: cirrus: OOB access issue in mode4and5 write functions rhel-6.9.z...
mailman security update
3:2.1.12-26.3 - Related: 1545967 - Add missed import 3:2.1.12-26.2 - Resolves: 1545967 - Fix XSS vulnerability in web UI. Add sanitizer 3:2.1.12-26.1 - Resolves: 1545967 - Fix XSS vulnerability in web UI...
mailman security update
3:2.1.15-26.1 - Related: 1545974 - Add import regular expression module 3:2.1.15-26 - Related: 1545974 - Bump release to make it higher than 7.5 3:2.1.15-24.2 - Resolves: 1545974 - Add sanitizer to mitigate XSS injection 3:2.1.15-24.1 - Resolves: 1545974 - Fix XSS vulnerability in web UI...
dhcp security update
12:4.2.5-58.0.1 - Added oracle-errwarn-message.patch 12:4.2.5-68 - Resolves: 1550000 - CVE-2018-5733 Avoid buffer overflow reference counter 12:4.2.5-58.2 - Resolves: 1549979 - CVE-2018-5732 Avoid buffer overflow in options parser...
dhcp security update
12:4.1.1-53.P1.0.1.3 - Added oracle-errwarn-message.patch 12:4.1.1-53.P1.3 - Resolves: 1550085 - CVE-2018-5733 Avoid reference overflow - Resolves: 1550083 - CVE-2018-5732 Avoid options buffer overflow...
389-ds-base security and bug fix update
1.3.6.1-28 - Bump version to 1.3.6.1-28 - Resolves: Bug 1540105 - CVE-2018-1054 - remote Denial of Service DoS via search filters in SetUnicodeStringFromUTF8 1.3.6.1-27 - Bump version to 1.3.6.1-27 - Resolves: Bug 1536343 - Indexing of internationalized matching rules is failing - Resolves: Bug...
php security update
5.4.16-43.1 - gd: fix buffer over-read into uninitialized memory CVE-2017-7890...
libreoffice security update
1:5.0.6.2-15.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.0.6.2-15 - Resolves: rhbz1545034 - CVE-2018-1055 CVE-2018-6871 1:5.0.6.2-14 - Resolves: rhbz1454693 segv on interrupting tile...
kernel security and bug fix update
3.10.0-693.21.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.21.1 - x86 platform/uv: Mark tscchecksync as an init function Frank Ramsay...
ruby security update
2.0.0.648-33 - Fix always passing WEBrick test. 2.0.0.648-32 - Add Psych.safeload ruby-2.1.0-there-should-be-only-one-exception.patch ruby-2.1.0-Adding-Psych.safeload.patch Related: CVE-2017-0903 - Disable Tokyo TZ tests broken by recen tzdata update. ruby-2.5.0-Disable-Tokyo-TZ-tests.patch...
quagga security update
0.99.22.4-5 - Fixed CVE-2018-5379 - Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code - Resolves: rhbz1546015...
gcab security update
0.7-4 - Fixes the security issue known as CVE-2018-5345 - Resolves: 1533174...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.3 - gre: fix a possible skb leak Eric Dumazet Orabug: 26403972 CVE-2017-9074 - ipv6: Fix leak in ipv6gsosegment. David S. Miller Orabug: 26403972 CVE-2017-9074 - ipv6: xfrm: Handle errors reported by xfrm6find1stfragopt Ben Hutchings Orabug: 26403972 CVE-2017-9074 - ipv6:...
java-1.7.0-openjdk security update
1:1.7.0.171-2.6.13.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.171-2.6.13.0 - Bump to 2.6.13 and u171b01. - Update java-1.7.0-openjdk-java-access-bridge-security.patch to apply after 8186080 - Update RC4 patch 8076221/PR2809 to apply after 8148108 DH lower limit increase - Fix file path in...
Unbreakable Enterprise kernel security update
2.6.39-400.298.3 - ext4: limit group search loop for non-extent files Lachlan McIlroy Orabug: 17488415 - ext4: fixup 64-bit divides in 3.0-stable backport of upstream fix Todd Poynor Orabug: 17488415 - ext4: use atomic64t for the per-flexbg freeclusters count Theodore Ts'o Orabug: 17488415 - ext4...
kernel security update
2.6.18-419.0.0.0.8 - Backport CVEs to RHCK/OL5 orabug 27547712 CVE-2017-5753 CVE-2017-5754 - 2.6.18-419.0.0.0.5 - fs fix kernel panic on boot on ia64 guests Honglei Wang orabug 26934100...
kernel security update
kernel 2.6.18-419.0.0.0.5 - fs fix kernel panic on boot on ia64 guests Honglei Wang orabug 26934100 2.6.18-419.0.0.0.4 - fs fix bug in loading of PIE binaries Michael Davidson orabug 26916951 CVE-2017-1000253...
