9166 matches found
php security update
5.3.2-6.1 - add security fixes for CVE-2010-3709, CVE-2010-3870, CVE-2009-5016, CVE-2010-4645 670461...
poppler security update
0.12.4-3.el6.1 - Add poppler-0.12.4-CVE-2010-3702.patch Properly initialize parser - Add poppler-0.12.4-CVE-2010-3703.patch Properly initialize stack - Add poppler-0.12.4-CVE-2010-3704.patch Fix crash in broken pdf code 0 - Resolves: 639859...
openssl security update
1.0.0-4.2 - disable code for SSLOPNETSCAPEREUSECIPHERCHANGEBUG - CVE-2010-3864 649304 1.0.0-4.1 - fix race in extension parsing code - CVE-2010-3864 649304...
cups security update
1:1.4.2-35:.1 - Applied patch to fix cupsd memory corruption vulnerability CVE-2010-2941, STR 3648, bug 624438...
evince security update
2.28.2-14.el60.1 - Fixes CVE-2010-2640, CVE-2010-2641, CVE-2010-2642 and CVE-2010-2643 - Resolves: 666323...
bzip2 security update
1.0.5-7 - Resolves: 632268 integer overflow flaw in BZ2decompress - CVE-2010-0405 upstream patch...
cvs security update
1.11.23-11.el60.1 - Fix CVE-2010-3846 Resolves: 644813...
git security update
1.7.1-2.1 - fix CVE-2010-3906...
glibc security and bug fix update
2.12-1.7.el60.3 - Require suid bit on audit objects in privileged programs 645679, CVE-2010-3856 2.12-1.7.el60.2 - Never expand in privileged programs 643821 2.12-1.7.el60.1 - Fix bug in generic strstr/memmem implementation handling certain repeated patterns 643341 - Correctly align TCB for AVX...
webkitgtk security update
1.2.6-2 - Added fix for js regression 1.2.6-1 - Update to 1.2.6...
bind security update
32:9.7.0-5.P2.1 - fix CVE-2010-3613 and CVE-2010-3614...
pam security update
1.1.1-4.1 - fix insecure dropping of priviledges in pamxauth, pamenv, and pammail - CVE-2010-3316 637898, CVE-2010-3435 641335 - fix insecure executing of scripts with user supplied environment variables in pamnamespace - CVE-2010-3853 643043...
openswan security update
2.6.24-8.1 Resolves: 635058 CVE-2010-3302 CVE-2010-3308 CVE-2010-2752 CVE-2010-3753...
mod_auth_mysql security update
1:3.0.0-11.1 - add security fix for CVE-2008-2384 663617...
krb5 security update
1.8.2-3.4 - add upstream patches to fix standalone kpropd exiting if the per-client child process exits with an error, and hang or crash in the KDC when using the LDAP kdb backend CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, 671101 1.8.2-3.3 - pull up crypto changes made between 1.8.2 and 1.8.3 t...
krb5 security update
add upstream patch to fix hang or crash in the KDC when using the LDAP kdb backend CVE-2011-0281, CVE-2011-0282, 671096...
kernel security and bug fix update
2.6.18-238.1.1.0.1.el5 - fix filpclose race Joe Jin orabug 10335998 - fix missing aiocomplete in endio Joel Becker orabug 10365195 - make xenkbd.abspointer=1 by default orabug 67188919 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - net Enable...
php53 security update
5.3.3-1.1 - add security fixes for CVE-2010-3710, CVE-2010-4156, CVE-2010-4645 670463...
postgresql security update
8.4.7-1.el60.1 - Update to PostgreSQL 8.4.7, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-7.html http://www.postgresql.org/docs/8.4/static/release-8-4-6.html including the fix for CVE-2010-4015 Resolves: 672634 8.4.5-1.el60.2 - Ensure we don't package any...
postgresql84 security update
8.4.7-1.el56.1 - Update to PostgreSQL 8.4.7, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-7.html http://www.postgresql.org/docs/8.4/static/release-8-4-6.html including the fix for CVE-2010-4015 Resolves: 672636 - Ensure we don't package any .gitignore files...
openoffice.org security update
openoffice.org 1.1.5-10.7.10 - Resolves: rhbz642175 openoffice.org various flaws - CVE-2010-4643 heap based buffer overflow when parsing TGA files 1.1.5-10.7.8 - Resolves: rhbz642175 openoffice.org various flaws - CVE-2010-3450 directory traversal flaws in handling of XSLT jar filter descriptions...
pango security update
1.28.1-3.el60.3 - Fix a division by zero found in testing 1.28.1-3.el60.2 - Use -fno-strict-aliasing for C++, too - Escape macros in %changelog 1.28.1-3.el60.1 - Prevent heap corruption with malformed fonts. CVE-2011-0020 - Resolves: 671529...
java-1.6.0-openjdk security update
1:1.6.0.0-1.17.b17.0.1.el5 - Add oracle-enterprise.patch 1:1.6.0.0-1.17.b17.el5 - Updated to 1.7.7 tarball - Resolves: bz668487 - Also resolves bz668488...
hplip security update
3.9.8-33:.1 - Applied patch to fix CVE-2010-4267, remote stack overflow vulnerability bug 662740...
libuser security update
0.56.13-4 - Correctly mark the LDAP default password value as encrypted CVE-2011-0002 Resolves: 668020...
kvm security and bug fix update
kvm-83-224.0.1 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83-224.el5 - kvm-kernel-KVM-x86-zero-kvmvcpuevents-interrupt.pad.patch bz665407 - Resolves: bz665407 kvmvcpuevents.interrupt.pad must be zeroed - CVE: CVE-2010-4525 kvm-83-223.e...
gcc security and bug fix update
4.1.2-50.el5 - fix up fastjar directory traversal bugs CVE-2010-0831 4.1.2-49.el5 - fix ICE in setuidsinptset 605803 - fix ICE in makertlfornonlocaldecl 582682, 508735, 503565, PR c++/33094 - dont build gcjwebplugin 596097 - fix IPP handling in libgcj 578382 - document -print-multi-os-directory...
