9177 matches found
unbreakable enterprise kernel security update
kernel-uek 3.8.13-16.1.1.el6uek - dm snapshot: fix data corruption Mikulas Patocka Orabug: 17617582 CVE-2013-4299...
java-1.7.0-openjdk security update
1.7.0.45-2.4.3.2.0.1.el6 - Update DISTRONAME in specfile 1.7.0.40-2.4.3.1.el6 - sync with rhel 6.5 to icedtea 2.4 because of pernament tck failures - nss kept disabled - Resolves: rhbz1017626 1.7.0.25-2.3.13.4.el6 - added back patch408 tck201310155.patch, to resolve one of tck failures - Resolves...
vino security update
2.28.1-9 - Reject clients in deferred auth state - Bug 1009228...
kernel security and bug fix update
kernel 2.6.18-371.1.2.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
kernel security and bug fix update
kernel 2.6.18-371.1.2 - xen x86: check segment descriptor read result in 64-bit OUTS emulation Radim Krcmar 1012958 1012959 CVE-2013-4368 - md dm snapshot: fix data corruption Mikulas Patocka 1004734 975353 CVE-2013-4299 2.6.18-371.1.1 - crypto ansicprng fix off by one err in non-block size reque...
java-1.7.0-openjdk security update
1.7.0.45-2.4.3.1.0.1.el510 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.45-2.4.3.1.el5 - Updated to icedtea 2.4.3 - Resolves: rhbz1017623 1.7.0.45-2.4.3.0.el5 - fixed and updated tapset - removed bootstrap - source 11 redeclared to 1111 - added source12:...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.33.2 - dm snapshot: fix data corruption Mikulas Patocka Orabug: 17618900 CVE-2013-4299 - ipv6: call udppushpendingframes when uncorking a socket with AFINET pending data Hannes Frederic Sowa Orabug: 17618897 CVE-2013-4162...
unbreakable enterprise kernel security update
2.6.39-400.209.2 - dm snapshot: fix data corruption Mikulas Patocka Orabug: 17618492 CVE-2013-4299...
rubygems security update
1.3.7-4 - Remove regexp backtracing CVE-2013-4363. - Related: rhbz1002838. 1.3.7-3 - Fix insecure connection to SSL repository CVE-2012-2125, CVE-2012-2126. - Related: rhbz1002838. 1.3.7-2 - Fix algorithmic complexity vulnerability CVE-2013-4287. - Resolves: rhbz1002838...
kernel security and bug fix update
2.6.32-358.23.2 - md dm-snapshot: fix data corruption Mikulas Patocka 1004252 1004233 CVE-2013-4299 2.6.32-358.23.1 - md raid1, raid10: use freezearray in place of raisebarrier in various places Jes Sorensen 1003765 997845 - scsi megaraidsas: megaraidsas driver init fails in kdump kernel Nikola...
xorg-x11-server security update
1.13.0-11.1.2 - CVE-2013-4396: Fix use-after free in ImageText requests 1014561...
libtar security update
1.2.11-17.el64.1 - fix CVE-2013-4397: buffer overflows by expanding a specially-crafted archive...
glibc security and bug fix update
2.5-118.2 - Fix integer overflows in valloc and memalign. 1011804. 2.5-118.1 - Add support for newer L3 caches on x86-64 and correctly count the number of hardware threads sharing a cacheline 1011424...
xinetd security update
2:2.3.14-39 - Honor user and group directives - Resolves: CVE-2013-4342...
sssd security and bug fix update
1.5.1-70 - Fix IPA provider performance issue when storing large host groups - Resolves: rhbz979047 - sssdbe goes to 99% CPU and causes significant login delays when client is under load 1.5.1-69 - Fix startup with a broken configuration - Resolves: rhbz974036 - sssd core process keeps running...
samba3x security and bug fix update
3.6.6-0.136 - resolves: 984807 - CVE-2013-4124: DoS via integer overflow when reading an EA list 3.6.6-0.135 - Fix PIDL parsing with newer versions of gcc. - Fix dereferencing a unique pointer in the WKSSVC server. - resolves: 982484 3.6.6-0.134 - Check for system libtevent and require version...
ccid security and bug fix update
1.3.8-2 - fix voltage issue...
xinetd security and bug fix update
2:2.3.14-19 - Correctly backport patches that fix the descriptor leakage - Related: 852274 -2:2.3.14-18 - Fix leaking file descriptors 852274 - Fix: Service disabled due to bind failure 811000 - CVE-2012-0862 xinetd: enables unintentional services over tcpmux port 788795...
