8967 matches found
freerdp security, bug fix, and enhancement update
2.1.1-2 - Update to 2.1.1 1834286...
python security update
2.7.5-89.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-89 - Security fix for CVE-2019-16935 Resolves: rhbz1797998 2.7.5-88 - Security fix for CVE-2019-16056 Resolves: rhbz1750773 2.7.5-87 - Fix CVE-2018-20852 Resolves: rhbz1741551...
libsrtp security and bug fix update
1.4.4-11.20101004cvs - Fix global buffer overflow Resolves: bz1301202 - Fix improper handling of CSRC count and extension header length in RTP header Resolves: bz1323705 - Fix buffer overflow in application of crypto profiles Resolves: bz1141897...
expat security update
2.1.0-12 - add security fixes for CVE-2018-20843, CVE-2019-15903...
audiofile security update
1:0.3.6-9 - Apply security patches. CVE-2018-17095, CVE-2018-13440 - Resolves: rhbz1600369, rhbz1601014, rhbz1637128 1:0.3.6-8 - Escape macros in %changelog 1:0.3.6-7 - Merge upstream pull requests 42,43,44 from Agostino Sarubbo to fix security issues. CVE-2017-6827, CVE-2017-6828, CVE-2017-6829,...
unoconv security update
0.6-8 - Resolves: rhbz1803831 CVE-2019-17400...
libtiff security update
4.0.3-35 - Fix two resource leaks Related: 1771371 4.0.3-34 - Fix CVE-2019-17546 Resolves: 1771371 4.0.3-33 - Fix CVE-2019-14973 Resolves: 1755704...
libpng security update
2:1.5.13-8 - Fix CVE-2017-12652 - Resolves: 1744870...
httpd security, bug fix, and enhancement update
2.4.6-95.0.1 - replace index.html with Oracles index page oracleindex.html 2.4.6-95 - Resolves: 1823262 - CVE-2020-1934 httpd: modproxyftp use of uninitialized value 2.4.6-94 - Resolves: 1565491 - CVE-2017-15715 httpd: bypass with a trailing newline in the file name - Resolves: 1747283 -...
libvpx security update
1.3.0-8 - Fix for CVE-2020-0034 - Resolves: rhbz1823909 1.3.0-7 - Fix for CVE-2019-9232 and CVE-2019-9433 - Resolves: rhbz1796085, rhbz1796099 1.3.0-6 - Fix for CVE-2017-0393 - Resolves: rhbz1779498 1.3.0-4 - fix Illegal Instruction abort 1.3.0-3 - update library symbol list for 1.3.0 from Debian...
openwsman security update
2.6.3-7.git4391e5c - Fix CVE-2019-3833 Resolves: 1677691...
dbus security update
1:1.10.24-15.0.1 - fix netlink poll: error 4 Zhenzhong Duan 1:1.10.24-15 - Fix CVE-2020-12049 1851992...
subversion security update
1.7.14-16 - add security fix for CVE-2018-11782...
libvirt security and bug fix update
4.5.0-36 - virDevMapperGetTargetsImpl: Be tolerant to kernels without DM support rhbz1823976 - virDevMapperGetTargetsImpl: quit early if device is not a devmapper target rhbz1823976 4.5.0-35 - qemu: dont take agent and monitor job for shutdown CVE-2019-20485 - qemu: dont hold a monitor and agent...
samba security, bug fix, and enhancement update
4.10-16-5 - related: 1785121 - Add missing RPM Requires 4.10.16-2 - resolves: 1828354 - add additioanl hostnames to the keytab - resolves: 1836427 - add dnshostname option net-ads-join 4.10.16-1 - related: 1785121 - Rebase to version 4.10.16 4.10.15-5 - resolves: 1831986 - Fix gencache for normal...
openldap security update
2.4.44-22 - Fix CVE-2020-12243 openldap: denial of service via nested boolean expressions in LDAP search filters 1838405...
glibc security, bug fix, and enhancement update
2.17-317.0.1 - Merge RH el7 u8 patches with Oracle patches Review-exception: Simple merge - Adding Mike Fabians C.utf-8 patch C.utf-8 is a unicode-aware version of the C locale Orabug 29784239. Reviewed-by: Jose E. Marchesi - Remove glibc-ora28641867.patch as duplicate of glibc-rh1705899-4.patch ...
