8998 matches found
sos security and bug fix update
3.2-28.0.1.2 - Add vendor, vendor URL info for Oracle Linux orabug 17656507 [email protected] - Direct traceroute to linux.oracle.com John Haxby orabug 11713272 [email protected] - Check oraclelinux-release instead of redhat-release to get OS version John Haxby bug 11681869 [email protected] -...
httpd24-httpd security update
2.4.12-6.0.1.el7.1 - replace index.html with Oracles index page oracleindex.html - update vstring in specfile 2.4.12-6.1 - core: fix chunk header parsing defect CVE-2015-3183 - core: replace of apsomeauthrequired with apsomeauthnrequired and apforceauthn hook CVE-2015-3185 - core: fix pointer...
git19-git security update
1.9.4-3.1 - fix arbitrary code execution via crafted URLs Resolves: 1273889 1.9.4-3 - fix CVE-2014-9390 Resolves: rhbz1220552...
python27 security, bug fix, and enhancement update
python27 1.1-17 - Require python-pip and python-wheel note: in rh-python34 this is not necessary, because 'python' depends on these. python27-python 2.7.8-3 - Add httplib fix for CVE-2013-1752 Resolves: rhbz1187779 2.7.8-2 - Fix %check unset DISPLAY setion not failing properly on failed test -...
ruby193-ruby security update
1.9.3.484-50.0.1 - fix build issue: self test report 'dh key to small' 1.9.3.484-50 - Fix off-by-one stack-based buffer overflow in the encodes function CVE-2014-4975. Related: rhbz1164004 - Fix REXML billion laughs attack via parameter entity expansion CVE-2014-8080. Related: rhbz1164004 - REXML...
php54-php security update
5.4.40-3 - fix more functions accept paths with NUL character 1213407 5.4.40-2 - core: fix multipart/form-data request can use excessive amount of CPU usage CVE-2015-4024 - fix various functions accept paths with NUL character CVE-2015-4025, CVE-2015-4026 - ftp: fix integer overflow leading to he...
php55-php security update
5.5.21-4 - fix more functions accept paths with NUL character 1213407 5.5.21-3 - core: fix multipart/form-data request can use excessive amount of CPU usage CVE-2015-4024 - fix various functions accept paths with NUL character CVE-2015-4025, CVE-2015-4026, 1213407 - fileinfo: fix denial of servic...
php55 security and bug fix update
php55 2.0-1 - fix incorrect selinux contexts 1194336 php55-php 5.5.21-2.0.1 - add dtrace-utils as build dependency 5.5.21-2 - core: fix use-after-free vulnerability in the processnesteddata function unserialize CVE-2015-2787 - core: fix NUL byte injection in file name argument of moveuploadedfile...
php54 security and bug fix update
php54 2.0-1 - fix incorrect selinux contexts 1194332 php54-php 5.4.40-1 - rebase to PHP 5.4.40 for various security fix 1209887 5.4.37-1 - rebase to PHP 5.4.37 5.4.36-1 - rebase to PHP 5.4.36 1168193 - fix package name in description - php-fpm own session dir php54-php-pecl-zendopcache 7.0.4-3 -...
httpd24-httpd security and bug fix update
2.4.6-22.0.1.el6 - remove enable-tlsv1x-thunks to fit openssl 1.x api - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.4.6-22 - Remove modproxyfcgi fix for heap-based buffer overflow, httpd-2.4.6 is not affected CVE-2014-3583 2.4.6-21 - modproxywstunne...
qemu-kvm security update
0.12.1.2-2.479.el67.4 - kvm-fwcfg-add-check-to-validate-current-entry-value-CVE.patch bz1298045 - Resolves: bz1298045 CVE-2016-1714 qemu-kvm: Qemu: nvram: OOB r/w access in processing firmware configurations rhel-6.7.z...
qemu-kvm security and bug fix update
1.5.3-105.el72.3 - kvm-fwcfg-add-check-to-validate-current-entry-value-CVE.patch bz1298047 - Resolves: bz1298047 CVE-2016-1714 qemu-kvm: Qemu: nvram: OOB r/w access in processing firmware configurations rhel-7.2.z 1.5.3-105.el72.2 - kvm-raw-posix-Fix-.bdrvcogetblockstatus-for-unaligne.patch...
firefox security update
38.6.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.6.0-1 - Update to 38.6.0 ESR...
bind97 security update
32:9.7.0-21.P2.5 - Fix CVE-2015-8704...
bind security update
30:9.3.6-25.P1.6 - Fix CVE-2015-8704...
