9157 matches found
Moderate: squid security update
2.5.STABLE3-8.3E - fix for 410181 - CVE-2007-6239 Squid DoS in cache updates 2.5.STABLE3-7 - resolves: 238103: 'forwardedfor off' in squid.conf does not work...
Important: mysql security update
4.1.20-3.RHEL4.1.el46.1 - Back-port upstream fixes for CVE-2007-5925, CVE-2007-5969. Resolves: 422181...
Important: autofs5 security update
5.0.1-0.rc2.55.el46.1 - Bug 412621: CVE-2007-5964 autofs defaults don't restrict suid in /net - use mount option nosuid for -hosts map unless suid is explicily specified. - Resolves: rhbz412621...
Important: autofs security update
5.0.1-0.rc2.55.el5.1 - Bug 410041: CVE-2007-5964 autofs defaults don't restrict suid in /net - use mount option nosuid for -hosts map unless suid is explicily specified. - Related: rhbz410041...
Critical: samba security and bug fix update
3.0.9-1.3E.14.3 - Security fix for CVE-2007-6015 - Fix for regression introduced with CVE-2007-4572 - resolves: 407321 - resolves: 389021...
Moderate: python security update
2.2.3-6.8 - Fix possible integer overflow in image ops - Fix off by one strxfrm malloc - Fix pypcre bugs - Resolves: 392031...
Important: kernel security and bug fix update
kernel-2.4.21-53.EL - Fix ipv4 treason uncloaked message Anton Arapov 249237 - Fix ipv4 fib-sem-out-of-bounds checking Don Howard 250429 CVE-2007-2172 - Reset current-pdeathsignal on SUID binary execution Peter Zijlstra 251117 CVE-2007-3848 - Fix local DoS with corrupted elf on ia64 Don Howard...
Critical: samba security update
3.0.25b-1 - samba incorrect primary group assignment for domain users using the rfc2307 or sfu winbind nss info plugin - samba buffer overflow - Samba "replynetbiospacket" Buffer Overflow Vulnerability...
Moderate: htdig security update
3:3.2.0b6-4 - CVE-2007-6110...
Important: pcre security update
4.5-4.6 - Add pcre-4.5-CVE-2007-1659.patch - Update pcre-4.5-CVE-2007-1660.patch - Add pcre-4.5-CVE-2007-7230.patch - Resolves: 380511...
Important: pcre security update
6.6-2.7 - Fix the names of the patches added in 6.6-2.5: mv pcre-6.4-posix.diff pcre-6.6-CVE-2006-7225.patch mv pcre-6.4-fix1.patch pcre-6.6-CVE-2006-7226.patch - Update pcre-6.6-CVE-2007-1659.patch - Update pcre-6.6-CVE-2007-1660.patch - Add pcre-6.6-CVE-2006-7230.patch - Resolves: 380531...
Important: pcre security update
3.9-10.4 - Fix CVE-2007-1660, bug 381991...
Important: kernel security update
CVE-2007-4571 ALSA memory disclosure flaw - Tick divider bugs on x8664 - CVE-2007-5494 openOATOMICLOOKUP leaks dentry - PATCH jbd: wait for already submitted tsyncdatalist buffer to complete Possibility of in-place data destruction - LSPP: audit rule causes kernel 'out of memory' condition and...
Important: cairo security update
1.2.4-3 - Add cairo-1.2.4-alloc-overflow.patch - Resolves: bug 387521...
Critical: firefox security update
1.5.0.12-7.0.1 - Added Oracle specific links into default bookmarks. 1.5.0.12-7 - Add patches for mozilla bugs: 369814,373911,391028,393326,402649,403331...
openssh security and bug fix update
3.9p1-8.RHEL4.24 - return correct exit status on failed write on sftp batch mode 247802 3.9p1-8.RHEL4.23 - some more mem leaks fix in sftp 240909 3.9p1-8.RHEL4.22 - CVE-2007-3102 escape account name to prevent audit log injection 248058 3.9p1-8.RHEL4.21 - move pam session calls so pamclosesession...
xterm security update
192-8.el4 - use correct tty group 239070...
openssl security and bug fix update
0.9.7a-43.17.1 - CVE-2007-5135 off by one buffer overflow in SSLgetsharedciphers 309851 0.9.7a-43.17 - use poll when reading random device 236164 - make ssl session ID context matching strict 244436 - openssl utility shouldnt crash on invalid PKCS12 files 245083 - CVE-2007-3108 remove conditional...
