8998 matches found
kernel security update
2.6.32-358.6.2 - kernel perf: fix perfsweventenabled array out-of-bound access Petr Matousek 962793 962794 CVE-2013-2094...
libvirt security and bug fix update
0.10.2-18.0.1.el64.5 - Replace docs/et.png in tarball with blank image 0.10.2-18.el64.5 - daemon: Fix leak after listing volumes CVE-2013-1962 - Don't try to add non-existant devices to ACL rhbz958837 - Avoid spamming logs with cgroups warnings rhbz958837 - audit: Properly encode device path in...
openswan security update
2.6.32-20 Resolves: 960234 - CVE-2013-2053...
Unbreakable Enterprise kernel Security update
2.6.39-400.24.1 - perf: Treat attr.config as u64 in perfsweventinit Tommi Rantala Orabug: 16808734 CVE-2013-2094...
thunderbird security update
17.0.6-2.0.1.el64 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 17.0.6-2 - Update to 17.0.6 ESR...
firefox security update
firefox 17.0.6-1.0.1.el64 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 17.0.6-1 - Update to 17.0.6 ESR 17.0.5-2 - Updated XulRunner check xulrunner 17.0.6-2.0.1.el64 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed...
httpd security update
2.2.15-28.0.1.el64 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-28 - modrewrite: add security fix for CVE-2013-1862 953729 2.2.15-27 - add security fixes for CVE-2012-3499, CVE-2012-4558 915883, 915884...
Unbreakable Enterprise kernel security and bugfix update
2.6.39-400.23.1 - Parallel mtrr init between cpus Zhenzhong Duan Orabug: 16777774 - Merge tag 'v2.6.39-400.21.1.16748891' of git://ca-git.us.oracle.com/linux-uek-2.6.39-ofed into uek-2.6.39-400 Maxim Uvarov Orabug: 16748891 - xen-blkfront: use a different scatterlist for each request Roger Pau...
hypervkvpd security and bug fix update
0-0.7.0.1.el59.3 - Add support for oracle os 0-0.7.3 - Fix for one more file descriptor leak rhbz953502 0-0.7.2 - Validate Netlink source address CVE-2012-5532 rhbz953560 0-0.7.1 - Fix for file descriptor leak rhbz953502...
mysql security update
5.1.69-1 - Update to 5.1.69, for assorted upstream bugfixes including CVEs announced in April 2013 Resolves: 953084...
curl security update
7.19.7-36 - fix cookie tailmatching to prevent cross-domain leakage CVE-2013-1944...
glibc security and bug fix update
2.5-107.4 - Add missing patch to avoid use after free 816647. 2.5-107.3 - Fix multibyte character processing crash in regexp CVE-2013-0242, 951130 - Fix getaddrinfo stack overflow resulting in application crash CVE-2013-1914, 951130 2.5-107.2 - Call feraiseexcept only if exceptions are not masked...
Unbreakable Enterprise kernel Security update
2.6.39-400.21.2 - KVM: x86: Convert MSRKVMSYSTEMTIME to use gfntohvacache functions CVE-2013-1797 Andy Honig Orabug: 16711660 CVE-2013-1797 - Bluetooth: Fix incorrect strncpy in hidpsetuphid Anderson Lizardo Orabug: 16711065 CVE-2013-0349 - USB: ioti: Fix NULL dereference in chaseport Wolfgang...
java-1.6.0-openjdk security update
1:1.6.0.0-1.61.1.11.11 - added and applied temporally patch10 fixToFontSecurityFix.patch. - fixing regression in fonts introduced by one security patch. - Resolves: rhbz950386 1:1.6.0.0-1.60.1.11.11 - added and applied temporally one more patch to xalan/xerces privileges - patch9...
Unbreakable Enterprise kernel security update
2.6.32-400.26.2 - mm/hotplug: correctly add new zone to all other nodes' zone lists Jiang Liu Orabug: 16603569 CVE-2012-5517 - ptrace: ptraceresume shouldn't wake up !TASKTRACED thread Oleg Nesterov Orabug: 16405868 CVE-2013-0871 - ptrace: ensure archptrace/ptracerequest can never race with SIGKI...
kernel security and bug fix update
2.6.32-358.6.1 - virt kvm: accept unaligned MSRKVMSYSTEMTIME writes Petr Matousek 917020 917021 CVE-2013-1796 - char tty: hold lock across tty buffer finding and buffer filling Prarit Bhargava 928686 901780 - net tcp: fix for zero packetsinflight was too broad Thomas Graf 927309 920794 - net tcp:...
