8991 matches found
bind security update
32:9.8.2-0.23.rc1.1 - Fix CVE-2014-0591 32:9.8.2-0.23.rc1 - Fix gssapictx memory leak 911167 32:9.8.2-0.22.rc1 - fix CVE-2013-4854 32:9.8.2-0.21.rc1 - fix CVE-2013-2266 - ship dns/rrl.h in -devel subpkg 32:9.8.2-0.20.rc1 - remove one bogus file from /usr/share/doc, introduced by RRL patch...
augeas security update
1.0.0-5.1 - Fix CVE-2013-6412, incorrect permissions under strict umask RHBZ1036079...
java-1.7.0-openjdk security update
1.7.0.51-2.4.4.1.0.1.el65 - Update DISTRONAME in specfile 1.7.0.51-2.4.4.1.el6 - restored java7 provides - bumped release builds exists - Resolves: rhbz1050935 1.7.0.51-2.4.4.0.el6 - updated to security icedtea 2.4.4 - icedteaversion set to 2.4.4 - updatever bumped to 51 - release reset to 0 - sy...
java-1.7.0-openjdk security update
1.7.0.51-2.4.4.1.0.1.el510 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.51-2.4.4.1.el5 - updated to security icedtea 2.4.4 - icedteaversion set to 2.4.4 - updatever bumped to 51 - release reset to 1 - build requires: java-devel = 1:1.6.0 changed java7-devel - Resolve...
libxfont security update
1.4.5-3 - cve-2013-6462.patch: sscanf overflow bug 1049684 - sscanf-hardening.patch: Some other sscanf hardening fixes 1049684...
openssl security update
1.0.1e-16.4 - fix CVE-2013-4353 - Invalid TLS handshake crash 1.0.1e-16.3 - fix CVE-2013-6450 - possible MiTM attack on DTLS1 1.0.1e-16.2 - fix CVE-2013-6449 - crash when version in SSL structure is incorrect...
gnupg security update
1.4.5-18.1 - fix CVE-2013-4576 acoustic side channel attack on RSA private keys...
pixman security update
0.26.2-5.1 - Fix CVE 2013-6425...
xorg-x11-server security update
1.13.0-23.1 - Fix root window damage reports when Xinerama is active 919165...
nss security update
3.15.3-3.0.1.el65 - Added nss-vendor.patch to change vendor 3.15.3-3 - Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1042685 - nss: Mis-issued ANSSI/DCSSI certificate MFSA 2013-117 rhel-6.6...
ca-certificates security update
2013.1.95-65.1 - Update to CKBI 1.95 from NSS 3.15.3.1...
openjpeg security update
1.3-10 - Apply patch for CVE-2013-6054 CVE-2013-1447 CVE-2013-6045 CVE-2013-6052 Resolves: 1038985 CVE-2013-6054 CVE-2013-1447 CVE-2013-6045 CVE-2013-6052...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-16.2.3.el6uek - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951080 CVE-2013-4470 - KVM: x86: fix guest-initiated crash with x2apic CVE-2013-637...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.33.4uek - kernel/signal.c: stop info leak via the tkill and the tgkill syscalls Emese Revfy Orabug: 17951083 CVE-2013-2141 - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - KVM: x86: Fix potential divide by 0 in lapic...
unbreakable enterprise kernel security update
2.6.39-400.211.3 - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951806 CVE-2013-4470 - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951818 CVE-2013-4470 - KVM: x86: Fix potential divide by 0 in lapic CVE-2013-6367 Andy Honig Orabu...
kernel security, bug fix, and enhancement update
2.6.32-431.1.2 - x86 kvm: fix cross page vapicaddr access Paolo Bonzini 1032214 1032215 CVE-2013-6368 - x86 kvm: fix division by zero in apicgettmcct Paolo Bonzini 1032212 1032213 CVE-2013-6367 2.6.32-431.1.1 - netdrv mlx4en: Check device state when setting coalescing Amir Vadai 1032395 975908 -...
