8998 matches found
Unbreakable Enterprise kernel security update
2.6.39-400.284.2 - Btrfs: fix truncation of compressed and inlined extents Divya Indi Orabug: 22307286 CVE-2015-8374 - Btrfs: fix file corruption and data loss after cloning inline extents Divya Indi Orabug: 22307286 CVE-2015-8374 - netfilter: xtables: make sure e-nextoffset covers remaining blob...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.11.2 - Btrfs: fix truncation of compressed and inlined extents Ashish Samant Orabug: 22307285 CVE-2015-8374 - Btrfs: fix file corruption and data loss after cloning inline extents Divya Indi Orabug: 22307285 CVE-2015-8374 - netfilter: xtables: make sure e-nextoffset covers...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.10 - netfilter: xtables: make sure e-nextoffset covers remaining blob size Florian Westphal Orabug: 24682076 CVE-2016-4997 CVE-2016-4998 - netfilter: xtables: validate e-targetoffset early Florian Westphal Orabug: 24682076 CVE-2016-4997 CVE-2016-4998 4.1.12-61.1.9 -...
firefox security update
45.4.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.4.0-1 - Update to 45.4.0 ESR...
kernel security, bug fix, and enhancement update
3.10.0-327.36.1.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.36.1 - x86 Use ptenone to test for empty PTE Larry Woodman 1363860 1347159 - x86 Disallow running with 32-bit PTEs to work around erratum Larry Woodman 1363860 1347159 - x86 Ignore A/D bits in pte/pmd/pudnone Alexander...
libarchive security update
2.8.3-7 - Fixes variation of CVE-2016-5418: Hard links could include '..' in their path. 2.8.3-6 - Fixes CVE-2016-5418: Archive Entry with type 1 hardlink causes file overwrite 1365774 2.8.3-5 - enable testsuite - CVE batch in summer 2016...
libarchive security update
3.1.2-10 - Fixes variation of CVE-2016-5418: Hard links could include '..' in their path. 3.1.2-9 - Fixes CVE-2016-5418: Archive Entry with type 1 hardlink causes file overwrite 1365777 3.1.2-8 - a bunch of security fixes rhbz1353065...
ntp security update
4.2.6p5-10.0.1.el68.1 - add disable monitor to default ntp.conf CVE-2013-5211...
ntp security update
4.2.6p5-22.0.1.el72.2 - add disable monitor to default ntp.conf CVE-2013-5211...
thunderbird security update
45.3.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 45.3.0-1 - Update to 45.3.0...
ipa security update
3.0.0-50.el6.2 - Resolves: 1351593 CVE-2016-5404 ipa: Insufficient privileges check in certificate revocation - cert-revoke: fix permission check bypass CVE-2016-5404...
java-1.6.0-openjdk security update
1:1.6.0.40-1.13.12.4.0.1 - Add oracle-enterprise.patch 1:1.6.0.40-1.13.12.4 - Bump source tarballs to try and really fix TCK failures this time. - Resolves: rhbz1350043 1:1.6.0.40-1.13.12.3 - Bump source tarballs to missing -DNDEBUG on JDK native code. - Resolves: rhbz1350043 1:1.6.0.40-1.13.12.2...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.6 - blk-mq: avoid setting hctx-tags-cpumask before allocation Akinobu Mita Orabug: 24464170 4.1.12-61.1.3 - ocfs2: improve recovery performance Junxiao Bi Orabug: 24395729 - qed: Utilize FW 8.10.3.0 Yuval Mintz Orabug: 24442553 - blk-mq: mark request queue as mq asap Ming L...
kernel security and bug fix update
2.6.32-642.4.2 - net tcp: make challenge acks less predictable Florian Westphal 1355606 1355607 CVE-2016-5696 2.6.32-642.4.1 - ipmi Remove smimsg from waitingrcvmsgs list before handleonerecvmsg David Arcari 1355980 1347189 - fs ext4: Remove useless spinlock in ext4getattr Lukas Czerner 1355981...
python security update
2.6.6-66.0.1 - Add Oracle Linux distribution in platform.py orabug 21288328 Keshav Sharma 2.6.6-66 - Fix for CVE-2016-1000110 HTTPoxy attack Resolves: rhbz1359161 2.6.6-65 - Fix for CVE-2016-0772 python: smtplib StartTLS stripping attack rhbz1303647 Raise an error when STARTTLS fails upstream pat...
kernel security and bug fix update
3.10.0-327.28.3.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.28.3 - net tcp: enable per-socket rate limiting of all 'challenge acks' Florian Westphal 1355603 1355605 CVE-2016-5696 - net tcp: uninline tcpoowratelimited Florian Westphal 1355603 1355605 CVE-2016-5696 - net tcp: make...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-37.6.3 - tcp: make challenge acks less predictable Eric Dumazet Orabug: 24010103 Orabug: 2401010 CVE-2016-5696...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.10.2 - tcp: make challenge acks less predictable Eric Dumazet Orabug: 24010012 Orabug: 2401010 CVE-2016-5696 3.8.13-118.10.1 - ocfs2: call ocfs2journalaccessdi before ocfs2journaldirty in ocfs2writeendnolock yangwenfang Orabug: 19601200 - ocfs2: improve recovery performance...
