8984 matches found
Important: libXfont security update
1.2.2-1.0.2.el5 - Rebuild because of forgotten changelog entry. 1.2.2-1.0.1.el5 - Fix for bug 234058, cve-2207-1351/1352...
Important: evolution-data-server security update
1.8.0-15.0.4.el5 - Add patch for RH bug 244293 Camel IMAP security flaw...
Moderate: squid security update
2.6.STABLE6-4 - Resolves: rhbz233253 - CVE-2007-1560 Squid TRACE DoS...
Important: tomcat security update
jakarta-commons-modeler-1.1-8jpp.1.0.2.el5 1.1-8jpp.1.0.2.el5 - rebuild after the fix for bug 238139 made it into the build root - Resolves: bug 238694 1.1-8jpp.1.0.1.el5 - Add patch to fix jira task: MODELER-15 to allow tomcat5 5.5.23 to build against j-c-modeler - Resolves: bug 238694...
Important: xen security update
3.0.3-25.0.3.el5 - fix ethernet bonding in balanced-rr mode, respin rhbz215887 3.0.3-25.0.2.el5 - fix ethernet bonding in balanced-rr mode rhbz215887 3.0.3-25.0.1.el5 - disable qemu monitor mode, for security reasons rhbz230295 - fix IA64 shadow page table mode rhbz230459, rhbz230331...
Important: kernel security and bug fix update
2.6.18-8.1.4.0.1.el5 -Fix bonding primary=ethX so it picks correct network Bert Barbe IT 101532 ORA 5136660 -Add entropy module option to e1000 John Sobecki ORA 6045759 -Add entropy module option to bnx2 John Sobecki ORA 6045759 2.6.18.8.1.4.el5 - ipv6 Fix routing regression. David S. Miller 2380...
Moderate: httpd security update
2.2.3-7.el5.0.1 - Marks removal + index page cleanup 2.2.3-7.el5 - add security fixes for CVE-2007-1863, CVE-2007-3304, and CVE-2006-5752 244665...
Important: php security update
5.1.6-12.el5 - add security fix for CVE-2007-1864, SOAP redirect handling issue, FTP CRLF injection issue 235016 5.1.6-11.el5 - add security fix for CVE-2007-1718 235016 5.1.6-9.el5 - add security fix for CVE-2007-1583 235016 - add security fixes for CVE-2007-0455, CVE-2007-1001 235036 5.1.6-7.el...
Important: kernel security and bug fix update
2.6.18-8.1.6.0.1.el5 -Fix bonding primary=ethX so it picks correct network Bert Barbe IT 101532 ORA 5136660 -Add entropy module option to e1000 John Sobecki ORA 6045759 -Add entropy module option to bnx2 John Sobecki ORA 6045759 2.6.18.8-1.6.el5 - bluetooth close information leaks in setsockopt...
Important: krb5 security update
1.3.4-49 - add patch to fix buffer overflow in kadmind 239073, CVE-2007-2798 1.3.4-48 - add patch to fix buffer overflow and double-free in rpc library 239073, CVE-2007-2442/CVE-2007-2443...
Moderate: bind security update
30:9.3.3-8 - added fix for 224445 - CVE-2007-0493 BIND might crash after attempting to read free-ed memory - added fix for 225229 - CVE-2007-0494 BIND dnssec denial of service - Resolves: rhbz224445 - Resolves: rhbz225229...
Important: gnupg security update
1.4.5-13 - incorporate patch from Werner to work around clients which can't tell that multiple plain messages have been processed 230457...
Important: evolution security update
2.0.2-35.0.4.el4 - Bump seamonkeybuildversion to 1.0.9. 2.0.2-35.0.3.el4 - Add patch for RH bug 244291 Camel IMAP security flaw...
Important: kernel security update
kernel-2.4.21-50.EL - improve IGMP join processing during bonding failover Andy Gospodarek - fix EHCI period handling for high-speed USB HID devices Pete Zaitcev kernel-2.4.21-49.EL - fix dput crash regression caused in -47.5.EL Eric Sandeen - add ifcfg-bond0 documentation in bonding.txt Andy...
Low: gdb security and bug fix update
6.3.0.0-1.138 - Fixed crash on cross-file resolving of opaque types BZ 135488. - 6.3.0.0-1.137 - Never lose any pending signal while attaching - resubmit them BZ 189607. - 6.3.0.0-1.136 - Bugfix segv on the source display by ^X 1 BZ 202345. - Support shared libraries 2GB on 64bit hosts - obstack...
Low: shadow-utils security and bug fix update
2:4.0.3-29.RHEL3 - add missing build requires 2:4.0.3-28.RHEL3 - fix mailbox creation race condition 193053 2:4.0.3-27.RHEL3 - chage gives correct information 216635 - do not strip binaries 176949...