nss, nspr, and nss-util security update
nspr 4.10.0-2 - Rebase to nspr-4.10.2 - Resolves: rhbz1032485 - CVE-2013-5607 MFSA 2013-103 Avoid unsigned integer wrapping in PLArenaAllocate MFSA 2013-103 nss 3.15.3-2.0.1 - Added nss-vendor.patch to change vendor 3.15.3-2 - Enable patch with fix for deadlock in trust domain lock and object loc...
thunderbird security update
24.2.0-1.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Make sure build with nspr-devel = 4.10.0 24.2.0-1 - Update to 24.2.0 ESR 24.1.0-1 - Update to 24.1.0 ESR...
firefox security update
24.2.0-1.0.1.el64 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Build with nspr-devel = 4.10.0 to fix build failure 24.2.0-1 - Update to 24.2.0 ESR 24.1.0-4 - Fixed mozbz938730 - avoid mix of memory allocators crashes when using system sqlite 24.1.0-3 - Fixed...
php53 and php security update
5.3.3-27 - add security fix for CVE-2013-6420...
php security update
5.1.6-43 - drop unneeded patch 5.1.6-42 - add security fixes for CVE-2012-2688, CVE-2011-1398, CVE-2013-1643, CVE-2013-6420...
samba and samba3x security update
3.6.9-167 - resolves: 1018037 - Fix CVE-2013-4408. 3.6.9-165 - resolves: 1028086 - Fix CVE-2013-4475...
libjpeg security update
6b-38 - Add patch for CVE-2013-6629 - Resolves: 1031952...
libjpeg-turbo security update
1.2.1-3 - Resolves: 1031955 apply patch for CVE-2013-6630 1.2.1-2 - Resolves: 1031955 libjpeg-turbo: various flaws CVE-2013-6629...
samba4 security update
4.0.0-60.rc4 - resolves: 1018039 - Fix CVE-2013-4408. 4.0.0-59.rc4 - Fix usage of client min/max protocol options in winbindd - related: 949993...
kernel security and bug fix update
kernel 2.6.18-371.3.1.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
nss and nspr security, bug fix, and enhancement update
nspr 4.10.2-2 - Fix changelog comments - Resolves: rhbz1032466 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws rhel-5.10 4.10.2-1 - Update to nspr-4.10.2 - Remove an unused patch - Resolves: rhbz1032466 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws rhel-5.10 4.10.0...
kernel security and bug fix update
kernel 2.6.18-371.3.1 - net be2net: don't use GRO for packets w/ re-inserted VLAN tags Ivan Vecera 1023348 1008691 - net tg3: call pcienablewake to set power state John Feeney 1014973 996331 - misc backport fixes for percpu-rw-semaphore Mikulas Patocka 1014715 867997 - xen information leak via I/...
gimp security update
2:2.6.9-6 - fix overflow in XWD loader CVE-2013-1913, CVE-2013-1978 2:2.6.9-5 - fix overflow in XWD loader 879302 2:2.6.9-5 - fix overflow in GIF loader 847303 2:2.6.9-5 - fix overflows in GIF, CEL loaders 727800, 839020 2:2.6.9-4.1 - fix various overflows 666793, 703403, 703405, 703407, 704512...
mod_nss security update
1.0.8-19 - Resolves: CVE-2013-4566 - Bugzilla Bug 1030265 - modnss: incorrect handling of NSSVerifyClient in directory context rhel-6.5.z...
Unbreakable Enterprise Kernel security update
3.8.13-16.2.2.el6uek - HID: pantherlord: validate output report details Kees Cook Orabug: 17841973 CVE-2013-2892 - HID: zeroplus: validate output report details Kees Cook Orabug: 17841968 CVE-2013-2889 - HID: provide a helper for validating hid reports Kees Cook Orabug: 17841968 CVE-2013-2889 -...
