8998 matches found
squid security update
7:3.1.10-22 - Resolves: 1134936 - CVE-2013-4115 buffer overflow when processing overly long DNS names 7:3.1.10-21 - Resolves: 1134936 - CVE-2014-3609 assertion failure in header processing...
glibc security update
2.12-1.132.4 - Remove gconv transliteration loadable modules support CVE-2014-5119, - nlfindlocale: Improve handling of crafted locale names CVE-2014-0475,...
mod_wsgi security update
3.4-12 - fix possible privilege escalation in setuid CVE-2014-0240...
Unbreakable Enterprise kernel security and bug fix update
kernel-uek 3.8.13-44 - net: Use netlinknscapable to verify the permisions of netlink messages Eric W. Biederman Orabug: 19404229 CVE-2014-0181 - net: Add variants of capable for use on netlink messages Eric W. Biederman Orabug: 19404229 - net: Add variants of capable for use on on sockets Eric W...
qemu-kvm security and bug fix update
0.12.1.2-2.415.el65.14 - The commit for zrelease .13 was incomplete; the changes to qemu-kvm.spec did not include the '%patchNNNN -p1' lines for patches 4647 through 4655; so although the patch files themselves were committed, the srpm build did not pick them up. In addition, the commit log did n...
nss, nss-util, nss-softokn security, bug fix, and enhancement update
nss 3.16.2-2.0.1.el70 - Added nss-vendor.patch to change vendor 3.16.2-2 - Restore missing options descriptions fix for certutil manpage - Document certutil options --dump-ext-val, --extGeneric, and --extSAN - Related: Bug 1124659 - Rebase RHEL 7 to at least NSS 3.16.1 3.16.2-1 - Rebase to...
openssl security update
0.9.8e-27.4 - fix CVE-2014-0221 - recursion in DTLS code leading to DoS - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3510 - fix DoS in anonymous ECDH...
openssl security update
1.0.1e-34.4 - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing serve...
tomcat6 security update
0:6.0.24-78 - Related: CVE-2013-4590 - remove xml schema names javaee5, - javaeewebservices12, and javaeewebservices12client - from descriptor.DigesterFactory initialization. These - schema definitions are not relevant to 6.0.24 as the version - of their spec did not exist at the time. 0:6.0.24-7...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-35.3.5.el7uek - net: Use netlinknscapable to verify the permisions of netlink messages Eric W. Biederman Orabug: 19404231 CVE-2014-0181 - net: Add variants of capable for use on netlink messages Eric W. Biederman Orabug: 19404231 - net: Add variants of capable for use on on...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.36.7uek - sctp: Fix skackbacklog wrap-around problem Xufeng Zhang Orabug: 19404246 CVE-2014-4667...
unbreakable enterprise kernel security update
2.6.39-400.215.7 - sctp: Fix skackbacklog wrap-around problem Xufeng Zhang Orabug: 19404245 CVE-2014-4667...
389-ds-base security update
1.2.11.15-34 - Release 1.2.11.15-34 - Resolves: 1123861 EMBARGOED CVE-2014-3562 unauthenticated information disclosure rhel-6.5.z DS 616, BZ 1123477...
tomcat security update
0:7.0.42-8 - Resolves: CVE-2013-4590 - Resolves: CVE-2014-0119 0:7.0.42-7 - Related: CVE-2014-0099 incrementing release so rpmdiff doesn't complain about - no new entries in the changelog 0:7.0.42-6 - Resolves: CVE-2014-0099 Fix possible overflow when parsing - long values from byte array -...
kernel security and bug fix update
3.10.0-123.6.3 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.6.3 - net l2tpppp: fail when socket option level is not SOLPPPOL2TP Petr Matousek 1119465 1119466 CVE-2014-4943 3.10.0-123.6.2.el7 - s390 ptrace: correct insufficient sanitization when setting psw mask Hendrik Brueckner 1114090...
php security update
5.4.16-23 - fileinfo: cdfunpacksummaryinfo excessive looping DoS. CVE-2014-0237 - fileinfo: CDF property info parsing nelements infinite loop. CVE-2014-0238 - fileinfo: cdfcheckstreamoffset insufficient boundary check. CVE-2014-3479 - fileinfo: cdfcountchain insufficient boundary check...
php53 and php security update
5.3.3-27.1 - core: type confusion issue in phpinfo. CVE-2014-4721 - date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712 - core: fix heap-based buffer overflow in DNS TXT record parsing. CVE-2014-4049 - core: unserialize SPL ArrayObject / SPLObjectStorage type confusion flaw...
