9184 matches found
qemu-kvm security and bug fix update
0.12.1.2-2.491.el68.6 - kvm-cirrusvga-fix-division-by-0-for-color-expansion-rop.patch bz1418230 bz1419416 - kvm-cirrusvga-fix-off-by-one-in-blitregionisunsafe.patch bz1418230 bz1419416 - kvm-display-cirrus-check-vga-bits-per-pixel-bpp-value.patch bz1418230 bz1419416 -...
kernel security and bug fix update
2.6.32-642.15.1 - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic Sowa 1424626 1424628 CVE-2017-6074 2.6.32-642.14.1 - net sctp: validate chunk len before actually using it Hangbin Liu 1399456 1399457 CVE-2016-9555 - netdrv qlcnic: add wmb call in transmit data path Harish...
kernel security update
2.6.32-642.13.2 - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic Sowa 1424626 1424628 CVE-2017-6074...
kernel security update
3.10.0-514.6.2.0.1.el7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676...
kernel security update
3.10.0-514.6.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.6.2 - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic...
openssl security update
1.0.1e-60.1 - fix CVE-2017-3731 - DoS via truncated packets with RC4-MD5 cipher - fix CVE-2016-8610 - DoS of single-threaded servers via excessive alerts...
openssl security update
1.0.1e-48.4 - fix CVE-2017-3731 - DoS via truncated packets with RC4-MD5 cipher - fix CVE-2016-8610 - DoS of single-threaded servers via excessive alerts...
openssl security update
1.0.1e-48.4 - fix CVE-2017-3731 - DoS via truncated packets with RC4-MD5 cipher - fix CVE-2016-8610 - DoS of single-threaded servers via excessive alerts...
bind security update
32:9.9.4-38.2 - Fix CVE-2017-3135 ISC change 4557 - Fix and test caching CNAME before DNAME ISC change 4558...
java-1.7.0-openjdk security update
1:1.7.0.131-2.6.9.0.0.1 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Oracle Linux' 1:1.7.0.131-2.6.9.0 - Add blacklisted.certs to installation file list. - Resolves: rhbz1410612 1:1.7.0.131-2.6.9.0 - Bump to 2.6.9 and u131b00. - Remove patch application debris in fsg.sh. - Re-generate...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.16.3 - crypto: algifhash - Only export and import on sockets with data Herbert Xu Orabug: 25417805 CVE-2016-8646 - USB: usbfs: fix potential infoleak in devio Kangjie Lu Orabug: 25462760 CVE-2016-4482 - net: fix infoleak in llc Kangjie Lu Orabug: 25462807 CVE-2016-4485 -...
Unbreakable Enterprise kernel security update
2.6.39-400.294.2 - vfs: read filehandle only once in handletopath Sasha Levin Orabug: 25388709 CVE-2015-1420 - crypto: algifhash - Only export and import on sockets with data Herbert Xu Orabug: 25417807 - USB: usbfs: fix potential infoleak in devio Kangjie Lu Orabug: 25462763 CVE-2016-4482 - net:...
spice-server security update
0.12.4-13.2 - Fix buffer overflow in mainchannelallocmsgrcvbuf when reading large messages. Resolves: CVE-2016-9577 - Fix remote DoS via crafted message. Resolves: CVE-2016-9578...
ntp security update
4.2.6p5-25.0.1.el73.1 - Bump release to avoid ULN conflict with Oracle modified errata. 4.2.6p5-25.el73.1 - don't limit rate of packets from sources CVE-2016-7426 - don't change interface from received packets CVE-2016-7429 - fix calculation of root distance again CVE-2016-7433 - require...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.27 - vfio/pci: Fix integer overflows, bitmask check Vlad Tsyrklevich Orabug: 25164094 CVE-2016-9083 CVE-2016-9084 - Don't feed anything but regular iovec's to blkrqmapuseriov Linus Torvalds Orabug: 25231931 CVE-2016-9576 - kvm: x86: Check memopp before dereference...
spice security update
0.12.4-20 - Fix buffer overflow in mainchannelallocmsgrcvbuf when reading large messages. Resolves: CVE-2016-9577 - Fix remote DoS via crafted message. Resolves: CVE-2016-9578...
thunderbird security update
45.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 45.7.0-1 - Update to 45.7.0...
