8998 matches found
glibc security, bug fix, and enhancement update
2.12-1.132 - Revert the addition of gettimeofday vDSO function for ppc and ppc64 until OPD VDSO function call issues are resolved 1026533. 2.12-1.131 - Call gethostbyname4r only for PFUNSPEC 1022022. 2.12-1.130 - Fix integer overflows in valloc and memalign. 1008310. 2.12-1.129 - Initialize...
php security, bug fix, and enhancement update
5.3.3-26 - add security fix for CVE-2013-4248 5.3.3-25 - rename patch to math CVE-2010-3709 name - add security fixes for CVE-2006-7243, CVE-2013-1643 5.3.3-24 - fix buffer overflow in pdopgsqlerror 969110 - fix double free when destroyzendclass fails 910466 - fix segfault in errorhandler with...
coreutils security, bug fix, and enhancement update
8.4-31.0.1 - clean up empty file if cp is failed Orabug 15973168 8.4-31 - adjust the fix for the du bindmounts failure836557 Mon Oct 07 2013 Ondrej Oprala - Fix su retvals once again 8.4-29 - CVE-2013-0221 CVE-2013-0223 CVE-2013-0222 - fix various segmentation faults in sort, uniq and join1015019...
samba4 security and bug fix update
4.0.0-58.rc4 - Fix winbind lsat reconnection code, avoids ntlmv2-only session setup problems - resolves: 949993 4.0.0-57.rc4 - resolves: 984809 - CVE-2013-4124: DoS via integer overflow when reading an EA list 4.0.0-56.rc4 - Fix libwbclient.so.0 symlink. - resolves: 882338 - Fix correct linking o...
sudo security, bug fix and enhancement update
1.8.6p3-12 - added patches for CVE-2013-1775 CVE-2013-2777 CVE-2013-2776 Resolves: rhbz1015355 1.8.6p3-11 - sssd: fixed a bug in ipahostname processing Resolves: rhbz853542 1.8.6p3-10 - sssd: fixed buffer size for the ipahostname value Resolves: rhbz853542 1.8.6p3-9 - sssd: match against...
389-ds-base security update
1.2.11.15-30 - Resolves: bug 1024977 CVE-2013-4485 389-ds-base: DoS due to improper handling of ger attr searches 1.2.11.15-29 - Bump version to 1.2.11.15-29 - Resolves: bug 1008013: DS91: ns-slapd stuck in DSSleep 1.2.11.15-28 - Bump version to 1.2.11.15-28 - Resolves: Bug 1016038 - Users from A...
Oracle Linux 6 kernel update
2.6.32-431 - md Disabling of TRIM on RAID5 for RHEL6.5 was too aggressive Jes Sorensen 1028426 2.6.32-430 - x86 Revert 'efi: be more paranoid about available space when creating variables' Rafael Aquini 1012370 1023173 - x86 Revert 'efivars: firmware bug workarounds should be in platform code'...
rdma stack security, bug fix, and enhancement update
ibutils 1.5.7-8 - Add the -output patch to have programs use /var/cache/ibutils instead of /tmp Resolves: bz958569 infinipath-psm Thu Jan 24 2013 Jay Fenlason - Put the udev rules file in the right place Resolves: rhbz866732 - include a patch from upstream to fix undefined references Resolves:...
augeas security, bug fix, and enhancement update
1.0.0-5 - Don't package lenses in tests/ subdirectory. related: rhbz817753 1.0.0-4 - Rebase to Augeas 1.0.0 resolves: rhbz817753 - Add dependency on libxml2-devel. - Remove all patches all upstream and included in 1.0.0. - Print tests/test-suite.log when the tests fail. - Add fix for regression...
evolution security, bug fix, and enhancement update
cheese 2.28.1-8 - Rebuild against newer evolution-data-server. Resolves: 973276 control-center 2.28.1-39 - Rebuild against newer evolution-data-server. Resolves: 973279 ekiga 3.2.6-4 - Rebuild against newer evolution-data-server. - Add patch to build break include where needed Resolves: 973281...
qemu-kvm security, bug fix, and enhancement update
qemu-kvm-0.12.1.2-2.415.el6 - kvm-target-i386-don-t-migrate-steal-time-MSR-on-older-ma.patch bz1022821 - Resolves: bz1022821 live-migration from RHEL6.5 to RHEL6.4.z fails with 'error while loading state for instance 0x0 of device 'cpu'' 0.12.1.2-2.414.el6 -...
java-1.6.0-openjdk security update
1:1.6.0.0-1.68.1.11.14 - updated to icedtea6-1.11.14.tar.gz - added and applied 1.11.14-fixes.patch, patch10 to fix build issues - adapted patch8 java-1.6.0-openjdk-timezone-id.patch - Resolves: rhbz1017618 1:1.6.0.1-1.67.1.13.0 - reverted previous update - Resolves: rhbz1017618...
