8998 matches found
Unbreakable Enterprise kernel security update
2.6.39-400.214.5 - net: ipv4: current groupinfo should be put after using. Wang, Xiaoming Orabug: 18603524 CVE-2014-2851...
Unbreakable Enterprise kernel security update
3.8.13-26.2.3.el6uek - net: ipv4: current groupinfo should be put after using. Wang, Xiaoming Orabug: 18603523 CVE-2014-2851...
java-1.6.0-openjdk security and bug fix update
1:1.6.0.1-5.1.13.3 - updated to icedtea 1.13.3 - updated to openjdk-6-src-b31-15apr2014 - renmoved upstreamed patch7, 1.13fixes.patch - Resolves: rhbz1085009...
java-1.7.0-openjdk security update
1.7.0.51-2.4.7.1.0.1.el65 - Update DISTRONAME in specfile 1.7.0.51-2.4.7.1.el6 - regenerated sources to fix TCK failure - Resolves: rhbz1085002 1.7.0.51-2.4.7.0.el6 - bumped to future icedtea-forest 2.4.7 - updatever set to 55, buildver se to 13, release reset to 0 - removed upstreamed patch402...
java-1.7.0-openjdk security update
1.7.0.55-2.4.7.1.0.1.el510 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.55-2.4.7.1.el5 - regenerated sources to fix TCK failure - Resolves: rhbz1085000 1.7.0.55-2.4.7.0.el5 - bumped to future icedtea-forest 2.4.7 - updatever set to 55, buildver se to 13, release rese...
samba4 security update
4.0.0-61.rc4 - resolves: 1073913 - Fix CVE-2012-6150. - resolves: 1073913 - Fix CVE-2013-4496. - resolves: 1073913 - Fix CVE-2013-6442...
openssl security update
1.0.1e-16.7 - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension...
httpd security update
2.2.15-30.0.1.el65 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-30 - moddav: add security fix for CVE-2013-6438 1078174 - modlogconfig: add security fix for CVE-2014-0098 1078174...
httpd security update
2.2.3-85.0.1.el510 - fix modssl always performing full renegotiation Joe Jin orabug 12423387 - replace index.html with Oracle's index page oracleindex.html - update vstring and distro in specfile 2.2.3-85 - modlogconfig: add security fix for CVE-2014-0098 1078176 2.2.3-84 - moddav: add security f...
xalan-j2 security update
0:2.7.0-9.9 - Add patch to fix remote code execution vulnerability - Resolves: CVE-2014-0107...
wireshark security update
1.0.15-6.0.1.el5 - Added oracle-ocfs2-network.patch - increase max packet size to 65536 Herbert van den Bergh orabug 13542633 1.0.15-6 - security patches - Resolves: CVE-2012-6056 CVE-2012-6060 CVE-2012-6061 CVE-2012-6062 CVE-2013-3557 CVE-2013-3559 CVE-2013-4081 CVE-2013-4083 CVE-2013-4927...
wireshark security update
1.8.10-7.0.1.el6 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.8.10-7 - security patches - Resolves: CVE-2013-6337 1.8.10-6 - security patches - Resolves: CVE-2014-2281 CVE-2014-2283 CVE-2014-2299 1.8.10-5 - security patches - Resolves: CVE-2013-6336 CVE-2013-6338...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.34.4uek - netfilter: nfconntrackdccp: fix skbheaderpointer API usages Daniel Borkmann Orabug: 18462076 CVE-2014-2523 - net: sctp: fix sctpsfdo51Dce to verify if we/peer is AUTH capable Daniel Borkmann Orabug: 18461091 CVE-2014-0101...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-26.2.2.el6uek - netfilter: nfconntrackdccp: fix skbheaderpointer API usages Daniel Borkmann Orabug: 18421673 CVE-2014-2523 - cifs: ensure that uncached writes handle unmapped areas correctly Jeff Layton Orabug: 18461067 CVE-2014-0069 CVE-2014-0069 - net: sctp: fix sctpsfdo51Dce ...
unbreakable enterprise kernel security update
2.6.39-400.214.4 - netfilter: nfconntrackdccp: fix skbheaderpointer API usages Daniel Borkmann Orabug: 18462070 CVE-2014-2523 - net: sctp: fix sctpsfdo51Dce to verify if we/peer is AUTH capable Daniel Borkmann Orabug: 18461090 CVE-2014-0101 - vhost-net: insufficient handling of error conditions i...
kernel security and bug fix update
2.6.32-431.11.2 - net sctp: fix sctpsfdo51Dce to verify if peer is AUTH capable Daniel Borkmann 1070715 1067451 CVE-2014-0101 - vhost validate vhostgetvqdesc return value Michael S. Tsirkin 1062579 1058677 CVE-2014-0055 2.6.32-431.11.1 - net netpoll: take rcureadlockbh in netpollsendskbondev...
