9185 matches found
Unbreakable Enterprise kernel security update
2.6.39-400.250.6 - x86/asm/entry/64: Remove a bogus 'retfromfork' optimization Andy Lutomirski Orabug: 21308308 CVE-2015-2830 - x86, mm/ASLR: Fix stack randomization on 64-bit systems Hector Marco-Gisbert Orabug: 21307918 CVE-2015-1593 CVE-2015-1593...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.6 - x86/asm/entry/64: Remove a bogus 'retfromfork' optimization Andy Lutomirski Orabug: 21308307 CVE-2015-2830 - x86, mm/ASLR: Fix stack randomization on 64-bit systems Hector Marco-Gisbert Orabug: 21307917 CVE-2015-1593 CVE-2015-1593...
mailman security and bug fix update
3:2.1.15-21 - fix CVE-2015-2775 - directory traversal in MTA transports 3:2.1.15-20 - fix 1107652 - do not install patch backup files in documentation 3:2.1.15-19 - fix 1188043 - set 2775 permission only for /etc/mailman 3:2.1.15-18 - fix 1107652 - add support for DMARC - fix 1180981 - install...
libreswan security, bug fix and enhancement update
3.12-10.1.0.1 - add libreswan-oracle.patch to detect Oracle Linux distro 3.12-10.1 - Resolves: rhbz1226407 CVE-2015-3204 libreswan: crafted IKE packet causes daemon restart 3.12-10 - Resolves: rhbz1213652 Support CAVS updated another prf free symkey, bogus fips mode fix 3.12-9 - Resolves:...
kernel security and bug fix update
3.10.0-229.7.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-229.7.2 - fs pipe: fix pipe corruption and iovec overrun on partial copy Seth Jennings 1202861 1198843 CVE-2015-1805 3.10.0-229.7.1 - scsi storvsc: get rid of overly verbose warning messages Vitaly Kuznetsov 1215770 1206437 - scsi...
php security and bug fix update
5.4.16-36 - fix more functions accept paths with NUL character 1213407 5.4.16-35 - core: fix multipart/form-data request can use excessive amount of CPU usage CVE-2015-4024 - fix various functions accept paths with NUL character CVE-2015-4025, CVE-2015-4026, 1213407 - fileinfo: fix denial of...
cups security update
1:1.4.2-67.1 - CVE-2015-1158, CVE-2015-1159, CVE-2014-9679 bug 1229982...
openssl security update
1.0.1e-42.8 - improved fix for CVE-2015-1791 - add missing parts of CVE-2015-0209 fix for corectness although unexploitable 1.0.1e-42.7 - fix CVE-2014-8176 - invalid free in DTLS buffering code - fix CVE-2015-1789 - out-of-bounds read in X509cmptime - fix CVE-2015-1790 - PKCS7 crash with missing...
wpa_supplicant security and enhancement update
1:2.0-17 - AP WMM: Fix integer underflow in WMM Action frame parser rh 1221178 rh 1222015 1:2.0-16 - P2P: Validate SSID element length before copying it CVE-2015-1863 1:2.0-15 - Add domainmatch config option from upstream rh 1178263 - Include peer certificate in EAP events for use by clients...
qemu-kvm security update
0.12.1.2-2.448.el66.4 - kvm-pcnet-fix-Negative-array-index-read.patch bz1225886 - kvm-pcnet-force-the-buffer-access-to-be-in-bounds-during.patch bz1225886 - Resolves: bz1225886 EMBARGOED CVE-2015-3209 qemu-kvm: qemu: pcnet: multi-tmd buffer overflow in the tx path rhel-6.6.z...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-68.3.2 - x8664, vdso: Fix the vdso address randomization algorithm Andy Lutomirski Orabug: 21226729 CVE-2014-9585 - isofs: Fix infinite looping over CE entries Jan Kara Orabug: 21225975 CVE-2014-9420 - x8664, switchto: Load TLS descriptors before switching DS and ES Andy...