gc security update
7.1-12 - Fix host triplets on x86 1014273 - Related: CVE-2012-2673 7.1-11 - Add sanity checking for calloc/malloc calls - Resolves: CVE-2012-2673...
thunderbird security update
17.0.10-1.0.1.el64 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 17.0.10-1 - Update to 17.0.10 ESR...
qspice security update
0.3.0-56.1 - Fix spice-server crash when client sends a password which is too long Resolves: CVE-2013-4282 0.3.0-56.el5 - Fix unsafe accesses + spice: drop libpng from windows components 537849 + libspice: fix unsafe guest data accessing Resolves: 568720 + fix unsafe free call. Resolves: 568724 +...
postgresql and postgresql84 security update
8.4.18-1 - Update to PostgreSQL 8.4.18, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-14.html http://www.postgresql.org/docs/8.4/static/release-8-4-15.html http://www.postgresql.org/docs/8.4/static/release-8-4-16.html...
firefox security update
firefox 17.0.10-1.0.1.el64 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 17.0.10-1 - Update to 17.0.10 ESR xulrunner 17.0.10-1.0.1.el64 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNERVERSION from SOURCE21...
spice-server security update
0.12.0-12.5 - Fix issue with error-handling of RSAprivatedecrypt in previous patch Related: CVE-2013-4282 0.12.0-12.el64.4 - Fix buffer overflow when decrypting client SPICE ticket Resolves: CVE-2013-4282...
gnupg2 security update
2.0.14-6 - fix CVE-2013-4351 gpg treats no-usage-permitted keys as all-usages-permitted 2.0.14-5 - fix CVE-2012-6085 GnuPG: readblock corrupt key input validation - fix CVE-2013-4402 GnuPG: infinite recursion in the compressed packet parser...
gnupg security update
1.4.5-18 - fix CVE-2013-4351 gpg treats no-usage-permitted keys as all-usages-permitted 1.4.5-17 - fix CVE-2012-6085 GnuPG: readblock corrupt key input validation - fix CVE-2013-4242 GnuPG susceptible to Yarom/Falkner side-channel attack - fix CVE-2013-4402 GnuPG: infinite recursion in the...
libgcrypt security update
1.4.5-11 - fix CVE-2013-4242 GnuPG/libgcrypt susceptible to cache side-channel attack 1.4.5-10 - Add GCRYCTLSETENFORCEDFIPSFLAG command...
unbreakable enterprise kernel security update
kernel-uek 3.8.13-16.1.1.el6uek - dm snapshot: fix data corruption Mikulas Patocka Orabug: 17617582 CVE-2013-4299...
java-1.7.0-openjdk security update
1.7.0.45-2.4.3.2.0.1.el6 - Update DISTRONAME in specfile 1.7.0.40-2.4.3.1.el6 - sync with rhel 6.5 to icedtea 2.4 because of pernament tck failures - nss kept disabled - Resolves: rhbz1017626 1.7.0.25-2.3.13.4.el6 - added back patch408 tck201310155.patch, to resolve one of tck failures - Resolves...
kernel security and bug fix update
kernel 2.6.18-371.1.2.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
vino security update
2.28.1-9 - Reject clients in deferred auth state - Bug 1009228...
kernel security and bug fix update
kernel 2.6.18-371.1.2 - xen x86: check segment descriptor read result in 64-bit OUTS emulation Radim Krcmar 1012958 1012959 CVE-2013-4368 - md dm snapshot: fix data corruption Mikulas Patocka 1004734 975353 CVE-2013-4299 2.6.18-371.1.1 - crypto ansicprng fix off by one err in non-block size reque...
java-1.7.0-openjdk security update
1.7.0.45-2.4.3.1.0.1.el510 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.45-2.4.3.1.el5 - Updated to icedtea 2.4.3 - Resolves: rhbz1017623 1.7.0.45-2.4.3.0.el5 - fixed and updated tapset - removed bootstrap - source 11 redeclared to 1111 - added source12:...
unbreakable enterprise kernel security update
2.6.39-400.209.2 - dm snapshot: fix data corruption Mikulas Patocka Orabug: 17618492 CVE-2013-4299...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.33.2 - dm snapshot: fix data corruption Mikulas Patocka Orabug: 17618900 CVE-2013-4299 - ipv6: call udppushpendingframes when uncorking a socket with AFINET pending data Hannes Frederic Sowa Orabug: 17618897 CVE-2013-4162...
rubygems security update
1.3.7-4 - Remove regexp backtracing CVE-2013-4363. - Related: rhbz1002838. 1.3.7-3 - Fix insecure connection to SSL repository CVE-2012-2125, CVE-2012-2126. - Related: rhbz1002838. 1.3.7-2 - Fix algorithmic complexity vulnerability CVE-2013-4287. - Resolves: rhbz1002838...
