9185 matches found
krb5 security, bug fix, and enhancement update
1.14.1-26 - Use responder in non-preauth AS reqs - Resolves: 1363690 1.14.1-25 - Fix bad debuglog call in selinux handling - Resolves: 1292153 1.14.1-24 - Fix KKDCPP with TLS SNI by always presenting 'Host:' header - Resolves: 1364993 1.14.1-23 - Add dependency on libkadm5 to krb5-devel - Resolve...
tomcat security, bug fix, and enhancement update
0:7.0.69-10 - Related: rhbz1368122 0:7.0.69-9 - Resolves: rhbz1362213 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz1368122 0:7.0.69-7 - Resolves: rhbz1362545 0:7.0.69-6 - Related: rhbz1201409 Added /etc/sysconfig/tomcat to the systemd unit fo...
curl security, bug fix, and enhancement update
7.29.0-35 - fix incorrect use of a previously loaded certificate from file related to CVE-2016-5420 7.29.0-34 - acknowledge the --no-sessionid/CURLOPTSSLSESSIONIDCACHE option required by the fix for CVE-2016-5419 7.29.0-33 - fix re-using connections with wrong client cert CVE-2016-5420 - fix TLS...
ntp security and bug fix update
4.2.6p5-25.0.1 - add disable monitor to default ntp.conf CVE-2013-5211 4.2.6p5-25 - don't allow spoofed packet to enable symmetric interleaved mode CVE-2016-1548 - check mode of new source in config command CVE-2016-2518 - make MAC check resilient against timing attack CVE-2016-1550 4.2.6p5-24 -...
bind security update
32:9.9.4-38 - Fix CVE-2016-8864 32:9.9.4-37 - Fix CVE-2016-2776 32:9.9.4-36 - Added automatic interface scan functionality 1294506 - Removed NetworkManager dispatcher script since it is not needed any more 1294506 32:9.9.4-35 - Added GeoIP support 1220594 32:9.9.4-34 - Added support for CAA recor...
gimp security, bug fix, and enhancement update
gimp 2:2.8.16-3 - fix multiple use-after-free bugs when parsing XCF channel and layer properties 1348617 2:2.8.16-2 - add back obsoletes necessary for RHEL 2:2.8.16-1 - version 2.8.16 2:2.8.14-3 - export-dialog-destroyed-crash patch: avoid subsequent warnings 2:2.8.14-2 - fix linking problem - us...
mariadb security and bug fix update
5.5.52-1 - Rebase to 5.5.52, that also include fix for CVE-2016-6662 Resolves: 1377974 1:5.5.50-2 - Rebuild Related: 1359629...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.17 - sched: panic on corrupted stack end Jann Horn Orabug: 24971921 CVE-2016-1583 - ecryptfs: forbid opening files without mmap handler Jann Horn Orabug: 24971921 CVE-2016-1583 - proc: prevent stacking filesystems on top Jann Horn Orabug: 24971921 CVE-2016-1583...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.14.1 - ecryptfs: forbid opening files without mmap handler Jann Horn Orabug: 24971919 CVE-2016-1583 - RDS: IB: fix panic with handlers running post teardown Santosh Shilimkar Orabug: 24395795...
bind97 security update
32:9.7.0-21.P2.9 - Fix CVE-2016-8864...
bind security update
30:9.3.6-25.P1.11 - Fix CVE-2016-8864...
kernel security and bug fix update
kernel 2.6.18-416 - mm Fix Privilege escalation via MAPPRIVATE Larry Woodman 1385112 CVE-2016-5195 2.6.18-415 - fs gfs2: Initialize atime of INEW inodes Andreas Grunbacher 1374861 - fs gfs2: Update file times after grabbing glock Andreas Grunbacher 1374861 - Revert: fs gfs2: Only refresh newer...
kernel security and bug fix update
kernel - 2.6.18-416.0.0.0.1 - netfront fix ring buffer index go back led vif stop orabug 18272251 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add...
kernel security update
2.6.32-642.6.2 - mm close FOLL MAPPRIVATE race Larry Woodman 1385116 1385117 CVE-2016-5195...
kernel security update
3.10.0-327.36.3.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.36.3 - mm remove gupflags FOLLWRITE games from getuserpages Alexander Gordeev 1385123 1385124 CVE-2016-5195...
