9184 matches found
vim security update
7.4.629-5.1 - add fix for CVE-2016-1248...
firefox security update
45.6.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.6.0-1 - Update to 45.6.0 ESR...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.15.1 - Revert 'i40e: Set defport behavior for the Main VSI when in promiscuous mode' Jack Vogel Orabug: 22683573 - mlx4: avoid multiple free on idmapent Wengang Wang - xen-netfront: cast grant table reference first to type int Dongli Zhang - xen-netfront: do not cast grant...
Unbreakable Enterprise kernel security update
2.6.39-400.293.1 - logging errors that get masked to EIO inside drivers/block/loop.c Manjunath Patil Orabug: 21962821 - sched/core: Clear the rootdomain cpumasks in initrootdomain Xunlei Pang Orabug: 23518650 - bio allocation failure due to biogetnrvecs Darrick J. Wong Orabug: 23852442 - mlx4:...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.22 - ocfs2: fix trans extend while free cached blocks Junxiao Bi Orabug: 25136991 - ocfs2: fix trans extend while flush truncate log Junxiao Bi Orabug: 25136991 - ocfs2: extend enough credits for freeing one truncate record while replaying truncate records Xue jiufei Orabug...
sudo security update
1.8.6p3-25 - Update noexec syscall blacklist - Fixes CVE-2016-7032 and CVE-2016-7076 Resolves: rhbz1391937...
thunderbird security update
45.5.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 45.5.1-1 - Update to 45.5.1...
firefox security update
45.5.1-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.5.1-1 - Update to 45.5.1 ESR...
thunderbird security update
45.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 45.5.0-1 - Update to 45.5.0...
expat security update
2.0.1-13 - updated security fix for CVE-2016-0718 2.0.1-12 - add security fix for CVE-2016-0718...
memcached security update
0:1.4.15-10.el73.1 - fix vulnerabilities allowing remote code execution CVE-2016-8704, CVE-2016-8705, CVE-2016-8706 0:1.4.15-10 - fix binding to IPv6 address 1298603 - enable SASL support 1263696 - don't allow authentication with bad SASL credentials CVE-2013-7239...
memcached security update
0:1.4.4-3.el68.1 - fix vulnerabilities allowing remote code execution CVE-2016-8704, CVE-2016-8705, CVE-2016-8706...
ipsilon security update
1.0.0-13 - Backport patch for CVE-2016-8638 RHBZ1394116...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.19 - acpi: Disable ACPI table override if securelevel is set Linn Crosetto Orabug: 25058966 CVE-2016-3699 - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060060 CVE-2016-6480 CVE-2016-6480 - audit: fix a double fetch in auditlogsingleexecvea...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.14.2 - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060050 CVE-2016-6480 CVE-2016-6480 - IB/srpt: Simplify srpthandletskmgmt Bart Van Assche Orabug: 25060011 CVE-2016-6327 - audit: fix a double fetch in auditlogsingleexecvearg Paul Moore...
Unbreakable Enterprise kernel security update
2.6.39-400.290.2 - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060055 CVE-2016-6480 CVE-2016-6480 - audit: fix a double fetch in auditlogsingleexecvearg Paul Moore Orabug: 25059962 CVE-2016-6136 - ecryptfs: don't allow mmap when the lower fs doesn't support it...
nss and nss-util security update
nss 3.21.3-2.0.1 - Added nss-vendor.patch to change vendor 3.21.3-2 - Mozilla 1314604 / Red Hat CVE-2016-8635 3.21.3-1.1 - rebuild 3.21.3-1 - Rebase to NSS 3.21.3 - Resolves: 1383887 nss-util 3.21.3-1.1 - rebuild 3.21.3-1 - Rebase to nss-3.21.3 - Remove patch for CVE-2016-1950, which is included ...
firefox security update
45.5.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.5.0-1 - Update to 45.5.0 ESR 45.4.0-3 - Added upcoming upstream patches mozbz1018486 45.4.0-2 - Added Laszlo Ersek patch for aarch64 crashes...
kernel security and bug fix update
2.6.32-642.11.1 - mm close FOLL MAPPRIVATE race Larry Woodman 1385116 1385117 CVE-2016-5195 2.6.32-642.10.1 - scsi fnic: Fix to cleanup aborted IO to avoid device being offlined by mid-layer Maurizio Lombardi 1382620 1341298 2.6.32-642.9.1 - net vlan: Fix FCOEMTU support Maurizio Lombardi 1381592...
