8998 matches found
kernel security and bug fix update
3.10.0-693.1.1.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 3.10.0-693.1.1.el7.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update...
kernel security, bug fix, and enhancement update
...
httpd security update
2.2.15-60.0.1.5 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-60.5 - Resolves: 1463194 - CVE-2017-3167 httpd: apgetbasicauthpw authentication bypass - Resolves: 1463197 - CVE-2017-3169 httpd: modssl NULL pointer dereference - Resolves: 1463207 ...
firefox security update
52.3.0-3.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.3.0-3 - Fix for rhbz1470294 - bundling newer libffi for ppc platforms 52.3.0-2 - Update to 52.3.0 ESR b2...
libsoup security update
2.56.0-4 - Fix chunked decoding buffer overrun CVE-2017-2885 rh 1479322...
log4j security update
0:1.2.17-16 - Fix socket receiver deserialization vulnerability - Resolves: CVE-2017-5645...
pki-core security update
10.4.1-11 - Resolves: rhbz 1469432 - - RHEL 7.4: - - Bugzilla Bug 1469432 - CMC plugin default change - Resolves CVE-2017-7537 - Fixes BZ 1470948...
golang security, bug fix, and enhancement update
1.8.3-1 - bump to 1.8.3 - fix CVE-2017-8932 - Resolves: rhbz1452616, rhbz1452241, rhbz1457169, rhbz1448346...
glibc security update
2.17-196 - Avoid large allocas in the dynamic linker 1452721 2.17-195 - Rounding issues on POWER 1457177 2.17-194 - Use a built-in list of system call names 1439165 2.17-193 - Inhibit FMA while compiling sqrt, pow 1413638 2.17-192 - Exclude lock elision support for older Intel hardware with Intel...
qemu-kvm security update
1.5.3-141.el74.1 - kvm-qemu-nbd-Ignore-SIGPIPE.patch bz1468107 - Resolves: bz1468107 CVE-2017-10664 qemu-kvm: Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort rhel-7.4.z...
freeradius security update
3.0.13-8 - Avoid misinterpreting zero-size malloc in data2vpextended fix. - Related: Bug1469414 CVE-2017-10984 freeradius: Out-of-bounds write in data2vpwimax 3.0.13-7 - Resolves: Bug1469409 CVE-2017-10978 freeradius: Out-of-bounds read/write due to improper output buffer size check in makesecret...
evince security update
3.22.1-5.2 - Related: 1469528 ensure .desktop file is still valid 3.22.1-5.1 + Fix arbitrary code execution via filename in tar-compressed comics archive - Resolves: 1469528...
java-1.7.0-openjdk security update
1:1.7.0.151-2.6.11.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.151-2.6.11.0 - Bump to 2.6.11 and u151b00. - Update java-access-bridge-security.patch to apply against 2.6.11. - Apply fix for 8185716 so ppc uses correct insencode format - Resolves: rhbz1466509...
samba security, bug fix, and enhancement update
4.6.2-8 - resolves: 1459936 - Fix regression with 'follow symlinks = no' 4.6.2-7 - resolves: 1461336 - Fix smbclient username parsing - resolves: 1460937 - Fix username normalization with winbind 4.6.2-6 - resolves: 1459179 - Fix smbclient session setup printing 4.6.2-5 - related: 1277999 - Add...
postgresql security and enhancement update
9.2.21-1 - update to 9.2.21 per release notes http://www.postgresql.org/docs/9.2/static/release-9-2-21.html http://www.postgresql.org/docs/9.2/static/release-9-2-20.html http://www.postgresql.org/docs/9.2/static/release-9-2-19.html 9.2.18-2 - package libpgport.a rhbz1305979...
mariadb security and bug fix update
1:5.5.56-2 - Do not fix context and change owner if run by root in mariadb-prepare-db-dir Related: 1458940 - Check properly that datadir includes only expected files Related: 1356897 1:5.5.56-1 - Rebase to 5.5.56 That release also fixes the following security issues: CVE-2016-5617/CVE-2016-6664...
ghostscript security and bug fix update
9.07-28 - Security fix for CVE-2017-8291 updated to address SIGSEGV 9.07-27 - Added security fix for CVE-2017-8291 bug 1446063 9.07-26 - Updated requirements for lcms2 to avoid possible issues in the future 9.07-25 - Added security fix for CVE-2017-7207 bug 1434353 - Added explicit requirement fo...