Unbreakable Enterprise kernel security update
2.6.39-400.286.3 - mm, gup: close FOLL MAPPRIVATE race Linus Torvalds Orabug: 24928646 CVE-2016-5195...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.13.3 - mm, gup: close FOLL MAPPRIVATE race Linus Torvalds Orabug: 24928591 CVE-2016-5195...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.16 - mm: remove gupflags FOLLWRITE games from getuserpages Linus Torvalds Orabug: 24927306 CVE-2016-5195 4.1.12-61.1.15 - drivers/nvme: provide a module parameter for setting number of I/O queues Shan Hai Orabug: 24914956 - blk-mq: improve warning for running a queue on the...
bind97 security update
32:9.7.0-21.P2.8 - Fix CVE-2016-2848 32:9.7.0-21.P2.7 - Fix CVE-2016-2776 32:9.7.0-21.P2.6 - Fix CVE-2016-1285 and CVE-2016-1286 32:9.7.0-21.P2.5 - Fix CVE-2015-8704 32:9.7.0-21.P2.4 - Fix CVE-2015-8000 32:9.7.0-21.P2.3 - Fix CVE-2015-5722 32:9.7.0-21.P2.2 - Fix CVE-2015-5477 32:9.7.0-21.P2.1 - F...
bind security update
30:9.3.6-25.P1.10 - Fix CVE-2016-2848 30:9.3.6-25.P1.9 - Fix CVE-2016-2776 30:9.3.6-25.P1.8 - Fix issue with patch for CVE-2016-1285 and CVE-2016-1286 found by test suite 30:9.3.6-25.P1.7 - Fix CVE-2016-1285 and CVE-2016-1286 30:9.3.6-25.P1.6 - Fix CVE-2015-8704 30:9.3.6-25.P1.5 - Fix CVE-2015-80...
java-1.8.0-openjdk security update
1:1.8.0.111-0.b15 - added nss restricting requires - Resolves: rhbz1381990 1:1.8.0.111-0.b15 - Turn debug builds on for all JIT architectures. Always AssumeMP on RHEL. - Resolves: rhbz1381990 1:1.8.0.111-0.b15 - Update to aarch64-jdk8u111-b15, with AArch64 fix for S8160591. - Resolves: rhbz138199...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.14 - net: add recursion limit to GRO Sabrina Dubroca Orabug: 24829133 CVE-2016-7039...
openssl security update
0.9.8e-40.0.3 - fix CVE-2016-2177 - possible integer overflow - fix CVE-2016-2178 - non-constant time DSA operations - fix CVE-2016-2182 - possible buffer overflow in BNbn2dec - fix CVE-2016-6306 - certificate message OOB reads - mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to...
kernel security update
3.10.0-327.36.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.36.2 - net add recursion limit to GRO Sabrina Dubroca 1378405 1374191 CVE-2016-7039...
tomcat security update
0:7.0.54-8 - Resolves: rhbz1368121 0:7.0.54-7 - Resolves: rhbz1362212 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz1368121 0:7.0.54-5 - Resolves: rhbz1362567 0:7.0.54-4 - Resolves: CVE-2015-5346 0:7.0.54-3 - Resolves: CVE-2014-7810...
tomcat6 security and bug fix update
0:6.0.24-98 - Resolves: rhbz1362210 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz1368119 0:6.0.24-97 - Resolves: rhbz1367051 CVE-2015-5174 URL Normalization issue - Resolves: rhbz1367054 CVE-2016-0706 Security Manager bypass via...
