8990 matches found
xen security update
3.0.3-142.el59.1 - libxc: move error checking next to the function which returned the error rhbz 876997 - libxc: builder: limit maximum size of kernel/ramdisk rhbz 876997...
Unbreakable Enterprise kernel security update
2.6.39-300.28.1 - kmod: make requestmodule killable Oleg Nesterov Orabug: 16286305 CVE-2012-4398 - kmod: introduce callmodprobe helper Oleg Nesterov Orabug: 16286305 CVE-2012-4398 - usermodehelper: implement UMHKILLABLE Oleg Nesterov Orabug: 16286305 CVE-2012-4398 - usermodehelper: introduce...
Unbreakable Enterprise kernel security update
2.6.32-300.39.4 - exec: do not leave bprm-interp on stack Kees Cook Orabug: 16286741 CVE-2012-4530 - exec: use -ELOOP for max recursion depth Kees Cook Orabug: 16286741 CVE-2012-4530 2.6.32-300.39.3 - Xen: Fix stack corruption in xenfailsafecallback for 32bit PVOPS guests. Frediano Ziglio Orabug:...
kernel security and bug fix update
2.6.32-279.22.1 - virt kvm: invalid opcode oops on SETSREGS with OSXSAVE bit set Petr Matousek 862903 862904 CVE-2012-4461 - fs fuse: optimize fusedirectio Brian Foster 865305 858850 - fs fuse: optimize fusegetuserpages Brian Foster 865305 858850 - fs fuse: use getuserpagesfast Brian Foster 86530...
abrt and libreport security update
abrt 2.0.8-6.0.1.el63.2 - Add abrt-oracle-enterprise.patch to be product neutral - Remove abrt-plugin-rhtsupport dependency for cli and desktop - Make abrt Obsoletes/Provides abrt-plugin-rhtsupprot 2.0.8-6.2 - rebuild against new libreport brew bug - Related: 895442 2.0.8-6.1 - don't follow...
mysql security update
5.1.67-1 - Update to 5.1.67, for assorted upstream bugfixes including CVEs announced in January 2013 Resolves: 901380...
nss and nspr security, bug fix, and enhancement update
nspr 4.9.2-2 - NVR bump 4.9.2-1 - Resolves: rhbz893372- RFE Rebase nspr to 4.9.2 due to Firefox 17 ESR nss 3.13.6-3 - Fix changelog inconsistencies with commit and bug resolved - Resolves: rhbz891149 CVE-2013-0743 3.13.6-2 - CVE-2013-0743 - Resolves: rhbz891149 - Dis-trust TURKTRUST mis-issued...
mingw32-libxml2 security update
2.7.6-6 - Synchronize patch-set with mainline-version. - Bump version to 5, 6. Related: rhbz891477 2.7.6-4 - Change release number to 4. - Added patch libxml2-Fix-an-off-by-one-pointer-access.patch - Added patch libxml2-Fix-a-segfault-on-XSD-validation-on-pattern-error.patch - Added patch...
freetype security update
2.3.11-14.el63.1 - Fix CVE-2012-5669 Use correct array size for checking 'glyphenc' - Resolves: 903542 2.3.11-14 - A little change in configure part - Related: 723468 2.3.11-13 - Fix CVE-2012-1126, 1127, 1130, 1131, 1132, 1134, 1136, 1137, 1139, 1140, 1141, 1142, 1143, 1144 - Properly initialize...
nss, nss-util, and nspr security, bug fix, and enhancement update
nspr 4.9.2-0.1 - Retagging to ensure n-v-r is lower than the one for rhel-6.4 - Resolves: rhbz891661 - RFE Rebase nspr to 4.9.2 due to Firefox 17 ESR 4.9.2-1 - Resolves: rhbz891661 - RFE Rebase nspr to 4.9.2 due to Firefox 17 ESR nss 3.13.6-2.0.1.el63 - Added nss-vendor.patch to change vendor...
xorg-x11-drv-qxl security update
0.0.14-14.el6 - backport of upstream commit 30b4b72cdbdf9f0e92a8d1c4e01779f60f15a741 support ASYNC io calls and interrupt handling busy wait Related: 888364...
