9184 matches found
firefox security update
52.4.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 52.4.0-1 - Update to 52.4.0 ESR 52.3.0-3 - Update to 52.3.0 ESR b2 - Require correct nss version...
nss security update
3.28.4-12 - Backport patch to simplify transcript calculation for CertificateVerify...
Unbreakable Enterprise kernel security update
2.6.39-400.297.9 - fs/binfmtelf.c: fix bug in loading of PIE binaries Michael Davidson Orabug: 26870958 CVE-2017-1000253...
kernel security update
2.6.32-696.10.3.OL6 - Update genkey bug 25599697 2.6.32-696.10.3 - fs binfmtelf.c:loadelfbinary: return -EINVAL on zero-length mappings Petr Matousek 1492959 1492961 CVE-2017-1000253 - fs binfmtelf.c: fix bug in loading of PIE binaries Petr Matousek 1492959 1492961 CVE-2017-1000253...
samba security update
4.6.2-11 - resolves: 1491213 - CVE-2017-12150 CVE-2017-12151 CVE-2017-12163...
samba security update
3.6.23-45.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 18253258 3.6.24-45 - resolves: 1491210 - CVE-2017-2619 CVE-2017-12150 CVE-2017-12163...
samba4 security update
4.2.10-11 - resolves: 1491212 - CVE-2017-12150 CVE-2017-12163...
augeas security update
1.4.0-2.el74.1 - Fix CVE-2017-7555, improper handling of escaped strings RHBZ1481545...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.19.7 - Bluetooth: Properly check L2CAP config option output buffer length Ben Seri Orabug: 26796364 CVE-2017-1000251 3.8.13-118.19.6 - xen: fix bio vec merging Roger Pau Monne Orabug: 26645550 CVE-2017-12134 3.8.13-118.19.5 - fs/exec.c: account for argv/envp pointers Kees Co...
Unbreakable Enterprise kernel security update
2.6.39-400.297.8 - Bluetooth: Properly check L2CAP config option output buffer length Ben Seri Orabug: 26796428 CVE-2017-1000251 2.6.39-400.297.7 - xen: fix bio vec merging Roger Pau Monne Orabug: 26645562 CVE-2017-12134 - fs/exec.c: account for argv/envp pointers Kees Cook Orabug: 26638926...
emacs security update
1:24.3-20 - fix unsafe enriched mode translations 1490452...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-103.3.8.1 - Bluetooth: Properly check L2CAP config option output buffer length Ben Seri Orabug: 26796363 CVE-2017-1000251...
postgresql security update
9.2.23-1 - update to 9.2.23 per release notes http://www.postgresql.org/docs/9.2/static/release-9-2-23.html 9.2.22-1 - update to 9.2.22 per release notes http://www.postgresql.org/docs/9.2/static/release-9-2-22.html...
kernel security and bug fix update
2.6.32-696.10.2.OL6 - Update genkey bug 25599697 2.6.32-696.10.2 - net l2cap: prevent stack overflow on incoming bluetooth packet Neil Horman 1490060 1490062 CVE-2017-1000251...
bluez security update
4.66-2 - sdpd heap fixes Resolves: 1490008...
kernel security update
3.10.0-693.2.2.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel olkmodsigningkey.x509alexey.petre [email protected] - Update x509.genkey bug 24817676...
kernel security update
3.10.0-693.2.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.2.2 - net l2cap: prevent stack overflow on incoming bluetooth packet Neil...
kernel security update
kernel - 2.6.18-419.0.0.0.3 - nfsd: stricter decoding of write-like NFSv2/v3 ops orabug 26586706 CVE-2017-7895...
389-ds-base security and bug fix update
1.3.6.19-1 - Bump version to 1.3.6.19-1 - Remove old mozldap and db4 requirements - Resolves: Bug 1483865 - Crash while binding to a server during replication online init 1.3.6.1-18 - Bump version to 1.3.6.1-18 - Require srvcore 4.1.3 - Resolves: Bug 1479757 - dse.ldif and fsync - Resolves: Bug...
openssh security update
5.3p1-123 - Fix for CVE-2016-6210: User enumeration via covert timing channel 1357442...
poppler security update
0.12.4-12 - Resolves: rhbz1479815 CVE-2017-9776...
poppler security update
0.26.5-17 - Resolves: rhbz1482934 CVE-2017-9776...
thunderbird security update
52.3.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 52.3.0-1 - Update to 52.3.0 52.2.1-1 - Update to 52.2.1...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-103.3.8 - fs/exec.c: account for argv/envp pointers Kees Cook Orabug: 26638900 CVE-2017-1000365 CVE-2017-1000365 4.1.12-103.3.7 - i40e/i40evf: check for stopped admin queue Mitch Williams Orabug: 26654222 4.1.12-103.3.6 - xen: fix bio vec merging Roger Pau Monne Orabug: 26645497...
xmlsec1 security update
1.2.20-7 - CVE-2017-1000061 - Related: 1472092 - Fix mis-applied patch hunk 1.2.20-6 - CVE-2017-1000061 - Resolves: 1472092...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.19.4 - l2tp: fix racy SOCKZAPPED flag check in l2tpip,6bind Guillaume Nault Orabug: 26586047 CVE-2016-10200 - xfs: fix two memory leaks in xfsattrlist.c error paths Mateusz Guzik Orabug: 26586022 CVE-2016-9685 - KEYS: Disallow keyrings beginning with '.' to be joined as...
