9184 matches found
kernel security, bug fix, and enhancement update
3.10.0-514.16.1.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.17.5 - block: fix use-after-free in seq file Vegard Nossum Orabug: 25877530 CVE-2016-7910...
Unbreakable Enterprise kernel security update
2.6.39-400.294.7 - udp: properly support MSGPEEK with truncated buffers Eric Dumazet Orabug: 25874741 CVE-2016-10229 - block: fix use-after-free in seq file Vegard Nossum Orabug: 25877531 CVE-2016-7910...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.34 - uek-rpm: enable CONFIGKSPLICE. Jamie Iles Orabug: 25698171 - ksplice: add sysctls for determining Ksplice features. Jamie Iles Orabug: 25698171 - signal: protect SIGNALUNKILLABLE from unintentional clearing. Jamie Iles Orabug: 25698171 - KVM: x86: fix emulation of 'MOV...
kernel security, bug fix, and enhancement update
3.10.0-514.16.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.16.1 - tty nhdlc: get rid of racy nhdlc.tbuf 'Herton R. Krzesinski' 1429919...
util-linux security and bug fix update
2.23.2-33.0.1.el7u3.2 - fix Oracle bug 23001516 - backport lscpu: correct the Virtualization type on Xen DomU PV guest - Reviewed-by: Joe Jin 2.23.2-33.el73.2 fix CVE-2017-2616 - Sending SIGKILL to other processes with root privileges via su 2.23.2-33.el73.1 - fix 1405238 - findmnt --target...
libreoffice security and bug fix update
1:5.0.6.2-5.0.1.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.0.6.2-5.1 - Resolves: rhbz1435534 CVE-2017-3157 Arbitrary file disclosure in Calc and Writer 1:5.0.6.2-5 - Resolves:...
httpd security and bug fix update
2.4.6-45.0.1.4 - replace index.html with Oracle's index page oracleindex.html 2.4.6-45.4 - Resolves: 1396197 - Backport: modproxywstunnel - AH02447: err/hup on backconn 2.4.6-45.3 - prefork: fix delay completing graceful restart 1327624 - modldap: fix authz regression, failing to rebind 1415257...
tomcat security update
0:7.0.69-11 - Resolves: rhbz1413591 CVE-2016-8745 tomcat: information disclosure due to incorrect Processor sharing - Resolves: rhbz1402662 CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests...
389-ds-base security and bug fix update
1.3.5.10-20 - Bump version to 1.3.5.10-20 - Resolves: bug 1437005 - CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages 1.3.5.10-19 - Release 1.3.5.10-19 - Resolves: bug 1429495 - ns-slapd dies under heavy load - Resolves: bug 1429498 - A filtered nsrole that specifies an empty nsro...
kernel security and bug fix update
2.6.32-696.1.1 - block fix use-after-free in seq file Denys Vlasenko 1418548 1418549 CVE-2016-7910 - firmware Replacing the chelsio firmware t4,t5fw-1.15.37.0 Sai Vemuri 1433865 1425749 - kernel genirq: Avoid taking sparseirqlock for non-existent irqs Dave Wysochanski 1428106 1360930 - tty nhdlc:...
389-ds-base security and bug fix update
1.2.1.11.15-91 - Release 1.2.11.15-91 - Resolves: bug 1437777 - EMBARGOED CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages 1.2.11.15-90 - Release 1.2.11.15-90 - Resovles: 1435365 - Unable to dereference unqiemember attribute because it is dn UID not dn syntax...
Unbreakable Enterprise kernel security update
2.6.39-400.294.6 - RHEL: complement upstream workaround for CVE-2016-10142. Quentin Casasnovas Orabug: 25765786 CVE-2016-10142 CVE-2016-10142 2.6.39-400.294.5 - net: ping: check minimum size on ICMP header length Kees Cook Orabug: 25766914 CVE-2016-8399 - ipv6: stop sending PTB packets for MTU 12...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.33 - Revert 'x86/mm: Expand the exception table logic to allow new handling options' Brian Maly Orabug: 25790387 CVE-2016-9644 - Revert 'fix minor infoleak in getuserex' Brian Maly Orabug: 25790387 CVE-2016-9644 4.1.12-61.1.32 - x86/mm: Expand the exception table logic to...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.17.4 - Revert 'fix minor infoleak in getuserex' Brian Maly Orabug: 25790392 CVE-2016-9644 3.8.13-118.17.3 - net: ping: check minimum size on ICMP header length Kees Cook Orabug: 25766911 CVE-2016-8399 3.8.13-118.17.2 - ipv6: stop sending PTB packets for MTU 1280 Hagen Paul...
curl security update
7.19.7-53 - treat Negotiate authentication as connection-oriented CVE-2017-2628...
tigervnc security and bug fix update
1.1.0-24 - Proper global init/deinit of GnuTLS Resolves: bz1418946 1.1.0-23 - Fix buffer overflow in FullFramePixelBuffer::fillRect Resolves: bz1416289 1.1.0-22 - Fix buffer overflow in FullFramePixelBuffer::fillRect Resolves: bz1416289 1.1.0-21 - Enable DRI2 and DRI3 Resolves: bz1323065 1.1.0-20...