libvirt security update
libvirt-0.9.10-21.0.1.el63.8 - Replace docs/et.png in tarball with blank image 0.9.10-21.el63.8 - rpc: Fix crash on error paths of message dispatching CVE-2013-0170...
ipa-client security update
2.1.3-5.2 - Add missing man page option --ca-cert-file. 878217 2.1.3-5.1 - Fix python syntax backport issue in CVE patch. 878217 2.1.3-5 - Use secure method to retrieve IPA CA during client enrollment. CVE-2012-5484 878217...
ipa security update
2.2.0-17.el63.1 - Fix changelog issue. The dist tag was in each entry and changing the build release changed history. 878219 2.2.0-17.el63 - Use a secure method to distribute the IPA CA to clients, CVE-2012-5484 878219...
mysql security update
5.0.95-5 - Rebuild to fix wrong package tag Related: 892679 5.0.95-4 - Add patches for CVE-2012-2122, CVE-2012-2749, CVE-2012-5611 Resolves: 892679...
kernel security and bug fix update
kernel 2.6.18-348.1.1 - pci intel-iommu: reduce max num of domains supported Don Dutile 886876 885125 - fs gfs2: Fix leak of cached directory hash table Steven Whitehouse 886124 831330 - x86 mm: randomize SHLIBBASE Petr Matousek 804953 804954 CVE-2012-1568 - net be2net: create RSS rings even in...
1
kernel 2.6.18-348.1.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
vino security update
2.28.1-8 - Remove spurious 'e' from glib2-devel requirement 2.28.1-7 - Bump version number 2.28.1-6 - Bump version number 2.28.1-5 - Add reachability.patch Remove UI about whether the is only reachable locally or not. Fix for CVE-2011-1164 - Bug 553477 2.28.1-5 - Add upnp.patch Fix for...
java-1.7.0-openjdk security update
1.7.0.9-2.3.4.1.0.1.el63 - Update DISTRONAME in specfile 1.7.0.9-2.3.4.1.el6 - Rewerted to IcedTea 2.3.4 - rewerted patch105: java-1.7.0-openjdk-disable-system-lcms.patch - removed jxmd and idlj to alternatives - make NOT executed with DISABLEINTREEEC=true and UNLIMITEDCRYPTO=true - re-applied...
tcl security and bug fix update
8.4.13-6 - Fixed infinite loop in regex NFA optimization code Resolves: CVE-2007-4772 - Fixed ON^2 compile time and huge memory requirements for some regexps Resolves: CVE-2007-6067 8.4.13-5 - Threaded / nonthreaded versions of tcl are now switchable through alternatives Resolves: rhbz478961...
wireshark security, bug fix, and enhancement update
1.0.15-5.0.1.el5 - Added oracle-ocfs2-network.patch - increase max packet size to 65536 Herbert van den Bergh orabug 13542633 1.0.15-5 - fixed CVE-2012-4285, CVE-2012-4289, CVE-2012-4291 and CVE-2012-4290 849521 1.0.15-4 - fixed NetDump dissector 484999 1.0.15-3 - fixed various flaws: CVE-2011-19...
libvirt security and bug fix update
0.8.2-29.0.1.el5 - Replaced docs/et.png in tarball - remove virshtest from test cases to fix failure in mock build root libvirt-0.8.2-29.el5 - Coverity pointed out an use after free in the fix for 816601 rhbz772848 libvirt-0.8.2-28.el5 - qemu: Rollback on used USB devices rhbz816601 - qemu: Don't...