icedtea-web security update
1.2.3-2 - Added temporally! posttrans forcing creation of symlinks - should be removed next release - Resolves: rhbz949094 1.2.3-1 - fixed postun - removal of alternatives for plugin restricted to correct removal process only - fixed date in changelog previous entry - Resolves: rhbz949094 1.2.3-0...
java-1.7.0-openjdk security update
1.7.0.19-2.3.9.1.0.1.el59 - Add oracle-enterprise.patch - Fix DISTRONAME to "Enterprise Linux" 1.7.0.19-2.3.9.1.el5 - updated to updated IcedTea 2.3.9 with fix to one of security fixes - fixed font glyph offset - Resolves: rhbz950376 1.7.0.19-2.3.9.0.el5 - updated to IcedTea 2.3.9 with latest...
java-1.7.0-openjdk security update
1.7.0.19-2.3.9.1.0.1.el64 - Update DISTRONAME in specfile 1.7.0.19-2.3.9.1.el6 - updated to updated IcedTea 2.3.9 with fix to one of security fixes - fixed font glyph offset - Resolves: rhbz950380 1.7.0.9-2.3.9.0.el6 - updated to IcedTea 2.3.9 with latest security patches - buildver sync to b19 -...
kernel security and bug fix update
kernel 2.6.18-348.4.1 - virt xen-netback: backports Andrew Jones 910884 910885 CVE-2013-0216 - virt xen-netback: netifschedulable should take a netif Andrew Jones 910884 910885 CVE-2013-0216 - virt pciback: rate limit error mess from pcibackenablemsi Igor Mammedov 910876 910877 CVE-2013-0231 - ne...
krb5 security update
1.10.3-10.2 - incorporate upstream patch to fix a NULL pointer dereference while processing certain TGS requests CVE-2013-1416, 950342...
1
kernel 2.6.18-348.4.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
389-ds-base security and bug fix update
1.2.11.15-14 - Resolves: Bug 929107 - ns-slapd crashes sporadically with segmentation fault in libslapd.so ticket 627 - Resolves: Bug 929114 - cleanAllRUV task fails to cleanup config upon completion ticket 623 1.2.11.15-13 - Resolves: Bug 929114 - cleanAllRUV task fails to cleanup config upon...
Unbreakable Enterprise kernel security and bugfix update
2.6.39-400.21.1 - SPEC: v2.6.39-400.21.1 Maxim Uvarov - xen/mmu: On early bootup, flush the TLB when changing RO-RW bits Xen provided pagetables. Konrad Rzeszutek Wilk 2.6.39-400.20.1 - SPEC: v2.6.39-400.20.1 Maxim Uvarov - PCI: Set device power state to PCID0 for device without native PM support...
subversion security update
1.6.11-9 - add security fixes for CVE-2013-1846, CVE-2013-1847, CVE-2013-1849 947372 1.6.11-8 - add security fix for CVE-2013-1845 947372...
kvm security update
kvm-83-262.0.1.el59.3 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83-262.el53 - kvm-kernel-kvm-accept-unaligned-MSRKVMSYSTEMTIME-writes.patch bz947363 - Resolves: bz947363 RHEL.5.8.32 guest hang when installing kvm-83-262.el52 -...
stunnel security update
4.29-3 Resolves: CVE-2013-1762...
firefox security update
firefox 17.0.5-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 17.0.5-1 - Update to 17.0.5 ESR xulrunner 17.0.5-1.0.1.el64 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNERVERSION from SOURCE21 17.0.5-1 -...
thunderbird security update
17.0.5-1.0.1.el64 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 17.0.5-1 - Update to 17.0.5 ESR...
bind97 security update
32:9.7.0-17.P2.1 - fix CVE-2013-2266...
bind security and bug fix update
32:9.8.2-0.17.rc1.0.2.el64.4 - bump release and build for ULN...
pixman security update
0.26.2-5 - Fix bug 914474 CVE 2013-1591 - Remove openmp.patch...
perl security update
4:5.10.1-130 - Resolves: 915692 - CVE-2012-5526 newline injection due to improper CRLF escaping in Set-Cookie and P3P headers - Resolves: 915692 - CVE-2012-6329 possible arbitrary code execution via Locale::Maketext - Resolves: 915692 - CVE-2013-1667 DoS in rehashing code...
axis security update
0:1.2.1-2jpp.7 - Add missing connection hostname check against X.509 certificate name - Resolves: CVE-2012-5784 - Add patches to build with java 1.6...
qt security update
1:4.6.2-26 - Resolves: CVE-2013-0254, QSharedMemory class created shared memory segments with insecure permissions...
