8998 matches found
thunderbird security update
31.2.0-3.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 31.2.0-3 - Enabled jemalloc on ppc64 and s390x 31.2.0-2 - Update to 31.2.0 31.1.1-2 - Sync preferences with Firefox 31.1.1-1 - Update to 31.1.1 31.1.0-1 - Update to 31.1.0 31.0-1 - Rebase to ...
openssl security update
0.9.8e-31 - add support for fallback SCSV to partially mitigate CVE-2014-3566 padding attack on SSL3 0.9.8e-30 - fix CVE-2014-0221 - recursion in DTLS code leading to DoS - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix...
openssl security update
1.0.1e-30.2 - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 padding attack on SSL3 1.0.1e-30 - add ECC TLS extensions to DTLS 1119800 1.0.1e-29 - fix CVE-2014-3505...
libxml2 security update
2.9.1-5.0.1.el70.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-5.1 - CVE-2014-3660 denial of service via recursive entity expansion rhbz1149087...
file security and bug fix update
5.04-21 - fix typographical error in changelog 5.04-20 - fix 1037279 - better patch for the bug from previous release 5.04-19 - fix 1037279 - display 'from' field on 32bit ppc core 5.04-18 - fix 664513 - trim white-spaces during ISO9660 detection 5.04-17 - fix CVE-2014-3479 cdfcheckstreamoffset...
glibc security, bug fix, and enhancement update
2.12-1.149 - Remove gconv transliteration loadable modules support CVE-2014-5119, - nlfindlocale: Improve handling of crafted locale names CVE-2014-0475, 2.12-1.148 - Switch gettimeofday from INTUSE to libchiddenproto 1099025. 2.12-1.147 - Fix stack overflow due to large AFINET6 requests...
krb5 security and bug fix update
1.10.3-33 - actually apply that last patch 1.10.3-32 - incorporate fix for MITKRB5-SA-2014-001 CVE-2014-4345, 1128157 1.10.3-31 - ksu: when evaluating .k5users, don't throw away data from .k5users when we're not passed a command to run, which implicitly means we're attempting to run the target...
firefox security update
firefox 31.2.0-3.0.1.el70 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 31.2.0-3 - Update to 31.2.0 ESR - Fix for mozbz1042889 31.1.0-7 - Enable WebM on all arches xulrunner 31.2.0-1.0.1 - Replaced xulrunner-redhat-default-prefs.js with...
java-1.7.0-openjdk security and bug fix update
1:1.7.0.71-2.5.3.1.0.1.el511 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1:1.7.0.71-2.5.3.1 - Bump to 2.5.3 with security updates. - Remove obsolete patches which are now included upstream. - Disable LCMS via environment variables rather than maintaining a patch. -...
openssh security, bug fix, and enhancement update
5.3p1-104 - ignore SIGXFSZ in postauth monitor child 1133906 5.3p1-103 - don't try to generate DSA keys in the init script in FIPS mode 1118735 5.3p1-102 - ignore SIGPIPE in ssh-keyscan 1108836 5.3p1-101 - ssh-add: fix fatal exit when removing card 1042519 5.3p1-100 - fix race in backported...
trousers security, bug fix, and enhancement update
0.3.13-2 - Fix strict alias warning 0.3.13-1 - New upstream bug fix release resolves: 633584 - Pick up latest TrouSerS package resolves: 1074634 - Buffer overflow detected in TrouSerS daemon...
java-1.7.0-openjdk security and bug fix update
1:1.7.0.65-2.5.3.1.0.1.el70 - Update DISTRONAME in specfile 1:1.7.0.65-2.5.3.1 - Bump to 2.5.3 for latest security fixes. - Remove obsolete patches. - Add hsbootstrap option to pre-build HotSpot when required. - Resolves: rhbz1148893...
cups security and bug fix update
1:1.4.2-67 - Revert change to whitelist /rss/ resources, as this was not used upstream. 1:1.4.2-66 - More STR 4461 fixes from upstream: make rss feeds world-readable, but cachedir private. - Fix icon display in web interface during server restart STR 4475. 1:1.4.2-65 - Fixes for upstream patch fo...
