8998 matches found
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-68.3.4 - ipv6: Don't reduce hop limit for an interface D.S. Ljungmark Orabug: 21444790 CVE-2015-2922 - ipv4: Missing sknullsnodeinit in pingunhash. David S. Miller Orabug: 21444687 CVE-2015-3636...
java-1.8.0-openjdk security update
1:1.8.0.51-1.b16 - Add md5sum for January 2015 java.security update so it gets updated this time. - Resolves: rhbz1235162 1:1.8.0.51-0.b16 - July 2015 security update to u51b16. - Add script for generating OpenJDK tarballs from a local Mercurial tree. - Add %name prefix to patches to avoid...
java-1.7.0-openjdk security update
1:1.7.0.85-2.6.1.2.0.1.el71 - Update DISTRONAME in specfile 1:1.7.0.85-2.6.1.2 - Bump upstream tarball to u25b01 to fix issue with 8075374 backport. - Resolves: rhbz1235158 1:1.7.0.85-2.6.1.1 - Update OpenJDK tarball so correct version is used. - Resolves: rhbz1235158 1:1.7.0.85-2.6.1.0 - Add...
kernel security, bug fix, and enhancement update
2.6.32-504.30.3 - redhat spec: Update dracut dependency to pull in drbg module Frantisek Hrbata 1241517 1241338 2.6.32-504.30.2 - crypto rng: Remove krng Herbert Xu 1233512 1226418 - crypto drbg: Add stdrng alias and increase priority Herbert Xu 1233512 1226418 - crypto seqiv: Move IV seeding int...
php security update
5.3.3-46 - fix gzfile accept paths with NUL character 1213407 - fix patch for CVE-2015-4024 5.3.3-45 - fix more functions accept paths with NUL character 1213407 5.3.3-44 - soap: missing fix for 1222538 and 1204868 5.3.3-43 - core: fix multipart/form-data request can use excessive amount of CPU...
abrt security update
abrt 2.0.8-26.0.1.el66.1 - Add abrt-oracle-enterprise.patch to be product neutral - Remove abrt-plugin-rhtsupport dependency for cli and desktop - Make abrt Obsoletes/Provides abrt-plugin-rhtsupprot 2.0.8-26.el66.1 - remove old dump directories in upgrade - remove outdated rmp scriptlets - daemon...
firefox security update
38.1.0-1.0.1.el71 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 38.1.0-1 - Update to 38.1.0 ESR 38.0.1-2 - Fixed rhbz1222807 by removing preun section...
openssl security update
0.9.8e-36.0.1 - Backport openssl 08-Jan-2015 security fixes John Haxby orabug 20409893 - fix CVE-2014-3570 - Bignum squaring may produce incorrect results - fix CVE-2014-3571 - DTLS segmentation fault in dtls1getrecord - fix CVE-2014-3572 - ECDHE silently downgrades to ECDH Client 0.9.8e-36 - als...
postgresql security update
9.2.13-1 - update to 9.2.13 per release notes http://www.postgresql.org/docs/9.2/static/release-9-2-13.html 9.2.12-1 - update to 9.2.12 per release notes http://www.postgresql.org/docs/9.2/static/release-9-2-12.html 9.2.11-1 - update to 9.2.11 per release notes...
xerces-c security update
3.1.1-7 Resolves: rhbz1217104 CVE-2015-0252...
kvm security update
kvm-83-273.0.1.el5 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83.273.el5 - kvm-pcnet-Properly-handle-TX-requests-during-Link-Fail.patch bz1225896 - kvm-pcnet-fix-Negative-array-index-read.patch bz1225896 -...
nss security update
nss 3.19.1-3.0.1 - Added nss-vendor.patch to change vendor 3.19.1-3 - Additional NULL initialization. 3.19.1-2 - Updated the patch to keep old cipher suite order - Resolves: Bug 1224449 3.19.1-1 - Rebase to nss-3.19.1 - Resolves: Bug 1224449 nss-util 3.19.0-1 - Rebase to nss-3.19.1 - Resolves: Bu...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.6 - x86/asm/entry/64: Remove a bogus 'retfromfork' optimization Andy Lutomirski Orabug: 21308307 CVE-2015-2830 - x86, mm/ASLR: Fix stack randomization on 64-bit systems Hector Marco-Gisbert Orabug: 21307917 CVE-2015-1593 CVE-2015-1593...