389-ds-base security, bug fix, and enhancement update
1.2.11.15-84 - Release 1.2.11.15-84 - Resolves: 1376676 - Backport AES storage scheme plugin DS 47462 1.2.11.15-83 - Release 1.2.11.15-83 - Resolves: 1376676 - Backport AES storage scheme plugin DS 47462 1.2.11.15-82 - Release 1.2.11.15-82 - Resolves: 1376676 - Backport AES storage scheme plugin ...
policycoreutils security update
2.0.83-30.1.0.1 - Lazy unmount private, shared entryJoe Jinorabug 12560705 2.0.83-30.1 - sandbox: create a new session for sandboxed processes Resolves: CVE-2016-7545...
python security, bug fix, and enhancement update
2.7.5-48.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-48 - Fix for CVE-2016-1000110 HTTPoxy attack Resolves: rhbz1359164 2.7.5-47 - Fix for CVE-2016-5636: possible integer overflow and heap corruption in zipimporter.getdata Resolves: rhbz1356364 2.7.5-46 - Drop patch 2...
openssh security, bug fix, and enhancement update
6.6.1p1-31 + 0.9.3-9 - Do not depend on selinux-policy 1373297 6.6.1p1-30 + 0.9.3-9 - Drop dependency on libcap-ng for ssh-keycat 1357859 6.6.1p1-29 + 0.9.3-9 - Rework SELinux context handling with chroot using libcap-ng 1357859 6.6.1p1-28 + 0.9.3-9 - SFTP force permission collision with umask...
wget security and bug fix update
1.14-13 - Fix CVE-2016-4971 1345778 - Added support for non-ASCII URLs Related: CVE-2016-4971 1.14-12 - Fix wget to include Host header on CONNECT as required by HTTP 1.1 1203384 - Run internal test suite during build 1295846 - Fix -nv being documented as synonym for two options 1147572 1.14-11 -...
firewalld security, bug fix, and enhancement update
0.4.3.2-8 - Exclude firewallctl RHBZ1374799 0.4.3.2-7 - Tolerate ipv6rpfilter fail RHBZ1285769 - Fix setrules to copy the rule before extracting the table RHBZ1373260 - Translation update RHBZ1273296 - Conflict with NetworkManager 1:1.4.0-3.el7 RHBZ1366288 0.4.3.2-6 - Do not use exit code 254 for...
NetworkManager security, bug fix, and enhancement update
NetworkManager 1:1.4.0-12 - device: consider a device with slaves configured rh1333983 1:1.4.0-11 - build: add RPM dependency for exact glib2 version rh1378809 1:1.4.0-10 - device: improve connection matching for assuming bond and infiniband rh1375558 1:1.4.0-9 - clients: handle secret requests...
poppler security and bug fix update
0.26.5-16 - Fix crash in Splash - Resolves: 1299492 0.26.5-15 - Check array length - Resolves: 1299506 0.26.5-14 - Show correct glyph or none instead of 'fi' - Resolves: 1298616 0.26.5-13 - Check for groupColorSpace existance - Resolves: 1299479 0.26.5-12 - Move array reallocation from visitLine ...
libvirt security, bug fix, and enhancement update
2.0.0-10 - virtlogd: Don't stop or restart along with libvirtd rhbz1372576 2.0.0-9 - Add helper for removing transient definition rhbz1368774 - qemu: Remove stale transient def when migration fails rhbz1368774 - qemu: Don't use query-migrate on destination rhbz1374613 - conf: allow hotplugging...
