8998 matches found
Unbreakable Enterprise kernel security update
4.1.12-112.14.13 - Revert 'kernel.spec: Require the new microcodectl.' Brian Maly 4.1.12-112.14.12 - xen-blkback: add pendingreq allocation stats Ankur Arora Orabug: 27386890 - xen-blkback: move indirect req allocation out-of-line Ankur Arora Orabug: 27386890 - xen-blkback: pull nseg validation o...
java-1.8.0-openjdk security update
1:1.8.0.161-0.b14 - Update to b14 with updated Zero fix for 8174962 S8194828 - Resolves: rhbz1528233 1:1.8.0.161-0.b13 - Update to b13 including Zero fix for 8174962 S8194739 and restoring tzdata2017c update - Resolves: rhbz1528233 1:1.8.0.161-0.b12 - Add new file cmsalpha.c to...
microcode_ctl security update
1:1.17-25.4.0.1 - Enable early microcode load to allow updating Broadwell model 79 - Make sure 'modprobe microcode' is not executed on Broadwell model 79 - Run dracut upon microcode update - Add updated Intel 20180108 microcode for CPUIDs: CVE-2017-5715 306c3 06-3c-03 rev 0x23, Haswell; 306d4...
Unbreakable Enterprise kernel security update
4.1.12-112.14.11 - x86/pti/efi: broken conversion from efi to kernel page table Pavel Tatashin Orabug: 27363926 Orabug: 27352353 CVE-2017-5754 - x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT redux Konrad Rzeszutek Wilk Orabug: 27369994 - x86/IBRS: Make sure we restore...
Unbreakable Enterprise kernel security update
4.1.12-112.14.10 - x86/ia32: save and clear registers on syscall. Jamie Iles Orabug: 27355759 CVE-2017-5754 - x86/IBRS: Save current status of MSRIA32SPECCTRL Boris Ostrovsky Orabug: 27355887 - pti: Rename X86FEATUREKAISER to X86FEATUREPTI Pavel Tatashin Orabug: 27352353 CVE-2017-5754 - usb/core:...
thunderbird security update
52.5.2-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.5.2-1 - Update to 52.5.2...
libvirt security update
3.2.0-14.0.1.el74.7 - bump release and rebuild 3.2.0-14.el74.7 - qemu: Properly store microcode version in QEMU caps cache CVE-2017-5715 3.2.0-14.el74.6 - util: add virFileReadHeaderQuiet wrapper around virFileReadHeaderFD CVE-2017-5715 - util: introduce virHostCPUGetMicrocodeVersion CVE-2017-571...
Unbreakable Enterprise kernel security update
4.1.12-112.14.5 - x86/ibrs: Remove 'ibrsdump' and remove the prdebug Konrad Rzeszutek Wilk Orabug: 27350825 4.1.12-112.14.4 - kABI: Revert kABI: Make the bootcpudata look normal Konrad Rzeszutek Wilk CVE-2017-5715 4.1.12-112.14.3 - userns: prevent speculative execution Elena Reshetova Orabug:...
microcode_ctl security update
2.1-22.2 - Update Intel CPU microde for 06-3f-02, 06-4f-01, and 06-55-04 - Resolves: 1527358 2.1-22.1 - Update to upstream 2.1-13. Intel CPU microcode update to 20170707. - Resolves: 1474844...
libvirt security update
0.10.2-62.0.1.el69.1 - Replace docs/et.png in tarball with blank image 0.10.2-62.el69.1 - util: Implement virFileReadHeaderFD CVE-2017-5715 - util: add virFileReadHeaderQuiet wrapper around virFileReadHeaderFD CVE-2017-5715 - util: introduce virHostCPUGetMicrocodeVersion CVE-2017-5715 - conf:...
kernel security update
2.6.32-696.18.7.OL6 - Update genkey bug 25599697 2.6.32-696.18.7 - x86 specctrl: svm: specctrl at vmexit needs per-cpu areas functional Waiman Long 1519797 1519796 CVE-2017-5715 - x86 specctrl: Eliminate redundnat FEATURE Not Present messages Waiman Long 1519797 1519796 CVE-2017-5715 - x86...
kernel security update
3.10.0-693.11.6.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.11.6 - x86 specctrl: Eliminate redundant FEATURE Not Present messages Andrea...
qemu-kvm security update
1.5.3-141.el74.6 - Fix CVE-2017-5715 1.5.3-141.el74.5 - kvm-vfio-pci-Only-mmap-TARGETPAGESIZE-regions.patch bz1515110 - Resolves: bz1515110 Regression in QEMU handling for sub-page MMIO BARs for vfio-pci devices rhel-7.4.z...
qemu-kvm security update
0.12.1.2-2.503.el69.4 - Fix CVE-2017-5715...
microcode_ctl security update
1:1.17-25.2 - Update Intel CPU microde for 06-3f-02, 06-4f-01, and 06-55-04 - Add amd microcodeamdfam17h.bin data file - Resolves: 1527357 1:1.17-25.1 - Update microcode data file to 20170707 revision. - Resolves: 1465143...