Moderate: gcc security and bug fix update
3.2.3-59 - fix directory traversal bug in fastjar Richard Guenther, 225552, CVE-2006-3619 - fix a reload bug with -fnon-call-exceptions Alexandre Oliva, 226706...
Low: openldap security and bug-fix update
2.0.27-23 - Include the -ppc64 patch to fix a ppc64-specific build failure. - Put back smpmflags...
Moderate: pam security and bug fix update
cdrtools-2.01.0.a32-0.EL3.6 2.01.0.a32-0.EL3.6 - fix for CVE-2004-0813 - cdrecord and readcd are now suid, but with a pamconsole check - Resolves: rhbz232096 2.01.0.a32-0.EL3.3 - fix for CAN-2005-0866 "cdrecord insecure temporary file" 2.01.0.a32-0.EL3.2 - added patch for CAN-2004-0806, if s.o. w...
Low: mod_perl security update
1.9916-4.5 - avoid backup files in install root 241643 1.9916-4.3 - fix XS generation of methodislimited 242430 1.9916-4.2 - rebuild 1.9916-4.1 - add security fix for CVE-2007-1349 241643...
Moderate: libexif security update: integer overflow
Add patch for CVE-2007-4168. Fix bug 243893 - Fix bug 240055...
Important: kdebase security update
6:3.3.1-5.19.rhel4.0.1 - turn off ' - 6:3.3.1-5.19.rhel4 - Resolves: bz243620, KDE flash player workaround, CVE-2007-2022...
Moderate: spamassassin security update
3.1.9-1 - 3.1.9 CVE-2007-2873...
Important: openoffice.org security update
1.1.5-10.0.1 - Resolves: rhbz242007 CVE-2007-0245 rtf prtdata fix...
Moderate: freetype security update
2.1.9-6.el4 - Add freetype-2.1.9-ttf-overflow.patch - Resolves: 240574...
Moderate: fetchmail security update
6.2.5-6.0.1.el4 - Fix APOP vulnerability CVE-2007-1558 Resolves: 241197...
Moderate: mutt security update
5:1.4.1-12.0.3.el4 - fix overflow in gecos field handling 240176, CVE-2007-2683 5:1.4.1-12.0.2.el4 - buildrequire aspell 5:1.4.1-12.0.1.el4 - validate msgid in APOP authentication 241201, CVE-2007-1558 - fix insecure temp file creation on NFS 211085, CVE-2006-5297...
Critical: thunderbird security update
1.5.0.12-0.1.el4.0.1 - Add thunderbird-oracle-default-prefs.js for errata rebuild 1.5.0.12-0.1.el4 - Update to 1.5.0.12...
Critical: firefox security update
1.5.0.12-0.1.el4.1.0 - Add firefox-oracle-default-bookmarks.html and firefox-oracle-default-prefs.js for errata rebuild 1.5.0.12-0.1.el4 - Update to 1.5.0.12...
Critical: seamonkey security update
devhelp-0.10-0.8.el4: 0.10-0.8.el4 - Rebuild against newer gecko seamonkey-1.0.9-2.el4.0.1: 1.0.9-2.el4.0.1 - Add mozilla-oracle-default-bookmarks.html, mozilla-oracle-default-prefs.js, - and mozilla-home-page.patch for errata build 1.0.9-2.el4 - Final bits, plus an s390x build fix 1.0.9-0.1.el4 ...
Moderate: file security update
4.10-3.0.2 - resolves: 241026: CVE-2007-2799 file integer overflow - added dependency on zlib-devel...
Moderate: quagga security update
0.98.3-2.4.0.1 - rebuild and nvr fix - resolves: 240481: CVE-2007-1995 Quagga bgpd DoS 0.98.3-2.0.1 - resolves: 240481: CVE-2007-1995 Quagga bgpd DoS...
Moderate: gimp security update
2.0.5-6.2.el4 - replace incorrect use of %interfacever macro with 2.0 2.0.5-6.1.el4 - avoid buffer overflow in sunras plugin 238420 - own used directories in gimp-devel...
Low: cpio security and bug fix update
2.5-13.RHEL4 - protoize cpio source - Resolves 217375 2.5-12.RHEL4 - improve previous fix of lfs.patch 2.5-11.RHEL4 - improve previous fix of lfs.patch 2.5-10.RHEL4 - fix cpio large filesize buffer overflow 172865 - fix exit codes 183224...
Moderate: squirrelmail security update
1.4.8-4.0.1.el4.0.1 - remove banners 1.4.8-4.0.1 - resolves: 239650: CVE-2007-1262 squirrelmail cross-site scripting flaw...