Unbreakable Enterprise kernel security update
4.1.12-112.14.14 - drivers/char/mem.c: deny access in open operation when securelevel is set Ethan Zhao Orabug: 27234850 Orabug: 27234850 - hugetlb: fix nrpmds accounting with shared page tables Kirill A. Shutemov Orabug: 26988581 - x86/IBRS: Drop unnecessary WRITEONCE Boris Ostrovsky Orabug:...
thunderbird security update
52.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.6.0-1 - Update to 52.6.0...
systemd security update
219-42.0.2.7 - fix netdev is missing for iscsi entry in /etc/fstab Orabug: 25897792 [email protected] - set 'RemoveIPC=no' in logind.conf as default for OL7.2 22224874 - allow dm remove ioctl to co-operate with UEK3 Vaughan Cao Orabug: 18467469 - add hv dynamic memory support Jerry Snitselaar...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.2 - x86: Add another set of MSR accessor functions Borislav Petkov Orabug: 27444923 CVE-2017-5753 - userns: prevent speculative execution Elena Reshetova Orabug: 27444923 CVE-2017-5753 - udf: prevent speculative execution Elena Reshetova Orabug: 27444923 CVE-2017-5753 - f...
Unbreakable Enterprise kernel security update
4.1.12-61.63.1 - Revert 'kernel.spec: Require the new microcodectl.' Brian Maly - x86: Clean up IBRS functionality resident in common code Kanth Ghatraju Orabug: 27439198 - x86: Display correct settings for the SPECTREV2 bug Kanth Ghatraju Orabug: 27439198 - Set CONFIGGENERICCPUVULNERABILITIES fl...
389-ds-base security and bug fix update
1.3.6.1-26 - Bump version to 1.3.6.1-25 - Resolves: Bug 1534430 - crash in slapifiltersprintf 1.3.6.1-25 - Bump version to 1.3.6.1-25 - Resolves: Bug 1526928 - search with CoS attribute is getting slower after modifying/adding CosTemplate - Resolves: Bug 1523505 - opened connection are hanging, n...
nautilus security update
3.22.3-4 - Fix desktop files security issue upstream bugzilla.gnome.org/777991 Resolves: 1490949...
kernel security and bug fix update
2.6.32-696.20.1.OL6 - Update genkey bug 25599697 2.6.32-696.20.1 - x86 kaiser/efi: unbreak tboot Waiman Long 1519799 1519802 CVE-2017-5754 - x86 pti/mm: Fix trampoline stack problem with XEN PV Waiman Long 1519799 1519802 CVE-2017-5754 - x86 pti/mm: Fix XEN PV boot failure Waiman Long 1519799...
dhcp security update
12:4.2.5-58.0.1.1 - Added oracle-errwarn-message.patch 12:4.2.5-58.1 - Resolves: 1523475 - Fix omapi socket descriptors leak...
kernel security and bug fix update
3.10.0-693.17.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.17.1 - s390 locking/barriers: remove old gmb macro definition Denys Vlasenko...
firefox security update
52.6.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.6.0-1 - Update to 52.6.0 ESR...
Unbreakable Enterprise kernel security update
2.6.39-400.298.2 - x86: Use PREDCMD MSR when ibpb is enabled Konrad Rzeszutek Wilk Orabug: 27369777 CVE-2017-5715 CVE-2017-5753 - x86/spec: Dont print the Missing arguments for option spectrev2 Konrad Rzeszutek Wilk Orabug: 27369777 CVE-2017-5715 CVE-2017-5753 - x86: Move ENABLEIBRS in the...
bind security update
32:9.9.4-51.2 - Fix CVE-2017-3145...
bind security update
32:9.8.2-0.62.rc1.5 - Fix CVE-2017-3145...
microcode_ctl security update
1:1.17-25.4.0.2 - Revert: early microcode load to allow updating Broadwell model 79 - Revert: Make sure 'modprobe microcode' is not executed on Broadwell model 79 - Revert: Run dracut upon microcode update - Revert updated Intel 20180108 microcode for CPUIDs: CVE-2017-5715 306c3 06-3c-03 rev 0x23...
microcode_ctl security update
2.1-22.5.0.3 - Revert Intel 20180108 microcode for CPUIDs: CVE-2017-5715 306c3 06-3c-03 rev 0x23, Haswell; 306d4 06-3d-04 rev 0x28, Broadwell; 306f2 06-3f-02 rev 0x3b, Haswell; 306f4 06-3f-04 rev 0x10, Haswell; 306e4 06-3e-04 rev 0x42a, Ivy Bridge; 40651 06-45-01 rev 0x21, Haswell; 40661 06-46-01...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-94.7.8 - x86/pti/efi: broken conversion from efi to kernel page table Pavel Tatashin Orabug: 27378087 Orabug: 27352353 CVE-2017-5754 - x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT redux Konrad Rzeszutek Wilk Orabug: 27378074 - x86/IBRS: Make sure we...