Unbreakable Enterprise kernel security update
4.1.12-112.14.2 - fuse: Call endqueuedrequests after releasing fc-lock in fusedevrelease Ashish Samant Orabug: 26431550 - rds: Fix inaccurate accounting of unsignaled wrs in rdsibxmitrdma Hakon Bugge Orabug: 27097105 - rds: Fix inaccurate accounting of unsignaled wrs Hakon Bugge Orabug: 27097105 ...
Unbreakable Enterprise kernel security and bugfix update
4.1.12-112.14.1 - ext4: fix off-by-one on max nrpages in ext4findunwrittenpgoff Eryu Guan Orabug: 27233471 4.1.12-112.13.1 - cgroup: make sure a parent css isnt offlined before its children Tejun Heo Orabug: 27179269 4.1.12-112.12.1 - ctf: allow dwarf2ctf to run as root but produce no output Nick...
Unbreakable Enterprise kernel security update
2.6.39-400.298.1 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 23320090 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 24337879 - xen-netfront: cast grant table reference first to type int Dongli Zhang Orabug: 25102637 - xen-netfront: do n...
postgresql security update
9.2.23-3 - setup: keep PGSETUP variables after switching to not-privileged user 9.2.23-2 - fix CVE-2017-12172...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.20.1 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 25392692 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 26479780 - KEYS: fix dereferencing NULL payload with nonzero length Eric Biggers Orabug: 26592025 - oracleasm:...
Unbreakable Enterprise kernel security update
4.1.12-103.10.1 - mm, thp: Do not make page table dirty unconditionally in followtranshugepmd Kirill A. Shutemov Orabug: 27200879 CVE-2017-1000405 - NFS: Add static NFS I/O tracepoints Chuck Lever - storvsc: dont assume SG list is contiguous Aruna Ramakrishna Orabug: 27044692 - fix unbalanced pag...
java-1.7.0-openjdk security and bug fix update
1:1.7.0.161-2.6.12.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.161-2.6.12.0 - Remove superfluous %1 from policy JAR file path. - Resolves: rhbz1499207 1:1.7.0.161-2.6.12.0 - Update location of policy JAR files following 8157561. - Resolves: rhbz1499207 1:1.7.0.161-2.6.12.0 - Bump to 2.6.12 and...
liblouis security update
2.5.2-12 - Resolves: CVE-2017-15101...
firefox security update
52.5.1-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.5.1-1 - Update to 52.5.1 ESR...
sssd security and bug fix update
1.15.2-50.8 - Resolves: rhbz1508972 - Accessing IdM kerberos ticket fails while id mapping is applied rhel-7.4.z - Resolves: rhbz1509177 - Race condition between refreshing the crdomain list and a request that is using the list can cause a segfault is sssdnss rhel-7.4.z 1.15.2-50.7 - Resolves:...
thunderbird security update
52.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.5.0-1 - Update to 52.5.0...
kernel security and bug fix update
3.10.0-693.11.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.11.1 - powerpc perf: Fix book3s kernel to userspace backtraces Gustavo...
qemu-kvm security update
1.5.3-141.el74.4 - kvm-multiboot-validate-multiboot-header-address-values.patch bz1501120 - Resolves: bz1501120 CVE-2017-14167 qemu-kvm: Qemu: i386: multiboot OOB access while loading kernel image rhel-7.4.z 1.5.3-141.el74.3 - kvm-bswap.h-Remove-cputo32wu.patch bz1501294 -...
kernel security and bug fix update
3.10.0-693.11.1.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...
samba4 security update
4.2.10-12 - resolves: 1514315 - Fix CVE-2017-14746 and CVE-2017-15275...
procmail security update
3.22-36.1 - Fixed possible buffer overflow in loadbuf function Resolves: CVE-2017-16844...
apr security update
1.3.9-5.1 - Resolves: 1507346 - CVE-2017-12613 apr: Out-of-bounds array deref in aprtimeexp functions...
curl security update
7.29.0-42.el74.1 - fix buffer overflow while processing IMAP FETCH response CVE-2017-1000257...
samba security update
4.6.2-12 - resolves: 1514314 - Fix CVE-2017-14746 and CVE-2017-15275...
firefox security update
52.5.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.5.0-1 - Update to 52.5.0 ESR...
php security update
5.4.16-43 - gd: fix DoS vulnerability in gdImageCreateFromGd2Ctx CVE-2016-10167 - gd: Signed Integer Overflow gdio.c CVE-2016-10168...
kernel security and bug fix update
2.6.32-696.16.1.OL6 - Update genkey bug 25599697 2.6.32-696.16.1 - net packet: fix tpreserve race in packetsetring Stefano Brivio 1481941 1481943 CVE-2017-1000111 - net packet: fix overflow in check for tpframenr Stefano Brivio 1481941 1481943 CVE-2017-1000111 - net packet: fix overflow in check...
