8998 matches found
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.2.2 - KVM: svm: unconditionally intercept DB Paolo Bonzini Orabug: 22333698 CVE-2015-8104 - KVM: x86: work around infinite loop in microcode when AC is delivered Eric Northup Orabug: 22333689 CVE-2015-5307 CVE-2015-5307 - KVM: x86: Defining missing x86 vectors Nadav Amit...
libpng security update
2:1.5.13-7 - Security fix for CVE-2015-8126 - Changing pngptr to infoptf based on upstream - Related: 1283576 2:1.5.13-6 - Security fix for CVE-2015-8126 - Resolves: 1283576...
libpng12 security update
1.2.50-7 - Security fix for CVE-2015-7981 and CVE-2015-8126 - Resolves: 1283576...
libpng security update
2:1.2.49-2 - Security fix for CVE-2015-7981 and CVE-2015-8126 - Resolves: 1283572...
git security update
1.8.3.1-6 - fix arbitrary code execution via crafted URLs Resolves: 1274737...
kernel security and bug fix update
3.10.0-327.3.1.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.3.1 - rebuild 3.10.0-327.2.1 - netdrv macvtap: unbreak receiving of gro skb with frag list Jason Wang 1279794 1273737 - net ipv6: drop frames with attached skb-sk in forwarding Hannes Frederic Sowa 1281701 1243966 - net ipv...
libxml2 security update
2.9.1-6.0.1.el71.2 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-6.2 - Fix a series of CVEs rhbz1286496 - CVE-2015-7941 Stop parsing on entities boundaries errors - CVE-2015-7941 Cleanup conditional section error handling - CVE-2015-831...
libxml2 security update
2.7.6-20.0.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-20.1 - Fix a series of CVEs rhbz1286495 - CVE-2015-7941 Cleanup conditional section error handling - CVE-2015-8317 Fail parsing early on if encoding conversion failed -...
apache-commons-collections security update
3.2.1-22 - Fix Java object de-serialization vulnerability - Resolves: CVE-2015-7501...
jakarta-commons-collections security update
0:3.2.1-3.5 - Fix Java object de-serialization vulnerability - Resolves: CVE-2015-7501...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.2.1 - ipc/sem.c: fully initialize semarray before making it visible Manfred Spraul Orabug: 22277382 CVE-2015-7613 - ipc: fix msg newqueue add Guru Anbalagane Orabug: 22277382 CVE-2015-7613 3.8.13-118.1.1 - sctp: fix race on protocol/netns initialization Marcelo Ricardo Leitn...
thunderbird security update
38.4.0-1.0.1.el67 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 38.4.0-1 - Update to 38.4.0...
abrt and libreport security update
abrt 2.1.11-35.0.1 - Drop libreport-rhel and libreport-plugin-rhtsupport requires 2.1.11-35 - make /var/spool/abrt owned by root - remove 'r' from /var/spool/abrt for other users - abrt-action-install-debug-info: use secure temporary directory - stop saving abrt's core files to /var/spool/abrt if...
glibc security update
2.17-106.0.1.1 - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. 2.17-106.1 - Rebuild with corrected release. 2.17-106 - Add fix for CVE-2015-5277 1275920...
NetworkManager security, bug fix, and enhancement update
ModemManager 1.1.0-8.git20130913 - rfcomm: don't open the ttys until NetworkManager connects them rh 1251954 1.1.0-7.git20130913 - iface-modem: fix MODEMSTATEISINTERMEDIATE macro rh 1200958 NetworkManager 1.0.6-27.0.1 - fix build error on i386 1:1.0.6-27 build: update vala-tools build requirement...
realmd security, bug fix, and enhancement update
0.16.1-5 - Revert 0.16.1-4 - Use samba by default - Resolves: rhbz1271618 0.16.1-4 - Fix regressions in 0.16.x releases - Resolves: rhbz1258745 - Resolves: rhbz1258488 0.16.1-3 - Fix regression accepting DNS domain names - Resolves: rhbz1243771 0.16.1-2 - Fix discarded patch: ipa-packages.patch...