kernel security and bug fix update
2.6.32-358.23.2 - md dm-snapshot: fix data corruption Mikulas Patocka 1004252 1004233 CVE-2013-4299 2.6.32-358.23.1 - md raid1, raid10: use freezearray in place of raisebarrier in various places Jes Sorensen 1003765 997845 - scsi megaraidsas: megaraidsas driver init fails in kdump kernel Nikola...
xorg-x11-server security update
1.13.0-11.1.2 - CVE-2013-4396: Fix use-after free in ImageText requests 1014561...
libtar security update
1.2.11-17.el64.1 - fix CVE-2013-4397: buffer overflows by expanding a specially-crafted archive...
glibc security and bug fix update
2.5-118.2 - Fix integer overflows in valloc and memalign. 1011804. 2.5-118.1 - Add support for newer L3 caches on x86-64 and correctly count the number of hardware threads sharing a cacheline 1011424...
xinetd security update
2:2.3.14-39 - Honor user and group directives - Resolves: CVE-2013-4342...
sssd security and bug fix update
1.5.1-70 - Fix IPA provider performance issue when storing large host groups - Resolves: rhbz979047 - sssdbe goes to 99% CPU and causes significant login delays when client is under load 1.5.1-69 - Fix startup with a broken configuration - Resolves: rhbz974036 - sssd core process keeps running...
samba3x security and bug fix update
3.6.6-0.136 - resolves: 984807 - CVE-2013-4124: DoS via integer overflow when reading an EA list 3.6.6-0.135 - Fix PIDL parsing with newer versions of gcc. - Fix dereferencing a unique pointer in the WKSSVC server. - resolves: 982484 3.6.6-0.134 - Check for system libtevent and require version...
Oracle linux 5 kernel update
kernel 2.6.18-371 - net be2net: enable polling prior enabling interrupts globally Ivan Vecera 987539 2.6.18-370 - net be2net: Fix to avoid hardware workaround when not needed Ivan Vecera 995961 - kernel signals: stop info leak via tkill and tgkill syscalls Oleg Nesterov 970875 CVE-2013-2141...
sudo security and bug fix update
1.7.2p1-28 - backported fixes for CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-2777 Resolves: rhbz968221 1.7.2p1-27 - visudo: fixed incorrect warning and parse error regarding undefined aliases which were in fact defined Resolves: rhbz849679 Resolves: rhbz905624 1.7.2p1-26 - updated sudoers...
Oracle Linux 5 kernel update
kernel 2.6.18-371.0.0.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
xinetd security and bug fix update
2:2.3.14-19 - Correctly backport patches that fix the descriptor leakage - Related: 852274 -2:2.3.14-18 - Fix leaking file descriptors 852274 - Fix: Service disabled due to bind failure 811000 - CVE-2012-0862 xinetd: enables unintentional services over tcpmux port 788795...
ccid security and bug fix update
1.3.8-2 - fix voltage issue...
php53 security, bug fix and enhancement update
5.3.3-21 - add security fix for CVE-2013-4248 5.3.3-20 - add security fix for CVE-2013-4113 5.3.3-19 - add upstream reproducer for errorhandler 951075 5.3.3-18 - add security fixes for CVE-2006-7243 5.3.3-17 - reorder security patches - add security fixes for CVE-2012-2688, CVE-2012-0831,...
kernel security and bug fix update
kernel 2.6.18-348.18.1.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
kernel security and bug fix update
kernel 2.6.18-348.18.1 - net be2net: enable polling prior enabling interrupts globally Ivan Vecera 1005239 987539 - kernel signals: stop info leak via tkill and tgkill syscalls Oleg Nesterov 970874 970875 CVE-2013-2141 - net ipv6: do udppushpendingframes AFINET sock pending data Jiri Benc 987647...
rtkit security update
0.5-2 - CVE-2013-4326 Resolves: 1007174...
libvirt security and bug fix update
0.10.2-18.0.1.el64.14 - Replace docs/et.png in tarball with blank image 0.10.2-18.el64.14 - spec: Update requirements to pick up rebuilt polkit CVE-2013-4311 0.10.2-18.el64.13 - spec: Fix messed up dependency on polkit CVE-2013-4311 0.10.2-18.el64.12 - Introduce APIs for splitting/joining strings...
spice-gtk security update
0.14-7.3 - New build with correct patch for CVE-2013-4324 0.14-7.2 - Fix race condition in policykit use CVE-2013-4324 Resolves: CVE-2013-4324...
hplip security update
3.12.4-4:.1 - Applied patch to avoid unix-process authorization subject when using polkit as it is racy CVE-2013-4325...
polkit security update
0.96-5 - Actually apply the patch, and modify it to apply to 0.96 - Resolves: 1006262 0.96-4.el64 - Include fix for CVE-2013-4288 - Resolves: 1006262 0.96-3.el64 - Include fixes for CVE-2011-1485 - Resolves: 692942...