samba and samba3x security update
3.6.9-168 - resolves: 1073905 - Fix CVE-2012-6150. - resolves: 1073905 - Fix CVE-2013-4496...
net-snmp security and bug fix update
1:5.5-49.0.1.el65.1 - snmptrapd: Fix crash due to access of freed memory John Haxby orabug 14404682 1:5.5-49.1 - added 'diskio' option to snmpd.conf, it's possible to monitor only selected devices in diskIOTable 990674 - fixed CVE-2014-2284: denial of service flaw in Linux implementation of...
net-snmp security update
5.3.2.2-22.0.2.el510.1 - hrProcessorLoad returns incorrect values for CPUs greater than 100 Jason Luan Orabug 17792842 - snmptrapd: Fix crash due to access of freed memory John Haxby orabug 14391194 - suppress spurious asserts on 32bit Greg Marsden 5.3.2.2-20.1 - Fixed CVE-2012-6151: snmpd crashi...
thunderbird security update
24.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.4.0-1 - Update to 24.4.0...
php security update
5.1.6-44 - add security fixes for CVE-2006-7243, CVE-2009-0689...
firefox security update
24.4.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Build with nspr-devel = 4.10.0 to fix build failure 24.4.0-1 - Update to 24.4.0 ESR 24.3.0-4 - Fixed rhbz1070467 - Enable Add Ons by default in Firefox 24.3.0-3 - Fixed rhbz1054832 - Firefox does not...
mutt security update
5:1.5.20-4.20091214hg736b6a - Resolves: 1075872 CVE-2014-0467, heap-based buffer overflow when parsing certain headers...
samba security update
3.0.33-3.40.el5 - Security Release, fixes CVE-2013-0213 and CVE-2013-4124 - resolves: 1073350...
kernel security, bug fix, and enhancement update
kernel 2.6.18-371.6.1.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
389-ds-base security update
1.2.11.15-32 - Resolves: bug 1074847 - EMBARGOED CVE-2014-0132 389-ds-base: 389-ds: flaw in parsing authzid can lead to privilege escalation rhel-6.5.z Ticket 47739 - directory server is insecurely misinterpreting authzid on a SASL/GSSAPI bind...
udisks security update
1.0.1-7.el65 - Make sure doc subpackage is noarch 1.0.1-6.el65 - Put devel-docs in a separate package related: rhbz1070145 . 1.0.1-5.el65 - Related: rhbz1070145...
kernel security, bug fix, and enhancement update
kernel 2.6.18-371.6.1 - net be2net: don't use skbgetqueuemapping Ivan Vecera 1066302 1063955 - ipc change refcount to atomict Phillip Lougher 1024866 1024868 CVE-2013-4483 - s390 qeth: buffer overflow in snmp ioctl Jacob Tanenbaum 1034402 1034404 CVE-2013-6381 - scsi AACRAID Driver compat IOCTL...
sudo security update
1.7.2p1-29 - added patch for CVE-2014-0106: certain environment variables not sanitized when envreset is disabled Resolves: rhbz1072210...
subversion security update
1.6.11-10 - add security fixes for CVE-2013-1968, CVE-2013-2112, CVE-2014-0032...
postgresql security update
8.1.23-10 - related 1065840: CVE-2014-0062 8.1.23-9 - fix 1065840: CVE-2014-0060, CVE-2014-0061, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065 - better incorporate strlcpy function upstream git diff c92f7e..062421...
gnutls security update
1.4.1-14 - Renamed gnutls-1.4.1-cve-2014-0092-1.patch to cve-2014-5138.patch - Renamed gnutls-1.4.1-cve-2014-0092-2.patch to cve-2014-0092.patch 1.4.1-13 - fix issues of CVE-2014-0092 1069888 1.4.1-12 - fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619 upstream patch 966754 1.4.1-11 - fix...
gnutls security update
2.8.5-13 - fix CVE-2014-0092 1069890 2.8.5-12 - fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619 upstream patch 966754 2.8.5-11 - fix CVE-2013-1619 - fix TLS-CBC timing attack 908238...
libtiff security update
3.8.2-19 - Resolves: 1063460 CVE-2013-1960 CVE-2013-1961 CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 libtiff various flaws...
libtiff security update
3.9.4-10 - Resolves: 1063464. Several CVEs for libtiff...
postgresql84 and postgresql security update
8.4.20-1 - Update to PostgreSQL 8.4.20 1065843 for fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-19.html http://www.postgresql.org/docs/8.4/static/release-8-4-20.html...
openldap security update
2.3.43-27 - fix: CVE-2013-4449 segfault on certain queries with rwm overlay 1064145 2.3.43-26 - fix: do not send IPv6 DNS queries when IPv6 is disabled on the host 812772...
mysql55-mysql security update
5.5.36-2 - Fix CVE-2014-0001 Related: 1055875 5.5.36-1 - Update to MySQL 5.5.36, for various fixes described at http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-36.html Including fixes for CVE-2014-0412, CVE-2014-0437, CVE-2013-5908, CVE-2013-5807, CVE-2014-0420, CVE-2014-0393,...
openswan security update
2.6.32-27.2 - Resolves: rhbz1050337 CVE-2013-6466 refix for delete/notify code 2.6.32-27.1 - Resolves: rhbz1050337 CVE-2013-6466...