gnutls security, bug fix, and enhancement update
2.12.23-21 - Upgraded to 2.12.23 to incorporate multiple TLS 1.2 fixes 1326389, 1326073, 1323215, 1320982, 1328205, 1321112 - Modified gnutls-serv to accept --sni-hostname 1333521 - Modified gnutls-serv to always reply with an alert message 1327656 - Removed support for DSA2 as it causes...
quagga security and bug fix update
0.99.15-14 - Resolves: 1416013 - CVE-2017-5495 quagga: Telnet interface input buffer allocates unbounded amounts of memory 0.99.15-13 - fix path of ripd pid file 842308 0.99.15-12 - fix start function in watchqugga initscript 862826, 1208617 0.99.15-11 - fix for CVE-2013-2236 1391918 - fix for...
samba security and bug fix update
3.6.23-41.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 18253258 3.6.23-41 - resolves: 1413672 - Auth regression after secret changed 3.6.23-40 - resolves: 1405356 - CVE-2016-2125 CVE-2016-2126 3.6.23-39 - resolves: 1297805 - Fix issues with printer unpublishing...
coreutils security and bug fix update
8.4-46.0.1 - clean up empty file if cp is failed Orabug 15973168 8.4-46 - pure rebuild to bring back support for aclextendedfilenofollow on x8664 8.4-45 - su: deny killing other processes with root privileges CVE-2017-2616 8.4-44 - fix the functionality of 'sort -h -k ...' in multi-byte locales...
qemu-kvm security and bug fix update
0.12.1.2-2.503.el6 - kvm-cirrus-fix-patterncopy-checks.patch bz1420487 bz1420489 - kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch bz1420487 bz1420489 - kvm-cirrus-add-blitisunsafe-call-to-cirrusbitbltcput.patch bz1420487 bz1420489 - Resolves: bz1420487 EMBARGOED CVE-2017-2620...
openssh security and bug fix update
5.3p1-122 - Allow to use ibmca crypto hardware 1397547 - CVE-2015-8325: privilege escalation via user's PAM environment and UseLogin=yes 1405374 5.3p1-121 - Fix missing hmac-md5-96 from server offer 1373836 5.3p1-120 - Prevent infinite loop when Ctrl+Z pressed at password prompt 1218424 - Remove...
glibc security update
2.12-1.209.0.1 - Update newmode size to fix a possible corruption 2.12-1.209 - Fix AFINET6 getaddrinfo with nscd 1416496 2.12-1.208 - Update tests for struct sockaddrstorage changes 1338673 2.12-1.207 - Use FLCLOEXEC in internal calls to fopen 1012343. 2.12-1.206 - Fix CVE-2015-8779 glibc:...
bash security and bug fix update
4.1.2-48 - Fix signal handling in read builtin Resolves: 1421926 4.1.2-47 - CVE-2016-9401 - Fix crash when '-' is passed as second sign to popd Resolves: 1396383 4.1.2-46 - CVE-2016-7543 - Fix for arbitrary code execution via SHELLOPTS+PS4 variables Resolves: 1379630 4.1.2-45 - CVE-2016-0634 - Fi...
glibc security and bug fix update
2.12-1.209.0.1 - Update newmode size to fix a possible corruption 2.12-1.209 - Fix AFINET6 getaddrinfo with nscd 1416496 2.12-1.208 - Update tests for struct sockaddrstorage changes 1338673 2.12-1.207 - Use FLCLOEXEC in internal calls to fopen 1012343. 2.12-1.206 - Fix CVE-2015-8779 glibc:...
ocaml security update
3.11.2-5 - Enable execshield stack protection on ppc/ppc64 572826 related: rhbz1343082 - Fix strict-aliasing warnings in build 990540. 3.11.2-3 - Fix buffer overflow and information leak CVE-2015-8869 resolves: rhbz1343082...
libguestfs security and bug fix update
1:1.20.11-20 - inspection: fix detection of /usr in separate partition resolves: rhbz1388407 1:1.20.11-19 - libguestfs-java: bump the java Require to = 1.7.0, matching the Build-Require, and the generated bytecode resolves: rhbz1319086 1:1.20.11-18 - Fix buffer overflow and information leak...
kernel security, bug fix, and enhancement update
2.6.32-696.OL6 - Update genkey bug 25599697 2.6.32-696 - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic Sowa 1424628 CVE-2017-6074 2.6.32-695 - block nvme: Dont poll device being removed David Milburn 1422521 2.6.32-694 - fs posixacl: Clear SGID bit when setting file...
samba4 security and bug fix update
4.2.10-9 - resolves: 1405358 - CVE-2016-2125 CVE-2016-2126 4.2.10-8 - Synchronize patches for Samba 4.2.10 with RHEL 7.2.z - Resolves: 1383685 - Update samba4 to be on par with RHEL 7.2.z...
