8998 matches found
ImageMagick security update
6.7.2.7-5 - Add fix for CVE-2016-3714, CVE-2016-3715, CVE-2016-3716 and CVE-2016-3717...
openssl-fips security update
1.0.1t-2.0.1 - update to upstream 1.0.1t - Original 1.0.1 test certificates has expired on May 10, 2016. Updated certificatea were copied from 1.0.2h tree [email protected]...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.7.1 - megaraidsas : Update threshold based reply post host index register [email protected] Orabug: 23562756 - xen/events: Don't move disabled irqs Ross Lagerwall Orabug: 23055234 - xen/events: Mask a moving irq Boris Ostrovsky Orabug: 23055234 - xen/pciback: Save t...
Unbreakable Enterprise kernel security update
2.6.39-400.280.1 - Fix cpu bootup stall with large cpu count Zhenzhong Duan Orabug: 23481040 - megaraidsas : Update threshold based reply post host index register [email protected] Orabug: 23536267 2.6.39-400.279.1 - IPoIB: increase send queue size to 4 times Ajaykumar Hotchandani Orabug...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-37.5.1 - sched/core: Clear the rootdomain cpumasks in initrootdomain Xunlei Pang Orabug: 23520741 - ocfs2: bump up o2cb network protocol version Junxiao Bi Orabug: 23515810 - IB/security: Restrict use of the write interface Jason Gunthorpe Orabug: 23283954 CVE-2016-4565...
firefox security update
45.2.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.2.0-1 - Update to 45.2.0 ESR 45.1.1-2 - Added fix for mozbz1270046 - new Samba auth response...
spice security update
0.12.4-15.1 - Fix heap-based memory corruption within smartcard handling Resolves: CVE-2016-0749 - Fix host memory access from guest with invalid primary surface parameters Resolves: CVE-2016-2150...
spice-server security update
0.12.4-13.1 - Fix heap-based memory corruption within smartcard handling Resolves: CVE-2016-0749 - Fix host memory access from guest with invalid primary surface parameters Resolves: CVE-2016-2150...
ntp security update
4.2.6p5-10.el68.1 - don't allow spoofed packets to demobilize associations CVE-2015-7979, CVE-2016-1547 - don't allow spoofed packet to enable symmetric interleaved mode CVE-2016-1548 - check mode of new source in config command CVE-2016-2518 - make MAC check resilient against timing attack...
squid34 security update
7:3.4.14-9.3 - Resolves: 1334499 - CVE-2016-4554 CVE-2016-4555 CVE-2016-4556 squid34: various flaws - Resolves: 1334506 - CVE-2016-4553 squid34: squid: Cache poisoning issue in HTTP Request handling 7:3.4.14-9.2 - Related: 1330574 - CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 squid34:...
squid security update
7:3.3.8-26.3 - Related: 1330576 - CVE-2016-4553 squid: Cache poisoning issue in HTTP Request handling - Related: 1334491 - CVE-2016-4554 CVE-2016-4555 CVE-2016-4556 squid: various flaws 7:3.3.8-26.2 - Related: 1330576 - CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 squid: various flaws...
openssl security update
0.9.8e-40.0.1 - To disable SSLv2 client connections create the file /etc/sysconfig/openssl-ssl-client-kill-sslv2 John Haxby orabug 21673934 - Backport openssl 08-Jan-2015 security fixes John Haxby orabug 20409893 - fix CVE-2014-3570 - Bignum squaring may produce incorrect results - fix...
squid security update
7:3.1.23-16.4 - Related: 1334489 - CVE-2016-4554 CVE-2016-4556 squid: various flaws 7:3.1.23-16.3 - Resolved: 1334489 - CVE-2016-4554 CVE-2016-4556 squid: various flaws - Related: 1330572 - CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 squid: various flaws 7:3.1.23-16.2 - Related: 13305...
docker-engine security update
1.10.3-1.0.3 - CVE-2016-3697: docker: Potential privilege escalation via confusion of usernames and UIDs orabug 23279003...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.17 - net: add validation for the socket syscall protocol argument Hannes Frederic Sowa Orabug: 23267965 CVE-2015-8543 CVE-2015-8543 - ext4: Fix null dereference in ext4fillsuper Ben Hutchings Orabug: 23263398 CVE-2015-8324 CVE-2015-8324 - ipv6: addrconf: validate new MTU...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.6.2 - KEYS: Fix ASN.1 indefinite length object parsing This fixes CVE-2016-0758. David Howells Orabug: 23279020 CVE-2016-0758 - net: add validation for the socket syscall protocol argument Hannes Frederic Sowa Orabug: 23267997 CVE-2015-8543 CVE-2015-8543 - ipv6: addrconf:...