X.org X11 libraries security, bug fix and enhancement update
libICE 1.0.9-9 - Add upstream patch to not pull libbsd - Add custom patch for Fedora 24 & 25 1.0.9-8 - Fix changelog 1.0.9-7 - Use libbsd for randoms CVE-2017-2626, rhbz1427715 1.0.9-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora26MassRebuild 1.0.9-5 - Force disable documentation generatio...
libreoffice security and bug fix update
1:5.0.6.2-14.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.0.6.2-14 - Resolves: rhbz1454693 segv on interrupting tiled rendering 1:5.0.6.2-13 - Related: rhbz1444437 remove timer if...
gdm and gnome-session security, bug fix, and enhancement update
gdm 3.22.3-11 - Add japanese translation Resolves: 1449632 3.22.3-10 - Add patches to try to maintain some semblance of compatibility when live upgrading between 7.3 and 7.4 Related: 1448786 3.22.3-9 - Make sure reauthentication is run within the user session. Resolves:1448209 3.22.3-8 - Reap...
tigervnc and fltk security, bug fix, and enhancement update
fltk 1.3.4-1 - Re-base to 1.3.4 + sync with Fedora tigervnc 1.8.0-1 - Update to 1.8.0 Resolves: bz1388620 1.7.90-2 - Make RandR callbacks optional Resolves: bz1444948 1.7.90-1 - Update to 1.7.90 Resolves: bz1388620 1.7.1-3 - Delete underlying ssecurity in SSecurityVeNCrypt CCVE-2017-7392 Resolves...
gtk-vnc security, bug fix, and enhancement update
0.7.0-2 - Fix reserved data size rhbz 1416783 - Fix inverted args in tests rhbz 1416783 - Avoid sign extension problems rhbz 1416783 - Fix crash with opening via GSocketAddress rhbz 1416783 - Fix crash & error reporting during connection timeout rhbz 1441120 - Fix incompatibility with libvncserve...
kernel security, bug fix, and enhancement update
...
qemu-kvm security, bug fix, and enhancement update
1.5.3-141.el7 - kvm-Fix-memory-slot-page-alignment-logic-bug-1455745.patch bz1455745 - kvm-Do-not-hang-on-full-PTY.patch bz1452067 - kvm-serial-fixing-vmstate-for-save-restore.patch bz1452067 - kvm-serial-reinstate-watch-after-migration.patch bz1452067 -...
pidgin security, bug fix, and enhancement update
2.10.11-5 - Drop MXit support in RHEL Resolves: 1439296 2.10.11-4 - Silence -Wsign-compare - Rename the previous patch for consistency Resolves: 1445921, 1446368 2.10.11-3 - Avoid a use-after-free in an error path Resolves: 1445921 2.10.11-2 - Add patch for CVE-2017-2640 Resolves: 1431022 2.10.11...
openssh security, bug fix, and enhancement update
7.4p1-11 + 0.10.3-1 - Compiler warnings 1341754 7.4p1-10 + 0.10.3-1 - Add missing messages in FIPS mode 1341754 7.4p1-9 + 0.10.3-1 - Allow harmless syscalls for s390 crypto modules 1451809 7.4p1-8 + 0.10.3-1 - Fix multilib issue in documentation 1450361 7.4p1-6 + 0.10.3-1 - ControlPath too long...
python security and bug fix update
2.7.5-58.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-58 - Set stream to None in case an open fails. Resolves: rhbz1432003 2.7.5-57 - Fix implicit declaration warnings of functions added by patches 147 and 265 Resolves: rhbz1441237 2.7.5-56 - Fix shutil.makearchive...
