9185 matches found
Unbreakable Enterprise kernel security update
2.6.39-400.278.3 - net: add validation for the socket syscall protocol argument Hannes Frederic Sowa Orabug: 23267976 CVE-2015-8543 CVE-2015-8543 - ipv6: addrconf: validate new MTU before applying it Marcelo Leitner Orabug: 23263251 CVE-2015-8215 - ext4: avoid hang when mounting non-journal...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.17 - net: add validation for the socket syscall protocol argument Hannes Frederic Sowa Orabug: 23267965 CVE-2015-8543 CVE-2015-8543 - ext4: Fix null dereference in ext4fillsuper Ben Hutchings Orabug: 23263398 CVE-2015-8324 CVE-2015-8324 - ipv6: addrconf: validate new MTU...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.6.2 - KEYS: Fix ASN.1 indefinite length object parsing This fixes CVE-2016-0758. David Howells Orabug: 23279020 CVE-2016-0758 - net: add validation for the socket syscall protocol argument Hannes Frederic Sowa Orabug: 23267997 CVE-2015-8543 CVE-2015-8543 - ipv6: addrconf:...
docker-engine security update
1.10.3-1.0.3 - CVE-2016-3697: docker: Potential privilege escalation via confusion of usernames and UIDs orabug 23279003...
libndp security update
1.2-6 - libndp: fix hop limit validation CVE-2016-3698 1.2-5 - libndp: validate the IPv6 hop limit CVE-2016-3698 - libndb: reject redirect and router advertisements from non-link-local CVE-2016-3698...
kernel security, bug fix, and enhancement update
2.6.32-642 - scsi fc: revert - ensure scanwork isnt active when freeing fcrport Ewan Milne 1326447 - netdrv ixgbe: Update ixgbe driver to use netdevpicktx in ixgbeselectqueue John Greene 1310749 - netdrv mlx5e: Fix adding vlan rule with vid zero twice Kamal Heib 1322809 2.6.32-641 - netdrv ixgbe:...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-37.3.1 - KEYS: Fix ASN.1 indefinite length object parsing This fixes CVE-2016-0758. David Howells Orabug: 23279022 CVE-2016-0758 - uek-rpm: ol6: revert DRM for experimental or OL6-incompatible drivers Todd Vierling Orabug: 23270829 - unix: properly account for FDs passed over un...
qemu-kvm security update
0.12.1.2-2.491.el68.1 - kvm-Add-vga.h-unmodified-from-Linux.patch bz1331407 - kvm-vga.h-remove-unused-stuff-and-reformat.patch bz1331407 - kvm-vga-use-constants-from-vga.h.patch bz1331407 - kvm-vga-Remove-some-should-be-done-in-BIOS-comments.patch bz1331407 -...
openssl security update
1.0.1e-48.1 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when readi...
thunderbird security update
38.8.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 38.8.0-2 - Update to 38.8.0...
file security, bug fix, and enhancement update
5.04-30 - fix CVE-2014-3538 unrestricted regular expression matching 5.04-29 - fix 1284826 - try to read ELF header to detect corrupted one 5.04-28 - fix 1263987 - fix bugs found by coverity in the patch 5.04-27 - fix CVE-2014-3587 incomplete fix for CVE-2012-1571 - fix CVE-2014-3710 out-of-bound...
kernel security and bug fix update
3.10.0-327.18.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.18.2 - lib keys: Fix ASN.1 indefinite length object parsing David Howells 1308814 1308815 CVE-2016-0758 3.10.0-327.18.1 - scsi bnx2fc: Fix FCP RSP residual parsing Maurizio Lombardi 1322279 1306342 - mm madvise: fix...
icedtea-web security, bug fix, and enhancement update
1.6.2-1 - updated to 1.6.2 - fixed also rhbz1303437 - package owns /etc/bashcompletion.d but it should not own it - Resolves: rhbz1275523 1.6.1-4 - updated to 1.6.1 - Resolves: rhbz1275523...
ntp security and bug fix update
4.2.6p5-10 - don't accept server/peer packets with zero origin timestamp CVE-2015-8138 - fix crash with reslist command CVE-2015-7977, CVE-2015-7978 4.2.6p5-9 - fix crash with invalid logconfig command CVE-2015-5194 - fix crash when referencing disabled statistic type CVE-2015-5195 - don't hang i...
openssh security, bug fix, and enhancement update
5.3p1-117 - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317817 5.3p1-116 - Restore functionallity of pamsshagentauth in FIPS mode 1278315 - Initialize devicesdone variable for challenge response 1281468 - Update behaviour of X11 forwarding to match upstream 1299048 5.3p1-115 ...
openssl security update
1.0.1e-48.1 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when readi...
pcre security update
8.32-15.1 - Fix CVE-2015-2328 infinite recursion compiling pattern with recursive reference in a group with indefinite repeat bug 1330508 - Fix CVE-2015-8385 buffer overflow caused by named forward reference to duplicate group number bug 1330508 - Fix CVE-2015-8386 buffer overflow caused by...
java-1.6.0-openjdk security update
1:1.6.0.39-1.13.11.0 - Update to IcedTea 1.13.11 & OpenJDK 6 b39. - Resolves: rhbz1325432...
qemu-kvm security update
1.5.3-105.el72.4 - kvm-vga-Remove-some-should-be-done-in-BIOS-comments.patch bz1331412 - kvm-vga-fix-banked-access-bounds-checking-CVE-2016-3710.patch bz1331412 - kvm-vga-add-vbeenabled-helper.patch bz1331412 - kvm-vga-factor-out-vga-register-setup.patch bz1331412 -...