dnsmasq security and bug fix update
2.76-16 - Fix strict-mode retries on REFUSED 1755610 2.76-15 - Forward non-recursive queries to upstream, but serve local names 1755610 2.76-14 - Stop treating SERVFAIL as successful response 1815080 2.76-13 - Do not ignore DHCPv6 relay messages 1757247 2.76-12 - Fix memory leak in createhelper...
libssh2 security update
1.8.0-4 - fix integer overflow in SSHMSGDISCONNECT logic CVE-2019-17498 1.8.0-3 - sanitize public header file detected by rpmdiff 1.8.0-2 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix out-of-bounds memory comparison with specially...
tigervnc security and bug fix update
1.8.0-21 - Add upstream patch needed because of previous security fixes Resolves: bz1826822 1.8.0-20 - Fix stack buffer overflow in CMsgReader::readSetCursor Resolves: bz1791773 - Fix heap buffer overflow in DecodeManager::decodeRect Resolves: bz1791768 - Fix heap buffer overflow in...
e2fsprogs security and bug fix update
1.45.6-19 - fix issues with metabg when resizing file system 1849718 1.42.9-18 - fix out-of-bounds write on corrupted fs 1797731 - fix out-of-bounds write on corrupted fs 1768710 - fix e2fsprogs creating corrupted meta image 1711880 - fix typo in ext4 man page 1720130 - provide easy metod for...
mariadb security and bug fix update
1:5.5.68-1 - Rebase to 5.5.68 This is the last upstream release. This major version reached upstream EOL - Related to: rhbz1834835 1:5.5.67-2 - Resolves: rhbz1689827 1:5.5.67-1 - Rebase to 5.5.67 - Related to: rhbz1834835 - CVEs fixed: rhbz1821939 CVE-2020-2574 1:5.5.66-1 - Rebase to 5.5.66 -...
ipa security, bug fix, and enhancement update
4.6.8-5.0.1 - Blank out header-logo.png product-name.png - Replace login-screen-logo.png Orabug: 20362818 4.6.8-5.el7 - Resolves: 1826659 IPA: Ldap authentication failure due to Kerberos principal expiration UTC timestamp - ipa-pwd-extop: use timegm instead of mktime to preserve timezone offset...
hunspell security update
1.3.2-16 - Resolves: rhbz1775556 CVE-2019-16707...
libmspack security update
0.5-0.8.alpha - Fix for CVE-2019-1010305 resolves: rhbz1736744...
bluez security update
5.44-7 - fixing CVE-2020-0556...
systemd security and bug fix update
219-78.0.1 - Backport upstream patches related to private-tmp Sushmita Bhattacharya Orabug: 31561883 - backport upstream pstore tmpfiles patch Eric DeVolder Orabug: 31414539 - udev rules: fix memory hot add and remove Orabug: 31309730 - enable and start the pstore service Orabug: 30950903 - fix t...
cpio security update
2.11-28 - Improper input validation when writing tar header fields 1766222...
libwmf security and bug fix update
0.2.8.4-44 - Resolves: rhbz1840569 adapt to new urw-fonts 0.2.8.4-43 - Resolves: rhbz1679005 CVE-2019-6978 0.2.8.4-42 - Related: rhbz1239162 fix patch context...
qemu-kvm security, bug fix, and enhancement update
1.5.3-175.el7 - kvm-vnc-fix-memory-leak-when-vnc-disconnect.patch bz1810408 - Resolves: bz1810408 CVE-2019-20382 qemu-kvm: QEMU: vnc: memory leakage upon disconnect rhel-7 1.5.3-174.el7 - kvm-util-add-slirpfmt-helpers2.patch bz1800515 - kvm-tcpemu-fix-unsafe-snprintf-usages2.patch bz1800515 -...
NetworkManager security and bug fix update
1:1.18.8-1 - Update to 1.18.8 relase - ifcfg-rh: handle '802-1x.,phase2-ca-path' rh 1841397, CVE-2020-10754 - ifcfg-rh: handle 802-1x.pin properties. 1:1.18.6-4 - ip-tunnel: set cloned-mac-address only for layer2 tunnel devices rh 1832170 1:1.18.6-3 - Update translations rh 1796852 1:1.18.6-2 -...
libxml2 security and bug fix update
2.9.1-6.0.1.5 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-6.5 - Fix CVE-2019-19956 1793000 - Fix CVE-2019-20388 1810057 - Fix CVE-2020-7595 1810073 - Fix xsd:any schema validation 1812145...
