8984 matches found
openssh security and bug fix update
3.9p1-8.RHEL4.24 - return correct exit status on failed write on sftp batch mode 247802 3.9p1-8.RHEL4.23 - some more mem leaks fix in sftp 240909 3.9p1-8.RHEL4.22 - CVE-2007-3102 escape account name to prevent audit log injection 248058 3.9p1-8.RHEL4.21 - move pam session calls so pamclosesession...
Moderate: ruby security update
1.8.5-5.el51.1 - security fix for CVE-2007-5162 and CVE-2007-5770 - ruby-1.8.5-CVE-2007-5162.patch: fix issues that is insufficient verification of SSL certificate. 320331 - Fix the multilib regression issue. 1.8.5-5 - security fix release. - ruby-1.8.5-cgi-CVE-2006-6303.patch: fix a infinite loo...
Important: openldap security and enhancement update
2.3.27-8.1 - fix security issue CVE-2007-5707 360001 - fix manual bind timeout 368231 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://oss.oracle.com/pipermail/el-errata/attachments/20071123/279499e3/attachment-0001.html...
Important: poppler security update
2.3.27-8.1 Fixes for: - 345101 - CVE-2007-4352 xpdf memory corruption in DCTStream::readProgressiveDataUnit - 345111 - CVE-2007-5392 xpdf buffer overflow in DCTStream::reset - 345121 - CVE-2007-5393 xpdf buffer overflow in CCITTFaxStream::lookChar...
Critical: samba security update
3.0.25b-0.el51.1 - Security fix for CVE-2007-4138 - Security fix for CVE-2007-4572 - Security fix for CVE-2007-5398 - Multilib Fix - resolves: 351501 - resolves: 350761 - resolves: 359151 - resolves: 356851 -------------- next part -------------- An HTML attachment was scrubbed... URL:...
tcpdump security and bug fix update
14:3.9.4-11.el5.0.1 - Modified libpcap-0.9.4/fad-getad.c to include linux/types.h if it includes linux/ifpacket.h 14:3.9.4-11.el5 - fix buffer overflow in BGP dissector 250294, CVE-2007-3798 14:3.9.4-10.el5 - with -C option, drop root privileges before opening first savefile 241677 14:3.9.4-9.el5...
pam security, bug fix, and enhancement update
0.99.6.2-3.26 - removed realtime default limits 240123 from the package as it caused regression on machines with nonexistent realtime group 0.99.6.2-3.25 - added and improved translations 219124 - adjusted the default limits for realtime users 240123 0.99.6.2-3.23 - pamunix: truncated MD5 passwor...
openssh security and bug fix update
4.3p2-24 - fixed audit log injection problem CVE-2007-3102 248059 4.3p2-23 - document where the nss certificate and token dbs are looked for 4.3p2-22 - experimental support for PKCS11 tokens through libnss3 183423 4.3p2-21 - fix an information leak in Kerberos password authentication CVE-2006-505...
httpd security, bug fix, and enhancement update
2.2.3-11.el5.0.1 - use oracle index page oracleindex.html, update vstring and distro 2.2.3-11.el5 - mark httpd.conf confignoreplace 247881 2.2.3-10.el5 - add security fix for CVE-2007-3847 250761 2.2.3-9.el5 - load modversion by default 247881 2.2.3-8.el5 - add 'ServerTokens Full-Release' config...
mcstrans security and bug fix update
0.2.6-1 - Don't allow categories 1023 Resolves: 288941 0.2.3-1 - Additional fix to handle ssh root/sysadmr/s0:c1,c2 Resolves: 224637 0.2.1-1 - Rewrite to handle MLS properly Resolves: 225355 0.1.10-2 - Cleanup memory when complete 0.1.10-1 - Fix Memory Leak Resolves: 218173 0.1.9-1 - Add -pie - F...