Unbreakable Enterprise kernel security update
2.6.32-400.34.3 - inet: fix addrlen/msg-msgnamelen assignment in recverror and rxpmtu functions Hannes Frederic Sowa 18247290 CVE-2013-7263 CVE-2013-7265 2.6.32-400.34.2 - exec/ptrace: fix getdumpable incorrect tests Kees Cook 18239033 CVE-2013-2929 CVE-2013-2929 - inet: prevent leakage of...
Unbreakable Enterprise kernel security update
3.8.13-26.1.1.el6uek - inet: fix addrlen/msg-msgnamelen assignment in recverror and rxpmtu functions Hannes Frederic Sowa 18247287 CVE-2013-7263 CVE-2013-7265 - inet: prevent leakage of uninitialized memory to user in recv syscalls Hannes Frederic Sowa 18238377 CVE-2013-7263 CVE-2013-7265 -...
piranha security update
0.8.4-26.1.0.1 - Replace web/web/RedHat.gif with updated image in tarball 0.8.4-26.1 - Resolves: 1061903 - require authentication for all HTTP methods 0.8.4-26 - Resolves: 886361 - add SIGCHLD handler to pulse for lvs mode...
unbreakable enterprise kernel security update
2.6.39-400.214.3 - inet: fix addrlen/msg-msgnamelen assignment in recverror and rxpmtu functions Hannes Frederic Sowa 18247289 CVE-2013-7263 CVE-2013-7265 2.6.39-400.214.2 - inet: prevent leakage of uninitialized memory to user in recv syscalls Hannes Frederic Sowa 18238382 CVE-2013-7263...
kvm security update
kvm-83-266.0.1.el510.1 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83-26610.1.el5 - KVM: x86: prevent cross page vapicaddr access CVE-2013-6368 bz1032219 - KVM: x86: Fix potential divide by 0 in lapic CVE-2013-6367 bz1032216 - Resolves:...
mysql security and bug fix update
5.1.73-3 - Fixes for CVE-2014-0001 Resolves: 1055880 5.1.73-2 - Make mysqld init script more robust and ignore existing but non-being-used unix socket file Resolves: 1058719 5.1.73-1 - Update to MySQL 5.1.73, for various fixes described at...
kernel security and bug fix update
2.6.32-431.5.1 - net sctp: fix checksum marking for outgoing packets Daniel Borkmann 1046041 1040385 - kernel ptrace: Cleanup useless header Aaron Tomlin 1046043 1036312 - kernel ptrace: kill BKL in ptrace syscall Aaron Tomlin 1046043 1036312 - fs nfs: Prevent a 3-way deadlock between layoutretur...
Unbreakable Enterprise kernel security and bug fix update (Unbreakable Enterprise Kernel Release 3 QU1)
3.8.13-26.el6uek - spec: Don't remove crashkernel=auto setting Jerry Snitselaar Orabug: 18137993 3.8.13-25.el6uek - ocfs2: fix imutex deadlock between aiowrite and syncfile Darrick J. Wong Orabug: 18068931 - Revert 'x86, mm: Revert back goodend setting for 64bit' Jerry Snitselaar Orabug: 18128986...
wget security and bug fix update
1.12-1.11 - Add --trust-server-names option to fix CVE-2010-2252 833831 1.12-1.10 - Build wget again with partial RELRO. LDFLAGS changed due to openssl rebase. 1.12-1.9 - Fix wget to recognize certificates with alternative names 1060113...
pidgin security update
2.7.9-27.el6 - Fix regression in CVE-2013-6483. 2.7.9-26.el6 - Fix patch for CVE-2012-6152 RH bug 1058242. 2.7.9-25.el6 - Add patch for CVE-2014-0020 RH bug 1058242. 2.7.9-24.el6 - Add patch for CVE-2013-6490 RH bug 1058242. 2.7.9-23.el6 - Add patch for CVE-2013-6489 RH bug 1058242. 2.7.9-22.el6 ...
thunderbird security update
24.3.0-2.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Make sure build with nspr-devel = 4.10.0 24.3.0-2 - Update to 24.3.0 ESR Build 2 24.3.0-1 - Update to 24.3.0 24.2.0-2 - Fixed requested nspr/nss versions...