Oracle Linux 5 kernel update
kernel 2.6.18-371.0.0.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
Oracle linux 5 kernel update
kernel 2.6.18-371 - net be2net: enable polling prior enabling interrupts globally Ivan Vecera 987539 2.6.18-370 - net be2net: Fix to avoid hardware workaround when not needed Ivan Vecera 995961 - kernel signals: stop info leak via tkill and tgkill syscalls Oleg Nesterov 970875 CVE-2013-2141...
sudo security and bug fix update
1.7.2p1-28 - backported fixes for CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-2777 Resolves: rhbz968221 1.7.2p1-27 - visudo: fixed incorrect warning and parse error regarding undefined aliases which were in fact defined Resolves: rhbz849679 Resolves: rhbz905624 1.7.2p1-26 - updated sudoers...
php53 security, bug fix and enhancement update
5.3.3-21 - add security fix for CVE-2013-4248 5.3.3-20 - add security fix for CVE-2013-4113 5.3.3-19 - add upstream reproducer for errorhandler 951075 5.3.3-18 - add security fixes for CVE-2006-7243 5.3.3-17 - reorder security patches - add security fixes for CVE-2012-2688, CVE-2012-0831,...
kernel security and bug fix update
kernel 2.6.18-348.18.1.0.1 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use...
kernel security and bug fix update
kernel 2.6.18-348.18.1 - net be2net: enable polling prior enabling interrupts globally Ivan Vecera 1005239 987539 - kernel signals: stop info leak via tkill and tgkill syscalls Oleg Nesterov 970874 970875 CVE-2013-2141 - net ipv6: do udppushpendingframes AFINET sock pending data Jiri Benc 987647...
rtkit security update
0.5-2 - CVE-2013-4326 Resolves: 1007174...
polkit security update
0.96-5 - Actually apply the patch, and modify it to apply to 0.96 - Resolves: 1006262 0.96-4.el64 - Include fix for CVE-2013-4288 - Resolves: 1006262 0.96-3.el64 - Include fixes for CVE-2011-1485 - Resolves: 692942...
hplip security update
3.12.4-4:.1 - Applied patch to avoid unix-process authorization subject when using polkit as it is racy CVE-2013-4325...
spice-gtk security update
0.14-7.3 - New build with correct patch for CVE-2013-4324 0.14-7.2 - Fix race condition in policykit use CVE-2013-4324 Resolves: CVE-2013-4324...
libvirt security and bug fix update
0.10.2-18.0.1.el64.14 - Replace docs/et.png in tarball with blank image 0.10.2-18.el64.14 - spec: Update requirements to pick up rebuilt polkit CVE-2013-4311 0.10.2-18.el64.13 - spec: Fix messed up dependency on polkit CVE-2013-4311 0.10.2-18.el64.12 - Introduce APIs for splitting/joining strings...
firefox security update
firefox 17.0.9-1.0.1.el64 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 17.0.9-1 - Update to 17.0.9 ESR 17.0.8-4 - Added fix for mozbz601442 - Support the extensions.getAddons.showPane pref again in the Add-ons Manager UI, a part of rhbz818636 fix. 17.0.8-3 - Fix...
thunderbird security update
17.0.9-1.0.1.el64 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 17.0.9-1 - Update to 17.0.9 ESR...
Unbreakable Enterprise Kernel security and bug fix update
2.6.39-400.209.1 - Revert 'stop mig handler when lockres in progress ,and return -EAGAIN' Srinivas Eeda Orabug: 16924802 - ocfs2/dlm: Fix list traversal in dlmprocessrecoverydata Srinivas Eeda Orabug: 17432400 - ocfs2/dlm: ocfs2 dlm umount skip migrating lockres Srinivas Eeda Orabug: 16859627...
gdm security update
gdm 2.16.0-59.0.1.el59.1 - Fix gdmconfig memory leaks orabug 12734629 2.16.0-59.1 - Don't try to pre-create directories that are internal implementation details of X. Resolves: 997619 CVE-2013-4169 initscripts 8.45.42-2.0.1.el59.1 - Do not rename eth devices. Orabug 14266688. Apply upstream...
spice-server security update
0.12.0-12.el64.3 - Fixes an abort on unsafe client ring access Resolves: rhbz986298...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.29.3uek - block: do not pass disk names as format strings Jerry Snitselaar Orabug: 17230124 CVE-2013-2851 - afkey: initialize satype in keynotifypolicyflush Nicolas Dichtel Orabug: 17370765 CVE-2013-2237 - Bluetooth: L2CAP - Fix info leak via getsockname Mathias Krause Orabu...
unbreakable enterprise kernel security update
2.6.39-400.109.6 - block: do not pass disk names as format strings Kees Cook Orabug: 17230083 CVE-2013-2851 - libceph: Fix NULL pointer dereference in auth client code Tyler Hicks Orabug: 17230108 CVE-2013-1059 - ipv6: ip6skdstcheck must not assume ipv6 dst Eric Dumazet Orabug: 17371078...