coolkey security and bug fix update
1.1.0-5 - 1777 is not octal and does not set the correct bits should be 01777 1.1.0-4 - fix cache location to be more secure 1.1.0-3 - replace the install stuff 1.1.0-2 - Back out RHEL-4 version of spec from CVS, add pcsc-lite-lib requires. 1.1.0-1 - Pick up lates release...
conga security, bug fix, and enhancement update
0.10.0-6.el5.0.1 - Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball. 0.10.0-6 - Fixed bz253783 - Fixed bz253914 conga doesn't allow you to reuse nfs export and nfs client resources - Fixed bz254038 Impossible to set many valid quorum disk configurations via conga -...
wireshark security update
0.99.6-1.el5.01 - Added patch for OCFS2 formatting 0.99.6-1 - upgrade to 0.99.6 - Wireshark could crash when dissecting an HTTP chunked response - Wireshark could crash while reading iSeries capture files - Wireshark could exhaust system memory while reading a malformed DCP ETSI packet - Wireshar...
Moderate: net-snmp security update
5.0.9-2.30E.23 - fix bulkwalk security flaw 366591...
Moderate: util-linux security update
2.11y-31.24 - fix 324431 - CVE-2007-5191 util-linux mount doesn't drop privileges properly when calling helpers...
Critical: samba security update
3.0.9-1.3E.14 - Security fix for CVE-2007-4572 and CVE-2007-5398 resolves: 350731 resolves: 359101...
Moderate: ruby security update
1.8.1-7.EL4.8.1 - security fixes 320371 - ruby-1.8.1-cgi-CVE-2006-6303.patch: fix an infinite loop with certain HTTP request. - ruby-1.8.1-CVE-2007-5162.patch: fix an insufficient verification of SSL certificate...
Important: kdegraphics security update
7:3.3.1-6 - Resolves: 356601, CVE-2007-4352,5392,5393...
Critical: pcre security update
4.5-4.4 - Resolves: 373421, More complete fix for CVE-2006-7224 4.5-4.2 -Resolves: 373421, CVE-2006-7224...
Important: tetex security update
2.0.2-22.0.1.EL4.10 - fix t1lib flaw CVE-2007-4033 356691 Resolves: 356691 2.0.2-22.0.1.EL4.9 - fix CVE-2007-4352 CVE-2007-5392 CVE-2007-5393, various xpdf flaws 356691 Resolves: 356691...
Important: xpdf security update
2.02-11.el3 - Resolves: 356791, CVE-2007-4033 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 xpdf various flaws 2.02-10.RHEL3 - Resolves: bz248198, CVE-2007-3387 xpdf integer overflow...
Important: tetex security update
1.0.7-67.11 - xpdf buffer overflow in CCITTFaxStream::lookChar CVE-2007-5393 356761 Resolves: 356761 1.0.7-67.10 - backport upstream fix for xpdf integer overflow CVE-2007-3387 248206 Resolves: 248206...
Important: xpdf security update
3.00-14.el4 - Resolves: 356811, CVE-2007-4352 CVE-2007-5392 CVE-2007-5393...
Important: cups security update
1.1.17-13.3.46 - Applied patch to fix CVE-2007-4045 bug 356541. - Applied patch to fix CVE-2007-4351 STR 2561, bug 356541. - Applied patch to fix CVE-2007-5393 bug 356541...
Important: cups security update
1.1.22-0.rc1.9.20.2:.2 - Applied patch to fix CVE-2007-4351 STR 2561, bug 356551. 1.1.22-0.rc1.9.20.2:.1 - Applied patch to fix CVE-2007-4045 bug 356551. - Applied patch to fix CVE-2007-4352, CVE-2007-5392 and CVE-2007-5393 bug 356551...
Important: gpdf security update
2.8.2-7.7.1 - Bump release. 2.8.2-7.4.3 - Fix a couple of typos in the patch for 356641. 2.8.2-7.4.2 - Add patch to fix CVE-2007-4352, CVE-2007-5392, and CVE-2007-5393 356641. 2.8.2-7.4.1 - Add patch to fix CVE-2007-3387 248203. - Add patch to fix CVE-2006-0301 179053...
