9158 matches found
Moderate: mutt security update
5:1.4.1-12.0.3.el4 - fix overflow in gecos field handling 240176, CVE-2007-2683 5:1.4.1-12.0.2.el4 - buildrequire aspell 5:1.4.1-12.0.1.el4 - validate msgid in APOP authentication 241201, CVE-2007-1558 - fix insecure temp file creation on NFS 211085, CVE-2006-5297...
Critical: thunderbird security update
1.5.0.12-0.1.el4.0.1 - Add thunderbird-oracle-default-prefs.js for errata rebuild 1.5.0.12-0.1.el4 - Update to 1.5.0.12...
Critical: firefox security update
1.5.0.12-0.1.el4.1.0 - Add firefox-oracle-default-bookmarks.html and firefox-oracle-default-prefs.js for errata rebuild 1.5.0.12-0.1.el4 - Update to 1.5.0.12...
Critical: seamonkey security update
devhelp-0.10-0.8.el4: 0.10-0.8.el4 - Rebuild against newer gecko seamonkey-1.0.9-2.el4.0.1: 1.0.9-2.el4.0.1 - Add mozilla-oracle-default-bookmarks.html, mozilla-oracle-default-prefs.js, - and mozilla-home-page.patch for errata build 1.0.9-2.el4 - Final bits, plus an s390x build fix 1.0.9-0.1.el4 ...
Moderate: file security update
4.10-3.0.2 - resolves: 241026: CVE-2007-2799 file integer overflow - added dependency on zlib-devel...
Moderate: quagga security update
0.98.3-2.4.0.1 - rebuild and nvr fix - resolves: 240481: CVE-2007-1995 Quagga bgpd DoS 0.98.3-2.0.1 - resolves: 240481: CVE-2007-1995 Quagga bgpd DoS...
Moderate: gimp security update
2.0.5-6.2.el4 - replace incorrect use of %interfacever macro with 2.0 2.0.5-6.1.el4 - avoid buffer overflow in sunras plugin 238420 - own used directories in gimp-devel...
Low: cpio security and bug fix update
2.5-13.RHEL4 - protoize cpio source - Resolves 217375 2.5-12.RHEL4 - improve previous fix of lfs.patch 2.5-11.RHEL4 - improve previous fix of lfs.patch 2.5-10.RHEL4 - fix cpio large filesize buffer overflow 172865 - fix exit codes 183224...
Moderate: evolution security update
2.0.2-35.0.2.el4 - Add missing BuildRequires scrollkeeper. 2.0.2-35.0.1.el4 - Add patch for RH bug 238565 APOP authentication vulnerability...
Low: gdm security and bug fix update
2.6.0.5-7.rhel4.15 - apply fix for CVE-2006-1057 Resolves: 188302 2.6.0.5-7.rhel4.14 - Fix for CVE-2006-1057 bug 188302 2.6.0.5-7.rhel4.13 - pamloginuid.so support added in 1:2.6.0.5-7.rhel4.2 patched the wrong file...
Moderate: libpng security update
libpng-1.2.7-3.el4: 1.2.7-3.el4 - Add patch to fix CVE-2006-5793 Resolves: 215405 1.2.7-2.el4 - Add patch to fix CVE-2007-2445 Resolves: 239543 libpng10-1.0.16-3: 1.0.16-3 - Add patch to fix CVE-2006-5793 Resolves: 215405 1.0.16-2 - Add patch to fix CVE-2007-2445 Resolves: 239543...
Moderate: squirrelmail security update
1.4.8-4.0.1.el4.0.1 - remove banners 1.4.8-4.0.1 - resolves: 239650: CVE-2007-1262 squirrelmail cross-site scripting flaw...
Moderate: vixie-cron security update
4.1-47.EL4 - removed patches for 192783, 178836 because of frozen errata - added only patch for CVE-2007-1856 crontab denial of service - Resolves: rhbz235880 4.1-46.EL4 - Resolves: 235880 CVE-2007-1856 crontab denial of service 4.1-45.EL4 - rhbz192783 - rhbz178836...
Low unzip security and bug fix update
5.51-9.EL4.5 - Resolves: 230558 problem in patch4 unzipped file permissions 5.51-8.EL4.5 - fix problem with 4GB files which are not compressed 5.51-7.EL4.5 - fix 164927 - TOCTOU issue in unzip - fix 178960 - unzip long filename buffer overflow - fix 199104 - add large file support return Lon's 4G...
Low: shadow-utils security and bug fix update
2:4.0.3-61.RHEL4 - fix comment in /etc/login.defs 188263 - faster faillog reset 177017 - do not strip binaries 176949 - fix mailbox creation race condition 193053...
Low: w3c-libwww security and bug fix update
5.4.0-10.1.RHEL4.2 - fix for libwww's handling of multipart/byteranges content and possible stack overflow, CVE-2005-3183 - Resolves: rhbz169495 5.4.0-10.1.RHEL4.1 - fixed type in md5.h for 64bit bug 163664...