Unbreakable Enterprise kernel security update
2.6.39-400.250.6 - x86/asm/entry/64: Remove a bogus 'retfromfork' optimization Andy Lutomirski Orabug: 21308308 CVE-2015-2830 - x86, mm/ASLR: Fix stack randomization on 64-bit systems Hector Marco-Gisbert Orabug: 21307918 CVE-2015-1593 CVE-2015-1593...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-68.3.3 - x86/asm/entry/64: Remove a bogus 'retfromfork' optimization Andy Lutomirski Orabug: 21308309 CVE-2015-2830 - x86, mm/ASLR: Fix stack randomization on 64-bit systems Hector Marco-Gisbert Orabug: 21307919 CVE-2015-1593 CVE-2015-1593...
libreswan security, bug fix and enhancement update
3.12-10.1.0.1 - add libreswan-oracle.patch to detect Oracle Linux distro 3.12-10.1 - Resolves: rhbz1226407 CVE-2015-3204 libreswan: crafted IKE packet causes daemon restart 3.12-10 - Resolves: rhbz1213652 Support CAVS updated another prf free symkey, bogus fips mode fix 3.12-9 - Resolves:...
kernel security and bug fix update
3.10.0-229.7.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-229.7.2 - fs pipe: fix pipe corruption and iovec overrun on partial copy Seth Jennings 1202861 1198843 CVE-2015-1805 3.10.0-229.7.1 - scsi storvsc: get rid of overly verbose warning messages Vitaly Kuznetsov 1215770 1206437 - scsi...
mailman security and bug fix update
3:2.1.15-21 - fix CVE-2015-2775 - directory traversal in MTA transports 3:2.1.15-20 - fix 1107652 - do not install patch backup files in documentation 3:2.1.15-19 - fix 1188043 - set 2775 permission only for /etc/mailman 3:2.1.15-18 - fix 1107652 - add support for DMARC - fix 1180981 - install...
php security and bug fix update
5.4.16-36 - fix more functions accept paths with NUL character 1213407 5.4.16-35 - core: fix multipart/form-data request can use excessive amount of CPU usage CVE-2015-4024 - fix various functions accept paths with NUL character CVE-2015-4025, CVE-2015-4026, 1213407 - fileinfo: fix denial of...
cups security update
1:1.4.2-67.1 - CVE-2015-1158, CVE-2015-1159, CVE-2014-9679 bug 1229982...
openssl security update
1.0.1e-42.8 - improved fix for CVE-2015-1791 - add missing parts of CVE-2015-0209 fix for corectness although unexploitable 1.0.1e-42.7 - fix CVE-2014-8176 - invalid free in DTLS buffering code - fix CVE-2015-1789 - out-of-bounds read in X509cmptime - fix CVE-2015-1790 - PKCS7 crash with missing...
wpa_supplicant security and enhancement update
1:2.0-17 - AP WMM: Fix integer underflow in WMM Action frame parser rh 1221178 rh 1222015 1:2.0-16 - P2P: Validate SSID element length before copying it CVE-2015-1863 1:2.0-15 - Add domainmatch config option from upstream rh 1178263 - Include peer certificate in EAP events for use by clients...