NetworkManager and libnl3 security, bug fix and enhancement update
NetworkManager 1:1.8.0-9 - device: don't change MTU unless explicitly configured rh 1460760 - core: don't remove external IPv4 addresses rh 1459813 1:1.8.0-8 - cli: fix output of iface in overview output rh1460219 - ppp: unexport NMPPPManager instance on dispose rh1459579 - cli: remove spurious...
GStreamer security, bug fix, and enhancement update
clutter-gst2 2.0.18-1 - Update to 2.0.18 - Remove obsolete patches - Use license macro for COPYING - Resolves: 1386833 gnome-video-effects 0.4.3-1 - Update to 0.4.3 - Resolves: 1386968 0.4.1-5 - Fix URL rhbz1380981 gstreamer-plugins-bad-free 0.10.23-23 - Rebuild with hardened flags Resolves:...
tomcat security, bug fix, and enhancement update
0:7.0.76-2 - Resolves: rhbz1459747 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism - Resolves: rhbz1441481 CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used 0:7.0.76-1 - Resolves: rhbz1414895 Rebase tomcat to the current release...
glibc security, bug fix, and enhancement update
2.17-196 - Avoid large allocas in the dynamic linker 1452721 2.17-195 - Rounding issues on POWER 1457177 2.17-194 - Use a built-in list of system call names 1439165 2.17-193 - Inhibit FMA while compiling sqrt, pow 1413638 2.17-192 - Exclude lock elision support for older Intel hardware with Intel...
bash security and bug fix update
4.2.46-28 - CVE-2016-9401 - Fix crash when '-' is passed as second sign to popd Resolves: 1429838 4.2.46-27 - CVE-2016-7543: Fix for arbitrary code execution via SHELLOPTS+PS4 variables Resolves: 1426026 4.2.46-26 - CVE-2016-0634: Fix for arbitrary code execution via malicious hostname Resolves:...
git security and bug fix update
1.8.3.1-11 - dissalow repo names beginning with dash Resolves: CVE-2017-8386 -1.8.3.1-10 - do not put unsanitized branch names in Resolves: CVE-2014-9938 -1.8.3.1-9 - add control of GSSAPI credential delegation to enable HTTPS-SSO authentication Resolves: 1369173 1.8.3.1-8 - remove needles check ...
authconfig security, bug fix, and enhancement update
6.2.8-30 - do not use /usr and LIBDIR together 1455233 6.2.8-29 - update translations 1449625 6.2.8-28 - ignore PAMIGNORE for pamsucceedif so application do not fail in pamsetcred 1450425 6.2.8-27 - fix typo in the patch for CVE-2017-7488 1441604 6.2.8-26 - CVE-2017-7488 authconfig: Information...
gnutls security, bug fix, and enhancement update
3.3.26-9 - Address crash in OCSP status request extension, by eliminating the unneeded parsing CVE-2017-7507, 1455828 3.3.26-7 - Address interoperability issue with 3.5.x 1388932 - Reject CAs which are both trusted and blacklisted in trust module 1375303 - Added new functions to set issuer and...
tcpdump security, bug fix, and enhancement update
14:4.9.0-5 - Resolves: 1441597; use bigger capture buffer than in upstream 14:4.9.0-4 - Drop downstream patch drop root privileges - Add libcap-ng as a new build dependency - Related: 1262283 14:4.9.0-3 - Fix tests according to our patches and libpcap version 14:4.9.0-2 - Use getnameinfo instead ...
curl security, bug fix, and enhancement update
7.29.0-42 - fix use of uninitialized variable detected by Covscan 7.29.0-41 - make FTPS work with --proxytunnel 1420327 7.29.0-40 - make FTPS work with --proxytunnel 1420327 7.29.0-39 - work around race condition in PK11FindSlotByName in NSS 1404815 7.29.0-38 - make FTPS work with --proxytunnel...