tigervnc security, bug fix, and enhancement update
1.3.1-3 - Do not mention that display number is required in the file name Resolves: bz1195266 1.3.1-2 - Resolves: bz1248422 CVE-2014-8240 CVE-2014-8241 tigervnc: various flaws 1.3.1-1 - Drop unecessary patches - Re-base to 1.3.1 bug 1199453 - Re-build against re-based xserver bug 1194898 - Check...
glibc security, bug fix, and enhancement update
2.17-105.0.1 - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. 2.17-105 - Fix up test case for initial-exec fix 1248208. 2.17-104 - Mark all TLS variables i...
kernel security, bug fix, and enhancement update
3.10.0-327.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327 - mm free compound page with correct order Andrea Arcangeli 1274867 - netdrv revert 'ixgbe: Refactor busy poll socket code to address multiple issues' John Greene 1261275 - powerpc dma: dmasetcoherentmask should not be GPL only...
sssd security, bug fix, and enhancement update
1.13.0-40 - Resolves: rhbz1270827 - local overrides: don't contact server with overridden name/id 1.13.0-39 - Resolves: rhbz1267837 - sssdbe crashed in ipasrvadacctlookupstep 1.13.0-38 - Resolves: rhbz1267176 - Memory leak / possible DoS with krb auth. 1.13.0-37 - Resolves: rhbz1267836 - PAM...
openldap security, bug fix, and enhancement update
2.4.40-8 - NSS does not support string ordering 1231522 - implement and correct order of parsing attributes 1231522 - add multimask and multistrength to correctly handle sets of attributes 1231522 - add new cipher suites and correct AES-GCM attributes 1245279 - correct DEFAULT ciphers handling to...
chrony security, bug fix, and enhancement update
2.1.1-1 - update to 2.1.1 1117882 - add -n option to gzip command to not save timestamp 2.1-1 - update to 2.1 1117882 1169353 1206504 1209568 CVE-2015-1821 CVE-2015-1822 CVE-2015-1853 - extend chrony-helper to allow using servers from DNS SRV records 1211600 - add servers from DHCP with iburst...
curl security, bug fix, and enhancement update
7.29.0-25.0.1 - disable check to make build pass 7.29.0-25 - fix spurious failure of test 1500 on ppc64le 1218272 7.29.0-24 - use the default min/max TLS version provided by NSS 1170339 - improve handling of timeouts and blocking direction to speed up FTP 1218272 7.29.0-23 - require credentials t...
libreport security update
2.0.9-25.0.1 - Add Fix-for-bug-21110293.patch bug 21110293 - Add oracle-enterprise.patch and oracle-enterprise-po.patch - Remove libreport-plugin-rhtsupport pkg 2.0.9-25 - save all files changed by the reporter in the reporting GUI - Fixes CVE-2015-5302 - Resolves: 1282143...
net-snmp security and bug fix update
1:5.7.2-24 - Fixed lmSensorsTable not reporting sensors with duplicate names 1252053 - Fixed close overhead of extend commands 1252048 - Fixed out-of-bounds write in python code 1252034 1:5.7.2-23 - Fixed parsing of invalid variables in incoming packets 1248414 - Fixed...
netcf security, bug fix, and enhancement update
0.2.8-1 - Rebase to netcf-0.2.8 - resolve rhbz1165965 - CVE-2014-8119 - resolve rhbz1159000 - support multiple IPv4 addresses in interface config redhat driver - resolve rhbz1113983 - allow static IPv4 config simultaneous with DHCPv4 redhat driver - resolve rhbz1170941 - remove extra quotes from...
grub2 security, bug fix, and enhancement update
2.02-0.29.0.1 - Fix comparison in patch for 18504756 - Remove symlink to grub environment file during uninstall on EFI platforms bug 19231481 - update Oracle Linux certificates Alexey Petrenko - Put 'with' in menuentry instead of 'using' bug 18504756 - Use different titles for UEK and RHCK kernel...