python3 security update
3.6.8-17.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-17 - Overhaul pythons FIPS mode support Resolves: rhbz1788459 3.6.8-16 - Security fix for CVE-2020-8492 Resolves: rhbz1810616 3.6.8-15 - Security fix for CVE-2019-16935 Resolves: rhbz1797999 3.6.8-14 - Provide and...
cups security and bug fix update
1:1.6.3-51 - 1823758 - CVE-2017-18190 cups: DNS rebinding attacks via incorrect whitelist rhel-7 1:1.6.3-50 - 1813413 - RHEL 7.7 segfault in cupsdSaveJob caused by no space in /var 1:1.6.3-49 - more covscan issues raised from the fix 1672212 1:1.6.3-48 - fixing covscan issue from 1672212 1:1.6.3-...
libxslt security update
1.1.28-6.0.1 - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball 1.1.28-6 - Fix CVE-2019-18197 1775516 - Fix CVE-2019-11068 1715731...
qt5-qtbase security update
5.9.7-4 - Fix: Files placed by attacker can influence the working directory and lead to malicious code execution Resolves: bz1814740 Resolves: bz1814685 5.9.7-3 - Fix multilib issue with qtcore-config.h header file Resolves: bz1534528 - Move libQt5EglFSDeviceIntegration lib into correct subpackag...
exiv2 security update
0.27.0-3 - Validate relationship of the total size to the offset to avoid crash Resolves: bz1775695...
SDL security update
1.2.15-17 - Fix Some CVEs: CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638 - Resolves: rhbz1716201, rhbz1716202, rhbz1716206, - Resolves: rhbz1716207, rhbz1716208...
librabbitmq security update
0.8.0-3 - Resolves: 1809991, CVE-2019-18609 - integer overflow...
python-pillow security update
2.0.0-21gitd1c6db8 - Fix for CVE-2020-5313 Resolves: rhbz1789532 2.0.0-20gitd1c6db8 - Combined fixes for CVE-2020-5312 and CVE-2019-16865 Resolves: rhbz1789533 Resolves: rhbz1774066 2.0.0-19gitd1c6db8 - Reenabled webp support on little endian archs. 2.0.0-18gitd1c6db8 - Disabled webp support on...
freeradius security and bug fix update
3.0.13-15 - Fixes EAP-PWD: DoS issues due to multithreaded BNCTX access Resolves: bz1818808 3.0.13-14 - Fixes receiving of multiple RADIUS packets under load Resolves: bz1630684 3.0.13-13 - Fixes logging of cleartext pap password Resolves: bz1677435 3.0.13-12 - Fixes paircompare with attribute...
kernel security, bug fix, and enhancement update
3.10.0-1160.OL7 - Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.3 3.10.0-1160 - kernel modsign: Add...
OpenEXR security update
1.7.1-8 - fix CVE-2020-11764 1833552 - fix CVE-2020-11763 1833566 - fix CVE-2020-11761 1834461...
mod_auth_openidc security update
1.8.8-7 - Fix a regression in the previous patches - Related: rhbz1805748 - CVE-2019-20479 modauthopenidc: open redirect issue exists in URLs with slash and backslash rhel-7 1.8.8-6 - Resolves: rhbz1805748 - CVE-2019-20479 modauthopenidc: open redirect issue exists in URLs with slash and backslas...
evince and poppler security and bug fix update
evince 3.28.2-10 - Do not try to use iconview widget when in tree view mode - Resolves: 1610436 poppler 0.26.5-43 - Fix crash on broken file in tilingPatternFill - Resolves: 1801340...
libexif security, bug fix, and enhancement update
0.6.22-1 - Upgrade to 0.6.22 - Resolves: 1841316...
fontforge security update
20120731b-13 - Resolves:rh1790973 - CVE-2020-5395:out-of-bounds write in sfd.c...
curl security update
7.29.0-59.0.1 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug: 30568724 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitiv...
libsndfile security update
1.0.25-12 - fix CVE-2018-19662 - buffer over-read in the function i2alawarray 1673086...
thunderbird security update
78.3.1-1.0.1 - Update to 68.12.0 build1 78.3.1-1 - Update to 78.3.1 build1 78.3.0-3 - Update to 78.3.0 build1 - Remove librdp.so as long as we cannot ship it in RHEL 78.2.1-1 - Update to 78.2.1 build1...