ImageMagick security update
6.7.2.7-4 - Add fix for CVE-2016-3714, CVE-2016-3715, CVE-2016-3716 and CVE-2016-3717...
openssl security update
1.0.1e-51.5 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when readi...
openssl security update
1.0.1e-51.5 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when readi...
Unbreakable Enterprise kernel security update
2.6.39-400.278.2 - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222773 CVE-2015-8767...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.16uek - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222781 CVE-2015-8767...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-37.2.2 - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222731 CVE-2015-8767...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.6.1 - skbuff: skbsegment: orphan frags before copying Dongli Zhang Orabug: 23018911 - RDS/IB: VRPC DELAY / OSS RECONNECT CAUSES 5 MINUTE STALL ON PORT FAILURE Venkat Venkatsubra Orabug: 22888920 - mlx4core: Introduce restrictions for PD update Ajaykumar Hotchandani - filenam...
kernel security, bug fix, and enhancement update
2.6.32-573.26.1 - kernel revert 'sched: core: Use hrtimerstartexpires' Jiri Olsa 1326043 1324318 - kernel Revert 'Cleanup bandwidth timers' Jiri Olsa 1326043 1324318 - kernel revert 'fair: Test list head instead of list entry in throttlecfsrq' Jiri Olsa 1326043 1324318 - kernel revert 'sched, per...
mercurial security update
2.6.2-6 - fix previous patch for CVE-2016-3069 2.6.2-5 - Fix CVE-2016-3068 and CVE-2016-3069...
firefox security update
45.1.0-1.0.1.el72 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 45.1.0-1 - Update to 45.1.0 ESR 45.0.2-1 - Update to 45.0.2 ESR 45.0.1-1 - Update to 45.0.1 ESR 45.0-5 - Fixed crashed after start rhbz1323744, rhbz1323738...
nss and nspr security, bug fix, and enhancement update
nspr 4.11.0-0.1 - Rebase to NSPR 4.11 - Resolves: Bug 1297943 - Rebase RHEL 5.11.z to NSPR 4.11 in preparation for Firefox 45 nss 3.21.0-6 - Fix SSLDHMINPBITS in more places. 3.21.0-5 - Keep SSLDHMINPBITS at 768 as in the previously released build. 3.21.0-4 - Run SSL tests 3.21.0-3 - Add...
nss, nspr, nss-softokn, and nss-util security, bug fix, and enhancement update
nspr 4.11.0-1 - Rebase to NSPR 4.11 nss 3.21.0-9.0.1 - Added nss-vendor.patch to change vendor 3.21.0-9 - Rebuild to require the latest nss-util build and nss-softokn build. 3.21.0-8 - Update the minimum nss-softokn build required at runtime. 3.21.0-7 - Delete duplicates from one table 3.21.0-6 -...
java-1.7.0-openjdk security update
1:1.7.0.101-2.6.6.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.101-2.6.6.1 - added Patch666 fontpath.patch to fix tck regressions - Resolves: rhbz1325425 1:1.7.0.101-2.6.6.0 - Fix ztos handling in templateTableppc64.cpp to be same as others in 7. - Resolves: rhbz1325425 1:1.7.0.101-2.6.6.0 - Bum...
java-1.7.0-openjdk security update
1:1.7.0.101-2.6.6.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.101-2.6.6.1 - added Patch666 fontpath.patch to fix tck regressions - Resolves: rhbz1325427 1:1.7.0.101-2.6.6.0 - Fix ztos handling in templateTableppc64.cpp to be same as others in 7. - Resolves: rhbz1325427 1:1.7.0.101-2.6.6.0 - Bum...
java-1.8.0-openjdk security update
1:1.8.0.91-0.b14 - Add additional fix to Zero patch to properly handle result on 64-bit big-endian - Resolves: rhbz1325422 1:1.8.0.91-0.b14 - Revert settings to production defaults so we can at least get a build. - Resolves: rhbz1325422 1:1.8.0.91-0.b14 - Switch to a slowdebug build to try and...
java-1.8.0-openjdk security update
1:1.8.0.91-1.b03 - Update to u91b14. - Resolves: rhbz1325420...
samba security update
3.0.33-3.41.el5 - Security Release 'BadLock' - resolves: CVE-2016-2110 - resolves: CVE-2016-2111...
