9185 matches found
389-ds-base security update
1.2.11.15-34 - Release 1.2.11.15-34 - Resolves: 1123861 EMBARGOED CVE-2014-3562 unauthenticated information disclosure rhel-6.5.z DS 616, BZ 1123477...
php security update
5.4.16-23 - fileinfo: cdfunpacksummaryinfo excessive looping DoS. CVE-2014-0237 - fileinfo: CDF property info parsing nelements infinite loop. CVE-2014-0238 - fileinfo: cdfcheckstreamoffset insufficient boundary check. CVE-2014-3479 - fileinfo: cdfcountchain insufficient boundary check...
kernel security and bug fix update
3.10.0-123.6.3 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.6.3 - net l2tpppp: fail when socket option level is not SOLPPPOL2TP Petr Matousek 1119465 1119466 CVE-2014-4943 3.10.0-123.6.2.el7 - s390 ptrace: correct insufficient sanitization when setting psw mask Hendrik Brueckner 1114090...
php53 and php security update
5.3.3-27.1 - core: type confusion issue in phpinfo. CVE-2014-4721 - date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712 - core: fix heap-based buffer overflow in DNS TXT record parsing. CVE-2014-4049 - core: unserialize SPL ArrayObject / SPLObjectStorage type confusion flaw...
samba security and bug fix update
4.1.1-37 - resolves: 1126013 - CVE-2014-3560: remote code execution in nmbd. 4.1.1-36 - resolves: 1115490 - Fix potential Samba file corruption...
samba4 security update
4.0.0-63.rc4 - resolves: 1126011 - CVE-2014-3560: remote code execution in nmbd. 4.0.0-62.rc4 - resolves: 1105501 - CVE-2014-0244: DoS in nmbd. - resolves: 1108842 - CVE-2014-3493: DoS in smbd with unicode path names. - resolves: 1105571 - CVE-2014-0178: Uninitialized memory exposure...
yum-updatesd security update
1:0.9-6 - updatesd: prevent installing unsigned packages. - Resolves: rhbz1125185...
resteasy-base security update
2.3.5-3 - Resolves: rhbz1121917 - CVE-2014-3490: XXE via parameter entities...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.36.6uek - filter: prevent nla extensions to peek beyond the end of the message Mathias Krause Orabug: 19315783 CVE-2014-3144 CVE-2014-3145 - futex: Forbid uaddr == uaddr2 in futexwaitrequeuepi Darren Hart Orabug: 19315318 CVE-2012-6647 2.6.32-400.36.5uek - ntty: Fix nttywrit...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-35.3.3.el7uek - filter: prevent nla extensions to peek beyond the end of the message Mathias Krause Orabug: 19315781 CVE-2014-3144 CVE-2014-3145 - mac80211: fix AP powersave TX vs. wakeup race Emmanuel Grumbach Orabug: 19316457 CVE-2014-2706...
kernel security, bug fix, and enhancement update
2.6.32-431.23.3 - netdrv pppol2tp: fail when socket option level is not SOLPPPOL2TP 1119461 1119462 CVE-2014-4943 2.6.32-431.23.2 - kernel utrace: force IRET path after utracefinishvfork Oleg Nesterov 1115932 1115933 CVE-2014-4699 2.6.32-431.23.1 - net iptunnel: fix iptunnelfind to return NULL in...
unbreakable enterprise kernel security update
2.6.39-400.215.6 - filter: prevent nla extensions to peek beyond the end of the message Mathias Krause Orabug: 19315782 CVE-2014-3144 CVE-2014-3145 2.6.39-400.215.5 - ntty: Fix nttywrite crash when echoing in raw mode Peter Hurley Orabug: 18756449 CVE-2014-0196 CVE-2014-0196...
kernel security and bug fix update
kernel 2.6.18-371.11.1.0.1 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe...
kernel security and bug fix update
kernel 2.6.18-371.11.1 - fs dcache: fix cleanup on warning in dsplicealias Denys Vlasenko 1109720 1080606 - net neigh: Make neighaddtimer symmetrical to neighdeltimer Marcelo Ricardo Leitner 1111195 1109888 - net neigh: set NUDINCOMPLETE when probing router reachability Marcelo Ricardo Leitner...
json-c security update
0.11-4 - fix has collision CVE-2013-6371 - fix buffer overflow CVE-2013-6370 - enable upstream test suite...
kernel security update
3.10.0-123.4.4 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.4.4 - net l2tpppp: fail when socket option level is not SOLPPPOL2TP Petr Matousek 1119465 1119466 CVE-2014-4943 3.10.0-123.4.3 - x86 ptrace: force IRET path after a ptracestop Oleg Nesterov 1115934 1115935 CVE-2014-4699...