wireshark security and bug fix update
1.8.10-25.0.1 - Fix ocfs2 dissector John Haxby orabug 21505640 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.8.10-25 - rebuilt 1.8.10-24 - Related: 1245887 - segfault with CVE-2013-4075 capture - valgrind error with CVE-2015-3812 capture 1.8.10-23 - Resolves: 12381...
icoutils security update
0.31.3-1 - Rebase to upstream version 0.31.3. - This version includes multiple security fixes CVE-2017-5208, CVE-2017-5333, CVE-2017-5332, CVE-2017-6009, CVE-2017-6010, CVE-2017-6011 resolves: rhbz1430610...
openjpeg security update
1.5.1-16 - Revert previous changes in patch for CVE-2016-5159 - Fix memory leaks Related: 1419772 1.5.1-15 - Add two more allocation checks to patch for CVE-2016-5159 Related: 1419772 1.5.1-14 - Fix CWE-825 errors in patch for CVE-2016-5158 Related: 1419772 1.5.1-13 - Add patches for CVE-2016-513...
openjpeg security update
1.3-16 - Revert previous changes in patch for CVE-2016-5159 - Fix double free in patch for CVE-2016-5139 - Fix memory leaks and invalid read in ciobytein Related: 1419775 1.3-15 - Add two more allocation checks to patch for CVE-2016-5159 Related: 1419775 1.3-14 - Add patches for CVE-2016-5139,...
firefox security update
52.0-5.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 52.0-5 - Added fix for mozbz1348168/CVE-2017-5428...
tomcat6 security update
0:6.0.24-105 - Related: rhbz1402664 CVE-2016-6816 Adding system property from asfbz-60594 to allow use of some un-encoded characters - Related: rhbz1402664 CVE-2016-6816 Resolving a security regression 2017-6056 caused by CVE-2016-6816 0:6.0.24-104 - Related: rhbz1402664 build. reverting...
thunderbird security update
45.8.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 45.8.0-1 - Update to 45.8.0...
firefox security update
52.0-4.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 52.0-4 - Update to 52.0 ESR b4 52.0-3 - Added fix for rhbz1423012 - ppc64 gfx crashes 52.0-2 - Enable system nss 52.0-1 - Update to 52.0ESR B1 - Build RHEL7 package for Gtk3 52.0-0.13 - Added fix for...
firefox security update
45.8.0-2.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.8.0-2 - Update to 45.8.0 ESR B2 45.8.0-1 - Update to 45.8.0 ESR 45.7.0-2 - Enabled ppc/s390 arches rhbz1418765...
kvm security update
83-277.0.1.el511 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch 83-277.el511 - kvm-Fix-hardware-accelerated-video-to-video-copy-on-Cirr.patch bz1421564 - kvm-cirrusvga-fix-division-by-0-for-color-expansion-rop.patch bz1421564 -...
kernel security, bug fix, and enhancement update
3.10.0-514.6.10.0.1.el7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...
qemu-kvm security and bug fix update
1.5.3-126.el73.5 - kvm-cirrus-fix-patterncopy-checks.patch bz1420490 - kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch bz1420490 - kvm-cirrus-add-blitisunsafe-call-to-cirrusbitbltcput.patch bz1420490 - Resolves: bz1420490 EMBARGOED CVE-2017-2620 qemu-kvm: Qemu: display: cirrus:...
ipa security and bug fix update
4.4.0-14.0.1.el73.6 - Blank out header-logo.png product-name.png Replace login-screen-logo.png 20362818 4.4.0-14.6 - Resolves: 1416488 replication race condition prevents IPA to install - waitforentry: use only DN as parameter - Wait until HTTPS principal entry is replicated to replica - Use prop...
kernel security, bug fix, and enhancement update
3.10.0-514.10.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.10.2 - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes...
qemu-kvm security update
0.12.1.2-2.491.el68.7 - kvm-cirrus-fix-patterncopy-checks.patch bz1420486 bz1420488 - kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch bz1420486 bz1420488 - kvm-cirrus-add-blitisunsafe-call-to-cirrusbitbltcput.patch bz1420486 bz1420488 - Resolves: bz1420486 EMBARGOED CVE-2017-2620...
kernel security update
kernel - 2.6.18-419.0.0.0.1 - netfront fix ring buffer index go back led vif stop orabug 18272251 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.16.4 - dccp: fix freeing skb too early for IPV6RECVPKTINFO Andrey Konovalov CVE-2017-6074...
Unbreakable Enterprise kernel security update
2.6.39-400.294.3 - dccp: fix freeing skb too early for IPV6RECVPKTINFO Andrey Konovalov Orabug: 25598277 CVE-2017-6074...
kernel security update
kernel 2.6.18-419 - net dccp: Use AF-independent rebuildheader routine Hannes Frederic Sowa 1424751 - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic Sowa 1424633 CVE-2017-6074 - redhat kernel.spec.template: disable autoloading for dccp proto Hannes Frederic Sowa 1425177...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.28 - dccp: fix freeing skb too early for IPV6RECVPKTINFO Andrey Konovalov Orabug: 25598257 CVE-2017-6074...