java-1.6.0-openjdk security and bug fix update
1:1.6.0.33-1.13.5.0 - Update to IcedTea 1.13.5 - Remove upstreamed patches. - Regenerate add-final-location-rpaths patch against new release. - Change versioning to match java-1.7.0-openjdk so revisions work. - Use xz for tarballs to reduce file size. - No need to explicitly disable system LCMS a...
rsyslog security update
7.4.7-7.0.1 - use setsid to get a controlling session and process group Orabug: 17346261 Todd Vierling 7.4.7-7 - fix CVE-2014-3634 resolves: 1149152...
polkit-qt security update
0.103.0-10 - Resolves: 1147368 CVE-2014-5033...
libvirt security and bug fix update
1.1.1-29.0.1.el70.3 - Replace docs/et.png in tarball with blank image 1.1.1-29.el70.3 - domainconf: fix domain deadlock CVE-2014-3657 1.1.1-29.el70.2 - qemu: split out cpuset.mems setting rhbz1135871 - qemu: leave restricting cpuset.mems after initialization rhbz1135871 - qemu: blkiotune: Use...
php53 and php security update
5.3.3-27.2 - spl: fix use-after-free in ArrayIterator due to object change during sorting. CVE-2014-4698 - spl: fix use-after-free in SPL Iterators. CVE-2014-4670 - gd: fix NULL pointer dereference in gdImageCreateFromXpm. CVE-2014-2497 - fileinfo: fix incomplete fix for CVE-2012-1571 in...
php security update
5.4.16-23.1 - gd: fix NULL pointer dereference in gdImageCreateFromXpm. CVE-2014-2497 - gd: fix NUL byte injection in file names. CVE-2014-5120 - fileinfo: fix extensive backtracking in regular expression incomplete fix for CVE-2013-7345. CVE-2014-3538 - fileinfo: fix mconvert incorrect handling ...
xerces-j2 security update
2.11.0-17 - Fix XML parsing bug JAXP, 8017298 - Resolves: CVE-2013-4002...
nss security update
nss 3.16.2-7.0.1.el70 - Added nss-vendor.patch to change vendor 3.16.2-7 - Resolves: Bug 1145433 - CVE-2014-1568 3.16.2-6 - Rolling back to commit e5fb6e476c179665976e906604496cbbb24f22a7 - Related: Bug 1145433 nss-softokn 3.16.2-3 - Resolves: Bug 1145433 - CVE-2014-1568 nss-util 3.16.2-2 -...
bash security update
3.0-27.0.3 - Rework env function definition for safety Florian Weimer CVE-2014-7169...
bash security update
4.2.45-5.4 - CVE-2014-7169 Resolves: 1146324 4.2.45-5.3 - amend patch to match upstream's Related: 1146324 4.2.45-5.2 - Fix-up the patch Related: 1141647...
bash security update
3.0-27.0.2 - Preliminary fix for CVE-2014-7169...
bash security update
4.2.45-5.2.0.1 - Preliminary fix for CVE-2014-7169...
bash security update
4.1.2-15.1.0.1 - Preliminary fix for CVE-2014-7169...
bash security update
3.2-33.1.0.1 - Preliminary fix for CVE-2014-7169...
haproxy security update
1.5.2-3 - Fix remote client denial of service vulnerability 1138191...
bash security update
3.0-27.0.1 - Check for fishy environment Ondrej Oprala Resolves: 1141644...
bash security update
4.1.2-15.1 - Check for fishy environment Resolves: 1141645...
kernel security and bug fix update
3.10.0-123.8.1 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.8.1 - scsi fnic: fix broken FIP discovery by initializing multicast address Chris Leech 1119727 1100078 - scsi libfcoe: Make fcoesysfs optional / fix fnic NULL exception Chris Leech 1119727 1100078 - fs nfs: Don't mark the data...
krb5 security and bug fix update
1.6.1-78.el5 - gssapi: pull in upstream fix for a possible NULL dereference in spnego CVE-2014-4344, 1121509 1.6.1-77.el5 - fix what appears to be a cosmetic error in the patch for self-tests for CVE-2014-4341 1.6.1-76.el5 - run the backported self-tests, such as they are, for CVE-2014-4341...
automake security update
1.9.6-3 - fix for CVE-2012-3386 -- 'make distcheck' was making the directory distdir world-writeable 848470...