samba4 security update
4.0.0-63.rc4 - resolves: 1126011 - CVE-2014-3560: remote code execution in nmbd. 4.0.0-62.rc4 - resolves: 1105501 - CVE-2014-0244: DoS in nmbd. - resolves: 1108842 - CVE-2014-3493: DoS in smbd with unicode path names. - resolves: 1105571 - CVE-2014-0178: Uninitialized memory exposure...
yum-updatesd security update
1:0.9-6 - updatesd: prevent installing unsigned packages. - Resolves: rhbz1125185...
resteasy-base security update
2.3.5-3 - Resolves: rhbz1121917 - CVE-2014-3490: XXE via parameter entities...
samba security and bug fix update
4.1.1-37 - resolves: 1126013 - CVE-2014-3560: remote code execution in nmbd. 4.1.1-36 - resolves: 1115490 - Fix potential Samba file corruption...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.36.6uek - filter: prevent nla extensions to peek beyond the end of the message Mathias Krause Orabug: 19315783 CVE-2014-3144 CVE-2014-3145 - futex: Forbid uaddr == uaddr2 in futexwaitrequeuepi Darren Hart Orabug: 19315318 CVE-2012-6647 2.6.32-400.36.5uek - ntty: Fix nttywrit...
unbreakable enterprise kernel security update
2.6.39-400.215.6 - filter: prevent nla extensions to peek beyond the end of the message Mathias Krause Orabug: 19315782 CVE-2014-3144 CVE-2014-3145 2.6.39-400.215.5 - ntty: Fix nttywrite crash when echoing in raw mode Peter Hurley Orabug: 18756449 CVE-2014-0196 CVE-2014-0196...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-35.3.3.el7uek - filter: prevent nla extensions to peek beyond the end of the message Mathias Krause Orabug: 19315781 CVE-2014-3144 CVE-2014-3145 - mac80211: fix AP powersave TX vs. wakeup race Emmanuel Grumbach Orabug: 19316457 CVE-2014-2706...
kernel security, bug fix, and enhancement update
2.6.32-431.23.3 - netdrv pppol2tp: fail when socket option level is not SOLPPPOL2TP 1119461 1119462 CVE-2014-4943 2.6.32-431.23.2 - kernel utrace: force IRET path after utracefinishvfork Oleg Nesterov 1115932 1115933 CVE-2014-4699 2.6.32-431.23.1 - net iptunnel: fix iptunnelfind to return NULL in...
kernel security and bug fix update
kernel 2.6.18-371.11.1.0.1 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe...
kernel security and bug fix update
kernel 2.6.18-371.11.1 - fs dcache: fix cleanup on warning in dsplicealias Denys Vlasenko 1109720 1080606 - net neigh: Make neighaddtimer symmetrical to neighdeltimer Marcelo Ricardo Leitner 1111195 1109888 - net neigh: set NUDINCOMPLETE when probing router reachability Marcelo Ricardo Leitner...
httpd security update
2.2.15-31.0.1.el65 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-31 - modcgid: add security fix for CVE-2014-0231 - moddeflate: add security fix for CVE-2014-0118 - modstatus: add security fix for CVE-2014-0226...
openssl098e security update
0.9.8e-29.2 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability...
kernel security update
3.10.0-123.4.4 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.4.4 - net l2tpppp: fail when socket option level is not SOLPPPOL2TP Petr Matousek 1119465 1119466 CVE-2014-4943 3.10.0-123.4.3 - x86 ptrace: force IRET path after a ptracestop Oleg Nesterov 1115934 1115935 CVE-2014-4699...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-35.3.2.el7uek - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229497 CVE-2014-4943 CVE-2014-4943 - ptrace,x86: force IRET path after a ptracestop Tejun Heo Orabug: 19230689 CVE-2014-4699 - net: flowdissector: fail on evil iph-ihl Jason Wang...
tomcat security update
0:7.0.42-6 - Resolves: CVE-2014-0099 Fix possible overflow when parsing - long values from byte array - Resolves: CVE-2014-0096 Information discloser process XSLT - files not subject to same constraint running under - java security manager - Resolves: CVE-2014-0075 Avoid overflow in...
json-c security update
0.11-4 - fix has collision CVE-2013-6371 - fix buffer overflow CVE-2013-6370 - enable upstream test suite...
openssl security update
1.0.1e-34.3 - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability...
qemu-kvm security and bug fix update
1.5.3-60.el70.2 - kvm-pc-add-hotaddcpu-callback-to-all-machine-types.patch bz1094820 - Resolves: bz1094820 Hot plug CPU not working with RHEL6 machine types running on RHEL7 host. 1.5.3-60.el70.1 - kvm-iscsi-fix-indentation.patch bz1090978 - kvm-iscsi-correctly-propagate-errors-in-iscsiopen.patch...