Unbreakable Enterprise kernel security and bugfix update
2.6.39-400.286.2 - HID: hiddev: validate numvalues for HIDIOCGUSAGES, HIDIOCSUSAGES commands Scott Bauer Orabug: 24798694 CVE-2016-5829 2.6.39-400.286.1 - Revert 'rds: skip rx/tx work when destroying connection' Brian Maly Orabug: 24790158 2.6.39-400.285.1 - netfilter: xtables: speed up jump targ...
Unbreakable Enterprise kernel security and bugfix update
kernel-uek 4.1.12-61.1.13 - HID: hiddev: validate numvalues for HIDIOCGUSAGES, HIDIOCSUSAGES commands Scott Bauer Orabug: 24803597 CVE-2016-5829 4.1.12-61.1.12 - ocfs2: Fix start offset to ocfs2zerorangefortruncate Ashish Samant Orabug: 24790230 4.1.12-61.1.11 - ocfs2: Fix double put of recount...
Unbreakable Enterprise kernel security and bugfix update
kernel-uek 3.8.13-118.13.2 - HID: hiddev: validate numvalues for HIDIOCGUSAGES, HIDIOCSUSAGES commands Scott Bauer Orabug: 24798695 CVE-2016-5829 3.8.13-118.13.1 - Revert 'rds: skip rx/tx work when destroying connection' Brian Maly Orabug: 24790116 3.8.13-118.12.1 - scsisysfs: protect against...
kernel security and bug fix update
2.6.32-642.6.1 - net tcp: make challenge acks less predictable Florian Westphal 1355606 1355607 CVE-2016-5696 - fs sunrpc: move NOCRKEYTIMEOUT to the auth-auflags Scott Mayhew 1366962 1294939 - usbhid hiddev: validate numvalues for HIDIOCGUSAGES, HIDIOCSUSAGES commands Yauheni Kaliuta 1359999...
thunderbird security update
45.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 45.4.0-1 - Update to 45.4.0...
python-twisted-web security update
8.2.0-5 - Rebase HTTPoxy patch and bump release for rebuild Resolves: rhbz1358789 8.2.0-4 - Fix HTTPoxy CVE-2016-1000111 Resolves: rhbz1358789...
bind97 security update
32:9.7.0-21.P2.7 - Fix CVE-2016-2776 32:9.7.0-21.P2.6 - Fix CVE-2016-1285 and CVE-2016-1286 32:9.7.0-21.P2.5 - Fix CVE-2015-8704 32:9.7.0-21.P2.4 - Fix CVE-2015-8000 32:9.7.0-21.P2.3 - Fix CVE-2015-5722 32:9.7.0-21.P2.2 - Fix CVE-2015-5477 32:9.7.0-21.P2.1 - Fix CVE-2014-8500 1171972...
bind security update
30:9.3.6-25.P1.9 - Fix CVE-2016-2776 30:9.3.6-25.P1.8 - Fix issue with patch for CVE-2016-1285 and CVE-2016-1286 found by test suite 30:9.3.6-25.P1.7 - Fix CVE-2016-1285 and CVE-2016-1286 30:9.3.6-25.P1.6 - Fix CVE-2015-8704 30:9.3.6-25.P1.5 - Fix CVE-2015-8000 30:9.3.6-25.P1.4 - Fix CVE-2015-572...
kvm security update
83-276.0.1.el511 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch 83-275.el511 - kvm-virtio-error-out-if-guest-exceeds-virtqueue-size.patch bz1359723 - Resolves: bz1359723 CVE-2016-5403 kvm: Qemu: virtio: unbounded memory allocation on host via...
openssl security update
1.0.1e-48.3 - fix CVE-2016-2177 - possible integer overflow - fix CVE-2016-2178 - non-constant time DSA operations - fix CVE-2016-2179 - further DoS issues in DTLS - fix CVE-2016-2180 - OOB read in TSOBJprintbio - fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue - fix...
openssl security update
1.0.1e-48.3 - fix CVE-2016-2177 - possible integer overflow - fix CVE-2016-2178 - non-constant time DSA operations - fix CVE-2016-2179 - further DoS issues in DTLS - fix CVE-2016-2180 - OOB read in TSOBJprintbio - fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue - fix...
