8967 matches found
mailman:2.1 security and bug fix update
3:2.1.29-10 - Fix match patter to reduce false allocation 3:2.1.29-9 - Fix for CVE-2020-12137 3:2.1.29-8 - Drop unversioned python from comments. 3:2.1.29-7 - Change attr of /etc/mailman 3:2.1.29-6 - Update run directory references 1805954 - fix 1188043 - set 2775 permission for /etc/mailman...
oddjob security, bug fix, and enhancement update
0.34.5-3 - Support HOMEMODE from /etc/login.defs Resolves: rhbz1886362 0.34.5-2 - Add gating tests using idm:DL1 module stream and upstream tests Resolves: rhbz1682457 0.34.5-1 - Upstream release 0.34.5 - Resolves: rhbz1833289 - Rebase oddjob to 0.34.5 - Resolves: rhbz1833052 - CVE-2020-10737...
evolution security and bug fix update
bogofilter 1.2.5-2 - Bump version to have OSCI/gating tests rerun with updated tests 1.2.5-1 - Resolves: 1836279 Update to 1.2.5 evolution 3.28.5-14 - Related: 1817143 Add a small patch to behave better with WebKitGTK 2.28 3.28.5-13 - Resolves: 1836165 Cannot type the date of a meeting...
oniguruma security update
6.8.2-2 - Fix CVE-2019-13225 Resolves: 1771052...
openssl security, bug fix, and enhancement update
1.1.1g-11 - Further changes for SP 800-56A rev3 requirements 1.1.1g-9 - Rewire FIPSdrbg API to use the RANDDRBG - Use the well known DH groups in TLS even for 2048 and 1024 bit parameters 1.1.1g-7 - Disallow dropping Extended Master Secret extension on renegotiation - Return alert from sserver if...
systemd security, bug fix, and enhancement update
239-40.0.1 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev rules: fix memory hot add and remove Orabug: 31310273 - fix to enable systemd-pstore.service Orabug: 30951066 - journal: change support URL shown in the catalog entries Orabug: 30853009 - fix to generate...
libtiff security update
4.0.9-18 - Fix CVE-2019-17546 1771372...
dovecot security update
1:2.3.8-4 - fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts 1866756 - fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation 1866761 - fix CVE-2020-12674 crash due to assert in RPA implementation 1866768 1:2.3.8-3 - fix CVE-2020-10957 dovecot: malformed NOOP...
opensc security, bug fix, and enhancement update
0.20.0-2 - Unbreak different CardOS 5 configurations supporting raw RSA 1830856 0.20.0-1 - Rebase to current upstream release 1810660...
libvpx security update
1.7.0-8 - Resolves: rhbz1796086, rhbz1796100, rhbz1796448, rhbz1796454 - Enable webm-io explicitly 1.7.0-7 - Fix for CVE-2019-9232, CVE-2019-9433, CVE-2019-9371, CVE-2019-2126 - Resolves: rhbz1796086, rhbz1796100, rhbz1796448, rhbz1796454 - Remove php-cli BR...
dpdk security, bug fix, and enhancement update
19.11.3-1 - Rebase DPDK to 19.11.3 1868708 19.11.2-1 - Rebase DPDK to 19.11.2 1836830, 1837024, 1837030, 1837022 19.11.1-1 - Rebase DPDK to 19.11.1 1824905 - Remove dpdk-pmdinfo.py 1801361 - Add Requires: rdma-core-devel libmnl-devel on x8664 for dpdk-devel 1813252...
freeradius:3.0 security and bug fix update
3.0.20-3 - Require make for proper bootstrap execution, removes post script Resolves: bz1672285 3.0.20-2 - Fix breakage caused by OpenSSL FIPS regression Related: bz1855822 Related: bz1810911 Resolves: bz1672285 3.0.20-1 - Update to FreeRADIUS server version 3.0.20 - Introduce Python 3 support;...
targetcli security and enhancement update
2.1.53-1 - Update to new upstream version 2.1.52-1 - Update to new upstream version...
gnupg2 security, bug fix, and enhancement update
2.2.20-2 - fixes for issues found in Coverity scan 2.2.20-1 - upgrade to 2.2.20...
prometheus-jmx-exporter security update
0.12.0-6 - Fix CVE-2017-18640 by using updated snakeyaml...
librabbitmq security update
0.9.0-2 - Resolves: 1809992, CVE-2019-18609...
libarchive security update
3.3.2-9 - Fix out-of-bounds read CVE-2019-19221 1803967...
edk2 security, bug fix, and enhancement update
20200602gitca407c7246bf-3.el8 - edk2-UefiCpuPkg-PiSmmCpuDxeSmm-pause-in-WaitForSemaphore-.patch bz1861718 - Resolves: bz1861718 Very slow boot when overcommitting CPU 20200602gitca407c7246bf-2.el8 - edk2-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch bz1844682 -...