Unbreakable Enterprise Kernel security update
2.6.39-400.211.2 - fs/compatioctl.c: VIDEOSETSPUPALETTE missing error check Kees Cook Orabug: 17842208 CVE-2013-1928 - Bluetooth: RFCOMM - Fix info leak via getsockname Mathias Krause Orabug: 17842129 CVE-2012-6545 - Bluetooth: RFCOMM - Fix info leak in ioctlRFCOMMGETDEVLIST Mathias Krause Orabug...
Unbreakable Enterprise Kernel security update
kernel-uek 2.6.32-400.33.3uek - afkey: fix info leaks in notify messages Mathias Krause Orabug: 17837974 CVE-2013-2234 - drivers/cdrom/cdrom.c: use kzalloc for failing hardware Jonathan Salwan Orabug: 17837971 CVE-2013-2164 - fs/compatioctl.c: VIDEOSETSPUPALETTE missing error check Kees Cook...
python security, bug fix, and enhancement update
2.6.6-51 - Fixed memory leak in ssl.getpeeraltnames Resolves: rhbz1002983 2.6.6-50 - Added fix for CVE-2013-4238 Resolves: rhbz998784 2.6.6-49 - Fix shebangs in several files in python-tools subpackage Resolves: rhbz521898 2.6.6-48 - Fix sqlite3.Cursor.lastrowid under a Turkish locale. Resolves:...
pacemaker security, bug fix, and enhancement update
1.1.10-14 - Log: crmd: Supply arguments in the correct order Resolves: rhbz996850 - Fix: Invalid formatting of log message causes crash Resolves: rhbz996850 1.1.10-13 - Fix: cman: Start clvmd and friends from the init script if enabled 1.1.10-12 - Fix: Consistently use 'Slave' as the role for...
xorg-x11-server security and bug fix update
1.13.0-23 - Fix root window damage reports when Xinerama is active 919165 1.13.0-22 - Fix Xephyr crashes in 8 and 16 bit mode 1018405 1.13.0-21 - Fix Damage reports when Xinerama is active 919165 1.13.0-20 - Fix broken Xorg -configure 1016854 - CVE-2013-1940: Fix xf86FlushInput to drain evdev...
ruby security update
1.8.7.352-13 - Workaround build issues against OpenSSL with enabled ECC curves. - Make DRb compatible with OpenSSL 1.0.1. ruby-1.9.3-p222-generate-1024-bits-RSA-key-instead-of-512-bits.patch - Fix CVE-2013-4164 Heap Overflow in Floating Point Parsing...
openssh security, bug fix, and enhancement update
5.3p1-94 - use dracut-fips package to determine if a FIPS module is installed 1001565 5.3p1-93 - use dist tag in suffixes for hmac checksum files 1001565 5.3p1-92 - use hmacsuffix for ssh,d hmac checksums 1001565 5.3p1-91 - fix NSS keys support 1004763 5.3p1-90 - change default value of MaxStartu...
libguestfs security, bug fix, and enhancement update
1:1.20.11-2 - Fix CVE-2013-4419: insecure temporary directory handling for guestfish's network socket resolves: rhbz1019737 1:1.20.11-1 - Rebase to libguestfs 1.20.11. resolves: rhbz958183 - Remove buildnet: builds now detect network automatically. - The rhel-6.x branches containing the patches...
busybox security and bug fix update
1:1.15.1-20 - Resolves: 855832 'Installation from NFS: That directory could not be mounted from the server' by switching NFS mount default from UDP to TCP. There was another place in uclibc this time which used UDP. 1:1.15.1-19 - Resolves: 1015010 'busybox: insecure directory permissions in /dev'...
