8998 matches found
firefox security update
firefox 31.5.0-2.0.1.el70 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 31.5.0-2 - Update to 31.5.0 ESR Build 2 xulrunner 31.5.0-1.0.1-el70 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNERVERSION from SOURCE2...
thunderbird security update
31.5.0-1.0.1.el66 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 31.5.0-1 - Update to 31.5.0...
samba4 security update
4.0.0-66.rc4 - related: 1191387 - Update patchset for CVE-2015-0240. 4.0.0-65.rc4 - resolves: 1191387 - CVE-2015-0240: RCE in netlogon...
samba security update
3.6.23-14.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 18253258 3.6.23-14 - related: 1191338 - Update patchset for CVE-2015-0240. 3.6.23-13 - resolves: 1191338 - CVE-2015-0240: RCE in netlogon...
samba security update
4.1.1-38 - resolves: 1194132 - CVE-2015-0240: RCE in netlogon server...
samba3x security update
3.6.23-9 - related: 1191608 - Update patchset for CVE-2015-0240. 3.6.23-8 - resolves: 1191608 - CVE-2015-0240: RCE in netlogon...
kernel security and bug fix update
kernel 2.6.18-402 - block virtio: Reset device after blkcleanupqueue Stefan Hajnoczi 1006536 - block virtio: Call delgendisk before disable guest kick Stefan Hajnoczi 1006536 - block virtio: Drop unused request tracking list Stefan Hajnoczi 1006536 - fs cifs: setfacl removes part of ACL when...
kernel security and bug fix update
kernel 2.6.18-402.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...
subversion security update
1.7.14-7 - add security fixes for CVE-2014-3528, CVE-2014-3580, CVE-2014-8108...
subversion security update
1.6.11-12 - moddavsvn fix for CVE-2014-3580 backport 1.6.11-11 - add security fixes for CVE-2014-3528, CVE2014-3580...
mariadb security update
1:5.5.41-2 - Include new certificate for tests Resolves: 1186109 1:5.5.41-1 - Rebase to 5.5.41 Also fix: CVE-2014-6568 CVE-2015-0374 CVE-2015-0381 CVE-2015-0382 CVE-2015-0391 CVE-2015-0411 CVE-2015-0432 Resolves: 1186109 1:5.5.40-2 - Fix header to let dependencies to build fine Resolves: 1177836...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.36.14uek - net: sctp: fix NULL pointer dereference in af-fromaddrparam on malformed packet Daniel Borkmann Orabug: 20425334 CVE-2014-7841...
glibc security update
2.3.4-2.57.0.1.el4.1 - CVE-2015-0235 Fix parsing of numeric hosts in gethostbynamer John Haxby orabug 20439586...
Unbreakable Enterprise kernel security and bugfix update
kernel-uek 3.8.13-55.1.5 - CIFS Possible null ptr deref in SMB2tcon Steve French Orabug: 20433140 CVE-2014-7145 3.8.13-55.1.4 - net: sctp: fix NULL pointer dereference in af-fromaddrparam on malformed packet Daniel Borkmann Orabug: 20425332 CVE-2014-7841 3.8.13-55.1.3 - ACPI: x2apic entry ignored...
Unbreakable Enterprise kernel security and bugfix update
2.6.39-400.246.2 - net: sctp: fix NULL pointer dereference in af-fromaddrparam on malformed packet Daniel Borkmann Orabug: 20425333 CVE-2014-7841 2.6.39-400.246.1 - sched: Fix possible divide by zero in avgatom calculation Mateusz Guzik Orabug: 20148169 - include/linux/math64.h: add div64ul Alex...
kernel security and bug fix update
2.6.32-504.8.1 - crypto crc32c: Kill pointless CRYPTOCRC32CX8664 option Jarod Wilson 1175509 1036212 - crypto testmgr: add larger crc32c test vector to test FPU path in crc32cintel Jarod Wilson 1175509 1036212 - crypto tcrypt: Added speed test in tcrypt for crc32c Jarod Wilson 1175509 1036212 -...
kernel security and bug fix update
3.10.0-123.20.1 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.20.1 - fs seqfile: don't include mm.h in genksyms calculation Ian Kent 1184152 1183280 3.10.0-123.19.1 - mm shmem: fix splicing from a hole while it's punched Denys Vlasenko 1118244 1118245 CVE-2014-4171 - mm shmem: fix faulti...
libyaml security update
0.1.3-4 - Add patch for CVE-2014-9130 RHBZ1169369...
glibc security update
Oracle Linux 7: 2.17-55.0.4.el70.5 - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. Jose E. Marchesi 2.17-55.5 - Rebuild and run regression testing...