java-1.6.0-openjdk security update
1.6.0.38-1.13.10.0.0.1 - Add oracle-enterprise.patch 1:1.6.0.38-1.13.10.0 - Add patch to replace -fno-strict-overflow with -fwrapv on older RHEL 5.11 GCC. - Resolves: rhbz1295772 1:1.6.0.38-1.13.10.0 - Update to IcedTea 1.13.10 & OpenJDK 6 b38. - Resolves: rhbz1295772...
ntp security update
4.2.6p5-5.el67.4 - don't accept server/peer packets with zero origin timestamp CVE-2015-8138...
kernel security update
3.10.0-327.4.5.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.4.5 - security keys: Fix keyring ref leak in joinsessionkeyring David Howells 1298931 1298036 CVE-2016-0728...
java-1.7.0-openjdk security update
1.7.0.95-2.6.4.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.95-2.6.4.0 - Bump to 2.6.4 and u95b00. - Backport tarball creation script from OpenJDK 8 RPMs and update fsg.sh to work with it. - Drop 8072932or8074489 patch as applied upstream in u91b01. - Add MD5 checksums for last two version of th...
java-1.7.0-openjdk security update
1.7.0.95-2.6.4.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.95-2.6.4.0 - Remove reference to jre/lib/audio. - Resolves: rhbz1295765 1:1.7.0.95-2.6.4.0 - Bump to 2.6.4 and u95b00. - Backport tarball creation script from OpenJDK 8 RPMs and update fsg.sh to work with it. - Drop 8072932or8074489 pat...
kernel security update
kernel 2.6.18-408.0.0.0.1 - netfront fix ring buffer index go back led vif stop orabug 18272251 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add...
java-1.8.0-openjdk security update
1:1.8.0.71-1.b15 - Add patch to turn off strict overflow on IndicRearrangementProcessor,2.cpp - Resolves: rhbz1295751 1:1.8.0.71-0.b15 - January 2016 security update to u71b15. - Improve verbosity and helpfulness of tarball generation script. - Update patch documentation using version originally...
kernel-uek security update
kernel-uek 4.1.12-32.1.2 - KEYS: Fix keyring ref leak in joinsessionkeyring Yevgeny Pats Orabug: 22563965 CVE-2016-0728 4.1.12-32.1.1 - ocfs2: return non-zero stblocks for inline data John Haxby Orabug: 22218243 - xen/events/fifo: Consume unprocessed events when a CPU dies Ross Lagerwall Orabug:...
java-1.8.0-openjdk security update
1:1.8.0.71-2.b15 - Add md5sum for previous java.security file so it gets updated. - Resolves: rhbz1295753 1:1.8.0.71-1.b15 - Restore upstream version of system LCMS patch removed by 'sync with Fedora' - Add patch to turn off strict overflow on IndicRearrangementProcessor,2.cpp - Resolves:...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.2.5 - KEYS: Fix keyring ref leak in joinsessionkeyring Yevgeny Pats Orabug: 22563965 CVE-2016-0728...
kernel security update
kernel 2.6.18-408 - net udp: fix behavior of wrong checksums Denys Vlasenko 1240757 CVE-2015-5364 CVE-2015-5366 - net ipv6/udp: Use correct var to determine non-blocking cond Denys Vlasenko 1240757 CVE-2015-5364 CVE-2015-5366 - net SNMP: Restore Udp6InErrors incrementation Denys Vlasenko 1240757...
openssh security update
6.6.1p1-23 + 0.9.3-9 - Disable undocumented feauture Roaming for good 1298218 - prevents CVE-2016-0777 and CVE-2016-0778...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.15uek - ipc/sem.c: fully initialize semarray before making it visible Manfred Spraul Orabug: 22250043 CVE-2015-7613 - Initialize msg/shm IPC objects before doing ipcaddid Linus Torvalds Orabug: 22250043 CVE-2015-7613 - crypto: add missing crypto module aliases Mathias...
Unbreakable Enterprise kernel security update
2.6.39-400.264.13 - KEYS: Don't permit requestkey to construct a new keyring David Howells Orabug: 22373449 CVE-2015-7872 2.6.39-400.264.12 - crypto: add missing crypto module aliases Mathias Krause Orabug: 22249656 CVE-2013-7421 CVE-2014-9644 - crypto: include crypto- module prefix in template...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.2.4 - KEYS: Don't permit requestkey to construct a new keyring David Howells Orabug: 22373442 CVE-2015-7872 3.8.13-118.2.3 - dcache: Handle escaped paths in prependpath Eric W. Biederman Orabug: 22373283 - vfs: Test for and handle paths that are unreachable from their mntroo...
gnutls security update
3.3.8-14 - Prevent downgrade attack to RSA-MD5 in server key exchange. 3.3.8-13 - Corrected reseed and respect of maxnumberofbitsperrequest in FIPS140-2 mode. Also enhanced the initial tests. 1228199...