mariadb security update
1:5.5.37-1 - Rebase to 5.5.37 https://kb.askmonty.org/en/mariadb-5537-changelog/ Also fixes: CVE-2014-2440 CVE-2014-0384 CVE-2014-2432 CVE-2014-2431 CVE-2014-2430 CVE-2014-2436 CVE-2014-2438 CVE-2014-2419 Resolves: 1101062...
samba security update
4.1.1-35 - resolves: 1105504 - CVE-2014-0244: DoS in nmbd. - resolves: 1108844 - CVE-2014-3493: DoS in smbd with unicode path names. - resolves: 1105573 - CVE-2014-0178: Uninitialized memory exposure. 4.1.1-33 - related: 717484 - Add missing configure line to enable profiling data support. 4.1.1-...
libtasn1 security update
3.3-5 - Added missing check for null pointer 1102338 3.3-4 - Fix multiple decoding issues 1102338...
qemu-kvm security and bug fix update
1.5.3-60.el70.5 - kvm-Allow-mismatched-virtio-config-len.patch bz1095782 - Resolves: bz1095782 CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid configlen rhel-7.0.z 1.5.3-60.el70.4 - kvm-zero-initialize-KVMSETGSIROUTING-input.patch bz1110693 -...
libvirt security and bug fix update
1.1.1-29.0.1.el70.1 - Replace docs/et.png in tarball with blank image 1.1.1-29.el70.1 - LSN-2014-0003: Don't expand entities when parsing XML CVE-2014-0179 - virNetClientSetTLSSession: Restore original signal mask rhbz1112689 - Don't use AIADDRCONFIG when binding to wildcard addresses rhbz1112692...
httpd security update
2.4.6-18.0.1.el70 - replace index.html with Oracle's index page oracleindex.html 2.4.6-18 - modcgid: add security fix for CVE-2014-0231 1120607 - modproxy: add security fix for CVE-2014-0117 1120607 - moddeflate: add security fix for CVE-2014-0118 1120607 - modstatus: add security fix for...
gnutls security update
3.1.18-9 - fix session ID length check 1102027 - fixes null pointer dereference 1101727...
kernel security update
2.6.32-431.20.5 - netdrv pppol2tp: fail when socket option level is not SOLPPPOL2TP 1119461 1119462 CVE-2014-4943 2.6.32-431.20.4 - kernel utrace: force IRET path after utracefinishvfork Oleg Nesterov 1115932 1115933 CVE-2014-4699...
kernel security, bug fix, and enhancement update
3.10.0-123.4.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.4.2 - fs aio: fix plug memory disclosure and fix reqsactive accounting backport Jeff Moyer 1094604 1094605 CVE-2014-0206 - fs aio: plug memory disclosure and fix reqsactive accounting Mateusz Guzik 1094604 1094605 CVE-2014-0206...
thunderbird security update
24.7.0-1.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.7.0-1 - Update to 24.7.0...
nss and nspr security update
nspr 4.10.2-4 - Rebase to nspr-4.10.6 - Resolves: Bug 1116199 4.10.2-3 - Retagging - Resolves: rhbz1032466 nss 3.15.3-7 - Remove an unused patch - Related: Bug 1116199 3.15.3-6 - Fix race-condition in certificate validation - Resolves: Bug 1116199 3.15.3-5 - Remove two unused patches - Resolves:...
nss and nspr security, bug fix, and enhancement update
nspr 4.10.6-1 - Rebase to nspr-4.10.6 - Resolves: rhbz1112135 nss 3.16.1-4.0.1.el65 - Added nss-vendor.patch to change vendor 3.16.1-4 - Update some patches on account of the rebase - Resolves: Bug 1099619 3.16.1-3 - Backport nss-3.12.6 upstream fix required by Firefox 31 - Resolves: Bug 1099619...
firefox security update
24.7.0-1.0.1.el65 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 24.7.0-1 - Update to 24.7.0 ESR...
java-1.6.0-openjdk security and bug fix update
1:1.6.0.1-6.1.13.4 - moved to icedteaver 1.13.4 - moved to openjdkver b32 and openjdkdate 15jul2014 - added upstreamed patch patch9 rh1115580-unsyncHashMap.patch - Resolves: rhbz1115580 - Resolves: rhbz1115867...
java-1.7.0-openjdk security update
1.7.0.55-2.4.7.2.0.1.el70 - Update DISTRONAME in specfile 1.7.0.55-2.4.7.2 - Remove NSS patches. Issues with PKCS11 provider mean it shouldn't be enabled. - Always setup nss.cfg and depend on nss-devel at build-time to do so. - This allows users who wish to use PKCS11+NSS to just add it to...