Unbreakable Enterprise kernel security update
2.6.39-400.278.3 - net: add validation for the socket syscall protocol argument Hannes Frederic Sowa Orabug: 23267976 CVE-2015-8543 CVE-2015-8543 - ipv6: addrconf: validate new MTU before applying it Marcelo Leitner Orabug: 23263251 CVE-2015-8215 - ext4: avoid hang when mounting non-journal...
libndp security update
1.2-6 - libndp: fix hop limit validation CVE-2016-3698 1.2-5 - libndp: validate the IPv6 hop limit CVE-2016-3698 - libndb: reject redirect and router advertisements from non-link-local CVE-2016-3698...
qemu-kvm security update
0.12.1.2-2.491.el68.1 - kvm-Add-vga.h-unmodified-from-Linux.patch bz1331407 - kvm-vga.h-remove-unused-stuff-and-reformat.patch bz1331407 - kvm-vga-use-constants-from-vga.h.patch bz1331407 - kvm-vga-Remove-some-should-be-done-in-BIOS-comments.patch bz1331407 -...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-37.3.1 - KEYS: Fix ASN.1 indefinite length object parsing This fixes CVE-2016-0758. David Howells Orabug: 23279022 CVE-2016-0758 - uek-rpm: ol6: revert DRM for experimental or OL6-incompatible drivers Todd Vierling Orabug: 23270829 - unix: properly account for FDs passed over un...
kernel security, bug fix, and enhancement update
2.6.32-642 - scsi fc: revert - ensure scanwork isnt active when freeing fcrport Ewan Milne 1326447 - netdrv ixgbe: Update ixgbe driver to use netdevpicktx in ixgbeselectqueue John Greene 1310749 - netdrv mlx5e: Fix adding vlan rule with vid zero twice Kamal Heib 1322809 2.6.32-641 - netdrv ixgbe:...
openssl security update
1.0.1e-48.1 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when readi...
kernel security and bug fix update
3.10.0-327.18.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.18.2 - lib keys: Fix ASN.1 indefinite length object parsing David Howells 1308814 1308815 CVE-2016-0758 3.10.0-327.18.1 - scsi bnx2fc: Fix FCP RSP residual parsing Maurizio Lombardi 1322279 1306342 - mm madvise: fix...
icedtea-web security, bug fix, and enhancement update
1.6.2-1 - updated to 1.6.2 - fixed also rhbz1303437 - package owns /etc/bashcompletion.d but it should not own it - Resolves: rhbz1275523 1.6.1-4 - updated to 1.6.1 - Resolves: rhbz1275523...
ntp security and bug fix update
4.2.6p5-10 - don't accept server/peer packets with zero origin timestamp CVE-2015-8138 - fix crash with reslist command CVE-2015-7977, CVE-2015-7978 4.2.6p5-9 - fix crash with invalid logconfig command CVE-2015-5194 - fix crash when referencing disabled statistic type CVE-2015-5195 - don't hang i...
thunderbird security update
38.8.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 38.8.0-2 - Update to 38.8.0...
openssh security, bug fix, and enhancement update
5.3p1-117 - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317817 5.3p1-116 - Restore functionallity of pamsshagentauth in FIPS mode 1278315 - Initialize devicesdone variable for challenge response 1281468 - Update behaviour of X11 forwarding to match upstream 1299048 5.3p1-115 ...
file security, bug fix, and enhancement update
5.04-30 - fix CVE-2014-3538 unrestricted regular expression matching 5.04-29 - fix 1284826 - try to read ELF header to detect corrupted one 5.04-28 - fix 1263987 - fix bugs found by coverity in the patch 5.04-27 - fix CVE-2014-3587 incomplete fix for CVE-2012-1571 - fix CVE-2014-3710 out-of-bound...
openssl security update
1.0.1e-48.1 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when readi...
pcre security update
8.32-15.1 - Fix CVE-2015-2328 infinite recursion compiling pattern with recursive reference in a group with indefinite repeat bug 1330508 - Fix CVE-2015-8385 buffer overflow caused by named forward reference to duplicate group number bug 1330508 - Fix CVE-2015-8386 buffer overflow caused by...
qemu-kvm security update
1.5.3-105.el72.4 - kvm-vga-Remove-some-should-be-done-in-BIOS-comments.patch bz1331412 - kvm-vga-fix-banked-access-bounds-checking-CVE-2016-3710.patch bz1331412 - kvm-vga-add-vbeenabled-helper.patch bz1331412 - kvm-vga-factor-out-vga-register-setup.patch bz1331412 -...
openssl security update
1.0.1e-51.5 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when readi...
openssl security update
1.0.1e-51.5 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when readi...
java-1.6.0-openjdk security update
1:1.6.0.39-1.13.11.0 - Update to IcedTea 1.13.11 & OpenJDK 6 b39. - Resolves: rhbz1325432...