OpenIPMI security, bug fix, and enhancement update
2.0.16-16.el5 - ipmitool: fix ipmi command retry shifts replies 863310 2.0.16-15.el5 - ipmitool: added -b, -B, -l and -T options to ipmitool man page 846596 - ipmitool: fixed man page documentation for delloem setled command 797050 2.0.16-14.el5 - ipmitool: fixed wrong permissions on ipmievd.pid...
hplip3 security and bug fix update
3.9.8-15 - Another D-Bus fix, part of bug 501834. 3.9.8-14 - Create debugging files securely CVE-2011-2722, bug 725830. 3.9.8-13 - Several parallel-install fixes bug 501834. 3.9.8-12 - Applied patch to fix CVE-2010-4267, remote stack overflow vulnerability bug 662740...
squirrelmail security and bug fix update
1.4.8-21.0.2.el5 - remove Redhat splash screen images from source 1.4.8-21.0.1.el5 - remove Redhat splash screen images - add README instead of README.RedHat 1.4.8-21 - change charset for zhCN and zhTW to utf-8 508686 1.4.8-20 - fix header encoding issue 241861 - fix code producing warnings in th...
gtk2 security and bug fix update
2.10.4-29 - Improve patch to parse CUPS user lpoptions file to avoid crashes on s390 and ia64 Resolves: 603809 2.10.4-28 - Fix the filechooser not opening selected file when location entry is empty Resolves: 518483 2.10.4-27 - Fix integer overflow in GdkPixbuf's XBM image file format loader...
httpd security, bug fix, and enhancement update
2.2.3-74.0.1.el5 - fix modssl always performing full renegotiation Joe Jin orabug 12423387 - replace index.html with Oracle's index page oracleindex.html - update vstring and distro in specfile 2.2.3-74 - further %post scriptlet fix 752618, 867736 2.2.3-73 - fix %post scriptlet output 752618,...
quota security and bug fix update
1:3.13-8.0.1 - Add ocfs2 support Orabug: 14208111 1:3.13-8 - Fix CVE-2012-3417 incorrect use of tcpwrappers Resolves: 841448 1:3.13-7 - Fix parsing numeric arguments of setquota Resolves: 831520 1:3.13-6 - Do not use real domains in warnquota example Resolves: 680429 - Use /proc/mounts for...
net-snmp security and bug fix update
5.3.2.2-20.0.2.el5 - snmptrapd: Fix crash due to access of freed memory John Haxby orabug 14391194 5.3.2.2-20.0.1.el5 - suppress spurious asserts on 32bit Greg Marsden 5.3.2.2-20 - fixed error message when the address specified by clientaddr option is wrong or cannot be bound 840861 5.3.2.2-19 -...
gnome-vfs2 security and bug fix update
2.16.2-10.el5 - Prevent trash applet crashing 848822 2.16.2-9.el5 - Prevent deleting items linking out of the trash 586015 - Do not stat every file on an ClearCase mvfs filesystem 822817 - Do not silently skip directory having no read permission during copy 772307 - Allow trashing symlink to...
mysql security and bug fix update
5.0.95-3 - Re-add patch for CVE-2009-4030, mistakenly removed in 5.0.95 rebase Resolves: CVE-2012-4452 5.0.95-2 - Support rotation of mysqld log though this is not enabled by default Resolves: 647223 - Fix crash with EXPLAIN and prepared statements Resolves: 654000 - Adopt init script updates fro...
conga security, bug fix, and enhancement update
0.12.2-64.0.2.el5 - Remove conga-enterprise.patch 0.12.2-64.0.1.el5 - Added conga-enterprise.patch - Added conga-enterprise-Carthage.patch to support OEL5 - Replaced redhat logo image in conga-0.12.2.tar.gz and Data.fs 0.12.2-64 - Improvements for bz786372 Better protect luci's authentication...
autofs security, bug fix, and enhancement update
5.0.1-0.rc2.177.0.1.el5 - apply fix from NetApp to use tcp before udp http://www.mail-archive.com/[email protected]/msg07910.html Bert Barbe orabug 6827898 5.0.1-0.rc2.177.el5 - bz714766 - autofs /net maps do not refresh list of shares exported on the NFS server - disable hosts map HUP sign...
freeradius2 security and bug fix update
2.1.12-5 - resolves: bug855308 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509 certificate validation...
ruby security and bug fix update
1.8.5-27 - unintentional file creation caused by inserting an illegal NUL character ruby-1.8.6-CVE-2012-4522-io.c-pipeopen-command-name-should-not-contain-null-.patch - Related: rhbz867750 1.8.5-26 - escaping vulnerability about Exceptiontos / NameErrortos ruby-1.8.7-p371-CVE-2012-4481.patch -...
firefox security update
firefox 10.0.12-1.0.1.el63 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 10.0.12-1 - Update to 10.0.12 ESR xulrunner 10.0.12-1.0.1.el63 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 10.0.12-1 - Update to 10.0.12 ESR...
thunderbird security update
10.0.12-3.0.1.el63 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 10.0.12-3 - Update to 10.0.12 ESR...