rpcbind security update
0.2.0-11.el67 - Fix memory corruption in PMAPCALLIT code bz 1283638...
samba security update
4.2.3-11 - resolves: 1290710 - CVE-2015-3223 Remote DoS in Samba AD LDAP server - CVE-2015-5299 Missing access control check in shadow copy code - CVE-2015-5252 Insufficient symlink verification in smbd - CVE-2015-5296 Samba client requesting encryption vulnerable to downgrade attack...
samba security update
0:3.6.23-24.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 18253258 3.6.23-24 - related: 1290706 - Update patch for CVE-2015-5330 3.6.23-22 - resolves: 1290706 - CVE-2015-5299 - related: 1290706 - CVE-2015-5296 - related: 1290706 - CVE-2015-5252 - related: 129070...
nss security update
3.19.1-8.0.1 - Added nss-vendor.patch to change vendor 3.19.1-8 - Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol - Resolves: Bug 1289881...
samba4 security update
4.0.0-67.rc4 - resolves: 1290708 - CVE-2015-7540 - related: 1290708 - CVE-2015-5299 - related: 1290708 - CVE-2015-5296 - related: 1290708 - CVE-2015-5252 - related: 1290708 - CVE-2015-5330...
libldb security update
1.1.13-3.1 - Resolves: rhbz1290712 - CVE-2015-5330 libldb: samba: Remote memory read in Samba LDAP server rhel-7.2.z - Remove the patch from the previous commit, it doesn't fix a remotely eploitable issue. Add patches from upstream 11636 instead...
openssl security update
1.0.1e-42.2 - fix CVE-2015-7575 - disallow use of MD5 in TLS1.2...
thunderbird security update
38.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 38.5.0-1 - Update to 38.5.0...
qemu-kvm security update
0.12.1.2-2.479.el67.3 - kvm-net-pcnet-add-check-to-validate-receive-data-size-CV.patch bz1287950 - kvm-pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch bz1287950 - Resolves: bz1287950 CVE-2015-7504 CVE-2015-7512 qemu-kvm: various flaws rhel-6.7.z...
jakarta-commons-collections security update
0:3.2-2jpp.4 - Fix Java object de-serialization vulnerability - Resolves: CVE-2015-7501...
bind security update
30:9.3.6-25.P1.5 - Fix CVE-2015-8000 30:9.3.6-25.P1.4 - Fix CVE-2015-5722 30:9.3.6-25.P1.3 - Fix CVE-2015-5477 30:9.3.6-25.P1.2 - Remove files backup after patching Related: 1171971 30:9.3.6-25.P1.1 - Fix CVE-2014-8500 1171971...
firefox security update
38.5.0-2.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 38.5.0-2 - Update to 38.5.0 ESR...
bind security update
32:9.8.2-0.44.rc1.5 - Fix CVE-2015-8000...
bind97 security update
32:9.7.0-21.P2.4 - Fix CVE-2015-8000 32:9.7.0-21.P2.3 - Fix CVE-2015-5722 32:9.7.0-21.P2.2 - Fix CVE-2015-5477 32:9.7.0-21.P2.1 - Fix CVE-2014-8500 1171972...
grub2 security and bug fix update
2.02-0.33.0.1 - Fix comparison in patch for 18504756 - Remove symlink to grub environment file during uninstall on EFI platforms bug 19231481 - update Oracle Linux certificates Alexey Petrenko - Put 'with' in menuentry instead of 'using' bug 18504756 - Use different titles for UEK and RHCK kernel...
kernel security and bug fix update
2.6.32-573.12.1 - Revert: netdrv igb: add support for 1512 PHY Stefan Assmann 1278275 1238551 2.6.32-573.11.1 - kvm svm: unconditionally intercept DB Paolo Bonzini 1279467 1279468 CVE-2015-8104 - x86 virt: guest to host DoS by triggering an infinite loop in microcode Paolo Bonzini 1277557 1277559...
openssl security update
1.0.1e-51.1 - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint 1.0.1e-51 - fix the CVE-2015-1791 fix broken server side renegotiation 1.0.1e-50 - improved fi...
libreoffice security update
4.2.8.2-11.0.1.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile [email protected] - Build with --with-vendor='Oracle America, Inc.' [email protected] 1:4.2.8.2-11.1 - Resolves: rhbz1285818 various flaws - CVE-2015-4551 Arbitrary file...
openssl security update
0.9.8e-37.0.1 - To disable SSLv2 client connections create the file /etc/sysconfig/openssl-ssl-client-kill-sslv2 John Haxby orabug 21673934 - Backport openssl 08-Jan-2015 security fixes John Haxby orabug 20409893 - fix CVE-2014-3570 - Bignum squaring may produce incorrect results - fix...