ImageMagick security update
6.7.2.7-4 - Add fix for CVE-2016-3714, CVE-2016-3715, CVE-2016-3716 and CVE-2016-3717...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-37.2.2 - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222731 CVE-2015-8767...
Unbreakable Enterprise kernel security update
2.6.39-400.278.2 - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222773 CVE-2015-8767...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.16uek - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222781 CVE-2015-8767...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.6.1 - skbuff: skbsegment: orphan frags before copying Dongli Zhang Orabug: 23018911 - RDS/IB: VRPC DELAY / OSS RECONNECT CAUSES 5 MINUTE STALL ON PORT FAILURE Venkat Venkatsubra Orabug: 22888920 - mlx4core: Introduce restrictions for PD update Ajaykumar Hotchandani - filenam...
kernel security, bug fix, and enhancement update
2.6.32-573.26.1 - kernel revert 'sched: core: Use hrtimerstartexpires' Jiri Olsa 1326043 1324318 - kernel Revert 'Cleanup bandwidth timers' Jiri Olsa 1326043 1324318 - kernel revert 'fair: Test list head instead of list entry in throttlecfsrq' Jiri Olsa 1326043 1324318 - kernel revert 'sched, per...
mercurial security update
2.6.2-6 - fix previous patch for CVE-2016-3069 2.6.2-5 - Fix CVE-2016-3068 and CVE-2016-3069...
firefox security update
45.1.0-1.0.1.el72 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.1.0-1 - Update to 45.1.0 ESR 45.0.2-1 - Update to 45.0.2 ESR 45.0.1-1 - Update to 45.0.1 ESR 45.0-5 - Fixed crashed after start rhbz1323744, rhbz1323738...
nss and nspr security, bug fix, and enhancement update
nspr 4.11.0-0.1 - Rebase to NSPR 4.11 - Resolves: Bug 1297943 - Rebase RHEL 5.11.z to NSPR 4.11 in preparation for Firefox 45 nss 3.21.0-6 - Fix SSLDHMINPBITS in more places. 3.21.0-5 - Keep SSLDHMINPBITS at 768 as in the previously released build. 3.21.0-4 - Run SSL tests 3.21.0-3 - Add...
nss, nspr, nss-softokn, and nss-util security, bug fix, and enhancement update
nspr 4.11.0-1 - Rebase to NSPR 4.11 nss 3.21.0-9.0.1 - Added nss-vendor.patch to change vendor 3.21.0-9 - Rebuild to require the latest nss-util build and nss-softokn build. 3.21.0-8 - Update the minimum nss-softokn build required at runtime. 3.21.0-7 - Delete duplicates from one table 3.21.0-6 -...
java-1.7.0-openjdk security update
1:1.7.0.101-2.6.6.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.101-2.6.6.1 - added Patch666 fontpath.patch to fix tck regressions - Resolves: rhbz1325425 1:1.7.0.101-2.6.6.0 - Fix ztos handling in templateTableppc64.cpp to be same as others in 7. - Resolves: rhbz1325425 1:1.7.0.101-2.6.6.0 - Bum...
java-1.7.0-openjdk security update
1:1.7.0.101-2.6.6.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.101-2.6.6.1 - added Patch666 fontpath.patch to fix tck regressions - Resolves: rhbz1325427 1:1.7.0.101-2.6.6.0 - Fix ztos handling in templateTableppc64.cpp to be same as others in 7. - Resolves: rhbz1325427 1:1.7.0.101-2.6.6.0 - Bum...
java-1.8.0-openjdk security update
1:1.8.0.91-0.b14 - Add additional fix to Zero patch to properly handle result on 64-bit big-endian - Resolves: rhbz1325422 1:1.8.0.91-0.b14 - Revert settings to production defaults so we can at least get a build. - Resolves: rhbz1325422 1:1.8.0.91-0.b14 - Switch to a slowdebug build to try and...
java-1.8.0-openjdk security update
1:1.8.0.91-1.b03 - Update to u91b14. - Resolves: rhbz1325420...
samba security update
3.6.23-30.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 18253258 3.6.23-30 - related: 1322686 - Update manpages 3.6.23-29 - related: 1322686 - Update CVE patchset 3.6.23-28 - related: 1322686 - Update manpages 3.6.23-27 - related: 1322686 - Update CVE patchset...
samba security update
3.0.33-3.41.el5 - Security Release 'BadLock' - resolves: CVE-2016-2110 - resolves: CVE-2016-2111...