libtiff security update
3.9.4-21 - Fix patch for CVE-2016-5652 - Related: 1412078 3.9.4-20 - Fix CWE-476 defect found by covscan - Related: 1412078 3.9.4-19 - Add patches for CVEs: - CVE-2016-9533 CVE-2016-9534 CVE-2016-9535 - CVE-2016-9536 CVE-2016-9537 CVE-2016-9540 - CVE-2016-5652 - Resolves: 1412078...
firefox security update
45.7.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.7.0-1 - Updated to 45.7.0 B1 45.6.0-2 - Enabled ffmpeg 54.35.1 rhbz1330898, mozbz1263665...
squid security update
7:3.5.20-2.2 - Resolves: 1412735 - CVE-2016-10002 squid: Information disclosure in HTTP request processing...
mysql security update
5.1.73-8.0.1 - fix date in the test 5.1.73-8 - Fix CVE-2016-6662 and CVE-2016-6663 Resolves: 1397309...
squid34 security update
7:3.4.14-9.4 - Resolves: 1412733 - CVE-2016-10002 squid34: squid: Information disclosure in HTTP request processing...
java-1.8.0-openjdk security update
1:1.8.0.121-0.b13 - Update to aarch64-jdk8u121-b13. - Update PR1834/RH1022017 fix to reduce curves reported by SSL to apply against u121. - Re-generate RH1393047 ObjectInputStream patch against u121. - Resolves: rhbz1410612 1:1.8.0.112-0.b16 - Update to aarch64-jdk8u112-b16. - Drop upstreamed...
qemu-kvm security and bug fix update
1.5.3-126.el73.3 - kvm-net-check-packet-payload-length.patch bz1398217 - Resolves: bz1398217 CVE-2016-2857 qemu-kvm: Qemu: net: out of bounds read in netchecksumcalculate rhel-7.3.z 1.5.3-126.el73.2 - kvm-virtio-introduce-virtqueueunmapsg.patch bz1393484 -...
kernel security, bug fix, and enhancement update
3.10.0-514.6.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.6.1 - net sctp: validate chunk len before actually using it Hangbin Liu...
bind security update
30:9.3.6-25.P1.12 - Fix CVE-2016-9147 ISC change 4510 - Fix regression introduced by CVE-2016-8864 ISC change 4530...
bind97 security update
32:9.7.0-21.P2.10 - Fix CVE-2016-9147...
bind security update
32:9.9.4-38.1 - Fix CVE-2016-9131 ISC change 4508 - Fix CVE-2016-9147 ISC change 4510 - Fix regression introduced by CVE-2016-8864 ISC change 4530 - Fix CVE-2016-9444 ISC change 4517...
docker-engine docker-engine-selinux security and bugfix update
1.12.6-1.0.1 - Enable configuration of Docker daemon via sysconfig orabug 21804877 - Require UEK4 for docker 1.9 orabug 22235639 22235645 - Add docker.conf for prelink orabug 25147708 1.12.6 - the systemd unit file /usr/lib/systemd/system/docker.service contains local changes, or - a systemd...
Unbreakable Enterprise kernel security update
2.6.39-400.294.1 - nvme: Limit command retries Ashok Vairavan Orabug: 25342947 - tcp: fix use after free in tcpxmitretransmitqueue Eric Dumazet Orabug: 25374376 CVE-2016-6828 - ALSA: pcm : Call killfasync in stream lock Takashi Iwai Orabug: 25231728 CVE-2016-9794 - net: avoid signed overflows for...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.16.2 - net: avoid signed overflows for SOSND|RCVBUFFORCE Eric Dumazet Orabug: 25203623 CVE-2016-9793 3.8.13-118.16.1 - nvme: Limit command retries Ashok Vairavan Orabug: 25374794 - tcp: fix use after free in tcpxmitretransmitqueue Eric Dumazet Orabug: 25374371 CVE-2016-6828 ...
java-1.6.0-openjdk security update
1:1.6.0.41-1.13.13.1.0.1 - Add oracle-enterprise.patch 1:1.6.0.41-1.13.13.1 - Update to new 1.13.13 and b41 tarballs to correct TCK failure. - Resolves: rhbz1381990 1:1.6.0.41-1.13.13.0 - Remove --htmldir option which is not supported by older autotools. - Resolves: rhbz1381990 1:1.6.0.41-1.13.13...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.25 - KEYS: Fix short sprintf buffer in /proc/keys show function David Howells Orabug: 25306361 CVE-2016-7042 - nvme: Limit command retries Keith Busch Orabug: 25374751 - fs/proc/taskmmu.c: fix mmaccess mode parameter in pagemapread Kenny Keslar Orabug: 25374977 - tcp: fix u...