Unbreakable Enterprise kernel security update
2.6.39-400.250.5 - x8664, vdso: Fix the vdso address randomization algorithm Andy Lutomirski Orabug: 21226730 CVE-2014-9585 - isofs: Fix infinite looping over CE entries Jan Kara Orabug: 21225976 CVE-2014-9420 - x8664, switchto: Load TLS descriptors before switching DS and ES Andy Lutomirski...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-68.3.2 - x8664, vdso: Fix the vdso address randomization algorithm Andy Lutomirski Orabug: 21226729 CVE-2014-9585 - isofs: Fix infinite looping over CE entries Jan Kara Orabug: 21225975 CVE-2014-9420 - x8664, switchto: Load TLS descriptors before switching DS and ES Andy...
qemu-kvm security update
0.12.1.2-2.448.el66.4 - kvm-pcnet-fix-Negative-array-index-read.patch bz1225886 - kvm-pcnet-force-the-buffer-access-to-be-in-bounds-during.patch bz1225886 - Resolves: bz1225886 EMBARGOED CVE-2015-3209 qemu-kvm: qemu: pcnet: multi-tmd buffer overflow in the tx path rhel-6.6.z...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.5 - x8664, vdso: Fix the vdso address randomization algorithm Andy Lutomirski Orabug: 21226731 CVE-2014-9585 - isofs: Fix infinite looping over CE entries Jan Kara Orabug: 21225977 CVE-2014-9420 - x8664, switchto: Load TLS descriptors before switching DS and ES Andy...
abrt security update
abrt 2.1.11-22.0.1 - Drop libreport-rhel and libreport-plugin-rhtsupport requires 2.1.11-22 - do not open the buildids file as the user abrt - do not unlink failed and big user core files - Related: 1212819, 1216973 2.1.11-21 - validate all D-Bus method arguments - Related: 1214610 2.1.11-20 -...
kernel security, bug fix, and enhancement update
2.6.32-504.23.4 - crypto drbg: fix maximum value checks on 32 bit systems Herbert Xu 1225950 1219907 - crypto drbg: remove configuration of fixed values Herbert Xu 1225950 1219907 2.6.32-504.23.3 - netdrv bonding: fix locking in enslave failure path Nikolay Aleksandrov 1222483 1221856 - netdrv...
openssl security update
1.0.1e-30.9 - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits limit will be increased in future...
kernel security and bug fix update
kernel 2.6.18-406.0.0.0.1 - netfront fix ring buffer index go back led vif stop orabug 18272251 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add...
kernel security and bug fix update
kernel 2.6.18-406 - fs pipe: fix pipe corruption and iovec overrun on partial copy Mateusz Guzik 1203787 CVE-2015-1805 2.6.18-405 - net tcp: zero retransstamp if all retrans were acked Marcelo Leitner 1205521 - net tcp: fix retransstamp advancing in error cases Marcelo Leitner 1205521 - net tcp:...
docker security update
1.6.1-1.0.1 - Update source to 1.6.1 from https://github.com/docker/docker/releases/tag/v1.6.1 Symlink traversal on container respawn allows local privilege escalation CVE-2015-3629 Insecure opening of file-descriptor 1 leading to privilege escalation CVE-2015-3627 Read/write proc paths allow hos...
thunderbird security update
31.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 31.7.0-1 - Update to 31.7.0...
xen security update
3.0.3-146.el5 - xen-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch - xen-FDC-Fix-buffer-overflow-Herv-Poussineau.patch - Resolves: bz1219333 xen: qemu: floppy disk controller flaw rhel-5.11.z 3.0.3-144.el5 - xm: Fix vcpu-pin complain for CPU number out of range rhbz 955656 - libxc:...
firefox security update
38.0-3.0.1.el71 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 38.0-3 - Enabled system nss - Removed unused patches 38.0-2 - Update to 38.0 ESR 38.0b8-0.11 - Update to 38.0 Beta 8 38.0b6-0.10 - Added patch for mozbz1152515 38.0b6-0.9 - Update to 38.0 Beta 6...