Important: perl security update
5.8.5-36.el45.2.0.1 - Added patch perl-5.8.5-OEL-mock-build.patch to disable test lib/Net/t/hostname.t, so that mock build succeeds 5.8.5-36.el4.2 - Resolves: bug323791 - fix previous patch 5.8.5-36.el4.1 - Resolves: bug323791 - fix regular expression UTF parsing errors...
Critical: pcre security update
4.5-4.1 - Resolves: 315971, CVE-2007-1660 4.5-4 - Resolves: 315971, CVE-2007-1660...
Critical: pcre security update
6.6-2.1 - Resolves: 315951, CVE-2007-1659, CVE-2007-1660 6.6-1.2 - Resolves: 315951, CVE-2007-1659, CVE-2007-1660...
Important: kernel security update
2.6.9-55.0.12.0.1 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix for nfs open call taking longer issue Chuck Lever orabug 5580407 bz 219412 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach...
Important: cups security and bug fix update
1.2.4-11.14.el51.1 - Applied patch to fix CVE-2007-4351 STR 2561, bug 353981. 1.2.4-11.14 - Applied patch to fix cupsd crash when failing to open a file: URI STR 2351, bug 250415. 1.2.4-11.13 - Moved LSPP security attributes check before job creation bug 231522. 1.2.4-11.12 - Moved LSPP access...
Moderate: libpng security update
1.2.7-3.el45.1 - Back-port critical fixes from libpng 1.2.22, primarily to fix CVE-2007-5269 Resolves: 337501 - Update License tag and some other obsolete bits in specfile 1.0.16-3.el45.1 - Back-port critical fixes from libpng 1.0.30, primarily to fix CVE-2007-5269 Resolves: 337561...
Important:kernel security update
2.6.18-8.1.15.0.1.el5 - Fix bonding primary=ethX Bert Barbe IT 101532 ORA 5136660 - Add entropy module option to e1000/bnx2 John Sobecki ORA 6045759 2.6.18-8.1.15.el5 - dlm A TCP connection to DLM port blocks DLM operations Patrick Caulfield 245922 CVE-2007-3380 - ppc 4k page mapping support for...
Important: flac security update
1.1.0-7.el4.2 - Add RHEL-5 patch to remove execstack requirement Related: rhbz 332591 1.1.0-7.el4.1 - Add patch from Takashi Iwai to fix CVE-2007-4619 Resolves: rhbz 332591...
Moderate: openssl security update
0.9.7a-33.24 - CVE-2007-3108 remove conditionals in BNdiv, BNmod and final Montgomery reduction 250579 - CVE-2007-5135 off by one buffer overflow in SSLgetsharedciphers 309841...
Critical: firefox security update
1.5.0.12-0.7.el4.0.1 - Add firefox-oracle-default-bookmarks.html and firefox-oracle-default-prefs.js for errata rebuild 1.5.0.12-0.7.el4 - Update to latest snapshot of Mozilla 1.8.0 branch 1.5.0.12-0.6.el4 - added pathes for Mozilla bugs 325761 and 392149 1.5.0.12-0.5.el4 - added pathes for Mozil...
Critical: seamonkey security update
1.0.9-0.5.el3.0.1 - Added default Oracle URLs 1.0.9-0.5.el3 - Update to latest snapshot of Mozilla 1.8.0 branch 1.0.9-0.4.el3 - added pathes for Mozilla bugs 267833,309322,345305,361745, 362901,372309,378787,381300,384105,386914,387033,387881,388121,388784 390078,393537,395942,325761,392149...