samba and samba4 security, bug fix, and enhancement update
ipa 4.2.0-15.0.1.6.1 - Drop redhat-access-plugin-ipa requires for OL7 Blank out header-logo.png product-name.png Replace login-screen-logo.png 20362818 4.2.0-15.6.1 - Rebuild against newer Samba version - Related: 1322690 libldb 1.1.25-1 - Rebase libldb to 1.1.25 - Related: rhbz1322690 libtalloc...
samba security update
3.6.23-30.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 18253258 3.6.23-30 - related: 1322686 - Update manpages 3.6.23-29 - related: 1322686 - Update CVE patchset 3.6.23-28 - related: 1322686 - Update manpages 3.6.23-27 - related: 1322686 - Update CVE patchset...
samba3x security update
3.6.23-12.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 19973497 3.6.23-12 - related: 1322685 - Update CVE patchset 3.6.23-11 - related: 1322685 - Update CVE patchset 3.6.23-10 - resolves: 1322685 - Fix CVE-2015-5370 - resolves: 1322685 - Fix CVE-2016-2110 -...
nss, nss-util, and nspr security, bug fix, and enhancement update
nspr 4.11.0-0.1 - Rebase to NSPR 4.11 nss 3.21.0-0.3.0.1 - Added nss-vendor.patch to change vendor 3.21.0-0.3 - Ensure all ssl.sh tests are executed 3.21.0-0.2 - Ensure abi compatibility 3.21.0-0.1 - Rebase to NSS-3.21 nss-util 3.21.0-0.3 - Rebase RHEL 6.7.z to NSS-util 3.21 in preparation for...
graphite2 security, bug fix, and enhancement update
1.3.6-1 - Related: rhbz1309052 CVE-2016-1521 CVE-2016-1522 CVE-2016-1523 CVE-2016-1526 1.3.5-1 - Resolves: rhbz1309052 CVE-2016-1521 CVE-2016-1522 CVE-2016-1523 CVE-2016-1526 1.2.4-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora24MassRebuild 1.2.4-5 - Rebuilt for...
openssh security update
4.3p2-82.0.2 - CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices John Haxby orabug 22985024 - CVE-2016-3115: missing sanitisation of input for X11 forwarding John Haxby orabug 22985024...
krb5 security update
1.13.2-12 - Fix CVE-2015-8631, CVE-2015-8630, and CVE-2015-8629 - Remove obsolete trigger to enable building of package - Resolves: 1306969...
mariadb security and bug fix update
1:5.5.47-1 - Rebase to 5.5.47 Also fixes: CVE-2015-4792 CVE-2015-4802 CVE-2015-4815 CVE-2015-4816 CVE-2015-4819 CVE-2015-4826 CVE-2015-4830 CVE-2015-4836 CVE-2015-4858 CVE-2015-4861 CVE-2015-4870 CVE-2015-4879 CVE-2015-4913 CVE-2015-7744 CVE-2016-0505 CVE-2016-0546 CVE-2016-0596 CVE-2016-0597...
kernel-uek security update
kernel-uek 4.1.12-32.2.3 - rebuild bumping release 4.1.12-32.2.2 - x86/iopl/64: properly context-switch IOPL on Xen PV Andy Lutomirski Orabug: 22997978 CVE-2016-3157 - fs/hugetlbfs/inode.c: fix bugs in hugetlbvmtruncatelist Mike Kravetz Orabug: 22667863...
java-1.8.0-openjdk security update
1:1.8.0.77-0.b03 - Remove what remains of the SunEC sources in the remove-intree-libraries script. - Resolves: rhbz1320661 1:1.8.0.77-0.b03 - Update to u77b03. - Drop 8146566 which is applied upstream. - Replace s390 Java options patch with general version from IcedTea. - Apply s390 patches...
java-1.7.0-openjdk security update
1:1.7.0.99-2.6.5.0.0.1 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Oracle Linux' 1:1.7.0.99-2.6.5.0 - Explictly required libXcomposite-devel for PR2867 as nothing else pulls it in - Resolves: rhbz1320655...
java-1.7.0-openjdk security update
1:1.7.0.99-2.6.5.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.99-2.6.5.0 - Bump to 2.6.5 and u99b00. - Correct check for fsg.sh in tarball creation script - Resolves: rhbz1320656...
java-1.8.0-openjdk security update
1:1.8.0.77-0.b03 - Remove what remains of the SunEC sources in the remove-intree-libraries script. - Resolves: rhbz1320664 1:1.8.0.77-0.b03 - Update to u77b03. - Drop 8146566 which is applied upstream. - Replace s390 Java options patch with general version from IcedTea. - Apply s390 patches...
git security update
1.7.1-4.1 - fix heap overflow CVE-2016-2315 CVE-2016-2324 Resolves: 1318252 1.7.1-4 - fix CVE-2013-0308...