php security and bug fix update
5.4.16-36.3 - don't set environmental variable based on user supplied Proxy request header CVE-2016-5385 5.4.16-36.2 - fix segmentation fault in headerregistercallback 1346758...
php security update
5.3.3-48 - don't set environmental variable based on user supplied Proxy request header CVE-2016-5385...
qemu-kvm security update
1.5.3-105.el72.7 - kvm-block-iscsi-avoid-potential-overflow-of-acb-task-cdb.patch bz1358996 - Resolves: bz1358996 CVE-2016-5126 qemu-kvm: Qemu: block: iscsi: buffer overflow in iscsiaioioctl rhel-7.2.z 1.5.3-105.el72.6 - kvm-virtio-error-out-if-guest-exceeds-virtqueue-size.patch bz1359728 -...
mariadb security update
1:5.5.50-1 - Rebase to 5.5.50 Resolves: 1359628...
qemu-kvm security update
0.12.1.2-2.491.el68.3 - kvm-virtio-error-out-if-guest-exceeds-virtqueue-size.patch bz1359724 - Resolves: bz1359724 EMBARGOED CVE-2016-5403 qemu-kvm: Qemu: virtio: unbounded memory allocation on host via guest leading to DoS rhel-6.8.z 0.12.1.2-2.491.el68.2 - kvm-vga-add-srvbe-register-set.patch...
squid security update
7:3.1.23-16.6 - Resolves: 1359204 - CVE-2016-5408 squid: Buffer overflow vulnerability in cachemgr.cgi tool...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-37.6.2 - KEYS: potential uninitialized variable Dan Carpenter Orabug: 24393865 CVE-2016-4470 - ovl: fix permission checking for setattr Miklos Szeredi Orabug: 24393742 CVE-2015-8660...
Unbreakable Enterprise kernel security update
2.6.39-400.283.2 - KEYS: potential uninitialized variable Dan Carpenter Orabug: 24393863 CVE-2016-4470...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.9.2 - KEYS: potential uninitialized variable Dan Carpenter Orabug: 24393864 CVE-2016-4470...
firefox security update
45.3.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.3.0-1 - Update to 45.3.0 ESR 45.2.0-3 - Added fix for mozbz256180 45.2.0-2 - Added fix for mozbz975832, rhbz1343202...
golang security, bug fix, and enhancement update
1.6.3-1 - Resolves: rhbz1358278 - CVE-2016-5386 1.6.2-1 - rebase to 1.6.2 - Resolves: rhbz1346331...
libtiff security update
3.9.4-18 - Update patch for CVE-2014-8127 - Related: 1335099 3.9.4-17 - Fix patches for CVE-2016-3990 and CVE-2016-5320 - Related: 1335099 3.9.4-16 - Add patches for CVEs: - CVE-2016-3632 CVE-2016-3945 CVE-2016-3990 - CVE-2016-3991 CVE-2016-5320 - Related: 1335099 3.9.4-15 - Update patch for...
kernel security and bug fix update
3.10.0-327.28.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.28.2 - net bridge: include in6.h in ifbridge.h for struct in6addr Jiri Benc 1331285 1268057 - net inet: defines IPPROTO needed for module alias generation Jiri Benc 1331285 1268057 - net sync some IP headers with glibc Jir...
libtiff security update
4.0.3-25 - Add patches for CVEs: CVE-2015-7554, CVE-2015-8683, CVE-2015-8665, CVE-2015-8781, CVE-2015-8782, CVE-2015-8783, CVE-2015-8784 - Related: 1299920 4.0.3-24 - Update patches for CVEs: CVE-2014-8127, CVE-2014-8130 - Related: 1299920 4.0.3-23 - Update patches: CVE-2014-9330, CVE-2014-8127,...
Unbreakable Enterprise kernel security update
2.6.39-400.283.1 - atl2: Disable unimplemented scatter/gather feature Ben Hutchings Orabug: 23703990 CVE-2016-2117 - mlx4core: add module parameter to disable background init Mukesh Kacker Orabug: 23292107 - NFSv4: Don't decode fslocations if we didn't ask for them... Trond Myklebust Orabug:...
kernel-uek security update
kernel-uek 4.1.12-37.6.1 - vfs: rename: check backing inode being equal Miklos Szeredi Orabug: 24010060 CVE-2016-6198 CVE-2016-6197 - vfs: add vfsselectinode helper Miklos Szeredi Orabug: 24010060 CVE-2016-6198 CVE-2016-6197 - ovl: verify upper dentry before unlink and rename Miklos Szeredi Orabu...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.9.1 - mlx4: Increase SYNCTPT command timeout Mukesh Kacker Orabug: 22895790 - neigh: do not modify unlinked entries Julian Anastasov Orabug: 23072705 - mm/slab: Improve performance of slabinfo stats gathering Aruna Ramakrishna Orabug: 23720437 - atl2: Disable unimplemented...