Unbreakable Enterprise kernel security update
2.6.39-400.297.6 - l2tp: fix racy SOCKZAPPED flag check in l2tpip,6bind Guillaume Nault Orabug: 26586050 CVE-2016-10200 - xfs: fix two memory leaks in xfsattrlist.c error paths Mateusz Guzik Orabug: 26586024 CVE-2016-9685 - KEYS: Disallow keyrings beginning with '.' to be joined as session keyrin...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-94.5.9 - dentry name snapshots Al Viro Orabug: 26630936 CVE-2017-7533 4.1.12-94.5.8 - scsi: libiscsi: use kvzalloc for iscsipoolinit Kyle Fortin Orabug: 26621191 - mm: introduce kvmzalloc helpers Kyle Fortin Orabug: 26621191 - KEYS: Disallow keyrings beginning with '.' to be...
mercurial security update
2.6.2-8 - Fix CVE-2017-1000115 and CVE-2017-1000116...
git security update
1.7.1-9 - prevent command injection via malicious ssh URLs Resolves: CVE-2017-1000117...
groovy security update
1.8.9-8 - Fix Information disclosure vulnerability - Resolves: CVE-2016-6814...
git security update
1.8.3.1-12 - prevent command injection via malicious ssh URLs Resolves: CVE-2017-1000117...
httpd security update
2.4.6-67.0.1.el74.2 - replace index.html with Oracle's index page oracleindex.html 2.4.6-67.2 - Resolves: 1463194 - CVE-2017-3167 httpd: apgetbasicauthpw authentication bypass - Resolves: 1463197 - CVE-2017-3169 httpd: modssl NULL pointer dereference - Resolves: 1463207 - CVE-2017-7679 httpd:...
kernel security and bug fix update
3.10.0-693.1.1.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 3.10.0-693.1.1.el7.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update...
httpd security update
2.2.15-60.0.1.5 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-60.5 - Resolves: 1463194 - CVE-2017-3167 httpd: apgetbasicauthpw authentication bypass - Resolves: 1463197 - CVE-2017-3169 httpd: modssl NULL pointer dereference - Resolves: 1463207 ...
kernel security and bug fix update
3.10.0-693.1.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.1.1 - fs dentry name snapshots Miklos Szeredi 1471131 1470403 CVE-2017-7533 -...
spice security update
0.12.8-2.1 - Redo build properly versioned as a zstream build Related: CVE-2017-7506 0.12.8-3 - Prevent potential buffer/integer overflows with invalid MonitorsConfig messages sent from an authenticated client Resolves: CVE-2017-7506...
subversion security update
1.7.14-11 - add security fix for CVE-2017-9800...
kernel security, bug fix, and enhancement update
...
firefox security update
52.3.0-3.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Force requirement of newer gdk-pixbuf2 to ensure a proper update Todd Vierling orabug 19847484 52.3.0-3 - Fix for rhbz1470294 - bundling newer libffi for ppc platforms 52.3.0-2 - Update to 52.3.0 ESR b2...
libsoup security update
2.56.0-4 - Fix chunked decoding buffer overrun CVE-2017-2885 rh 1479322...
evince security update
3.22.1-5.2 - Related: 1469528 ensure .desktop file is still valid 3.22.1-5.1 + Fix arbitrary code execution via filename in tar-compressed comics archive - Resolves: 1469528...
java-1.7.0-openjdk security update
1:1.7.0.151-2.6.11.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.151-2.6.11.0 - Bump to 2.6.11 and u151b00. - Update java-access-bridge-security.patch to apply against 2.6.11. - Apply fix for 8185716 so ppc uses correct insencode format - Resolves: rhbz1466509...
glibc security update
2.17-196 - Avoid large allocas in the dynamic linker 1452721 2.17-195 - Rounding issues on POWER 1457177 2.17-194 - Use a built-in list of system call names 1439165 2.17-193 - Inhibit FMA while compiling sqrt, pow 1413638 2.17-192 - Exclude lock elision support for older Intel hardware with Intel...
pki-core security update
10.4.1-11 - Resolves: rhbz 1469432 - - RHEL 7.4: - - Bugzilla Bug 1469432 - CMC plugin default change - Resolves CVE-2017-7537 - Fixes BZ 1470948...
qemu-kvm security update
1.5.3-141.el74.1 - kvm-qemu-nbd-Ignore-SIGPIPE.patch bz1468107 - Resolves: bz1468107 CVE-2017-10664 qemu-kvm: Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort rhel-7.4.z...
freeradius security update
3.0.13-8 - Avoid misinterpreting zero-size malloc in data2vpextended fix. - Related: Bug1469414 CVE-2017-10984 freeradius: Out-of-bounds write in data2vpwimax 3.0.13-7 - Resolves: Bug1469409 CVE-2017-10978 freeradius: Out-of-bounds read/write due to improper output buffer size check in makesecret...
log4j security update
0:1.2.17-16 - Fix socket receiver deserialization vulnerability - Resolves: CVE-2017-5645...
golang security, bug fix, and enhancement update
1.8.3-1 - bump to 1.8.3 - fix CVE-2017-8932 - Resolves: rhbz1452616, rhbz1452241, rhbz1457169, rhbz1448346...
NetworkManager and libnl3 security, bug fix and enhancement update
NetworkManager 1:1.8.0-9 - device: don't change MTU unless explicitly configured rh 1460760 - core: don't remove external IPv4 addresses rh 1459813 1:1.8.0-8 - cli: fix output of iface in overview output rh1460219 - ppp: unexport NMPPPManager instance on dispose rh1459579 - cli: remove spurious...