Low: gdb security and bug fix update
6.3.0.0-1.143 - Fix unhandled race cases of exec from threaded program BZ 202689. - Add testcase for exec from threaded program BZ 202689. 6.3.0.0-1.142 - Fixed zombie threads regression from the stale threads crash fix BZ 195429. 6.3.0.0-1.141 - Fix bogus 0x0 unwind of the thread's topmost...
Low: util-linux security and bug fix update
2.12a-16.EL4.25 - fix 235920 - fix alignment warnings at runtime on ia64 2.12a-16.EL4.24 - fix 235920 - mount needs to recognize vfat labels 2.12a-16.EL4.23 - fix 188099 - can't mount iscsi ext3 fs by label. - fix 197768 - man mount' does not list option 'mand' - fix 190808 - 4TB FS ends up with...
Low: busybox security update
1.00.rc1-7.el4 - fix -l and -u passwd options 1.00.rc1-6.el4 - add psw 1.00.rc1-5.el4 - fix CVE-2006-1058 - BusyBox passwd command fails to generate password with salt 187385...
Moderate: gcc security and bug fix update
3.4.6-8.0.1 - add gcc34-pr23591-tls-model-fix.patch - this patch fixes a bug with exception handlers and threads 3.4.6-8 - add gnu.java.util.ZoneInfo class, use tzdata files for libgcj timezone stuff instead of builtin simple and outdated rules 227884 - add missing @GCC4.0.0 and @GCC4.2.0 libgcc...
Low: openldap security update
2.3.13-7.4E - include the -selfwrite patch to close Resolves: rhbz205826: CVE-2006-4600 openldap improper selfwrite access...
Low: sendmail security and bug fix update
8.13.1-3.2.el4 - fixed infinite loop within tls read by enabling FFRDEALWITHERRORSSL Resolves: rhbz121850 - fixed incorrect path to selinuxenabled in initscript Resolves: rhbz152282 - removed rpm build artifacts from sendmail-cf package Resolves: rhbz152955 - fixed missing socketmap support...
Low: openssh security and bug fix update
3.9p1-8.RHEL4.20 - CVE-2006-5794 properly detect failed key verify in monitor 214640 3.9p1-8.RHEL4.19 - add support for hashed knownhosts file 162681 3.9p1-8.RHEL4.18 - fixed client behaviour when remote program generates large output 184357 - don't report duplicate syslog messages, use correct...
Moderate: bluez-utils security update
2.10-2.2 - Fix for HID vulnerability CVE-2006-6899 227014...
Critical: samba security update
3.0.10-1.4E.12.2 - Security fixes for CVE-2007-2446 CVE-2007-2447...
Moderate: freeradius security update
1.0.1-3.RHEL4.5 - fixed CVE-2007-2028: EAP-TTLS denial of service Resolves: rhbz236247...
Important: php security update
4.3.9-3.22.5 - add security fix for CVE-2007-1864, FTP CRLF injection issue 239017...
Important: xscreensaver security update
4.18-5.rhel4.14.0.1 - modify xscreensaver-fortune-standin to use enterprise-release 4.18-5.rhel4.14 - check for null return value in getpwuid call CVE-2007-1859, Resolves: 237003...
Moderate: postgresql security update
7.4.17-1.RHEL4.1 - Update to PostgreSQL 7.4.17 for CVE-2007-2138, data loss bugs Resolves: 237680...
Important: php security update
4.3.9-3.22.4 - add security fixes for CVE-2007-1285, CVE-2007-1286, CVE-2007-1583, CVE-2007-1711, CVE-2007-1718 230556 - add security fixes for CVE-2007-0455, CVE-2007-1001 235028...
Moderate: cups security update
1.1.22-0.rc1.9.18 - REVERTED these changes: - Applied patch from STR 1301 bug 195354. - Patch pdftops to understand 'includeifexists', and use that in the pdftops.conf file bug 188583. - Clear the printer's statemessage and statereasons after successful job completion bug 187457. - Include...
Moderate: freetype security update
2.1.9-5 - Add freetype-2.2.1-bdf-overflow.patch - Resolves: 234228 2.1.9-4.el4 - assume any allocation over 32bits is an overflow, even on 64-bit platforms - remove memory debugging disabling patch 2.1.9-3.rhel4 - add null check to prevent crasher on one of the test files 2.1.9-3 - add patch from...
Moderate: mysql security update
4.1.20-2.RHEL4.1 - Back-port upstream patch for CVE-2006-4226 Resolves: 203426...
Important: XFree86 security update
4.3.0-120.EL.0.1 - Add oracle detection to Imake. 4.3.0-120.EL - add cve-2007-1351.patch 234056 4.3.0-119.EL - Add int-overflow.patch 231684 - comment out requirement on fonts-base as that is an unreleased change. 4.3.0-118.EL - Add cve-2007-1003.patch 232996 4.3.0-117.EL - Make xfs depend on...