openldap security, bug fix, and enhancement update
2.4.44-5 - fix CVE-2017-9287 openldap: Double free vulnerability in servers/slapd/back-mdb/search.c 1458210 2.4.44-4 - NSS: Include some CHACHA20POLY1305 ciphers 1432907 2.4.44-3 - NSS: re-register NSSShutdown callback 1405354 2.4.44-2 - Include MDB tools in openldap-servers 1428740 2.4.44-1 -...
libtasn1 security, bug fix, and enhancement update
4.10-1 - Updated to the 4.x branch 1360639...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-94.5.7 - Revert 'net/rds: Revert 'RDS: add reconnect retry scheme for stalled connections'' Ajaykumar Hotchandani Orabug: 26444722 - Revert 'net/rds: use different workqueue for baseconn' Ajaykumar Hotchandani Orabug: 26444722 - Revert 'net/rds: determine active/passive connecti...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.19.3 - posixacl: Clear SGID bit when setting file permissions Jan Kara Orabug: 25507344 CVE-2016-7097 CVE-2016-7097...
Unbreakable Enterprise kernel security update
2.6.39-400.297.5 - selinux: quiet the filesystem labeling behavior message Paul Moore Orabug: 25721485 - RDS/IB: active bonding port state fix for intfs added late Mukesh Kacker Orabug: 25875426 - HID: hid-cypress: validate length of report Greg Kroah-Hartman Orabug: 25891914 CVE-2017-7273 - udf:...
tomcat security update
0:7.0.69-12 - Resolves: rhbz1441487 CVE-2017-5648 tomcat: Calls to application listeners did not use the appropriate facade object - Resolves: rhbz1441480 CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used - Resolves: rhbz1459746 CVE-2017-5664 tomcat: Security...
java-1.8.0-openjdk security update
1:1.8.0.141-2.b16 - Update to aarch64-jdk8u141-b16. - Revert change to remove-intree-libraries.sh following backout of 8173207 - Resolves: rhbz1466509 1:1.8.0.141-2.b15 - Revert previous commit so we can revise the security update. - Resolves: rhbz1468473 1:1.8.0.141-1.b15 - Backport '8180048:...
graphite2 security update
1.3.10-1 - Resolves: rhbz1472290 CVE-2017-7771 CVE-2017-7772 CVE-2017-7773 CVE-2017-7774 CVE-2017-7775 CVE-2017-7776 CVE-2017-7777 CVE-2017-7778...
freeradius security update
2.2.6-7 - Resolves: Bug1469115 CVE-2017-10979 freeradius: Out-of-bounds write in radcoalesce - Resolves: Bug1469118 CVE-2017-10978 freeradius: Out-of-bounds read/write due to improper output buffer size check in makesecret - Resolves: Bug1469120 CVE-2017-10980 freeradius: Memory leak in decodetlv...
Unbreakable Enterprise kernel security update
2.6.39-400.297.4 - mm: larger stack guard gap, between vmas Hugh Dickins Orabug: 26326145 CVE-2017-1000364...
kernel security and bug fix update
2.6.32-696.6.3.OL6 - Update genkey bug 25599697 2.6.32-696.6.3 - mm allow JVM to implement its own stack guard pages Larry Woodman 1466667 1464237 - mm enlarge stack guard gap Larry Woodman 1466667 1464237 - Revert: mm enlarge stack guard gap Larry Woodman 1466667 1464237 2.6.32-696.6.2 - mm...
httpd security and bug fix update
2.2.15-60.0.1.4 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-60.4 - Related: 1427675 - CVE-2016-8743 httpd: Apache HTTP Request Parsing Whitespace Defects 2.2.15-60.3 - Resolves: 1463205 - CVE-2017-7668 httpd: apfindtoken buffer overread...
glibc security update
2.5-123.0.2.el511.3 - Mitigation for CVE-2017-1000366 glibc: heap/stack gap jumping via unbounded stack allocations...