samba security, bug fix, and enhancement update
3.6.9-164 - resolves: 1008574 - Fix offline logon cache not updating for cross child domain group membership. 3.6.9-163 - resolves: 1015359 - Fix CVE-2013-0213 and CVE-2013-0214 in SWAT. 3.6.9-162 - resolves: 978007 - Fix 'valid users' manpage documentation. 3.6.9-161 - resolves: 997338 - Fix...
wireshark security, bug fix, and enhancement update
1.8.10-4.0.1.el6 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.8.10-4 - fix memory leak when reassemblying a packet - Related: 711024 1.8.10-3 - fix config.h conflict - Related: 711024 1.8.10-2 - do not configure with setcap-install - Related: 711024 1.8.10-1 -...
glibc security, bug fix, and enhancement update
2.12-1.132 - Revert the addition of gettimeofday vDSO function for ppc and ppc64 until OPD VDSO function call issues are resolved 1026533. 2.12-1.131 - Call gethostbyname4r only for PFUNSPEC 1022022. 2.12-1.130 - Fix integer overflows in valloc and memalign. 1008310. 2.12-1.129 - Initialize...
dracut security, bug fix, and enhancement update
004-336.0.1 - do not strip modules with signatures. orabug 17458249 Jerry Snitselaar - scsiwait module removed in 3.8. Mute errors. orabug 16977193 Maxim Uvarov find firmware in /lib/modules/firmware/2.6.32-400.1.1.el5uek first and /lib/modules/firmware second Resolves: Orabug: 13351090 - Fix btr...
samba4 security and bug fix update
4.0.0-58.rc4 - Fix winbind lsat reconnection code, avoids ntlmv2-only session setup problems - resolves: 949993 4.0.0-57.rc4 - resolves: 984809 - CVE-2013-4124: DoS via integer overflow when reading an EA list 4.0.0-56.rc4 - Fix libwbclient.so.0 symlink. - resolves: 882338 - Fix correct linking o...
php security, bug fix, and enhancement update
5.3.3-26 - add security fix for CVE-2013-4248 5.3.3-25 - rename patch to math CVE-2010-3709 name - add security fixes for CVE-2006-7243, CVE-2013-1643 5.3.3-24 - fix buffer overflow in pdopgsqlerror 969110 - fix double free when destroyzendclass fails 910466 - fix segfault in errorhandler with...
coreutils security, bug fix, and enhancement update
8.4-31.0.1 - clean up empty file if cp is failed Orabug 15973168 8.4-31 - adjust the fix for the du bindmounts failure836557 Mon Oct 07 2013 Ondrej Oprala - Fix su retvals once again 8.4-29 - CVE-2013-0221 CVE-2013-0223 CVE-2013-0222 - fix various segmentation faults in sort, uniq and join1015019...
sudo security, bug fix and enhancement update
1.8.6p3-12 - added patches for CVE-2013-1775 CVE-2013-2777 CVE-2013-2776 Resolves: rhbz1015355 1.8.6p3-11 - sssd: fixed a bug in ipahostname processing Resolves: rhbz853542 1.8.6p3-10 - sssd: fixed buffer size for the ipahostname value Resolves: rhbz853542 1.8.6p3-9 - sssd: match against...
389-ds-base security update
1.2.11.15-30 - Resolves: bug 1024977 CVE-2013-4485 389-ds-base: DoS due to improper handling of ger attr searches 1.2.11.15-29 - Bump version to 1.2.11.15-29 - Resolves: bug 1008013: DS91: ns-slapd stuck in DSSleep 1.2.11.15-28 - Bump version to 1.2.11.15-28 - Resolves: Bug 1016038 - Users from A...
Oracle Linux 6 kernel update
2.6.32-431 - md Disabling of TRIM on RAID5 for RHEL6.5 was too aggressive Jes Sorensen 1028426 2.6.32-430 - x86 Revert 'efi: be more paranoid about available space when creating variables' Rafael Aquini 1012370 1023173 - x86 Revert 'efivars: firmware bug workarounds should be in platform code'...