glibc security update
2.5-123.0.1.el511.1 - Switch to use malloc when the input line is too long Orabug 19951108 - Use a /sys/devices/system/cpu/online for SCNPROCESSORSONLN implementation Orabug 17642251 Joe Jin 2.5-123.1 - Fix parsing of numeric hosts in gethostbynamer CVE-2015-0235, 1183532...
java-1.6.0-openjdk security update
1:1.6.0.33-1.13.6.1.0.1.el511 - Add oracle-enterprise.patch 1:1.6.0.34-1.13.6.1 - Update to latest 1.13.6 release candidate tarball - Fixes a number of issues found with b34: - OJ51, PR2187: Sync patch for 4873188 with 7 version - OJ52, PR2185: Application of 6786276 introduces compatibility issu...
jasper security update
1.900.1-16.3 - CVE-2014-8157 - dec-numtiles off-by-one check in jpcdecprocesssot 1183671 - CVE-2014-8158 - unrestricted stack memory use in jpcqmfb.c 1183679...
java-1.7.0-openjdk security update
1:1.7.0.75-2.5.4.0.0.1.el511 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Oracle Linux' 1:1.7.0.75-2.5.4.0 - Bump to 2.5.4 using OpenJDK 7u75 b13. - Fix elliptic curve list as part of fsg.sh - Resolves: rhbz1180294...
java-1.8.0-openjdk security update
1:1.8.0.31-1.b13 - Update to January CPU patch update. - Resolves: RHBZ1180299 1:1.8.0.25-4.b17 - updated aarch64 sources - epoch synced to 1 - all ppcs excluded from classes dump1156151 - Resolves: rhbz1173706...
java-1.7.0-openjdk security update
1:1.7.0.75-2.5.4.0.0.1.el66 - Update DISTRONAME in specfile 1:1.7.0.75-2.5.4.0 - Fix abrtfriendlyhslogjdk7.patch to apply again. 1:1.7.0.75-2.5.4.0 - Bump to 2.5.4 using OpenJDK 7u75 b13. - Remove earlier temporary patch for RH1146622 included upstream - Fix elliptic curve list as part of fsg.sh ...
openssl security update
1.0.1e-34.7 - fix CVE-2014-3570 - incorrect computation in BNsqr - fix CVE-2014-3571 - possible crash in dtls1getrecord - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix CVE-2014-8275 - various certificate fingerprint issues - fix CVE-2015-0204 - remove support f...
firefox security and bug fix update
31.4.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 31.4.0-1 - Update to 31.4.0 ESR 31.3.0-9 - Fixed problems with dictionaries mozbz1097550 - Fixed rhbz1164855 - firefox.desktop is missing x-scheme-handler MimeTy...
thunderbird security update
31.4.0-1.0.1.el66 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 31.4.0-1 - Update to 31.4.0 31.3.0-3 - Fixed problems with dictionaries mozbz1097550...
glibc security and bug fix update
2.12-1.149.4 - Fix recursive dlopen 1173469. 2.12-1.149.3 - Fix typo in ressend and resquery rh1172023. 2.12-1.149.2 - Fix crashes on invalid input in IBM gconv modules CVE-2014-6040, 1139571. 2.12-1.149.1 - Fix wordexp to honour WRDENOCMD CVE-2014-7817, 1170121...
libvirt security and bug fix update
1.1.1-29.0.1.el70.4 - Replace docs/et.png in tarball with blank image 1.1.1-29.el70.4 - qemu: blockcopy: Don't remove existing disk mirror info rhbz1149078 - qemu: copy: Accept 'format' parameter when copying to a non-existing img rhbz1149078 - qemu: reject rather than hang on blockcommit of acti...
docker security update
1.3.3-1.0.1 - Rename requirement of docker-io-pkg-devel in %package devel as docker-pkg-devel - Restore SysV init scripts for Oracle Linux 6 - Require Oracle Unbreakable Enterprise Kernel Release 3 or higher - Rename as docker. - Re-enable btrfs graphdriver support 1.3.3-1 - Update source to 1.3....
ntp security update
4.2.6p5-2 - don't generate weak control key for resolver CVE-2014-9293 - don't generate weak MD5 keys in ntp-keygen CVE-2014-9294 - fix buffer overflows via specially-crafted packets CVE-2014-9295 - don't mobilize passive association when authentication fails CVE-2014-9296...
ntp security update
4.2.2p1-18.el5 - don't generate weak control key for resolver CVE-2014-9293 - don't generate weak MD5 keys in ntp-keygen CVE-2014-9294 - fix buffer overflows via specially-crafted packets CVE-2014-9295...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.36.13uek - net: guard tcpsetkeepalive to tcp sockets Eric Dumazet Orabug: 20224099 CVE-2012-6657 - isofs: Fix unbounded recursion when processing relocated directories Jan Kara Orabug: 20224061 CVE-2014-5471 CVE-2014-5472 - x8664, traps: Stop using IST for SS Andy Lutomirski...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-55.1.2.el6uek - isofs: Fix unbounded recursion when processing relocated directories Jan Kara Orabug: 20224059 CVE-2014-5471 CVE-2014-5472 - x8664, traps: Stop using IST for SS Andy Lutomirski Orabug: 20224027 CVE-2014-9090 CVE-2014-9322...