Critical: krb5 security update
1.3.4-46 - fix bug ID in changelog 1.3.4-45 - add preliminary patch to fix buffer overflow in krb5kdc and kadmind 231528, CVE-2007-0957 - add preliminary patch to fix double-free in kadmind 231537, CVE-2007-1216 1.3.4-44 - temporarily disable bug fixes for 143289, 179062, 180671, 202191, 223669 f...
Important: xorg-x11 security update
6.8.2-1.EL.13.37.0.1 - Add Enterprise Linux detection 6.8.2-1.EL.13.37.7 - Add cve-2007-1351.patch 234056 6.8.2-1.EL.13.37.6 - Add cve-2007-1003.patch 233000 - Add int-overflow.patch 231693 6.8.2-1.EL.13.37.5 - Add xorg-x11-6.8.2-sorted-xkbcomp-dirs.patch to fix rpmdiff multilib failure...
Moderate: file security update
4.10-3.EL4.5 - Resolves: 233161: CVE-2007-1536: file 4.20 fixes a heap overflow in that can result in arbitrary code...
kernel security update
2.4.21-47.0.1.EL - fix buflen assignment for DVD BDA read requests Chip Coldwell - prevent write permission w/read-only shm segments Ernie Petrides - fix clock drift by disabling C1 clock ramping on AMD Prarit Bhargava - prevent possible deadlock with shmat/shm-rmid races Sachin Prabhu - prevent...
Important: openoffice.org security update
1.1.5-10 - Resolves: CVE-2007-0239 rhbz228008 shell escape 1.1.5-9 - Resolves: rhbz226966 CVE-2007-0238 buffer overflows 1.1.5-8 - Resolves: rhbz223801 CVE-2007-0002 buffer overflows...
kdegraphics security update
3.1.3-3.10 - Fix several vulnerabilities CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465 3.1.3-3.9 - Fix several vulnerabilities CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465...
kdebase security fix
3.1.3-5.11.0.1 - add /etc/enterprise-release 3.1.3-5.11 - kdesktoplock should not stay running if grabInput failed 177755, CVE-2006-2933...
libtiff security update
3.5.7-25.el3.4 - Fix several vulnerabilities CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465...
Important: XFree86 security update
4.3.0-115.EL.0.2 - Change Patch - needs to be -p0 not -p1 4.3.0-115.EL.0.1 - Add oracle detection to Imake. 4.3.0-115.EL - Add xorg-x11-6.8.2-sorted-xkbcomp-dirs.patch to fix rpmdiff multilib failure. 4.3.0-114.EL - Add xorg-x11-server-CVE-2006-6101.patch 218870 4.3.0-113.EL - Fix for CID font...
Low: wireshark security update
0.99.5-EL4.1.0.1 - Add patch oracle-ocfs2-network.patch 0.99.5-1 - multiple security issues fixed 225689 - CVE-2007-0459 - The TCP dissector could hang or crash while reassembling HTTP packets - CVE-2007-0459 - The HTTP dissector could crash. - CVE-2007-0457 - On some systems, the IEEE 802.11...
Important: gnupg security update
1.2.6-9 - incorporate backport of patch from Werner to work around clients which can't tell that multiple plain messages have been processed 230456...
Critical: thunderbird security update
1.5.0.10-0.1.el4.0.1 - defaults changed to oracle. 1.5.0.10-0.1.el4 - Update to 1.5.0.10 1.5.0.9-0.2.el4 - Fix langpack support to start in the user's locale where possible - Allow OpenOffice to send files as Thunderbird attachments...
Important: kernel security update
2.6.9-42.0.10.0.1 -Fix bonding primary=ethX so it picks correct network Bert Barbe IT 101532 ORA 5136660 2.6.9-42.0.10 -fix key serial number collision problem David Howells 227495 CVE-2007-0006 -fix audit panic on watched files Eric Paris 223129 CVE-2007-0001 2.6.9-42.0.9 -fix icmp oops in sctp...
Critical: seamonkey security update
seamonkey-1.0.8-0.1.el4.0.1: 1.0.8-0.1.el4.0.1 - Replace default bookmarks and prefs 1.0.8-0.1.el4 - Update to 1.0.8 RC 1.0.7-0.2.el4 - added fix for 204589: mozilla-config points to the wrong places devhelp-0.10-0.7.el4: 0.10-0.7.el4 - Rebuild against newer gecko...
Critical: Firefox security update
1.5.0.10-0.1.el4.0.1 - Replace default bookmarks and prefs 1.5.0.10-0.1.el4 - Update to 1.5.0.10 RC 1.5.0.9-0.2.el4 - Fix langpack support to start in the user's locale where possible...
Important: spamassassin security update
3.1.8-2 - Fix sa-learn regression 228968 3.1.8-1 - 3.1.8 CVE-2007-0451 3.1.7-9 - silence sa-update cron script 3.1.7-8 - only restart spamd if necessary after sa-update 227756 3.1.7-7 - requires gnupg 227738 3.1.7-6 - explicit requires on perlHTTP::Date and perlLWP::UserAgent Bug 193100 3.1.7-5 -...