cloud-init security, bug fix, and enhancement update
19.4-11.0.1 - Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 Orabug: 30435672 - Update OCI Datasource to support IMDSv2 - limit permissions Orabug: 31352433 - Changes to ignore all enslaved interfaces Orabug: 30092148 - Fix swap file size allocation logic to allocate...
expat security update
2.2.5-4 - add security fixes for CVE-2018-20843, CVE-2019-15903...
openwsman security update
2.6.5-7 - Fix CVE-2019-3833 Resolves: 1687865 2.6.5-6 - Fix name of Patch6...
binutils security update
2.30-79.0.1 - Forward-port Oracle patches from 2.30-75.0.1 - Reviewed-by: Jose E. Marchesi 2.30-79 - Fix x86 assemblers handling of non-8-bit displacements. 1869401 2.30-77 - Add tests missing from PTGNUSEGMENT patch. 1870039 2.30-75.0.1 - Forward-port Oracle patches to OL8.3 beta. 2.30-76 - Have...
libgcrypt security, bug fix, and enhancement update
1.8.5-4 - add PBKDF2 selftest for FIPS POST 1.8.5-3 - new upstream version 1.8.5 - AES performance improvements backported from master branch - FIPS module is implicit with kernel FIPS flag - always run the FIPS selftests if FIPS module is installed...
gd security update
Fri Mar 27 2020 [email protected] - 2.2.5-7 - Fix CVE-2018-14553 - Potential Null pointer dereference in gdImageClone Resolves: RHBZ1811788 - Fixed heap based buffer overflow in gdcolormatch.c:gdImageColorMatch in libgd as used in imagecolormatch Resolves: RHBZ1678104 CVE-2019-6977 - Fixed...
grafana security, bug fix, and enhancement update
6.7.4-3 - apply patch for CVE-2020-13430 also to sources, not only to compiled webpack 6.7.4-2 - security fix for CVE-2020-13430 6.7.4-1 - update to 6.7.4 tagged upstream community sources, see CHANGELOG - security fix for CVE-2020-13379 6.7.3-1 - update to 6.7.3 tagged upstream community sources...
libsolv security, bug fix, and enhancement update
0.7.11-1 - Update to 0.7.11 - selected bug fixes: support archnoarch package changes when creating patch conflicts from the updateinfo data also support other rpm database types fixed solvzchunk decoding error if large chunks are used treat retracted pathes as irrelevant made addupdatetarget work...
python3 security and bug fix update
3.6.8-31.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-31 - Avoid infinite loop when reading specially crafted TAR files CVE-2019-20907 Resolves: rhbz1856481 - Resolve hash collisions for Pv4Interface and IPv6Interface CVE-2020-14422 Resolves: rhbz1854926 3.6.8-30 -...
frr security and bug fix update
7.0-10 - Resolves: 1867793 - FRR does not conform to the source port range specified in RFC5881 7.0-9 - Resolves: 1852476 - default permission issue eases information leaks 7.0-8 - Resolves: 1819319 - frr fails to start start if the initscripts package is missing 7.0-7 - Resolves: 1758544 - IGMPv...
cyrus-imapd security update
3.0.7-19 - change ownership of pki files 1710722 3.0.7-18 - Move old changelog into separate file 1671239 3.0.7-17 - Add fix for CVE-2019-19783 - Add fix for CVE-2019-18928...
tcpdump security, bug fix, and enhancement update
14:4.9.3-1 - Resolves: 1804063 - Rebase tcpdump to 4.9.3 to fix multiple CVEs...
bind security, bug fix, and enhancement update
32:9.11.20-5 - Fix tsig-request verify CVE-2020-8622 - Prevent PKCS11 daemon crash on crafted packet CVE-2020-8623 - Correct update-policy type subdomain to match documentation CVE-2020-8624 - Include available test 32:9.11.20-4 - Prevent crash on dstlib initialization failure 1859454 32:9.11.20-...
gnome-software and fwupd security, bug fix, and enhancement update
appstream-data 8-20200724 - Regenerate the RHEL metadata to include the EPEL apps too - Resolves: 1844488 8-20200630 - Regenerate the RHEL metadata - Resolves: 1844488 fwupd 1.4.2-4.0.1 - Build with the updated Oracle certificate - Use oraclesecureboot301 as certdir Orabug: 29881368 - Use new...
libssh security, bug fix, and enhancement update
0.9.4-2 - Do not return error when server properly closed the channel 1849071 - Add a test for CVE-2019-14889 - Do not parse configuration file in tortureknownhosts test 0.9.4-1 - Update to version 0.9.4 https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/ - Fixed...
freerdp and vinagre security, bug fix, and enhancement update
freerdp 2:2.1.1-1 - Update to 2.1.1 rhbz1834287. 2:2.0.0-47.rc4 - Fix SCARDINSUFFICIENTBUFFER error rhbz1803054 - Do not advertise /usb in help output rhbz1761144 vinagre 3.22.0-23 - Remove unused variable CovScan - Related: 1839744 3.22.0-22 - Rebuild due to new version of FreeRDP - Fix an issue...