Unbreakable Enterprise kernel security update
2.6.32-300.39.2 - ext4: fix undefined behavior in ext4fillflexinfo Xi Wang orabug 16020245 CVE-2012-2100 - Divide by zero in TCP congestion control Algorithm Jesper Dangaard Brouer orabug 16020447 CVE-2012-4565 - ipv6: discard overlapping fragment Luis Henriques orabug 16021354 CVE-2012-4444...
kernel security, bug fix and enhancement update
2.6.32-279.19.1.el6 - drm i915: dont clobber the pipe param in sanitizemodesetting Frantisek Hrbata 876549 857792 - drm i915: Sanitize BIOS debugging bits from PIPECONF Frantisek Hrbata 876549 857792 - net fix divide by zero in tcp algorithm illinois Flavio Leitner 871920 866514 CVE-2012-4565 - f...
Unbreakable Enterprise kernel security update
2.6.39-300.17.3 - mm/hotplug: correctly add new zone to all other nodes zone lists Jiang Liu Orabug: 16020976 Bug-db: 14798 CVE-2012-5517 - Divide by zero in TCP congestion control Algorithm. Jesper Dangaard Brouer Orabug: 16020656 Bug-db: 14798 CVE-2012-4565 - Fix length of buffer copied in...
libtiff security update
3.9.4-9 - Still more fixes to make test case for CVE-2012-5581 work on all platforms Resolves: 885310 3.9.4-8 - Fix incomplete patch for CVE-2012-3401 - Add libtiff-tiffinfo-exif.patch so that our test case for CVE-2012-5581 works with pre-4.0.2 libtiff Resolves: 885310 3.9.4-7 - Add fixes for...
mysql security update
5.1.66-2 - Add backported patch for CVE-2012-5611 Resolves: CVE-2012-5611...
bind security update
32:9.8.2-0.10.rc1.6 - fix CVE-2012-5688...
1
kernel 2.6.18-308.24.1.0.1.el5 - kernel Initialize the local uninitialized variable stats. orabug 14051367 - fs JBD:make jbd support 512B blocks correctly for ocfs2. orabug 13477763 - x86 fix fpu context corrupt when preempt in signal context orabug 14038272 - mm fix hugetlb page leak Dave...
kernel security, bug fix, and enhancement update
kernel 2.6.18-308.24.1.el5 - Revert: scsi sg: fix races during device removal Ewan Milne 868950 861004 2.6.18-308.23.1.el5 - net bnx2x: Add remote-fault link detection Alexander Gordeev 870120 796905 - net bnx2x: Cosmetic changes Alexander Gordeev 870120 796905 - net rds-ping cause kernel panic...
libxml2 security update
2.7.6-8.0.1.el63.4 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-8.el63.4 - fix out of range heap access CVE-2012-5134...
bind security update
20:9.2.4-38.0.2.el4 - fix CVE-2012-4244 Adam Tkac orabz 14518 - fix CVE-2012-5166 Adam Tkac orabz 14518...
firefox security update
firefox 10.0.11-1.0.1.el63 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 10.0.11-1 - Update to 10.0.11 ESR xulrunner 10.0.11-1.0.1.el63 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js 10.0.11-1 - Update to 10.0.11 ESR...
thunderbird security update
10.0.11-1.0.1.el63 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 10.0.11-1 - Update to 10.0.11 ESR...
mysql security update
5.1.66-1 - Update to 5.1.66, for assorted upstream bugfixes including CVEs announced in July and October 2012 Resolves: 871813...