java-1.7.0-openjdk security update
1:1.7.0.111-2.6.7.1.0.1 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Oracle Linux' 1:1.7.0.111-2.6.7.1 - Bump to jdk7u111 b01 to fix TCK regressions 7081817 & 8162344 - Resolves: rhbz1350038 1:1.7.0.111-2.6.7.0 - Bump to 2.6.7 and u111b00. - Update SystemTap bundle with fix for...
samba security and bug fix update
4.2.10-7 - resolves: 1351960 - Fix CVE-2016-2119 4.2.10-6.3 - resolves: 1350759 - Fix idmaphash when used with other modules - resolves: 1351260 - Fix krb5 encryption type setup during join...
samba4 security update
4.2.10-7 - resolves: 1351957 - Fix CVE-2016-2119...
java-1.8.0-openjdk security update
1:1.8.0.101-3.b13 - Replace bad 8159244 patch from upstream 8u with fresh backport from OpenJDK 9. - Resolves: rhbz1350034 1:1.8.0.101-2.b13 - Add missing hunk from 8147771, missed due to inclusion of unneeded 8138811 - Resolves: rhbz1350034 1:1.8.0.101-1.b13 - Add workaround for a typo in the...
httpd security and bug fix update
2.4.6-40.0.1.4 - replace index.html with Oracle's index page oracleindex.html 2.4.6-40.4 - add security fix for CVE-2016-5387 2.4.6-40.3 - add 451 Unavailable For Legal Reasons response status-code 1353269 2.4.6-40.2 - modcache: treat cache as valid with changed Expires in 304 1347648...
httpd security update
2.2.3-92.0.1 - Add the ability to read DH parameters from the first SSLCertificateFile John Haxby orabug 21671194 - fix modssl always performing full renegotiation Joe Jin orabug 12423387 - replace index.html with Oracle's index page oracleindex.html - update vstring and distro in specfile 2.2.3-...
kernel security and bug fix update
2.6.32-642.3.1 - infiniband security: Restrict use of the write interface Don Dutile 1332547 1332548 CVE-2016-4565 2.6.32-642.2.1 - sched Revert 'kernel: sched: Cure load average vs NOHZ woes' Rafael Aquini 1343015 1326373 - sched Revert 'kernel: sched: Cure more NOHZ load average woes' Rafael...
thunderbird security update
45.2-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 45.2-1 - Update to 45.2 45.1.1-1 - Update to 45.1.1 45.1.0-5 - Do not add symlinks to some langpacks 45.1.0-4 - Update to 45.1.0 45.0-5 - Update to 45.0...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.18uek - IB/security: Restrict use of the write interface Jason Gunthorpe Orabug: 23641666 CVE-2016-4565...
libxml2 security update
2.9.1-6.0.1.3 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball libxml2-2.9.1-6.3 - Heap-based buffer overread in xmlNextChar CVE-2016-1762 - Bug 763071: Heap-buffer-overflow in xmlStrncat CVE-2016-1834 - Bug 757711: Heap-buffer-overflow in...
kernel security and bug fix update
3.10.0-327.22.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.22.2 - infiniband security: Restrict use of the write interface Don Dutile 1332553 1316685 CVE-2016-4565 3.10.0-327.22.1 - mm mmunotifier: fix memory corruption Jerome Glisse 1335727 1307042 - misc cxl: Increase timeout...
setroubleshoot and setroubleshoot-plugins security update
setroubleshoot 3.2.24-4.0.1 - Add setroubleshoot-oracle-enterprise.patch to change bug reporting URL to linux.oracle.com 3.2.24-4 - Catch all subprocess module exceptions 3.2.24-3 - Use subprocess.checkoutput with a sequence of program arguments 3.2.24-2 - Do not use dangerous shell=True...
ocaml security update
4.01.0-22.7 - Fix buffer overflow and information leak CVE-2015-8869 resolves: rhbz1343100...
setroubleshoot and setroubleshoot-plugins security update
setroubleshoot 3.0.47-12.0.1 - Add setroubleshoot-oracle-enterprise.patch to change bug reporting URL to linux.oracle.com 3.0.47-12 - Don't use command.getoutput Resolves: CVE-2016-4445 setroubleshoot-plugins 3.0.40-3.1.0.1 - Add setroubleshoot-plugins-oracle-enterprise.patch 3.0.40-3.1 - Don't u...
openssl security update
0.9.8e-40.0.2 - CVE-2016-0799 - Fix memory issues in BIOprintf functions - CVE-2016-2105 - Avoid overflow in EVPEncodeUpdate - CVE-2016-2106 - Fix encrypt overflow - CVE-2016-2109 - Harden ASN.1 BIO handling of large amounts of data...