conga security and bug fix update
0.12.2-81.0.2.el5 - Replaced redhat logo image in Data.fs 0.12.2-81.0.1.el5 - Added conga-enterprise-Carthage.patch to support OEL5 - Replaced redhat logo image in conga-0.12.2.tar.gz 0.12.2-81 - luci: prevent non-admin user from unauthorized executive access Resolves: rhbz1089310 0.12.2-79 - luc...
bind97 security and bug fix update
32:9.7.0-21.P2 - Fix CVE-2014-0591 32:9.7.0-20.P2 - Fix init script to not unmount filesystem when ROOTDIR is empty 1059118 32:9.7.0-19.P2 - fix for CVE-2013-4854 32:9.7.0-18.P2 - fix CVE-2013-2266...
krb5 security update
1.6.1-80.el5 - rebuild 1.6.1-79.el5 - incorporate fix for MITKRB5-SA-2014-001 CVE-2014-4345, 1132785...
nss and nspr security, bug fix, and enhancement update
3.16.1-2 - Backport nss-3.12.6 upstream fix required by Firefox 31 ESR - Resolves: Bug 1110860 3.16.1-1 - Rebase to nss-3.16.1 for FF31 - Resolves: Bug 1110860 - Rebase nss in RHEL 5.11 to NSS 3.16.1, required for FF 31...
axis security update
0:1.2.1-7.5 - Fix MITM security vulnerability - Use GCJ friendly patch - Resolves: CVE-2014-3596 0:1.2.1-7.4 - Fix MITM security vulnerability - Resolves: CVE-2014-3596...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.36.8uek - auditsc: auditkrule mask accesses need bounds checking Andy Lutomirski Orabug: 19590638 CVE-2014-3917 - futex: Fix errors in nested key ref-counting Darren Hart Orabug: 19590443 CVE-2014-0205...
Unbreakable Enterprise kernel security update
3.8.13-44.1.1 - auditsc: auditkrule mask accesses need bounds checking Andy Lutomirski Orabug: 19590596 CVE-2014-3917...
procmail security update
3.22-34.1 - Fixed buffer overflow in formail Resolves: CVE-2014-3618...
unbreakable enterprise kernel security bug fix update
2.6.39-400.215.10 - auditsc: auditkrule mask accesses need bounds checking Andy Lutomirski Orabug: 19590597 CVE-2014-3917 2.6.39-400.215.9 - oracleasm: Add support for new error return codes from block/SCSI Martin K. Petersen Orabug: 18438934 2.6.39-400.215.8 - ibipoib: CSUM support in connected...
kernel security and bug fix update
2.6.32-431.29.2 - kernel futex: Fix errors in nested key ref-counting Denys Vlasenko 1094457 1094458 CVE-2014-0205 - net vxlan: fix NULL pointer dereference Jiri Benc 1114549 1096351 CVE-2014-3535 2.6.32-431.29.1 - mm hugetlb: ensure hugepage access is denied if hugepages are not supported Gustav...
jakarta-commons-httpclient security update
1:3.1-16 - Fix MITM security vulnerability - Resolves: CVE-2014-3577...
kernel security and bug fix update
kernel 2.6.18-371.12.1 - audit auditsc: auditkrule mask accesses need bounds checking Denys Vlasenko 1102702 1102703 CVE-2014-3917 - mm writeback: Fix hang when low on memory due to NFS traffic Larry Woodman 1125246 1080194 - net tg3: Fix Read DMA workaround for 5719 A0 Ivan Vecera 1121017 924590...
kernel security and bug fix update
kernel 2.6.18-371.12.1.0.1 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe...
firefox security update
firefox 24.8.0-1.0.1.el70 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 24.8.0-1 - Update to 24.8.0 ESR xulrunner 24.8.0-1.0.1.el70 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNERVERSION from SOURCE21 24.8.0-...
squid security update
7:3.3.8-12 - Resolves: 1134933 - CVE-2014-3609 assertion failure in header processing...
thunderbird security update
24.8.0-1.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.8.0-1 - Update to 24.8.0...
httpcomponents-client security update
4.2.5-5 - Fix MITM security vulnerability - Resolves: CVE-2014-3577...