Unbreakable Enterprise kernel security update
2.6.39-400.284.2 - Btrfs: fix truncation of compressed and inlined extents Divya Indi Orabug: 22307286 CVE-2015-8374 - Btrfs: fix file corruption and data loss after cloning inline extents Divya Indi Orabug: 22307286 CVE-2015-8374 - netfilter: xtables: make sure e-nextoffset covers remaining blob...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.10 - netfilter: xtables: make sure e-nextoffset covers remaining blob size Florian Westphal Orabug: 24682076 CVE-2016-4997 CVE-2016-4998 - netfilter: xtables: validate e-targetoffset early Florian Westphal Orabug: 24682076 CVE-2016-4997 CVE-2016-4998 4.1.12-61.1.9 -...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.11.2 - Btrfs: fix truncation of compressed and inlined extents Ashish Samant Orabug: 22307285 CVE-2015-8374 - Btrfs: fix file corruption and data loss after cloning inline extents Divya Indi Orabug: 22307285 CVE-2015-8374 - netfilter: xtables: make sure e-nextoffset covers...
firefox security update
45.4.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.4.0-1 - Update to 45.4.0 ESR...
kernel security, bug fix, and enhancement update
3.10.0-327.36.1.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.36.1 - x86 Use ptenone to test for empty PTE Larry Woodman 1363860 1347159 - x86 Disallow running with 32-bit PTEs to work around erratum Larry Woodman 1363860 1347159 - x86 Ignore A/D bits in pte/pmd/pudnone Alexander...
libarchive security update
2.8.3-7 - Fixes variation of CVE-2016-5418: Hard links could include '..' in their path. 2.8.3-6 - Fixes CVE-2016-5418: Archive Entry with type 1 hardlink causes file overwrite 1365774 2.8.3-5 - enable testsuite - CVE batch in summer 2016...
libarchive security update
3.1.2-10 - Fixes variation of CVE-2016-5418: Hard links could include '..' in their path. 3.1.2-9 - Fixes CVE-2016-5418: Archive Entry with type 1 hardlink causes file overwrite 1365777 3.1.2-8 - a bunch of security fixes rhbz1353065...
ntp security update
4.2.6p5-22.0.1.el72.2 - add disable monitor to default ntp.conf CVE-2013-5211...
ntp security update
4.2.6p5-10.0.1.el68.1 - add disable monitor to default ntp.conf CVE-2013-5211...
thunderbird security update
45.3.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 45.3.0-1 - Update to 45.3.0...
ipa security update
3.0.0-50.el6.2 - Resolves: 1351593 CVE-2016-5404 ipa: Insufficient privileges check in certificate revocation - cert-revoke: fix permission check bypass CVE-2016-5404...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.6 - blk-mq: avoid setting hctx-tags-cpumask before allocation Akinobu Mita Orabug: 24464170 4.1.12-61.1.3 - ocfs2: improve recovery performance Junxiao Bi Orabug: 24395729 - qed: Utilize FW 8.10.3.0 Yuval Mintz Orabug: 24442553 - blk-mq: mark request queue as mq asap Ming L...
java-1.6.0-openjdk security update
1:1.6.0.40-1.13.12.4.0.1 - Add oracle-enterprise.patch 1:1.6.0.40-1.13.12.4 - Bump source tarballs to try and really fix TCK failures this time. - Resolves: rhbz1350043 1:1.6.0.40-1.13.12.3 - Bump source tarballs to missing -DNDEBUG on JDK native code. - Resolves: rhbz1350043 1:1.6.0.40-1.13.12.2...