kernel security update
2.6.32-431.20.5 - netdrv pppol2tp: fail when socket option level is not SOLPPPOL2TP 1119461 1119462 CVE-2014-4943 2.6.32-431.20.4 - kernel utrace: force IRET path after utracefinishvfork Oleg Nesterov 1115932 1115933 CVE-2014-4699...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-35.3.2.el7uek - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229497 CVE-2014-4943 CVE-2014-4943 - ptrace,x86: force IRET path after a ptracestop Tejun Heo Orabug: 19230689 CVE-2014-4699 - net: flowdissector: fail on evil iph-ihl Jason Wang...
libtasn1 security update
3.3-5 - Added missing check for null pointer 1102338 3.3-4 - Fix multiple decoding issues 1102338...
httpd security update
2.4.6-18.0.1.el70 - replace index.html with Oracle's index page oracleindex.html 2.4.6-18 - modcgid: add security fix for CVE-2014-0231 1120607 - modproxy: add security fix for CVE-2014-0117 1120607 - moddeflate: add security fix for CVE-2014-0118 1120607 - modstatus: add security fix for...
qemu-kvm security and bug fix update
1.5.3-60.el70.5 - kvm-Allow-mismatched-virtio-config-len.patch bz1095782 - Resolves: bz1095782 CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid configlen rhel-7.0.z 1.5.3-60.el70.4 - kvm-zero-initialize-KVMSETGSIROUTING-input.patch bz1110693 -...
tomcat security update
0:7.0.42-6 - Resolves: CVE-2014-0099 Fix possible overflow when parsing - long values from byte array - Resolves: CVE-2014-0096 Information discloser process XSLT - files not subject to same constraint running under - java security manager - Resolves: CVE-2014-0075 Avoid overflow in...
kernel security, bug fix, and enhancement update
3.10.0-123.4.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.4.2 - fs aio: fix plug memory disclosure and fix reqsactive accounting backport Jeff Moyer 1094604 1094605 CVE-2014-0206 - fs aio: plug memory disclosure and fix reqsactive accounting Mateusz Guzik 1094604 1094605 CVE-2014-0206...
openssl security update
1.0.1e-34.3 - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability...
samba security update
4.1.1-35 - resolves: 1105504 - CVE-2014-0244: DoS in nmbd. - resolves: 1108844 - CVE-2014-3493: DoS in smbd with unicode path names. - resolves: 1105573 - CVE-2014-0178: Uninitialized memory exposure. 4.1.1-33 - related: 717484 - Add missing configure line to enable profiling data support. 4.1.1-...
mariadb security update
1:5.5.37-1 - Rebase to 5.5.37 https://kb.askmonty.org/en/mariadb-5537-changelog/ Also fixes: CVE-2014-2440 CVE-2014-0384 CVE-2014-2432 CVE-2014-2431 CVE-2014-2430 CVE-2014-2436 CVE-2014-2438 CVE-2014-2419 Resolves: 1101062...
libvirt security and bug fix update
1.1.1-29.0.1.el70.1 - Replace docs/et.png in tarball with blank image 1.1.1-29.el70.1 - LSN-2014-0003: Don't expand entities when parsing XML CVE-2014-0179 - virNetClientSetTLSSession: Restore original signal mask rhbz1112689 - Don't use AIADDRCONFIG when binding to wildcard addresses rhbz1112692...
gnutls security update
3.1.18-9 - fix session ID length check 1102027 - fixes null pointer dereference 1101727...
openssl098e security update
0.9.8e-29.2 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability...
httpd security update
2.2.15-31.0.1.el65 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-31 - modcgid: add security fix for CVE-2014-0231 - moddeflate: add security fix for CVE-2014-0118 - modstatus: add security fix for CVE-2014-0226...
qemu-kvm security and bug fix update
1.5.3-60.el70.2 - kvm-pc-add-hotaddcpu-callback-to-all-machine-types.patch bz1094820 - Resolves: bz1094820 Hot plug CPU not working with RHEL6 machine types running on RHEL7 host. 1.5.3-60.el70.1 - kvm-iscsi-fix-indentation.patch bz1090978 - kvm-iscsi-correctly-propagate-errors-in-iscsiopen.patch...
thunderbird security update
24.7.0-1.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 24.7.0-1 - Update to 24.7.0...
nss and nspr security update
nspr 4.10.2-4 - Rebase to nspr-4.10.6 - Resolves: Bug 1116199 4.10.2-3 - Retagging - Resolves: rhbz1032466 nss 3.15.3-7 - Remove an unused patch - Related: Bug 1116199 3.15.3-6 - Fix race-condition in certificate validation - Resolves: Bug 1116199 3.15.3-5 - Remove two unused patches - Resolves:...