Unbreakable Enterprise kernel security update
2.6.39-400.250.5 - x8664, vdso: Fix the vdso address randomization algorithm Andy Lutomirski Orabug: 21226730 CVE-2014-9585 - isofs: Fix infinite looping over CE entries Jan Kara Orabug: 21225976 CVE-2014-9420 - x8664, switchto: Load TLS descriptors before switching DS and ES Andy Lutomirski...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.5 - x8664, vdso: Fix the vdso address randomization algorithm Andy Lutomirski Orabug: 21226731 CVE-2014-9585 - isofs: Fix infinite looping over CE entries Jan Kara Orabug: 21225977 CVE-2014-9420 - x8664, switchto: Load TLS descriptors before switching DS and ES Andy...
abrt security update
abrt 2.1.11-22.0.1 - Drop libreport-rhel and libreport-plugin-rhtsupport requires 2.1.11-22 - do not open the buildids file as the user abrt - do not unlink failed and big user core files - Related: 1212819, 1216973 2.1.11-21 - validate all D-Bus method arguments - Related: 1214610 2.1.11-20 -...
kernel security, bug fix, and enhancement update
2.6.32-504.23.4 - crypto drbg: fix maximum value checks on 32 bit systems Herbert Xu 1225950 1219907 - crypto drbg: remove configuration of fixed values Herbert Xu 1225950 1219907 2.6.32-504.23.3 - netdrv bonding: fix locking in enslave failure path Nikolay Aleksandrov 1222483 1221856 - netdrv...
openssl security update
1.0.1e-30.9 - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits limit will be increased in future...
kernel security and bug fix update
kernel 2.6.18-406.0.0.0.1 - netfront fix ring buffer index go back led vif stop orabug 18272251 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add...
kernel security and bug fix update
kernel 2.6.18-406 - fs pipe: fix pipe corruption and iovec overrun on partial copy Mateusz Guzik 1203787 CVE-2015-1805 2.6.18-405 - net tcp: zero retransstamp if all retrans were acked Marcelo Leitner 1205521 - net tcp: fix retransstamp advancing in error cases Marcelo Leitner 1205521 - net tcp:...
docker security update
1.6.1-1.0.1 - Update source to 1.6.1 from https://github.com/docker/docker/releases/tag/v1.6.1 Symlink traversal on container respawn allows local privilege escalation CVE-2015-3629 Insecure opening of file-descriptor 1 leading to privilege escalation CVE-2015-3627 Read/write proc paths allow hos...
thunderbird security update
31.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 31.7.0-1 - Update to 31.7.0...
qemu-kvm security update
0.12.1.2-2.448.el66.3 - kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch bz1219267 - Resolves: bz1219267 EMBARGOED CVE-2015-3456 qemu-kvm: qemu: floppy disk controller flaw rhel-6.6.z...
kvm security update
kvm-83-272.0.1.el5 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83.272.el5 - kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch bz1219266 - Resolves: bz1219266 kvm: qemu: floppy disk controller flaw rhel-5.11.z...
Unbreakable Enterprise kernel security and bugfix update
2.6.39-400.250.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077389 CVE-2015-3331 2.6.39-400.250.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807440 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...
xen security update
3.0.3-146.el5 - xen-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch - xen-FDC-Fix-buffer-overflow-Herv-Poussineau.patch - Resolves: bz1219333 xen: qemu: floppy disk controller flaw rhel-5.11.z 3.0.3-144.el5 - xm: Fix vcpu-pin complain for CPU number out of range rhbz 955656 - libxc:...