Critical: seamonkey security update
1.0.9-0.7.el3.0.1 - Add mozilla-home-page.patch, mozilla-oracle-default-bookmarks.html, and mozilla-oracle-default-prefs.js 1.0.9-0.7.el3 - Add patches for mozilla bugs: 369814,373911,391028,393326,402649,403331...
wireshark security and bug fix update
0.99.6-EL4.1.0.1 - Add oracle-ocfs2-network.patch 0.99.6-1 - upgrade to 0.99.6 - Wireshark could crash when dissecting an HTTP chunked response - Wireshark could crash while reading iSeries capture files - Wireshark could exhaust system memory while reading a malformed DCP ETSI packet - Wireshark...
pam security, bug fix, and enhancement update
0.77-66.23 - pamcracklib should count the last char when computing difference 267201 0.77-66.22 - add pamtally2 module 228044 - unset XAUTHORITY when appropriate 228980 - CVE-2007-1716 always decrement use count 230823 - reset priority only when specified in limits.conf 232407 - CVE-2007-3102...
httpd security, bug fix, and enhancement update
2.0.52-38.ent.0.1 - use oracle index page oracleindex.html - updated string and distro in specfile 2.0.52-38.ent - fix server version string 236419 2.0.52-37.ent - add security fix for CVE-2007-3847 250760 2.0.52-36.ent - add modversion, load in default httpd.conf 248696 2.0.52-35.ent - add...
mailman security and bug fix update
2.1.5.1-34.rhel4.6 - fix 200036 - canceling subscription confirmation crashes mailman - fix 205651 - CVE-2006-4624 logfile CRLF injection - fix 230939 - missing migrate-fhs script - fix 223191 - spam filters gets deleted when sender filter is edited - fix 242677 - wrong init script...
tcpdump security and bug fix update
3.8.2-12.el4 - fix buffer overflow in BGP dissector 250293, CVE-2007-3798 3.8.2-11.el4 - fix buffer overflow in 802.11 printer 232519, CVE-2007-1218 - fix return codes in arpwatch init script 237780 - with -C option, drop root privileges before opening first savefile 214377...
Critical: samba security update
3.0.25b-0.el51.1 - Security fix for CVE-2007-4138 - Security fix for CVE-2007-4572 - Security fix for CVE-2007-5398 - Multilib Fix - resolves: 351501 - resolves: 350761 - resolves: 359151 - resolves: 356851 -------------- next part -------------- An HTML attachment was scrubbed... URL:...
Important: openldap security and enhancement update
2.3.27-8.1 - fix security issue CVE-2007-5707 360001 - fix manual bind timeout 368231 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://oss.oracle.com/pipermail/el-errata/attachments/20071123/279499e3/attachment-0001.html...
Moderate: ruby security update
1.8.5-5.el51.1 - security fix for CVE-2007-5162 and CVE-2007-5770 - ruby-1.8.5-CVE-2007-5162.patch: fix issues that is insufficient verification of SSL certificate. 320331 - Fix the multilib regression issue. 1.8.5-5 - security fix release. - ruby-1.8.5-cgi-CVE-2006-6303.patch: fix a infinite loo...
Important: poppler security update
2.3.27-8.1 Fixes for: - 345101 - CVE-2007-4352 xpdf memory corruption in DCTStream::readProgressiveDataUnit - 345111 - CVE-2007-5392 xpdf buffer overflow in DCTStream::reset - 345121 - CVE-2007-5393 xpdf buffer overflow in CCITTFaxStream::lookChar...
openssh security and bug fix update
4.3p2-24 - fixed audit log injection problem CVE-2007-3102 248059 4.3p2-23 - document where the nss certificate and token dbs are looked for 4.3p2-22 - experimental support for PKCS11 tokens through libnss3 183423 4.3p2-21 - fix an information leak in Kerberos password authentication CVE-2006-505...
conga security, bug fix, and enhancement update
0.10.0-6.el5.0.1 - Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball. 0.10.0-6 - Fixed bz253783 - Fixed bz253914 conga doesn't allow you to reuse nfs export and nfs client resources - Fixed bz254038 Impossible to set many valid quorum disk configurations via conga -...
tcpdump security and bug fix update
14:3.9.4-11.el5.0.1 - Modified libpcap-0.9.4/fad-getad.c to include linux/types.h if it includes linux/ifpacket.h 14:3.9.4-11.el5 - fix buffer overflow in BGP dissector 250294, CVE-2007-3798 14:3.9.4-10.el5 - with -C option, drop root privileges before opening first savefile 241677 14:3.9.4-9.el5...
mcstrans security and bug fix update
0.2.6-1 - Don't allow categories 1023 Resolves: 288941 0.2.3-1 - Additional fix to handle ssh root/sysadmr/s0:c1,c2 Resolves: 224637 0.2.1-1 - Rewrite to handle MLS properly Resolves: 225355 0.1.10-2 - Cleanup memory when complete 0.1.10-1 - Fix Memory Leak Resolves: 218173 0.1.9-1 - Add -pie - F...