krb5 security, bug fix, and enhancement update
1.13.2-9 - Add patch and test case for 'KDC does not return proper client principal for client referrals' - Resolves: 1259846 1.13.2-9 - Ammend patch for RedHat bug 1252454 'testsuite complains 'Lifetime has increased by 32436 sec while 0 sec passed!', while rhel5-libkrb5 passes' to handle the...
openhpi security, bug fix, and enhancement update
3.4.0-2 - fix /var/lib/openhpi permissions - Resolves: rhbz1063367 3.4.0-1 - update to 3.4.0 1127908 - Resolves: rhbz1127908,rhbz948461,rhbz1208127,rhbz1201827...
openssh security, bug fix, and enhancement update
6.6.1p1-22 - Use the correct constant for glob limits 1160377 6.6.1p1-21 - Extend memory limit for remote glob in sftp acc. to stat limit 1160377 6.6.1p1-20 - Fix vulnerabilities published with openssh-7.0 1265807 - Privilege separation weakness related to PAM support - Use-after-free bug related...
squid security and bug fix update
7:3.3.8-26 - Related: 1186768 - removing patch, because of missing tests and incorrent patch 7:3.3.8-25 - Related: 1102842 - squid rpm package misses /var/run/squid needed for smp mode. Squid needs write access to /var/run/squid. 7:3.3.8-24 - Related: 1102842 - squid rpm package misses...
cpio security and bug fix update
2.11-24 - fix for CVE-2014-9112 2.11-23 - better check for read error rhbz1138148 - fix ru translation rhbz1075513...
python security, bug fix, and enhancement update
2.7.5-34.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-34 - Revert fix for rhbz1117751 as it leads to regressions Resolves: rhbz1117751 2.7.5-33 - Only restore SIGPIPE when Popen called with restoresigpipe Resolves: rhbz1117751 2.7.5-32 - Backport SSLSocket.version...
binutils security, bug fix, and enhancement update
2.23.52.0.1-55 - Add missing delta to patch that fixes parsing corrupted archives. 1162666 2.23.52.0.1-54 - Import patch for PR 18270: Create AArch64 GOT entries for local symbols. 1238783 2.23.52.0.1-51 - Fix incorrectly generated binaries and DSOs on PPC platforms. 1247126 2.23.52.0.1-50 - Fix...
autofs security, bug fix and enhancement update
5.0.7-54.0.1 - add autofs-5.0.5-lookup-mounts.patch Orabug:12658280 Bert Barbe 1:5.0.7-54 - bz1263508 - Heavy program map usage can lead to a hang - fix out of order call in program map lookup. - Resolves: rhbz1263508 1:5.0.7-53 - bz1238573 - RFE: autofs MAPHASHTABLESIZE description - update...
grep security and bug fix update
2.20-2 - Fixed invalid UTF-8 byte sequence error in PCRE mode by pcre-backported-fixes patch Resolves: rhbz1217080 - Fixed buffer overrun for grep -F Resolves: CVE-2015-1345 - Fixed \w and \W behaviour in multibyte locales Resolves: rhbz1159012 - Documented --fixed-regexp option Resolves:...
unbound security and bug fix update
1.4.20-26 - Added Conficts on redhat-release packages without unbound-anchor.timer in presets Related 1215645 1.4.20-25 - Resolve ordering loop with nss-lookup.target and ntpdate 1259806 1.4.20-24 - Fix CVE-2014-8602 1253961 1.4.20-23 - Removed usage of DLV from the default configuration 1223339...
rubygem-bundler and rubygem-thor security, bug fix, and enhancement update
rubygem-bundler 1.7.8-3 - Enforce higher Thor version, which is required by Bundler. Related: rhbz1194243 1.7.8-2 - Update to Bundler 1.7.8. Resolves: rhbz1194243 - Use symlinks for vendored libraries. Resolves: rhbz1163076 1.3.1-3 - Mass rebuild 2013-12-27 1.3.1-2 - Always include Patch100 in...