kernel security and bug fix update
2.6.32-642.13.1 - net Fix use after free in the recvmmsg exit path Davide Caratti 1390805 1390046 CVE-2016-7117 - net vlan: Propagate MAC address to VLANs Jarod Wilson 1396479 1381585 - net tcp: fix use after free in tcpxmitretransmitqueue Mateusz Guzik 1379527 1379529 CVE-2016-6828 - net...
gstreamer1-plugins-good security update
1.4.5-3 - Remove insecure FLX plugin Resolves: rhbz1400892...
gstreamer1-plugins-bad-free security update
1.4.5-6 - Fix h264 and h265 buffer size checks - Fix mpegts pat parsing and add more size checks Resolves: rhbz1400897 1.4.5-5 - vmncdec: Sanity-check width/height before using it Resolves: rhbz1400897...
gstreamer-plugins-bad-free security update
0.10.23-22 - h264parse: Ensure codecdata has the required size when reading number of SPS Resolves: rhbz1400838 0.10.23-21 - Remove insecure NSF plugin - vmncdec: Sanity-check width/height before using it Resolves: rhbz1400838...
gstreamer-plugins-good security update
0.10.31-12 - Disable insecure FLX plugin Resolves: rhbz1400842...
ghostscript security update
9.07-201 - Added security fixes for: - CVE-2013-5653 bug 1380327 - CVE-2016-7977 bug 1380415 - CVE-2016-7978 bug 1382300 - CVE-2016-7979 bug 1382305 - CVE-2016-8602 bug 1383940...
ghostscript security update
8.70-211 - Added security fixes for: - CVE-2013-5653 bug 1380327 - CVE-2016-7977 bug 1380415 - CVE-2016-7979 bug 1382305 - CVE-2016-8602 bug 1383940...
ipa security update
4.4.0-14.0.1.el73.1.1 - Blank out header-logo.png product-name.png Replace login-screen-logo.png 20362818 4.4.0-14.1.1 - Resolves: 1370493 CVE-2016-7030 ipa: DoS attack against kerberized services by abusing password policy - ipa-kdb: search for password policies globally - Renamed patches 1011 a...
Unbreakable Enterprise kernel security update
2.6.39-400.293.2 - x86/iopl/64: properly context-switch IOPL on Xen PV Andy Lutomirski Orabug: 25269184 CVE-2016-3157 - net: Fix use after free in the recvmmsg exit path Arnaldo Carvalho de Melo Orabug: 25298618 CVE-2016-7117...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.23 - net: Fix use after free in the recvmmsg exit path Arnaldo Carvalho de Melo Orabug: 25298601 CVE-2016-7117...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.15.2 - x86/iopl/64: properly context-switch IOPL on Xen PV Andy Lutomirski Orabug: 25269176 CVE-2016-3157 CVE-2016-3157 - net: Fix use after free in the recvmmsg exit path Arnaldo Carvalho de Melo Orabug: 25298611 CVE-2016-7117...
gstreamer-plugins-bad-free security update
0.10.19-5 - vmncdec: Sanity-check width/height before using it Resolves: rhbz1400820 0.10.19-4 - Remove insecure NSF decoder Resolves: rhbz1400820...
thunderbird security update
45.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 45.6.0-1 - Update to the latest upstream 45.6.0...
gstreamer-plugins-good security update
0.10.23-4 - Remove insecure FLX plugin Resolves: rhbz1400835...
kernel security and bug fix update
kernel 2.6.18-417 - virt hv: do not lose pending heartbeat vmbus packets Vitaly Kuznetsov 1391167 - net Fix use after free in the recvmmsg exit path Davide Caratti 1390044 CVE-2016-7117...
kernel security and bug fix update
kernel - 2.6.18-417.0.0.0.1 - netfront fix ring buffer index go back led vif stop orabug 18272251 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add...
xen security update
3.0.3-148.el511 - xen-qemu-ioport-array-overflow.patch bz1401521 - Resolves: bz1401521 CVE-2016-9637 xsa199 xen: qemu ioport array overflow XSA-199 rhel-5.11.z...