389-ds-base security update
1.2.11.15.22 - Resolves: Bug 1000631 - CVE-2013-4283 389-ds-base: ns-slapd crash due to bogus DN -- retry 1.2.11.15.21 - Resolves: Bug 1000631 - CVE-2013-4283 389-ds-base: ns-slapd crash due to bogus DN...
kernel security and bug fix update
2.6.32-358.18.1 - x86 perf/x86: Fix offcorersp valid mask for SNB/IVB Nikola Pajkovsky 971314 971315 CVE-2013-2146 - net br: fix schedule while atomic issue in brfeaturesrecompute Jiri Pirko 990464 980876 - scsi isci: Fix a race condition in the SSP task management path David Milburn 990470 97860...
kernel security and bug fix update
kernel 2.6.18-348.16.1 - x8664 Fix kdump failure due to 'x8664: Early segment setup' Paolo Bonzini 988251 987244 - xen skip tracing if it was disabled instead of dying Igor Mammedov 987976 967053 - ia64 fix KABI breakage on ia64 Prarit Bhargava 966878 960783 - x86 fpu: fix CONFIGPREEMPT=y...
kernel security and bug fix update
kernel 2.6.18-348.16.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...
httpd security update
2.2.15-29.0.1.el64 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-29 - moddav: add security fix for CVE-2013-1896 991368...
thunderbird security update
17.0.8-5.0.1.el64 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 17.0.8-5 - Update to 17.0.8 ESR - Added strict aliasing patch mozbz821502...
firefox security update
firefox 17.0.8-1.0.1.el64 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 17.0.8-1 - Update to 17.0.8 ESR xulrunner 17.0.8-3.0.1.el64 - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNERVERSION from SOURCE21 17.0.8...
nss, nss-util, nss-softokn, and nspr security update
nspr 4.9.5-2 - Update to NSPR495RTM - Resolves: rhbz927186 - Rebase to nspr-4.9.5 - Add upstream URL for an existing patch per packaging guidelines 4.9.5-1 - Resolves: Rebase to nspr-4.9.5 4.9.2-1 - Update to nspr-4.9.2 - Related: rhbz863286 nss 3.14.3-4.0.1.el64 - Added nss-vendor.patch to chang...
nss and nspr security, bug fix, and enhancement update
nspr 4.9.2-4 - Resolves: rhbz924741 - Rebase to nspr-4.9.5 nss 3.14.3-6 - Resolves: rhbz986969 - nssutilReadSecmodDB leaks memory 3.14.3-5 - Define -DNOFORKCHECK when compiling softoken for ABI compatibility - Remove the unused and obsolete nss-nochktest.patch - Resolves: rhbz949845 - RFERHEL5...
389-ds-base security and bug fix update
1.2.11.15.20 - Resolves: Bug 984970 - Overflow in nsslapd-disk-monitoring-thresholdpart 5 limits not displayed correctly. ticket 47427 1.2.11.15.19 - Resolves: Bug 984970 - Overflow in nsslapd-disk-monitoring-thresholdpart 4. ticket 47427 - Patch was not added 1.2.11.15.19 - Resolves: Bug 984970 ...
sos security update
1.7-9.62.0.1.el59.1 - add patch to remove all sysrq echo commands from sysreport.legacy John Sobecki orabug 11061754 - comment out rh-upload-core and README.rh-upload-core in specfile 1.7-9.62.el59.1 - Remove anaconda-ks.cfg collection from general plug-in Resolves: bz965807 1.7-9.62.el59 - Elide...
bind security update
32:9.8.2-0.17.rc1.0.2.el64.5 - bump release and build for ULN 32:9.8.2-0.17.rc1.5 - fix CVE-2013-4854...
bind97 security update
32:9.7.0-17.P2.2 - fix for CVE-2013-4854...
qemu-kvm security update
qemu-kvm-0.12.1.2-2.355.el64.6 - kvm-qga-cast-to-int-for-DWORD-type.patch bz980758 - kvm-qga-remove-undefined-behavior-in-gainstallservice.patch bz980758 - kvm-qga-diagnostic-output-should-go-to-stderr.patch bz980758 - kvm-qainstallservice-nest-error-paths-more-idiomatically.patch bz980758 -...