Oracle Linux 5.6 kernel security and bug fix update
2.6.18-238.el5 - net bnx2: remove extra call to pcimappage John Feeney 663509 - fs nfs: set lockcontext field in nfsreadpagesync Jeff Layton 663853 2.6.18-237.el5 - block fully zeroize request struct in rqinit Rob Evers 662154 - scsi qla4xxx: update to 5.02.04.02.05.06-d0 Chad Dupuis 656999 - scs...
python security, bug fix, and enhancement update
2.4.3-43 - add missing patch 206 Related: rhbz549372 2.4.3-42 - fix testpyclbr to match the urllib change in patch 204 patch 206 - allow the 'noproxy' environment variable to override 'ftpproxy' in urllib2 patch 207 - fix typos in names of patches 204 and 205 Related: rhbz549372 2.4.3-41 - backpo...
kernel security and bug fix update
2.6.9-89.35.1.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
exim security update
4.63-5.el56.2 - fix privilege escalation CVE-2010-4345, 662012...
wireshark security update
1.2.13-1.0.1.el60.2 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect packets bug11486 1.2.13-1.1 - fix buffer overflow in ENTTEC dissector - Resolves: 667337 1.2.13-1 - upgrade to 1.2.13 - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.11.html - see...
kernel security, bug fix, and enhancement update
2.6.18-194.32.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina Yang orabug...
kvm security and bug fix update
kvm-83-164.0.1.el55.30 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch to replace RHEL with OEL - Added kvm-Introduce-oel-machine-type.patch so that OEL is a recognized VM kvm-83-164.el55.30 - Revert the bz661397 patches as they are not enough -...
bind security update
20:9.2.4-30.6 - fix CVE-2010-3613...
HelixPlayer removal
1.0.6-3.1 - Empty package, and add uninstall subpackage with explanation for the emptiness. Related: bz662779...
openssl security update
0.9.8e-12.7 - fix CVE-2010-4180 - completely disable code for SSLOPNETSCAPEREUSECIPHERCHANGEBUG 659462...
openssl security update
0.9.7a-43.17.6 - CVE-2010-4180 - disable code for SSLOPNETSCAPEREUSECIPHERCHANGEBUG 659462 - CVE-2009-3245 - fix missing checks on allocation failure in bnwexpand 570924...
bind security update
30:9.3.6-4.P1.3 - fixes for CVE-2010-3762, CVE-2010-3613 and CVE-2010-3614...
seamonkey security update
1.0.9-66.0.1.el48 - Add mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html and remove corresponding RedHat ones 1.0.9-66.el4 - Added fixes from 1.9.1.16...
exim security update
4.63-3.el55.2 - fix buffer overflow in stringformat CVE-2010-4344, 662019...
thunderbird security update
1.5.0.12-34.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js Replaced clean.gif in tarball 1.5.0.12-34 - Added fixes from 1.9.1.16...
firefox security update
firefox: 3.6.13-1.0.1.el60 - Added firefox-oracle-default-prefs.js and removed firefox-redhat-default-prefs.js bugz 11762 3.6.13-2 - Update to 3.6.13 build3 3.6.13-1 - Update to 3.6.13 3.6.12-1 - Update to 3.6.12 3.6.11-1 - Update to 3.6.11 xulrunner: 1.9.2.13-3.0.1.el60 - Added...
Unbreakable enterprise kernel security and bug fix update
Following Security fixes are included in this unbreakable enterprise kernel errata: CVE-2010-3432 The sctppacketconfig function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial o...
apr-util security update
1.3.9-3.1 - add security fix for CVE-2010-1623 659253...
kvm security update
kvm-83-164.0.1.el55.25 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-add-oracle-workaround-for-libvirt-bug.patch kvm-83-164.el55.25 - Adding loadgsindex to kmod symbol greylist - Related: bz639886 CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic rhel-5.5.z...
kernel security and bug fix update
2.6.9-89.33.1.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
krb5 security update
1.6.1-36.el55.6 - incorporate candidate patch for checksum acceptance issues from MITKRB5-SA-2010-007 CVE-2010-1323, 652307...
php security update
5.1.6-27.3 - add security fix for CVE-2010-3870 626735 5.1.6-27.2 - fix varexport test cases 626735 5.1.6-27.1 - add security fixes for CVE-2010-1917, CVE-2010-3065, CVE-2010-2531, CVE-2010-1128, CVE-2010-0397 626735...
systemtap security update
1.2-11.0.1.el60 - rebuild without docs - remove doc/SystemTapBeginnersGuide/en-US in tarball 1.2-11 - CVE-2010-4170 - CVE-2010-4171...