Unbreakable Enterprise kernel security and bugfix update
kernel-uek 3.8.13-68.2.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077385 CVE-2015-3331 3.8.13-68.2.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807438 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...
qemu-kvm security update
1.5.3-86.el71.2 - kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch bz1219269 - Resolves: bz1219269 EMBARGOED CVE-2015-3456 qemu-kvm: qemu: floppy disk controller flaw rhel-7.1.z...
firefox security update
38.0-3.0.1.el71 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 38.0-3 - Enabled system nss - Removed unused patches 38.0-2 - Update to 38.0 ESR 38.0b8-0.11 - Update to 38.0 Beta 8 38.0b6-0.10 - Added patch for mozbz1152515 38.0b6-0.9 - Update to 38.0 Beta 6...
tomcat6 security and bug fix update
0:6.0.24-83 - Related: rhbz1207048 tomcat initscript didn't assign - RETVAL after killing tomcat process 0:6.0.24-82 - Resolves: rhbz1207048 Tomcat init script needs to be adjusted - to kill tomcat if stop is unsuccessful 0:6.0.24-81 - Resolves: CVE-2014-0227 Limited DoS in chunked transfer...
kexec-tools security, bug fix, and enhancement update
2.0.7-19.0.1.el71.2 - kdumpctl: exclude defaulthugepagesz setting from kdump kernel cmdline Sriharsha Yadagudde Orabug: 19134999 - kdumpctl: verify if kernel support securelevel interface Sriharsha Yadagudde Orabug: 18905671 2.0.7-19.2 - dracut-module-setup: Enhance kdump to support the bind...
tomcat security update
0:7.0.54-2 - Resovles: CVE-2014-0227...
kernel security and bug fix update
3.10.0-229.4.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-229.4.2 - x86 crypto: aesni - fix memory usage in GCM decryption Kurt Stutsman 1213331 1212178 CVE-2015-3331 3.10.0-229.4.1 - crypto x86: sha256ssse3 - also test for BMI2 Herbert Xu 1211484 1201563 - crypto testmgr: fix RNG return...
389-ds-base security update
1.3.3.1-16 - release 1.3.3.1-16 - Resolves: bug 1212894 - CVE-2015-1854 389ds-base: access control bypass with modrdn...
Unbreakable Enterprise kernel security update
2.6.39-400.249.4 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930552 CVE-2014-9584 - selinux: Permit bounded transitions under NONEWPRIVS or NOSUID. Stephen Smalley Orabug: 20930502 CVE-2014-3215 - Add PRGET,SETNONEWPRIVS to prevent execve from granting privs Andy Lutomirski...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.4 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930553 CVE-2014-9584 - selinux: Permit bounded transitions under NONEWPRIVS or NOSUID. Stephen Smalley Orabug: 20930502 CVE-2014-3215 - Add PRGET,SETNONEWPRIVS to prevent execve from granting privs Andy...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-68.1.3 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930551 CVE-2014-9584 - KEYS: close race between key lookup and freeing Sasha Levin Orabug: 20930548 CVE-2014-9529 CVE-2014-9529 - mm: memcg: do not allow task about to OOM kill to bypass the limit Johannes...
kvm security update
kvm-83-270.0.1.el511 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83-270.el5 - KVM: x86: Check non canonical addresses upon WRMSR - Resolves: bz1152982 CVE-2014-3610 kernel: kvm: noncanonical MSR writes rhel-5.11.z kvm-83-269.el5 - KVM:...
kernel security and bug fix update
2.6.32-504.16.2 - infiniband core: Prevent integer overflow in ibumemget address arithmetic Doug Ledford 1181173 1179327 CVE-2014-8159 2.6.32-504.16.1 - fs gfs2: Move gfs2filesplicewrite outside of ifdef Robert S Peterson 1198329 1193559 - security keys: close race between key lookup and freeing...
qemu-kvm security and bug fix update
0.12.1.2-2.448.el66.2 - kvm-cirrus-fix-blit-region-check.patch bz1170571 - kvm-cirrus-don-t-overflow-CirrusVGAState-cirrusbltbuf.patch bz1170571 - Resolves: bz1170571 CVE-2014-8106 qemu-kvm: qemu: cirrus: insufficient blit region checks rhel-6.6.z 0.12.1.2-2.448.el66.1 -...