dhcp security, bug fix, and enhancement update
12:4.2.5-47.0.1 - Added oracle-errwarn-message.patch 12:4.2.5-47 - 1269596 - fix undefined variable in dhclient-script 12:4.2.5-46 - unclosed TCP connections to OMAPI or failover ports can cause DoS CVE-2016-2774 12:4.2.5-45 - 1267489 - dhclient-script does not respect DEFROUTE/GATEWAYDEV patched...
libgcrypt security update
1.5.3-13.1 - fix CVE-2016-6313 - predictable PRNG output 1366105 1.5.3-13 - touch only urandom in the selftest and when /dev/random is unavailable for example by SELinux confinement - fix the RSA selftest key p q swap...
fontconfig security and bug fix update
2.10.95-10 - Fix a regression in the previous change. 1355930 2.10.95-9 - CVE-2016-5384: Validate offsets in cache files properly. 1355930 2.10.95-8 - Update 45-latin.conf to add some hints to fall back for Windows fonts 1073460...
postgresql security and bug fix update
9.2.18-1 - update to 9.2.18 per release notes http://www.postgresql.org/docs/9.2/static/release-9-2-18.html http://www.postgresql.org/docs/9.2/static/release-9-2-17.html http://www.postgresql.org/docs/9.2/static/release-9-2-16.html 9.2.15-2 - fix postgresql-setup to work if postgres user is set t...
java-1.7.0-openjdk security update
1:1.7.0.121-2.6.8.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.121-2.6.8.0 - Turn off HotSpot bootstrap to see if it resolves build issues. - Resolves: rhbz1381990 1:1.7.0.121-2.6.8.0 - Bump to 2.6.8 and u121b00. - Drop patches S7081817, S8140344, S8145017 and S8162344 applied upstream. - Update...
libreoffice security, bug fix, and enhancement update
libcmis 0.5.1-2 - Resolves: rhbz1330591 fix Google Drive login - Related: rhbz1330591 fix changelog entry 0.5.1-1 - Related: rhbz1290152 new upstream release 0.5.0-2 - Related: rhbz1290152 autoreconf is not needed - Related: rhbz1290152 add a bunch of fixes found by coverity 0.5.0-1 - Resolves:...
qemu-kvm security, bug fix, and enhancement update
1.5.3-126.el7 - kvm-virtio-recalculate-vq-inuse-after-migration.patch bz1376542 - Resolves: bz1376542 RHSA-2016-1756 breaks migration of instances 1.5.3-125.el7 - kvm-nbd-server-Set-ONONBLOCK-on-client-fd.patch bz1285453 - Resolves: bz1285453 An NBD client can cause QEMU main loop to block when...
nettle security and bug fix update
2.7.1-8 - Use a cache-silent version of mpzpowm to prevent cache-timing attacks against RSA and DSA in shared VMs. 1364897,CVE-2016-6489 2.7.1-5 - Fixed SHA-3 implementation to conform to final standard 1252936 - Fixed CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 which caused issues in secp256r1 and...
resteasy-base security and bug fix update
3.0.6-4 - Resolves: rhbz1378619 - disable SerializerProvider by default 3.0.6-3 - Resolves: rhbz1357624 - fail to build with java 8 3.0.6-2 - Resolves: rhbz1280539 - fix pom version...
mod_nss security, bug fix, and enhancement update
1.0.14-7 - Add the permission patch to the repository 1312583 1.0.14-6 - Check the NSS certificate database directory for read permissions by the Apache user. 1312583 1.0.14-5 - Update clean semaphore patch to not free the pinList twice. 1364560 1.0.14-4 - Update clean semaphore patch to not clos...
php security and bug fix update
5.4.16-42 - bz2: fix improper error handling in bzread CVE-2016-5399 5.4.16-41 - gd: fix integer overflow in gd2GetHeader resulting in heap overflow CVE-2016-5766 - gd: fix integer overflow in gdImagePaletteToTrueColor resulting in heap overflow CVE-2016-5767 - mbstring: fix double free in...
kernel security, bug fix, and enhancement update
3.10.0-514.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514 - mm remove gupflags FOLLWRITE games from getuserpages Larry Woodman 1385124...
util-linux security, bug fix, and enhancement update
2.23.2-33.0.1 - fix Oracle bug 23001516 - backport lscpu: correct the Virtualization type on Xen DomU PV guest - Reviewed-by: Joe Jin 2.23.2-33 - improve patch for 1007734 libblkid realpaths 2.23.2-32 - improve patch for chrt1 deadline support 1298384 - fix 1007734 - blkid shows devices as...