Unbreakable Enterprise kernel security and bugfix update
kernel-uek 3.8.13-68.2.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077385 CVE-2015-3331 3.8.13-68.2.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807438 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...
kvm security update
kvm-83-272.0.1.el5 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83.272.el5 - kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch bz1219266 - Resolves: bz1219266 kvm: qemu: floppy disk controller flaw rhel-5.11.z...
qemu-kvm security update
0.12.1.2-2.448.el66.3 - kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch bz1219267 - Resolves: bz1219267 EMBARGOED CVE-2015-3456 qemu-kvm: qemu: floppy disk controller flaw rhel-6.6.z...
Unbreakable Enterprise kernel security and bugfix update
2.6.39-400.250.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077389 CVE-2015-3331 2.6.39-400.250.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807440 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...
qemu-kvm security update
1.5.3-86.el71.2 - kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch bz1219269 - Resolves: bz1219269 EMBARGOED CVE-2015-3456 qemu-kvm: qemu: floppy disk controller flaw rhel-7.1.z...
kernel security and bug fix update
3.10.0-229.4.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-229.4.2 - x86 crypto: aesni - fix memory usage in GCM decryption Kurt Stutsman 1213331 1212178 CVE-2015-3331 3.10.0-229.4.1 - crypto x86: sha256ssse3 - also test for BMI2 Herbert Xu 1211484 1201563 - crypto testmgr: fix RNG return...
kexec-tools security, bug fix, and enhancement update
2.0.7-19.0.1.el71.2 - kdumpctl: exclude defaulthugepagesz setting from kdump kernel cmdline Sriharsha Yadagudde Orabug: 19134999 - kdumpctl: verify if kernel support securelevel interface Sriharsha Yadagudde Orabug: 18905671 2.0.7-19.2 - dracut-module-setup: Enhance kdump to support the bind...
tomcat6 security and bug fix update
0:6.0.24-83 - Related: rhbz1207048 tomcat initscript didn't assign - RETVAL after killing tomcat process 0:6.0.24-82 - Resolves: rhbz1207048 Tomcat init script needs to be adjusted - to kill tomcat if stop is unsuccessful 0:6.0.24-81 - Resolves: CVE-2014-0227 Limited DoS in chunked transfer...
tomcat security update
0:7.0.54-2 - Resovles: CVE-2014-0227...
389-ds-base security update
1.3.3.1-16 - release 1.3.3.1-16 - Resolves: bug 1212894 - CVE-2015-1854 389ds-base: access control bypass with modrdn...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-68.1.3 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930551 CVE-2014-9584 - KEYS: close race between key lookup and freeing Sasha Levin Orabug: 20930548 CVE-2014-9529 CVE-2014-9529 - mm: memcg: do not allow task about to OOM kill to bypass the limit Johannes...
Unbreakable Enterprise kernel security update
2.6.39-400.249.4 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930552 CVE-2014-9584 - selinux: Permit bounded transitions under NONEWPRIVS or NOSUID. Stephen Smalley Orabug: 20930502 CVE-2014-3215 - Add PRGET,SETNONEWPRIVS to prevent execve from granting privs Andy Lutomirski...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.4 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930553 CVE-2014-9584 - selinux: Permit bounded transitions under NONEWPRIVS or NOSUID. Stephen Smalley Orabug: 20930502 CVE-2014-3215 - Add PRGET,SETNONEWPRIVS to prevent execve from granting privs Andy...
kvm security update
kvm-83-270.0.1.el511 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83-270.el5 - KVM: x86: Check non canonical addresses upon WRMSR - Resolves: bz1152982 CVE-2014-3610 kernel: kvm: noncanonical MSR writes rhel-5.11.z kvm-83-269.el5 - KVM:...
qemu-kvm security and bug fix update
0.12.1.2-2.448.el66.2 - kvm-cirrus-fix-blit-region-check.patch bz1170571 - kvm-cirrus-don-t-overflow-CirrusVGAState-cirrusbltbuf.patch bz1170571 - Resolves: bz1170571 CVE-2014-8106 qemu-kvm: qemu: cirrus: insufficient blit region checks rhel-6.6.z 0.12.1.2-2.448.el66.1 -...