httpd:2.4 security, bug fix, and enhancement update
httpd 2.4.37-13.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracles index page oracleindex.html 2.4.37-30 - Resolves: 1209162 - support logging to journald from CustomLog 2.4.37-29 - Resolves: 1823263 CVE-2020-1934 - CVE-2020-1934 httpd: modproxyftp use o...
sqlite security update
3.26.0-11 - Fixed bug in CVE-2019-20218 1791592 3.26.0-10 - Fixed CVE-2020-13632 1845572 - Fixed CVE-2020-13631 1845474 - Fixed CVE-2020-13630 1845153 3.26.0-9 - Fixed CVE-2019-5018 1721509 3.26.0-8 - Fixed CVE-2019-16168 1826897 3.26.0-7 - Fixed CVE-2019-20218 1791592 - Fixed CVE-2020-6405 18048...
SDL security update
1.2.15-38 - fix CVEs - Resolves: rhbz1716209, rhbz1716210, rhbz1716211, rhbz1716212, rhbz1716213, rhbz1716214, rhbz1716215, rhbz1716216, rhbz1716217, rhbz1716218, rhbz1716219...
libreoffice security, bug fix, and enhancement update
libcmis 0.5.2-1 - Related: rhbz1796893 update to 0.5.2 liborcus 0.14.1-1 - Related: rhbz1796893 update to 0.14.1 libreoffice 6.3.6.2-3.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure...
sysstat security update
11.7.3-5 - Rebuild 11.7.3-4 - Package onboarded to gating 11.7.3-3 - Fix memory corruption bug due to integer overflow 1790608...
libxslt security update
1.1.32-5.0.1 - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball 1.1.32-5 - Fix CVE-2019-18197 1775517 - Fix CVE-2019-11068 1715732...
cups security and bug fix update
1:2.2.6-38 - 1775590 - rastertoepson filter crashes with paper size A6 1:2.2.6-37 - forgot to enable optimization - 1833516 1:2.2.6-36 - 1838449 - ipp/socket backends connect to turned off device for eternity contimeout is not applied - 1689207 - Add failover backend - 1833516 - DirtyCleanInterva...
file-roller security update
3.28.1-3 - Fix CVE-2020-11736 1827395 - Fix CVE-2019-16680 1767594...
cyrus-sasl security, bug fix, and enhancement update
2.1.27-5 - Reduce excessive GSSAPI plugin logging - Resolves: rhbz1274734 2.1.27-4 - Add support for setting maxssf=0 in GSS-SPNEGO - Resolves: rhbz1822133 2.1.27-3 - Backport GSSAPI Channel Bindings support - Resolves: rhbz1817054 2.1.27-2 - Backport fix for CVE-2019-19906 - Resolves: rhbz180403...
libexif security, bug fix, and enhancement update
0.6.22-4 - Add patch for CVE-2020-0181/CVE-2020-0198 - Resolves: 1847753 - Resolves: 1847761 0.6.22-3 - Also remove timezone from the .mo files - Related: 1841320 0.6.22-2 - Remove timestamps from the .mo files to avoid multilib conflicts - Related: 1841320...
spamassassin security update
3.4.2-10 - Fixed CVE-2018-11805 - Resolves: rhbz1787514 - Fixed CVE-2020-1930 - Resolves: rhbz1820649 - Fixed CVE-2020-1931 - Resolves: rhbz1820650 3.4.2-9 - Fix CVE-2019-12420 - Resolves: rhbz1812977 3.4.2-8 - Removed the obsolete SOUGHT channel for rule updates - Resolves: rhbz1630362...
libpcap security, bug fix, and enhancement update
14:1.9.1-4 - Related: 1806422 - Building libpcap to side-tag for tcpdump 14:1.9.1-3 - Related: 1743650 - reverting rdma changes due to unresolved dependency loop 14:1.9.1-2 - Related: 1806422 - Building libpcap to side-tag for tcpdump 14:1.9.1-1 - Resolves: 1806422 - rebase libpcap to version 1.9...
varnish:6 security, bug fix, and enhancement update
varnish 6.0.6-2 - new version 6.0.6 - Resolves: 1795673 - RFE: rebase varnish:6 to latest 6.0.x LTS - Resolves: 1790907 - CVE-2019-20637 varnish: not clearing pointer between two client requests leads to information disclosure - Resolves: 1763958 - CVE-2019-15892 varnish:6/varnish: denial of...
qt5-qtbase and qt5-qtwebsockets security and bug fix update
qt5-qtbase 5.12.5-6 - OpenSSL: handle SSLshutdowns errors properly Resolves: bz1851538 5.12.5-5 - Fix: Files placed by attacker can influence the working directory and lead to malicious code execution Resolves: bz1814739 Resolves: bz1814683 - Fix: XML entity expansion vulnerability Resolves:...
glibc security, bug fix, and enhancement update
2.28-127.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...
python-pip security update
9.0.3-18 - Patch for pip install allow directory traversal, leading to arbitrary file write Resolves: rhbz1868016 9.0.3-17 - Remove unused CA bundle from the bundled requests library Resolves: rhbz1775200...