Unbreakable Enterprise kernel security update
4.1.12-103.9.4 - thp: run vmaadjusttranshuge outside immaprwsem Kirill A. Shutemov Orabug: 27026180 4.1.12-103.9.3 - selinux: fix off-by-one in setprocattr Stephen Smalley Orabug: 27001717 CVE-2017-2618 CVE-2017-2618 CVE-2017-2618 - sysctl: Drop reference added by grabheader in procsysreaddir Zho...
Unbreakable Enterprise kernel security update
4.1.12-103.9.2 - Revert 'drivers/char/mem.c: deny access in open operation when securelevel is set' Brian Maly Orabug: 27037811 4.1.12-103.9.1 - xfs: use dedicated log worker wq to avoid deadlock with cil wq Brian Foster Orabug: 27013241 - scsi: scsitransportiscsi: fix the issue that iscsiifrx...
liblouis security update
2.5.2-11 - Resolves: CVE-2017-13738, CVE-2017-13740, CVE-2017-13741, CVE-2017-13742, CVE-2017-13743, CVE-2017-13744, CVE-2014-8184...
Unbreakable Enterprise kernel security update
2.6.39-400.297.12 - xsigo: backport Fix race in freeing aged Forwarding tables Pradeep Gopanapalli Orabug: 24823234 - ocfs2: fix deadlock issue when taking inode lock at vfs entry points Eric Ren Orabug: 25671723 - ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock Eric Ren...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.19.12 - nvme: Drop nvmeq-qlock before dmapoolalloc, so as to prevent hard lockups Aruna Ramakrishna Orabug: 25409587 3.8.13-118.19.11 - nvme: Handle PM1725 HIL reset Martin K. Petersen Orabug: 26277600 - char: lp: fix possible integer overflow in lpsetup Willy Tarreau Orabug...
tomcat security update
0:7.0.76-3 - Resolves: rhbz1498344 CVE-2017-12615 CVE-2017-12617 tomcat: various flaws - Resolves: rhbz1495654 CVE-2017-7674 tomcat: Vary header not added by CORS filter leading to cache poisoning - Resolves: rhbz1470596 CVE-2017-5647 Add follow up revision...
tomcat6 security update
0:6.0.24-111 - Resolves: rhbz1498345 CVE-2017-12615 CVE-2017-12617 tomcat6: various flaws 0:6.0.24-110 - Resolves: rhbz1461292 CVE-2017-5664 tomcat6: tomcat: Security constrained bypass in error page mechanism 0:6.0.24-109 - Resolves: rhbz1461851 The tomcat6 build is incompatible with the ECJ...
ntp security update
4.2.6p5-12.0.1.el69.1 - add disable monitor to default ntp.conf CVE-2013-5211 4.2.6p5-12.el69.1 - fix buffer overflow in datum refclock driver CVE-2017-6462 - fix crash with invalid unpeer command CVE-2017-6463 - fix potential crash with invalid server command CVE-2017-6464 4.2.6p5-12 - don't lim...
wget security update
1.14-15.1 - Fixed various security flaws CVE-2017-13089, CVE-2017-13090...
Unbreakable Enterprise kernel security update
4.1.12-103.7.4 - ipv6: avoid overflow of offset in ip6find1stfragopt Sabrina Dubroca Orabug: 27011255 CVE-2017-7542 - udp: consistently apply ufo or fragmentation Willem de Bruijn Orabug: 26921320 CVE-2017-1000112...
Unbreakable Enterprise kernel security update
2.6.39-400.297.11 - mqueue: fix a use-after-free in sysmqnotify Cong Wang Orabug: 26643562 CVE-2017-11176 - ipv6: avoid overflow of offset in ip6find1stfragopt Sabrina Dubroca Orabug: 27011278 CVE-2017-7542 - packet: fix tpreserve race in packetsetring Willem de Bruijn Orabug: 27002453...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.19.10 - mqueue: fix a use-after-free in sysmqnotify Cong Wang Orabug: 26643556 CVE-2017-11176 3.8.13-118.19.9 - ipv6: avoid overflow of offset in ip6find1stfragopt Sabrina Dubroca Orabug: 27011273 CVE-2017-7542 - packet: fix tpreserve race in packetsetring Willem de Bruijn...
java-1.8.0-openjdk security update
1:1.8.0.151-1.b12 - repack policies adapted to new counts and paths - note that also c-j-c is needed to make this apply in next update - Resolves: rhbz1499207 1:1.8.0.151-0.b12 - Correct fix to RH1191652 root patch so existing COMMONCCXXFLAGSJDK is not lost. - Resolves: rhbz1499207...