Unbreakable Enterprise kernel security update
2.6.39-400.215.15 - isofs: Fix unbounded recursion when processing relocated directories Jan Kara Orabug: 20224060 CVE-2014-5471 CVE-2014-5472 - x8664, traps: Stop using IST for SS Andy Lutomirski Orabug: 20224028 CVE-2014-9090 CVE-2014-9322...
glibc security and bug fix update
2.17-55.0.4.el70.3 - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. Jose E. Marchesi 2.17-55.3 - Fix wordexp to honour WRDENOCMD CVE-2014-7817, 1170118...
kernel security update
kernel 2.6.18-400.1.1.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...
kernel security update
3.10.0-123.13.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.13.2 - x86 traps: stop using IST for SS Petr Matousek 1172812 1172813 CVE-2014-9322...
kernel security update
kernel 2.6.18-400.1.1 - x86 traps: stop using IST for SS Petr Matousek 1172809 CVE-2014-9322...
jasper security update
1.900.1-16.2 - CVE-2014-8137 - double-free in in jasiccattrvaldestroy 1173566 - CVE-2014-8138 - heap overflow in jp2decode 1173566 1.900.1-16.1 - CVE-2014-9029 - incorrect component number check in COC, RGN and QCC marker segment decoders 1171208 1.900.1-16 - CERT VU887409: heap buffer overflow...
kernel security and bug fix update
2.6.32-504.3.3 - x86 traps: stop using IST for SS Petr Matousek 1172810 1172811 CVE-2014-9322 2.6.32-504.3.2 - md dm-thin: fix pooliohints to avoid looking at maxhwsectors Mike Snitzer 1161420 1161421 1142773 1145230 2.6.32-504.3.1 - s390 zcrypt: toleration of new crypto adapter hardware Hendrik...
mailx security update
12.4-8 - CVE-2004-2771 mailx: command execution flaw resolves: 1171175...
bind security update
32:9.9.4-14.0.1.el70.1 - Rebuild to fix libmysqlclient dependency 32:9.9.4-14.1 - Fix CVE-2014-8500 1171975...
bind97 security update
32:9.7.0-21.P2.1 - Fix CVE-2014-8500 1171972...
Unbreakable Enterprise kernel security update
2.6.39-400.215.14 - HID: magicmouse: sanity check report size in rawevent callback Jiri Kosina Orabug: 19849355 CVE-2014-3181 - ALSA: control: Protect user controls against concurrent access Lars-Peter Clausen Orabug: 20192542 CVE-2014-4652 - target/rd: Refactor rdbuilddevicespace +...
xorg-x11-server security update
1.1.1-48.107.0.1.el511 - Added oracle-enterprise-detect.patch - Replaced 'Red Hat' in spec file 1.1.1-48.107 - CVE-2014-8091 denial of service due to unchecked malloc in client authentication 1168680 - CVE-2014-8092 integer overflow in X11 core protocol requests when calculating memory needs for...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.36.12 - HID: fix a couple of off-by-ones Jiri Kosina Orabug: 19849320 CVE-2014-3184 - ALSA: control: Protect user controls against concurrent access Lars-Peter Clausen Orabug: 20192545 CVE-2014-4652 - udf: Avoid infinite loop when processing indirect ICBs Jan Kara Orabug:...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-55.1.1 - ALSA: control: Protect user controls against concurrent access Lars-Peter Clausen Orabug: 20192540 CVE-2014-4652 - target/rd: Refactor rdbuilddevicespace + rdreleasedevicespace Nicholas Bellinger Orabug: 20192516 CVE-2014-4027 - HID: logitech: perform bounds checking on...
xorg-x11-server security update
1.15.0-7.0.1.el70.3 - Invalid BUGRETURNVAL fix, upstream patch orabug 18896390 1.15.0-7.3 - CVE fixes for: CVE-2014-8099, CVE-2014-8098, CVE-2014-8097, CVE-2014-8096, CVE-2014-8095, CVE-2014-8094, CVE-2014-8093, CVE-2014-8092, CVE-2014-8091, CVE-2014-8101, CVE-2014-8100, CVE-2014-8103, CVE-2014-8...