boost security update
1.41.0-15 - Add in explicit dependences between some boost subpackages 1.41.0-14 - Build with -fno-strict-aliasing 1.41.0-13 - In Boost.Pool, be careful not to overflow allocated chunk size boost-1.41.0-pool.patch 1.41.0-12 - Add an upstream patch that fixes computation of CRC in zlib streams. -...
sssd security and bug fix update
1.9.2-82.4 - Resolves: rhbz911298 - sssd: simple access provider flaw prevents intended ACL use when client to an AD provider 1.9.2-82.3 - Fix pwdexpirationwarning=0 - Resolves: rhbz914671 - pwdexpirationwarning has wrong default for Kerberos 1.9.2-82.2 - Resolves: rhbz914671 - pwdexpirationwarni...
krb5 security update
1.10.3-10.1 - incorporate upstream patch to fix a NULL pointer dereference when the client supplies an otherwise-normal-looking PKINIT request CVE-2013-1415, 917909 - add patch to avoid dereferencing a NULL pointer in the KDC when handling a draft9 PKINIT request 917909, CVE-2012-1016...
pidgin security update
2.7.9-10.el64.1 - Fix spec file for disttag 2.7.9-10.el6 - Add patch for CVE-2013-0274 RH bug 910653. 2.7.9-9.el6 - Add patch for CVE-2013-0273 RH bug 910653. 2.7.9-8.el6 - Add patch for CVE-2013-0272 RH bug 910653. 2.7.9-7.el6 - Add patch for CVE-2011-2485 RH bug 837562. 2.7.9-6.el6 - Add patch...
Unbreakable Enterprise kernel Security update
2.6.39-400.17.2 - x86/msr: Add capabilities check Alan Cox Orabug: 16405007 CVE-2013-0268...
Unbreakable Enterprise kernel Security update
kernel-uek 2.6.32-300.39.5uek - x86/msr: Add capabilities check Alan Cox Orabug: 16481233 CVE-2013-0268 ofa-2.6.32-300.39.5.el6uek mlnxen-2.6.32-300.39.5.el6uek Mon Dec 12 2011 Guru Anbalagane - version 1.5.7-0.1 Tue Nov 01 2011 Joe Jin - 1.5.7 for UEK kernel. Mon Sep 08 2008 Vladimir Sokolovsky ...
kernel security and bug fix update
2.6.32-358.2.1 - kernel utrace: ensure archptrace/ptracerequest can never race with SIGKILL Oleg Nesterov 912073 912074 CVE-2013-0871 2.6.32-358.1.1 - netdrv mlx4: Set number of msix vectors under SRIOV mode to firmware defaults Michal Schmidt 911663 904726 - netdrv mlx4: Fix bridged vSwitch...
tomcat5 security update
0:5.5.23-0jpp.38 - Resolves: CVE-2012-3439 rhbz882008 three DIGEST authentication - implementation - Resolves: CVE-2012-3546, rhbz913034 Bypass of security constraints. - Remove unneeded handling of FORM authentication in RealmBase...
thunderbird security update
17.0.3-2.0.1.el64 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 17.0.3-2 - Added fix for 848644...
tomcat6 security update
0:6.0.24-52 - Related: rhbz 882010 rhbz 883692 rhbz 883705 - Javadoc generation did not work. Using targetrhel-6.4.Z-noarch-candidate - to avoid building on ppc64, ppc, and x390x. 0:6.0.24-50 - Resolves: rhbz 882010 CVE-2012-3439 CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 - three DIGEST...
389-ds-base security and bug fix update
1.2.11.15-12 - Resolves: Bug 910994 - PamConfig schema not updated during upgrade - Resolves: Bug 910995 - Valgrind reports memleak in modifyupdatelastmodifiedattr - Resolves: Bug 910996 - DS returns error 20 when replacing values of a multi-valued attribute only when replication is enabled -...
kernel security update
kernel 2.6.18-348.3.1 - utrace ensure archptrace can never race with SIGKILL Oleg Nesterov 912071 912072 CVE-2013-0871 - x86 msr: Add capabilities check Nikola Pajkovsky 908696 908697 CVE-2013-0268...
1
kernel 2.6.18-348.3.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
xulrunner security update
17.0.3-2.0.1.el64 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNERVERSION from SOURCE21 17.0.3-2 - Added fix for 848644...
ruby security update
1.8.5-29 - Fix regression introduced by fix for entity expansion DOS vulnerability in REXML https://bugs.ruby-lang.org/issues/7961 ruby-2.0.0-add-missing-rexml-require.patch - Related: rhbz915377 1.8.5-28 - Addresses entity expansion DoS vulnerability in REXML...