firefox security update
24.7.0-1.0.1.el65 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 24.7.0-1 - Update to 24.7.0 ESR...
nss and nspr security, bug fix, and enhancement update
nspr 4.10.6-1 - Rebase to nspr-4.10.6 - Resolves: rhbz1112135 nss 3.16.1-4.0.1.el65 - Added nss-vendor.patch to change vendor 3.16.1-4 - Update some patches on account of the rebase - Resolves: Bug 1099619 3.16.1-3 - Backport nss-3.12.6 upstream fix required by Firefox 31 - Resolves: Bug 1099619...
java-1.6.0-openjdk security and bug fix update
1:1.6.0.1-6.1.13.4 - moved to icedteaver 1.13.4 - moved to openjdkver b32 and openjdkdate 15jul2014 - added upstreamed patch patch9 rh1115580-unsyncHashMap.patch - Resolves: rhbz1115580 - Resolves: rhbz1115867...
java-1.6.0-openjdk security update
1:1.6.0.1-6.1.13.3 - updated to icedtea 1.13.3 - updated to openjdk-6-src-b31-15apr2014 - renmoved upstreamed patch7, 1.13fixes.patch - renmoved upstreamed patch9, 1051245.patch - Resolves: rhbz1099563...
tomcat security update
0:7.0.42-5 - Related: CVE-2013-4286 - Related: CVE-2013-4322 - Related: CVE-2014-0050 - revisit patches for above...
kernel security update
3.10.0-123.1.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-123.1.2 - tty ntty: Fix nttywrite crash when echoing in raw mode Aristeu Rozanski 1094241 1094242 CVE-2014-0196...
java-1.7.0-openjdk security update
1.7.0.55-2.4.7.2.0.1.el70 - Update DISTRONAME in specfile 1.7.0.55-2.4.7.2 - Remove NSS patches. Issues with PKCS11 provider mean it shouldn't be enabled. - Always setup nss.cfg and depend on nss-devel at build-time to do so. - This allows users who wish to use PKCS11+NSS to just add it to...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.36.4uek - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229529 CVE-2014-4943 CVE-2014-4943 - ptrace,x86: force IRET path after a ptracestop Tejun Heo Orabug: 19230692 CVE-2014-4699...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-35.1.3.el6uek - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229497 CVE-2014-4943 CVE-2014-4943 - ptrace,x86: force IRET path after a ptracestop Tejun Heo Orabug: 19230689 CVE-2014-4699 - net: flowdissector: fail on evil iph-ihl Jason Wang...
unbreakable enterprise kernel security update
2.6.39-400.215.4 - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229505 CVE-2014-4943 CVE-2014-4943 - ptrace,x86: force IRET path after a ptracestop Tejun Heo Orabug: 19230690 CVE-2014-4699...
java-1.7.0-openjdk security update
1.7.0.65-2.5.1.2.0.1.el65 - Update DISTRONAME in specfile 1.7.0.65-2.5.1.2 - added and applied fix for samrtcard io patch405, pr1864smartcardIO.patch - Resolves: rhbz1115874 1.7.0.65-2.5.1.1.el6 - updated to security patched icedtea7-forest 2.5.1 - Resolves: rhbz1115874 1.7.0.60-2.5.0.1.el6 -...
java-1.7.0-openjdk security update
1.7.0.65-2.5.1.2.0.1.el510 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.65-2.5.1.2 - added and applied fix for samrtcard io patch405, pr1864smartcardIO.patch - Resolves: rhbz1115872 1.7.0.65-2.5.1.1.el5 - updated to security patched icedtea7-forest 2.5.1 - Resolves:...
tomcat6 security and bug fix update
0:6.0.24-72 - Related: CVE-2014-0075 - rebuild to generate javadoc - correctly. previous build generated 0-length javadoc 0:6.0.24-69 - Related: CVE-2014-0075 incomplete 0:6.0.24-68 - Related: CVE-2013-4322. arches needs to be specified - as in arches noarch, so docs/webapps will produce - full...
lzo security update
2.03-3.1.1 - Fixed integer overflow in decompressor Resolves: CVE-2014-4607...
samba and samba3x security update
3.6.9-169 - resolves: 1105499 - CVE-2014-0244: DoS in nmbd. - resolves: 1108840 - CVE-2014-3493: DoS in smbd with unicode path names...
mod_wsgi security update
3.2-6 - fix for CVE-2014-0242 1104685 3.2-4 - fix for CVE-2014-0240 1104687...
dovecot security update
1:2.0.9-7.1 - fix CVE-2014-3430: denial of service through maxxing out SSL connections 1108001...