Moderate: libpng security update
libpng-1.2.7-3.el4: 1.2.7-3.el4 - Add patch to fix CVE-2006-5793 Resolves: 215405 1.2.7-2.el4 - Add patch to fix CVE-2007-2445 Resolves: 239543 libpng10-1.0.16-3: 1.0.16-3 - Add patch to fix CVE-2006-5793 Resolves: 215405 1.0.16-2 - Add patch to fix CVE-2007-2445 Resolves: 239543...
Low: openssh security and bug fix update
3.9p1-8.RHEL4.20 - CVE-2006-5794 properly detect failed key verify in monitor 214640 3.9p1-8.RHEL4.19 - add support for hashed knownhosts file 162681 3.9p1-8.RHEL4.18 - fixed client behaviour when remote program generates large output 184357 - don't report duplicate syslog messages, use correct...
Low: busybox security update
1.00.rc1-7.el4 - fix -l and -u passwd options 1.00.rc1-6.el4 - add psw 1.00.rc1-5.el4 - fix CVE-2006-1058 - BusyBox passwd command fails to generate password with salt 187385...
Low: openldap security update
2.3.13-7.4E - include the -selfwrite patch to close Resolves: rhbz205826: CVE-2006-4600 openldap improper selfwrite access...
Low: shadow-utils security and bug fix update
2:4.0.3-61.RHEL4 - fix comment in /etc/login.defs 188263 - faster faillog reset 177017 - do not strip binaries 176949 - fix mailbox creation race condition 193053...
Low: w3c-libwww security and bug fix update
5.4.0-10.1.RHEL4.2 - fix for libwww's handling of multipart/byteranges content and possible stack overflow, CVE-2005-3183 - Resolves: rhbz169495 5.4.0-10.1.RHEL4.1 - fixed type in md5.h for 64bit bug 163664...
Moderate: evolution security update
2.0.2-35.0.2.el4 - Add missing BuildRequires scrollkeeper. 2.0.2-35.0.1.el4 - Add patch for RH bug 238565 APOP authentication vulnerability...
Moderate: vixie-cron security update
4.1-47.EL4 - removed patches for 192783, 178836 because of frozen errata - added only patch for CVE-2007-1856 crontab denial of service - Resolves: rhbz235880 4.1-46.EL4 - Resolves: 235880 CVE-2007-1856 crontab denial of service 4.1-45.EL4 - rhbz192783 - rhbz178836...
Moderate: gcc security and bug fix update
3.4.6-8.0.1 - add gcc34-pr23591-tls-model-fix.patch - this patch fixes a bug with exception handlers and threads 3.4.6-8 - add gnu.java.util.ZoneInfo class, use tzdata files for libgcj timezone stuff instead of builtin simple and outdated rules 227884 - add missing @GCC4.0.0 and @GCC4.2.0 libgcc...
Low: gdb security and bug fix update
6.3.0.0-1.143 - Fix unhandled race cases of exec from threaded program BZ 202689. - Add testcase for exec from threaded program BZ 202689. 6.3.0.0-1.142 - Fixed zombie threads regression from the stale threads crash fix BZ 195429. 6.3.0.0-1.141 - Fix bogus 0x0 unwind of the thread's topmost...
Low: sendmail security and bug fix update
8.13.1-3.2.el4 - fixed infinite loop within tls read by enabling FFRDEALWITHERRORSSL Resolves: rhbz121850 - fixed incorrect path to selinuxenabled in initscript Resolves: rhbz152282 - removed rpm build artifacts from sendmail-cf package Resolves: rhbz152955 - fixed missing socketmap support...
Low: util-linux security and bug fix update
2.12a-16.EL4.25 - fix 235920 - fix alignment warnings at runtime on ia64 2.12a-16.EL4.24 - fix 235920 - mount needs to recognize vfat labels 2.12a-16.EL4.23 - fix 188099 - can't mount iscsi ext3 fs by label. - fix 197768 - man mount' does not list option 'mand' - fix 190808 - 4TB FS ends up with...
Low: gdm security and bug fix update
2.6.0.5-7.rhel4.15 - apply fix for CVE-2006-1057 Resolves: 188302 2.6.0.5-7.rhel4.14 - Fix for CVE-2006-1057 bug 188302 2.6.0.5-7.rhel4.13 - pamloginuid.so support added in 1:2.6.0.5-7.rhel4.2 patched the wrong file...
Low unzip security and bug fix update
5.51-9.EL4.5 - Resolves: 230558 problem in patch4 unzipped file permissions 5.51-8.EL4.5 - fix problem with 4GB files which are not compressed 5.51-7.EL4.5 - fix 164927 - TOCTOU issue in unzip - fix 178960 - unzip long filename buffer overflow - fix 199104 - add large file support return Lon's 4G...
Moderate: bluez-utils security update
2.10-2.2 - Fix for HID vulnerability CVE-2006-6899 227014...