coolkey security and bug fix update
1.1.0-5 - 1777 is not octal and does not set the correct bits should be 01777 1.1.0-4 - fix cache location to be more secure 1.1.0-3 - replace the install stuff 1.1.0-2 - Back out RHEL-4 version of spec from CVS, add pcsc-lite-lib requires. 1.1.0-1 - Pick up lates release...
wireshark security update
0.99.6-1.el5.01 - Added patch for OCFS2 formatting 0.99.6-1 - upgrade to 0.99.6 - Wireshark could crash when dissecting an HTTP chunked response - Wireshark could crash while reading iSeries capture files - Wireshark could exhaust system memory while reading a malformed DCP ETSI packet - Wireshar...
pam security, bug fix, and enhancement update
0.99.6.2-3.26 - removed realtime default limits 240123 from the package as it caused regression on machines with nonexistent realtime group 0.99.6.2-3.25 - added and improved translations 219124 - adjusted the default limits for realtime users 240123 0.99.6.2-3.23 - pamunix: truncated MD5 passwor...
httpd security, bug fix, and enhancement update
2.2.3-11.el5.0.1 - use oracle index page oracleindex.html, update vstring and distro 2.2.3-11.el5 - mark httpd.conf confignoreplace 247881 2.2.3-10.el5 - add security fix for CVE-2007-3847 250761 2.2.3-9.el5 - load modversion by default 247881 2.2.3-8.el5 - add 'ServerTokens Full-Release' config...
Moderate: util-linux security update
2.11y-31.24 - fix 324431 - CVE-2007-5191 util-linux mount doesn't drop privileges properly when calling helpers...
Moderate: net-snmp security update
5.0.9-2.30E.23 - fix bulkwalk security flaw 366591...
Critical: samba security update
3.0.9-1.3E.14 - Security fix for CVE-2007-4572 and CVE-2007-5398 resolves: 350731 resolves: 359101...
Moderate: ruby security update
1.8.1-7.EL4.8.1 - security fixes 320371 - ruby-1.8.1-cgi-CVE-2006-6303.patch: fix an infinite loop with certain HTTP request. - ruby-1.8.1-CVE-2007-5162.patch: fix an insufficient verification of SSL certificate...
Important: kdegraphics security update
7:3.3.1-6 - Resolves: 356601, CVE-2007-4352,5392,5393...
Critical: pcre security update
4.5-4.4 - Resolves: 373421, More complete fix for CVE-2006-7224 4.5-4.2 -Resolves: 373421, CVE-2006-7224...
Important: tetex security update
2.0.2-22.0.1.EL4.10 - fix t1lib flaw CVE-2007-4033 356691 Resolves: 356691 2.0.2-22.0.1.EL4.9 - fix CVE-2007-4352 CVE-2007-5392 CVE-2007-5393, various xpdf flaws 356691 Resolves: 356691...
Important: cups security update
1.1.17-13.3.46 - Applied patch to fix CVE-2007-4045 bug 356541. - Applied patch to fix CVE-2007-4351 STR 2561, bug 356541. - Applied patch to fix CVE-2007-5393 bug 356541...
Important: gpdf security update
2.8.2-7.7.1 - Bump release. 2.8.2-7.4.3 - Fix a couple of typos in the patch for 356641. 2.8.2-7.4.2 - Add patch to fix CVE-2007-4352, CVE-2007-5392, and CVE-2007-5393 356641. 2.8.2-7.4.1 - Add patch to fix CVE-2007-3387 248203. - Add patch to fix CVE-2006-0301 179053...
Important: tetex security update
1.0.7-67.11 - xpdf buffer overflow in CCITTFaxStream::lookChar CVE-2007-5393 356761 Resolves: 356761 1.0.7-67.10 - backport upstream fix for xpdf integer overflow CVE-2007-3387 248206 Resolves: 248206...
Important: cups security update
1.1.22-0.rc1.9.20.2:.2 - Applied patch to fix CVE-2007-4351 STR 2561, bug 356551. 1.1.22-0.rc1.9.20.2:.1 - Applied patch to fix CVE-2007-4045 bug 356551. - Applied patch to fix CVE-2007-4352, CVE-2007-5392 and CVE-2007-5393 bug 356551...
Important: xpdf security update
3.00-14.el4 - Resolves: 356811, CVE-2007-4352 CVE-2007-5392 CVE-2007-5393...
Important: xpdf security update
2.02-11.el3 - Resolves: 356791, CVE-2007-4033 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 xpdf various flaws 2.02-10.RHEL3 - Resolves: bz248198, CVE-2007-3387 xpdf integer overflow...
Critical: pcre security update
4.5-4.1 - Resolves: 315971, CVE-2007-1660 4.5-4 - Resolves: 315971, CVE-2007-1660...