xfsprogs security, bug fix and enhancement update
3.2.2-2 - Fix xfsmetadump disclosure flaw, CVE-2012-2150 1251118 3.2.2-1 - Update to upstream v3.2.2, plus fixes from v3.2.3 1223991 - repair: fix unnecessary secondary scan if only last sb is corrupt 1201238 - repair: check ino alignment value to avoid mod by zero 1223444...
ntp security, bug fix, and enhancement update
4.2.6p5-22 - check origin timestamp before accepting KoD RATE packet CVE-2015-7704 - allow only one step larger than panic threshold with -g CVE-2015-5300 4.2.6p5-20 - validate lengths of values in extension fields CVE-2014-9297 - drop packets with spoofed source address ::1 CVE-2014-9298 - rejec...
libssh2 security and bug fix update
1.4.3-10 - check length of data extracted from the SSHMSGKEXINIT packet CVE-2015-1782 1.4.3-9 - curl consumes too much memory during scp download 1080459 - prevent a not-connected agent from closing STDIN 1147717...
file security and bug fix update
5.11-31 - fix 1255396 - Make the build ID output consistent with other tools 5.11-30 - fix CVE-2014-8116 - bump the acceptable ELF program headers count to 2048 5.11-29 - fix 839229 - fix detection of version of XML files 5.11-28 - fix 839229 - fix detection of version of XML files 5.11-27 - fix...
wireshark security, bug fix, and enhancement update
1.10.14-7.0.1 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.10.14-7 - Rebase some tvbuff API from upstream to 1.10.14 - Fixes crash when tvblengthremaining is used - Related: CVE-2015-6244 1.10.14-6 - Security patch - Resolves: CVE-2015-3182 1.10.14-5 - Fix crash...
rest security update
0.7.92-3 - Fix tests/proxy-continuous Resolves: 1250935 0.7.92-2 - Fix memory error due to implicit declaration of restproxycallgeturl Resolves: 1183982...
cups-filters security, bug fix, and enhancement update
1.0.35-21 - Fix heap-based buffer overflow in texttopdf filter bug 1241242, CVE-2015-3258, CVE-2015-3279. 1.0.35-20 - Improvements to cups-browsed efficiency patch bug 1191691. 1.0.35-18 - Fix segfault in texttopdf filter bug 1194263. - Improve cups-browsed efficiency bug 1191691. - Fetch printer...
postgresql security update
9.2.14-1 - update to 9.2.14 per release notes http://www.postgresql.org/docs/9.2/static/release-9-2-14.html 9.2.13-1 - update to 9.2.13 per release notes http://www.postgresql.org/docs/9.2/static/release-9-2-13.html 9.2.12-1 - update to 9.2.12 per release notes...
java-1.6.0-openjdk security update
1:1.6.0.35-1.13.9.4.0.1.el511 - Add oracle-enterprise.patch 1:1.6.0.37-1.13.9.4 - Update with new IcedTea & b37 tarballs, including fix for appletviewer regression. - Resolves: rhbz1271926 1:1.6.0.37-1.13.9.3 - Update with new IcedTea & b37 tarballs, including more Kerberos fixes for TCK...
postgresql security update
8.4.20-4 - fix for CVE-2015-5288 rhbz1273446...
xen security update
3.0.3-147.el5 - net: add checks to validate ring buffer pointers - Resolves: bz1263273 xen: qemu: Heap overflow vulnerability in ne2000receive function...
Unbreakable Enterprise kernel security and bugfix update
kernel-uek 3.8.13-118 - Update ql2400/ql2500 firmware version to 8.02.00 Dan Duval Orabug: 22159505 - update qla2400/ql2500 firmware version to 8.02.00 Dan Duval Orabug: 22159505 3.8.13-117 - virtio-net: drop NETIFFFRAGLIST Jason Wang Orabug: 22145600 CVE-2015-5156 - team: check return value of...