glibc security and bug fix update
2.12-1.149.7 - Fix invalid file descriptor reuse while sending DNS query 1207995, CVE-2013-7423. - Fix buffer overflow in gethostbynamer with misaligned buffer 1209375, CVE-2015-1781. 2.12-1.149.6 - Enhance nscd to detect any configuration file changes 1194149...
java-1.7.0-openjdk security update
1:1.7.0.75-2.5.5.1.0.1.el71 - Update DISTRONAME in specfile 1:1.7.0.75-2.5.5.1 - repacked sources - Resolves: rhbz1209072 1:1.7.0.75-2.5.5.0 - Bump to 2.5.5 using OpenJDK 7u79 b14. - Update OpenJDK tarball creation comments - Remove test case for RH1191652 now fix has been verified. - Drop AArch6...
java-1.6.0-openjdk security update
1:1.6.0.35-1.13.7.1 - Repackaged source files - Resolves: rhbz1209067 1:1.6.0.35-1.13.7.0 - Update to IcedTea 1.13.7 - Regenerate add-final-location-rpaths patch so as to be less disruptive. - Resolves: rhbz1209067...
java-1.8.0-openjdk security update
1:1.8.0.45-30.b13 - repacked sources - Resolves: RHBZ1209076 1:1.8.0.45-7.b13 - Re-add %name prefix to patches to avoid conflicts with OpenJDK 7 versions. - Remove ppc64le test case now fix has been verified. - Resolves: rhbz1194378 1:1.8.0.45-27.b13 - updated to security u45 - minor sync with 7....
java-1.7.0-openjdk security update
1:1.7.0.75-2.5.5.1.0.1.el511 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Oracle Linux' 1:1.7.0.75-2.5.5.1 - Repacked sources - Resolves: rhbz1209069 1:1.7.0.79-2.5.5.0 - Bump to 2.5.5 using OpenJDK 7u79 b14. - Resolves: rhbz1209069...
openssl security update
0.9.8e-33 - fix CVE-2014-8275 without introduction of CVE-2015-0286 - various certificate fingerprint issues - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export ciphersuites and on server - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix...
xorg-x11-server security update
1.15.0-26 - CVE fixes for: CVE-2015-0255...
krb5 security update
1.10.3-37 - fix for CVE-2014-5355 1193939 'krb5: unauthenticated denial of service in recvauthcommon and others' 1.10.3-36 - fix for CVE-2014-5353 1174543 'Fix LDAP misused policy name crash' 1.10.3-35 - Changelog fixes to make errata subsystem happy. 1.10.3-34 - fix for CVE-2014-5352 1179856...
kernel security and bug fix update
kernel 2.6.18-404.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...
kernel security and bug fix update
kernel 2.6.18-404 - infiniband core: Prevent integer overflow in ibumemget Doug Ledford 1179353 CVE-2014-8159 2.6.18-403 - s390 zcrypt: Toleration of new crypto hardware Hendrik Brueckner 1182522 - fs cifs: Use pid from cifsFileInfo in wrt pages/setfilesize Sachin Prabhu 1169304 - xen x86: confin...
openssl-fips security update
1.0.1m-2.0.1 - update to upstream 1.0.1m - update to fips canister 2.0.9 - regenerated below patches openssl-1.0.1-beta2-rpmbuild.patch openssl-1.0.1m-rhcompat.patch openssl-1.0.1m-ecc-suiteb.patch openssl-1.0.1m-fips-mode.patch openssl-1.0.1m-version.patch openssl-1.0.1m-evp-devel.patch...
firefox security update
31.6.0-2.0.1.el511 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 31.6.0-1 - Update to 31.6.0 ESR Build 2 31.6.0-1 - Update to 31.6.0 ESR...