Moderate: thunderbird security update
1.5.0.12-0.5.el4.0.1 - Add thunderbird-oracle-default-prefs.js for errata rebuild 1.5.0.12-0.5.el3 - Update to latest snapshot of Mozilla 1.8.0 branch 1.5.0.12-0.4.el3 - added pathes for Mozilla bugs 199088,267833,309322,345305,361745,...
Important: openssl security update
0.9.8b-8.3.2 - more DTLS fixes 321211 0.9.8b-8.3.1 - fix CVE-2007-3108 - side channel attack on private keys 322891 - fix CVE-2007-5135 - off-by-one in SSLgetsharedciphers 309871 - fix CVE-2007-4995 - out of order DTLS fragments buffer overflow 321211...
Important: hplip security update
1.6.7-4.1.el50.3 - Fixed post scriptlet to make sure it restarts the daemon on upgrade part of bug 320011. 1.6.7-4.1.el50.2 - Build requires openssl-devel part of bug 320011. 1.6.7-4.1.el50.1 - Applied patch to fix CVE-2007-5208 bug 320011...
Moderate: kdelibs security update
3.5.4-13.el5.0.1 - Remove Version branding - Maximum rpm trademark logos removed pics/crystalsvg/-mime-rpm 3.5.4-13.el5 - Resolves: 293571 CVE-2007-0537 Konqueror improper HTML comment rendering CVE-2007-1564 FTP protocol PASV design flaw affects konqueror 3.5.4-12.el5 - resolves: 293421,...
Moderate: kdebase security update
3.3.1-6.el4.0.1 - turn off ' 3.3.1-6.l4 - Resolves: 290851, CVE-2007-4569, kdm password-less login vulnerability CVE-2007-3820, CVE-2007-4224 CVE-2007-4225, Konqueror address bar spoofin...
Moderate: elinks security update
0.9.2-3.3.5.2 - fix elinks-0.9.2-httpspostdata.patch 303881 0.9.2-3.3.5.1 - fix 297611 - CVE-2007-5034 elinks reveals POST data to HTTPS proxy 0.9.2-3.3 - fix 215731 - elinks smb protocol arbitrary file access...
Important: nfs-utils-lib security update
1.0.8-7.2.z2 - Updated libnfsidmap to -17 to fix a security issue bz 254041 1.0.8-7.2.z1 - Fixed RPC library buffer overflow bz 265061...
Important: xen security update
3.0.3-25.0.4.el5 - QEmu cirrus bitblit bounds check - CVE-2007-1320 rhbz 296271 - QEmu NE2000 overflow check - CVE-2007-1321 rhbz 296271 - Pygrub guest escape - CVE-2007-4993 rhbz 302821...
Important: kernel security update
2.6.18-8.1.14.0.2.el5 - Fix bonding primary=ethX Bert Barbe IT 101532 ORA 5136660 - Add entropy module option to e1000/bnx2 John Sobecki ORA 6045759 2.6.18-8.1.14.el5 - Revert changes back to 2.6.18-8.1.10. - x8664 Zero extend all registers after ptrace in 32bit entry path Anton Arapov 297871...
Important: kernel security update
2.6.9-55.0.9.0.1 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix for nfs open call taking longer issue Chuck Lever orabug 5580407 bz 219412 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach...
Important: kernel security update
2.4.21-52.EL - Validate all 64bits of ptrace information...
Moderate: gimp security update
1.2.3-20.9.el3 - validate bytesperline header field when loading PCX files 247570 1.2.3-20.8.el3 - reduce GIMPMAXIMAGESIZE to 2^18 to detect bogus image widths/heights 247570 1.2.3-20.7.el3 - replace gimperror by gimpmessage/gimpquit in a few plugins so they don't crash but gracefully exit when...
Moderate: php security update
4.3.2-43.ent - improve fix for CVE-2007-3996 278361 4.3.2-42.ent - add security fixes for CVE-2007-2509, CVE-2007-2756, CVE-2007-2872, CVE-2007-3799, CVE-2007-3996, CVE-2007-3998, CVE-2007-4658 278361...