389-ds-base security, bug fix, and enhancement update
1.3.5.10-11 - Release 1.3.5.10-11 - Resolves: bug 1321124 - Replication changelog can incorrectly skip over updates 1.3.5.10-10 - Release 1.3.5.10-10 - Resolves: bug 1370300 - set proper update status to replication agreement in case of failure DS 48957 - Resolves: bug 1209094 - Allow logging of...
sudo security, bug fix, and enhancement update
1.8.6p7-20 - RHEL 7.3 erratum - fixed visudo's -q flag Resolves: rhbz1350828 1.8.6p7-19 - RHEL 7.3 erratum - removed INPUTRC from envkeep to prevent a potential info leak Resolves: rhbz1340700 1.8.6p7-18 - RHEL 7.3 erratum - removed requiretty flag from the default sudoers policy - backported...
libreswan security and bug fix update
3.15-8.0.1 - add libreswan-oracle.patch to detect Oracle Linux distro 3.15-8 - Resolves: rhbz1361721 libreswan pluto segfault UPDATED - Resolves: rhbz1276524 USGv6 IKEv2.EN.R.1.1.3.2 case failed due to response to bad INFORMATIONAL request UPDATED - Resolves: rhbz1309764 ipsec barf additional man...
glibc security, bug fix, and enhancement update
2.17-157 - Rebuild with updated binutils 1268008 2.17-156 - malloc arena free free list management fix 1276753 2.17-155 - Basic validity check for locale-archive.tmpl 1350733 2.17-153 - Add Intel AVX-512 optimized routines 1298526. 2.17-151 - Improve malloc peformance in low-memory situations...
glibc security update
2.17-157 - Rebuild with updated binutils 1268008 2.17-156 - malloc arena free free list management fix 1276753 2.17-155 - Basic validity check for locale-archive.tmpl 1350733 2.17-153 - Add Intel AVX-512 optimized routines 1298526. 2.17-151 - Improve malloc peformance in low-memory situations...
libguestfs and virt-p2v security, bug fix, and enhancement update
libguestfs 1:1.32.7-3 - Rebase to libguestfs 1.32 in RHEL 7.3 resolves: rhbz1218766 - The full tests are now run after the package has been built. - New tool and subpackage: virt-dib safe diskimage-builder replacement. - New subpackage libguestfs-inspect-icons to reduce dependencies of main pkg s...
krb5 security, bug fix, and enhancement update
1.14.1-26 - Use responder in non-preauth AS reqs - Resolves: 1363690 1.14.1-25 - Fix bad debuglog call in selinux handling - Resolves: 1292153 1.14.1-24 - Fix KKDCPP with TLS SNI by always presenting 'Host:' header - Resolves: 1364993 1.14.1-23 - Add dependency on libkadm5 to krb5-devel - Resolve...
curl security, bug fix, and enhancement update
7.29.0-35 - fix incorrect use of a previously loaded certificate from file related to CVE-2016-5420 7.29.0-34 - acknowledge the --no-sessionid/CURLOPTSSLSESSIONIDCACHE option required by the fix for CVE-2016-5419 7.29.0-33 - fix re-using connections with wrong client cert CVE-2016-5420 - fix TLS...
ntp security and bug fix update
4.2.6p5-25.0.1 - add disable monitor to default ntp.conf CVE-2013-5211 4.2.6p5-25 - don't allow spoofed packet to enable symmetric interleaved mode CVE-2016-1548 - check mode of new source in config command CVE-2016-2518 - make MAC check resilient against timing attack CVE-2016-1550 4.2.6p5-24 -...